This invention relates to the field of tokenless biometric financial transactions. Specifically, this invention is directed towards a system and method of using biometrics for processing electronic check financial transactions without requiring the payor to directly use or possess any man-made personalized tokens or paper checks. For any transaction designated to be processed as an electronic check, this invention provides a payor, whether an individual or a business, with the ability to pay for goods and services either at the retail point of sale or over the internet using only a biometric sample.
Traditionally, a person must directly possess a man-made personalized token whenever attempting authorization for an electronic financial transaction. Tokens such as magnetic ink encoded paper checks, smart cards, magnetic swipe cards, identification cards or even a personal computer programmed with resident user-specific account data, are xe2x80x9cpersonalizedxe2x80x9d because they are each programmed or encoded with data that is unique and personalized to the authorized user. For examples: at a retail point of sale, the user directly possesses and physically presents personalized checks or cards encoded with his unique account data to the merchant; or, over the internet, the user directly possesses and electronically presents his personal computer""s resident user-unique account data to the remote merchant. By contrast, as the disclosed invention is completely tokenless, it does not require the user to directly possess, carry or remember any personalized token that can be lost, stolen or damaged.
Of all such personalized man-made tokens, magnetic ink encoded paper checks have long been used as the token of choice in financial transactions. Currently, around 65 billion paper checks are written annually in the United States. These paper checks are time-consuming to write, costly for both consumers and businesses to handle and process, and prone to fraud. It is currently estimated that these inefficiencies annually cost consumers and businesses over $10 billion in fraud losses and over $40 billion in processing time and personnel resource costs. For example, paper checks are particularly vulnerable to fraud. Because they do not require the use of a personal identification number (xe2x80x9cPINxe2x80x9d), a lost or forged paper check can easily be turned into cash by a fraud perpetrator. Counterfeit checks can readily be created by acquiring an accountholder""s valid account number and bank routing code, then encoding those numbers as printed magnetic numerical characters on a blank check template. Valid paper checks that are stolen can be selectively moistened with solvents to retain authorized signatures and erase designated financial amounts in order to over-write them with a higher denomination value. These resultant fraudulent checks can then be presented to payees or businesses, with the transaction being charged to the rightful checking account. Check fraud may also be committed by authorized checkholders themselves, whereby they use a check of their own to make purchases, and subsequently claim the check had been lost or stolen, and used without their knowledge.
Of all payment modes, checks take the longest amount of time to complete, authenticate and process. They require additional time to process for deposit, and cost more money for banks to clear and settle. At the retail point of sale, submission of paper checks is often accompanied by a secondary token used for identification, such as a plastic driver""s license card, requiring more time and cost. All of these charges are paid by merchants or businesses, and are ultimately borne by the consumer.
Both at a retail site and over the internet, paper checks are presented for real-time remote access to financial accounts via magnetic ink character readers, with magnetic stripe or bar code readers sometimes being used to also automatically read identification cards like a driver""s license. In some instances on the Internet, the user""s personal checking account data is stored resident within the user""s personal computer. In this manner, a PC is the personalized man-made memory token that the user is required directly possessed each time he seeks to authorize an electronic check via the Internet.
Therefore, whether buying services or products, a consumer or a business must rely on the money transfer to be enabled by the consumer directly using personalized man-made memory tokens. The sole functions of such tokens are to attempt to identify both the user and the financial account being accessed to pay for the transaction. However, these tokens can be easily exchanged, either knowingly or unknowingly, between users, thereby de-coupling them from the original intended user. Because these encoded paper checks, identification cards or personal computers storing resident user data are ubiquitous in today""s consumer and business transactions as verification of the submitter""s check writing authority, and the attendant inconveniences and security vulnerabilities of such tokens are widespread.
Various token-based biometric technologies have been suggested in the prior art, using smart cards, magnetic swipe cards, or paper checks in conjunction with fingerprints, hand prints, voice prints, retinal images, facial scans or handwriting samples. However, because the biometrics are generally either: a) stored in electronic and reproducible form on the token itself, whereby a significant risk of fraud still exists because the comparison and verification process is not isolated from the hardware and software directly used by the payor attempting access, or; b) used in tandem with the user directly using magnetic swipe cards, paper checks or a PC with the user""s financial data stored resident therein. Examples of this approach to system security are described in U.S. Pat. No. 4,821,118 to Lafreniere; U.S. Pat. No. 4,993,068 to Piosenka et al.; U.S. Pat. No. 4,995,086 to Lilley et al.; U.S. Pat. No. 5,054,089 to Uchida et al.; U.S. Pat. No. 5,095,194 to Barbanell; U.S. Pat. No. 5,109,427 to Yang; U.S. Pat. No. 5,109,428 to Igaki et al.; U.S. Pat. No. 5,144,680 to Kobayashi et al.; U.S. Pat. No. 5,146,102 to Higuchi et al.; U.S. Pat. No. 5,180,901 to Hiramatsu; U.S. Pat. No. 5,210,588 to Lee; U.S. Pat. No. 5,210,797 to Usui et al.; U.S. Pat. No. 5,222,152 to Fishbine et al.; U.S. Pat. No. 5,230,025 to Fishbine et al.; U.S. Pat. No. 5,241,606 to Horie; U.S. Pat. No. 5,265,162 to Bush et al.; U.S. Pat. No. 5,321,242 to Heath, Jr.; U.S. Pat. No. 5,325,442 to Knapp; U.S. Pat. No. 5,351,303 to Willmore; U.S. Pat. No. 5,832,464 to Houvener et al, all of which are incorporated herein by reference.
Uniformly, the above patents disclose financial systems that require the user""s presentation of personalized tokens to authorize each transaction, thereby teaching away from tokenless biometric financial transactions. To date, the consumer financial transaction industry has had a simple equation to balance: in order to reduce fraud, the cost and complexity of the personalized token directly possessed by the user must increase.
As a result, there is a need for a new electronic financial transactions system that is highly fraud-resistant, practical, convenient for the consumer, and yet cost-effective to deploy. More specifically, there is a need for an electronic check financial transaction system that relies solely on a payor""s biometric for transaction authorization, and does not require the payor to directly possess any personalized man-made memory tokens such as smart cards, magnetic swipe cards, encoded paper checks or personal computers for identification.
Lastly, such a system must be affordable and flexible enough to be operatively compatible with existing networks having a variety of electronic transaction devices and system configurations.
Accordingly, it is the objective of the present invention to provide a new system and method of tokenless biometric financial transactions for electronic checks.
As such, it is an objective of the invention to provide an electronic check financial transaction system and method that eliminates the need for a payor to directly possess any personalized man-made token which is encoded or programmed with data personal to or customized for a single authorized user. Further, it is an objective of the invention to provide an electronic financial transaction system that is capable of verifying a user""s identity based on one or more unique characteristics physically personal to the user, as opposed to verifying mere possession of personalized objectives and information.
Another objective of the invention is to provide an electronic financial transaction system that is practical, convenient, and easy to use, where payors no longer need to remember personal identification numbers to access their financial accounts.
Another objective of the invention is to provide increased security in a very cost-effective manner, by completely eliminating the need for the payor to directly use ever more complicated and expensive personalized tokens.
Another objective of the invention is to provide an electronic financial transaction system that is highly resistant to fraudulent access attempts by unauthorized users.
Another objective of the invention is to authenticate the system to the payor once the electronic financial transaction is complete, so the payor can detect any attempt by criminals to steal their authentication information.
Another objective of the invention is that the payee be identified by an electronic third party identicator, wherein the payee""s identification is verified. Optionally, therefore, the payee would register with the electronic third party identicator payee identification data, which optionally comprises, a payee hardware ID code, a payee phone number, a payee email address, a payee digital certificate code, a payee financial account number, a payee biometric, or a payee biometric and PIN combination.
Still, another objective of the invention is to be added in a simple and cost-effective manner to existing terminals currently installed at points of sale and used over the Internet around the world.
Yet another objective of the invention is to be efficiently and effectively operative with existing financial transactions systems and protocols, specifically as these systems and protocols pertain to processing of electronic checks.
The invention satisfies these needs by providing a method and device for tokenless authorization of an electronic check between a payor and a payee using an electronic identicator and at least one payor bid biometric sample. The method comprises a payor registration step, wherein the payor registers with an electronic identicator at least one registration biometric sample, and at least one payor checking account. An electronic financial transaction is formed between the payor and the payee, comprising at least one payor bid biometric sample, wherein the bid biometric sample is obtained from the payor""s person, in a transaction formation step. Preferably in one transmission step the payor bid biometric sample is electronically forwarded to the electronic identicator. A comparator engine or the identification module of the identicator compares the bid biometric sample with at least one registered biometric sample for producing either a successful or failed identification of the payor. Once the identicator successfully identifies the payor, the payor""s previously registered checking account data is retrieved, and a biometric-based authorization of an electronic check is issued without the payor presenting any personalized man-made tokens such as paper checks or magnetic swipe cards to transfer funds from the payor""s checking account to a payee financial account.
The transaction formation step may optionally include a transaction amount in the electronic financial transaction.
The method may also optionally include a step in which the payor""s previously registered checking account data is electronically displayed to the payor, or electronically forwarded to a financial transaction processor.
The payor registration step may optionally further comprise registering a payor personal identification number with the electronic identicator.
The authorization system alternatively further comprises a payor resource determination step, wherein it is determined if the payor""s financial account has sufficient resources to be debited for the transaction amount.
Optionally, in a payor account selection step, after the payor has been successfully identified in the payor identification step, the tokenless authorization system presents at least one financial account which was registered by the payor with the tokenless authorization system for selection of one of the checking accounts by the payor for debiting. In a transaction payment step, the transaction amount is debited from a payor""s financial account. Preferably, at the same time, the transaction amount is credited to the payee""s financial account.
The present invention as described satisfies these objectives in a number of ways. First, it is extremely easy and efficient for people to use because it eliminates the need to directly possess and safeguard any personalized tokens in order to access their authorized electronic financial accounts. Anyone who has lost a checkbook or had their personal computer damaged or stolen, knows well the keen anxiety caused by such tokens. This invention direct addresses these concerns. The payor is now uniquely empowered, to conveniently conduct personal and/or professional electronic transactions at any time without dependence upon any tokens that may be stolen, lost or damaged.
The invention is clearly advantageous from a convenience standpoint to payees and financial institutions by making electronic check purchases and other financial transactions less cumbersome and more spontaneous. The paperwork of financial transactions is significantly reduced as compared to standard paper or electronic check transactions wherein the copies of the check must often be retained by the payee, financial institutions and the payor. Further, because the method and system of this invention is designed to provide a person with simultaneous direct access to all of his financial accounts, the need for transactions involving paper checks, paper money, credit drafts and the like will be greatly reduced, thereby reducing the cost of equipment and staff required to collect, account, and process such transactions.
Further, the substantial manufacturing and distributing costs of issuing and reissuing all personalized tokens such as paper checks, magnetic swipe cards, and smart cards, thereby providing further economic savings to issuing banks, businesses, and ultimately to consumers. Even the traditional requirement for internet electronic transactions of the payor needing to directly possess and use the ultimate personalized token, a personal computer with resident payor identification data, will be eliminated.
Moreover, the invention is markedly advantageous and superior to existing systems in being highly fraud resistant by determining identity and transaction authorization solely from an analysis of a user""s unique biometric characteristics.
These and other advantages of the invention will become more fully apparent when the following detailed description of the invention is read in conjunction with the accompanying drawings.