A. Field of the Invention
The present invention relates to point of sale equipment and, more particularly, to methods and apparatus for generating secure endorsed transactions. The invention facilitates the generation of secure endorsed transactions by combining data representative of a transaction with a unique human identifier representative of the human that endorsed the transaction, such as a biometric, in a way that neither the transaction data nor the human identifier can be altered without detection.
B. Description of the Related Art
The credit card has become one of the primary methods of paying for goods and services throughout the world. People use credits cards every day to pay for a wide variety of goods and services, such as: food at a grocery store, clothes at a department store, gas at a gasoline station, airline tickets at a travel agent, automobiles at a car dealer, etc. Because of the nature of credit cards they have also become a primary means for transacting business over the Internet, another source of goods and services.
In order for a credit card transaction to be processed, a merchant must collect a variety of data associated with the transaction. This data typically includes the purchase price and date of the transaction, the account number and expiration date of the credit card, and the cardholder""s name. The merchant may also collect the cardholder""s signature, although it is generally not considered a part of the transaction data.
Once the transaction data is collected, the merchant transmits it, along with data identifying the merchant, to a credit card transaction processor. The credit card processor sorts the data according to the company that issued the credit card, and forwards the data to the appropriate company. At that point, the credit card issuer posts the transaction to the cardholder""s account and the purchase amount is credited to the merchant.
In the past, credit card transaction data was recorded, transferred, and stored in the form of paper receipts. Over the years, the credit card industry has developed equipment that provides for the electronic acquisition, transmission, and storage of transaction data. This equipment, which is sometimes referred to a point of sale (POS) equipment, usually includes electronic terminals that read the account number and expiration date from a magnetic stripe on the credit card and transmit the transaction data to the credit card processor. In addition to reducing the industry""s reliance on paper records, this equipment expedites the processing of credit card transactions and minimizes errors associated with the entry of transaction data.
Despite these advances, the typical credit card transaction still relies primarily on paper. For example, a cardholder presents a credit card to a merchant, who records transaction data using an electronic terminal. The recorded data includes the amount of the purchase, the cardholder""s account number, the card""s expiration date, the merchant identification number, and the date of the transaction. Once the terminal accumulates the transaction data, the terminal automatically dials the merchant""s credit card processor or other authorization source and initiates an authorization request. When the transaction is authorized, the terminal displays and/or stores the approval code or authorization indicia received from the credit card processor. The approval code is recorded along with the other transaction data. The POS equipment typically includes a printer that is capable of printing a sales receipt. The sales receipt includes the transaction data and approval code, and provides a space for the cardholder""s signature.
These prior art devices allow numeric data, such as purchase price, date, account number, and merchant identification number to be easily accumulated, stored, and transmitted between the merchant and credit card processor. Consequently, numeric transaction data may be transferred and stored without the use of paper receipts. Although this numeric data is sufficient to process the transaction, it is generally regarded as insufficient to validate or authenticate a transaction that is disputed by the cardholder. In the event a cardholder questions or denies the legitimacy of a transaction that appears on his or her credit card statement, it may be necessary for the merchant to produce a copy of the signed receipt as evidence that the cardholder was a party to the transaction. The signed receipt contains all of the necessary transaction data (date, time, store identification, sale items, prices, taxes, and signature) to verify the transaction. Therefore, it is necessary that a copy of each signed receipt be retained by the merchant for some period of time.
The storage and retrieval of signed receipts is costly, in terms of space, resource, and labor. Since the receipts must be stored for a long period of time, it is not uncommon for merchants to have a centralized storage area that encompasses tens of thousands of square footage of file cabinets containing the paper slips. Many merchants elect to convert the paper to microfiche and pay fees for shipping, conversion and storage. There is cost associated with the paper itself, as well as postage in sending the paper slips from the retail stores to the centralized storage location. Labor costs occur all throughout the handling process, from the shipment of the paper to the storage and retrieval of the paper. It is also not uncommon for a large merchant to staff 20 or more full-time employees whose sole function is to retrieve the paper slips to settle customer disputes.
Beyond the storage and retrieval of the receipts, lies a cost associated with the failure to locate them when necessary. Failure to locate a receipt is not uncommon because of the inherent difficulties of storing large quantities of paper, (especially in retail because the physical size of the paper is small) and the fact that there is typically a time frame associated with retrieving the paper. When working with credit card issuers, the time frame can be as short as 48 hours. This means that if the receipt is not located in 48 hours, then the receipt is considered either lost or was never in existence. In either case, the merchant will lose the amount of the sale that is sometimes referred to as a charge back.
This process of retaining and retrieving signed receipts is made easier if the merchant employs POS equipment that allows the cardholder""s signature to be digitized, transmitted, and stored along with the numeric data associated with the transaction. See, for example, U.S. Pat. No. 5,448,044. In such cases, the signature is digitized as the cardholder signs the credit card receipt. The digitized signature data and numeric transaction data are combined and transmitted to the credit card processor, where the data is stored for a predetermined period of time. If a cardholder disputes the validity of a transaction, the entirety of the transaction data, including a facsimile of the signature, may be provided by the credit card processor, and may serve as evidence of the legitimacy of the transaction. See, for example, U.S. Pat. No. 5,428,210 for a xe2x80x9cData card terminal with embossed character reader and signature capture.xe2x80x9d
While the combination of digitized signature data and numeric transaction data provides evidence of the legitimacy of the transaction when a dispute arises, it is not tamper resistant. Specifically, conventional systems that provide a combined digitized signature data and transaction data fail to address the problems associated with security of the combined data. For example, the digitized signature data associated with the transaction data for one transaction may be misappropriated and assigned to the transaction data for a different transaction. Similarly, transaction data itself may be modified or altered, thereby corrupting the data and making it, as well as the associated digitized signature data, unreliable.
Accordingly, the present invention is directed to methods and apparatus for generating secure endorsed transactions that obviate one or more of the problems due to limitations and disadvantages of the related art.
Features and advantages of the invention will be set forth in the description which follows, and in part will be apparent from the description, or may be learned by practice of the invention. The objectives and other advantages of the invention will be realized and attained by the method and apparatus particularly pointed out in the written description and claims thereof as well as the appended drawings.
To achieve the objective of this invention and attain its advantages, broadly speaking, this invention includes a method of generating secure endorsed transactions comprised of transaction data representative of transactions and unique identifiers corresponding to parties endorsing the transactions. In its broadest sense, the method has two steps, which would be performed by a data processing system. First, the system receives transaction data and unique identifiers. Then it generates unique codes from the transaction data and unique identifiers. The unique codes constitute secure endorsements of the transaction data by the parties corresponding to the unique identifiers.
According to another aspect of the present invention, there is provided a method of generating tamper resistant secure endorsed transactions comprised of transaction data representative of transactions, unique human identifiers corresponding to at least one party, called first party, endorsing a transaction, and public keys corresponding to at least a second party endorsing a transaction. The public keys have corresponding private keys maintained in secret by the second party. The method has three steps, which are performed by a data processing system. First, the system receives a transaction data, a unique human identifier, and a public key. Next, a unique code is generated from the transaction data, the unique human identifier, and the public key. The unique code constitutes a secure endorsement of the transaction data by the first party. Lastly, using a private key corresponding to the received public key, a digital signature is generated by encrypting the unique code using the private key. The digital signature constitutes a secure endorsement of the transaction data by the second party.
The present invention also involves methods for verifying the secure and tamper resistant secure endorsed transactions. Further, smart cards may be used to provide part of the transaction data being used for the secure and tamper-resistant secure transactions, and to store the previously generated secure and tamper-resistant secure transactions.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory and are intended to provide further explanation of the invention as claimed.