In modern society, more and more people make their payment by credit card when they shop, purchase through internet, travel oversea, book hotel through telephone, etc. When they do so, they have to reveal full information of the credit card. It is a risk for cardholders and banks as malicious people may access to this information, they can use this information for their illegal payments, or forge a fraud credit card. Banks have lost millions dollars each year due to the payment made by fraud credit cards.
Currently, the credit card is secured by the information of credit card: cardholder's name, card number, and cardholder's signature. When a person makes his/her payment by a credit card, the clerk can verify this card by calling to the bank with the only information of the authorized cardholder's name and the card number. After that the cardholder (please notice the difference between the ‘cardholder’ and the ‘authorized cardholder’. ‘Authorized cardholder’ is the person whom the bank issues the credit card to, ‘Cardholder’ is the person who holds a credit card, but the credit card may be a fraud credit card) signs on the invoice and takes away the purchased items. The bill will be sent to the person with the credit card account. There are two insecure factors: first, the clerks obtain the full information of credit card and they may reveal or leak the information to fraud-credit-card gang. Second, if the credit card is fraud one, the person with the credit card account will reject to pay. The bank will check the invoice and find out the fault signature, but it is too late as the malicious person has taken away the purchased items. It is even danger if the payment is carried out via internet as the gangs can hack information from internet easily.
The credit card system provides convenient and safe for credit card users as they do not need to carry many cashes when shopping, or travelling. However, the security information of credit card is shown on the card fully: The name of cardholder, the credit card number, and signature of cardholder. Every transaction by the credit card has the possibility of information leakage. Any information leakages endanger the banks and cardholders. To enhance the security of the credit card system, inventors have proposed many interesting ideas. Such as U.S. Pat. No. 4,667,087 presented a secure credit card with an opaque shield. The credit card number is hidden beneath this opaque shield. This shield can be rendered transparent after user inputs a correct password through a keypad. U.S. Pat. No. 5,446,273 revealed a credit card security system. In this system, cardholder inserts identifying information in electronic distorted form pertaining only to assigned holder. The system can check the validity of the card by examining the hidden information. U.S. Pat. No. 5,585,787 showed a programmable credit card whose identification information is readable by a reader device but is not discernible by the human eye. The completed account number and the identification information by a reader device are transmitted to the clearinghouse for verification. U.S. Pat. No. 5,742,035 proposed a credit card with memory aiding device for pin numbers. A thin label consisting of a geometric matrix helps the authorized cardholder to recognize the sequential pattern within the matrix and to recall the specific PIN. U.S. Pat. No. 5,818,030 put forward a credit card system with key module. This key module can be inserted into the main body of credit card. This programmable key module can open or lock access to the function of the main body of a credit card. Additionally, the credit card number can be displayed only at the LCD on the key module, so that without said LCD and ROM data and security codes properly inserted into the main body, the body of the card (and key module) each individually is merely a blank without information of the credit card. U.S. Pat. No. 6,188,309 suggested a method and apparatus for minimizing credit card fraud. This intelligent credit card requires user to input PIN number. If the PIN is correct, the card is then activated, and the credit card number is popped out by the output device. U.S. Pat. No. 6,270,011 brought forth a remote credit card authentication system. This system requires a fingerprint scanner at the point-of-sale to obtain fingerprint data, so that a credit card company database can verify the fingerprint data against stored fingerprint information and verify the transaction. For internet purchase, an authorization adaptor connected to the user PC provides the fingerprint scan, and sends the data to the credit card company for authentication. Most of those patents are not secure when use via internet or telephone. The last patent is also difficult for practical application as this system requires special adaptor for every user. However, there are some patents that can be applied to internet purchasing with high security. Such as U.S. Pat. No. 5,317,636 which disclosed a method and apparatus for securing credit card transaction. The credit card in this invention has a processor, a memory and a display window. When used, the card generates a verification number, which is based on a transaction sequence number and an encryption algorithm. The verification number is transmitted to a verification computer and is de-encrypted to a computed transaction sequence number. The transaction will be authorized if this computed transaction sequence number is corresponding to that stored in the computer. After each transaction, both the credit card and computer change their respective transaction sequence number. U.S. Pat. No. 5,478,994 demonstrated a secure credit card which prevents unauthorized transaction. The credit card has a programmable read only memory device programmed with a series of random number in a predetermined sequence. Both the credit card and host computer generate identical random numbers after each use of the credit card. These two patents provide a secure way for transaction of credit card as the cardholder has to present an additional changeable number for verification besides the card number and cardholder's name which are non-changeable. This additional number is changed to a new number after each transaction or each use of the credit card according to a predetermine sequence. So, even malicious person can steal the information of a credit card, but he/she can not use the information as the additional number is changed for next transaction.
The ideas behind these methods are good but it is difficult to be implemented. Usually, not all the credit card payments will require the verification from the credit card company. Second, there is a time lag for transaction in host computer of the credit card company. The time lag in transaction in host computer may cause error in the transaction sequence number. Third, if credit card payment is through internet, how to trigger the credit card and host computer for next additional number? And so on.
It is our objective of the invention to provide a secure credit card which is simple and yet secure for use. Cardholder can make payment via telephone and internet securely. The manufacturing cost of this secure credit card is very low as it uses very simple principle, and this secure credit card system does not require any additional apparatus for implementation, so the credit card company does not need to invest much money to implement this secure credit card, but does save a lot money on the battle with the fraud-credit-card gangs, and have potential to expand the credit card business on internet shopping, e-commerce, etc.