In contemporary society, the majority of commercial transactions are conducted using currency, credit cards or debit cards (used at automatic teller machines and retail outlets). However, a new medium of exchange is being developed, one that combines the advantages of currency (readily available in easily quantified and verifiable amounts for transactions between individuals without requiring a network intermediary) and credit or debit cards (a compact plastic card that is durable and easily transported). This new medium of exchange is a "smart card."
A smart card is a device, typically the size and shape of a standard plastic credit card, which contains an embedded microcomputer including a microprocessor and associated memory. The smart card also includes an interface between the smart card's embedded microcomputer and the outside world. This interface typically provides for the bidirectional communication of electronic signals to and from the smart card and may consist, for example, of metallic contacts configured to interface with a specially designed connector.
To date, smart cards have been used for a number of different applications. For example, smart cards are used for identification purposes. In this application, the identification number of an individual is recorded in the memory of the smart card. This identification number may be then used to control access to a restricted area or to regulate the distribution of supplies or books. With respect to restricting access, the user would place the smart card in a smart card reader attached to a door. The smart card reader would determine whether the user should be allowed in to the restricted area based on the user's identification number, the time and data and security levels encoded in the smart card. The smart card can be readily modified in accordance with changes in the user's job functions or responsibilities. Moreover, the user can be required to enter a personal identification number which is compared with the personal identification number stored in the smart card to verify that the authorized user has inserted the smart card.
Smart cards are also currently being used as telephone calling cards. In this application, the memory of the smart card records the number of calling units or money associated with the smart card and deducts a portion based on the phone call. For example, a smart card could be initialized with an amount of ten dollars. A user places a telephone call by inserting the smart card into a telephone equipped with a smart card interface. The smart card interface in the telephone would first read the smart card to determine how much money or time is on the card and then deduct money or time from the smart card during the telephone call. British Telecom is presently using a similar smart card system in the United Kingdom.
The portability and convenience of smart cards has generated significant interest in their potential use for financial transactions. A smart card can be programmed to "contain" a specified amount of money and this monetary balance can be readily incremented (reflecting a "deposit" of money into the smart card) or decremented (reflecting a "withdrawal" of money from the smart card) by altering values in the embedded microcomputer memory. For example, the monetary balance recorded in the smart card memory would be decremented when the smart card user paid for a purchase using the smart card. A separate smart card or similar device would have its memory incremented by the same amount, thus reflecting a transfer of money from one smart card to another.
Using smart cards for financial transactions offers numerous benefits to all participants in the economy, including consumers, retailers and banks. However, there are also risks associated with the use of smart cards for financial transactions. In particular, smart cards offer opportunities for fraud. For example, counterfeit cards could be produced or legitimate cards could be altered to fraudulently increase the amount of money associated with the card.
Numerous strategies and techniques are being developed to reduce the possibility of fraud with smart cards. For example, it has been suggested that the information on the smart card should be encrypted to prevent unauthorized access to the data (i.e., monetary balance) stored in the smart card memory. By adequately encrypting the data stored on the smart card, the opportunities for fraudulent "deposits" to the smart card will likely be limited. In theory, a device which is merely capable of accessing the memory of the smart card would be unable to alter the monetary balance stored in the smart card. Rather, only an authorized device capable of performing the necessary decryption and encryption would be able to modify the memory of the smart card without scrambling the data and rendering the card inoperable. Thus, a computer hacker would be deterred from altering the value stored in smart cards by making fraudulent "deposits" that would be analogous to printing counterfeit currency.
Encryption is not the only defense against fraudulent transactions being considered by smart card manufacturers. It is believed that fraudulent use of smart cards, like credit cards and telephone calling cards, will frequently result in consistent and identifiable series of transactions. It has been determined that fraudulent use of credit cards and telephone calling cards may follow a predictable and known pattern. For example, a series of high value purchases on a credit card or several long distance telephone calls to certain nations on a telephone calling card are typically associated with theft of the card and subsequent unauthorized activities. When this type of pattern is detected with respect to credit cards and telephone calling cards, the card issuer frequently verifies the identity of the card user or suspends use of the card pending confirmation of non-fraudulent use.
Credit and telephone calling card issuers have significantly reduced the amount of fraud associated with these cards using software that detects fraudulent behavior patterns and initiates the appropriate response. However, this technique requires interaction with a continuously monitored network for maximum effectiveness. Absent such monitoring and interaction, the fraudulent behavior pattern cannot be readily detected. Moreover, a significant body of historical data had to be generated, collated and analyzed in order to identify the fraudulent behavior patterns.
It is believed that the detection of fraudulent transaction patterns will enable smart card issuers to reduce fraud by monitoring network activity once an adequate body of historical data exists, i.e., once enough fraud has occurred to allow smart card issuers to identify patterns indicating fraudulent transactions. Of course, smart card issuers may extrapolate from existing data relating to credit cards and telephone calling cards, but the significant distinctions between the cards and probable differences in types of fraudulent behavior limit the effectiveness of this technique. Nevertheless, as long as smart card transactions take place over a network, monitoring network transactions to detect fraudulent transactions is a potential technique for reducing fraud.
More importantly, however, there are smart card technologies being developed that do not require a network to conduct financial transactions between smart cards. Once such smart card technology is the Mondex system. It is envisioned that transactions between smart cards will be made directly in these new systems, as if each smart card were a "purse" holding money and the money was transferred directly from one purse to the other, much like dollars are transferred from one person's purse to another person's purse during a private exchange of money as in a personal loan.
One of the more significant differences between these new smart cards and other cards is the ability to directly transfer assets between cards. In typical smart card systems currently in place, a card is read by a card interface connected to a central network through a modem or a similar device, and asset transfers occur via and under the direct supervision of the central network. However, there is no network interaction required for a transaction using the new smart card. For example, a retail store would have its own smart card and a retail terminal with a smart card interface for a customer's smart card or, alternatively, a smart card to smart card interface device known as a "transactor" or "wallet." The transactor has a slot for the store's smart card and a slot for the purchaser's smart card. A sale would be consummated by inserting the customer's smart card into the transactor (retail terminal or wallet) and keying in the transaction price and confirming the transaction. The customer's smart card would be decremented and the store's smart card would be incremented accordingly, thereby immediately transferring funds from the customer to the store without any direct network supervision or interaction.
The smart card can also provide a mechanism for electronic cash transactions over the Internet. A customer's personal computer or terminal equipped with a smart card transactor interface could interact with a similarly equipped system at a web site or at another computer. A transaction could be consummated over the Internet and the appropriate amounts transferred between smart cards.
Furthermore, smart card technologies suitable for multiple currencies are being developed. Each "purse" has multiple "pockets" and each pocket can hold a separate currency. Thus, a single smart card with five pockets could simultaneously represent German Marks, Italian Lire, French Francs, English Pounds and Japanese Yen.
Because every smart card user could have a wallet or transactor of her own, the transfer of funds between smart cards could be readily accomplished when the smart card users inserted their respective cards into the wallet, keyed in the transaction amount and confirmed the transaction. Clearly, there is no opportunity for continuous network supervision of such purse to purse transactions conducted via a wallet. Accordingly, the continuous network interaction which plays an essential role in current fraud protection schemes is unavailable and alternative forms of fraud prevention may be needed.
One alternative form of fraud protection uses on-chip logic (OCL) to control operation of a card and thereby reduce fraud. On-chip logic is intended to detect fraudulent behavior and then turn off the smart card to prevent additional fraudulent transactions with the smart card. If the smart card has been turned off by the OCL in error, (i.e., when it is not being used fraudulently), it can be taken to an authorized bank or issuing authority and turned back on.
Turning off the smart card obviously reduces the number of possible fraudulent transactions. However, there is a significant problem in determining what constitutes a fraudulent behavior pattern. Moreover, it is clearly undesirable to turn off a smart card when there has not been any actual fraudulent behavior. This is particularly problematic with respect to a new technology such as the above described smart card where consumer acceptance is likely to be difficult because of the novelty and lack of experience with this type of transaction. Obviously, consumer acceptance will be adversely affected by a perception that the consumer's card may be switched off without warning during normal operation.
There is thus a need to represent fraudulent behavior patterns in smart card financial transactions that are not necessarily subject to continuous network monitoring. Moreover, it is necessary to accurately identify these fraudulent transaction behavior patterns without erroneously identifying a legitimate transaction behavior pattern as fraudulent. Attaining a satisfactory solution is made more difficult by the need to identify fraudulent behavior patterns before the new type of smart card is widely available. Until electronic cash transactions become a pervasive element of the economy, there will not be a history of transactions available to smart card issuers from which they can identify fraudulent transaction behavior patterns.
It is therefore necessary to dynamically simulate electronic cash transactions in a way that allows modeling of individual transactions and generation of data indicative of behavioral patterns in a statistically relevant population from which trends indicative of fraudulent or counterfeit transactions may be observed.