Various authorization devices, as in the form of cards, have come into widespread use to perform specific functions in association with an assigned person. For example, credit cards, debit cards, secure access cards, and so on are used in various systems by assigned holders to perform a variety of control functions. Credit cards might be employed to support a financial transaction as authorizing cash from an automatic teller machine. Secure access cards might be employed to regulate persons entering specific areas or accessing restricted computer data. Of course, various other applications and control functions are well known for which cards or the like have been prepared and issued.
Generally, schemes that utilize cards for control are subject to misuse primarily in two aspects. First, a card assigned to one person may fall into the hands of another person with the consequence that an improper holder fraudulently uses the card. Also, counterfeits are perpetually a threat for systems that utilize cards for restrictive control over a card bearer.
To combat counterfeit cards, it has been proposed to utilize cards with a unique characteristic that can be sensed to verify the card as authentic. One form of such a card is disclosed in U.S. Pat. No. 4,423,415, issued Dec. 27, 1983, to R. N. Goldman. The patent also discloses an illustrative system for verifying the authenticity of cards with a uniqueness characteristic. Of course, various forms of the uniqueness characteristic in cards and the like have been proposed for combating counterfeits.
While techniques utilizing a uniqueness characteristic of cards have been recognized as effective in combating counterfeits, systems embodying such technology may still encounter the problem of genuine cards being lost or stolen and subsequently misused. As a safeguard to such an occurrence, it has been proposed to utilize a personal identification number (PIN) in conjunction with an assigned card. For example, the bearer of a card commits a personal identification number (PIN) to memory and the number is also carried as a reference in computer memory. Upon presenting his card, the bearer gives his personal identification number for testing against the reference. Coincidence between the stated and reference PINs results in approval of a card-supported transaction. While such personal identification numbers have been effectively used in the past, their use has not been without certain difficulties.
If personal identification numbers are created by a card-issuing organization and communicated to the assigned card holder, the PIN designation likely has no mnemonic value to the holder. Consequently, he may forget the number or make a record of it which poses a constant threat to limited use of the card. Alternatively, if the personal identification number is selected by the card holder, it likely appears in a number of documents involved in the processing of the card and again security may be jeopardized. Furthermore, any communication of the personal identification number involves some exposure. In the past, systems have been proposed for safeguarding personal identification numbers to some extent. For example, see U.S. Pat. No. 4,281,215, issued June 28, 1981 to Martin et al. and U.S. Pat. No. 4,315,101, issued Feb. 9, 1982 to the same person. See also U.S. Patent No. 4,386,266, issued May 31, 1983 to Donald I. Chesarek.
In relation to prior systems generally, if a card holder inadvertently discloses his personal identification number or suspects that it has been learned by someone else, no expedient procedure exists for changing the number. Essentially, the holder must apply for a change and await receipt of a fresh card with the attendant processing exposure.
As another consideration, most traditional card systems utilizing personal identification numbers operate in association with a central computer for registering individual personal identification numbers. In addition to the risks of communicating the personal identification numbers, such systems necessitate on-line operation and involve substantial processing time and cost.
In another arrangement, it has been proposed to avoid on-line operation by incorporating microchips on cards which chips register the personal identification number of an assigned user, see U.S. Patent No. 3,764,742, issued Oct. 9, 1973 to George F. Abbott et al. Unfortunately, such cards may still compromise the personal identification number in view of the possibility that the number might be extracted from the card using electronically sophisticated techniques. Accordingly, a need exists for an improved form of transaction card or the like, which is susceptible to off-line use, which involves a minimal record of the personal identification number, and which facilitates convenient change of the personal identification number, all for use in conjunction with a processing system for effective and reliable control operations.
In general, the system of the present invention involves a card, and a processing system for the card which may function off-line. The card of the present invention possesses an anticounterfeit uniqueness characteristic and an encoded record of a test value obscurely including the personal identification number and the uniqueness characteristic. The system of the present invention processes cards by sensing the encoded record test value and the card uniqueness characteristic value. The personal identification number is input to the system, as by a manual keyboard. In one format, the PIN is combined with the record encoded test number to produce a value that is tested against the freshly sensed uniqueness characteristic value. Coincidence indicates an authentic card and proper card holder. Change of the personal identification number involves sensing the combination value, subtracting the PIN that is to be eliminated and adding the new PIN to form a new combination test value for recording.