The present invention relates to a secret identification number checking system of the type in which a secret identification number is entered by the bearer of a magnetic card before a financial transaction is allowed to proceed.
A conventional magnetic card for financial transactions stores a secret identification number. During a financial transaction the magnetic card reader of a transaction machine reads the secret identification number from the magnetic card so that it can be compared with a secret identification number that is entered by the bearer of the magnetic card. The legitimacy or rightfulness of the bearer of the magnetic card is verified if the two numbers match. However, such a secret identification number checking system has the disadvantage that the secret identification number can be obtained by an unserupulous third person because it can readily be read out of the magnetic card.
A previously proposed secret identification number checking system stores the code representing a secret identification number in the magnetic card. The magnetic card reader carries out a decoding program to decode the stored code into the corresponding secret identification number during verification of the secret identification number that is entered by the bearer of the card. However, since a storage means (read-only memory) which stores the decoding program can readily be taken out of the magnetic card reader, and read means for reading the contents of the storage means are readily available, a person having expert knowledge in the relevant field could easily analyze the coding algorithm and detect the secret identification number.
Another previously proposed secret identification number checking method uses a magnetic card which does not store any secret identification number, and a host computer installed in a control center is employed to verify the legitimacy or rightfulness of the bearer of the magnetic card. FIG. 5 shows a transaction machine for carrying out such a secret identification number checking method. Referring to FIG. 5, a bank code number, a branch office code number, and an account number that is assigned to the bearer are recorded in the magnetic stripe 2 of a magnetic card 1. A financial transaction machine 3 comprises a card reader 4 for reading data recorded in the magnetic stripe 2 of the magnetic card 1, a card data processor 5 for processing the data read by the card reader 4, a communication controller 6 for sending data obtained by processing the data read by the card reader 4 through a communication line 7 to a host computer 9 installed in a control center, and a secret identification input device 8 by which the bearer of the magnetic card enters his secret identification number. The secret identification number of the bearer is stored in a file of the host computer 9.
When the magnetic card 1 is inserted in the transaction machine 3 by the bearer, the card reader 4 reads the data recorded on the magnetic stripe 2 and sends it to the card data processor 5. The card data processor selects data necessary for checking the secret identification number, such as the bank code number, the branch office code number and the account number, of the bearer, and sends these data to the communication controller 6. The communication controller sends 6 the data for checking the secret identification number through the communication line 7 to the host computer 9 at the control center. The host computer retrieves the secret identification number of the bearer from the file by using the branch office code number and the account number as retrieval keys.
Additionally the bearer operates the secret identification number input device 8 to enter the secret identification number. Then, the secret identification number is sent through the card data processor 5, the communication controller 6 and the communication line 7 to the host computer 9. The host computer 9 then compares the secret identification number entered by the bearer with the secret identification number retrieved from the file. If these secret identification numbers coincide with each other, the host computer 9 sends a transaction start signal to the transaction machine 3.
However, the secret identification number can easily be eavesdropped by tapping the communication line because this method transmits the secret identification number through the communication line. The use of the communication line also increases communication costs and the time needed to check the secret identification number. Furthermore, checking the secret identification number places an additional burden on the host computer.