A transaction system, comprising a first number of distributed terminal stations, each terminal station comprising a first presentation location for receiving a portable user identification element and also bidirectional communication elements which enable physical communication with a user and which can receive, subject to a user identification being taken up and verification thereof in the transaction system, a user transaction request, wherein respective subsets of the terminal stations are each connected to a concentrator, various concentrators being interconnected by means of a network to one or more host exchanges, wherein each concentrator has protocol means for executing protocolled data transports with at least one host exchange and has cryptography means for exchanging said user transaction request and request granting information said at least one host exchange under execution of cryptographic operations on said data. There are generally two types of transactions of this kind. According to the first type, the user receives an amount of money (or bank notes) upon his request, which amount is charged against his account at a relevant host exchange. According to the second type, the user receives a service or product which is worth a given amount of money, which is charged against his account. The transaction is also possible in the other direction, so that the amount is credited to the account. However, the invention is by no means restricted by the nature of the transaction and in principle other types of transaction are also feasible, even transactions which are not expressed in money because they concern only the transport, for example the output, of information which may take place to an authorized user only.
In order to activate the transaction, a user presents a portable user identification element (smart card, magstripe card or the like) to the terminal station and identifies himself by means of, for example a so-called PIN code. A terminal station then comprises means for executing a physical bidirectional communication, such as a keyboard and a display element (and/or a printer) and, if necessary, a delivery mechanism for the money. The user identification element then contains identification information. The identity of the user is subsequently verified in that the user enters, for example a PIN code. After verification, the user can enter a transaction request. Alternatively this request may also be presented, for example, verbally. In that case there is provided, for example a voice recognition mechanism. There may be output in the form of speech. The communication between the terminal station and the host exchange must be encrypted by means of an encryption mechanism in one form or another. The protocols and procedures for the data transports to the various host exchanges usually differ (these host exchanges may be, for example different banks, or giro bank centres) and the facilities required in a terminal station for the above make the terminal station expensive; this is because a given amount of intelligence must be provided also for functions such as the checking and monitoring of the status of the network.
A system of the type set forth in the opening paragraph is known from EP application No. 68805, corresponding U.S. application Ser. No. 278001, herein incorporated by reference. Here, the terminal station has encryption means permanently provided, that could be accessed by fraudulent persons. It would be expensive to make the terminal station tamper proof there against.
Among other things, it is an object of the invention to simplify the terminal station so that only a limited number of communication facilities need be provided therein, such as a simple display element (a few alpha-numerical positions suffice in most cases), a keyboard, and a read element for a user identification element, there also being provided facilities for introducing/removing a simply constructed encryption/decryption element for the communication so that a terminal station is automatically protected against abuse when it is not in operation.
This object is achieved by a transaction system in accordance with the invention in that according to one of its aspects it is characterized in that, a terminal station, physically apart from said first presentation location comprises a second presentation location for receiving a portable operator identification element in order to execute data processing operations therein for communication with the associated concentrator by encryption/decryption, using data processing elements present in the operator identification element, on the basis of a key information for a so-called public algorithm present in the operator identification element.
The customer-oriented realization of the system is effected by the number of terminal stations. As a result of the invention, the terminal stations may be cheaper: the various protocols need now be implemented only in the concentrators. Moreover, the number of concentrators is smaller than the number of terminal stations, so that the network system can be simplified in many cases. Now there are often two cryptographic levels. At the level of the network system, a high reliability is required, however, this reliability is achieved by means of the already complex concentrators. Between the concentrators and the groups of terminal stations (typically 8-128) there is only required simpler cryptography which is realized in a so-called security box. This security box is now formed by the operator identification element. Without this operator identification element, a terminal station is completely unusable, so that the security is increased; this means that, for example, after business hours the terminal station may remain unattended, without unauthorized transactions being possible.
In itself, terminals for use with two different card categories have become known from EP application No. 193,920, corresponding JP application No. 4338685 priority Mar. 5, 1985 but there the operator card is inserted in the same slit as the user card, so the secret information is normally present in the terminal itself, and may thus be accessed, as long as the power is not cut down. Moreover, the data processing elements of the IC-card are no more locally available during normal use.