Recent technology provides for implementation of identity verification with the aid of programmed computing devices. The ability of such computing devices to communicate with one another over large distances permits access to a number of secure facilities to be monitored and controlled by a central controller.
Typically, a user carries an identification apparatus for interacting with a remote terminal in communicating contact with a central controller. To assure that the user presenting the identification apparatus is, in fact, the authorized individual, a secret code, such as a personel identification number (PIN), known only to the authorized user, is required to be input to the remote terminal for transmission to the central controller for verification of user identity. Alternatively, the appropriate PIN is encoded on the identification apparatus in a manner not readily visible or detectable by a user, and the remote terminal is provided with sufficient decoding intelligence to provide a comparison between the code input by the user and the code associated with the identification apparatus.
Such prior art approaches suffer from a lack in security engendered by the ability of unscrupulous or unauthorized personnel to intercept telecommunication between the remote terminal and the central controller, thus providing a possibility of unathorized access to a PIN associated with a specific identification apparatus. Alternatively, such unscrupulous persons may decode a number physically associated with the identification apparatus and may thus present such a number along with the unauthorized apparatus to gain access to a secure system.
The prior art thus suffers from deficiencies in security operations which may result in erroneous identification and access to the secured system. One prior art approach to resolution of the above-mentioned problem is the generation of a random number by the central controller for transmission to the remote terminal in encrypted form. The remote terminal, upon receipt of the random number generated by the central controller, decrypts the number and in turn re-encrypts the same for re-transmission to the central controller. Such an approach is described in prior U.S. Pat. No. 4,349,695. However, the generation of random numbers for transmission from the central controller for ultimate re-transmission thereto does not solve the difficulties previously identified with respect to such systems.