1. Field of Invention
The present invention pertains generally to data processing devices and methods and more particularly to a transaction and identification system employing a unitary self-contained transaction card which uses data processing techniques to verify the user of the card and validate its use.
2. Discussion of the Background of the Invention
The use of transaction cards has increased greatly in the past few years. Transaction cards have been employed as credit cards, debit cards, access control cards to control security by limiting access to designated areas, identification cards, automatic teller machine cards for obtaining money from currency dispensing machines, etc.
Examples of inventions relating to the application of transaction cards are disclosed in the following patents:
______________________________________ U.S. Pat. No. Inventor Date ______________________________________ 3,641,498 Hedin Feb. 8, 1972 3,705,294 Kuehnle et al. Dec. 5, 1972 3,866,173 Moorman et al. Feb. 11, 1975 3,894,756 Ward July 15, 1975 3,906,460 Halpern Sept. 16, 1975 3,919,447 Kilmer el al. Nov. 11, 1975 3,971,916 Moreno July 27, 1976 3,996,450 Kerkhoff Dec. 7, 1976 4,001,550 Schatz Jan. 4, 1977 4,092,524 Moreno May 30, 1978 4,102,493 Moreno July 25, 1978 4,105,156 Dethloff Aug. 8, 1978 4,209,782 Donath et al. June 24, 1980 4,211,919 Ugon July 8, 1980 4,213,118 Genest et al. July 15, 1980 4,256,955 Giraud et al. March 17, 1981 4,277,837 Stuckert July 7, 1981 4,283,710 Genest et al. Aug. 11, 1981 4,295,041 Ugon Oct. 13, 1981 4,298,793 Melis et al. Nov. 3, 1981 4,341,951 Benton July 27, 1982 4,382,279 Ugon May 3, 1983 4,408,119 Decavele Oct. 4, 1983 4,434,473 Michel et al. Feb. 28, 1984 4,446,475 Gercekci et al. May 1, 1984 4,453,074 Weinstein June 5, 1984 UK Patent Application 2 088 605 A European Patent Application 0028965 ______________________________________
U.S. Pat. No. 3,641,498 issued to Hedin discloses an identification card for use in a security access system. The identification card functions as a key that interacts with a peripheral device such as disclosed in FIG. 7 for gaining access to a secured area.
U.S. Pat. No. 3,705,294 issued to Kuehnle et al. discloses a data card which can be encoded by a user by removal of material at specified bit locations to change the light reflection characteristics at the bit locations. The card can then be identified by an optical reading device.
U.S. Pat. No. 3,866,173 issued to Moorman et al. discloses an access control system for controlling the entry and exit of personnel through a door or gate of a restricted area. A person seeking to enter a restricted area inserts a personal identification card having magnetically encoded data thereon into a card reader located adjacent the restricted area. The user then inserts a secret number into a keyboard associated with a card reader. The system performs checks on the card and keyboard data to determine if the person seeking to enter the restricted area is authorized to enter the area. A written record of attempts to enter the area is kept by the system. The system also includes a card erase mechanism which erases the magnetically recorded card data after a predetermined number of unsuccessful attempts to enter the restricted area.
U.S. Pat. No. 3,894,756 issued to Ward discloses an identification card employing a coded holograph. The identification card can be used on credit cards and personal access ID cards. The identifying indicia includes the user's name, signature and photograph.
U.S. Pat. No. 3,906,460 issued to Halpern discloses a system which utilizes a portable data token which stores information in a data transfer device for affecting data transfer between the portable data token and an associated computer. In accordance with this system, data is retrieved from the portable data token processed in the computer and the resulting data may be stored in a portable data token. The data token can store data relating to available credit balance, account number and can be disabled after application of a predetermined number of erroneous validation characters.
U.S. Pat. No. 3,919,447 issued to Kilmer et al. discloses a card suitable for use in identifying both people and objects. The card uses a selectively apertured film which is laminated over another film having a transmission band pass in the infra-red region. The two films provide an optically readable identification card.
U.S. Pat. No. 3,971,916 issued to Moreno discloses a flat card containing incapsulated logic microstructures for carrying data relating to a bank account. The card cooperates with a data transfer device comprising a card reader. Coupling of data between the card and the card reader is affected optically by light emitting diodes and photovoltaic cells, or by direct electrical contact. Credit balances are maintained by the Moreno data storage system.
U.S. Pat. No. 3,996,450 discloses a device for changing the secret number used in association with a coded credit card.
U.S. Pat. No. 4,001,550 issued to Schatz discloses a funds transfer and identification card which is used in conjunction with an electronic terminal. The card includes a random access memory for storing account information. The terminal functions to determine the credit status of the account from the information provided by the random access memory of the card and updates the information on the card so that the card can maintain a record of the account status.
U.S. Pat. No. 4,092,524 issued to Moreno discloses a portable device which contains electronic circuitry to process data. The portable device is inserted in a terminal and a confidential code supplied by the rightful owner is entered into the terminal and electronically coupled to the portable device. The portable device includes circuitry for storing errors in the confidential code attempted to be entered through the terminal device.
U.S. Pat. No. 4,102,493 issued to Moreno discloses a system for storing and transferring data in a confidential manner which uses a portable article having electronic logic microstructures included therein for interaction with a transfer device such as a terminal. The portable article includes a storage medium for storing data and functions to compare confidential data introduced into the transfer device with the data stored in the storage medium.
U.S. Pat. No. 4,105,156 issued to Dethloff discloses an identification card with electronic circuitry including a memory device for storing a secret number used with the card. When the secret number is entered into the card the first time, an input gate is destroyed so that the secret number cannot be altered. The card operates in conjunction with a verifying means which receives the card and checks the identity and entitlement of the user.
U.S. Pat. No. 4,209,782 issued to Donath et al. discloses a security access system employing electronic locks and keys which grant access to secured areas. Release of the locks is dependent upon the coincidence of code pairs of the lock and key.
U.S. Pat. No. 4,211,919 issued to Ugon discloses a portable data or information carrier in the form of a card which employs an internal electronic memory having a secret zone wherein a key or code number is stored. An external terminal is used to enter the key or code number into the card which compares to the stored key number to determine whether the particular operation is authorized.
U.S. Pat. No. 4,213,118 issued to Genest et al. discloses a combination changing system for controlling access to a locked area and updating a lock combination. The lock code combination is automatically changed each time a new key card is used. The system employs both lock and key devices for operation.
U.S. Pat. No. 4,256,955 issued to Giraud et al. discloses a credit card system including a credit card containing a memory for storing coded information indicative of identification of the use for which the article is intended and identification of units used to keep track of operations which are performed in connection with the credit card and the number of units available to the holder of the credit card. The system includes the use of a peripheral device in combination with an identification code. The system has the ability to both check and update the credit limits.
European Pat. No. 0028965 discloses a personal identification system for access control. The device requires interaction with a terminal adjacent the secured area which calculates a function for allowing access.
U.S. Pat. No. 4,277,837 issued to Stuckert discloses a personal portable terminal for financial transactions which is used in conjunction with a terminal called a transactor. The system functions to continually monitor and record an individual's financial records including debiting and crediting accounts. Key input and display capabilities allow transactions to be verified by both parties before the transaction is entered on the personal data storage and transfer card.
U.S. Pat. No. 4,283,710 issued to Genest et al. discloses an access control system which includes provisions for updating lock code combinations.
U.S. Pat. No. 4,295,041 issued to Ugon discloses an intelligent portable data carrier which accesses an external device. The data carrier carries a code in its memory which is accessed by the external device to verify authorization of the data carrier. The data carrier can comprise a card as suggested by Ugon.
U.S. Pat. No. 4,298,793 issued to Melis et al. discloses a portable element shaped as a card for receiving, storing, displaying and outputting data in numerical or alpha-numerical characters. The Melis et al. system communicates with a reservation system and exchanges data therewith. The Melis et al. system uses contactless communication between the portable element and the reservation device.
U.K. Patent Application GB No. 2 088 605 A discloses an identification card or data carrier which contains a confidential code known only to the lawful owner of the card. The code is stored in an integrated circuit disposed in the card. The identification code is compared in the integrated circuit. To prevent unauthorized use of the card, an independent circuit, isolated from the rest of the circuit, is provided to detect the insertion of incorrect codes and render the card inoperable for a predetermined period of time upon the insertion of an incorrect code.
U.S. Pat. No. 4,341,951 issued to Benton discloses an electronic funds transfer and voucher issue system for transferring electronic funds data in lieu of cash between vendees and vendors. Each vendee is provided with an identification card and a portable electronic device which are both presented to the vendor upon making a purchase. The vendee inserts the identification card into the portable electronic device which reads a card identification number from the machine readable indicia on the card. The card identification number is compared with a card identification number stored in memory in the electronic device. If these numbers are not equal, indicating that the inserted identification card is not the one issued to the portable electronic device, further operation of the portable electronic device is automatically stopped. A personal identification number (PIN) is inserted by the vendee by way of a keyboard on the portable electronic device. This number is compared with a personal identification number (PIN) stored in memory in the portable electronic device to energize an invalid lamp on the portable electronic device. The number of incorrect entries of the PIN number is accumulated. The portable electronic device also stores a credit limit balance which is automatically decremented for each transaction. Also, upon favorable comparison of the card identification number read from the machine readable indicia on the card and the stored card identification number, the number is displayed which is the logarithm of the card identification number. This number is viewed by the vendor and written onto the voucher to verify that vendor has actually viewed the portable electronic device and thereby provide additional security. The portable electronic device also has the capability of interacting with an additional device, such as a fixed unit, located at a sponsoring institution for generating credit data.
U.S. Pat. No. 4,382,279 issued to Ugon discloses a single chip microprocessor with on-chip modifiable memory. The microprocessor uses a microprocessor architecture which permits automatic programming of non-volatile memory.
U.S. Pat. No. 4,408,119 issued to Decavele discloses individualized portable object such as a credit card which is intended to cooperate with a terminal. The user of the card supplies an authorization code through the terminal. A verifier circuit disposed within the card verifies whether or not the entered code is the proper authorization code. The proper authorization code must be supplied within a predetermined number of attempts or otherwise the object is invalidated.
U.S. Pat. No. 4,434,473 issued to Michel et al. discloses a method and device for storing logic representations of process states.
U.S. Pat. No. 4,446,475 issued to Gercekci et al. discloses an integrated circuit chip having a digital memory wherein direct access to at least a portion of the memory is prevented. A security code can be programmed into a portion of the memory when it is attached to a wafer probe. An integrated circuit chip is removed from the wafer coupling lines between the contact pads and the memory buffer is destroyed so as to prevent access to this portion of the memory.
U.S. Pat. No. 4,453,074 issued to Weinstein discloses a protection system for intelligent credit cards based upon the encryption of the user's secret pass word. The intelligent card includes a microprocessor and an interface connection with a remote terminal. The intelligent card also includes a memory containing the user's secret password.
Consequently, various systems have been disclosed in the prior art for providing a transaction device which prevents the use of such devices in a fraudulent manner. As disclosed above, these devices have memories which are readable magnetically, optically or electronically. Both optical and magnetic storage of data suffer from small storage capacity, ease of fraudulent access and modification of the memory's contents and the susceptibility of such media to erasure due to heat and magnetic fields. These disadvantages are more specifically outlined in U.S. Pat. No. 3,971,916 issued to Moreno on July 27, 1976.
To overcome the problems associated with magnetically encoded and optically encoded cards, various systems have been designed to use electrical microstructures in the form of electronic integrated circuits. With the advent of the development of LSI and VSLI circuitry semiconductor memories, microprocessors and other logic circuitry can be disposed directly in a card structure as disclosed in the various patents referenced above.
An essential concept employed in conjunction with transaction card systems, to prevent fraud is the use of a secret number commonly known as a personal identification number (PIN) which is known by the user of the card. The PIN functions to identify and verify the user of the card in a transaction. As stated above, the transaction can take the form of a credit or debit transaction accessing a secured area, obtaining money from an automatic teller machine, and various other security type transactions. Electronic microstructures have allowed data to be stored electronically in the card and have provided a great deal of security in preventing access, modification and erasure of that data.
Each of these devices disclosed in the prior art, however, requires interaction with a terminal or transfer device which comprises a fixed terminal type device capable of communicating transaction data. Typically, the card holds in its memory a preprogrammed secret code (PIN) and other confidential and nonconfidential information in a memory located on the card. When the card is to be used, it is inserted in the terminal and the PIN is entered by the user into a terminal keyboard. Either a processor located within the terminal or on the card verifies whether the entered PIN is correct, and if so, the transaction proceeds in the manner disclosed in the above-referenced patents. If the code is incorrect, the user may be allowed to try entering the proper code a preprogrammed number of times until the process is terminated or the card is either temporarily or permanently disabled.
The use of external terminals in conjunction with cards results in a number of disadvantages and limitations. For example, it is necessary to have a terminal at each of the locations where the cards are to be used. This comprises a significant cost in implementing such a system because of the large number of terminals that are required and the attendant cost of installation and maintenance.
Another disadvantage introduced by the use of external terminals is that of reliability. Because of the complexity of such terminals, there is a high probability that they will be inoperable for a certain fraction of their useful lifetimes. Inoperability of the terminal device, in certain applications, would not be appropriate, such as in access control applications. Duplication of terminal devices to overcome problems of down time further increases the cost of the system.
Another disadvantage resulting from the use of external terminals is the lack of security which naturally results from the communication between the card and the terminal. This communication can be easily intercepted and monitored by criminals knowledgeable in the field of electronics. Although systems have been developed to guard against losses which may occur due to monitoring of communications between a card and the terminal, such as disclosed in the above-referenced U.S. Pat. No. 4,453,074 issued to Weinstein which discloses a sophisticated encryption/description algorithm, the systems are quite complex and still allow the monitoring of data through communications between the card and a terminal.
Additionally, considerable time and expense would be required to change existing systems such as credit card systems using machine readable indicia to fixed terminal/card systems. As a result of these problems, implementation of systems such as those proposed in the above-referenced patents have not been widely accepted even though losses in card transaction systems, such as credit card systems, are in the billions of dollars each year.