Preparation and storage of copies of documents for paper transactions is expensive and time consuming. Completion of such transactions among geographically distant parties has traditionally required conventional transmission mechanisms, such as mail, with inherent delays associated with such mechanisms. Record keeping for such transactions has required significant additional steps, such as keeping a checkbook log for personal checks, keeping copies of prescriptions and medical records, making many duplicates of mortgage applications, and the like.
The digital computer and computer network make it possible to eliminate many of the drawbacks of paper transactions. The digital computer is a powerful data processing tool that allows a user to organize, store and analyze data at volumes and rates that would be impossible by any prior known techniques. The computer network is a similar step forward. By linking together several computers and by providing shared resources and cross-platform communications, engineers have developed the computer network into a tool that provides sufficient processing power to provide improved access to sophisticated applications by users at remote locations and to permit easy transmission of electronic documents between such locations.
One of the most widely accepted and heavily used networks is the Internet. The Internet is a global system of interconnected computer networks formed into a single world wide network, using an agreed-upon protocol. A user, through the Internet, can interactively transmit messages with users in different countries. Similarly, a user in the U.S. connected to files and libraries and other jurisdictions such as Europe and Asia, can download files for personal use. Accordingly, the Internet computer network provides strong communications functions similar to the communications functions provided by ham radio operators. Moreover, the Internet computer network acts like a universal library, providing electronic access to resources and information available from Internet sites throughout the world.
In addition to the inherent inefficiencies of paper transactions, other problems exist. Many of these problems relate to documents that require signatures. In particular, in order for a reader of a paper document to determine that a particular document or part of a document has been signed, the reader must be given access to the entire document; thus, a party who may only need to know that the document has been signed must be given access to the entire document, including any confidential information contained therein. Signatures are used in a wide range of contexts, including financial instruments, contracts, mortgage applications, and medical records and prescriptions, to indicate the agreement, consent or authority of the signer. Transactions that require signatures have traditionally employed conventional means for execution, such as pen and paper. As used herein, "signature" has its broadest source; that is, it means any indication of agreement, consent, certification, acceptance, or other giving of authority, that is associated with a person or entity.
The present invention leverages the power of distributed network computing to overcome many of the inherent inefficiencies of paper transactions.
It is well known that digital computing and computer networks reduce or eliminate many of the inherent inefficiencies in dealing with documents. Word processing programs are used almost universally by individuals and businesses who produce, store and transmit documents. However, documents that require signatures are a special case that present special problems. The signature itself is the first problem, since a signature is traditionally thought of as a manual signature. Protocols for signing electronic documents have been developed, including cryptographic digital signature algorithms, more particularly discussed below.
In addition to the problem of associating a signature with a document, other special problems are likely to exist in cases of documents that require signatures or affect commercial transactions. In particular, special requirements or protocols may apply to the content of such documents. For example, detailed rules exist as to how various actors are required to complete or respond to the information on each part of a paper check or other financial instrument. Similarly, rules exist as to how to complete and process a mortgage loan application. Different parts of medical records are also completed pursuant to protocols that require specific action on the part of medical personnel, insurers, and the like. In each of these cases the logical content of the different parts of the document is important, and a need exists to use the logical structure in the storage, manipulation and transmission of such document so that documents can be sent to known protocols. For example, if a protocol requires that a document bear a date, a logical element of the document should be defined for data information. Moreover, the protocols associated with signed documents are often established over time through custom and usage, so a need exists to permit electronic documents that closely mirror current practice. Also, although most individuals or businesses have computers, certain functions continue to be performed without the aid of a computer, such as viewing a human signature. Thus, it is important that documents that require signatures not only be machine processable, but also human readable.
A group of computer languages has been developed to help users manipulate documents according to logical content. Such languages, known as "markup languages," are a powerful tool in processing documents. Markup languages also have other advantages more particularly described below. One of the most important such languages is the Standard Generalized Markup Language ("SGML"). Certain advantages of an embodiment of the present invention may be understood by developing an understanding of SGML.
SGML is defined by the International Organization for Standardization in ISO 8879 (Information processing--Text and office systems--Standard Generalized Markup Language (SGML), ([Geneva]: ISO, 1986)). SGML is an international standard for the definition of device-independent, system-independent methods of representing texts in electronic form. SGML is an international standard for the description of marked-up electronic text. More particularly, SGML is a meta-language formally describing markup languages. In the present context, the word "markup" covers all sorts of special markup codes inserted into electronic texts to govern formatting, printing, or other processing. More generally, markup, or encoding, can be defined as any means of making explicit an interpretation of a text.
A markup language is a set of markup conventions used together for encoding texts. A markup language must specify what markup is allowed, what markup is required, how markup is to be distinguished from text, and what the markup means. SGML provides the means for doing the first three; a specific markup language such as that of the present invention fulfills the last function for particular contexts.
Three characteristics of SGML distinguish it from other markup languages: emphasis on descriptive rather than procedural markup; document type definitions; and independence from any one system for representing the script in which a text is written.
A descriptive markup system uses markup codes which simply provide names to categorize parts of a document. Markup codes such as &lt;list&gt; simply identify a portion of a document and assert of that portion that "the following item is a list," etc. By contrast, a procedural markup system defines what processing is to be carried out at particular points in a document. In SGML, the instructions needed to process a document for some particular purpose (for example, to format it) are distinguished from the descriptive markup which occurs within the document. Usually, the instructions are collected outside the document in separate procedures or programs such as that of the present invention.
With descriptive instead of procedural markup the same document can readily be processed by many different pieces of software, each of which can apply different processing instructions to those parts of it which are considered relevant. For example, a content analysis program might disregard entirely the footnotes embedded in an annotated text, while a formatting program might extract and collect them all together for printing at the end of each chapter. Different sorts of processing instructions can be associated with the same parts of the file. For example, one program might extract names of persons and places from a document to create an index or database, while another, operating on text that has been "marked up" in some way, might print names of persons and places in a distinctive typeface.
SGML also provides the notion of a document type, and hence a document type definition ("DTD"). Documents are regarded as having types, just as other objects processed by computers. The type of a document is formally defined by its constituent parts and their structure. The definition of a report, for example, might be that it consists of a title and author, followed by an abstract and a sequence of one or more paragraphs. Anything lacking a title, according to this formal definition, would not formally be a report, and neither would a sequence of paragraphs followed by an abstract, whatever other report-like characteristics these might have for the human reader.
If documents are of known types, a special purpose parser can be used to process a document claiming to be of a particular type and check that all the elements required for that document type are indeed present and correctly ordered. More significantly, different documents of the same type can be processed in a uniform way. Programs can be written which take advantage of the knowledge encapsulated in the document structure information, and which can thus behave in a more intelligent fashion.
SGML also ensures that documents encoded according to its provisions are transportable between different hardware and software environments without loss of information. The descriptive markup feature and the document type definition address the transportability requirement at the abstract level. A third feature addresses it at the level of the strings of bytes (characters) of which documents are composed. SGML provides a general purpose mechanism for string substitution; i.e., a machine-independent way of stating that a particular string of characters in the document should be replaced by some other string when the document is processed. This feature counteracts the inability of different computer systems to understand each other's character sets, or of any one system to provide all the graphic characters needed for a particular application, by providing descriptive mappings for non-portable characters. The strings defined by this string-substitution mechanism are called entities.
The SGML structure for a textual unit is known as an element. Different types of elements are given different names, but SGML provides no way of expressing the meaning of a particular type of element, other than its relationship to other element types. Within a marked up text (a document), each element must be explicitly marked or tagged in some way. The standard provides for a variety of different ways of doing this, the most commonly used being to insert a tag at the beginning of the element (a start-tag) and another at its end (an end-tag). The start- and end-tag pair are used to bracket off the element occurrences within the running text, in rather the same way as different types of parentheses or quotation marks are used in conventional punctuation.
SGML has the ability to use rules stating which elements can be nested within others to simplify markup. Such rules are the first stage in the creation of a formal specification for the structure of an SGML document, or document type definition. SGML is most useful in contexts where documents are seen as raw material to be matched against a predefined set of rules. Such rules can include legal rules or known protocols, customs or practices. By making the rules explicit, the designer reduces his or her own burdens in marking up and verifying the electronic text, while also being forced to make explicit an interpretation of the structure and significant particularities of the text being encoded.
A variety of software is available to assist in the tasks of creating, validating and processing SGML documents. At the heart of most such software is an SGML parser: that is, a piece of software which can take a document type definition and generate from it a software system capable of validating any document invoking that DTD. Output from a parser, at its simplest, is just "yes" (the document instance is valid) or "no" (it is not). Most parsers will however also produce a new version of the document instance in canonical form (typically with all end-tags supplied and entity references resolved) or formatted according to user specifications. This form can then be used by other pieces of software (loosely or tightly coupled with the parser) to provide additional functions, such as structured editing, formatting and database management.
A structured editor is a kind of intelligent word-processor. It can use information extracted from a processed DTD to prompt the user with information about which elements are required at different points in a document as the document is being created. It can also greatly simplify the task of preparing a document, for example by inserting tags automatically.
A formatter operates on a tagged document instance to produce a printed form of it. Many typographic distinctions, such as the use of particular typefaces or sizes, are intimately related to structural distinctions, and formatters can thus usefully take advantage of descriptive markup. It is also possible to define the tagging structure expected by a formatting program in SGML terms, as a concurrent document structure.
Text-oriented database management systems typically use inverted file indexes to point into documents, or subdivisions of them. A search can be made for an occurrence of some word or word pattern within a document or within a subdivision of one. Meaningful subdivisions of input documents will of course be closely related to the subdivisions specified using descriptive markup. It is thus simple for textual database systems to take advantage of SGML-tagged documents.
Hypertext systems improve on other methods of handling text by supporting associative links within and across documents. Again, the basic building block needed for such systems is also a basic building block of SGML markup: the ability to identify and to link together individual document elements is an inherent a part of the SGML protocol. By tagging links explicitly, rather than using proprietary software, developers of hypertexts can be sure that the resources they create will continue to be useful. To load an SGML document into a hypertext system requires only a processor which can correctly interpret SGML tags. HTTP servers in wide use for network computing are suitable to interpret SGML.
Although markup languages exist in accordance with the SGML standard that permit the user to manipulate documents according to logical content identified by tags within a document, conventional markup languages have not fully addressed the special problems associated with documents involved in signature transactions. A particular need exists for a flexible markup language that permits a document designer to create documents that are designed to comply with legal requirements and other protocols of a wide variety of particular transaction contexts that involve signatures. Also, a need exists for a markup language that permits the design of documents that are machine processable and human readable. A further need exists for electronic documents that can be subdivided or redacted as transmitted in parts, wherein the integrity of the document and the validity of the signature remains.
The benefits of a flexible, powerful markup language may best be understood by reference to a number of specific transaction contexts in which such a language is particularly useful. These transaction contexts relate to embodiments of the invention. One such context is in the area of financial instruments, and particularly electronic funds transfer instruments. These contexts are described merely by way of illustrations and it should be understood that any context in which signed documents are used may benefit from the present invention.
As seen in FIG. 1, in a typical financial transaction 10 a payer 12 transfers funds to a payee 14. Individual payers and payees prefer different payment methods at different times, including cash, checks, credit cards and debit cards. The transfer of funds between the payer 12 and the payee 14 may involve intermediate transactions with one or more banking institutions 16. The banks' functions include collecting and holding funds deposited by account holders and responding to instructions from the account holders. Checks are an example of financial transactions which invoke these banking institution functions.
FIG. 2 shows a paper check transaction 20, in which a check 22 is transferred from the payer 12 to the payee 14. The check 22 is typically found in a checkbook 24. Each check has several blank spaces (for the date 34, the name of the payee 30, the sum of money to be paid 28, and the signature of the payee 38) to be filled out by the payer 12. As each check is written, the payer 12 keeps a record of the check in a check register 26 which lists check transactions including the sum to be paid 28, the name of the payee 30, the identification number of the check 32, and the date of the transaction 34.
In the body of the check 22, the payer 12 instructs the payer's bank 36 to pay the stated sum of money 28 to the payee 14. The check 22 identifies the payer's bank 36, the payer's account number 40 (using magnetically readable characters) at the payer's bank, and the payer 23 (usually by printed name and address). After filling in the date 34, the name of the payee 30 and the sum of money 28 as ordered by the payee 14, the payer signs the check 22. A payee typically considers a check authentic and accepts it for payment only if it contains the signature 38 of the payer, the printed identification of the payer 23 and the printed name and logo 42 of the payer's bank 36, and does not appear to be altered. The check 22 also contains a routing and transit number 25 which indicates the routing of the check to the payer's bank 36 for presentment.
After the payer 12 presents the completed check 22 to the payee 14 in a financial transaction (such as a sale of goods or services), the payee 14 endorses the check 22 on the back with instruction to deposit the amount 28 with the payee's bank 46. If the check looks authentic, the payee bank 46 provisionally credits the payee's account 48 for the amount of money designated on the face of the check 28 pending clearance through the federal reserve system and acceptance and payment by the payer's bank 36.
The payee's bank 46 routes the check 22 to the payer's bank, possibly using the federal reserve bank clearing house 50 or other established clearing arrangement, which uses the routing and transit number 25 to deliver it to the payer's bank 36, which then verifies the authenticity of the check 22 and (at least for some checks) the signature 38 of the payer 12. If the check 22 is authentic and the payer 12 has sufficient funds in her account 40 to cover the amount of the check 28, the payer's bank 36 debits the payer's account 40 and transfers funds to the payee's bank 46 for the amount designated on the check 28. A complete check transaction 20 thus includes verification steps performed by the payee 14 and the payer's and payee's banks 36 and 46.
The banks 36 and 46 send bank statements 52 and 54 to the payer 12 and payee 14, respectively, which reflect events of the transaction 20 pertinent to each of the parties for reconciliation of their accounts with their records.
Processing a paper check requires time as the physical check is routed to the payer, the payee, the payee's bank, the clearing house and/or the payer's bank. The same is true of other types of financial transactions involving paper instruments, such as credit card slips generated during a credit card sale. In a credit card transaction, a merchant makes an impression of the customer's card, which the customer then signs, to function as a receipt for the transaction. The merchant typically obtains a positive acknowledgment or credit authorization from the customer's credit card company before accepting the credit card slip. This assures that payment will be received.
Several mechanisms for using electronic communication to substitute for paper flow in financial transactions are in use or have been proposed.
Electronic Check Presentment (ECP) is a standard banking channel used to clear checks collected by banks prior to or without routing the physical checks. The Automated Clearing House (ACH) is an electronic funds transfer system used by retail and commercial organizations. The ACH acts as a normal clearing house, receiving a transaction over the network and then splitting and routing the debit and credit portions of the transaction to the payer's and the payee's banks. Electronic Data Interchange (EDI) is a similar electronic transactional system, primarily used for the interchange of business documents such as invoices and contracts. With EDI, the funds transfer is frequently transmitted over other financial networks, such as through electronic funds transfer or ACH.
So-called home banking allows a consumer to use a home or personal computer to, e.g., request that the bank pay certain bills.
Electronic funds transfer (EFT), or wire transfer, is used for direct transfer of funds from a payer to a payee, both usually corporations, using a bank's centralized computer as an intermediary. The EFT system may be used in conjunction with the ACH system described above.
Automatic teller machines (ATM) and point of sale (POS) devices allow an individual to conduct a transaction from a location outside the home. ATMs have remote computer terminals connected to the user's bank which allow access, directly or indirectly through switching networks, to the user's account in the central computer of the bank. Similarly, POS devices are remote computer terminals located at a place of business which allow access to an individual's account information stored in a computer within a network of financial institutions, to permit transfer of funds from the user's account to the merchant's account at another bank.
Check imaging, another electronic transaction procedure, involves the scanning of a paper check by a scanner, which digitizes the image of the check pixel by pixel and stores the image electronically in a memory. The image may then be transferred electronically to substitute for or precede the physical delivery of the check, e.g., to truncate the clearing process. The image of the check may be recreated on a computer monitor or on paper for verification by the appropriate banking institutions.
Several systems are currently used to secure electronic financial transactions. For example, IC chip cards, or smart cards, are small devices (containing chips with memories) which are capable of exchanging data with a computer or a terminal and of performing simple data processing functions, and are thus more versatile than a simple credit card. The smart card is portable and may be easily used in POS and ATM environments.
Other embodiments of the invention relate to execution of legal documents, completion of mortgage applications, and transmission of signed medical records.
As seen in FIG. 18, in a typical contract transaction 401 a first signer 410 signs a legal document 483 and delivers the document to a second signer 422. The document may pass through various intermediaries 421, such as a notary, for other actions, such as notarization. Also, the document may be passed on to various third parties 425 who will read the document in order to verify the signature or the contents of the document. A third party 425 could be a judge, arbitrator 423, escrow agent 427, or other party whose action depends on the contents of the document and the signature.
Referring to FIG. 21, a typical contract transaction 481 is depicted in which the first signer 410 signs a document 483. In addition to substantive contract clauses, the document may include the names of the parties 484, the date 486, a signature line 470, a second signature line 472, a notarization line 474 and other features. Once signed by the first signer 410 the document may be transmitted to a second signer 422. The second signer may sign the document with the second signer's signature 480 at the second signature line 472. The document may then be notarized by a notary 421 with a notarization 482 at the notarization line 474. The document may be transmitted to various third party readers 423. For example, the contract may provide for an escrow of funds with an escrow agent, and the document may need to be transmitted to the escrow agent in order to permit the escrow agent to understand the conditions under which the funds will be released.
In contract transactions such as that depicted in FIG. 21, it is often a condition of the contract that certain information exchanged between the parties be kept confidential. In particular, certain terms of the contract are often required to be kept confidential. However, one or more parties may need to demonstrate to a third party that the contract has been signed as to certain other terms. Often, the third party does not need to know all terms of the contract, only that the contract has been signed as to certain terms. For example, the escrow agent only needs to know the terms of the escrow arrangement, not all of the terms of the business relationship between the parties. Similarly, third parties relying on a statement by one signer that the signer owns certain property only need to see the provisions of the contract that relate to ownership of property. The dilemma is that under known electronic document processing systems, where the signer signs the entire file, such a demonstration requires the disclosure of the entire file. With paper transactions, the confidential information can be blacked out, so that only the relevant information and the signature remains. With an electronic file, such redaction places in question the integrity of the entire document, as well as the validity of the signature. A need has arisen to provide the convenience and flexibility of electronic contracting, along with the security and familiarity of known paper contracting methods.
As with electronic checks, a need also exists for electronic contracts to remain human readable. That is, an individual should be able to read the contract or a portion of the contract on the screen or in a printout and obtain any relevant information that can be obtained through electronic processing. The need for human readability arises from, among other things, the fact that not all readers will have computer systems that are capable of reading the electronic form of the documents.
A mortgage loan application is one type of legal document that may be prepared in accordance with the present invention. Referring to FIG. 19, in typical mortgage transaction 489, a borrower 452 signs a loan application 490. The loan application may be signed at various signature lines. The loan application is then transmitted to a lender in some cases through an intermediary such as a broker 455. The application may then be reviewed and acted upon by various third parties 456, such as mortgage lenders, credit reporting agencies, banking institutions and the like.
Referring to FIG. 22, a typical mortgage loan application transaction 489 is depicted in which the borrower 452 submits a mortgage application 490. The mortgage application 490 may include various information such as the date 491, the names of the parties 493, various signature lines for particular clauses 492, 494, and a signature line 498 for the entire application for the borrower, as well as a signature lines 500, 501 for the lender and for the broker 455. The mortgage application, once signed by the borrower at the signature lines 492, 494 and 498, may be transmitted to the lender 454. The lender may then sign with the lender's signature 505 at the lender's signature line 501 and transmit it to the lender. The broker 455 may also sign at the signature line 500. The document may then be sent on to one or more third parties 456 such as a bank for review. Also other parties may need to see the application, such as a credit reporting agency or an appraiser, to verify that the borrower has given permission to reveal information contained in the application or in a credit report. Once the credit reporting agency and other third party has reported to the lender 454, the lender 454 may then approve the loan and provide an approval 508 to the borrower 452.
Mortgage loan transactions raise similar confidentiality concerns as legal contracts. A credit reporting agency may only need to see the part of the application that authorizes a credit report, but known electronic techniques require the signer to sign the entire file; thus, in order to ensure the validity of the signature, the credit reporting agency must receive the entire document. Other third parties may also need to see only part of the application. Accordingly, a need has arisen to provide for transmission of part of a mortgage loan application while ensuring the integrity and validity of the signature, as well as of the information in the part that is transmitted.
A mortgage application needs to be human readable, because various parties who will read part or all of the document, such as credit agencies, appraisers or the like may not have computer systems that are capable of reading electronic documents. Human readability permits the continued application of existing customs and legal rules, increasing the comfort of users with electronic document processing.
Referring to FIG. 20, another type of document that requires signatures and is subject to various legal requirements is a patient's medical record 520. A first doctor 462 may sign the medical record or part of the medical record and transmit it to a second doctor 464 who may add additional information and signatures to the document. The document may be transferred through or to various intermediaries 467, or third parties 468, such as the patent, other doctors, hospital administrators, insurance companies, guardians, family members and the like.
Referring to FIG. 23, a depiction of a medical record transaction 521 is provided. A first doctor 462 may sign a record 520. The record may include one or more dates 530, 532. The medical record 520 may include various health-related content items such as a diagnosis 522, prescription 524, or an action taken 523, as well as other content items, such as health insurance information 525. The record 520 may include a signature line 528 for the first doctor 462 and a signature line 529 for other items to be signed by a second doctor 464. Once the medical record is signed and completed by a first doctor 462, it may be transmitted to the second doctor 464 for signature 534 by the second doctor 464 at the second doctor's signature line 529. Once the medical record 520 is signed by one or more doctors, it may be transmitted to an intermediary 467, such as a hospital administration, or to a third party 468 such as an insurance company, a medical records sections of the hospital, a guardian, a family member or the patient. One or more of these parties may be required to take action 537, for example to sign the record, to indicate consent to procedures, to indicate insurance coverage, or for other purposes. These parties may need to rely on the signature of the doctors 462, 464 in order to take action on the medical record.
Medical records are like contracts and loan applications in that they contain confidential information that may need to be read by third parties, such as patient health information, insurance information and the like, but most of the third parties only need access to certain portions of the information. For example, an insurer may need to know the diagnosis, but may be excluded from consideration certain information in the record, such as HIV status. Similarly, a doctor diagnosing a medical condition may not need to know insurance eligibility. Under current electronic document systems, in order for the reader to ensure the integrity of the record and the validity of the signature, the entire file is disclosed. A need exists to be able to transmit portions of a signed medical record while ensuring the integrity of the record and the validity of the signature
Medical records also need to be human readable. Many of the parties who will read the records, such as doctors and nurses may not have immediate access to computer systems for processing the documents. Also, human readability permits parties in the medical field to continue to use customary practices in dealing with such records. Moreover, if documents remain human readable, then existing legal rules for paper records can be applied to electronic records. Medical records also need to be readable in segments. For example, a health insurer may be entitled to know a particular diagnosis or prescription without having knowledge of a patient's entire medical history.