Traditionally, a person must directly possess a man-made token whenever attempting authorization for an electronic stored value transaction. By contrast, as the disclosed invention is completely tokenless, it does not require the user to directly possess, carry or remember any token that can be lost, stolen or damaged.
A particular example of such man-made tokens is pre-encoded stored value stored value tokens that are popular in financial transactions. Whether magnetic swipe cards or smart cards are used, in stored value transactions the payor has actually withdrawn funds from his own financial account for pre-payment purposes and these funds can thereafter be accessed via any one of several types of tokens. Examples of such tokens include: a) a magnetic stripe encoded with either a bank or other third party's account for an on-line authorization, or; b) a memory chip embedded within the physical token itself for an off-line authorization; c) a magnetic stripe encoded with the payee's financial account data for an on-line authorization.
In the case of third party online authorization, the stored value token draws on funds that the payor has transferred into a third party account for settlement with the payee at a later date.
In the case of an off-line authorization, funds are transferred by the payor from his financial account onto a stored value token, such as a magnetic swipe card or a smart card using an embedded memory chip. In this context, "off-line" means that the transaction is processed through a chip on the card and there is no processing involving dial-up access to a financial account.
In the case of a payee on-line authorization, the payor transfers pre-payment directly to a payee's financial account and is issued a magnetic encoded token that is identifies the stored value account. An example is a magnetic swipe card that is encoded with the payor's specified pre-paid amount and which can be used at a specific retailer or in a specific geographic region, such as a metropolitan subway system. In these instances, the payor's funds are in effect transferred to a specific payee's financial account and are reserved for later use by the payor, while the payee earns interest on the cash reserve. Unlike cash, when such a stored value token is stolen the funds may be stolen from the payor but they are still in a stored value account at the card-issuing payee.
Therefore, whether buying services or products, a payor must rely on the money transfer to be enabled by the payor using man-made memory tokens. The sole functions of such tokens are to store money. However, these tokens can be easily exchanged, either knowingly or unknowingly, between people, thereby de-coupling them from the original intended person.
Various token-based biometric technologies have been suggested in the prior art, using smart cards, magnetic swipe cards, in conjunction with fingerprints, hand prints, voice prints, retinal images, facial scans or handwriting samples. However, because the biometrics are generally either: a) stored in electronic and reproducible form on the token itself, whereby a significant risk of fraud still exists because the comparison and verification process is not isolated from the hardware and software directly used by the payor attempting access, or; b) used in tandem with the user directly using magnetic swipe cards, paper checks or a PC with the user's financial data stored resident therein. Examples of this approach to system security are described in U.S. Pat. No. 4,821,118 to Lafreniere; U.S. Pat. No. 4,993,068 to Piosenka et al.; U.S. Pat. No. 4,995,086 to Lilley et al.; U.S. Pat. No. 5,054,089 to Uchida et al.; U.S. Pat. No. 5,095,194 to Barbanell; U.S. Pat. No. 5,109,427 to Yang; U.S. Pat. No. 5,109,428 to Igaki et al.; U.S. Pat. No. 5,144,680 to Kobayashi et al.; U.S. Pat. No. 5,146,102 to Higuchi et al.; U.S. Pat. No. 5,180,901 to Hiramatsu; U.S. Pat. No. 5,210,588 to Lee; U.S. Pat. No. 5,210,797 to Usui et al.; U.S. Pat. No. 5,222,152 to Fishbine et al.; U.S. Pat. No. 5,230,025 to Fishbine et al.; U.S. Pat. No. 5,241,606 to Horie; U.S. Pat. No. 5,265,162 to Bush et al.; U.S. Pat. No. 5,321,242 to Heath, Jr.; U.S. Pat. No. 5,325,442 to Knapp; U.S. Pat. No. 5,351,303 to Willmore; U.S. Pat. No. 5,832,464 to Houvener et al, all of which are incorporated herein by reference.
Uniformly, the above patents disclose financial systems that require the user's presentation of tokens to authorize each transaction, thereby teaching away from tokenless biometric financial transactions.
As a result, there is a need for a new electronic stored value transactions system that is practical, convenient for the consumer, and yet cost-effective to deploy. More specifically, there is a need for an electronic stored value financial transaction system that: a) can rely solely on a user's biometric for transaction authorization, and; b) does not require the payor to directly possess any man-made memory tokens such as smart cards, magnetic swipe cards or personal computers.
Lastly, such a system must be affordable and flexible enough to be operatively compatible with existing networks having a variety of electronic transaction devices and system configurations.
Accordingly, it is the objective of the present invention to provide a new system and method of tokenless biometric financial transactions for electronic stored value.
As such, it is an objective of the invention to provide an electronic stored value financial transaction system and method that eliminates the need for a payor to directly possess any man-made token. Further, it is an objective of the invention to provide an electronic stored value transaction system that is capable of verifying a user's identity based on one or more unique characteristics physically personal to the user, as opposed to verifying mere possession of objects and information.
Another objective of the invention is to provide an electronic stored value transaction system that is practical, convenient, and easy to use, where payors no longer need to remember personal identification numbers to make purchases.
Another objective of the invention is to provide increased security in a very cost-effective manner, by completely eliminating the need for the payor to directly use ever more complicated and expensive tokens.
Another objective of the invention is to authenticate the system to the payor once the electronic stored value transaction is complete, so the payor can detect any attempt by criminals to steal their authentication information.
Another objective of the invention is that the payee be identified by an electronic identicator, wherein the payee's identification is verified.
Another objective of the invention is to be added in a simple and cost-effective manner to existing terminals currently installed at points of sale and used over the Internet around the world.
Yet another objective of the invention is to be efficiently and effectively operative with existing financial transactions systems and protocols, specifically as these systems and protocols pertain to processing of electronic stored value.