Referring to FIG. 1, an asset storage and transfer system 2 in accordance with Applicant's PCT patent publications Nos. WO 2011/032257 and WO 2011/032271, the entire content of both publications is hereby incorporated herein by reference, comprises at least two storage media 4 configured to exchange messages through a communications medium 6. Each storage media 4 comprises an input/output (I/O) interface 8 configured to enable the storage media 4 to send and receive messages through the communications medium 6; a controller 10 responsive to received messages to record transfers of content to the storage media 4 and to transfer content from the storage media 4; and a memory 12 storing a respective unique identifier 14 of the storage media 4, a private key 16 and a certificate 18 uniquely assigned to the storage media 4, a log 20 of content transfers to and from the storage media 4, and a current value (Cur.Val) 22 of the storage media.
The private key 16 and a certificate 18, facilitate encryption and digital signature functionality using, for example, well-known Public Key Infrastructure (PKI) techniques. For the purpose, the private key 16 and the certificate 18 will typically be generated by a trusted Issuing Authority, such as, for example, Verisign™.
It is anticipated that the storage media 4 may be constructed as a physical device suitable for distribution and use by an individual person. Multiple such devices may be used by a merchant, for example. The storage media 4 may be configured to connect to a user's communications device 24 for communications through a data network 26, as shown in FIG. 1b. Such a personalized storage media 4 may be manufactured in any suitable form-factor, including, but not limited to, form factors commonly used in smart-cards, USB flash drives or memory cards. The I/O Interface 8 can be provided as any suitable communications link, such as, for example, a Universal Serial Data (USB) or mini-USB connection, a Blue-Tooth™ or Infra-red wireless connection. Other connection technologies may be used, as desired. Preferably, the I/O interface 8 is designed to enable the user to easily and reliably connect and disconnect their storage media 4 to and from a communications device 24, and, when connected, facilitate secure transfer of information between the storage media 4 and the communication device. For this reason, in embodiments in which a wireless interface technology is used, it is preferable that the wireless connection be operative over a very limited distance (e.g. on the order of 10 cm or less), so as to reduce power requirements and enhance security. Various known radio-frequency electromagnetic or magnetic coupling techniques may be used to implement a wireless connection at this distance.
The controller 10 and memory 12 may, for example, be constructed as a secure module 30 using known Subscriber Identity Module (SIM) techniques. However, this is not essential. Preferably, the storage media 4 is configured in such a manner that the controller 10 and memory 12 cannot be removed from the storage media 4 without destroying the controller 10 and memory 12. Use of SIM technology for construction of the controller 10 and memory 12 is beneficial, in that it enables the ID 14, Private Key 16 and certificate 18 to be permanently stored in the storage media 4 in such a manner that it is never destroyed (without destroying the functionality of the entire token, which is inconvenient to the user, but maintains security) and it is not practical to “hack” or reverse engineer the storage media 4 to discover the Private Key 16 or modify any of the log 20, the current content (Cur.Val) 22 or the operation of the storage media 4. As a result, each user of the system 2 has a good reason to believe that the association between the ID 14, Private Key 16 and Certificate 18 of any given storage media 4 is unique, and cannot be fraudulently duplicated.
The communication device 24 may take any suitable form, including, but not limited to, Personal Computers (PCs), note-book PCs, Personal Digital Assistants (PDAs), cell phones, smart-phones, point-of-sale machines etc.
The system of FIGS. 1a-b, enables the secure and reliable transfer of asset value amounts between users, who may comprise individual persons and/or merchants. Thus, for example, FIG. 2 illustrates a possible scenario in which a point of sale terminal 28 is connected to a data network 26 to enable a user “A” to make on-line purchases, and is further connected to a reader 30 to enable a user “B” to complete in-store purchases. The point of sale terminal 28 may also be connected to a merchant box 32 which is designed to receive one or more storage media 4 owned by the merchant. With this arrangement, users A and B can complete purchase transactions using their respective storage media to transfer the appropriate asset value amounts to the merchant.
A limitation of this approach, however, is that in order for the merchant's point of sale terminal 28 to be able to complete in-store purchases, the merchant must obtain a reader 30 capable of interacting with customers' storage media 4. In some cases merchants may be reluctant to incur this expense.
Techniques for addressing this limitation are desired.