This invention is directed to a data carrier being preferably shaped as a personal card (i.e., credit card) holding information about the owner, the card issuing organization, account number, etc., and being intended for manual utilization at the place of use or by means of a read-in/read-out device included in a terminal equipment. The data carrier comprises means for internal processing of supplied identification information of the owner during a verification process and for generating an acceptance signal as a result of a verification of the identity and/or right of the owner to use the data carrier.
Data carriers or cards of the type indicated above are known and are generally referred to as credit cards. Normally, said cards are dimensioned according to an accepted ISO standard, which means that the card is made from a PVC material being bendable to some extent and having the approximate dimensions of 0.8 mm.times.54 mm.times.85 mm.
Data cards intended to be handled manually may comprise said information in an embossed print allowing the information to be transferred to a payment verification by means of a print operation.
Data cards intended to be handled by a terminal equipment may comprise a loop of magnetizable material comprising said information, and the terminal comprises a read-out device for reading the information which is registered magnetically and a read-in device for a read-in of new information. Data cards of this type may alternatively comprise optically readable and writeable areas and may also be of the punched card type holding a combination of holes being mechanically readable by the terminal equipment.
Recently active data cards have begun to appear on the market. Said cards are provided with memory circuits and logic circuits of semiconductor type which allows for storing of information and processing of the same internally on the card. For communication with a terminal equipment, cards of this type are provided with a number of externally available electrical connection means or corresponding coupling means.
A general problem when data cards are used is the fact that a lost or stolen data card may be used without authorization by a different person. This problem may be eliminated if the user is obliged to verify his right before the data card may be used.
In the case of data cards intended for manual handling, the verification may be carried out in that the user verifies his identity by presenting a different identification document. Normally, however, a certification is not required when such a data card is used, among other things due to the fact that this will create a delay and give rise to a long line of people at the places of use. Instead the active control or check is carried out by means of so-called black lists comprising the numbers of all blocked accounts, which may have been blocked due to the fact the account holder has not fulfilled his obligations towards the accounting organization or the fact that the account holder has reported the card as lost. The black lists, being up-dated regularly, mean a significant increase of work at the places of use. Moreover, it is possible that a blocked account will not be observed during a manual check. As a consequence, the card will be used despite the fact that it should not. Furthermore a card, which has been lost for example, may be misused from the time it is reported as lost until an updated black list is available.
In order to improve the working situation at the places of use, so-called electronic "black lists" have been developed lately. Then, a data computer including a memory is used to check the list. In said memory the information about blocked accounts which was previously printed on the black lists is stored. During a check the actual account number is introduced and thereafter compared with the total of scored account numbers. Summarizing, even if a device of this type allows for an improved check, it may be concluded that an adequate solution to the described problem is not available for the time being.
For data cards intended to be handled by a terminal device, one method for preventing unauthorized use of the card means that the card holder will have to verify his right by introducing a personal identification code, i.e., a PIN code, via a key set of the terminal equipment. In the terminal, the PIN code introduced in this manner and other information which has been read out from the card are evaluated and if the result of the evaluation is positive, the data card is accepted and the transaction may continue. Handling of the secret codes means a significant administrative problem to the accounting or card issuing organization. To the card holder it means a practical problem to memorize the secret code comprising normally four digits. The last-mentioned problem is aggravated also by the fact that many persons today hold a number of different data or account cards of this type and, consequently, are forced to memorize a corresponding number of different secret codes. This may lead to a situation that a person in this situation, as a support to his memory, writes down the different codes and keeps the note easily available together with his credit cards. Obviously this means a drastic decrease of the security which is aimed at by the personal code.
Within the reasonably near future it may be expected that cards of the last-mentioned type will be useful more generally as a payment means at so-called POS terminals in shops of many different types. This actualizes a further security risk of the system described above according to which a PIN-code is evaluated in a terminal device. People within this field talk about the so-called "wardrobe case". Thereby is understood the situation when a card holder may come into contact with a false terminal at a place of purchase. Then the customer will introduce this PIN-code without any doubts. The PIN-code and the associated account number will be registered by means of an equipment arranged at a different place, that is in the so-called "wardrobe". In this "wardrobe" is also kept equipment for forwarding the transaction correctly. The registered pairs of associated account numbers and PIN-codes may afterwards be used for preparation of false account cards. If these false account cards are used now and then and within an extended geographical area, a significant time may elapse until the forgery is detected. The main reason behind this problem is the fact that the account number information and the PIN-code information are transferred to an evaluation device on signal lines being already or which may be made physically available, allowing thereby detection of the information.
U.S. Pat. No. 4,023,012 proposes a solution which eliminates the problem of administrating the secret code numbers. According to this solution the card holder may by himself select his secret code whtn the card is used for the first time. This code is stored on the card and is later on used for verification when the card is used thereafter. In case a person is a holder of a number of different cards of this type, it may happen that this person selects the one and same secret PIN-code for all of these cards in order to make it easier to memorize the PIN-code. Alternatively, this person may select his PIN-code in accordance with a rule which is simple. e.g., as part of his telephone number or citizen identification number (i.e., social security number). In both of said cases the security is influenced negatively since detection of the secret code is facilitated and this opens for a misuse of a number of different account cards.
From U.S. Pat. No. 3,399,473 is known a data card comprising a number of rotatable and translatable switching means. Said switch means are provided with numeric or alphabetical designations. By the setting of a secret number or a letter combination, which is known to the holder, the switching means are made to close an internal electrical circuit on the data card. When the data card is thereafter used in a terminal device, the so-closed electrical circuit may be used as a verification of the holder's authority. Similar technical solutions are disclosed in U.S. Pat. Nos. 3,504,343; 3,287,839; 3,593,292; 3,713,235; 3,762,081; 3,972,138 and 4,100,689. All of the data cards described in these U.S. patents have in common the drawback that the holder must memorize a part of or a complete secret code. Furthermore, the construction of the cards including mechanically adjustable means will have to be considered as an old state of the technical development.
The object of the invention is to provide a data carrier or data card in which the drawbacks described above have been eliminated and which makes possible a verification of the user by the use of means accommodated on the card without the use of a secret information which must be memorized.