This invention relates to the field of point of sale terminals and, in particular, to a system for the secure execution of credit based point of sale purchases that reduces the likelihood of fraudulent transactions.
It is a problem in the field of credit card services to ensure that only the authorized user of a credit card can charge purchases to the account represented by the credit card. In the present credit card environment, the card is embossed with the name of the user, the account number, credit card expiration date, as well as an identification of the type of credit card service and the issuing financial institution. Furthermore, the credit card typically includes the customers signature on the back of the card. Thus, the credit card is self defining on its face, which enables an unauthorized individual to obtain sufficient information about the credit card customer and the credit card account to make fraudulent purchases using the credit card.
This problem is partially addressed in the point of sale terminal environment by the fact that existing credit cards include a signature line on the card to provide additional security by validating the identity of the user via the xe2x80x9cuniquexe2x80x9d signature. However, the replication of a signature is a relatively simple task and the security provided by the inclusion of a signature on the credit card is easily thwarted. A further attempt to reduce the losses occasioned by the fraudulent use of credit cards is the use by some credit cards of a photograph of the user incorporated on the credit card, which provides a significant improvement in the security provided by the credit card for face to face point of sale purchases, but is ineffective in telephone transactions and can be thwarted by the forgery of the photograph. Thus, the vast majority of credit cards are susceptible of theft and misuse without there being any truly effective security measures that can avoid this problem. In the point of sale environment particularly, the solution to this problem must be inexpensive yet effective to be commercially viable.
The above described problems are solved and a technical advance achieved in the field by the present system for the secure execution of credit based point of sale purchases. This system uses a credit car that is devoid of any human readable customer account information. The credit card may include some card identification information on its face so the customer can identify the card, but the typical customer account information is absent from the face of the card. This credit card encodes all the relevant account information on machine readable media built into the credit card, so the face of the credit card contains no information that would assist an unauthorized user in making fraudulent purchases using the credit card. This encoded information can be encrypted or protected in some manner to prevent its retrieval by an unauthorized user.
In addition, the present system for the secure execution of credit based point of sale purchases makes use of a point of sale terminal to execute the transaction. In the transaction, the point of sale terminal scans the credit card to obtain the account information encoded therein. The encoded data may require the user to input a personal identification number PIN to proceed to the next step of the charge process. The PIN number can be used as the cryptokey if the account information is encrypted on the card, or may simply represent a first level of user authentication. In either case, the account information and user authentication information is transmitted to a remotely located credit authorizing agency via telephone lines. Neither the credit card account number nor the type of card (VISA, MASTERCARD), nor the PIN number is displayed to the clerk on the point of sale terminal. If the credit card number and PIN number transmitted to the remotely located credit authorizing agency match the customer data stored at the remotely located credit authorizing agency, the point of sale terminal displays a copy of the user""s signature (or photograph) for comparison by the clerk with the user""s written authorization of the purchase (and/or physical appearance).