Method and apparatus of secure credit card transaction

US 20020153424A1
Filed: 04/19/2001
Published: 10/24/2002
Est. Priority Date: 04/19/2001
Status: Abandoned Application

First Claim

Patent Images

1. An electronic card being made of a substantially rigid material, having a substantially flat surface and a dimension substantially similar to that of a conventional credit card, the electronic card being capable of securing an authorized financial transaction and a personal online account access by a user, comprising:

a. a micro controller unit for verifying a pre-assigned user input information, the micro controller unit comprising;

i. a central processor unit, ii. a memory being capable of storing the pre-assigned user input information, and iii. a clock timer to generate a date and time by a micro-code;

b. a membrane keypad having a plurality of digits, the membrane keypad being mounted on the surface of the electronic card, for entering the pre-assigned user input information;

c. a magnetic strip simulator designed to;

i. emulate a magnetic flux to be generated while the electronic card passes through a read head on a read device;

ii. emulate a traditional credit card transaction data;

iii. generate a dynamic digital certificate code to the transaction data;

iv. transmit the transaction data to the read device; and

d. a battery embedded within the electronic card; and

e. a liquid crystal display panel located on the flat surface for displaying the certificate code.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

This invention relates to the method and apparatus for conducting secure credit card transaction and providing personal identification on the Internet. It is specifically characterized by a plastic body in regular credit card dimension implanted with a complete microcomputer system and an associated authentication server, implementing dynamic digital certificate authentication technology in order to prevent personal privacy from being breached in e-commerce transactions.

458 Citations

21 Claims

1. An electronic card being made of a substantially rigid material, having a substantially flat surface and a dimension substantially similar to that of a conventional credit card, the electronic card being capable of securing an authorized financial transaction and a personal online account access by a user, comprising:
- a. a micro controller unit for verifying a pre-assigned user input information, the micro controller unit comprising;
  
  i. a central processor unit, ii. a memory being capable of storing the pre-assigned user input information, and iii. a clock timer to generate a date and time by a micro-code;
  
  b. a membrane keypad having a plurality of digits, the membrane keypad being mounted on the surface of the electronic card, for entering the pre-assigned user input information;
  
  c. a magnetic strip simulator designed to;
  
  i. emulate a magnetic flux to be generated while the electronic card passes through a read head on a read device;
  
  ii. emulate a traditional credit card transaction data;
  
  iii. generate a dynamic digital certificate code to the transaction data;
  
  iv. transmit the transaction data to the read device; and
  
  d. a battery embedded within the electronic card; and
  
  e. a liquid crystal display panel located on the flat surface for displaying the certificate code.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 14, 15, 16, 17, 18, 19, 20, 21)
- - 2. The electronic card of claim 1, wherein the magnetic strip simulator further comprises a conductive winding to simulate a track.
  - 3. The electronic card of claim 2, wherein the track is Track I magnetic strip in ISO7811 format.
  - 4. The electronic card of claim 2, wherein the track is Track II magnetic strip in ISO7811 format.
  - 5. The electronic card of claim 2, wherein the track is Track III magnetic strip in ISO7811 format.
  - 6. The electronic card of claim 1 further comprising a cryptographic algorithm stored in the memory for generating the dynamic digital certificate code prior to transmitting the transaction data.
  - 7. The electronic card of claim 6, wherein the dynamic digital certificate code is calculated based on the cryptographic algorithm containing the following variables:
    - a. a credit card account number of the user, b. an expiration date of the user'"'"'s credit card, c. a card issuing date in Greenwich Mean Time (GMT), d. a card issuing time in GMT, e. an instant transaction date in GMT, and f. an instant transaction time in GMT.
  - 8. The electronic card of claim 1 further comprising two micro switches for triggering the micro controller unit to obtain a transaction date and a transaction time as input variables to the cryptographic algorithm at an instant transaction moment, and for starting the magnetic flux emulation of the transaction data on the simulator.
  - 9. The electronic card of claim 1, wherein the membrane keypad has ten digits.
  - 10. The electronic card of claim 1, wherein the pre-assigned user input information is a personal identification number consisting of a plurality of numerals.
  - 11. The electronic card of claim 1, further comprising an integrated fingerprint sensor on the surface of the electronic card for authenticating the user, wherein the pre-stored user'"'"'s fingerprint template is verified by the micro controller unit through implementation of a digital signal processing of a fingerprint data of the user, the fingerprint data being obtained by the integrated fingerprint sensor when the user presses one of his fingers on the integrated fingerprint sensor.
  - 12. The electronic card of claim 1, which is capable of functioning as a major brand credit card.
  - 14. The method of claim 13, wherein the electronic card in the providing step is made of a substantially rigid material, has a substantially flat surface, and has a dimension substantially similar to that of a conventional credit card, the electronic card further comprises:
    - a. a user input information receiving device on the surface of the electronic card;
      
      b. a magnetic strip simulator designed to;
      
      i. emulate a magnetic flux to be generated while the electronic card passes through a read head on a read device;
      
      ii. emulate a traditional credit card transaction data;
      
      iii. generate a dynamic digital certificate code to the transaction data; and
      
      iv. transmit the transaction data to a read device; and
      
      c. a battery embedded within the electronic card; and
      
      d. a liquid crystal display panel located on the surface of the electronic card for displaying the dynamic digital certificate code, and e. wherein the micro controller unit further comprises;
      
      i. a central processor unit, ii. a memory, and iii. a clock timer to generate a date and time by a micro-code.
  - 15. The method of claim 14, wherein the user input information receiving device is a membrane keypad having a plurality of digits, wherein the pre-assigned user input information is a personal identification number consisting of a plurality of numerals.
  - 16. The method of claim 14, wherein the user input information receiving device is an integrated fingerprint sensor on the surface of the electronic card for authenticating the user, wherein the pre-stored user'"'"'s fingerprint template is verified by the micro controller unit through implementation of a digital signal processing of a fingerprint data of the user, the fingerprint data being obtained by the integrated fingerprint sensor when the user presses one of his fingers on the integrated fingerprint sensor.
  - 17. The method of claim 13, wherein the dynamic digital certificate code is calculated based on the cryptographic algorithm containing the following variables:
    - a. a credit card account number of the user, b. an expiration date of the user'"'"'s credit card, c. a card issuing date in Greenwich Mean Time (GMT), d. a card issuing time in GMT, e. an instant transaction date in GMT, and f. an instant transaction time in GMT.
  - 18. The method of claim 13, wherein the dynamic confirmation code is calculated based on the cryptographic algorithm containing the following variables:
    - a. a credit card account number of the user, b. an expiration date of the user'"'"'s credit card, c. a card issuing date in Greenwich Mean Time (GMT), d. a card issuing time in GMT, e. an instant transaction date in GMT, and f. an instant transaction time in GMT.
  - 19. The method of claim 13, wherein the electronic card in the providing step a. further performing a symmetric encryption algorithm, and wherein the authentication server in the providing step b. further performing another symmetric encryption algorithm.
  - 20. The method of claim 13, wherein the transmitting step further comprises an error compensation, whereby each time a transaction is being processed by the method, the authentication server checks a difference between a transaction time transmitted by the micro controller unit and another transaction time measured by the transaction server, and the transaction request is transmitted to the transaction processor when the difference in two transaction times deviate within the preset tolerance, and when the difference exists, the server records the difference and deducts such difference at the next authentication processing from the transaction time transmitted by the micro controller unit.
  - 21. The method of claim 14 further comprising a step of displaying a transaction data necessary to perform the secured transaction on the liquid crystal display panel.

13. A method of conducting a secured transaction using an electronic card, said method comprising the steps of:
- a. providing the electronic card having a micro controller unit being capable of storing a pre-assigned user input information and producing a dynamic digital certificate code;
  
  b. inputting by a user of the pre-assigned user input information for verification by the micro controller unit;
  
  c. verifying by the micro controller unit of the pre-assigned user input information;
  
  d. producing of the dynamic digital certificate code by the micro controller unit only when the pre-assigned user input information agrees with the pre-assigned user input information stored in the micro controller unit;
  
  e. providing a transaction processor being capable of transmitting and receiving back a transaction request;
  
  f. providing an authentication server being capable of receiving and transmitting the transaction request, the authentication server being capable of producing a dynamic confirmation code and comparing the dynamic digital certificate code and the dynamic confirmation code;
  
  g. producing by the authentication server of the dynamic confirmation code upon receiving the transaction request from the transaction server;
  
  h. comparing by the authentication server of the dynamic digital certificate code and the dynamic confirmation code; and
  
  i. transmitting by the authentication server of the transaction request back to the transaction processor only when the dynamic digital certificate code agrees with the dynamic confirmation code.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Chuan Li
Original Assignee
Chuan Li
Inventors
Li, Chuan

Application Number

US09/838,954
Publication Number

US 20020153424A1
Time in Patent Office

Days
Field of Search
US Class Current

235/492
CPC Class Codes

G06K 19/06206   the magnetic marking being ...

G06K 19/0702   the arrangement including a...

G06K 19/0723   the record carrier comprisi...

G06K 19/07703   the interface being visual

Method and apparatus of secure credit card transaction

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

458 Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus of secure credit card transaction

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

458 Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links