SECURITY ASPECTS OF A SELF-AUTHENTICATING CREDIT CARD

1. A self-authenticating credit card having a locked state in which stored account data remains in an encrypted form and an unlocked state in which stored account data is decrypted into a clear form, comprising:

• an input device for entering a PIN;
  
  a micro-controller having a timer for terminating an unlocked state, a non-volatile memory for storing encrypted account data and for storing a known reference string, and an encryption/decryption engine for encrypting/decrypting account information;
  
  said micro-controller being responsive to entry of a correct PIN to create an unlocked state by comparing said known reference string with an identical string in the decrypted stored data;
  
  an RF transponder for transmitting decrypted account information in clear form to a transaction terminal;
  
  a graphic display for showing an account holder image from decrypted data when the unlocked state exists;
  
  said micro-controller providing the entered PIN to said encryption/decryption engine as an encryption key for decrypting the encrypted account data so that the unlocked state exists, said micro-controller using the decrypted data to write the account holder image to the display; and
  
  said micro-controller controlling transmission of the decrypted account data to a transaction terminal when the unlocked state exists; and
  
  said micro-controller using said timer at the beginning of the unlocked state to determine when a predetermined expiration time has occurred and, at said predetermined expiration time, said micro-controller clearing all decrypted account data and clearing said graphic display; and
  
  at said predetermined expiration time, said micro-controller terminates the unlocked state and enters the locked state.