Personal identification system

US 4,214,230 A
Filed: 01/19/1978
Issued: 07/22/1980
Est. Priority Date: 01/19/1978
Status: Expired due to Term

First Claim

Patent Images

1. For use in a system for providing transaction security to a cardholder'"'"'s account in a commercial institution, wherein the cardholder has a secret identification number, and the institution has a secret number, the combination comprising:

means having a data input, a data output and a key input, for enciphering clear data applied at said data input under control of a key comprised of key bits applied at said key input, in accordance with an enciphering process;

means for applying a customer account number to the data input of said enciphering means; and

,means for applying at the key input the combination of said customer'"'"'s secret number and said institution'"'"'s secret number,whereby a first cipher is generated at the output of said enciphering means.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and apparatus for verifying that the bearer of a card (e.g., credit card, bank card, etc.) is authorized to use the card. The card bears machine-readable indicia of an account number (PAN) and the bearer of the card has memorized a personal identification number (PIN). There is associated with the PAN a check number (PCN) which is derived by (1) generating a first cipher Y1 by encrypting the PAN using the PIN in combination with a secret security number as a key, the bits of which address a data encryption process; (2) generating a second cipher by decrypting the first cipher using the secret security number as a key so that the decryption process is the reverse of the encryption process; and (3) storing the second cipher as the check number PCN in a machine-accessible location, which may be in a separate memory or recorded on the card itself.

Verification is accomplished by (a) sensing the PAN from the machine-readable indicia on the card; (b) enciphering the PAN with respect to the data encryption process under control of a key which is a combination (such as by addition) of the PIN and the secret security number to thereby produce a third cipher; (c) sensing the PCN from the machine-accessible location; (d) enciphering the PCN with respect to the data encryption process under control of a key which is the secret security number to thereby produce a fourth cipher; and (e) accepting the card as valid provided the third and fourth ciphers bear a predetermined relationship to each other, such as equality.

Citations

11 Claims

1. For use in a system for providing transaction security to a cardholder'"'"'s account in a commercial institution, wherein the cardholder has a secret identification number, and the institution has a secret number, the combination comprising:
- means having a data input, a data output and a key input, for enciphering clear data applied at said data input under control of a key comprised of key bits applied at said key input, in accordance with an enciphering process;
  
  means for applying a customer account number to the data input of said enciphering means; and
  
  ,means for applying at the key input the combination of said customer'"'"'s secret number and said institution'"'"'s secret number,whereby a first cipher is generated at the output of said enciphering means.
- View Dependent Claims (2, 3)
- - 2. The combination in accordance with claim 1 further comprising:
    - means having a data input, a data output, and a key input for deciphering ciphered data using an altered key so that the deciphering process is the reverse of said enciphering process;
      
      first means for applying said first cipher to said data input of said deciphering means; and
      
      ,second means for applying at said key input of said deciphering means said institution'"'"'s secret number, altered so that the deciphering process is the reverse of said enciphering process,whereby a customer check number is generated at the output of said deciphering means.
  - 3. The combination in accordance with claim 2 wherein said first means includes means for transforming said first cipher into a second cipher bearing a predetermined relationship to said first cipher.

4. Apparatus for verifying the authenticity of a customer possessed of a secret identification number, machine-readable indicia of an account number and a customer check number bearing an encrypted relationship to said identification number, said encrypted relationship being further the function of a secret bank number, comprising:
- means having a data input, a data output, and a key input, for enciphering clear data applied at said data input, under control of a key applied at said key input, in accordance with an enciphering process;
  
  means for applying said customer'"'"'s account number to said data input;
  
  means for applying at said key input the combination of the secret identification number and said secret bank number,whereby a first cipher Y1 is obtained at said data output;
  
  means for applying said customer check number to said data input;
  
  means for applying at said key input said secret bank number, whereby a second cipher Y2 is obtained at said data output; and
  
  ,means for comparing said first and second ciphers, whereby verification depends upon said ciphers bearing said predetermined relationship to each other.

5. For use with a card bearing machine-readable indicia of an account number (PAN) and wherein an authorized user of said card has memorized a personal identification number (PIN), and wherein there is associated with said PAN a check number (PCN) which is derived by (1) generating a first cipher Y1 by encrypting said PAN using said PIN in combination with a first secret security number as a key, the bits of which address a data encryption process;
- and (2) generating a check number (PCN) by decrypting said first cipher using a second secret security number as a key so that the decryption process is the reverse of said data encryption process; and
  
  (3) storing said check number (PCN) in a machine-accessible location, the method of verifying that the bearer of said card is authorized to use said card comprising the steps of;
  
  (a) Sensing said PAN from said machine-readable indicia on said card;
  
  (b) Enciphering said PAN with respect to said data encryption process under control of the key which is a combination of said PIN and said first secret security number to thereby produce a third cipher;
  
  (c) Sensing said PCN from said machine-accessible location;
  
  (d) Enciphering said PCN with respect to said data encryption process under control of said key which is said second secret security number to thereby produce a fourth cipher;
  
  (e) Comparing said third and fourth ciphers; and
  
  ,(f) Accepting said card as valid providing said third and fourth ciphers compare favorably with each other.
- View Dependent Claims (6, 7, 8, 9, 10, 11)
- - 6. The method in accordance with claim 5 comprising the further step, following step (a), of entering said PIN via a customer keyboard.
  - 7. The method in accordance with claim 5 wherein said first cipher Y1 is transformed in accordance with a predetermined relationship into a second cipher Y2, said second cipher being used in place of said first cipher to generate said PCN, and wherein in step (f) said card is accepted as valid providing said third and fourth ciphers bear said predetermined relationship to each other.
  - 8. The method in accordance with claim 5 wherein said first and second secret security numbers are identical.
  - 9. The method in accordance with claim 5 wherein said first secret security number is a combination of a teller authorization number (TAN) and a bank control number (TCN) and said second secret security number is a combination of a teller identification number (TIN), said teller authorization number (TAN) and said bank control number (TCN).
  - 10. The method in accordance with claim 5 where said machine-accessible location for storing said PCN is a random access memory.
  - 11. The method in accordance with claim 5 wherein said machine-accessible location for storing said PCN is on said card.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
ICL Systems AB (Fujitsu Limited)
Original Assignee
Datasaab AB
Inventors
Blom, Rolf, Forchheimer, Robert, Hellberg, Bjorn I., Ingemarsson, Ingemar B., Fak, Viiveke
Primary Examiner(s)
Yusko, Donald J.

Application Number

US05/870,818
Time in Patent Office

915 Days
Field of Search

340/149 A, 340/146.2, 235/380, 235/381, 235/382, 235/379
US Class Current

235/380
CPC Class Codes

G06Q 20/4012   Verifying personal identifi...

G06Q 20/4014   Identity check for transact...

G06Q 40/02   Banking, e.g. interest calc...

G07F 7/10   together with a coded signa...

G07F 7/105   Only a part of the PIN is r...

G07F 7/1066   PIN data being compared to ...

G07F 7/1075   PIN is checked remotely

G07F 7/127   in which both online and of...

Personal identification system

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

Citations

11 Claims

Specification

Solutions

Use Cases

Quick Links

Personal identification system

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

11 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links