Transaction system comprising one or more host exchanges and a number of distributed terminal stations

US 4,962,531 A
Filed: 08/26/1988
Issued: 10/09/1990
Est. Priority Date: 08/28/1987
Status: Expired due to Term

First Claim

Patent Images

1. A transaction system comprising:

(a) at least one host exchange;

(b) a network;

(c) a plurality of concentrators, coupled with the at least one host exchange via the network, each concentrator comprising;

(i) protocol means for executing protocolled data transports with at least one host exchange; and

(ii) cryptography means for performing cryptographic operations on and exchanging;

(A) user transaction requests; and

(B) request response information;

with said at least one host exchange;

(d) a first number of distributed terminal stations, respective subsets of the plurality of terminal stations each being associated with a respective one of the concentrators, each terminal station comprising(i) a respective first presentation location for receiving a portable user identification element; and

(ii) respective bidirectional communication elements for(A) receiving a respective user transaction request from a user, subject to receipt and verification of the user identification element,(B) transmitting the respective transaction request to the respective one of the concentrators,(C) receiving respective request response information from the respective one of the concentrators, and(D) transmitting the respective request response information to the user; and

(e) at least one second presentation location, associated with at least one respective terminal station but physically separate from the respective at least one first presentation location, for receiving a portable operator identification element containing data processing elements and key information for a so-called public algorithm, so that the at least one terminal station uses the data processing elements and the key information for(i) performing encryption operations with respect to the respective user transaction request prior to transmitting the respective user transaction request; and

(ii) performing decryption operations with respect to the respective request response information after receiving the respective request response information.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A transaction system comprises terminal stations which can communicate with a host exchange. In order to improve the communication, concentrators are arranged between the host exchange and the terminal stations. Given functions can be accommodated within the concentrators so that they need not be provided in the terminal station. The concentrators as well as the terminal stations are provided with a security box in order to realize encryption/decryption of the data transport; for the terminal station this box is preferably realized in the form of a smart card which acts as an operator identification element. A customer can identify himself by means of a user identification element, for example a magstripe card or a further smart card. The encryption mechanism is preferably DES.

Citations

17 Claims

1. A transaction system comprising:
- (a) at least one host exchange;
  
  (b) a network;
  
  (c) a plurality of concentrators, coupled with the at least one host exchange via the network, each concentrator comprising;
  
  (i) protocol means for executing protocolled data transports with at least one host exchange; and
  
  (ii) cryptography means for performing cryptographic operations on and exchanging;
  
  (A) user transaction requests; and
  
  (B) request response information;
  
  with said at least one host exchange;
  
  (d) a first number of distributed terminal stations, respective subsets of the plurality of terminal stations each being associated with a respective one of the concentrators, each terminal station comprising(i) a respective first presentation location for receiving a portable user identification element; and
  
  (ii) respective bidirectional communication elements for(A) receiving a respective user transaction request from a user, subject to receipt and verification of the user identification element,(B) transmitting the respective transaction request to the respective one of the concentrators,(C) receiving respective request response information from the respective one of the concentrators, and(D) transmitting the respective request response information to the user; and
  
  (e) at least one second presentation location, associated with at least one respective terminal station but physically separate from the respective at least one first presentation location, for receiving a portable operator identification element containing data processing elements and key information for a so-called public algorithm, so that the at least one terminal station uses the data processing elements and the key information for(i) performing encryption operations with respect to the respective user transaction request prior to transmitting the respective user transaction request; and
  
  (ii) performing decryption operations with respect to the respective request response information after receiving the respective request response information.
- View Dependent Claims (2, 3, 16, 17)
- - 2. A transaction system as claimed in claim 1, characterized in that there is provided a bookkeeping mechanism for the bookkeeping, under the control of individualized data present in the operator identification element, of transactions coupled thereto.
  - 3. The system of claim 1 wherein said second presentation location is part of at least one of the distributed terminal stations, and said second presentation location is physically apart from said first presentation location within the at least one terminal station which includes said second presentation location.
  - 16. The apparatus of claim 1, 4, 9, or 15 wherein(a) said encryption operations comprise completely encrypting;
    - and(b) said decryption operations comprise completely decrypting.
  - 17. The apparatus of claim 1, 4, 9, or 15 wherein the terminal station uses the operator identification element as a security box.

4. A transaction system, comprising:
- (a) at least one host exchange;
  
  (b) a network;
  
  (c) a plurality of concentrators, coupled with said at least one host exchange via the network, each concentrator having(i) respective protocol means for executing protocolled data transports with the at least one host exchange, and(ii) respective cryptography means for performing cryptographic operations and for exchanging(A) user transaction requests, and(B) request response information with the at least one host exchange,(d) a plurality of distributed terminal stations, respective subsets of the plurality of terminal stations each being associated with a respective one of the concentrators, at least one of the terminal stations comprising(i) a respective first presentation location for receiving a portable user identification element,(ii) respective bidirectional communication elements for(A) receiving a respective user transaction request from a user, subject to receipt and verification of the user identification element,(B) transmitting the respective user transaction request to the respective one of the concentrators,(C) receiving respective request response information from the respective one of the concentrators, and(D) transmitting the respective request response information to the user; and
  
  (iii) a respective second presentation location, physically apart from said respective first presentation location, for receiving a portable operator identification element containing data processing elements and key information for a so-called public algorithm, so that the terminal station uses the data processing elements and the key information for;
  
  (A) performing encryption operations with respect to the respective user transaction request prior to transmitting the respective user transaction request; and
  
  (B) performing decryption operations with respect to the respective request response information after receiving the respective request response information.
- View Dependent Claims (5, 6)
- - 5. The system of claim 4 further comprising means for tracking transactions, under control of individualized data present in the operator identification element.
  - 6. The system of claim 4 further comprising a third presentation location, for receiving a second operator identification element, said third presentation location being disposed at a higher level than said second presentation location, said system outputting comparatively general information under control of said second operator identification element, and outputting comparatively specific information under control of said first operator identification element, said general information including said specific information.

7. A concentrator for use in a transaction system, the concentrator comprising:
- a first connection for coupling with one of a plurality of host exchanges via a network;
  
  a second connection for coupling with a plurality of terminal stations;
  
  protocol means for executing protocolled data transports with at least one of the host exchanges;
  
  cryptography means for exchanging user transaction requests and request granting information with said at least one host exchange under execution of cryptographic operations on said data; and
  
  means for connecting a local security box in order to execute a public key algorithm therein for at least partial encryption/decryption as part of a verification procedure for respective operator identification information and respective user information presented to respective ones of the terminal stations, after the latter information has been encrypted in the one terminal station,so that absent the respective operator information, the concentrator does not accept user requests from the terminal stations.
- View Dependent Claims (8)
- - 8. The concentrator of claim 7 wherein the connecting means comprises a presentation location, for receiving a portable master operator identification element in order to execute data processing operations for communication with an associated host by encryption/decryption, using data processing elements present in the master identification element, on the basis of a key information for a so-called public algorithm present in the operator identification element.

9. A terminal station for use in a transaction system, the terminal station comprising:
- (a) a first presentation location for receiving a portable user identification element;
  
  (b) bidirectional communication elements for(i) receiving a user transaction request from a user, subject to receipt and verification of the user identification element,(ii) transmitting the user transaction request to a host exchange or a concentrator,(iii) receiving request response information from the host exchange or concentrator, and(iv) transmitting the request response information to the user; and
  
  (c) a second presentation location, physically apart from said first presentation location, for receiving a portable operator identification element containing data processing elements and key information for a so-called public algorithm, so that the terminal station uses the data processing elements and the key information for(i) performing encryption operations with respect to the user transaction request prior to transmitting the user transaction request; and
  
  (ii) performing decryption operations with respect to the request response information after receiving the request response information.
- View Dependent Claims (10)
- - 10. The terminal station of claim 9 further comprising means for deactivating the terminal station when said operator identification element is removed.

11. A portable operator identification element comprising:
- (a) data processing means for executing encryption/decryption operations according to a public algorithm;
  
  (b) means for protective storage of a relevant key; and
  
  (c) communication means for bidirectional communication with one of an element of a transaction system, so that the operator identification element is suitable for acting as a security box for the element of the transaction system.
- View Dependent Claims (12, 13, 14)
- - 12. The operator identification element of claim 11, wherein:
    - (a) the operator identification element is a smart card; and
      
      (b) the data processing means and the protective storage means are accommodated in a single integrated circuit.
  - 13. The operator identification element of claim 11 wherein the element of the transaction system is a terminal station.
  - 14. The operator identification element of claim 11 wherein the element of the transaction system is a concentrator.

15. A transaction system, comprising:
- (a) at least one host exchange;
  
  (b) a network; and
  
  (c) a first number of distributed terminal stations, at least one of the terminal stations comprising(i) a first presentation location for receiving a portable user identification element,(ii) bidirectional communication elements for;
  
  (A) receiving a user transaction request from a user, subject to receipt and verification of the user identification element,(B) transmitting the user transaction request to the host exchange via the network,(C) receiving request response information from the host exchange via the network, and(D) transmitting the request response information to the user; and
  
  (iii) a second presentation location, physically apart from said first presentation location, for receiving a portable operator identification element containing data processing elements and key information for a so-called public algorithm, so that the terminal station uses the data processing elements and the key information for(A) performing encryption operations with respect to the user transaction request prior to transmitting the user transaction request; and
  
  (B) performing decryption operations with respect to the request response information after receiving the request response information.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
US Philips Corporation (Koninklijke Philips N.V.)
Original Assignee
US Philips Corporation (Koninklijke Philips N.V.)
Inventors
Sipman, Wilhelmus H. M., Snel, Lambertus
Primary Examiner(s)
Tarcza, Thomas H.
Assistant Examiner(s)
CAIN, DAVID C

Application Number

US07/237,342
Time in Patent Office

774 Days
Field of Search

380/24, 380/25, 380/23, 380/30
US Class Current

705/65
CPC Class Codes

G06Q 20/229   Hierarchy of users of accounts

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/367   involving electronic purses...

G06Q 20/3674   involving authentication

G06Q 20/401   Transaction verification

G06Q 20/40975   using encryption therefor

G07F 7/08   by coded identity card or c...

G07F 7/1008   Active credit-cards provide...

G07F 7/12   Card verification

G07F 7/122   Online card verification

Transaction system comprising one or more host exchanges and a number of distributed terminal stations

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Transaction system comprising one or more host exchanges and a number of distributed terminal stations

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links