Multilevel security apparatus and method with personal key
First Claim
1. A method for encoding a card assigned by an entity to an individual for use in completing secured transactions with respect to an account number indicated on the card, the method comprising the steps of:
- generating a personal key code assigned to the individual;
forming an encoded combination of the account number and a secret code received from the individual;
forming an encrypted personal key as a logical combination of the personal key code and said encoded combination;
encoding the card with a detectable code representative of said encrypted personal key;
combining in accordance with an irreversible logical encoding combination said encoded combination and the personal key code to produce a personal identification transmission code;
combining in accordance with a second logical encoding combination the personal identification transmission code and account number and an institutional key code associated with the entity to produce a personal identification verification code; and
storing the personal identification verification code for subsequent retrieval.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and apparatus for electronic financial transaction processing systems used by customers of certain credit or electronic banking card-issuing institutions. The present invention involves two levels of secure interaction between the customer and the card-issuing institution. The first level of interaction involves the enrollment of a customer in the institution'"'"'s electronic financial transaction processing system. The customer either selects or is issued a personal identification number and a card encoded with a personal key. The personal key and peronal identification number are used to generate a PIN transmission number and personal vertification number, which is stored in bank records. The second level of interaction involves the authorization of a customer'"'"'s use of the electronic financial transaction processing system for executing an electronic transaction. The customer enters his personal identification number and the system reads his encoded card, both of which are used generate a candidate PIN transmission number. The system, at the remote processing center, generates a candidate personal verification number using the transmitted candidate PIN transmission number and compares the candidate PIN transmission number for parity with a PIN transmission number stored in the institution'"'"'s records.
155 Citations
6 Claims
-
1. A method for encoding a card assigned by an entity to an individual for use in completing secured transactions with respect to an account number indicated on the card, the method comprising the steps of:
-
generating a personal key code assigned to the individual; forming an encoded combination of the account number and a secret code received from the individual; forming an encrypted personal key as a logical combination of the personal key code and said encoded combination; encoding the card with a detectable code representative of said encrypted personal key; combining in accordance with an irreversible logical encoding combination said encoded combination and the personal key code to produce a personal identification transmission code; combining in accordance with a second logical encoding combination the personal identification transmission code and account number and an institutional key code associated with the entity to produce a personal identification verification code; and storing the personal identification verification code for subsequent retrieval.
-
-
2. A method for verifying the authority of an individual to complete a transaction with respect to an account number indicated on a card which is assigned by an entity to the individual, the card having recorded thereupon a detectable code representative of an encrypted personal key and the account number assigned to the individual, and the entity having stored for retrieval a personal identification verification code corresponding to the individual, the method comprising the steps of:
-
sensing the account number and encrypted personal key recorded on the card; generating a personal identification transmission code associated with the transaction by combining in accordance with an irreversible logical encoding combination a secret code received from the individual and the account number and the account number, the secret code received from the individual, sensed from the card assigned to the individual; transmitting the personal identification transmission code and account number to the entity; generating at the entity a personal identification verification code associated with the transaction by combining in accordance with a second logical encoding combination the personal identification transmission code and the account number received at the entity with an institutional key code associated with the entity; comparing the personal identification verification code generated in associated with the transaction with the stored personal identification verification code corresponding to the individual; and generating a transaction authorization signal in response to the stored personal identification verification code comparing favorably with the personal identification verification code generated in association with the transaction. - View Dependent Claims (3)
-
-
4. Apparatus for encoding each of a plurality of cards assigned to individuals by an entity for use in completing secure transactions with respect to account numbers indicated on the cards, the apparatus comprising:
-
means for generating a personal key code assigned to an individual; first logic means for encoding an account number indicated on one card with a secret code received from an individual to form an encoded output; second logic means coupled to receive said encoded output and the generated personal key code for producing therefrom an encrypted personal key; transducer means disposed to receive said encrypted personal key for recording a detectable code representative of said encrypted personal key upon said one card; third logic means for producing a personal identification transmission code as an irreversible logical combination of the encrypted personal key and the personal key code assigned to such individual; fourth logic means for producing a personal identification verification code as a logical combination of an institutional key code associated with the entity and the personal identification transmission code and the accounts number indicated on said one card assigned to the individual by the entity; and
,storage means for storing the personal identification verification code for subsequent retrieval.
-
-
5. Apparatus for verifying the authority of an individual to complete a transaction with respect to an account number indicated on a card which is assigned by an entity to the individual, the card having recorded thereon a detectable code representative of an encrypted personal key and the account number assigned to the individual, and the entity having stored for retrieval a personal identification verification code corresponding to the individual, the apparatus comprising:
-
transducer means for sensing the account number and the encrypted personal key indicated on a card; first logic means for generating a personal identification transmission code for transmission to the entity as an irreversible logical combination of a secret code received from an individual, and the account number, and the encrypted personal key sensed from the card assigned to the individual; second logic means at the entity for generating a personal identification verification code as a logical combination of an institutional key code associated with the entity and the account number, and the personal identification transmission code received at the entity; comparison means for comparing the personal identification verification code generated at the entity with a personal identification verification code associated with the individual and retrieved from storage for producing a signal indicative of favorable comparison thereof. - View Dependent Claims (6)
-
Specification