Method and apparatus for securing credit card transactions
First Claim
1. A credit card apparatus comprising:
- a memory means for storing data;
an encryption algorithm stored in said credit card for encrypting data, said algorithm being complementary to a de-encryption algorithm stored in an authorization computer;
a first transaction sequence number stored in said memory means, said transaction sequence number corresponding to a second transaction sequence number stored in the computer;
a display means;
a processing means for processing said encryption algorithm and said first transaction sequence number to produce a verification number, which is visually displayed in said display means, for conveyance to the computer which computes a transaction sequence number using the de-encryption algorithm and which tests the correspondence of the computed transaction sequence number with the second transaction sequence number for determining whether a given credit card transaction is to be authorized; and
said processing means changes said first transaction sequence number, and stores the changed first transaction sequence number in said memory means.
1 Assignment
0 Petitions
Accused Products
Abstract
This disclosure relates to a method and apparatus for improving the security of credit card transactions. It involves a so-called "smart" credit card, which includes a processor, a memory, and a display window. When used, the card produces a verification number, which is based on a transaction sequence number and an encryption algorithm stored in the memory of the card. The verification number produced by the card is read in the display window and transmitted to a verification computer. The computer uses the verification number, together with a de-encryption algorithm, to produce a computed transaction sequence number. If the computed transaction sequence number corresponds to a transaction sequence number stored in the memory of the computer, then the computer will authorize the transaction, otherwise it will not. Both the card and computer change their respective transaction sequence numbers, such as by incrementation, so that different transaction sequence numbers are stored in the respective memories, for the production of a different verification number for the next transaction.
282 Citations
33 Claims
-
1. A credit card apparatus comprising:
-
a memory means for storing data; an encryption algorithm stored in said credit card for encrypting data, said algorithm being complementary to a de-encryption algorithm stored in an authorization computer; a first transaction sequence number stored in said memory means, said transaction sequence number corresponding to a second transaction sequence number stored in the computer; a display means; a processing means for processing said encryption algorithm and said first transaction sequence number to produce a verification number, which is visually displayed in said display means, for conveyance to the computer which computes a transaction sequence number using the de-encryption algorithm and which tests the correspondence of the computed transaction sequence number with the second transaction sequence number for determining whether a given credit card transaction is to be authorized; and said processing means changes said first transaction sequence number, and stores the changed first transaction sequence number in said memory means. - View Dependent Claims (2, 3, 4)
-
-
5. A computer for authorizing a credit card transaction comprising:
-
a memory means for storing data; a de-encryption algorithm stored in said computer for de-encrypting a verification number produced by a credit card using an encryption algorithm; a first transaction sequence number stored in said memory means, said first transaction sequence number corresponding to a second transaction sequence number stored in a credit card; a processing means for processing said de-encryption algorithm and the verification number to produce a computed transaction sequence number, said processing means also being for testing the correspondence of the computed said processing means. number with said transaction sequence number to determine whether a given credit card transaction is to be authorized; and said processing means changes said first transaction sequence number, provided the given credit card transaction is authorized, and stores the changed first transaction sequence number in said memory means. - View Dependent Claims (6, 7, 8, 9, 10, 11, 12)
-
-
13. A system for verifying a credit card transaction comprising:
-
a credit card including; a first memory means for storing data; an encryption algorithm stored in said credit card for encrypting data; a first transaction sequence number stored in said memory means; a display means; a first processing means for processing said encryption algorithm and said first transaction sequence number to produce a verification number for visual display in said display means, said first processing means changes said first transaction sequence number, and stores the changed first transaction sequence number in said first memory means; and a computer means including; a second memory means for storing data; a de-encryption algorithm stored in said computer, said de-encryption algorithm being the complement of said encryption algorithm; a second transaction sequence number stored in said second memory means; and a second processing means for processing said de-encryption algorithm and said verification number to produce a computed transaction sequence number, said second processing means also being for testing the correspondence of said computed transaction sequence number with said second transaction sequence number, and said second processing means changes said second transaction sequence number, provided the given credit card transaction is authorized, and stores the changed second transaction sequence number in said second memory means. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
-
-
26. A method of authorizing a credit card transaction comprising the steps of:
-
requiring the provision of identification information to an authorization computer; using the identification information to access a file in the computer containing a de-encryption algorithm and a first transaction sequence number, the de-encryption algorithm being complementary to an encryption algorithm stored in a credit card, and the first transaction sequence number corresponding to a second transaction sequence number stored in the credit card; requiring the provision of a verification number, produced by the credit card using the second transaction sequence number and the encryption algorithm; processing the verification number with a processing means in the computer to produce a computed transaction sequence number; testing the correspondence of the computed transaction sequence number to the first transaction sequence number to determine whether a given credit card transaction is authorized; and changing the first transaction sequence number if the given credit card transaction is authorized. - View Dependent Claims (27, 28, 29, 30, 31, 32, 33)
-
Specification