Method and apparatus for securing credit card transactions

US 5,317,636 A
Filed: 12/09/1992
Issued: 05/31/1994
Est. Priority Date: 12/09/1992
Status: Expired due to Fees

First Claim

Patent Images

1. A credit card apparatus comprising:

a memory means for storing data;

an encryption algorithm stored in said credit card for encrypting data, said algorithm being complementary to a de-encryption algorithm stored in an authorization computer;

a first transaction sequence number stored in said memory means, said transaction sequence number corresponding to a second transaction sequence number stored in the computer;

a display means;

a processing means for processing said encryption algorithm and said first transaction sequence number to produce a verification number, which is visually displayed in said display means, for conveyance to the computer which computes a transaction sequence number using the de-encryption algorithm and which tests the correspondence of the computed transaction sequence number with the second transaction sequence number for determining whether a given credit card transaction is to be authorized; and

said processing means changes said first transaction sequence number, and stores the changed first transaction sequence number in said memory means.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

This disclosure relates to a method and apparatus for improving the security of credit card transactions. It involves a so-called "smart" credit card, which includes a processor, a memory, and a display window. When used, the card produces a verification number, which is based on a transaction sequence number and an encryption algorithm stored in the memory of the card. The verification number produced by the card is read in the display window and transmitted to a verification computer. The computer uses the verification number, together with a de-encryption algorithm, to produce a computed transaction sequence number. If the computed transaction sequence number corresponds to a transaction sequence number stored in the memory of the computer, then the computer will authorize the transaction, otherwise it will not. Both the card and computer change their respective transaction sequence numbers, such as by incrementation, so that different transaction sequence numbers are stored in the respective memories, for the production of a different verification number for the next transaction.

282 Citations

33 Claims

1. A credit card apparatus comprising:
- a memory means for storing data;
  
  an encryption algorithm stored in said credit card for encrypting data, said algorithm being complementary to a de-encryption algorithm stored in an authorization computer;
  
  a first transaction sequence number stored in said memory means, said transaction sequence number corresponding to a second transaction sequence number stored in the computer;
  
  a display means;
  
  a processing means for processing said encryption algorithm and said first transaction sequence number to produce a verification number, which is visually displayed in said display means, for conveyance to the computer which computes a transaction sequence number using the de-encryption algorithm and which tests the correspondence of the computed transaction sequence number with the second transaction sequence number for determining whether a given credit card transaction is to be authorized; and
  
  said processing means changes said first transaction sequence number, and stores the changed first transaction sequence number in said memory means.
- View Dependent Claims (2, 3, 4)
- - 2. The apparatus as in claim 1, further comprising an activation means for activating said processing means to produce a verification number.
  - 3. The apparatus as in claim 2, wherein said activation means includes an activation pad which requires the entry of an identification code in order to activate said processing means to produce the verification number.
  - 4. The apparatus as in claim 1, wherein said encryption algorithm encodes said first transaction sequence number when processed by said processing means.

5. A computer for authorizing a credit card transaction comprising:
- a memory means for storing data;
  
  a de-encryption algorithm stored in said computer for de-encrypting a verification number produced by a credit card using an encryption algorithm;
  
  a first transaction sequence number stored in said memory means, said first transaction sequence number corresponding to a second transaction sequence number stored in a credit card;
  
  a processing means for processing said de-encryption algorithm and the verification number to produce a computed transaction sequence number, said processing means also being for testing the correspondence of the computed said processing means. number with said transaction sequence number to determine whether a given credit card transaction is to be authorized; and
  
  said processing means changes said first transaction sequence number, provided the given credit card transaction is authorized, and stores the changed first transaction sequence number in said memory means.
- View Dependent Claims (6, 7, 8, 9, 10, 11, 12)
- - 6. The computer as in claim 5, wherein said computer authorizes a given credit card transaction on the basis of whether the computed transaction sequence number corresponds to said first transaction sequence number.
  - 7. The computer as in claim 6, wherein said computer determines correspondence on the basis of the computed transaction sequence number falling within a predetermined range of said first transaction sequence number.
  - 8. The computer as in claim 7, wherein said computer resets said first transaction sequence number to be equal to the computed transaction sequence number if, with said computer determining whether a given credit card transaction is to be authorized, the computed transaction sequence number is not equal to said first transaction sequence number, and the computed transaction sequence number falls within said predetermined range.
  - 9. The computer as in claim 6, wherein said computer determines correspondence on the basis of the computed transaction sequence number falling within a predetermined range of said first transaction sequence number, said predetermined range being divided into a first and second portion.
  - 10. The computer as in claim 9, wherein said computer automatically authorizes a transaction if the computed transaction sequence number falls within said first portion of said predetermined range.
  - 11. The computer as in claim 10, wherein said computer invokes an additional authorization sequence if the computed transaction sequence number falls within said second portion of said predetermined range.
  - 12. The computer as in claim 5, wherein said de-encryption algorithm encodes said first transaction sequence number when processed by said processing means.

13. A system for verifying a credit card transaction comprising:
- a credit card including;
  
  a first memory means for storing data;
  
  an encryption algorithm stored in said credit card for encrypting data;
  
  a first transaction sequence number stored in said memory means;
  
  a display means;
  
  a first processing means for processing said encryption algorithm and said first transaction sequence number to produce a verification number for visual display in said display means, said first processing means changes said first transaction sequence number, and stores the changed first transaction sequence number in said first memory means; and
  
  a computer means including;
  
  a second memory means for storing data;
  
  a de-encryption algorithm stored in said computer, said de-encryption algorithm being the complement of said encryption algorithm;
  
  a second transaction sequence number stored in said second memory means; and
  
  a second processing means for processing said de-encryption algorithm and said verification number to produce a computed transaction sequence number, said second processing means also being for testing the correspondence of said computed transaction sequence number with said second transaction sequence number, and said second processing means changes said second transaction sequence number, provided the given credit card transaction is authorized, and stores the changed second transaction sequence number in said second memory means.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
- - 14. The system as in claim 13, wherein said first and second transaction sequence numbers correspond to one another at the time said credit card is issued.
  - 15. The system as in claim 14, wherein said computer authorizes credit card transactions on the basis of whether the computed transaction sequence number corresponds to said second transaction sequence number.
  - 16. The system as in claim 15, wherein said computer determines correspondence on the basis of the computed transaction sequence number falling within a predetermined range of said second transaction sequence number.
  - 17. The system as in claim 16, wherein said predetermined range is divided into a first and second portion, and said computer automatically authorizes a given transaction if the computed transaction sequence number falls within said first portion of said predetermined range, and invokes a separate authorization sequence if the computed transaction sequence number falls within said second portion of said predetermined range.
  - 18. The system as in claim 17, wherein said second transaction sequence number is reset to be equal to the computed transaction sequence number if, with said computer determining whether a given credit card transaction is to be authorized, the computed transaction sequence number is not equal to said second transaction sequence number, and the transaction is authorized.
  - 19. The system as in claim 13, wherein said encryption and de-encryption algorithms encode and decode said first and second transaction sequence numbers when processed by said first and second processing means, respectively.
  - 20. The system as in claim 13, further comprising an activation means for activating said first processing means to produce a verification number.
  - 21. The system as in claim 20, wherein said activation means includes an activation pad on said credit card for the entry of an identification code in order to activate said processing means to produce a verification number.
  - 22. The system as in claim 13, wherein said first processing means further includes a random number generator for producing said first transaction sequence number.
  - 23. The system as in claim 22, wherein said random number generator generates a random number which is stored in said first memory means as the initial said first transaction sequence number, and wherein with said computer determining the authorization of a first transaction relating to said card after said card was issued, said computer automatically resets said second transaction sequence number to be equal to the computed transaction sequence number.
  - 24. The system as in claim 13, wherein said first and second processing means change their respective first and second transaction sequence numbers by incrementation.
  - 25. The system as in claim 24, wherein said first and second transaction sequence numbers are incremented by the same number.

26. A method of authorizing a credit card transaction comprising the steps of:
- requiring the provision of identification information to an authorization computer;
  
  using the identification information to access a file in the computer containing a de-encryption algorithm and a first transaction sequence number, the de-encryption algorithm being complementary to an encryption algorithm stored in a credit card, and the first transaction sequence number corresponding to a second transaction sequence number stored in the credit card;
  
  requiring the provision of a verification number, produced by the credit card using the second transaction sequence number and the encryption algorithm;
  
  processing the verification number with a processing means in the computer to produce a computed transaction sequence number;
  
  testing the correspondence of the computed transaction sequence number to the first transaction sequence number to determine whether a given credit card transaction is authorized; and
  
  changing the first transaction sequence number if the given credit card transaction is authorized.
- View Dependent Claims (27, 28, 29, 30, 31, 32, 33)
- - 27. The method as in claim 26, further comprising the step of:
    - authorizing a given credit card transaction if the computed transaction sequence number corresponds to the first transaction sequence number.
  - 28. The method as in claim 27, wherein during said authorizing step correspondence is determined on the basis of whether the computed transaction sequence number falls within a predetermined range of the first transaction sequence number.
  - 29. The method as in claim 28, wherein the predetermined range is divided into a first and second portion, and the computer automatically authorizes a given credit card transaction provided the computed transaction sequence number falls within the first portion of the predetermined range.
  - 30. The method as in claim 29, wherein the computer invokes a separate authorization sequence provided the computed transaction sequence number falls within the second portion of the predetermined range.
  - 31. The method as in claim 27, further comprising the step of:
    - resetting the first transaction sequence number to be equal to the computed transaction sequence number if, with the computer determining whether a given credit card transaction is to be authorized, the computed transaction sequence number is not equal to the first transaction sequence number, and the transaction is authorized.
  - 32. The method as in claim 26, wherein during said changing step the first transaction sequence number is incremented by a predetermined number.
  - 33. The method as in claim 32, wherein the predetermined number by which said first transaction sequence number is incremented is equal to a number by which the processing means in the credit card increments the second transaction sequence number after the production of the verification number.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
ARRIS Group, Inc. (CommScope Holding Company, Inc.)
Original Assignee
ARRIS Group, Inc. (CommScope Holding Company, Inc.)
Inventors
Vizcaino, Gerardo
Primary Examiner(s)
Cain, David C.

Application Number

US07/988,418
Time in Patent Office

538 Days
Field of Search

380/23, 380/24, 380/25, 380/21, 380/49
US Class Current

705/65
CPC Class Codes

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/367   involving electronic purses...

G06Q 20/385   using an alias or single-us...

G06Q 20/4012   Verifying personal identifi...

G06Q 20/4093   Monitoring of device authen...

G07F 7/1008   Active credit-cards provide...

Method and apparatus for securing credit card transactions

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

282 Citations

33 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for securing credit card transactions

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

282 Citations

33 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links