Portable information and transaction processing system and method utilizing biometric authorization and digital certificate security
First Claim
1. A portable information and transaction processing device, comprising:
- a central processing unit;
a memory device, operatively coupled to said central processing unit, for storing transaction information comprising one of financial information, personal information, and a combination thereof;
communication means for establishing a communication link with a central server of a service provider, disposed at a remote location, to download a temporary digital certificate issued by said service provider;
a user interface, operatively coupled to said central processing unit, for selecting at least a portion of said transaction information;
a card reader;
a universal card having a unique card number designated to a subscribing user of said service provider, wherein the universal card is inserted into said card reader to receive said selected portion of said transaction information; and
programming means, executable by said central processing unit, for determining if said temporary digital certificate is valid, for writing said selected portion of said transaction information to said universal card if said temporary digital certificate is deemed valid, and for preventing said selected portion of said transaction information from being written to said universal card when said temporary digital certificate is deemed invalid.
2 Assignments
0 Petitions
Accused Products
Abstract
The present invention is a portable client PDA with a touch screen or other equivalent user interface and having a microphone and local central processing unit (CPU) for processing voice commands and for processing biometric data to provide user verification. The PDA also includes a memory for storing financial and personal information of the user and I/O capability for reading and writing information to various cards such as smartcards, magnetic cards, optical cards or EAROM cards. The PDA includes a Universal Card, which is common generic smartcard with a unique imprint provided by a service provider, on which selected financial or personal information stored in the PDA can be downloaded to perform certain consumer transactions. The PDA includes a modem, a serial port and/or a parallel port so as to provide direct communication capability with peripheral devices (such as POS and ATM terminals) and is capable of transmitting or receiving information through wireless communications such as radio frequency (RF) and infrared (IR) communication. The present invention is preferably operated in two modes, i.e., a client/server mode and a local mode. The client/server mode is periodically performed to download a temporary digital certificate (which is necessary to access selected information stored in the PDA and to write such information to the Universal Card) from a central server of the service provider of the PDA and Universal Card. Next, the local mode of operation is performed by providing the PDA with biometric data and selecting one of the pre-enrolled credit cards that are stored in the PDA. Upon biometric verification, the Universal Card is written with the selected card information, which is then used to initiate a consumer transaction. In the absence of an unexpired digital certificate, however, the selected card information will not be written to the Universal Card, notwithstanding that the user may have passed local biometric verification.
1353 Citations
20 Claims
-
1. A portable information and transaction processing device, comprising:
-
a central processing unit; a memory device, operatively coupled to said central processing unit, for storing transaction information comprising one of financial information, personal information, and a combination thereof; communication means for establishing a communication link with a central server of a service provider, disposed at a remote location, to download a temporary digital certificate issued by said service provider; a user interface, operatively coupled to said central processing unit, for selecting at least a portion of said transaction information; a card reader; a universal card having a unique card number designated to a subscribing user of said service provider, wherein the universal card is inserted into said card reader to receive said selected portion of said transaction information; and programming means, executable by said central processing unit, for determining if said temporary digital certificate is valid, for writing said selected portion of said transaction information to said universal card if said temporary digital certificate is deemed valid, and for preventing said selected portion of said transaction information from being written to said universal card when said temporary digital certificate is deemed invalid. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. An information and transaction processing system, comprising:
-
a central server associated with a service provider of a subscribing user; a transaction terminal; and a portable communication device comprising; a central processing unit; a memory device, operatively coupled to said central processing unit, for storing transaction information comprising one of financial information, personal information, and a combination thereof; communication means for establishing a communication link with said central server to download a temporary digital certificate from said central server; a user interface, operatively coupled to said central processing unit, for selecting at least a portion of said stored transaction information; a card reader; a universal card having a unique card number designated to the subscribing user by said service provider, which is inserted in said card reader to receive said selected portion of said transaction information; and programming means, executable by said central processing unit, for determining if said temporary digital certificate is valid, for writing said selected portion of the transaction information to said universal card if said temporary digital certificate is deemed valid, and for preventing said selected portion of the transaction information from being written to said universal card if said temporary digital certificate is deemed invalid; whereby said universal card is presented to said transaction terminal for initiating a user-desired transaction if said selected transaction information is written to said universal card. - View Dependent Claims (12, 13)
-
-
14. A method for performing an electronic transaction, comprising the steps of:
-
using a portable communication device to establish a communication link with a central server of a service provider; verifying, by the central server, the identity of a user of the portable communication device to determine if the user is a subscribing user of the service provider; downloading a temporary digital certificate from the central server to the portable communication device, the temporary digital certificate being issued by the service provider if the user is verified as a subscribing user; selecting, by the user of said portable communication device, desired transaction information stored in the device to perform an electronic transaction; verifying, by the portable communication device, if the user is an authorized user of said device; determining, by the portable communication device, if the downloaded temporary digital certificate is valid; and providing the selected transaction information to an electronic transaction terminal to perform an electronic transaction, if the user is deemed an authorized user and the temporary digital certificate is deemed valid. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification