Secure credit card

US 20030085286A1
Filed: 11/06/2001
Published: 05/08/2003
Est. Priority Date: 11/06/2001
Status: Active Grant

First Claim

Patent Images

1. A secure card comprising:

a card body which incorporates a microprocessor device, a read only memory device and a secure linear feedback shift register, the microprocessor device being interfaced to the read only memory device containing a pre-initialized personality configuration, said pre-initialized personality configuration being comprised of both a unique card identification and a customized secure linear feedback shift register initial configuration;

a reference linear feedback shift register incorporated in said card body and synchronized to the secure linear shift register;

a security code generator incorporated in said card body and producing a security code utilizing said secure linear feedback shift register and said reference linear feedback shift register, said secure linear feedback shift register and said reference linear feedback shift register being driven by a common free running clock oscillator and providing outputs which, when combined with the card identification, produce a security code uniquely based upon said pre-initialized personality configuration, said security code being accessible by the microprocessor; and

a communication interface incorporated in said card body and connected to said microprocessor device, said communication device providing an input/output message function of the secured information between the said microprocessor and an agent outside the secure card body.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Credit card or portable identification cards containing smart card technology and electronic fuse (e-fuse) technology are combined with a LFSR pseudo random number generator to provide a secured method to prevent fraud and unauthorized use. Secure personalization via e-fuses, a pseudo random number generator linear feedback shift register, free running clock oscillator, and power source embedded in the card enable a highly secured method to render a lost or stolen card useless. A unique card ID is permanently encoded within the card which requires a specific activation code to activate the card. A PIN number provides a means for the card owner to activate the card for a predetermined length of time while processing a transaction. The card'"'"'s security generation function dynamically generates random code sequences and synchronization keys to secure a transaction.

251 Citations

20 Claims

1. A secure card comprising:
- a card body which incorporates a microprocessor device, a read only memory device and a secure linear feedback shift register, the microprocessor device being interfaced to the read only memory device containing a pre-initialized personality configuration, said pre-initialized personality configuration being comprised of both a unique card identification and a customized secure linear feedback shift register initial configuration;
  
  a reference linear feedback shift register incorporated in said card body and synchronized to the secure linear shift register;
  
  a security code generator incorporated in said card body and producing a security code utilizing said secure linear feedback shift register and said reference linear feedback shift register, said secure linear feedback shift register and said reference linear feedback shift register being driven by a common free running clock oscillator and providing outputs which, when combined with the card identification, produce a security code uniquely based upon said pre-initialized personality configuration, said security code being accessible by the microprocessor; and
  
  a communication interface incorporated in said card body and connected to said microprocessor device, said communication device providing an input/output message function of the secured information between the said microprocessor and an agent outside the secure card body.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. A secure card according to claim 1, wherein the read only memory is comprised of a plurality of integrated electronic fuses.
  - 3. A secure card according to claim 1, wherein the initial configuration is pre-configured and permanently burned at card initialization to provide a unique linear feedback shift register sequence associated with the card and a sequence of sufficient length to provide for extremely large unique sequences.
  - 4. A secure card according to claim 3, wherein the permanently burned initial configurations utilize electronic-fuse technology.
  - 5. A secure card according to claim 1, wherein the security code generator produces a security code to uniquely identify the secure card by providing a synchronization key produced by the reference linear feedback shift register, a state of the secure linear feedback shift register, and a card identification at the time of card transaction authentication.
  - 6. A secure card according to claim 1, wherein the communications interface is a contact interface whereby physical connections between the secure card and an external agent'"'"'s input/output device provides a medium for exchanging information.
  - 7. A secure card according to claim 1, wherein the communications interface is a contact-less interface whereby communications between the secure card and an external agent'"'"'s input/output does not require physical contact with the secure card thus providing a medium for exchanging security code information.
  - 8. A secure card according to claim 7, wherein the communications interface comprises a keypad of one or more keys and a display device said display device being a liquid crystal display or status indicator.
  - 9. A secure card according to claim 1, wherein the secure card contains a power supply which is one or more semiconductor photo cells.
  - 10. A secure card according to claim 1, wherein the secure card contains a power supply which is a wireless source using radio frequency energy.
  - 11. A secure card according to claim 1, wherein the secure card also includes a magnetic strip, said magnetic strip containing card information.

12. A method for authorizing a transaction involving a secure card, comprising the steps of:
- responding to an initiation of a transaction by a user which includes recognizing a personal identification code entered by a user;
  
  matching by the secure card the entered personal identification code with a personal identification code contained within read only memory of the secure card;
  
  transmitting a security code from the secure card to an authorizing agent external to the secure card wherein the security code is comprised of a combination of contents of a secure linear feedback shift register, a reference linear feedback shift register and a card identification;
  
  receiving by said authorizing agent the said security code and authenticating the security code based upon the card identification, the contents of the secure linear feedback shift register, and the contents of the reference linear feedback shift register, granting or denying approval for the transaction by said authorizing agent, based on authenticating the security code.
- View Dependent Claims (13, 14, 15, 16, 17)
- - 13. A method according to claim 12, wherein the personal identification code is a pre-initialized code embedded in the read only memory of the secure card and said personal identification code is never transmitted outside of the secure card.
  - 14. A method according to claim 12, wherein the personal identification code and the secure linear feedback shift register are pre-configured and unique to the secure card.
  - 15. A method according to claim 12, wherein the personal identification code, secure linear feedback shift register, and reference linear feedback shift register are implemented using electronic-fuse technology.
  - 16. A method according to claim 12, wherein the security code is continuously transmitted from the secure card to an authorizing agent external to the secure card until the secure card transaction is completed or the secure card is powered off.
  - 17. A method according to claim 12, wherein the said security code is transmitted via the internet to the authorizing agent and the said authorizing agent grants or denies approval for the transaction via the Internet.

18. A method for creating a secure card, comp rising the steps of:
- incorporating within a card body a microprocessor device, a read only memory device and a secure linear feedback shift register;
  
  interfacing the microprocessor device to the read only memory device containing a pre-initialized personality configuration, said pre-initialized personality configuration being comprised of both a unique card identification and a customized secure linear feedback shift register initial configuration;
  
  incorporating a reference linear feedback shift register in said card body and synchronizing the reference linear feedback to the secure linear shift register;
  
  incorporating a security code generator in said card body and producing a security code utilizing said secure linear feedback shift register and said reference linear feedback shift register;
  
  driving said secure linear feedback shift register and said reference linear feedback shift register by a common free running clock oscillator and providing outputs which, when combined with the card identification, produces a security code uniquely based upon the said pre-initialized personality configuration said security code being accessible by the microprocessor; and
  
  incorporating a communication interface in said card body and connected to said microprocessor device, said communication device providing the input/output message function of the secured information between the said microprocessor and an agent outside the secure card body.
- View Dependent Claims (19, 20)
- - 19. A method according to claim 18, further comprising the step of creating the unique configuration of the secure card is by selectively burning one or more integrated electronic fuses to produce unique linear feedback shift register configurations.
  - 20. A method according to claim 18, wherein at least one of a card number and a personal identification number is also created by selectively burning one or more integrated electronic fuses.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Kyndryl Incorporated
Original Assignee
International Business Machines Corporation
Inventors
Kelley, Edward E., Motika, Franco, Motika, Paul V., Motika, Eric M.

Granted Patent

US 6,641,050 B2
Time in Patent Office

Days
Field of Search
US Class Current

235/492
CPC Class Codes

G06K 19/073   Special arrangements for ci...

G06K 19/077   Constructional details, e.g...

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/385   using an alias or single-us...

G06Q 20/4097   using mutual authentication...

G07F 7/1008   Active credit-cards provide...

Secure credit card

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

251 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Secure credit card

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

251 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links