WO1999064956A1 - Method, apparatus and system for securing credit card transactions - Google Patents

Method, apparatus and system for securing credit card transactions Download PDF

Info

Publication number
WO1999064956A1
WO1999064956A1 PCT/IL1999/000302 IL9900302W WO9964956A1 WO 1999064956 A1 WO1999064956 A1 WO 1999064956A1 IL 9900302 W IL9900302 W IL 9900302W WO 9964956 A1 WO9964956 A1 WO 9964956A1
Authority
WO
WIPO (PCT)
Prior art keywords
credit card
verification
number input
transaction
random number
Prior art date
Application number
PCT/IL1999/000302
Other languages
French (fr)
Inventor
David Haitin
Zvi Nitzan
Baruch Levanon
Original Assignee
Aqi Ltd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from IL12486198A external-priority patent/IL124861A0/en
Application filed by Aqi Ltd. filed Critical Aqi Ltd.
Priority to AU41621/99A priority Critical patent/AU4162199A/en
Publication of WO1999064956A1 publication Critical patent/WO1999064956A1/en

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1008Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • G06Q20/3415Cards acting autonomously as pay-media
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1016Devices or methods for securing the PIN and other transaction-data, e.g. by encryption

Definitions

  • the present invention relates to a method and apparatus for securing credit card transactions. More specifically, the present invention relates to a method and apparatus for securing credit card transactions by using randomizing encryption. In addition, the present invention relates to a system for activating a credit card for a pre-defined period of time thus preventing the fraudulent use of stolen credit cards.
  • One typical credit card transaction involves a person who uses a telephone credit card to make a telephone call at a public telephone.
  • the transaction sequence usually requires the user to first dial an access number to make contact with a long distance carrier.
  • the access number is generally, publicly available, since it is distributed to all subscribers to the carrier's service and is sometimes even displayed in the public telephone area.
  • the caller After receiving a confirmation signal, the caller then enters a customer specific, account number, which is made up of a series of numerals often printed on the credit card for ease of user access.
  • the account number should be kept secret by the card owner, given that it is used by the carrier to determine if a valid account number has been presented when the service request is initiated. Of even greater importance to the card holder, the account number usually identifies the account to which the requested telephone service will be billed.
  • an unscrupulous clerk could later attempt to use the account number to engage in fraudulent transactions.
  • another party who gains access to the discarded carbon paper could likewise attempt to use the account number to engage in a fraudulent transaction.
  • a so called "shoulder surfer" could observe the transaction and obtain the account number.
  • U.S. Pat No. 5,317,636 discloses a method and apparatus for improving the security of credit card transactions. It involves a so-called "smart" credit card, which includes a processor, a memory, and a display window. When used, the card produces a verification number, which is based on a transaction sequence number and an encryption algorithm stored in the memory of the card. The verification number produced by the card is read in the display window and transmitted to a verification computer.
  • the computer uses the verification number, together with a decryption algorithm, to produce a computed transaction sequence number. If the computed transaction sequence number corresponds to a transaction sequence number stored in the memory of the computer, then the computer will authorize the transaction, otherwise it will not. Both the card and computer change their respective transaction sequence numbers, such as by incrementation, so that different transaction sequence numbers are stored in the respective memories, for the production of a different verification number for the next transaction.
  • an apparatus for securing credit card transactions comprising (a) a randomizing module for providing a random number input for every new credit card transaction; (b) an encryption algorithm stored in the apparatus for encrypting input data, the input data including the random number input being provided by the randomizing module and a constant number input specific to a given credit card, the encryption algorithm being complementary to a decryption algorithm stored in an authorization computer; (c) a display device; and (d) a processing module for processing the encryption algorithm and the input data to produce a verification number output, which is visually displayed by the display device, for conveyance as a verification number input to the authorization computer which (i) by using the decryption algorithm, decrypts the verification number input for deciphering the random number input; (ii) using the deciphered random number input, independently encrypts the constant number input to independently obtain an independently obtained verification number output; and (iii) tests the correspondence of the independently obtained verification number output with the verification number input encrypted by the encryption algorithm for
  • an authorization computer for authorizing credit card transactions, the computer comprising (a) a decryption algorithm stored in the authorization computer for decrypting a random number being encrypted in a verification number input and further for independently encrypting a constant number input specific to a given credit card, both being conveyed to the authorization computer, the verification number input being an output of an encryption algorithm, which is stored in, and executed by, an apparatus for securing credit card transactions, when operating on the random number input randomly provided for every new credit card transaction by a randomizing module of the apparatus and the constant number input specific to the given credit card, the encryption algorithm being complementary to the decryption algorithm; and (b) a processing module for processing the encryption algorithm and the verification number and constant number inputs, whereby (i) by using the decryption algorithm, the processing module decrypts the verification number input for deciphering the random number input; (ii) using the deciphered random number input, the processing module independently encrypts the constant number input to independently obtain an independently obtained verification
  • a system for securing credit card transactions which combines the apparatus and computer, the system therefore comprising (a) an apparatus for securing credit card transactions, the apparatus including (i) a randomizing module for providing a random number input for every new credit card transaction; (ii) an encryption algorithm stored in the apparatus for encrypting input data, the input data including the random number input being provided by the randomizing module and a constant number input specific to a given credit card, the encryption algorithm being complementary to a decryption algorithm stored in an authorization computer; (iii) a display device; and (iv) a first processing module for processing the encryption algorithm and the input data to produce a verification number output, which is visually displayed by the display device, for conveyance as a verification number input to the authorization computer; and (b) an authorization computer for authorizing credit card transactions, the authorization computer including (i) a decryption algorithm stored in the authorization computer for decrypting the random number being encrypted in the verification number input and further for independently encrypting the constant
  • a method for securing credit card transactions comprising the steps of (a) requiring the provision of a verification number input to an authorization computer, the verification number input being obtained as a verification number output of an encryption algorithm for encrypting input data, the encryption algorithm being stored in, and executed by, an apparatus for securing credit card transactions, the input data including a random number input randomly provided for every new credit card transaction and a constant number input specific to a given credit card; (b) using a processing module in the authorization computer for operating a decryption algorithm, being stored in the authorization computer, on the verification number input, the decryption algorithm being complementary to the encryption algorithm, to thereby (i) decrypt the verification number input for deciphering the random number input; and (ii) independently encrypt the constant number input to independently obtain an independently obtained verification number output; and (c) testing the correspondence of the independently obtained verification number output with the verification number input encrypted by the encryption algorithm for determining whether a given credit card transaction is to be authorized.
  • the random number input provided by the randomizing module is first compared to a predetermined number of previous random number inputs and if it equals any of the previous random number inputs, the randomizing module provides a different random number input.
  • the apparatus further includes an activation device for activating the randomizing module to provide the random number input and further for activating the processing module to produce the verification number output.
  • the randomizing module is a recycling timer.
  • the activation device includes an activation pad which requires the entry of an identification code in order to activate the randomizing module to provide the random number input and to activate the processing module to produce the verification number output.
  • the activation device includes at least two separated pressable keys, which are to be pressed in a predetermined sequence in order to operate the activation device.
  • the apparatus further includes a memory module for storing data.
  • the apparatus for securing credit card transactions forms an integral part of a credit card.
  • the apparatus is designed to be removably connectable to a credit card.
  • the processing module is a microchip by which the encryption algorithm is processed, the microchip includes an interface, the interface serves to feed the constant number input specific to the given credit card into the apparatus during a final stage of its production.
  • the encryption algorithm includes pseudo-random functions and employs the random number input as an encryption key operated on the constant number input via the pseudo-random functions for generating the verification number output.
  • the verification number output encrypts a binary coded decimal form of the constant number and of a pseudorandomly dispersed binary form of the random number
  • the decryption algorithm includes complementary pseudo-random functions and by operating the complementary pseudo-random functions on the verification number input while considering the pseudorandomly dispersed binary form of the random number, the decryption algorithm deciphers the random number input, which is then used to independently encrypt the constant number input and to compare a result thereof with the verification number input.
  • the pseudorandomly dispersed binary form of the random number is dispersed in one of a preselected number of optional dispersion forms, whereas by operating the complementary pseudo-random functions on the verification number input while considering the pseudorandomly dispersed binary optional forms of the random number, the decryption algorithm deciphers the optional random number inputs, which are then used independently to independently encrypt the constant number input and to compare a result thereof with the verification number input.
  • the authorization computer authorizes a given credit card transaction on at least one basis selected from the group consisting of (i) whether the independently obtained verification number output corresponds with the given credit card; (ii) whether a given verification number input was employed in a predetermined number of previous credit card transactions, wherein if it was, authorization is denied; (iii) whether a predetermined time period elapsed from the last credit card transaction, wherein if the time period elapsed from the last credit card transaction is below the predetermined time period, authorization is denied; (iv) whether a predetermined maximal number of credit card transactions has been attempted or executed, wherein if a total number of credit card transactions equals the predetermined maximal number of credit card transactions, authorization of a next transaction is denied; (v) whether a predetermined maximal number of credit card transactions per day has been attempted or executed, wherein if a total number of credit card transactions per day equals the predetermined maximal number of credit card transactions per day, authorization of a next transaction is denied; and (i) whether the independently obtained verification number output correspond
  • the credit card transactions are selected from the group consisting of an over the counter transaction, a telephone transaction, an internet transaction, a cable net transaction and a pay phone transaction.
  • a system for preventing the fraudulent use of a credit account comprising (a) a credit card, including an internal activating device being for activating the credit card, such that when activated the credit card is usable for a predetermined time period; and (b) an activating unit removably couplable to the credit card, and communicable with the internal activating device, the activating unit, when connected to the credit card, being for activating the internal activating device of the credit card, so as to allow the use of the credit card in credit transactions for the predetermined time period.
  • a method for preventing the fraudulent use of a credit account comprising the steps of (a) providing a system including (i) a credit card, including an internal activating device being for activating the credit card, such that when activated the credit card is usable for a predetermined time period; and (ii) an activating unit removably couplable to the credit card, and communicable with the internal activating device, the activating unit, when coupled to the credit card, being for activating the internal activating device of the credit card; and (b) activating the internal activating device of the credit card to allow the use thereof in credit transactions for a predetermined time period, thereby preventing the fraudulent use of a credit account credited via the use of the credit card.
  • a device for preventing the fraudulent use of a credit account comprising an activating unit removably couplable to a credit card, and communicable with an internal activating device of said credit card, said activating unit, when connected to said credit card, serves for activating said internal activating device of said credit card, so as to allow the use of said credit card in credit transactions for said predetermined time period.
  • the internal activating device includes an extinguishable power source, the extinguishable power source when charged by the activating unit activates the credit card for the predetermined time period so as to allow the use thereof in credit transactions.
  • the extinguishable power source of the credit card is a capacitor or a short term memory cell.
  • the time period is determined by a user of the credit card.
  • the activating unit further includes a display for displaying information pertaining to the credit card to a user thereof.
  • the activation of the credit card is effected upon the removal thereof from the activating unit following activation of the internal activating device.
  • the activation of the credit card is effected by generation of a transaction number (e.g., a verification number output) on the display and a use thereof in an independent communication platform for conducting a credit transaction.
  • a transaction number e.g., a verification number output
  • the transaction number is preferably generated in accordance with the teachings of the aspects of the present invention described hereinabove and further described hereinunder in the preferred embodiments section.
  • the independent communication platform is selected from the group consisting of a computer network, a telephony network and a cable network.
  • the activating unit further includes a verification device for verifying compatibility of a credit card coupled thereto, whereas only if the credit card coupled thereto is compatible therewith the internal activation device becomes operative.
  • the verification device includes a user operable keypad through which verification is effected.
  • the verification device is a microchip, the microchip serves for establishing verification upon specific recognition between the credit card and the activating unit.
  • the present invention successfully addresses the shortcomings of the presently known configurations by providing a system for securing credit card transactions based on random encryption and/or temporal activation.
  • FIG. 1 is a partly sectioned front view demonstrating few alternative embodiments of an apparatus for securing credit card transactions in accordance with the teachings of the present invention
  • FIG. 2 is a top view of a credit card (prior art) showing the card's number, wherein the last four digits are replaced with X;
  • FIG. 3 is a schematic depiction of an authorization computer for securing credit card transactions in accordance with the teachings of the present invention
  • FIG. 4 is a flow diagram showing the process by which the apparatus of Figure 1 is initiated;
  • FIG. 5 is a block diagram showing the process by which the apparatus of Figure 1 provides a verification number for a securing credit card transaction according to a preferred embodiment of the present invention
  • FIG. 6 is a block diagram showing the process by which the authorization computer of Figure 3 provides authorization for a securing credit card transaction according to a preferred embodiment of the present invention
  • FIG. 7 is a schematic depiction of a system according to the present invention, which includes the apparatus of Figure 1 and the authorization computer of Figure 3;
  • FIG. 8 is a top view of a credit card showing its number and an embossed micro-chip and connection pins, according to the present invention;
  • FIG. 9 is a top view of an activating unit used according to the present invention to activate the credit card showing its numeric display, surface connector, and corner limits for accurate placement of the credit card for activation;
  • FIG. 10 is a top view of another version of an activating unit used according to the present invention to activate the credit card showing numeric display, and an internal slot where the credit card is inserted for activation;
  • FIG. 1 1 is an illustration of a cell phone with a slot at the bottom for inserting the credit card for activation.
  • the present invention is of a method, apparatus and system for securing credit card transactions which can be used to prevent unauthorized individuals of using a credit card.
  • the present is of an encryption/decryption method and apparatus which issues a dedicated transaction number associated with each individual credit transaction effected via a credit card, and further of a system for temporarily activating a credit card prior to its use in credit transactions.
  • Figure 1 illustrates an apparatus for securing credit card transactions according to the present invention, which is referred to hereinbelow as apparatus 20.
  • credit card also refers to a debit card, telecard, etc. In other words it refers to cards that entitle cardholders to make purchases on credit, and to cards through which payments for purchases are made electronically from the bank accounts of the cardholders.
  • transaction also refers to the cancellation of a transaction.
  • Apparatus 20 includes a randomizing module 22.
  • Module 22 serves for providing a random number input, preferably a binary random number input, for every new credit card transaction.
  • module 22 is a recycling 11 bits binary timer, recycling at high rate, e.g., above 20 kHz, which timer can be stopped at any given time through its cycles to provide a random 11 bits binary number which serves as the random number input for every new credit card transaction as further detailed hereinbelow.
  • Apparatus 20 further includes an encryption algorithm stored in a memory module, preferably a dedicated, custom-made microchip die 24 operatively engaged by apparatus 20.
  • the encryption algorithm may alternatively, yet less preferably, be stored in a read only memory (ROM) module 26 or any other memory module.
  • the encryption algorithm serves for encrypting input data which includes the random number input provided by randomizing module 22 and a constant number input specific to a given credit card (shown in Figure 2).
  • the constant number input specific to the given credit card is the card's number transformed into bits of binary coded decimal (BCD) form.
  • BCD binary coded decimal
  • credit card numbers are typically composed of 16 digits which form 64 bits in the BCD binary transformations.
  • the terms "numeral" and "digit” are equivalent and they also refer to letters of an alphabet, especially the English alphabet, which are equivalently transformable into binary coded letters.
  • Chip 24 is preferably a microchip having a 16 pins interface 25.
  • Interface 25 serves to feed the constant number input specific to the given credit card into apparatus 20 during a final stage of its production.
  • chip 24 is designed for a single interaction with a feeder or programmer (not shown) of the constant number, such that, after feeding apparatus 20 is adapted for use with a single credit card, and only with that card.
  • the encryption algorithm is complementary to a decryption algorithm stored in an authorization computer (shown in Figure 3).
  • the encryption algorithm includes pseudo-random functions, and employs the random number input as an encryption key or pointer operated on the constant number via the pseudorandom functions for generating the verification number output.
  • the verification number output When in its BCD form, the verification number output encrypts a BCD form of the constant number associated with the given credit card and of a pseudorandomly dispersed binary form of the random number.
  • the bits of the random number are pseudorandomly dispersed in one of a preselected number of a pseudorandomly dispersion forms in the verification number output.
  • polynominal functions may be employed to render the verification number output longer or shorter.
  • a verification number output of 7 decimal digits (corresponding to a 24 binary number) is preferred.
  • This number is preferably obtained by using the "1" bits of the 11 bits random number as pointers to 0-11 reshuffling tables each of 64 pseudorandomly arranged values, which are used, one at a time, to reshuffle the 64 bits constant number, to obtain a reshuffled 64 bits number. Via a polynomial function this number is transformed into a 16 bits number and eight values of the 11 bits number are spread among these bits in a pseudorandom dispersed order determined according to one of eight possibilities, each associated with one of the eight value combinations existing for the remaining three values of the 11 bits number.
  • the resulting 24 bits number thus encrypts both the random number and the constant number in a manner decipherable by a complementary decryption algorithm.
  • the resulting 24 bits form a binary number which is readily transformed into a 7 digits decimal number.
  • Apparatus 20 further includes a processing module 30.
  • Module 30 serves for processing the encryption algorithm and the input data to produce the verification number output, which is visually displayed by a display device 32 of apparatus 20 in its decimal form.
  • Display device 32 is typically a liquid crystal display (LCD), e.g., of 4 or more digits at a time, designed to display longer numbers is successive sections. It will be appreciated that modules 22, 24 and 30 may be formed as a single multi-functional module.
  • LCD liquid crystal display
  • the verification number output is conveyed (e.g., electronically, by dual tone multi frequency (DTMF), orally, etc.) to an authorization computer 40, shown in Figure 3.
  • DTMF dual tone multi frequency
  • Authorization computer 40 includes a decryption algorithm.
  • the decryption algorithm is stored in the authorization computer preferably in an encrypted fragmented form in a memory module 42, e.g., ROM, custom-made chip, hard disk, random access memory (RAM), etc.
  • the decryption algorithm first serves for decrypting the verification number input for deciphering the random number input. Using the deciphered random number input, the decryption algorithm independently encrypts the constant number input to independently obtain a verification number output. Thereafter, the decryption algorithm tests the correspondence of the independently obtained verification number output with the verification number input encrypted by the encryption algorithm for determining whether a given credit card transaction is to be authorized.
  • the decryption algorithm is selected complementary to the encryption algorithm.
  • the decryption algorithm serves for decrypting the verification number input for deciphering the optional random number inputs.
  • the decryption algorithm independently encrypts the constant number input to independently obtain optional verification number output.
  • the decryption algorithm tests the correspondence of the independently obtained optional verification number outputs with the verification number input encrypted by the encryption algorithm for determining whether a given credit card transaction is to be authorized, wherein if one of the independently obtained optional verification number outputs matches the verification number, then the transaction is authorized.
  • the decryption algorithm is selected complementary to the encryption algorithm in that it includes identical pseudorandom functions which operate on the constant number.
  • Authorization computer 40 further includes a processing module 44.
  • Module 44 serves for processing the decryption algorithm and the verification number input as described, and to thereby determine the independently obtained verification number output(s).
  • Module 44 further serves to test the correspondence of the independently obtained verification number output(s) with the verification number input for determining whether a given credit card transaction is to be authorized. Any of the above memory modules 42 may serve also as the processing module 44, so as to achieve a dual function by a single element.
  • the random number input provided by randomizing module 22 is compared to a predetermined number (e.g., about 5- 250, preferably 16) of previous random number inputs and if it equals any of the previous random number inputs, randomizing module 22 provides a different random number input for the present transaction.
  • a predetermined number e.g., about 5- 250, preferably 16
  • activation device 50 serves for activating randomizing module 22 to provide the random number input and further for activating processing module 30 to produce and display the verification number output.
  • activation device 50 includes an activation pad 52 including any number of keys (e.g., from two to ten), which requires the entry of an identification code for performing.
  • an unauthorized user will not be able to conduct transactions with the stolen credit card, because device 20 is operable only upon entry of the identification code through pad 52, which code is known only to the authorized cardholder.
  • the code is preferably resetable by the authorized cardholder.
  • activation device 50 includes two separated pressable keys 54, which are to be pressed in a predetermined sequence in order to operate activation device 50.
  • apparatus 20 is less prone to accidental operation. This feature of apparatus 20 is of importance as further detailed below.
  • Additional keys, generally indicated by 51 may be used to provide functions, such as, but not limited to, "on", “off, sound effects, etc.
  • Apparatus 20 can be formed as a stand alone item, which is, for example, connectable to a keys holder, however, apparatus 20 may alternatively be formed as an integral part of a credit card to form what is known in the art as a "smart card". Manufacturing smart cards is well known in the art and will therefore not be further elaborated herein.
  • U.S. Pat No. 5,317,636 which is hereby incorporated by reference as if fully set forth herein.
  • apparatus 20 is designed to be removably connectable to a credit card.
  • apparatus 20 can be equipped with a multi use detachable adhesive layer on one face thereof, which layer serves for detachably adhering apparatus 20 to a face of the credit card.
  • the housing of apparatus 20 may be formed to serve as a credit card holder, i.e., to removably accept and engage a credit card.
  • authorization computer 40 authorizes a given credit card transaction on at least one basis selected from the following.
  • the authorization computer determines whether the independently obtained verification number output corresponds with the given credit card, wherein if it is not, authorization is denied.
  • the authorization computer determines whether a given verification number input was employed in a predetermined number of previous credit card transactions (say about 5-250, preferably about 16), wherein if it was, authorization is denied. Thus, if an unauthorized individual manages to retrieve the verification number of a given transaction, the non- authorized individual cannot use this verification number even if he obtains an unauthorized hold of the credit card.
  • the authorization computer determines whether a predetermined time period, say five minutes, elapsed from the last credit card transaction, wherein if the time period elapsed from the last credit card transaction is below the predetermined time period, authorization is denied.
  • a predetermined time period say five minutes
  • the authorization computer determines whether a predetermined maximal number of credit card transactions, say about 250, has been attempted or executed, wherein if the total number of credit card transactions attempted or executed equals the predetermined maximal number of credit card transactions, authorization of the next transaction is denied.
  • the authorization computer determines whether a predetermined maximal number of credit card transactions per day, say 25, has been attempted or executed, wherein if the total number of credit card transactions per day equals the predetermined maximal number of credit card transactions per day, authorization of the next transaction is denied.
  • the authorization computer determines whether in a predetermined number of successive cases the independently obtained verification number output failed to correspond with the given credit card, wherein if a number of successive cases in which the independently obtained verification number output failed to correspond with the given credit card equals the predetermined number of successive cases, authorization of a next transaction is denied.
  • the system includes apparatus 20 and authorization computer 40 as hereinabove described.
  • the communication between the apparatus and the authorization computer is typically indirectly effected by remote communication media 200, such as, but not limited to, computers and telephones located where the credit card transactions take place 202.
  • remote communication media 200 such as, but not limited to, computers and telephones located where the credit card transactions take place 202.
  • the communication between remote communication media 200 and authorization computer 40 is still further indirect and is assisted by peripheral computers 204, located in proximity to, and directly communicating with, authorization computer 40, all are located at a transaction authorization center 201.
  • the communication between peripheral computers 204 and authorization computer 40 is preferably limited to simple queries and simple responses associated with the authorization process, such that non-authorized individuals cannot communicate with authorization computer 40 in order to reveal its functionality.
  • the method according to the present invention includes the following method steps, in which in a first step the provision of a verification number input to an authorization computer is required.
  • the verification number input is obtained as a verification number output of an encryption algorithm for encrypting input data.
  • the encryption algorithm is stored in, and executed by, an apparatus for securing credit card transactions.
  • the input data including a random number input randomly provided for every new credit card transaction and a constant number input specific to a given credit card.
  • a processing module in the authorization computer is used for operating a decryption algorithm, itself stored in the authorization computer, on the verification number input.
  • the decryption algorithm is selected complementary to the encryption algorithm. The decryption algorithm thereby (i) decrypt the verification number input for deciphering the random number input; and (ii) independently encrypt the constant number input to independently obtain a verification number output.
  • a third step of the method according to the present invention the correspondence of the independently obtained verification number output and the verification number input encrypted by the encryption algorithm is tested for determining whether a given credit card transaction is to be authorized.
  • System 302 operates with a credit card 300.
  • Credit card 300 includes an internal activating device 315 which, when activated, serves for activating credit card 300 for a predetermined time period, say 1-10 minutes.
  • System 302 further includes an activating unit 350.
  • Activating unit 350 is removably couplable to credit card 300.
  • activating unit 350 is in communication with internal activating device 315 and serves for activating device 315, so as to activate or "unlock" credit card 300 for the predetermined time period, so as to allow the use thereof in credit transactions during that time period, which is preferably selected so as to allow the consolidation of a single credit transaction.
  • system 302 of the present invention provides, through a time limited user dependent activation of the credit card, an additional means with which credit card transactions can be secured.
  • the credit card must be activated prior to any credit transaction by the card holder, and only an activated card will enable a credit transaction or automatic teller machine (ATM) cash withdrawal.
  • ATM automatic teller machine
  • one of the objectives of this aspect of the present invention is to prevent in advance any purchase by means of a duplicated or stolen credit card in all usage methods of credit cards, e.g., telephone, Internet, over-the-counter, ATM machines and the like.
  • the present invention ensures the highest security in areas with on-line computer communication as extensively described above, but as well as in places which do not have direct communication with the credit company's verification computer which are most vulnerable for fraudulent credit card activity.
  • Figure 8 illustrates credit card 300.
  • Credit card 300 includes a micro chip 310 formed therein and is equipped with contacts 320 for communicating with external devices, such as card readers and activators.
  • the number of contacts 320 and their shape can vary but are designed preferably compatible with the new smart cards connection formats (ISO/IEC 7816/1-3).
  • Example No. 4 below describes a specific arrangement of contacts 320.
  • internal activating device 315 is included within chip 310. As such, the various functions of activating device 315 can be controlled by chip 310. According to another and presently preferred embodiment of the present invention internal activating device 315 is an extinguishable power source. As such, activating device 315 is referred to herein also as power source 315.
  • credit card 300 can store data and measure an activation period of a few minutes through power source 315 which is for example, a capacitor or a short term memory cell, which when charged with an electrical power slowly discharges over a period of time which can prolong as much as a few minutes.
  • power source 315 which is for example, a capacitor or a short term memory cell, which when charged with an electrical power slowly discharges over a period of time which can prolong as much as a few minutes.
  • Example No. 5 below describes several configurations for power source 315.
  • FIG. 9 illustrates an activation device 350 of system 302.
  • Unit 350 is kept separate from credit card 300 (e.g., it is held on a key chain).
  • each unit 350 is specifically configured to be dedicated to a specific card 300. This can be effected by a user when first operating system 302 or by the credit account provider. If a unit 350 which is not configured to operate with a specific card is connected to such card 300 the activation thereof is not effected.
  • any credir card of a plurality of cards which are solely owned by a single card holder are preferably activatable and protected by a single unit 350.
  • a permanent disabling procedure is preferably operated to permanently render useless both the credit card and the activating device.
  • card 300 is momentarily coupled to unit 350.
  • this first coupling unit 350 supplies the power for any operations necessary such as exchange of information between credit card 300 and unit 350, so as to render the specific card and the specific unit solely compatible to one another.
  • unit 350 and credit card 300 exchange information via a serial interface which is included within contacts 320.
  • credit card 300 and unit 350 exchange information pertaining to, for example, the identity and compatibility between a specific card 300 and a dedicated unit 350, whether a legitimate identification is detected.
  • an activation confirmation is granted by unit 350, and card 300 is activated and rendered operative for a credit transaction.
  • Activation is preferably provided by a power charge generated from unit 350 and accumulated in power source 315.
  • the power accumulated in power source 315 is sustainable for a limited, pre-determined period of time, during which, a credit transaction is enabled. Once, the power in power source 315 is dissipated below a threshold, no further transactions are possible until card 300 is reactivated in the manner described hereinabove.
  • activation of credit card 300 is indirect.
  • unit 350 issues a transaction number, e.g., verification number output, preferably in a manner similar to as described above in respect to other aspects of the present invention, such that electronic transactions employing an independent communication platform, e.g., those conducted over a computer network, a telephone network and/or a cable network can be effected by forwarding the transaction number issued by unit 350 in a fashion similar to as described above.
  • a transaction number e.g., verification number output
  • unit 350 contains a numeric display 360 for transiently displaying the transaction number which is reissued for each new transaction, as described in more detail hereinabove.
  • display 360 is utilizable during and for electronic shopping.
  • Unit 350 displays a new transaction number only after a legitimate coupling to a compatible credit card 300 is encountered, via a surface mounted contact area 370.
  • a contour 380 which is placed adjacent to contact area 370 acts as a stopper for the accurate coupling of credit card 300 to contacts 320. No other credit card will perform a legal coupling, and unit 350 will not display a new transaction number for an electronic credit transaction.
  • the displayed transaction number is then keyed in via the telephone or the computer's keyboard for the identification and verification in, and by, the credit company's verification computer.
  • Numeric display 360 of unit 350 also serves to provide visual feedback indicating that the contact area 370 of unit 350 and contacts 320 of credit card 300 have successfully been coupled and that the coupling process is therefore in progress.
  • Figure 10 illustrates a preferred embodiment for coupling activation unit 350 with card 300 according to the present invention.
  • coupling is effected by the insertion of credit card 300 or a portion thereof into a slot 420 provided at, e.g., a side wall of unit 350.
  • the card must be fully inserted into the slot, to ensure electric contact.
  • Other attachment mechanisms are also envisaged.
  • any credir card of a plurality of cards which are solely owned by a single card holder, are preferably activatable and protected by a single unit 350.
  • Activation unit 350 is loaded with the same credit card identification number and optionally with any additional relevant information.
  • unit 350 is integrated into a a portable cellular telephone device 500. In this case, the transaction number and all other details can be automatically communicated to the main computer of the credit company via the cellular network with which the cellular telephone operates.
  • the transaction number is displayed by the display device inherent to cellular telephones for a limited time period.
  • the card holder profits from the integration of unit 350 in a cellular telephone due to the highly secured activation feature and the user benefits from easy access to an effortless telephone purchase because all details and the transaction number can be automatically transmitted via the cell phone.
  • the present invention ensures the highest security in areas with an online computer communication system which offers immediate verification that the transaction is being performed by the legitimate card holder.
  • an online computer communication system which offers immediate verification that the transaction is being performed by the legitimate card holder.
  • the present invention even without a validation computer, there is positive identification that the credit transaction is legal.
  • the credit company would have a much faster indication than what the current system offers that a specific card is fraudulent, stolen or duplicated.
  • OTC over-the-counter
  • the various machines at points of sale, ATM's, public telephones, etc. are or will be equipped with credit card internal or external readers which will be able to identify whether a specific credit card 300 is activated. In other words, a credit transaction will be enabled only if the card was legally activated by its dedicated activation unit 350. According to the present invention if the vendor or seller is connected on-line with the credit computer, the card's details and its activation response will be transferred to the computer. Alternatively, the present invention provides secure credit transactions without a validation computer.
  • the present invention can also provide a secure method for cash withdrawal from cash ATMs.
  • credit card 300 must make contact with activation unit 350 prior to insertion into the ATM.
  • the ATM recognizes that legal card/device identification had been performed during the last few minutes. If not, the card will be confiscated by the ATM.
  • PIN personal identification code
  • the initialization of the apparatus for securing credit card transactions according to the present invention includes feeding therein the constant number associated with the card with which it is to operate, typically the card's 16 decimal digits number (64 bits in BCD form).
  • Figure 4 provides a flow diagram for this process.
  • the apparatus is connected to a constant number feeder or programmer, as indicated by box 62, e.g., via the interface of a microchip, and, the constant number is serially received and loaded 64 by the apparatus.
  • a semaphore 66 is then operated, such that reprogramming a constant number into the apparatus in the future will be denied.
  • the apparatus thus turns operable with a single given credit card and only with that card.
  • an operation number counter 68 is set to zero and the apparatus turns into a sleep mode 70.
  • the apparatus is now ready for use in securing credit card transactions with its associated card.
  • both a fast recycling 11 bit timer (e.g., about 20 kHz) 74 and a delay timer (e.g., 1 Hz timer) 76 are incrementing.
  • the activation device 78 When the activation device 78 is activated, then, if the operation number equals a predetermined maximal number of credit card transactions (operations) 80, say 250, then the display 82 displays "END" and the user is thereby informed that the apparatus is to be replaced by a new one. In this case, the apparatus enters a sleep mode 83.
  • the operation number is below the predetermined maximal number of operations, then, if the delay timer is below a predetermined time period, say 5 minutes, indicated by 84, "PAUS" is displayed 86, and the apparatus enters a sleep mode 90, whereas if the delay timer is above the predetermined time period, then, the delay timer is zeroed 86, the operation number is incremented one value 89, and a random binary number input of 11 bits is provided by the 11 bit timer.
  • a predetermined time period say 5 minutes, indicated by 84
  • PAUS is displayed 86
  • the delay timer is zeroed 86
  • the operation number is incremented one value 89
  • a random binary number input of 11 bits is provided by the 11 bit timer.
  • the random binary number input of 11 bits is then checked for repeatability in a predetermined number of previous operations, say 16 previous operations, as indicated by 92 and 93.
  • the 11 bit timer is incremented again to provide another random 11 bits binary number input. If it did not appear, then the random binary number input provided is added to the numbers composing the list of numbers in previous operations, thereby removing therefrom the earliest number present 94.
  • "1" occupied bits of the 11 bits making the random binary number input which is composed of "l "s and "0"s, are used as keys or pointers to pseudorandom tables each including 64 locations engaging, in a different pseudorandom order, 64 numerals of different values (0-63).
  • Each table at a time, is used to rearrange or reshuffle the 64 bits constant BCD number according to that table's pseudorandom order of numerals, such that the 64 bits BCD number is reshuffled a number of times which equals the number of "1" values in the 11 bit number, and according to different pseudorandom tables each associated with a different bit in the 11 bits number (maximum 11 times, by 11 different tables).
  • a polynominal function is then operated on the reshuffled 64 bits, to obtain a 16 bits number 98. Then, as indicated by 100, the first 8 bits of the 11 bits number are pseudorandomly dispersed among the 16 bits number according to 8 different possible dispersion orders preassociated with the 8 options (2 ⁇ ) for the remaining last 3 values of the 11 bits number. The resulting 24 bits number is transformed into a 7 digits decimal number and is displayed for 10 seconds 102, thereafter the apparatus returns to sleep mode 104. The 7 digits decimal number is the verification number output of the apparatus.
  • the authorization computer receives a query which includes the constant number associated with a credit card (the card's number) and the 7 decimal digits verification number obtained as described under Example 2 above.
  • the authorization computer first validates the card 112, 114 according to criteria described hereinabove, such as the total number of uses and the frequency of use. If the card is invalid then an "ignore" response is issued 116.
  • the 8 timer bits are extracted out of the 24 bits of the verification number according to eight different options, so as to obtain 8 optional random numbers.
  • the procedure described under boxes 96, 98 and 100 of Figure 5 is independently performed for each, using the decryption algorithm and the card's constant number.
  • each of the resulting independently obtained optional verification number outputs is independently compared with the verification number input calculated by the encrypting algorithm of the apparatus, which was earlier received along with the constant card's number by the computer. If one of the optional verification number outputs equals the verification number input, then the transaction is valid and the process continues, whereas if none of them equals the verification number input, then authorization is denied and the bad attempt is recorded 126.
  • the records are checked to determine whether the verification number was used in a predetermined number, say 16, of previous transactions 140, 142. If it was, an "ignore" response is issued 144 and the criminal attempt is marked 146. If it was not, then an "authorized” response 148 is issued and the verification number is added to the list of previously employed verification numbers 150.
  • the six contacts described in this example enable the credit card to communicate with the various activation units (including card readers) which are further described in Example 6 hereinunder.
  • a first contact serves as a clock frequency input operating at, for example, 20 kHz.
  • the clock frequency input is forwarded from an activation unit currently coupled to the card. This information is used to synchronize the serial data communication and also for the card's activities during coupling.
  • a second contact serves as a serial data input inputted from the activation unit currently attached to the card.
  • a third contact serves as a common grounding to the card and to the activation unit.
  • a fourth contact serves as a serial data output from the card to the activation unit coupled thereto.
  • a fifth contact is an unconnected contact and can therefore serve for effecting one of the options for activation period measurements described in Example 5 that follows.
  • a sixth contact serves as a voltage supply input, provided by the activation unit to a card coupled therewith.
  • a capacitor or a short term memory cell integrated in the silicon micro-chip within the credit card, can be charged and store electric charge.
  • the capacitor selected has a pre-designed current leakage so that it discharges over a time period of few minutes.
  • the capacitor or a short term memory cell is loaded with electric charge, indicating a legitimate activation confirmation. This electric charge, due to the slow leakage, is stored for few minutes, and then the capacitor or a short term memory cell discharges thus ending the activation period.
  • the fifth contact of the micro-chip which is described in Example 4 above, has a very high input impedance.
  • a thin external 1 ⁇ F capacitor is connected to this input pin and is charged by the pin in case of a successful activation.
  • This capacitor together with the high input impedance, holds its charge for a few minutes. In this case the chip must be protected against the CMOS latch-up effect.
  • an external capacitor or a short term memory cell for low voltage made of a very thin dielectric, with about 470 ⁇ F is employed.
  • This capacitor serves as the power source of the entire micro-chip, for the few minutes after the coupling to the activation unit.
  • the micro-chip consumes less than 4 ⁇ A and thus can activate an internal timer for a few minutes until the capacitor is discharged.
  • the credit card according to the present invention can be momentarily coupled to any one of several types of activation units (or readers) as further described herein.
  • the activating unit supplies the power and clock frequency required for the credit card operation.
  • the credit card and the unit coupled thereto exchange data in a serial protocol initiated by the unit which first sends a few bits of identification to the credit card.
  • a "data loader” device can be used to load the credit card number and additional optional information into the card, is identified by a unique code, say "000”, deliverable to the card upon activation thereof.
  • an activation unit as described above is identified by a different unique code, say "001”, deliverable to the card upon activation thereof.
  • various smart card readers are identified by yet another unique code, say "010", deliverable to the card upon activation thereof.
  • a card according to the present invention can determine the type of activation unit with which it is couplable. Some units, say ATMs, public telephone devices, etc., which are used by the general public are compatible with a plurality of credit cards, whereas other, which are personal are rendered compatible with a specific credit card.
  • Credit card operation when coupled with a data loader As mentioned hereinabove, prior to the provision of the credit card and the activation unit to the card holder, both are loaded with the credit card number and optional additional data.
  • the card is loaded with the card's identification number which is typically identical to the number embossed on its surface. It can be loaded with more details, such as the holder's name and bank account number.
  • the activation unit is loaded with the same credit card identification number only. It will be appreciated that according to a preferred embodiment of the present invention any credir card of a plurality of cards which are solely owned by a single card holder, are preferably activatable and protected by a single unit. Both devices then set off an internal security flag which prevents any future attempt by anyone to reload the information.
  • Credit card operation when coupled with its paired activation unit In principle, for the highest security, the encrypted data exchanged between the credit card and the activation unit must be different for each new activation process, as well as for every card-unit pair.

Abstract

An apparatus for securing credit card transactions is provided, the apparatus includes: a randomizing module (22) for providing a random number input; an encryption algorithm stored in the apparatus (24) for encrypting input data, the input including the random number and a constant number specific to a given credit card; a display device (32); a processing module (30) for processing the encryption algorithm and the input data to produce a verification number output. The verification number is decrypted and tested by an authorization computer to determine whether a given credit card transaction is to be authorized.

Description

METHOD, APPARATUS AND SYSTEM FOR SECURING CREDIT CARD
TRANSACTIONS
FTF .n AND BACKGROUND OF THE INVENTION The present invention relates to a method and apparatus for securing credit card transactions. More specifically, the present invention relates to a method and apparatus for securing credit card transactions by using randomizing encryption. In addition, the present invention relates to a system for activating a credit card for a pre-defined period of time thus preventing the fraudulent use of stolen credit cards.
The use of credit cards for many types of transactions is already commonplace, and is steadily increasing as society gradually progresses to a cashless monetary system. The proliferation of the use of credit cards, however, has been met with a corresponding proliferation in the methods by which unscrupulous persons may use credit cards or credit card information to engage in fraud or theft.
One typical credit card transaction involves a person who uses a telephone credit card to make a telephone call at a public telephone. The transaction sequence usually requires the user to first dial an access number to make contact with a long distance carrier. The access number is generally, publicly available, since it is distributed to all subscribers to the carrier's service and is sometimes even displayed in the public telephone area. After receiving a confirmation signal, the caller then enters a customer specific, account number, which is made up of a series of numerals often printed on the credit card for ease of user access. Unlike the access number which is public, the account number should be kept secret by the card owner, given that it is used by the carrier to determine if a valid account number has been presented when the service request is initiated. Of even greater importance to the card holder, the account number usually identifies the account to which the requested telephone service will be billed.
Understanding that someone who has the telephone account number can use that number to place unauthorized calls, thieves have devised different methods by which they gain access to the account numbers of legitimate card holders. One such practice is referred to as "shoulder surfing", whereby the thief watches, sometimes by means of binoculars, and memorizes the customer unique, account number entered by a legitimate card holder. Modern, public telephone areas in airports, train stations, shopping malls, and the like, make the true card owners particularly vulnerable to this practice given that the design of many public telephone areas typically permit members of the public to freely move around and behind the caller. Thus, someone in a publicly accessible area could have a clear view of the account number on the card or entered on the telephone key pad during the transaction, especially if the caller inadvertently neglects to guard the secrecy of the account number. Yet another example of the means by which a thief may gain access to a legitimate card holder's account number may involve a typical credit card purchase from a retailer. During such a transaction, the card holder's account number is exposed to the retailer's clerk processing the transaction. Additionally, if the transaction is conducted with the card holder present in person, there is typically paperwork, such as a hard copy receipt, which is generated during the transaction and which contains the account number. Frequently, carbon paper inserts, which are placed between the receipt paperwork, are discarded in an unsecured manner after the card holder provides an authorization signature, even though those carbon paper inserts may contain the account number of the customer.
Thus, an unscrupulous clerk could later attempt to use the account number to engage in fraudulent transactions. Alternatively, another party who gains access to the discarded carbon paper could likewise attempt to use the account number to engage in a fraudulent transaction. And finally, a so called "shoulder surfer" could observe the transaction and obtain the account number.
The problem of unauthorized use of credit card increased since the extensive use of electronic credit card transactions, e.g., via the internet, because all of the details relating to the transaction are stored in hardware which is prone the electronic theft of data. What is needed is a method and apparatus by which credit card transactions can be made more secure against fraud and theft. To the extent that credit cards are mass produced, the security approach must be adapted for implementation on a wide scale, which also suggests that it must not be prohibitively expensive. The approach must take account of existing transaction equipment which is available now and in the near future. For example, most public telephone systems have touch tone key pads, but relatively few have the newer technology, card readers which read an electronic strip on the credit card. Likewise, home telephone systems, which can be used for conducting credit card transactions, are highly unlikely to include a card reader system. The security approach must be reasonably simple to use by the card holder, as significant increases in the complexity of use will reduce the desirability of the security system. Finally, the security approach must be uncrackable. U.S. Pat No. 5,317,636 discloses a method and apparatus for improving the security of credit card transactions. It involves a so-called "smart" credit card, which includes a processor, a memory, and a display window. When used, the card produces a verification number, which is based on a transaction sequence number and an encryption algorithm stored in the memory of the card. The verification number produced by the card is read in the display window and transmitted to a verification computer. The computer uses the verification number, together with a decryption algorithm, to produce a computed transaction sequence number. If the computed transaction sequence number corresponds to a transaction sequence number stored in the memory of the computer, then the computer will authorize the transaction, otherwise it will not. Both the card and computer change their respective transaction sequence numbers, such as by incrementation, so that different transaction sequence numbers are stored in the respective memories, for the production of a different verification number for the next transaction.
The method and apparatus disclosed in U.S. Pat No. 5,317,636 suffer few drawbacks and limitations. First, the use of an encrypted-decrypted transaction sequence number is shared by all card holders and therefore the code generated for a specific card has no features specifically identifiable with that specific card. In other words, different cards generate identical codes, depending on the transaction sequence number. Second, collecting data about the verification codes generated in few successive transactions, enables to rather readily reverse engineer the encryption-decryption algorithms, because there is no randomization involved. Third, should a user conduct two credit card transactions in close time proximity, it is possible that due to the complexity and load of communication the later encrypted transaction sequence number will arrive first to the verification computer and will be denied.
There are many ways to obtain information that can bό used in criminal credit card activity: lost or stolen cards; re-use of carbon paper; shoulder surfing when data is being keyed in by phone; employee access to data in various machines at points of sale; recording tones on telephone lines; and penetration into communication networks and business databases. In other words, it is relatively easy to obtain legitimate card numbers and engage in fraud or theft and even duplication.
There is thus a widely recognized need for, and it would be highly advantageous to have, a method and apparatus for preventing the fraudulent use of stolen credit cards and for securing credit card transactions devoid of the above limitations. There is a further widely recognized need for, and it would be further highly advantageous to have, a system for activating a credit card for a pre-defined period of time thus preventing the fraudulent use of stolen credit cards.
SUMMARY OF THE INVENTION
According to the present invention there is provided an apparatus for securing credit card transactions, the apparatus comprising (a) a randomizing module for providing a random number input for every new credit card transaction; (b) an encryption algorithm stored in the apparatus for encrypting input data, the input data including the random number input being provided by the randomizing module and a constant number input specific to a given credit card, the encryption algorithm being complementary to a decryption algorithm stored in an authorization computer; (c) a display device; and (d) a processing module for processing the encryption algorithm and the input data to produce a verification number output, which is visually displayed by the display device, for conveyance as a verification number input to the authorization computer which (i) by using the decryption algorithm, decrypts the verification number input for deciphering the random number input; (ii) using the deciphered random number input, independently encrypts the constant number input to independently obtain an independently obtained verification number output; and (iii) tests the correspondence of the independently obtained verification number output with the verification number input encrypted by the encryption algorithm for determining whether a given credit card transaction is to be authorized.
Further according to the present invention there is provided an authorization computer for authorizing credit card transactions, the computer comprising (a) a decryption algorithm stored in the authorization computer for decrypting a random number being encrypted in a verification number input and further for independently encrypting a constant number input specific to a given credit card, both being conveyed to the authorization computer, the verification number input being an output of an encryption algorithm, which is stored in, and executed by, an apparatus for securing credit card transactions, when operating on the random number input randomly provided for every new credit card transaction by a randomizing module of the apparatus and the constant number input specific to the given credit card, the encryption algorithm being complementary to the decryption algorithm; and (b) a processing module for processing the encryption algorithm and the verification number and constant number inputs, whereby (i) by using the decryption algorithm, the processing module decrypts the verification number input for deciphering the random number input; (ii) using the deciphered random number input, the processing module independently encrypts the constant number input to independently obtain an independently obtained verification number output; and (iii) the processing module tests the correspondence of the independently obtained verification number output with the verification number input encrypted by the encryption algorithm for determining whether a given credit card transaction is to be authorized. Yet further according to the present invention there is provided a system for securing credit card transactions which combines the apparatus and computer, the system therefore comprising (a) an apparatus for securing credit card transactions, the apparatus including (i) a randomizing module for providing a random number input for every new credit card transaction; (ii) an encryption algorithm stored in the apparatus for encrypting input data, the input data including the random number input being provided by the randomizing module and a constant number input specific to a given credit card, the encryption algorithm being complementary to a decryption algorithm stored in an authorization computer; (iii) a display device; and (iv) a first processing module for processing the encryption algorithm and the input data to produce a verification number output, which is visually displayed by the display device, for conveyance as a verification number input to the authorization computer; and (b) an authorization computer for authorizing credit card transactions, the authorization computer including (i) a decryption algorithm stored in the authorization computer for decrypting the random number being encrypted in the verification number input and further for independently encrypting the constant number input specific to the given credit card, the verification number input being an output of the encryption algorithm, which is stored in, and executed by, the apparatus for securing credit card transactions, when operating on the random number input randomly provided for every new credit card transaction by the randomizing module of the apparatus and the constant number input specific to the given credit card, the decryption algorithm being complementary to the encryption algorithm; and (ii) a second processing module for processing the decryption algorithm and the verification number and constant number inputs, whereby (a) by using the decryption algorithm, the processing module decrypts the verification number input for deciphering the random number input; (b) using the deciphered random number input, the processing module independently encrypts the constant number input to independently obtain an independently obtained verification number output; and (c) the processing module tests the correspondence of the independently obtained verification number output with the verification number input encrypted by the encryption algorithm for determining whether a given credit card transaction is to be authorized.
Still further according to the present invention there is provided a method for securing credit card transactions, the method comprising the steps of (a) requiring the provision of a verification number input to an authorization computer, the verification number input being obtained as a verification number output of an encryption algorithm for encrypting input data, the encryption algorithm being stored in, and executed by, an apparatus for securing credit card transactions, the input data including a random number input randomly provided for every new credit card transaction and a constant number input specific to a given credit card; (b) using a processing module in the authorization computer for operating a decryption algorithm, being stored in the authorization computer, on the verification number input, the decryption algorithm being complementary to the encryption algorithm, to thereby (i) decrypt the verification number input for deciphering the random number input; and (ii) independently encrypt the constant number input to independently obtain an independently obtained verification number output; and (c) testing the correspondence of the independently obtained verification number output with the verification number input encrypted by the encryption algorithm for determining whether a given credit card transaction is to be authorized. According to further features in preferred embodiments of the invention described below, the constant number input specific to the given credit card is the card's number.
According to still further features in the described preferred embodiments the random number input provided by the randomizing module is first compared to a predetermined number of previous random number inputs and if it equals any of the previous random number inputs, the randomizing module provides a different random number input.
According to still further features in the described preferred embodiments the apparatus further includes an activation device for activating the randomizing module to provide the random number input and further for activating the processing module to produce the verification number output.
According to still further features in the described preferred embodiments the randomizing module is a recycling timer. According to still further features in the described preferred embodiments the activation device includes an activation pad which requires the entry of an identification code in order to activate the randomizing module to provide the random number input and to activate the processing module to produce the verification number output.
According to still further features the described preferred embodiments the activation device includes at least two separated pressable keys, which are to be pressed in a predetermined sequence in order to operate the activation device. According to still further features in the described preferred embodiments the apparatus further includes a memory module for storing data.
According to still further features in the described preferred embodiments the apparatus for securing credit card transactions forms an integral part of a credit card. According to still further features in the described preferred embodiments the apparatus is designed to be removably connectable to a credit card.
According to still further features in the described preferred embodiments the processing module is a microchip by which the encryption algorithm is processed, the microchip includes an interface, the interface serves to feed the constant number input specific to the given credit card into the apparatus during a final stage of its production.
According to still further features in the described preferred embodiments the encryption algorithm includes pseudo-random functions and employs the random number input as an encryption key operated on the constant number input via the pseudo-random functions for generating the verification number output.
According to still further features in the described preferred embodiments in its binary coded decimal form the verification number output encrypts a binary coded decimal form of the constant number and of a pseudorandomly dispersed binary form of the random number, whereas the decryption algorithm includes complementary pseudo-random functions and by operating the complementary pseudo-random functions on the verification number input while considering the pseudorandomly dispersed binary form of the random number, the decryption algorithm deciphers the random number input, which is then used to independently encrypt the constant number input and to compare a result thereof with the verification number input. According to still further features in the described preferred embodiments the pseudorandomly dispersed binary form of the random number is dispersed in one of a preselected number of optional dispersion forms, whereas by operating the complementary pseudo-random functions on the verification number input while considering the pseudorandomly dispersed binary optional forms of the random number, the decryption algorithm deciphers the optional random number inputs, which are then used independently to independently encrypt the constant number input and to compare a result thereof with the verification number input. According to still further features in the described preferred embodiments the authorization computer authorizes a given credit card transaction on at least one basis selected from the group consisting of (i) whether the independently obtained verification number output corresponds with the given credit card; (ii) whether a given verification number input was employed in a predetermined number of previous credit card transactions, wherein if it was, authorization is denied; (iii) whether a predetermined time period elapsed from the last credit card transaction, wherein if the time period elapsed from the last credit card transaction is below the predetermined time period, authorization is denied; (iv) whether a predetermined maximal number of credit card transactions has been attempted or executed, wherein if a total number of credit card transactions equals the predetermined maximal number of credit card transactions, authorization of a next transaction is denied; (v) whether a predetermined maximal number of credit card transactions per day has been attempted or executed, wherein if a total number of credit card transactions per day equals the predetermined maximal number of credit card transactions per day, authorization of a next transaction is denied; and (vi) whether in a predetermined number of successive cases the independently obtained verification number output failed to correspond with the given credit card, wherein if a number of successive cases in which the independently obtained verification number output failed to correspond with the given credit card equals the predetermined number of successive cases, authorization of a next transaction is denied.
According to still further features in the described preferred embodiments the credit card transactions are selected from the group consisting of an over the counter transaction, a telephone transaction, an internet transaction, a cable net transaction and a pay phone transaction.
Further according to the present invention there is provided a system for preventing the fraudulent use of a credit account comprising (a) a credit card, including an internal activating device being for activating the credit card, such that when activated the credit card is usable for a predetermined time period; and (b) an activating unit removably couplable to the credit card, and communicable with the internal activating device, the activating unit, when connected to the credit card, being for activating the internal activating device of the credit card, so as to allow the use of the credit card in credit transactions for the predetermined time period.
Still further according to the present invention there is provided a method for preventing the fraudulent use of a credit account the method comprising the steps of (a) providing a system including (i) a credit card, including an internal activating device being for activating the credit card, such that when activated the credit card is usable for a predetermined time period; and (ii) an activating unit removably couplable to the credit card, and communicable with the internal activating device, the activating unit, when coupled to the credit card, being for activating the internal activating device of the credit card; and (b) activating the internal activating device of the credit card to allow the use thereof in credit transactions for a predetermined time period, thereby preventing the fraudulent use of a credit account credited via the use of the credit card. Yet further according to the present invention there is provided a device for preventing the fraudulent use of a credit account comprising an activating unit removably couplable to a credit card, and communicable with an internal activating device of said credit card, said activating unit, when connected to said credit card, serves for activating said internal activating device of said credit card, so as to allow the use of said credit card in credit transactions for said predetermined time period.
According to still further features in the described preferred embodiments the internal activating device includes an extinguishable power source, the extinguishable power source when charged by the activating unit activates the credit card for the predetermined time period so as to allow the use thereof in credit transactions.
According to still further features in the described preferred embodiments the extinguishable power source of the credit card is a capacitor or a short term memory cell. According to still further features in the described preferred embodiments the time period is determined by a user of the credit card. According to still further features in the described preferred embodiments the activating unit further includes a display for displaying information pertaining to the credit card to a user thereof.
According to still further features in the described preferred embodiments the activation of the credit card is effected upon the removal thereof from the activating unit following activation of the internal activating device.
According to still further features in the described preferred embodiments the activation of the credit card is effected by generation of a transaction number (e.g., a verification number output) on the display and a use thereof in an independent communication platform for conducting a credit transaction. The transaction number is preferably generated in accordance with the teachings of the aspects of the present invention described hereinabove and further described hereinunder in the preferred embodiments section.
According to still further features in the described preferred embodiments the independent communication platform is selected from the group consisting of a computer network, a telephony network and a cable network. According to still further features in the described preferred embodiments the activating unit further includes a verification device for verifying compatibility of a credit card coupled thereto, whereas only if the credit card coupled thereto is compatible therewith the internal activation device becomes operative. According to still further features in the described preferred embodiments the verification device includes a user operable keypad through which verification is effected.
According to still further features in the described preferred embodiments the verification device is a microchip, the microchip serves for establishing verification upon specific recognition between the credit card and the activating unit.
The present invention successfully addresses the shortcomings of the presently known configurations by providing a system for securing credit card transactions based on random encryption and/or temporal activation.
BRTEF DESCRIPTION OF THE DRAWINGS
The invention herein described, by way of example only, with reference to the accompanying drawings, wherein: FIG. 1 is a partly sectioned front view demonstrating few alternative embodiments of an apparatus for securing credit card transactions in accordance with the teachings of the present invention;
FIG. 2 is a top view of a credit card (prior art) showing the card's number, wherein the last four digits are replaced with X;
FIG. 3 is a schematic depiction of an authorization computer for securing credit card transactions in accordance with the teachings of the present invention;
FIG. 4 is a flow diagram showing the process by which the apparatus of Figure 1 is initiated;
FIG. 5 is a block diagram showing the process by which the apparatus of Figure 1 provides a verification number for a securing credit card transaction according to a preferred embodiment of the present invention;
FIG. 6 is a block diagram showing the process by which the authorization computer of Figure 3 provides authorization for a securing credit card transaction according to a preferred embodiment of the present invention;
FIG. 7 is a schematic depiction of a system according to the present invention, which includes the apparatus of Figure 1 and the authorization computer of Figure 3; FIG. 8 is a top view of a credit card showing its number and an embossed micro-chip and connection pins, according to the present invention;
FIG. 9 is a top view of an activating unit used according to the present invention to activate the credit card showing its numeric display, surface connector, and corner limits for accurate placement of the credit card for activation;
FIG. 10 is a top view of another version of an activating unit used according to the present invention to activate the credit card showing numeric display, and an internal slot where the credit card is inserted for activation; and
FIG. 1 1 is an illustration of a cell phone with a slot at the bottom for inserting the credit card for activation.
DESCRIPTION OF THE PREFERRED EMBODIMENTS
The present invention is of a method, apparatus and system for securing credit card transactions which can be used to prevent unauthorized individuals of using a credit card. Particularly, the present is of an encryption/decryption method and apparatus which issues a dedicated transaction number associated with each individual credit transaction effected via a credit card, and further of a system for temporarily activating a credit card prior to its use in credit transactions.
The principles and operation of the method, apparatus and system according to the present invention may be better understood with reference to the drawings and accompanying descriptions.
Before explaining at least one embodiment of the invention in detail, it is to be understood that the invention is not limited in its application to the details of construction and the arrangement of the components set forth in the following description or illustrated in the drawings. The invention is capable of other embodiments or of being practiced or carried out in various ways. Also, it is to be understood that the phraseology and terminology employed herein is for the purpose of description and should not be regarded as limiting.
Referring now to the drawings, Figure 1 illustrates an apparatus for securing credit card transactions according to the present invention, which is referred to hereinbelow as apparatus 20.
As used herein in the specification and in the claims section below, the term "credit card" also refers to a debit card, telecard, etc. In other words it refers to cards that entitle cardholders to make purchases on credit, and to cards through which payments for purchases are made electronically from the bank accounts of the cardholders.
As used herein in the specification and in the claims section below, the term "transaction" also refers to the cancellation of a transaction.
Apparatus 20 includes a randomizing module 22. Module 22 serves for providing a random number input, preferably a binary random number input, for every new credit card transaction. According to a preferred embodiment of the present invention module 22 is a recycling 11 bits binary timer, recycling at high rate, e.g., above 20 kHz, which timer can be stopped at any given time through its cycles to provide a random 11 bits binary number which serves as the random number input for every new credit card transaction as further detailed hereinbelow.
Apparatus 20 further includes an encryption algorithm stored in a memory module, preferably a dedicated, custom-made microchip die 24 operatively engaged by apparatus 20. The encryption algorithm may alternatively, yet less preferably, be stored in a read only memory (ROM) module 26 or any other memory module. In any case, the encryption algorithm serves for encrypting input data which includes the random number input provided by randomizing module 22 and a constant number input specific to a given credit card (shown in Figure 2). According to a preferred embodiment of the present invention, the constant number input specific to the given credit card is the card's number transformed into bits of binary coded decimal (BCD) form. As shown in Figure 2, credit card numbers are typically composed of 16 digits which form 64 bits in the BCD binary transformations. As used herein in the specification and in the claims section below, the terms "numeral" and "digit" are equivalent and they also refer to letters of an alphabet, especially the English alphabet, which are equivalently transformable into binary coded letters.
Chip 24 is preferably a microchip having a 16 pins interface 25. Interface 25 serves to feed the constant number input specific to the given credit card into apparatus 20 during a final stage of its production. According to a preferred embodiment, chip 24 is designed for a single interaction with a feeder or programmer (not shown) of the constant number, such that, after feeding apparatus 20 is adapted for use with a single credit card, and only with that card.
As further detailed hereinunder, the encryption algorithm is complementary to a decryption algorithm stored in an authorization computer (shown in Figure 3).
According to a preferred embodiment of the present invention and as further detailed in the Examples section below, the encryption algorithm includes pseudo-random functions, and employs the random number input as an encryption key or pointer operated on the constant number via the pseudorandom functions for generating the verification number output.
When in its BCD form, the verification number output encrypts a BCD form of the constant number associated with the given credit card and of a pseudorandomly dispersed binary form of the random number. Preferably, the bits of the random number are pseudorandomly dispersed in one of a preselected number of a pseudorandomly dispersion forms in the verification number output. At any stage, polynominal functions may be employed to render the verification number output longer or shorter. Presently, a verification number output of 7 decimal digits (corresponding to a 24 binary number) is preferred. This number is preferably obtained by using the "1" bits of the 11 bits random number as pointers to 0-11 reshuffling tables each of 64 pseudorandomly arranged values, which are used, one at a time, to reshuffle the 64 bits constant number, to obtain a reshuffled 64 bits number. Via a polynomial function this number is transformed into a 16 bits number and eight values of the 11 bits number are spread among these bits in a pseudorandom dispersed order determined according to one of eight possibilities, each associated with one of the eight value combinations existing for the remaining three values of the 11 bits number. The resulting 24 bits number thus encrypts both the random number and the constant number in a manner decipherable by a complementary decryption algorithm. The resulting 24 bits form a binary number which is readily transformed into a 7 digits decimal number.
Apparatus 20 further includes a processing module 30. Module 30 serves for processing the encryption algorithm and the input data to produce the verification number output, which is visually displayed by a display device 32 of apparatus 20 in its decimal form. Display device 32 is typically a liquid crystal display (LCD), e.g., of 4 or more digits at a time, designed to display longer numbers is successive sections. It will be appreciated that modules 22, 24 and 30 may be formed as a single multi-functional module.
While performing a credit card transaction according to the present invention, be it an over the counter credit card transaction, a telephone credit card transaction, an internet credit card transaction, a cable net credit card transaction, a pay phone credit card transaction or any other transaction involving the use of a credit card, the verification number output is conveyed (e.g., electronically, by dual tone multi frequency (DTMF), orally, etc.) to an authorization computer 40, shown in Figure 3.
Authorization computer 40 includes a decryption algorithm. The decryption algorithm is stored in the authorization computer preferably in an encrypted fragmented form in a memory module 42, e.g., ROM, custom-made chip, hard disk, random access memory (RAM), etc. The decryption algorithm first serves for decrypting the verification number input for deciphering the random number input. Using the deciphered random number input, the decryption algorithm independently encrypts the constant number input to independently obtain a verification number output. Thereafter, the decryption algorithm tests the correspondence of the independently obtained verification number output with the verification number input encrypted by the encryption algorithm for determining whether a given credit card transaction is to be authorized. The decryption algorithm is selected complementary to the encryption algorithm.
If, according to the preferred embodiment the random number is dispersed in one of predetermined random orders in the verification number output of apparatus 20, then, the decryption algorithm serves for decrypting the verification number input for deciphering the optional random number inputs. Using the deciphered optional random number inputs, the decryption algorithm independently encrypts the constant number input to independently obtain optional verification number output. Thereafter, the decryption algorithm tests the correspondence of the independently obtained optional verification number outputs with the verification number input encrypted by the encryption algorithm for determining whether a given credit card transaction is to be authorized, wherein if one of the independently obtained optional verification number outputs matches the verification number, then the transaction is authorized. Thus, the decryption algorithm is selected complementary to the encryption algorithm in that it includes identical pseudorandom functions which operate on the constant number.
Authorization computer 40 further includes a processing module 44. Module 44 serves for processing the decryption algorithm and the verification number input as described, and to thereby determine the independently obtained verification number output(s). Module 44 further serves to test the correspondence of the independently obtained verification number output(s) with the verification number input for determining whether a given credit card transaction is to be authorized. Any of the above memory modules 42 may serve also as the processing module 44, so as to achieve a dual function by a single element. Before used as input, the random number input provided by randomizing module 22 is compared to a predetermined number (e.g., about 5- 250, preferably 16) of previous random number inputs and if it equals any of the previous random number inputs, randomizing module 22 provides a different random number input for the present transaction. According to a preferred embodiment of the present invention apparatus
20 further includes an activation device 50. Device 50 serves for activating randomizing module 22 to provide the random number input and further for activating processing module 30 to produce and display the verification number output. In one embodiment, activation device 50 includes an activation pad 52 including any number of keys (e.g., from two to ten), which requires the entry of an identification code for performing. Thus, even if apparatus 20 is lost or stolen together with the credit card with which it operates, an unauthorized user will not be able to conduct transactions with the stolen credit card, because device 20 is operable only upon entry of the identification code through pad 52, which code is known only to the authorized cardholder. The code is preferably resetable by the authorized cardholder. In a simpler embodiment activation device 50 includes two separated pressable keys 54, which are to be pressed in a predetermined sequence in order to operate activation device 50. Thus, apparatus 20 is less prone to accidental operation. This feature of apparatus 20 is of importance as further detailed below. Additional keys, generally indicated by 51 may be used to provide functions, such as, but not limited to, "on", "off, sound effects, etc.
Apparatus 20 can be formed as a stand alone item, which is, for example, connectable to a keys holder, however, apparatus 20 may alternatively be formed as an integral part of a credit card to form what is known in the art as a "smart card". Manufacturing smart cards is well known in the art and will therefore not be further elaborated herein. One example is disclosed in U.S. Pat No. 5,317,636, which is hereby incorporated by reference as if fully set forth herein.
Yet, according to another alternative, apparatus 20 is designed to be removably connectable to a credit card. To this end, apparatus 20 can be equipped with a multi use detachable adhesive layer on one face thereof, which layer serves for detachably adhering apparatus 20 to a face of the credit card. Alternatively, the housing of apparatus 20 may be formed to serve as a credit card holder, i.e., to removably accept and engage a credit card. According to preferred embodiments of the present invention authorization computer 40 authorizes a given credit card transaction on at least one basis selected from the following.
First, the authorization computer determines whether the independently obtained verification number output corresponds with the given credit card, wherein if it is not, authorization is denied.
Second, the authorization computer determines whether a given verification number input was employed in a predetermined number of previous credit card transactions (say about 5-250, preferably about 16), wherein if it was, authorization is denied. Thus, if an unauthorized individual manages to retrieve the verification number of a given transaction, the non- authorized individual cannot use this verification number even if he obtains an unauthorized hold of the credit card.
Third, the authorization computer determines whether a predetermined time period, say five minutes, elapsed from the last credit card transaction, wherein if the time period elapsed from the last credit card transaction is below the predetermined time period, authorization is denied.
Fourth, the authorization computer determines whether a predetermined maximal number of credit card transactions, say about 250, has been attempted or executed, wherein if the total number of credit card transactions attempted or executed equals the predetermined maximal number of credit card transactions, authorization of the next transaction is denied.
Fifth, the authorization computer determines whether a predetermined maximal number of credit card transactions per day, say 25, has been attempted or executed, wherein if the total number of credit card transactions per day equals the predetermined maximal number of credit card transactions per day, authorization of the next transaction is denied.
Finally, the authorization computer determines whether in a predetermined number of successive cases the independently obtained verification number output failed to correspond with the given credit card, wherein if a number of successive cases in which the independently obtained verification number output failed to correspond with the given credit card equals the predetermined number of successive cases, authorization of a next transaction is denied.
Further according to the present invention there is provided a system for securing credit card transactions. As schematically shown in Figure 7, the system includes apparatus 20 and authorization computer 40 as hereinabove described. The communication between the apparatus and the authorization computer is typically indirectly effected by remote communication media 200, such as, but not limited to, computers and telephones located where the credit card transactions take place 202. Preferably, the communication between remote communication media 200 and authorization computer 40 is still further indirect and is assisted by peripheral computers 204, located in proximity to, and directly communicating with, authorization computer 40, all are located at a transaction authorization center 201. The communication between peripheral computers 204 and authorization computer 40 is preferably limited to simple queries and simple responses associated with the authorization process, such that non-authorized individuals cannot communicate with authorization computer 40 in order to reveal its functionality.
Further according to the present invention there is provided a method for securing credit card transactions. The method according to the present invention includes the following method steps, in which in a first step the provision of a verification number input to an authorization computer is required. The verification number input is obtained as a verification number output of an encryption algorithm for encrypting input data.. The encryption algorithm is stored in, and executed by, an apparatus for securing credit card transactions. The input data including a random number input randomly provided for every new credit card transaction and a constant number input specific to a given credit card.
In a second step of the method according to the present invention a processing module in the authorization computer is used for operating a decryption algorithm, itself stored in the authorization computer, on the verification number input. As further detailed hereinabove, the decryption algorithm is selected complementary to the encryption algorithm. The decryption algorithm thereby (i) decrypt the verification number input for deciphering the random number input; and (ii) independently encrypt the constant number input to independently obtain a verification number output.
In a third step of the method according to the present invention the correspondence of the independently obtained verification number output and the verification number input encrypted by the encryption algorithm is tested for determining whether a given credit card transaction is to be authorized.
According to another aspect of the present invention, and as shown in Figures 8-11, there is provided a system for preventing the fraudulent use of a credit account, which is referred to hereinbelow as system 302.
System 302 operates with a credit card 300. Credit card 300 includes an internal activating device 315 which, when activated, serves for activating credit card 300 for a predetermined time period, say 1-10 minutes. System 302 further includes an activating unit 350. Activating unit 350 is removably couplable to credit card 300. When coupled to credit card 300, activating unit 350 is in communication with internal activating device 315 and serves for activating device 315, so as to activate or "unlock" credit card 300 for the predetermined time period, so as to allow the use thereof in credit transactions during that time period, which is preferably selected so as to allow the consolidation of a single credit transaction. Thus, system 302 of the present invention provides, through a time limited user dependent activation of the credit card, an additional means with which credit card transactions can be secured.
The credit card must be activated prior to any credit transaction by the card holder, and only an activated card will enable a credit transaction or automatic teller machine (ATM) cash withdrawal. Thus, one of the objectives of this aspect of the present invention is to prevent in advance any purchase by means of a duplicated or stolen credit card in all usage methods of credit cards, e.g., telephone, Internet, over-the-counter, ATM machines and the like. Thus, the present invention ensures the highest security in areas with on-line computer communication as extensively described above, but as well as in places which do not have direct communication with the credit company's verification computer which are most vulnerable for fraudulent credit card activity.
In more detail, Figure 8 illustrates credit card 300. Credit card 300 includes a micro chip 310 formed therein and is equipped with contacts 320 for communicating with external devices, such as card readers and activators. The number of contacts 320 and their shape can vary but are designed preferably compatible with the new smart cards connection formats (ISO/IEC 7816/1-3). Example No. 4 below describes a specific arrangement of contacts 320.
According to a preferred embodiment of the present invention internal activating device 315 is included within chip 310. As such, the various functions of activating device 315 can be controlled by chip 310. According to another and presently preferred embodiment of the present invention internal activating device 315 is an extinguishable power source. As such, activating device 315 is referred to herein also as power source 315.
A credit card must have a standard minimum thickness, therefore the implementation of an internal battery is impractical and for most applications, too expensive. Thus, according to another preferred embodiment of the present invention credit card 300 can store data and measure an activation period of a few minutes through power source 315 which is for example, a capacitor or a short term memory cell, which when charged with an electrical power slowly discharges over a period of time which can prolong as much as a few minutes. Example No. 5 below describes several configurations for power source 315.
Figure 9 illustrates an activation device 350 of system 302. Unit 350 is kept separate from credit card 300 (e.g., it is held on a key chain). Preferably each unit 350 is specifically configured to be dedicated to a specific card 300. This can be effected by a user when first operating system 302 or by the credit account provider. If a unit 350 which is not configured to operate with a specific card is connected to such card 300 the activation thereof is not effected. It will be appreciated that according to a preferred embodiment of the present invention any credir card of a plurality of cards which are solely owned by a single card holder, are preferably activatable and protected by a single unit 350. In addition, when non-compatible card-unit are coupled, a permanent disabling procedure is preferably operated to permanently render useless both the credit card and the activating device.
To effect activation of credit card 300 prior to any credit transaction, card 300 is momentarily coupled to unit 350. During this first coupling unit 350 supplies the power for any operations necessary such as exchange of information between credit card 300 and unit 350, so as to render the specific card and the specific unit solely compatible to one another.
During coupling, unit 350 and credit card 300 exchange information via a serial interface which is included within contacts 320. Upon coupling credit card 300 and unit 350 exchange information pertaining to, for example, the identity and compatibility between a specific card 300 and a dedicated unit 350, whether a legitimate identification is detected. Thereafter, an activation confirmation is granted by unit 350, and card 300 is activated and rendered operative for a credit transaction. Activation is preferably provided by a power charge generated from unit 350 and accumulated in power source 315. According to this aspect of the present invention, the power accumulated in power source 315 is sustainable for a limited, pre-determined period of time, during which, a credit transaction is enabled. Once, the power in power source 315 is dissipated below a threshold, no further transactions are possible until card 300 is reactivated in the manner described hereinabove.
In a different embodiment, activation of credit card 300 is indirect. According to this embodiment, following the coupling of a compatible credit card 300 with a dedicated unit 350, unit 350 issues a transaction number, e.g., verification number output, preferably in a manner similar to as described above in respect to other aspects of the present invention, such that electronic transactions employing an independent communication platform, e.g., those conducted over a computer network, a telephone network and/or a cable network can be effected by forwarding the transaction number issued by unit 350 in a fashion similar to as described above. Thus, both encryption/decryption and compatibility dependent activation (i.e., indirect activation) are exercised when implementing this embodiment of the invention to ensure highest security in such transactions.
To this end, unit 350 contains a numeric display 360 for transiently displaying the transaction number which is reissued for each new transaction, as described in more detail hereinabove. Thus, display 360 is utilizable during and for electronic shopping. Unit 350 displays a new transaction number only after a legitimate coupling to a compatible credit card 300 is encountered, via a surface mounted contact area 370. A contour 380 which is placed adjacent to contact area 370 acts as a stopper for the accurate coupling of credit card 300 to contacts 320. No other credit card will perform a legal coupling, and unit 350 will not display a new transaction number for an electronic credit transaction. The displayed transaction number is then keyed in via the telephone or the computer's keyboard for the identification and verification in, and by, the credit company's verification computer. Numeric display 360 of unit 350 also serves to provide visual feedback indicating that the contact area 370 of unit 350 and contacts 320 of credit card 300 have successfully been coupled and that the coupling process is therefore in progress.
Figure 10 illustrates a preferred embodiment for coupling activation unit 350 with card 300 according to the present invention. According to this embodiment, coupling is effected by the insertion of credit card 300 or a portion thereof into a slot 420 provided at, e.g., a side wall of unit 350. In one example, the card must be fully inserted into the slot, to ensure electric contact. Other attachment mechanisms are also envisaged. It will be appreciated that according to a preferred embodiment of the present invention any credir card of a plurality of cards which are solely owned by a single card holder, are preferably activatable and protected by a single unit 350.
It will be appreciated that prior to the acquisition of credit card 300 and the activation unit 350 by the user, both are loaded with the credit account information, such as the card's identification number which is typically identical to the number embossed on the card's surface. It can be loaded with more details, such as the holder's name and bank account number. Activation unit 350 is loaded with the same credit card identification number and optionally with any additional relevant information. According to a preferred embodiment of the present invention, and as specifically shown in Figure 11 , unit 350 is integrated into a a portable cellular telephone device 500. In this case, the transaction number and all other details can be automatically communicated to the main computer of the credit company via the cellular network with which the cellular telephone operates. Alternatively or in addition, the transaction number is displayed by the display device inherent to cellular telephones for a limited time period. The card holder profits from the integration of unit 350 in a cellular telephone due to the highly secured activation feature and the user benefits from easy access to an effortless telephone purchase because all details and the transaction number can be automatically transmitted via the cell phone.
The present invention ensures the highest security in areas with an online computer communication system which offers immediate verification that the transaction is being performed by the legitimate card holder. However, with the present invention, even without a validation computer, there is positive identification that the credit transaction is legal. In addition, the credit company would have a much faster indication than what the current system offers that a specific card is fraudulent, stolen or duplicated. In an over-the-counter (OTC) purchase where the cardholder is present, the present invention prevents in advance any purchase by means of duplicated or stolen credit card, even in places which do not have direct communication with the credit company's verification computer, which are the most vulnerable points for fraudulent credit card use. The various machines at points of sale, ATM's, public telephones, etc., are or will be equipped with credit card internal or external readers which will be able to identify whether a specific credit card 300 is activated. In other words, a credit transaction will be enabled only if the card was legally activated by its dedicated activation unit 350. According to the present invention if the vendor or seller is connected on-line with the credit computer, the card's details and its activation response will be transferred to the computer. Alternatively, the present invention provides secure credit transactions without a validation computer.
The present invention can also provide a secure method for cash withdrawal from cash ATMs. According to this embodiment, credit card 300 must make contact with activation unit 350 prior to insertion into the ATM. The ATM recognizes that legal card/device identification had been performed during the last few minutes. If not, the card will be confiscated by the ATM. This provides a novel and effective method to securing ATM cash withdrawals and in addition does not require the user to remember any fixed personal identification code (PIN) code.
Additional objects, advantages, and novel features of the present invention will become apparent to one ordinarily skilled in the art upon examination of the following examples, which are not intended to be limiting. Additionally, each of the various embodiments and aspects of the present invention as delineated hereinabove and as claimed in the claims section below finds experimental support in the following examples. EXAMPLES
Thus, reference is now made to the following examples, which together with the above descriptions, illustrate the invention in a non limiting fashion.
EXAMPLE 1
Initialization of the apparatus for securing credit card transactions
The initialization of the apparatus for securing credit card transactions according to the present invention, which is the final stage in its production, includes feeding therein the constant number associated with the card with which it is to operate, typically the card's 16 decimal digits number (64 bits in BCD form).
Figure 4 provides a flow diagram for this process. After starting the apparatus 60, the apparatus is connected to a constant number feeder or programmer, as indicated by box 62, e.g., via the interface of a microchip, and, the constant number is serially received and loaded 64 by the apparatus. A semaphore 66, is then operated, such that reprogramming a constant number into the apparatus in the future will be denied. The apparatus thus turns operable with a single given credit card and only with that card. Then, an operation number counter 68 is set to zero and the apparatus turns into a sleep mode 70. The apparatus is now ready for use in securing credit card transactions with its associated card.
EXAMPLE 2 The operation of the apparatus while executing credit card transactions
As shown in Figure 5, during the sleep mode 72 of the apparatus, both a fast recycling 11 bit timer (e.g., about 20 kHz) 74 and a delay timer (e.g., 1 Hz timer) 76, are incrementing.
When the activation device 78 is activated, then, if the operation number equals a predetermined maximal number of credit card transactions (operations) 80, say 250, then the display 82 displays "END" and the user is thereby informed that the apparatus is to be replaced by a new one. In this case, the apparatus enters a sleep mode 83.
If, on the other hand, the operation number is below the predetermined maximal number of operations, then, if the delay timer is below a predetermined time period, say 5 minutes, indicated by 84, "PAUS" is displayed 86, and the apparatus enters a sleep mode 90, whereas if the delay timer is above the predetermined time period, then, the delay timer is zeroed 86, the operation number is incremented one value 89, and a random binary number input of 11 bits is provided by the 11 bit timer.
The random binary number input of 11 bits is then checked for repeatability in a predetermined number of previous operations, say 16 previous operations, as indicated by 92 and 93.
If it appeared, as indicated by 91, the 11 bit timer is incremented again to provide another random 11 bits binary number input. If it did not appear, then the random binary number input provided is added to the numbers composing the list of numbers in previous operations, thereby removing therefrom the earliest number present 94.
As indicated by 96, "1" occupied bits of the 11 bits making the random binary number input, which is composed of "l "s and "0"s, are used as keys or pointers to pseudorandom tables each including 64 locations engaging, in a different pseudorandom order, 64 numerals of different values (0-63). Each table, at a time, is used to rearrange or reshuffle the 64 bits constant BCD number according to that table's pseudorandom order of numerals, such that the 64 bits BCD number is reshuffled a number of times which equals the number of "1" values in the 11 bit number, and according to different pseudorandom tables each associated with a different bit in the 11 bits number (maximum 11 times, by 11 different tables).
A polynominal function is then operated on the reshuffled 64 bits, to obtain a 16 bits number 98. Then, as indicated by 100, the first 8 bits of the 11 bits number are pseudorandomly dispersed among the 16 bits number according to 8 different possible dispersion orders preassociated with the 8 options (2^) for the remaining last 3 values of the 11 bits number. The resulting 24 bits number is transformed into a 7 digits decimal number and is displayed for 10 seconds 102, thereafter the apparatus returns to sleep mode 104. The 7 digits decimal number is the verification number output of the apparatus.
EXAMPLE 3 The operation of the authorization computer while executing credit card transactions
The authorization computer receives a query which includes the constant number associated with a credit card (the card's number) and the 7 decimal digits verification number obtained as described under Example 2 above.
As shown in Figure 6, after start 110, the authorization computer first validates the card 112, 114 according to criteria described hereinabove, such as the total number of uses and the frequency of use. If the card is invalid then an "ignore" response is issued 116.
If the card is valid, then, as indicated by 120, the 8 timer bits are extracted out of the 24 bits of the verification number according to eight different options, so as to obtain 8 optional random numbers. Using these optional random numbers, the procedure described under boxes 96, 98 and 100 of Figure 5 is independently performed for each, using the decryption algorithm and the card's constant number.
As indicated by 124, each of the resulting independently obtained optional verification number outputs is independently compared with the verification number input calculated by the encrypting algorithm of the apparatus, which was earlier received along with the constant card's number by the computer. If one of the optional verification number outputs equals the verification number input, then the transaction is valid and the process continues, whereas if none of them equals the verification number input, then authorization is denied and the bad attempt is recorded 126.
If the transaction is valid, the records are checked to determine whether the verification number was used in a predetermined number, say 16, of previous transactions 140, 142. If it was, an "ignore" response is issued 144 and the criminal attempt is marked 146. If it was not, then an "authorized" response 148 is issued and the verification number is added to the list of previously employed verification numbers 150.
EXAMPLE 4 Contacts between the micro-chip of the credit card and activation units
The six contacts described in this example enable the credit card to communicate with the various activation units (including card readers) which are further described in Example 6 hereinunder.
A first contact serves as a clock frequency input operating at, for example, 20 kHz. The clock frequency input is forwarded from an activation unit currently coupled to the card. This information is used to synchronize the serial data communication and also for the card's activities during coupling.
A second contact serves as a serial data input inputted from the activation unit currently attached to the card.
A third contact serves as a common grounding to the card and to the activation unit.
A fourth contact serves as a serial data output from the card to the activation unit coupled thereto. A fifth contact is an unconnected contact and can therefore serve for effecting one of the options for activation period measurements described in Example 5 that follows.
A sixth contact serves as a voltage supply input, provided by the activation unit to a card coupled therewith.
EXAMPLE 5 Methods to set the activation period of a credit card having an internal extinguishable power source First method:
According to the first method, a capacitor or a short term memory cell, integrated in the silicon micro-chip within the credit card, can be charged and store electric charge. The capacitor selected has a pre-designed current leakage so that it discharges over a time period of few minutes. In case of a successful coupling between a card and its activation unit, the capacitor or a short term memory cell is loaded with electric charge, indicating a legitimate activation confirmation. This electric charge, due to the slow leakage, is stored for few minutes, and then the capacitor or a short term memory cell discharges thus ending the activation period.
Second method: According to the second method, the fifth contact of the micro-chip, which is described in Example 4 above, has a very high input impedance. A thin external 1 μF capacitor is connected to this input pin and is charged by the pin in case of a successful activation. This capacitor, together with the high input impedance, holds its charge for a few minutes. In this case the chip must be protected against the CMOS latch-up effect.
Third Method: According to the third method, an external capacitor or a short term memory cell for low voltage, made of a very thin dielectric, with about 470 μF is employed. This capacitor serves as the power source of the entire micro-chip, for the few minutes after the coupling to the activation unit. The micro-chip consumes less than 4 μA and thus can activate an internal timer for a few minutes until the capacitor is discharged.
EXAMPLE 6 Operation of a credit card when coupled to various activation units
The credit card according to the present invention can be momentarily coupled to any one of several types of activation units (or readers) as further described herein. During coupling, the activating unit supplies the power and clock frequency required for the credit card operation. The credit card and the unit coupled thereto exchange data in a serial protocol initiated by the unit which first sends a few bits of identification to the credit card.
For example, a "data loader" device can be used to load the credit card number and additional optional information into the card, is identified by a unique code, say "000", deliverable to the card upon activation thereof. Similarly, an activation unit as described above is identified by a different unique code, say "001", deliverable to the card upon activation thereof. Still similarly, various smart card readers are identified by yet another unique code, say "010", deliverable to the card upon activation thereof. Thus, a card according to the present invention can determine the type of activation unit with which it is couplable. Some units, say ATMs, public telephone devices, etc., which are used by the general public are compatible with a plurality of credit cards, whereas other, which are personal are rendered compatible with a specific credit card.
Credit card operation when coupled with a data loader: As mentioned hereinabove, prior to the provision of the credit card and the activation unit to the card holder, both are loaded with the credit card number and optional additional data. The card is loaded with the card's identification number which is typically identical to the number embossed on its surface. It can be loaded with more details, such as the holder's name and bank account number. The activation unit is loaded with the same credit card identification number only. It will be appreciated that according to a preferred embodiment of the present invention any credir card of a plurality of cards which are solely owned by a single card holder, are preferably activatable and protected by a single unit. Both devices then set off an internal security flag which prevents any future attempt by anyone to reload the information.
Credit card operation when coupled with its paired activation unit: In principle, for the highest security, the encrypted data exchanged between the credit card and the activation unit must be different for each new activation process, as well as for every card-unit pair. One can implement different encryption schemes, but in this example the random verification code of the present invention is preferably used, all as further detailed above.
Credit card 300 operation when connected to a card reader device at point of sales, ATMs, public telephone, etc.: In principle, for maximum security, the encrypted data exchanged between the credit card and credit card reader must be different for each new transaction and for different credit cards. One can implement different encryption schemes, but, in this example, again, the random verification code of the present invention is employed, all as further detailed above. Although the invention has been described in conjunction with specific embodiments thereof, it is evident that many alternatives, modifications and variations will be apparent to those skilled in the art. Accordingly, it is intended to embrace all such alternatives, modifications and variations that fall within the spirit and broad scope of the appended claims.

Claims

WHAT IS CLAIMED IS:
1. An apparatus for securing credit card transactions, the apparatus comprising:
(a) a randomizing module for providing a random number input for every new credit card transaction;
(b) an encryption algorithm stored in said apparatus for encrypting input data, said input data including said random number input being provided by said randomizing module and a constant number input specific to a given credit card, said encryption algorithm being complementary to a decryption algorithm stored in an authorization computer;
(c) a display device; and
(d) a processing module for processing said encryption algorithm and said input data to produce a verification number output, which is visually displayed by said display device, for conveyance as a verification number input to the authorization computer which:
(i) by using the decryption algorithm, decrypts said verification number input for deciphering said random number input;
(ii) using said deciphered random number input, independently encrypts said constant number input to independently obtain an independently obtained verification number output; and
(iii) tests the correspondence of said independently obtained verification number output with said verification number input encrypted by said encryption algorithm for determining whether a given credit card transaction is to be authorized.
2. The apparatus of claim 1, wherein said constant number input specific to said given credit card is said card's number.
3. The apparatus of claim 1, wherein said random number input provided by said randomizing module is first compared to a predetermined number of previous random number inputs and if it equals any of said previous random number inputs, said randomizing module provides a different random number input.
4. The apparatus of claim 1, further comprising an activation device for activating said randomizing module to provide said random number input and further for activating said processing module to produce said verification number output.
5. The apparatus of claim 1, wherein said randomizing module is a recycling timer.
6. The apparatus of claim 4, wherein said activation device includes an activation pad which requires the entry of an identification code in order to activate said randomizing module to provide said random number input and to activate said processing module to produce said verification number output.
7. The apparatus of claim 4, wherein said activation device includes at least two separated pressable keys, which are to be pressed in a predetermined sequence in order to operate the activation device.
8. The apparatus of claim 1, further comprising a memory module for storing data.
9. The apparatus of claim 1, wherein the apparatus forms an integral part of a credit card.
10. The apparatus of claim 1, wherein the apparatus is designed to be removably connectable to a credit card.
11. The apparatus of claim 1, wherein said processing module is a microchip by which said encryption algorithm is processed, said microchip includes an interface, said interface serves to feed said constant number input specific to said given credit card into said apparatus during a final stage of its production.
12. The apparatus of claim 1, wherein said encryption algorithm includes pseudo-random functions and employs said random number input as an encryption key operated on said constant number input via said pseudo-random functions for generating said verification number output.
13. The apparatus of claim 12, wherein in its binary coded decimal form said verification number output encrypts a binary coded decimal form of said constant number and of a pseudorandomly dispersed binary form of said random number.
14. The apparatus of claim 13, wherein said pseudorandomly dispersed binary form of said random number is a pseudorandomly dispersed in one of a preselected number of a pseudorandomly dispersion forms.
15. An authorization computer for authorizing credit card transactions, the computer comprising:
(a) a decryption algorithm stored in the authorization computer for decrypting a random number being encrypted in a verification number input and further for independently encrypting a constant number input specific to a given credit card, both being conveyed to the authorization computer, said verification number input being an output of an encryption algorithm, which is stored in, and executed by, an apparatus for securing credit card transactions, when operating on said random number input randomly provided for every new credit card transaction by a randomizing module of said apparatus and said constant number input specific to said given credit card, said encryption algorithm being complementary to said decryption algorithm; and
(b) a processing module for processing said encryption algorithm and said verification number and constant number inputs, whereby:
(i) by using the decryption algorithm, said processing module decrypts said verification number input for deciphering said random number input;
(ii) using said deciphered random number input, said processing module independently encrypts said constant number input to independently obtain an independently obtained verification number output; and
(iii) said processing module tests the correspondence of said independently obtained verification number output with said verification number input encrypted by said encryption algorithm for determining whether a given credit card transaction is to be authorized.
16. The authorization computer of claim 1, wherein the authorization computer authorizes a given credit card transaction on at least one basis selected from the group consisting of:
(i) whether the independently obtained verification number output corresponds with said given credit card;
(ii) whether a given verification number input was employed in a predetermined number of previous credit card transactions, wherein if it was, authorization is denied;
(iii) whether a predetermined time period elapsed from the last credit card transaction, wherein if the time period elapsed from the last credit card transaction is below said predetermined time period, authorization is denied;
(iv) whether a predetermined maximal number of credit card transactions has been attempted or executed, wherein if a total number of credit card transactions equals said predetermined maximal number of credit card transactions, authorization of a next transaction is denied;
(v) whether a predetermined maximal number of credit card transactions per day has been attempted or executed, wherein if a total number of credit card transactions per day equals said predetermined maximal number of credit card transactions per day, authorization of a next transaction is denied; and
(vi) whether in a predetermined number of successive cases the independently obtained verification number output failed to correspond with said given credit card, wherein if a number of successive cases in which the independently obtained verification number output failed to correspond with said given credit card equals said predetermined number of successive cases, authorization of a next transaction is denied.
17. A system for securing credit card transactions, the system comprising:
(a) an apparatus for securing credit card transactions, the apparatus including:
(i) a randomizing module for providing a random number input for every new credit card transaction;
(ii) an encryption algorithm stored in said apparatus for encrypting input data, said input data including said random number input being provided by said randomizing module and a constant number input specific to a given credit card, said encryption algorithm being complementary to a decryption algorithm stored in an authorization computer;
(iii) a display device; and
(vi) a first processing module for processing said encryption algorithm and said input data to produce a verification number output, which is visually displayed by said display device, for conveyance as a verification number input to the authorization computer; and (b) an authorization computer for authorizing credit card transactions, the authorization computer including:
(i) a decryption algorithm stored in the authorization computer for decrypting said random number being encrypted in said verification number input and further for independently encrypting said constant number input specific to said given credit card, said verification number input being an output of said encryption algorithm, which is stored in, and executed by, said apparatus for securing credit cafd transactions, when operating on said random number input randomly provided for every new credit card transaction by said randomizing module of said apparatus and said constant number input specific to said given credit card, said decryption algorithm being complementary to said encryption algorithm; and
(ii) a second processing module for processing said decryption algorithm and said verification number and constant number inputs, whereby:
(a) by using the decryption algorithm, said processing module decrypts said verification number input for deciphering said random number input;
(b) using said deciphered random number input, said processing module independently encrypts said constant number input to independently obtain an independently obtained verification number output; and
(c) said processing module tests the correspondence of said independently obtained verification number output with said verification number input encrypted by said encryption algorithm for determining whether a given credit card transaction is to be authorized.
18. The system of claim 17, wherein said constant number input specific to said given credit card is said card's number.
19. The system of claim 17, wherein said random number input provided by said randomizing module is first compared to a predetermined number of previous random number inputs and if it equals any of said previous random number inputs, said randomizing module provides a different random number input.
20. The system of claim 17, wherein said apparatus further includes an activation device for activating said randomizing module to provide said random number input and further for activating said processing module to produce said verification number output.
21. The system of claim 17, wherein said randomizing module is a recycling timer.
22. The system of claim 20, wherein said activation device includes an activation pad which requires the entry of an identification code in order to activate said randomizing module to provide said random number input and to activate said processing module to produce said verification number output.
23. The system of claim 20, wherein said activation device includes at least two separated pressable keys, which are to be pressed in a predetermined sequence in order to operate the activation device.
24. The system of claim 17, wherein said apparatus further includes a memory module for storing data.
25. The system of claim 17, wherein the apparatus for securing credit card transactions forms an integral part of a credit card.
26. The system of claim 17, wherein the apparatus is designed to be removably connectable to a credit card.
27. The system of claim 17, wherein said processing module is a microchip by which said encryption algorithm is processed, said microchip includes an interface, said interface serves to feed said constant number input specific to said given credit card into said apparatus during a final stage of its production.
28. The system of claim 17, wherein said encryption algorithm includes pseudo-random functions and employs said random number input as an encryption key operated on said constant number input via said pseudo-random functions for generating said verification number output.
29. The system of claim 28, wherein in its binary coded decimal form said verification number output encrypts a binary coded decimal form of said constant number and of a pseudorandomly dispersed binary form of said random number, whereas said decryption algorithm includes complementary pseudorandom functions and by operating said complementary pseudo-random functions on said verification number input while considering said pseudorandomly dispersed binary form of said random number, said decryption algorithm deciphers said random number input, which is then used to independently encrypt said constant number input and to compare a result thereof with said verification number input.
30. The system of claim 29, wherein said pseudorandomly dispersed binary form of said random number is dispersed in one of a preselected number of optional dispersion forms, whereas by operating said complementary pseudorandom functions on said verification number input while considering said pseudorandomly dispersed binary optional forms of said random number, said decryption algorithm deciphers said optional random number inputs, which are then used independently to independently encrypt said constant number input and to compare a result thereof with said verification number input.
31. The system of claim 17, wherein the authorization computer authorizes a given credit card transaction on at least one basis selected from the group consisting of:
(i) whether the independently obtained verification number output corresponds with said given credit card; (ii) whether a given verification number input was employed in a predetermined number of previous credit card transactions, wherein if it was, authorization is denied;
(iii) whether a predetermined time period elapsed from the last credit card transaction, wherein if the time period elapsed from the last credit card transaction is below said predetermined time period, authorization is denied;
(iv) whether a predetermined maximal number of credit card transactions has been attempted or executed, wherein if a total number of credit card transactions equals said predetermined maximal number of credit card transactions, authorization of a next transaction is denied;
(v) whether a predetermined maximal number of credit card transactions per day has been attempted or executed, wherein if a total number of credit card transactions per day equals said predetermined maximal number of credit card transactions per day, authorization of a next transaction is denied; and
(vi) whether in a predetermined number of successive cases the independently obtained verification number output failed to correspond with said given credit card, wherein if a number of successive cases in which the independently obtained verification number output failed to correspond with said given credit card equals said predetermined number of successive cases, authorization of a next transaction is denied.
32. A method for securing credit card transactions, the method comprising the steps of:
(a) requiring the provision of a verification number input to an authorization computer, said verification number input being obtained as a verification number output of an encryption algorithm for encrypting input data, said encryption algorithm being stored in, and executed by, an apparatus for securing credit card transactions, said input data including a random number input randomly provided for every new credit card transaction and a constant number input specific to a given credit card;
(b) using a processing module in said authorization computer for operating a decryption algorithm, being stored in said authorization computer, on said verification number input, said decryption algorithm being complementary to said encryption algorithm, to thereby
(i) decrypt said verification number input for deciphering said random number input; and (ii) independently encrypt said constant number input to independently obtain an independently obtained verification number output; and (c) testing the correspondence of said independently obtained verification number output with said verification number input encrypted by said encryption algorithm for determining whether a given credit card transaction is to be authorized.
33. The method of claim 32, wherein said constant number input specific to said given credit card is said card's number.
34. The method of claim 32, wherein said random number input provided by said randomizing module is first compared to a predetermined number of previous random number inputs and if it equals any of said previous random number inputs, said randomizing module provides a different random number input.
35. The method of claim 32, wherein said apparatus further includes an activation device for activating said randomizing module to provide said random number input and further for activating said processing module to produce said verification number output.
36. The method of claim 32, wherein said randomizing module is a recycling timer.
37. The method of claim 35, wherein said activation device includes an activation pad which requires the entry of an identification code in order to activate said randomizing module to provide said random number input and to activate said processing module to produce said verification number output.
38. The method of claim 35, wherein said activation device includes at least two separated pressable keys, which are to be pressed in a predetermined sequence in order to operate the activation device.
39. The method of claim 32, wherein said apparatus further includes a memory module for storing data.
40. The method of claim 32, wherein the apparatus for securing credit card transactions forms an integral part of a credit card.
41. The method of claim 32, wherein the apparatus is designed to be removably connectable to a credit card.
42. The method of claim 32, wherein said processing module is a microchip by which said encryption algorithm is processed, said microchip includes an interface, said interface serves to feed said constant number input specific to said given credit card into said apparatus during a final stage of its production.
43. The method of claim 32, wherein said encryption algorithm includes pseudo-random functions and employs said random number input as an encryption key operated on said constant number input via said pseudo-random functions for generating said verification number output.
44. The method of claim 43, wherein in its binary coded decimal form said verification number output encrypts a binary coded decimal form of said constant number and of a pseudorandomly dispersed binary form of said random number, whereas said decryption algorithm includes complementary pseudorandom functions and by operating said complementary pseudo-random functions on said verification number input while considering said pseudorandomly dispersed binary form of said random number, said decryption algorithm deciphers said random number input, which is then used to independently encrypt said constant number input and to compare a result thereof with said verification number input.
45. The method of claim 44, wherein said pseudorandomly dispersed binary form of said random number is dispersed in one of a preselected number of optional dispersion forms, whereas by operating said complementary pseudorandom functions on said verification number input while considering said pseudorandomly dispersed binary optional forms of said random number, said decryption algorithm deciphers said optional random number inputs, which are then used independently to independently encrypt said constant number input and to compare a result thereof with said verification number input.
46. The method of claim 32, wherein the authorization computer authorizes a given credit card transaction on at least one basis selected from the group consisting of:
(i) whether the independently obtained verification number output corresponds with said given credit card;
(ii) whether a given verification number input was employed in a predetermined number of previous credit card transactions, wherein if it was, authorization is denied;
(iii) whether a predetermined time period elapsed from the last credit card transaction, wherein if the time period elapsed from the last credit card transaction is below said predetermined time period, authorization is denied;
(iv) whether a predetermined maximal number of credit card transactions has been attempted or executed, wherein if a total number of credit card transactions equals said predetermined maximal number of credit card transactions, authorization of a next transaction is denied;
(v) whether a predetermined maximal number of credit card transactions per day has been attempted or executed, wherein if a total number of credit card transactions per day equals said predetermined maximal number of credit card transactions per day, authorization of a next transaction is denied; and
(vi) whether in a predetermined number of successive cases the independently obtained verification number output failed to correspond with said given credit card, wherein if a number of successive cases in which the independently obtained verification number output failed to correspond with said given credit card equals said predetermined number of successive cases, authorization of a next transaction is denied.
47. The method of claim 32, wherein the credit card transactions are selected from the group consisting of an over the counter transaction, a telephone transaction, an internet transaction, a cable net transaction and a pay phone transaction.
48. A system for preventing the fraudulent use of a credit account comprising:
(a) a credit card, including an internal activating device being for activating said credit card, such that when activated said credit card is usable for a predetermined time period; and
(b) an activating unit removably couplable to said credit card, and communicable with said internal activating device, said activating unit, when connected to said credit card, being for activating said internal activating device of said credit card, so as to allow the use of said credit card in credit transactions for said predetermined time period.
49. The system of claim 48, wherein said internal activating device includes an extinguishable power source, said extinguishable power source when charged by said activating unit activates said credit card for said predetermined time period so as to allow the use thereof in credit transactions.
50. The system of claim 49, wherein said extinguishable power source of said credit card is a capacitor or a short term memory cell.
51. The system of claim 48, wherein said time period is determined by a user of said credit card.
52. The system of claim 48, wherein said activating unit further includes a display for displaying information pertaining to said credit card to a user thereof.
53. The system of claim 48, wherein said activation of said credit card is effected upon the removal thereof from said activating unit following activation of said internal activating device.
54. The system of claim 52, wherein said activation of said credit card is effected by generation of a transaction number on said display and a use thereof in an independent communication platform for conducting a credit transaction.
55. The system of claim 54, wherein said independent communication platform is selected from the group consisting of a computer network, a telephony network and a cable network.
56. The system of claim 48, wherein said activating unit further includes a verification device for verifying compatibility of a credit card coupled thereto, whereas only if said credit card coupled thereto is compatible therewith said internal activation device becomes operative.
57. The system of claim 56, wherein said verification device includes a user operable keypad through which verification is effected.
58. The system of claim 56, wherein said verification device is a microchip, said microchip serves for establishing verification upon specific recognition between said credit card and said activating unit.
59. A method for preventing the fraudulent use of a credit account the method comprising the steps of:
(a) providing a system including:
(i) a credit card, including an internal activating device being for activating said credit card, such that when activated said credit card is usable for a predetermined time period; and
(ii) an activating unit removably couplable to said credit card, and communicable with said internal activating device, said activating unit, when coupled to said credit card, being for activating said internal activating device of said credit card; and
(b) activating said internal activating device of said credit card to allow the use thereof in credit transactions for a predetermined time period, thereby preventing the fraudulent use of a credit account credited via the use of said credit card.
60. The method of claim 59, wherein said internal activating device includes an extinguishable power source, said extinguishable power source when charged by said activating unit activates said credit card for said predetermined time period so as to allow the use thereof in credit transactions.
61. The method of claim 60, wherein said extinguishable power source of said credit card is a capacitor or a short term memory cell.
62. The method of claim 59, wherein said time period is determined by a user of said credit card.
63. The method of claim 59, wherein said activating unit further includes a display for displaying information pertaining to said credit card to a user thereof.
64. The method of claim 59, wherein said activation of said credit card is effected upon the removal thereof from said activating unit following activation of said internal activating device.
65. The method of claim 63, wherein said activation of said credit card is effected by generation of a transaction number on said display and a use thereof in an independent communication platform for conducting a credit transaction.
66. The method of claim 65, wherein said independent communication platform is selected from the group consisting of a computer network, a telephony network and a cable network.
67. The method of claim 59, wherein said activating unit further includes a verification device for verifying compatibility of a credit card coupled thereto, whereas only if said credit card coupled thereto is compatible therewith said internal activation device becomes operative.
68. The method of claim 67, wherein said verification device includes a user operable keypad through which verification is effected.
69. The method of claim 67, wherein said verification device is a microchip, said microchip serves for establishing verification upon specific recognition between said credit card and said activating unit.
70. A device for preventing the fraudulent use of a credit account comprising an activating unit removably couplable to a credit card, and communicable with an internal activating device of said credit card, said activating unit, when connected to said credit card, serves for activating said internal activating device of said credit card, so as to allow the use of said credit card in credit transactions for said predetermined time period.
71. The device of claim 70, wherein said time period is determined by a user of the device.
72. The device of claim 70, wherein said activating unit further includes a display for displaying information pertaining to said credit card to a user thereof.
73. The device of claim 70, wherein said activation of said credit card is effected upon the removal thereof from said activating unit following activation of said internal activating device.
74. The device of claim 72, wherein said activation, of said credit card is effected by generation of a transaction number on said display and a use thereof in an independent communication platform for conducting a credit transaction.
75. The device of claim 74, wherein said independent communication platform is selected from the group consisting of a computer network, a telephony network and a cable network.
76. The device of claim 70, wherein said activating unit further includes a verification device for verifying compatibility of a credit card coupled thereto, whereas only if said credit card coupled thereto is compatible therewith said internal activation device becomes operative.
77. The device of claim 76, wherein said verification device includes a user operable keypad through which verification is effected.
78. The device of claim 76, wherein said verification device is a microchip, said microchip serves for establishing verification upon specific recognition between said credit card and said activating unit.
PCT/IL1999/000302 1998-06-11 1999-06-07 Method, apparatus and system for securing credit card transactions WO1999064956A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU41621/99A AU4162199A (en) 1998-06-11 1999-06-07 Method, apparatus and system for securing credit card transactions

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
IL12486198A IL124861A0 (en) 1998-06-11 1998-06-11 Method and apparatus for securing credit card transactions
IL124861 1998-06-11
US10205298P 1998-09-28 1998-09-28
US60/102,052 1998-09-28

Publications (1)

Publication Number Publication Date
WO1999064956A1 true WO1999064956A1 (en) 1999-12-16

Family

ID=26323652

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IL1999/000302 WO1999064956A1 (en) 1998-06-11 1999-06-07 Method, apparatus and system for securing credit card transactions

Country Status (2)

Country Link
AU (1) AU4162199A (en)
WO (1) WO1999064956A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8650103B2 (en) 2001-10-17 2014-02-11 Ebay, Inc. Verification of a person identifier received online

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4281215A (en) * 1978-05-03 1981-07-28 Atalla Technovations Method and apparatus for securing data transmissions
US4742351A (en) * 1985-07-12 1988-05-03 Casio Computer Co., Ltd. IC card system
US4766293A (en) * 1986-06-26 1988-08-23 Visa International Service Association Portable financial transaction card capable of authorizing a transaction in foreign currencies
US4827113A (en) * 1984-10-19 1989-05-02 Casio Computer Co., Ltd. Technique for authenticating IC card and terminal
US4868372A (en) * 1985-12-23 1989-09-19 Hitachi, Ltd. Erroneous-operation preventive apparatus
US4974193A (en) * 1987-03-04 1990-11-27 Siemens Aktiengesellschaft Circuit arrangement for protecting access to a data processing system with the assistance of a chip card
US5017766A (en) * 1987-11-13 1991-05-21 Kabushiki Kaisha Toshiba Portable electronic apparatus capable of confirming validity of transaction data
US5068894A (en) * 1989-08-22 1991-11-26 U.S. Philips Corp. Method of generating a unique number for a smart card and its use for the cooperation of the card with a host system
US5317636A (en) * 1992-12-09 1994-05-31 Arris, Inc. Method and apparatus for securing credit card transactions
US5478994A (en) * 1994-07-13 1995-12-26 Rahman; Sam Secure credit card which prevents unauthorized transactions

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4281215A (en) * 1978-05-03 1981-07-28 Atalla Technovations Method and apparatus for securing data transmissions
US4827113A (en) * 1984-10-19 1989-05-02 Casio Computer Co., Ltd. Technique for authenticating IC card and terminal
US4742351A (en) * 1985-07-12 1988-05-03 Casio Computer Co., Ltd. IC card system
US4868372A (en) * 1985-12-23 1989-09-19 Hitachi, Ltd. Erroneous-operation preventive apparatus
US4766293A (en) * 1986-06-26 1988-08-23 Visa International Service Association Portable financial transaction card capable of authorizing a transaction in foreign currencies
US4974193A (en) * 1987-03-04 1990-11-27 Siemens Aktiengesellschaft Circuit arrangement for protecting access to a data processing system with the assistance of a chip card
US5017766A (en) * 1987-11-13 1991-05-21 Kabushiki Kaisha Toshiba Portable electronic apparatus capable of confirming validity of transaction data
US5068894A (en) * 1989-08-22 1991-11-26 U.S. Philips Corp. Method of generating a unique number for a smart card and its use for the cooperation of the card with a host system
US5317636A (en) * 1992-12-09 1994-05-31 Arris, Inc. Method and apparatus for securing credit card transactions
US5478994A (en) * 1994-07-13 1995-12-26 Rahman; Sam Secure credit card which prevents unauthorized transactions

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8650103B2 (en) 2001-10-17 2014-02-11 Ebay, Inc. Verification of a person identifier received online

Also Published As

Publication number Publication date
AU4162199A (en) 1999-12-30

Similar Documents

Publication Publication Date Title
JP5050066B2 (en) Portable electronic billing / authentication device and method
CA2010345C (en) Multilevel security apparatus and method with personal key
US7089214B2 (en) Method for utilizing a portable electronic authorization device to approve transactions between a user and an electronic transaction system
US5475756A (en) Method of authenticating a terminal in a transaction execution system
US20140279555A1 (en) Dynamically allocated security code system for smart debt and credit cards
US20050029349A1 (en) Bio-metric smart card, bio-metric smart card reader, and method of use
EP2339550A1 (en) One-Time password credit/debit card
US20080048024A1 (en) Accommodating multiple users of a secure credit card
WO2001071516A1 (en) Method and apparatus for personal identification
US20010027116A1 (en) Electronic wallet
US20120166344A1 (en) Secure wireless payment system and method thereof
EP2787475A2 (en) Dynamically generated security code system for smart, debit and credit cards
CN101236673B (en) Method for accomplishing electronic purse off-line charging, complex function card and authorization carrier
JP5923727B2 (en) Information processing system
KR20070117371A (en) Apparatus for generating random numbers for object oriented otp
WO1999064956A1 (en) Method, apparatus and system for securing credit card transactions
JP2003323599A (en) Smart card and smart card system
JP4729187B2 (en) How to use card management system, card holder, card, card management system
JPH0778281A (en) Portable terminal and communication system for disposing money
CN110766383B (en) Digital wallet supporting anonymous or real-name offline transaction and use method
JPH10294727A (en) Data collation method
KR100187518B1 (en) Authentication apparatus of ic card terminal using dual card
JPH11167664A (en) Settlement method and system using ic card
KR100198825B1 (en) Electronic money-bag terminal
KR20010100750A (en) certification and payment device for m-commerce, system and method using the same

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AL AM AT AU AZ BA BB BG BR BY CA CH CN CU CZ DE DK EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT UA UG US UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GH GM KE LS MW SD SL SZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

122 Ep: pct application non-entry in european phase