Abstract: An authentication system includes a portable information device, such as a smart card, that is configured to store and process multiple different applications. The smart card is assigned its own digital certificate which contains a digital signature from a trusted certifying authority and a unique public key. Each of the applications stored on the smart card is also assigned an associated certificate having the digital signature of the certifying authority. The system further includes a terminal that is capable of accessing the smart card. The terminal has at least one compatible application which operates in conjunction with an application on the smart card. The terminal is assigned its own certificate which also contains the digital signature from the trusted certifying authority and a unique public key. Similarly, the application on the terminal is given an associated digital certificate. During a transactional session, the smart card and terminal exchange their certificates to authenticate one another. Thereafter, a smart card application is selected and the related certificates for both the smart card application and the terminal application are exchanged between the smart card and terminal to authenticate the applications. Additionally, the cardholder enters a unique PIN into the terminal. The PIN is passed to the smart card for use in authenticating the cardholder. The three-tiered authentication system promotes security in smart card transactions.

Abstract: A multi-application data card is capable of substituting for a plurality of existing single-application data cards. The multi-application data card is preferably a smart card recording data relating to a card user and a plurality of card issuers. The following fields are associated with each card issuer: an application code field indicating a type of application provided for the user by the issuer; a PIN field identifying the user; an access code field whereby the card issuer can have access to the fields associated with that issuer but not to fields associated with any other issuer; an account number field; an expiration date field; and a miscellaneous data field provided for the issuer to record additional data to facilitate its operations. The fields associated with each issuer are separate from the fields associated with every other issuer.

Abstract: A universal financial data card for compiling and storing financial transaction records pertaining to a plurality of financial accounts. The financial transaction records are compiled from financial transaction data communicated between the universal financial data card and a card reader. The universal financial data card includes a memory circuit for storing holder data pertaining to a holder of the universal financial data card. The memory circuit further stores account data pertaining to the plurality of financial accounts and the financial transaction records pertaining to the plurality of financial accounts. Further, the universal financial data card includes a processor coupled to the memory circuit. There is also provided a data exchange circuit coupled to the processor. The data exchange circuit permits the universal financial data card to receive first selected data from the card reader and to send second selected data to the card reader during a financial transaction pertaining a selected one of the plurality of financial accounts, wherein the processor, responsive to the first selected data, compiles a transaction record related to the financial transaction pertaining the selected one of the plurality of financial accounts for storage in the memory circuit.

Abstract: A method and system for placing an order charged to a credit card, over an unsecured network. The customer completing an order for goods or services enters information required for the order, such as the shipping and billing addresses and identification of the goods, but enters only a subset of the credit card account number to which the order is to be charged. The order is transmitted over the Internet or other network to a remote merchant location (32) from a customer's location (10). A computer (38) at the remote merchant location processes the order to extract the data provided by the customer for storage in a database (40). During a subsequent telephone call to the remote merchant location, the customer enters the complete credit card number, preferably on a touch-tone keypad (28). The touch-tone signals are processed by an automated attendant system (44) for input of the complete credit card number into the computer. Using the portion of the complete credit card number that corresponds to the subset entered by the customer on the order form, the computer identifies the order previously placed and inserts the complete credit card number in the order data stored on the database to finalize the order.

Abstract: A system for the application of a trading card metaphor to a disassociated computer program and the unique design of several hardware and software systems supports and enhances collecting, trading, game playing, and creating of digital electronic trading cards by taking the traditional trading card metaphor and uniquely updating and enhancing it for application in consumer digital media. An electronic hardware and software architecture for electronic trading cards (ETCs) has a number of components that function together as a system that support making electronic trading cards, trading electronic trading cards, activities (such as game playing) with electronic trading cards, and collecting electronic trading cards. The ETC format is embodied in the components of the electronic trading card system, which are designed to generate and accept a common proprietary electronic trading card format, so that, for example, a card created in a card-making application can be recognized by an electronic trading card album. The card format supports both scarcity and authenticity, which are essential to card collecting and trading, within a disassociated computer code segment.

Abstract: Systems and methods for providing secure electronic financial transactions characterized in that money is electronically stored on a plurality of smart cards. A plurality of smart cards are each equipped with an electronic security wall having a closed state and an open state. In the closed state, the smart card is disabled from participating in financial transactions, and in the open state, the smart card may participate in financial transactions. A security key smart card is equipped with a first security key for changing the state of the electronic security wall from the open state to the closed state, and a second security key for changing the state of the electronic security wall from the closed state to the open state. Financial transactions include, for example, electronically transferring money between a bank center and a smart card; electronically transferring money between the first and second smart cards; checking the amount of money stored on a smart card; and adding interest to the amount of money stored on the smart card.

Abstract: Method and apparatus for processing payment transactions using debit card numbers without the requirement of a personal identification number (PIN) is disclosed. A telepay system of the present invention provides an interface between a standard touchtone telephone and at least one debit card network such that real-time bill payment transactions may be effected using a keypad of the telephone. The telepay system includes an interactive voice response unit for prompting a payor to enter an access code, account number, debit card number and payment amount and for informing the user of the status of the transaction. Real-time processing of transactions is provided through use of debit card networks, rather than the Automated Clearing House. The telepay system is also capable of performing settlement functions and processing inquiries by payees of the system regarding previously processed transactions.

Abstract: A system is provided which uses a pre-purchased card having an identity number to make long distance telephone calls or to order services over a landline telephone system. When long distance telephone calls are being purchased, the agent selling the card has the option of selecting the long distance Interexchange Carriers to be used. The present system also allows the card purchaser to select his or her own long distance carriers. In the alternative, the card ID can be used in the same manner as a credit card if the system has the capacity to carry out the necessary transactions to check the credit worthiness of the user.

Abstract: Disclosed is a multi-purpose transaction card system comprising an issuer (101), one or more cards (102), one or more terminals (103), and optionally one or more acquirers (104), communicating using a variety of cryptographic confidentiality and authentication methods. Cards authenticate messages using public-key based cryptographic without themselves performing the extensive computations usually associated with such cryptography. Integrity of complex transaction sequences and plural card storage updates are maintained, even under intentionally generated interruptions and/or modifications of data transmitted between card and terminal. Cards do not reveal any information to the terminal which is not directly necessary for the transaction or any information to which the terminal should not have access, through externally measureable aspects of its behaviour. Transaction types supported include those suitable for off-line credit cards, in which the 'open to buy' is maintained on the card.

Abstract: Telephone debit cards are automatically vended through a microprocessor controlled vending machine which permits card payment in cash and credit. The customer can select a desired telephone card value and a desired telecommunications carrier. Prepaid and printed cards are dispensed. Optionally, printed receipts are dispensed including an access code and prepaid value. The vending machine generated real-time communications with an electronics funds clearing house for customer validity and funds approval. After electronics transfer of funds to the machine, the telephone debit card is dispensed and funds are electronically transferred to the selected telecommunications carrier via real-time communications with the carrier for electronic transfer of the card value thus permitting immediate use of the telephone card by the customer.

Abstract: A system and method for controlling and monitoring credit card transactions of a vending machine which dispenses and or encodes prepaid cards. Means are provided for reading magnetically stored information from a credit card, receiving an authorization amount for the transaction from a credit verification source which is external to the vending machine, storing the authorization amount, selecting a prepaid amount to be encoded on a prepaid card, determining whether a selected prepaid amount is below a maximum allowed transaction amount, controlling the encoding of a prepaid card in response to a selected prepaid amount, and storing transaction information corresponding to the operation of the prepaid card vending machine and the magnetic information from the credit card.

Abstract: A method for automatically converting a promotional calling card to a permanent calling card by an operator services system (OSS) is disclosed. A promotional calling card call received in the OSS is validated by obtaining card product-type data and card information data from a calling card validation database. Upon depletion of a non-billed promotional balance, the caller using a promotional calling card is presented with the option of being connected to a customer services representative by the OSS for arranging billing for future use of the card. User convenience is enhanced since the promotional calling card number is also used as the permanent calling card number after billing arrangements are made via the customer service representative.

Abstract: A security device for use in a card charging system where a service or product providing facility issues services or products by the use of credit from a card. The security device comprises signal transmission means for delivering signals to a purchasing facility to enable a user to acquire a service or product dependent on the credit debited from a card, a record keeping subsystem to certify the credit debited from the card and to identify which account is to receive the debited credit and signal processing and output means for generating signals indicating a successful transaction. The signals may be encoded by use of encryption techniques. A separable security subsystem is provided to ensure a record of transactions is available if power fails on the main security device.

Abstract: A universal electronic transaction card ('UET card') serves as a number of different cards for banking, identification and the like. The UET card includes storage means (34), inputting and display means (30), processing means (33) and communication means (38). The display is a touch sensitive display which provides a number of menus to select the type of card to use for a transaction. After the choice is made, a graphic image appears on the display which looks like the face of the card, including the account number, user's name, the name of the credit card company and its logo. Thereafter, the user presents the UET card to the point of sales terminal for a sales transaction. The sales transaction information is transferred and stored in the UET card by the point of sales terminal to eliminate paper receipts and facilitate future storage, verification and analysis.

Abstract: A computer network for allowing individual users to access the internet comprises a central unit and a plurality of individual terminals located at separate spaced locations, at least which are accessible to the public. Each public accessible unit includes a touch screen monitor/keyboard, central processing unit, telephone line communication through a modem and a system for payment of funds by the public for use of the system. Payment can be made by a card reader, bill reader or a coin reader.

Abstract: An IC card for credit transactions and a credit transactions apparatus and method using the IC card are provided. In an IC card for credit transactions includes a data memory portion and a controlling portion for reading out or recording data in the data memory portion, the data memory portion includes a user information area for recording information on the identification of a user, a transaction limit information area for recording information on the off-line transaction limit of the user, and a transaction particulars information area being divided into a plurality of sub-areas and for recording information on the transaction particulars of the user. Transactions using the credit card within the usage limit range set according to the credit rating of a customer are processed off-line, so as to reduce not only the load applied to the host system of the credit card company caused by the on-line transaction but also the time delay by the transaction approval, while minimizing losses (due to non-payment) of a credit card company and retail outlets caused by off-line usage by additionally recording special information on the IC card, such as delinquent payments, to restrict off-line credit transactions.

Abstract: A method of conducting a transaction between a chip card and an information system protects against fraud and malfunction during the transaction. The method involves a multi-step recording procedure wherein the transaction is first temporarily recorded in the chip card and the information system, and then later is definitively recorded after it has been verified that both sides have performed the temporarily recording step. In order to perform the temporary recording, information which describes the transaction is sent to both the chip card and the information system from a transaction management device. In order to verify that both sides have performed the temporary recording, a first set of messages is sent from the chip card and the information system to the transaction management device which indicate that the temporary recording has been performed. The transaction management device receives these messages and responds by sending a second set of messages to the chip card and the information system. The chip card and the information system receive these messages and respond by changing the character of the previously performed recording from temporary to definitive. The transaction is protected against fraud and malfunction because the transaction must be successfully entered into the information system before it becomes available to a user of the chip card.

Abstract: Messaging service subscribers are automatically notified of newly arrived messages in their mailboxes when they initiate a transaction, such as a calling card (or credit card) call, or a withdrawal at an Automated Teller Machine (ATM). The mail arrival notification message is delivered to the subscriber as part of the validation process for the credit/debit or calling card number.

Abstract: A method is disclosed for verifying that a check user, a credit card holder, or an account user is authorized to complete a transaction. The issuer of the check or credit card or the verifying entity assigns a security code formula to each user, consisting of two variables: a base code number separated into two parts; and one or more arithmetic modes. The authorized user will calculate a verification code number in a two step process using the two parts of the base code and the check number or transaction amount; he then places it on the check or the transaction slip. Verification can be performed by the issuer, who ensures that a correct verification code number has been entered on the check or transaction slip.

Abstract: A system for issuing ID cards to which personal information data such as a personal identification number are written and verifying whether or not the information data are successfully written to the ID card. When the information data are confirmed to be unsuccessfully written to the ID card as the result of verification, the card is regarded as a faulty card, and an erase signal is automatically overwritten to the faulty card before discharging the card out of the system, so as to ensure absolute secrecy of the personal information.

Abstract: In a method and apparatus for paying for recrediting of an electronic postage meter machine, switchable into a reloading mode, and communicating with a data central, data is entered into the postage meter machine and the postage meter machine is switched into a communication mode or into a credit inquiry mode. Communication is established with the data central and a plausibility check of the entered data and register values is undertaken in the data central, and a credit inquiry process is begun by the data central if a credit card number has been entered via the postage meter machine. The data central contacts a credit card processing center for verifying the credit card status of the customer and, upon receiving an authorization indicating an acceptable credit card status of the customer, the data center processes the reloading event. If the credit card processing center indicates an unacceptable credit card status, the preceding steps are repeated. A list of successful credit inquiries can be produced. The credit card processing center authorizes a transfer of funds from a bank of the customer, and subsequently the transfer of funds is implemented to credit the bank of the nationally authorized postal carrier who is responsible for postal deliveries.

Abstract: An access card reader includes a receive antenna (14) sensitive to a first signal generated by an access card. A receiver circuit (30) is coupled to the receive antenna to detect an analog second signal in the receive antenna. When the receive antenna is excited, the receiver conditions the analog second signal, and an analog to digital converter (40) converts the second signal into a digital security code. A processor (50) then determines the validity of the security code. In one aspect of the invention, the security code includes a plurality of fields including an 8-bit preamble field, a data field and an error detection field.

Abstract: Method and a system for automatically and securely performing computer power up and logon functions. In one embodiment, the system is implemented in a personal computer ("PC") and comprises a central processing unit ("CPU"), a card reader for reading data encoded on user identification cards "swiped" therethrough, and a power supply capable of constantly providing a low power, or "flea power," signal to various components of the PC, including the CPU and card reader, for enabling a soft power startup of the PC. Responsive to detection of a user identification card being swiped through a slot on the card reader, the card reader reads information for identifying the user, in particular, a user ID and security code, encoded on the card and transmits the read information to the CPU. If the CPU determines that the user identified by the user ID is authorized to access the PC, the PC is powered up and the user is logged onto the PC using the data read from the card. Thereafter, if at any time while the user is logged onto the computer, a determination is made that there has been no I/O activity for a predetermined amount of time, the user is automatically logged off of the PC and the PC is powered down. Similarly, if during operation of the PC, the user ID card is again swiped through the reader, the user will be logged off of the PC and the PC will be powered down.

Abstract: A method and apparatus for phone card billing wherein phone cards comprising PINs associated with a specific account credited with a predetermined number of units are sold to phone card clients without any prepayment for the value of the phone card units. The phone card client is not required to pay for the phone card units unless and until a corresponding phone card PIN is activated for a first time by an end user, thereby reducing the phone card client's initial financial burden of prepaying for phone card units, and eliminating payment by the phone card client for phone card units that are never used by an end user. When an end user uses a phone card by dialing a special number and entering a PIN, a call processing computer connected to a special exchange verifies the entered PIN prior to connecting the end user's call. The call processing computer periodically and automatically downloads entered PINs to an invoicing computer system which automatically bills appropriate phone card clients for the value of the phone card units when a corresponding phone card PIN accessing these units is activated for the first time.

Abstract: Discretionary data encoded on a track of a magnetic strip card is used to improve the reliability of recovery of the card data and, when coupled with complementary processing in the EFT terminal, protects the PIN on an end to end basis (that is between the transaction terminal and the card issuer), as well as providing for end to end card authentication. An issuing bank encodes cards under the control of a number of encryption and encoding keys which are unique to the Issuer Identification Number (IIN). The result of this is an individual encryption key (Card Key CK) for each card which is derived from this key. The encoded Card Key (CK) which is stored in an encoded form within the track discretionary data is used as the basis of a key to firs encrypt the PIN. The Card Key is combined with transaction variables such as amount of the transaction to produce a unique PIN key for this transaction. The Card Key is not transmitted by the terminal to the controlling computer system. Thus both the encryption of the PIN and authentication of the card is protected from a compromised computer system connected to the transaction terminals.

Abstract: The present invention provides for a system and method of performing financial transactions which include a financial card 400 that stores pre-selected transaction instructions corresponding to one or more financial transactions, such as cash withdrawal, or bill payment, or the like. These cards are used with one or more terminals 101 which read the instructions on the card, interpret those instructions and execute the interpreted instructions to conduct one or more of the financial transactions. Preferably the terminal, after determining from the instructions on the card what functions, i.e., financial transactions, are available to the card user, displays those options. The user then selects one of the financial transactions. The terminal, based on the selection and the instructions corresponding to the selected function, executes the transaction.

Abstract: A security device for use in a card charging system where a service or product providing facility issues services or products by the use of credit from a card. The security device comprises signal transmission means for delivering signals to a purchasing facility to enable a user to acquire a service or product dependent on the credit debited from a card, a record keeping subsystem to certify the credit debited from the card and to identify which account is to receive the debited credit and signal processing and output means for generating signals indicating a successful transaction. The signals may be encoded by use of encryption techniques. A separable security subsystem provided to ensure a record of transactions is available if power fails on the main security device.

Abstract: Card reader for game machine with a memory (42) which contains a minimum credit value and receives the credit value available from a card. At each stage of the game, the available credit value varies. The available credit value is compared, on each transaction, with the minimum value. When the available credit value is less than the minimum value, a circuit (47) triggers seizure of the card. A reader of this type can operate by performing all transactions in a memory within the reader, only reading the card memory when the card is inserted into the reader and updating it when the card is ejected.

Abstract: Smart card transactions are described. Operations in which smart cards are replenished with pre-paid sums, even from scattered terminals (10) not connected to a host (20), may be made secure simply by storing in the smart card (40) the number of replenish operations that have been performed. A replenishment counter is provided therefor and incremented every time the card is replenished but not when the card is used for other purposes, such as paying for goods and services. This system is particularly suitable for the collective management of a number of canteens each provided with a plurality of replenishment terminals available to employees.