`Hulst et al.
`
`(10) Patent No.:
`(45) Date of Patent:
`
`US 8,033,458 B2
`Oct. 11, 2011
`
`US008033458B2
`
`(54) DATA STORAGE AND ACCESS SYSTEMS
`(75)
`Inventors: Hermen-ard Hulst, Amsterdam (NL);
`Patrick Raez, Sa1I1tHe11er(JE)
`
`(73) Assignee: Smartflash Technologies Limited,
`Tortola (VG)
`Subject to any disclaimer the term of this
`’
`patent is extended or adjusted under 35
`U.S.C. 154(b) by 0 days.
`
`( * ) Notice‘
`'
`
`,
`
`,
`
`I1\<4_0f0I1agi1eta1~
`2
`ltta et a .
`glfigfifizzaman et a1’
`2
`7/1996 Konno et al.
`5,532,466 A
`12/1996 Leroux
`5,588,146 A
`10/ 1997 D01PhiI1
`5,677,953 A
`12/1997 Dolphin
`5,703,951 A
`0 ozawa e a .
`,
`,
`4/1998 Y k
`t
`1
`5 740 369 A
`gllcher t 31
`2
`ITO 3. C
`.
`,
`,
`3/1993 Kimy
`5,794,202 A
`9/1998 Hanel etal.
`5,809,241 A
`5,845,201 A * 12/1998 Funke et al.
`
`................ .. 455/403
`
`(21) Appl. No.: 12/943,847
`
`(22)
`
`Filed:
`
`Nov. 10, 2010
`
`(Continued)
`
`FOREIGN PATENT DOCUMENTS
`
`65
`
`P _
`P by t_
`D t
`) US 2011/00736430211 u 1:: 101311 22011
`ar.
`,
`
`(
`
`EP
`
`0 195 098
`
`10/1990
`(Continued)
`
`Related U-S-Application Data
`(63) Continuation of application No. 12/014,558, filed on
`Jan. 15, 2008, now Pat. No. 7,942,317, which is a
`continuation of application No. 11/336,758, filed on
`Jan. 19, 2006, now Pat. No. 7,334,720, which is a
`continuation of application No. 10/111,716, filed as
`application No. PCT/GB00/04110 on Oct. 25, 2000,
`now abandoned.
`
`(51)
`
`Int. Cl.
`(2006.01)
`G06K 5/00
`(52) U.s. Cl.
`...................................... .. 235/380; 235/382
`(58) Field of Classification Search ................ .. 235/380,
`235/382, 382.55 383, 492, 493
`See application file for complete search history.
`References Cited
`
`(56)
`
`U.S. PATENT DOCUMENTS
`4,341,951 A
`7/1982 Benton
`4,697,073 A *
`9/1987 Hara ........................... .. 235/487
`5,148,432 A *
`9/1992 Gordon et al.
`............. .. 714/632
`
`Primary Examiner — Thien M Le
`(74) Attorney, Agent, or Firm —Kilpatrick Townsend &
`Stockton LLP
`
`.
`ABSTRACT
`(57)
`Data storage and access systems enable downloading and
`paymg f0f data 511011 aS a11d10 and V1de0 data, text, .S0fiWaFe,
`games and other types of data A portable data earner has an
`interface for sending and receiving data, data memory for
`storing received content data, and payment validation
`memory for providing payment validation data to an external
`device. The carrier may also store a record of access made to
`the stored content, and eontentuse rules for controlling access
`t0 the stored eentent Embedlments store further aeeess eon-
`trol data and supplementary data such as hot links to web sites
`311:1/(0; adVem151ng data A Complemegtgry data 3003355 1911111‘
`na , ata supp y computer system, an
`ata access evlce are
`also described. The combination of payment data and stored
`content data and use rule data helps reduce the risk of unau-
`thorized access to data such as compressed music and video
`data, especially over the Internet.
`
`12 Claims, 17 Drawing Sheets
`
`
`
`Apple Exhibit 1024 Page 00001
`
`Apple Exhibit 1024 Page 00001
`
`
`
`US 8,033,458 B2
`Page 2
`
`6,993,507 B2
`3,000,832 33*
`7’044’362 B2
`7,083,081 B2
`7,334,720 132*
`7,677,446 B2
`2003/0163,594 A1*
`2003/0168515 A1>i<
`2006/0179211 A1*
`2006/0249570 A1
`2008/0041938 A1
`
`U.S. PATENT DOCUMENTS
`578455281 A
`12/1998 B91150“ 9131‘
`5,847,372 A
`12/1998 Kreft
`558745760 A *
`2/1999 B1-1H15e131~ ~~~~~~~~~~~~~~~~~ ~~ 257/315
`558897850 A
`3/1999 E11e1e”11~
`5,901,330 A
`5/1999 S1111e131~
`519187213 A
`9/1999 Bernard“ 41‘
`5a923a884 A
`7/1999 Peyret e131~
`5,933,498 A
`8/1999 S°h“e°ke”11~
`5a936a220 A
`8/1999 H05111110 e131~
`910127934 A
`1/2000 B1984“ 9141‘
`6,018,720 A
`1/2000 Fujimoto
`6,078,917 A
`6/2000 Paulsen et a1.
`6,119,945 A
`9/2000 Muller et al.
`6,142,369 A
`11/2000 Jonstromer
`6,202,056 B1
`3/2001 Nuttall
`6,385,731 B2
`5/2002 Ananda
`6,415,156 B1
`7/2002 Stadelmann
`6,424,975 B1
`7/2002 Walter etal.
`6,442,570 B1
`8/2002 Wu
`6,473,829 B1
`10/2002 Dahman etal.
`6,510,236 B1
`1/2003 Crane etal.
`6,553,413 B1
`4/2003 Leighton etal.
`6,554,192 B2
`4/2003 Tingl
`6,574,643 B2
`6/2003 Walter etal.
`6,658,568 B1
`12/2003 Ginteretal.
`......................... .. 1/1
`6,721,749 131*
`4/2004 Najm etal.
`6,747,930 B1*
`6/2004 Weldon etal.
`........... .. 369/53.21
`
`1/2006 Meyer et al.
`343302
`"""""""""""""" "
`5/2006 Yu
`8/2006 McGeeeta1
`,
`2/2008 Hulstetal
`,,,,,,,,,,,,,,,,,, ,,
`,
`3/2010 Wise
`8/2003 Aasheim etal
`709/310
`
`9/2003 Gray
`,
`,,,,,,,,,,,, ,, 235/492
`8/2006 Aasheiin,ei,a
`711/103
`
`,
`11/2006 Seifert etal
`2/2008 Wise
`
`,,,,,,,,,,,, ,,
`
`,
`
`235/451
`
`235/380
`
`FOREIGN PATENT DOCUMENTS
`
`0713198 A2
`E1’
`0 823 594 A1
`E1’
`0 542 298
`E1’
`0 843 449 A2
`E1’
`0914 001 A1
`E1’
`10-269291 A
`JP
`11-53184 A
`11’
`11-212785 A
`11’
`11-213010 A
`11’
`11-272762 A
`11’
`W0 98/19237 A1
`W0
`W0 98/33343
`W0
`W0 98/37525
`W0
`* cited by examiner
`
`5/1995
`2/ 1998
`4/1998
`5/1998
`5/1999
`10/1998
`2/1999
`8/1999
`8/1999
`10/1999
`5/1998
`7/1998
`8/1998
`
`Page 00002
`
`Page 00002
`
`
`
`U.S. Patent
`
`Oct. 11,2011
`
`Sheet 1 of 17
`
`US 8,033,458 B2
`
`Page 00003
`
`Page 00003
`
`
`
`
`U.S. Patent
`
`Oct. 11,2011
`
`Sheet 2 of 17
`
`US 8,033,458 B2
`
`Page 00004
`
`Page 00004
`
`
`
`U.S. Patent
`
`Oct. 11,2011
`
`Sheet 3 of 17
`
`US 8,033,458 B2
`
`Page 00005
`
`Page 00005
`
`
`
`U.S. Patent
`
`Oct. 11,2011
`
`Sheet 4 of 17
`
`US 8,033,458 B2
`
`ARTIST
`TERMINAL
`
`ARTIST
`TERMWAL
`
`ARTIST
`TERMINAL
`
`
`
`1048
`CONTENT
`
`CREATOR
`
`104b
`
`108c
`
`CONTENT
`PROVIDER
`
`mab
`
`CONTENT
`PROVIDER
`
`STORED
`CONTENT
`
`
`
`
`
`
`CONTENT
`CREATOR
`
`
`
`STORED
`CONTENT
`
`
`
`108d
`
`CONTENT
`PROWDER
`
`
`
`was
`
`CONTENT
`paovaoea
`
`“29
`
`«quills»
`sroaeo
`CONTENT
`
`110a
`CONTENT
`
`”°b\
`CONTENT
`
`113°
`
`PUWSHER
`
`commuwscxmows W
`
`‘VETWORK
`
`1088
`
`CONTENT
`PROWDER
`
`"4
`
`SERVER‘
`
`"5
`CONTENT
`ousmaauroa
`muu¢eAna~Av
`
`
`
`Page 00006
`
`“7
`
`mm“
`
`CONTENT
`
`
`ACCESS
`TERMTNAL
`
`
`
`"8
`
`118
`
`CONTENT
`
`ACCESS
`TERMINAL
`
`
`
`Fig. 5
`
`STORED
`CONTENT
`
`\
`
`100
`
`Page 00006
`
`
`
`U.S. Patent
`
`Oct. 11,2011
`
`Sheet 5 of 17
`
`US 8,033,458 B2
`
`1, 8b CONTENT
`ACCESS
`
`
`
`CONTENT
`
`TERMINAL
`
`CONYENT
`
`TERMINAL
`
`e—PAYMENT
`SYSTEM
`
`1228
`
`121a
`
`BANK
`
`122,,
`
`‘I28
`
`142
`
`122G
`
`3”“
`
`°"’A‘*M5"T
`svsrem
`121
`
`ma BANK
`
`124
`
`WEB SERVER
`CODE STORAGE
`
`CONTENT ACCESS
`WEB SERVER
`
`
`
`
`
`1308
`
`1 32a
`
`138
`
`CONTENT
`
`ACCESS 8.
`DRM DATA
`STORE
`
`
`
`o
`F 19.6
`
`\
`120
`
`Page 00007
`
`1268
`
`136
`
`
`
`
`
`CONTENT
`DISTRIBUTION
`PROCESSOR
`CRM & PAYMEN
`DISTRIBUTION
`CODE STORAGE
`
`
`1 34;;
`
`
`
`ACCESS CONTROL
`CODE STORAGE
`
`PAYMENT
`PROCESSOR
`
`ENT
`PA
`MANAGEMENT
`cooa STORAG =
`
`
`
`DRM
`PROCESSOR
`DRM CODE
`STORAGE
`
`
`
`
`
`
`ACCESS ONTROL
`PROCESSOR
`
`
`
`Page 00007
`
`
`
`U.S. Patent
`
`Oct. 11,2011
`
`Sheet 6 of 17
`
`US 8,033,458 B2
`
`143
`
`146
`
`,
`MOW’ C°”""‘5
`
`MOBILE COMMS
`NETWORK GATEWAY
`
`
`
`"*2
`
`HOME PC
`
`1448
`
`153
`
`RETAILER LAN
`SERVER
`
`154
`
`ova
`
`154
`
`150
`
`"53
`
`-
`
`170
`
`
` CDIDVD PLAYER
`
`spc
`
`1 70a
`
`LAN
`
`:66
`
`ea
`
`CONTENT
`
`ACCESS
`TERMNAL
`
`
`168a
`
`Fig. 7
`
`Page 00003
`
`Page 00008
`
`
`
`U.S. Patent
`
`Oct. 11,2011
`
`Sheet 7 of 17
`
`US 8,033,458 B2
`
`._.zm.._.200
`
`~m:a2<m
`
`88
`
`sm.5>m
`
`
`
`5%.:903.3.8.at
`
`
`
`ZO_...<O_n=mm>Nm_.wO.>mDwo.&mm...z.mo_>mow0<...._mm._.Z”
`
`
`
`oz<ozE..o._é:m_2oaa<Sn_z_<5m2B255.
`
`8.wewe2;E.
`
`
`
` aw3.@.~9.mo<”EmE_Eton.5%.mo<mmw._.z.
`2%.
`
`2%
`
`
`
`mommuoomm>mO.2ms_2<mwOmmozzmoa
`
`
`
`
`
`mmmzomm.:,m2mo<z<2
`
`.mu?...zmE><a:w<oBoommmaommmm;
`
`
`
`
`
`
`
`
`
`maoommamouoEmm:z_Em>mO2w2
`
`
`
`
`
`mooowo<&E.z_mwz<zoxm<55
`
`
`
`
`
`
`
`mace4<>m_mm_m._.2m._.2OUmz:.&o
`
`
`
`moonm§2<mEH28
`
`
`
`
`
`BooEm2mw<z<_2_.zus.E&:w¢o
`
`mo§mm»z_mum:
`
`moon
`
`E8mo<n_mm._.z_mum:
`
`
`
`wmmzmo£25.00525
`
`w.5
`
`Page 00009
`
`Page 00009
`
`
`
`
`
`
`
`U.S. Patent
`
`Oct. 11, 2011
`
`Sheet 8 of 17
`
`US 8,033,458 B2
`
`SN
`
`3N
`
`
`
`Ewzooommofi
`
`
`
`.&osm_2<._.<o
`
`wzvaoz
`
`fw<.E
`
`
`
`>mO_2m2mommmooma
`
`,m62.2.»
`
`._Ow:.zO0
`
`0.004
`
`wo<uEm»z_
`
`ézmwhxm
`
`NK
`
`emmom
`
`SN
`
`Eozwz<55m::So>.zoz
`
`
`
`zéoommEuz<2mm¢
`
`
`
`<._.<QD.om<o
`
`>¢osms_
`
`
`
`
`
`<._.<DJOEZOOmmmoo<
`
`
`
`
`
`mooo:Em>moz:<mmn_o
`
`
`
`
`
`x¢o.$mzmzo_.2o.z:22oomemo:
`
`(.55»zm_2><¢
`
`(.95w3<>9:6
`
`
`
`<._.<Qsum
`
`<55:5
`
`
`
`<._.<D>._.._<>Omw2%
`
`
`
`38.rzm2mw.<z<_2Ews_><a
`
`
`
`woooEmnomm4..sin
`
`
`
`maoozmo
`
`
`
`E8m_mm_¢z.6Emczoo
`
`
`
`
`
`<55wm._:mmm:n_z<xmaz_pzmpzoo
`
`
`
`<.2oamoommmm:
`
`<55zzxo5&3.
`
`m.9“.
`
`5&0mmmou<
`
`Page 00010
`
`Page 00010
`
`
`
`
`
`U.S. Patent
`
`Oct. 11,2011
`
`Sheet 9 of 17
`
`US 8,033,458 B2
`
`1H 1~£0528
`
`can
`
`mommmooma
`
`Eosmz
`
`
`
`zémomn.._.zmz<s_mmn_
`
`mum:
`
`
`
`Naemu
`
`><._%_o
`
`o_o:<
`
`mo<&m»z_
`
`an
`
`m
`
`«Nam
`
`Em
`
`mo<u_~m:z_
`
`0
`
`mo<u.mm»z_mum:nwnw
`
`mo<&mE_Em.«mam
`
`
`maoo405.200moE~mc.z_Em:
`
`
`
`
`
`uooomo<n_mw...z_cum
`
`
`
`mm><E..zm:.zoo38
`
`6528mm:89
`
`
`
`moon.405.200mm:
`
`
`
`
`
`mooomm>fi..Ewpzoo
`
`Page 00011
`
`Page 00011
`
`
`
`
`
`U.S. Patent
`
`Oct. 11,2011
`
`Sheet 10 of 17
`
`US 8,033,458 B2
`
`810
`
`SMART FLASH CARD INSERTED
`INTO CONTENT ACCESS
`TERMINAL CARD INTERFACE
`
`S11
`
`SCHEME OWNER REGISTRATION
`WEB PAGE LOADED ONTO
`CONTENT ACCESS TERMINAL.
`
`S12
`
`USER REGISTRATION DATA
`ENTERED INTO CONTENT ACCESS
`TERMINAL
`
`S13
`USER REGISTRATION DATA
`TRANSMITTED TO SCHEME OWNER
`
`S14
`PAYMENT REQUEST RECEIVED
`FROM SCHEME OWNER AT
`CONTENT ACCESS TERMINAL
`
`S15
`
`
`PAYMENT DATA ENTERED INTO
`CONTENT ACCESS TERMINAL AND
`
`
`TRANSMITTED TO SCHEME OWNER
`
`S16
`CARD VALUE DATA AND CARD
`VALUE ACCESS CODE RECEIVED
`BY CONTENT ACCESS TERMINAL
`FROM SCHEME OWNER
`
`
`
`
`
`S17
`CARD REGISTRATION DATA
`RECEIVED FROM SCHEME OWNER
`AND WRITTEN ONTO CARD
`
`S18
`VALUE DATA AND ACCESS CODE
`WRITTEN ONTO CARD AND
`OUTPUT TO USER
`
`S19
`
`CARD AVAILABLE FOR USE
`
`Fig11a
`
`Page 00012
`
`Page 00012
`
`
`
`U.S. Patent
`
`Oct. 11,2011
`
`Sheet 11 of 17
`
`US 8,033,458 B2
`
`S20
`
`
`
`
`REQUEST FOR CARD
`
`REGTSTRATION WEB PAGE
`REC-ENED FROM CONTENT
`
`ACCESS DEVICE
`
`S21
`
`TRANSMI T CARD REGISTRATION
`WEB PAGE TO CONTENT
`ACCESS DEWCE
`
`S22
`
`
`RECEIVE USER REGISTRATION
`
`
`DATA FROM CONTENT ACCESS
`TERMINAL AND STORE IN ACCESS
`
`CONTROL DATA STORE
`
`
`
`
`
`
`S23
`TRANSMIT PAYMENT REQUEST TO
`CONTENT ACCESS TERMINAL
`
`S24
`
`RECEIVE PAYMENT DATA FROM
`CONTENT ACCESS TERMINAL
`
`S25
`
`PAYMENT PROCESSOR VERIFEES
`PAYMENT DATA WITH PAYMENT
`SYSTEM
`
`S26
`
`
`
`
`
`PAYMENT PROCESSOR
`
`TRANSMITS VALUE DATA AND
`VALUE ACCESS CODE TO
`
`CONTENT ACCESS TERMINAL
`
`S27
`
`PAYMENT PROCESSOR UPDATES
`PAYMENT RECORD DATA STORE .
`WITH TRANSACTION DATA
`
`Fig.11b
`
`*
`828
`CARD REGISTRATION DATA
`LOADED FROM ACCESS CONTROL
`DATA STORE AND TRANSMITTED
`
`TO CONTENT ACCESS TERMINAL
`
`
`
`
`
`
`
`
`
`S29
`
`TRANSACTION COMPLETE
`
`Page 00013
`
`Page 00013
`
`
`
`U.S. Patent
`
`Oct. 11,2011
`
`Sheet 12 of 17
`
`US 8,033,458 B2
`
`S30
`
`INSERT CARD IN CONTENT
`ACCESS TERMINAL
`
`S31
`USER ENTERS PASSWORD INTO
`CONTENT ACCESS TERMINAL
`
`S32
`
`CONTENT ACCESS TERMINAL
`TRANSMITS PASSWORD TO CARD
`FOR VERIFICATION
`
`
`
`DISPLAY WARNING AND
`INCREMENT TERMINAL ACCESS
`DENIED coum
`
`ACCESS PERM" ‘ED?
`
`YES
`
`LOAD OUTUNE CRM
`DATA FROM CARD
`
`333
`'
`
`S40
`
`S41
`
`LOAD RETAILER DATA FROM
`RETAILER LAN I WAN
`0 342
`oaspuw MENU. RETAILER DATA
`AND oumue cm DATA ON
`CONTENT ACCESS TERMINAL
`
`s43
`
`
`
`
`
`835
`
`335
`
`837
`
`READ CARD THRESHOLD AND
`TOTAL CARD ACCESS DENTED
`COUNT FROM CARD
`
`ARD COUN-l-,(CAR
`THRESHOLD v3)?
`
`W391-AY CONTENT ERASURE
`WARNTNG
`
`
`INPUT MENU OPTION
`(DOWNLOAD comem;
`335
`'rEaMmA1__
`ADD MONETARY VALUE:
`COUNT>TERMlNAL
`
`
`
`CHECK I SPEND CRM VALUE:
`THR|_=_sHo:_o?
`
`
`WEB SITE LINKS; EXIT)
`
`DOWNLOAD CONTENT
`
`
`
`YES
`
`Page 00014
`
`S39
`
`OUTPUT ACCESS REFUSED‘
`MESSAGE AND AWAIT CARD
`REMOVAL
`
`Fig. 128
`
`844
`
`
`LOAD SCHEME OWNER CONTENT
`ACCESS wee PAGE omo
`conrem ACCESS TERMINAL
`
` 0
`
`Page 00014
`
`
`
`U.S. Patent
`
`Oct. 11, 2011
`
`Sheet 13 of 17
`
`US 8,033,458 B2
`
`S45
`
`CONTENT SEARCH REQUEST
`
`
`DATA INPUT AND TRANSMITTED
`
`
`TO SCHEME OWNER CONTENT
`DISTRIBUTION PROCESSOR
`
`
`
`
`S46
`CONTENT SEARCH RESULTS
`RECEIVED FROM CONTENT
`DISTRIBUTION PROCESSOR AND
`DISPLAYED ON CONTENT ACCESS
`TERMINAL
`
`
`
`S47
`CONTENT ITEM SELECTION DATA
`INPUT AND TRANSMII IED TO
`SCHEME OWNER
`
`S48
`
`
`CONTENT COST DATA, CONTENT
`
`USE RULES ANDPURCHASE
`OPTIONS DATA RECEIVED FROM
`
`SCHEME OWNER
`
`S49
`PURCHASE OPTION SELECTION
`AND PURCHASE REQUEST INPUT
`OR EXIT TO MENU SELECTED
`
`EXIT
`
`sso
`CARD VALUE mo CRM DATA
`READ FROM CARD
`
`V
`
`Fig.12b
`
`S51
`
`CARD VALUE SUFFICIENT?
`
`
`
`S52
`
`"0 ocspuw INSUFFICIENT
`VALUE WARNING
`
`
`YES
`
`853
`PAYMENT REQUEST
`TRANSMITTED TO CARD
`
`Page 00015
`
`
`
`
`
`
`
`
`
`
`
`Page 00015
`
`
`
`U.S. Patent
`
`Oct. 11,2011
`
`Sheet 14 of 17
`
`US 8,033,458 B2
`
`854
`
`
`
`PAYMENT FOR SCHEME OWNER
`RECEIVED FROM CARD BY
`
`
`CONTENT ACCESS TERMINAL AND
`
`
`SYSTEM
`
`
`FORWARDED TO e-PAYMENT
`
`S55
`
`
`
`
`PAYMENT RECORD DATA
`RECEIVED FROM 6-PAYMENT
`SYSTEM BY CONTENT ACCESS
`TERMINAL AND FORWARDED TO
`
`
`
`
`CARD
`
`S56
`
`Fig.12c
`
`Page 00016
`
`
`
`PAYMENT RECORD DATA.
`PURCHASE REQUEST AND CARD
`REGISTRATION DATA
`TRANSMITTED TO SCHEME
`
`
`
`
`
`OWNER
`
`S57
`
`CONTENT AND CONTENT ACCESS
`RULES DOWNLOADED T0 CARD
`
`RECEIVE CRM DATA FROM
`CONTENT DISTRIBUTION
`PROCESSOR
`
`S58
`
`S59
`
`WRITE AUDIT TRAIL TO CARE)
`AND UPDATE CARD CRM DATA
`
`Page 00016
`
`
`
`U.S. Patent
`
`Oct. 11,2011
`
`Sheet 15 of 17
`
`US 8,033,458 B2
`
`S60
`
`CONTENT ACCESS WEB PAGE
`REQUESTED AND TRANSMITTED
`TO CONTENT ACCESS TERMINAL
`
`S61
`
`CONTENT SEARCH REQUEST
`RECEIVED FROM CONTENT
`ACCESS TERMINAL
`
`S62
`
`
`
`
`
`CONTENT DISTRIBUTION
`PROCESSOR SEARCHES
`CONTENT ACCESS DATA STORE
`AND TRANSMITS SEARCH
`RESULTS TO CONTENT ACCESS
`TERMINAL
`
`
`
`
`
`
`
`S63C0N‘I'ENT ITEM SELECTION
`
`RECEIVED FROM CONTENT
`ACCESS TERMINAL
`
`F , 1
`
`S64
`
`CONTENT ITEM PURCHASE DATA
`RETRIEVED FROM CONTENT
`ACCESS DATA STORE
`
`S65
`CONTENT PURCHASE DATA
`TRANSMITTED TO CONTENT
`ACCESS TERMINAL
`
`S68
`
`
`PAYMENT RECORD DATA.
`
`
`PURCHASE REQUEST DATA AND
`CARD REGISTRATION DATA
`RECEIVED FROM CONTENT
`
`ACCESS TERMINAL
`
`.3437
`PAYMNT RECORD DATA
`VALIDATED wrm e-PAYMENT
`svsmm
`
`0
`
`Page 00017
`
`Page 00017
`
`
`
`U.S. Patent
`
`Oct. 11,2011
`
`Sheet 16 of 17
`
`US 8,033,458 B2
`
`563
`
`PAYMENT DISTRIBUTION DATA
`READ FROM CONTENT ACCESS
`DATA STORE
`
`S69
`PAYMENT DISTRIBUTION
`INSTRUCTION TRANSMITTED TO
`6-PAYMENT SYSTEM
`
`870
`
`
`
`
`CONTENT ACCESS RULES FOR
`
`PURCHASED LEVEL OF SERVICE.
`CRM DATA AND CONTENT
`PROVIDER ID DATA READ FROM
`CONTENT ACCESS DATA STORE
`
`
`
`
`
`S71
`
`CONTENT ACCESS RULES
`TRANSMITTED TO CONTENT
`ACCESS TERMINAL
`
`S72
`DRM PROCESSOR TRANSMITS
`
`
`TRANSACTION REQUEST AND
` Fig. 12e
`
`AUTHENTICATION TO CONTENT
`
`PROVIDER
`
`$73
`
`CONTENT ACCESS WEB SERVER
`RECEIVES PROTECTED CONTENT
`FROM CONTENT PROVIDER AND
`TRANSMITS CONTENT TO
`CONTENT ACCESS TERMINAL
`
`
`
`
`
`
`
`S74
`
`PURCHASE DATA AND CONTENT
`ACCESS RECORD WRITTEN TO
`PAYMENT RECORD DATA STORE
`
`S75
`
`
`
`
`
`
`USING STORED RULES UPDATED
`CRM DATA WRITTEN TO CONTENT
`
`ACCESS DATA STORE AND
`TRANSMITTED TO CONTENT
`ACCESS TERMINAL
`
`
`
`
`S76
`
`PROCESS ENDS
`
`Page 00013
`
`Page 00018
`
`
`
`U.S. Patent
`
`Oct. 11,2011
`
`Sheet 17 of 17
`
`US 8,033,458 B2
`
`377
`
`CARD (NSERTED INTO PLAYER
`
`S78
`
`USER PASSWORD ENTERED INTO
`PLAVER AND TRANSMITTED TO
`CARD FOR VALIDATION
`
`CONTENT ACCESS PERMITTED
`
`
`
`
`
`STORED CONTENT INDEX LOADED
`FROM CARD AND DISPLAYED WITH
`MENU (ACCESS CONTENT: CHECK
`VALUE; CHECK CRM; PLAY OPTIONS)
`
`S79
`
`
`
`
`
`
`
`S80
`SELECTION OF CONTENT ITEMS
`FOR ACCESS ENTERED INTO
`PLAYER
`
`CONTENT USE STATUS AND
`CONTENT USE RULES LOADED
`FROM CARD
`
`S81
`
`S82
`
`Fig. 13
`
`USE RULES AND USE STATUS
`COMPARED AND DISPLAYED WITH
`CONTENT PLAY MENU
`
`883
`
`
`
`{S CONTENT USE
`PERMJTTED7
`
`YES
`PLAY
`
`
`
`
`
`CONTENT AND SUPPLEMENTARY
`
`WRFFE/READ CARDS
`PLAY STATUS DATA
`DATA MADE AVNLABLE TO USER
`
`CONT
`
`PLAY
`COMPLETE
`
`334
`
`S85
`
`UPDATED CONTENT USE DATA
`WRITTEN TO CARD
`
`S56
`CRM DATA AND CRM REWARD
`RULES LOADED FROM THE CARD
`AND UPDATED
`
`Page 00019
`
`Page 00019
`
`
`
`US 8,033,458 B2
`
`1
`DATA STORAGE AND ACCESS SYSTEMS
`
`CROSS-REFERENCES TO RELATED
`APPLICATIONS
`
`This application is a continuation of U.S. patent applica-
`tion Ser. No. 12/014,558, filed on Jan. 15, 2008, which is a
`continuation of U.S. patent application Ser. No. 11/336,758,
`filed on Jan. 19, 2006, now issued U.S. Pat. No. 7,334,720;
`which is a continuation of U.S. patent application Ser. No.
`10/111,716, filed on Sep. 17, 2002, which application is a
`national stage application under 35 U.S.C. 371, claiming the
`priority of international PCT Application No. GB001041 10,
`filed on Oct. 25, 2000; which claims priority to UK Applica-
`tion No. 9925227.2, filed on Oct. 25, 1999, each ofwhich is
`incorporated by reference in its entirety for all purposes.
`
`BACKGROUND OF THE INVENTION
`
`This invention is generally concerned with data storage and
`access systems. More particularly, it relates to a portable data
`carrier for storing and paying for data and to computer sys-
`tems for providing access to data to be stored. The invention
`also includes corresponding methods and computer pro-
`grams. The invention is particularly useful for managing
`stored audio and video data, but may also be applied to stor-
`age and access of text and software, including games, as well
`as other types of data.
`One problem associated with the increasingly wide use of
`the internet
`is the growing prevalence of so-called data
`pirates. Such pirates obtain data either by unauthorized or
`legitimate means and then make this data available essentially
`world-wide over the intemet without authorization. Data can
`
`be a very valuable commodity, but once it has been published
`on the intemet it is difficult to police access to and use of it by
`internet users who may not even realize that it is pirated. This
`is a particular problem with audio recordings, and, once the
`bandwidth becomes available, is also likely to be evident with
`video.
`
`Over the past three or four years compressed audio sources
`have become increasingly widely available on web pages.
`One widely used audio data compression format is MP3
`(MPEG-Audio Layer 3 of the MPEG1 compression algo-
`rithm), which is an internationally defined standard including
`a definition of compressed audio information such as speech
`or music. It relies on psycho-acoustic properties of human
`hearing to achieve very large data compression factors. It is
`thus feasible to download usefully long passages of music in
`a practically convenient short time. Pirate data suppliers have
`not been slow to realize the potential of this, and many unau-
`thorized websites have sprung up offering popular music,
`including recent releases by world-farnous bands. This has
`caused the recording industry considerable concern and there
`is an urgent need to find a way to address the problem of data
`piracy.
`
`SUMMARY OF THE INVENTION
`
`According to the present invention there is therefore pro-
`vided a method of providing portable data comprising pro-
`viding a portable data storage device comprising downloaded
`data storage means and payment validation means; providing
`a terminal for internet access; coupling the portable data
`storage device to the terminal; reading payment information
`from the payment validation means using the terminal; vali-
`dating the payment information; and downloading data into
`the portable storage device from a data supplier.
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`2
`
`Another aspect of the invention provides a corresponding
`mobile data retrieval device for retrieving and outputting data
`such as stored music and/or noise from the data storage
`device.
`
`The payment validation means is, for example, means to
`validate payment with an external authority such as a bank or
`building society. The combination of the payment validation
`means with the data storage means allows the access to the
`downloaded data which is to be stored by the data storage
`means, to be made conditional upon checked and validated
`payment being made for the data. Binding the data access and
`payment together allows the legitimate owners of the data to
`make the data available themselves over the intemet without
`
`fear of loss of revenue, thus undermining the position of data
`pirates.
`A further advantage of the system is that it allows users
`under the age of 18 to make internet purchases. Currently
`internet users pay for goods and/or services by credit card.
`Since credit cards carmot legitimately be used by persons
`under the age of 18 (at least in the UK), a significant fraction
`of adventurous intemet users are excluded from e-commerce,
`one of the most significant predicted uses of the internet. In
`one embodiment ofthe invention, however, the payment vali-
`dation means comprises e-cash; that is, the payment valida-
`tion means stores transaction value information on a cash
`
`value oftransactions validatable by the data storage means. In
`simple terms, the data storage means can be a card which is
`charged up to a desired cash value (if necessary limited to a
`maximum value) at a suitable terminal. This might be an
`internet access terminal but could, more simply, be a device to
`accept the data storage card and to receive and count money
`deposited by the user to charge the card, writing update cash
`value information onto the card. More sophisticated ways of
`updating the cash value on the card are also possible, such as
`direct bank transfer. Since, with this type of embodiment, the
`data storage means is, essentially, precharged with cash rather
`than acting as a credit card, it can be used by young people
`without the risk of their incurring large debts.
`In one embodiment the data storage means is powered by
`the retrieval device when it is connected to the device and
`
`retains a memory of the downloaded data when it is unpow-
`ered. This can be achieved by the use of Flash RAM or, more
`generally, any form of programmable read-only memory.
`Alternatively the data storage means may incorporate a
`rechargeable cell or capacitor and store information in battery
`backed-up static RAM.
`The downloaded data may be entered into the data storage
`device by means of an interface such as a magnetically or
`capacitatively coupled connection or an optical connection,
`but preferably the interface comprises contacts for direct elec-
`trical connection to the storage means. The payment valida-
`tion means may likewise have one of a variety of interfaces
`but again preferably comprises a set of electrical contacts.
`The payment validation means could, however, comprise a
`magnetic or holographic data-strip such as is known for use
`with credit cards and phone cards. The interface to receive the
`downloaded data may be separate from the interface to the
`payment validation means, to facilitate separate and simulta-
`neous access to both these systems. In other embodiments a
`single interface may serve for both data storage and payment.
`Advantageously the payment validation means includes
`memory storing information to identify the person who is
`paying for the downloaded data.
`For additional security the downloaded data may be
`encrypted. In this case data decryption may be necessary at
`some stage, either in the data storage means or in the retrieval
`device or in an information delivering apparatus such as a data
`
`Page 00020
`
`Page 00020
`
`
`
`US 8,033,458 B2
`
`3
`access terminal. Alternatively the data decryption function
`can be shared amongst one or more of these devices. The
`skilled person will be aware of a range of suitable encryption/
`decryption techniques, including Pretty Good Privacy (Reg-
`istered Trade Mark) and PKI (Public Key Infrastructure).
`Normally, when the downloaded data is encrypted, a decryp-
`tion key must be supplied. This can be generated automati-
`cally by the data access terminal or data access service pro-
`vider or it can be entered by the user into the data access
`terminal or into the mobile data retrieval device.
`
`The data storage means and/or the retrieval device can be
`provided with access control means to prevent unauthorized
`access to the downloaded data. Additionally or alternatively,
`use control means can be provided to stop or provide only
`limited access of the user to the downloaded data in accor-
`
`dance with the amount paid. These access and use control
`functions may in some embodiments be combined, permitted
`use controlling access or permitted access controlling use.
`Thus, for example, a complete set of data information relating
`to a particular topic, a particular music track, or a particular
`software package might be downloaded, although access to
`part ofthe data set might thereafter be controlled by payments
`made by a user at a later stage. In this way, a user could pay to
`enable an extra level on a game or to enable further tracks of
`an album.
`In embodiments where the access or use control means is
`
`responsive to the payment validation means, access or use
`control information may be stored with the downloaded data
`or in a separate storage area, for example in the payment
`validation means. The user’s access to the downloaded data
`
`could advantageously be responsive to the payment valida-
`tion means, for example, by means of a control line coupling
`the payment validation means with a memory access or
`decryption control element.
`In one embodiment the data storage means comprises an
`electronic memory card or smart card and the mobile data
`retrieval device is provided with a slot to receive the card.
`Preferably the card is a push-fit within the retrieval device,
`and retention of the card may be effected by pressure from
`electrical interface connections and/or resilience of the hous-
`
`ing, or by using a resilient retaining means. In a preferred
`embodiment the retrieval device includes an audio output and
`a display, to play a downloaded track and to show information
`about the track and/or an accompanying video.
`To download data onto the data storage means the user can
`employ a data access terminal coupled to the intemet. The
`terminal can directly validate payment; for example in the
`case of a smart card charged with electronic cash it can deduct
`a cash value from the card. Alternatively it can communicate
`with a bank or other financial services provider to control
`payment. In a preferred embodiment, however, the terminal
`connects to a data access service provider which provides a
`portal to other sites and which validates payment and then
`forwards data from a data supplier to the user’s local access
`terminal. The data access service provider may alternatively
`forward payment validation information and/or information
`from the payment validation authority to the data supplier for
`control by the supplier of the data supplied. Thus, access to
`the payment validation system and/or data for downloading
`may be entirely controlled by the data supplier.
`Data held on the data storage means may advantageously
`include data relating to the user’s or payer’s usage of the
`system. This information may include, for example, informa-
`tion on a user’ s spending pattern, information on data suppli-
`ers used and information on the downloaded data. This infor-
`
`mation may be accessed by the data supplier and/or data
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`4
`
`access service provider and can be used for targeted market-
`ing or loyalty-based incentive schemes such as air miles or the
`like.
`
`The data access terminal may be a conventional computer
`or, alternatively, it may be a mobile phone. Wireless Applica-
`tion Protocol (WAP) and i-mode allow mobile phones to
`efiiciently access the intemet and this allows a mobile phone
`to be used to download data to the data storage means, advan-
`tageously, directly. The data storage means can, if desired,
`incorporate the functionality of a mobile phone SIM (Sub-
`scriber Identity Module) card, which cards already include a
`user identification means, to allow user billing through the
`phone network operator.
`In a preferred embodiment the downloaded data is MP3 or
`other encoded audio data, but the system finds more general
`application for other data types. For example, download data
`can include software, and particularly games, share price
`information, current news information, transport timetable
`information, weather information and catalog shopping
`information. The downloaded information may also include
`compressed video data. The storage capacity of the data stor-
`age means is adaptable to suit the type of data intended to be
`downloaded; for example, 32 megabytes is sufficient for CD
`quality music, but for video it is preferable that the data
`storage means has a capacity of 128 megabytes or greater.
`In another aspect, the invention provides a portable data
`carrier comprising an interface for reading and writing data
`from and to the carrier; non-volatile data memory, coupled to
`the interface, for storing data on the carrier; non-volatile
`payment data memory, coupled to the interface, for providing
`payment data to an external device.
`These features allow the data carrier to store both payment
`data and content data, thus providing the advantages outlined
`above. Depending upon the payment system used, the pay-
`ment data memory may also store code for validating or
`confirming a payment to an external payment system. The
`payment data will normally be linked to a card or card holder
`identification data for payment by the card holder. The non-
`volatile memory ensures that stored content and payment data
`is retained in the data carrier when the data carrier is not
`
`receiving power from an external source. Thus “non-volatile”
`encompasses, for example, low-power memory whose con-
`tents are retained by a battery back-up system. In one embodi-
`ment the payment data memory comprises EEPROM and the
`content data memory comprises Flash memory, but other
`types of content data memory, such as optical, for example,
`holographic, data memory can also be used. The data carrier
`may also be integrated into other apparatus, such as a mobile
`communications device.
`
`Preferably, the portable data carrier further comprises a
`program store for storing code implementable by a processor;
`and a processor, coupled to the content data memory, the
`payment data memory, the interface and to the program store
`for implementing code in the program store, wherein the code
`comprises code to output payment data from the payment
`data memory to the interface and code to provide external
`access to the data memory.
`Normally, the (content) data memory allows both write and
`read access for both storing and retrieving data, but in some
`embodiments the content data memory may be read-only
`memory (ROM). In such embodiments, content may be pre-
`loaded onto the carrier and payment may then be made for
`permission to access the pre-loaded data.
`Preferably, the data carrier also stores a record of access
`made to the content data and updates this in response to
`external access, preferably read access, made to the data
`memory. The carrier may also store content use rules pertain-
`
`Page 00021
`
`Page 00021
`
`
`
`US 8,033,458 B2
`
`5
`ing to allowed use of stored data items. These use rules may
`be linked to payments made from the card to provide payment
`options such as access to buy content data outright; rental
`access to content data for a time period or for a specified
`number of access events; and/or rental/purchase, for example
`where rental use is provided together with an option to pur-
`chase content data at the reduced price after rental access has
`expired.
`Thus where the data carrier stores, for example, music, the
`purchase outright option may be equivalent to the purchase of
`a compact disc (CD), preferably with some form of content
`copy protection such as digital watermarking.
`In this
`example, the rental or subscription payment option may be a
`pay-per-play option, and with this option payment may either
`be before or after access to the stored data so that the carrier
`
`may operate in either a debit or credit payment mode.
`The portability ofthe data carrier potentially allows it to be
`used to access content or, in the example, play music without
`the need to be linked to a communications system or to be
`on-line to the internet. By providing a use record memory on
`the data carrier, use of the stored data can be tracked while
`off-line and then any necessary payment can be made when
`the data carrier is next coupled to a communication system.
`This allows the data carrier to operate in a credit mode. In a
`debit mode, the additional storage of use rules facilitates the
`regulation of access to content data stored on the carrier
`without the need for further exchange of payment/use data
`with an external system to validate the use.
`By combining digital rights management with content data
`storage using a single carrier, the stored content data becomes
`mobile and can be accessed anywhere while retaining control
`over the stored data for the data content provider or data
`copyright owner. Preferably,
`the data carrier also stores
`access control data, such as a user ID and a password, as the
`stored data may be valuable. The access control data may be
`combined with access control to the payment data, which is
`typically by means ofa PIN (Personal Identification Number)
`to simplify access to valued content stored on the carrier.
`In one embodiment the stored content data is encrypted and
`a unique password or PIN and/or biometric data is required
`for decryption. The data carrier may be arranged so that the
`content is erased after a predetermined number of incorrect
`access attempts. Additionally or alternatively, a permanently
`stored flag may be set and/or a hardware modification (such as
`a fusable link) may be made to prevent the data carrier from
`functioning for further data storage/retrieval. Preferably,
`however, access to any sto