`US 6,237,095
`
`6,237,095
`PATENT:
`INVENTORS: Curry, Stephen M.
`Loomis, Donald W.
`Fox, Christopher W.
`
`TITLE:
`
`Apparatus for transfer of secure information
`between a data carrying module and an
`electronic device
`
`APPLICATION
`NO:
`FILED:
`ISSUED:
`
`US19983541A
`
`06 JAN 1998
`22 MAY 2001
`
`COMPILED:
`
`12 JAN 2012
`
`COMPASS EXH. 1004 - Page 1 of 268
`
`
`
`I.
`
`-
`
`I LI~
`
`SSCNNED-
`
`/i1AY__2 US0E
`
`SE TR CLAss5ISO
`
`P M Sf
`
`A W A V
`
`EXAMI ER
`
`FILE
`
`ITH-: []DISK (CRF) nlFICHE
`
`PREPARED AND
`
`PROV ED FOR ISSUE
`
`___
`
`ORIGINAL
`
`IS SUIN CLASSIFICATION
`ORIGINALCROSS
`REFERENCE(S)
`
`___
`
`CLASS
`SUBCLASS
`/73/_
`743
`/
`INTERNIATIONAL CLASSIFICATION
`
`ASS
`
`SUBCLASS (ONE SUBCLASS PER BLOCK)
`
`_
`
`_
`
`__
`
`___
`
`_
`
`_
`
`__
`
`wj TERMINAL xDRAWINGS
`
`DICAMRSheets Drvvg.
`
`Figs. Drwg.
`
`Print Fig.
`
`'Total Claims
`
`PitCam for O.G.
`
`CLAIMS ALLOWED
`
`-
`
`HE Continued on Issue Slip inside File Jacket
`
`Ha) The term of this patent
`subsequent to-
`has been disclaimed.
`
`i,'INOTICE
`Ani,her57
`(date) A79awy~
`A1gs am Exmuner)
`
`EB b) The termof this patent shall1
`not extend beyond the expiration date
`of U.S Patent. No
`
`4AI
`
`e,^ISSUE
`\cz e 7 (,7
`
`/D (Da)
`
`I /
`
`___
`
`Pmryinner}
`
`(/Vs
`
`EH c) The terminal ___months of
`this patent have been disclaimed.
`
`_
`
`______________
`
`OF ALLOACEMID
`,__ ./ NEMIE
`7 Y
`/1 0
`7
`
`A*9unt Due
`
`/'J 0 -(
`
`FEE
`
`41
`
`ate P d
`
`--
`
`ISEBTHNME
`
`WARNING-
`The Information disclosed herein my be restricted. Unauthorized disclosure may be prohibited by the United States Code Itle 35, Sections 122, 181 and 368.
`Possessiom outside the U.S. Patent & Trademark Office Is restricted to authorized employees and contractors only.
`Form PTO-436A
`(Rev. 10197)
`
`ISUE FEM i~j
`
`ftml Drwrig (_-sh*) W-_
`
`(LABEL AREA)
`
`(FACE)
`
`COMPASS EXH. 1004 - Page 2 of 268
`
`
`
`6,237,095
`
`APPARATUS FOR TRANSFER OF SECURE INFORMATION BETWEEN A DATA
`CARRYING MODULE AND AN ELECTRONIC DEVICE
`
`Transaction History
`
`Transaction Description
`Date
`Information Disclosure Statement (IDS) Filed
`1/6/1998
`Information Disclosure Statement (IDS) Filed
`1/6/1998
`Initial Exam Team nn
`2/4/1998
`IFW Scan & PACR Auto Security Review
`4/1/1998
`4/6/1998 Application Dispatched from OIPE
`5/5/1998
`Information Disclosure Statement (IDS) Filed
`5/5/1998
`Information Disclosure Statement (IDS) Filed
`5/15/1998 Case Docketed to Examiner in GAU
`6/8/1999 Case Docketed to Examiner in GAU
`6/16/1999 Non‐Final Rejection
`6/18/1999 Mail Non‐Final Rejection
`10/20/1999 Response after Non‐Final Action
`10/20/1999 Request for Extension of Time ‐ Granted
`10/26/1999 Date Forwarded to Examiner
`12/30/1999 Final Rejection
`1/4/2000 Mail Final Rejection (PTOL ‐ 326)
`4/5/2000 Date Forwarded to Examiner
`4/5/2000 Amendment after Final Rejection
`4/10/2000 Amendment after Final Rejection
`4/10/2000 Advisory Action (PTOL‐303)
`4/11/2000 Mail Advisory Action (PTOL ‐ 303)
`4/12/2000 Date Forwarded to Examiner
`5/1/2000 Continuing Prosecution Application ‐ Continuation (ACPA)
`5/1/2000 Mail Express Abandonment (During Examination)
`5/1/2000 Express Abandonment (during Examination)
`5/1/2000 Request for Extension of Time ‐ Granted
`5/5/2000 Date Forwarded to Examiner
`7/17/2000 Mail Notice of Allowance
`7/17/2000 Notice of Allowance Data Verification Completed
`8/30/2000 Workflow ‐ File Sent to Contractor
`10/16/2000
`Issue Fee Payment Verified
`10/16/2000 Workflow ‐ Drawings Finished
`10/16/2000 Workflow ‐ Drawings Matched with File at Contractor
`
`COMPASS EXH. 1004 - Page 3 of 268
`
`
`
`10/16/2000 Workflow ‐ Drawings Received at Contractor
`10/16/2000 Workflow ‐ Drawings Sent to Contractor
`4/6/2001 Workflow ‐ Complete WF Records for Drawings
`4/10/2001 Application Is Considered Ready for Issue
`5/3/2001
`Issue Notification Mailed
`5/22/2001 Recordation of Patent Grant Mailed
`
`
`
`COMPASS EXH. 1004 - Page 4 of 268
`
`
`
`PATENT APEICATION
`
`lu
`
`PTO
`
`I
`
`09003541
`
`INITIALS
`
`CONTENTS
`Date received
`(Incl. C. of M.)
`or
`Date Mailed
`
`1. Application&4WgnoS.
`
`papers
`
`42. _____________
`
`2T
`
`Q
`
`-h
`
`04e
`
`'r
`
`r,43.
`
`_____________
`
`3Jpr
`
`4.t-
`
`44.
`
`45.
`
`46.
`
`______
`
`__________
`
`____
`
`6
`
`,n
`
`-W
`
`0047.
`
`____________
`
`J
`
`m
`
`Jr
`
`AW
`
`4__5
`
`_
`
`48.
`
`______________
`
`2,6-o/
`
`5-01
`
`50.
`
`Date received
`neli. C. of M.)
`or
`Date Mailed
`
`_
`
`_
`
`12._
`
`__
`
`__
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`13._
`
`14.
`
`15.
`
`_
`
`__
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`53.
`
`54.
`
`55.
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`56.
`
`57. _
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`16. _
`
`17. _
`
`18. __
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`58.
`
`59.
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`19. _
`
`20. _
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`61.
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`60. _
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`21. _
`
`22. _
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`62. _
`
`63.
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`23. _
`
`24. __
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`64.
`
`65.
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`25. _
`
`26. __
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`66.
`
`67.
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`27. __
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`68.
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`28. __
`
`29. __
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`69.
`
`70.
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`30. __
`
`31. _
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`71. _
`
`72.
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`32. __
`
`33. _
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`73.
`
`74.
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`34. __
`
`35. __
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`75. _
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`76.
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`36. __
`
`37. __
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`__
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`77. _
`
`78.
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`38. _
`
`39. __
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`79.
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`40.
`
`41. _
`
`_
`
`_
`
`_
`
`_
`
`_
`
`__
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`80.
`
`8
`
`al__
`
`. _
`
`82. _
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`_
`
`(FRONT)
`
`COMPASS EXH. 1004 - Page 5 of 268
`
`
`
`SEARCHED
`
`Class___Sub.
`
`Date__jExmr.
`
`SEARCH NOTES
`(INCLUDING SEARCH STRATEGY)
`
`W6ar 79XT
`
`Date
`
`Emr.P"
`
`3ff
`
`396
`
`705
`
`76
`-713
`
`765
`
`13
`7/S3
`
`q
`6
`
`'79
`
`179
`-75
`
`17Z
`
`117/f 9
`
`5 .1 5A
`4- 1 ftr
`
`-7//6o
`
`INTER ERENCE SEARCHED
`Sub.
`Date
`Exmr.
`Class
`7/5
`
`-1oo 5MAr5
`
`179
`
`(RIGHT OUTSIDE)
`
`COMPASS EXH. 1004 - Page 6 of 268
`
`
`
`ISSUE SLIP STALC 'AMA (for additional crass references)
`
`POSIT*ON
`
`Iy4ITIALS
`
`ID NO.
`
`FEE DETERMINATION
`O.I.P.E. CLASSIFIER
`FORMALITY REVIEW
`
`L 42 S
`
`-"-
`
`'~9IDEX OF CLAIMS
`Non-elected
`... ........................ Rejected
`I ................................
`Interference
`... ........................ Allowed
`.................................
`Appeal
`(Through numeral) Canceled
`.................................
`Objected
`.... ....................... Restricted
`.... I ............................
`
`Claim
`
`Date
`
`C
`T0
`
`5111
`
`59
`
`5611
`
`591
`
`67
`64
`
`69
`70
`1711
`72
`731
`
`751
`761
`77
`
`Jl
`
`1
`1
`
`I
`
`1
`1
`
`70
`81
`82
`83
`84
`85
`86i
`87
`~88.............
`89
`90
`91
`92
`93
`94
`95
`96
`97
`98
`991
`
`_
`
`Date
`
`Claim
`
`0)
`
`116
`117
`
`119
`
`115
`116
`1171
`
`1191
`
`1
`
`1141
`1121
`
`1
`
`11
`1 1
`
`1161
`
`1181
`1191
`201
`1211
`1221
`123
`124
`125
`126
`127
`128
`129
`130
`131
`132
`
`13
`131
`
`1381
`1391
`401
`1411
`
`143
`144
`
`145
`146
`147
`14E
`141
`15
`
`1 1 1
`
`1
`
`If more than 156 claims or 10 actions
`staple additional sheet here
`
`(LEFT INSIDE)
`
`COMPASS EXH. 1004 - Page 7 of 268
`
`
`
`(12) United States Patent
`Curry et ali.
`
`US0062370951
`US 6,237,095 Bi
`(10) Patent No.:
`*May 22, 2001
`(45) Date of Patent:
`
`(54) APPARATUS FOR TRANSFER OF SECURE
`INFORMATION BETWEEN A DATA
`CARRYING MODULE AND AN
`ELECTRONIC DEVICE
`
`(75)
`
`Inventors: Stephen M. Curry, Dallas; Donald W.
`Loomis, Coppell; Christopher W. Fox,
`Dallas, aUl of TX (US)
`
`(73) Assignee: Dallas Semiconductor Corporation,
`Dallas, TX (US)
`
`()Notice:
`
`This patent issued on a continued pros-
`ecution application filed under 37 CFR
`1-53(d), and is Subject to the twenty year
`patent
`term provisions of 35 U.S.C.
`154(a)(2)-
`
`Subject to any disclaimer, the term of this
`patent is extended or adjusted under 35
`U.S.C. 154(b) by 0 days.
`
`Appl. No.: 09/003,541
`
`Filed:
`
`Jan. 6, 1998
`
`Related U.S. Application Data
`
`(62) Division of application No. 08/59S,014, filed on Jan, 31,
`1996,
`(60)
`Provisional application No. 60/004,510, fled on Sep. 29,
`1995.
`(51)
`........................................ H04L 9/00
`Int. CCi
`(52) U.S. Cl ........
`....................................
`713/178
`
`(58) Field of Search .........................
`380/4, 25, 24,
`380/21; 711/164; 705/64, 65, 75; 713/175,
`178, 168, 172
`
`-
`
`References Cited
`U.S. PATENT DOCUMENTS
`7/1
`4,530,201
`White ........................
`364/408
`9/1
`Curry ........................
`235/441
`5,045,675
`5,077,792
`Herring .......................
`12/1
`380/24
`.............
`380/21
`Esserman et a!
`S1]
`5,111,504 -
`Nolan, Jr...................... 711/164
`5,146,575
`9/1
`-
`Davvis et al................... 380/24
`5,577,121
`- 11/1
`...................... 380/4
`CGuy et al!
`5,615,262
`3/1
`*
`.................. 713/200
`Uttle et al!
`5,832,207 * 1/
`by examiner
`
`*cited
`
`Primary Exanuner-Tod R. Swann
`Assistant Examiner-Matthew Smithers
`(74) Attorney Aget, or Firm-Jenkens &
`Professional Corporation
`(57)
`ABSTRACT
`
`Gilchrist, A
`
`T11e present invention relates to an electronic module Used
`for secure transactions. More specifically, the electronic
`module is capable of passing encryptedl information back
`and forth between a service provider's equipment via a
`secure, encrypted technique so that money and other valu-
`able data can be securely passed electronically. The module
`is capable of being programmed, keeping track of real time,
`recording transactions for later review, and creating encryp-
`tion key pairs.
`
`8 Claims, 8 Drawing Sheets
`
`SYSTO DATAER
`
`OUPTDATA OBJECT 12
`
`[.ORIN2 EGITE
`
`RAIIIJL-
`
`CIRC!". BUFFER OF
`TRASACTON RECORDS
`'MhE AUOrT TRAIL DOES
`NOT EXIST UNTIL THE
`MICRO-IN-A-CAN
`MS BEEN LOCKED
`ONCE L.OCKED AUL
`UNUSED RAN IS
`ALLOCATED
`FOR
`THE AUDIT TRAIL
`
`TRANACTIOK GROUP
`GROUP NAME,
`PASSWORD AND AJTRIBUTES
`OBJECT I
`OBJECT 2
`
`OBJECTN
`
`
`TRANSACROCN RECORD
`GROUP BJECT DATE,TIME
`N0UI RIDC STAMP
`
`COMPASS EXH. 1004 - Page 8 of 268
`
`
`
`U.S. Patent
`
`May 22, 2001
`
`Sheet 1 of 8
`
`US 6,237,095 Bl
`
`X-qz
`
`12
`
`18
`
`M
`
`28-
`30--
`26-
`
`32-4
`
`si-i
`
`CREATE TRANSACTION GROUP
`
`GENERATE KEYS AND LOAD
`INTO A TRANSACTION GROUP
`
`PRIVATIZE DECRYPTION EXPONENT
`
`CREATE TRANSACTION SCRIPT
`
`LOCK TRANSACTION GROUP
`FIG. 2
`
`S3
`
`S4
`
`S5
`
`COMPASS EXH. 1004 - Page 9 of 268
`
`
`
`U.S. Patent
`
`May 22, 2001
`
`Sheet 2 of 8
`
`US 6,237,095 RI
`
`Al--
`
`A2i
`
`A4
`
`A5
`
`3ER RECEIVES SECURE E-MAIL
`AND ENCRYPTED
`IDEA KEY
`
`MODULE RECEIVES ENCRYPTED
`IEA KEY IN AN
`INPUT OBJECT
`OF A TRANSACTION GROUP
`
`TRANSACTION SCRIPT DECRYPTS
`IDEA KEY
`THE
`
`FIG. 3
`
`IDEA KEY IS PLACED
`DECRYPTED
`IN AN OUTPUT DATA OBJECT
`
`IDEA KEY IS USED TO DECRY?
`THE SECURE E-MAIL
`
`TI
`-'CREATE TRANSACTION GROUP FORI
`PERFORMING ELECTRONIC
`Bl-
`NOTARY FUNCTIONS
`81
`
`82 -d
`
`CREATE OBJECT(S) FOR
`RSA ENCRYPTION KEYS
`
`B3.. .CREATE
`
`OBJECT FOR TIMEKEEPINGI
`
`FIG. 4
`
`814
`
`SEQUENCE
`-dCREATEOTRANSACTION
`I OJECT (COUNTER)
`
`I
`
`CREATE A TRANSACTION SCRIPT THAT CREATES A
`CERTIFICATE BY COMBINING AN
`INPUT DATA OBJECT
`WITH THE TRUE TIME. THE VALUE OF THE TRANSACTION
`COUNTER AND A UNIQUE NUMBER ASSOCIATED TO THE
`MODULE, THEN SIGNS THE CERTIFICATE
`
`86 -A
`
`PRIVATIZE OBJECTS
`
`87
`
`LOCK TRANSACTION GROUP
`
`COMPASS EXH. 1004 - Page 10 of 268
`
`
`
`U.S. Patent
`
`May 22, 2001
`
`Sheet 3 of 8
`
`US 6,237,095 Bi
`
`C 1
`
`C2
`
`C3
`
`C4
`
`MESSAGE IS PLACED IN AN
`INPUT DATA OBJECT
`
`TRANSACTION SCRIPT COMBINES
`MESSAGE WITH OTHER DATA AND
`SIGNS THE COMBINATION WITH A
`PRIVATE KEY CREATING AN
`ENCRYPTED CERTIFICATE
`
`FIG. 5
`
`THE CERTIFICATE CAN BE READ
`AT A LATER TIME BY ENCRYPTING
`IT WINH THE PUBLIC KEY
`
`I
`
`THE CERTIFICATE AND ORIGINAL
`DOCUMENT CAN BE
`STORED ELECTRONICALLY
`
`PREPARE MODULE
`CREATE TRANSACTION GROUP
`COMPRISING: MONEY OBJECT
`TRANSACTION COUNT OBJECT
`PRIVATE KEY AND
`PUBLIC KEY OBJECTS ETC.
`
`I
`
`Dl-
`
`D2dPRIVATIZE PRIVATE KEY RELATED OBJECT(S)]
`
`FIG. 6
`
`RSA R ENCYPTINEPYS
`
`D4 -
`
`LOCK TRANSACTION GROUP
`
`D5 -I
`
`PUBLISH PUBLIC KEY
`
`COMPASS EXH. 1004 - Page 11 of 268
`
`
`
`U.S. Patent
`
`May 22,2001
`
`Sheet 4 of 8
`
`US 6,237,095 Bl
`
`MERCHANT
`
`BAMK/SERVICE PROVIDER
`
`USER WANTS TO MAKE
`A PURCHASE
`USING A MODULE
`
`READS MODULE'S
`ID NUMBER
`
`CREATE DATA PACKET
`INCLUDES A
`THAT
`'RANDOM SALT' AND
`MODULE
`ID NUMBER
`
`BY ENCRYPTING DATA
`
`E
`
`SUBTRACT PURCHASE
`AMOUNT FROM
`MONEY REGISTER_
`
`ATTACHES PRHS
`PRICE TO MECHNT
`SIGNED CERIFICATET
`
`4
`
`E5
`
`INCREMENT
`TRANSACTION AMOUNT
`
`COMBINE TRANSACTION
`COUNT WITH MERCHANTS
`SIGNED CERTIFICATE
`AND PURCHASE AMOUNT;
`THEN ENCRYPT WITH
`SERVICE PROVIDER'S
`PRIVATE KEY THEREBY
`CREATING A SIGNED
`MODULE CERTIFICATIE
`
`""I'l
`
`INCREMENT
`TRANSACTION AMOUNT
`
`[CONFIRM THAT:
`11) AMOUNT OF PURCHASE
`IS CORRECT
`2) DATA IN MERCHANT'S
`CERTIFICATE IS THE
`EAOR!IGINALLY SENT
`
`FIG. 7
`
`RECEIVE MODULE'S
`SIGNED CERTIFICATE
`
`DECRYPT MODULE'S
`CERTIFICATE WITH SERVIC E
`PROVIDER'S PUBLIC KEY
`
`E13
`
`DECRYPT MERCHANT'S
`D RPCERTIFICATE WITH
`MERCHANT'S PUBLIC KEY
`
`-1
`E1
`
`IF BOTH CERTIFICATES
`ARE OK THEN AD
`PURCHASE AMOUNT To
`IMERCHANT'S BANK_ BALAN~CE
`
`E15
`
`COMPASS EXH. 1004 - Page 12 of 268
`
`
`
`U.S. Patent
`
`May 22, 2001
`
`Sheet 5 of 8
`
`US 6,237,095 Ri
`
`BANK/SERVICE PROVIDER
`
`READ MODULE ID
`NUMBER AND AMOUNT
`OF CASH REQUESTED
`REQUEST MODULE TO
`PRODUCE A RANDOM SALT
`
`COMBINE SALT, ID NUMBEF
`AND CASH AMOUNT AND
`ENCRYPT WITH SERVICE
`PROVIDER'S PRIVATE KEY,
`THEREBY CREATING A
`SIGNED SERVICE
`PROVIDER CERTIFICATE
`
`FIG. 8
`
`WANTS TO ADD AN
`AMOUNT OF CASH
`TO MODULE
`
`CREATE RANDOM
`SALT NUMBER
`
`~1
`DECRYPT SIGNE SERVICE
`PROVIDER CERTIFICATE
`WITH SERVICE PROVIDER'S
`PUBLIC KEY AND CHECK
`TH ID NUMBER AND
`RANDOM SALT NUMBER
`
`ITHE ID NUMBER AND
`RADMSALT NUMBER
`IUNCHANGED THEN ADD
`HECASH AMOUNT TO THE
`MONEY REGISTER OF
`THE MODULE
`
`EXAMPLE OF
`TRANSFER FROM USER'S MODULE TO MERCHANT'S MODULE
`USER/PAYER
`MERCHANT/PAYEE
`RECEIVE SALT AND
`1. CREATE RANDOM SALT
`REQUEST FOR MONEY
`2. DETERMINE AMOUNT OF
`MONEY TO BE
`RECEIVED FROM PAYER
`
`SUBTRACT REQUESTED
`MONEY AMOUNT FROM
`A MONEY REGISTER
`
`Gl
`
`CREATE SIGNED PAYMENT
`I RTIFICATE BY COMBINING
`SALT WITH PAYMENT
`AMOUNT THEN ENCRYPTING
`WITH BANK/SERVICE
`PROVIDER'S PRIVATE KEY
`
`PAYEE=MERCHAMT
`PAYER= USER
`FIG.
`
`RECEIVED SIGNED PAYMENT
`CERTIFICATE AND DECRYPT
`USING SERVICE PROVIDER'S
`PUBLIC KEY
`
`KG3
`
`CHECK DECRYPTED SALT
`AGAINST ORIGINALLY SENT SALT
`IF THEY ARE THE SAME
`ADD PAYMENT AMOUNT
`TO MONEY REGISTER
`
`~G4
`
`COMPASS EXH. 1004 - Page 13 of 268
`
`
`
`U.S. Patent
`
`May 22,2001
`
`Sheet 6 of 8
`
`U.S.Patnt
`6,237,095 Ri
`ay 2, 201 hee 6 f 8US
`
`Hi
`
`TRANSACTION OVER A NETWORK WITH A MODULE
`MERCHANT/PAYEE
`USER/PAYER
`CREATE RANDOM
`PAYER SALT
`
`J--
`
`RECEIVE PAYER SALT AND
`COMBINE WITH AMOUNT OF
`MONEY TO BE RECEIVED, AND
`INCLUDE A PAYEE SALT, THEN
`ENCRYPT NTH SERVICE
`PROVIDER'S PRIVATE KEY TO
`CREATE A FIRST DATA PACKET
`
`H3
`
`AND DECRYPT WITH SERVICE
`
`COMPARE ENCRYPTED
`PAYER SALT WITH ORIGINAL
`PAYER SALT
`IF THEY ARE THE SAME,
`H4--SUBTRACT AMOUNT OF MONEY
`TO BE SENT FROM
`PAYER TO REGISTER
`
`GENERATE A SECOND DATA
`PACKET CONSISTING OF
`PAYEE*S SALT AND THE
`AMOUNT OF MONEY TO
`BE SENT AND ENCRYPT
`USING SERVICE
`PROVIDER*S_PRIVATE KEY
`
`FIG. 10
`
`KH
`
`RECEIVE SECOND DATA PACKET
`AND DECRYPT USING SERVICE
`PROVIDER'S PUBLIC KEY
`
`EXTRACT DECRYPTED PAYEE
`SALT AND COMPARE WITH
`PAYEE SALT PROVIDED EARUER
`IF BOTH ARE THE SAME ADD
`MONEY AMOUNT TO
`PAYEE MONEY REGISTER
`
`COMPASS EXH. 1004 - Page 14 of 268
`
`
`
`U.S. Patent
`
`May 22, 2001
`
`Sheet 7 of 8
`
`US 6,237,095 Bl
`
`MODULE
`
`READ/WRITE OBJECT COMMANDS
`
`TRANYSACTOMMN
`
`OBJECTS OMAND
`READ/WRITE
`
`SCRIPTS
`
`PRIVT
`
`(P)
`
`READ ONLY OBJECT COMMAND
`
`READ/WRITE OBJECT COMMANDS
`
`LOCKED
`TRANSACTON
`GROUP
`
`OBJECTS(0
`
`SCRIPTS
`
`PRVAT
`
`(p)
`
`flKEOCKED
`
`READ ONLY OBJECT COMMAND
`
`DATA
`TRANSPOR
`LAYER
`
`COMMAND
`INTERPRETER
`
`1 -WIRE
`1/0
`
`FIG. I1I
`
`COMPASS EXH. 1004 - Page 15 of 268
`
`
`
`U.S. Patent
`
`May 22, 2001
`
`Sheet 8 of 8
`
`US 6,237,095 Bl
`
`I /O DATA BUFFERS
`
`I
`
`SYSTEM DATA
`COMMON PIN, RANDOM
`NUMBER REGISTER, ETC...
`
`OUTPUT DATA OBJECT #1
`
`OUTPUT DATA OBJECT #2
`
`WORKING REGISTER
`
`TRANSACTION GROUP 1
`
`TRANSACTION GROUP 2
`
`TRANSACTION GROUP N
`
`AUDIT TRAIL'
`
`CIRCULAR BUFFER OF
`TRANSACTION RECORDS
`
`*THE AUDIT TRAiL DOES
`NOT EXIST UNTIL THE
`MICRO-IN-A-CAN
`HAS BEEN LOCKED
`
`ONCE LOCKED ALL
`UNUSED RAM IS
`ALLOCATED FOR
`THE AUDIT TRAIL
`
`FIG. 12
`
`TRANSACTION GROUP
`
`GROUP NAME,
`PASSWORD AND ATTRIBUTES
`OBJECT 1
`OBJECT 2
`
`OBJECT N
`
`TRANSACTION RECORD
`
`GROUP IOBJECT IDATE/TIME
`ID
`ID
`STAMP
`
`COMPASS EXH. 1004 - Page 16 of 268
`
`
`
`US 6,237,095 B1
`
`1
`APPARATUS FOR TRANSFER OF SECURE
`INFORMATION BETWEEN A DATA
`CARRYING MODULE AND AN
`ELECTRONIC DEVICE
`
`2
`BRIEF DESCRIPTION OF THE DRAWINGS
`A more complete understanding of the method and appa-
`ratus of the present invention may be had by reference to the
`following Detailed Description when taken in conjunction
`with the accompanying Drawings wherein:
`FIG. 1 is a block diagram of an embodiment of a module;
`FIG. 2 is an exemplary process for creating a transaction
`group;
`FIG. 3 is an exemplary technique for receiving an E-mail
`message;
`FIG. 4 is an exemplary technique for preparing a module
`for notary functions;
`FIG. 5 is an exemplary technique for using the module as
`a notary;,
`FIG. 6 is an exemplary technique for preparing a module
`to perform a money transaction;
`FIG. 7 is an exemplary technique for performing a money
`transacti on using a module;
`FIG. 8 is an exemplary technique for performing a money
`transaction using a module;
`FIG. 9 is an exemplary technique for performing a money
`transaction using a module;
`FIG& 10 is an exemplary technique for passing data over
`a network;
`HIG. 11 is an exemplary organization of the software and
`firmware within a module; and
`HIG. 12 is an exemplary configuration of software and
`firmware within a module.
`DETAILED DESCRIPTION OF A PRESENTLY
`PREFERRED EXEMPLARY EMBODIMENT
`FIG. 1 depicts a block diagram of an exemplary module
`10 that incorporates an exemplary embodiment of the
`present invention. The module circuitry can be a single
`integrated ci rcuit. It is understood that the module 10 could
`also be on multiple integrated or descrete element circuits
`combined combined together. The module 10 comprises a
`microprocessor 12, a real time clock 14, control circuitry 16,
`a math coprocessor 18, memory circuitry 20, input/output
`circuitry 26, and an energy circuit.
`The module 10 could be made small enough to he
`incorporated into a variety of objects including, but not
`limited to a token, a card, a ring, a computer, a wallet, a key
`fob, badge, jewelry, stamp, or practically any object that can
`be grasped and/or articulated by a user of the object.
`The microprocessor 12
`is preferably an 8-bit
`microprocessor, but could be 16, 32, 64 or any operable
`number of bits. The clock 14 provides timing for the module
`circuitry. There can also be separate clock circuitry 14 that
`provides a continuously running real time clock.
`The math coprocessor circuitry 18 is designed and used to
`handle very large numbers. In particular, the coprocossor
`will handle the complex mathematics of RSA encryption and
`decryption.
`The memory circuitry 20 may contain both read-only-
`memory and non-volatile
`random -access-me mory.
`Furthermore, one of ordinary skill in the art would under-
`stand that volatile memory, EPROM, SRAM and a variety of
`other types of memory circuitry could be used to create an
`equivalent device.
`Control circuitry 16 provides timing, latching and various
`necessary control functions for the entire circuit.
`An input/output circuit 26 enables bidirectional commu-
`nication with the module 10. The input/output circuitry 26
`
`5
`
`RELATED APPLICAT'IONS
`'This application is a division of Ser. No. 08/595,014 filing
`date Jan, 31, 1996.
`This application claims the benefit of U.S. Provisional 1
`Application No. 60/004,510, filed Sep. 29, 1995.
`The following applications of common assignee contains
`related subject matter and are hereby incorporated by ref-
`erence:
`Ser. No. 08/594,983, unknown, filed Jan. 31, 1996,
`entitled METHOD, APPARATUS, SYSTEM AND
`FIRMWARE FOR SECURE TRANSACTIONS;
`Ser, No. 08/594,975, filed Jan. 31, 1996, entitled TRANS-
`PER OF VALUABLE INFORMATION BETWEEN A
`SECURE MODULE AND ANOTHER MODULE.
`
`i5
`
`20
`
`BACKGROUND OF THE INVENTION
`1. Tlechnical Field of the Invention
`The present invention relates to a method, apparatus and
`system for transferring money or its equivalent electroni- 25
`cally. In particular, in an electronic module based system, the
`module can be configured to provide at least secure data
`transfers or to authorize monetary transactions.
`2. Description of Related Art
`Presently, credit cards that have a magnetic strip aSSoci-
`ated with
`them, are a preferred monetary transaction
`medium in the market place. A card user can take the card
`to an automatic cash machine, a local store or a bank and
`make monetary transactions. In many instances the card is 35
`used via a telephone interface to make monetary exchanges.
`The magnetic strip card is used to help identify the card and
`user of the card. The card provides a relatively low level of
`security for the transfer. Regardless, the card enables a card
`holder to buy products, pay debts and make monetary 40
`exchanges between separate bank accounts,
`Improvements have been made to the magnetic strip card.
`There have been cards created with microcircuits instead of
`magnetic strips. In general the microcircuit, like a magnetic
`strip, is used to enable a card-reader to perform a transaction. 45
`
`30
`
`SUMMARY OF THE INVENTION
`The present invention is an apparatus, system and method
`for communicating encrypted information between a pref-
`erably portable module and a service provider's equipment. 5o
`The
`invention comprises a module, that has a unique
`identification, that is capable of creating a random number,
`for example, a SALT, and passing the random number, along
`with, for example, a request to exchange money, to a service
`provider's equipment. The service provider's equipment 55
`may in return encrypt the random number with a private or
`public key (depending on the type of transaction). along with
`other information and pass the encrypted information back
`to the module as a signed certificate. The module, upon
`receiving the signed certificate, will decrypt the certifiCate 60
`with a public or private key (depending on the type of
`transaction) and compare the decrypted number with the
`original random number. Furthermore, if the numbers are the
`same then the transaction that was requested may be deemed
`secure and thereby proceeds. The module is capable of time 65
`stamping and storing in memory information about the
`transaction for later review.
`
`COMPASS EXH. 1004 - Page 17 of 268
`
`
`
`3
`preferably comprises at least an output buffer 28 and an
`input buffer. For communication via a one-wire, bus, one-
`wire interface circuitry 32 can be included with the input/
`output circuitry 26.
`An energy circuit 34 may be necessary to maintain the
`memory circuitry 20 and/or aid in powering
`the other
`circuitry in the module 10. The energy circuit 34 could
`consist of a battery, capacitor, R/C circuit, photovoltaic cell,
`or any other equivalent energy producing circuit or means.
`The firmuware architecture of a preferred embodiment of a
`secure transaction module and a series of sample applica-
`tions using the module 10 will now be discussed. These
`examples are intended to illustrate a preferred feature set of
`the module 10 and to explain the Services that the module
`offers. These applications by no means limit the capabilities
`of the invention, but instead bring to light a sampling of its
`capabilities.
`1. OVERVIEW OF THE PREFERRED MODULE AND
`ITS FIRMWARE DESIGN
`The module 10 preferably contains a general-purpose,
`8051-compatible micro controller 12 or a reasonably similar
`product, a continuously running real-time clock 14, a high-
`speed modular exponentiation accelerator for large integers
`(math coprocessor) 18, input and output buffers 28, 30 with
`a one-wire interface 32 for sending and receiving data, 32
`Kbytes of ROM memory 22 with preprogrammed firmware,
`8 Ebytes of NVRAM (non-volatile RAM) 24 for storage of
`critical data, and control circuitry 16 that enables the micro
`controller 12 to be powered up to interpret and act on the
`data placed in an input circuitry 26. The module 10 draws its
`operating power from the one-wire line, 'The micro control-
`ler 12, clock 14, memory 20, buffers 28, 30, one-wire
`front-end 32, modular exponentiation accelerator 18, and
`control circuitry 16 are preferably integrated on a single
`silicon chip and packaged in a stainless steel microcan using
`packaging techniques which make it virtually impossible to
`probe the data in the NVRAM 24 without destroying the
`data. Initially, most of the NVRAM 24 is available for use
`to Support applications such as those described below. One
`of ordinary skill will understand that there are many com-
`parable variations of the module design. For example,
`volatile memory can be used, or an interface other than a
`one-wire could be used. The silicon chip can be packaged in
`credit cards, rings etc.
`The module 19 is preferably intended to be usd first by
`a Service Provider who loads the module 19 with data to
`enable it to perform useful functions, and Second by an End
`User who issues commands to the module 10 to perform
`operations on behalf of the Service Provider for the benefit
`of the End User. For this reason, the module 10 offers
`functions to support the Service Provider in setting up the
`module for an intended application. It also offers functions
`to allow the End User to invoke the services offered by the
`Service Provider.
`Each Service Provider can reserve a block of NVRAM
`memory to support its services by creating a transaction
`group 40 (refer to FIGS. 11 and 12). A transaction group 40
`is simply a set of objects 42 that are defined by the Service
`Provider. These objects 42
`include both data objects
`(encryption keys, transaction counts, money amounts, date/
`time stamps, etc.) and transaction scripts 44 which specify
`how to combine the data objects in useful ways. Each
`Service Provider creates. his own transaction group 40,
`which is independent of every other transaction group 40.
`Hence, multiple Service Providers can offer different ser-
`vices in the same module 10. The number of independent
`
`37,095 B1
`
`4
`Service Providers that can be supported depends on the
`number and complexity of the objects 42 defined in each
`transaction group 40. Examples of some of the objects 42
`that can be defined within a transaction group 40 are the
`5 following:
`
`10
`
`RSA Modulus
`RSA Exponent
`Tramsaction Script
`Transaction Counter
`Money Register
`D.."tmeor
`
`Clock Offset
`Random SALT
`Configuration Data
`input Data
`Output Dat
`
`is Within each transaction group 40 the module 10 will
`initially accept certain commands which have an irreversible
`effect. Once any of these
`irreversible commands are
`exceicute
`in a transaction group 40, they remain in effect
`until the end of the module's useful life or until the trans-
`20 action group 40, to which it applies, is deleted from the
`module 10. In addition, there are certain commands which
`have an irreversible effect until the end of the module's life
`or until a master erase command is issued to erase the entire
`contents of the module 10. These commands will be dis-
`cussed further below. These commands are essential to give
`25 the Service Provider the necessary control over the opera-
`tions that can be performed by the End User. Examples of
`Some of the irreversible commands are:
`
`30
`
`privatize Object
`Lock Transaction Group
`
`Lock Object
`Lock Micro-it-A-Cmn
`
`Since much of the module's utility centers on its ability to
`35 keep a secret, the Privatize command is a very important
`irreversible command.
`Once the module 10, as a whole, is locked, the remaining
`NVRAM memory 24 is allocated for a circular buffer for
`holding an audit trail of previous transactions. Each of the
`40 transactions are identified by the number of the transaction
`group, the number of the transaction script 40 within the
`specified group, and the date/time stamp.
`The fundamental concept implemented by the firmware is
`that the Service Provider can store transaction Scripts 44 in
`45a transaction group 40 to perform only those operations
`among objects that he wishes the End User to be able to
`perform. The Service Provider can also store and privatize
`RSA key or keys (encryption keys) that allow the module 10
`to "sign" transactions on behalf of the Service Provider,
`50 thereby guaranteeing their authenticity. By privatizing and/
`or locking one or more objects 42 in the transaction group
`40, the Service Provider maintains control over what the
`module 10 is allowed to do on his behalf. The End User
`cannot add new transaction Scripts 44 and is therefore
`55limited to the operations on objects 42 that can be performed
`with the transaction Scripts 44 programmed by the Service
`Provider,
`11. USAGE MODELS OF THE MODULE
`This section presents a series of practical applications of
`the module 10, ranging from the simplest to the most
`complex. Each of these applications is described in enough
`detail to make it clear why the module 10 is the central
`enabling technology for that application.
`A. BACKGROUND) OF SECURE E-MAIL
`In this section we provide an example of how a module 10
`could be used to allow anyone to receive his or her own
`e-mail securely at any location.
`
`60
`
`65
`
`COMPASS EXH. 1004 - Page 18 of 268
`
`
`
`US 6,237,095 B1
`
`1. Standard E-Mail
`In a standard e-mail system, a user's computer is con-
`nected to a provider of Internet services, and the user's
`computer provides an e-mail password when polling the
`provider's computer for new mail. The mail resides on the 5
`provider's computer in plain text form, where it can be read
`by anyone working there. In addition, while traveling from
`its source, the mail passes through many computers and was
`also exposed at these locations. If the user receives his mail
`from his provider over a local area network, anyone else on 10
`the same network can capture and read the mail, Finally,
`with many e-mail systems that do not require the user to
`enter the password, anyone sitting at the user's computer can
`retrieve and read his mail, since his computer automatically
`provides the password when it polls the provider's com- 1
`puter.
`It is frequently also possible to copy the password from a
`configuration file in the user's computer and use it to read his
`mail from a different computer. As a result of this broad
`distribution of the e-mail in plain text form and the weakness 20
`of password protection, standard e-mai