`Hulst et al.
`
`(10) Patent N0.:
`(45) Date of Patent:
`
`US 7,334,720 B2
`Feb. 26, 2008
`
`US007334720B2
`
`(54) DATA STORAGE AND ACCESS SYSTEMS
`
`(75)
`
`Inventors: Hermen-ard Hulst, Amsterdam (NL);
`Patrick Sandor Racz, St. Heller (GB)
`_
`_
`(SC1}n];1)rt-Flash Limited, East Sussex
`
`.
`.
`(73) Assignee.
`
`5,457,746 A
`5,588,146 A
`
`10/1995 Dolphin
`12/1996 Leroux
`
`5,577,953 A
`5,703,951 A
`5,754,654 A *
`5,794,202 A
`
`10/1997 D01phin
`12/1997 Dolphin
`5/1998 Hiroya et al.
`8/1998 Kim
`
`............... .. 705/76
`
`( * ) Notice:
`
`Subject to any disclaimer, the term of this
`patent is extended or adjusted under 35
`U'S'C' 1540’) by 0 days‘
`
`(21) Appl. No.: 11/336,758
`
`(22)
`
`Filed:
`
`Jan. 19, 2006
`
`(Continued)
`FOREIGN PATENT DOCUMENTS
`
`EP
`
`0195098
`
`10/1990
`
`(65)
`
`Prior Publication Data
`
`(Continued)
`
`Us 2006/0118619 A1
`
`-11111 8: 2006
`_
`_
`Related U.S. Application Data
`
`Primary Examiner—Steven S. Paik
`(74) Attorney, Agent, or Firm—Townsend and Townsend
`and Crew LLp
`
`(63) Continuation of application No. 10/111,716, filed as
`application No. PCT/GB00/04110 on Oct. 25, 2000,
`now abandoned.
`
`(57)
`
`ABSTRACT
`
`60>
`NOV. 25, 1999
`
`(51)
`
`Int CL
`G06K 5/00
`
`(GB)
`
`............................... .. 99252272
`
`(200601)
`
`(52) U-S- CL ~~~~~~~~~~~~~~~~~~~~ ~- 230/330; 235/382; 235/492;
`235/451
`(58) Field of Classification Search .............. .. 235/380,
`235/382, 492, 451; 711/100, 101, 103
`See application file for complete search history.
`
`(56)
`
`References Cited
`U.S. PATENT DOCUMENTS
`
`5,226,145 A
`5,367,150 A
`5,406,619 A *
`
`7/1993 Moronaga et al.
`11/1994 Kitta et al.
`4/1995 Akhteruzzaman
`et al.
`..................... .. 379/93.02
`
`text, software, games and other types ofdata. Aportable data
`carrier has an interface for sending and receiving data,
`non-volatile data memory for storing received content data
`and non-volatile payment validation memory for providing
`payment validation data to an external device. The carrier
`may also store a record of access made to the stored content,
`and content use rules for controlling access to the stored
`content. Preferred embodiments store further access control
`data and supplementary data such as hot links to web sites
`and/or advertising data. A complementary data access ter-
`minal, data supply computer system and data access device
`1
`d
`'b d. Th
`b'
`'
`f
`d
`d
`are a so
`escri e
`e com ination o payment
`ata an
`stored content data and, in preferred embodiments, use rule
`data, helps reduce the risk of unauthorized access to data
`such as compressed music and video data, especially over
`the Internet.
`
`18 Claims, 17 Drawing Sheets
`
`
`
`
`
`Apple Exhibit 1034'
`Page 00001
`
`
`
`ACCESS OONTRG. DATA
`WEHATINB SYSTEM COX
`PAYMENT DATA
`FAVMENT MANAGEMENT WEE
`
`CARD VAIJJE DATA
`
`DRM A SECURITY CODE
`RFM DATA
`CRM CODE
`CHM DATA
`
`
`CONTENT SYNTPESIS OODE
`
`DRM 5 ROYALTV DATA
`
`OGUENT INDEX AND USE RULES DATA
`
`USE REDOE DATA
`SUPPLY CHAIN DATA
`
`MOBILE OOMMUNICATIONS NETWOfi<
`AQCESS DATA
`
`
`
`
`
`
`Apple Exhibit 1034
`Page 00001
`
`
`
`US 7,334,720 B2
`Page 2
`
`U.S. PATENT DOCUMENTS
`
`5,809,241 A
`5,847,372 A
`5,889,860 A
`5,901,330 A
`5,918,213 A
`5,923,884 A
`6,012,634 A
`6,078,917 A
`6,119,945 A
`6,202,056 B1
`6,385,731 B2
`6,424,975 B1
`5,442,570 131
`6,473,829 B1
`6,510,236 B1
`6,553,413 B1
`6,574,643 B2
`6,999,936 B2*
`
`9/1998 Hanel et al.
`12/ 1998 Kreft
`3/1999 Eller et a1.
`5/1999 Sun et a1.
`6/1999 Bernard et al.
`7/1999 Peyret et al.
`1/2000 Brogan etal.
`6/2000 Paulsen et al.
`9/2000 Muller et a1.
`3/2001 Nuttall
`5/2002 Ananda
`7/2002 Walter et al.
`3/2002 wu
`10/2002 Dahman etal.
`1/2003 Crane et 211.
`4/2003 Leighton et al.
`6/2003 Walter et a1.
`2/2006 Sehr ............................ .. 705/5
`
`7,044,362 B2*
`7,083,081 B2*
`
`5/2006 Yu ........................... .. 235/375
`8/2006 McGee et a1.
`............ .. 235/375
`
`FOREIGN PATENT DOCUMENTS
`
`E1’
`E1’
`E1’
`EP
`E1’
`E1’
`E1’
`E1’
`EP
`W0
`W0
`W0
`W0
`
`0713198
`0823594
`0823594 A1
`0542298
`0713198 A2
`0843449
`0843449 A2
`0914001
`0914001 A1
`WO 98/19237
`W0 98/19237 A1
`W0 98/33343
`W0 98/37525
`
`5/1996
`2/1998
`2/1998
`4/1998
`5/1998
`5/1998
`5/1998
`5/1999
`5/1999
`5/1998
`5/1998
`7/1998
`8/1998
`
`* cited by examiner
`
`Page 00002
`
`Page 00002
`
`
`
`U.S. Patent
`
`Feb. 26,2008
`
`Sheet 1 of 17
`
`US 7,334,720 B2
`
`Page 00003
`
`Page 00003
`
`
`
`
`U.S. Patent
`
`Feb. 26,2008
`
`Sheet 2 of 17
`
`US 7,334,720 B2
`
`Page 00004
`
`Page 00004
`
`
`
`U.S. Patent
`
`Feb. 26,2008
`
`Sheet 3 of 17
`
`US 7,334,720 B2
`
`Page 00005
`
`Page 00005
`
`
`
`U.S. Patent
`
`Feb. 26,2008
`
`Sheet 4 of 17
`
`US 7,334,720 B2
`
`
`
`ARTIST
`TERMINAL
`
`ARTIST
`TERMINAL
`
`
`
`CONTENT
`
`CREATOR
`
`
`STORED
`10gb
`CONTENT
`
`
`
`108
`
`CONTENT
`PROVIDER
`
`108d
`
`
`
`
`
`STORED
`coN‘rEN1'
`
`CONTENT
`PROVIDER
`
`courenr
`PROVIDER
`
`was
`comem
`PROVIDER
`
`"23
`
`4-n—»
`
`110a
`CONTENT
`PUBLESHER
`
`22:12:; max
`
`COMMUNICATIONS
`”ETW°RK
`
`
`
`101
`
`1‘4
`
`1mw
`
`CONTENT
`PROVIDER
`
`GATEWAY
`SERVER
`
`CONTENT
`P”B”S”ER
`
`CONTENT
`nmnnmuwoa
`VWUJGATEMMN
`
`“Z”
`
`STORED
`CONTENT
`
`118
`
`CONTENT
`
`
`ACCESS
`
`TERNflNAL
`
`
`
`100
`
`Fig. 5
`
`Page 00000
`
`1'7
`
`wm
`
`CONTENT
`
`ACCESS.
`TERNHNAL
`
`
`
`"°
`
`Page 00006
`
`
`
`U.S. Patent
`
`Feb. 26,2008
`
`Sheet 5 of 17
`
`US 7,334,720 B2
`
`1 18b CONTENT
`ACCESS
`
`CONTENT
`
`TERMINAL
`
`CONTENT
`
`TERMINAL
`
`BANK
`
`§.'$é‘¥éI‘f“‘
`
`1228
`
`1213
`
`Em 12b
`
`126
`
`142
`
`$22‘:
`
`R
`
`e-PAYMENT
`mm
`121 -
`
`BANK
`
`.22.. —
`
`124
`
`WEB SERVER
`CODE STORAGE
`
`CONTENT ACCESS
`WEB SERVER
`
`
`
`
`
`
`
`CONTENT
`DISTRIBUTION
`PROCESSOR
`
`ACCESS CONTROL
`CODE STORAGE
`
`DRM cone
`cam & PAYMEN
`STORAGE
`DISTRIBUTION
`
`CODE STORAGE
`
`
`1323
`1343
`
`ACCESS ONTROL
`PROCESSOR
`
`DRM
`PROCESSOR
`
`1288
`
`Page 00007
`
`
`
` CONTENT
`ACCESS &
`DRM DATA
`STORE
`
`
`
`
`136
`
`
`
`133
`
`
`
`
`
`PAYMENT
`PROCESSOR
`
`PAYMENT
`MANAGEMENT
`CODE STORAG =
`
`
`
`
`Page 00007
`
`
`
`U.S. Patent
`
`Feb. 26,2008
`
`Sheet 6 of 17
`
`US 7,334,720 B2
`
`143
`
`146
`
`,
`M°b"° °°"‘"'5
`
`MOBILE COMMS
`NE1'WORK GATEWAY
`
`«~
`
`[:1]
`
`'42
`
`HOME PC
`
`158
`
`“§E?$§§””
`
`164
`ovn
`
`154
`
`160
`
`LAN
`
`166
`
`168
`
`CONTENT
`comem
`
`ACCESS
`ACCESS
`TERMINAL
`E33 TERMINAL
`
`166a
`
`1688
`
`1 70a
`
`Fig. 7
`
`Page 00003
`
`"
`
`#5
`Po‘.
`Q!
`Radio tower
`
`
`
`‘’'‘’‘’°'"
`154b
`
`SFC
`
`154a
`
`-
`
`‘55
`
`170
`
`
`
`CDIDVD PLAYER
`
`51:9
`
`Page 00008
`
`
`
`U.S. Patent
`
`6,2b.e
`
`00
`
`S
`
`4
`
`2B
`
`
`
`5%.:m<u
`
`DZ<
`
`zo:.<o.n__mm>
`
`_2Em>w
`
`
`
`
`
`25225Fmo<u_mmE_mEo._5n_z_mU<u_Kw._.2.H928%.2.2:00So;
`
`
`
`
`
`2at
`
`mo<uEEz_88
`
`mmmzom
`
`mmzmo75.3mm.”Efimamwmfinmoooxmmaommmm;Hmooo
`
`
`
`
`
`
`
`
`moz<:uxmmooomo<uEmFz_mwz<:oxm<.—<o
`
`
`
`
`
`uo<u_mm:z_Em>mo.2ms_Mmommmoomm>mOs_ws__2<mwOmmwz.¥.._o.sm8w8.3.
`
`0.mmat
`
`mo<u_mm»z_mum:B.58mmmamomooowmuzmoms__2oo¢m:._.o7,mzzoo
`
`
`
`
`Smooomo<u.¢w»z_mum:U¢m>_moSNmooo._.zm:mo<z<s_Em_2><.__._w<o
`
`
`
`
`
`moEmm»z_mm._n_z<m8.
`
`
`cum._.zm._2oomooom:._z<mpzmpzoo
`
`Page 00009
`
`
`
`
`
`
`
`mnoo..<>m_E.mmhzmpzoomz_._.&o
`
`8.8.N32..E.
`
`oz_»z_o._._<:m_2o_o:<S._z_sous.m_zmm»z_8.2:9:at
`
`
`
`
`
`
`
`
`N2mo_>momo<uEm._.z_mo_>momo<n_mm»z_
`
`
`
`
`
`
`
`Page 00009
`
`
`
`
`
`
`U.S. Patent
`
`Feb. 26,2008
`
`Sheet 8 of 17
`
`US 7,334,720 B2
`
`SN
`
`on
`
`
`
`
`
`Eosmz<._.<Dm:E§o>.zoz
`
`<.~.<QD.9.5
`
`Ea
`
`>mos_ms_
`
`
`
`s.<mooE._.zmz<_2mmn.
`
`v—N
`
`
`
`pzmpzooommohm
`
`>mo_2ws_5.3
`
`=._m<....=
`
`
`
`oz_xmoz,._OK.—.zOU
`
`
`
`>¢os_m_2mowwmoomn0.00..
`
`mo<uEm»z_
`
`._<zmm§m
`
`Eu
`
`:3
`
`mom
`
`SN
`
`d02.2....
`
`
`
`
`
`<.—.<D._O¢._.200mmmoo<
`
`
`
`<._.<D»zms_><n_
`
`
`
`(.53u:..<>nz<o
`
`(.53Ex
`
`<._.<o210
`
`
`
`<._.<D>.:<>omasac
`
`
`
`<._.<Omm.Szmm:oz<xmoz_pzmzzoo
`
`
`
`<._.<n_azoommmm:
`
`
`
`
`
`<._.<Dz_<_._o>..&:w
`
`
`
`<._.<Dwmmoo<
`
`
`
`
`
`xmozcmzmzo:<u_z:_22oomemo:
`
`
`
`
`
`mooo_2m=w>moz:.<mmn_o
`
`
`
`
`
`maoo»zm2uo<z<s_»zm_2><._
`
`
`
`moooEmaommaSEQ
`
`
`
`mooozmo
`
`
`
`
`
`wooom_mmEz>mEmfizou
`
`m.2“.
`
`Page 00010
`
`Page 00010
`
`
`
`
`
`
`
`
`
`U.S. Patent
`
`Feb. 26, 2008
`
`Sheet 9 of 17
`
`US 7,334,720 B2
`
`«R
`
`NNN
`
`mommmoomn~ ~205200
`zéoomm.Emz<2mmn_.022:0?~
`
`mum:
`
`>S._m_o
`
`Ba
`
`own
`
`0»oz_sE
`
`o_o_..<
`
`mo<n_mm»z_
`
`SE28
`
`o_o3
`
`canQNN
`
`cum
`
`mmo<u_mm»z_
`
`
`
`mo<&m:.z_cum
`
`
`mw><....
`
` EH28I moEmm»z_mum...
`
`83
`
`£8
`
`82
`
`ER
`
`Eozmz
`
`
`
`
`
`mnoomo<uEEz_cum
`
`
`
`
`
`
`
`mnoo._Om:.ZDOmo<“Em»z_«mm:
`
`>mos_m_2
`
`emu
`
`
`
`moooJOEZOOmm:
`
`2.9“.
`
`moonmm><#_wzmpzoo
`
`
`R2a
`
`Page 00011
`
`
`
`
`
`Page 00011
`
`
`
`
`
`
`U.S. Patent
`
`Feb. 26, 2008
`
`Sheet 10 of 17
`
`US 7,334,720 B2
`
`S10
`
`SMART FLASH CARD INSERTED
`INTO CONTENT ACCESS
`TERMINAL CARD INTERFACE
`
`S11
`
`SCHEME OWNER REGISTRATION
`WEB PAGE LOADED ONTO
`CONTENT ACCESS TERMINAL
`
`S12
`
`USER REGISTRATION DATA
`ENTERED INTO CONTENT ACCESS
`TERMINAL
`
`S13
`USER REGISTRATION DATA
`TRANSMITTED TO SCHEME OWNER
`
`S14
`PAYMENT REQUEST RECEIVED
`FROM SCHEME OWNER AT
`CONTENT ACCESS TERMINAL
`
`S15
`
`PAYMENT DATA ENTERED INTO
`CONTENT ACCESS TERMINAL AND
`TRANSMITTED TO SCHEME OWNER
`
`S16
`
`Fig11a
`
`
`
`
`
`
`
`CARD VALUE DATA AND CARD
`VALUE ACCESS CODE RECEIVED
`BY CONTENT ACCESS TERMINAL
`FROM SCHEME OWNER
`
`
`
`S17
`CARD REGISTRATION DATA
`RECEIVED FROM SCHEME OWNER
`AND WRITTEN ONTO CARD
`
`S18
`VALUE DATA AND ACCESS CODE
`WRITTEN ONTO CARD AND
`OUTPUT TO USER
`
`S19
`
`CARD AVAILABLE FOR USE
`
`Page 00012
`
`Page 00012
`
`
`
`U.S. Patent
`
`Feb. 26,2008
`
`Sheet 11 of 17
`
`US 7,334,720 B2
`
`S20
`
`REQUEST FOR CARD
`REGISTRATION WEB PAGE
`RECEIVED FROM CONTENT
`ACCESS DEVICE
`
`
`
`
`
`S21
`
`TRANSMIT CARD REGISTRATION
`WEB PAGE TO CONTENT
`ACCESS DEVICE
`
`S22
`
`
`
`
`
`
`RECEIVE USER REGISTRATION
`
`DATA FROM CONTENT ACCESS
`
`TERMINAL AND STORE IN ACCESS
`
`CONTROL DATA STORE
`
`S23
`TRANSMIT PAYMENT REQUEST TO
`CONTENT ACCESS TERMINAL
`
`S24
`
`RECEIVE PAYMENT DATA FROM
`CONTENT ACCESS TERMINAL
`
`S25
`
`PAYMENT PROCESSOR VERIFIES
`PAYMENT DATA WITH PAYMENT
`SYSTEM
`
`S26
`PAYMENT PROCESSOR
`TRANSMITS VALUE DATA AND
`VALUE ACCESS CODE TO
`CONTENT ACCESS TERMINAL
`
`
`
`
`
`S27
`
`PAYMENT PROCESSOR UPDATES
`PAYMENT RECORD DATA STORE
`WITI-I TRANSACTION DATA
`
`Fig.11b
`
`S28
`CARD REGISTRATION DATA
`LOADED FROM ACCESS CONTROL
`DATA STORE AND TRANSMIT'I'ED
`TO CONTENT ACCESS TERMINAL
`
`
`
`
`
`
`
`S29
`
`TRANSACTION COMPLETE
`
`Page 00013
`
`Page 00013
`
`
`
`U.S. Patent
`
`Feb. 26,2008
`
`Sheet 12 of 17
`
`US 7,334,720 B2
`
`S30
`
`INSERT CARD IN CONTENT
`ACCESS TERMINAL
`
`S31
`
`USER ENTERS PASSWORD INTO
`
`CONTENT ACCESS TERMINAL
`
`s32
`
`CONTENT ACCESS TERMINAL
`TRANSMITS PASSWORD To cARD
`FOR VERIFICATION
`
`ACCESS PERMITTED?
`
`YES
`
`LOAD OUTLINE CRM
`DATA FROM cARD
`
`533
`
`S40
`
`s41
`
`LoAD RETAILER DATA FROM
`RETAILER um I WAN
`
`0
`
`s42
`
`
`
`DISPLAY MENU. RETAILER DATA
`AND OUTLINE CRM DATA ON
`CONTENT ACCESS TERMINAL
`
`DISPLAY WARNING AND
`INCREMENT TERMINAL Access
`DENIED coum
`
`S35
`READ cARD THRESHOLD AND
`TOTAL cARD Access DENIED
`COUNT FROM cARD
`
`$35
`
`S37
`
`. . D COUNT-,(cAR
`
`THRESHOLD -3)?
`
`DISPLAY CONTENT ERASURE
`WARNING
`
`
`
`
`S43
`
`INPUT MENU OPTION
`(DOWNLOAD CONTENT;
`
`
`ADD MONETARY VALUE;
`CHECK I SPEND CRM VALUE:
`WEB SITE LINKS: EXIT)
`
`
`
`
`
`
`
`
`S38
`
`
`
`TERMINAL
`COUNT,-rEgM|NAL
`1'HREsHoLm
`
`
`
`
`
`YES
`
`s44
`
`s39
`
`DOWNLOAD CONTENT
`
`
`
`LDAD SCHEME OWNER CONTENT
`Access wee PAGE ONTO
`CONTENT ACCESS TERMINAL
`
`
`
`
`OUTPUT ACCESS REFUSED‘
`MESSAGE AND AWAIT CARD
`REMOVAL
`
`¢
`
`Fig. 12a
`
`Page 00014
`
`Page 00014
`
`
`
`U.S. Patent
`
`Feb. 26, 2008
`
`Sheet 13 of 17
`
`US 7,334,720 B2
`
`S45
`CONTENT SEARCH REQUEST
`
`DATA INPUT AND TRANSMITTED
`
`TO SCHEME OWNER CONTENT
`DISTRIBUTION PROCESSOR
`
`
`
`
`
`
`S46
`CONTENT SEARCH RESULTS
`
`
`RECEIVED FROM CONTENT
`DISTRIBUTION PROCESSOR AND
`
`DISPLAYED ON CONTENT ACCESS
`TERMINAL
`
`
`
`
`
`S47
`CONTENT ITEM SELECTION DATA
`INPUT AND TRANSMITTED TO
`SCHEME OWNER
`
`S48
`
`CONTENT COST DATA. CONTENT
`
`
`USE RULES AND PURCHASE
`OPTIONS DATA RECENED FROM
`
`SCHEME OWNER
`
`S49
`PURCHASE OPTION SELECTION
`AND PURCHASE REQUEST INPUT
`OR EXIT TO MENU SELECTED
`
`EXIT
`
`S50
`CARD VALUE AND CRM DATA
`READ FROM CARD
`
`Fig.12b
`
`S52
`
`N0 ouspuw INSUFFICIENT
`VALUE WARNING
`
`$51
`CARD VALUE SUFFICIENT?
`
`
`
`
`YES
`
`S53
`PAYMENT REQUEST
`TRANSMITTED TO CARD
`
`Page 00015
`
`Page 00015
`
`
`
`U.S. Patent
`
`Feb. 26,2008
`
`Sheet 14 of 17
`
`US 7,334,720 B2
`
`854
`
`PAYMENT FOR SCHEME OWNER
`
`RECEIVED FROM CARD BY
`
`CONTENT ACCESS TERMINAL AND
`
`FORWARDED TO e-PAYMENT
`
`
`
`
`
`SYSTEM
`
`S55
`
`
`
`SYSTEM BY CONTENT ACCESS
`TERMINAL AND FORWARDED TO
`
`
`PAYMENT RECORD DATA
`RECEIVED FROM e—PAYMENT
`
`
`
`
`
`CARD
`
`S56
`
`PAYMENT RECORD DATA.
`PURCHASE REQUEST AND CARD
`
`REGISTRATION DATA
`
`TRANSMITTED TO SCHEME
`
`
`
`
`
`
`
`OWNER
`
`S57
`
`CONTENT AND CONTENT ACCESS
`
`RULES DOWNLOADED TO CARD
`
`RECEIVE CRM DATA FROM
`CONTENT DISTRIBUTION
`
`PROCESSOR
`
`S58
`
`S59
`
`WRITE AUDIT TRAIL TO CARD
`AND UPDATE CARD CRM DATA
`
`Fig.12c
`
`Page 00016
`
`Page 00016
`
`
`
`U.S. Patent
`
`Feb. 26,2008
`
`Sheet 15 of 17
`
`US 7,334,720 B2
`
`560
`
`CONTENT ACCESS WEB PAGE
`REQUESTED AND TRANSMITTED
`TO CONTENT ACCESS TERMINAL
`
`S61
`
`CONTENT SEARCH REQUEST
`RECEIVED FROM CONTENT
`ACCESS TERMINAL
`
`S62
`
`
`
`
`CONTENT DISTRIBUTION
`PROCESSOR SEARCHES
`
`CONTENT ACCESS DATA STORE
`AND TRANSMITS SEARCH
`RESULTS TO CONTENT ACCESS
`TERMINAL
`
`
`
`
`
`. 1
`
`S63C0NTENT ITEM seuacruow
`
`RECEIVED FROM CONTENT
`ACCESS TERMINAL
`
`S64
`
`CONTENT ITEM PURCHASE DATA
`RETRIEVED FROM CONTENT
`ACCESS DATA STORE
`
`S65
`CONTENT PURCHASE DATA
`TRANSMITTED TO CONTENT
`ACCESS TERMINAL
`
`S86
`
`
`
`
`
`PAYMENT RECORD DATA.
`PURCHASE REQUEST DATA AND
`CARD REGISTRATION DATA
`RECEIVED FROM CONTENT
`ACCESS TERMINAL
`
`
`
`
`
`S87
`
`PAYMENT RECORD DATA
`VALIDATED WITH e-PAYMENT
`SYSTEM
`
`0
`
`Page 00017
`
`Page 00017
`
`
`
`U.S. Patent
`
`Feb. 26,2008
`
`Sheet 16 of 17
`
`US 7,334,720 B2
`
`0
`
`PAYMENT DISTRIBUTION DATA
`READ FROM CONTENT ACCESS
`DATA STORE
`
`S69
`PAYMENT DISTRIBUTION
`INSTRUCTION TRANSMITTED TO
`B-PAYMENT SYSTEM
`
`870
`
`
`
`
`CONTENT ACCESS RULES FOR
`
`PURCHASED LEVEL OF SERVICE,
`
`CRM DATA AND CONTENT
`
`PROVIDER ID DATA READ FROM
`CONTENT ACCESS DATA STORE
`
`
`
`S71
`
`CONTENT ACCESS RULES
`TRANSMITTED TO CONTENT
`ACCESS TERMINAL
`
`S72
`
`
`
`DRM PROCESSOR TRANSMITS
`TRANSACTION REQUEST AND
`AUTHENTICATION TO CONTENT
`PROVIDER
`
`
`
`
`
`Fig. 12e
`
`S73
`
`CONTENT ACCESS WEB SERVER
`
`RECEIVES PROTECTED CONTENT
`
`FROM CONTENT PROVIDER AND
`
`TRANSMITS CONTENT TO
`CONTENT ACCESS TERMINAL
`
`
`
`
`
`
`
`
`S74
`
`PURCHASE DATA AND CONTENT
`ACCESS RECORD WRITTEN TO
`PAYMENT RECORD DATA STORE
`
`S75
`
`
`
`
`USING STORED RULES UPDATED
`
`CRM DATA WRITTEN TO CONTENT
`ACCESS DATA STORE AND
`
`TRANSMITTED TO CONTENT
`ACCESS TERMINAL
`
`
`
`
`S76
`
`PROCESS ENDS
`
`Page 00013
`
`Page 00018
`
`
`
`U.S. Patent
`
`Feb. 26,2008
`
`Sheet 17 of 17
`
`US 7,334,720 B2
`
`S77
`
`CARD INSERTED INTO PLAYER
`
`USER PASSWORD ENTERED INTO
`PLAYER AND TRANSMITTED TO
`CARD FOR VALIDATION
`
`CONTENT ACCESS PERMITTED
`
`S79
`STORED CONTENT INDEX LOADED
`FROM CARD AND DISPLAYED WITH
`MENU (ACCESS CONTENT: CHECK
`VALUE: CHECK CRM: PLAY OPTIONS)
`
`
`
`
`
`
`Fig. 13
`
`
`
`SELECTION OF CONTENT ITEMS
`FOR ACCESS ENTERED INTO
`PLAYER
`
`CONTENT USE STATUS AND
`CONTENT USE RULES LOADED
`FROM CARD
`
`USE RULES AND USE STATUS
`COMPARED AND DISPLAYED WITH
`CONTENT PLAY MENU
`
`
`
` IS CONTENT USE
`
`
`PERMITTED?
`
`YES
`PLAY
`
`
`
`S84
`CONTENT AND SUPPLEMENTARY
`DATA MADE AVAILABLE TO USER
`
`
`
`
`PLAY STATUS DATA
`
`PAUSE
`
`CONT
`
`WRITEIREAD CARDS
`
`PLAY
`COMPLETE
`
`S85
`
`UPDATED CONTENT USE DATA
`WRITTEN TO CARD
`
`S86
`CRM DATA AND CRM REWARD
`RULES LOADED FROM THE CARD
`AND UPDATED
`
`Page 00019
`
`Page 00019
`
`
`
`1
`DATA STORAGE AND ACCESS SYSTEMS
`
`2
`the data to make the data available themselves over the
`
`US 7,334,720 B2
`
`BACKGROUND OF THE INVENTION
`
`This invention is generally concerned with data storage
`and access systems. More particularly, it relates to a portable
`data carrier for storing and paying for data and to computer
`systems for providing access to data to be stored. The
`invention also includes corresponding methods and com-
`puter programs. The invention is particularly useful for
`managing stored audio and video data, but may also be
`applied to storage and access of text and software, including
`games, as well as other types of data.
`One problem associated with the increasingly wide use of
`the internet is the growing prevalence of so-called data
`pirates. Such pirates obtain data either by unauthorized or
`legitimate means and then make this data available essen-
`tially world-wide over the internet without authorization.
`Data can be a very valuable commodity, but once it has been
`published on the internet it is difficult to police access to and
`use of it by Internet users who may not even realize that it
`is pirated. This is a particular problem with audio recordings,
`and, once the bandwidth becomes available, is also likely to
`be evident with video.
`
`three or four years compressed audio
`Over the past
`sources have become increasingly widely available on web
`pages. One widely used audio data compression format is
`MP3 (MPEG—Audio Layer 3 of the MPEG1 compression
`algorithm), which is an internationally defined standard
`including a definition of compressed audio information such
`as speech or music. It relies on psycho-acoustic properties of
`human hearing to achieve very large data compression
`factors. It is thus feasible to download usefully long pas-
`sages of music in a practically convenient short time. Pirate
`data suppliers have not been slow to realize the potential of
`this, and many unauthorized websites have sprung up offer-
`ing popular music,
`including recent releases by world-
`farnous bands. This has caused the recording industry con-
`siderable concern and there is an urgent need to find a way
`to address the problem of data piracy.
`
`SUMMARY OF THE INVENTION
`
`invention there is therefore
`According to the present
`provided a method of providing portable data comprising
`providing a portable data storage device comprising down-
`loaded data storage means and payment validation means;
`providing a terminal for internet access; coupling the por-
`table data storage device to the terminal; reading payment
`information from the payment validation means using the
`terminal; validating the payment information; and down-
`loading data into the portable storage device from a data
`supplier.
`Another aspect of the invention provides a corresponding
`mobile data retrieval device for retrieving and outputting
`data such as stored music and/or noise from the data storage
`device.
`
`The payment validation means is, for example, means to
`validate payment with an external authority such as a bank
`or building society. The combination of the payment vali-
`dation means with the data storage means allows the access
`to the downloaded data which is to be stored by the data
`storage means, to be made conditional upon checked and
`validated payment being made for the data. Binding the data
`access and payment together allows the legitimate owners of
`
`10
`
`15
`
`20
`
`25
`
`30
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`internet without fear of loss of revenue, thus undermining
`the position of data pirates.
`A further advantage of the system is that it allows users
`under the age of 18 to make internet purchases. Currently
`internet users pay for goods and/or services by credit card.
`Since credit cards carmot legitimately be used by persons
`under the age of 18 (at least in the UK), a significant fraction
`of adventurous internet users are excluded from e-com-
`
`merce, one of the most significant predicted uses of the
`internet. In one embodiment of the invention, however, the
`payment validation means comprises e-cash;
`that is,
`the
`payment validation means stores transaction value informa-
`tion on a cash value of transactions validatable by the data
`storage means. In simple terms, the data storage means can
`be a card which is charged up to a desired cash value (if
`necessary limited to a maximum value) at a suitable termi-
`nal. This might be an internet access terminal but could,
`more simply, be a device to accept the data storage card and
`to receive and count money deposited by the user to charge
`the card, writing update cash value information onto the
`card. More sophisticated ways of updating the cash value on
`the card are also possible, such as direct bank transfer. Since,
`with this type of embodiment, the data storage means is,
`essentially, precharged with cash rather than acting as a
`credit card, it can be used by young people without the risk
`of their incurring large debts.
`In one embodiment the data storage means is powered by
`the retrieved device when it is connected to the device and
`
`retains a memory of the downloaded data when it is unpow-
`ered. This can be achieved by the use of Flash RAM or, more
`generally, any form of programmable read-only memory.
`Alternatively the data storage means may incorporate a
`rechargeable cell or capacitor and store information in
`battery backed-up static RAM.
`The downloaded data may be entered into the data storage
`device by means of an interface such as a magnetically or
`capacitatively coupled connection or an optical connection,
`but preferably the interface comprises contacts for direct
`electrical connection to the storage means. The payment
`validation means may likewise have one of a variety of
`interfaces but again preferably comprises a set of electrical
`contacts. The payment validation means could, however,
`comprise a magnetic or holographic data-strip such as is
`known for use with credit cards and phone cards. The
`interface to receive the downloaded data may be separate
`from the interface to the payment validation means,
`to
`facilitate separate and simultaneous access to both these
`systems. In other embodiments a single interface may serve
`for both data storage and payment. Advantageously the
`payment validation means includes a memory storing infor-
`mation to identify the person who is paying for the down-
`loaded data.
`
`For additional security the downloaded data may be
`encrypted. In this case data decryption may be necessary at
`some stage, either in the data storage means or in the
`retrieval device or in an information delivering apparatus
`such as a data access terminal. Alternatively the data decryp-
`tion function can be shared amongst one or more of these
`devices. The skilled person will be aware of a range of
`suitable encryption/decryption techniques, including Pretty
`Good Privacy (Registered Trade Mark) and PKI (Public Key
`Infrastructure). Normally when the downloaded data is
`encrypted a decryption key must be supplied. This can be
`generated automatically by the data access terminal or data
`
`Page 00020
`
`Page 00020
`
`
`
`US 7,334,720 B2
`
`3
`access service provider or it can be entered by the user into
`the data access terminal or into the mobile data retrieval
`device.
`
`The data storage means and/or the retrieval device can be
`provided with access control means to prevent unauthorized
`access to the downloaded data. Additionally or alternatively,
`use control means can be provided to stop or provide only
`limited access of the user to the downloaded data in accor-
`
`dance with the amount paid. These access and use control
`functions may in some embodiments be combined, permit-
`ted use controlling access or permitted access controlling
`use. Thus, for example, a complete set of data information
`relating to a particular topic, a particular music track, or a
`particular software package might be downloaded, although
`access to part of the data set might thereafter be controlled
`by payments made by a user at a later stage. In this way, a
`user could pay to enable an extra level on a game or to
`enable further tracks of an album.
`In embodiments where the access or use control means is
`
`responsive to the payment validation means, access or use
`control information may be stored with the downloaded data
`or in a separate storage area, for example in the payment
`validation means. The user’s access to the downloaded data
`
`could advantageously be responsive to the payment valida-
`tion means, for example, by means of a control line coupling
`the payment validation means with a memory access or
`decryption control element.
`In one embodiment the data storage means comprises an
`electronic memory card or smart card and the mobile data
`retrieval device is provided with a slot to receive the card.
`Preferably the card is a push-fit within the retrieval device,
`and retention of the card may be effected by pressure from
`electrical interface connections and/or resilience of the hous-
`
`ing, or by using a resilient retaining means. In a preferred
`embodiment the retrieval device includes an audio output
`and a display,
`to play a downloaded track and to show
`information about the track and/or an accompanying video.
`To download data onto the data storage means the user
`can employ a data access terminal coupled to the intemet.
`The terminal can directly validate payment; for example in
`the case of a smart card charged with electronic cash it can
`deduct a cash value from the card. Alternatively it can
`communicate with a bank or other financial services pro-
`vider to control payment. In a preferred embodiment, how-
`ever, the terminal connects to a data access service provider
`which provides a portal to other sites and which validates
`payment and then forwards data from a data supplier to the
`user’s local access terminal. The data access service pro-
`vider may alternatively forward payment validation infor-
`mation and/or information from the payment validation
`authority to the data supplier for control by the supplier of
`the data supplied. Thus, access to the payment validation
`system and/or data for downloading may be entirely con-
`trolled by the data supplier.
`Data held on the data storage means may advantageously
`include data relating to the user’s or payer’s usage of the
`system. This information may include, for example, infor-
`mation on a user’s spending pattern, information on data
`suppliers used and information on the downloaded data. This
`information may be accessed by the data supplier and/or
`data access service provider and can be used for targeted
`marketing or loyalty-based incentive schemes such as air
`miles or the like.
`
`The data access terminal may be a conventional computer
`or, alternatively, it may be a mobile phone. Wireless Appli-
`cation Protocol (WAP) and i-mode allow mobile phones to
`efficiently access the intemet and this allows a mobile phone
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`4
`
`to be used to download data to the data storage means,
`advantageously, directly. The data storage means can, if
`desired, incorporate the functionality of a mobile phone SIM
`(Subscriber Identity Module) card, which cards already
`include a user identification means, to allow user billing
`through the phone network operator.
`In a preferred embodiment the downloaded data is MP3 or
`other encoded audio data, but the system finds more general
`application for other data types. For example, download data
`can include software, and particularly games, share price
`information, current news information, transport timetable
`information, weather information and catalog shopping
`information. The downloaded information may also include
`compressed video data. The storage capacity of the data
`storage means is adaptable to suit the type of data intended
`to be downloaded; for example, 32 megabytes is sufficient
`for CD quality music, but for video it is preferable that the
`data storage means has a capacity of 128 megabytes or
`greater.
`In another aspect, the invention provides a portable data
`carrier comprising an interface for reading and writing data
`from and to the carrier; non-volatile data memory, coupled
`to the interface, for storing data on the carrier, non-volatile
`payment data memory, coupled to the interface, for provid-
`ing payment data to an external device.
`These features allow the data carrier to store both pay-
`ment data and content data, thus providing the advantages
`outlined above. Depending upon the payment system used,
`the payment data memory may also store code for validating
`or confirming a payment to an external payment system. The
`payment data will normally be linked to a card or card holder
`identification data for payment by the card holder. The
`non-volatile memory ensures that stored content and pay-
`ment data is retained in the data carrier when the data carrier
`
`is not receiving power from an external source. Thus “non-
`volatile” encompasses, for example,
`low-power memory
`whose contents are retained by a battery back-up system. In
`one embodiment
`the payment data memory comprises
`EEPROM and the content data memory comprises Flash
`memory, but other types of content data memory, such as
`optical, for example, holographic, data memory can also be
`used. The data carrier may also be integrated into other
`apparatus, such as a mobile communications device.
`Preferably, the portable data carrier further comprises a
`program store for storing code implementable by a proces-
`sor, and a processor, coupled to the content data memory, the
`payment data memory, the interface and to the program store
`for implementing code in the program store, wherein the
`code comprises code to output payment data from the
`payment data memory to the interface and code to provide
`external access to the data memory.
`Normally, the (content) data memory allows both write
`and read access for both storing and retrieving data, but in
`some embodiments the content data memory may be read-
`only memory (ROM). In such embodiments, content may be
`pre-loaded onto the carrier and payment may then be made
`for permission to access the pre-loaded data.
`Preferably, the data carrier also stores a record of access
`made to the content data and updates this in response to
`external access, preferably read access, made to the data
`memory. The carrier may also store content use rules per-
`taining to allowed use of stored data items. These use rules
`may be linked to payments made from the card to provide
`payment options such as access to buy content data outright;
`rental access to content data for a time period or for a
`specified number of access events; and/or rental/purchase,
`
`Page 00021
`
`Page 00021
`
`
`
`US 7,334,720 B2
`
`5
`for example where rental use is provided together with an
`option to purchase content data at the reduced price after
`rental access has expired.
`Thus where the data carrier stores, for example, music, the
`purchase outright option may be equivalent to the purchase
`of a compact disc (CD), preferably with some form of
`content copy protection such as digital watermarking. In this
`example, the rental or subscription payment option may be
`a pay-per-play option, and with this option payment may
`either be before or after access to the stored data so that the
`
`5
`
`10
`
`carrier may operate in either a debit or credit payment mode.
`The portability of the data carrier potentially allows it to
`be used to access content or, in the example, play music
`without the need to be linked to a communications system or
`to be on-line to the internet. By providing a use record
`memory on the data carrier, use of the stored data can be
`tracked while off-line and then any necessary payment can
`be made when the data carrier is next coupled to a commu-
`nication system. This allows the data carrier to operate in a
`credit mode. In a debit mode, the additional storage of use
`rules facilitates the regulation of access to content data
`stored on the carrier without the need for further exchange
`of payment/use data with an external system to validate the
`use.
`
`By combining digital rights management with content
`data storage using a single carrier, the stored content data
`becomes mobile and can be accessed anywhere while retain-
`ing control over the stored data for the data content provider
`or data copyright owner. Preferably, the data carrier also
`stores access control data, such as a user ID and a password,
`as the stored data may be valuable. The access control data
`may be combined with access control to the payment data,
`which is typically by means of a PIN (Personal Identification
`Number) to simplify access to valued content stored on the
`carrier.
`
`In one embodiment the stored content data is encrypted
`and a unique password or PIN and/or biometric data is
`required for decryption. The data carrier may be arranged so
`that the content is erased after a predetermined number of
`incorrect access attempts. Additionally or alternatively, a
`permanently stored flag may be set and/or a hardware
`modification (such as a fusable link) may be made to prevent
`the data carrier from functioning for further data storage/
`retrieval. Preferably, however, access to any stored value/
`payment data is nevertheless retained.
`Supplementary data may also be stored on the carrier in
`association with stored content data. This supplementary
`data may comprise customer reward management data and/
`or advertising data. The supplementary data may comprise a
`pointer to an external data source from which data is
`downloaded either to the data carrier or to a data access
`
`device or content player, so that advertising or other data can
`be displayed when reviewing or accessing the stored con-
`tent.
`
`Additional data security and/or a mechanism for reward-
`ing operators at different levels in the data supply chain may
`be provided using a content synthesis function. The content
`synthesis function combines partial content
`information
`from two or more sources to provide content data items for
`storage and/or output. Thus, for example, a first percentage
`of a content data item could be provided by a content
`retailer, while a remaining percentage could be provided by
`an on-line data supplier. This would provide an incentive for
`a user to register with a content retailer or distributor as well
`as with an on-line system owner and so could encourage the
`use of existing retailers and could pro