Attorney Docket No.: W0537-701330
`
`- 1 -
`
`UNIVERSAL SECURE REGISTRY
`
`CROSS REFERENCE TO RELATED APPLICATIONS
`
`This application claims priority under 35 U.S.C. § 119(e) to U.S. Provisional
`
`5 Application Serial No. 61/031,529, entitled "UNIVERSAL SECURE REGISTRY," filed on
`
`February 26, 2008, which is herein incorporated by reference in its entirety.
`
`This application claims the benefit under 35 U.S.C. § 120 as a continuation-in-part to
`
`each of U.S. patent application serial no. 11/760,732 filed June 8, 2007; U.S. patent
`
`application serial no. 11/760,729 filed June 8, 2007; and U.S. patent application serial no.
`
`10
`
`11/677,490 filed February 21, 2007, each of which is hereby incorporated herein by reference
`
`in its entirety.
`
`1.
`
`Field of Invention
`
`BACKGROUND OF INVENTION
`
`15
`
`Embodiments of the invention generally relate to systems, methods, and apparatus for
`
`authenticating identity or verifying the identity of individuals and other entities seeking
`
`access to certain privileges and for selectively granting privileges and providing other
`
`services in response to such identifications/verifications. In addition, embodiments of the
`
`invention relate generally to systems and methods for obtaining information from and/or
`
`20
`
`transmitting information to a user device and, in particular, to systems, methods, and
`
`apparatus that provide for contactless information transmission.
`
`2.
`
`Discussion of Related Art
`
`Control of access to secure systems presents a problem related to the identification of
`
`25
`
`a person. An individual may be provided access to the secure system after their identity is
`
`authorized. Generally, access control to secure computer networks is presently provided by
`
`an authentication scheme implemented, at least partly, in software located on a device being
`
`927923.2
`
`USR Exhibit 2009, page 1
`
`

`

`2
`
`employed to access the secure computer network and on a server within the secure computer
`
`network. For example, if a corporation chooses to provide access control for their computer
`
`network, they may purchase authentication software that includes server-side software
`
`installed on a server in their computer system and corresponding client-side software that is
`
`5
`
`installed on the devices that are used by employees to access the system. The devices may
`
`include desktop computers, laptop computers, and handheld computers (e.g., PDAs and the
`
`like).
`
`In practice, the preceding approach has a number of disadvantages including both the
`
`difficulty and cost of maintaining the authentication system and the difficulty and cost of
`
`10 maintaining the security of the authentication system. More specifically, the software resides
`
`in the corporation's computers where it may be subject to tampering/unauthorized use by
`
`company employees. That is, the information technology team that manages the
`
`authentication system has access to the private keys associated with each of the authorized
`
`users. As a result, these individuals have an opportunity to compromise the security of the
`
`15
`
`system. Further, any modification and/or upgrade to the authentication system software is
`
`likely to require an update to at least the server-side software and may also require an update
`
`of the software located on each user/client device. In addition, where the company's
`
`computer systems are geographically distributed, software upgrades/updates may be required
`
`on a plurality of geographically distributed servers.
`
`20
`
`There is also a need, especially in this post September 11 environment, for secure and
`
`valid identification of an individual before allowing the individual access to highly secure
`
`areas. For example, an FBI agent or an air marshal may need to identify themselves to airport
`
`security or a gate agent, without compromising security. Typically such identification may
`
`comprise the air marshal or FBI agent showing identification indicia to appropriate personnel.
`
`25 However, there are inherent flaws in this process that allow for security to be compromised,
`
`including falsification of identification information and failure of the airport security or other
`
`personnel to recognize the situation. Of course this process could be automated, for example,
`
`by equipping airport personnel or security with access to a database and requiring the FBI
`
`agent or air marshal to appropriately identify themselves to the database, for example, by
`
`30
`
`again providing identification which airport personnel can then enter into the database to
`
`verify the identity of the person seeking access to a secure area. However, this process also
`
`has the inherent flaws in it as described above. In addition, there may be times when airport
`
`USR Exhibit 2009, page 2
`
`

`

`3
`
`security or personnel may not be able to communicate with the database to check the identity
`
`of the person seeking access, for example, when they are not near a computer terminal with
`
`access to a database or are carrying a hand-held device that does not have an appropriate
`
`wireless signal to access the database. In addition, there is a need to ensure that if such a
`
`5
`
`hand-held device ends up the wrong hands, that security is not compromised.
`
`Further, both commercial (e.g., banking networks) and non-commercial (e.g., security
`
`systems) information systems often rely on magnetic card readers to collect information
`
`specific to a user (e.g., a security code, a credit card number, etc.) from a user device (e.g., a
`
`transaction card). Credit card purchases made in person provide an example of the most
`
`to
`
`common transaction-type that relies on a user device, the credit or debit card, which is read
`
`by a magnetic card reader. User devices that rely on magnetic-stripe based technology
`
`magnetically store information (e.g., binary information) in the magnetic stripe. The
`
`magnetic stripe reader provides an interface to a larger computerized network that receives
`
`the user's information to determine, for example, whether to authorize a transaction, to allow
`
`15
`
`the user access to a secure area, etc.
`
`Recently, such devices have seen technological advances that increase their
`
`capabilities and improve their security. For example, such devices may now include
`
`embedded processors, integral biometric sensors that sense one or more biometric feature
`
`(e.g., a fingerprint) of the user, and magnetic stripe emulators. As one result, such devices
`
`20 may provide greater security by dynamically generating the necessary information, for
`
`example, generating the credit card number at the time of a transaction. Improved security
`
`can also be provided by such devices because more sophisticated authentication schemes can
`
`be implemented with the devices.
`
`In addition, user devices such as transaction cards may now also provide for one or
`
`25 more modes of information transmission other than transmission via a magnetic stripe/card
`
`reader combination. For example, user devices that may transmit information optically or via
`
`radio frequency ("RF") signal transmission to a compatible system interface are now
`
`available. Further, the architecture of a user device that includes a processor is generally
`
`compatible with both the improved security features described above and the contactless
`
`30
`
`transmission modes such as optical and RF signal transmission. As a result of the improved
`
`security and greater functionality of some current user devices, there is a desire to replace
`
`magnetic-stripe based user devices with devices that include forms of information
`
`USR Exhibit 2009, page 3
`
`

`

`4
`
`transmission other than the reading of a magnetic-stripe.
`
`There is, however, a substantial installed base of interfaces (for example, at points of
`
`sale, at automatic teller machines ("ATM"), and the like) that include magnetic card readers
`
`which are not equipped to receive information from a user device in any other format other
`
`5
`
`than from a magnetic stripe. As a result of the cost to replace or retrofit the installed base,
`
`efforts to more-widely introduce user devices that do not employ magnetic stripe devices
`
`have not been developed. Because of the potential to substantially reduce fraud, however, the
`
`further implementation of such devices is of great interest to financial institutions among
`
`others. RF devices that transmit information wirelessly are expected to become much more
`
`to
`
`prevalent and at some point, the predominant form of information transmission for user
`
`authentication based on a hand-held device, for example, credit card, debit card, drivers
`
`license, passport, social security card, personal identification, etc. Thus, new and improved
`
`methods for transitioning from a purely magnetic based form of communication to a wireless
`
`form of communication are desired.
`
`15
`
`One current approach that is intended to "transform" a smart card for use with a
`
`magnetic stripe card reader employs a "bridge" device. The bridge device requires that the
`
`smart card be inserted within it. The bridge device includes a slot for receiving the smart
`
`card, a key pad whereby the user may enter information (e.g., a PIN number), and a credit
`
`card sized extension member. Operation of the bridge device requires that the smart card be
`
`20
`
`inserted within it and that an electrical contact surface of the smart card engage a similar
`
`surface within the bridge device before the bridge device (i.e., the extension member) can be
`
`used with a magnetic card reader. Thus, the contactless nature of more advanced information
`
`transmission systems is lost with the bridge device because it does not support wireless signal
`
`transmission.
`
`25
`
`Accordingly, there is a desire for one or more devices, systems and methods for
`
`accomplishing any of the herein mentioned objectives.
`
`SUMMARY OF INVENTION
`
`There is thus a need for an identification system that will enable a person to be
`
`30
`
`accurately identified ("identification" sometimes being used hereinafter to mean either
`
`identified or verified) and/or authenticated without compromising security, to gain access to
`
`secure systems and/or areas. Likewise, there is a need for an identification system that will
`
`USR Exhibit 2009, page 4
`
`

`

`5
`
`enable a person to be identified universally without requiring the person to carry multiple
`
`forms of identification.
`
`Accordingly, this invention relates, in one embodiment, to an information system that
`
`may be used as a universal identification system and/or used to selectively provide
`
`5
`
`information about a person to authorized users. Transactions to and from a secure database
`
`may take place using a public key/private key security system to enable users of the system
`
`and the system itself to encrypt transaction information during the transactions. Additionally,
`
`the private key/public key security system may be used to allow users to validate their
`
`identity. For example, in one embodiment, a smart card such as the Secure IDTm card from
`
`to RSI Security, Inc. may be provided with the user's private key and the USR system's public
`
`key to enable the card to encrypt messages being sent to the USR system and to decrypt
`
`messages from the USR system 10.
`
`The system or database of the invention may be used to identify the person in many
`
`situations, and thus may take the place of multiple conventional forms of identification.
`
`15 Additionally, the system may enable the user's identity to be confirmed or verified without
`
`providing any identifying information about the person to the entity requiring identification.
`
`This can be advantageous where the person suspects that providing identifying information
`
`may subject the identifying information to usurpation.
`
`Access to the system may be by smart card, such as a Secure IDTm card, or any other
`
`20
`
`secure access device. The technology enabling the user to present their identity information
`
`may be physically embodied as a separate identification device such as a smart ID card, or
`
`may be incorporated into another electronic device, such as a cell phone, pager, wrist watch,
`
`computer, personal digital assistant such as a Palm PilotTm, key fob, or other commonly
`
`available electronic device. The identity of the user possessing the identifying device may be
`
`25
`
`verified at the point of use via any combination of a memorized PIN number or code,
`
`biometric identification such as a fingerprint, voice print, signature, iris or facial scan, or
`
`DNA analysis, or any other method of identifying the person possessing the device. If
`
`desired, the identifying device may also be provided with a picture of the person authorized
`
`to use the device to enhance security.
`
`30
`
`According to one embodiment of the invention, a method of controlling access to a
`
`plurality of secure computer networks using a secure registry system located remotely from
`
`the secure computer networks is disclosed. The secure registry system includes a database
`
`USR Exhibit 2009, page 5
`
`

`

`6
`
`containing selected data of a plurality of users each authorized to access at least one of the
`
`plurality of secure computer networks. The method comprises acts of receiving
`
`authentication information from an entity at a secure computer network, communicating the
`
`authentication information to the secure registry system, and validating the authentication
`
`5
`
`information at the secure registry system. The method also includes receiving from the
`
`secure registry system an indication of whether the entity is authorized to access the secure
`
`computer network, granting the entity access to the secure computer network when the
`
`authentication information of the entity corresponds to one of the plurality of users, and
`
`denying the entity access to the secure computer network when the authentication
`
`to
`
`information of the user does not correspond to one of the plurality of users.
`
`Another embodiment of the invention comprises a method of controlling access to a
`
`secure computer network using a secure registry system. The secure registry system includes
`
`a database containing selected data of a plurality of users authorized to access the secure
`
`computer network and selected data identifying the secure computer network. The method
`
`15
`
`comprises receiving an access request including authentication information and a computer
`
`network ID from an entity, determining whether the authentication information is valid for
`
`any of the plurality of users, accessing data when the authentication information of the entity
`
`is valid for one of the plurality of users to determine whether the entity is authorized to access
`
`the computer network identified by the computer network ID, and allowing the entity to
`
`20
`
`access the secure computer network when the authentication information of the entity is valid
`
`for one of the plurality of users authorized to access the computer network identified by the
`
`computer network ID.
`
`Another embodiment of the invention comprises a method of authenticating an
`
`identity of a first entity. The method comprises the acts of wirelessly transmitting from a first
`
`25
`
`device, first encrypted authentication information of the first entity, receiving with a second
`
`device the wirelessly transmitted first encrypted authentication information, decrypting with
`
`the second device, the first wirelessly encrypted authentication information to provide the
`
`first authentication information of the first entity to the second device; and authenticating the
`
`identity of the first entity based upon the first authentication information; and acting based on
`
`30
`
`the assessed identity of the first entity.
`
`Another embodiment of the invention comprises a system for authenticating an
`
`identity of a first entity, comprising a first wireless device comprising a first wireless
`
`USR Exhibit 2009, page 6
`
`

`

`- 7 -
`
`transmitter and receiver configured to transmit a first wireless signal including first encrypted
`
`authentication information, a first processor configured to compare stored biometric data with
`
`detected biometric data of the first entity and configured to enable or disable use of the first
`
`device based on a result of the comparison, and configured to encrypt first authentication
`
`5
`
`information with a first private key of the first entity into the first encrypted authentication
`
`information, a first biometric detector for detecting biometric data of the first entity, and a
`
`first memory for storing biometric data of the first entity, a private key of the first entity
`
`authorized to use the first device, and the first authentication information.
`
`According to some embodiments, the system further comprises a second wireless
`
`10
`
`device comprising a second wireless transmitter and receiver configured to receive the first
`
`wireless signal and to process the first wireless signal, a second processor configured to
`
`compare detected biometric data of a second entity with stored biometric data and configured
`
`to enable or disable use of the second device based upon a result of the comparison, and
`
`configured to decrypt the first authentication information received in the first wireless signal,
`
`15
`
`a biometric detector for detecting biometric data of a second entity, and a second memory
`
`storing biometric data of the second entity and a plurality of public keys of a plurality of first
`
`entities.
`
`Another embodiment of the invention provides a first wireless device comprising a
`
`processor configured to enable operation of the first wireless device if it receives an
`
`20
`
`enablement signal validating first biometric information of a first entity and configured to
`
`generate a non-predictable signal from the biometric information, a first wireless transmitter
`
`and receiver configured to transmit a first wireless signal including first encrypted biometric
`
`information of the first entity and to receive the enablement signal, and a first biometric
`
`detector for detecting the first biometric information of the first entity.
`
`25
`
`In one aspect of the invention, a device converts a wireless transaction device to a
`
`magnetic-stripe emulator device. In one embodiment, the device includes a wireless signal
`
`receiver that is configured to receive a wireless signal and provide information from the
`
`wireless signal. In addition, the device may include a magnetic-stripe emulator which is
`
`communicatively coupled to the wireless signal receiver and adapted to provide a time-
`
`30
`
`varying signal which emulates data provided by a magnetic-stripe card to a magnetic card
`
`reader in response to receiving the information from the wireless signal. In one embodiment,
`
`the device includes a processor communicatively coupled to the wireless signal receiver and
`
`USR Exhibit 2009, page 7
`
`

`

`8
`
`to the magnetic-stripe emulator. The device may also include an LED. In a version of this
`
`embodiment, the processor is configured to control the LED to indicate that the device is
`
`properly aligned with the magnetic card reader. In another embodiment, the device includes
`
`an output device that can provide information to a network or to a network device. In a
`
`5
`
`version of this embodiment, the output device is a wireless transmitter device.
`
`Further embodiments of the invention may include additional features, for example, in
`
`one embodiment the output device is a data port to which the device can provide data to a
`
`network or to a network device. In a version of this embodiment, the data port is also
`
`configured to receive data from the network or the network's device. In a further
`
`to
`
`embodiment, the device is configured to communicate with the magnetic card reader via the
`
`data port.
`
`In a further embodiment, the wireless receiver and/or processors configure, decrypt
`
`and encrypt the wireless signal. In a further embodiment, the processor is configured to
`
`determine whether a user is authorized to provide the information contained within the
`
`15 wireless signal from data within the wireless signal. In a version of this embodiment, the data
`
`contained within the wireless signal includes user ID information. In yet another
`
`embodiment, the data contained within the wireless signal includes biometric information of
`
`the user.
`
`According to another aspect, the invention provides a system for validating an identity
`
`20
`
`of a user to enable or prevent an occurrence of an event. In one embodiment, the system
`
`includes a first device including a wireless transmitter which is configured to transmit
`
`validation information, a second device including a wireless receiver, where the second
`
`device is configured to receive the validation information and further transmit the validation
`
`information; and a secure system in communication with the second device. According to
`
`25
`
`one embodiment, the secure system includes a database. In a further embodiment, the secure
`
`system is configured to receive the validation information transmitted from the second
`
`device, and to transmit additional information to the second device following a receipt of the
`
`validation information to assist the second device in either enabling or preventing the
`
`occurrence of the event. In various embodiments, the event that is enabled or prevented may
`
`30
`
`be a transaction (e.g., a financial transaction), access control (e.g., physical or electronic
`
`access) or other action that is either enabled or prevented.
`
`USR Exhibit 2009, page 8
`
`

`

`9
`
`According to a further aspect, the invention provides a method employing a system to
`
`validate an identity of a user to enable or prevent an occurrence of an event. In one
`
`embodiment, the system includes a first device, a second device and a secure system
`
`including a database. According to one embodiment, the method includes acts of receiving at
`
`5
`
`the second device validation information wirelessly transmitted from the first device,
`
`communicating the validation information from the second device to the secure system, and
`
`receiving at the second device additional information from the secure system. In a further
`
`embodiment, the additional information assists the second device in either enabling or
`
`preventing the occurrence of the event. In various embodiments, the event that is enabled or
`
`to
`
`prevented may be a transaction (e.g., a financial transaction), access control (e.g., physical or
`
`electronic access) or other action that is either enabled or prevented.
`
`In still another aspect, a user device is configured to allow a user to select any one of a
`
`plurality of accounts associated with the user to employ in a financial transaction. In one
`
`embodiment, the user device includes a biometric sensor configured to receive a biometric
`
`15
`
`input provided by the user, a user interface configured to receive a user input including secret
`
`information known to the user and identifying information concerning an account selected by
`
`the user from the plurality of accounts. In a further embodiment, the user device includes a
`
`communication link configured to communicate with a secure registry, and a processor
`
`coupled to the biometric sensor to receive information concerning the biometric input, the
`
`20
`
`user interface, and the communication link. According to one embodiment, the processor is
`
`configured to generate a non-predictable value and to generate encrypted authentication
`
`information from the non-predictable value, the identifying information, and at least one of
`
`the information concerning the biometric input and the secret information, and to
`
`communicate the encrypted authentication information via the communication link to the
`
`25
`
`secure registry.
`
`In accordance with another aspect, a method of generating authentication information
`
`includes acts of authenticating an identity of a user to a device based on at least one of
`
`biometric data received by the device from the user and secret information known to the user
`
`and provided to the device. The method can also include the generation of a non-predictable
`
`30
`
`value with the device. The method can further include acts of receiving identifying
`
`information from the user concerning a selected one of a plurality of user accounts and
`
`generating encrypted authentication information from the non-predictable value, the
`
`USR Exhibit 2009, page 9
`
`

`

`- 10 -
`
`identifying information, and at least one of the biometric data and the secret information. In a
`
`further embodiment, the device can generate encrypted authentication information from each
`
`of the non-predictable value, the biometric data, the secret information, and the identifying
`
`information.
`
`5
`
`According to a still further aspect, a method of controlling access to a plurality of
`
`accounts is provided where the method includes acts of generating, with a device, encrypted
`
`authentication information from a non-predictable value generated by the device, identifying
`
`information concerning an account selected by a user of the device from among a plurality of
`
`accounts associated with the user, and at least one of a biometric of the user received by the
`
`to
`
`device and secret information provided to the device by the user, communicating the
`
`encrypted authentication information from the device to a secure registry via a point-of-sale
`
`(POS) device to authenticate or not authenticate the device with the secure registry,
`
`authorizing the POS device to initiate a financial transaction involving a transfer of funds to
`
`or from the account selected by the user when the encrypted authentication information is
`
`15
`
`successfully authenticated, and denying the POS device from initiation of the financial
`
`transaction involving a transfer of funds to or from the account selected by the user when the
`
`encrypted authentication information is not successfully authenticated.
`
`BRIEF DESCRIPTION OF DRAWINGS
`
`20
`
`This invention is pointed out with particularity in the appended claims. The above
`
`and further advantages of this invention may be better understood by referring to the
`
`following description when taken in conjunction with the accompanying drawings. The
`
`accompanying drawings are not intended to be drawn to scale. In the drawings, each
`
`identical or nearly identical component that is illustrated in various figures is represented by a
`
`25
`
`like numeral. For purposes of clarity, not every component may be labeled in every thawing.
`
`In the drawings:
`
`FIG. 1 is a functional block diagram of a computer system configured to implement
`
`the universal secure registry ("USR"), including a USR database, according to one
`
`embodiment of the invention;
`
`30
`
`FIG. 2 is a functional block diagram of a first embodiment of a networked
`
`environment including the computer system of FIG. 1;
`
`USR Exhibit 2009, page 10
`
`

`

`FIG. 3 is a functional block diagram of an entry of a database forming the USR
`
`database of FIG. 1;
`
`FIG. 4 is a functional block diagram of a second embodiment of a networked
`
`environment including the computer system of FIG. 1;
`
`5
`
`FIG. 5 is a flow chart illustrating steps in a process of inputting data into the USR
`
`database;
`
`FIG. 6 is a flow chart illustrating steps in a process of retrieving data from the USR
`
`database;
`
`FIG. 7 is a flow chart illustrating a first protocol for purchasing goods from a
`
`10 merchant via the USR database without transmitting credit card information to the merchant;
`
`FIG. 8 is a flow chart illustrating a second protocol for purchasing goods from a
`
`merchant via the USR database without transmitting credit card information to the merchant;
`
`FIG. 9 is a flow chart illustrating a protocol for purchasing goods from a merchant via
`
`the USR database by validating the user's check;
`
`15
`
`FIG. 10 is a flow chart illustrating a protocol for purchasing goods from an on-line
`
`merchant via the USR database without transmitting credit card information to the on-line
`
`merchant, and enabling the on-line merchant to ship the goods to a virtual address;
`
`FIG. 11 is a flow chart illustrating a protocol for shipping goods to a virtual address
`
`via the USR database;
`
`20
`
`FIG. 12 is a flow chart illustrating a protocol for telephoning a virtual phone number
`
`via the USR database;
`
`FIG. 13 is a flow chart illustrating a protocol for identifying a person via the USR
`
`database;
`
`FIG. 14 is a flow chart illustrating a protocol for identifying a person to a policeman
`
`25
`
`via the USR database;
`
`FIG. 15 is a flow chart illustrating a protocol for providing information to an
`
`authorized recipient of the information via the USR database;
`
`FIG. 16 is a flow chart illustrating a protocol for providing application information to
`
`an authorized recipient of the information via the USR database;
`
`30
`
`FIG. 17 is a functional block diagram of an embodiment configured to use
`
`information in the USR system to activate or keep active property secured through the USR
`
`system; and
`
`USR Exhibit 2009, page 11
`
`

`

`- 12 -
`
`FIG. 18A is a functional block diagram of an embodiment configured to use the USR
`
`system to control access to a secure computer network;
`
`FIG. 18B is a functional block diagram of another embodiment configured to use the
`
`USR system to control access to a secure computer network;
`
`5
`
`FIG. 19 is a flow diagram of a process for controlling access to a secure computer
`
`network with the USR system in accordance with an embodiment of the invention;
`
`FIG. 20 is a flow diagram of a process for controlling access to a secure computer
`
`network with the USR system in accordance with another embodiment of the invention;
`
`FIG. 21 illustrates an embodiment of a system for validating the identity of an
`
`10
`
`individual;
`
`FIGS. 22A and 22B illustrate one embodiment of a process for validating the identity
`
`of an individual;
`
`FIG. 23 illustrates one embodiment of various fields included within a first wireless
`
`signal and a second wireless signal as transmitted by the system of FIG. 21;
`
`15
`
`FIG. 24 illustrates one embodiment of a process for verifying or authenticating the
`
`identity of a first user of a first wireless transmission device;
`
`FIG. 25 illustrates another embodiment of a process for authenticating the identity of
`
`a first user of a wireless transmission device;
`
`FIG. 26 illustrates still another embodiment of a process for authenticating the
`
`20
`
`identity of a first user of a wireless transmission device; and
`
`FIG. 27 illustrates one embodiment of a data structure that can be used by any
`
`wireless device of the system of FIG. 21;
`
`FIG. 28 illustrates a system in accordance with one embodiment of the invention;
`
`FIG. 29 illustrates a process in accordance with an embodiment of the invention;
`
`25
`
`FIGS. 30A-30D illustrate a converter device in accordance with one embodiment of
`
`the invention; and
`
`FIG. 31 illustrates a further embodiment of a system that employs the USR system.
`
`DETAILED DESCRIPTION
`
`30
`
`This invention is not limited in its application to the details of construction and the
`
`arrangement of components set forth in the following description or illustrated in the
`
`drawings. The invention is capable of other embodiments and of being practiced or of being
`
`USR Exhibit 2009, page 12
`
`

`

`- 13 -
`
`carried out in various ways. Also, the phraseology and terminology used herein is for the
`
`purpose of description and should not be regarded as limiting. The use of "including,"
`
`"comprising," or "having," "containing", "involving", and variations thereof herein, is meant
`
`to encompass the items listed thereafter and equivalents thereof as well as additional items.
`
`5
`
`In one embodiment, an information system is formed as a computer program running
`
`on a computer or group of computers configured to provide a universal secure registry (USR)
`
`system. The computer, in this instance, may be configured to run autonomously (without the
`
`intervention of a human operator), or may require intervention or approval for all, a selected
`
`subset, or particular classes of transactions. The invention is not limited to the disclosed
`
`10
`
`embodiments, and may take on many different forms depending on the particular
`
`requirements of the information system, the type of information being exchanged, and the
`
`type of computer equipment employed. An information system according to this invention,
`
`may optionally, but need not necessarily, perform functions additional to those described
`
`herein, and the invention is not limited to a computer system performing solely the describ