Docket
`Number
`
`032376-003
`
`~
`
`,
`
`~
`
`~
`
`~ ~ ~e
`
`x>
`
`PROVISIONAL APPLICATION FOR PATENT COVER SHEET
`
`PTO/SI:S6 (1~
`Approved for use through 01/31/98. OM~§iJ.~~
`Palent and Trademark Office; U.S. DEPARTMENT OF COI\[r4E1iIcD
`~i ~
`..,~
`
`......
`~__-
`0\
`~~ms is a request for filing a PROVISIONAL APPLICATION FOR PATENT under 37 CFR 1 53(c)
`~CSJl
`:
`c:
`I'.>
`Type a plus sign (+) ~ ~
`in
`.
`inside this box
`
`~~
`~o
`
`INVENTOR(s)/APPLICANT(s)
`
`lASTNA;\OU-;
`
`FIRST NAME
`
`MIDDLE INITIAL
`
`RESIDE:"CE (CITY ANLJ EITHt:R STATE OR FOREIG:"
`COUNTRY)
`
`Flitcroft
`
`O'Donnell
`
`Daniel
`
`Graham
`
`I.
`
`Dublin, Ireland
`
`Dublin, Ireland
`
`CARD SYSTEM AND METHOD
`
`TITLE OF THE Il'r'VENTJON (280 characters max)
`
`-'
`:~
`-'
`.='
`
`CORRESPONDENCE ADDRESS
`
`'", Ronald L. Grudziecki
`BURNS, DOAi'E, SwECKER & MATHIS, L.L.P.
`P.O. Box 1404
`Alexandria,
`
`I Virginia
`
`I ZIP CODE
`
`I 223 13-1404
`
`I COUNTRY
`
`I United States of America
`
`ENCLOSED APPLICATION PARTS (check all that apply)
`
`-,
`,j:
`
`STATE
`
`"
`:..
`
`: ;
`
`~
`Specification
`.- ~ Drawing(s)
`
`Number of Pages
`
`Number of Sheets
`
`30
`
`6
`
`D
`Small Entity StatemeIIt
`~ Other (specify) Claims 1-21, 6 pages; Abstract,
`1 page
`
`METHOD OF PAYMENT OF FILING FEES FOR THIS PROVISIONAL APPLICA nON FOR PATENT (check one)
`$ D $75.00
`$ ~ $150.00
`
`[]] A check or money order is enclosed to cover the Provisional filing fees
`~
`The Commissioner is hereby authorized to charge any deficiency
`in filing fees or credit any overpayment to Deposit ACCOUI\t Number
`02-4800. This paper is submitted in triplicate .
`
`PROVISIONAL
`FILING FEE
`AMOUNT(S)
`
`.;;.
`
`;j
`
`•
`
`•
`
`• The invention was made hy an agcncy of the United States GoVeTlUlIent or under a contract with an agcncy of the I 'nired SlaleS (,ovcnullcnL
`
`[]]
`No.
`D Yes, the name oCthe l;.S. GOVCTlUlIcnt agency and the Gllvenunent contractnulllber are:
`
`Respectfully submitted,
`
`SIGNATURE~R..;.J•. J30q",L
`o Additional inventors are being named on separately numbered sheets attached hereto
`
`Date August 26. 1998
`
`Registration No. -=2--:.4.1..:,9:....;7'-'0'--
`(if appropriate)
`
`ffYPED or PRINTED NA.
`
`Ronald L. Grudziecki
`
`_
`
`(10/97 )
`
`MasterCard, Exh. 1019, p. 1
`
`

`

`-1-
`
`CARD SYSTEM AND METHOD
`
`BACKGROUND
`
`1. Field of the Invention
`
`This invention relates to a financial card system and method, and more
`
`5
`
`particularly, to a credit, debit and charge card system and method offering reduced
`
`potential of credit card number misuse.
`
`2. Related Art
`
`The development of retail electronic commerce has been relatively slow in
`
`spite of the perceived demand for such trade. The single greatest deterrent to the
`
`10
`
`expansion of retail electronic commerce is the potential for fraud and the fear of
`
`fraud. This potential for fraud has been a major concern for the credit card
`
`companies and financial institutions as well as the customers and the providers of the
`
`goods and services.
`
`The former are seriously concerned about fraud, because essentially in the
`
`15
`
`long run the financial institutions have to bear the cost of the fraud. Additionally, the
`
`credit card companies have a very efficient credit card system which is working
`
`extremely well for face to face transactions, i.e. transactions where the credit card is
`
`physically presented to a trader and the trader can obtain the master credit card
`
`number, compare signatures and in many cases photographs before accepting a
`
`20
`
`particular credit card.
`
`The latter are equally concerned about fraud, being well aware that ultimately
`
`the user must pay for the service. However, there are particular personal concerns
`
`for the consumer in that the fraudulent use of the credit card by misuse of the master
`
`credit card number by a third party may not become apparent for some time. This
`
`25
`
`can happen even if the card is still in his or her possession. Further when fraud does
`
`MasterCard, Exh. 1019, p. 2
`
`

`

`=-.=.
`
`-2-
`
`occur the consumer has the task of persuading the credit card provider that fraud did
`
`indeed occur.
`
`There is also the additional fear of being overcharged on a credit card. There
`
`are thus particular risks for those credit card holders who have relatively high
`
`5
`
`spending limits, in that if fraud should occur, it may be some considerable time
`
`before it is detected. One particular form of fraud referred to as "skimming" is
`
`particularly difficult to control. What happens is that the card holder proffers his or
`
`her card at an establishment to make a transaction, the relevant information is
`
`electronically and/or physically copied from the card and the card is subsequently
`
`10
`
`reproduced. This can be a particular problem with travelers particularly during an
`
`extensive period of travel as the fraudulent card may turn up in other places and it
`
`may be some considerable time before the fraud is detected.
`
`For remote credit card use, the credit card holder has to provide details of
`
`name, master credit card number, expiration date and address and often many other
`
`15
`
`pieces of information for verification~ the storing and updating of the information is
`
`expensive but necessary. This of itself is a considerable security risk as anybody will
`
`appreciate that this information could be used to fraudulently charge goods and
`
`services to the card holder's credit card account. Such fraudulent use is not limited to
`
`those people to whom the credit card information has been given legitimately, but
`
`20
`
`extends to anybody who can illegitimately obtain such details. A major problem in
`
`relation to this form of fraud is that the credit card may still be in the possession of
`
`the legitimate holder as these fraudulent transactions are taking place. This is often
`
`referred to as "compromised numbers" fraud.
`
`Indeed all this fraud needs is one
`
`dishonest staff member, for example in a shop, hotel or restaurant, to record the
`
`25
`
`credit card number.
`
`It is thus not the same as card theft.
`
`The current approaches to the limiting of credit card fraud are dependent
`
`firstly on the theft of a card being reported and secondly elaborate verification
`
`systems whereby altered patterns of use initiate some enquiry from the credit card
`
`MasterCard, Exh. 1019, p. 3
`
`

`

`-3-
`
`company. Many users of credit cards have no doubt received telephone calls, when
`
`their use of the card has been exceptional, or otherwise unusual in the eyes of the
`
`organization providing the verification services.
`
`Thus, there have been many developments in an effort to overcome this
`
`5
`
`fundamental problem of fraud, in the general area of fraud for ordinary use of credit
`
`cards and for the particular problems associated with such remote use.
`
`One of the developments has been the provision of smart cards which are
`
`credit card devices containing embedded electronic circuitry that can either store
`
`information or perform computations. Generally speaking they contribute to credit
`
`10
`
`card security systems by using some encryption system. A typical example of such a
`
`smart card is disclosed in U.S. Patent Specification No. 5,317,636.
`
`Another method used is the Secure Electronic Transaction (SET) protocol
`
`which represents the collaboration between many leading computer companies and the
`
`credit card industry which is particularly related to electronic transmission of credit
`
`15
`
`card details and in particular via the Internet.
`
`It provides a detailed protocol for
`
`encryption of credit card details and verification of participants in an electronic
`
`transaction.
`
`There are then specific electronic transaction systems such as "Cyber Cash,"
`
`"Check Free" and "First Virtual." Unfortunately, there are serious problems with
`
`20
`
`what has been proposed to date. Firstly, any form of reliance on encryption is a
`
`challenge to those who will then try to break it. The manner in which access has
`
`been gained to extremely sensitive information in Government premises, would make
`
`even the most foolhardy wary of any reliance on an encryption system. A further
`
`problem is that some of the most secure forms of encryption system are not widely
`
`25
`
`available due to government and other security requirements. Limiting the electronic
`
`trading systems and security systems for use to the Internet is of relatively little use.
`
`While it is perceived to be an area of high risk, in practice to date it is not.
`
`MasterCard, Exh. 1019, p. 4
`
`

`

`-4-
`
`One of the problems with all these systems is that there are many competing
`
`technologies and therefore there is a multiplicity of incompatible formats which will
`
`be a deterrent to both traders and consumers. Similarly, many of these systems
`
`require modifications of the technology used at the point of sale, which will require
`
`5
`
`considerable investment and further limit the uptake of the systems.
`
`Many solutions have been proposed to this problem. However, none of them
`
`allow the use of existing credit cards.
`
`Ideally, as realized by the present inventors,
`
`the solution would be to obtain the functionality of a credit card, while never in fact
`
`revealing the master credit card number. Unfortunately, the only way to ensure that
`
`10
`
`master credit card numbers cannot be used fraudulently is to never transmit the
`
`master credit card number by any direct route, i.e. phone, mail, Internet or even to
`
`print out the master credit card number during the transaction, such as is commonly
`
`the case at present.
`
`It is thus not feasible.
`
`3. Objects
`
`15
`
`According to exemplary embodiments, the present invention is directed
`
`towards improving the existing financial card system by providing a more secure way
`
`of using existing financial cards (such as credit, debit and charge cards), and in
`
`particular to providing an improved way of using existing credit cards in all types of
`
`transactions, including transactions in which the card is physically presented, and
`
`20
`
`transactions in which only the credit card number is presented. The present invention
`
`is further directed towards providing a more secure way of using existing credit cards
`
`generally which will not require any major modifications to existing credit card
`
`systems.
`
`It is further directed towards providing an improved credit card system that
`
`will be more user friendly and will provide customers with a greater confidence in the
`
`25
`
`security of the system.
`
`Further the invention is directed towards providing an improved credit card
`
`system that will not, in one embodiment, necessarily require the use of expensive
`
`MasterCard, Exh. 1019, p. 5
`
`

`

`-5-
`
`encryption systems. The present invention is also directed towards providing an
`
`improved credit card system which will enable a user to obtain the functionality of a
`
`credit card while never revealing the master credit card number to any third party.
`
`Further the invention is directed towards overcoming as far as possible the
`
`5
`
`incidence of skimming and compromise numbers frauds.
`
`SUMMARY
`
`These and other objects of the present invention are satisfied by a first
`
`exemplary embodiment, which pertains to a credit card technique involving:
`
`maintaining a pool of credit card numbers which share identical formatting; assigning
`
`10
`
`at least one credit card number from the pool of credit card numbers to be a master
`
`credit card number; assigning at least one credit card number from the pool of credit
`
`card numbers to be a limited-use credit card number; and associating the master credit
`
`card number with the limited-use credit card number, while ensuring that the master
`
`credit card number cannot be discovered on the basis of the limited-use credit card
`
`15
`
`number.
`
`The technique further comprises: receiving notification that the limited-use
`
`credit card number has been used in a credit card transaction; determining whether a
`
`limited-use event has occurred based on the notification, and if so, generating a
`
`deactivation command; and deactivating the limited-use credit card if the limited-used
`
`20
`
`event has occurred, based on the deactivation command.
`
`In one embodiment, the
`
`limited-use event is satisfied when the limited-use credit card is used only once.
`
`In
`
`another embodiment, the limited-use event is satisfied when the limited-use credit
`
`card is used to accrue charges which are greater than a prescribed monetary amount.
`
`In one embodiment of the invention, the additional limited-use credit card
`
`25
`
`numbers are allocated automatically as soon as the credit card holder uses more than a
`
`preset amount of limited-use credit card numbers. The advantage of this is that the
`
`MasterCard, Exh. 1019, p. 6
`
`

`

`-6-
`
`master credit card holder does not have to request the credit card numbers each time
`
`they are required.
`
`In another embodiment, a technique for performing a credit card transaction
`
`based on one of a master credit card number or a limited-use credit card number is
`
`5
`
`provided, wherein the limited-use credit card number is randomly chosen with respect
`
`to the master credit card number, but the limited-use credit card number includes
`
`identical formatting to the master credit card number and is associated with the master
`
`credit card number. The technique comprises: entering a transaction on the basis of
`
`the master credit card number or the limited-use credit card number to generate a
`
`10
`
`transaction message; and receiving the transaction message and processing the
`
`transaction. The step of processing the transaction includes: authorizing or denying
`
`the transaction; determining whether to deactivate the limited-use credit card number
`
`when the limited-use credit card number was used to perform the transaction, and
`
`generating a deactivation command in response thereto, wherein the determining step
`
`15
`
`determines whether to deactivate the limited-use credit card number based on whether
`
`a limited-use event pertaining to the use of the limited-use credit card number has
`
`occurred, and if so, generates the deactivation command when the limited-use event
`
`has occurred; and deactivating the limited-use credit card number based on the
`
`deactivation command.
`
`20
`
`One advantage of the above-described techniques is that the credit card holder
`
`obtains the functionality of a credit card without ever in fact revealing the master
`
`credit card number in the course of a transaction. More specifically, according to a
`
`preferred embodiment, there is no mathematical relationship between the limited-use
`
`credit card number and the master credit card number. This is attributed to the fact
`
`25
`
`that the numbers are randomly selected from a queue of available single use credit
`
`card numbers based upon the requests and/or needs of different customers.
`
`It is thus
`
`virtually impossible to predict which customers are looking for numbers at any time
`
`or how they will be allocated.
`
`MasterCard, Exh. 1019, p. 7
`
`

`

`-7-
`
`Further, the technique can use a single use credit card number, and hence the
`
`possibility of compromised numbers credit card fraud may be eliminated or greatly
`
`reduced. Additionally, in one embodiment of the credit card technique, a preset
`
`credit limit, etc. is allocated to each card.
`
`Irrespective of how the trader behaves (for
`
`5
`
`example, by fraudulently overcharging or providing additional goods) the total risk to
`
`the credit card holder is directly related to the preset credit limit of the card, and
`
`thereby can be minimized.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`10
`
`The foregoing, and other, objects, features and advantages of the present
`
`invention will be more readily understood upon reading the following detailed
`
`description in conjunction with the drawings in whjch:
`
`Fig. 1 shows an exemplary system for implementing the present invention;
`
`and
`
`15
`
`Fig. 2 shows, in high-level form, the operation of the central processing
`
`station shown in Fig. 1.
`
`DETAILED DESCRIPTION
`
`The following discussion is framed in the context of credit card systems to
`
`facilitate discussion. However, the inventive concept can be equally applied to other
`
`20
`
`types of financial systems, such as debit and charge card systems.
`
`In this specification the term "master credit card number" and "master credit
`
`card" refer to the credit card number and the credit card as generally understood,
`
`namely, that which is allocated by the credit card provider to the customer for his or
`
`her account.
`
`It will be appreciated that an account may have many master credit
`
`25
`
`cards in the sense of this specification. For example a corporation may provide many
`
`of its employees with credit cards but essentially each of these employees holds a
`
`master credit card even if there is only one customer accounts. Each of these master
`
`MasterCard, Exh. 1019, p. 8
`
`

`

`-8-
`
`credit cards will have a unique master credit card number, which set of master credit
`
`card numbers will be linked to the account. Similarly, in families, various members
`
`of the family may hold a master credit card all of which are paid for out of the one
`
`customer account.
`
`S
`
`The term "limited-use" credit card number is used to encompass at least both
`
`the embodiment in which the credit card is designated for a single use, and the
`
`embodiment in which the credit card is designated for multiple uses providing that the
`
`charges accrued do not exceed a prescribed threshold.
`
`1. Overview of System Features
`
`10
`
`There are at least two basic different ways of carrying out the present
`
`invention.
`
`In summary, they are the allocation of additional credit card numbers for
`
`remote trade and secondly the provision of what are effectively disposable credit
`
`cards for remote and card present trade, both of which have the feature of in the case
`
`of single use or in the case of multiple use, protecting against the worst effects of
`
`':::::,:
`
`15
`
`compromised numbers fraud or skimming.
`
`In a refinement of the invention, it is possible to control the manner in which
`
`an actual transaction is carried out as a further protection against unscrupulous
`
`providers of goods and services.
`
`Essentially, there are certain matters that will be considered in relation to this
`
`20
`
`invention. They are firstly the operational or functional process in so far as they
`
`affect customers, and then there are the technical features, namely how the invention
`
`is implemented, how the invention is provided to the customers, and finally, how the
`
`invention is handled by the providers of goods and services and the processors of the
`
`credit cards, i.e., the financial institutions and/or their service providers.
`
`25
`
`The operational or functional aspects of this invention will be discussed first in
`
`the context of a standard credit card system.
`
`MasterCard, Exh. 1019, p. 9
`
`

`

`-9-
`
`One basic feature of the invention is to provide in a credit card system such
`
`that each master credit card holder could be provided with one or more of the
`
`following: 1) additional single use credit card numbers for remote transactions; 2)
`
`multiple use credit card numbers for remote transactions; 3) single use additional
`
`5
`
`credit cards for remote and card present transactions; and 4) multiple use credit cards
`
`for remote and card present transactions.
`
`It is also envisaged that in certain situations credit cards can be provided to
`
`people who do not have an account with any credi t card company. This latter feature
`
`will be described in more detail below. Various other features may be provided in
`
`10
`
`the above situations which will further improve the security of credit card
`
`transactions.
`
`Dealing firstly with the situation where a master credit card holder has an
`
`additional credit card number allocated to him or her for a single use, it will be
`
`appreciated that since the number can only be used for one single remote transaction,
`
`15
`
`the fact that the number is in anybody else's hands is irrelevant as the master credit
`
`card number is not revealed to the third party. Various other features may be added
`
`to such single use credit card numbers, for example, the value of the transaction can
`
`be limited, thus the master credit card holder can have a plurality of single use credit
`
`card numbers of differing values. For example, when a remote trade is carried out,
`
`20
`
`the master credit card holder will use a credit card number which has a credit card
`
`limit only marginally above or equal to that of the value of the transaction. This
`
`would prevent any unscrupulous trader using the credit card number to supply
`
`additional goods or services over those ordered or to increase the agreed charge.
`
`A second embodiment of the invention provides the master credit card holder
`
`25
`
`with an additional credit card number for use in remote trade. which credit card
`
`number could have, as in the previous example of the invention, a credit limit for
`
`each specific transaction or a credit limit such that when the aggregate amount of a
`
`series of transactions exceeded a specific credit limit that the credit card number
`
`MasterCard, Exh. 1019, p. 10
`
`

`

`-10-
`
`would be canceled, invalidated or in some other way deactivated. Similarly, the
`
`multiple use credit card number could be limited to, for example, five uses with a
`
`credit limit not exceeding $100 in each transaction and an aggregate credit limit not
`
`exceeding $400. Similarly a time restriction could be put on such a credit card
`
`5
`
`number in that it would be deactivated if it was used more, for example, than once a
`
`week.
`
`It will be appreciated that the limits that can be placed on the use of a single
`
`use credit number or a multiple use credit card number are almost limitless and those
`
`having skill in the art will consider other ways in which the use of the credit card
`
`number could be limited, whether it be by time, by amount, by geographical region,
`
`10
`
`or by purpose or use (such as limited to Internet trade and so on), or by some
`
`combination of these separate criterion.
`
`The third way in which the invention could be carried out is by providing
`
`additional single use credit cards each of which would have a unique additional credit
`
`card number. Such additional single use credit cards could then be used both for
`
`15
`
`remote trade by using the additional credit card numbers for respective transactions,
`
`and for "card present" trade where each card would be "swiped" in the normal
`
`manner. Such a disposable credit card could be made from a relatively inexpensive
`
`material, such as cardboard, with the relevant information entered into it in magnetic
`
`form, as is already the case with many forms of tickets for use in public transport and
`
`20
`
`the like. Again, substantially the same features as with the credit card number could
`
`be provided. Thus, for example, the disposable credit card could be limited to use
`
`geographically, to amount, to an expiration date, and so on. Again, those skilled in
`
`the art will appreciate that there are many variations to this concept.
`
`Another way of carrying out the invention is to provide a master credit card
`
`25
`
`holder with a multiple use additional credit card, which additional credit card
`
`provides any features that may be desired.
`
`Ideally, irrespective of the manner in which the invention is carried out, the
`
`master credit card holder would be provided with either a plurality of single use
`
`MasterCard, Exh. 1019, p. 11
`
`

`

`-11-
`
`additional credit card numbers or multiple use credit card numbers or single and
`
`multiple use credits cards.
`
`Generally, it will be appreciated that with either single use credit card
`
`numbers or single use additional credit cards, it is possible to eliminate or reduce the
`
`5
`
`risk of credit card number fraud.
`
`Further, depending on the credit limit imparted to
`
`the particular credit card number or additional credit card number or single use
`
`additional credit card. it is possible to further limit the possibilities of fraud in any
`
`remote transaction and that with the use of a disposable single use credit card it is
`
`possible to eliminate or reduce the risk of skimming.
`
`10
`
`With multiple use additional credit card numbers and multiple use additional
`
`credit cards, the above-identified problems may not be totally eliminated due to
`
`preferences of the user. This is because, in certain circumstances, credit card users
`
`may prefer to have, for example, an additional credit card number for remote trade
`
`with a specific credit limit that they use all the time and are willing to take the risk of
`
`15
`
`compromised number fraud, in the sense that they can control the severity of this
`
`misuse. This would be particularly the case where some of the various credit limits
`
`or use limits suggested above are used with the additional credit card number.
`
`Substantially the same criteria would apply to an additional multiple use credit card.
`
`Effectively, the present invention solves the problem by obtaining the
`
`20
`
`functionality of a credit card while never in fact revealing the master credit card
`
`number as the master credit card number need never be given in a remote transaction.
`
`Further, the master credit card itself need never be given to a trader.
`
`In another embodiment of the invention, it is envisaged that people who do
`
`not hold master credit cards could purchase disposable credit cards which would have
`
`25
`
`a credit limit for the total purchases thereon equal to the amount for which the credit
`
`card was purchased. These could then be used for both card present and card remote
`
`trade, the only proviso being that if the credit limit was not reached it will then be
`
`necessary for a refund to be given by the financial institution or credit card provider.
`
`II
`
`MasterCard, Exh. 1019, p. 12
`
`

`

`-12-
`
`An obvious way of obtaining such a refund would be through an automatic teller
`
`machine (ATM).
`
`As an alternative, the above-discussed cards could be, in effect, debit cards in
`
`the true sense, in which funds are withdrawn against a customer's account.
`
`In this
`
`5
`
`case, the "credit card" issued, whether it be a one time use card or multi-use card,
`
`and whether have a credit limit or not, would be used to debit the account
`
`immediately. Preferably, the credit card issued in these circumstances would be
`
`single use with or without a transaction limit which would be used and processed by
`
`the customer and merchant for a transaction as if it were a credit card, while in the
`
`10
`
`customer's bank it would be treated like any other debit to the account.
`
`2. Exemplary Implementation
`
`2.1 Implementation overview
`
`Fig. 1 shows an exemplary overview of a system for implementing the
`
`limited-use credit card system of the present invention.
`
`15
`
`The system 100 comprises a central processing station l02, which,
`
`accordingly to exemplary embodiments, may be operated by the credit card provider.
`
`Generally, this station 102 receives and processes remotely generated credit card
`
`transactions. The credit card transactions can originate from a merchant in the
`
`conventional manner, e. g., by swiping a credit card through a card swipe unit 106.
`
`20
`
`Alternatively, the credit card transaction requests can originate from any remote
`
`electronic device, such as device 104. The device 104 can include, but is not limited
`
`to, a personal computer (including desktop, laptop and handheld computers),
`
`conventional telephone, intelligent telephone (e.g., which comprises a conventional
`
`phone with additional electronic communication features and software). Further,
`
`25
`
`although not shown, the credit card numbers can be submitted via mail order coupon
`
`or like means.
`
`MasterCard, Exh. 1019, p. 13
`
`

`

`-13-
`
`The above-discussed remote devices can interface with the central processing
`
`station 102 through any type of network, including any type of public or propriety
`
`networks, or some combination thereof. For instance, the personal computer 104
`
`interfaces with the central processing station 102 via the Internet 112. Actually, there
`
`5
`
`may be one or more merchant computer devices (not shown) which receive credit
`
`card transactions from the remote computer 104, and then forward these requests to
`
`the central processing station 102. The central processing station 102 can also
`
`interface with other types of remote devices, such as device 140, via
`
`radiocommunication using transmitting/receiving antenna 138.
`
`10
`
`The central processing station 102 itself may include a central processing unit
`
`120, which interfaces with the remote units via network I/O unit 118. The central
`
`processing unit 120 has access to a database of credit card numbers 124, a subset 126
`
`of which are designated as being available for limited use (referred to as the
`
`"available range"). Also, the central processing unit 120 has access to a central
`
`15
`
`database 122, referred to as a "conditions" database. This database is a general
`
`purpose database which stores information regarding customers' accounts, such as
`
`information regarding various conditions which apply to each customers' account.
`
`Further, this database 122 may store the mapping between a customer's fixed master
`
`credit card number and any outstanding associated limited-use credit cards, using, for
`
`20
`
`instance, some type of linked-list mechanism. Databases 122 and 124 are shown
`
`separately only to illustrate the type of information which may be maintained by the
`
`central processing station 102; the information in these databases can be commingled
`
`in a common database in a manner well understood by those having skill in the data
`
`processing arts. For instance, each limited-use credit card number can be stored with
`
`25
`
`a field which identifies its sponsor account, and various conditions regarding its use.
`
`The central processing unit 120 can actually internally perform the approval
`
`and denial of credit card transaction requests by making reference to credit history
`
`MasterCard, Exh. 1019, p. 14
`
`

`

`-14-
`
`infonnation and other information in the conventional manner. Alternatively, this
`
`function can be delegated to a separate clearance processing facility (not shown).
`
`Finally, the central processing station includes the capability of transmitting
`
`the limited-use credit card numbers to customers.
`
`In a first embodiment, a local card
`
`5
`
`dispenser 128 can be employed to generate a plurality of limited-use cards 132 andlor
`
`a master credit card 134 for delivery to a customer.
`
`In a second embodiment, the
`
`limited-use credit card numbers can be printed on a form 136 by printer 130, which is
`
`then delivered to the customer via the mail. This listing of numbers can be included
`
`in a monthly or other periodic account statement.
`
`In a third embodiment, these
`
`10
`
`limited-use numbers can be electronically downloaded to a user's personal computer
`
`104, where they are stored in local memory 142 of the personal computer 104 for
`
`subsequent use.
`
`In this case, the credit card numbers can be encrypted (to be
`
`described in detail later).
`
`Instead of the personal computer 104, the numbers can be
`
`downloaded to a user's smart card though an appropriate interface. In a fourth
`
`15
`
`embodiment, the single-use credit card numbers can be downloaded to a radio unit
`
`140 (such as a portable telephone) via wireless communication.
`
`In a fifth
`
`embodiment, an ATM 108 can be used to dispense the limited-use cards 110. Those
`
`skilled in the art will readily appreciate that other means for conveying the
`
`numbers/cards can be employed.
`
`20
`
`The logic used to perform the actual allocation and deactivation of limited-use
`
`credit card numbers preferably comprises a microprocessor which implements a
`
`stored program within the central processing unit 120. Any general or special
`
`purpose computer will suffice.
`
`In alternative embodiments, the logic used to perform
`
`the allocation and deactivation of the limited-use credit card numbers may comprise
`
`25
`
`discrete logic components, or some combination of discrete logic components and
`
`computer-implemented control.
`
`Fig. 2 shows a high-level depiction of the functions performed by the central
`
`processing station 102. The process begins in step 202 by allocating one or more
`
`MasterCard, Exh. 1019, p. 15
`
`

`

`-15-
`
`limited-use numbers to a customer. These numbers are ultimately selected from the
`
`list 126 of available limited-use numbers, or some other list which has been
`
`previously formed from the numbers in list 126. Also, although not shown in Fig.
`
`2, a master account number would have been preferably assigned to the customer at a
`
`5
`
`previous point in time. The conditions database 122 may comprise a mechanism for
`
`associating the master credit card number with the limited-use credit card number.
`
`Because the limited-use cards are "arbitrarily" chosen from the listing 126 of limited(cid:173)
`
`use card numbers, there should be no discernable link which would allow anyone to
`
`determine the master credit card number from any of the limited-use numbers.
`
`10
`
`The processing then advances to step 204, where it is determined whether a
`
`customer requests any a