`
`PCTIUSOO/18510
`
`17
`
`cause transaction enabler 160 to display $4300 (representing an increase in the present highest
`
`bid). p
`
`The user may select ‘Bid History’ to view the previous bidders and history. The
`
`relevant data may either be displayed based on data stored locally or the data may be retrieved
`
`from web site 130 in response to a user request. As is well known in the relevant arts, auction
`
`sites such as vvww.ebay.com provide such bid histories.
`
`The user may specify her/his bid price in the box provided next to text ‘Your Bid’.
`
`The user may then select the ‘isubmit’ text to cause transaction enabler 160 to submit the bid.
`
`As noted above, the submission may be according to any mechanism. The bid can potentially
`
`10
`
`be over a broadband interface to access a web site or to ’a server accepting over a telephone
`
`connection. Once the bid is submitted to a server at the access address, the auction item may
`
`be sold to a bidder in a known way. If the user of system 150 has the highest bid, the user may
`
`pay the bid amount and receive the auction item.
`
`Thus, an interface such as the one above, a user (or television viewers) may bid for
`
`15
`
`auction items in accordance with the present invention. The bid may be submitted according
`
`to any pre-specified protocol between transaction enabler 160 and an auction server (e.g., web
`
`site 130). The implementation of auction on web site 130 based on such received bid prices
`
`will be apparent to one skilled in the relevant arts.
`
`8. Conclusion
`
`20
`
`While various embodiments of the present invention have been described above, it
`
`should be understood that they have been presented by way of example only, and not
`
`limitation. Thus, the breadth and scope of the present invention should not be limited by any
`
`of the above-described exemplary embodiments, but should be defined only in accordance
`
`with the following claims and their equivalents.
`
`Petitioner Apple Inc. — Exhibit 1006, p. 2001
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2001
`
`
`
`wo o1/03044
`
`PCTIUSOO/18510
`
`What Is Claimed Is:
`
`18
`
`1. A method of enabling a viewer of a television system to participate in auctions, said
`
`method comprising:
`
`(a) encoding in a television signal a data describing an auction item and an access
`
`address of a server at which auction service for said auction item is provided; and
`
`(b) transmitting said television signal,
`
`wherein said data can be used to enable said viewer to bid for said auction item at said
`
`SCFVCI‘.
`
`2. The method of claim 1, wherein said method further comprises:
`
`(c) receiving said television signal encoded with said data in a transaction enabler;
`
`(d) recovering said data encoded in said television signal;
`
`(e) displaying information describing said auction item on said television system;
`
`(0 enabling said viewer to bid at said server specified by said access address.
`
`3. The method of claim 2, further comprising:
`
`(g) enabling said viewer to specify a bid price for said auction item.
`
`4. The method of claim 3, wherein said enabling said viewer to specify said bid price
`
`comprises:
`
`(h) enabling said viewer to indicate said bid price; and
`
`(i) transmitting said bid price to said server at said access address.
`
`p_|
`
`5. The method of claim 4, wherein said access address comprises a telephone number
`
`Petitioner Apple Inc. — Exhibit 1006, p. 2002
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2002
`
`
`
`W0 01/03044 ,
`
`PCT/US00/18510
`
`l9
`
`of said server, and said method further comprises:
`
`0) encoding a unique code identifying said auction item;
`
`(k) recovering said unique code in said transaction enabler; and
`
`(1) transmitting said unique code along with said bid price to said server,
`
`whereby said server can easily associate said bid price with said auction item using said
`
`unique code.
`
`6. The method of claim 4, wherein said access address comprises a universal resource
`
`locator (URL) of a web site, wherein said web site comprises said server, and wherein steps
`
`(h) and (i) comprise the further step of enabling said viewer to indicate said price on a web
`
`page provided by said web site.
`
`\\
`
`7. The method of claim 1, further comprising:
`
`(m) encoding a present highest bid in said television signal, wherein said present
`
`highest bid may be displayed to said viewer before said viewer decides to submit a bid.
`
`8. The method of claim 7, wherein said server comprises a web site, and said method
`
`comprising the further step of retrieving said present highest bid from said web site.
`
`9. The method of claim 1, wherein step (a) comprises the step of encoding said data
`
`in non-display portion of said television signal.
`
`10. The method of claim 1, wherein step (a) comprises the further step of encoding
`
`said data in a non-display portion of said television signal.
`
`Petitioner Apple Inc. — Exhibit 1006, p. 2003
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2003
`
`
`
`W0 01/030“
`
`PCT/US00/18510
`
`20
`
`11. The method of claim 10, wherein said non-display portion comprises vertical
`
`blanking interval (VBI).
`
`12. The method of claim 1, further comprising:
`
`transmitting an updated highest bid price in said television signal, wherein said updated
`
`highest bid price corresponds to a present highest bid for said auction item.
`
`13. The method of claim 12, further comprising:
`
`retrieving said updated bid price from said server,
`
`wherein said step of transmitting said updated highest bid price is performed after said
`
`step of retrieving said updated bid price from said server.
`
`14. The method of claim 13, further comprising:
`
`l’\)
`
`enabling said viewer to request a bid history; and
`
`displaying all of said updated bid prices to said viewer.
`
`15. The method of claim 14, wherein said display corresponding to said bid history
`
`further comprises a description of the bidder corresponding to each of said present highest bid.
`
`16. The method of claim 1, wherein said data further comprises a time at which
`
`auction for said auction item closes.
`
`17. A method of enabling a viewer of a television system to participate in auctions,
`
`Petitioner Apple Inc. — Exhibit 1006, p. 2004
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2004
`
`
`
`|\)
`
`L11
`
`W0 01/03044
`
`PCT/US00/18510
`
`said method comprising:
`
`2]
`
`(a) receiving in a transaction enabler a television signal encoded with a data, said data
`
`including a description of an auction item and an access address of a server at which auction
`service for said auction item is provided;
`H
`
`(b) recovering said data encoded in said television signal;
`
`(c) displaying said description of said auction item on said television system;
`
`, (d) enabling said viewer to bid at said server specified by said access address.
`
`18. The method of claim 17, further comprising:
`
`(e) enabling said viewer to indicate said bid price; and
`
`(1) transmitting said bid price to said server at said access address.
`
`19. The method of claim 4, wherein said access address comprises a telephone number
`
`2
`
`of said server, and said method further comprises:
`
`(g) encoding a unique code identifying said auction item;
`
`(h) recovering said unique code in said transaction enabler; and
`
`(i) transmitting said unique code along with said bid price to said server,
`
`whereby said server can easily associate said bid price with said auction item using said
`
`said unique code.
`
`20. An environment enabling a viewer of a television system to participate in auctions,
`
`said environment comprising:
`
`encoding means for encoding in a television signal a data describing an auction item
`
`Petitioner Apple Inc. — Exhibit 1006, p. 2005
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2005
`
`
`
`W0 01/030“
`
`PCT/US00/18510
`
`22
`
`and an access address of a server at which auction service for said auction item is’ provided;
`
`U"
`
`and
`
`server.
`
`transmission means for transmitting said television signal,
`
`wherein said data can be used to enable said viewer to bid for said auction item at said
`
`21. An environment enabling a viewer of a television system to participate in auctions,
`
`said environment comprising:
`
`receiving means for receiving a television signal encoded with a data, said data
`
`including a description of an auction item and an access address of a server at which auction
`
`service for said auction item is provided;
`
`recovery means for recovering said data encoded in said television signal;
`
`displaying means for displaying said description of said auction item on said television
`
`system;
`
`enabling means for enabling said viewer to bid at said server specified by said access
`
`10
`
`address.
`
`22. An environment enabling a viewer of a television system to participate in auctions,
`
`said environment comprising:
`
`a broadcast system to encode in a television signal a data describing an auction item
`
`and an access address of a server at which auction service for said auction item is provided,
`
`said broadcast system being designed also to transmit said television signal,
`
`wherein said data can be used to enable said viewer to bid for said auction item at said
`
`SC1'\’Cl'.
`
`Petitioner Apple Inc. — Exhibit 1006, p. 2006
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2006
`
`
`
`W0 01/03044
`
`PCT/US00/18510
`
`23
`
`23. The environment of claim 22, wherein said broadcast system comprises:
`
`a production block to generate images to encode in a display data portion of said‘
`
`television signal;
`
`an authoring block to encode said data in said television signal; and
`
`a broadcast block to transmit said television signal containing sajd images and said
`
`data.
`
`24. The environment of claim 23, further comprising an auction data interface to
`
`receive a present -highest bid from a server, said auction data interface to provide said present
`
`highest bid to said authoring block, wherein said authoring block encodes said present highest
`
`bid in said television signal.
`
`25. The environment of claim 24, further comprising a timing determination block to
`
`determine the time at which said authoring block encodes said data including said present
`
`highest bid in said television signal.
`
`26, The environment of claim 22, further comprising:
`
`a viewer bidding system to receive said television signal, and enabling said viewer to
`
`submit a bid and participate in said auction.
`
`27. The environment of claim 26, wherein said viewer bidding system comprises:
`
`a television system;
`
`a remote control which enables said viewer to submit said bid; and
`
`Petitioner Apple Inc. A— Exhibit 1006, p. 2007
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2007
`
`
`
`W0 °“°3°44
`
`.
`
`PCT/US00/18510
`
`24
`
`a transaction enabler coupled to said television system and to receive said commands
`
`from said remote control, said transaction enabler to recover said data encoded in said
`‘i
`television signal and display information contained in said data on said television,
`
`wherein said viewer can submit said bid using said remote control.
`
`28. The environment of claim 27, wherein said transaction enabler is integrated within
`
`said television system.
`
`29. The environment of claim 27, wherein said transaction enabler is provided external
`
`to said television system, and wherein said transaction enabler overlays a window with
`
`information contained in said data on images encoded in the display data of said television
`
`signal.
`
`30. The environment of claim 27, wherein said window is displayed in a transparent
`
`mode on said images.
`
`Petitioner Apple Inc. — Exhibit 1006, p. 2008
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2008
`
`
`
`WO 01/03044
`
`PCT/US00/18510
`
`1/5
`
`
`
`Euazmummovaoum
`
`Q3
`
`
`
`
`
`uuOEDNmuofiacmcouommcwfi.
`
`6250
`
`Q5.
`
`n
`
`.:o_m_>2o._.
`
`34
`
`
`
`Eoumamw:€E.m
`
`@193.
`
`
`
`
`
`EuummmmEuEm_oBo_>
`
`Q9.
`
`Petitioner Apple Inc. — Exhibit 1006, p. 2009
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2009
`
`
`
`
`
`
`
`
`WO 01/03044
`
`PCT/US00/18510
`
`Emom
`
`
`
`
`
`EN.8»;:o_m_>o_8mEmmoficmmmooomcmcanEu:couoamanwE©_EoESanowoocm
`
`
`
`mEB9$co_m_>o_88_m:m_m:o_m_>2B2:on.umoumoem
`
`
`
`
`
`2/5
`
`
`
`_m:w_m:o_m_>o_82:ofiooom
`
`
`
`Eu:couosm05OH@238S805B>ooo.m
`
`N8&5am
`
`Em
`
`
`
`
`
`ammmohvummmooom2:8Eu:cocosmcannowBo.8S>>o_>:o_m_>28mofimcm
`
`Petitioner Apple Inc. — Exhibit 1006, p. 2010
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2010
`
`
`
`Mmw
`
`WmaD.
`
`m
`
`coumiccflovmaefi
`
`9%%2m.anfismcofiéoa
`
`anBangs93:o_§_<an:85m.Eo5=<
`
`Petitioner Apple Inc. — Exhibit 1006, p. 2011
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2011
`
`
`
`WO 01/03044
`
`PCT/US00/18510
`
`Hammoomfoufi
`
`oconmfloh
`
`.
`
`Smmoooum
`
`
`
`Ezoooam.~=
`
`qa
`
`Eancmohm
`
`oomfuufi
`
`damxoo_mbo>oooM
`
`Petitioner Apple Inc. — Exhibit 1006, p. 2012
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2012
`
`
`
`WO 01/03044
`
`PCT/US00/1851 0
`
`5/5
`
`amSE2.5:52m.2_=Oo2
`
`
`
`Sci65:29:E085
`
`eémfio.am.
`
`
`
`bwcokSE2u<88.0cowo=<
`
`35%.0Ema:U3so.»
`
`mBswfi
`
`
`
`.€_%_Q:o_m_>o_o._.
`
`aw
`
`Petitioner Apple Inc. — Exhibit 1006, p. 2013
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2013
`
`
`
`INTERNATIONAL SEARCH REPORT
`
`lntzmational application No.
`PCT/U300/l 35 l0
`
`CLASSIFICATION OF SUBJECT MATTER
`A.
`lPC(7)
`:G06F l7/60
`US CL : 705/26, 27, 37
`According to International Patent Classification (IPC) or to both national classification and [PC
`B.
`FIELDS SEARCHED
`
`Minimum documentation searched (classification system followed by classification symbols)
`U.S.
`:
`
`Documentation searched other than minimum documentation to the extent that such documents are included in the fields searched
`Please See Extnt Sheet.
`
`Electronic data base consulted during the international search (name of data base and, where practicable, search terms used)
`EAST, CORPORATE RESOURCE NET
`
`705/26, 27, 37
`
`C.
`
`DOCUMENTS CONSIDERED TO BE RELEVANT
`
`
`
`Citation of document, with indication, where appropriate, of the relevant passages
`Auction Goes Upscale. Capital Distn'ct Business Review. April 17,
`1995. Vol. 22. Issue 1. page 43.
`
`Relevant to claim No_
`
`Strategic Partnership Between ExtraLot.com and The Auction 1-30
`Channel. Business Wire. August 11, 2000.
`
`Auctioneer Onsale to Broadcast Live Commercials on ZDTV.
`
`Electronic Advertising and Marketplace Report. October 6, 1998.
`Vol 12. Issue 18. page 4.
`
`Philadelphia Business Journal. Auction Television Does $1 Million
`Stock Placement. January 29, 1999. Vol. 17. Issue 51. page 36.
`
`Further documents are listed in the continuation of Box C. D See patent family annex.
`Special eategoriea of cited documents:
`later doqunent publillteu utter the international filing date or prirxriry
`‘
`,
`_
`_
`date
`d
`t‘
`l'l'ct
`'thth
`l'
`b
`d
`den
`d
`dotaa-neat deftrttng the general ttate of the artwhtelt I! not considered
`‘he p::,,;:i’, 3',
`u::1,,]y;,s‘p,:,'::':,j;: ii.“ in M an
`to be of particular relevance
`
`earlier document published an or after the international filing date
`dotatmcnt which may throw doubt: on priority elaim(I) or which is
`cited to establish the publication date of another citation or other
`‘Peck! “H”, (H ,P“,“-Ed)
`document referring to an oral disclosure. use. cxluhition or other
`mean:
`
`cd°°n””."d':;:;:L5:ri:“h’
`"hm '1“ d°"“"“'“ l’ “l‘'“ 51°39
`doatmcat of particular relevance; the claimed invention cannot be
`considered to involve an inventive step when the docuntmt
`in
`combined with one or more other such documents. such combination
`beingobviotuloapusontkillodinthean
`
`document published prior to the international filing date but later than
`the priority date clattned
`
`docgungnx mgmbq of the urn: patent family
`
`Date of mailing of the international search report
`Date of the actual completion of the international search
`
`18 SEP 2000
` 22 AUGUST 2000
`
`
`Name and mailing address of the ISA/US
`
`
`Cannnisioner of Patents and Trademarks
`
`Box PCT
`washinstmt D.C. 20231
`
`
`Facsimile No.
`(703) 305-3230
`
`Telephone No.
`
`I
`,
`/’/ /
`(703) 35 -- .o I
`
`
`
`Form PCT/ISA/210 (second sheet) (July l998)1r
`
`Authorized oflicer
`
`JAMES TRAMME
`
`Petitioner Apple Inc. — Exhibit 1006, p. 2014
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2014
`
`
`
`INTERNATIONAL SEARCH REPORT
`
`
`International application No.
`
`
`PCT/US00/18510
`
`
`
`
`C(Continuation). DOCUMENTS CONSIDERED TO BE RELEVANT
`
`
`
`Citation of document, with indication, where appropriate. of the relevant passages
`
`Relevant to claim No.
`
`
`US 5,905,975 A (AUSUBEL) 18 May 1999, col 3, lines 1-30.
` MARQUEZ, RACI-IELLE. New Dimension For Auction. 15
`September 1997. Vol. 15. Issue 20. page 38.
`
`1-30
`
`1-30
`
`Form PCT/ISA/210 (continuation of second sheet) (July 1998):
`
`Petitioner Apple Inc. — Exhibit 1006, p.- 2015
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2015
`
`
`
`INTERNATIONAL SEARCH REPORT
`
`lntcmational application No.
`PCT/US00/I85 I0
`
`B. FIELDS SEARCHED
`Documentation other than minimum documentation that are included in the fields searched:
`
`NEWTON‘S TELECOM DICTlONARY
`McGRAW-HILL ENCYCLOPEDIA OF ELECTRONICS AND COMPUTERS
`
`Fom: PCT/ISA/210 (extra shcct) (July l998)t
`
`Petitioner Apple Inc. — Exhibit 1006, p. 2016
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2016
`
`
`
`
`
`..2.UK Patent Application l19)GB (11i2 354 102 ..3,A
`
`(43) Date OIA Publication 13.03.2001
`
`
`(21) Application No 99212218
`(51)
`INT CL7
`G07!-'7I10 . GOGF 17160
`
`(52) UK CL (Edition 5 )
`64V VAK
`
`(56) Documents Cited
`EP 0813‘l75A2 WO98I32260A1 WO97I50207A‘l
`W097I29416A2 US 5809143A
`
`(581
`
`Field ofSearch
`ux CL (Edition R) 6-W van , mnocsn
`INT CL7 one: man . eon: mo
`Onine:WFl.9ODOC.JAPlO_
`
`(74) Agent andlor Address for Service
`Wiliiults. Powell & Associates
`4 St Paul's Chttrdtyafd. LONDON. EC4M SAY.
`
`United Kingdom
`.
`
`
`(54) Abstract Trtie
`System for communicating over a public network
`
`(57) A system for communicating with a remote service
`over a pubilc network 18. such as the Internet. includes a
`client device 10 with a memory card 28 or the like. a card
`reader 26 and a public network communication device
`such as a personal computer or
`television, and a
`processor unit. such as a central gateway 12. which is
`located remotely from the client device. The memory card
`includes user details which are transmitted by the client
`device to the processor unit. and may be encrypted. The
`card reader may activate communication with the
`processor unit upon insertion of the memory card. which
`may be a smart card or magnetic card. The processor unit
`may determine which ofa plurality of services 14,163 user
`is authorised to access. The system provides for secure
`communication without
`burdening
`the user with
`
`encryption or authorisation tasks.
`
`ll
`
`Desn-A
`
`jStrviccs
`
`l|6
`
`‘g
`
`ii :1
`Desired Services
`
`R 1
`8
`
`20
`
`34
`I
`
`\
`
`G)
`m
`
`Vuifiufion Database M
`
`00
`(J1
`-b
`-3
`
`At least one drawing originally filed was informal and the prim reproduced here is taken from a later tiled fonnal copy. >
`
`Petitioner Apple Inc. — Exhibit 1006, p. 2017
`
`
`
`(22) Date of Filing 08.09.1999
`
`(71) Applicantlsi
`Barron Mdiann Limited
`(incorporated in the United Kingdom)
`Belinac House. fifth Avenue. LEl'Ci-IWOH1'H.
`Hertfordshire. SG5 ZHF, United Kingdom
`
`(723 |nV°m°'lsi
`"°"°* ““°'5°"
`Robert Andrew Edge
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2017
`
`
`
`
`
`10
`
`'
`
`Intelligent Chem
`Device
`
`24
`
`
`
`1/2
`
`2
`
`Interface / Presentation
`
`Network Protocol (TCP/[P)
`
`Client Software Component
`
`Network Protocol (TCP/[P)
`
`
`
`
`
`26
`
`Smart Card Reader
`
`Authentication &
`
`Validation
`
`Server Access
`Permissions
`
`HTTP Server for
`
`Central Gateway
`Management
`Read and Write to
`Verification Database
`
`1'2
`Central
`Gateway
`34
`
`20
`
`34
`I
`
`Private Nctwork X ‘E
`
`llllflil
`
`Verification Database
`
`
`
`lllillil
`
`Desired Services
`
`Fig 1
`
`Petitioner Apple Inc. — Exhibit 1006, p. 2018
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2018
`
`
`
`2/2
`
`Insert Card
`
`50
`
`Enter PIN At
`
`Prompt
`
`52
`
`-
`
`’
`
`Authenticate
`User for Desired
`Service
`
`Reject User /
`Offer Help Desk
`Service
`
`56
`
`54
`
`60
`
`
`
`
`Access or
`Transaction on
`
`
`Desired Service
`
`
`
`_
`
`.
`
`62
`
`58
`
`64
`
`STOP
`
`Fig 2
`
`Petitioner Apple Inc. — Exhibit 1006, p. 2019
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2019
`
`
`
`23541 02
`
`SECURITY SYSTEM
`
`The present invention relates to a security system, for use for example in accessing
`
`remote services such as on the Internet.
`
`With the advent of modern technology, a growing number of transactions are being
`
`carried out by the user across insecure networks. These can be, for example,
`
`transactions involving confidential data and money for payment or investment. With
`
`such transactions there are problems with security, fraud and so on. Various security
`
`systems have been devised, such as use of personal identification numbers. encryption of
`
`transmissions. While these systems usually work well for the particular environment for
`
`whichthey havebeendesigned, theycanbeanuisancetouseandcanbediffiailtor
`
`expensive to implement for a new service provider.
`
`Systems have also been developed for Internet use. Ihese systems concentrate on
`
`authentication of the user and then, once this has been established, provide for un-
`
`encrypted connection to the service. When particular transactions are undertaken, the
`
`service determines whether encryption is necessary, for example to secure credit card
`
`details. Other solutions require entry of credit card details for each transaction. These
`
`10
`
`15
`
`systems inevitably must provide a balance between security and user convenience as the
`
`20
`
`encryption mechanisms used cause additional work for and complication to the user.
`
`0
`
`The present invention seeks to provide an improved security system.
`
`According to an aspect of the present invention, there is provided a security system for
`communicating with a remote service over a public network including a user card or
`
`other memory device, a user located card or memory device reader, a user located public
`
`network communication device and a processor unit located remotely from the user
`
`located public network communication device, wherein the user card includes user details
`
`and the user located public network communication device is operable to transmit the
`
`30
`
`user details to the processor unit.
`
`Petitioner Apple Inc. — Exhibit 1006, p. 2020
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2020
`
`
`
`2
`
`Advantageously. the processor unit is operable to carry out encryption between it and the
`
`user and to provide to the user a transparent path to the service. Thus, the user neal not
`
`be aware of any security steps taken or any encryption system used, this being carried
`
`out by the card reader and the processor unit or central gateway.
`
`The card may be any suitable device which can store user information and, preferably,
`
`encryption data. The card, can for examplebe a smart card, a magnetic card such as a
`
`credit/debit card or store loyalty card or any other suitable device. In addition to the
`
`card. the user may be required to input a secret identification code, such as an
`
`10
`
`identification number.
`
`In the preferred embodiment, the system provides for the war to insert the card into
`
`his/‘her card reader and to initiate the connection to the processor unit or central gateway.
`
`Once the connection is made, the processor unit obtains the relevantdata from the card
`anduponverificationby the identificationcoc-le, allowstheuseraceeestotheanthorised
`
`p15
`
`service without any intermediate tasks, such as requirements to encrypt or decrypt
`
`transmitted data, to provide other user details and, where appropriate account or payment
`
`details. Thus, as with the preferred embodiment, all communications between the
`
`processor unit and the user can be encrypted, without the user necessarily being aware of
`
`or involved in this encrypfion. The communication between the user and the processor
`
`unit can therefore be totally secure yet without user inconvenience.
`
`Advantageously, communications between the service and the processor unit, which are
`
`preferably carried out via a secure link, need not be encrypted.
`
`The splitting of the encryption from the service results in being able to provide a
`
`dedicated encryption device, the processor unit, which can therefore be designed to
`
`maximise encrypted communication efficiency. Typically, encryption of all
`communications from the service unit is not practicable because the service unit is not
`
`designed for such a task and even if it were it would result in a loss of efficiency in
`
`providing the service itself.
`
`20
`
`25
`
`30
`
`Petitioner Apple Inc. — Exhibit 1006, p. 2021
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2021
`
`
`
`In the preferred embodiment, the processor unit is also able to determine which of a
`
`plurality of services the user is authorised to access andlor the level of access such as
`
`spending limit, and to control access to the service or relevant service on this basis. It
`
`can also or alternatively undertake transactions against an account identified by the card.
`
`An embodiment of the present invention is described below, by way of example only,
`with reference to the accompanying drawings, in which:
`'
`
`Figure l is a schematic diagram of an embodiment of security system coupled to a
`
`processor unit or central gateway and a service; and
`
`Figure 2 is a flow chart of an example of validation routine for use with the system of
`
`Figure 1.
`
`Referring to Figure 1, the embodiment of security system shown is designed for
`
`communications through the Internet or a similar public network.
`
`The system includes an intelligence client device 10, which may be a personal computer,
`
`television, or any other suitable device which can eomrmmicate with a remote system. A
`
`processor unit, in this example a central gateway 12 is coupled between theclient device
`
`10 and one or more service units 14.
`
`Communication between the client device 10 and the central gateway 12 is, in this
`
`embodiment, via a public network 18 such as the Internet. Commtmication between the
`
`central gateway l2 and the service units 14, 16 is, on the other hand, via a private
`
`network 20 which cannot be accessed by the public.
`
`The client device 10 is provided with an application and user interface 22; which can be
`
`the usual computer devices such as monitor. keyboard and software in the case that it is a
`
`personal computer; the screen and a suitable keyboard or keypad in the case that the
`
`10
`
`20
`
`25
`
`30
`
`Petitioner Apple Inc. — Exhibit 1006, p. 2022
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2022
`
`
`
`4
`
`device 10 is a television or any other suitable device. The device 10 could also be a
`
`portable telephone with suitable display and keypad.
`
`The device 10 also includes suitable network protocol 24 for allowing communication to
`
`the gateway 12 through the chosen network 18 or other public transmission medium.
`
`The device 10 also includes a card reader 26 designed for reading the card-type chosen
`
`forthesystemand acard28 which is specifictothatuser. Thecard28 couldbe a'smart
`
`card or magnetic card of the types well lcnown or any other portable memory device.
`
`It
`
`is envisaged that the card 28 could have other functions in addition to
`
`function for this system, for example it could also be a creditldebit card. store loyalty
`
`card and the like.
`
`The card 28 has stored thereon one or more user identifiers, one or more encryption keys
`
`andthedesiredscrviceinformation,thatisdctailsoftheservicetowhidttheuserwants
`
`access. His/her level of authorisation in the service and so on will be determined by the
`
`central gateway 12.
`
`The card reader 26 is designed, in the preferred embodiment, to be able to detect the
`
`20
`
`insertion of the card 28 thereinto and in response to such insertion to commence
`
`immediately communication with the gateway 12 via the client device 10.
`
`The central gateway 12 includes an encryption and network protocol stack 30 designed to
`
`allow communication via the chosen public network 18 and to provide encryption of all
`
`25
`
`commtmications between itself and the client device 10. It also includes an
`
`authentication and validation unit 32 for authenticating the client data from the client card
`
`28. The authentication and validation unit 32 is coupled to a verification database 34 of
`
`the gateway 12 in which is stored the identification data of all the users registered for the
`
`services 14,16. The database 34 may be provided either within the gateway 12 or in a
`
`30
`
`remote database 34‘ accesses through secure network 20.
`
`Petitioner Apple Inc. — Exhibit 1006, p. 2023
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2023
`
`
`
`5
`
`The authentication and validation unit 32 is also coupled to server access permission unit
`
`36 designed to control the type of access to the service units 14,16 in dependence upon
`
`the user’s authority.
`
`5
`
`Also provided in the gateway 12 are a typical HTTP server for management of the
`
`gateway 12 and an authentication and attachment unit 38 for communicating with the
`
`desired services 14,16 and with any remote verification database 34’.
`
`The central gateway 12 is designed specifically for encrypting all comnumications over
`
`10
`
`the public network 18 and for carrying out the authentication procedure.
`
`The operation of the this embodiment will now be described with reference to Figure 2.
`
`lnsertion50ofthet‘ard28intothecardreader26promptsthecardreo.der26to
`
`15
`
`commenceautomaticallythe connectionto thegaxeway I2. Forthispurpose. cardreader
`
`26 activates a software component in the device 10 to establish a communication link
`
`with the gateway 12 on the basis of information stored on the card 28 about the location
`
`on the Internet and access details of the gateway 12.
`
`20 When a connection with the gateway 12 is established, the gateway 12 requests the user’s
`
`personal identification code which is then inputted 52 at a suitable prompt on the user
`
`interface 2.
`
`Validation 54 of the user's details and identification code is carried out either internally
`
`25
`
`of the gateway 12, by the units 32 and 34, or externally at the verification database 34’.
`
`If the gateway 12 determines 54 that the user's identification code is invalid, the user is
`
`rejected 56 and the connection is cut 58. On the other hand. if it is determined 54 the
`
`user's identification code-is valid, the gateway 12 determines 60 the desired service 14,
`16 and level of service to be provided and connects 62 to the desired service unit 14, 16.
`
`30
`
`Petitioner Apple Inc. — Exhibit 1006, p. 2024
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2024
`
`
`
`6
`
`During the connection to the desired servim 14, 16, all data transfers between the
`
`gateway 12 and user device 10 are encrypted on the basis of the encryption keys on the
`
`user’s card 28 and within verification database 34, While all data transfers between the
`
`gateway 12 and the service units 14. 16 through the private network 20 are not encrypted
`
`for ease of access and for increased efficiency. In practice, the user will not be aware of
`
`the encryption between him/her and the gateway 12 as this will be carried out as a
`
`background task. Moreover, the user will not need to re-confirm his/her identity or
`
`financial details as these will be provided by the card 23 or gateway 12.
`
`10
`
`20
`
`The gateway 12, in some embodiments, records the activities of the client, such as
`
`transaction details, either within the gateway 12 or in a remote memory accessed via a
`
`private network.
`
`Disconnection from the services 14, 16 is, in this embodiment, effected simply by
`
`removing 64 the card 28 from the card reader 26.
`
`Thus, connection is made by a simple two step process ofinserting thecard 28 imo the
`
`reader 26 and entering the user identification code and disconnection is effected by
`
`removing the card 28 from the card reader 26. The user is not involved in any other
`
`authentication or encryption process and need not re-enter personal details.
`
`This syst can be used for any remote service. including business to consumer (in
`
`which case the card could be designed also to function as a store or credit card), business
`
`to business (for example for transactions on account) and for internal networking (where
`
`the activity of staff, for example, needs to be secured)-
`
`It will be apparent from the above that the system can provide simple but absolutely
`
`secure access to a remote service. Moreover, by identifying the user to the desired
`
`service, useriaccess can be customised. By removing the need for entry of account
`
`30
`
`details, transactions into the desired service become quicker and less risky for the user’s
`
`perspective.
`
`Petitioner Apple Inc. — Exhibit 1006, p. 2025
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2025
`
`
`
`Performance of the services can also be enhanced by carrying out the encryption tasks
`
`within the gateway rather than in the service units.
`
`In addition, the service company can establish a relationship with the user by providing
`
`the user with the card and, possibly, also with the card reader.
`
`It will be apparent that the card 28 and card reader 26 could be configured to
`
`communicate with a plurality of separate gateways 12.
`
`10
`
`Petitioner Apple Inc. — Exhibit 1006, p. 2026
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2026
`
`
`
`CLAIMS
`
`1.
`
`A security system for communicating with a remote service over a public network
`
`including a user card or oth