`
`PCT/USOO/ISSIO
`
`17
`
`cause transaction enabler 160 to display $4300 (representing an increase in the present highest
`
`bid). g
`
`The user may select ‘Bid History’ to view the previous bidders and history. The
`
`relevant data may either be displayed based on data stored locally or the data may be retrieved
`
`from web site 130 in response to a user request. As is well known in the relevant arts, auction
`
`sites such as www.cbay.com provide such bid histories.
`
`The user may specify her/his bid price in the box provided next to text ‘Your Bid’.
`
`The user may then select the ‘Submit’ text to cause transaction enabler 160 to submit the bid.
`
`As noted above, the submission may be according to any mechanism. The bid can potentially
`
`10
`
`be over a broadband interface to access a web site or to 'a server accepting over a telephone
`
`connection. Once the bid is submitted to a server at the access address, the auction item may
`
`be sold to a bidder in a known way. If the user of system 150 has the highest bid, the user may
`
`pay the bid amount and receive the auction item.
`
`Thus, an interface such as the one above, a user (or television viewers) may bid for
`
`15
`
`auction items in accordance with the present invention. The bid may be submitted according
`
`to any pre-specified protocol between transaction enabler 160 and an auction server (e.g., web
`
`site 130). The implementation of auction on web site 130 based on such received bid prices
`
`will be apparent to one skilled in the relevant arts.
`
`8. Conclusion
`
`20
`
`While various embodiments of the present invention have been described above, it
`
`should be understood that they have been presented by way of example only, and not
`
`limitation. Thus, the breadth and scope of the present invention should not be limited by any
`
`of the above-described exemplary embodiments, but should be defined only in accordance
`
`with the following claims and their equivalents.
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2001
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2001
`
`
`
`WO 01/03044
`
`PCT/USOO/18510
`
`What Is Claimed Is:
`
`18
`
`1. A method of enabling a viewer of a television system to participate in auctions, said
`
`method comprising:
`
`(a) encoding in a television signal a data describing an auction item and an access
`
`address of a server at which auction service for said auction item is provided; and
`
`(b) transmitting said television signal,
`
`wherein said data can be used to enable said viewer to bid for said auction item at said
`
`server.
`
`2. The method of claim 1, wherein said method further comprises:
`
`(c) receiving said television signal encoded with said data in a transaction enabler;
`
`(d) recovering said data encoded in said television signal;
`
`(e) displaying information describing said auction item on said television system;
`
`(i) enabling said viewer to bid at said server specified by said access address.
`
`3. The method of claim 2, further comprising:
`
`(g) enabling said viewer to specify a bid price for said auction item.
`
`4. The method of claim 3, wherein said enabling said viewer to specify said bid price
`
`comprises:
`
`(h) enabling said viewer to indicate said bid price; and
`
`(i) transmitting said bid price to said server at said access address.
`
`}_|
`
`5. The method of claim 4, wherein said access address comprises a telephOne number
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2002
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2002
`
`
`
`W0 (ll/03044 .
`
`PCT/U800“ 8510
`
`19
`
`of said server, and said method further comprises:
`
`(i) encoding a unique code identifying said auction item;
`
`(k) recovering said unique code in said transaction enabler; and
`
`(l) transmitting said unique code along with said bid price to said server,
`
`whereby said server can easily associate said bid price with said auction item using said
`
`unique code.
`
`6. The method of claim 4, wherein said access address comprises a universal resource
`
`locator (URL) of a web site, wherein said web site comprises said server, and wherein steps
`
`(h) and (i) comprise the further step of enabling said viewer to indicate said price on a web
`
`page provided by said web site.
`
`\\
`
`7. The method of claim 1, further comprising:
`
`(m) encoding a present highest bid in said television signal, wherein said present
`
`highest bid may be displayed to said viewer before said viewer decides to submit a bid.
`
`8. The method of claim 7, wherein said server comprises a web site, and said method
`
`comprising the further step of retrieving said present highest bid from said web site.
`
`9. The method of claim 1, wherein step (a) comprises the step of encoding said data
`
`in non-display portion of said television signal.
`
`10. The method of claim 1, wherein step (a) comprises the further step of encoding
`
`said data in a non-display portion of said television signal.
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2003
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2003
`
`
`
`WO 01/03044
`
`'
`
`Pcr/Usoo/lssm
`
`20
`
`11. The method of claim 10, wherein said non-display portion comprises vertical
`
`blanking interval (VBI).
`
`12. The method of claim 1, further comprising:
`
`transmitting an updated highest bid price in said television signal, wherein said updated
`
`highest bid price corresponds to a present highest bid for said auction item.
`
`13. The method of claim 12, further comprising:
`
`retrieving said updated bid price from said server,
`
`wherein said step of transmitting said updated highest bid price is performed after said
`
`step of retrieving said updated bid price from said server.
`
`14. The method of claim 13, further comprising:
`
`{\J
`
`enabling said viewer to request a bid history; and
`
`displaying all of said updated bid prices to said viewer.
`
`15. The method of claim 14, wherein said display corresponding to said bid history
`
`further comprises a description of the bidder corresponding to each of said present highest bid.
`
`16. The method of claim 1, wherein said data further comprises a time at which
`
`auction for said auction item closes.
`
`17. A method of enabling a viewer of a television system to participate in auctions,
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2004
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2004
`
`
`
`|\)
`
`U1
`
`WO 01/03044
`
`PCT/USOO/l8510
`
`said method comprising:
`
`2]
`
`(a) receiving in a transaction enabler a television signal encoded with a data, said data
`
`including a description of an auction item and an access address of a server at which auction
`
`service for said auction item is provided;
`
`(b) recovering said data encoded in said television signal;
`
`(c) displaying said description of said auction item on said television system;
`
`, (d) enabling said viewer to bid at said server specified by said access address.
`
`18. The method of claim 17, further comprising:
`
`(e) enabling said viewer to indicate said bid price; and
`
`(t) transmitting said bid price to said server at said access address.
`
`19. The method of claim 4, wherein said access address comprises a telephone number
`
`2
`
`of said server, and said method further comprises:
`
`(g) encoding a unique code identifying said auction item;
`
`(h) recovering said unique code in said transaction enabler; and
`
`(i) transmitting said unique code along with said bid price to said server,
`
`whereby said server can easily associate said bid price with said auction item using said
`
`said unique code.
`
`20. An environment enabling a viewer of a television system to participate in auctions,
`
`said environment comprising:
`
`encoding means for encoding in a television signal a data describing an auction item
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2005
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2005
`
`
`
`WO 01/03044
`
`PCT/USOO/l8510
`
`22
`
`and an access address of a server at which auction service for said auction item is" provided;
`
`U"
`
`and
`
`SCI‘VCI‘.
`
`transmission means for transmitting said television signal,
`
`wherein said data can be used to enable said viewer to bid for said auction item at said
`
`21. An environment enabling a viewer of a television system to participate in auctions,
`
`said environment comprising:
`
`receiving means for receiving a television signal encoded with a data, said data
`
`including a description of an auction item and an access address of a server at which auction
`
`service for said auction item is provided;
`
`recovery means for recovering said data encoded in said television signal;
`
`displaying means for displaying said description of said auction item on said television
`
`system;
`
`enabling means for enabling said viewer to bid at said server specified by said access
`
`10
`
`address.
`
`22. An environment enabling a viewer of a television system to participate in auctions,
`
`said environment comprising:
`
`a broadcast system to encode in a television signal a data describing an auction item
`
`and an access address of a server at which auction service for said auction item is provided,
`
`said broadcast system being designed also to transmit said television signal,
`
`wherein said data can be used to enable said viewer to bid for said auction item at said
`
`server.
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2006
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2006
`
`
`
`WO 01/03044
`
`PCTlUSOO/IBSIO
`
`23
`
`23. The environment of claim 22, wherein said broadcast system comprises:
`
`a production block to generate images to encode in a display data portion of said'
`
`television signal;
`
`an authoring block to encode said data in said television signal; and
`
`a broadcast block to transmit said television signal containing said images and said
`
`data.
`
`24. The environment of claim 23, further comprising an auction data interface to
`
`receive a present highest bid from a server, said auction data interface to provide said present
`
`highest bid to said authoring block, wherein said authoring block encodes said present highest
`
`bid in said television signal.
`
`25. The environment of claim 24, further comprising a timing determination block to
`
`determine the time at which said authoring block encodes said data including said present
`
`highest bid in said television signal.
`
`26, The environment of claim 22, further comprising:
`
`a viewer bidding system to receive said television signal, and enabling said viewer to
`
`submit a bid and participate in said auction.
`
`27. The environment of claim 26, wherein said viewer bidding system comprises:
`
`a television system;
`
`a remote control which enables said viewer to submit said bid; and
`
`Petitioner Apple Inc. .' Exhibit 1006, p. 2007
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2007
`
`
`
`WO 01/03044
`
`.
`
`PCT/USOO/18510
`
`24
`
`a transaction enabler coupled to said television system and to receive said Commands
`
`from said remote control, said transaction enabler to recover said data encoded in said
`‘i
`television signal and display information contained in said data on said television,
`
`wherein said viewer can submit said bid using said remote control.
`
`28. The environment of claim 27, wherein said transaction enabler is integrated within
`
`said television system.
`
`29. The environment of claim 27, wherein said transaction enabler is provided external
`
`to said television system, and wherein said transaction enabler overlays a window with
`
`information contained in said data on images encoded in the display data of said television
`
`signal.
`
`30. The environment of claim 27, wherein said window is displayed in a transparent
`
`mode on said images.
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2008
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2008
`
`
`
`WO 01/03044
`
`PCT/USDO/ISSIO
`
`1/5
`
`:5qu
`
`a
`
`
`
`
`
` a889$mEcEm$305
`
`a,:2$>20H
`
`52%32.5
`
`MIGHfl
`
`BoEom532m558ch
`
`an”
`
`
`
`3G
`
`EA
`
`
`
`Evamzm33%on
`
`gm£3
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2009
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2009
`
`
`
`
`
`
`
`
`
`WO 01/03044
`
`PCT/US00/18510
`
`2/5
`
`NoSwEa”
`
`3
`
`congaanwcéccofl8%250cm Ewom
`3d855:05328nE$062.388ENcanEu:
`. 9:893
`86328a052m Eu:
`cocoa“088@8288806#3802 :3me
`an3225mmooom8:8Eu:c282806no.“ED,85263
`
`8632883&6563280606583on
`
`57.3282:03802
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2010
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2010
`
`
`
`mmw
`
`mmaP
`
`m
`
`cougar—BowmEEF
`
`
`amBates98885a:85@552
`
`anxoofim_3Mx85:ososwem
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2011
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2011
`
`
`
`WO 01/03044
`
`PCT/U800/18510
`
`4/5
`
`$330ME
`
`aw
`
`usage—oh
`
`acog—BE
`
`wfincmohm
`
`oofluflfi
`
`lgooom
`
`533on
`
`damVic—m
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2012
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2012
`
`
`
`WO 01/03044
`
`PCT/USOO/l 851 0
`
`5/5
`
`>88;SE2u<memo—Dcowo=<
`
`E34Eng:Uinsow
`
`mogswfi
`
`.5632»?
`
`
`
`
`
`8mSi0:5:Son985002
`
`83%65$0waBani
`
`aémfisam
`
`3:59
`
`cow
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2013
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2013
`
`
`
`INTERNATIONAL SEARCH REPORT
`
`lntzmtm'onal application No.
`PCT/USOO/IBS 10
`
`
`
`CLASSIFICATION OF SUBJECT MATTER
`A.
`IPC(7)
`:GO6F [7/60
`US CL : 705/26, 27, 37
`According to International Patent Classification (IPC) or to both national classification and [PC
`B.
`FIELDS SEARCHED
`
`
`
`Minimum documentation searched (classification system followed by classification symbols)
`U.S.
`:
`705/26, 27, 37
`
`Documentation searched other than minimum documentation to the extent that such documents are included in the fields searched
`Please See Extra Sheet.
`
`Electronic data base consulted during the international search (name of data base and, where practicable, search terms used)
`EAST. CORPORATE RESOURCE NET
`
`C.
`
`DOCUMENTS CONSIDERED TO BE RELEVANT
`
`8 W
`Cate o
`
`‘
`
`Citation of document, with indication, where appropriate, of the relevant passages
`
`Relevant to claim No.
`
`
`
`
`
`Auction Goes Upscale. Capital Distn'ct Business Review. April 17,
`1995. Vol. 22. Issue 1. page 43.
`
`Strategic Partnership Between ExtraLot.com and The Auction 1-30
`Channel. Business Wire. August 11, 2000.
`
`Auctioneer Onsale to Broadcast Live Commercials on ZDTV.
`
`Electronic Advertising and Marketplace Report. October 6, 1998.
`Vol 12. Issue 18. page 4.
`
`Philadelphia Business Journal. Auction Television Does $1 Million
`Stock Placement. January 29, 1999. Vol. 17. Issue 51. page 36.
`
`Further documents are listed in the continuation of Box C. D See patent family annex.
`Special categories of cited documents:
`later dowment published utter the international filing date or prim-Ry
`_
`.
`.
`‘
`date and not in conflict with the appliuuon but cited in undmtand
`doutntent defining the general itate of the mwhteh Is not considered
`an W‘iplt or than, “any“ the hum .
`to be of particular relevance
`,
`.
`.
`.
`.
`document of particuhr relevance: the claimed invention‘ cannot be
`earlier document "’th on 0' after the International filing dug
`considered novel or cann_at be eomiducd to involve an inventive step
`doqment which may throw doubts on priority claimu) or which is
`"hm the document '3 “1"“ 51°"
`cited to establish the publication date of another citation or other
`special reason (as specified)
`doannent of particular relevance; the claimed invention cannot be
`considered to involve an inventive step when the document
`in
`document referring to an oral diseloatn-e. use. cxluh'ttion or other
`combined with one or more other such documents. and: combination
`beingobvioualoapusonskilledinthcan
`mean:
`
`document published prior tn the international filing date but later than
`the priority date claimed
`
`dmgnx mat-the] or the tune patent family
`
`Date of mailing of the international search report
`Date of the actual completion of the international Search
`
`18 SEP 2008
` 22 AUGUST 2000
`
`Name and mailing address of the ISA/US
`
`Commisioner of Patents and Trademarks
`
`Box PCT
`
`
`Washington DC. 20231
`
`
`Facsimile No.
`(703) 305-3230
`
`Form PCT/lSA/210 (second sheet) (July l998)1r
`
`Telephone No.
`
`(703) 35 1 ..
`
`,
`
`/’/ /
`
`Authorized oflicer
`
`JAMES TRAMME
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2014
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2014
`
`
`
`INTERNATIONAL SEARCH REPORT
`
`Citation of document, with indication. where appropriate. of the relevant passages
`
`Relevant to claim No.
`
`
`
`
`International application No.
`
`
`PCT/U800/ 185 10
`
`
`
`C(Continuation). DOCUMENTS CONSIDERED TO BE RELEVANT
`
`
`
`US 5,905,975 A (AUSUBEL) 18 May 1999, col 3, lines 1-30.
` MARQUEZ, RACHELLE. New Dimension For Auction. 15
`
`1-30
`
`1-30
`
`September 1997. Vol. 15. Issue 20. page 38.
`
`Form PCT/lSA/ZlO (continuation of second sheet) (July l998)t
`
`Petitioner Apple Inc. - Exhibit 1006, p.- 2015
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2015
`
`
`
`INTERNATIONAL SEARCH REPORT
`
`Intcman'onal application No.
`PCT/USOO/IBS H)
`
`B. FIELDS SEARCHED
`Documentation other than minimum documentation that are included in the fields searched:
`
`NEWTON‘S TELECOM DICTIONARY
`
`McGRAW-HILL ENCYCLOPEDIA OF ELECTRONICS AND COMPUTERS
`
`Form PCT/ISA/ZIO (extra sheet) (July [998)t
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2016
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2016
`
`
`
`
`
`MUK Patent Application “9,613 1.1.2 354102 MA
`
`(43) Date ofA Publication “93.2001
`
`
`121) Application No 95212273
`(51)
`INT CL7
`GO7F7I10 . GOGF 17160
`
`(52) UK CL (Edition S )
`64V VAK
`
`(56) Documents Cited
`EP 0813175” WON/32260" W097I50207A‘l
`W097I29416A2 US 5809143A
`
`(581
`
`Field ofSearch
`UK CL (Edition Fl) Gav VAX , meocse
`INT cu soar men . GOTF mo
`ensuezwuerooocmo
`
`
`
`(22) Date of Filing 08.09.1999
`
`
`(71) Applicant“)
`Barron McCann Limited
`
`(incorporated in the United Kingdom)
`
`BeMec House. fifth Avenue. LETCHWORTH.
`
`Wire. SGG ZHF, Unhed Kingdom
`
`
`
`
`Inventorlsl
`Pete! Alderson
`Robert Andrew Edge
`
`(72)
`
`(74) Agent and/or Address for Service
`
`Wilfiuns. Powell & Associates
`4 St Paul's Olmdtyafd. LONDON. m SAY.
`
`United Kingdom
`.
`
`
`(54) Abstract Trtie
`System for comnunlcating over a public network
`
`(57) A system for communicating with a remote service
`over a public network 18, such as the lnternet. includes a
`client device 10 with a memory are 28 or the like. a card
`reader 26 and a public network communication device
`such as a personal computer or
`television, and a
`processor unit. such as a central gateway 12. which is
`located remotely from the client device. The memory card
`includes user details which are transmitted by the client
`device to the processor unit. and may be encrypted. The
`card reader may activate communication with the
`processor unit upon insertion of the memory card. which
`may be a smart card or magnetic card. The processor unit
`may determine which ofa plurality of services 14,163 user
`is authorised to access. The system provides for secure
`communication without
`burdenlng
`the user with
`
`encryption or authorisation tasks.
`
`u
`
`n1
`Sonia:
`
`1"
`l3,
`
`Riv-h Net-ad:
`
`20
`
`34
`I
`
`fl
`
`G)
`w
`
`Vuifiufiolm M
`
`ii ii
`Desired Services
`
`R l
`3
`
`(A)
`m
`In
`_A
`
`At least one drawing originally filed was informal and the prim reproduced here is taken from a later filed formal copy. >
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2017
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2017
`
`
`
`10
`I
`
`Intelligent Client
`Device
`
`
`
`
`1/2
`
`2 A
`
`pplication & User
`Interface / Presentation
`
`Network Protocol (TCP/[P)
`
`
`
`24
`
`
`
`
`Smart Card Reader
`
`26
`
`Client Software Component
`
`
`
`Network Protocol (TCP/IP)
`
`
`
`Authentication &
`
`Validation
`
`Server Access
`Permissions
`
`Central Gateway
`Management
`Read and Write to
`Verification Database
`
`1'2
`Central
`Gateway
`34
`
`20
`
`34
`l
`
`Pr'
`
`lva c
`
`HTTP Server for
`
`
`t thw k
`
`
`or \'
`
`lllllll
`
`Verification Database
`
`llllllil
`
`Desired Services
`
`Fig 1
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2018
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2018
`
`
`
`2/2
`
`Insert Card
`
`50
`
`Enter PIN At
`
`Prompt
`
`-
`
`52
`
`Reject User /
`
`Invalid
`
`
`
`Valid
`
`Authenticate
`
`Offer Help Desk Validate
`
`
`Service
`
`PIN
`
`
`User for Desired
`Service
`
`56
`
`54
`
`60
`
`_
`
`_
`
`
`STOP- Amer
`
`62 —— Transaction on
`
`
`Desired Service
`
`
`
`58
`
`64
`
`STOP
`
`Fig 2
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2019
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2019
`
`
`
`23541 02
`
`SECURITY SYSTEM
`
`The present invention relates to a security system, for use for example in accessing
`
`remote services such as on the Internet.
`
`With the advent of modern technology, a growing number of transactions are being
`
`carried out by the user across insecure networks. These can be, for example,
`
`transactions involving confidential data and money for payment or investment With
`
`such transactions there are problems with security, fraud and so on. Various security
`
`systems have been devised, such as use of personal identification numers. encryption of
`
`transmissions. While these systems usually work well for the particular environment for
`
`whichthey havebeendesigned, theycanbeanuisancetouseandcanbediffimltor
`
`expensive to implement for a new service provider.
`
`Systems have also been developed for Internet use.
`
`'lhese systems concentrate on
`
`authentication of the user and then, once this has lawn established, provide for un-
`
`encrypted connection to the service. When particular transactions are mdertaken, the
`
`service determines whether encryption is necessmy, for example to secure credit card
`
`details. Other solutions require entry of credit card details for each transaction. These
`
`10
`
`15
`
`systems inevitably must provide a balance between security and user convenience as the
`
`20
`
`encryption mechanisms used cause additional work for and complication to the user.
`
`i
`
`The present invention seeks to provide an improved secm’ity system.
`
`According to an aspect of the present invention, there is provided a security system for
`communicating with a remote service over a public network including a user card or
`
`other memory device, a user located card or memory device reader, a user located public
`
`network communication device and a processor unit [outed remotely from the user
`
`located public network communication device, wherein the user ard includes user details
`
`and the user located public network communication device is operable to transmit the
`
`30
`
`user details to the processor unit
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2020
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2020
`
`
`
`2
`
`Advantageously. the processor unit is operable to carry out encryption between it and the
`
`user and to provide to the user a transparent path to the service. Thus, the user need not
`
`be aware of any security steps taken or any encryption system used, this being carried
`
`out by the card reader and the processor unit or central gateway.
`
`The card may be any suitable device which can store user information and, preferably,
`
`encryption data. The card, can for examplebe a smart and, a magnetic card such as a
`
`credit/debit card or store loyalty card or any other Stumble device. In addition to the
`
`card. the user may be required to input a secret identification code, such as an
`
`10
`
`identification number.
`
`in the preferred embodiment, the system provides for the user to insert the card into
`
`his/her card reader and to initiate the connection to the processor unit or central gateway.
`
`Once the connection is made, the processor unit obtains the reievant’data from me card
`anduponverificationby the identificationcode. allowstheuseraccesstotheanthorised
`
`'15
`
`service without any intermediate tasks, such as requirements to encrypt or decrypt
`
`transmitted data, to provide other user details am, where appropriate account or payment
`
`details. Thus, as with the preferred embodiment, all communications between the
`
`processor unit and the user can be encrypted, without the user necessarily being aware of
`
`or involved in this encryph'on. The communication between the user and the processor
`
`unit can therefore be totally secure yet without user inconvenience.
`
`Advantageously, communications between the service and the processor unit, which are
`
`preferably carried out via a secure link, need not be encrypted.
`
`The splitting of the encryption from the service results in being able to provide a
`
`dedicated encryption device, the processor unit, which can therefore be designed to
`
`maximise encrypted communication efficiency. Typically, encryption of all
`communications from the service unit is not practicable because the service unit is not
`
`designed for such a task and even if it were it would result in a loss of efficiency in
`
`providing the service itself.
`
`20
`
`25
`
`30
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2021
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2021
`
`
`
`In the preferred embodiment, the processor unit is also able to determine which of a
`
`plurality of services the user is authorised to access andlor the level of access such as
`
`spending limit, and to control access to the service or relevant service on this basis. It
`
`can also or alternatively undertake transactions against an account identified by the card.
`
`An embodiment ofthe present invention is described below, by way ofexample only,
`
`with reference to the accompanying drawings, in which:
`
`Figure 1 is a schematic diagram of an embodiment of security system coupled to a
`
`processor unit or eennal gateway and a service; and
`
`Figure 2 is a flow chart of an example of validation routine for use with the system of
`
`Figure 1.
`
`Referring to Figure l, the embodiment of secmity system shown is designed for
`
`communications through the Internet or a similar public network.
`
`The system includes an intelligence client device 10, which may be a personal computer,
`
`television, or any other suitable device which can communicate with a remote system. A
`
`processor unit, in this example a central gateway 12 is coupled between theclient device
`
`10 and one or more service units 14.
`
`Communication between the client device 10 and the central gateway 12 is, in this
`
`embodiment, via a public network 18 such as the Internet. Commtmimtion between the
`
`central gateway 12 and the service units 14, 16 is, on the other hand, via a private
`
`network 20 which cannot be accessed by the public.
`
`The client device 10 is provided with an application and user interface 22; which can be
`
`the usual computer devices such as monitor. keyboard and software in the case that it is a
`
`personal computer; the screen and a suitable keyboard or keypad in the case that the
`
`10
`
`15
`
`20
`
`25
`
`30
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2022
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2022
`
`
`
`4
`
`device 10 is a television or any other suitable device. The device 10 could also be a
`
`portable telephone with suitable display and keypad.
`
`The device 10 also includes suitable network protocol 24 for allowing communication to
`
`the gateway 12 through the chosen network 18 or other public transmission medium.
`
`The device 10 also includes a card reader 26 designed for reading the card-type chosen
`
`forthesystemand acard28 which is specifictothatuser. Thecard28 couldbe a'smart
`
`card or magnetic card of the types well known or any other portable memory device.
`
`It
`
`is envisaged that the card 28 could have other functions in addition to thesecurity
`
`function for this system, for example it could also be a credit/debit card. store loyalty
`
`card and the like.
`
`The card 28 has stored thereon one or more user identifiers, one or more encryption keys
`
`andthedesiredserviceinformation,thatisdetailsoftheservicetowhidtflieuserwants
`
`access. His/her level of authorisation in the service and so on will be determined by the
`
`central gateway 12.
`
`The card reader 26 is designed, in the preferred embodMent, to be able to detect the
`
`insertion of the card 28 thereinto and in response to such insertion to commence
`
`immediately communication with the gateway 12 via the client device 10.
`
`10
`
`15
`
`20
`
`The central gateway 12 includes an encryption and network protocol stack 30 designed to
`
`allow communication via the chosen public network 18 and to provide encryption of all
`
`25
`
`communications between itself and the client device 10. It also includes an
`
`authentication and validation unit 32 for authenticating the client data from the client card
`
`28. The authentication and validation unit 32 is coupled to a verification database 34 of
`
`the gateway 12 in which is stored the identification data of all the users registered for the
`
`services 14,16. The database 34 may be provided either within the gateway 12 or in a
`
`30
`
`remote database 34‘ accesses through secure network 20.
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2023
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2023
`
`
`
`5
`
`The authentication and validation unit 32 is also coupled to server amass permission unit
`
`36 designed to control the type of access to the service units 14,16 in dependence upon
`
`the user’s authority.
`
`5
`
`Also provided in the gateway 12 are a typical HTTP server for management of the
`
`gateway 12 and an authentication and attachment unit 38 for communicating with the
`
`desired services 14,16 and with any remote verification database 34’.
`
`The central gateway 12 is designed specifically for encrypting all communications over
`
`10
`
`the public network 18 and for carrying out the authentication prowdure.
`
`The operation of the this embodiment will now be described with reference to Figure 2.
`
`lnsertionSOofthemrd28intothecardroader26promptsthecnrdreader26to
`
`ts
`
`commenceamomaticallythe connectionto megaxcway 12. Forthispmpose, cardmder
`
`26 activates a software comment in me device 10 to establish a comnnmication link
`
`with the gateway 12 on the basis of information stored on the card 28 about the location
`
`on the Internet and access details of the gateway 12.
`
`20 When a connection with the gateway 12 is established, the gateway 12 requests the user’s
`
`personal identification code which is then inputted 52 at a suitable prompt on the user
`
`interface 22.
`
`Validation 54 of the user’s details and identification code is carried out either internally
`
`25
`
`of the gateway 12, by the units 32 and 34, or externally at the verification database 34’.
`
`If the gateway 12 determines 54 that the user’s identification code is invalid, the user is
`
`rejected 56 and the connection is cut 58. On the other hand. if it is determined 54 the
`
`user's identification code-is valid, the gateway 12 determines 60 the desired service 14,
`16 and level of service to be provided and connects 62 to the desired service unit 14, 16.
`
`30
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2024
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2024
`
`
`
`6
`
`During the connection to the desired service 14, 16, all data transfers between the
`
`gateway 12 and user device 10 are encrypted on the basis of the encryption keys on the
`
`user’s card 28 and within verification database 34, While all data transfers between the
`
`gateway 12 and the service units l4. 16 through the private network 20 are not encrypted
`
`for ease of access and for increased efficiency. In practice, the user will not be aware of
`
`the encryption between him/her and the gateway 12 as this will be carried out as a
`
`background task. Moreover, the user will not need to reconfirm his/her identity or
`
`financial details as these will be provided by the card 28 or gateway 12.
`
`10
`
`15
`
`20
`
`The gateway 12, in some embodiments, records the activities of the client, such as
`
`transaction details, either within the gateway 12 or in a remote memory accessed via a
`
`private network.
`
`Disconnection from the services 14, 16 is, in this embodiment, effected simply by
`
`removing 64 the card 28 from the and reader 26.
`
`Thus, connection is made by a simple two step process ofinserting tiremrd 28 into the
`
`reader 26 and entering the user identification code and disconnection is effected by
`
`removing the card 28 from the card rmder 26. The user is not involved in any other
`
`authentication or encryption process and need not re-enter personal demils.
`
`This system can be used for any remote service. including business to consumer (in
`
`which case the card could be designed also to function as a store or credit card), business
`
`to business (for example for transactions on account) and for internal networking (where
`
`the activity of staff, for example, needs to be secured).
`
`It will be apparent from the above that the system can provide simple but absolutely
`
`secure access to a remote service. Moreover, by identifying the user to the desired
`
`service, useracoess can be customised. By removing the need for entry of account
`
`30
`
`details, transactions into the desired service become quicker and less risky for the user’s
`
`perspective.
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2025
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2025
`
`
`
`Performance of the services can also be enhanced by carrying out the encryption tasks
`
`within the gateway rather than in the service units.
`
`In addition, the service company can establish a relationship with the user by providing
`
`the user with the card and, possibly, also with the ward reader.
`
`It will be apparent that the ward 28 and and reader 26 could be configured to
`
`communicate with a plurality of separate gateways 12.
`
`10
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2026
`
`Petitioner Apple Inc. - Exhibit 1006, p. 2026
`
`
`
`CLAIMS
`
`1.
`
`A security system for commu