`Docket #20661/457
`ERR_MIAC_NOT_LOCKED (88H)
`
`5
`
`If the module has not been locked there is no audit
`
`trail. If one of the audit trail commands is executed
`
`this error code will be returned.
`
`ERR_GROUP_LOCKED (89H)
`
`Once a transaction group has been locked object
`
`creation within that group is not possible. Also the
`
`objects attributes and types are frozen. Any attempt to
`
`create objects or modify their attribute or type bytes
`
`10
`
`will generate an ERR_GROUP_LOCKED error code.
`
`ERR_BAD_OBJECT_TYPE (BAH)
`
`When the host sends a create object command to the
`
`module, one of the parameters it supplies is an object
`/type (see command section). If the object type is not
`it will return an
`recognized by the firmware
`
`15
`
`ERR_BAD_OBJECT_TYPE error code.
`
`·= ,0 -..J ... "�
`,.. p!
`i1 - · ... . , � ... .;.1
`�
`� c �
`
`IPDAL: 71997. 1 I 20661-4S7
`
`113
`
`Page 151 of 544
`
`UNITED SERVICES AUTOMOBILE ASSOCIATION
`Exhibit 1008
`
`
`
`Patent Application
`Docket #20661/457
`
`ERR_BAD_OBJECT_ATTR (8BH)
`
`When the host sends a create object command to the
`
`module, one of the parameters it supplies is an object
`
`attribute byte (see command section) . If the object
`
`5
`
`attribute byte is not recognized by the firmware it will
`
`error code.
`return an ERR_BAD_OBJECT_ATTR
`
`ERR_BAO_SIZE (8CH)
`
`An ERR_BAD_SIZE error code is normally generated
`
`10
`
`when creating or writing an object. It will only occur
`
`when the object data supplied by the host has an invalid
`
`length.
`
`ERR_BAD_GROUP_ID (SOH)
`
`All commands that operate at the transaction group
`/level require the group ID to be supplied in the command
`packet . If the group ID specified does not exist in the
`
`15
`
`module it will generate an ERR_BAD_GROUP_ID error code.
`
`114
`
`Page 152 of 544
`
`
`
`Patent Application
`Docket #20661/457
`
`ERR_BAD_OBJECT_ID (SEH)
`
`All commands that operate at the object level
`
`require the object ID to be supplied in the command
`
`packet. If the object ID specified does not exist within
`
`5
`
`the specific transaction group (also specified in the
`
`command packet) the module will generate an
`
`ERR_BAD_OBJECT_ID error code.
`
`ERR INSUFFICIENT FUNDS (8FH)
`
`If a script object that executes financial
`
`10
`
`transactions is invoked and the value of the money
`
`register is less than the withdrawal amount requested an
`
`ERR_INSUFFICIENT_FUNDS error code will be returned.
`
`ERR OBJECT_LOCKED (90H)
`
`I
`
`Locked objects are read only. If a write object
`
`15
`
`command is attempted and it specifies the object ID of a
`
`locked object the module will return an ERR_OBJECT_LOCKED
`
`error code.
`
`
`
`JPOAl..:7\997. t/2066l·4S7
`
`115
`
`Page 153 of 544
`
`
`
`ERR OBJECT PRIVATE (91H)
`
`Patent Application
`Docket #20661/457
`
`Private objects are not directly readable or
`
`writable. If a read object command
`
`or a write object
`
`command is attempted, and it specifies the object ID of
`
`5
`
`a private object, the module will return an
`
`ERR_OBJECT PRIVATE error code.
`
`ERR OBJECT DESTRUCTED (92H)
`
`If an object is destructible and the transaction
`
`
`
`group's destructor is active the object may not be used
`
`10
`
`by a script. If a script is invoked which uses an object
`
`which has been destructed, an ERR OBJECT DESTRUCTED error
`
`code will be returned by the module.
`
`I
`
`The exemplary embodiment of the present invention is
`
`preferably placed within a durable stainless steel,
`
`15
`
`token-like can. It is understood that an exemplary
`
`module can be placed in virtually any articulatable item.
`
`
`
`IPDAL: 11997. l I 20661-4 57
`
`116
`
`Page 154 of 544
`
`
`
`Patent Application
`Docket #20661/457
`
`Examples of articulatable items include credit cards,
`
`rings, watches, wallets, purses, necklaces, jewelry, ID
`
`badges, pens, clipboards, etc.
`
`The module preferably is a single chip "trusted
`
`5
`
`computer". By the word "trusted" it is meant that the
`
`computer is extremely secure from tampering by
`
`unwarranted means. The module incorporates a numeric
`
`coprocessor optimized for math intensive encryption. The
`
`BIOS is preferably immune to alteration and specifically
`
`10
`
`designed for very secure transactions.
`
`Each module can have a random "seed" generator with
`
`the ability to create a private/public key set. The
`
`private key never leaves the module and is only known by
`
`the module. Furthermore, discovery of the private key is
`
`15
`
`prevented by active self-destruction upon wrongful entry
`
`into the module. The module can be bound to the user by
`fa personal identification number (PIN) .
`
`When transactions are performed by the module
`
`certificates of authentication are created by either or
`
`IPCAL:71997 .1/ 20661-H7
`
`117
`
`Page 155 of 544
`
`
`
`Patent Application
`Docket #20661/457
`both the module and a system the module communicates
`
`with. The certificate can contain a variety of
`
`information. In particular, the certificate may contain:
`
`1} who is the module user via a unique
`registration number.
`
`5
`
`2} when the transaction took place via a true-time
`stamping of the transaction.
`
`3} where the transaction took place via a
`
`registered module interface site
`
`10
`
`identification.
`
`4} security information via uniquely serialized
`
`transactions and digital signitures on message
`
`digests.
`
`/
`
`5) module status indicated as valid,
`lost, or
`expired.
`
`15
`
`I POAL: 11997.1/ 2066l-45?
`
`118
`
`Page 156 of 544
`
`
`
`Patent Application
`Docket #20661/457
`
`Although a preferred embodiment of the method and
`
`apparatus of the present invention has been illustrated
`
`in the accompanying Drawings and described in the
`
`foregoing Detailed Description, it will be understood
`
`5
`
`that the invention is not limited to the embodiment
`
`disclosed, but is capable of numerous rearrangements,
`
`
`
`modifications and substitutions without departing from
`
`the spirit of the invention as set forth and defined by
`
`the following claims.
`
`I
`
`I PDIU.: 11997. 1 I 20661-457
`
`119
`
`\
`
`Page 157 of 544
`
`
`
`Patent Application
`�AT IS CLAIMED IS:
`~ vfl. An electronic module used for s cure transactions
`
`Docket #20661/457
`
`comprising:
`
`input/output circuitry
`
`processing circuit;
`
`math coprocessor circuitry
`
`said input/output circuitry;
`
`microprocessor circuitry
`
`connected to
`
`said input/output circuitry;
`ly connected to said
`
`memory circuitry ele
`
`microprocessor circuitry,
`
`programmable to
`
`between said electronic
`
`encrypted data transfers
`
`and said data processing
`
`circuit.
`
`/
`
`2
`3
`4
`
`5
`
`6
`
`7
`
`8
`
`9
`
`10
`
`11
`
`12
`
`13
`
`1
`
`2
`
`1
`
`2
`
`3
`
`1, wherein said data
`
`2. The electronic m ule of claim
`processing circuit i another electronic module.
`module of claim 1, further comprising
`
`3.
`
`a one-wire
`
`circuitry.
`
`connected to said input/output
`
`IPDAL. 7199'1. 1 I ?0661-457
`
`( I '
`i
`
`120
`
`/
`/ !
`
`/ /
`i '
`..... __ .,.
`
`Page 158 of 544
`
`
`
`Patent Application
`Docket #20661/457
`1, wherein said
`store a private
`
`4 . The electronic module of
`memory circuitry is adapted
`encryption/decryption key for use during the encrypted
`data transfers between said
`
`data process ing circuit ..
`
`5. The electronic module of
`
`encrypted transactions are tim
`
`1, wherein said
`
`A system for
`
`secure transactions,
`
`comprising:
`
`a first module
`
`eire
`input/output
`random number
`random number; and
`
`means for creating a
`
`random number creating s to create said random number
`dom number to said input\output
`and for providing
`
`1
`
`2
`
`3
`
`4
`
`5
`
`1
`2
`
`1
`
`2
`3
`
`4
`5
`
`6
`
`8
`
`9
`
`10 circuitry; and
`a service
`11
`12
`
`equipment comprising:
`
`ding said random number from said
`
`input/output circuit
`
`13
`
`of said first module;
`
`IPCW..•71997. J I 20661-457
`
`121
`
`Page 159 of 544
`
`
`
`Patent Application
`Docket #20661/457
`
`14
`15 first data and for
`
`
`
`means for combining said
`
`17
`19
`
`input/output
`produce
`18 cir ity of said first module is adapted to receive said
`f rst certificate.
`
`equipment comprises a second module.
`
`){.� The system of claim� wherein said service provider
`1.
`The system of claim%, wherein said first module
`further comprises an identifier for identifying said
`
`first module, and wherein said first transaction group
`provides said identifier to said input/output circuitry.
`
`1
`
`2
`
`1
`
`2
`
`3
`
`4
`
`1
`
`2
`
`3
`
`1
`
`2
`
`reading is further for reading said identifier from said
`
`
`input/output circuitry of said first module.
`
`said means for
`
`The system of claim Y wherein
`1
`The system of claim f', wherein said first module
`
`further comprises a second transaction group.
`
`fPOAL: 71997. l /20�61-457
`
`
`
`122
`
`Page 160 of 544
`
`
`
`1
`3
`
`2
`
`3
`
`2
`4
`5
`
`6
`
`7
`8
`
`'2
`The system of claim j(, wherein said module further
`
`Patent Application
`Docket #20661/457
`
`comprises a means for time stamping a complete
`
`transaction.
`
`A method of
`
`between a module and a
`
`comprising the steps of:
`
`.
`
`information
`
`equipment,
`
`a) creating a first
`
`in said module;
`
`b) passing said
`
`to said service
`
`provider equipment;
`
`c) encrypting
`
`random number with a
`
`private
`
`producing a certificate;
`
`9
`10
`11
`12 said module;
`
`d) passing at
`
`e) decrypting said c rtificate with a public key in
`
`id certificate to said module;
`
`14
`15
`
`found in the decrypte first certificate of step e) to
`
`determine if the two
`
`IPO.\L: 71997. 1
`I 20661-157 I I ' ..
`
`123
`
`/
`
`Page 161 of 544
`
`
`
`Patent Application
`Docket #20661/457
`13.. The method of claim
`wherein step b) further
`comprises
`a module identifier to said
`
`1
`
`2
`
`2
`
`provider equipment is
`
`12, wherein said service
`module.
`
`3
`1
`14. The method of
`1 tl � The method of
`,�
`claim � wherein
`said method
`incorporates a single wire bus.
`t1
`I�·
`Y The method of claim ;I: .
`
`2
`
`
`
`1
`
`2
`
`wherein said single wire bus
`is substantially a one-wire bus.
`
`
`
`3
`
`5
`
`2
`4
`6
`8
`
`7
`
`9
`
`A method of communicating encrypted
`between a module and a service
`comprising the steps of :
`a) creating a
`provider equipment;
`b)
`
`in said service
`
`c) e rypting at least said random number with a
`privat key in said module thereby producing a first
`cer ficate;
`
`IPOAL · 71997.1/20661-457
`
`124
`
`. . ' . '
`
`' !
`;- ..
`I I
`
`Page 162 of 544
`
`
`
`10
`11
`
`12
`
`13
`
`14
`
`Patent Application
`
`Docket #20661/457
`
`d) passing
`
`certificate to said
`
`service provider equipment;
`
`e) decrypting said fir
`
`with a public
`
`key in said service provi
`
`with a number
`
`certificate of step f) to
`
`15 found in the decrypted
`16 determine if the two num
`
`1
`
`2
`
`1 8 . The method of
`
`provider equipment is
`
`17, wherein said service
`
`'],..�
`
`2
`
`ingle wire bus.
`incorporates a s
`
`1 'f'. The method of claim � wherein said method
`VJ
`/}.-'};
`1 � The method of claim� wherein said single wire bus
`�()
`2
`/
`& A method of decrypting encrypted data using a
`1
`2
`3
`
`is substantially a one-wire bus.
`
`module, comprising the steps of:
`
`receiving a first encrypte d data and a second
`
`4
`
`encrypted data;
`
`!FOAL 11997.1/20661-1,57
`
`/
`
`125
`
`Page 163 of 544
`
`
`
`Patent Application
`Docket #20661/457
`
`decrypting said first encrypted data with a private
`
`key stored in said module, whereby a first decryption key
`
`is created;
`
`
`
`providing said first decryption key to an electronic
`
`system;
`
`decrypting said second encrypted data with said
`
`first decryption key via said electronic system, whereby
`
`a useful information is created.
`
`The method of claim � wherein said encrypted data
`
`is an electronic mail message.
`
`15
`
`5
`
`6
`
`7
`
`8
`
`9
`
`10
`
`11
`
`12
`
`1
`
`2
`
`IPDAL: ?199?. 1/ 20661-4!>"1
`
`I I ' ' ' '
`I I I
`
`126
`
`I
`j
`
`/ , I
`/ /"
`
`.. ,
`
`Page 164 of 544
`
`
`
`PATENT APPLICATION
`DOCKET NO.: 20661/457
`RULES 63 AND 67 (37 C.F.R. 1.63 and 1.67)
`
`DECLARATION AND POWER OF ATTORNEY
`
`
`FOR UTILITY /DESIGN/CIP/PCf NATIONAL APPLICATIONS
`M. CURRY, DONALD W. LOO MIS, and
`As a named inventor, STEPHEN
`CHRISTOPHER
`W. FOX, I hereby declare that:
`My residence, post office address and citizenship are as stated below next to my name; and
`I believe that I am the original,
`
`first and sole inventor (if only one name is listed above)
`
`or an original, first and joint inventor (if plural names are listed above) of the subject matter
`
`
`entitled: ME1HOD, which is claimed and for which a patent is sought on the invention
`APPARATUS, SYSTEM AND FIRMWARE
`FOR SECURE TRANSACTIONS, the
`specification of which: (mat'k-only one)
`--
`was flled on January 31, 1996 as Application
`(a)
`is attached hereto.
`_x_ (b)
`Serial No. 08/594,983
`
`on __
`
`was filed as PCT International Application No. PCT/ __
`and
`--(c)
`-
`was filed on
`as Application
`(if applicable).
`was amended on __
`on -----
`(d)
`Serial No.
`'"""
`issued as Patent No.
`the claims as amen ded by any amendment referred
`.0 speci�cation, including
`above.
`.:.1
`�
`
`
`
`
`I hereby state that I have reviewed and understand the contents of the above identified
`
`to above or as allowed
`
`as indicated
`
`and
`
`I acknowledge the duty to disclose all information known to me to be material to the
`
`
`
`
`patentability of this application as defined in 37 CFR § 1.56. If this is a continuation-in-part
`
`
`
`
`is not (CIP) application, insofar as the subject matter of each of the claims of this application
`
`disclosed in the prior United States application in the manner provided by the first paragraph of
`
`35 U.S.C. § 112, I acknowledge the duty to disclose to the Office all information known to me
`
`as defined in 37 CFR § 1.56 which became
`to be material to patentability of the application
`between the filing date of the prior application
`
`available
`filing date of this CIP application.
`
`
`
`and the national or PCT international
`
`
`
`
`
`I hereby claim foreign priority benefits under 35 U.S.C. § 119/365 of any foreign
`below any
`listed below and have also identified
`
`
`foreign application for patent or inventor's certificate filed by me or my assignee disclosing the
`
`on and having a filing date (1) before that of the application
`
`application(s) for patent or inventor's certificate
`subject matter claimed in this applicati
`
`IPDAI.:71728.1 206&1-00457
`
`Page 165 of 544
`
`
`
`·.
`
`PATENT APPLICATION
`
`DOCKET NO.: 20661/457
`
`on which my priority
`
`application:
`
`
`
`is claimed, before the filing date of this
`
`is claimed or, (2) if no priority
`PRIOR FORBJQN PAIENTS
`
`Ekd
`MontbfDayNear
`
`Dnto firstlajd- �
`patented or Priority C!ajmec!
`�
`�
`.Qmo1N
`
`.:w
`
`&
`
`
`
`I hereby claim the benefit under 35 U.S.C. § 120/365 of any United States application(s)
`
`
`listed below and PCT international applications listed above or below:
`
`PRIOR 11 S OR PCT APPUCAIIONS
`Awlication No. (Jeriea OO<!olaorio! no.) MonthiDAy/Yeor Filed Status(pendine-llbandooe<l. patontedl
`_1L I hereby claim the benefit under 35 U.S.C. § 119(e) of U.S. Provisional
`
`
`
`Application Serial
`
`No. 06/004,510, filed September 29, 1995.
`
`H. MATijBWS OAR.LANt>, Rcl· No. 19,129
`
`STEVEN R.. ORB6NFISLD,
`
`I hereby appoint:
`Rea. No. :!8,166
`MUSSELMAN, JR., Ret No. 31,644
`P. WESTON
`CRAIG A. HOSR.STSN, Ret• No. 38,917
`THOMAS t.. CANTRBU.,
`Rca. No. 20,&49
`R.OOBR t.. MAXWELL, Ret · No. 31,8.S.S
`S"ruART D. DWORX, Rca. No. 31,103
`lEFFliltY B. BACON, Ret· No. 35,0$$
`THOMAS t.. CRISMAN, RcJ. No. 24,846
`STAHLSY R. MOORB, RcJ. No. l6,9SS
`ANDRB M. SZUWALSII'J, Rq. No. 3S,701
`05R.Al.D T. WELCH, Rt&. No. 30,332
`l. KlMNOitAY, Rq. No. 37,141
`all of the firm of JENKENS
`& Gll..CHRJST, P.C., 3200 Fountain
`to prosecute this application and to transact all business
`them to act and rely on instructions
`with
`first sent this case to them and by
`to be represented
`them in writing to the contrary.
`I hereby declare that I have consented after full disclosure
`
`Place, 1445 Ross Avenue,
`Dallas, Texas 75202-2799,
`
`
`
`as my attorneys and/or agents, with full power of substitution and
`
`
`
`in the United States Patent and
`revocation,
`patent Trademark Office connected therewith, and to file and prosecute any international
`
`
`
`
`
`
`application filed thereon before any international authorities under the Patent Cooperation Treaty,
`
`from and communicate directly
`and I hereby authorize
`
`the person/assignee/attorney/finn/organization who/which
`whom/which
`unless/until
`I instruct
`
`Please address
`
`
`all correspondence and direct all telephone calls to:
`
`IPCW.o77728. 1 20661•004S7
`
`2
`
`Page 166 of 544
`
`
`
`PATENT APPLICATION
`DOCKET NO.: 20661/457
`
`Steven R. Greenfield
`
`Jenkens & Gilchrist, P.C.
`
`1445 Ross Avenue
`3200 Fountain Place
`Dallas, Texas 75202-2799
`214/855-4789
`214/855-4300
`(fax)
`
`made herein of my own knowledge are true and that
`all statements made on information and belief are believed to be true; and further that these
`
`and the like so made are
`
`punishable by fine or imprisonment, or both, under Section 1001 of Title 18 of the United States
`
`
`
`I hereby declare that all statements
`
`statements
`were made with the knowledge that willful false statements
`
`
`Code, and that such willful false statements may jeopardize the validity
`
`patent issued thereon.
`
`of the application or any
`
`NAMED INVENTOR(S)
`
`STEPHEN M. CURRY �11!7 lltri//1.1
`
`ICflft
`Date
`
`USA
`Citizenship
`
`A,.-;\ � I 'f\t.
`
`Date
`
`USA
`Citizenship
`
`Full Name
`
`
`
`Inventor's Siroature
`
`6646 Clearhaven Circle
`Dallas, TX 75248
`
`state, country)
`1 Residence (city,
`
`6646 Clearhaven Circle
`Dallas, TX 75248
`Post Office Addnlss (include zip code)
`
`DONALD W. LOOMIS
`
`316 Dakota Lane
`TX 75019
`Coppell,
`
`��
`Full Name
`(city, state, country)
`2 Residence
`
`
`
`Inventor's Signature
`
`316 Dakota Lane
`Coppell, TX 75019
`
`
`Post Office Address fmclude zip code)
`
`I PCW.: 17728 .I 20661-004S1
`
`3
`
`Page 167 of 544
`
`
`
`CHRISTOPHER
`
`PATENT APPLICATION
`DOCKET NO.: 206611457.
`
`W. FOX _a?� Y/J-z-/?b
`
`
`
`lnventor1s Signature
`
`Date
`
`USA
`Citlzenshi}l_
`
`
`
`3847 Timberglen, #4222
`
`3
`
`#4222
`
`Full Name
`Dallas, TX 75287
`Residence (city, state, country)
`3847 Timberglen,
`Dallas, TX 75287
`Post Office Address (include z:ip code)
`
`check here __
`name, date, citizenship,
`
`(FOR ADDITIONAL INVENTORS,
`
`
`information regarding signature,
`
`and add additional sheet for inventor
`
`
`residence and address)
`
`�
`"=' "' ;iJ .""1 -
`�
`
`.o ,. . � -:x:::b
`
`IPOJ\1,:71729.1 20661·004S7
`
`4
`
`Page 168 of 544
`
`
`
`oqjo�r
`1 q-D
`
`�1 0
`
`CONTROL.
`
`NVRAM
`
`CIRCUITRY
`
`MODULE
`
`'
`
`v �
`,_____.-/ /
`
`f-r-
`
`" INPUT BUFFER
`
`..... ONE-WIRE
`INTERFACE
`
`20661-457
`1 of 8
`I UNIQUE 10 NUMBER I
`+
`r-..
`}2.. ,--
`\ MICRO PROCESSOR
`CLOCK� P-/
`f
`- .___,
`I
`ROM ·" -
`'--2
`;- ---
`-
`/' ......_ 2
`¥ ENERGY
`_.,-:..- -3
`11
`
`"·
`MATH COPROCESSOR
`
`I
`�
`
`OUTPUT BUFFER
`
`1- v
`
`B __.-
`
`--
`D_,..,-
`
`
`
`CREATE TRANSACTION GROUP
`
`FIG. 2
`GENERATE KEYS AND LOAD
`
`INTO A TRANSACTION GROUP
`
`Sl
`
`S2
`
`S3
`EXPONENT
`PRIVATI2E
`DECRYPTION
`
`
`
`CREATE TRANSACTION SCRIPT
`
`S4
`
`S5
`
`Page 169 of 544
`
`
`
`20661-457
`2 of 8
`
`USER RECEIVES SECURE E-MAIL
`
`
`AND ENCRYPTED IDfA KEY
`
`A1
`
`MODULE RECEIVES ENCRYPTED
`
`A2
`IOfA KEY IN AN INPUT
`GROUp
`OBJECT OF A TRANSACTION
`
`3
`FIG.
`
`TRANSACTION SCRIPT DECRYPTS
`
`THE IDfA KEY
`
`DECRYPTED IDfA KEY IS PLACED
`
`A4
`IN AN OUTPUT DATA OBJECT
`
`IDfA KEY IS USED TO DECRYPT
`THE SECURE E-MAIL
`
`A5
`
`= = .., .;., ·--;::: � ... ---=
`· ' .n· � -.d ' � ;:.:! �
`·� -� �-· =....;
`
`CRfATE TRANSACTION GROUP FOR
`
`
`PERFORMING ELECTRONIC
`NOTARY FUNCTIONS
`
`81
`
`CRfATE OBJECT(S) FOR
`RSA ENCRYPTION
`KEYS
`
`82
`
`CRfATE OBJECT FOR TIMEKEEPING
`
`
`
`CRfATE TRANSACTION SEQUENCE OBJECT
`
`/ /
`
`FIG. 4
`
`SCRIPT THAT CREATES
`CRfATE A TRANSACTION
`BY COMBINING
`A CERTIFICATE
`AN INPUT DATA
`tA-�N1'6� AND A UNIQUE
`OBJECT WITH THE TRUE TIME, THE VALUE OF
`85
`THE TRANSACTION
`
`NUMBER ASSOCIATED TO THE MODULE, THEN
`S 16N5 "THE CERTIFICATE
`
`
`
`PRIVATIZE OBJECTS 86
`
`
`
`LOCK TRANSACTION GROUP 87
`
`.e; � !o � I�-� ,C') � ���
`-<�
`.§�
`
`Page 170 of 544
`
`
`
`20661-457
`
`3 of 8
`
`MESSAGE IS PLACED IN AN
`INPUT DATA OBJECT
`
`Cl
`
`FIG. 5
`Tgfl.t-OSf.QtC:-.1 ��pr (L;M&i� e',r .... �
`'i!ml c;rtte\!. .f>MP.. f'I);.V �NS cU.ARtllli"'Tt�N
`'I\IIT� A. 'PRII.'I\iC: �"{ �� PIN eNC.?'(P1l'l
`C2 J
`C.ZF-N1<.1'\TC:.
`CAN BE READ AT A
`lATER TIME BY DECRYPTING
`
`THE CERTIFICATE
`
`IT
`WITH THE PUBLIC KEY
`
`C3
`
`'o �� -1 \C"'� ��!
`
`.��
`.§�
`
`-�·
`
`1:, .. .... : ,.. '1'-,.l_ .. J.. -.. • .... •.• -· "" �-:) ... •..
`
`/ I
`
`
`
`THE CERTiflt'ATE AND ORIGINAL
`
`DOCUMENT CAN BE STORED ELECTRONICALLY
`C4
`
`FIG. 6
`PREPARE MODULE
`
`CREATE TRANSACTION GROUP
`
`
`.COMPRISING: MONEY OBJECT
`
`TRANSACTION COUNT OBJECT
`PRIVATE KEY AND
`
`01
`
`PRIVATIZE
`
`02
`
`PUBLIC ·KEY OBJECTS ETC.
`PRIVATE KEY RELATED OBJECT(S)
`CREATE TRANSACTION SCRIPT TO 03
`
`PERFORM MONETARY TRANSACTION
`
`
`
`LOCK TRANSACTION GROUP 04
`
`PUBLISH PUBLIC KEY 05
`
`Page 171 of 544
`
`
`
`CREATES A SIGNED
`MERCHANT CERTIFICATE
`BY ENCRYPTING DATA
`PACKET WITH
`
`MERCHANT'S PRIVATE KEY
`
`v E4
`
`20661-457
`4 of 8
`
`MERCHANT
`
`BANK/SERVICE PROVIDER
`
`USER WANTS TO MAKE
`A PURCHASE
`USING A MODULE
`
`E�
`
`READS MODULE'S
`
`E2
`
`CREATES DATA PACKET
`
`THAT INCLUDES A
`'RANDOM SALT' AND
`MODULE ID NUMBER
`
`1---E3
`
`.,.,:-:
`
`H
`10 NUMBER t
`j
`
`E� SUBTRACT PURCHASE
`t
`I
`vES
`f- PRICE TO MERCHANT'S
`� INCREMENT
`E7
`COUNT
`•
`COMBINE TRANSACTION V EB
`TH?J ENCRYPT WITH 4 CERTIFICATE
`•
`E12
`L
`1) AMOUNT OF PURCHASE
`RECEIVE ITEM OR � IS CORRECT H RECEIVE MODULE'S
`SERVICE PURCHASED 2) DATA IN MERCHANrS SIGNED CERTIFICATE
`j_
`E(1 CERTIFICATE
`SAME AS ORIGINALLY SENT
`E(o CERTIFICATE
`E13./ PROVIDER'S
`PUBLIC KEY
`t --
`FIG. 7
`E14../ CERTIFICATE
`l
`E15../ ARE OK THEN ADD
`
`AMOUNT· fROM
`MONEY REGISTER
`
`
`
`ATTACHES PURCHASE
`
`SIGNED CERTIFICATE
`
`TRANSACTION
`
`COUNT WITH MERCHANT'S
`. SIGNED CERTIFICATE
`RECEIVE SIGNED MODULE
`AND PURCHASE AMOUNT;
`AND DECRYPT "'- E9
`USING SERVICE PRIVIDER'S
`SERVICE PROVlDER'S
`PUBLIC KEY
`PRIVATE KEY THEREBY
`
`CREATING A SIGNED
`MODULE CERTIFICATE CONFIRM THAT:
`
`IS THE
`
`DECRYPT MODULE'S
`WITH SERVICE
`
`DECRYPT MERCHANT'S
`WITH
`
`MERCHANT'S PUBLIC KEY
`
`IF BOTH CERTIFICATES
`
`PURCHASE AMOUNT TO
`MERCHANT'S BANK BALANCE
`
`'t
`
`Page 172 of 544
`
`
`
`......
`...
`.£; ·--;-..
`•• ,. -:-r
`JL � -�
`·' -r .. -. = i"' .,.; ,. ,..,..
`
`20661-457
`5 of 8
`BANK /SERV ICE PROVIDER
`
`READ MODULE ID
`NUMBER AND AMOUNT
`F2
`OF CASH REQUESTED
`
`REQUEST MODULE TO
`PRODUCE A RANDOM SALT
`
`USER
`
`Fl
`
`WANTS TO ADD AN
`AMOUNT OF CASH
`TO MODULE
`
`F3
`
`CREATE RANDOM
`SALT NUMBER
`
`DECRYPT SIGNED SERVICE
`PROVIDER CERTIFICATE
`WITH SERVICE PROVIDER'S
`PUBLIC KEY AND CHECK
`
`·THE 10 NUMBER AND
`
`
`
`RANDOM SALT NUMBER
`
`COMBINE SALT, ID NUMBER
`AND CASH AMOUNT AND
`ENCRYPT WITH SERVICE
`
`PROVIDER'S PRIVATE KEY,
`
`THEREBY CREATING A
`SIGNED SERVICE
`PROVIDER CERTIFICATE
`
`F4 .��
`•o
`,C') 0 '2.., �� "($
`��--�
`.��
`
`F5
`
`IF THE ID NUMBER
`AND RANDOM SALT NUMBER
`IS UNC�GED THEN ADO
`
`THE CASH AMOUNT TO THE
`
`MONEY REGISTER
`OF THE MODULE
`
`FIG. 8
`
`RECEIVE SALT AND
`REQUEST FOR MONEY
`
`EXAMPLE OF
`'> TRANSFER FROM USER'S MODULE TO MERCHANT'S
`MODULE
`---
`USER/PAYER
`MERCHANT/PAYEE
`1. CREATE RANDOM SALT
`../' G1
`2. DETERMINE
`AMOUNT OF
`MONEY TO BE
`RECEIVED fROM PAYER
`
`'-
`
`G2
`
`SUBTRACT REQUESTED
`MONEY AMOUNT fROM
`A MONEY REGISTER
`
`CREATE SIGNED PAYMENT
`
`CERTIFICATE BY COMBINING
`
`
`
`AMOUNT THEN ENCRYPTING CERTIFICATE AND DECRYPT
`
`PRIVATE KEY
`
`PUBLIC KEY
`
`PAYER = USER
`
`CHECK DECRYPTED
`
`AGAINST ORIGINALLY SENT SALT
`
`SALT
`"- G4
`IF THEY ARE THE
`SAME ADD PAYMENT AMOUNT
`
`TO MONEY REGISTER
`
`J
`1
`SALT WITH PAYMENT ' RECEIVE SIGNED PAYMENT
`WITHf SERVICE PROVIDER'S USING SERVICE PROVIDER'S
`1"'- G3
`... ----""" ..
`_t
`PAYEE = MERCHANT
`I
`/
`FIG. 9
`\
`
`Page 173 of 544
`
`
`
`... ��
`� .., -�� ....:. .... .. �
`-= -.... .a.
`= .... , -:¥-
`....
`
`20661-457
`6 of 8
`
`FIG. 10
`
`TRANSACTION OVER A NETWORK WITH A MODULE
`
`USER/PAYER
`MERCHANT/PAYEE
`AND
`
`CREATE RANDO�
`PAYER SALT
`
`H1
`
`RECEIVE PAYER SALT
`COMBINE WITH AMOUtfT OF
`
`MONEY TO BE RECEIVED, AND
`INCLUD£ A PAYEE SALT, THEN
`
`v H2
`ENCRYPT WITH SERVICE
`
`PROVIDER'S PRIVATE KEY TO
`
`CREATE A FIRST DATA PACKET
`
`
`�3
`........
`
`RECEIVE FIRST DATA PACKET
`AND DECRYPT WITH SERVICE
`
`PROVID£R'S PUBLIC KEY
`
`.-
`•
`
`COMPARE DECRYPTED
`PAYER SALT WITH ORIGINAL
`PAYER SALT
`
`H4 ........
`
`If THEY ARE THE SAME,
`
`
`SUBTRACT AMOUNT OF MONEY
`TO BE SENT fROM
`PAYER MONEY REGISTER
`
`/ ;
`HS ./
`
`•
`
`GENERATE A SECOND DATA
`
`PACKET CONSISTING OF
`PAYEE'S
`SALT AND THE
`AMOUNT OF MONEY TO
`BE SENT AND ENCRYPT
`USING SERVICE
`
`PROVIDER'S PRIVATE KEY
`
`•
`�
`
`RECEN£ SECOND DATA PACKET
`1'- H6
`
`AND DECRYPT USING SERVICE
`
`PROVIDER'S PUBLIC KEY
`
`EXTRACT DECRYPTED PAYEE
`SALT AND COMPARE WITH
`EARLIER
`PAYEE SALT PROVIDED
`
`IF BOTH ARE THE SAME ADD
`MONEY AMOUNT TO
`PAYEE MONEY REGISTER
`
`r- H7
`
`Page 174 of 544
`
`
`
`20661-457
`7 of 8
`
`MODULE
`lQ
`
`READ/WRITE OBJECT COMMANDS
`
`�
`LOCKED
`TRANSACTION
`GROUP
`�� 1..--0---lPENr__,\d
`\ n OBJECTS (O�
`� PIN
`COMMANDS � > !.it
`MATCH H S�RIPTS L I PRIVATE {P) I
`ll OBJECTS ·�
`y 5�E�T� (L� h. � -v
`�-�==��:tT=:-'
`�� �
`COMMAND C'l o
`READ-ONLY OBJECT
`'----"
`'2 .,
`�-----. READ/WRITE
`OBJECT
`h.§�
`LOCKED
`TRANSACTION
`GROUP .
`.-----1.--.
`O�E�S {O) I
`1-WIRE DATA � COMMAND PIN
`110 ··r. TIWlSPORr � INTERPRETER��
`MATcH 1 _ r t_ PRIVATE , 1
`
`i1 SCRIPTS I OBJECTS
`LAYER
`{P} I
`/ /
`I I LOCKED (L) I
`l OBJECTS
`I
`READ-ONLY OBJECT COMMAND
`.-------. READ/WRITE
`OBJECT COMMANDS
`LOCKED
`TRANSACTION
`GROUP
`�--L--.
`{a) l
`rl o�fE��s
`MATCH H LH PRIVATE ( )' I
`I+ PIN
`
`SCRIPTS I OBJECTS p ' I
`� 6�J:J& (L) I I
`
`
`
`READ-ONLY OBJECT COMMAND ,
`
`FIG. 11
`
`
`
`
`
`Page 175 of 544
`
`
`
`.·
`
`20661-457
`8 of 8
`
`FIG. 12
`1/0 DATA BUFFERS
`
`•·.
`
`SYSTEM DATA
`COMMON PIN, RANDOM
`ETC ...
`NUMBER REGISTER.
`
`OUTPUT DATA OBJECT #1
`OUTPUT DATA OBJECT 62
`
`WORKING REGISTER
`
`GROUP 1
`TRANSACTION
`
`I
`
`GROUP N
`TRANSACTION
`
`"
`
`GROUP
`TRANSACTION
`
`GROUP NAME,
`PASSWORD AND AHRIBUTES
`
`OBJECT 1 -- -
`OBJECT 2
`. . .
`OBJECT N � 1---
`
`AUDIT TRAIL•
`
`BUFFER OF
`CIRCULAR
`RECORDS
`TRANSACTION
`
`ONCE LOCKED All /
`
`RECORD
`TRANSACTION
`
`GROUP OBJECT DATE/TIME
`10 10 STAMP
`
`• THE AUDIT TRAIL DOES
`
`NOT EXIST UNTIL THE
`MICRO-IN-A-CANTU
`
`HAS BEEN LOCKED
`UNUSED RAM IS
`�
`
`ALLOCATED
`FOR
`. THE AUDIT TRAIL
`
`Page 176 of 544
`
`
`
`20231
`(a) and 37 C.F.R. 1.53(b)
`Transmitted herewith for filing under 35 U.S.C. 111
`
`
`Invention entitled:
`
`
`
`patent application for an
`
`by: [TEPBEN
`
`TRANSMITIAL
`(large Entity)
`
`Docket No.
`
`Total Pages in this Submission
`
`Express Mail Label No. EM49� -�685US
`:::::::=== = = ==
`= =
`__n_ . ..a.I·IC'll"' UTILITY PATENT APPLICATION
`20661-457Cl
`
`(Only tor new nonprovisional applications under 37 CFR 1.53(b))
`714
`Box Patent Application
`TO THE ASSISTANT COMMISSIONER FOR PATENTS
`Washington, D.C.
`is a new utility
`jMETHOD, APPARATUS, SYSTEM AND FlRMW ARE FOR. SECURE TRANSACTIONS
`
`and invented
`
`M. CURRY ET AL
`If a CONTINUATION APPLICATION, check appropria
`te box and supply the requisite information:
`No.: 08/594,983
`� Continuation 0 Divisional 0 Continuation-In-part
`-------'---
`
`(CIP) of prior application
`
`Enclosed are:
`
`
`
`Application Elements
`
`1. � Filing fee as calculated
`
`
`and transmitted as described below
`
`127
`---------------
`a. 0 Descriptive
`J
`to Related Applications
`
`
`
`2. 181 Specification having
`
`
`
`pages and including the following:
`
`Title of the Invention.
`
`b. 0 Cross References
`
`(if applicable)
`
`c. 0 statement Regarding
`
`Federally-sponsored
`
`Research/Development (If applicable)
`
`e. � Background
`f. i8l Brief Summary of the Invention
`g. 181 Brief Description
`h. 181 Detailed Description
`i. � Claim(s)
`j. !!I Abstract
`a. 0 Formal
`3. f8J Drawing(s) (when necessary
`b. � Informal
`
`
`
`d. 0 Reference to Microfiche Appendix (if applicable)
`
`
`
`of the Invention
`
`of the Drawings (if drawings filed)
`
`
`
`as Classified Below
`
`of the Disclosure
`
`as prescribed by 35 usc 113)
`
`Number of Sheets
`
`------------
`
`8
`
`Pacel o!J
`
`Page 177 of 544
`
`
`
`NEW UTILITY PATENT APPLICATION TRANSMITTAL
`
`
`(large Entity)
`
`(Only for new nonprovisiOnal applications under 37 CFR 1. 53(b))
`
`Total Pages in this Submission
`
`Docket No.
`
`l0661-4S7Cl
`714
`
`
`
`Application Elements (Continued)
`
`4. � Oath or Declaration
`
`a. 0 Newly executed
`(Original
`
`(37 CFR 1.63(d))
`
`
`
`
`
`or copy) 0 Unexecuted
`(for contlnuellonldivfsional application only}
`b. !81 Copy from a pnor application
`c. lEI With Power of Attorney 0 Without Power of Attorney
`5. 181 Incorporation
`as being part of the disclosure of the accompanying application
`6. 0 Computer Program in Microfiche
`
`By Reference (usable if Box 4b Is checked)
`
`The entire disclosure of the prior application, from whioh a copy of the oath or declaration is supplied
`
`
`
`under Box 4b, is considered
`and ls hereby
`Incorporated by reference therein.
`
`(Appendix)
`
`...
`
`
`
`7. 0 Nucleotide and/or Amino Acid Sequence Submission (if applicable, all must be included)
`
`
`
`
`
`a. 0 Paper Copy
`
`
`to computer copy)
`b. 0 Computer Readable Copy (Kientical
`Identical Paper and Computer Readable Copy
`
`c. 0 Statement Verifying
`
`A .,
`�
`Papers (cover sheet & document(s))
`i-" : 8. 0 Assignment
`! '!); 9. 0 37 CFR 3. 73(6) Statement
`
`
`
`Accompanying Application Parts
`
`
`
`(when there Is an assignee)
`
`
`
`10. 0 English Translation Document (if applicable)
`
`Disclosure Statement/PT0-1449
`
`® Copies of IDS Citations
`
`11. 181 Information
`12. a Preliminary
`13. Qa Acknowledgment postcard
`14. QiD Certificate
`
`Amendment
`
`of Mailing
`
`0 First Class � Express Mail (Specify Label No.):
`
`EM49266668SUS
`
`15. 0 Certified Copy
`
`(if foreign priority Is claimed)
`of Priority Document(s)
`
`
`PorloC3
`
`Page 178 of 544
`
`
`
`NEW UTILITY PATENT APPLICATION
`(Large Entity}
`
`I Docket No. I
`
`Total Pages in this Submission
`
`
`
`Accompanying Application Parts (Continued)
`
`
`
`TRANSMITTAL 20661-457Cl
`
`(Only for new nonprovisional applications under 37 CFR 1.53{b))
`714
`16. 0 Additional
`
`-
`
`
`
`Enclosures (please identify below):
`
`
`
`Fee Calculation and Transmittal
`
`CLAIMS AS FILED
`
`#Filed #Allowed #Extra
`
`9
`
`-20 :; 0
`
`- 3 :;
`
`X
`X
`
`Rate
`
`$22.00
`
`$82.00
`
`BASIC FEE
`
`TOTAL FILING FEE
`
`Fee
`
`$0.00
`
`$0.00
`
`$0.00
`
`$790.00
`
`$0.00
`
`$790.00
`
`�: For
`� Total Claims
`1
`0
`4 lndep. Claims
`Dependent Claims (check if applicable)
`0
`'
`�
`: OTHER FEE (specify purpose)
`-;.
`A ch eck In the amount of
`""
`� � The Commissioner Is hereby authorized to charge and credit Deposit Account No. 04-()031
`as described below. A duplica te copy of this sheet is enclosed.
`� Charge the amount of $790.00 as filing
`0 Charge the Issue fee set in 37 C.F.R. 1.18 at the mailing
`
`- Multiple
`
`"
`·"" =
`•..
`0
`
`to cover the filing
`fee Is enclosed .
`
`fee.
`
`Jf61;&.Ju STEVEN R. GREENFIELD
`
`� Credit any overpayment.
`� Charge any additional
`filing fees required under 37 C.F.R. 1.16 and 1.17.
`of the Notice of Allowance,
`
`pursuant to 37 C.F.R. 1.311 (b).
`
`,Dated: March 10, 19,98
`
`cc :
`
`REGISTRATION NO. 38,166
`
`Pace3of3
`
`POIUI.RGIRE\104
`
`Page 179 of 544
`
`
`
`� ----btf./J. ?f l'fjJ/f
`
`Patent Application
`Docket No. 2066l-00457Cl
`
`IN THE UNITED STATES PATENT AND TRADEMARK OFFICE
`In the Application of:
`
`§
`CURRY ET AL.
`§
`§ Examiner: GREGORY, B.
`Prior Serial No.: OS/594,983 §
`§ Group Art unit: 2202
`Prior Filing Date: January 31, 1996
`For: METHOD, APPARATUS, SYSTEM AND FIRMWARE FOR SECURE TRANSACTIONS
`
`CERTIFICATE or MAJI.ING llY EXPRESS Will,
`'£XPR£SS MAll." M•ilin 685US
`1 hereby certify that 13 p a r or ftht is
`
`be!nq deposited with the U.S. Postel S•rvice
`"Express Mail P03t Office to Addre!!lsee"
`
`3ccvice und�r 37 C.F.R. 1.10 on the dato
`indicated above and 19 addressed to the
`Cotntni,sioner for Patents, Sox Patent
`Applic&tlon, Wa�hlngton, D.C. 20231
`
`To the Assistant Commissioner for
`Patents
`Washington, DC 20231
`
`
`Date of Oeposit:....,..,.�-¥-P� I----<<--":'-,-
`
`A:utstant
`
`.. -�
`'cJ
`
`,;.�
`
`Dear Sir:
`
`PRELIMINARY AKENDMEHT
`Prior to examination of the above-identified continuation
`
`Application filed herewith, please enter the following amendments:
`
`Please amend the above-referenced application as follows.
`
`In the Specification:
`· .. ·-- ·· .-·-·J'.t.ine
`__ � - -
`,This application is a continuation of application No. 08/59 4 , 983
`-----� � ----- --- -- - --- ------ --
`
`�
`2 , pl.:e:.:a:.:s:.:e::.__:d::.:e::l::e:.t:::e=-��:::.::i::::.ss� aa:!:PP:!:PP:.:ll:.:i::.:.:c::.:.:a::.;t;:..:i::.:o:::n:..:._''-=anc=:d:...-::i:.:.n:.:s:.::e:.:r:.:t::___t.::;;h:.:=er-=e-=fc::o:..::r:_
`/1/ow li,S.PArG,r;' .Jj_ t'�'�/�'foJ
`--1-���v���- �iled January 3�1L'�1�9�9�6�,.Y��·an�d�tl� ---------
`&\
`2066I-Q04S7
`IPDALdS2646.1
`
`. ...
`
`Page 180 of 544
`
`
`
`Patent Application
`Docket No. 20661-00457Cl
`
`In the Claims:
`
`�
`Please delete cl� ):?2 2.
`Please add the f� wing new claim�:
`
`data carrier used for secur� data
`
`2 transactions
`3
`4 electronic device;
`
`input/output c
`
`for communicating with an external
`
`nul'l\eric
`
`r circuitry electrically co