United States Patent [19]
`Bernstein
`
`[54] AUTOMATIC PORTABLE ACCOUNT
`CONTROLLER FOR REMOTELY
`ARRANGING FOR TRANSFER OF VALUE
`TO A RECIPIENT
`
`Inventor: Robert Bernstein, 3229 Wilmette Ave.,
`Wilmette, Ill. 60091
`
`Appl. No.: 08/779,923
`Filed:
`Jan. 6, 1997
`Int. Cl." ~. H04L 9/00
`U.S. Cl. ..................................... 380/24; 380/4; 380/9;
`380/23: 380/25; 380/49; 705/26; 705/35;
`705/39; 705/40; 705/44
`Field of Search ............................... 380/4, 9, 21, 49,
`380/50, 59, 23, 24, 25; 705/26, 39, 40,
`42, 44, 45, 35
`
`References Cited
`
`U.S. PATENT DOCUMENTS
`
`7/1981 Stuckert.
`4,277,837
`4,302,810 11/1981 Bouricius et al. ........................ 380/24
`4,454,414 6/1984 Benton .................
`... 235/379
`4,536,647 8/1985 Atalla et al. ..
`... 235/379
`4,614,861
`9/1986 Pavlov et al. ........................... 235/380
`4,630,201 12/1986 White .
`4,634,845
`1/1987 Hale et al. .
`4,689,478 8/1987 Hale et al. .............................. 235/380
`4,734,858 3/1988 Schlafly .
`4,906,828 3/1990 Halpern ................................... 235/379
`
`US005915023A
`[11] Patent Number:
`[45] Date of Patent:
`
`5,915,023
`Jun. 22, 1999
`
`4,977,502 12/1990 Baker et al. .
`5,017,766 5/1991 Tamada et al. .
`5,025,373 6/1991 Keyser, Jr. et al. .
`5,050,207 9/1991 Hitchcock.
`5,130,519 7/1992 Bush et al. .............................. 235/380
`5,157,717 10/1992 Hitchcock.
`5,180,902
`1/1993 Schick et al. ........................... 235/380
`5,221,838 6/1993 Gutman et al. ......................... 235/379
`5,265,162 11/1993 Bush et al. ................................ 380/24
`5,266,782 11/1993 Alan?r? et al. .
`. 235/380
`5,347,580 9/1994 Molva et al. ...
`... 380/25
`FOREIGN PATENT DOCUMENTS
`85115722 10/1985 European Pat. Off. .
`Primary Examiner—Bernarr E. Gregory
`Attorney, Agent, or Firm—Welsh & Katz, Ltd.
`[57]
`ABSTRACT
`An apparatus and method of transferring a value from a
`transferor to a transferee in a transaction executed through a
`public service telephone network. The method includes the
`step of exchanging essential information between the trans
`feror and transferee through a connection established
`through the public service telephone network. A summary of
`the transaction is transferred from the transferor and from
`the transferee to a third party agent of the transferee through
`the public service telephone network. The summary
`received from the transferor with the summary received
`from the transferee and where a match is determined,
`transferring the value to the transferee.
`
`22 Claims, 4 Drawing Sheets
`
`
`
`12
`
`
`
`DISPLAY
`
`
`
`
`
`14
`
`
`
`KEYBOARD
`
`25)
`| SCANNER
`
`
`
`r— — — — — — —
`
`| CASH MEMORY
`?s=CUREMEMORY |ROM
`—t--——
`MEMORY
`
`TRANSCEIVER
`
`CONTROLLER
`
`
`
`PayPal Ex.1004, p.1
`
`

`
`U.S. Patent
`
`Jun. 22, 1999
`FIG. 1
`
`Sheet 1 of 4
`
`5,915,023
`
`18
`
`
`
`12
`
`
`
`
`
`DISPLAY
`
`
`
`r–
`
`-l
`
`| CASH MEMORY
`|SECUREMEMORY FROM;
`
`TRANSCEIVER
`
`- - - - -º ºr t –––
`
`
`
`
`
`-
`S —
`MEMORY
`
`14
`
`
`
`
`
`KEYBOARD
`
`25)
`| SCANNER
`
`- - - - - m
`
`CONTROLLER
`
`
`
`28
`
`
`
`52
`
`DISPLAY
`
`
`
`
`
`
`
`
`
`
`
`54
`
`
`
`KEYBOARD
`
`FIG. 2
`
`56
`
`50
`
`| CASH MEMORY
`––––––
`
`MEMORY
`
`TRANSCEIVER
`
`CONTROLLER
`
`
`
`|DISPENSER
`\ss
`
`PSTN
`
`PayPal Ex.1004, p.2
`
`

`
`U.S. Patent
`
`Jun. 22, 1999
`
`Sheet 2 of 4
`
`5,915,023
`
`|O6
`
`
`
`2-3 ºn
`iós INFORMATION:
`
`|||O
`
`||2
`TRANSCEIVER
`
`||4
`
`TRANSCODER
`
`CONTROLLER
`
`MODEM L^l 16
`
`PSTN
`
`|O2
`DISPLAY
`
`|O4
`KEYBOARD
`
`|OO
`
`PayPal Ex.1004, p.3
`
`

`
`U.S. Patent
`
`Jun. 22, 1999
`
`Sheet 3 of 4
`
`5,915,023
`
`99 –
`
`FIG. 4
`
`
`
`SELECT
`MODE
`
`104_ ENTER
`PAYMENT
`
`
`
`DAL | NO
`BANK
`
`VALUE
`TRANSFER
`ELECTED
`
`||4
`
`|| 6
`
`TRANSFER
`|D
`
`TRANSFER
`PIN
`
`ENCODE
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`NO
`
`SUFFICIENT
`FUNDS
`7
`
`X
`
`|24
`
`BANK
`
`§
`
`YES
`
`TRANSFER
`7
`
`.
`
`NO
`
`CREDIT
`PURCHASE
`º
`
`
`
`
`
`
`
`- CONNECT
`
`TRANSFER
`VALUE |
`
`
`
`
`
`PayPal Ex.1004, p.4
`
`|32
`
`
`
`
`
`VENDER
`2 BANKS 2134
`STORE YES GRANTS º REQUESTS CREDIT
`RECORD
`AUTHORIZATION
`AUTHORIZATION
``NUMBER 7°
`NUMBER
`Nº
`
`

`
`U.S. Patent
`
`Jun. 22, 1999
`
`Sheet 4 of 4
`
`5,915,023
`
`FIG. 5
`
`210
`
`TRANSFERING
`USER
`
`THIRD PARTYAGENT OF
`TRANSFERING USER
`
`202
`
`RECIPIENT
`
`THIRD PARTY AGENT
`OF RECIPIENT
`
`FIG. 6
`
`250
`
`
`
`|_MEMORY_j
`––––––
`
`CONTROLLER
`
`` 254
`
`PayPal Ex.1004, p.5
`
`

`
`5,915,023
`
`1
`AUTOMATIC PORTABLE ACCOUNT
`CONTROLLER FOR REMOTELY
`ARRANGING FOR TRANSFER OF VALUE
`TO A RECIPIENT
`
`FIELD OF THE INVENTION
`The field of the invention relates to portable payment
`devices and more particularly to electronic devices suited to
`arranging credit purchases or value transfers.
`
`BACKGROUND OF THE INVENTION
`Devices for making purchases without the necessity of
`cash are known. Such devices range from pre-loaded debit
`cards (e.g., farecards on public transportation systems) to
`credit cards. While such devices are similar in some regards,
`they differ in others. The devices are similar in that they are
`typically constructed of plastic with a magnetic stripe on one
`side or the other. They differ in that a farecard is altered
`during use while a credit card is not.
`The farecard is altered during use in that a numerical
`value (e.g., a dollar value or a number of bus rides) stored
`on the card is changed during use. Each time that the card
`is used a value indicative of the value of the use is subtracted
`from the value stored on the farecard and a new, lesser value
`is stored on the farecard in place of the original value.
`A credit card, instead of storing a numerical suggestion of
`value on the magnetic stripe of the credit card, provides a
`promise of future payment of an incurred debt from an
`authorized user of the credit card. Such devices are also
`typically constructed of plastic with a visually readable
`indicia of origin (i.e., VISA, MASTERCARD, etc.) and a
`magnetic strip. The magnetic strip typically contains an
`account number of the authorized user of the card. The
`magnetic strip may also contain a personal identification
`number (PIN) of the authorized user.
`To use a credit card a user simply presents the card to a
`vendor as an indication of a request for credit. The vendor
`may simply run the card through an imprinter and ask the
`user to sign the imprint or the vendor may, in addition, call
`an issuing financial institution for an authorization number.
`In many cases, no attempt is made to verify that the user is,
`in fact, an authorized user.
`Where the credit card is also used as a cash station card,
`an additional requirement of use may be that the user enter
`his personal PIN number. However, since the PIN number
`was already present within the magnetic strip of the credit
`card and since a person with a card reader and the facilities
`to decode the magnetic strip may also be able to decode the
`authorized user’s PIN number, the additional requirement of
`the entry of a PIN number is not a very effective means of
`preventing fraud.
`Smartcards are also known. Smartcards attempt to solve
`the problem of storing PIN numbers on credit cards by
`encrypting the PIN number with other numbers such as a
`public key and/or a time of day and month. Further, an
`account number of an authorized user may also be encrypted
`with the same or a different public key as a further deterrent
`to decryption by an unauthorized user.
`Upon receiving a smartcard, a cardreader of a vendor may
`first read an unencrypted name of an issuing credit card
`company followed by an encrypted account number of an
`account of the authorized user and PIN number. A modem
`interconnected with the vendor’s card reader uses the unen
`crypted name of the issuing credit card company to establish
`a data link with the issuing credit card company. The modem
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`2
`then transmits the encrypted information to the issuing credit
`card company which then, using its own version of the
`public key, decodes the received information.
`Upon decoding the received information, the issuing
`credit card company may authorized the transaction based
`upon the decoded information or may request that the credit
`card user enter his PIN number through an associated
`keyboard. If the issuing credit card company authorizes the
`sale, the issuing credit card company may transmit an
`authorization number back to the vendor’s modem autho
`rizing the sale.
`If the issuing credit card company, as an additional
`security feature, should also request that the user enter his
`PIN number, the user would enter his PIN number which the
`issuing credit card company would then compare with the
`decoded PIN number and either authorize or decline the
`transaction. In entering his PIN number through the key
`board of the vendor (or at a cash station) the user risks
`disclosure of the PIN number to the vendor or nearby
`onlookers. If the user should forget his card upon leaving the
`vendor’s place of business, or should be later pick-pocketed
`by an onlooker of the transaction, the security offered by the
`card may be completely compromised.
`Credit cards in general have become an indispensable part
`of the world economy. Because of the importance of credit
`or other cashless transactions a need exists for a method of
`accomplishing such transactions without the risk of publicly
`disclosing confidential information such as PIN number that
`are otherwise used to protect credit accounts.
`SUMMARY OF THE INVENTION
`It is an object of this invention to provide an apparatus for
`making value transfers from a transferor to a transferee over
`the public service telephone network.
`It is a further object of the invention to provide an
`apparatus that is inherently secure against unauthorized use.
`These and other objects are provided by an apparatus and
`method of transferring a value from a transferor to a trans
`feree in a transaction executed through a public service
`telephone network. The method includes the step of
`exchanging essential information between the transferor and
`transferee through a connection established through the
`public service telephone network. A summary of the trans
`action is transferred from the transferor and from the trans
`feree to a third party agent of the transferee through the
`public service telephone network. The summary received
`from the transferor with the summary received from the
`transferee and where a match is determined, transferring the
`value to the transferee.
`The solution to the problem of security in credit purchases
`lies, conceptually, in the use of a portable account controller
`for remotely arranging for payment of debt and for transfers
`of value carried by the authorized user which has the
`capability of encrypting information (e.g., account number,
`PIN number) transmitted over public communication facili
`ties (e.g., telephone lines). The portable device, under an
`embodiment of the invention, is equipped with its own
`security features preventing use by other than an authorized
`user. Such security features appropriate for the portable
`purchasing device may require identification of a user
`through a retinal or fingerprint scan, or entry of a local PIN
`number (i.e., different from the transmitted PIN number).
`Upon activation of the portable device by retinal
`scanning, fingerprint identification or entry of a local PIN
`number, the security features of the portable purchasing
`device may cause the portable purchasing device to remain
`
`PayPal Ex.1004, p.6
`
`

`
`3
`active for a fixed time interval (e.g., one hour) or deactivate
`after a single purchasing transaction. If the security feature
`of the portable device were based upon fingerprint identifi
`cation or acoustic analysis of the bone structure of a hand
`holding the portable purchasing device, the device may
`remain active for so long as the portable device were held by
`the authorized user. If the security feature were based upon
`a local PIN number or other biotic parameters of the
`authorized user that cannot be continuously measured (e.g.,
`retinal scanning), then periodic reactivation would be
`required.
`Under an embodiment of the invention, the portable
`purchasing device interacts with a vendor through a com
`munication port. The communication port may be infrared
`(IR), radio frequency (RF), or simply a telephone jack. Upon
`deciding to make a purchase from a vendor, an authorized
`user would place the portable purchasing device in an
`appropriate location for exchanging information through the
`communication port. If the communication port were IR or
`RF the user may simply place the portable purchasing device
`in a cradle where a transceiver of the communication port of
`the portable purchasing device is in opposing relationship
`with a transceiver of a communication port of the vendor.
`Likewise, if the communication port were a telephone jack,
`the user would simply interconnect the portable purchasing
`device with a telephone cord of the vendor.
`Upon interfacing the portable purchasing device with the
`communication facilities of the vendor, transfer of value for
`a purchase may occur under any one of a number of possible
`modes selectable by the user and acceptable to the vendor.
`At a first, and simplest level, the user of the portable
`purchasing device transfers value directly to the vendor in a
`manner similar to the transfer of electronic cash, but without
`the assistance of a financial institution.
`Under the embodiment, to make a direct payment from
`cash memory, the user of the portable payment device
`selects “direct value transfer” from a menu on a display of
`the portable payment device. The user then enters an amount
`for direct transfer. Once the portable purchasing device is
`placed in a position to facilitate the exchange of information
`(e.g., the vendor provides a payment cradle where the port
`of the portable communication device is positioned proxi
`mate a communication port of a data processing system of
`the vendor), the portable payment device signals the vendor
`communication port with a “ready” prompt. When the
`vendor port responds, the portable purchasing device signals
`the mode of payment as direct transfer. The vendor com
`munication port transfers the mode of payment to the vendor
`data processing system (herein referred to as an electronic
`cashbox) which then queries the vendor through the ven
`dor’s local display whether direct payment is acceptable. If
`the vendor enters a favorable response (e.g., “Y” or simply
`presses ENTER) at a keyboard of the vendor's electronic
`cashbox, the vendor’s communication port signals the por
`table purchasing device that the transaction has been
`accepted and the transaction is completed.
`Direct payment may also occur where the user places his
`portable purchasing device upon a payment cradle and the
`vendor transmits a price to the portable purchasing device.
`The user may press an “OK” key (e.g., enter) transferring
`payment to the vendor or the user could add a percentage to
`the total (e.g., a tip) before authorizing payment.
`Alternatively, the user of the portable purchasing device
`may decide to pay by credit or may pay by transferring cash
`from a financial institution account of the authorized user to
`a financial institution account of the vendor. In either case
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`5,915,023
`
`4
`the user places the portable purchasing device in a purchas
`ing cradle and the portable purchasing device arranges
`payment through the communication facilities (e.g., tele
`phone lines) of the vendor. The portable purchasing device
`accomplishes such mode of payment by first passing an
`access code (e.g., a telephone number, web site identifier,
`e-mail address, Internet address, etc.) of the user’s financial
`institution or credit source to the vendor’s payment receipt
`system.
`Upon receiving the telephone number the vendor’s system
`may first check that the telephone number is that of a
`financial institution recognized as a good credit risk by the
`vendor before accepting payment from such institution.
`Upon completing such checks, the vendor’s system passes
`the telephone number to the local public switch telephone
`network (PSTN) for connection to the selected financial
`institution. Following completion of the connection with the
`selected institution, the vendor’s system and portable pur
`chasing device monitor the connection for transmissions and
`respond as appropriate to the selected mode of payment.
`Whatever the selected mode of payment, the portable
`purchasing device must first uniquely identify itself to the
`selected financial institution (i.e., a financial institution or
`the vendor’s house account) before the transaction may be
`completed. However, since the vendor is monitoring the
`connection, steps must be taken to ensure the security of
`access to the authorized user’s financial institution accounts.
`The portable purchasing device may do this by first
`transmitting an identifier (e.g., a social security number,
`account number, etc.) of the authorized user. Once the
`authorized user has been identified to the financial
`institution, the financial institution may use such identifica
`tion to access a file of the authorized user for a set of
`encryption keys to decode subsequent transmissions from
`the portable purchasing device. The portable purchasing
`device using an identical set of encryption keys encodes
`further indicia of identity (e.g., a PIN number) for transmis
`sion to the financial institution which may only be decoded
`by the financial institution. The portable purchasing device
`may also encode other information (i.e., mode of payment to
`the vendor and payment amount) transmitted to the financial
`institution. The financial institution, upon decoding the
`transmission, responds in the clear (i.e., no encryption) with
`an acceptance or rejection message (or with a request for
`re-transmission if an error occurred).
`The vendor’s system, monitoring the connection, receives
`the acceptance message, and transmits an appropriate
`response. If the transaction were a credit purchase the
`vendor’s system may transmit a merchant number, amount
`of purchase, and a request for a credit authorization number.
`If the purchase involved a cash transfer to a vendor financial
`institution account, the vendor may respond with indicia of
`identity of the vendor’s financial institution and financial
`institution account number along with an expected amount
`of the transfer. The authorized user’s financial institution,
`upon receiving the response from the vendor, compares the
`amount of purchase transmitted by the portable purchasing
`device to the expected amount from the vendor and, if the
`amounts match, completes the transaction.
`Further objects, features and advantages of the present
`invention will become apparent from the following detailed
`description of the invention taken in conjunction with the
`accompanying drawings wherein like reference numerals
`designate like elements throughout the several views.
`BRIEF DESCRIPTION OF THE DRAWINGS
`FIG. 1 is a block diagram of a portable purchasing device
`in accordance with a preferred embodiment of the present
`invention;
`
`PayPal Ex.1004, p.7
`
`

`
`5,915,023
`
`5
`FIG. 2 is a block diagram of a vendor cashbox for use with
`the portable purchasing device of FIG. 1;
`FIG. 3 is a block diagram of a system for programming a
`cash memory of the portable purchasing device of FIG. 1;
`FIG. 4 is a flow chart of the steps of operation of the
`portable purchasing device of FIG. 1;
`FIG. 5 is a block diagram of a system using the device of
`FIG. 1 under an alternate embodiment; and
`FIG. 6 is a block diagram of the third party agent of FIG.
`5.
`
`DESCRIPTION OF A PREFERRED
`EMBODIMENT
`FIG. 1 is a block diagram of a portable purchasing device
`10, in general. A controller 20 receives input information
`from a keyboard 14 (or optional scanner 26) and displays
`information on display 1portable purchasintions for the
`portable purchasing device 10 are stored within a memory
`16 and loaded into the controller 20 upon activation. The
`portable purchasing device 10 interacts with external
`devices through a transcoder 24 and transceiver 22.
`The transceiver 22 may exchange information in the IR
`range or in the visible range through use of an appropriate
`light emitting diode (LED) and photodetector. The trans
`ceiver may also operate in the RF range using amplitude
`modulation (AM), frequency modulation (FM), quadrature
`amplitude modulation (QAM), or any other appropriate
`modulation technique. The transceiver 22 may also interact
`with external devices directly through modem and telephone
`jack.
`The portable purchasing device 10 under an embodiment
`of the invention is typically programmed under the auspices
`of an issuing financial institution for the benefit of its
`customers. FIG. 4 is a flow chart showing, in summary form,
`the program steps of a portable purchasing device 10 under
`an embodiment of the invention. Reference will be made to
`FIG. 4 as appropriate to an understanding of the invention.
`As part of the programming of the portable purchasing
`device 10 the issuing financial institution may enter a
`numerical value in a cash memory 18 of the memory 16 of
`the portable purchasing device 10. The numerical value
`represents a cash value that the authorized user of the
`portable purchasing device has received from the issuing
`financial institution, and which the financial institution has
`stored in the portable purchasing device for purposes of
`making direct value transfers to vendors. The cash memory
`area of the memory 16 is not accessible to a user except for
`withdrawals. The cash memory 18 is protected by a set of
`passwords known only to the financial institution. Additions
`to the value stored in cash memory 18 must be performed
`under the control of a financial institution or other autho
`rized institution (which act as a guarantor of the value
`originally stored within the portable purchasing device 10)
`and which possesses the passwords that allow access to a
`store algorithm used by the portable payment device.
`Electronic cash transactions may be limited to some
`maximum value (e.g., $100.00) and may be used primarily
`to pay debts where verification of credit worthiness is not
`practical (e.g., payment of bus fare, purchasing a newspaper,
`etc.). Electronic cash is also used where the context of the
`transaction requires that payment be made as quickly as
`possible.
`Stored with the cash value in the portable purchasing
`device 10 is an identifier of the financial institution storing
`the most recent cash deposit to the portable purchasing
`
`6
`device as well as any previously storing financial institutions
`and electronic cash remaining from the previous deposit.
`Also stored within cash memory to provide an audit trail of
`proper operation of the portable purchasing device 10 is a
`summary of the most recent deposit to cash memory as well
`as identifiers of vendors to which dispersements were made
`and the dates of such dispersements.
`Also entered into a secure area 30 of memory 16 is a
`telephone number of the issuing financial institution as well
`as numbers of various financial institution accounts of the
`authorized user. A set of encryption keys are also stored
`within secure memory 30. The encryption keys may be any
`non-repeating number sequence (e.g., a public key).
`The program under which the portable purchasing device
`10 operates is loaded into a read only memory (ROM) 28 of
`the portable purchasing device 10 during manufacture by
`methods well known in the art. The program (FIG. 4) may
`be activated by pressing any key on the keyboard 14 of the
`portable purchasing device 10. Following activation of any
`key the portable purchasing device 10 enters a program step
`100 where the portable purchasing device waits a time
`period (e.g., 30 seconds) for entry of indicia of an authorized
`user. If the portable purchasing device 10 does not receive
`the proper indicia of the authorized user within the 30
`seconds (or if the entered indicia is incorrect) the device 10
`again deactivates.
`The indicia of the authorized user may be any alphanu
`meric or biotic parameter capable of input through the
`keyboard 14 or optional scanner 26 and a summary of which
`may be stored within memory 16. The indicia of the autho
`rized user may be a local PIN number of may be the same
`PIN number that is later encoded and transmitted to an
`issuing financial institution.
`Where the indicia of the authorized user is entered
`through the scanner 26, the indicia may be a fingerprint of
`the authorized user or where the scanner 26 is a retinal
`scanner the indicia may be the image of the authorized user’s
`retina. Where the scanner 26 is an acoustic scanner, distin
`guishable differences in the bone structure of the authorized
`user’s hand may be scanned and stored as the indicia of the
`authorized user.
`Following activation, the portable purchasing device 10
`waits for the user to select 102 a mode of payment. The
`possible modes of payment may be displayed on the display
`12 in the form of a menu. Mode selection 102 may be
`accomplished by entering a numerical value displayed
`beside a menu item, or where a touch-screen is used for the
`display 12, the selection may be accomplished by the user
`touching an appropriate part of the menu on display 12.
`Following mode selection 102, the portable purchasing
`device 10 wait for entry of a purchase amount. The purchase
`amount is typically entered as a dollar value through the
`keyboard 14 or through a touch-screen display 14 by touch
`ing appropriate symbols on the display 14.
`Following entry of a dollar value a controller 20 executes
`the selected payment. As a first step, the controller checks
`whether a direct value transfer has been selected 108. If so,
`the controller verifies 110 that a sufficient balance remains
`within cash memory 18 for payment of the debt.
`If a sufficient balance remains within cash memory 18, the
`controller 20 causes a connect tone to be transmitted by
`transceiver 22. The connect tone transmitted by the trans
`ceiver 22 of the portable purchasing device 10 is detected by
`a transceiver 62 of the vendor’s electronic cashbox 50 and
`transferred to a controller 60 of the cashbox 50. The con
`troller 60, upon detecting the connect tone, responds with an
`acknowledge.
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`PayPal Ex.1004, p.8
`
`

`
`5,915,023
`
`7
`The portable purchasing device 10 upon receiving the
`connect tone transmits a serial number of the portable
`purchasing device 10 as well as an entered payment value.
`The serial number of the portable purchasing device 10
`contains, embedded within, a serial number of the issuing
`financial institution as well as a sequence number uniquely
`identifying the portable purchasing device 10. The vendor’s
`cashbox 50 first checks by reference to memory 56 whether
`the issuing financial institution is in good standing with the
`vendor as far as honoring direct value transfers. The vendor
`then checks that the portable purchasing device is an appro
`priate model compatible with the cashbox 50 and that the
`payment amount is of a proper value.
`If the vendor cashbox 50 finds the transaction acceptable,
`the cashbox 50 transmits, through the transceiver 62, a
`proceed command to the portable purchasing device 10 that
`contains a unique identifier of the cashbox 50. The portable
`purchasing device 10 responds by executing a value transfer
`112 by transmitting a transaction number to the cashbox 50
`which may be a combination of the identifier of the portable
`purchasing device 10, the identifier of the cashbox 50 and a
`numerical value of the transaction as well as certain other
`encrypted digits that may be used for transaction certifica
`tion. The encrypted digits may be a combination of the
`identifiers of both portable purchasing device 10, cashbox
`50, the time and date of the transaction, and the amount of
`the transaction all encrypted through use of a public key
`known only to the issuing financial institution and portable
`purchasing device 10.
`The vendor’s electronic cashbox 50 upon receipt of a
`transaction number of a direct value transfer stores the
`transaction number in a cash transfer file 57 of a memory of
`the electronic cashbox 50 for later redemption. Redemption
`of direct value transfers are periodically done at the vendor’s
`convenience. The vendor may redeem direct transfers by
`transmitting a summary of all transaction numbers to the
`vendor’s financial institution through the cashbox controller
`60, modem 64 and PSTN, or the vendor may simply
`download the transaction numbers to a floppy disk and take
`such floppy disk to the vendor’s financial institution with the
`vendor’s other daily receipts or the vendor may transfer such
`information from his memory device (e.g., a hard disk) to
`the financial institutions memory device (e.g., another hard
`disk) through an appropriate data transfer (i.e., downloading
`between disk drives).
`The vendor’s financial institution upon receiving the
`summary of transaction numbers, first retrieves an identifier
`of the financial institution issuing the portable purchasing
`device 10, and a purchase amount, from the transaction
`number. The vendor’s financial institution may then transmit
`a summary of charges to the issuing financial institution for
`credit to the vendor’s account. The issuing financial insti
`tution may immediately issue a credit or wait until the
`portable purchasing device 10 downloads its summary of
`purchases for comparison with transaction numbers received
`from vendor’s financial institutions.
`If the summary from the portable purchasing device 10
`contains a purchase record that matches a charge from a
`particular vendor then the vendor’s account is credited. If the
`summary does not match, then the issuing financial institu
`tion requests a full copy of the transaction number including
`the encrypted digits for transaction certification. The issuing
`financial institution decodes the encrypted digits to verify
`that the request for credit is legitimate. If the request is
`legitimate (as determined by the content of the decoded
`digits within the transaction number) the issuing financial
`institution credits the vendor’s account.
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`8
`Encryption and decryption in accordance with an embodi
`ment of the invention may be accomplished under any of a
`number of well known standards. For example the data
`encryption standard (DES) may be used. DES works by
`breaking messages into discrete blocks of information
`(usually 8 characters having 64 bits) and transforming them
`into blocks of ciphertext according to a 56 bit “key”.
`Decryption (decoding) requires that the same key by used
`for converting the ciphertext back into the original message.
`Before storing a transaction number a portable purchasing
`device can encrypt a message using a key known solely to
`the portable purchasing device 10 and the issuing financial
`institution for which the encrypted bits are intended. Theft of
`the transaction numbers would do a thief no good, because
`without the key the encrypted bits of the transaction number
`are digital gibberish.
`If the mode of payment entered into the portable purchas
`ing device 10 is not direct value transfer, then the portable
`purchasing device 10 next transfers a telephone number of
`the authorized user’s financial institution to the vendor. The
`vendor checks the authenticity of the telephone number
`before transferring the number to the PSTN. When a con
`nection is established through the PSTN with a financial
`institution of the authorized user and the vendor, the finan
`cial institution transmits a connect tone and the vendor adds
`the portable purchasing device to the connection with the
`financial institution through the PSTN. The portable pur
`chasing device 10 responds by transmitting an identifier 114
`which identifies the authorized user to the financial institu
`tion. The identifier may be a customer number, a social
`security number, a financial institution account number, a
`combination of such numbers, or some other appropriate
`identifier number. Upon receiving the identifier, the financial
`institution responds 120 with an acknowledge. If the finan
`cial institution does not respond with an acknowledge within
`a reasonable time (e.g., one second) the portable purchas