`
`United States Patent (19)
`Pare, Jr. et al.
`
`USOO5870723A
`Patent Number:
`11
`(45) Date of Patent:
`
`5,870,723
`Feb. 9, 1999
`
`54) TOKENLESS BIOMETRIC TRANSACTION
`AUTHORIZATION METHOD AND SYSTEM
`
`St. Apt. R7, Berkeley, Calif. 94703;
`
`76 Inventors: David Ferrin Pare, Jr., 1430 Josephine
`Ned Hoffman, 1252A Pleasant Hill
`Ave., Sebastopol, Calif. 94721;
`Jonathan Alexander Lee, 1430
`Josephine St. Apt. R7, Berkeley, Calif.
`94.703
`
`21 Appl. No.: 705.399
`22 Filed:
`Aug. 29, 1996
`
`5,251,259 10/1993 Mosley - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 380/23
`
`5,229,764 7/1993 Matchett et al. ................... 340/825.34
`5,230,025 7/1993 Fisfbine et al.
`... 38.2/4
`5,239,583 8/1993 Parrillo .....
`... 380/23
`5,241,606 8/1993 Horie ...
`... 38.2/4
`E. A. Bush et al. ................................ 380/24
`24
`Y-2
`f1994 Martino et al. .
`... 235/380
`5,280,527
`1/1994 Gullman et al. .......................... 380/23
`5,321,242 6/1994 Heath, Jr. ................................ 235/382
`5,325,442 6/1994 Knapp ......
`... 38.2/4
`5,335,288 8/1994 Faulkner ......
`... 381/2
`5,343,529 8/1994 Goldfine et al.
`380/23
`5,351,303 9/1994 Willmore .................................... 382/4
`5,359,669 10/1994 Shanley et al.
`382/117
`5,745,555 4/1998 Mark ......................................... 379/95
`Primary Examiner Edward R. Cosimano
`Assistant Examiner Barton L. Bainbridge
`Attorney, Agent, or Firm Ali Kamarei
`57
`ABSTRACT
`A method and System for tokenleSS authorization of com
`mercial transactions between a buyer and a Seller using a
`computer System. A transaction is proposed by a Seller, and
`the buyer signals his acceptance by entering his personal
`authentication information comprising a PIN and at least one
`biometric Sample, forming a commercial transaction mes
`Sage. The commercial transaction message is forwarded to
`the computer System, where the computer System compares
`the personal authentication information in the commercial
`U.S. PATENT DOCUMENTS
`transaction message with previously registered buyer bio
`metric Samples. If the computer System Successfully iden
`4,821,118 4/1989 Lafreniere ............................... 358/108
`4,837,422 6/1989 Dethloff et al. ........................ 364/408
`tifies the buyer, a financial account of the buyer is debited
`4,961,142 10/1990 Elliott et al. ......
`. 364/408
`and a financial account of the Seller is credited, and the
`4,993,068 2/1991 Piosenka et al.
`... 380/23
`results of the transaction are presented to both buyer and
`4,995,086
`2/1991 Lilley et al. ................................ 382/4
`Seller. As a result of the invention, a buyer can conduct
`4,998.279 3/1991 Weiss .........
`340/825
`commercial transactions without having to use any tokens
`5,036,461
`7/1991 Elliot et al. .
`. 364/408
`Such as portable man-made memory devices Such as Smart
`5,054,089 10/1991 Uchida et al. .............................. 382/4
`cards or Swipe cards. The invention allows buyers to quickly
`5,095,194 3/1992 Barbanell ................................ 235/379
`Select one of a group of different financial accounts from
`5,109,427 4/1992 Yang ........................................ 382/4
`SE 3: SN et al.
`r 35 y
`to transfer funds. The invention further indicates to
`5,146,102 9/1992 Higuchi et al. ...
`250/556
`e user that the authentic computer system was accessed by
`5,168,520 12/1992 Weiss .........
`... 380/23
`the use of a private code that is returned to the buyer after
`5,180,901
`1/1993 Hiramatsu ............................... 235/380
`the identification is complete. The invention additionally
`5,191,611
`3/1993 Lang ......................................... 380/25
`permits an authorized buyer to alert authorities in the event
`5,210,588 5/1993 Lee ..........
`... 356/71
`of an emergency, Such as when a transaction is coerced.
`5,210,797 5/1993 Usui et al. .................................. 382/4
`5,222,152 6/1993 Fishbine et al. ............................ 382/2
`66 Claims, 16 Drawing Sheets
`
`Related U.S. Application Data
`63 Continuation-in-part of Ser. No. 442,895, May 17, 1995,
`Pat. No. 5,613,012, which is a continuation-in-part of Ser.
`No. 345,523, Nov. 28, 1994, Pat. No. 5,615,217.
`6
`51) Int. Cl. ...................................................... G06F 17/60
`52) U.S. Cl. ................................................................ 705/39
`58 Field of Search .................................. 705/26, 35,39;
`380/24, 25, 23, 49
`
`56)
`
`References Cited
`
`(derisy raved fron Boyer Account
`gig.: i:
`
`
`
`
`
`ap
`
`PRES&NA33, SSES
`
`
`
`IPR2018-00067
`Unified EX1004 Page 1
`
`
`
`Internet
`
`Terrnindl
`
`2
`
`1.
`
`GE 3.
`
`C
`DP
`
`5
`
`Firewall
`Mochine
`
`Gateway
`Machine
`
`6
`
`C C
`Bornetric
`Database
`
`C C
`Bionnetric
`Database
`
`C D
`Bornetric
`Database
`
`U.S. Patent
`
`Feb. 9, 1999
`
`Sheet 1 of 16
`
`5,870,723
`
`2
`
`Internet
`
`Coble TV
`Set-top box
`
`Cable TV
`Seller
`
`|C. /
`erriff G
`
`Phone
`Seller
`
`Retail POS
`Termind/
`
`Registration
`Termind/
`
`Support
`Terrnind/
`
`Cable TV
`Wet Wor
`
`
`
`3.
`2
`Telephone
`Network
`
`As
`2
`74cquirer
`Networks
`3.
`
`2
`
`2
`
`Moster
`
`4
`
`4
`
`MC issuer
`Network
`
`VISA issuer
`Network
`
`Credit/Debit
`Issuer
`
`Credit/Debit
`Issuer
`
`FIG f
`
`IPR2018-00067
`Unified EX1004 Page 2
`
`
`
`U.S. Patent
`
`Feb. 9, 1999
`
`Sheet 2 of 16
`
`5,870,723
`
`DPC
`
`issuer
`Database
`
`Rernote
`Seller
`Database
`
`Authorized
`Individual
`Database
`
`
`
`
`
`
`
`
`
`
`
`
`
`7
`
`MAC
`Module
`
`Sequence
`Number
`Module
`
`Message
`Decrypt
`Module
`
`Cached Data
`fronn
`VAD + AOD
`
`DUKPT
`Key Table
`
`Firewol/
`Mochine
`
`Gateway
`Mochine
`
`
`
`Prior Froud
`Database
`
`PIN Group
`
`10
`
`
`
`
`
`Bornetric
`Database
`
`Bornetric
`Database
`
`Bornetric
`Database
`
`FIG 2
`
`IPR2018-00067
`Unified EX1004 Page 3
`
`
`
`U.S. Patent
`
`Feb. 9, 1999
`
`Sheet 3 of 16
`
`5,870,723
`
`G l ~~
`
`
`
`
`
`
`
`
`
`
`
`
`
`301/100 ?ndu? ou?auuongOZ
`
`IPR2018-00067
`Unified EX1004 Page 4
`
`
`
`US. Patent
`
`Feb. 9, 1999
`
`Sheet 4 0f 16
`
`5,870,723
`
`
`
`EN20%kath
`
`£qu
`
`mummmm:
`
`:68ng
`
`«Smmuummm3“20.5%:
`
`
`
`
`
`mmommm:EEK
`
`25muommm:
`
`
`
`gmoEzz853mm.
`
`oEmEQm
`
`9x3
`
`memm
`
`IIIR
`kamacaw:
`Aukmmtonmkl
`«3E§S
`bfiqbutm
`
`muommm:
`
`
`
` cotoomtotBEmEEOQHSEQ
`
`
`
`9%:\5BS5-ta:83¢th
`
`kaEDCmot®3~®m
`
`38¢ch
`
`
`
`Amkmmconmm
`
`
`
`mmummmiEASE
`
`.33:3.6:
`
`wkKlkbq
`
`
`
`9“:963030
`
`
`
`mocmaumm30be
`
`53:32
`
`mmommmfimuommm:
`
`
`
`cotEmtmw
`
`mEEEou
`
`V.GE
`
`|PR2018-00067
`
`Unified EX1004 Page 5
`
`IPR2018-00067
`Unified EX1004 Page 5
`
`
`
`
`
`
`
`
`
`
`
`
`US. Patent
`
`5,870,723
`
`$252S338onamagmasI«mgqbgmV2E
`gEgtm
`
`mmmgbbv‘QmEoZ
`
`
`
`notowtofisv‘
`
`tam?
`
`UV:
`
`83mm
`
`
`
`20.6%“:\82El
`
`
`
`m..N$.0mmm:
`
`Q\@5330ka
`
`
`
`ngEzzmucusrum
`
`uEmEoE
`
`mmtonmm
`
`m33M383:
`
`PSQw.mmommmé%bGE
`55.96823\u.‘EmEEob
`
`
`.0onSEW”Ii9wk.19%il,Am9.when385
`
`«bmwkmwfimg2Ew:Smb83%FcpcuNtofiav‘9.x:
`x3muummmE«b03595.Vmmmwrnow:
`
`
`
`5.3%:ch\EEmEEob
`
`mmommmi
`
`BSEE
`
`BoQ
`
`m.GE
`
`|PR2018-00067
`
`Unified EX1004 Page 6
`
`IPR2018-00067
`Unified EX1004 Page 6
`
`
`
`
`
`
`
`U.S. Patent
`
`Feb. 9, 1999
`
`Sheet 6 of 16
`
`5,870,723
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`Begin Encryption
`Gt BIA
`
`Sequence
`Nurnber
`
`Retrieve
`Sequence Number
`
`Generate next
`LUKPT Key using
`Sequence Number
`
`Encrypt Message
`Data using
`DUKPT Key
`
`CO/Culote MAC
`using MAC Key
`
`Set MAC field
`in message
`
`
`
`Update
`Sequence Number
`
`Encryption at
`BIA Complete
`
`FIG. 7
`
`IPR2018-00067
`Unified EX1004 Page 7
`
`
`
`US. Patent
`
`Feb. 9, 1999
`
`Sheet 7 0f 16
`
`5,870,723
`
`SRagga:
`
`
`
`295$.383$
`
`.25gamma:
`
`QQQu@333
`
`.28ybquSmm
`
`Eat<5SSE
`
`3333
`
`Q99531
`
`963::
`
`kmnEazmoan:.mm
`
`
`gunsazmuzmgmm«Em:A2m2.86%?
`auxEsq:8:6SE
`53:5853%823qu
`
`
`
`km.E:8553
`
`SSuits:
`
`
`
`
`
`mmommmE~96qu«9%
`
`
`
`tozoumtut\EEmEEoQ
`
`
`
`mmommmx‘Nunavut
`
`kgmmEmEmt
`
`
`
`”2283‘36:25
`
`98mmQov‘Eat
`
`£3§§EB35qu
`
`393:89%.6
`
`2E
`
`\mkmwcoqmmk
`
`Aukmacaw»:
`
`whom63m.
`
`
`
`go».9‘:303039
`
`3Ԥ3.6:muwmmE
`
`Ex:EuEco
`
`muommmESPEPE9‘5.5
`
`am:9.:
`
`Qimm
`
`Pack9:
`
`0.35265ukaSQ.5ka
`
`
`
`58‘mBEAuk
`
`0.x:
`
`mémmmESwhen
`ismmH£§Baumm3
`
`
`vacuum:aQSim.Eucuctmmuqfloq
`Boa2383‘30$
`323%Stag9him323%
`
`Sm:SSSwhenmemfi$55
`
`m.GE
`
`|PR2018-00067
`
`Unified EX1004 Page 8
`
`IPR2018-00067
`Unified EX1004 Page 8
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`US. Patent
`
`Feb. 9, 1999
`
`Sheet 8 0f 16
`
`5,870,723
`
`
`
`«Aukumtoowum»
`
`
`
`.8qu85uwuk.E09
`
`uuuuuux.
`
`EuQ
`
`>5qucohuNtufiav‘
`
`Suuu:o:u~.to£:<
`
`
`ubob809:1
`
`muou2.3m
` tuzuuucutEEuEEuQ%Bum
`
`
`
`umuuuu:
`
`
`
`3.5m:k803i
`
`uqbuuuumu:
`
`
`
`uunEzzuutuzuumS29%qu
`
`uEqukm
`
`H
`
`Euum
`
`umuuuu:untoQuuk
`
`SumbaaEASE
`
`QQQMu
`
`
`uncookuukEASFQ
`Auwkuutoquuk
`Sm:Sub
`
`03“uwukzukuu
`
`uk93.Su:
`
`«ukukxutkAuk
`uuuuuu:Sm:
`
`£3EASE
`
`
`
`Rut9x:“um.
`
`Euukkuml3$3
`
`Begum9:
`
`ESQ
`
`wasA“:
`
`KunEuZuucuzuumS33.0qu
`
`336%?
`umunSuQ
`
`big
`
`«33
`
`umuuuukeBum.otuRAGE
`
`Una“uuntoQuum
`
`
`
`uuumuu:uncuqmuk
`
`
`
`:ocuuugtBkuquEou%
`
`«Aukumumuué
`b89905
`
`
`
`m..GE
`
`|PR2018-00067
`
`Unified EX1004 Page 9
`
`IPR2018-00067
`Unified EX1004 Page 9
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`U.S. Patent
`
`Feb. 9, 1999
`
`Sheet 9 of 16
`
`5,870,723
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`Protocol Version
`Message Type
`Hardware ID
`Sequence Number
`Biometric Samples
`
`PIN
`Mandatory
`Dato
`Optional
`Data
`MAC
`Registration Message
`
`
`
`
`
`
`
`
`
`
`
`Primary
`Bionnetric
`sample
`Secondary
`Bonnetric
`sample
`
`Private Code
`Account
`Index
`Code List
`
`Account
`Nurnber
`List
`Emergency
`Index Code
`IBD Record
`
`FIG 10
`
`Individual
`Bionnetric
`Database
`(IBD)
`
`Begin
`Registration
`
`Encryption/Sealing
`Process of BA
`(Fig. 7)
`Decryption/Validation
`Process at DPC
`(Fig. 8)
`
`Store Bionnetric and
`P/W in IBD Record
`in proper PIN basket
`
`
`
`Store Private
`Code and Other
`Optional data
`
`Retrieve
`Private Code
`
`Encryption/Sealing
`Process at DPC
`(Fig. 9)
`
`Display
`Results
`
`Registration
`Complete
`
`IPR2018-00067
`Unified EX1004 Page 10
`
`
`
`U.S. Patent
`
`Feb. 9, 1999
`
`Sheet 10 of 16
`
`5,870,723
`
`Begin Commercial
`Transaction
`
`Forrn Cornrnercial
`Transaction
`Message
`
`Encryption/Sealing
`Process of BIA
`(Fig. 7)
`Decryption/Walidation
`Process at DPC
`(Fig. 8)
`
`Bornetric ID
`Process
`(Fig. 12)
`
`Protocol Version
`Message lype
`Hardware ID
`Sequence Number
`
`Bionnetric
`
`PIN
`Account Index Code
`Response Key
`Message Key
`Seller Code
`Message
`Data
`
`Get Account Nurnber
`from IBD using
`Account Index Code
`
`MAC
`Cornrnercial Transaction
`Message
`
`Index Code the N YES
`Emergency Index
`
`
`
`
`
`Emergency
`Code Process
`(Fig. 13)
`
`DPC Transaction
`Execution
`(Figs. 14-15)
`
`Response Message
`Construction
`(Fig. 16)
`Encryption/Sealing
`Process at DPC
`(Fig. 9)
`
`Biometrics
`PIN
`
`4:2:
`Code List
`
`
`
`Account
`Nurnber
`List
`Emergency
`Index Code
`Private Code
`IBD Record
`IBD Record
`
`
`
`individual
`Bionnetric
`Database
`(IBD)
`
`FIG ff
`
`Connercial
`Transaction
`Complete
`
`IPR2018-00067
`Unified EX1004 Page 11
`
`
`
`US. Patent
`
`w
`
`5,870,723
`
`~56ngBugSQ
`
`
`
`«“55mmummmé
`
`983681
`
`
`
`ngEzz853mm
`
`880iQotEEoE£me
`
`92Eg8EVRDQM.3meonS8.35505h\\0ngmM
`
`umtoqakSEmeonEmotSt?amEQEo%3Q.g~.Q\\u
`Auk
`
`
`
`mubmmmESoEmEoB pmmwcmmméDmkawm@009gmhmm%Aukgamma:
`
`
`mESQ«5on
`
`SEEKQoEmEQmm3
`
`Be§ss
`
`MEEEQE
`
`mmoQBoQ
`
`nss
`
`m.
`
`MEmEoE
`
`Ev‘moc2E
`
`IIoEmEoE
`oEmEoE
`
`
`
`Si
`
`EOQBSEE
`
`
`
`20.3855EGSEES
`
`mmommm:
`
`
`
`3&QEQQ$8ch903,0255
`
`N5:32commie.
`
`£3me
`
`muMKK
`
`|PR2018—OOO67
`
`Unified EX1004 Page 12
`
`IPR2018-00067
`Unified EX1004 Page 12
`
`
`
`
`
`
`
`
`
`
`
`
`US. Patent
`
`Feb. 9, 1999
`
`Sheet 12 0f 16
`
`5,870,723
`
`Aoq:8gmxzmh35‘5me38$
`
`
`
`mmmuozmmESm:av
`
`Snack,5
`
`33$
`
`«33m?
`
`
`
`\oEmwxmSmmm
`
`
`
`5&3me:ohuomtot
`
`889i
`
`333:8
`
`
`
`tonnage:\oEmwxm
`
`
`
`mmommmEEgo?
`
`“\Emzot
`
`
`
`Ego?teammate:
`
`muommmE
`
`
`
`bmt.\EmcE.~£3me
`
`9%e«8e
`
`gmamfl
`
`«6:32
`
`
`
`:oboomcut$.5qu
`
`
`
`whentam:
`
`
`
`5.5820:.05qu
`
`mmummmE8:0qu2when
`
`tam:
`
`BEflxm.
`
`
`
`cotaomxm:otoomcut
`
`
`
`EmEEobmmmooi
`
`3GE
`
`2.3mm.
`
`Ego?Ema
`
`mEmmmoEm
`
`Ema,
`
`
`
`EKD\V\wtmhlm.
`
`€02
`
`mmctofisv‘
`
`983$
`
`
`
`coauomtotEu$t<
`
`mtoxwotfis
`
`S02
`
`2:Bism
`
`ES?Ema,
`
`
`
`mick38¢ch
`
`
`
`whenfight
`
`ESEEma.
`
`uSmmmoEl
`
`9532.60
`
`mgGE
`
`|PR2018—OOO67
`
`Unified EX1004 Page 13
`
`IPR2018-00067
`Unified EX1004 Page 13
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`U.S. Patent
`
`Feb. 9, 1999
`
`Sheet 13 of 16
`
`5,870,723
`
`Reject
`transOction
`
`
`
`
`
`Begin Internal
`Transaction Execution
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`Does
`armount
`exceed balance
`available to
`buyer?
`
`Transfer armount
`from buyer account
`to seller account
`
`Accept
`transaction
`
`Append transaction
`result code to
`response message
`
`
`
`
`
`
`
`Internal
`Transaction Execution
`Complete
`
`FIG 15
`
`IPR2018-00067
`Unified EX1004 Page 14
`
`
`
`U.S. Patent
`
`Feb. 9, 1999
`
`Sheet 14 of 16
`
`5,870,723
`
`Response Message
`Construction
`
`
`
`
`
`
`
`
`
`
`
`
`
`Buyer
`Identified?
`
`
`
`Transaction
`succeeded?
`
`Set
`Status Code: OK
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`Append authorization
`status and authorization
`detail to Response
`
`Set Norne de Address
`if Send-Address
`indicator present
`in Transaction
`
`Retrieve Private Code
`fronn IBD Record
`and set field in
`response message
`
`
`
`
`
`
`
`
`
`
`
`
`
`Response Message
`Construction Complete
`
`
`
`Error Message: 'buyer
`not identified"
`Status Code: foiled
`
`Set Error: "transaction
`failed"
`Status Code foiled
`
`Status Code
`Error Message
`Authorizotion
`status
`
`Authorization
`detail
`
`Norne & Address
`
`Private
`Code
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`MAC
`CornrnerCiol Transaction
`Response Message
`
`FIG. f6
`
`IPR2018-00067
`Unified EX1004 Page 15
`
`
`
`U.S. Patent
`
`Feb. 9, 1999
`
`Sheet 15 of 16
`
`5,870,723
`
`
`
`PROPOSAL STEP
`Seller Proposes Transaction
`including Seller ID info, Transaction
`Amount and Transaction Data
`
`PRESENTATION STEP
`Indicate
`Transaction Cancelled
`to Buyer and Seller
`
`PRESENTATION STEP
`Indicate
`Transaction Failed
`to Buyer and Seller
`
`
`
`
`
`Buyer Accept2
`
`NO
`
`YES
`ACCEPTANCE STEP
`Buyer Enters
`Biometric, PIN
`
`TRANSMISSION STEP
`Transnission forwarded
`to computer system
`
`BUYER IDENTIFICATION STEP
`Biometric and PIN compared
`With other Borretric-PIN
`records on system
`
`
`
`
`
`ldentification NO
`Successful?
`
`YES
`PAYMENT STEP
`Money moved from
`Buyer Account to
`Seller Account
`
`PRESENTATION STEP
`Indicate
`Transaction Success
`to Buyer and Seller
`
`FIG. 17
`
`
`
`
`
`
`
`
`
`
`
`IPR2018-00067
`Unified EX1004 Page 16
`
`
`
`U.S. Patent
`
`Feb. 9, 1999
`
`Sheet 16 of 16
`
`5,870,723
`
`FIG. 18
`PROPOSAL STEP
`Seller Proposes
`Transaction Armount
`
`
`
`
`
`Does Buyer
`Approve?
`
`PRESENTATION STEP
`Indicate
`Transaction Cancelled
`to Buyer and Seller
`
`
`
`
`
`
`
`
`
`
`
`
`
`Yes
`ACCEPTANCE STEP
`Buyer Enters
`Biometric, PINAccount Index Code,
`transmits transaction to system
`
`BUYER DENTIFICATION STEP
`Biometric and PIN compared
`with other Borretric-PIN
`records on system
`
`ldentification
`Successful?
`
`No
`
`
`
`PRESENTATION STEP
`Indicate
`Transaction Failed
`to Buyer and Seller
`
`Yes
`ACCOUNT RETRIE VAL STEP
`Retrieve financial account
`using Account Index Code
`
`
`
`
`
`ls
`Account Index Code
`Emergency
`Code?
`
`Yes Notify Authorities;
`Trigger Silent Alarm
`
`RESOURCE DETERMINATION STEP
`Retrieve account balance,
`check resources against
`transaction amount
`
`
`
`
`
`
`
`
`
`account?
`
`PRESENTATION STEP
`Indicote
`Transaction Failure
`to Buyer and Seller,
`Present Private Code
`
`Yes
`PAYMENT STEP
`Money moved from Buyer Account
`to Seller Account
`
`
`
`
`
`PRESENTATION STEP
`Indicate
`Transaction Success
`to Buyer and Seller,
`Present Private Code
`
`Wo
`
`Silent
`Aldrrn?
`
`
`
`Yes
`
`PRESENTATION STEP
`Indicote
`Transaction Success
`to Buyer and Seller,
`Indicate DURESS to Seller
`
`IPR2018-00067
`Unified EX1004 Page 17
`
`
`
`1
`TOKENLESS BIOMETRIC TRANSACTION
`AUTHORIZATION METHOD AND SYSTEM
`
`The present application is a continuation-in-part of U.S.
`patent application Ser. No. 08/442,895, filed May 17, 1995,
`now U.S. Pat. No. 5,613,012, which is a continuation-in-part
`of U.S. patent application Ser. No. 08/345,523, filed Nov.
`28, 1994, now U.S. Pat. No. 5,615,217, which are incorpo
`rated herein by reference.
`BACKGROUND OF THE INVENTION
`The use of a token, an inanimate object which conferS a
`capability to the buyer presenting it, is pervasive in today's
`financial World. Whether a consumer is buying groceries
`with a debit card or Shopping in a department Store with a
`credit card, at the heart of that transaction is a money transfer
`enabled by a token, which acts to identify both the consumer
`as well as the financial account being accessed.
`From their inception in the late 1950s, token-based finan
`cial transactions have grown increasingly more prevalent at
`the point of Sale. However, as token-based transferS have
`become more popular with consumers, they have also
`become more popular with criminals intent on fraud.
`Currently, fraud losses in the industry Stem from many
`different areas, but they are mainly either lost, Stolen, or
`counterfeit cards.
`Credit cards operate without the use of a personal iden
`tification number (PIN). This means that a lost credit card
`can easily be turned into cash if the card falls into the wrong
`hands. While theft of a token constitutes the majority of
`fraud in the System, fraud from counterfeit credit cards is
`rising rapidly. Counterfeit credit cards are manufactured by
`a more technically Sophisticated criminal who acquires a
`cardholder's valid account number, produces a valid
`looking counterfeit card, encodes the magnetic Strip, and
`embosses the counterfeit plastic card with the account
`number. The card is then repeatedly presented to merchants
`until the account's credit limit is reached. Another form of
`loSS is caused by a criminal Seller or his employees who
`Surreptitiously obtains the cardholder's account number and
`enter fictitious transactions against the card and then take
`cash out of the till. It is estimated that losses due to all types
`of fraud exceeds one billion dollars annually.
`Generally, debit cards are used in conjunction with a
`personal identification number (PIN). Lost debit cards do
`not generally result in fraud, unless the owner of the card
`wrote his PIN on the card. Furthermore, successfully coun
`terfeiting a debit card is more difficult than with a credit
`card, Since the criminal must acquire not only the account
`number, but also the PIN, and then manufacture the card as
`in the credit card example. However, various Strategies have
`been used to obtain PINs from unwary cardholders; these
`range from Trojan horse automated teller machines (ATMs)
`in shopping malls that dispense cash but record the PIN, to
`fraudulent Seller point of Sale devices that also record the
`PIN, to criminals with binoculars that watch cardholders
`enter PINs at ATMs. The subsequently manufactured coun
`terfeit debit cards are then used in various ATM machines
`until the unlucky account is emptied.
`Customer fraud, for both credit and debit cards, is also on
`the rise. Customers intent on this sort of fraud will claim that
`they lost their card, say that their PIN was written on the
`card, and then withdraw money from their account using
`card, and then refuse to be responsible for the loss. The
`financial industry is well aware of the trends in fraud, and is
`constantly taking Steps to improve the Security of the card.
`
`5
`
`15
`
`25
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`5,870,723
`
`2
`However, the linkage between the buyer and his token is
`tenuous, and that is the fundamental reason behind card
`fraud today
`One possible Solution to Stolen-card fraud involves plac
`ing PIN protection for magnetic Stripe credit cards, much as
`debit cards have PINs today. This will raise the administra
`tive costs for each card, Since cardholders will undoubtedly
`wish to select their own PIN for each of their 3.4 cards. In
`addition, this solution still doesn't address the problem of
`counterfeit cards.
`Another Solution that solves both stolen-card fraud and
`greatly reduces counterfeit-card fraud involves using a
`Smartcard that includes either a biometric or a PIN. In this
`approach, authenticated biometricS are recorded from a user
`of known identity and Stored for future reference on a token.
`In every Subsequent acceSS attempt, the user is required to
`physically enter the requested biometric, which is then
`compared to the authenticated biometric on the token to
`determine if the two match in order to verify user identity.
`Various biometrics have been Suggested, Such as
`fingerprints, hand prints, Voice prints, retinal images, hand
`Writing Samples and the like. However, because the biomet
`rics are generally stored in electronic (and thus reproducible)
`form on a token and because the comparison and Verification
`process is not isolated from the hardware and Software
`directly used by the buyer attempting access, a significant
`risk of fraud Still exists. Examples of this approach to System
`security are described in U.S. Pat. Nos. 4,821,118 to Lafre
`niere; 4,993,068 to Piosenka et al.; 4.995,086 to Lilley et al.;
`5,054,089 to Uchida et al.; 5,095,194 to Barbanell; 5,109,
`427 to Yang; 5,109,428 to Igaki et al.; 5,144,680 to Koba
`yashi et al.; 5,146,102 to Higuchi et al.; 5,180,901 to
`Hiramatsu; 5,210,588 to Lee; 5,210,797 to Usui et al.;
`5,222,152 to Fishbine et al.; 5,230,025 to Fishbine et al.;
`5,241,606 to Horie; 5,265,162 to Bush et al.; 5,321,242 to
`Heath, Jr.; 5,325,442 to Knapp; 5,351,303 to Willmore, all
`of which are incorporated herein by reference.
`An example of another token-based biometric Smartcard
`system can be found in U.S. Pat. No. 5,280,527 to Gullman
`et al. In Gullman's System, the user must carry and present
`a credit card sized token (referred to as a biometric Security
`apparatus) containing a microchip in which is recorded
`characteristics of the authorized user's voice. In order to
`initiate the access procedure, the user must insert the token
`into a terminal Such as an ATM, and then Speak into the
`terminal to provide a biometric Sample for comparison with
`an authenticated Sample Stored in the microchip of the
`presented token. If a match is found, the remote terminal
`Signals the host computer that the transaction should be
`permitted, or may prompt the user for an additional code,
`Such as a PIN which is also stored on the token, before
`authorizing the transaction.
`Although Gullman's reliance of comparison biometrics
`reduces the risk of unauthorized acceSS as compared to PIN
`codes, Gullman's use of the token as the repository for the
`authenticating data combined with Gullman's failure to
`isolate the identity verification proceSS from the possibility
`of tampering greatly diminishes any improvement to fraud
`resistance resulting from the replacement of a numeric code
`with a biometric. Further, the System remains inconvenient
`to the consumer because it too requires the presentation of
`a token in order to authorize a transaction.
`Uniformly, the above patents that disclose commercial
`transaction Systems teach away from biometric recognition
`without the use of tokens. Reasons cited for Such teachings
`range from Storage requirements for biometric recognition
`
`IPR2018-00067
`Unified EX1004 Page 18
`
`
`
`3
`Systems to Significant time lapses in identification of a large
`number of individuals, even for the most powerful comput
`CS.
`Unfortunately, any Smartcard-based System will cost Sig
`nificantly more than the current magnetic Stripe card Systems
`currently in place. A PIN Smartcard costs perhaps S3, and a
`biometric Smartcard will cost S5. In addition, each point of
`Sale Station would need a Smartcard reader, and if biometrics
`are required, a biometric Scanner will also have to be
`attached to the reader as well. With 120 million cardholders
`and 5 million Stations, the initial conversion cost is from two
`to five times greater than the current annual fraud losses.
`This large price tag has forced the industry to look for new
`ways of using the power in the Smartcard in addition to
`Simple commercial transaction. It is envisioned that in
`addition to Storing credit and debit account numbers and
`biometric or PIN authentication information, Smart cards
`may also store phone numbers, frequent flyer miles, coupons
`obtained from Stores, a transaction history, electronic cash
`uSable at tollbooths and on public transit Systems, as well as
`the buyer's name, Vital Statistics, and perhaps even medical
`records.
`The net result of “smartening” the token is centralization
`of function. This looks good during design, but in actual use
`results in increased Vulnerability for the consumer. Given
`the number of functions that the Smartcard will be
`performing, the loSS or damage of this monster card will be
`excruciatingly inconvenient for the cardholder. Being with
`out Such a card will financially incapacitate the cardholder
`until it is replaced. Additionally, losing a card full of
`electronic cash will also result in a real financial loSS as well.
`Thus, after Spending vast Sums of money, the resulting
`system will definitely be more secure, but will result in
`heavier and heavier penalties on the consumer for destruc
`tion or loSS of the card.
`To date, the consumer financial transaction industry has
`had a simple equation to balance: in order to reduce fraud,
`the cost of the card must increase. As a result, there has long
`been a need for a commercial transaction System that is
`highly fraud-resistant, practical, convenient for the
`consumer, and yet cost-effective to deploy.
`There is also a need for a commercial transaction System
`that uses a strong link to the perSon being identified, as
`opposed to merely verifying a buyer's possession of any
`physical objects that can be freely transferred. This will
`result in a dramatic decrease in fraud, as only the buyer can
`authorize a transaction.
`A further need in a commercial transaction System is
`ensuring consumer convenience by providing authorization
`without forcing the consumer to possess, carry, and present
`one or more proprietary objects in order to authorize a
`transaction. All parties intent on fighting fraud recognize
`that any System that Solves the fraud problem must take the
`issue of convenience into account, however the fundamental
`yet unrecognized truth of the Situation is, the card itself can
`be very inconvenient for the consumer. This may not be
`initially obvious, but anyone who has lost, left at home, or
`had a card Stolen knows well the keenly and immediately
`felt inconvenience during the cards absence.
`Yet another need in the industry is for a transaction System
`that greatly reduces or eliminates the need to memorize
`multiple or cumberSome codes. Such a System must allow a
`user to acceSS all of his accounts, procure all Services to
`which he is entitled, and carry out transactions in and
`between all financial accounts, make point of purchase
`payments, etc.
`
`15
`
`25
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`5,870,723
`
`4
`There is further a need for a commercial transaction
`System that affords a consumer the ability to alert authorities
`that a third party is coercing the transaction without the third
`party being aware that an alert has been generated. There is
`also a need for a System that is nevertheless able to effect,
`unknown to the coercing third party, temporary restrictions
`on the types and amounts of transactions that can be under
`taken.
`Lastly, such a system must be affordable and flexible
`enough to be operatively compatible with existing networks
`having a variety of electronic transaction devices and System
`configurations.
`SUMMARY OF THE INVENTION
`The present invention Satisfies these needs by providing
`an improved commercial transaction method between a
`buyer and a Seller using a computer System that comprises
`the following StepS.
`First, there is a buyer registration Step where a buyer
`registers a PIN, at least one biometric Sample, and at least
`one buyer financial account. Each financial account has an
`asSociated account indeX code that is assigned by the buyer
`during registration. The biometric samples, the PIN, the
`financial accounts, and the indeX codes are Stored in the
`computer System
`Then, the Seller is registered in a Seller registration Step.
`The Seller registers at least one financial account with the
`computer System, and is given a Seller identification code.
`Once both buyer and Seller are registered, transactions can
`take place. A Seller offers a proposed commercial transaction
`to a buyer in a proposal Step, describing the product or
`Service being Sold, the price, and the Seller's identification
`code.
`The buyer can then accept the proposed transaction in an
`acceptance Step by adding his buyer's personal authentica
`tion information to the commercial transaction proposed by
`the seller. The authentication information includes the buy
`er's biometric sample and a PIN. In addition, the buyer must
`Submit his account indeX code, which specifies which of the
`buyer's financial accounts to debit. This accepted transac
`tion is called a commercial transaction, which is forwarded
`to the computer System in a transmission Step.
`After receiving the commercial transaction, the computer
`System attempts to identify the buyer. The computer System
`compares the biometric samples and the PIN added by the
`buyer to the commercial transaction with previously regis
`tered biometric samples and PINs in a buyer identification
`Step. If a match is found, the buyer is identified Successfully,
`otherwise the buyer is not identified and the transaction fails.
`Once the buyer is identified, the computer System in a
`payment Step determines the financial account of the buyer
`using the buyer's account indeX code as well as the financial
`account of the Seller using the Seller identification code, both
`of which are provided by the commercial transaction. Once
`both accounts are identified, the computer System debits the
`account of the buyer and credits the account of the seller. If
`there are insufficient resources in the buyer's financial
`account, the transaction fails.
`In an alternate embodiment, the computer System con
`Structs a transaction given the buyer and Seller financial
`accounts, the transaction amount, and the associated trans
`action information, and forwards the transaction to an exter
`nal computer System, Such as one operated by VISA
`International, where the money transfer occurs and any
`Status of Success or failure returned by the external computer
`System is forwarded by the computer System to the buyer
`and Seller.
`
`IPR2018-00067
`Unified EX1004 Page 19
`
`
`
`S
`When the computer System completes an operation, Such
`as a registration of a buyer or a Seller, or a particular
`transaction Succeeds or fails, a presentation Step provides the
`results of the operation to the buyer and/or the seller.
`In this manner, commercial transactions are conducted
`without the buyer having to use any portable man-made
`memory tokens Such as Smartcards or magnetic Stripe cards.
`In a preferred embodiment of the invention, the identifi
`cation Step occurs in less than two Seconds, which is a
`commercially acceptable timeframe.
`For situations where the buyer is coerced into making a
`transaction, an embodiment of the invention provides a
`mechanism for a buyer to Signal that the transaction is being
`performed under dureSS. Multiple emergency methods are
`provided. One method is an emergency account indeX code
`which, when employed by the buyer during the acceptance
`Step, allows the transaction to proceed, but in addition sends
`a Silent alarm to the authorities during the payment Step. The
`other method allows the buyer to select an emergency PIN
`which, when entered during the acceptance Step and detected
`by the computer System during the buyer identification Step,
`results in a Successful transaction while at the same time
`Sending a Silent alarm.
`In both emergency methods, the buyer can specify the
`Steps that the computer System will take or cause to be taken
`when a Silent alarm occurs, including placing artificial
`financial resource limits on the buyer's accounts, the pre
`Sentation of false information or financial data, the presen
`tation of a different private code at the end of the transaction,
`the rejection of the transaction, the notification of the alarm
`to the authorities, or the notification of the alarm to the seller.
`In Some situations, it may be possible for people intent on
`fraud to Substitute fake transaction Stations for actual trans
`action Stations in order to capture an unsuspecting buyer's
`biometric and PIN. To counter this, another embodiment of
`the invention provides a way for the buyer to authenticate
`the System. During registration, the buyer Selects a private
`code in addition to biometric, PIN, financial accounts