United States Patent
`Weiss
`[45] Date of Patent:
`Jan. 19, 1988
`
`[19]
`
`[11] Patent Number:
`
`4,720,860
`
`[54] METHOD AND APPARATUS FOR
`POSITIVELY IDENTIFYING AN
`INDIVIDUAL
`
`[75]
`
`Inventor: Kenneth P. Weiss, Boston, Mass.
`
`[73] Assignee:
`
`Security Dynamics Technologies,
`Inc., Cambridge, Mass.
`
`[211 App]. N0.: 676,626
`
`[22] Filed:
`
`Nov. 30, 1984
`
`Int. 0.4 ............................................... H04L 9/00
`[51]
`[52] US. Cl. ........................................ 380/23; 380/25;
`380/28; 380/48
`[58] Field of Search ............... 178/2208, 22.09, 22.17;
`364/900; 235/380, 382; 380/23—25, 28, 43, 44,
`48
`
`[56]
`
`References Cited
`U.S. PATENT DOCUMENTS
`
`3,806,874 4/1974 Ehrat ................................ l78/22.08
`4,145,568 3/1979 Ehrat
`178/22.08
`
`4,145,569 3/1979 Ehrat
`178/2217
`...... 364/900
`4,277,837 7/1981 Stuckert
`
`.. 235/380
`4,295,039 10/1981 Stuckert
`4,302,810 11/1981 Bouricius et al.
`.
`178/2208
`
`4,471,216 9/1984 Herve ...................... 235/380
`
`178/2208
`4,536,647
`8/1985 Atalla et al.
`
`4,578,530 3/1986 Zeidler ......
`380/25
`
`4,599,489 7/1976 Cargile ......
`380/25
`4,609,777 9/1986 Cargile .................................. 380/25
`
`Primary Examiner—Salvatore Cangialosi
`Assistant Examiner—Aaron J. Lewis
`
`Attorney, Agent, or Firm—Wolf, Greenfield & Sacks
`
`[57]
`
`ABSTRACT
`
`An apparatus for the electronic generation and com-
`parision of non-predictable codes. The appartus of the
`invention comprises a first mechanism for calculating a
`first non-predictable code according to a predetermined
`algorithm, the first mechanism for calculating including
`a first mechanism for inputting a unique static variable
`into the predetermined algorithm; a first mechanism for
`automatically defining a first dynamic variable accord-
`ing to the interval of time in which the first mechanism
`for inputting is activated, the first mechanism for auto-
`matically defming including a mechanism for automati-
`cally making the first dynamic variable available to the
`predetermined algorithm of the first mechanism for
`calculating; a second mechanism for calculating a sec-
`ond non-predictable code according to the precleter=
`mined algorithm, the second mechanism for calculating
`including a second mechanism for inputting the unique
`static variable into the predetermined algorithm; a sec-
`ond mechanism for automatically defining a second
`dynamic variable according to the interval of time in
`which the second mechanism for inputting is activated,
`the second mechanism for automatically defining in-
`cluding a mechanism for automatically making the sec-
`ond dynamic variable available to the predetermined
`algorithm of the second mechanism for calculating; and
`a mechanism for comparing the first non-predicatable
`code with the second non-predictable code.
`
`3 Claims, 3 Drawing Figures
`
`l T
`
`
`COMPUTER
`
`
` I
`
`IST NON-
`2ND NON-
`ACCESS
`
` c2
`
`PRED
`PREDICTABLE
`CONTROL
`
`
`
`CODE
`MEANS
`CODéCTABIj
`
`I ST
`2ND
`DYNAMIC
`DYNAMIC
`
`VARIABLE
`
`
`VARIABLE
`
`COMPARISON
`OF
`
`NON-PREDICTABLE
`CODE
`
`
`
`CLEATRANCE
`ACCESS
`
`
`1 of 10
`
`loflO
`
`APPLE 1133
`
`APPLE 1 133
`
`

`

`US. Patent
`
`Jan. 19,1988
`
`Sheet 1 of3
`
`4,720,860
`
`20
`
`
`
`IST
`COMPUTER
`
`
`IST NON-
`2ND NON-
`ACCESS
`
`. PREDICTABLE
`PREDICTABLE
`CONTROL
`
`
`
`CODE
`MEANS
`CODE
`
`
`
`IST
`
`DYNAMIC
`
`
`VARIABLE
`
`
`2ND
`DYNAMIC
`VARIABLE
`
`
`
`60
`
`
`COM PSEISON
`
`
`NON-PREDICTABLE
`CODES
`.
`
`80
`
`
`
`CLEARANCE
`OR
`ACCESS
`
`FIGI
`
`2 of 10
`
`20f10
`
`

`

`US. Patent
`
`Jan. 19,1988
`
`Sheet 2 of3
`
`4,720,860
`
`50
`
`
`
`
`IDSEITEBIgIABLE
`0%CNCTESSL
`'ST
`
`
`
`
`MEANS
`COMPUTER
`CODE
`
`
`
`
`
`
`
`
`IST
`2ND
`
`
`DYNAMIC
`3O
`DYNAMIC
`60
`
`VARIABLE
`VARIABLE
`
`
`
` CLEARANCE
`
`OR
` 90
`ACCESS
`
`FIGIA
`
`3 of 10
`
`30f10
`
`

`

`US. Patent
`
`Jan. 19,1988
`
`Sheet 3 of3
`
`4,720,860
`
`
`
`4 of 10
`
`40f10
`
`

`

`1
`
`4,720,860
`
`2
`predictable code according to the predetermined algo-
`rithm, the second means for calculating including a
`second means for inputting the static variable into the
`predetermined algorithm; a second means for automati-
`cally defining a second dynamic variable according to
`the interval of time in which the second means for in-
`putting is activated, the second means for automatically
`defining including means for automatically making the
`second dynamic variable available to the predetermined
`algorithm of the second means for calculating; and, a
`means for comparing the first non-predictable code
`with the second non-predictable code.
`The first means for calculating preferably comprises a
`first computer loaded with a first program for carrying
`out the predetermined algorithm and the first computer
`preferably comprises a microprocessor wherein the first
`program is stored in a volatile dynamic memory encap-
`sulated with an energizing means which when inter-
`rupted destroys all data including the program and the
`static variable input into the first program. Most prefer-
`ably all data, programs, and results of operation are
`stored in the volatile dynamic memory.
`The first means for automatically defining the first
`dynamic variable preferably comprises a time keeping
`means which automatically makes the first dynamic
`variable available to the predetermined algorithm. At
`the moment the static variable is input into the algo-
`rithm, the first dynamic variable is defined according to
`the interval of time in which the static variable is input.
`The first means for automatically defining preferably
`includes means for automatically making the the first
`dynamic variable available to the algorithm of the first
`computer.
`The second means for calculating preferably com-
`prises an access control means which is loaded with a
`second program for carrying out the predetermined
`algorithm.
`The second means for automatically defining the
`second dynamic variable typically comprises a time
`keeping means which automatically makes the second
`dynamic variable available to the predetermined algo-
`rithm of the access control means. At the moment the
`static variable is input into the algorithm of the access
`control means, the second dynamic variable is defined
`by the time keeping means according to the interval of
`time in which the static variable is input. The second
`means for automatically defining preferably includes
`means for automatically making the second dynamic
`variable available to the algorithm of the access control
`means.
`
`The apparatus most preferably includes a means for
`immediate sequential communication of the static vari-
`able to the second calculator and the first non-predicta-
`ble code to the means for comparing respectively. The
`second means for calculating preferably includes the
`means for comparing.
`In a most preferred form of the invention, the first
`computer and the first means for automatically defining
`the first dynamic variable are incorporated into a card
`of about the same size as a credit card.
`In accordance with the invention the method for the
`generation and comparison of non-predictable codes
`comprises the steps of: inputting a static variable into a
`first computer including a predetermined algorithm;
`employing the algorithm of the first computer to calcu-
`late a first non-predictable code on the basis of the static
`variable and a first dynamic variable defined by the
`
`METHOD AND APPARATUS FOR POSITIVELY
`IDENTIFYING AN INDIVIDUAL
`
`BACKGROUND OF THE INVENTION
`
`The present invention relates to an apparatus and
`method for the electronic generation of variable, non-
`predictable codes and the validation and comparison of
`such codes for the purpose of positively identifying an
`authorized individual or user of an apparatus or system
`and thereafter giving clearance to carry out a privileged
`transaction or access to a protected system or facility.
`There often arises a need to prevent all but selected
`authorized persons from being able to carryout some
`defined transaction (such as granting of credit) or to
`gain access to electronic equipment or other system,
`facility or data (hereinafter “clearance or access”).
`Prior methods for preventing unauthorized clearance or
`access typically involve devices which limit access to
`the subject data, facility, or transaction to those who
`possess a unique physical device, such as a key or who
`know a fixed or predictable (hereinafter “fixed”) secret
`code. The problem inherent in relying on a fixed code
`or unique physical device as the means to gain such
`selective clearance or access is that would-be unautho-
`rized users need only obtain possession of the fixed code
`or unique device to gain such clearance or access. Typi-
`cal instances of fixed codes are include card numbers,
`user numbers or passwords issued to customers of com-
`puter data retrieval services. The principal object of the
`invention is to provide a practical approach to generat-
`ing identification codes which are unique to the user
`and which change periodically without user interven-
`tion but which provide a readily verifiable means of
`identification for providing clearance or access at any
`time.
`
`SUMMARY OF THE INVENTION
`
`The present invention eliminates the relatively easy
`access afforded to someone who copies or otherwise
`misappropriates a secret “fixed” code by periodically
`generating identification codes by using fixed codes,
`variable data, and a predetermined algorithm which is
`unknown in advance and unknowable outside the ad-
`ministration of the security system even to authorized
`users of the apparatus utilizing the fixed secret code.
`The predetermined algorithm constantly generates new
`unique and verifiable non-predictable codes, which are
`derived from the fixed data and at least one dynamic
`variable, such as the time of day by the predetermined
`algorithm. The constant changes in the dynamic vari—
`ables when processed by the algorithm results in the
`generation of constantly changing non-predictable
`codes.
`
`In accordance with the invention there is provided an
`apparatus for electronic generation, comparison and
`validation of non-predictable codes comprising a first
`means for calculating a first non-predictable code ac-
`cording to a predetermined algorithm, the first means
`for calculating including first means for inputting a
`static variable into the predetermined algorithm; a first
`means for automatically defining a first dynamic vari-
`able according to the interval of time in which the first
`means for inputting is activated, the first means for
`automatically defining including means for automati-
`cally making the first dynamic variable available to the
`predetermined algorithm of the first means for calculat-
`ing; a second means for calculating a second non-
`
`5
`
`10
`
`15
`
`20
`
`25
`
`3O
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`5 of 10
`
`50f10
`
`

`

`»
`
`3
`interval of time in which the step of inputting occurred;
`putting the static variable into an access control means
`independently including the predetermined algorithm;
`using the algorithm of the access control means to inde-
`pendently calculate a second non-predictable code on
`the basis of the static variable and a second dynamic
`variable defined by the interval of time in which the
`step of putting occurred; and comparing the non-
`predictable codes calculated in the steps of using and
`employing wherein the first dynamic variable and the
`second dynamic variable are equivalent so as to gener-=
`ate matching codes from the algorithm only when the
`steps of using and employing occur within the same
`interval of time.
`The step of employing preferably comprises defining
`the first dynamic variable with a time keeping means
`which automatically defines and makes the first dy-
`namic variable available for input into the algorithm of
`the first computer in response to the input of the static
`variable into the first computer. The first dynamic vari-
`able, once defined, is automatically input into the algo-
`rithm of the first computer by conventional electronic
`means. The step of putting preferably further comprises
`communicating the first non-predictable code to a
`means for comparing the first and second non-predicta-
`ble codes within the same interval of time in which the
`step of inputting occurs°
`The step of using preferably comprises defining the
`. second dynamic variable with a time keeping means
`‘ which automatically defines and makes the second dy-
`namic variable available for input into the algorithm of
`the access control means in response to the putting of
`the static variable into the second computer. The sec-
`ond dynamic variable, once defined, is automatically
`input into the algorithm of the access control means by
`conventional electronic means.
`The volatile dynamic memory included in either or
`both of the first computer, the access control means,
`and the means for comparing preferably stores and
`. maintains all programs such as the predetermined algo-
`rithm system operating programs, code comparison
`, programs, and the like; and the volatile dynamic mem-
`ory further preferably stores, maintains and makes
`available for use all data and results of operations such
`as fixed codes, dynamic variables and the like.
`
`'
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`Other objects, features and advantages will be appar-
`ent from the following detailed description of preferred
`embodiments thereof taken in conjunction with the
`accompanying drawings in which:
`FIG. 1 is a block diagram of a basic apparatus and
`method according to the invention for generating and
`comparing non-predictable codes;
`FIG. 1A is a block diagram of a preferred apparatus
`and method for generating and comparing non-predict-
`able codes where a means for comparing non-predicta-
`ble codes is included in a calculator which generates a
`non-predictable code; and
`FIG. 2 is a front isometric view of a credit card sized
`calculator for calculating a first non-predictable code
`for use in gaining clearance or access according to the
`invention.
`
`DETAILED DESCRIPTION OF THE
`INVENTION
`
`The following discussion describes the most pre-
`ferred embodiments of the invention.
`
`4,720,860
`
`4
`In accordance with the invention an authorized per-
`son is provided with a fixed secret code 10, FIGS. 1,
`1A, 2, typically a number, which is unique to that indi-
`vidual. In the case of a credit or bank/cash card 20,
`FIG. 2, that number 10 may be printed on the card itself
`such that if the authorized owner of the card forgets the
`number, it can be quickly retrieved by reference to the
`card or other permanently printed form of the fixed
`code 10. Where the fixed code 10 is provided in perma-
`nent printed form on or in close connection with the
`apparatus of the invention there is also preferably pro-
`vided an additional portion of the fixed code 10 which
`the authorized user memorizes in order to further guard
`against misappropriation of the fixed code. The fixed
`code may alternatively be used to identify an authorized
`terminal which has been issued by the authority presid-
`ing over the granting of clearance or access.
`In order to generate a code which will ultimately
`give the user clearance or access, the fixed code must be
`input into a predetermined algorithm which manipu—
`lates the fixed code as a static variable. The algorithm is
`typically provided to the user in the form of a first
`calculator which is loaded with a program for carrying
`out the predetermined algorithm. With reference to the
`Figures the calculator preferably comprises an elec-
`tronic computer 20 and most preferably comprises a
`microprocessor and a sufficient amount of volatile dy-
`namic memory to store and carry out the functions of
`the predetermined algorithm. The computer 20 is most
`preferably provided in a card 20, FIG. 2, having the
`appearance and approximate size of a credit card.
`Such credit card sized computer 20, FIG. 2, also
`preferably includes a conventional liquid crystal display
`45 for displaying the ultimate non-predictable code 40
`generated by the algorithm. The non-predictable code
`40 thus generated may be visually observed by the user
`for eventual input into an access control means 50,
`FIGS. 1, 1A. As shown in FIG. 2, the preferred form of
`computer 20 has a length L of about 3.3 inches, a width
`W of about 2.1 inches and a depth D of less than about
`0.07 inches. In addition or as an alternative to providing
`microprocessor 20 with a liquid crystal display 45 for
`visual observation of the first non-predictable code 40,
`computer 20 may include means for machine reading
`the first non-predictable code 40 to the access control
`means 50, FIG. 1A, or may include sound producing or
`other means for personally sensing the first non-predict-
`able code 40.
`In addition to using the fixed code 10 as a static vari-
`able the predetermined algorithm is designed to utilize a
`second variable, a dynamic variable 30, 60, FIGS. 1,
`1A, to calculate the non-predictable codes 40, 70 which
`ultimately give access or clearance 90 to the user. The
`dynamic variable may comprise any code, typically a
`number, which is defined and determined by the inter-
`val of time in which the static variable 10 is put into the
`algorithm. The dynamic variable is most preferably
`defined by the date and the minute in which the static
`variable is input into the predetermined algorithm. A
`dynamic variable thus defined can be seen to change
`every minute. The dynamic variable could alternatively
`be defined according to any interval of time, e.g., 2
`minutes, 5 minutes,
`1 hour and the like. A dynamic
`variable thus defined would alternatively change every
`1 minute, 2 minutes, 5 minutes, 1 hour or passage of any
`other predetermined interval of time.
`With reference to FIG. 1 the most preferred means of
`establishing such a dynamic variable is via a time keep-
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`6 of 10
`
`6of10
`
`

`

`4,720,860
`
`5
`ing means, such as an electronic digital clock, which by
`conventional means automatically makes the dynamic
`variable to a means which automatically inputs, steps a1
`or c1, the date and specific interval of time (e.g., 1 min-
`ute, 2 minutes, 5 minutes, etc.) into the predetermined
`algorithm in response to the input, step a or c, of the
`static variable 10. The date and time thus generated by
`the time keeping means may itself be independently
`manipulated according to another predetermined algo-
`rithm prior to input into the first predetermined algo-
`rithm of the dynamic variable. The fact that the‘ dy-
`namic variable 30 or 60 being input into the predeter-
`mined algorithm constantly changes in absolute value
`with passage of successive intervals of time of predeter-
`mined duration means that the code 40 or 70 generated
`according to the predetermined algorithm is also con-
`stantly changing with successive intervals of time and is
`thereby completely non-predictable.
`The non-predictability of the codes 40, 70, FIG. 1,
`generated in the manner described above may be en-
`hanced by the fact that the predetermined algorithm
`(together with the static variable 10 and dynamic vari-
`able 30 input thereinto) may preferably be stored in the
`calculator 20 provided to authorized users in volatile
`dynamic electronic memory which is encapsulated with
`an energizing means which destroys the algorithm, the
`static variable 10, and the dynamic variable 30 when the
`electronic memory is invaded, interrupted or violated in
`any way. The predetermined algorithm thus stored in
`such volatile electronic memory cannot be discovered
`by a would-be thief because the entire memory includ-
`ing the predetermined algorithm is destroyed upon
`invasion of the memory.
`In a most preferred embodiment of the invention
`where the static variable/fixed code 10 is stored in such
`volatile dynamic memory and by conventional means is
`automatically input step a, FIGS. 1, 1A, into the algo-
`rithm of the first computer at regular intervals of time.
`Such automatic inputting of the fixed code 10 may
`thereby work in conjunction with the automatic defini-
`tion and inputting of the first dynamic variable 30 into
`the predetermined algorithm of the first computer 20 to
`effect completely automatic generation of the first non-
`predictable code 40 at regular intervals of time.
`The invention moat preferably contemplates provid-
`ing authorized personnel with a computer 20, FIGS. 1,
`1A, 2, only, but not with knowledge of the predeter-
`mined algorithm included in the computer 20. Autho-
`rized personnel are, therefore, provided with a com-
`puter 20 capable of carrying out an algorithm which is
`unknown to such authorized personnel.
`In the most preferred embodiment of the invention
`where the predetermined algorithm provided to autho-
`rized users is stored in a volatile dynamic memory en-
`capsulated with an energizing means which destroys the
`algorithm upon invasion of the memory, the only means
`of gaining unauthorized clearance or access 90 is to
`misappropriate possession of the original computer 20
`itself (and knowledge of the fixed code/static variable
`10). In an embodiment of the invention where the means
`for establishing the dynamic variable 40 is not incorpo-
`rated into the computers 20 themselves, would-be unau-
`thorized users would further require possession of an
`appropriate means for defining the dynamic variable
`according to the appropriate interval of time in which
`the fixed code/static variable 10 is input, step a, FIGS.
`1, 1A, into the predetermined algorithm of the com-
`puter 20. The static variable/fixed code 10 is preferably
`
`5
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`45
`
`50
`
`55
`
`6O
`
`65
`
`6
`stored within volatile dynamic memory and automati-
`cally input into the predetermined algorithm of the first
`computer for computation of the first non-predictable
`code.
`
`The algorithm may alternatively be designed to ma-
`nipulate more than one fixed code and/or more than
`one dynamic variable. Several means for inputting each
`fixed code and dynamic variable may be included in the
`calculator provided to users and in the access control
`means. Each dynamic variable is preferably defined by
`the interval of time in which one or more of the fixed
`codes (selected static variables) are input into the algo-
`rithm.
`
`It can be seen, therefore, that the predetermined algo-
`rithm can comprise any one of an infinite variety of
`algorithms. The only specific requirement for an algo-
`rithm to be suitable for use in the present invention is
`that such algorithm generate a non-predictable code on
`the basis of two classes of variables, static variables (the
`fixed codes) and dynamic variables such as described
`hereinabove. A non-predictable code C which is ulti-
`mately generated by the predetermined algorithm, f
`(x,y), may be expressed mathematically as:
`
`JIM) = C
`
`where x is a static variable/fixed code and y is a dy-
`namic variable. Where several (11) static variables (X1,
`X2,
`.
`.
`. x”) and several (11) dynamic variables (y1, y2, .
`.
`. y”) are intended for use in generating non-predictable
`codes, a non-predictable code thus generated may be
`expressed mathematically as [(xl, xz, .
`.
`. x", yi, yz, .
`.
`.
`J’n)=c-
`The specific form of the algorithm only assumes spe-
`cial importance as part of the invention, therefore, when
`the algorithm is capable of being discovered by would-
`be unauthorized users. In the most preferred embodi-
`ment of the invention where the algorithm is com-
`pletely undiscoverable by virtue of its storage in a vola-
`tile dynamic electronic memory which destroys the
`algorithm upon attempted invasion of the encapsulated
`memory, the specific form of the algorithm comprises
`only an incidental part of the invention. The mere fact
`of the use of some algorithm to manipulate the fixed
`code and the dynamic variable does, however, comprise
`a necessary part of the invention insofar as such an
`algorithm generates the ultimately important non-
`predictable code.
`With reference to FIG. 1, after a first non-predictable
`code 40 is generated as described above, such first non-
`predictable code is compared 80 with another “second”
`non-predictable code 70 which is also generated by the
`user by putting, step c, the fixed code/static variable 10
`into an access control means 50 which contains the
`same predetermined algorithm used to generate the first
`non-predictable code 40. With reference to FIG. 1A, in
`a preferred embodiment of the invention the first non-
`predictable code 40 is put, step e2, into the access con-
`trol means 50 essentially immediately after the fixed
`secret code 10 is put into the access control means 50
`(i.e., step e2 is carried out essentially immediately after
`step e) in order to gain clearance or access 90.
`With reference to FIG. 1A, if steps e and e2 are not
`carried out within the same interval of time as step a
`was carried out, then step c will not generate a second
`dynamic variable 60 which will allow the predeter-
`mined algorithm of the access control means 50 to gen-
`
`7 of 10
`
`70f10
`
`

`

`4, 720, 860
`
`5
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`45
`
`50
`
`55
`
`8
`predictable code 70 may alternatively be automatically
`communicated, step C3, to a separate device including a
`conventional means for comparing the non-predictable
`codes.
`
`FIG. 1A depicts in block form the sequence of steps
`that would be carried out in the most preferred form of
`the invention where the access control means 50 in-
`
`cludes the means for comparing the non-predictable
`codes. Fixed code 10 is input, step a (also preferably
`automatic), into first computer 20 and the first dynamic
`variable 30 is automatically input, step a1, into the first
`computer 20 in response to the carrying out of step a.
`The first non-predictable code 40 is then generated, step
`a2, essentially automatically after the fixed code 10 is
`input, step a, into the first computer 20. The first non-
`predictable code 40 is personally sensed by the user and
`the fixed code 10 and the first non-predictable code 40
`are then input by conventional telephonic/electronic
`means, steps e and e2, into the access control means 50.
`By conventional means step e inputs the fixed code 10
`into the predetermined algorithm and step e; communi-
`cates the first non-predictable code 40 to the means for
`comparing the first 40 and second 70 non-predictable
`codes. The second dynamic variable 60 is automatically
`input, step 62, in response to the carrying out of step e.
`The second non-predictable code 70, FIG. 1, is auto-
`matically generated, step C2 by access control means 50
`in response to the carrying out of steps e and e1, FIG. 2.
`The second non-predictable code 70, FIG. 1, is auto-
`matically communicated to the comparison means 80
`included in the access control means 50 of FIG. 1A.
`Step e2 is preferably carried out essentially immediately
`after step e is effected. The comparison means 80 in-
`cluded in the access control means 50, FIG. 1A, thereby
`compares the non-predictable codes 40, 70, FIG. 1,
`essentially automatically upon the completion of steps e
`and e2.
`With reference to FIG. 1A, where the access control
`means 50 is physically remote from the first calculator
`20, the fixed secret code 10 and the first non-predictable
`code 40 are typically transmitted together (i.e. the fixed
`code 10 first and the non-predictable code 40 following
`immediately thereafter) to access control means 50 in
`the conventional manner. Such transmission, steps e and
`e2, is typically effected by telephonic transmission with
`or without the aid of a conventional modem. In the
`most preferred embodiment of the invention, for exam-
`ple, where the first calculator comprises a credit-card
`sized microprocessor 20, FIG. 2, having a liquid crystal
`display 45, the user accomplishes step e2, FIG. 1A, by
`first reading the non-predictable code 40 from the liquid
`crystal display and then telephonically transmitting the
`fixed code 10 and the non-predictable 40 code to the
`access control means 50. The actual transmission of the
`fixed code 10 and the non-predictable code 40 may
`alternatively be effected by reading the codes 10 and/or
`40 into the access control means 50 by conventional
`electronic or mechanical means.
`In most practical applications of the invention the
`granting of clearance or access 90, is effected automati-
`cally by conventional electronic means if the non-
`predictable codes match when compared with each
`other.
`
`7
`erate a non-predictable code 70 which matches the lst
`non-predictable code 40.
`The second calculator typically comprises a access
`control means 50, FIG. 1, containing a program for,
`carrying out the algorithm and a second means for
`establishing a second dynamic variable 60 which is
`defined by the interval of time in which the user puts,
`step c, the fixed code/static variable 10 into the access
`control means 50. The second means for establishing the
`second dynamic variable most preferably comprises a
`second time-keeping means, such as a digital clock,
`which is synchronized with the first
`time-keeping
`means so as to generate a dynamic variable 60 which
`when inputted into the access control means will gener»
`ate a non-predictable code 70 which matches code 40
`only when steps b and c, FIG. 1 (or steps e and e2, FIG.
`1A) occur within the same interval of time. Such second
`time keeping means preferably defines the second dy-
`namic variable 60 by the date and minute (or other
`predetermined interval of time) in which the fixed
`code/static variable 10 is put, step 0, into the access
`control means.
`The second time keeping means is preferably syn-
`chronized with time keeping means such that if the fixed
`code 10, FIG. 1, is put into the access control means 50
`within the same predetermined interval of time (i.e. 1
`minute, 5 minutes, hour, etc.) as the fixed code 10 is
`input into the first computer 20, the second time keep=
`ing means generates, step c1, the identical dynamic
`variable 60 as the first time keeping means generates,
`step a1, and the algorithms of the first computer 10 and
`the access control means 50 thereby generate, steps a2
`and C2, identical and matching non-predictable codes.
`As with the first time keeping means the second time
`keeping means preferably puts, step c1, the second dy-
`namic variable 60 automatically into the access control
`means 50 in response to the putting, step c, of the fixed
`code/static variable 10 into the access control means 50.
`Steps a1 and c1, therefore, preferably occur automati-
`cally upon the carrying out of steps a and c respectively.
`With reference to FIG. 1, once the second non-
`predictable code 70 is generated, step C2, by the second
`means for calculating 50, the first non-predictable code
`40 is compared 80 with the second non-predictable code
`70 and if they match the user is granted clearance or
`access 90. The means for comparing the two indepen-
`dently generated non-predictable codes 40, 70, typically
`comprises a comparison algorithm included in a com-
`puter into which the first non-predictable code 40 and
`the second non-predictable code 70 are input, steps b,
`C3, after they are generated. Steps b and C3 are prefera-
`bly carried out automatically in the conventional man-
`ner.
`
`The authorized user of the first computer 10, FIG. 1,
`is typically required to personally sense the first non-
`predictable code 40 after steps a, a1, and a; are com-
`pleted (e.g. by sight, sound or otherwise) and then com-
`municate, step c, the first non-predictable code to the
`means for comparing 80. The second non-predictable
`code however is preferably automatically communi-
`cated to the means for comparing 80.
`Automatic communication of
`the second non-
`predictable code to the means for comparing, step C3, is
`preferably accomplished by including a program for
`comparing the non-predictable codes in the access con-
`trol means 50 itself, whereby the comparison program
`communicates with the predetermined algorithm in-
`cluded in the access control means 50. The second non-
`
`65
`
`With reference to FIG. 1, steps a and c and must be
`performed within the same interval of time of predeter-
`mined duration in order to generate equivalent first 30
`and second 60 dynamic variables and, a fortiori, match-
`ing first 40 and second 70 non-predictable codes.
`
`8 of 10
`
`80f10
`
`

`

`4,720,860
`
`9
`In a preferred embodiment of the invention, step a,
`FIGS. 1, 1A, is carried out automatically by suitable
`electronic means provided in the first computer 20.
`Where step a is carried out automatically, the first non-
`predictable code 40 is, therefore, generated completely
`automatically by first computer 20 every minute, 2
`minutes or other predetermined interval of time. In such
`a preferred embodiment, therefore, the invention will
`generate matching non-predictable codes 40, 70 if step
`c, alone, is carried out by the user within the same min-
`ute or other predetermined interval of time in which the
`dynamic variables 30, 60 are constantly being estab-
`lished and re-established by synchronized time keeping
`means. With reference to FIG. 1A, in a most preferred
`embodiment of the invention where step e2 occurs im-
`mediately after step e, the user must carry out both of
`steps e and e2 within the same interval of time as the fi