`
`12 -
`
`.
`
`.____--10
`
`20
`
`22
`
`26
`
`RAM
`
`ROM
`
`18
`
`User
`Interface
`
`USR
`Software
`
`CPU
`
`Comm.
`Port
`
`Wide
`Area
`Network
`
`16 ----
`
`14 /
`
`Universal Secure
`Registry
`
`24
`
`30
`
`Person No. 1
`
`\J
`
`30
`
`I
`
`Person No. 2
`
`•
`•
`•
`
`Person No. n
`
`30
`
`FIG. 1
`
`USR Exhibit No. 2009
`
`
`
`Replacement Sheet
`
`____.-- 10
`
`Cornputer
`Module
`
`Computer
`Module
`
`Computer
`Module
`
`USR System
`
`Computer
`Module
`
`Computer
`Module
`
`Computer
`Module
`
`27
`
`Interface
`Center
`
`Interface
`Center
`
`27 ----
`
`Wide Area Network
`
`Interface
`Center
`
`Interface
`Center
`
`28
`
`7 27
`
`Interface
`Center
`
`Interface
`Center
`
`27
`
`27 ---'
`
`N----- 27
`
`FIG. 2
`
`USR Exhibit No. 2009
`
`
`
`;Gags Tuawapeide
`
`32
`
`34
`
`36
`
`38
`
`I
`
`
`
`I
`
`/
`
`Validation
`Information
`
`Access
`Information
`
`/
`
`Publicly
`Available
`Information
`
`I
`
`Address
`Information
`
`Credit Card
`and Other
`Financial
`Information
`
`Medical
`Information
`
`Job
`Application
`Information
`
`Tax
`Information
`
`30
`
`Person
`No. 1
`
`40
`
`42
`
`44
`
`46
`
`FIG. 3
`
`USR Exhibit No. 2009
`
`
`
`Replacement Sheet
`
`Public
`Information
`Computer
`Module
`
`Medical
`Information
`Computer
`Module
`
`Financial
`Information
`Computer
`Module
`
`USR System
`
`Address
`Information
`Computer
`Module
`
`Job
`Application
`Computer
`Module
`
`Tax
`Information
`Computer
`Module
`
`Tax
`Information
`....
`Interface
`Centers
`
`Job Application
`Information
`Interface
`Centers
`
`Public
`Information<
`Interface
`Centers
`
`Medical
`Information
`Interface
`Centers
`
`Wide Area Network
`
`Financial
`Information
`Interface
`Centers
`
`Address
`Information
`Interface
`Centers
`
`FIG. 4
`
`USR Exhibit No. 2009
`
`
`
`Replacement Sheet
`
`Train the Database
`
`Validate Person's
`Identification
`
`500
`
`502
`
`No
`
`Does
`Person Have Rights to
`Enter Data
`?
`
`Enable Person to Enter
`Basic Personal Data
`
`Does
`Person Have Right to
`Enter Additional Data
`?
`
`Yes
`
`508
`
`Enable Person to Enter
`Advanced Personal Data
`
`510
`
`Enable Person to Specify Access
`to Advanced Personal Data
`
`V
`Return
`
`FIG. 5
`
`512
`
`USR Exhibit No. 2009
`
`
`
`Replacement Sheet
`
`Enable Access to
`Basic Personal Data
`
`600
`
`602
`
`Is
`Additional Information
`Requested
`9
`
`No
`
`Does Requestor
`Have Rights to Access
`Type of Requested
`Data ?
`
`Is Person
`Participating in
`Transaction
`9
`
`Validate Person's
`Identity
`
`Enable Person to
`Change Access
`Rights to Data
`
`Does Requestor
`Have Rights to Access
`Type of Requested
`Data ?
`
`FIG. 6
`
`606
`
`Cause USR to Enable
`Access to Type of
`Requested Data
`
`610
`
`Return
`
`USR Exhibit No. 2009
`
`
`
`Replacement Sheet
`
`User Initiates Purchase
`
`User Enters Secret Code
`in Secure ID
`
`Merchant Transmits to Credit
`Card Company
`(1) Code from Secure ID
`(2) Store Number
`(3) Amount of Purchase
`
`Credit Card Company
`Sends Code to USR
`
`USR Determines if Code is Valid, and if
`Valid Accesses User's Credit Card
`Information and Transmits Credit Card
`Number to Credit Card Company
`
`v
`Credit Card Company Checks
`Credit Worthiness and Declines
`Card or Debits User's Account and
`Transfers $ to Merchant's Account
`
`'I
`CCC Notifies Merchant of
`Result of Transaction
`
`FIG. 7
`
`USR Exhibit No. 2009
`
`
`
`Replacement Sheet
`
`User Initiates Purchase
`
`V
`User Enters Secret Code
`in Secure ID
`
`V
`Merchant Transmits to USR
`(1) Code from Secure ID
`(2) Store Number
`(3) Amount of Purchase
`
`USR Determines if Code is Valid
`
`USR Accesses User's Credit Card
`Information and Transmits to CCC
`(1) Credit Card Number
`(2) Store Number
`(3) Amount of Purchase
`
`\
`
`CCC Checks Credit Worthiness and
`Declines Card or Debits User's Account
`and Transfers $ to Merchant's Account
`
`CCC Notifies USR of
`Result of Transaction
`
`I
`
`USR Notifies Merchant of
`Result of Transaction
`
`FIG. 8
`
`USR Exhibit No. 2009
`
`
`
`Replacement Sheet
`
`User Initiates Purchase and
`Writes Check to Merchant
`
`V
`User Enters Secret Code
`in Secure ID
`
`Merchant Transmits to USR
`
`(1) Code from Secure ID
`(2) Store Number
`(3) Amount of Purchase
`
`USR Determines if Code is Valid
`
`V
`USR Accesses User's Bank
`Information and Transmits to Bank
`(1) Bank Account Number
`(2) Store Number
`(3) Amount of Purchase
`
`V
`
`Bank Checks Account Balance
`to Verify Availability of Funds
`
`V
`Bank Notifies USR of
`Result of Verification
`
`USR Notifies Merchant of
`Result of Verification
`
`FIG. 9
`
`USR Exhibit No. 2009
`
`
`
`Replacement Sheet
`
`User Initiates Anonymous Purchase
`by Entering Secret Code in Secure
`ID and Transmitting Result to
`On—Line Merchant
`
`Merchant Transmits to USR
`(1) Code from Secure ID
`(2) Store Number
`(3) Amount of Purchase
`
`1000
`
`1002
`
`USR Determines if Code is Valid
`
`,. ___----1004
`
`USR Accesses User's Credit Card
`Information and Transmits to CCC:
`1) Credit Card Number
`2) Store Number
`3) Amount of Purchase
`
`v
`CCC Checks Credit Worthiness and
`Declines Card or Debits User's Account
`and Transfers $ to Merchant's Account
`
`1006
`
`1008
`
`CCC Notifies USR
`of Result of Transaction
`
`1010
`
`/----
`
`7
`
`,1014
`
`If Credit Declined,
`USR Notifies Merchant
`
`1016
`
`If Credit Accepted, USR
`Accesses Address Code
`and Provides Merchant
`with Address Code
`
`Merchant Labels Package
`with Address Code and Ships
`
`FIG. 10
`
`USR Exhibit No. 2009
`
`
`
`Replacement Sheet
`
`User Provides Address
`Code on Public Area
`
`User Provides Address Information
`in Address Area of USR
`
`v
`Person Places Public Code
`on Parcel to be Mailed
`
`Post Office Accesses USR
`to Retrieve Address Information
`
`1100
`
`1102
`
`1104
`
`1106
`
`1108 --,.,
`
`V
`Post Office Delivers Parcel to
`Address in Address Area of USR
`
`V
`Post Office Prints Bar Code
`on Parcel to Automate
`Delivery of Parcel to Address
`in Address Area of USR
`
`FIG. 11
`
`User Provides Telephone
`Code on Public Area
`
`User Provides Telephone Information
`in Telephone Area of USR
`
`V
`Person Dials USR Phone Number and
`Enters Telephone Code for User
`
`USR Connects Person to Telephone
`Number Without Providing User
`Person with Telephone Number
`
`FIG. 12
`
`1200
`
`1202
`
`1204
`
`1206
`
`USR Exhibit No. 2009
`
`
`
`leeqs luaweoeide
`
`1400
`
`1402
`
`1404
`
`1406
`
`1408
`
`User Attempts to Prove
`Identification to Validator
`
`User Attempts to Prove
`Identification to Policeman
`
`User Enters Secret Code in Secure ID
`
`User Enters Secret Code in Secure ID
`
`V
`
`Validator Transmits to USR
`Code from Secure ID
`
`\I
`
`Policeman Transmits to USR
`Code from Secure ID
`
`V
`
`USR Determines if Code is Valid
`
`USR Determines if Code is Valid
`
`1300
`
`1302
`
`1304
`
`1306
`
`\
`
`\
`
`\
`
`1308
`
`\
`
`USR Accesses User's Photograph
`Information and Transmits to Validator
`(1) Verification of Identity
`(2) Picture of Secure ID Holder
`
`V
`USR Accesses User's Photograph
`Information and Police Record Information
`and Transmits to Policeman
`(1) Verification of Identity
`(2) Picture of Secure ID Holder
`(3) Police Records, Such as Outstanding
`Warrants for Arrest and Criminal History
`
`FIG. 13
`
`FIG. 14
`
`USR Exhibit No. 2009
`
`
`
`;Gags Tuawapeide
`
`1500
`
`1502
`
`1504
`
`1506
`
`\
`
`\
`
`\
`
`1508
`
`User Desires to Provide
`Identification to Party
`
`User Desires to Apply for
`a Job, Credit or Apartment
`
`User Enters Secret Code in Secure ID
`
`User Enters Secret Code in Secure ID
`
`v
`
`V
`Party Transmits to USR Code
`from Secure ID and Party Code
`
`V
`User Transmits to USR Code from
`Secure ID and Application Code
`
`USR Determines if Code is Valid
`
`USR Determines if User Code is Valid
`
`V
`
`USR Accesses User's Information
`Available to Party According to
`Party Code and Transmits
`Available Information to Party
`
`,
`
`USR Accesses User's Application
`Information and Transmits Available
`Information to User or Completes
`an Application on Behalf of the User
`
`FIG. 15
`
`FIG. 16
`
`1600
`
`1602
`
`1604
`
`1606
`
`1608
`
`USR Exhibit No. 2009
`
`
`
`Replacement Sheet
`
`Lap Top
`Computer
`
`Electronic
`Device
`
`Automobile
`
`FIG. 17
`
`USR Exhibit No. 2009
`
`
`
`Express Mail Label EL840396839US
`Date of Mailing: March 16, 2001
`
`UNIVERSAL SECURE REGISTRY
`
`1.
`
`Field of the Invention
`
`5
`
`This invention relates to a method and apparatus for securely storing and
`
`disseminating information regarding individuals and, more particularly, to a
`
`computer system for authenticating identity or verifying the identity of
`
`individuals and other entities seeking access to certain privileges and for
`
`selectively granting privileges and providing other services in response to such
`
`10
`
`identifications/verifications.
`
`2.
`
`Background of the Invention
`
`Dissemination of information regarding various entities, including
`
`individuals, in society is conventionally done in a non-centralized fashion, often
`
`15
`
`requiring specialized knowledge of a likely storage location to access the
`
`information. This specialized knowledge may not be available when the
`
`information is needed, thus effectively preventing distribution of the information
`
`when required. For example, a doctor in an emergency room may desire access
`
`to a patient's medical history in determining a course of treatment. If the person
`
`20
`
`is not carrying a complete medical record, which is typically the situation, the
`
`medical records may not be available to the doctor. Even if these medical
`
`records are available electronically, for example via a computer accessible in the
`
`person's regular doctor's office, the records may effectively be unavailable if the
`
`person is unconscious or otherwise incapacitated or if restrictions on access to
`
`25
`
`the doctor's records cannot otherwise be overcome. The retrieval of required
`
`medical records can be further complicated by the fact that such records can be
`
`located at a number of different sites/systems which are not linked. For example,
`
`the patient's primary care physician may not have records from a specialist
`
`treating the patient, and none of these physicians may have dental records.
`
`30
`
`Similar problems arise in other environments where relevant data may be
`
`scattered and/or otherwise difficult to access.
`
`USR Exhibit No. 2009
`
`
`
`Identification of a person from other persons within a society and
`
`verification of a person as being who he says he is are extremely important for
`
`many reasons. For example, determination/verification of a person's identity
`
`will typically dictate extension of credit, granting access to information,
`
`5
`
`allowing entry to a restricted area, or the granting of numerous other privileges.
`
`Most people carry multiple forms of identification. For example, a typical
`
`person may carry an identification card issued by a federal, state, or local
`
`governmental entity, an identification card issued by a university or place of
`
`employment, one or more credit cards that serve to identify the person as a
`
`10
`
`holder of a credit card account, one or more bank cards that serve to identify the
`
`person as holder of a bank account, medical information cards identifying the
`
`person as a member of, for example, a health maintenance organization or as a
`
`person holding an insurance policy from a specified insurance company, keys
`
`that identify the person as owner of an automobile, house, etc., and numerous
`
`15
`
`other identification cards that may be used for specialized purposes, such as
`
`identifying the person as a member of a health club, a library, or a professional
`
`organization.
`
`To enable the person to function effectively in society, the person must
`
`typically have one or more of these identification devices with them if they wish
`
`20
`
`to undertake an associated activity. For example, a person is not allowed to
`
`drive a car or purchase alcohol without a governmentally issued driver's license.
`
`Likewise, although cash may be used to purchase goods and/or services, the
`
`person will typically not be able to purchase goods and/or services with a credit
`
`card if the person is not physically carrying the credit card. Similarly, most
`
`25
`
`hospitals and other medical facilities will require proof of insurance before
`
`rendering medical attention. Carrying these multifarious identification devices
`
`can become onerous. Additionally, if one or more of the identification devices is
`
`lost, stolen or forgotten, it can be inconvenient, making it difficult to obtain
`
`goods or services requiring the missing identification.
`
`30
`
`There are also times when the individual may wish to be identified or at
`
`least verified without providing personal information. For example, a person
`
`-2-
`
`USR Exhibit No. 2009
`
`
`
`may wish to purchase goods and/or services without publicly providing his/her
`credit card information for fear that the credit card information be may be stolen
`and used fraudulently. Likewise, the person may wish to purchase goods or
`order goods to be delivered to an address without revealing the address to the
`vendor. Unfortunately, conventional identification devices require that at least
`some personal information be transmitted to complete a transaction.
`There are other related problems. For example, when there is a need to
`locate a person or other entity where only limited biographical data is known,
`this can be difficult since relevant information is seldom available from a single
`database. Another potential problem is the forwarding of mail, packages,
`telephone calls/messages, e-mails and other items where a party is in a situation
`where they are changing location frequently and/or where the person does not
`want such information to be generally available for security or other reasons. A
`simple, yet secure, way of dealing with such issues does not currently exist.
`Another potential problem is filling in forms, particularly for an
`individual who frequently has to complete the same or similar form. Such forms
`can for example be medical forms when visiting a doctor or entering a hospital,
`immigration forms on entering the country, employment forms, college entry
`forms, etc.. It would be desirable if such forms could be completed once and be
`available for future use, and it would be even better if the information for each
`such form could be automatically drawn from an existing database to complete
`the form. There is also a frequent requirement to periodically update information
`in a form, for example financial information for a line of credit. It would be
`desirable if such updates could be automatically performed from data in a
`
`general database.
`Still another potential problem is that a person may be forced to make
`requests on a database, for example financial requests, under duress. It would be
`desirable if the person could easily and undetectably signal such duress when
`making the request and the receiving system be able to act appropriately to assist
`and protect the individual.
`
`5
`
`10
`
`15
`
`20
`
`25
`
`30
`
`-3-
`
`USR Exhibit No. 2009
`
`
`
`Systems capable of effectively performing all of these functions do not
`
`currently exist.
`
`5
`
`SUMMARY OF THE INVENTION
`
`There is thus a need for an identification system that will enable a person
`
`to be identified or verified ("identification" sometimes being used hereinafter to
`
`mean either identified or verified) and/or authenticated without necessitating the
`
`provision of any personal information. Likewise, there is a need for an
`
`10
`
`identification system that will enable a person to be identified universally
`
`without requiring the person to carry multiple forms of identification.
`
`Accordingly, this invention relates, in one embodiment, to an information
`
`system that may be used as a universal identification system and/or used to
`
`selectively provide personal, financial or other information about a person to
`
`15
`
`authorized users. Transactions to and from the database may take place using a
`
`public key/private key security system to enable users of the system and the
`
`system itself to encrypt transaction information during the transactions.
`
`Additionally, the private key/public key security system may be used to allow
`
`users to validate their identity and/or sign instructions being sent to a universal
`
`20
`
`secure registry (USR) system of the type to which this invention relates. For
`
`example, in one embodiment, a smart card such as the Secure ID TM card from
`
`RSI Security, Inc. may be provided with the user's private key and the USR
`
`system's public key to enable the card to encrypt messages being sent to the USR
`
`system and to decrypt messages from the USR system 10.
`
`25
`
`This USR system or database may be used to identify the person in many
`
`situations, and thus may take the place of multiple conventional forms of
`
`identification. Additionally, the USR system may enable the user's identity to be
`
`confirmed or verified without providing any identifying information about the
`
`person to the entity requiring identification. This can be advantageous where the
`
`30
`
`person suspects that providing identifying information may subject the
`
`identifying information to usurpation.
`
`-4-
`
`USR Exhibit No. 2009
`
`
`
`Enabling anonymous identification facilitates multiple new forms of
`
`transactions. For example, enabling anonymous identification enables the
`identified person to be telephoned by or receive e-mails from other persons
`
`without providing the other person with a telephone number or e-mail address,
`and will permit this to be accomplished even where there are frequent changes in
`
`5
`
`the persons location.. Similarly, enabling anonymous identification will enable
`
`the person to receive mail, other delivered parcels and other items without
`
`providing the recipient's address information to the sender. By restricting access
`
`to particular classes of persons/entities, the person can effectively prevent
`
`10
`
`receipt of junk mail, other unsolicited mail, telemarketing calls and the like.
`In a financial context, providing anonymous identification of a person
`
`enables the person to purchase goods and/or services from a merchant without
`ever transmitting to the merchant information, such as the person's credit card
`number, or even the persons name, that could be intercepted and/or usurped and
`used in subsequent or additional unauthorized transactions or for other undesired
`purposes. Enabling anonymous identification may be particularly advantageous
`in an unsecured environment, such as the Internet, where it has been found to be
`relatively trivial to intercept such credit card information.
`In a medical context, the USR system, in addition to enabling a person
`seeking medical treatment to identify themselves, may be configured to provide
`
`insurance data, medical history data, and other appropriate medical information
`to a medical provider, once that medical provider has been established as an
`authorized recipient. The USR system may also contain links to other databases
`containing portions of the patients medical records, for example x-rays, MRI
`
`pictures, dental records, glasses, prescriptions, etc.
`Access to the USR system may be by smart card, such as a Secure IDTM
`card, or any other secure access device. The technology enabling the USR
`system may be physically embodied as a separate identification device such as a
`smart ID card, or may be incorporated into another electronic device, such as a
`cell phone, pager, wrist watch, computer, personal digital assistant such as a
`Palm Pi1otTM, key fob, or other commonly available electronic device. The
`
`15
`
`20
`
`25
`
`30
`
`-5-
`
`USR Exhibit No. 2009
`
`
`
`5
`
`identity of the user possessing the identifying device may be verified at the point
`of use via any combination of a memorized PIN number or code, biometric
`identification such as a fingerprint, voice print, signature, iris or facial scan, or
`DNA analysis, or any other method of identifying the person possessing the
`device. If desired, the identifying device may also be provided with a picture of
`the person authorized to use the device to enhance security.
`The USR system may be useful for numerous other identification
`purposes. For example, the USR anonymous identification may serve as a
`library card, a phone card, a health club card, a professional association
`10 membership card, a parking access card, a key for access to ones home, office,
`car, etc. or any one of a host of similar identification/verification and/or access
`functions. Additionally, equipment code infOrmation may be stored in the USR
`system and distributed under the user's control and at the user's discretion, to
`maintain personal property or public property in an operative state.
`
`15
`
`20
`
`25
`
`30
`
`BRIEF DESCRIPTION OF THE FIGURES
`This invention is pointed out with particularity in the appended claims. The
`above and further advantages of this invention may be better understood by referring to
`the following description when taken in conjunction with the accompanying drawings.
`The accompanying drawings are not intended to be drawn to scale. In the drawings, each
`identical or nearly identical component that is illustrated in various figures is represented
`by a like numeral. For purposes of clarity, not every component may be labeled in every
`
`drawing. In the drawings:
`Fig. 1 is a functional block diagram of a computer system configured to
`implement the universal secure registry ("USR"), including a USR database, according to
`one embodiment of the invention;
`Fig. 2 is a functional block diagram of a first embodiment of a networked
`environment including the computer system of Fig. 1;
`Fig. 3 is a functional block diagram of an entry of a database forming the USR
`database of Fig. 1
`
`-6-
`
`USR Exhibit No. 2009
`
`
`
`Fig. 4 is a functional block diagram of a second embodiment of a networked
`
`environment including the computer system of Fig. 1;
`
`Fig. 5 is a flow chart illustrating steps in a process of inputting data into the USR
`
`database;
`
`5
`
`Fig. 6 is a flow chart illustrating steps in a process of retrieving data from the
`
`USR database;
`
`Fig. 7 is a flow chart illustrating a first protocol for purchasing goods from a
`
`merchant via the USR database without transmitting credit card information to the
`
`merchant;
`
`10
`
`Fig. 8 is a flow chart illustrating a second protocol for purchasing goods from a
`
`merchant via the USR database without transmitting credit card information to the
`
`merchant;
`
`Fig. 9 is a flow chart illustrating a protocol for purchasing goods from a merchant
`
`via the USR database by validating the user's check;
`
`15
`
`Fig. 10 is a flow chart illustrating a protocol for purchasing goods from an on-line
`
`merchant via the USR database without transmitting credit card information to the on-line
`
`merchant, and enabling the on-line merchant to ship the goods to a virtual address;
`
`Fig. 11 is a flow chart illustrating a protocol for shipping goods to a virtual
`
`address via the USR database;
`
`20
`
`Fig. 12 is a flow chart illustrating a protocol for telephoning a virtual phone
`
`number via the USR database;
`
`Fig. 13 is a flow chart illustrating a protocol for identifying a person via the USR
`
`database;
`
`Fig. 14 is a flow chart illustrating a protocol for identifying a person to a
`
`25
`
`policeman via the USR database;
`
`Fig. 15 is a flow chart illustrating a protocol for providing information to an
`
`authorized recipient of the information via the USR database;
`
`Fig. 16 is a flow chart illustrating a protocol for providing application information
`
`to an authorized recipient of the information via the USR database; and
`
`-7-
`
`USR Exhibit No. 2009
`
`
`
`Fig. 17 is a functional block diagram of an embodiment configured to use
`
`information in the USR system to activate or keep active property secured through the
`
`USR system.
`
`5
`
`DETAILED DESCRIPTION OF THE INVENTION
`
`In one embodiment, an information system is formed as a computer program
`
`running on a computer or group of computers configured to provide a universal secure
`
`registry (USR) system. The computer, in this instance, may be configured to run
`
`autonomously (without the intervention of a human operator), or may require intervention
`
`10
`
`or approval for all, a selected subset, or particular classes of transactions. The invention
`
`is not limited to the disclosed embodiments, and may take on many different forms
`
`depending on the particular requirements of the information system, the type of
`
`information being exchanged, and the type of computer equipment employed. An
`
`information system according to this invention, may optionally, but need not necessarily,
`
`15
`
`perform functions additional to those described herein, and the invention is not limited to
`
`a computer system performing solely the described functions.
`
`In the embodiment shown in Fig. 1, a computer system 10 for implementing a
`
`USR system according to the invention includes at least one main unit 12 connected to a
`
`wide area network, such as the Internet, via a communications port 14. The main unit 12
`
`20 may include one or more processors (CPU 16) running USR software 18 configured to
`
`implement the USR system functionality discussed in greater detail below. The CPU 16
`
`may be connected to a memory system including one or more memory devices, such as a
`
`random access memory system RAM 20, a read only memory system ROM 22, and one
`
`or more databases 24. In the illustrated embodiment, the database 24 contains a universal
`
`25
`
`secure registry database. The invention is not limited to this particular manner of storing
`
`the USR database. Rather, the USR database may be included in any aspect of the
`
`memory system, such as in RAM 20, ROM 22 or disc and may also be separately stored
`
`on one or more dedicated data servers.
`
`The computer system may be a general purpose computer system which is
`
`30
`
`programmable using a computer programming language, such as C, C++, Java, or other
`
`language, such as a scripting language or even assembly language. The computer system
`
`-8-
`
`USR Exhibit No. 2009
`
`
`
`may also be specially programmed, special purpose hardware, an application specific
`
`integrated circuit (ASIC) or a hybrid system including both special purpose components
`
`and programmed general purpose components..
`
`In a general purpose computer system, the processor is typically a commercially
`
`5
`
`available microprocessor, such as Pentium series processor available from Intel, or other
`
`similar commercially available device. Such a microprocessor executes a program called
`
`an operating system, such as UNIX, Linux, Windows NT, Windows 95, 98, or 2000, or
`
`any other commercially available operating system, which controls the execution of other
`
`computer programs and provides scheduling, debugging,
`
`input/output control,
`
`10
`
`accounting, compilation, storage assignment, data management, memory management,
`
`communication control and related services, and many other functions. The processor
`
`and operating system defines a computer platform for which application programs in
`
`high-level programming languages are written.
`
`The database 24 may be any kind of database, including a relational database,
`
`15
`
`object-oriented database, unstructured database, or other database. Example relational
`
`databases include Oracle 81 from Oracle Corporation of Redwood City, California;
`
`Informix Dynamic Server from Informix Software, Inc. of Menlo Park, California; DB2
`
`from International Business Machines of Armonk, New York; and Access from
`
`Microsoft Corporation of Redmond, Washington. An example object-oriented database
`
`20
`
`is ObjectStore from Object Design of Burlington, Massachusetts. An example of an
`
`unstructured database
`
`is Notes
`
`from
`
`the Lotus Corporation, of Cambridge,
`
`Massachusetts. A database also may be constructed using a flat file system, for example
`
`by using files with character-delimited fields, such as in early versions of dBASE, now
`
`known as Visual dBASE from Inprise Corp. of Scotts Valley, California, formerly
`
`25 Borland International Corp.
`
`The main unit 12 may optionally include or be connected to an user interface 26
`
`containing, for example, one or more input and output devices to enable an operator to
`
`interface with the USR system 10. Illustrative input devices include a keyboard, keypad,
`
`track ball, mouse, pen and tablet, communication device, and data input devices such as
`
`30
`
`voice and other audio and video capture devices. Illustrative output devices include
`
`cathode ray tube (CRT) displays, liquid crystal displays (LCD) and other video output
`
`USR Exhibit No. 2009
`
`
`
`devices, printers, communication devices such as modems, storage devices such as a disk
`
`or tape, and audio or video output devices. Optionally, the user interface 26 may be
`
`omitted, in which case the operator may communicate with the USR system 10 in a
`
`networked fashion via the communication port 14. It should be understood that the
`
`5
`
`invention is not limited to any particular manner of interfacing an operator with the USR
`
`system.
`
`It also should be understood that the invention is not limited to a particular
`
`computer platform, particular processor, or particular high-level programming language.
`
`Additionally, the computer system may be multiprocessor computer system or may
`
`10
`
`include multiple computers connected over a computer network. It further should be
`
`understood that each module or step shown in the accompanying figures and the substeps
`
`or subparts shown in the remaining figures may correspond to separate modules of a
`
`computer program, or may be separate computer programs. Such modules may be
`
`operable on separate computers. The data produced by these components may be stored
`
`15
`
`in a memory system or transmitted between computer systems.
`
`Such a system may be implemented in software, hardware, or firmware, or any
`
`combination thereof The various elements of the information system disclosed herein,
`
`either individually or in combination, may be implemented as a computer program
`
`product, such as USR software 18, tangibly embodied in a machine-readable storage
`
`20
`
`device for execution by the computer processor 16. Various steps of the process may be
`
`performed by the computer processor 16 executing the program 18 tangibly embodied on
`
`a computer-readable medium to perform functions by operating on input and generating
`
`output. Computer programming languages suitable for implementing such a system
`
`include procedural programming languages, object-oriented programming languages, and
`
`25
`
`combinations of the two.
`
`As shown in Fig. 2, the computer system 10 may be connected to a plurality of
`
`interface centers 27 over a wide area network 28. The wide area network 28 may be
`
`formed from a plurality of dedicated connections between the interface centers 27 and the
`
`computer system 10, or may take place, in whole or in part, over a public network such as
`
`30
`
`the Internet. Communication between the interface centers 27 and the computer system
`
`10 may take place according to any protocol, such as TCP/IP, ftp, OFX, or XML, and
`
`-10-
`
`USR Exhibit No. 2009
`
`
`
`may include any desired level of interaction between the interface centers 27 and the
`
`computer system 10. To enhance security, especially where communication takes place
`
`over a publicly accessible network such as the Internet, communications facilitating or
`
`relating to transmission of data from/to the USR database 24 or the computer system 10
`
`5 may be encrypted using an encryption algorithm, such as PGP, DES, or other
`
`conventional symmetric or asymmetric encryption algorithm.
`
`In one embodiment, the USR system 10 or USR database 24 may be able to
`
`authenticate its identity to a user or other entity accessing the system by providing an
`
`appropriate code which may be displayed on the user's smart card, for example a
`
`10
`
`SecurIDTM card or its equivalent, or other code generator, for example a single use code
`
`generator, being employed by the user. A comparison by the user or the code generator
`
`between the provided number and an expected number can validate, to the user (or other
`
`entity) or the code generator, that communication is with the database and not an
`
`imposter.
`
`15
`
`The database 24 shown in Fig. 1 has a USR database containing entries related to
`
`persons 1-n. The data in the USR database may also be segregated, as shown in Fig. 4,
`
`according to data type to enable individual computer modules to handle discrete
`
`applications on discrete data types. Segregating the data, as illustrated in Fig. 4, may
`
`make access to the database more robust by enabling portions of the data in the USR
`
`20
`
`database 24 to be accessible even when it is necessary to perform maintenance on a
`
`portion of the database. However, storing the data in the USR database 24 according to
`
`the scheme illustrate