United States Patent [191
`Houvener et al.
`
`1111111111111 HIii lllll llll llll llll llll llll llll 11111111111111111
`US005790674A
`[111 Patent Number:
`[451 Date of Patent:
`
`5,790,674
`Aug. 4, 1998
`
`[54]
`
`SYSTEM AND METHOD OF PROVIDING
`SYSTEM INTEGRITY AND POSITIVE AUDIT
`CAPABILITIES TO A POSITIVE
`IDENTIFICATION SYSTEM
`
`[75]
`
`Inventors: Robert C. Houvener, Nashua; Ian P.
`Boenisch, Salem, both of N.H.
`
`[73]
`
`Assignee: Image Data, LLC, Nashua. N.H.
`
`[21] Appl. No.: 684,677
`Jul. 19, 1996
`
`[22] Filed:
`
`[63]
`
`[51]
`[52]
`[58]
`
`[56]
`
`Related U.S. Application Data
`
`Continuation-in-part of Ser. No. 436,146, May 8, 1995, Pat.
`No. 5,657,389.
`................................ H04L 9/32; G06K 9/62
`Int. Cl. 6
`U.S. Cl . ........................ 380/23; 340/825.34; 382/115
`Field of Search ............................... 380/23; 382/115;
`340/825.34
`
`References Cited
`
`U.S. PxrENT DOCUMENTS
`
`4,858,121
`4,991,205
`4,993,068
`4,995,081
`5,053,608
`
`8/1989 Barber et al. ............................... 705/2
`2/1991 Lemelson.
`2/1991 Piosenka et al . .
`2/1991 Leighton et al . .
`10/1991 Senanayake .
`
`3/1992 Miyata .
`7/1992 Puhl et al ..
`11/1993 Monroe et al . .
`6/1994 Ray et al ..
`8/1994 Axelrod et al ..
`5/1995 Imahata ................................... 235/380
`7/1995 Ray et al ..
`11/1995 Ray et al ..
`............................ 380/23
`1111995 Berson et al.
`8/1996 Caputo et al ............................. 380/25
`
`5,095,196
`5,131,038
`5,259,025
`5,321,751
`5,337,358
`5,416,306
`5,436,970
`5,466,918
`5,469,506
`5,546,463
`Primary &aminer-Gilerto Barr6n. Jr.
`Attorney, Agent, or Firm-James T. Sullivan; Daniel J.
`Bourque; Kevin J. Carroll
`ABSTRACT
`[57]
`
`The present invention is a system and method of providing
`system integrity and positive audit capabilities to a positive
`identification system. The use of access authority informa(cid:173)
`tion units to gain access to the positive identification system
`solves the problems of open, unsecured and unauditable
`access to data for use in point of use identification systems.
`In order to secure the rights to the data that is needed to make
`mass identification systems operate, it must be shown that
`records will be closed and secure, as well as that there will
`be an audit trail of access that is made to the data. This
`system solves those problems through the use of a system
`and method for identification with biometric data and/or
`personal identification numbers ancVor personalized devices
`embedded with codes unique to their assigned users.
`
`11 Claims, 6 Drawing Sheets
`
`METHOD 1 OR 2 IS
`PERFORMED
`
`METHOD 1 OR 2 IS
`PERFORMED.
`BIOMETRIC IS
`RETRIEVED BASED PIN
`
`CLERK ACCEPTS
`PAYMENT FORM,
`A DEVICE READS IT
`
`PIN(S) ARE MAPPED
`TO A BIOMETRIC SUCH
`AS A VALID PICTURE
`
`THIRD PARTY OR SYSTEM
`VERIFIES CLERK IDENTITY
`FROM BIOMETRIC AND
`ENTERS OWN PIN
`
`KEY OR MEMORIZED
`PIN AND DATA
`FROM PAYMENT ARE
`HELD AS A TRANSACTION
`
`IF THIRD PARTY OR
`SYSTEM VERIFIES
`IDENTITY, ACCESS
`IS GRANTED
`
`OFF-LINE ANALYSIS
`HELPS IDENTIFY OUT OF
`NORM FRAUD PATTERNS
`
`REGISTRATION
`PROCESS
`
`LOGIN
`PROCESS
`
`USE
`PROCESS
`
`ASSA ABLOY Ex. 1013 - Page 1
`ASSA ABLOY AB v. CPC Patent Technologies Pty Ltd.
`IPR2022-01006 - U.S. Patent No. 9,665,705
`
`

`

`U.S. Patent
`
`Aug. 4, 1998
`
`Sheet 1 of 6
`
`5,790,674
`
`CREDIT
`CARD
`
`2
`
`4
`
`MAGNETIC
`STRIP
`READER
`
`FIG. I
`
`4'
`
`DISPLAY
`
`6
`
`6'
`
`1
`
`CHECK
`SCANNER
`
`5
`INPUT
`KEYPAD
`
`CONTROLLER
`
`7
`
`MODEM
`
`8
`
`WAN
`DEVICE
`
`OPTIONAL SECOND
`DISPLAY FOR
`SIGNATURE OR
`AUTHORIZATION
`DATA
`
`8
`
`6
`
`FIG. 2
`
`ASSA ABLOY Ex. 1013 - Page 2
`ASSA ABLOY AB v. CPC Patent Technologies Pty Ltd.
`IPR2022-01006 - U.S. Patent No. 9,665,705
`
`

`

`U.S. Patent
`
`Aug. 4, 1998
`
`Sheet 2 of 6
`
`5,790,674
`
`19
`
`DISK
`ARRAY
`
`20
`
`DISK
`ARRAY
`
`16---.a----_.__-
`DATABASE SERVER
`
`21
`
`DISK
`ARRAY
`
`22
`
`DISK
`ARRAY
`
`DATABASE SERVER
`
`OPTIONAL
`FRONTEND
`SERVER FOR
`LOCAL
`DISTRIBUTION
`
`13
`
`1/0 CONTROLLER
`
`15
`
`14
`
`MODEM
`BANK
`
`WAN
`DEVICE
`
`14'
`
`PUBUC
`TELEPHONE
`NETWORK
`
`FIG. 3
`
`ASSA ABLOY Ex. 1013 - Page 3
`ASSA ABLOY AB v. CPC Patent Technologies Pty Ltd.
`IPR2022-01006 - U.S. Patent No. 9,665,705
`
`

`

`U.S. Patent
`
`Aug. 4, 1998
`
`Sheet 3 of 6
`
`5,790,674
`
`ASSA ABLOY Ex. 1013 - Page 4
`ASSA ABLOY AB v. CPC Patent Technologies Pty Ltd.
`IPR2022-01006 - U.S. Patent No. 9,665,705
`
`

`

`METHOD 1 OR 2 IS
`PERFORMED
`
`II
`
`PIN(S) ARE MAPPED
`TO A BIOMETRIC SUCH
`AS A VALID PICTURE
`
`REGISTRATION
`PROCESS
`
`METHOD 1 OR 2 IS
`PERFORMED.
`BIOMETRIC IS
`RETRIEVED BASED PIN
`
`•
`THIRD PARTY OR SYSTEM
`VERIFIES CLERK IDENTITY
`FROM BIOMETRIC AND
`ENTERS OWN PIN
`
`IF THIRD PARTY OR
`SYSTEM VERIFIES
`IDENTITY, ACCESS
`IS GRANTED
`
`LOGIN
`PROCESS
`
`FIG. 5
`
`CLERK ACCEPTS
`PAYMENT FORM,
`A DEVICE READS IT
`
`KEY OR MEMORIZED
`PIN AND DATA
`FROM PAYMENT ARE
`HELD AS A TRANSACTION
`
`OFF-LINE ANALYSIS
`HELPS IDENTIFY OUT OF
`NORM FRAUD PATTERNS
`
`USE
`PROCESS
`
`•
`
`0 • r::n
`~ = t"'l'-
`f"O a
`
`;;i...
`~
`~ ...
`~ oc
`
`i--
`
`ga a ...
`
`~
`O'I
`
`01
`-.. .......
`\0
`0
`-..
`""'
`.......
`.i:.
`
`ASSA ABLOY Ex. 1013 - Page 5
`ASSA ABLOY AB v. CPC Patent Technologies Pty Ltd.
`IPR2022-01006 - U.S. Patent No. 9,665,705
`
`

`

`CLERK IS ASSIGNED
`UNIQUE PIN NUMBER
`IN A ELECTRONIC KEY
`
`CLERK INTERFACES KEY
`INTO POINT OF USE
`DEVICE, IT IS READ
`
`CLERK ACCEPTS
`PAYMENT FORM,
`A DEVICE READS IT
`
`'
`
`KEY IS MAPPED TO
`UNIQUE CLERK IN
`SECURE DATABASE
`
`~
`
`r------------------
`1
`I
`CLERK OPTIONALLY
`:
`1
`:
`PERFORMS METHOD 1
`1
`I
`I
`- - - - - - - - - -- - - - - - - - _,
`I
`I
`
`---------·
`r
`I
`I
`OPTIONAL METHOD
`:
`1
`'
`1 IS DONE
`1
`:
`CONCURRENTLY
`1
`I
`I
`------------------~
`
`REGISTRATION
`PROCESS
`
`KEY PIN IS
`COMPARED TO KEY
`PIN IN DB, IF MATCH
`ACCESS IS GRANTED
`
`LOGIN
`PROCESS
`
`FIG. 6
`
`KEY PIN AND DATA
`FROM PAYMENT ARE
`HELD AS A TRANSACTION
`
`"
`
`OFF-LINE ANALYSIS
`HELPS IDENTIFY OUT OF
`NORM FRAUD PATTERNS
`
`USE
`PROCESS
`
`Cj
`• rJJ.
`•
`
`~ = [
`
`> = ~
`J••
`....
`~
`00
`
`ga a
`
`VI
`~
`c:,,,..
`
`Ut
`'!...J
`\0
`Q
`._.
`="'
`~
`
`ASSA ABLOY Ex. 1013 - Page 6
`ASSA ABLOY AB v. CPC Patent Technologies Pty Ltd.
`IPR2022-01006 - U.S. Patent No. 9,665,705
`
`

`

`CLERK IS ASSIGNED
`UNIQUE PIN NUMBER
`AND MEMORIZES IT
`
`CLERK ENTERS PIN
`NUMBER INTO POINT OF
`USE DEVICE
`
`CLERK ACCEPTS
`PAYMENT FORM,
`A DEVICE READS IT
`
`1
`
`PIN IS MAPPED TO
`UNIQUE CLERK IN
`SECURE DATABASE
`
`1'
`
`ENTERED PIN IS
`COMPARED TO PIN IN
`DB, IF MATCH, ACCESS
`
`REGISTRATION
`PROCESS
`
`LOGIN
`PROCESS
`
`FIG. 7
`
`PIN AND DATA FROM
`PAYMENT ARE HELD AS
`TRANSACTION RECORD
`
`1t
`
`OFF-LINE ANALYSIS
`HELPS IDENTIFY OUT OF
`NORM FRAUD PATTERNS
`
`USE
`PROCESS
`
`~ • rJJ. •
`~ ~
`~ ~
`
`>
`~
`....
`i QC
`
`_,,.i.
`
`r:IJ =-a
`s,
`
`0'I
`
`0'I
`
`01
`--'1
`~
`--0\
`'1
`,l;.i..
`
`ASSA ABLOY Ex. 1013 - Page 7
`ASSA ABLOY AB v. CPC Patent Technologies Pty Ltd.
`IPR2022-01006 - U.S. Patent No. 9,665,705
`
`

`

`5,790,674
`
`1
`SYSTEM AND METHOD OF PROVIDING
`SYSTEM INTEGRITY AND POSITIVE AUDIT
`CAPABILITIES TO A POSITIVE
`IDENTIFICATION SYSTEM
`
`RELATED APPLICATION
`This is a Continuation-in-Part of application Ser. No.
`08/436.146, filed May 8. 1995 now U.S. Pat. No. 5,657 389.
`
`FIELD OF THE INVENTION
`The present invention relates to the field of identity
`verification. Specifically. the invention is directed to a
`system and method of providing system integrity and posi(cid:173)
`tive audit capabilities to a positive identification system.
`More particularly. the system and method uses personal
`identification numbers (PINs) to limit access to the identi(cid:173)
`fication related devices to personnel who are authorized to
`do so. The PINs can be implemented as a simple number that
`can be typed into an input keypad when access to the
`positive identification system is desired. A more robust
`implementation of the PIN system is implemented as a
`portable storage device or electronic key that holds a read(cid:173)
`able code which is associated with an authorized user of the
`positive identification system. Finally, either PIN
`implementation, or both, can be used in identification of the
`system user at the point of verification terminal.
`
`BACKGROUND OF THE INVENTION
`Positive identity verification is critical in many types of
`transactions and security procedures. For example,
`signatures, fingerprints or images of faces are compared to
`establish identity. Creation of fraudulent identities or the
`misrepresentation of an individual's identity can result in
`fraudulent transactions and the breach of security systems.
`At present. such positive identification means as drivers'
`licenses. picture identification cards, hand-written
`signatures. personal identification numbers, fingerprints,
`retinal scans. voice prints and other ways of uniquely
`identifying personal characteristics are used. However, these
`prior art methods of identity verification exhibit one or more
`of the following characteristics: 1) they do not offer suffi(cid:173)
`cient reliability for most positive personal identification
`applications; 2) the technology required for their implemen(cid:173)
`tation is too expensive for wholesale adoption by entire
`industries; 3) they do not offer ease of use, which is critical
`for most applications of personal identification; 4) the tech(cid:173)
`nology required to implement them in a wide-scale manner
`is not yet mature enough to guarantee sufficient reliability;
`5) the recurring cost of using the technology is too high for
`most applications of personal identification; 6) the data used
`for identity verification is not maintained in a secure manner
`and is almost universally held by the person presenting it as
`the form of verification, thereby allowing for fraudulent
`alteration of the verification data; 7) processes for building
`accurate verification databases for wide-spread use are
`impractical; and 8) the process of verification does not
`include sufficient steps to ensure that the individual respon(cid:173)
`sible for identity verification is accountable to ensure that
`identity verification is accurately performed.
`One system which relies on positive identity verification
`for transactions is the credit/debit and charge card system.
`Credit cards are an increasingly popular means for consum(cid:173)
`ers to complete transactions. However, part of the costs
`incurred from the convenience of using credit cards is the
`burgeoning growth of credit card fraud. Because there are
`trillions of dollars of credit card transactions made each year,
`
`2
`which depend on the fact that the person presenting the form
`of payment is actually the person having the legal right to
`use the underlying account. even a small percentage of
`fraudulent transactions results in billions of lost dollars. The
`5 cost of this fraud is paid for, indirectly, by the consumers in
`the form of higher credit card interest rates and fees and, in
`part. by the merchants accepting such credit cards in the
`form of higher transaction commissions.
`Methods used to combat fraud have been the use of
`10 holographic images on cards, the need for a validation
`requester to obtain transaction approval, the encoding of
`cardholder information on magnetic strips on the back of the
`card. as well as signature verification. A number of patents
`have issued on identification devices and methods. Of par-
`15 ticular note is U.S. Pat. No. 5321.751. issued to Ray. et al.
`on Jun. 14, 1994. Other prior art references of note are U.S.
`Pat. No. 5337 358. issued to Axelrod. et al. on Aug. 9. 1994.
`U.S. Pat. No. 5,095.196, issued to Miyata on Mar. 10. 1992.
`U.S. Pat. No. 5.259,025. issued to Monroe. et al. on Nov. 2.
`20 1993. U.S. Pat. No. 4,995.081. issued to Leighton. et al. on
`Feb. 19, 1991. U.S. Pat. No. 4,991.205, issued Lemelson on
`Feb. 5, 1991. U.S. Pat. No. 5,053,608, issued to Senanayake
`on Oct.1.1991. U.S. Pat. No. 5,131.038. issued to Puhl, et
`al. on Jul. 14. 1992 and U.S. Pat. No. 4,993,068. issued to
`25 Piosenka, et al. on Feb. 12, 1991. As noted above. one of the
`underlying deficiencies of all of these prior art identification
`systems is that they all rely, in some manner. on information
`encoded on the credit card being presented. While some of
`these references include sophisticated encryption
`30 algorithms, the fact remains that giving access to the infor(cid:173)
`mation to the card users lends itself to the potential for
`reverse engineering and overcoming even the most sophis(cid:173)
`ticated of encryption means.
`Io the recent past, Citibank introduced a credit card with
`35 a digital likeness of the authorized user provided on the card
`itself. As the Ray patent discloses, the photographic image
`on the Citibank card resulted in an initial drop in fraud in the
`New York test market estimated as high as 67 percent.
`However, as Ray also explains. the Citibank photo card
`40 system. like other forms of identity verification that are
`distnbuted to the public will eventually be defeated by
`sophisticated counterfeiting.
`An additional difficulty with most prior art verification
`methods is that they all require the use of a special credit
`45 card incorporating some form of identification means. Thus.
`in order for their use to gain widespread acceptance, replace(cid:173)
`ment of existing credit cards and credit card manufacturing
`equipment must be accomplished.
`The disclosed invention offers a number of advances over
`50 prior art identity verification systems and methods, which
`overcome many of the limitations found in such prior art
`systems. The first, and perhaps the most significant advan(cid:173)
`tage of the disclosed invention is that the positive identity
`verification system stores the verification data at a remote
`55 site and thereby does not give criminals access to the identity
`verification medium. This is significant in that any time a
`potential counterfeiter is afforded the opportunity to access
`the verification medium, there is the potential that the
`medium can be corrupted, regardless of the level of security
`60 sophistication incorporated into the system. A second, and
`again significant advantage of the disclosed invention is that
`the system is completely independent of the credit cards
`whose users the system is designed to positively identify.
`Thus, the disclosed invention does not require the modifi-
`65 cation or replacement of existing credit cards, which would
`be an almost insurmountable task. Furthermore, the segre(cid:173)
`gation of the identity verification medium from the credit
`
`ASSA ABLOY Ex. 1013 - Page 8
`ASSA ABLOY AB v. CPC Patent Technologies Pty Ltd.
`IPR2022-01006 - U.S. Patent No. 9,665,705
`
`

`

`5,790,674
`
`3
`cards themselves allows the system disclosed herein to be
`used in conjunction with any number of credit cards.
`Additionally, low cost disposable cameras and access to
`drivers' license databases, which are maintained by all of the
`states, makes wide-scale implementation of the system and
`method convenient and cost effective. Finally. having an
`interface to credit authorization agencies resident at the
`remote database location reduces the hardware needed at the
`point of verification as well as at the remote database
`locations. thereby reducing the costs of the overall verifi- 10
`cation service.
`
`4
`database before access is granted. At the database site. the
`system receives the information presented at the point of
`identification terminal and searches the database to find the
`unique image data corresponding to the unique data. The
`5 system then transmits the image data to the point of iden(cid:173)
`tification terminal where it is displayed on a display means.
`Finally, the system incorporates a means for verifying that
`an identifier present at the point of verification has
`adequately verified that the digital image displayed on the
`display means matches physical or biometric information
`provided by the person to be identified at the point of
`identification terminal.
`
`OBJECTS OF THE INVENTION
`
`15
`
`20
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`FIG. 1 is a block diagram of the point of identity verifi(cid:173)
`cation terminal showing the various components contained
`therein.
`FIG. 2 is a perspective view of the preferred embodiment
`of the point of identity terminal. which would be available
`for use at a point of sale or the like.
`FIG. 3 is a block diagram of components of the positive
`identity verification system and the communication fiowpath
`established between the point of identity verification and the
`25 remote database storage and retrieval center, which is where
`a comprehensive database of photographic inlages of per(cid:173)
`sons to be identified is maintained and accessed for trans(cid:173)
`mission to the point of verification.
`FIG. 4 is an upper level system architecture drawing
`30 showing a number of database storage and retrieval centers
`networked over a global high speed network.
`FIG. 5 is a block diagram showing a method for providing
`auditing capabilities and system integrity for a positive
`identification system and method by requiring an individual
`35 verifying the identity of a person presenting a credit card or
`the like at a point of identification to input a memorized
`personal identification number (PIN) into the positive iden(cid:173)
`tification terminal for each transaction.
`FIG. 6 is a block diagram showing a method for providing
`40 auditing capabilities and system integrity for a positive
`identification system and method using an electronic key
`based PIN and an optional memorized PIN.
`FIG. 7 is a block diagram showing a method for providing
`auditing capabilities and system integrity for a positive
`identification system and method using a biometric with
`either an electronic key based PIN. a memorized PIN or
`both.
`
`Accordingly, it is an object of the present invention to
`provide a system and method of positive identity verification
`for use in conjunction with transactions where ensuring the
`identity of persons is important. such as credit card
`transactions. that separates the identification medium from
`the credit card user. Another object of the invention is to
`provide a positive identity verification system and method
`which is difficult to counterfeit.
`Yet another object of the invention is to provide a system
`and method for positive identity verification that includes a
`secure and accurate database of photographic images of
`individuals and other pertinent data. such as digitized
`graphical representations of signatures, that can be accessed
`for multiple positive identification uses.
`Still another object of the invention is to provide a system
`and method of positive identity verification that removes the
`form of identification from the credit card or the like so that
`existing credit cards do not need to be replaced in order to
`implement the device and method.
`Yet another object of the invention is to provide a system
`and method of positive identity verification that removes the
`requirement for personal signatures from credit cards or the
`like so that signature forgery is virtually impossible when a
`credit card is stolen and fraudulently used.
`A further object of the invention is to provide a system
`and method of positive identification that requires account(cid:173)
`ability on the part of the person verifying that the physical
`characteristics of the person to be identified match the image
`of the person that is stored in the system's image database.
`A further object of the invention is to provide a system
`and method of positive identification that grants access to
`the system's remote image database only to authorized users
`of the system.
`A further object still of this invention is to provide a
`virtually uncounterfeitable system and method for positive 50
`identity verification.
`These and still other objects of the disclosed invention
`will become apparent from the following description.
`
`45
`
`SUMMARY OF THE INVENTION
`The present invention is a system and method of posi(cid:173)
`tively identifying individuals. The system comprises a point
`of identification terminal having a means for inputting data
`presented by a particular individual, at least one database
`storage and retrieval site having stored therein a plurality of 60
`digital image data unique to persons to be identified, and a
`means for exchanging data between the point of identifica(cid:173)
`tion terminal and the database site. The database site com(cid:173)
`prises a means for validating that a point of identification
`terminal seeking to exchange data with the site is authorized 65
`to do so. The database site also comprises a means for
`validating that a system user is authorized to access the
`
`DETAilED DESCRIPI1ON OF THE
`INVENTION
`The present invention is a system and method to develop,
`maintain and use a secure and authentic database of digital
`photographic image, signature or other data unique to indi-
`55 viduals for positive identity verification purposes. The sys(cid:173)
`tem includes a means for accessing the database in a secure
`and cost-effective manner. a means for performing positive
`identity verification. and a distributed database update and
`retrieval system. which allows for low cost operation, ease
`of use, stability and robustness for vast numbers of verifi(cid:173)
`cation requests originating from worldwide locations. The
`present invention also includes a means that allows for
`accountability on the part of the user of the system. which
`in turn will ensure that the system is used to its fullest
`potential.
`The system will be disclosed herein with particular ref(cid:173)
`erences to a point of sale system, where a credit card is
`
`ASSA ABLOY Ex. 1013 - Page 9
`ASSA ABLOY AB v. CPC Patent Technologies Pty Ltd.
`IPR2022-01006 - U.S. Patent No. 9,665,705
`
`

`

`5,790,674
`
`5
`presented by a consumer, or presenter, in order to make a
`purchase. Thus, the system will make particular references
`to credit card account numbers, and the like. However. it is
`understood that the positive identity verification system
`disclosed herein is adaptable to any application where
`positive identification of a person is required. Such alterna(cid:173)
`tive applications comprise checking and banking
`transactions, firearm sales. food stamp reimbursement and a
`host of other applications related to the welfare. voting. law
`enforcement. health care. airline, immigration and natural(cid:173)
`ization fields.
`Referring now to the figures, a positive identification
`system in accordance with the disclosed invention is shown.
`A point of verification terminal 1 is located at a location
`where the identity of persons present is required to be
`verified. The point of verification terminal comprises a
`standard magnetic strip reader 4, an optional bar code reader
`4', a check scanner 4", all of which are well known in the art,
`an input keypad 5, a display means 6, which is preferably a
`miniature flat panel display. a controller 7, and an internal
`communication modem or other communications means 8.
`Although the rate of data exchange may vary depending on
`the availability of quality phone lines or other means of data
`transmission, such as a dedicated wide area network or a
`satellite communications link. the system would transmit
`data at a rate of at least 9,600 baud per second (bps).
`However, quality data transmission media will allow for
`data exchange at rates of 14,400 bps, 28,800 bps or even
`higher baud rates.
`In a credit card transactional situation, the point of veri(cid:173)
`fication would be the point of sale, which typically incor(cid:173)
`porates a cash register and prior art credit card verification
`systems. Upon presentation of a standard credit card 2, the
`store clerk or other individual responsible for positive iden(cid:173)
`tification would input the credit card account number into
`the point of identification terminal 1. The preferred method
`of inputting the credit card information would be by swiping
`the credit card through the standard magnetic strip reader 4,
`which would be capable of reading credit card account
`information, which is currently encoded on magnetic strips
`on the reverse side of virtually all credit cards. In the
`alternative, if the magnetic strip containing the account data
`is corrupted, which routinely occurs due to either wear or
`contact with a powerful magnetic field, the identifier would
`simply read the account number off of the credit card, where
`it is typically provided in embossed characters, and input the
`credit card account number into the point of identification
`terminal using keypad 5. Another alternate means of input(cid:173)
`ting the credit card account information into the point of
`verification terminal would be to utilize a coded medium
`such as a bar code. In this embodiment, the magnetic strip
`reader 4 would be replaced by a standard bar code reader to
`transfer its data to the code reader 4' and onto controller 7.
`Another embodiment of the invention would include check
`scanner 4", which would be used to scan checking account
`number information off of a standard personal or company
`check. which would expand the role of the system from
`credit/debit card transaction identity verification to checking
`related transactions as well.
`In addition to the credit card account information, the
`identifier could manually input any other information
`needed to aide in the identity verification process via keypad
`5. Such additional information could be whether the pre(cid:173)
`senter is male or female, in which case the keypad could
`incorporate a specific key to correspond to the male-female
`choice 5' or whether the presenter is a dependent of the credit
`card owner, in which case the keypad would incorporate a
`specific key 5" to correspond to dependent choice.
`
`6
`Once the account number is entered into the point of
`identification terminal 3, the terminal would initiate com(cid:173)
`munications via its internal communication means, which
`could be a modem or wide area network (WAN) device to
`5 one of a number of remote database storage sites 9-11 using
`public phone lines 12. Alternative forms of communications
`links are envisioned as well, and include satellite
`communications, or dedicated network means. The actual
`site accessed would be a function of availability and loading
`10 on the public access phone lines. network availability.
`retrieval site availability or other system availability criteria
`at the time the terminal initiates communications with a
`remote database site. Communications will then be estab(cid:173)
`lished with an input/output controller 13 at the remote
`15 database storage site through a modem bank 14 at the
`database storage site, the controller 13 would initiate a query
`to the point of identification terminal 3 to verify that the
`terminal has the appropriate authority to access the remote
`database site and is a valid device. One simple and cost
`20 effective method of performing this query is to use com(cid:173)
`monly available caller ID technology to ensure that the
`request for data has been originated from an authorized
`telephone line. Additionally, a software key may be incor(cid:173)
`porated into each point of identification terminal which will
`25 respond in a predetermined manner when queried by a
`remote database storage site.
`Once controller 13 verifies that the requesting point of
`identification terminal 3 is a valid device and has the
`appropriate access privilege, the terminal will be allowed to
`30 transmit an information request to the database storage site.
`The information request is also received by input/output
`controller 14, over a high speed network 15. The high speed
`network may be fiber distributed data interface (FDDI),
`asynchronous transfer mode (XIM) or any other suitable
`35 cost effective high speed network The information request
`is then routed to one of a number of database servers 16-18
`where the credit card account data is processed. The selected
`server then accesses a set of high speed, high reliability disk
`arrays 19-23 and retrieves the digital photographic or other
`40 image or other unique personal data associated with the
`account data received by the database server.
`In addition to retrieving the digital image or other unique
`personal data stored at the remote database site. the database
`site would be configured to allow input/output conlroller 13
`45 to initiate additional information requests from outside
`information databases. One such scenario envisioned in the
`credit card processing example would be for the database
`site to query any one of a number of existing credit autho(cid:173)
`rization agencies (CAA) to verify that the credit card
`50 account being processed is valid and within its pre-approved
`credit limit. An alternate embodiment would be to have the
`remote database storage and retrieval site(s) co-located at a
`one or more CAA sites.
`The identifier, which would be the sales clerk in a retail
`55 establishment, would only need to input the credit card
`information into one device and would receive both credit
`approval and identity verification from a single source. In
`this scenario, input/output controller 13 would initiate a
`credit authorization request to an outside CAA 23 through
`60 modem bank 14 over public access telephone lines 12 or
`through a WAN connection 14' or the like. H the amount of
`the transaction is approved by the CAA 23. the database site
`would receive the credit approval code from the CAA and
`retransmit the code to the point of verification terminal along
`65 with the digital image information or other unique data over
`its established communications link The credit approval
`code would be displayed either on the display means 6 of the
`
`ASSA ABLOY Ex. 1013 - Page 10
`ASSA ABLOY AB v. CPC Patent Technologies Pty Ltd.
`IPR2022-01006 - U.S. Patent No. 9,665,705
`
`

`

`5,790,674
`
`7
`point of verification terminal or. in the alternative, on an
`optional second display means 6'.
`The point of identification terminal would then receive the
`information via modem or WAN connection 8 and route it to
`controller 7. which would process the information received
`and display the digital image received on either display
`means 6. In one embodiment of the invention. the digital
`information would be stored at the remote database storage
`site in a compressed state and be transmitted to the point of
`identification terminal in the compressed state so as to
`minimize the time associated with a particular transaction.
`In this embodiment. the controller 7 would first decompress
`the digital photographic information and then display the
`information on display means 6.
`Another embodiment of the invention. which would be
`used for situations where the highest security of information
`would be required. the digital image information would be
`encrypted in addition to being compressed while it is being
`transmitted to a point of verification terminal. In this
`embodiment, the tenninal controller 7 would be required to
`decrypt as well as decompress the photographic information
`in order to allow the information to be displayed on the
`display means.
`The store clerk. or other person responsible for identity 25
`verification would then visually compare the image dis(cid:173)
`played on the display means with the physical appearance or
`the signature of the person presenting the credit card at the
`point of verification. If a match exists, then the clerk would
`input a specified keystroke sequence on input keypad 5 to 30
`indicate that the clerk has in fact verified that an identity
`match exists.
`F1G. 5 shows the positive identification sequence using a
`memorized personal identification number (PIN) for each
`clerk tasked with verifying the identity of a person com- 35
`pleting a particular transaction. First, each clerk is assigned
`a unique PIN, which each clerk must memorize. The PIN
`serves as an access authority information unit, which will
`allow only authorized users to access the remote database
`site. Each memorized PIN would then be mapped by the 40
`positive identification system to a single clerk in the secure
`database located at the remote database site. When a clerk
`logs into the point of identification terminal in order to
`access the information maintained in the remote database,
`the clerk will enter his or her access authority information 4s
`unit, which in this case would be his or her memorized PIN
`into the point of identification terminal. The positive identity
`verification system will then compare the memorized PIN
`that is entered into the system to determine if a match exists
`with a PIN assi