(12) United States Patent
`Ludtke et al.
`
`(10) Patent No.:
`(45) Date of Patent:
`
`US 7,188,110 B1
`Mar. 6, 2007
`
`US0071881 1 OB1
`
`(54) SECURE AND CONVENIENT METHOD AND
`APPARATUS FOR STORING AND
`TRANSMITTING TELEPHONY-BASED DATA
`
`(75) Inventors: Harold Aaron Ludtke, San Jose, CA
`(US); Brant L. Candelore, Escondido,
`CA (US)
`
`(73) Assignees: Sony Corporation, Tokyo (JP); Sony
`Electronics Inc., Park Ridge, NJ (US)
`
`(*) Notice:
`
`Subject to any disclaimer, the term of this
`patent is extended or adjusted under 35
`U.S.C. 154(b) by 66 days.
`(21) Appl. No.: 09/734,839
`(22) Filed:
`Dec. 11, 2000
`
`e -ll 9
`
`(51) Int. Cl.
`(2006.01)
`G06F 7/30
`(52) U.S. Cl. ........................................................ T07/10
`(58) Field of Classification Search .................... 707/6,
`707/10, 104.1: 704/273, 247; 705/51; 455/563,
`455/411; 713/182, 178; 709/217, 219; 715/746
`See application file for complete search history.
`
`(56)
`
`References Cited
`U.S. PATENT DOCUMENTS
`
`7, 1994 Fraser et al.
`5,329,589 A
`5,561,709 A 10, 1996 Remillard
`5,654,746 A
`8/1997 McMullan, Jr. et al.
`s: A SE st
`al.
`5.878,139 A
`3/1999 Rosen
`5,933,811 A
`8/1999 Angles et al.
`6,000,832 A 12/1999 Franklin et al.
`6,029,141 A
`2/2000 Bezos et al.
`6,076,075 A
`6, 2000 Teicher
`2.8
`85.8 Son et al
`6. 4As48 A 1 1/2000 Walsh et all
`6.14s.24. A
`1/2000 Ludtkeetal
`6,163,771 A 12/2000 Walker et al.
`6,166,730 A 12/2000 Goode et al.
`
`6,237,096 B1* 5/2001 Bisbee et al. ............... 713, 178
`6,263.311 B1* 7/2001 Dildy ......................... 704/273
`6,264,560 B1
`7/2001 Goldberg et al.
`6,282.552 B1
`8/2001 Thompson et al.
`6,311,214 B1
`10/2001 Rhoads
`6,356,905 B1
`3/2002 Gershman et al.
`6,393,305 B1* 5/2002 Ulvinen et al. ............. 455,563
`6,434.403 B1
`8/2002 Ausems et al.
`6,434,747 B1
`8, 2002 Khoo et al.
`6,609, 113 B1
`8/2003 O’Leary et al.
`6,668,322 B1* 12/2003 Wood et al. ................ T13, 182
`6,675.203 B1* 1/2004 Herrod et al. .............. 709/217
`3.07. R. r3.
`al
`al - - - - - - - - - - - - 7,3.
`sy w
`TCCO C al. . . . . . . . . . . . . . . . .
`6,895,558 B1* 5/2005 Loveland .................... 715,746
`
`FOREIGN PATENT DOCUMENTS
`35.1799
`2, 1999
`
`TW
`
`OTHER PUBLICATIONS
`Tryllian Mobile Agents: Going Beyond the Web, A Commercial
`White Paper, Version 1.0- May 18, 2000, p. 1-21.
`Alan Neibauer, "Running Microsoft Outlook 98", Microsoft Press,
`p. 44-55 (Copyright 1998).
`About Gossip, http://www.Tryllian.com including Quickstart
`Guide, Products and Downloads (6 pgs.) (Copyright 1999-2000).
`Alan Freedman, The Computer Desktop Encyclopedia (2" Ed.), pp.
`p
`p Encyclop
`, pp
`16, 86, 1029. The Computer Language Company Inc., Point Pleas
`ant, PA (Copyright 1999).
`k
`.
`cited by examiner
`Primary Examiner Diane Mizrahi
`(74) Attorney, Agent, or Firm—Blakely, Sokoloff, Taylor &
`Zafman LLP
`
`(57)
`
`ABSTRACT
`
`A method of identifying an authorized user with a biometric
`device and enabling the authorized user to access private
`information over a voice network is disclosed.
`
`23 Claims, 31 Drawing Sheets
`
`Memory Info Stick
`
`PrivacyCard Slot/Interface
`
`Wireless Antenna
`
`
`
`9
`
`Digital Wallet
`
`FeliCaechnology Block
`
`retro
`
`FeliCareaderWriter Technology
`Block
`9A
`
`First Generation PrivacyCard
`Technology Block
`948
`
`Second Generation PrivacyCard
`Technology Block
`
`Fict
`
`Felica ReaderWriter
`
`Memory info
`StickDriver
`
`PrivacyCard Slott
`Interface Driver
`954
`Wireless Transmission Driver Bluetooth,
`Pager, Cellular, etc.) 95
`
`Page 1 of 54
`
`GOOGLE EXHIBIT 1005
`
`

`

`U.S. Patent
`
`Mar.6, 2007
`
`Sheet 1 of 31
`
`US 7,188,110 B1
`
`
`
`
`
`JNOGOVEW3LSASNOLLOVSNVHL=<—
`
`
`
`
`
`JNNVH9NOLLMAIWISIOTWOISAHd=——
`
`
`
`
`
`JANNVH9NOLLNGIHISIGSINOWLO3Ta=——|“S|
`
`
`
`
`
`JYNLIALIHOYYTVYIN39JOYIWINOD
`
`NOILOVSNVHL
`
`WIONVNId
`
`ONISSIOOUd
`
`/W1dS10
`
`LAANI
`
`JOIAIG
`
`QN34OVE
`
`
`GN3INOW
`
`AQWALUd
`
`
`
`SYOUNSAOUVOADVAIYd
`
`OSt
`
`NOLLAGILSIG
`
`
`
`ASNOHONIYVS19
`
`PalYIINNSNOD
`
`jOl
`
`Page 2 of 54
`
`Page 2 of 54
`
`
`
`
`
`
`
`

`

`U.S. Patent
`
`US 7,188,110 B1
`
`
`
`
`
`:TVNHW HEIL S0d - BHÍ 110B11H0HV TWHEN35) BOHEMIN00
`
`
`
`
`
`
`
`- - - -
`
`------------1 „
`
`(INE I NOH-]
`
`
`
`
`
`
`
`
`
`
`
`
`
`Page 3 of 54
`
`

`

`U.S. Patent
`U.S. Patent
`
`Mar. 6, 2007
`Mar.6, 2007
`
`Sheet 3 of 31
`Sheet 3 of 31
`
`US 7,188,110 B1
`US 7,188,110 B1
`
`
`
`NOLLOVSNVHLWNOSY3d
`
`HOGNSAAQWAIYdSOdGHVIADVAIHd
`
`
`
`
`
`
`
`
`
`
`
`ISNOHONINV3I19TWNIWYSL
`
`079
`Ove
`
`SS3134uIM)
`
`(AddO13
`
`YIWNSNOO
`
`She
`
`
`
`NOLLNGINISIG.Pro2-2eeneeeneenee:
`
`
`
`TWIONVNIS
`
`ONISSIOOUd
`
`WLISIG
`
`LITIVM
`
`
`
`
`
`LNAINNOYIANSSINOH-NIJDYIINIOD
`
`
`
`
`
`
`
`
`
`
`
`Page 4 of 54
`
`Page 4 of 54
`
`
`
`
`
`
`

`

`U.S. Patent
`
`US 7,188,110 B1
`
`997
`
`
`
`
`
`NOII ngIBISIO H---------------------------------------|-
`
`
`
`
`
`
`
`
`
`
`
`INHINN0HIMNE TIWIE H BH01S-NI
`
`9NISSB008d
`
`13TTWM
`
`08 #7
`
`Page 5 of 54
`
`

`

`U.S. Patent
`
`Mar. 6, 2007
`
`Sheet S of 31
`
`US 7,188,110 B1
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`REAL POS
`TERMINAL
`
`REAL POS
`TERMINAL
`
`RETA POS
`TERMINAL
`
`
`
`TRANSACTION
`PRVACY L
`CLEARING
`t
`HOUSE
`
`RETAL
`BACK-END
`SYSTEM
`
`
`
`
`
`SELEMENT
`(VISA, ETC.)
`
`525
`A RETAL SYSTEMMODIFIED TO
`SUPPORT THE INTERACTION OF LEGACY POSTERMINAL WITH
`THE DIGITAL WALLET SYSTEM
`F.G. 5A
`
`52O
`
`RETAL POS
`TERMINAL
`
`RETAL POS
`TERMINAL
`
`REAL POS
`TERMINAL
`
`RETAL
`BACK-END
`SYSTEM
`
`
`
`
`
`TRANSACTION
`PRIVACY
`CLEARNG
`HOUSE
`
`
`
`
`
`SELEMENT
`(VISA, ETC)
`
`560
`
`ANATERNATIVE EMBODIMENT OF THE REAL SYSTEM
`MODIFIED TO SUPPORT THE INTERACTION OF LEGACYPOS
`TERMINALS WITH THE DIGITAL WALLET SYSTEM
`F.G. 5B
`
`Page 6 of 54
`
`

`

`U.S. Patent
`
`Mar. 6, 2007
`
`Sheet 6 of 31
`
`US 7,188,110 B1
`
`
`
`INCOMING
`COMMUNICATIONS
`MECHANISM
`605
`
`OUTGOING
`COMMUNICATIONS
`MECHANISM
`60
`
`TRANSACTION PRIVACYCLEARNGHOUSEAGENT 615
`630
`620
`625
`SECURITY EASE PRIVACYPOLICY
`MANAGEMENT
`MANAGEMENT
`MANAGEMENT
`
`600
`
`63
`5
`2-NS
`is. C. D. C D C D
`WENDOR
`DATABASE(S)
`
`CUSTOMER
`DATABASE
`
`DATA MNING
`DATABASE
`
`TRANSACTION
`DATABASE
`
`640
`
`650
`
`TRANSACTION PRIVACYCLEARNG HOUSE: MAJOR COMPONENTS
`
`F.G. 6
`
`Page 7 of 54
`
`

`

`U.S. Patent
`
`Mar. 6, 2007
`
`Sheet 7 of 31
`
`US 7,188,110 B1
`
`705
`
`
`
`processor h\!"
`2
`MEMORY
`715
`INPUT?
`OUTPUT
`
`725
`
`720
`
`
`
`
`
`
`
`910
`
`905
`
`
`
`935
`
`DISPLAY
`
`FIG. 7A
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`915
`
`920
`
`925
`
`PROCESSOR
`
`MEMORY
`
`INPUT/
`OUTPUT
`
`FG. 9A
`
`Page 8 of 54
`
`

`

`U.S. Patent
`
`Mar. 6, 2007
`
`Sheet 8 of 31
`
`US 7,188,110 B1
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`Magnetic Stripe
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`FeliCa Technology Block
`755
`
`Transaction
`History Storage
`757
`
`eCoupOnS, other
`functional data
`762
`
`
`
`User identity/
`ACCOunt info
`760
`
`Globally Unique
`SiliCOn D
`764
`
`Mag Stripe
`Emulation/Driver
`766
`
`SmartCard Chip
`Driver
`768
`
`
`
`
`
`
`
`
`
`
`
`Digital Wallet
`interaction Driver
`770
`
`FG. 7B
`
`Page 9 of 54
`
`

`

`U.S. Patent
`
`Mar. 6, 2007
`
`Sheet 9 of 31
`
`US 7,188,110 B1
`
`Display
`
`Data input Mechanism
`
`
`
`
`
`Fingerprint Recognition
`
`FeliCa Technology Block
`774
`
`First Generation PrivacyCard
`Technology Block
`775
`
`ACCOunt
`Selection
`780
`
`User
`Authentication
`777
`
`
`
`
`
`(Piezo) Speaker
`Driver
`781
`
`Display (Output)
`Driver
`783
`
`Deput
`Ver
`785
`
`Software Agent
`787
`O
`
`POWer
`789
`
`
`
`FIG. 7C
`
`Page 10 of 54
`
`

`

`U.S. Patent
`
`Mar. 6, 2007
`
`Sheet 10 of 31
`
`US 7,188,110 B1
`
`
`
`810
`
`DIGITAL WALLET AND PRIVACY CARD
`
`FIG. 8
`
`Page 11 of 54
`
`

`

`U.S. Patent
`
`Mar. 6, 2007
`
`Sheet 11 of 31
`
`US 7,188,110 B1
`
`Memory/Info Stick
`
`
`
`
`
`
`
`
`
`
`
`PrivacyCard Slot/Interface
`
`
`
`
`
`
`
`
`
`
`
`
`
`Digital Wallet
`
`950
`
`FeliCa Technology Block
`946
`
`FeliCa Reader/Writer Technology
`Block
`947
`
`First Generation PrivacyCard
`Technology Block
`948
`
`Second Generation PrivacyCard
`Technology Block
`949
`
`FeliCa Reader/Writer
`958
`PrivacyCard Slot/
`Interface Driver
`954
`Wireless Transmission Driver (Blue footh,
`Pager, Cellular, etc.) 956
`
`Memory/info
`Stick Driver
`952
`
`Page 12 of 54
`
`

`

`U.S. Patent
`
`Mar. 6, 2007
`
`Sheet 12 of 31
`
`US 7,188,110 B1
`
`USER
`
`DIGITAL WALLET
`
`TPCH
`
`1) FILLSOUT REGISTRATION FORM
`Ha-Ha-H-b
`2) PREPARE DIGITAL
`WALLET
`
`3) USER PERSONALIZES
`DIGITALWALLET
`A R -b
`
`SETUP OF DIGITAL WALLET
`
`F.G. 10
`
`Page 13 of 54
`
`

`

`
`
`
`NOILVHISISIY+FTIdWVSLNTdYIONHIATAGFLdAYONA(ZOE
`
`HOdLdddO1dV1LITIWMY3Sn
`LITIWMWLI9IGi\LgtLly)
`
`!3SN¥OdCa1aWNa(9011
`in
`1i1I
`‘I«|!|
`II+?1
`
`WISNOLWIATSM‘JOIAIGMO3ZITVILINI(BOL
`
`
`
`
`
`AINIHdHFONIFJGIAOYd‘NOILWHLS}934DINOW10373LINSNS(LOLL
`
`AWSAITSGIINSSSIOONSWHIINOD(SOLE|\
`
`LLOld
`
`dNL3S
`
`
`
`(LNSWIGOSINSSALLVNYSL1y)
`
`U.S. Patent
`
`Mar.6, 2007
`
`Sheet 13 of 31
`
`US 7,188,110 B1
`
`1
`
`1
`
`
`
`
`
`Lg
`
`WLIDIG
`
`Page 14 of 54
`
`Page 14 of 54
`
`

`

`U.S. Patent
`
`Mar. 6, 2007
`
`Sheet 14 of 31
`
`US 7,188,110 B1
`
`USER
`
`DIGITAL
`WALLET
`
`TPCH
`
`USER INSERTS OPEN MODE CARD INTO DW
`H-Ha-Oc
`
`DW CONFIRMS OPEN MODE
`C-C - -
`
`USER CONFIRMS CONVERSION TO SECURE
`MODE
`--O
`
`t DWPROVIDES KEYS
`
`CONVERSION OF CARD TO SECURE
`
`F.G. 12
`
`Page 15 of 54
`
`

`

`U.S. Patent
`U.S. Patent
`
`Mar. 6, 2007
`Mar.6, 2007
`
`Sheet 15 of 31
`Sheet 15 of 31
`
`US 7,188,110 B1
`US 7,188,110 B1
`
`GALWAWJEW)YOJNOHd
`
`GYYONVLS(ga¥43434d)
`
`
`
`‘JNWAGOWa18y9OFEl
`
`mee.OIGNV/OJGIADOTVNY
`
`"045Geel
`
`
`(QWNO1Ld0)
`
`TWNIWHALSOd
`
`noEtOls
`
`
`
`W3GOWNI-DINgJOVIYALNIYIHLO
`
`YOTVIH3SGHVONVLS
`
`
`
`
`
`
`
`
`
`ONYSYVMLIOSdjqggaaw3
`
`(3AILYNYIL1¥)WIGOW
`
`
`
`TWNYILX9OLSSITAYIM(d3¥H343ud)
`
`
`
`
`
`(JALLYNU3ITV)WAGONWWNOLIGNSaNIsWNY3LOLG3YIM
`
`
`
`
`
`Geel(‘9.13‘Od)
`
`JNALSOHOL
`
`
`
`
`
`(Q34INDIY)“O13‘LIT
`
`OSEL
`
`WLI9IGOLSSITSHIM
`
`
`
`
`
`
`
`
`
`Page 16 of 54
`
`
`
`
`
`JIVIYSLNIPEEL3331
`
`Page 16 of 54
`
`
`
`

`

`U.S. Patent
`
`Mar. 6, 2007
`
`Sheet 16 of 31
`
`US 7,188,110 B1
`
`
`
`BATTERY
`1415
`
`READ/WRITE PAD
`
`WIRELESS
`TRANSCEIVER
`420
`
`MICROPROCESSOR
`1405
`
`PERMANENT
`STORAGE
`1430
`
`SECURITY
`1425
`
`TEMPORARY
`STORAGE
`1435
`
`F G 4
`
`DAGRAM OF THE MAJOR COMPONENTS OF THE
`PERSONAL POS, SHOWING THE DATA/ADDRESS
`BUS INTERCONNECT
`
`Page 17 of 54
`
`

`

`U.S. Patent
`
`Mar. 6, 2007
`
`Sheet 17 of 31
`
`US 7,188,110 B1
`
`START
`
`NITIATE TRANSACTION
`
`PRIVACY CARD INFO
`PROVIDED TOTPCH
`
`TPCH CONFIRMSTRANSACTION
`AND SENDS CONFIRMATION
`TOVENDOR AND USER
`
`VENDOR COMPLETES
`TRANSACTION
`
`
`
`
`
`
`
`
`
`1505
`
`150
`
`1520
`
`1525
`
`FIG. 15
`
`Page 18 of 54
`
`

`

`U.S. Patent
`
`Mar. 6, 2007
`
`Sheet 18 of 31
`
`US 7,188,110 B1
`
`--- WP m am and
`
`---+??????????????????????--+-----—~–1––––>
`
`13N83|N|W|Ald|E|03}}0?NOH105B0291 !
`
`!!!!!-------| | |09||
`
`
`
`
`
`SNOdn?OJAWIASIO 1091;
`
`|
`
`
`
`INGWAWd|San038 2091
`
`Page 19 of 54
`
`

`

`U.S. Patent
`
`Mar.6, 2007
`
`Sheet 19 of 31
`
`US 7,188,110 B1
`
`
`
`HOONIAHOdLS0ddY3ISMOHET1910wasn
`
`
`
`
`
`
`
`L-6
`
`|IN3INOD|Ls
`
`WOISAHddIHS21!——_———!!NOWLWNUIINOD|NOLLWWHINOD
`NOILOVSNVYL!NOLLOVSNVUL8|aN
`
`
`'‘OlMd‘QH0034ISVHOWNd
`INnOGOV
`
`O4NILNNODDV
`
`
`
`1S3N03YNOILOVSNVYLZ
`
`
`
`GALVONWAHASH9
`
` 1'\111|‘INIYdH39NI4LS3N03YFiNOWL)ITISLNNODDY!
`
`
`
`
`
`LNIHAdYSONISIdIAOudS
`
`N@ILITTASLNNODOY
`
`
`
`
`
`OYN938ISVHOWNdAMIAOUd
`
`
`
`laSVHOWNdLSANDAY2
`
`biY3D9IUL1|II|WNINHALLaTIWM
`
`|
`
`
`
`NOILOVSNVUL84M
`
`
`
`1d1993u40NOMVAWHISNODbE!
`
`Page 20 of 54
`
`Page 20 of 54
`
`
`
`

`

`U.S. Patent
`
`Mar. 6, 2007
`
`Sheet 20 of 31
`
`US 7,188,110 B1
`
`*=====+)-|| | 08
`
`| | | | | | | | | |
`
`10/1008'd 40 ÅHEWITBO
`
`Page 21 of 54
`
`

`

`U.S. Patent
`
`Mar. 6, 2007
`
`Sheet 21 of 31
`
`US 7,188,110 B1
`
`||
`||
`
`
`
`
`
`
`SSBHOGWTHbONBAor?ºwa?803 THgw 1500$50 ºn XOld 9061
`
`
`
`H0(1) NBA 018BAIT30$1
`
`
`
`Page 22 of 54
`
`

`

`U.S. Patent
`
`Mar.6, 2007
`
`Sheet 22 of 31
`
`US 7,188,110 B1
`
`SO0d
`
`TWNIAYSL
`
`|
`
`
`
`YOONSA
`
`HOdL
`
`0¢Old
`
`
`
`ONINIWVLVO
`
`aecee)
`
`SNILIUW10310“ONINIWLV9002
`
`
`alnd®VIVONOLLOWSNYHLS00z
`|preteen!
`
`
`
`
`
`GIMG}?VIVOJGIAOUd1SANDIYNOILOVSNVUL3NSSIp00z
`
`
`
`NONLPANYOINILONGONYNLIY£002
`
`
`JONIYIIIYANILNOD'dOJOVSSIWTIN42002
` OMNILONGOUd1S3HOIY200Zt'1
`
`
`
`(etssented)
`
`So|
`c———————_1_____________)|
`
`03034NSVbNOdS34MalA6002!1YASNAJILON‘LNSLNOD
`
`
` lyJAISVHOL"NdLOITAS“SLVA|LOV1002|11
`
`
`
`8000
`
`WLS
`
`LITIWM
`
`¥dSN
`
`Page 23 of 54
`
`Page 23 of 54
`
`
`
`

`

`U.S. Patent
`U.S. Patent
`
`Mar.6, 2007
`
`Sheet 23 of 31
`
`US 7,188,110 B1
`US 7,188,110 B1
`
`
`
`IOpUua/A,
`
`VLIC
`
`uoT]NGLSIG
`
`Té‘Old
`IZ '5ÐIH
`
`ssoD0V;OLIJOUIOTYsdTARC]cLle
`
`
`
`Jaumnsuo7)
`
`
`
`POLS90140
`
`
`
`Aytamsag}COT
`
`
`
`
`
`
`
`
`
`
`
`
`
`OLIZ
`
`BUISSOOOIJJepueuly
`
`90 IZ
`
`SOCI
`
`Page 24 of 54
`
`Page 24 of 54
`
`
`
`
`

`

`U.S. Patent
`
`Mar. 6, 2007
`
`Sheet 24 of 31
`
`US 7,188,110 B1
`
`Telephone
`
`
`
`
`
`2202
`
`telephone
`cable
`
`Biometric
`Device
`2204
`
`
`
`
`
`telephone
`cable
`
`PBX, etc.
`
`FIG. 22
`
`
`
`
`
`Biometric
`Device
`2302
`
`
`
`
`
`D )
`e
`WeeSS
`signal
`
`Telephone
`
`2304
`
`telephone
`cable
`
`PBX, etc.
`
`FIG. 23
`
`
`
`
`
`
`
`
`
`
`
`Telephone
`
`Biometric
`Device
`2404
`
`FIG. 24
`
`telephone
`cable
`
`PBX, etc.
`
`Page 25 of 54
`
`

`

`U.S. Patent
`
`Mar. 6, 2007
`
`Sheet 25 of 31
`
`US 7,188,110 B1
`
`A 2500
`
`Phone number
`2502
`
`
`
`
`
`ID value
`
`2504
`
`2506
`
`FIG. 25
`
`
`
`2609
`
`Phone number
`2610
`
`Password ID
`2612
`
`Back-end
`Public Key
`2614
`
`Password Data
`2616
`
`FIG. 26
`
`Certificate
`2602
`
`Page 26 of 54
`
`

`

`U.S. Patent
`
`Mar. 6, 2007
`
`Sheet 26 of 31
`
`US 7,188,110 B1
`
`Open Secure protocol Session,
`exchange public keys and set
`up public session key
`
`2702
`
`Back-end declares N
`passwords for accessing system
`2704
`
`Back-end selects unused PKI
`key pair
`
`27O6
`
`Back-end - combines public
`key + password data +
`password ID then encrypts
`with private session key
`
`
`
`2708
`
`
`
`
`
`
`
`
`
`Device - decrypt
`and authenticate
`using public
`session key
`
`2720
`
`Store data
`Structure
`
`Send to device
`
`FIG. 27
`
`Page 27 of 54
`
`

`

`U.S. Patent
`
`Mar. 6, 2007
`
`Sheet 27 Of 31
`
`US 7,188,110 B1
`
`What do you wish to do?
`Access Dialing Code
`View Balances
`
`Credit cards
`
`FIG. 28
`
`What Dialing Code do you wish to use?
`
`ATT
`Union Bank
`TD Waterhouse
`Sprint
`
`2904
`
`
`
`
`
`
`
`
`
`
`
`
`
`FU
`2906
`
`Touchpad
`
`2908
`
`2902
`
`FIG. 29
`
`Page 28 of 54
`
`

`

`U.S. Patent
`
`Mar. 6, 2007
`
`Sheet 28 of 31
`
`US 7,188,110 B1
`
`
`
`Speaker
`
`3004
`
`FIG. 30
`
`Page 29 of 54
`
`

`

`U.S. Patent
`
`Mar. 6, 2007
`
`Sheet 29 of 31
`
`US 7,188,110 B1
`
`
`
`
`
`
`
`
`
`
`
`
`
`Detect
`Fingerprint?
`3104
`
`
`
`
`
`
`
`
`
`
`
`Does it match
`stored?
`
`3106
`
`Output Error
`Message
`
`3110
`
`Access Function of Digital
`Wallet
`Allow selection of codes
`31.08
`
`FIG. 31
`
`Page 30 of 54
`
`

`

`U.S. Patent
`
`Mar. 6, 2007
`
`Sheet 30 of 31
`
`US 7,188,110 B1
`
`Access Site 3250
`
`Digital Wallet 3220
`
`Dial Access Number and
`wait a number of seconds
`3222
`
`Receive Dialtone
`
`Send Access Code
`
`
`
`3226
`
`Receive tones
`
`Send Dialtone
`
`Check Access Code,
`Grant access,
`Allow Dialing of Call
`3256
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`Series of
`Tories
`
`Series of
`Tones
`
`FIG. 32
`
`Page 31 of 54
`
`

`

`U.S. Patent
`
`Mar. 6, 2007
`
`Sheet 31 of 31
`
`US 7,188,110 B1
`
`Digital Wallet 3320
`Access Site 3350
`--
`--
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`Receive tones
`
`3352
`
`Send Random Number
`3354
`
`Series of
`Tones
`
`Dial Access Number and
`wait a number of Seconds
`3322
`
`
`
`Receive Randon Number
`3324
`
`Send DWid+ Encrypt with
`DW private key (Time
`Stamp + DWid + Random
`number)
`
`
`
`
`
`3326
`
`
`
`
`
`Lookup DWid public
`key (make sure DW
`has access)
`Decrypt package with
`DW public key
`Check Random
`Number (make sure
`same as sent before)
`Check Time Stamp
`(make sure it has not
`been seen before)
`Check DWid
`If OK, grant access
`3356
`
`Page 32 of 54
`
`

`

`US 7,188,110 B1
`
`1.
`SECURE AND CONVENIENT METHOD AND
`APPARATUS FOR STORING AND
`TRANSMITTING TELEPHONY-BASED DATA
`
`BACKGROUND OF THE INVENTION
`
`10
`
`15
`
`30
`
`35
`
`1. Field of the Invention
`The present invention pertains to the field of electronic
`communications.
`2. Art Background
`Electronic commerce is achieving widespread use. Trans
`actions are preformed everyday over the Internet and
`through point of sale (POS) or bank systems. Such systems
`are designed to maintain the integrity of the user's credit
`card, debit card, and account number. However, no measures
`are taken to ensure the privacy of the user. As the vendor
`retains information regarding the identity of the user, the
`user is open to receipt of marketing materials that may result
`from the data mining of transactions performed on a par
`ticular network.
`The rapid growth of both wired and wireless communi
`cations has resulted in an increase in methods of commu
`nication. Along with the increase in the methods of com
`munication has come the increase in access or control codes
`25
`for accessing information. Often these control codes are
`personal identification numbers (PINs) and/or passwords.
`These codes may be used for accessing such information as:
`Voice mail, bank balances, dialing cards, credit reports,
`paying for purchases, depositing money, accessing stored
`messages, logging onto computers, etc. For security reasons,
`generally the longer the access code the less likelihood of an
`unauthorized person guessing your code or password. Addi
`tionally, passwords or PINs that appear random are also
`likely to be more resistant to penetration. Remembering a
`series of long and/or random codes presents a problem for
`most people.
`Additionally, once a service is accessed, there may be the
`need to then transfer information and/or data. For example,
`after Successfully accessing a phone line via a calling card,
`the user may then need to enter a string of digits representing
`the destination telephone number. Again, people have dif
`ficulty in remembering a long series of in this case, num
`bers.
`Finally, when people enter access codes at public places,
`there is the possibility that someone may be watching with
`an intent to steal the codes for later use or sale. Once an
`access code has been stolen it may take the user time to
`discover this and billing corrects may be difficult. Because
`the access number are generally long in sequence, humans
`tend to write them down which may defeat the purpose of
`the code if someone copies or steals the code. Thus, a long
`sequence of numbers is difficult to remember and may lead
`to writing it down which may defeat Some aspects of the
`security.
`
`40
`
`45
`
`50
`
`55
`
`SUMMARY OF THE INVENTION
`
`A method of identifying an authorized user with a bio
`metric device and enabling the authorized user to access
`private information over a voice network is disclosed.
`
`60
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`The objects, features and advantages of the present inven
`tion will be apparent from the following detailed description
`in which:
`
`65
`
`2
`FIG. 1 is a simplified block diagram of an eCommerce
`system in accordance with one embodiment of the present
`invention;
`FIG. 2 is an embodiment of an eCommerce system which
`utilizes a retail POS terminal;
`FIG. 3 is an embodiment of the in-home eCommerce
`system;
`FIG. 4 is a block diagram of an embodiment of an in-store
`retail system;
`FIGS. 5a and 5b are simplified block diagrams illustrating
`embodiments of eCommerce systems that utilize POS ter
`minals;
`FIG. 6 is a simplified block diagram of a one embodiment
`of a transaction processing clearing house;
`FIGS. 7a, 7b, 7c are simplified block diagrams of embodi
`ments of a privacy card;
`FIG. 8 is an embodiment illustrating a digital wallet and
`privacy card in accordance with the teachings of the present
`invention;
`FIGS. 9a and 9b are simplified block diagrams of embodi
`ments of a digital wallet;
`FIG. 10 illustrates one embodiment of process for setup of
`a digital wallet:
`FIG. 11 is an alternate embodiment of process for setting
`up a digital wallet;
`FIG. 12 illustrates one embodiment of a process for
`conversion of an unsecured card to a secure card;
`FIG. 13 is a simplified block diagram of one embodiment
`of a POS terminal;
`FIG. 14 is a simplified block diagram of an alternate
`embodiment of a POS terminal;
`FIG. 15 is a simplified block diagram of one embodiment
`of a process to perform a transaction in accordance with the
`teachings of the present invention;
`FIG. 16 illustrates one embodiment of a process for
`performing a retail transaction;
`FIG. 17 illustrates one embodiment of the process of
`performing a web-based transaction;
`FIG. 18 illustrates one embodiment of a process for
`delivery of a product;
`FIG. 19 illustrates one embodiment of a process for
`returning a product;
`FIG. 20 illustrates one embodiment of a process for data
`mining and direct marketing:
`FIG. 21 is a block diagram of one embodiment for a
`networked query information system;
`FIG. 22 illustrates one embodiment of the system being
`utilized in a telephony based application;
`FIG. 23 illustrates another embodiment of the system
`being utilized in a telephony based application;
`FIG. 24 illustrates yet another embodiment of the system
`being utilized in a telephony based application;
`FIG. 25 illustrates one embodiment of a record in a data
`Structure:
`FIG. 26 illustrates other embodiments of records and a
`certificate in a data structure;
`FIG. 27 is a flow diagram illustrating one embodiment of
`securely sharing information;
`FIG. 28 illustrates one embodiment of a consumer access
`device;
`FIG. 29 illustrates one result from a selection by a user on
`a consumer access device;
`FIG. 30 illustrates another embodiment of a consumer
`access device;
`FIG. 31 illustrates one embodiment of a method to
`securely and conveniently store and transmit telephony
`based data;
`
`Page 33 of 54
`
`

`

`US 7,188,110 B1
`
`3
`FIG. 32 illustrates one sequence of events; and
`FIG.33 illustrates another sequence of events using PKI.
`
`DETAILED DESCRIPTION
`
`4
`and bill paying on accounts by storing such information and
`providing access to such information through the transaction
`device. The automation of transaction record keeping at
`home can be enhanced as the receipts, bills and bill paying
`can be maintained on the transaction device or a coupled
`personal computing device.
`Pay per use coupons may also be easily and automatically
`accessed from a variety of resources stored in the card and
`automatically cashed in when purchases are made using the
`card. Electronic coupons (eCoupons) are another example of
`eliminating paper (i.e. eliminating paper coupons) by adding
`value in electronic form. Additional value comes in the form
`of wider methods of distribution enhancements to the user
`experience and/or a more efficient processing on the Ven
`dor's side. For example, while shopping, an eCoupon stored
`in the transaction device can be used to pinpoint exact items
`the user wishes to purchase. In addition, at checkout the
`coupons may be automatically credited without intervention
`by the user. Alternately, the user may manually convey
`eCoupons through bar codes or the like by manual selection
`of the coupons. This causes the bar codes to be presented on
`the display of the transaction device, which are then scanned
`by the POS terminal. Check out clerks and administrative
`personal do not have to manually handle eCoupons so
`processing is more accurate and efficient for both the retailer
`and vendor. Because they are digital in nature, eCoupons
`benefit from flexible distribution opportunities across all
`forms of media, including: Internet, digital TV/radio broad
`cast, and packaged recorded media such as audio/computer/
`DVD recorded on tape or disk and accessed later on play
`back. By utilizing electronic coupons, real-time tracking
`usage provides vendors information regarding advertising
`channels that are returning results as eCoupons typically
`contain data structures that enable tracking of this informa
`tion.
`In addition, in one embodiment, electronic catalogs can be
`downloaded to the transaction device and the user may
`reference products/services by direct access of the catalog
`downloaded to the transaction device. The catalogs may also
`contain electronic coupons which are automatically
`“clipped” and added to the user's device for subsequent use
`during an applicable transaction. Automated shopping lists
`can be added to simplify the user's shopping experience. In
`addition, a directory of where things are located in a
`particular store may be located on the device to simplify the
`customer's shopping for items in a particular store environ
`ment.
`Security of the user's identity may be achieved in a
`variety of ways. In one embodiment, a single trusted loca
`tion, for example the TPCH, contains user data. The user
`interfaces with the TPCH using the user's transaction
`device. The user therefore does not fill out online electronic
`eCommerce purchase forms at every product vendor's web
`site. The eCommerce system acts as a financial transaction
`middleman, stripping off user identity information from
`transactions. As a result, the user's private information is not
`stored in several databases across the Internet and in private
`business networks (e.g. grocery store networks). The fewer
`locations where the data is stored, the fewer the possibilities
`that hackers can access the data or that accidental releases of
`the data occur.
`The transaction device enhances security by authenticat
`ing the user of the card prior to usage such that if a card is
`lost or stolen, it is useless in the hands of an unauthorized
`person. One means of authentication is some kind of PIN
`code entry. Alternately, authentication may be achieved by
`using more sophisticated technologies such as a biometric
`
`In the following descriptions for the purposes of expla
`nation, numerous details are set forth in order to provide a
`thorough understanding of the present invention. However,
`it will be apparent to one skilled in the art that these specific
`details are not required in order to practice the present
`invention. In other instances, well known electrical struc
`tures or circuits are shown in block diagram form in order
`not to obscure the present invention unnecessarily.
`The system and method of the present invention enables
`a user to conduct electronic commerce transactions without
`compromising the user's personal identification information
`and identity, while also providing enhanced direct marketing
`for vendors. The following description discusses the inven
`tion in the context of Internet and point of sale (POS)
`networks. However, it is readily apparent that the invention
`is not limited to these particular networks, and are applicable
`to any network that is configured to perform a transaction.
`In one embodiment of the system and method of the
`present invention provides a privacy feature in which no
`links or records are kept that relate items purchased with a
`specific user identity except in one highly secure location is
`provided. It is contemplated that the present invention is
`operable in a variety of types of eCommerce systems
`including those which do not provide a privacy feature as
`described herein. Although data can be collected to examine
`purchase patterns, personal information is not connected to
`this data for use outside the eCommerce system. The user
`connects to and performs transactions with the eCommerce
`system through a transaction device which has a unique
`identifier (ID). In one embodiment, a privacy card is used.
`In an alternate embodiment a digital wallet is used. In an
`alternate embodiment, a privacy card in conjunction with a
`digital wallet is used. The transaction device, e.g., the
`privacy card, is the identity that may be known to a vendor.
`The highly secured location, accessible through or part of a
`transaction processing clearing house (TPCH), provides the
`transaction processing clearing house the information nec
`essary to authorize a transaction. For example, the transac
`tion processing clearing house may access relevant account
`information to authorize transactions. However, the identity
`of the user is not revealed externally so that confidentiality
`of the user's identity is maintained.
`In addition, a wide variety of convenient features can be
`offered to a user. For example, the transaction device can be
`configured to function compatibly with existing point of sale
`terminals at retail locations and provide encoded account
`information compatible with existing systems, for example,
`magnetic stripe and bar codes. In one embodiment, the
`magnetic stripe generator on the transaction device can be
`programmed to represent any account. Additionally, the
`screen on the transaction device can be used to display bar
`codes that can be scanned by existing POS terminals. Thus
`there is a capability to access multiple accounts from a single
`card, thereby eliminating the need to carry many different
`credit cards, such as debit and loyalty cards, but still
`providing the opportunity to use different accounts based on
`the user's choice. Furthermore, the transaction device may
`include a bar code reading device integrated therein. This
`feature would allow the user to scan product packaging and
`add that item to a purchase or an electronic shopping list.
`In addition, the physical paper trail can be eliminated both
`for transaction receipts at the stores as well as monthly bills
`
`10
`
`15
`
`25
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`Page 34 of 54
`
`

`

`US 7,188,110 B1
`
`5
`
`10
`
`15
`
`5
`Solution (e.g., fingerprint recognition). In addition, in one
`embodiment in which multiple transaction devices, e.g., a
`privacy card and a digital wallet, are used, it may be
`desirable to configure the first device to enable and program
`the second device in a secure manner. Thus, the means of
`communication between the first device and the second
`device may include mutual device verification so that an
`unauthorized first device may not be used to enable a
`particular second device that does not belong to the same or
`authorized user.
`In one embodiment, the transaction device(s), POS ter
`minals and/or TPCH may function to verify the authenticity
`of each other. For example, a privacy card and digital wallet
`may be configured to verify the legitimacy of each other.
`Similarly, the transaction device may be configured to verify
`the legitimacy of the POS terminal and/or TPCH. A variety
`of verification techniques may be used. For example lists of
`devices with account and/or access issues may be main
`tained. For example, in one embodiment, the public key
`infrastructure (PKI) may be used to verify legitimacy.
`Through the eCommerce system of the present invention,
`data mining and direct marketing services can also be
`offered to vendors. For example, any type of demographic
`questionnaire can be created by a vendor and distributed to
`users of this system while retaining their individual privacy.
`The data can be collected and returned to the vendor along
`with the means of identifying the specific target transaction
`devices that may subsequently receive the appropriate pro
`motional materials. However, the identity of the user is not
`revealed. Thus, direct marketing is available to vendors even
`though user identity confidentiality is maintained. Addition
`ally, the eCommerce system may automatically collect any
`type of data that can be obtained through use of this system
`and subsequently sold to third parties. However, individual
`privacy is always maintained.
`In one embodiment, the transaction device may be con
`figured to closely resemble a standard credit card. More
`particularly, the card may have a magnetic stripe or a Smart
`card chip that functions similarly to standard credit cards. In
`addition, the transaction device may contain wireless data
`communication, data storage and communication protocols
`for selectively communicating with outside devices Such as
`a digital wallet described herein, point of sale (POS) termi
`nal or personal computer (PC) and digital televisions (DTV).
`Communication protocols include those that allow the
`digital wallet to specify which of several possible data
`structures to use for a transaction and communication pro
`tocols that allow the digital wallet and other devices to
`securely share data with the transaction device. The trans
`action device may represent a single account Such as a
`particular credit card, or it might represent multiple accounts
`Such as a credit card, telephone card and debit card.
`In one embodiment, the transaction device may include a
`full screen that covers one side of the card. Alternately, in
`one embodiment in which the transaction device is one
`embodiment of a privacy card, the privacy card may be
`coupled to a device, such as the digital wallet, described
`herein, that provides a display. In one embodiment the
`screen may be touch sensitive and therefore can be used for
`data input as well as output. In one embodiment, a user
`authentication mechanism such as a fingerprint recognition
`or other mechanism may be built directly into the card.
`Furthermore, the privacy card may have a wireless commu
`nication mechanism fo