(19) United States
`(12) Patent Application Publication (10) Pub. No.: US 2002/0019811 A1
`Lapsley et al.
`(43) Pub. Date:
`Feb. 14, 2002
`
`US 2002OO19811A1
`
`BIOMETRIC FINANCIAL TRANSACTION
`SYSTEMAND METHOD
`
`Inventors: Philip D. Lapsley, Oakland, CA (US);
`Philip J. Gioia, Corte Madera, CA
`(US); Michael Kleeman, Corte Madera,
`CA (US)
`Correspondence Address:
`MARGER JOHNSON & McCOLLOM, P.C.
`1030 S.W. Morrison Street
`Portland, OR 97205 (US)
`Assignee: VeriStar Corporation, Oakland, CA
`Appl. No.:
`09/871,241
`Filed:
`May 30, 2001
`Related U.S. Application Data
`Non-provisional of provisional application No.
`60/208,680, filed on May 31, 2000.
`
`Publication Classification
`
`Int. Cl. ................................................ G06F 17/60
`
`(52) U.S. Cl. ................................................................ 705/44
`(57)
`ABSTRACT
`TokenleSS biometric authorization of an electronic transac
`tion between a consumer and a merchant uses an electronic
`identicator and an acceSS device. The acceSS device need not
`contain data personalized to the consumer. A consumer
`registers with the identicator a registration biometric Sample
`taken from the consumer's perSon. The consumer and mer
`chant establish mutual communications via the access
`device. The merchant proposes a commercial transaction to
`the consumer via the acceSS device. The access device
`communicates to the merchant an identification code asso
`ciated with the acceSS device. After the consumer and
`merchant have agreed on the transaction, the consumer and
`the identicator use the acceSS device to establish mutual
`communications. The access device communicates to the
`identicator the identification code associated with the access
`device. The identicator compares a bid biometric Sample
`from the consumer with registered biometric Sample to try to
`identify the consumer. Upon Successful identification, the
`identicator electronically forwards information regarding
`the consumer to the merchant. These StepS accomplish a
`biometrically authorized electronic financial transaction
`without the consumer having to present any personalized
`man-made memory tokens.
`
`(54)
`
`(75)
`
`(73)
`(21)
`(22)
`
`(63)
`
`(51)
`
`
`
`Z-to-cha?e vis- Á
`e-r 2 ta-2 C 2 -d
`v-e-fe-- / ta/A
`
`
`
`Page 1 of 12
`
`GOOGLE EXHIBIT 1012
`
`

`

`Patent Application Publication Feb. 14, 2002 Sheet 1 of 4
`
`US 2002/0019811 A1
`
`ST-A24 Figure 1
`
`Communicatio
`Link
`
`
`
`Consumer
`
`Communication
`Link
`
`
`
`
`
`
`
`
`
`Communication
`Link
`
`
`
`
`
`Third-Parly
`identicator
`
`Page 2 of 12
`
`

`

`Patent Application Publication Feb. 14, 2002 Sheet 2 of 4
`
`US 2002/0019811 A1
`
`Orer w
`5 3.It r
`Al-oslf
`Jevice (D Cole
`?el, or
`
`Cat-se
`
`
`
`5, re-f-c-
`
`Aey M2-e-vic-4-e--/
`
`77) (elde-Mue1 burg Ae-B7-c viz aa/2-/
`a 7-7 a use /?c e-a-ta-
`41: .
`4<-e- al-Ae- fro-e-, -A 7-l-e?--
`
`A 7 a. 7
`
`Page 3 of 12
`
`

`

`Patent Application Publication Feb. 14, 2002 Sheet 3 of 4
`
`US 2002/0019811 A1
`
`
`
`\ Z2 (6-a -ev- re/re-e acce-fi cla-3
`as 2. /r--a? 4--.
`
`Page 4 of 12
`
`

`

`Patent Application Publication Feb. 14, 2002 Sheet 4 of 4
`
`US 2002/0019811 A1
`
`
`
`z -f-c-f-a?eviu- As
`-e-1- 2 ca-2 C- 2- -d
`v-e-fe--- a ta // A
`
`Page 5 of 12
`
`

`

`US 2002/OO19811 A1
`
`Feb. 14, 2002
`
`BIOMETRIC FINANCIAL TRANSACTION
`SYSTEMAND METHOD
`
`CROSS-REFERENCE TO RELATED
`APPLICATION
`0001. This application claims priority from U.S. provi
`sional application Ser. No. 60/208,680, filed May 31, 2000.
`
`FIELD OF THE INVENTION
`0002 This invention relates to the field of tokenless
`biometric financial transactions. Specifically, this invention
`is directed towards a System and method for processing
`tokenleSS financial transactions using a wired or wireleSS
`communication System Such as a conventional telephone, a
`cellular telephone, or a wireleSS personal digital assistant
`(PDA) wherein a biometric, Such as a finger image or voice
`print, is used to authorize the transaction.
`
`BACKGROUND OF THE INVENTION
`0003. There is an increasing need for consumers to be
`able to conveniently and Securely purchase goods and Ser
`vices over the telephone (be it wired or wireless) or via a
`wireless PDA such as a Palm Pilot.
`0004 Conventionally, purchases made over the tele
`phone are accomplished via the use of a credit card. The
`consumer calls the merchant, places an order for the appro
`priate goods and Services, and then chooses a credit card
`with which to pay for the transaction. The consumer then
`reads the account number and expiration date off the credit
`card to the customer Service representative at the merchant,
`who copies this information down and uses it to charge the
`acCOunt.
`0005 Purchases made using a wireless PDA or other
`device for accessing the Internet follow a similar pattern: the
`consumer connects to the merchant's web site, places an
`order, and then fills in a “form” with credit card account
`number and expiration information. The merchant's com
`puter System uses this information to charge the credit card
`acCOunt.
`0006 There are numerous problems with this conven
`tional approach. First, the System is inconvenient for the
`consumer, in that the consumer must recite or enter a
`Significant amount of information. Second, the System is
`insecure, in that the credit card account information is
`generally transmitted “in the clear, making it Subject to loSS
`or compromise via interception. Third, the System is inflex
`ible, in that the only payment mechanism that lends itself to
`use is the credit card; it is difficult, for example, to use one's
`checking account to pay via telephone.
`0007 A fourth problem is that transactions made without
`the card being physically present (as in the case of a
`telephone or Internet order) are charged a higher “discount
`rate' than transactions where the card is present. The dis
`count rate is the amount that the credit card associations,
`issuing banks, acquiring banks, and third-party transaction
`processors collectively charge the merchant on each trans
`action, generally expressed as a percentage of the grOSS
`transaction amount. Discount rates of 3%-5% for card-not
`present transactions are common.
`0008. The fifth, and perhaps largest, problem is that the
`consumer can repudiate the transaction at a later date,
`
`leaving the merchant liable for the amount of the transaction.
`That is, a consumer can order goods or Services via tele
`phone or the Internet, pay using his or her credit card, and
`then later dispute the transaction. In the event of a dispute,
`credit card association rules place the burden on the mer
`chant to produce a signed receipt showing that the customer
`authorized the transaction. Of course, in the case where the
`order took place over the telephone or the Internet, no Such
`signed receipt exists. As a result, the consumer can always
`claim that they didn’t authorize the transaction. Such a claim
`is called a “chargeback.” In the event of a chargeback, the
`merchant not only ends up losing the transaction amount, but
`generally also must pay a chargeback fee of S10-S25.
`0009. A sixth problem is that many previously proposed
`Solutions to the problems cited require the consumer to
`physically possess a personalized, portable, man-made
`memory device-referred to in this specification as a
`“token' to carry out a transaction. “Personalized” means
`that a token that contains in memory information that is in
`Some way unique to the consumer. An example of perSon
`alized data include a credit card number, a checking account
`number, or any other unique account number. Example
`tokens include credit cards, debit cards, paper checks, and
`Smart cards. Atoken can also be a PDA or wireleSS telephone
`that has programmed with information personalized to the
`consumer that is used to complete a financial transaction.
`The problems with requiring the use of a token to complete
`a financial transaction are numerous: the consumer must
`carry the token, which may be cumberSome; the loSS or theft
`of a consumer's token financially incapacitates the con
`Sumer; and Stealing a consumers token may allow a thief to
`make fraudulent charges using the token. TokenleSS trans
`action Systems are known in the art; examples include U.S.
`Pat. No. 5,613,012 to Hoffman et al., U.S. Pat. No. 5,838,
`812 to Pare, Jr. et al., U.S. Pat. No. 5,870,723 to Pare, Jr. et
`al., U.S. Pat. No. 6,230,148 to Pare, Jr. et al., and U.S. Pat.
`No. 6,154.879 to Pare, Jr. et al., all of which are assigned to
`VeriStar Corporation, the assignee of the instant invention,
`and all of which are incorporated by reference.
`0010. As a result, there is a need for a new electronic
`financial transaction System that Solves these problems for
`telephone and wireleSS PDA-style transactions. Accordingly,
`it is an object of this invention to provide a new System and
`method for biometric financial transactions.
`0011. In particular, it is an object of the invention that
`each transaction authorized using the invention cannot be
`repudiated by the consumer, thus eliminating chargebackS.
`0012. It is another object of the invention that the system
`and method be convenient for the consumer, eliminating the
`need to recite or otherwise enter credit card or other account
`numbers into a telephone or PDA.
`0013. It is another object of the invention that the system
`and method be Secure, eliminating the possibility of fraud
`via intercepting transmissions from the telephone or PDA.
`0014.
`It is still another object of the invention that the
`System and method provide the flexibility of Supporting
`multiple types of financial accounts, e.g., credit cards, debit
`cards, and checking (ACH) accounts.
`0015. It is another object of this invention that the con
`Sumer be able to complete a transaction on a tokenleSS basis.
`AS Such, this tokenleSS transaction occurs without the con
`
`Page 6 of 12
`
`

`

`US 2002/OO19811 A1
`
`Feb. 14, 2002
`
`Sumer being required to possess or present any man-made,
`portable devices which contain in memory data that is
`personalized to the consumer, i.e., tokens. Although the
`consumer may optionally possess Such tokens, the invention
`is expressly designed to function without requiring their use
`and as Such, the invention is designed to be tokenleSS.
`0016. It is yet another object of the invention that the
`System and method, through its Superior Security and non
`repudiation capabilities, justify a reduced discount rate for
`the merchant.
`0.017. It is still another object of the invention that it be
`easy to integrate with existing merchant computer, informa
`tion, and payment Systems.
`
`SUMMARY OF THE INVENTION
`0.018. This invention provides a method for tokenless
`biometric authorization of an electronic transaction between
`a consumer and a merchant using an electronic identicator
`and an acceSS device. The method comprises the following
`Steps: In a consumer registration Step, a consumer registers
`with the electronic identicator at least one registration bio
`metric Sample taken directly from the consumer's perSon. In
`a first communications establishment Step, the consumer and
`merchant establish communications with each other via an
`access device capable of biometric input, and wherein the
`access device is not required to contain in memory any data
`that is personalized to the consumer. In a proposal Step, the
`merchant proposes a commercial transaction to the con
`Sumer via the access device. In a first access device identi
`fication Step, wherein the access device communicates to the
`merchant an identification code associated with the acceSS
`device. In a Second communications establishment Step,
`after the consumer and merchant have agreed on the pro
`posed commercial transaction, the consumer and the elec
`tronic identicator use the acceSS device to establish commu
`nications with each other. In a Second access device
`identification Step, the access device communicates to the
`electronic identicator the identification code associated with
`the acceSS device. In a consumer identification Step, the
`electronic identicator compares a bid biometric Sample taken
`directly from the consumer's person with at least one
`previously registered biometric Sample to produce a Suc
`cessful or failed identification of the consumer. In an infor
`mation forwarding Step, upon Successful identification of the
`consumer, the electronic identicator electronically forwards
`information regarding the consumer to the merchant. Upon
`Successful identification of the consumer, these Steps enable
`a biometrically authorized electronic financial transaction
`without the consumer being required to present any perSon
`alized man-made memory tokens.
`0.019
`Optionally, the electronic identicator may perform
`an electronic financial transaction authorization. In this
`embodiment, there is a transaction forwarding Step, the
`merchant forwards information regarding the commercial
`transaction to the electronic identicator. In an identification
`code forwarding Step, the merchant communicates to the
`electronic identicator the identification code associated with
`the access device that was previously communicated to the
`merchant. In an association Step, the identification code
`asSociated with the access device is used to associate the
`biometric identification accomplished in the consumer iden
`tification Step with the information regarding the commer
`
`cial transaction. Finally, there is a financial transaction
`authorization Step: the electronic identicator executes a
`financial transaction on behalf of the merchant.
`0020. Alternatively, the merchant may optionally per
`form an electronic financial transaction authorization. In this
`embodiment, there is an identification code forwarding Step,
`wherein the electronic identicator forwards to the merchant
`the identification code associated with the access device that
`was previously communicated to the electronic identicator.
`In an association Step, the identification codes associated
`with the access device are used to associate the information
`regarding the consumer with the commercial transaction. In
`a financial transaction authorization Step, the merchant
`executes a financial transaction.
`0021. The invention also includes a system for tokenless
`biometric authorization of an electronic transaction between
`a consumer and a merchant. The System includes an elec
`tronic identicator, comprising at least one computer further
`comprising at least one database wherein the consumer
`registers at least one registration biometric Sample taken
`directly from the consumer's perSon. It also includes an
`acceSS device capable of establishing communications
`between the consumer and the merchant, and between the
`consumer and the electronic identicator, and further com
`prising biometric input means, said access device not being
`required to contain in memory any data that is personalized
`to the consumer. There is a communication means for
`enabling communications between the consumer and the
`merchant, and between the consumer and the electronic
`identicator, and capable of transmission of a bid biometric
`Sample obtained by the acceSS device from the perSon of the
`consumer to the electronic identicator. A comparator engine
`is used to compare a bid biometric Sample to at least one
`registration biometric Sample. An execution module is used
`for authorizing a transfer of a transaction amount from a
`financial account of the consumer to a financial account of
`the payor. The System enables a financial transaction to be
`conducted without the consumer being required to possess
`any man-made tokens containing information in memory
`that is personalized to the consumer.
`0022. The electronic identicator can include means
`responsive to a comparison matching the bid biometric
`Sample to the registration biometric Sample to forward
`information to the merchant regarding the consumer.
`0023 Information forwarded regarding the consumer
`may comprise a previously registered financial account
`identifier belonging to the consumer, or the consumer's age,
`or name, or address. It may also indicate the Success or
`failure of a financial transaction. Financial account identi
`fiers may comprise a credit card number, a debit card
`number, or a bank account number.
`0024. The access device may be a wireline telephone, a
`wireleSS telephone, a two-way pager, a personal digital
`assistant, or a personal computer. Identification codes asso
`ciated with an acceSS may include telephone numbers, ESN
`numbers, a hardware identification code, or encryption of a
`challenge message using a private key.
`0025 Communication of the identification code may be
`accomplished via caller ID, and the first and Second com
`munication establishment Steps may be implemented using
`a telephone call, three-way calling, induced three-way call
`ing, or packet Switching.
`
`Page 7 of 12
`
`

`

`US 2002/OO19811 A1
`
`Feb. 14, 2002
`
`0026. Biometrics used in the invention may include fin
`ger images, facial images, retinal images, iris images, or
`Voiceprints.
`0027. The execution module may optionally be located or
`operated by the merchant, or by the electronic identicator, or
`by a third party.
`0028. The foregoing and other objects, features and
`advantages of the invention will become more readily appar
`ent from the following detailed description of a preferred
`embodiment of the invention which proceeds with reference
`to the accompanying drawings.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`0029 FIG. 1 shows the overall collection of elements
`comprising the System.
`0030 FIGS. 2, 3, and 4 illustrate examples of operation
`of the system of FIG. 1 according to the invention.
`
`DETAILED DESCRIPTION
`0031. Overall Architecture
`0032. As shown in FIG. 1, the invention comprises the
`following components. There is at least one consumer who
`is able to use the invention for purchasing goods or Services.
`Similarly, there is at least one merchant who is able to fulfill
`orders from the consumer. The consumer has access to an
`access device. AS described in greater detail below, an acceSS
`device is simply a device that is capable of both communi
`cating an order to a merchant and also accepting a biometric
`from the consumer. Abiometric or a biometric Sample is any
`unique human characteristic of which a Scan or image is
`taken directly from the person. The biometric or biometric
`Sample may be, but is not limited to, any of the following:
`a Voice print, a fingerprint, a retinal image, an iris image, a
`facial image.
`0033. A third-party identicator provides the ability to
`accept biometric and other data as input, to identify the
`consumer from this data, and to either complete a financial
`transaction on behalf of the merchant or to provide infor
`mation to the merchant to enable the merchant to complete
`a financial transaction. Throughout this Specification the
`terms “third-party identicator” and “electronic identicator”
`are used interchangeably; it is understood that the electronic
`identicator may be owned and/or operated by the merchant,
`the consumer, or a third party, without loSS of generality.
`0034 Communication Links
`0.035 Communication links exist or can be established
`between the acceSS device and the merchant, the acceSS
`device and the third-party identicator, and the merchant and
`the third-party identicator. A communication link can be a
`permanent connection (e.g., a leased line), a temporary
`Switched-circuit connection (e.g., a dialup telephone call), or
`a virtual connection (e.g., via packet Switching). Encryption
`can be employed on all communication links to protect
`Sensitive data, as is Standard in the industry.
`0036). Access Device
`0037. An access device is any device that is capable of
`communicating an order to a merchant and also accepting a
`biometric Sample from the consumer. Different acceSS
`devices are preferable in different situations. The acceSS
`
`device is not required to contain in memory any data which
`is personalized to or unique to the consumer in order for the
`consumer to complete a financial transaction. Example
`acceSS devices include:
`0038 A standard wireline telephone. A consumer can
`use Such a device to call a merchant and place an order,
`as is done today. Additionally, it can be used as a
`biometric input device using the consumer's voice as a
`biometric.
`0039. A wireless or cellular telephone. Just like a
`Standard wireline telephone, a wireleSS telephone can
`also be used as an access device using voice biometrics.
`0040 A wireless or cellular telephone with a built-in
`finger image Scanner or other biometric Sensor. This is
`like the example above, but uses a biometric other than
`Voice, e.g., a finger image.
`0041) A wireless personal digital assistant (PDA) with
`a microphone or other biometric Sensor. The wireleSS
`PDA can be used to enter and communicate an order to
`a merchant, and a microphone or other biometric Sensor
`can be used to input a biometric.
`0042. Other access devices will be apparent to those of
`ordinary skill in the art.
`0043. Every access device possesses an identification
`(ID) code. This ID code is preferably unique to the device,
`but is not required to be. Examples of ID codes include a
`digital certificate Stored in a PDA or wireleSS telephone, a
`telephone or ESN number stored in a wireless telephone, or
`a telephone number in the case of a wire-line phone. Note
`that in this last example the ID code (the telephone number)
`is not unique to the device (the telephone) but is rather
`unique to the telephone line.
`0044) Third-party Identicator
`004.5 The third-party identicator is a data and call-pro
`cessing center comprising a database of biometric and
`financial account information for at least one, and ordinarily
`for many consumers.
`0046) An identicator can be a single computer that serves
`a particular merchant or a large collection of computers that
`serve a number of different merchants. The third-party
`identicator accepts queries of biometric data and identifies
`consumers from this data. Once identified, the third-party
`identicator retrieves financial account data associated with
`that consumer. This financial account information either is
`then used to directly charge the financial account, or is
`provided to the merchant to charge the account.
`0047. Third-party identicators are known in the art; an
`example third-party identicator is given in Section 1.5 “SyS
`tem. Description: Data Processing Center” in U.S. Pat. No.
`5,613,012 to Hoffman, et al., which is assigned to the same
`entity that this invention is assigned to, and which is hereby
`incorporated by reference.
`0048 Use of the System via Telephone Access Device
`0049. In one embodiment a telephone is the access device
`used. Use of the System in this embodiment proceeds as
`follows.
`0050) 1. The consumer uses the access device (tele
`phone) to contact the merchant.
`
`Page 8 of 12
`
`

`

`US 2002/OO19811 A1
`
`Feb. 14, 2002
`
`0051 2. The consumer and the merchant work out
`and agree upon the details of the transaction, includ
`ing the goods or Services to be ordered, the Ship to
`and bill to addresses, and the transaction amount.
`0.052 3. The merchant receives the ID code from the
`access device. In one embodiment, this is via caller
`ID.
`0053 4. The merchant sends the ID code, the mer
`chant identifying information, and the transaction
`amount to the third-party identicator. This informa
`tion may be sent via an out-of-band channel (e.g., a
`Separate network connection or via a virtual private
`network) or it may be passed in-band at the start of
`step 5, below.
`0054 5. The merchant transfers the telephone call to
`the third-party identicator.
`0055 6. The third-party identicator prompts the con
`Sumer to enter their biometric. In one embodiment
`this biometric is a finger image. In another embodi
`ment it is a voiceprint. Other biometrics are known.
`This biometric information is sent to the third-party
`identicator.
`0056 7. The third-party identicator uses the biomet
`ric information to identify the consumer. In the event
`that the consumer cannot be identified from the
`Supplied biometric, the third-party identicator
`prompts the consumer to try again. If the consumer
`cannot be identified after repeated tries, the third
`party identicator transferS the call to a human cus
`tomer Service assistant, who can use other means to
`identify the consumer.
`0057 8. In the event of a successful identification
`the third-party identicator retrieves account informa
`tion for the consumer. Account information consists
`of credit card or other financial account data Suffi
`cient to complete a financial transaction.
`0058 9. If necessary, the third-party identicator uses
`the ID to assist in matching up the transaction
`information (merchant identification information
`and amount) with the individual.
`0059 10. In one embodiment, the third-party iden
`ticator performs a financial transaction using the
`retrieved financial account information. In another
`embodiment, the third-party identicator returns this
`financial account information to the merchant So that
`the merchant can complete a financial transaction.
`0060 Use of System via Personal Digital Assistant
`0061. In another embodiment, a wireless PDA is the
`access device used. AS discussed above, different biometrics
`are possible. For illustrative purposes, a voice biometric is
`used in this embodiment. Use of the system in this embodi
`ment proceeds as follows:
`0062 1. The consumer uses the access device (wire
`less PDA) to contact the merchants web site or its
`equivalent.
`0063. 2. The consumer and the merchant work out
`and agree upon the details of the transaction, includ
`
`ing the goods or Services to be ordered, the Ship to
`and bill to addresses, and the transaction amount.
`0064 3. The merchant receives the ID code from the
`access device. In this embodiment, this is either a
`digital certificate identification or a number Stored in
`the device.
`0065. 4. The merchant sends the ID code, the mer
`chant identifying information, and the transaction
`amount to the third-party identicator.
`0066 5. The merchant sends a message to the device
`indicating that the device should contact the third
`party identicator.
`0067 6. The third-party identicator sends a message
`to the device instructing it to prompt the consumer to
`enter his or her biometric. AS described above, a
`Voice biometric is used for illustrative purposes in
`this embodiment, but other biometrics are possible.
`This biometric information is sent to the third-party
`identicator.
`0068 7. The third-party identicator uses the biomet
`ric information to identify the consumer. In the event
`that the consumer cannot be identified from the
`Supplied biometric, the third-party identicator
`prompts the consumer to try again. If the consumer
`cannot be identified after repeated tries, the third
`party identicator alerts a human customer Service
`assistant, who can use other means to identify the
`COSUC.
`0069 8. In the event of a successful identification,
`the third-party identicator retrieves account informa
`tion for the consumer. Account information may
`consist of credit card account number or other finan
`cial account data Sufficient to complete a financial
`transaction.
`0070) 9. If necessary, the third-party identicator uses
`the ID to assist in matching up the transaction
`information (merchant identification information
`and amount) with the individual.
`0071
`10. In one embodiment, the third-party iden
`ticator performs a financial transaction using the
`retrieved financial account information. In another
`embodiment, the third-party identicator returns this
`financial account information to the merchant So that
`the merchant can complete a financial transaction.
`0072) Use of System via Telephone with Induced Three
`way Calling
`0073. In another embodiment, a telephone having a fea
`ture known as “induced three-way calling is the access
`device used. In this embodiment, an external entity (e.g., the
`merchant) can request that the telephone put the current
`connection on hold and then dial out and establish another
`connection. While this feature does not exist in current
`generation telephones, implementation of Such a feature
`would be straightforward for one of ordinary skill in the art.
`For illustrative purposes, a voice biometric is used in this
`embodiment. Use of the system in this embodiment pro
`ceeds as follows:
`0074) 1. The consumer uses the access device (tele
`phone) to contact the merchant.
`
`Page 9 of 12
`
`

`

`US 2002/OO19811 A1
`
`Feb. 14, 2002
`
`0075 2. The consumer and the merchant work out
`the details of the transaction, including the goods or
`services to be ordered, the ship to and bill to
`addresses, and the transaction amount.
`0.076
`3. The merchant receives the ID code from the
`access device. In one embodiment, this is via caller
`ID.
`0077. 4. The merchant sends the ID code, the mer
`chant identifying information, and the transaction
`amount to the third-party identicator. This informa
`tion may be sent via an out-of-band channel (e.g., a
`Separate network connection or via a virtual private
`network) or it may be passed in-band at the start of
`step 5, below.
`0078 5. The merchant sends a message to the access
`device (telephone) instructing it to put the current
`call to the merchant on hold and to call the third
`party identicator.
`0079) 6. The third-party identicator obtains the
`access device ID from the access device. In one
`embodiment, this is via caller ID.
`0080 7. The third-party identicator prompts the con
`Sumer to enter their biometric. In one embodiment
`this biometric is a finger image. In another embodi
`ment it is a voiceprint. Other biometrics are known.
`This biometric information is sent to the third-party
`identicator.
`0081 8. The third-party identicator uses the biomet
`ric information to identify the consumer. In the event
`that the consumer cannot be identified from the
`Supplied biometric, the third-party identicator
`prompts the consumer to try again. If the consumer
`cannot be identified after repeated tries, the third
`party identicator transferS the call to a human cus
`tomer Service assistant, who can use other means to
`identify the consumer.
`0082 9. In the event of a successful identification
`the third-party identicator retrieves account informa
`tion for the consumer. Account information consists
`of credit card or other financial account data Suffi
`cient to complete a financial transaction.
`0083) 10. If necessary, the third-party identicator
`uses the ID to assist in matching up the transaction
`information (merchant identification information
`and amount) with the individual.
`0084 11. In one embodiment, the third-party iden
`ticator performs a financial transaction using the
`retrieved financial account information. In another
`embodiment, the third-party identicator returns this
`financial account information to the merchant So that
`the merchant can complete a financial transaction.
`0085 12. The third-party identicator sends a mes
`Sage to the access device instructing it to terminate
`the call and resume the call with the merchant.
`0086) 13. The merchant now verifies that the trans
`action completed Successfully.
`0087. From the foregoing it will be appreciated how the
`objects of the invention are met. AS can be seen from the
`above, the invention is marked advantageous over existing
`Systems in numerous ways:
`
`0088 First, because each transaction is authorized using
`a biometric received from the consumer's perSon, the trans
`action cannot be repudiated, eliminating chargebackS.
`0089. Second, the invention is convenient for the con
`Sumer, in that the third-party identicator handles all financial
`account information, eliminating the need to recite or oth
`erwise enter credit card or other account numbers into a
`telephone or PDA.
`0090 Third, the use of biometrics and encryption pro
`vides Security, eliminating the possibility of fraud via inter
`cepting transmissions from the telephone or PDA.
`0091
`Fourth, the system supports the use of multiple
`types of financial accounts, providing flexibility for the
`COSUC.
`0092 Fifth, through its Superior security and non-repu
`diation capabilities, the invention justifies a reduced dis
`count rate for the merchant.
`0093 Sixth, by using ordinary telephone connections or
`existing wireleSS connections, the invention is easy to inte
`grate with existing merchant computer, information, and
`payment Systems.
`0094. Seventh, the invention does not require the con
`Sumer to use or possess any portable, m