PatentVote.com: Vote on your favourite invention!

Next ten patents ordered by date:
Method and apparatus for generating a statistical basis
System for indicating when maximum material speed for a predetermined board length is exceeded in a corrugator cut-off machine
Mechanical-electrical transducer
Adder with carry enable for bit operations in an electric digital calculator
Asynchronous binary array divider
Two's complement pipeline multiplier
Digital phase detector
Method and device for the storage and multiplication of analog signals
Multiple flashlamp array
Light beam target and apparatus using the same
Translate:
En
De
Es
Fr
It
Pt
Ja
Ko
Zh 

 

Title: Transaction execution system with secure data storage and communications



Do you think this is a good invention? Vote now:

 Votes so far: For:(0) Against:(0)
Claims: What is claimed is:

1. A transaction terminal which is connectable to a host and which is dependent upon a host for approval and recordation of transactions indicated by a user, the transaction terminal comprising:

a data input device for entering a user determined block of identification information;

an encoder connected to encode at least a portion of the block of identification information to produce a first encrypted block of identification information indicative of at least a portion of the identification block of information;

an encoder connected to encode at least a portion of the first encrypted block of identification information to produce a second encrypted block of identification information indicative of at least a portion of the identification block of information; and

a transmitting system connected to transmit at least a portion of the second encrypted block of identification information to a host.

2. The transaction terminal as set forth in claim 1 above, further comprising a device for generating a block of variable information which changes with each user transaction and wherein the second encrypted block producing encoder is further connected to encode a block of variable information along with the at least a portion of the first encrypted block of identification information to produce a second encrypted block of identification information indicative of both variable information and at least a portion of the block of identification information.

3. The transaction terminal as set forth in claim 1 above, further comprising means for storing first and second encryption keys and wherein the first and second encoded blocks of information are produced in response to the first and second encryption keys respectively.

4. The transaction terminal as set forth in claim 3 above, further comprising an operator control panel for entering operator determined information;

means responsive to the entry of control information through the operator panel for destroying the first encryption key; and

an encoder connected to produce and store the first encryption key in response to the entry of proper operator determined information through the contol panel.

5. The transaction terminal as set forth in claim 4 above, further comprising means for storing a third encryption key and wherein the first encryption key is produced in response to a stored third encryption key and information entered through the contol panel.

6. The transaction terminal as set forth in claim 1 above, wherein the block of identification information is of a length less than a predetermined length and further comprising means for expanding a data block length connected to receive a short data block of a length less than a predetermined length from the data input device, expand the received data block to a predetermined length by adding characters which are dependent upon the data content of the short data block, and provide a data block which has been expanded to a predetermined length to the first encrypted block producing encoder.

7. The transaction terminal as set forth in claim 6 above, wherein the expanding means expands a short block of data by adding characters which are generated from the process of taking the logical exclusive-or of selected portions of the short block of data.

8. The transaction terminal as set forth in claim 1 above, further comprising means for reading prerecorded information from a user produced card, an encoder connected to encode a selected portion of the prerecorded information read from a card to produce a block of encrypted card information, and a comparator connected to compare a selected portion of the block of identification information received by the data input device with a corresponding selected portion of the block of encrypted card information and indicate the identity or non-identity of the compared data.

9. The transaction terminal set forth in claim 8 above, further comprising means responsive to the identity or nonidentity indication for inhibiting the transmission of said at least a portion of the second encrypted block to a host.

10. The transaction terminal as set forth in claim 8 above, further comprising means for selecting a portion of the prerecorded card information for encoding in response to a predetermined encryption key.

11. The transaction terminal as set forth in claim 8 above, further comprising means for selecting a portion of the block of identification information and block of encrypted card information which are to be compared in response to a predetermined encryption key.

12. A transaction execution system having a host data processing system maintaining a plurality of accounts and which approves or disapproves requested transactions affecting the maintained accounts and modifies maintained accounts in accordance with approved requested transactions which affect said accounts, the transaction execution system comprising:

a host data processing system including a data base store storing a plurality of accounts, each including a first block of information and a second block of information which has a relationship to a third block of information of being obtainable by encrypting a third block of information in accordance with a first predetermined coding scheme, the host data processing system approving a requested transaction and correspondingly modifying a related information block containing account only when both the first and second blocks of information for an account which is related to a requested transaction are included as part of a transaction request received by the host; and

at least one transaction execution terminal coupled in communication with the host data processing system, the terminal including means for receiving transaction request information from a user along with first and third blocks of information for an adversely affected account, the terminal including means for encrypting the third block of information in accordance with the first predetermined encoding scheme to obtain a second block of information and means for communicating the transaction information, first block of information and second block of information to the host data processing system.

13. The transaction execution system as set forth in claim 12 above, wherein the transaction execution terminal includes means for issuing cash to a user in response to a cash issue transaction request which is approved by the host upon receipt by the terminal of a host approval indication, and wherein the host data processing system communicates a cash issue transaction approval indication to the terminal in response to the receipt from the terminal of cash issue transaction request information and first and second blocks of information only if predetermined conditions are met, said predetermined conditions including a predetermined correspondence between the second block of information received by the host data processing system from the terminal and information stored by the host data processing system in an account indicated by the first block of information received by the host data processing system from the terminal.

14. The transaction execution system as set forth in claim 13 above, wherein the terminal includes means for reading information from a user supplied card which indicates a user account within the plurality of accounts maintained by the host data processing system.

15. The transaction execution system as set forth in claim 14 above, wherein the third block of information is obtainable by encrypting the first block of information in accordance with a second predetermined encoding scheme.

16. The transaction execution system as set forth in claim 15 above, wherein the first and second predetermined encoding schemes are the same.

17. The transaction execution system as set forth in claim 12 above, wherein the terminal includes means for reading the first block of information from a user supplied card.

18. The transaction execution system as set forth in claim 17 above, wherein the third block of information has the relationship to the first block of information of being obtainable by encrypting the first block of information in accordance with a second predetermined encoding scheme.

19. The transaction execution system as set forth in claim 18 above, wherein the first and second predetermined encoding schemes are the same.

20. A transaction execution system comprising:

a host data processing system storing information for a plurality of accounts, said information including a first information block and a second information block, the host system operating (1) to receive first messages from at least one terminal, each first message containing first and second data blocks and transaction request information, (2) to access a stored second block of information for an account which includes the first block of information and compare the received second block of information with the accessed stored second block of information, (3) to communicate a second message to a terminal which indicates disapproval of a requested transaction unless the received second block of information is the same as the accessed stored second block of information, (4) to receive a third message from a terminal which indicates that a requested transaction has been executed by the terminal, and (5) to update stored information for an account which is affected by an executed transaction in response to the receipt of a third message indicating that a requested transaction has been executed; and

a transaction execution terminal coupled for communication with the host data processing system and which includes (1) means for receiving a first information block, a third information block and transaction request information from a terminal user, (2) means for processing the third information block in accordance with a predetermined algorithm to generate a second information block in response to the third information block, (3) means for communicating to the host data processing system a first message containing the received first data block, the generated second data block and the received transaction request information, (4) means for receiving a second message from the host data processing system, (5) means for responding to a second message that does not disapprove a requested transaction by executing a requested transaction, and (6) means for communicating a third message to the host data processing system which indicates that a requested transaction has been executed in response to the execution of a requested transaction.

21. The transaction execution system as set forth in claim 20 above wherein the transaction execution terminal further includes means for combining the generated second data block with information which varies with each transaction, means for encrypting the combined data to generate a fourth data block, and means for communicating the fourth block of information as part of the first message with the generated second block of information being contained in the first message only as part of the fourth block of information, and wherein the host data processing system decrypts the fourth block of information contained within a first message to derive the second block of information.

22. A transaction execution system comprising a host data processing system storing a data base of accounts each having account identification information and corresponding user identification information but no identification number information included therein, at least a portion of the corresponding user authentication information having a randomly selected relationship to the account identification information, the host data processing system approving a transaction request from a transaction terminal only when the transaction request includes account identification information and authentication information corresponding thereto; and a transaction terminal including means for receiving account identification information, an identification number and transaction request information from a terminal user, means for generating authentication information having a predetermined relationship to the identification number and means for communicating the received account information, transaction request information and generated authentication information but not the identification number to the host.

23. The transaction execution system as set forth in claim 22 above, wherein the host data processing system includes means for communicating to a terminal information indicating the approval or disapproval of a transaction request received by the host system from the terminal and means for accounting for a requested transaction by modifying stored accounts in accordance therewith upon receipt by the host system of a message from the terminal which indicates that a requested transaction has been executed, and wherein the transaction terminal further includes means for receiving an approval or disapproval indication for a requested transaction from the host system, means for executing an approved requested transaction in response to the receipt of an approval indication and means for communicating to the host system a message which indicates that a requested transaction has been executed in response to the execution of a requested transaction.

24. A transaction execution system comprising a transaction execution terminal including means for receiving account identification information, ID information and transaction request information from a terminal user, at least a portion of the ID information having a predetermined relationship to the account information, the terminal further including means for processing the received account information in accordance with the predetermined relationship to generate ID information, means for comparing the generated ID information with the received ID information, means for disapproving a requested transaction if said at least a portion of the received ID information is not the same as a corresponding portion of the generated ID information, means for generating authentication information having a predetermined relationship to, but different from, information received from a terminal user, and means for communicating account ID information, transaction request information and authentication information to a host data processing system having a stored data base of accounts when a requested transaction is not disapproved by the disapproving means.

25. A self service banking terminal comprising:

first means for receiving and storing a secret cypher key indicated by bank personnel;

card reader means for reading information encoded on a user card;

second means for receiving information manually entered by a user;

cryptographic means operating in dependence upon said secret cypher key for detecting noncorrespondence between predetermined portions of said read information and predetermined portions of said manually entered information;

third means operable by service personnel for diagnosing machine malfunctions;

means for erasing said secret cypher key from said receiving and storing means when said third means is made operable; and

means for inhibiting the execution of a requested transaction upon detection of a noncorrespondence by the cryptographic means.

26. A system for conducting business transactions comprising:

first and second stations separated from each other, and linked together by a communication link interconnecting said stations;

said first station including

card reader means for reading data encoded in an identification card presented to said first station by a user;

first keyboard means operable in a plurality of modes for receiving manually selected data, including in a first mode a secret number having a cryptographic relationship to selected data encoded in said identification card, and in a second mode a transaction amount;

second keyboard means for generating signals identifying one of a plurality of business transactions, including cash withdrawal;

a display connected to display selected information to a user;

dispensing means for issuing currency in response to an authorization message from said second station;

means for counting the number of documents issued by said dispensing means;

means for printing selected information on a statement and issuing a printed statement to a user;

request message generating means in said first station operable in response to said card reader means and said first and second keyboard means for transmitting to said second station a request message including an encyphered portion and a clear data portion, said encyphered portion comprising a cypher message obtained by encrypting a data word including the secret number entered by said customer and the contents of said counting means, the clear text data including information read from said card and information identifying the number of currency documents requested;

said second station comprising means operable in response to said request message for generating a reply message, said reply message including an encyphered portion and a clear data portion, said encyphered portion comprising a cypher message obtained by encrypting a second data word including a plurality of status bits for instructing said first station to return or retain said card, to authorize or reject the requested transaction, and also including a character identifying the number of currency documents to be issued and the cumulative number of bills issued by said dispensing means, and the clear text portion containing data identifying information to be displayed on said display means and printed by said printing means;

said first station further comprising means for decyphering the encyphered portion of said reply message and for controlling said dispensing to issue the requested number of bills based upon the existence of a transaction approval status bit in said reply message and correspondence between the amount requested and the amount authorized, and correspondence between the contents of said cash counter and a number obtained from said reply message identifying the number of bills issued.

27. A transaction execution system which is operable to execute transactions requested by a user having a credit card with information stored thereon and a personal ID number, the transaction execution system comprising a host data processing system including means for storing account information which is accessible in response to information stored on a user credit card, said account information including an encrypted ID number generated by encryption of the personal ID number of the user in a predetermined manner, the host data processing system including means for authenticating the user credit card by comparing the stored encrypted ID number with a communicated encrypted ID number received from a transaction request terminal; and at least one transaction request terminal in communication with the host data processing system, the transaction request terminal including means for receiving a user credit card, means for reading information stored on the credit card, means for receiving independent of the credit card a personal ID number, means for encrypting the personal ID number in accordance with the same predetermined manner used for generation of the stored encrypted ID number, and means for communicating the encrypted ID number and information read from the credit card to the host data processing system.

28. The method of operating a transaction execution system having a host data processing system storing account information for a plurality of accounts and at least one transaction terminal in communication with the host system, the terminal being capable of encrypting ID information received thereby, the method comprising the steps of:

storing encrypted ID information with each account;

communicating transaction information, ID information and account identification information from a system user to the transaction terminal;

encrypting ID information received by the terminal from a user;

communicating transaction information, encrypted ID information and account identification information from the terminal to the host system; and

executing a transaction indicated by the transaction information only if the communicated encrypted ID information corresponds to encrypted ID information stored with an account indicated by the account identification information.

Other info:


Inventors: Anderson, Thomas G. (Los Altos, CA, US)
Boothroyd, William A. (San Jose, CA, US)
Frey, Richard C. (San Jose, CA, US)

Application Number: 483084
Filing Date: 1974-06-25
Publication_date: 1976-05-11
Assignee: IBM Corporation (Armonk, NY)
Primary Class(es): 705/72 235/379, 235/381, 340/5.74, 713/185, 713/194, 902/2, 902/39, 902/40
Other Classes:
US Patent Ref:
3641497Feb, 1972Constable340/149.
3715569Feb, 1973Hicks et al.235/61.
3743134Jul, 1973Constable et al.235/61.
3833885Sep, 1974Gentile et al.340/152.
3845277Oct, 1974Voss et al.235/61.

Other Refs:
Primary Examiner: Canney, Vincent P.
Assistant Examiner:
Attorney: Fraser and Bogucki