US20040128249A1 - System and method for tokenless biometric electronic scrip - Google Patents

System and method for tokenless biometric electronic scrip Download PDF

Info

Publication number
US20040128249A1
US20040128249A1 US10/734,851 US73485103A US2004128249A1 US 20040128249 A1 US20040128249 A1 US 20040128249A1 US 73485103 A US73485103 A US 73485103A US 2004128249 A1 US2004128249 A1 US 2004128249A1
Authority
US
United States
Prior art keywords
scrip
supporter
electronic
account
identification
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US10/734,851
Inventor
Ned Hoffman
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Indivos Corp a Delaware Corp
Original Assignee
Indivos Corp a Delaware Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US08/345,523 external-priority patent/US5615277A/en
Priority claimed from US08/442,895 external-priority patent/US5613012A/en
Priority claimed from US08/705,399 external-priority patent/US5870723A/en
Priority claimed from US09/244,784 external-priority patent/US6012039A/en
Application filed by Indivos Corp a Delaware Corp filed Critical Indivos Corp a Delaware Corp
Priority to US10/734,851 priority Critical patent/US20040128249A1/en
Publication of US20040128249A1 publication Critical patent/US20040128249A1/en
Priority to US11/321,114 priority patent/US7698567B2/en
Assigned to THE BANK OF NEW YORK, AS COLLATERAL AGENT reassignment THE BANK OF NEW YORK, AS COLLATERAL AGENT GRANT OF PATENT SECURITY INTEREST (UNDER THE AMENDED AND RESTATED PATENT SECURITY AGREEMENT) Assignors: INDIVOS CORPORATION
Abandoned legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F19/00Complete banking systems; Coded card-freed arrangements adapted for dispensing or receiving monies or the like and posting such transactions to existing accounts, e.g. automatic teller machines
    • G07F19/20Automatic teller machines [ATMs]
    • G07F19/201Accessories of ATMs
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F18/00Pattern recognition
    • G06F18/20Analysing
    • G06F18/28Determining representative reference patterns, e.g. by averaging or distorting; Generating dictionaries
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/554Detecting local intrusion or implementing counter-measures involving event detection and direct action
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/82Protecting input, output or interconnection devices
    • G06F21/83Protecting input, output or interconnection devices input devices, e.g. keyboards, mice or controllers thereof
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/86Secure or tamper-resistant housings
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/02Payment architectures, schemes or protocols involving a neutral party, e.g. certification authority, notary or trusted third party [TTP]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/02Payment architectures, schemes or protocols involving a neutral party, e.g. certification authority, notary or trusted third party [TTP]
    • G06Q20/023Payment architectures, schemes or protocols involving a neutral party, e.g. certification authority, notary or trusted third party [TTP] the neutral party being a clearing house
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/04Payment circuits
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/04Payment circuits
    • G06Q20/06Private payment circuits, e.g. involving electronic currency used among participants of a common payment scheme
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/10Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/12Payment architectures specially adapted for electronic shopping systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/18Payment architectures involving self-service terminals [SST], vending machines, kiosks or multimedia terminals
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/20Point-of-sale [POS] network systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/22Payment schemes or models
    • G06Q20/28Pre-payment schemes, e.g. "pay before"
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • G06Q20/40145Biometric identity checks
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/409Device specific authentication in transaction processing
    • G06Q20/4097Device specific authentication in transaction processing using mutual authentication between devices and transaction partners
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/02Marketing; Price estimation or determination; Fundraising
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06VIMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
    • G06V10/00Arrangements for image or video recognition or understanding
    • G06V10/70Arrangements for image or video recognition or understanding using pattern recognition or machine learning
    • G06V10/77Processing image or video features in feature spaces; using data integration or data reduction, e.g. principal component analysis [PCA] or independent component analysis [ICA] or self-organising maps [SOM]; Blind source separation
    • G06V10/772Determining representative reference patterns, e.g. averaging or distorting patterns; Generating dictionaries
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06VIMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
    • G06V40/00Recognition of biometric, human-related or animal-related patterns in image or video data
    • G06V40/10Human or animal bodies, e.g. vehicle occupants or pedestrians; Body parts, e.g. hands
    • G06V40/12Fingerprints or palmprints
    • G06V40/1365Matching; Classification
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/30Individual registration on entry or exit not involving the use of a pass
    • G07C9/32Individual registration on entry or exit not involving the use of a pass in combination with an identity check
    • G07C9/37Individual registration on entry or exit not involving the use of a pass in combination with an identity check using biometric data, e.g. fingerprints, iris scans or voice recognition
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F19/00Complete banking systems; Coded card-freed arrangements adapted for dispensing or receiving monies or the like and posting such transactions to existing accounts, e.g. automatic teller machines
    • G07F19/20Automatic teller machines [ATMs]
    • G07F19/207Surveillance aspects at ATMs
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1008Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0861Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2211/00Indexing scheme relating to details of data-processing equipment not covered by groups G06F3/00 - G06F13/00
    • G06F2211/007Encryption, En-/decode, En-/decipher, En-/decypher, Scramble, (De-)compress
    • G06F2211/008Public Key, Asymmetric Key, Asymmetric Encryption
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2117User registration
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/102Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying security measure for e-commerce
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload

Definitions

  • the invention relates generally to electronic computer systems designed to calculate and store scrip. More specifically, this invention relates to tokenless biometric computer systems which do not require a person who support scrip programs to use any man-made portable memory devices such as smart cards or magnetic swipe cards when conducting an electronic scrip transaction.
  • Scrip systems have become a popular part of retail point of sale and internet commerce marketing. Scrip is a system whereby an individual person, known herein as a Scrip Supporter, can make donations to a pre-designated non-profit entity (Scrip Beneficiary) based on that person's usage patterns within the designated scrip system or program. Currently, over $2 billion is raised annually by non-profit organizations annually via such scrip programs.
  • Scrip is defined as any unit of data, such as currency, products or services, which is honored by a Scrip Merchant such that a Scrip Supporter's purchase, expenditure or usage of these units results in the Scrip Supporter's donation of goods, services or currency to a pre-designated non-profit entity (Scrip Beneficiary).
  • Such scrip may be actual tender in the form of gift certificates, stored-value cards or paper coupons having a pre-determined dollar value.
  • each unit of scrip has a tender or real face value when used with the participating scrip program merchant. Scrip can also include minutes of telephone calling time, miles towards earning a free airplane flight, points towards a gallon of gas, and the like.
  • these scrip may be purchased directly from the merchant by the non-profit entity at a discount on their face-value.
  • the discount to the Scrip Beneficiary may be a percentage based on volume, such that when pre-purchasing a $100 volume of scrip, the Scrip Beneficiary may pay only $95 for the scrip total actual tender or face value of $100.
  • the Scrip Beneficary re-sells these scrip to its Scrip Supporters for the full price, or the full face-value, of the scrip.
  • the Scrip Beneficary thereby keeps the dollar differential as a means for raising funds for its programs.
  • the Scrip Supporters then bring the scrip directly to the participating merchant to make purchases for goods or services.
  • Another example involves a Scrip Supporter registering any or all of their existing financial accounts, such as debit, credit or stored value accounts, for use in a donation program to benefit what is often a tax-deductible, non-profit or charitable Scrip Beneficiary that has pre-registered with the system.
  • non-profit entities are public schools, churches, civic organizations, and the like. Participating merchants will enable Scrip Supporters to automatically make donations to enrolled non-profit organizations, based on service usage, expenditures or purchases by Scrip Supporters.
  • the Scrip Supporters can do this using their registered debit and credit accounts by automatically tendering a pre-designated percentage or fixed dollar surcharge per transaction directly to the Scrip Beneficary via draft or electronic funds transfer (EFT).
  • EFT electronic funds transfer
  • Another example involves a Scrip Supporter's use of certain services or purchase of certain products, resulting in a participating merchant itself donating goods, services, or currency directly to a participating Scrip Beneficiary.
  • scrip programs enable a participating merchant to benefit from new sales to Scrip Supporters, while a Scrip Beneficary can benefit by having raised funds through several programs.
  • the Scrip Supporter may benefit: a) by having obtained pre-paid scrip towards the purchase of desired goods or services at no additional premium than the Scrip Supporter would have otherwise paid when making those purchasing via traditional means at the participating merchant, or; b) by having a tax-deductable percentage or automatic surcharge on their purchases through participating merchants, donated to their selected Scrip Beneficiary based on their use of registered financial accounts.
  • the merchant or the Scrip Beneficiary may have to bear the cost of inadvertently providing these incentives to a consumer who does not have the requisite pre-payments or purchasing patterns to benefit from them.
  • the merchant or the non-profit may literally be rewarding the wrong party and paying twice for this mistake. This is because the original consumer will likely demand from the merchant or the non-profit their rightful scrip even without having the token to authenticate their account. The merchant will thereby have to pay for the scrip for that genuine consumer as well. Therefore, there are few, if any, mechanisms in this system for establishing the correct identity of a Scrip Supporter and validating their authority to obtain or use scrip.
  • biometrics such as fingerprints, hand prints, voice prints, retinal images, handwriting samples and the like have been suggested for authenticating the identification of individuals.
  • a biometric is any distinct human characteristic which can uniquely identify an individual.
  • the biometrics are generally stored in electronic (and thus reproducible) form on a token and because the comparison and verification process is not isolated from the hardware and software directly used by the Scrip Supporter attempting access, the problem of having to carry cards is not alleviated. Further, such systems do not adequately isolate the identity verification process from tampering by someone attempting to gain unauthorized access. Examples of this approach to system security are described in U.S. Pat. No. 4,821,118 to Lafreniere; U.S. Pat. No.
  • Yet another object of the invention is to provide a computer system wherein access is secure, yet designed to be convenient and easy for a Scrip Supporter to use.
  • Yet another object of the invention is to enable a Scrip Supporter to donate scrip which are either immediately provided to a pre-designated Scrip Beneficiary or are stored for later access by the Scrip Beneficiary.
  • Another objective of this invention is that it function at both with merchants at the retail point of sale and with merchants over the internet.
  • Another objective of the invention is that the scrip participating entity, whether a Scrip Merchant or a Scrip Beneficiary, be identified by an electronic identicator, wherein the Scrip Merchant's identification is verified. Therefore, the Scrip Merchant would register with the electronic identicator some identification data, which may consist of any of the following data: a hardware ID code, a phone number, an email address, a street address, a digital certificate, an account number, a biometric, or a biometric and PIN combination.
  • Another objective of the invention is to be added in a simple and cost-effective manner to existing terminals currently installed at points of sale and used over the internet.
  • Yet another objective of the invention is to be efficiently and effectively operative with existing financial transactions systems and protocols, specifically as these systems and protocols linked to the processing of electronic scrip programs.
  • the present invention satisfies these needs by providing an improved system and method for tokenless authorization of an electronic scrip transaction using at least one scrip supporter biometric sample and an electronic identicator.
  • the preferred embodiment of the method comprises the steps of a scrip supporter registration step, wherein a scrip supporter registers with an electronic identicator at least one registration biometric sample, an electronic scrip transaction proposal step, comprising electronic scrip donator account data, at least one transmittal step, wherein a scrip supporter bid biometric sample is obtained from the scrip supporter's person and is electronically transmitted to the electronic identicator, a scrip supporter identification step, wherein the electronic identicator compares the bid biometric sample with at least one registration biometric sample for producing either a successful or failed identification of the scrip supporter, wherein upon successful identification of the scrip supporter, a scrip transaction is biometrically authorized, without the scrip
  • Another embodiment further comprises at least one local identicator containing a subset of all of the registered scrip supporter biometric samples in the electronic identicator.
  • Yet another embodiment comprises an electronic clearinghouse creation step, wherein a clearinghouse is created containing at least one rule module.
  • the rule module within the electronic clearinghouse contains at least one pattern data that is associated with at least one execution command.
  • Pattern data comprise any of the following: a unique scrip supporter identification code, demographic information, an email address, at least one pre-determined formula for scrip donations, secondary biometric, a telephone number, a mailing address, purchasing patterns, a digital certificate, a network credential, an Internet protocol address, a digital signature, and an encryption key.
  • An execution command comprises instructions for accessing at least one electronic registry that contains any one of the following; at least one scrip donator account and at least one scrip beneficiary account.
  • the electronic registry is located on an computer that is external to the authorization system.
  • system method further comprises at least one local clearinghouse containing a subset of all of the rule modules in the scrip transaction system.
  • the method further comprises a scrip merchant identification step, wherein the electronic identicator compares a scrip merchant bid identification data with a scrip merchant registered identification data for producing either a successful or failed identification of the scrip merchant.
  • the scrip merchant identification data comprises any one of the following; a hardware identification code, a telephone number, an email address, a digital certificate code, an account index, an electronic account number, a biometric, or a biometric and personal identification number combination.
  • the electronic identicator communicates with one or more external computers to access scrip merchant identification data.
  • the method further comprises at least one scrip beneficiary identification step, wherein the electronic identicator compares a scrip beneficiary bid identification data with a scrip beneficiary registered identification data for producing either a successful or failed identification of the scrip beneficiary.
  • the scrip beneficiary identification data comprises any one of the following; a hardware identification code, a telephone number, an email address, a digital certificate code, an account index, an electronic account number, a biometric, or a biometric and personal identification number combination.
  • the electronic identicator further communicates with one or more external computers to access scrip beneficiary identification data.
  • the scrip supporter registration step further comprises registering a scrip supporter personal identification number with the electronic identicator.
  • the method further comprising a scrip donator account resource determination step, wherein it is determined if a scrip donator account has sufficient resources to be debited for an amount specified in the scrip transaction.
  • the method comprises a transaction settlement step, wherein a scrip donator account is debited and a scrip beneficiary account is credited.
  • the electronic identicator communicates with one or more external computers to access an electronic registry comprising any of the following: scrip donator account data and scrip beneficiary account data.
  • the electronic scrip transaction proposal step further comprises scrip transaction data, wherein the scrip transaction data comprises any of the following: price information, a list of goods, a list of services, a scrip merchant name, a date or time, a location, and an invoice number. Additionally, a future date on which scrip is to be debited from the scrip donator account and credited to the scrip beneficiary account is included in the transaction settlement step.
  • the method further comprises a scrip supporter re-registration check step, wherein the scrip supporter's registration biometric samples are compared against previously registered biometric samples wherein if a match occurs, the computer system is alerted to the fact that the scrip supporter has attempted to re-register with the electronic identicator.
  • the scrip donator account is controlled by any of following: a scrip merchant, a scrip participating manufacturer, and a scrip supporter.
  • the scrip may comprise any unit of the following: gift certificates, stored-value units, electronic or paper coupons having a pre-determined dollar value, minutes of telephone calling time, miles towards earning a free airplane flight, points towards receiving a commodity or service.
  • the scrip donator account comprises any of the following: a stored value account and a financial account
  • the beneficiary account comprises any of the following: a stored value account and a financial account.
  • the method further comprises a notification step, wherein after settlement of the transaction, notification of the results of the transaction settlement step and scrip account activity is presented to any of the following: a scrip supporter; a scrip merchant; a scrip beneficiary.
  • the tokenless electronic scrip transaction authorization device comprises at least one electronic scrip supporter registration biometric sample, an electronic identicator for comparing a scrip supporter bid biometric sample with the at least one scrip supporter registration biometric sample to produce a successful or failed identification result, an electronic scrip donator account data, wherein upon successful identification of the scrip supporter, a scrip transaction is biometrically authorized, without the scrip supporter presenting any personalized man-made tokens such as smartcards or magnetic swipe cards.
  • the present invention is significantly advantageous over the prior art in a number of ways.
  • the invention is clearly advantageous from a convenience standpoint to Scrip Merchants and scrip institutions by making scrip transactions electronic, tokenless and biometric-based so that such transactions are less cumbersome, more spontaneous, and highly secure.
  • an electronic scrip transaction is any exchange or redemption of scrip in an electronic mode.
  • this tokenless biometric scrip system is easy and efficient for people to use because it eliminates the need for Scrip Supporters to remember or directly possess any personalized tokens such as paper scrips, magnetic swipe cards or personal computers with resident Scrip Supporter-specific data, in order to access their authorized pre-paid scrip accounts.
  • the present invention therefore eliminates all the inconveniences associated with carrying, safeguarding, and locating such tokens.
  • the consumer is now uniquely empowered, by means of this invention, to conveniently conduct his electronic scrip transactions at any time without dependence upon tokens which may be stolen, lost or damaged.
  • the present invention is also clearly advantageous from a convenience standpoint of Scrip Supporters by providing centralized database tracking and storage of scrip for Scrip Supporters, participating merchants, and scrip beneficiaries, thereby making scrip programs more cost-effective and accurate with regard to the monitoring of scrip donations and calculations. Additionally, such a centralized system for tokenless biometric electronic scrip, enables the system to transcend geography restrictions.
  • the Scrip Supporter can assist the non-profit of his choice regardless of his own geographic location since he does not. Further, extended family and friends who live in and out of a Scrip Beneficiary's geographic region can also register and participate, supporting worthwhile programs.
  • the invention is markedly advantageous and superior to existing systems in being highly fraud resistant.
  • the present invention virtually eliminates the risk of granting access to scrip by unauthorized Scrip Supporters by determining identity from an analysis of a Scrip Supporter's unique biometric characteristics.
  • the invention further enhances fraud resistance by maintaining authenticating data and carrying out the identity verification operations at a point in the system that is operationally isolated from the Scrip Supporter requesting access, thereby preventing an unauthorized Scrip Supporter from acquiring copies of the authenticating data or from tampering with the verification process.
  • Such a system is clearly superior to existing token-based systems wherein authenticating information, such as biometrics or personal codes, is stored on and can be recovered from the token, and wherein the actual identity determination is potentially in operational contact with the Scrip Supporter during the access process.
  • an embodiment of the invention identifies the designated non-profit Scrip Beneficiary through use of the Identicator, thereby reducing the likelihood of fraudulent entities making money or earning the benefits of scrip in place of the rightfully registered, authentic Scrip Beneficiary.
  • the invention is designed to be cost-effectively integrated with existing electronic data systems currently installed in corporate intranets and over the Internet.
  • FIG. 1 shows the preferred embodiment of a Party Identification Device (PDA) with a biometric sensor and key pad.
  • PDA Party Identification Device
  • FIG. 2 is a preferred embodiment of the Data Processing Center (DPC) showing the connections between its components.
  • DPC Data Processing Center
  • FIG. 3 and FIG. 6 show embodiments of the invention depicting interaction between an Identicator, an electronic clearinghouse governing disbursement of scrip, and an external entity servers.
  • FIG. 4 shows an embodiment of the invention depicting rule modules wherein each rule module is composed of at least one pattern data and at least one execution command.
  • FIG. 5 shows an embodiment of the Biometric-PIN identification mechanism where the transaction processor determines a Biometric-PIN from the Biometric-PIN Identification subsystem is responsible for a given subdivision of the biometric database.
  • the invention provides a tokenless biometric method for a scrip supporter to authorize a scrip transactions using scrip accounts either at the retail point of sale or over the Internet. It is the essence of this invention that the Scrip Supporter not be identified through the direct use any man-made personalized tokens to effect a scrip transaction. A computer system and an Identicator are used to accomplish these goals.
  • a biometric sample is defined as any distinct human characteristic which can uniquely identify an individual.
  • a biometric sample includes any of the following: a fingerprint or finger image, a voice print, a retinal scan, an iris scan, a facial image, and the like.
  • One such biometric sample is registered with the computer system and another is provided when the Scrip Supporter conducts a scrip transaction. These two biometric samples are compared by an electronic identicator (electronic Identicator or Identicator), which is a computer that uses this comparison to validate or deny the identity of the Scrip Supporter.
  • an electronic identicator electronic Identicator or Identicator
  • Scrip is defined as any unit of data, such as currency, products or services, which is honored by a Scrip Merchant such that a Scrip Supporter's purchase, expenditure or usage of these units results in the donation of goods, services or currency to the designated Scrip Beneficiary.
  • Such scrip may be actual tender in the form of gift certificates, stored-value cards or paper coupons having a pre-determined dollar value.
  • each unit of scrip has a tender or real face value when used with the participating scrip program merchant. Scrip can also be minutes of telephone calling time, miles towards earning a free airplane flight, points towards a gallon of gas, and the like.
  • a scrip account is defined as an account that contains any of the following: a) pre-purchased scrip deposited in a stored value account, or; b) a registered financial account which is designated to donate scrip based upon the Scrip Supporter's purchases.
  • An electronic scrip donator account (Scrip Donator Account) is an account controlled by a Scrip Supporter or optionally a participating scrip merchant (Scrip Merchant), from which scrip is debited as a result of an electronic scrip transaction.
  • An electronic scrip beneficiary account (Scrip Beneficiary Account) is an account controlled by a Scrip Beneficiary which is a recipient of scrip. The beneficiary is credited as a result of an electronic scrip transaction.
  • a scrip participating merchant is any provider of goods or services, such as: a standard brick-and-mortar point of sale merchant; an on-line internet based merchant; a service provider; or a product manufacturer.
  • Such scrip participating entities may include a phone company, a athletic apparel manufacturer, a book or music vendor, an internet service provider, a supermarket, and the like.
  • a scrip beneficiary is any entity to which donations of scrip is made based upon the participation of any of its Scrip Supporters.
  • Such scrip beneficiaries may include civic organizations, churches, schools, and the like.
  • a Scrip Supporter is any individual person who participates in a program to donate scrip to a non-profit entity based upon his purchases, expenditures, or service usages.
  • At least one biometric sample is registered with the computer system and a bid biometric sample is provided when the Scrip Supporter conducts a scrip transaction. These two biometric samples are compared by an electronic identicator, which is a computer that uses this comparison to identify the Scrip Supporter.
  • Scrip is defined as any unit of data, such as currency, products or services, which is honored by a Scrip Merchant such that a Scrip Supporter's purchase, expenditure or usage of these units results in the donation of goods, services or currency to a designated Scrip Beneficiary.
  • Such scrip may be actual tender in the form of gift certificates, stored-value cards or paper coupons having a pre-determined dollar value.
  • each unit of scrip has a tender or real face value when used with the participating scrip program merchant. Scrip can also be minutes of telephone calling time, miles towards earning a free airplane flight, points towards a gallon of gas, and the like.
  • a scrip account is defined as an account that contains any of the following: a) pre-purchased scrip deposited in a stored value account, or; b) a registered financial account which is designated to donate scrip based upon the Scrip Supporter's purchases.
  • An electronic scrip donator account (Scrip Donator Account) is an account controlled by a Scrip Supporter or a scrip participating merchant (Scrip Merchant), from which scrip is debited as a result of an electronic scrip transaction.
  • An electronic scrip beneficiary account (Scrip Beneficiary Account) is an account controlled by a recipient of scrip donations (Scrip Beneficiary), to which scrip is credited as a result of an electronic scrip transaction.
  • a scrip participating merchant is any provider of goods or services, such as: a standard brick-and-mortar point of sale merchant; an on-line internet based merchant; a service provider; or a product manufacturer.
  • Such scrip participating entities may include a phone company, a athletic apparel manufacturer, a book or music vendor, an internet service provider, a supermarket, and the like.
  • a scrip beneficiary is any entity to which donations of scrip is made based upon the participation of any of its Scrip Supporters.
  • Such scrip beneficiaries may include civic organizations, churches, schools, and the like.
  • a Scrip Supporter is any individual person who participates in a program to donate scrip to a Scrip Beneficiary based upon his purchases of goods or services.
  • the Scrip Supporter forwards at least one biometric sample obtained from their person to the Data Processing Center (DPC) 22 via a Party Data Apparatus (PDA) 1 .
  • the transmittal of the scrip transaction optionally occurs over a network 18 such as an intranet, extranet or the Internet, whether using a local area network (LAN) or wide area network (WAN).
  • LAN local area network
  • WAN wide area network
  • the Scrip Supporter not present any man-made personalized tokens during an identification process in order for an electronic scrip transaction to be authorized.
  • Such tokens include smart cards, magnetic swipe cards, or personal computers with resident Scrip Supporter-customized data.
  • An embodiment of the tokenless biometric scrip transactions is characterized by identifying the Scrip Supporter using the Scrip Supporter's bid biometric sample 62 that is submitted through a PDA 1 .
  • the PDA 1 is preferably directly connected via dial-up, leased lines or wireless modem 56 to the Internet 18 .
  • a bid biometric sample is submitted or through a PDA 1 in an intranet 58 or through a PDA 1 incoporated to any terminal such as an electronic cash register, a desktop personal computer, a notebook computer, or a public terminal or kiosk such as an Automated Teller Machine (ATM).
  • the Scrip Supporter is identified through biometrics while participating entities 28 such as scrip merchants or non-profit beneficiaries are identified through the verification of a digital certificate issued by an authorized certifying authority.
  • Execution of a Rule Module (RM) 50 or an Execution Command (EC) 52 by the Execution Module (Execution Modules) 38 may result in a declined transmission due to an unidentifiable bid biometric sample, a lack of an identifiable Scrip Merchant or Scrip Beneficiary 28 , a closed or inoperative participating Scrip Merchant or Scrip Beneficiary 28 , or some other immediately detectable problem condition. If the transmission is declined, the electronic Registry 14 or the Identicator 12 transmits the decline notification back to the PDA 1 .
  • the PDA 1 is actually built-in and/or integrated with a personal computer, although the invention does not require that the personal computer contain any resident Scrip Supporter-customized data, such as Pattern Data (PD) 54 , Execution Commands 52 or private encryption keys.
  • PD Pattern Data
  • Execution Commands 52 or private encryption keys.
  • the electronic Identicator (or Identicator) system comprises the following components:
  • the PDA is a device that gathers or contains identity information for use in authorizing scrip transactions. Each PDA conducts one or more of the following operations:
  • automated data scanning such as a magnetic ink character reader, a magnetic stripe reader or a bar-code reader
  • FIG. 1 A preferred embodiment containing these components is shown in FIG. 1.
  • Biometric input is gathered using a biometric sensor 2 located within the PDA 1 .
  • Biometric sensor 2 is a finger image sensor, however it is understood that other types of biometric sensors such as biometrics, such as hand prints, voice prints, retinal images, handwriting samples, iris scanning, facial images and others are also used.
  • the PDA has a biometric fraud detection mechanism 4 that will assure that any biometric input gathered from the biometric sensor is from a real physical person, instead of a copy or replica.
  • this is a blood flow detector.
  • PIN input is preferably gathered using a keypad or PIN pad 6 that is also located securely inside the PDA.
  • Communication security is provided by encryption using unique secret keys known only to that specific PDA and the DPC, and the DES encryption algorithm, preferably triple-encrypted.
  • Triple encryption means successive encrypt/decrypt/encrypt operations using two distinct 56-bit DES keys. This provides significantly higher security than a single encryption operation with one 56-bit DES key.
  • a public/private key system may also be used to encrypt information that passes between PDA and DPC. Both DES and public key encryption is well known in the industry.
  • the PDA also has secure memory 8 that can store and retrieve the unique secret encryption keys used to enable secure communications with the DPC.
  • secure memory 8 is battery backed-up RAM that is set up to be erased whenever the tamper-detect circuitry reports that tampering has been detected.
  • DUKPT a preferred key management system
  • DUKPT is well known in the industry. DUKPT is designed to provide a different DES key for each transaction, without leaving behind the trace of the initial secret key. The implications of this are that even successful capture and dissection of a PDA will not reveal messages that have previously been sent, a very important goal when the effective lifetime of the information transmitted is years. DUKPT is fully specified in ANSI X9.24. The DUKPT key table is stored in the secure memory.
  • Each PDA preferably has a hardware identification code that is registered with the DPC at the time of manufacture. This makes the PDA uniquely identifiable to the DPC in all scrip transactions from that device. This hardware identification code is stored in write-once memory 10 .
  • PDA physical security is assured by standard mechanisms.
  • these comprise tamper-detect circuitry 11 , an enclosure that cannot be easily opened without visibly injuring the enclosure, erasable memory for critical secrets such as encryption keys, write-once memory for hardware identification, tight integration of all components, and “potting” of exposed circuitry.
  • Information such as the amount of a transaction, the identity of a Scrip Supporter, or other transaction-related information is displayed using an integrated LCD screen 13 . It is preferable that the LCD screen be connected securely to the other components in the PDA 1 to maintain security.
  • the automated data scanner 20 is used to read encoded about the Scrip Supporter, the participating merchant or the scrip beneficiary. This is used during initial registration to link any such data to the Scrip Supporter's biometric identity.
  • Further data which is linked during registration to the Scrip Supporter's biometric may include: a driver's license number, a passport number, a debit account, a credit account, a checking account, a money-market account, a stored-value account containing pre-paid scrip, and the like.
  • a stored value account with a participating merchant may be pre-credited with funds, or scrip, from the Scrip Beneficiary and for the use of which the Scrip Supporter has pre-paid a premium to the Scrip Beneficiary.
  • the PDA 1 also validates public key digital certificates.
  • public keys of a particular certifying authority are initially stored in the PDA 1 at the time of construction. This provides the mechanism to verify a Scrip Merchant's digital certificates that are signed by the certifying authority, or a Scrip Beneficiary's digital certificates that are signed by the certifying authority.
  • any device that is secure can identify a Scrip Supporter, a Scrip Merchant or a Scrip Beneficiary with a high degree of certainty, and can connect to the DPC 22 via some form of communication line can serve as a PDA 1 .
  • the PDA hardware identification code is not used to identify either the Scrip Merchant or the Scrip Supporter.
  • Parties that wish to either originate or receive scrip transactions must first register with the Identicator 12 .
  • the identification and scrip information registered with the system for a given party depends on the mode used to originate or receive settlement.
  • a Scrip Supporter must register at least one biometric or a biometric-PIN, as well as a scrip account, along with establishing a scrip electronic clearinghouse that can govern the deposit, display, deducting, and disbursing of scrip and scrip account data using at least one scrip account.
  • Scrip Beneficiary In the case of a Scrip Beneficiary receiving electronic transfer of scrip, the beneficiary must also register: identification data unique to that Scrip Merchant or Scrip Beneficiary, such as a digital certificate, and; a scrip account that can receive the Scrip Supporter's donated scrip.
  • a Scrip Merchant usually a corporate entity, or a Scrip Beneficiary, usually a non-profit entity, must register identification data unique to that entity, such as a digital certificate, their PDA hardware identification codes.
  • a Scrip Supporter registers by submiting a registration biometric sample obtained from their physical person by the PDA's biometric sensor.
  • the PDA 1 determines that the biometric scan is non-fraudulent, and then translates and compresses that biometric scan into a format suitable for rapid scrip transaction to the DPC 22 .
  • the Scrip Supporter selects and enters a PIN code into the PDA keypad.
  • the person associates at least one scrip account with the registration biometric sample in the system.
  • this is accomplished by automatically scanning a bar-code or a magnetic stripe through the data reader attached to the PDA 1 .
  • this bar-code or magnetic stripe contains not only the Scrip Supporter's scrip account number, but also the identity of the Scrip Merchant or financial institution with which this account is associated.
  • an attendant verifies that the Scrip Supporter actually owns the scrip account by comparing personal photo id (a driver's license, passport, id card, etc) to the name listed on the scrip card.
  • personal photo id a driver's license, passport, id card, etc
  • the PDA 1 transmits the registration data to the DPC 22 .
  • the DPC 22 then inserts the biometric (or biometric-PIN) into the appropriate Identicator 12 database and generates a Scrip Supporter ID Code that is unique to the Scrip Supporter. From this point on, any time the Scrip Supporter is identified by the Identicator 12 , the Scrip Supporter ID Code is forwarded to the electronic Clearinghouse 14 where it invokes at least one Rule Module 50 for that Scrip Supporter. In the electronic Clearinghouse 14 database, a Rule Module 50 is created that is identified by the Scrip Supporter ID Code.
  • biometric record before a new biometric (or biometric-PIN) record is enabled to originate or execute a scrip transaction, the individual's submitted biometrics are checked against previously registered biometric samples in the electronic Identicator 12 using the same biometric comparison techniques as those used in the individual identification procedure. If a match is found for the newly submitted biometric record, the biometric record's status is set to “prior registration”. If the prior registration check was executed as part of a registration request, the Gateway Machine 26 logs a “registering individual with prior registration” warning, indicating that the person has attempted to register with the system more than once.
  • the DPC 22 validates the scrip account data submitted during registration. This involves making certain that the scrip account being registered is a valid account.
  • any Scrip Merchant or Scrip Beneficiary may register identification data that is unique to that entity, such as an alpha-numeric identification code, a digital certificate, or a PDA hardware identification code to identify itself to the DPC 22 .
  • Digital certificates are available from certifying authorities, and they provide the assurance that the entity with the certificate is the authentic owner of that identity. These certificates contain readable text and other information that describes the entity. This can include a corporate logo, the address, as well as the company name.
  • This entity identification data is then linked to at least one Scrip Donator Account or a Scrip Beneficiary Account. These scrip accounts are respectively used to electronically debit or credit scrip when the entity identification data is used to identify the Scrip Beneficiary.
  • PDA hardware identification codes are unique numbers assigned to PDA 1 devices at the time of manufacture.
  • a participating merchant installing PDA 1 devices at the point of sale can register PDAs 1 with the DPC 22 . This causes any transaction, either registration or purchase, flowing through those registered PDAs 1 to automatically identify the participating merchant which owns the hardware identification code.
  • the security surrounding the registration of an entity's digital certificates or PDA hardware identification codes to scrip account numbers is extremely strong, as this is a potential source for large losses over a short period of time.
  • the PDAs 1 are connected via Ethernet to a local router, which is itself connected to a network operations center (NOC) via frame relay lines. At least one Identicator 12 is located at the NOC. Messages are sent from PDA 1 to the Identicator 12 using TCP/IP over this network.
  • the PDAs 1 are connected via a cellular digital packet data (CDPD) modem to a CDPD provider, who provides TCP/IP connectivity from the PDA 1 to an intranet 58 to which at least one Identicator 12 is attached.
  • CDPD digital packet data
  • a PDA 1 is connected via the Internet, as is at least one Identicator 12 .
  • TCP/IP is used to transmit messages from PDA 1 to Identicator 12 .
  • There are many different ways to connect PDA 1 to Identicator 12 both tethered and wireless, that are well understood in the industry, including but not limited to: the Internet; an intranet; an extranet; a local area network (“LAN”); and a wide area network (“WAN”).
  • Scrip transactions optionally occur at a retail point of sale, across a network such as an intranet or the Internet, or at home or public terminal.
  • Data Processing Centers (DPC) 22 serve to identify the Scrip Merchant and the Scrip Supporter in a transaction, retrieve scrip and scrip account information for identified parties, and perform the execution that will result in settlement of transactions and scrip delivery to a Scrip Beneficiary for the scrip transaction.
  • the Data Processing Center 22 is comprised of an electronic Identicator 12 , an electronic Clearinghouse 14 , an internal Execution Module 38 , a Firewall 24 , a Decryption Module 29 , a Gateway Machine 26 , and a Logging Facility 36 .
  • the DPC 22 is connected to a network, like the Internet 18 or intranet 18 , using a firewall machine 24 that filters out all messages that are not from legitimate PDA 1 devices.
  • the messages are decrypted.
  • the transaction processor uses the decryption module (DM) 29 , which utilizes the hardware identification code of the PDA 1 to identify the encryption codes that is required to decrypt the message from the PDA 1 .
  • DM decryption module
  • the identity of parties to the transaction is determined using the electronic Identicator 12 .
  • the electronic Identicator 12 serves to identify the Scrip Supporter in an electronic scrip transaction.
  • the Identicator 12 compares a Scrip Supporter's bid biometric sample 62 with previously stored biometric samples from registered Scrip Supporters, in order to identify the Scrip Supporter. If a bid biometric sample 62 is successfully matched against a registered biometric sample, and the Scrip Supporter is positively identified, the Supporter ID Code which had been assigned to the Scrip Supporter during initial registration will be forwarded to the electronic Clearinghouse 14 .
  • the Supporter ID Code transmitted by the Identicator 12 is used by the electronic Clearinghouse 14 to locate the Rule Modules 50 that are customized to that Scrip Supporter.
  • the Identicator 12 is connected to the Internet 18 or intranet 58 using a firewall machine 24 . Messages are sent to a Gateway machine 26 , which is responsible for overseeing the steps required to process the scrip transaction, including forwarding the scrip transaction to the Identicator 12 and the electronic Clearinghouse 14 .
  • the scrip transaction processor uses the Decryption Module (DM) 29 , which utilizes the hardware identification code of the PDA 1 to identify the encryption codes that is required to decrypt messages from the PDA 1 .
  • DM Decryption Module
  • the identity of the Scrip Supporter is determined using Identicator 12 , which provides storage, retrieval and comparison of biometric samples 62 .
  • the Identicator 12 requests the Scrip Supporter to submit their PIC, and this PIC is used by the Identicator 12 in combination with the Scrip Supporter's bid biometric sample 62 for purposes of validating the identity of the Scrip Supporter.
  • the Identicator 12 provides periodic Scrip Supporter re-identification queries.
  • the Scrip Supporter in order for a Scrip Supporter to extend an on-line session, the Scrip Supporter is requested by the Identicator 12 to re-identify themselves using any of the following: a Scrip Supporter bid biometric sample 62 or Pattern Data 54 , such as a personal identification code (“PIC”).
  • PIC personal identification code
  • a Scrip Merchant or a Scrip Beneficiary is also identified by the Identicator using any of the following electronic verification means: a entity ID Code, a digital certificate, an Internet protocol (“IP”) address, a biometric, a hardware identification number, or any other code, text or number that uniquely identifies the entity.
  • IP Internet protocol
  • the Identicator 12 is enabled to provide the Scrip Supporter with confirmation that the correct entity participated in the electronic scrip transaction. Examples include confirming that the correct web site or remote database was accessed by the Scrip Supporter, that the correct entity designee received the Scrip Supporter's email or instant message, and the like.
  • the Identicator 12 module is integrated with the electronic Clearinghouse 14 module.
  • each Identicator 12 provides fault tolerance from either natural or man-made disasters.
  • each Identicator 12 uses a backup power generator, redundant hardware, mirrored databases, and other standard fault tolerant equipment known in the industry.
  • Identification of the entity and the Scrip Supporter occurs using different methods, depending on the identification information that is provided by the PDA 1 .
  • the Identicator has subsystems for each type of information that is received by the Identicator, and each subsystem is highly optimized to provide rapid identification as outlined below.
  • Identicator 12 comprises subsystems that can identify parties from the following information:
  • biometric data and personal identification code PICC
  • the BID subsystem comprises at least two BID processors, each of which is capable of identifying Scrip Supporters only from their biometric sample.
  • each BID processor contains the entire database of biometrics. To distribute the scrip transactions evenly across processors without undue effort, the Identicator determines randomly which BID processor will be used for a given electronic scrip transaction, and delegates the identification request to that BID processor. That BID processor performs a search of its biometric sample database in order to find a matching registered biometric sample. In another embodiment, there is a scrip supporter re-registration check step, wherein the Scrip Supporter's registration biometric samples are compared against previously registered biometric samples wherein if a match occurs, the computer system is alerted to the fact that the Scrip Supporter has attempted to re-register with the electronic Identicator.
  • other information is present that assists the BID processor in searching the database.
  • this includes information such as the classification of the image (whirl, arch, etc.), and other information about the finger ridge structure that is useful for selecting out biometrics that are not likely to match (or information on biometrics that are likely to match).
  • biometric-based sorting and classification systems using mathematical algorithms are known in the art for fingerprints and for other biometrics such as retina of the eye, voice print, and face vascular patterns.
  • Biometric comparisons are often more accurate if multiple biometrics are used. This includes the same type of biometrics from an individual such as fingerprint samples from different fingers, or different types of biometric samples such as a finger print and a voice print. In some embodiments, multiple biometrics are used to more rapidly and more accurately identify individuals.
  • the BPID subsystem 30 comprises at least two BPID processors, each of which is capable of identifying parties from their biometric and personal identification codes.
  • the database of parties identifiable from biometric-PIC combinations is distributed equally across all BPID processors.
  • Each processor is responsible for a subset of identifications.
  • the Identicator determines which Biometric-PIC from the BPID subsystem 30 is responsible for a given subdivision of the biometric database.
  • one BPID 32 is responsible for identifying people with PICs 1 - 10
  • another BPID 34 is responsible for identifying PICs 11 - 20
  • a third BPID 36 is responsible for identifying PICs 21 - 30 .
  • all messages from the PDA 1 containing a PIC that equals the number 30 would be routed to BPID 36 for identification of the Scrip Supporter.
  • a BPID processor receives a bid biometric sample 62 and PIC for identification, the processor searches through its database, retrieving all registered biometric samples that match or correspond to that particular bid PIC. Once all corresponding registered biometric samples are retrieved, the Identicator 12 compares the bid biometric samples obtained from the electronic scrip transaction to all retrieved registered biometric samples. If a match occurs, the Identicator transmits the identity of the Scrip Supporter or the Supporter ID Code to the electronic Clearinghouse 14 . If no match is found, the Identicator transmits a “not identified” message back to gateway machine 26 and to the logging facility 36 .
  • biometric theft resolution step wherein the scrip supporter's personal identification number is changed if the scrip supporter's biometric sample is determined to have been fraudulently duplicated.
  • the Digital Identification subsystem comprises multiple processors, each of which is capable of identifying an entity from their digital certificates.
  • digital certificates are used to perform digital identification of an entity.
  • these include corporate web site addresses and certifying authorities only.
  • computers provide digital certificates for identification of the entity, and Scrip Supporters use their biometrics for identification of the Scrip Supporter.
  • Verifying that a particular digital certificate is valid requires a public key from the certifying authority that issued that particular digital certificate. This requires that the digital identification subsystem have a list of certifying authorities and the public keys used to validate the digital certificates they issue. This table must be secure, and the keys stored therein must be kept up to date.
  • PDA Hardware Identification Subsystem PDA Hardware Identification Subsystem
  • PDA hardware identification codes are translated into entity identification by the PHI subsystem.
  • This subsystem maintains a list of all PDAs 1 manufactured.
  • that Scrip Supporter's geographic location is identified by their use of that particular PDA 1 during that electronic scrip transaction session.
  • the PDA hardware identification code does not serve to identify either the Scrip Supporter or an entity. This is the case in PDAs 1 installed in public venues such as airport terminals, Automated Teller Machines in banks, or computers with PDAs 1 for home use.
  • a Supporter ID Code or Scrip Supporter ID Code is an electronic message transmitted to the electronic Clearinghouse 14 , which informs the electronic Clearinghouse 14 that a Scrip Supporter has been successfully identified, and instructs the electronic Clearinghouse 14 to invoke the Rule Modules 50 for that particular Scrip Supporter.
  • the Supporter ID Code is forwarded to the electronic Clearinghouse 14 .
  • the electronic Clearinghouse 14 instructs the Execution Module 38 to take the necessary steps for executing the Execution Commands 52 that are associated with the Pattern Data 54 registered with the electronic Clearinghouse 14 .
  • the electronic Clearinghouse 14 is comprised of at least one Rule Module 50 which is indexed specifically to one or more registered Scrip Supporters (hence, “Scrip Supporter-customized”). Therefore, the Rule Modules 50 are optionally not unique or exclusive to a single Scrip Supporter.
  • the electronic Clearinghouse 14 functions as a central storage facility for registering, indexing, updating, and invoking various Rule Modules 50 , whereby the Rule Modules govern the deposit, the display, the deducting, and the dispensing of scrip.
  • Each of these Rule Modules 50 is composed of at least one Pattern Data 54 which is associated with or electronically linked to at least one Execution Command.
  • Scrip Supporter-customized does not necessarily mean that any Pattern Data 54 or the Execution Command 52 is unique to a Scrip Supporter, but rather that they are indexed to or are assigned to a specific Scrip Supporter. As such, the same Pattern Data 54 or Execution Command 52 may be assigned to several specific Scrip Supporters, and hence would not be unique to any one Scrip Supporter.
  • the electronic Clearinghouse 14 optionally stores Scrip Supporter-customized Pattern Data 54 that is unassociated with any Scrip Supporter-customized Execution Commands 52 and optionally stores Scrip Supporter-customized Execution Commands 52 that are not associated with any Scrip Supporter-customized Pattern Data 54 . Therefore, such unassociated Pattern Data 54 or Execution Commands 52 are optionally stored within the electronic Clearinghouse 14 until they are associated with a Pattern Data 54 or an Execution Command 52 together thereby forming an executable Rule Module.
  • the Scrip Merchant registers with the electronic Clearinghouse 12 a roster of a Scrip Merchant's products or services each having a predetermined scrip value.
  • the value for each unit of scrip could be a dollar amount, a number of minutes of telephone calling time, points towards the purchase of a product or service, a percentage discount on current or future purchases, and the like.
  • the Scrip Merchant then designates the number of scrip to be disbursed to Scrip Supporters or Scrip Beneficiaries based upon the occurrence of predetermined criteria.
  • This criteria may include a credit or debit of scrip in the Scrip Supporter's scrip account based on the Scrip Supporter's purchasing patterns as a function of any of the following: time, demographics, frequency, recency, and amount of expenditure.
  • the Supporter ID Code is forwarded to the electronic Clearinghouse 14 .
  • the electronic Clearinghouse 14 takes the Supporter ID Code, optionally along with the PDA hardware ID code, the PDA 1 location data and the scrip transaction request, and searches among the Scrip Supporter's customized Rule Modules 50 to invoke all of the Pattern Data 54 relevant to the scrip transaction being undertaken.
  • the electronic Clearinghouse 14 stores and manages the account balances of scrip for participating merchants, Scrip Supporters, and beneficiary entities. Further, The electronic Clearinghouse 14 may contain Execution Commands 52 to display the scrip account status, calculations, and adjustments, and the like for participating merchants, beneficiary entities, and Scrip Supporters.
  • Pattern Data 54 may be provided by the Scrip Supporter, by the electronic Clearinghouse 14 , or by an authorized scrip entity 28 , while the Scrip Supporter provides at least one associated Execution Command 52 , to form a single Rule Module 50 .
  • Pattern Data 54 of a Scrip Supporter is stored electronic data, which is customized to at least one Scrip Supporter.
  • a single Pattern Data 54 includes any of the following stored Scrip Supporter-customized electronic data: a personal identification code (PIC), which is optionally alpha-numeric; demographic information; an email address; a PDA hardware identification code; a financial account; a stored-value account containing pre-paid or pre-earned scrip; the Scrip Supporter's date of birth; a secondary biometric; a telephone number; Scrip Donator Account Data; Scrip Beneficiary Account Data; a mailing address; purchasing patterns; scrip accounting data; a Supporter ID Code.
  • PIC personal identification code
  • the Supporter ID Code is unique to each Scrip Supporter and is not shared between Scrip Supporters.
  • Any such Pattern Data 54 may be provided to the electronic Clearinghouse 14 by: a Scrip Supporter; an electronic Clearinghouse 14 ; an electronic Registry 15 ; or an authorized entity 28 such as a Scrip Merchant or a Scrip Beneficiary.
  • the Execution Commands 52 executed by the Execution Module 38 transmits electronic messages necessary for depositing, displaying, deducting, or disbursing scrip.
  • Such Execution Commands may include: a pre-calculated formula for surcharging a Scrip Supporter's financial account during a financial transaction, such that said surcharge is automatically disbursed to a scrip beneficiary; a pre-designation that scrip accounts are to be displayed to the Scrip Supporter such that the Scrip Supporter can select which scrip account to invoke for the scrip transaction; a pre- designation that scrip beneficiary entities are displayed for the Scrip Supporter such that the Scrip Supporter may select which entity will be the beneficiary of the scrip transaction disbursement; a pre-designation that purchases from certain participating merchants will automatically invoke a scrip disbursal to at least one certain scrip beneficiary; a pre-designation that upon accumulation of certain types of scrip, such as frequent-f
  • a Rule Module 50 from the electronic Clearinghouse 14 contains an Execution Command 52 which permits a Scrip Merchant to itself contribute scrip directly to a Scrip Beneficiary based upon a Scrip Supporter's purchases. In such transactions, units of scrip are electronically debited from the Scrip Donator Account controlled by the Scrip Merchant, and corresponding units of scrip are electronically credited to the Scrip Beneficiary Account.
  • the electronic Clearinghouse's 14 Execution Commands 52 may further provide several execution designations including any of the following: immediate cash discounts or premium charges to a Scrip Supporter's scrip account during a commercial transaction; a deduction of scrip units from a Scrip Supporter's scrip account, and an immediate donation thereof via electronic funds transfer (EFT) to a Scrip Beneficiary; and an accrual of scrip which are credited towards a Scrip Supporter's future purchase of a product or service.
  • EFT electronic funds transfer
  • Any Execution Command 52 is invoked by any Pattern Data 54 with which it is associated. As shown in FIG. 4, in one embodiment, a single Pattern Data 54 is associated with multiple Execution Commands 52 , thereby forming multiple Rule Modules 50 . Also shown in FIG. 4 is another embodiment, where multiple Pattern Data 54 are associated with a single Execution Command, again forming multiple Rule Modules 50 . Also shown in FIG. 4, another embodiment there is only one Pattern Data 45 associated with one Execution Command 52 . Any Scrip Supporter-customized Execution Command 52 may be provided to the electronic Clearinghouse 14 by the Scrip Supporter.
  • a scrip account is defined as an account that contains any of the following: a) pre-purchased scrip deposited in a stored value account, or; b) a registered financial account which is designated to donate scrip based upon the Scrip Supporter's purchases.
  • An electronic scrip donator account (Scrip Donator Account) is an account controlled by a Scrip Supporter or a Scrip Merchant (Scrip Merchant), from which scrip is debited as a result of an electronic scrip transaction.
  • An electronic scrip beneficiary account (Scrip Beneficiary Account) is an account controlled by a recipient of scrip donations (Scrip Beneficiary), to which scrip is credited as a result of an electronic scrip transaction.
  • a electronic Local Registry 19 is contained within an external servers 28 .
  • Scrip account data is any information pertaining to a Scrip Donator Account or a Scrip Beneficiary Account (respectively, Scrip Donator Account Data and Scrip Beneficiary Account Data). Such data includes any of the following: a number which uniquely locates or routes a transaction to a scrip account; a number which uniquely identifies a scrip account; instructions or commands pertaining to the processing of a scrip transaction, including which scrip account should be used under which circumstances, the number of units of scrip to be debited from a Scrip Donator Account under which circumstances and the number of units of scrip to be credited to a Scrip Beneficiary Account under which circumstances. Such circumstances may include: Scrip Supporter usage location, Scrip Supporter usage frequency, Scrip Supporter usage recency, Scrip Supporter usage demographics and Scrip Supporter usage volume of electronic scrip transactions.
  • an Execution Command 52 of a Rule Module 50 causes an electronic scrip transaction to be executed by the Execution Module 38 .
  • the Execution Module 38 may be on a database which is located within the DPC 22 itself, or it may be co-located with an entity database 28 that is external to the DPC. In the event that a designated entity database 28 cannot be contacted for the electronic scrip transaction to be completed, the scrip transaction is “declined”.
  • the Execution Module 38 if the Scrip Merchant approves the transaction, the Execution Module 38 returns a transaction number to the electronic Registry 15 , and the Scrip Supporter's scrip account is thereby adjusted through either a credit or debit. The transaction number is returned to the PDA 1 , which lists the transaction on a daily transaction summary. The Scrip Supporter need take no further action since scrip transactions are automatically settled, at which point a calculation is made to automatically adjust the Scrip Supporter's designated scrip account.
  • the Execution Module 38 uses Rule Modules 50 from the electronic Clearinghouse 14 which permit a Scrip Merchant to itself contribute scrip directly to a Scrip Beneficiary based upon a Scrip Supporter's purchases. In such transactions, units of scrip are electronically debited from the Scrip Donator Account controlled by the Scrip Merchant, and corresponding units of scrip are electronically credited to the Scrip Beneficiary Account.
  • all messages the Data Processing Center 22 receives contain a PDA hardware identification code, a sequence number, and a Message Authentication Code (MAC).
  • MACs also known as cryptographic checksums, are well known in the computer industry, and are used to assure that any changes to the content of the message will be detectable by the entity receiving the scrip transaction.
  • the Decryption Module 29 validates the message's MAC and checks the sequence number for that particular PDA. If the Decryption Module 29 determines that both the MAC and the sequence number are valid, the DM 29 uses the unique secret key for that particular PDA 1 to decrypt the message. For the decryption to function properly, the Decryption Module 29 must contain a copy of each PDA's DUKPT key table.
  • the Decryption Module 29 logs a warning to the logging facility (LF) 36 , terminates processing for the message, and returns an error message to the originating PDA 1 .
  • the Decryption Module 29 Before the Decryption Module 29 replies to a message that includes a response key, it encrypts the response message with that response key. The Decryption Module 29 also generates a MAC for the response and appends it to the message.
  • error messages are not encrypted although the Decryption Module 29 does include a MAC for message authentication. Such messages never include confidential information. However, most response messages include a status or response codes that can indicate whether the request succeeded or not. For example, when the Execution Module 38 declines a scrip transaction for a specific reason, it does not return an error message, it returns a normal scrip transaction response message with a response code set to “failed”.
  • Gateway Module (GM)
  • the Gateway Module 26 serves as an intermediary between redundant Identicator 12 and redundant electronic Registry 15 servers, routing electronic scrip transactions from servers on overload to servers that have available capacity.
  • the Gateway Module 26 also periodically queries servers to ensure that are operative and to alert the system administrator is any server is inoperative.
  • the firewall 24 provides a first line of defense against network viruses and computer hackers. All communication links into or out of the Identicator 12 and electronic Clearinghouse 14 server sites first pass through a secure firewall 24 Machine.
  • the firewall 24 Machine an Internet-localnet router, only handles messages destined for the Gateway Module 26 machines.
  • PDA-quipped terminals send packets to Identicator 12 and electronic Clearinghouse 14 server sites via modem, X.25, or other communication medium.
  • the Identicator 12 and electronic Clearinghouse 14 server sites rely on a entity to supply the modem banks required to handle the volume of calls and feed the data onto the DPC 22 backbone.
  • the FW 24 Machines send out double-length DES encrypted packets.
  • the server site LAN component handles the encryption and decryption: the firewall 24 does not have the ability to decrypt the packets.
  • a properly configured network sniffer acts as an intruder detector as backup for the FW 24 . If an anomalous message is detected, the intruding messages are recorded in their entirety, an operator is alerted, and the firewall 24 is physically shut down by the sniffer.
  • the firewall 24 disallows any scrip transactions from the internal network to the rest of the Internet.
  • An electronic scrip transaction message requires about 400 bytes and registration packets require about 10 to 20 KB.
  • the firewall 24 machines are able to process about 400 KB per second.
  • the logging facility 36 logs all electronic scrip transaction attempts, whether successful or not, to write-once media, so that a record is kept of each scrip transaction and each error that has occurred during the operation of the Identicator 12 .
  • the Identicator 12 module is physically distinct and separate from the electronic Clearinghouse 14 and the electronic Registry 15 modules with each housed in independent servers or modules. Clearinghouse 14 and Registry 15 are alternatively in separate locations.
  • the Identicator is physically integrated with the electronic Clearinghouse and the electronic Registry 15 , whereby the Identicator 12 , electronic Clearinghouse 14 and the electronic Registry 15 are physically interconnected and integrated together within one server or module.
  • communications among the Identicator 12 , the electronic Clearinghouse 14 and the electronic Registry 15 occur via many different methods and means that are well known in the art. Most depend on the particular communication networks already deployed by the organization or company that deploys the electronic scrip transaction authorization system.
  • the Identicator 12 , the electronic Clearinghouse 14 and the electronic Registry 15 are connected via Ethernet to a local router, which is connected to a network operations center (NOC) via frame relay lines. Messages are sent among the Identicator 12 , the electronic Clearinghouse 14 and the electronic Registry 15 using TCP/IP over this network.
  • NOC network operations center
  • the Identicator 12 , the electronic Clearinghouse 14 and the electronic Registry 15 are connected via a cellular digital packet data (CDPD) modem to a CDPD provider, who provides TCP/IP connectivity from the Identicator to an intranet 58 to which at least one electronic Clearinghouse 14 is attached.
  • CDPD digital packet data
  • an Identicator 12 is connected via the Internet, as is at least one electronic Clearinghouse 14 and at least one electronic Registry 15 .
  • TCP/IP is used to transmit messages from among the Identicator 12 , the electronic Clearinghouse 14 and the electronic Registry 15 .
  • the Identicator 12 compares a Scrip Supporter's bid biometric sample with previously stored biometric samples from registered Scrip Supporters.
  • the Identicator 12 , the electronic Clearinghouse 14 and the electronic Registry 15 hardware modules are high-reliability database servers, well known in the art, such as those available from SunTM, CompaqTM, TandemTM, IBMTM and the like. Further, the Identicator 12 , the electronic Clearinghouse 14 and the electronic Registry 15 software may incorporate scalable database architecture, well known in the art, such as those available from OracleTM, SybaseTM, InformixTM and the like.
  • a Master Identicator 12 is responsible for storage of the entire set of biometric samples and digital certificates registered for use with this invention.
  • An electronic Master Clearinghouse 14 is responsible for storage of the entire set of Pattern Data 54 , Execution Commands 52 , and Rule Modules 50 registered for use with this invention.
  • An electronic Master Registry 15 is responsible for storage of the entire set of Scrip Donator Accounts and Scrip Beneficiary Accounts registered for use with this invention.
  • Each Master Identicator 12 , Master Clearinghouse 14 and Master Registry 15 site is preferably made up of a number of computers and databases connected together over a LAN (known in the industry). Multiple and redundant Master computer sites ensure reliable service in the face of disaster or serious hardware failure at any single central computer site.
  • Pattern Data 54 and Execution Commands 52 subsets are circumscribed by any number of criteria including, usage location, usage frequency, usage recency, usage demographics and usage volume of electronic scrip transactions.
  • there is at least one Local Registry 19 server which stores a subset of the entire set of Scrip Donator Accounts and Scrip Beneficiary Accounts registered for use with this invention.
  • each Master and Local server site has electrical power backup and multiple redundancy in all of its critical hardware and database systems.
  • the Master servers have a firewall 24 machine which is the entry point of data and messages into these computers, and a gateway machine which is a system coordinator and message processor.
  • the invention has use-sensitive data processing capabilities, wherein at least two Identicators 12 , at least two electronic Clearinghouses, or at least two electronic Registries 14 exist, some of which respectively store a subset of the total data registered with the system.
  • One embodiment comprises at least one Master Identicator 12 , one Master Clearinghouse 14 and one Master Registry 15 , which respectively contain the entire set of all data registered with the system.
  • This embodiment further comprises at least two Local Identicators 21 , at least two Local Clearinghouses 17 , or at least two Local Registries 19 that are physically apart from each other.
  • Each Local Identicator 21 , Local Clearinghouse 17 and Local Registry 19 contains a subset of the data contained respectively within the Master Identicator 12 , Master Clearinghouse 14 and Master Registry 15 .
  • Data communications lines allow electronic scrip transactions to flow between each Local Identicator 21 , Local Clearinghouse 17 or Local Registry 19 , and the Master Identicator 12 , Master Clearinghouse 14 or Master Registry 15 .
  • identification request electronic scrip transactions are first sent to the Local Identicator 21 , Local Clearinghouse 17 or Local Registry 19 for processing. If a party cannot be identified by the Local Identicator 21 or if the requisite Rule Module 50 or Scrip Account is not contained, respectively, in the Local Clearinghouse 17 or the Local Registry 19 , the electronic scrip transaction is forwarded to the Master Identicator 12 , the Master Clearinghouse 14 or the Master Registry 15 . If the parties are identified properly by the Master Identicator 12 or if the requisite Rule Module 50 or Scrip Account is located, respectively, in the Master Clearinghouse 14 or the Master Registry 15 , the electronic scrip transaction is processed appropriately.
  • the Scrip Supporter's identity information can be transmitted from the Master Identicator 12 to the Local Identicator 21 , so that the next time the Scrip Supporter will be successfully identified by the Local Identicator 21 . This can likewise occur for the Master Clearinghouse 14 and Local Clearinghouses 17 , and Master Registry 15 and Local Registries 19 .
  • the system further comprises a purge engine for deleting a party's Scrip Supporter-customized information from the Local Identicator 21 , the Local Clearinghouse 17 or the Local Registry 19 databases.
  • a purge engine for deleting a party's Scrip Supporter-customized information from the Local Identicator 21 , the Local Clearinghouse 17 or the Local Registry 19 databases.
  • the system further comprises encryption and decryption means, wherein communications between the Master servers and Local servers are encrypted.
  • an Execution Command 52 optionally requires the DPC 22 , including the electronic Clearinghouse 14 and the Execution Module 38 , to communicate with at least one external entity 28 computer or database to conduct a Scrip Supporter's scrip transaction.
  • the Execution Module 38 may need to communicate with: a banking or credit card institution; a retailer's purchasing incentives database for generating scrip; a scrip beneficiary's computers to determine the correct scrip beneficiary account for scrip disbursal.
  • at least one Local Clearinghouse 17 or at least one Local Registry 19 is located within an external entity computer.
  • Retail point of sale transactions as shown in FIG. 6 are characterized by identifying the Scrip Supporter using their biometric sample or biometric sample-PIN on a PDA 1 controlled by Scrip Merchant.
  • the Scrip Supporter is thus identified through biometrics, while the Scrip Merchant is identified through the PDA's hardware identification code.
  • a Scrip Supporter at the point of sale originates a scrip transaction in the following manner.
  • the Scrip Supporter submits a bid biometric sample obtained from their physical person by the PDA's biometric sensor.
  • the PDA 1 determines that the biometric sample is non-fraudulent, and then translates and compresses that biometric sample into a format suitable for rapid scrip transaction to the DPC 22 .
  • the Scrip Supporter enters a PIN code into the PDA keypad.
  • the PDA 1 transmits the biometric-PIN to the DPC 22 for identification, along with the PDA hardware identification code.
  • the DPC 22 identifies the Scrip Supporter and the scrip account of the Scrip Supporter using the biometric-PIN sample.
  • the DPC 22 identifies the Scrip Merchant's Donator Account using the PDA hardware identification code that was previously registered by the participating merchant.
  • the transaction data is entered into the PDA 1 , either using an electronic cash register or manually, by the Scrip Supporter.
  • the Scrip Supporter then either approves or cancels the transaction using the PDA's keypad.
  • the PDA 1 transmits the scrip transaction to the DPC 22 .
  • the DPC 22 then forwards the transaction for execution and settlement to the scrip responsible party, which may include any of the following: the DPC 22 itself, a participating merchant, an independent scrip service provider, a financial institution, and the like.
  • Execution of the transaction may result in a declined transaction due to lack of scrip or other problem condition reported by the Scrip Merchant. If the transaction is declined, the DPC 22 transmits the decline notification back to the PDA 1 , canceling the transaction.
  • Network transactions are characterized by identifying the Scrip Supporter using a communications network such as the Internet, an intranet, or an extranet.
  • the Scrip Supporter's bid biometric sample is submitted through the Scrip Supporter's personal PDA 1 , or through a public PDA 1 attached to an ATM or other public terminal.
  • Parties identified through a digital certificate are registered network entities, such as either the Scrip Merchant or the Scrip Beneficiary.
  • the Scrip Supporter is identified through biometrics, while the Scrip Merchant or the Scrip Beneficiary, may be identified through the verification of a digital certificate issued by an authorized certifying authority.
  • the Scrip Supporter locates the Scrip Merchant by locating the participating merchant's place of business on the network: the web site, using the network address of the Scrip Merchant.
  • the Scrip Supporter downloads the Scrip Merchant's digital certificate to the PDA 1 that the Scrip Supporter is using.
  • the PDA 1 verifies that the digital certificate provided by the Scrip Merchant is a valid certificate.
  • the Scrip Supporter submits a bid biometric sample obtained from their physical person using the PDA's biometric sensor.
  • the PDA 1 determines that the biometric scan is non-fraudulent, and then translates and compresses that biometric scan into a format suitable for rapid scrip transaction to the DPC 22 .
  • the Scrip Supporter enters a PIN code into the PDA keypad.
  • the PDA 1 transmits the biometric-PIN to the DPC 22 for identification, along with the Scrip Merchant's digital certificate.
  • Both parties identify the scrip accounts to be involved in the transaction.
  • the Scrip Supporter does this in an automated manner. In a preferred embodiment, this occurs at the DPC 22 using account selection information included in the transaction by the Scrip Supporter. The Scrip Supporter's scrip account is thereby automatically selected by the DPC 22 .
  • the amount of the transaction is also transmitted to the PDA 1 by the Scrip Merchant.
  • the Scrip Supporter either approves or cancels the transaction using the PDA's keypad.
  • the PDA 1 transmits the scrip transaction to the DPC 22 , where the DPC 22 authorizes the scrip transaction and transmits a new scrip transaction to the appropriate scrip electronic Registry 14 .
  • the DPC 22 forwards the transaction for execution and settlement to the scrip responsible party, which may include any of the following: the DPC 22 itself, a participating merchant, an independent scrip service provider, a financial institution, and the like.
  • Execution by the DPC 22 may result in a declined transaction due to lack of scrip in the account, a closed account, or some other immediately detectable problem condition. If the transaction is declined, the DPC 22 transmits the decline notification back to the PDA 1 , and the transaction is cancelled.
  • the PDA 1 is actually built-in and/or integrated with a personal computer. These personal computer PDA hardware identification codes are not used to identify either party in a transaction.
  • the Scrip Supporter can be a representative of a business entity that has permission to access the business entity's scrip accounts to make direct donations to a scrip beneficiary.
  • settlement of scrip is delayed for an agreed-upon time period, to enable implementation of net-30 settlement terms and the like.
  • the scrip from a network transaction are deposited into an escrow account for an Internet Scrip Merchant or a Scrip Supporter, instead of being directly calculated into the Scrip Supporter's scrip account or donated directly to a Scrip Beneficiary, as a direct settlement for the scrip to be debited or credited.
  • the invention provides a scrip transaction computer system that eliminates the need for a Scrip Supporter to possess and present any personalized man-made tokens, in order to authorize a transaction.
  • the invention provides a scrip transaction computer system that is capable of verifying a Scrip Supporter's unique personal identity, as opposed to verifying possession of personalized objects and information.
  • the invention verifies the Scrip Supporter's identity based upon one or more unique characteristics physically personal to the Scrip Supporter.
  • the invention provides a cost-effective scrip transaction system that is practical, convenient, and easy use.
  • the invention provides a system of secured access to a scrip computer system that is highly resistant to fraudulent transaction authorization attempts by unauthorized Scrip Supporters.
  • the invention provides a scrip transaction authorization system that enables a Scrip Supporter to notify authorities that a particular access request is being coerced by a third party without giving notice to the third party of the notification.

Abstract

The present invention satisfies these needs by providing an improved system and method for tokenless authorization of an electronic scrip transaction using at least one scrip supporter biometric sample and an electronic identicator. The preferred embodiment of the method comprises the steps of a scrip supporter registration step, wherein a scrip supporter registers with an electronic identicator at least one registration biometric sample, an electronic scrip transaction proposal step, comprising electronic scrip donator account data, at least one transmittal step, wherein a scrip supporter bid biometric sample is obtained from the scrip supporter's person and is electronically transmitted to the electronic identicator, a scrip supporter identification step, wherein the electronic identicator compares the bid biometric sample with at least one registration biometric sample for producing either a successful or failed identification of the scrip supporter, wherein upon successful identification of the scrip supporter, a scrip transaction is biometrically authorized, without the scrip supporter presenting any personalized man-made tokens such as smartcards or magnetic swipe cards.

Description

    CROSS REFERENCE
  • This application is a continuation of U.S. application Ser. No. 09/244,784 filed Feb. 5, 1999, now allowed and pending issuance, which is a continuation-in-part of U.S. application Ser. No. 07/705,399, filed on Aug. 29, 1996 now U.S. Pat. No. 5,870,723, which is a continuation-in-part of U.S. application Ser. No. 08/442,895 filed on May 17, 1995 now U.S. Pat. No. 5,613,012 which is a continuation-in-part of U.S. application Ser. No. 08/345,523, filed on Nov. 28, 1994, now U.S. Pat. No. 5,615,277.[0001]
  • FIELD OF THE INVENTION
  • The invention relates generally to electronic computer systems designed to calculate and store scrip. More specifically, this invention relates to tokenless biometric computer systems which do not require a person who support scrip programs to use any man-made portable memory devices such as smart cards or magnetic swipe cards when conducting an electronic scrip transaction. [0002]
  • BACKGROUND
  • Scrip systems have become a popular part of retail point of sale and internet commerce marketing. Scrip is a system whereby an individual person, known herein as a Scrip Supporter, can make donations to a pre-designated non-profit entity (Scrip Beneficiary) based on that person's usage patterns within the designated scrip system or program. Currently, over $2 billion is raised annually by non-profit organizations annually via such scrip programs. [0003]
  • There are several embodiments of scrip systems or programs. Scrip is defined as any unit of data, such as currency, products or services, which is honored by a Scrip Merchant such that a Scrip Supporter's purchase, expenditure or usage of these units results in the Scrip Supporter's donation of goods, services or currency to a pre-designated non-profit entity (Scrip Beneficiary). Such scrip may be actual tender in the form of gift certificates, stored-value cards or paper coupons having a pre-determined dollar value. As such, each unit of scrip has a tender or real face value when used with the participating scrip program merchant. Scrip can also include minutes of telephone calling time, miles towards earning a free airplane flight, points towards a gallon of gas, and the like. [0004]
  • In one example, these scrip may be purchased directly from the merchant by the non-profit entity at a discount on their face-value. In this case, the discount to the Scrip Beneficiary may be a percentage based on volume, such that when pre-purchasing a $100 volume of scrip, the Scrip Beneficiary may pay only $95 for the scrip total actual tender or face value of $100. The Scrip Beneficary re-sells these scrip to its Scrip Supporters for the full price, or the full face-value, of the scrip. The Scrip Beneficary thereby keeps the dollar differential as a means for raising funds for its programs. The Scrip Supporters then bring the scrip directly to the participating merchant to make purchases for goods or services. [0005]
  • Another example involves a Scrip Supporter registering any or all of their existing financial accounts, such as debit, credit or stored value accounts, for use in a donation program to benefit what is often a tax-deductible, non-profit or charitable Scrip Beneficiary that has pre-registered with the system. Examples of such non-profit entities are public schools, churches, civic organizations, and the like. Participating merchants will enable Scrip Supporters to automatically make donations to enrolled non-profit organizations, based on service usage, expenditures or purchases by Scrip Supporters. The Scrip Supporters can do this using their registered debit and credit accounts by automatically tendering a pre-designated percentage or fixed dollar surcharge per transaction directly to the Scrip Beneficary via draft or electronic funds transfer (EFT). The Scrip Supporter can then track these electronic donations for tax-deduction purposes. [0006]
  • Another example involves a Scrip Supporter's use of certain services or purchase of certain products, resulting in a participating merchant itself donating goods, services, or currency directly to a participating Scrip Beneficiary. [0007]
  • Therefore, scrip programs enable a participating merchant to benefit from new sales to Scrip Supporters, while a Scrip Beneficary can benefit by having raised funds through several programs. In addition, the Scrip Supporter may benefit: a) by having obtained pre-paid scrip towards the purchase of desired goods or services at no additional premium than the Scrip Supporter would have otherwise paid when making those purchasing via traditional means at the participating merchant, or; b) by having a tax-deductable percentage or automatic surcharge on their purchases through participating merchants, donated to their selected Scrip Beneficiary based on their use of registered financial accounts. [0008]
  • However, current scrip programs rely on portable tokens such as financial account cards or paper scrip coupons, and this is disadvantageous. Namely, it is costly to produce and distribute such tokens to Scrip Supporters. Furthermore, as cards and paper scrips are lost, damaged, or stolen, merchants and non-profit entities often absorb the cost of replacing them to the consumer. For example, if a stored value card or a paper coupon containing pre-paid scrip is stolen or lost, a fraudulent party can present such a portable scrip token in order to obtain the cost-savings or other benefits to which they are not rightfully entitled. Therefore, another problem with such tokens is that there is a tenuous link between the token and the actual identity of the authorized Scrip Supporter. As a result, the merchant or the Scrip Beneficiary may have to bear the cost of inadvertently providing these incentives to a consumer who does not have the requisite pre-payments or purchasing patterns to benefit from them. Hence, the merchant or the non-profit may literally be rewarding the wrong party and paying twice for this mistake. This is because the original consumer will likely demand from the merchant or the non-profit their rightful scrip even without having the token to authenticate their account. The merchant will thereby have to pay for the scrip for that genuine consumer as well. Therefore, there are few, if any, mechanisms in this system for establishing the correct identity of a Scrip Supporter and validating their authority to obtain or use scrip. [0009]
  • The use of various biometrics, such as fingerprints, hand prints, voice prints, retinal images, handwriting samples and the like have been suggested for authenticating the identification of individuals. A biometric is any distinct human characteristic which can uniquely identify an individual. However, because the biometrics are generally stored in electronic (and thus reproducible) form on a token and because the comparison and verification process is not isolated from the hardware and software directly used by the Scrip Supporter attempting access, the problem of having to carry cards is not alleviated. Further, such systems do not adequately isolate the identity verification process from tampering by someone attempting to gain unauthorized access. Examples of this approach to system security are described in U.S. Pat. No. 4,821,118 to Lafreniere; U.S. Pat. No. 4,993,068 to Piosenka et al.; U.S. Pat. No. 4,995,086 to Lilley et al.; U.S. Pat. No. 5,054,089 to Uchida et al.; U.S. Pat. No. 5,095,194 to Barbanell; U.S. Pat. No. 5,109,427 to Yang; U.S. Pat. No. 5,109,428 to Igaki et al.; U.S. Pat. No. 5,144,680 to Kobayashi et al.; U.S. Pat. No. 5,146,102 to Higuchi et al.; U.S. Pat. No. 5,180,901 to Hiramatsu; U.S. Pat. No. 5,210,588 to Lee; U.S. Pat. No. 5,210,797 to Usui et al.; U.S. Pat. No. 5,222,152 to Fishbine et al.; U.S. Pat. No. 5,230,025 to Fishbine et al.; U.S. Pat. No. 5,241,606 to Horie; U.S. Pat. No. 5,265,162 to Bush et al.; U.S. Pat. No. 5,321,242 to Heath, Jr.; 5,325,442 to Knapp; 5,351,303 to Willmore, all of which are incorporated herein by reference. [0010]
  • An example of a token-based security system which relies on a biometric of a person can be found in U.S. Pat. No. 5,280,527 to Gullman et al. In Gullman's system, the person must carry and present a credit card sized token (referred to as a biometrics security apparatus) containing a microchip in which is recorded characteristics of the authorized person's voice. In order to initiate the access procedure, the person must insert the token into a terminal such as a public kiosk, and then speak into the terminal to provide a biometrics input for comparison with an authenticated input stored in the microchip of the presented token. The process of identity verification is generally not isolated from potential tampering by one attempting unauthorized access. If a match is found, the remote terminal may then signal the host computer that access should be permitted, or may prompt the person for an additional code, such as a PIN (also stored on the token), before sending the necessary verification signal to the host computer. [0011]
  • Although Gullman's reliance of comparison of stored and input biometrics potentially reduces the risk of unauthorized access as compared to numeric codes, like personal identification numbers, Gullman's use of the token as the repository for the authenticating data combined with Gullman's failure to isolate the identity verification process from the possibility of tampering greatly diminishes any improvement to fraud resistance resulting from the replacement of a numeric code with a biometrics. Further, the system remains cumbersome and inconvenient to use because it too requires the presentation of a personalized memory token in order to initiate an access request. [0012]
  • Almost uniformly, prior art disclosing biometrics are token-based systems which teach away from biometrics recognition without dependence on personalized memory tokens. Reasons cited for such teachings range from storage requirements for biometrics recognition systems to significant time lapses in identification of a large number of individuals, even for the most powerful computers. [0013]
  • In view of the foregoing, there has long been a need for an electronic scrip transaction system that is completely tokenless, ensuring Scrip Supporter convenience by providing authorization without requiring the Scrip Supporter to possess, carry, and present one or more proprietary tokens containing stored data customized for the Scrip Supporter, such as man-made portable memory devices, in order to accumulate the scrip, expend scrip units, or make scrip donations to their desired Scrip Beneficiary. Anyone who has lost a card, left it at home, had a card stolen knows well the keenly and immediately-felt inconvenience caused by such problems. Therefore, there is a need for an electronic biometric scrip transaction system that is entirely tokenless. [0014]
  • There is a further need for a computerized electronic scrip transaction system that uses a strong, secure, non-transferable link to the person being identified, as opposed to merely verifying a Scrip Supporter's possession of any physical objects that can be freely transferred. Therefore, there is a need for an electronic scrip transaction system that relies on Scrip Supporter biometrics, such as finger images, facial scans, voice prints, iris or retinal scans, and the like. Such a biometric is any distinct human characteristic which can uniquely identify an individual. [0015]
  • There is another need in the industry for a scrip system that is sufficiently versatile to accommodate both Scrip Supporters who desire to use personal identification numbers (PINs) for added security and also Scrip Supporters who prefer not to use them. [0016]
  • Lastly, such a system must be affordable and flexible enough to be operatively compatible with existing networks having a variety of electronic transaction devices and scrip system configurations. [0017]
  • As such, it is an objective of the invention to provide an electronic scrip system and method that is completely tokenless and eliminates the need for a Scrip Supporter to directly possess any personalized, portable man-made token which is encoded or programmed with data personal to or customized for a single authorized Scrip Supporter, such as a smart card, magnetic swipe card or a personal computer with resident Scrip Supporter-specific data. [0018]
  • It is another object of the invention to provide a computer system that is capable of verifying a Scrip Supporter's identity from convenient, secure and non-transferable data, as opposed to merely verifying his possession of propriety objects and information. Therefore it is an objective of this invention that the system use a biometric sample with unique physical characteristics and which is obtained directly from the person of the Scrip Supporter. One such biometric sample is registered with the computer system and another is provided when the Scrip Supporter conducts a scrip transaction. These two biometric samples are compared by an electronic identicator, which is a computer that uses this comparison to validate or deny the identity of the Scrip Supporter. [0019]
  • Yet another object of the invention is to provide a computer system wherein access is secure, yet designed to be convenient and easy for a Scrip Supporter to use. [0020]
  • Yet another object of the invention is to enable a Scrip Supporter to donate scrip which are either immediately provided to a pre-designated Scrip Beneficiary or are stored for later access by the Scrip Beneficiary. [0021]
  • Another objective of this invention is that it function at both with merchants at the retail point of sale and with merchants over the internet. [0022]
  • Another objective of the invention is that the scrip participating entity, whether a Scrip Merchant or a Scrip Beneficiary, be identified by an electronic identicator, wherein the Scrip Merchant's identification is verified. Therefore, the Scrip Merchant would register with the electronic identicator some identification data, which may consist of any of the following data: a hardware ID code, a phone number, an email address, a street address, a digital certificate, an account number, a biometric, or a biometric and PIN combination. [0023]
  • Another objective of the invention is to be added in a simple and cost-effective manner to existing terminals currently installed at points of sale and used over the internet. [0024]
  • Yet another objective of the invention is to be efficiently and effectively operative with existing financial transactions systems and protocols, specifically as these systems and protocols linked to the processing of electronic scrip programs. [0025]
  • SUMMARY OF THE INVENTION
  • The present invention satisfies these needs by providing an improved system and method for tokenless authorization of an electronic scrip transaction using at least one scrip supporter biometric sample and an electronic identicator. The preferred embodiment of the method comprises the steps of a scrip supporter registration step, wherein a scrip supporter registers with an electronic identicator at least one registration biometric sample, an electronic scrip transaction proposal step, comprising electronic scrip donator account data, at least one transmittal step, wherein a scrip supporter bid biometric sample is obtained from the scrip supporter's person and is electronically transmitted to the electronic identicator, a scrip supporter identification step, wherein the electronic identicator compares the bid biometric sample with at least one registration biometric sample for producing either a successful or failed identification of the scrip supporter, wherein upon successful identification of the scrip supporter, a scrip transaction is biometrically authorized, without the scrip supporter presenting any personalized man-made tokens such as smartcards or magnetic swipe cards. [0026]
  • Another embodiment further comprises at least one local identicator containing a subset of all of the registered scrip supporter biometric samples in the electronic identicator. [0027]
  • Yet another embodiment comprises an electronic clearinghouse creation step, wherein a clearinghouse is created containing at least one rule module. Preferably the rule module within the electronic clearinghouse contains at least one pattern data that is associated with at least one execution command. Pattern data comprise any of the following: a unique scrip supporter identification code, demographic information, an email address, at least one pre-determined formula for scrip donations, secondary biometric, a telephone number, a mailing address, purchasing patterns, a digital certificate, a network credential, an Internet protocol address, a digital signature, and an encryption key. An execution command comprises instructions for accessing at least one electronic registry that contains any one of the following; at least one scrip donator account and at least one scrip beneficiary account. Preferably, the electronic registry is located on an computer that is external to the authorization system. [0028]
  • In an alternative embodiment the system method further comprises at least one local clearinghouse containing a subset of all of the rule modules in the scrip transaction system. [0029]
  • In yet another embodiment, the method further comprises a scrip merchant identification step, wherein the electronic identicator compares a scrip merchant bid identification data with a scrip merchant registered identification data for producing either a successful or failed identification of the scrip merchant. Furthermore, the scrip merchant identification data comprises any one of the following; a hardware identification code, a telephone number, an email address, a digital certificate code, an account index, an electronic account number, a biometric, or a biometric and personal identification number combination. Additionally, in the scrip merchant identification step, the electronic identicator communicates with one or more external computers to access scrip merchant identification data. [0030]
  • Preferably the method further comprises at least one scrip beneficiary identification step, wherein the electronic identicator compares a scrip beneficiary bid identification data with a scrip beneficiary registered identification data for producing either a successful or failed identification of the scrip beneficiary. The scrip beneficiary identification data comprises any one of the following; a hardware identification code, a telephone number, an email address, a digital certificate code, an account index, an electronic account number, a biometric, or a biometric and personal identification number combination. Furthermore, in the scrip beneficiary identification step the electronic identicator further communicates with one or more external computers to access scrip beneficiary identification data. [0031]
  • In another embodiment, the scrip supporter registration step further comprises registering a scrip supporter personal identification number with the electronic identicator. [0032]
  • Preferably, the method further comprising a scrip donator account resource determination step, wherein it is determined if a scrip donator account has sufficient resources to be debited for an amount specified in the scrip transaction. Additionally, the method comprises a transaction settlement step, wherein a scrip donator account is debited and a scrip beneficiary account is credited. Preferably, in the transaction settlement step, the electronic identicator communicates with one or more external computers to access an electronic registry comprising any of the following: scrip donator account data and scrip beneficiary account data. [0033]
  • Furthermore, preferably, the electronic scrip transaction proposal step further comprises scrip transaction data, wherein the scrip transaction data comprises any of the following: price information, a list of goods, a list of services, a scrip merchant name, a date or time, a location, and an invoice number. Additionally, a future date on which scrip is to be debited from the scrip donator account and credited to the scrip beneficiary account is included in the transaction settlement step. [0034]
  • In an alternative embodiment, the method further comprises a scrip supporter re-registration check step, wherein the scrip supporter's registration biometric samples are compared against previously registered biometric samples wherein if a match occurs, the computer system is alerted to the fact that the scrip supporter has attempted to re-register with the electronic identicator. [0035]
  • In the preferred method the scrip donator account is controlled by any of following: a scrip merchant, a scrip participating manufacturer, and a scrip supporter. The scrip may comprise any unit of the following: gift certificates, stored-value units, electronic or paper coupons having a pre-determined dollar value, minutes of telephone calling time, miles towards earning a free airplane flight, points towards receiving a commodity or service. [0036]
  • In yet another embodiment, the scrip donator account comprises any of the following: a stored value account and a financial account, and the beneficiary account comprises any of the following: a stored value account and a financial account. [0037]
  • Preferably, the method further comprises a notification step, wherein after settlement of the transaction, notification of the results of the transaction settlement step and scrip account activity is presented to any of the following: a scrip supporter; a scrip merchant; a scrip beneficiary. [0038]
  • The tokenless electronic scrip transaction authorization device comprises at least one electronic scrip supporter registration biometric sample, an electronic identicator for comparing a scrip supporter bid biometric sample with the at least one scrip supporter registration biometric sample to produce a successful or failed identification result, an electronic scrip donator account data, wherein upon successful identification of the scrip supporter, a scrip transaction is biometrically authorized, without the scrip supporter presenting any personalized man-made tokens such as smartcards or magnetic swipe cards. [0039]
  • The present invention is significantly advantageous over the prior art in a number of ways. The invention is clearly advantageous from a convenience standpoint to Scrip Merchants and scrip institutions by making scrip transactions electronic, tokenless and biometric-based so that such transactions are less cumbersome, more spontaneous, and highly secure. As defined herein, an electronic scrip transaction is any exchange or redemption of scrip in an electronic mode. [0040]
  • The paperwork of tokenless biometric scrip transactions is significantly less than that required with standard couponing and scrip transactions wherein the copies of the scrip-coupons must often be retained by the Scrip Merchant or the Scrip Supporter. Even the traditional requirement for internet electronic transactions of the buyer needing to directly possess and use the ultimate personalized token, a personal computer with resident buyer-specific data, will be eliminated. Further, the substantial manufacturing and distributing costs of issuing and reissuing all personalized tokens such as paper coupons, magnetic swipe scrip cards, and smart scrip cards, thereby providing further economic savings to issuing merchants, businesses, and ultimately to consumers. [0041]
  • Additionally, this tokenless biometric scrip system is easy and efficient for people to use because it eliminates the need for Scrip Supporters to remember or directly possess any personalized tokens such as paper scrips, magnetic swipe cards or personal computers with resident Scrip Supporter-specific data, in order to access their authorized pre-paid scrip accounts. The present invention therefore eliminates all the inconveniences associated with carrying, safeguarding, and locating such tokens. The consumer is now uniquely empowered, by means of this invention, to conveniently conduct his electronic scrip transactions at any time without dependence upon tokens which may be stolen, lost or damaged. [0042]
  • Further, the present invention is also clearly advantageous from a convenience standpoint of Scrip Supporters by providing centralized database tracking and storage of scrip for Scrip Supporters, participating merchants, and scrip beneficiaries, thereby making scrip programs more cost-effective and accurate with regard to the monitoring of scrip donations and calculations. Additionally, such a centralized system for tokenless biometric electronic scrip, enables the system to transcend geography restrictions. The Scrip Supporter can assist the non-profit of his choice regardless of his own geographic location since he does not. Further, extended family and friends who live in and out of a Scrip Beneficiary's geographic region can also register and participate, supporting worthwhile programs. [0043]
  • Moreover, the invention is markedly advantageous and superior to existing systems in being highly fraud resistant. The present invention virtually eliminates the risk of granting access to scrip by unauthorized Scrip Supporters by determining identity from an analysis of a Scrip Supporter's unique biometric characteristics. The invention further enhances fraud resistance by maintaining authenticating data and carrying out the identity verification operations at a point in the system that is operationally isolated from the Scrip Supporter requesting access, thereby preventing an unauthorized Scrip Supporter from acquiring copies of the authenticating data or from tampering with the verification process. Such a system is clearly superior to existing token-based systems wherein authenticating information, such as biometrics or personal codes, is stored on and can be recovered from the token, and wherein the actual identity determination is potentially in operational contact with the Scrip Supporter during the access process. [0044]
  • Further, an embodiment of the invention identifies the designated non-profit Scrip Beneficiary through use of the Identicator, thereby reducing the likelihood of fraudulent entities making money or earning the benefits of scrip in place of the rightfully registered, authentic Scrip Beneficiary. [0045]
  • Further, the invention is designed to be cost-effectively integrated with existing electronic data systems currently installed in corporate intranets and over the Internet. [0046]
  • These and other advantages of the invention will become more fully apparent when the following detailed description of the invention is read in conjunction with the accompanying drawings.[0047]
  • BRIEF DESCRIPTION OF DRAWINGS
  • FIG. 1 shows the preferred embodiment of a Party Identification Device (PDA) with a biometric sensor and key pad. [0048]
  • FIG. 2 is a preferred embodiment of the Data Processing Center (DPC) showing the connections between its components. [0049]
  • FIG. 3 and FIG. 6 show embodiments of the invention depicting interaction between an Identicator, an electronic clearinghouse governing disbursement of scrip, and an external entity servers. [0050]
  • FIG. 4 shows an embodiment of the invention depicting rule modules wherein each rule module is composed of at least one pattern data and at least one execution command. [0051]
  • FIG. 5 shows an embodiment of the Biometric-PIN identification mechanism where the transaction processor determines a Biometric-PIN from the Biometric-PIN Identification subsystem is responsible for a given subdivision of the biometric database. [0052]
  • DETAILED DESCRIPTION
  • The invention provides a tokenless biometric method for a scrip supporter to authorize a scrip transactions using scrip accounts either at the retail point of sale or over the Internet. It is the essence of this invention that the Scrip Supporter not be identified through the direct use any man-made personalized tokens to effect a scrip transaction. A computer system and an Identicator are used to accomplish these goals. [0053]
  • A biometric sample is defined as any distinct human characteristic which can uniquely identify an individual. A biometric sample includes any of the following: a fingerprint or finger image, a voice print, a retinal scan, an iris scan, a facial image, and the like. [0054]
  • One such biometric sample is registered with the computer system and another is provided when the Scrip Supporter conducts a scrip transaction. These two biometric samples are compared by an electronic identicator (electronic Identicator or Identicator), which is a computer that uses this comparison to validate or deny the identity of the Scrip Supporter. [0055]
  • Scrip is defined as any unit of data, such as currency, products or services, which is honored by a Scrip Merchant such that a Scrip Supporter's purchase, expenditure or usage of these units results in the donation of goods, services or currency to the designated Scrip Beneficiary. Such scrip may be actual tender in the form of gift certificates, stored-value cards or paper coupons having a pre-determined dollar value. As such, each unit of scrip has a tender or real face value when used with the participating scrip program merchant. Scrip can also be minutes of telephone calling time, miles towards earning a free airplane flight, points towards a gallon of gas, and the like. [0056]
  • A scrip account is defined as an account that contains any of the following: a) pre-purchased scrip deposited in a stored value account, or; b) a registered financial account which is designated to donate scrip based upon the Scrip Supporter's purchases. An electronic scrip donator account (Scrip Donator Account) is an account controlled by a Scrip Supporter or optionally a participating scrip merchant (Scrip Merchant), from which scrip is debited as a result of an electronic scrip transaction. An electronic scrip beneficiary account (Scrip Beneficiary Account) is an account controlled by a Scrip Beneficiary which is a recipient of scrip. The beneficiary is credited as a result of an electronic scrip transaction. [0057]
  • A scrip participating merchant (Scrip Merchant) is any provider of goods or services, such as: a standard brick-and-mortar point of sale merchant; an on-line internet based merchant; a service provider; or a product manufacturer. Such scrip participating entities may include a phone company, a athletic apparel manufacturer, a book or music vendor, an internet service provider, a supermarket, and the like. [0058]
  • A scrip beneficiary (Scrip Beneficiary) is any entity to which donations of scrip is made based upon the participation of any of its Scrip Supporters. Such scrip beneficiaries may include civic organizations, churches, schools, and the like. [0059]
  • A Scrip Supporter is any individual person who participates in a program to donate scrip to a non-profit entity based upon his purchases, expenditures, or service usages. [0060]
  • At least one biometric sample is registered with the computer system and a bid biometric sample is provided when the Scrip Supporter conducts a scrip transaction. These two biometric samples are compared by an electronic identicator, which is a computer that uses this comparison to identify the Scrip Supporter. [0061]
  • Scrip is defined as any unit of data, such as currency, products or services, which is honored by a Scrip Merchant such that a Scrip Supporter's purchase, expenditure or usage of these units results in the donation of goods, services or currency to a designated Scrip Beneficiary. Such scrip may be actual tender in the form of gift certificates, stored-value cards or paper coupons having a pre-determined dollar value. As such, each unit of scrip has a tender or real face value when used with the participating scrip program merchant. Scrip can also be minutes of telephone calling time, miles towards earning a free airplane flight, points towards a gallon of gas, and the like. [0062]
  • A scrip account is defined as an account that contains any of the following: a) pre-purchased scrip deposited in a stored value account, or; b) a registered financial account which is designated to donate scrip based upon the Scrip Supporter's purchases. An electronic scrip donator account (Scrip Donator Account) is an account controlled by a Scrip Supporter or a scrip participating merchant (Scrip Merchant), from which scrip is debited as a result of an electronic scrip transaction. An electronic scrip beneficiary account (Scrip Beneficiary Account) is an account controlled by a recipient of scrip donations (Scrip Beneficiary), to which scrip is credited as a result of an electronic scrip transaction. [0063]
  • A scrip participating merchant (Scrip Merchant) is any provider of goods or services, such as: a standard brick-and-mortar point of sale merchant; an on-line internet based merchant; a service provider; or a product manufacturer. Such scrip participating entities may include a phone company, a athletic apparel manufacturer, a book or music vendor, an internet service provider, a supermarket, and the like. [0064]
  • A scrip beneficiary (Scrip Beneficiary) is any entity to which donations of scrip is made based upon the participation of any of its Scrip Supporters. Such scrip beneficiaries may include civic organizations, churches, schools, and the like. [0065]
  • A Scrip Supporter is any individual person who participates in a program to donate scrip to a Scrip Beneficiary based upon his purchases of goods or services. [0066]
  • The Scrip Supporter forwards at least one biometric sample obtained from their person to the Data Processing Center (DPC) [0067] 22 via a Party Data Apparatus (PDA) 1. The transmittal of the scrip transaction optionally occurs over a network 18 such as an intranet, extranet or the Internet, whether using a local area network (LAN) or wide area network (WAN). It is the essence of this invention that the Scrip Supporter not present any man-made personalized tokens during an identification process in order for an electronic scrip transaction to be authorized. Such tokens include smart cards, magnetic swipe cards, or personal computers with resident Scrip Supporter-customized data.
  • An embodiment of the tokenless biometric scrip transactions is characterized by identifying the Scrip Supporter using the Scrip Supporter's bid [0068] biometric sample 62 that is submitted through a PDA 1. The PDA 1 is preferably directly connected via dial-up, leased lines or wireless modem 56 to the Internet 18. Alternatively, a bid biometric sample is submitted or through a PDA 1 in an intranet 58 or through a PDA 1 incoporated to any terminal such as an electronic cash register, a desktop personal computer, a notebook computer, or a public terminal or kiosk such as an Automated Teller Machine (ATM). In a preferred embodiment, the Scrip Supporter is identified through biometrics while participating entities 28 such as scrip merchants or non-profit beneficiaries are identified through the verification of a digital certificate issued by an authorized certifying authority.
  • Execution of a Rule Module (RM) [0069] 50 or an Execution Command (EC) 52 by the Execution Module (Execution Modules) 38 may result in a declined transmission due to an unidentifiable bid biometric sample, a lack of an identifiable Scrip Merchant or Scrip Beneficiary 28, a closed or inoperative participating Scrip Merchant or Scrip Beneficiary 28, or some other immediately detectable problem condition. If the transmission is declined, the electronic Registry 14 or the Identicator 12 transmits the decline notification back to the PDA 1.
  • In one embodiment, the [0070] PDA 1 is actually built-in and/or integrated with a personal computer, although the invention does not require that the personal computer contain any resident Scrip Supporter-customized data, such as Pattern Data (PD) 54, Execution Commands 52 or private encryption keys.
  • The electronic Identicator (or Identicator) system comprises the following components: [0071]
  • Party Data Apparatus (PDA) [0072]
  • Communication lines [0073]
  • Data Processing Center (DPC) [0074]
  • These components together allow a scrip transaction to occur without requiring the Scrip Supporter to use scrip cards, paper coupons, credit cards, debit cards, or any other physical objects. [0075]
  • Party Data Apparatus (PDA) [0076]
  • The PDA is a device that gathers or contains identity information for use in authorizing scrip transactions. Each PDA conducts one or more of the following operations: [0077]
  • gather biometric input from a Scrip Merchant or Scrip Supporter [0078]
  • gather a PIN code or password from a Scrip Merchant or Scrip Supporter [0079]
  • secure communication between PDA and DPC using encryption [0080]
  • secure storage of secret encryption keys [0081]
  • store and retrieve a unique Scrip Merchant PDA hardware identification code [0082]
  • secure enclosure & components from unauthorized tampering [0083]
  • display information, allow parties to approve or cancel a scrip transaction [0084]
  • automated data scanning, such as a magnetic ink character reader, a magnetic stripe reader or a bar-code reader [0085]
  • store, verify, and retrieve a Scrip Merchant's digital identification code or a Scrip Beneficiary's digital identification code [0086]
  • allow parties to select among choices of Scrip Merchant and Scrip Supporter accounts [0087]
  • A preferred embodiment containing these components is shown in FIG. 1. [0088]
  • Biometric input is gathered using a [0089] biometric sensor 2 located within the PDA 1. Biometric sensor 2 is a finger image sensor, however it is understood that other types of biometric sensors such as biometrics, such as hand prints, voice prints, retinal images, handwriting samples, iris scanning, facial images and others are also used.
  • For PDAs requiring a fingerprint sensor, the PDA has a biometric [0090] fraud detection mechanism 4 that will assure that any biometric input gathered from the biometric sensor is from a real physical person, instead of a copy or replica. Preferably for the finger image sensor, this is a blood flow detector.
  • For systems employing a PIN, PIN input is preferably gathered using a keypad or [0091] PIN pad 6 that is also located securely inside the PDA.
  • Communication security is provided by encryption using unique secret keys known only to that specific PDA and the DPC, and the DES encryption algorithm, preferably triple-encrypted. Triple encryption means successive encrypt/decrypt/encrypt operations using two distinct 56-bit DES keys. This provides significantly higher security than a single encryption operation with one 56-bit DES key. Alternately, a public/private key system may also be used to encrypt information that passes between PDA and DPC. Both DES and public key encryption is well known in the industry. [0092]
  • The PDA also has [0093] secure memory 8 that can store and retrieve the unique secret encryption keys used to enable secure communications with the DPC. In this embodiment, this is battery backed-up RAM that is set up to be erased whenever the tamper-detect circuitry reports that tampering has been detected.
  • To use encryption keys, a key management system must be employed to assure that both sender and receiver are using the same key. When using DES, a preferred key management system is DUKPT, which is well known in the industry. DUKPT is designed to provide a different DES key for each transaction, without leaving behind the trace of the initial secret key. The implications of this are that even successful capture and dissection of a PDA will not reveal messages that have previously been sent, a very important goal when the effective lifetime of the information transmitted is years. DUKPT is fully specified in ANSI X9.24. The DUKPT key table is stored in the secure memory. [0094]
  • Each PDA preferably has a hardware identification code that is registered with the DPC at the time of manufacture. This makes the PDA uniquely identifiable to the DPC in all scrip transactions from that device. This hardware identification code is stored in write-[0095] once memory 10.
  • PDA physical security is assured by standard mechanisms. Preferably, these comprise tamper-detect [0096] circuitry 11, an enclosure that cannot be easily opened without visibly injuring the enclosure, erasable memory for critical secrets such as encryption keys, write-once memory for hardware identification, tight integration of all components, and “potting” of exposed circuitry.
  • Information such as the amount of a transaction, the identity of a Scrip Supporter, or other transaction-related information is displayed using an [0097] integrated LCD screen 13. It is preferable that the LCD screen be connected securely to the other components in the PDA 1 to maintain security.
  • Approval or cancellation of a scrip transaction is done using the PDA keypad. [0098]
  • The automated [0099] data scanner 20 is used to read encoded about the Scrip Supporter, the participating merchant or the scrip beneficiary. This is used during initial registration to link any such data to the Scrip Supporter's biometric identity.
  • Further data which is linked during registration to the Scrip Supporter's biometric may include: a driver's license number, a passport number, a debit account, a credit account, a checking account, a money-market account, a stored-value account containing pre-paid scrip, and the like. Optionally, a stored value account with a participating merchant may be pre-credited with funds, or scrip, from the Scrip Beneficiary and for the use of which the Scrip Supporter has pre-paid a premium to the Scrip Beneficiary. [0100]
  • Optionally, the [0101] PDA 1 also validates public key digital certificates. In one embodiment, public keys of a particular certifying authority are initially stored in the PDA 1 at the time of construction. This provides the mechanism to verify a Scrip Merchant's digital certificates that are signed by the certifying authority, or a Scrip Beneficiary's digital certificates that are signed by the certifying authority.
  • Although a preferred embodiment is described above, there are many different variations on [0102] specific PDA 1 implementations. Fundamentally any device that is secure, can identify a Scrip Supporter, a Scrip Merchant or a Scrip Beneficiary with a high degree of certainty, and can connect to the DPC 22 via some form of communication line can serve as a PDA 1.
  • In some embodiments, specifically the home use and public use instances, the PDA hardware identification code is not used to identify either the Scrip Merchant or the Scrip Supporter. [0103]
  • Registration [0104]
  • Parties that wish to either originate or receive scrip transactions must first register with the [0105] Identicator 12. The identification and scrip information registered with the system for a given party depends on the mode used to originate or receive settlement. A Scrip Supporter must register at least one biometric or a biometric-PIN, as well as a scrip account, along with establishing a scrip electronic clearinghouse that can govern the deposit, display, deducting, and disbursing of scrip and scrip account data using at least one scrip account. In the case of a Scrip Beneficiary receiving electronic transfer of scrip, the beneficiary must also register: identification data unique to that Scrip Merchant or Scrip Beneficiary, such as a digital certificate, and; a scrip account that can receive the Scrip Supporter's donated scrip. A Scrip Merchant, usually a corporate entity, or a Scrip Beneficiary, usually a non-profit entity, must register identification data unique to that entity, such as a digital certificate, their PDA hardware identification codes.
  • A Scrip Supporter registers by submiting a registration biometric sample obtained from their physical person by the PDA's biometric sensor. The [0106] PDA 1 determines that the biometric scan is non-fraudulent, and then translates and compresses that biometric scan into a format suitable for rapid scrip transaction to the DPC 22. In one emboidment, the Scrip Supporter selects and enters a PIN code into the PDA keypad.
  • Next, the person associates at least one scrip account with the registration biometric sample in the system. Preferably, this is accomplished by automatically scanning a bar-code or a magnetic stripe through the data reader attached to the [0107] PDA 1. In one embodiment, this bar-code or magnetic stripe contains not only the Scrip Supporter's scrip account number, but also the identity of the Scrip Merchant or financial institution with which this account is associated.
  • Preferably, an attendant verifies that the Scrip Supporter actually owns the scrip account by comparing personal photo id (a driver's license, passport, id card, etc) to the name listed on the scrip card. [0108]
  • The [0109] PDA 1 transmits the registration data to the DPC 22. The DPC 22 then inserts the biometric (or biometric-PIN) into the appropriate Identicator 12 database and generates a Scrip Supporter ID Code that is unique to the Scrip Supporter. From this point on, any time the Scrip Supporter is identified by the Identicator 12, the Scrip Supporter ID Code is forwarded to the electronic Clearinghouse 14 where it invokes at least one Rule Module 50 for that Scrip Supporter. In the electronic Clearinghouse 14 database, a Rule Module 50 is created that is identified by the Scrip Supporter ID Code. In one embodiment, before a new biometric (or biometric-PIN) record is enabled to originate or execute a scrip transaction, the individual's submitted biometrics are checked against previously registered biometric samples in the electronic Identicator 12 using the same biometric comparison techniques as those used in the individual identification procedure. If a match is found for the newly submitted biometric record, the biometric record's status is set to “prior registration”. If the prior registration check was executed as part of a registration request, the Gateway Machine 26 logs a “registering individual with prior registration” warning, indicating that the person has attempted to register with the system more than once.
  • In one embodiment, the [0110] DPC 22 validates the scrip account data submitted during registration. This involves making certain that the scrip account being registered is a valid account.
  • Regarding a scrip Scrip Merchant or a Scrip Beneficiary, any Scrip Merchant or Scrip Beneficiary may register identification data that is unique to that entity, such as an alpha-numeric identification code, a digital certificate, or a PDA hardware identification code to identify itself to the [0111] DPC 22. Digital certificates are available from certifying authorities, and they provide the assurance that the entity with the certificate is the authentic owner of that identity. These certificates contain readable text and other information that describes the entity. This can include a corporate logo, the address, as well as the company name.
  • This entity identification data is then linked to at least one Scrip Donator Account or a Scrip Beneficiary Account. These scrip accounts are respectively used to electronically debit or credit scrip when the entity identification data is used to identify the Scrip Beneficiary. [0112]
  • PDA hardware identification codes are unique numbers assigned to [0113] PDA 1 devices at the time of manufacture. A participating merchant installing PDA 1 devices at the point of sale can register PDAs 1 with the DPC 22. This causes any transaction, either registration or purchase, flowing through those registered PDAs 1 to automatically identify the participating merchant which owns the hardware identification code.
  • Preferably, the security surrounding the registration of an entity's digital certificates or PDA hardware identification codes to scrip account numbers is extremely strong, as this is a potential source for large losses over a short period of time. [0114]
  • Communication Lines [0115]
  • Communications between the [0116] PDA 1 and the Identicator 12 occur via many different communication methods. Most depend on the particular communication networks already deployed by the organization or retailer that deploys the transmission authorization system.
  • In an embodiment the [0117] PDAs 1 are connected via Ethernet to a local router, which is itself connected to a network operations center (NOC) via frame relay lines. At least one Identicator 12 is located at the NOC. Messages are sent from PDA 1 to the Identicator 12 using TCP/IP over this network. In another embodiment, the PDAs 1 are connected via a cellular digital packet data (CDPD) modem to a CDPD provider, who provides TCP/IP connectivity from the PDA 1 to an intranet 58 to which at least one Identicator 12 is attached.
  • In yet another embodiment, a [0118] PDA 1 is connected via the Internet, as is at least one Identicator 12. TCP/IP is used to transmit messages from PDA 1 to Identicator 12. There are many different ways to connect PDA 1 to Identicator 12, both tethered and wireless, that are well understood in the industry, including but not limited to: the Internet; an intranet; an extranet; a local area network (“LAN”); and a wide area network (“WAN”).
  • Scrip Transactions [0119]
  • Scrip transactions optionally occur at a retail point of sale, across a network such as an intranet or the Internet, or at home or public terminal. [0120]
  • Data Processing Center [0121]
  • Data Processing Centers (DPC) [0122] 22 serve to identify the Scrip Merchant and the Scrip Supporter in a transaction, retrieve scrip and scrip account information for identified parties, and perform the execution that will result in settlement of transactions and scrip delivery to a Scrip Beneficiary for the scrip transaction. The Data Processing Center 22 is comprised of an electronic Identicator 12, an electronic Clearinghouse 14, an internal Execution Module 38, a Firewall 24, a Decryption Module 29, a Gateway Machine 26, and a Logging Facility 36.
  • As seen in FIG. 2, the [0123] DPC 22 is connected to a network, like the Internet 18 or intranet 18, using a firewall machine 24 that filters out all messages that are not from legitimate PDA 1 devices.
  • In a preferred embodiment, the messages are decrypted. For this, the transaction processor uses the decryption module (DM) [0124] 29, which utilizes the hardware identification code of the PDA 1 to identify the encryption codes that is required to decrypt the message from the PDA 1.
  • Once decrypted, the identity of parties to the transaction is determined using the [0125] electronic Identicator 12.
  • Electronic Identicator [0126]
  • The electronic Identicator [0127] 12 (Identicator) serves to identify the Scrip Supporter in an electronic scrip transaction. The Identicator 12 compares a Scrip Supporter's bid biometric sample 62 with previously stored biometric samples from registered Scrip Supporters, in order to identify the Scrip Supporter. If a bid biometric sample 62 is successfully matched against a registered biometric sample, and the Scrip Supporter is positively identified, the Supporter ID Code which had been assigned to the Scrip Supporter during initial registration will be forwarded to the electronic Clearinghouse 14. The Supporter ID Code transmitted by the Identicator 12 is used by the electronic Clearinghouse 14 to locate the Rule Modules 50 that are customized to that Scrip Supporter.
  • As seen in FIG. 2, the [0128] Identicator 12 is connected to the Internet 18 or intranet 58 using a firewall machine 24. Messages are sent to a Gateway machine 26, which is responsible for overseeing the steps required to process the scrip transaction, including forwarding the scrip transaction to the Identicator 12 and the electronic Clearinghouse 14.
  • Preferably, electronic messages transmitted between the [0129] PDA 1 and the DPC 22 are encrypted. For this, the scrip transaction processor uses the Decryption Module (DM) 29, which utilizes the hardware identification code of the PDA 1 to identify the encryption codes that is required to decrypt messages from the PDA 1. Once decrypted, the identity of the Scrip Supporter is determined using Identicator 12, which provides storage, retrieval and comparison of biometric samples 62.
  • In an embodiment, during the Scrip Supporter identification step, the [0130] Identicator 12 requests the Scrip Supporter to submit their PIC, and this PIC is used by the Identicator 12 in combination with the Scrip Supporter's bid biometric sample 62 for purposes of validating the identity of the Scrip Supporter.
  • In another embodiment, the [0131] Identicator 12 provides periodic Scrip Supporter re-identification queries. In this embodiment, in order for a Scrip Supporter to extend an on-line session, the Scrip Supporter is requested by the Identicator 12 to re-identify themselves using any of the following: a Scrip Supporter bid biometric sample 62 or Pattern Data 54, such as a personal identification code (“PIC”).
  • In another embodiment, a Scrip Merchant or a Scrip Beneficiary is also identified by the Identicator using any of the following electronic verification means: a entity ID Code, a digital certificate, an Internet protocol (“IP”) address, a biometric, a hardware identification number, or any other code, text or number that uniquely identifies the entity. In this way, the [0132] Identicator 12 is enabled to provide the Scrip Supporter with confirmation that the correct entity participated in the electronic scrip transaction. Examples include confirming that the correct web site or remote database was accessed by the Scrip Supporter, that the correct entity designee received the Scrip Supporter's email or instant message, and the like.
  • In another embodiment, the [0133] Identicator 12 module is integrated with the electronic Clearinghouse 14 module.
  • In a preferred embodiment, more than one [0134] Identicator 12 provides fault tolerance from either natural or man-made disasters. In this embodiment, each Identicator 12 uses a backup power generator, redundant hardware, mirrored databases, and other standard fault tolerant equipment known in the industry.
  • Identification of the entity and the Scrip Supporter occurs using different methods, depending on the identification information that is provided by the [0135] PDA 1. The Identicator has subsystems for each type of information that is received by the Identicator, and each subsystem is highly optimized to provide rapid identification as outlined below.
  • In a preferred embodiment, [0136] Identicator 12 comprises subsystems that can identify parties from the following information:
  • biometric data and personal identification code (PIC) [0137]
  • biometric data alone [0138]
  • digital identification (digital certificates) [0139]
  • PDA hardware identification code [0140]
  • Biometric Identification Subsystem (BID) [0141]
  • In one embodiment of the Identicator, the BID subsystem comprises at least two BID processors, each of which is capable of identifying Scrip Supporters only from their biometric sample. [0142]
  • In one embodiment, each BID processor contains the entire database of biometrics. To distribute the scrip transactions evenly across processors without undue effort, the Identicator determines randomly which BID processor will be used for a given electronic scrip transaction, and delegates the identification request to that BID processor. That BID processor performs a search of its biometric sample database in order to find a matching registered biometric sample. In another embodiment, there is a scrip supporter re-registration check step, wherein the Scrip Supporter's registration biometric samples are compared against previously registered biometric samples wherein if a match occurs, the computer system is alerted to the fact that the Scrip Supporter has attempted to re-register with the electronic Identicator. [0143]
  • In another embodiment, other information is present that assists the BID processor in searching the database. For finger images, this includes information such as the classification of the image (whirl, arch, etc.), and other information about the finger ridge structure that is useful for selecting out biometrics that are not likely to match (or information on biometrics that are likely to match). Such biometric-based sorting and classification systems using mathematical algorithms, are known in the art for fingerprints and for other biometrics such as retina of the eye, voice print, and face vascular patterns. [0144]
  • Biometric comparisons are often more accurate if multiple biometrics are used. This includes the same type of biometrics from an individual such as fingerprint samples from different fingers, or different types of biometric samples such as a finger print and a voice print. In some embodiments, multiple biometrics are used to more rapidly and more accurately identify individuals. [0145]
  • Biometric-PIC Identification Subsystem (BPID) [0146]
  • As shown in FIG. 5, in a preferred embodiment, the [0147] BPID subsystem 30 comprises at least two BPID processors, each of which is capable of identifying parties from their biometric and personal identification codes.
  • Preferably, the database of parties identifiable from biometric-PIC combinations is distributed equally across all BPID processors. Each processor is responsible for a subset of identifications. [0148]
  • The Identicator determines which Biometric-PIC from the [0149] BPID subsystem 30 is responsible for a given subdivision of the biometric database. In one embodiment, one BPID 32 is responsible for identifying people with PICs 1-10, another BPID 34 is responsible for identifying PICs 11-20, and a third BPID 36 is responsible for identifying PICs 21-30. For example, all messages from the PDA 1 containing a PIC that equals the number 30 would be routed to BPID 36 for identification of the Scrip Supporter.
  • Once a BPID processor receives a bid [0150] biometric sample 62 and PIC for identification, the processor searches through its database, retrieving all registered biometric samples that match or correspond to that particular bid PIC. Once all corresponding registered biometric samples are retrieved, the Identicator 12 compares the bid biometric samples obtained from the electronic scrip transaction to all retrieved registered biometric samples. If a match occurs, the Identicator transmits the identity of the Scrip Supporter or the Supporter ID Code to the electronic Clearinghouse 14. If no match is found, the Identicator transmits a “not identified” message back to gateway machine 26 and to the logging facility 36.
  • In one embodiment, there is a biometric theft resolution step, wherein the scrip supporter's personal identification number is changed if the scrip supporter's biometric sample is determined to have been fraudulently duplicated. [0151]
  • Digital Identification Subsystem [0152]
  • In a preferred embodiment, the Digital Identification subsystem comprises multiple processors, each of which is capable of identifying an entity from their digital certificates. In this embodiment, digital certificates are used to perform digital identification of an entity. Preferably, these include corporate web site addresses and certifying authorities only. Where possible, computers provide digital certificates for identification of the entity, and Scrip Supporters use their biometrics for identification of the Scrip Supporter. [0153]
  • Verifying that a particular digital certificate is valid requires a public key from the certifying authority that issued that particular digital certificate. This requires that the digital identification subsystem have a list of certifying authorities and the public keys used to validate the digital certificates they issue. This table must be secure, and the keys stored therein must be kept up to date. These processes and others relating to the actual process for validating digital certificates are well understood in the industry. [0154]
  • PDA Hardware Identification Subsystem (PHI) [0155]
  • In a preferred embodiment, PDA hardware identification codes are translated into entity identification by the PHI subsystem. This subsystem maintains a list of all [0156] PDAs 1 manufactured. Preferably, when a particular Scrip Supporter uses a PDA 1, that Scrip Supporter's geographic location is identified by their use of that particular PDA 1 during that electronic scrip transaction session.
  • In another embodiment, the PDA hardware identification code does not serve to identify either the Scrip Supporter or an entity. This is the case in [0157] PDAs 1 installed in public venues such as airport terminals, Automated Teller Machines in banks, or computers with PDAs 1 for home use.
  • Scrip Supporter ID Code [0158]
  • A Supporter ID Code or Scrip Supporter ID Code is an electronic message transmitted to the [0159] electronic Clearinghouse 14, which informs the electronic Clearinghouse 14 that a Scrip Supporter has been successfully identified, and instructs the electronic Clearinghouse 14 to invoke the Rule Modules 50 for that particular Scrip Supporter.
  • Electronic Clearinghouse [0160]
  • In a preferred embodiment, once the Scrip Supporter is identified by the [0161] Identicator 12, the Supporter ID Code is forwarded to the electronic Clearinghouse 14. The electronic Clearinghouse 14 instructs the Execution Module 38 to take the necessary steps for executing the Execution Commands 52 that are associated with the Pattern Data 54 registered with the electronic Clearinghouse 14.
  • Rule Modules [0162]
  • The [0163] electronic Clearinghouse 14 is comprised of at least one Rule Module 50 which is indexed specifically to one or more registered Scrip Supporters (hence, “Scrip Supporter-customized”). Therefore, the Rule Modules 50 are optionally not unique or exclusive to a single Scrip Supporter. The electronic Clearinghouse 14 functions as a central storage facility for registering, indexing, updating, and invoking various Rule Modules 50, whereby the Rule Modules govern the deposit, the display, the deducting, and the dispensing of scrip. Each of these Rule Modules 50 is composed of at least one Pattern Data 54 which is associated with or electronically linked to at least one Execution Command. As defined herein, Scrip Supporter-customized does not necessarily mean that any Pattern Data 54 or the Execution Command 52 is unique to a Scrip Supporter, but rather that they are indexed to or are assigned to a specific Scrip Supporter. As such, the same Pattern Data 54 or Execution Command 52 may be assigned to several specific Scrip Supporters, and hence would not be unique to any one Scrip Supporter.
  • The [0164] electronic Clearinghouse 14 optionally stores Scrip Supporter-customized Pattern Data 54 that is unassociated with any Scrip Supporter-customized Execution Commands 52 and optionally stores Scrip Supporter-customized Execution Commands 52 that are not associated with any Scrip Supporter-customized Pattern Data 54. Therefore, such unassociated Pattern Data 54 or Execution Commands 52 are optionally stored within the electronic Clearinghouse 14 until they are associated with a Pattern Data 54 or an Execution Command 52 together thereby forming an executable Rule Module.
  • In one embodiment, the Scrip Merchant registers with the electronic Clearinghouse [0165] 12 a roster of a Scrip Merchant's products or services each having a predetermined scrip value. The value for each unit of scrip could be a dollar amount, a number of minutes of telephone calling time, points towards the purchase of a product or service, a percentage discount on current or future purchases, and the like. The Scrip Merchant then designates the number of scrip to be disbursed to Scrip Supporters or Scrip Beneficiaries based upon the occurrence of predetermined criteria. This criteria may include a credit or debit of scrip in the Scrip Supporter's scrip account based on the Scrip Supporter's purchasing patterns as a function of any of the following: time, demographics, frequency, recency, and amount of expenditure.
  • Once the Scrip Supporter is identified by the [0166] Identicator 12, the Supporter ID Code is forwarded to the electronic Clearinghouse 14. The electronic Clearinghouse 14 takes the Supporter ID Code, optionally along with the PDA hardware ID code, the PDA 1 location data and the scrip transaction request, and searches among the Scrip Supporter's customized Rule Modules 50 to invoke all of the Pattern Data 54 relevant to the scrip transaction being undertaken.
  • In another embodiment, the [0167] electronic Clearinghouse 14 stores and manages the account balances of scrip for participating merchants, Scrip Supporters, and beneficiary entities. Further, The electronic Clearinghouse 14 may contain Execution Commands 52 to display the scrip account status, calculations, and adjustments, and the like for participating merchants, beneficiary entities, and Scrip Supporters.
  • Pattern Data (PD) [0168]
  • As previously noted, [0169] Pattern Data 54 may be provided by the Scrip Supporter, by the electronic Clearinghouse 14, or by an authorized scrip entity 28, while the Scrip Supporter provides at least one associated Execution Command 52, to form a single Rule Module 50.
  • [0170] Pattern Data 54 of a Scrip Supporter is stored electronic data, which is customized to at least one Scrip Supporter. A single Pattern Data 54 includes any of the following stored Scrip Supporter-customized electronic data: a personal identification code (PIC), which is optionally alpha-numeric; demographic information; an email address; a PDA hardware identification code; a financial account; a stored-value account containing pre-paid or pre-earned scrip; the Scrip Supporter's date of birth; a secondary biometric; a telephone number; Scrip Donator Account Data; Scrip Beneficiary Account Data; a mailing address; purchasing patterns; scrip accounting data; a Supporter ID Code. Although a Supporter ID Code is optionally used as Pattern Data 54, the Supporter ID Code is unique to each Scrip Supporter and is not shared between Scrip Supporters.
  • Any [0171] such Pattern Data 54 may be provided to the electronic Clearinghouse 14 by: a Scrip Supporter; an electronic Clearinghouse 14; an electronic Registry 15; or an authorized entity 28 such as a Scrip Merchant or a Scrip Beneficiary.
  • Execution Commands (ECs) [0172]
  • The Execution Commands [0173] 52 executed by the Execution Module 38 transmits electronic messages necessary for depositing, displaying, deducting, or disbursing scrip. Such Execution Commands may include: a pre-calculated formula for surcharging a Scrip Supporter's financial account during a financial transaction, such that said surcharge is automatically disbursed to a scrip beneficiary; a pre-designation that scrip accounts are to be displayed to the Scrip Supporter such that the Scrip Supporter can select which scrip account to invoke for the scrip transaction; a pre- designation that scrip beneficiary entities are displayed for the Scrip Supporter such that the Scrip Supporter may select which entity will be the beneficiary of the scrip transaction disbursement; a pre-designation that purchases from certain participating merchants will automatically invoke a scrip disbursal to at least one certain scrip beneficiary; a pre-designation that upon accumulation of certain types of scrip, such as frequent-flyer miles or free phone minutes, such types of scrip will be automatically disbursed to a pre-designated scrip beneficiary; Scrip Donator Account Data; Scrip Beneficiary Account Data; a pre-designation that upon accumulation of certain amounts of scrip, there will be a disbursal to at least one pre-designated scrip beneficiary; a pre-designation that upon one scrip beneficiary having received a certain quantity of scrip donations from the Scrip Supporter, perhaps even within a certain timeframe, the Scrip Supporter will be notified or further scrip disbursal will automatically transfer to a different beneficiary.
  • In one embodiment, a [0174] Rule Module 50 from the electronic Clearinghouse 14 contains an Execution Command 52 which permits a Scrip Merchant to itself contribute scrip directly to a Scrip Beneficiary based upon a Scrip Supporter's purchases. In such transactions, units of scrip are electronically debited from the Scrip Donator Account controlled by the Scrip Merchant, and corresponding units of scrip are electronically credited to the Scrip Beneficiary Account.
  • The electronic Clearinghouse's [0175] 14 Execution Commands 52 may further provide several execution designations including any of the following: immediate cash discounts or premium charges to a Scrip Supporter's scrip account during a commercial transaction; a deduction of scrip units from a Scrip Supporter's scrip account, and an immediate donation thereof via electronic funds transfer (EFT) to a Scrip Beneficiary; and an accrual of scrip which are credited towards a Scrip Supporter's future purchase of a product or service.
  • Any [0176] Execution Command 52 is invoked by any Pattern Data 54 with which it is associated. As shown in FIG. 4, in one embodiment, a single Pattern Data 54 is associated with multiple Execution Commands 52, thereby forming multiple Rule Modules 50. Also shown in FIG. 4 is another embodiment, where multiple Pattern Data 54 are associated with a single Execution Command, again forming multiple Rule Modules 50. Also shown in FIG. 4, another embodiment there is only one Pattern Data 45 associated with one Execution Command 52. Any Scrip Supporter-customized Execution Command 52 may be provided to the electronic Clearinghouse 14 by the Scrip Supporter.
  • Electronic Registry [0177]
  • In FIG. 3, the preferred embodiment is shown in which there is an [0178] electronic Registry 15 containing at least one Scrip Donator Account or at least one Scrip Beneficiary Account in the database 51. A scrip account is defined as an account that contains any of the following: a) pre-purchased scrip deposited in a stored value account, or; b) a registered financial account which is designated to donate scrip based upon the Scrip Supporter's purchases. An electronic scrip donator account (Scrip Donator Account) is an account controlled by a Scrip Supporter or a Scrip Merchant (Scrip Merchant), from which scrip is debited as a result of an electronic scrip transaction. An electronic scrip beneficiary account (Scrip Beneficiary Account) is an account controlled by a recipient of scrip donations (Scrip Beneficiary), to which scrip is credited as a result of an electronic scrip transaction.
  • In one embodiment, there is at least one [0179] electronic Master Registry 15 database containing all of the scrip accounts in the computer system and there is at least one electronic Local Registry 19 database containing a sub-set of the scrip accounts in the computer system. In another embodiment, a electronic Local Registry 19 is contained within an external servers 28.
  • Scrip Account Data [0180]
  • Scrip account data is any information pertaining to a Scrip Donator Account or a Scrip Beneficiary Account (respectively, Scrip Donator Account Data and Scrip Beneficiary Account Data). Such data includes any of the following: a number which uniquely locates or routes a transaction to a scrip account; a number which uniquely identifies a scrip account; instructions or commands pertaining to the processing of a scrip transaction, including which scrip account should be used under which circumstances, the number of units of scrip to be debited from a Scrip Donator Account under which circumstances and the number of units of scrip to be credited to a Scrip Beneficiary Account under which circumstances. Such circumstances may include: Scrip Supporter usage location, Scrip Supporter usage frequency, Scrip Supporter usage recency, Scrip Supporter usage demographics and Scrip Supporter usage volume of electronic scrip transactions. [0181]
  • Execution Module [0182]
  • In a preferred embodiment, an [0183] Execution Command 52 of a Rule Module 50 causes an electronic scrip transaction to be executed by the Execution Module 38. The Execution Module 38 may be on a database which is located within the DPC 22 itself, or it may be co-located with an entity database 28 that is external to the DPC. In the event that a designated entity database 28 cannot be contacted for the electronic scrip transaction to be completed, the scrip transaction is “declined”.
  • In one embodiment, if the Scrip Merchant approves the transaction, the [0184] Execution Module 38 returns a transaction number to the electronic Registry 15, and the Scrip Supporter's scrip account is thereby adjusted through either a credit or debit. The transaction number is returned to the PDA 1, which lists the transaction on a daily transaction summary. The Scrip Supporter need take no further action since scrip transactions are automatically settled, at which point a calculation is made to automatically adjust the Scrip Supporter's designated scrip account.
  • In another embodiment, the [0185] Execution Module 38 uses Rule Modules 50 from the electronic Clearinghouse 14 which permit a Scrip Merchant to itself contribute scrip directly to a Scrip Beneficiary based upon a Scrip Supporter's purchases. In such transactions, units of scrip are electronically debited from the Scrip Donator Account controlled by the Scrip Merchant, and corresponding units of scrip are electronically credited to the Scrip Beneficiary Account.
  • Decryption Module [0186]
  • In a preferred embodiment, all messages the [0187] Data Processing Center 22 receives, with the exception of those not transmitted via a PDA 1, contain a PDA hardware identification code, a sequence number, and a Message Authentication Code (MAC). MACs, also known as cryptographic checksums, are well known in the computer industry, and are used to assure that any changes to the content of the message will be detectable by the entity receiving the scrip transaction. The Decryption Module 29 validates the message's MAC and checks the sequence number for that particular PDA. If the Decryption Module 29 determines that both the MAC and the sequence number are valid, the DM 29 uses the unique secret key for that particular PDA 1 to decrypt the message. For the decryption to function properly, the Decryption Module 29 must contain a copy of each PDA's DUKPT key table.
  • If the decryption operation fails, or if the MAC check fails, the message is considered an invalid message. The [0188] Decryption Module 29 logs a warning to the logging facility (LF) 36, terminates processing for the message, and returns an error message to the originating PDA 1.
  • Before the [0189] Decryption Module 29 replies to a message that includes a response key, it encrypts the response message with that response key. The Decryption Module 29 also generates a MAC for the response and appends it to the message.
  • Preferably, error messages are not encrypted although the [0190] Decryption Module 29 does include a MAC for message authentication. Such messages never include confidential information. However, most response messages include a status or response codes that can indicate whether the request succeeded or not. For example, when the Execution Module 38 declines a scrip transaction for a specific reason, it does not return an error message, it returns a normal scrip transaction response message with a response code set to “failed”.
  • Gateway Module (GM) [0191]
  • The [0192] Gateway Module 26 serves as an intermediary between redundant Identicator 12 and redundant electronic Registry 15 servers, routing electronic scrip transactions from servers on overload to servers that have available capacity. The Gateway Module 26 also periodically queries servers to ensure that are operative and to alert the system administrator is any server is inoperative.
  • Firewall (FW) [0193]
  • The [0194] firewall 24 provides a first line of defense against network viruses and computer hackers. All communication links into or out of the Identicator 12 and electronic Clearinghouse 14 server sites first pass through a secure firewall 24 Machine.
  • Preferably, the [0195] firewall 24 Machine, an Internet-localnet router, only handles messages destined for the Gateway Module 26 machines.
  • PDA-quipped terminals send packets to [0196] Identicator 12 and electronic Clearinghouse 14 server sites via modem, X.25, or other communication medium. The Identicator 12 and electronic Clearinghouse 14 server sites rely on a entity to supply the modem banks required to handle the volume of calls and feed the data onto the DPC 22 backbone.
  • For communications between [0197] Identicator 12 and electronic Clearinghouse 14 server sites, the FW 24 Machines send out double-length DES encrypted packets. The server site LAN component handles the encryption and decryption: the firewall 24 does not have the ability to decrypt the packets.
  • A properly configured network sniffer acts as an intruder detector as backup for the [0198] FW 24. If an anomalous message is detected, the intruding messages are recorded in their entirety, an operator is alerted, and the firewall 24 is physically shut down by the sniffer.
  • The [0199] firewall 24 disallows any scrip transactions from the internal network to the rest of the Internet. An electronic scrip transaction message requires about 400 bytes and registration packets require about 10 to 20 KB. To handle 1000 electronic scrip transactions per second and 1 registration packet per second, the firewall 24 machines are able to process about 400 KB per second.
  • Logging Facility [0200]
  • In a preferred embodiment, the [0201] logging facility 36 logs all electronic scrip transaction attempts, whether successful or not, to write-once media, so that a record is kept of each scrip transaction and each error that has occurred during the operation of the Identicator 12.
  • Interconnections and Communications among the Electronic Identicator, Electronic Clearinghouse and Electronic Registry [0202]
  • In one embodiment depicted in FIG. 3 and FIG. 6, the [0203] Identicator 12 module is physically distinct and separate from the electronic Clearinghouse 14 and the electronic Registry 15 modules with each housed in independent servers or modules. Clearinghouse 14 and Registry 15 are alternatively in separate locations. In another embodiment, the Identicator is physically integrated with the electronic Clearinghouse and the electronic Registry 15, whereby the Identicator 12, electronic Clearinghouse 14 and the electronic Registry 15 are physically interconnected and integrated together within one server or module. In both embodiments, communications among the Identicator 12, the electronic Clearinghouse 14 and the electronic Registry 15 occur via many different methods and means that are well known in the art. Most depend on the particular communication networks already deployed by the organization or company that deploys the electronic scrip transaction authorization system.
  • In one embodiment the, the [0204] Identicator 12, the electronic Clearinghouse 14 and the electronic Registry 15 are connected via Ethernet to a local router, which is connected to a network operations center (NOC) via frame relay lines. Messages are sent among the Identicator 12, the electronic Clearinghouse 14 and the electronic Registry 15 using TCP/IP over this network. In another embodiment, the Identicator 12, the electronic Clearinghouse 14 and the electronic Registry 15 are connected via a cellular digital packet data (CDPD) modem to a CDPD provider, who provides TCP/IP connectivity from the Identicator to an intranet 58 to which at least one electronic Clearinghouse 14 is attached.
  • In yet another embodiment, an [0205] Identicator 12 is connected via the Internet, as is at least one electronic Clearinghouse 14 and at least one electronic Registry 15. TCP/IP is used to transmit messages from among the Identicator 12, the electronic Clearinghouse 14 and the electronic Registry 15. There are many different ways to connect the Identicator, the electronic Clearinghouse 14 and the electronic Registry 15 that are well understood in the industry, such as cable TV networks, cellular telephone networks, telephone networks, the Internet, an intranet, a LAN, a WAN, or an X.25 network.
  • The [0206] Identicator 12 compares a Scrip Supporter's bid biometric sample with previously stored biometric samples from registered Scrip Supporters.
  • The [0207] Identicator 12, the electronic Clearinghouse 14 and the electronic Registry 15 hardware modules are high-reliability database servers, well known in the art, such as those available from Sun™, Compaq™, Tandem™, IBM™ and the like. Further, the Identicator 12, the electronic Clearinghouse 14 and the electronic Registry 15 software may incorporate scalable database architecture, well known in the art, such as those available from Oracle™, Sybase™, Informix™ and the like.
  • Electronic Identicator, Electronic Clearinghouse and Electronic Registry: Master Servers and Local Servers [0208]
  • In certain embodiments, a [0209] Master Identicator 12 is responsible for storage of the entire set of biometric samples and digital certificates registered for use with this invention. An electronic Master Clearinghouse 14 is responsible for storage of the entire set of Pattern Data 54, Execution Commands 52, and Rule Modules 50 registered for use with this invention. An electronic Master Registry 15 is responsible for storage of the entire set of Scrip Donator Accounts and Scrip Beneficiary Accounts registered for use with this invention.
  • Each [0210] Master Identicator 12, Master Clearinghouse 14 and Master Registry 15 site is preferably made up of a number of computers and databases connected together over a LAN (known in the industry). Multiple and redundant Master computer sites ensure reliable service in the face of disaster or serious hardware failure at any single central computer site.
  • In another embodiment, there is at least one [0211] Local Identicator 21 server which stores a subset of the entire set of biometric samples and digital certificates registered for use with this invention. In another embodiment, there is at least one Local Clearinghouse 17 server which stores a subset of the entire set of Pattern Data 54, Execution Commands 52, and Rule Modules 50 registered for use with this invention. Such Pattern Data 54 and Execution Commands 52 subsets are circumscribed by any number of criteria including, usage location, usage frequency, usage recency, usage demographics and usage volume of electronic scrip transactions. In another embodiment, there is at least one Local Registry 19 server which stores a subset of the entire set of Scrip Donator Accounts and Scrip Beneficiary Accounts registered for use with this invention.
  • Preferably, each Master and Local server site has electrical power backup and multiple redundancy in all of its critical hardware and database systems. [0212]
  • It is preferred that the Master servers have a [0213] firewall 24 machine which is the entry point of data and messages into these computers, and a gateway machine which is a system coordinator and message processor.
  • Use-Sensitive Configurations for Identicator, Electronic Clearinghouse and Electronic Registry [0214]
  • As shown in FIG. 3 and FIG. 6, in some embodiments the invention has use-sensitive data processing capabilities, wherein at least two [0215] Identicators 12, at least two electronic Clearinghouses, or at least two electronic Registries 14 exist, some of which respectively store a subset of the total data registered with the system.
  • One embodiment comprises at least one [0216] Master Identicator 12, one Master Clearinghouse 14 and one Master Registry 15, which respectively contain the entire set of all data registered with the system. This embodiment further comprises at least two Local Identicators 21, at least two Local Clearinghouses 17, or at least two Local Registries 19 that are physically apart from each other. Each Local Identicator 21, Local Clearinghouse 17 and Local Registry 19 contains a subset of the data contained respectively within the Master Identicator 12, Master Clearinghouse 14 and Master Registry 15. Data communications lines allow electronic scrip transactions to flow between each Local Identicator 21, Local Clearinghouse 17 or Local Registry 19, and the Master Identicator 12, Master Clearinghouse 14 or Master Registry 15.
  • In this embodiment, identification request electronic scrip transactions are first sent to the [0217] Local Identicator 21, Local Clearinghouse 17 or Local Registry 19 for processing. If a party cannot be identified by the Local Identicator 21 or if the requisite Rule Module 50 or Scrip Account is not contained, respectively, in the Local Clearinghouse 17 or the Local Registry 19, the electronic scrip transaction is forwarded to the Master Identicator 12, the Master Clearinghouse 14 or the Master Registry 15. If the parties are identified properly by the Master Identicator 12 or if the requisite Rule Module 50 or Scrip Account is located, respectively, in the Master Clearinghouse 14 or the Master Registry 15, the electronic scrip transaction is processed appropriately. In addition, the Scrip Supporter's identity information can be transmitted from the Master Identicator 12 to the Local Identicator 21, so that the next time the Scrip Supporter will be successfully identified by the Local Identicator 21. This can likewise occur for the Master Clearinghouse 14 and Local Clearinghouses 17, and Master Registry 15 and Local Registries 19.
  • In another embodiment of a use-sensitive system, the system further comprises a purge engine for deleting a party's Scrip Supporter-customized information from the [0218] Local Identicator 21, the Local Clearinghouse 17 or the Local Registry 19 databases. In order to store only records for those parties who use the system more than a prescribed frequency and prevent the overload of databases with records from parties who use the system only occasionally, the record of a party is deleted from the Local Identicator 21, Local Clearinghouse 17 or Local Registry 19 databases if there has been no attempt to identify the party upon expiration of a predetermined time limit.
  • In order to make communications between the Master servers and the Local servers secure, the system further comprises encryption and decryption means, wherein communications between the Master servers and Local servers are encrypted. [0219]
  • External Computers or External Entity Servers [0220]
  • In one embodiment, an [0221] Execution Command 52 optionally requires the DPC 22, including the electronic Clearinghouse 14 and the Execution Module 38, to communicate with at least one external entity 28 computer or database to conduct a Scrip Supporter's scrip transaction. For example, the Execution Module 38 may need to communicate with: a banking or credit card institution; a retailer's purchasing incentives database for generating scrip; a scrip beneficiary's computers to determine the correct scrip beneficiary account for scrip disbursal. In this embodiment, at least one Local Clearinghouse 17 or at least one Local Registry 19 is located within an external entity computer.
  • Retail Point-of-Sale Scrip Transactions [0222]
  • Retail point of sale transactions as shown in FIG. 6 are characterized by identifying the Scrip Supporter using their biometric sample or biometric sample-PIN on a [0223] PDA 1 controlled by Scrip Merchant. The Scrip Supporter is thus identified through biometrics, while the Scrip Merchant is identified through the PDA's hardware identification code.
  • In a preferred embodiment, a Scrip Supporter at the point of sale originates a scrip transaction in the following manner. The Scrip Supporter submits a bid biometric sample obtained from their physical person by the PDA's biometric sensor. The [0224] PDA 1 determines that the biometric sample is non-fraudulent, and then translates and compresses that biometric sample into a format suitable for rapid scrip transaction to the DPC 22.
  • In one embodiment, the Scrip Supporter enters a PIN code into the PDA keypad. The [0225] PDA 1 transmits the biometric-PIN to the DPC 22 for identification, along with the PDA hardware identification code. The DPC 22 identifies the Scrip Supporter and the scrip account of the Scrip Supporter using the biometric-PIN sample. The DPC 22 identifies the Scrip Merchant's Donator Account using the PDA hardware identification code that was previously registered by the participating merchant.
  • The transaction data is entered into the [0226] PDA 1, either using an electronic cash register or manually, by the Scrip Supporter. The Scrip Supporter then either approves or cancels the transaction using the PDA's keypad. Once the scrip transaction is approved, the PDA 1 transmits the scrip transaction to the DPC 22. The DPC 22 then forwards the transaction for execution and settlement to the scrip responsible party, which may include any of the following: the DPC 22 itself, a participating merchant, an independent scrip service provider, a financial institution, and the like.
  • Execution of the transaction may result in a declined transaction due to lack of scrip or other problem condition reported by the Scrip Merchant. If the transaction is declined, the [0227] DPC 22 transmits the decline notification back to the PDA 1, canceling the transaction.
  • Network Scrip Transactions [0228]
  • Network transactions are characterized by identifying the Scrip Supporter using a communications network such as the Internet, an intranet, or an extranet. The Scrip Supporter's bid biometric sample is submitted through the Scrip Supporter's [0229] personal PDA 1, or through a public PDA 1 attached to an ATM or other public terminal. Parties identified through a digital certificate are registered network entities, such as either the Scrip Merchant or the Scrip Beneficiary. The Scrip Supporter is identified through biometrics, while the Scrip Merchant or the Scrip Beneficiary, may be identified through the verification of a digital certificate issued by an authorized certifying authority.
  • In a preferred embodiment, the Scrip Supporter locates the Scrip Merchant by locating the participating merchant's place of business on the network: the web site, using the network address of the Scrip Merchant. The Scrip Supporter downloads the Scrip Merchant's digital certificate to the [0230] PDA 1 that the Scrip Supporter is using. The PDA 1 verifies that the digital certificate provided by the Scrip Merchant is a valid certificate.
  • The Scrip Supporter submits a bid biometric sample obtained from their physical person using the PDA's biometric sensor. The [0231] PDA 1 determines that the biometric scan is non-fraudulent, and then translates and compresses that biometric scan into a format suitable for rapid scrip transaction to the DPC 22. In one embodiment, the Scrip Supporter enters a PIN code into the PDA keypad.
  • The [0232] PDA 1 transmits the biometric-PIN to the DPC 22 for identification, along with the Scrip Merchant's digital certificate.
  • Both parties identify the scrip accounts to be involved in the transaction. The Scrip Supporter does this in an automated manner. In a preferred embodiment, this occurs at the [0233] DPC 22 using account selection information included in the transaction by the Scrip Supporter. The Scrip Supporter's scrip account is thereby automatically selected by the DPC 22.
  • The amount of the transaction is also transmitted to the [0234] PDA 1 by the Scrip Merchant. The Scrip Supporter either approves or cancels the transaction using the PDA's keypad. Once the transaction is approved, the PDA 1 transmits the scrip transaction to the DPC 22, where the DPC 22 authorizes the scrip transaction and transmits a new scrip transaction to the appropriate scrip electronic Registry 14. The DPC 22 forwards the transaction for execution and settlement to the scrip responsible party, which may include any of the following: the DPC 22 itself, a participating merchant, an independent scrip service provider, a financial institution, and the like.
  • Execution by the [0235] DPC 22 may result in a declined transaction due to lack of scrip in the account, a closed account, or some other immediately detectable problem condition. If the transaction is declined, the DPC 22 transmits the decline notification back to the PDA 1, and the transaction is cancelled.
  • In one embodiment, the [0236] PDA 1 is actually built-in and/or integrated with a personal computer. These personal computer PDA hardware identification codes are not used to identify either party in a transaction.
  • In another embodiment, the Scrip Supporter can be a representative of a business entity that has permission to access the business entity's scrip accounts to make direct donations to a scrip beneficiary. [0237]
  • In yet another embodiment, settlement of scrip is delayed for an agreed-upon time period, to enable implementation of net-30 settlement terms and the like. [0238]
  • In one embodiment, the scrip from a network transaction are deposited into an escrow account for an Internet Scrip Merchant or a Scrip Supporter, instead of being directly calculated into the Scrip Supporter's scrip account or donated directly to a Scrip Beneficiary, as a direct settlement for the scrip to be debited or credited. [0239]
  • From the foregoing, it will be appreciated how the objectives and features of the invention are met. First, the invention provides a scrip transaction computer system that eliminates the need for a Scrip Supporter to possess and present any personalized man-made tokens, in order to authorize a transaction. [0240]
  • Second, the invention provides a scrip transaction computer system that is capable of verifying a Scrip Supporter's unique personal identity, as opposed to verifying possession of personalized objects and information. [0241]
  • Third, the invention verifies the Scrip Supporter's identity based upon one or more unique characteristics physically personal to the Scrip Supporter. [0242]
  • Fourth, the invention provides a cost-effective scrip transaction system that is practical, convenient, and easy use. [0243]
  • Fifth, the invention provides a system of secured access to a scrip computer system that is highly resistant to fraudulent transaction authorization attempts by unauthorized Scrip Supporters. [0244]
  • Sixth, the invention provides a scrip transaction authorization system that enables a Scrip Supporter to notify authorities that a particular access request is being coerced by a third party without giving notice to the third party of the notification. [0245]
  • Although the invention has been described with respect to a particular Identicator and method for its use, it will be appreciated that various modifications of the apparatus and method are possible without departing from the invention, which is defined by the claims set forth below. [0246]

Claims (44)

What is claimed is:
1. A method for tokenless authorization of an electronic scrip transaction using at least one scrip supporter biometric sample and an electronic identicator, said method comprising the steps of:
a. a scrip supporter registration step, wherein a scrip supporter registers with an electronic identicator at least one registration biometric sample,
b. an electronic scrip transaction proposal step comprising an electronic scrip donator account data,
c. at least one transmittal step, wherein a scrip supporter bid biometric sample is obtained from the scrip supporter's person and is electronically transmitted to the electronic identicator,
d. a scrip supporter identification step, wherein the electronic identicator compares the bid biometric sample with at least one registration biometric sample for producing either a successful or failed identification of the scrip supporter,
wherein upon successful identification of the scrip supporter, a scrip transaction is biometrically authorized, without the scrip supporter presenting any personalized man-made tokens such as smartcards or magnetic swipe cards.
2. The method of claim 1 further comprising at least one local identicator containing a subset of all of the registered scrip supporter biometric samples in the electronic identicator.
3. The method of claim 1, further comprising an electronic clearinghouse creation step, wherein the clearinghouse contains at least one rule module.
4. The method of claim 3, wherein a rule module further comprises at least one pattern data that is associated with at least one execution command.
5. The method of claim 4, wherein pattern data comprises any of the following: a unique scrip supporter identification code, demographic information, an email address, at least one pre-determined formula for scrip donations, secondary biometric, a telephone number, a mailing address, purchasing patterns, a digital certificate, a network credential, an Internet protocol address, a digital signature, and an encryption key.
6. The method of claim 4, wherein an execution command comprises instructions for accessing at least one electronic registry that contains any one of the following; at least one scrip donator account and at least one scrip beneficiary account.
7. The method of claim 6, wherein the electronic registry is located on an computer that is external to the authorization system.
8. The method of claim 3 further comprising at least one local clearinghouse containing a subset of all of the rule modules in the scrip transaction system.
9. The method of claim 1 further comprising a scrip merchant identification step, wherein the electronic identicator compares a scrip merchant bid identification data with a scrip merchant registered identification data for producing either a successful or failed identification of the scrip merchant;
10. The method of claim 9 wherein the scrip merchant identification data comprises any one of the following; a hardware identification code, a telephone number, an email address, a digital certificate code, an account index, an electronic account number, a biometric, or a biometric and personal identification number combination.
11. The method of claim 9 wherein the scrip merchant identification step further comprises the electronic identicator communicating with one or more external computers to access scrip merchant identification data.
12. The method of claim 1 further comprising at least one scrip beneficiary identification step, wherein the electronic identicator compares a scrip beneficiary bid identification data with a scrip beneficiary registered identification data for producing either a successful or failed identification of the scrip beneficiary.
13. The method of claim 12 wherein the scrip beneficiary identification data comprises any one of the following; a hardware identification code, a telephone number, an email address, a digital certificate code, an account index, an electronic account number, a biometric, or a biometric and personal identification number combination.
14. The method of claim 12 wherein the scrip beneficiary identification step further comprises the electronic identicator communicating with one or more external computers to access scrip beneficiary identification data.
15. The method of claim 1 wherein the scrip supporter registration step further comprises registering a scrip supporter personal identification number with the electronic identicator.
16. The method of claim 1 further comprising a scrip donator account resource determination step, wherein it is determined if a scrip donator account has sufficient resources to be debited for an amount specified in the scrip transaction.
17. The method of claim 1 further comprising a transaction settlement step, wherein a scrip donator account is debited and a scrip beneficiary account is credited.
18. The method of claim 17 wherein the transaction settlement step further comprises the electronic identicator communicating with one or more external computers to access an electronic registry comprising any of the following: scrip donator account data and scrip beneficiary account data.
19. The method of claim 1 wherein the electronic scrip transaction proposal step further comprises scrip transaction data, wherein the scrip transaction data comprises any of the following: price information, a list of goods, a list of services, a scrip merchant name, a date or time, a location, and an invoice number.
20. The method of claim 17 wherein a future date on which scrip is to be debited from the scrip donator account and credited to the scrip beneficiary account is included in the transaction settlement step.
21. The method of claim 1 further comprising a scrip supporter re-registration check step, wherein the scrip supporter's registration biometric samples are compared against previously registered biometric samples wherein if a match occurs, the computer system is alerted to the fact that the scrip supporter has attempted to re-register with the electronic identicator.
22. The method of claim 1 wherein the scrip supporter's biometric sample comprises any of the following: a fingerprint, a retinal scan, an iris scan, a voice print, a facial scan.
23. The method of claim 15 further comprising a biometric theft resolution step, wherein the scrip supporter's personal identification number is changed if the scrip supporter's biometric sample is determined to have been fraudulently duplicated.
24. The method of claim 1 wherein the scrip donator account is controlled by any of following: a scrip merchant, a scrip participating manufacturer, and a scrip supporter.
25. The method of claim 1 wherein scrip may comprise any unit of the following: gift certificates, stored-value units, electronic or paper coupons having a pre-determined dollar value, minutes of telephone calling time, miles towards earning a free airplane flight, points towards receiving a commodity or service.
26. The method of claim 1 wherein the scrip donator account comprises any of the following: a stored value account and a financial account.
27. The method of claim 17 wherein the beneficiary account comprises any of the following: a stored value account and a financial account.
28. The method of claim 17 further comprising a notification step, wherein after settlement of the transaction, notification of the results of the transaction settlement step and scrip account activity is presented to any of the following: a scrip supporter; a scrip merchant; a scrip beneficiary.
29. A tokenless electronic scrip transaction authorization device, said device comprising of:
a. at least one electronic scrip supporter registration biometric sample,
b. an electronic identicator for comparing a scrip supporter bid biometric sample with the at least one scrip supporter registration biometric sample to produce a successful or failed identification result,
c. an electronic scrip donator account data,
d. wherein upon successful identification of the scrip supporter, a scrip transaction is biometrically authorized, without the scrip supporter presenting any personalized man-made tokens such as smartcards or magnetic swipe cards.
30. The device of claim 29 further comprising at least one local identicator containing a subset of the registration biometric samples in the identicator.
31. The device of claim 29 further comprising an electronic clearinghouse that contains at least one rule module.
32. The device of claim 31 wherein the rule module comprises of at least one pattern data that is associated with at least one execution command.
33. The device of claim 32, wherein pattern data comprise any of the following: a unique scrip supporter identification code, demographic information, an email address, at least one pre-determined formula for scrip donations, secondary biometric, a telephone number, a mailing address, purchasing patterns, a digital certificate, a network credential, an Internet protocol address, a digital signature, and an encryption key.
34. The device of claim 32, wherein an execution command comprises instructions for accessing at least one electronic registry that contains any one of the following; at least one scrip donator account and at least one scrip beneficiary account.
35. The device of claim 34, wherein the electronic registry is located on an computer that is external to the authorization device.
36. The device of claim 31 further comprising at least one local clearinghouse containing a subset of all of the rule modules in the scrip transaction system.
37. The device of claim 29 further comprising a merchant registered identification data for comparing a merchant bid identification data with merchant registered identification data for producing either a successful or failed identification of the merchant.
38. The device of claim 37 wherein the merchant identification data comprises any one of the following; a hardware identification code, a telephone number, an email address, a digital certificate code, an account index, an electronic account number, a biometric, or a biometric and personal identification number combination.
39. The device of claim 29 further comprising at least one beneficiary identification data for comparing a scrip beneficiary bid identification data with a scrip beneficiary registered identification data for producing either a successful or failed identification of the scrip beneficiary.
40. The device of claim 39 wherein the beneficiary identification data comprises any one of the following; a hardware identification code, a telephone number, an email address, a digital certificate code, an account index, an electronic account number, a biometric, or a biometric and personal identification number combination.
41. The device of claim 29 further comprising a supporter personal identification number for identifying the supporter.
42. The device of claim 29 wherein scrip may comprise any unit of the following: gift certificates, stored-value units, electronic or paper coupons having a pre-determined dollar value, minutes of telephone calling time, miles towards earning a free airplane flight, points towards receiving a commodity or service.
43. The device of claim 29 wherein the scrip donator account comprises any of the following: a stored value account and a financial account.
44. The device of claim 34 wherein the beneficiary account comprises any of the following: a stored value account and a financial account.
US10/734,851 1994-11-28 2003-12-11 System and method for tokenless biometric electronic scrip Abandoned US20040128249A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
US10/734,851 US20040128249A1 (en) 1994-11-28 2003-12-11 System and method for tokenless biometric electronic scrip
US11/321,114 US7698567B2 (en) 1994-11-28 2005-12-28 System and method for tokenless biometric electronic scrip

Applications Claiming Priority (6)

Application Number Priority Date Filing Date Title
US08/345,523 US5615277A (en) 1994-11-28 1994-11-28 Tokenless security system for authorizing access to a secured computer system
US08/442,895 US5613012A (en) 1994-11-28 1995-05-17 Tokenless identification system for authorization of electronic transactions and electronic transmissions
US08/705,399 US5870723A (en) 1994-11-28 1996-08-29 Tokenless biometric transaction authorization method and system
US09/244,784 US6012039A (en) 1994-11-28 1999-02-05 Tokenless biometric electronic rewards system
US44110799A 1999-11-16 1999-11-16
US10/734,851 US20040128249A1 (en) 1994-11-28 2003-12-11 System and method for tokenless biometric electronic scrip

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
US44110799A Division 1994-11-28 1999-11-16

Related Child Applications (1)

Application Number Title Priority Date Filing Date
US11/321,114 Division US7698567B2 (en) 1994-11-28 2005-12-28 System and method for tokenless biometric electronic scrip

Publications (1)

Publication Number Publication Date
US20040128249A1 true US20040128249A1 (en) 2004-07-01

Family

ID=32660159

Family Applications (2)

Application Number Title Priority Date Filing Date
US10/734,851 Abandoned US20040128249A1 (en) 1994-11-28 2003-12-11 System and method for tokenless biometric electronic scrip
US11/321,114 Expired - Fee Related US7698567B2 (en) 1994-11-28 2005-12-28 System and method for tokenless biometric electronic scrip

Family Applications After (1)

Application Number Title Priority Date Filing Date
US11/321,114 Expired - Fee Related US7698567B2 (en) 1994-11-28 2005-12-28 System and method for tokenless biometric electronic scrip

Country Status (1)

Country Link
US (2) US20040128249A1 (en)

Cited By (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020073046A1 (en) * 1999-07-30 2002-06-13 David Sancho Enrique System and method for secure network purchasing
US20030061167A1 (en) * 2001-09-21 2003-03-27 Mann William Frederick System for providing cardless payment
US20040117321A1 (en) * 1999-07-30 2004-06-17 Sancho Enrique David System and method for secure network purchasing
US20040254890A1 (en) * 2002-05-24 2004-12-16 Sancho Enrique David System method and apparatus for preventing fraudulent transactions
US20050251688A1 (en) * 1999-05-14 2005-11-10 Nanavati Samir H Identity verification method using a central biometric authority
WO2006034584A1 (en) * 2004-09-28 2006-04-06 Doyle Brian J Cashless payment service provision method
US20070257104A1 (en) * 2006-04-24 2007-11-08 Encryptakey, Inc. Portable device and methods for performing secure transactions
US20080038847A1 (en) * 2006-08-11 2008-02-14 Dongbu Hitek Co., Ltd. Method of forming dummy pattern
US7458510B1 (en) * 2005-04-19 2008-12-02 Sprint Spectrum L.P. Authentication of automated vending machines by wireless communications devices
US20110087611A1 (en) * 2009-10-14 2011-04-14 Shyam Chetal Biometric identification and authentication system for financial accounts
US20120116978A1 (en) * 2008-12-23 2012-05-10 Mtn Mobile Money Sa (Pty) Ltd Method of and system for securely processing a transaction
US20130173466A1 (en) * 2011-12-28 2013-07-04 Nokia Corporation Method and apparatus for utilizing recognition data in conducting transactions
US8639629B1 (en) 2005-02-02 2014-01-28 Nexus Payments, LLC System and method for accessing an online user account registry via a thin-client unique user code
US8768838B1 (en) 2005-02-02 2014-07-01 Nexus Payments, LLC Financial transactions using a rule-module nexus and a user account registry
US20170094516A1 (en) * 2002-07-09 2017-03-30 Neology, Inc. System and method for providing secure identification solutions
US10003464B1 (en) * 2017-06-07 2018-06-19 Cerebral, Incorporated Biometric identification system and associated methods
US11288666B1 (en) 2005-02-02 2022-03-29 Edge Mobile Payments Llc System and method for real-time processing of on-line financial transactions using a universal financial token and a remotely located rule-module clearinghouse
US11562353B2 (en) 2015-11-24 2023-01-24 Mastercard International Incorporated Method and system for gross settlement by use of an opaque blockchain

Families Citing this family (22)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6876991B1 (en) 1999-11-08 2005-04-05 Collaborative Decision Platforms, Llc. System, method and computer program product for a collaborative decision platform
US7574734B2 (en) * 2002-08-15 2009-08-11 Dominique Louis Joseph Fedronic System and method for sequentially processing a biometric sample
US20040243815A1 (en) * 2003-05-28 2004-12-02 Yoshihiro Tsukamura System and method of distributing and controlling rights of digital content
US20050039027A1 (en) * 2003-07-25 2005-02-17 Shapiro Michael F. Universal, biometric, self-authenticating identity computer having multiple communication ports
US8321946B2 (en) * 2003-12-05 2012-11-27 Hewlett-Packard Development Company, L.P. Method and system for preventing identity theft in electronic communications
US8505826B2 (en) * 2007-04-16 2013-08-13 Visa U.S.A. Anti-interrogation for portable device
US8265593B2 (en) * 2007-08-27 2012-09-11 Alcatel Lucent Method and system of communication using extended sequence number
US8666841B1 (en) 2007-10-09 2014-03-04 Convergys Information Management Group, Inc. Fraud detection engine and method of using the same
US20090119170A1 (en) 2007-10-25 2009-05-07 Ayman Hammad Portable consumer device including data bearing medium including risk based benefits
US20090145972A1 (en) * 2007-12-11 2009-06-11 James Douglas Evans Biometric authorization transaction
US8694793B2 (en) * 2007-12-11 2014-04-08 Visa U.S.A. Inc. Biometric access control transactions
US8532271B2 (en) * 2009-01-21 2013-09-10 Chung-Yu Lin Cybercrime detecting and preventing method and system established by telephone number code, authorization codes and source identification code
US8443202B2 (en) 2009-08-05 2013-05-14 Daon Holdings Limited Methods and systems for authenticating users
US7865937B1 (en) 2009-08-05 2011-01-04 Daon Holdings Limited Methods and systems for authenticating users
US8260269B2 (en) * 2009-11-25 2012-09-04 Visa International Service Association Input device with an accelerometer
US8826030B2 (en) * 2010-03-22 2014-09-02 Daon Holdings Limited Methods and systems for authenticating users
JP5433498B2 (en) * 2010-05-27 2014-03-05 株式会社東芝 Cryptographic processing device
US8682798B2 (en) 2010-09-24 2014-03-25 Visa International Service Association Method and system using universal ID and biometrics
US8856043B2 (en) 2011-02-18 2014-10-07 Visa International Service Association Method and system for managing data and enabling payment transactions between multiple entities
US9378514B2 (en) 2011-11-23 2016-06-28 Richard Tabor Secure tokenless transaction system and method
US9978064B2 (en) 2011-12-30 2018-05-22 Visa International Service Association Hosted thin-client interface in a payment authorization system
USD776664S1 (en) * 2015-05-20 2017-01-17 Chaya Coleena Hendrick Smart card

Citations (80)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4321672A (en) * 1979-11-26 1982-03-23 Braun Edward L Financial data processing system
US4390968A (en) * 1980-12-30 1983-06-28 Honeywell Information Systems Inc. Automated bank transaction security system
US4484328A (en) * 1981-08-03 1984-11-20 Schlafly Hubert J Television line multiplexed data communication system
US4675815A (en) * 1983-02-18 1987-06-23 Fujitsu Limited Transaction safety system for falsely indicating successful completion of illegal transaction
US4734858A (en) * 1983-12-05 1988-03-29 Portel Services Network, Inc. Data terminal and system for placing orders
US4799156A (en) * 1986-10-01 1989-01-17 Strategic Processing Corporation Interactive market management system
US4821118A (en) * 1986-10-09 1989-04-11 Advanced Identification Systems, Inc. Video image system for personal identification
US4837422A (en) * 1987-09-08 1989-06-06 Juergen Dethloff Multi-user card system
US4926480A (en) * 1983-08-22 1990-05-15 David Chaum Card-computer moderated systems
US4947028A (en) * 1988-07-19 1990-08-07 Arbor International, Inc. Automated order and payment system
US4961142A (en) * 1988-06-29 1990-10-02 Mastercard International, Inc. Multi-issuer transaction device with individual identification verification plug-in application modules for each issuer
US4993068A (en) * 1989-11-27 1991-02-12 Motorola, Inc. Unforgeable personal identification system
US4995086A (en) * 1986-05-06 1991-02-19 Siemens Aktiengesellschaft Arrangement and procedure for determining the authorization of individuals by verifying their fingerprints
US4998279A (en) * 1984-11-30 1991-03-05 Weiss Kenneth P Method and apparatus for personal verification utilizing nonpredictable codes and biocharacteristics
US5036461A (en) * 1990-05-16 1991-07-30 Elliott John C Two-way authentication system between user's smart card and issuer-specific plug-in application modules in multi-issued transaction device
US5054089A (en) * 1988-12-29 1991-10-01 Kabushiki Kaisha Toshiba Individual identification apparatus
US5095194A (en) * 1989-10-12 1992-03-10 Joseph Barbanell Holographic credit card with automatical authentication and verification
US5109427A (en) * 1989-11-13 1992-04-28 Goldstar Co., Ltd. Fingerprint recognition device using a hologram
US5109428A (en) * 1988-12-06 1992-04-28 Fujitsu Ltd Minutia data extraction in fingerprint identification
US5144680A (en) * 1985-03-01 1992-09-01 Mitsubishi Denki Kabushiki Kaisha Individual identification recognition system
US5146102A (en) * 1990-02-22 1992-09-08 Kabushiki Kaisha Toshiba Fingerprint image input apparatus including a cylindrical lens
US5168520A (en) * 1984-11-30 1992-12-01 Security Dynamics Technologies, Inc. Method and apparatus for personal identification
US5180901A (en) * 1990-05-21 1993-01-19 Kabushiki Kaisha Toshiba IC card with individual authentication function
US5191611A (en) * 1989-04-03 1993-03-02 Lang Gerald S Method and apparatus for protecting material on storage media and for transferring material on storage media to various recipients
US5210588A (en) * 1990-11-17 1993-05-11 Goldstar Co., Ltd. Fingerprint identification apparatus for enhancing identification performance by forming an illumination source and a light conducting panel in a single body
US5210797A (en) * 1989-10-30 1993-05-11 Kokusan Kinzoku Kogyo Kabushiki Kaisha Adaptive dictionary for a fingerprint recognizer
US5222152A (en) * 1991-11-19 1993-06-22 Digital Biometrics, Inc. Portable fingerprint scanning apparatus for identification verification
US5224173A (en) * 1991-10-29 1993-06-29 Kuhns Roger J Method of reducing fraud in connection with employment, public license applications, social security, food stamps, welfare or other government benefits
US5224164A (en) * 1990-05-22 1993-06-29 Peter Elsner Method and apparatus for transliterating messages
US5229764A (en) * 1991-06-20 1993-07-20 Matchett Noel D Continuous biometric authentication matrix
US5230025A (en) * 1990-08-31 1993-07-20 Digital Biometrics, Inc. Method and apparatus for capturing skin print images
US5239583A (en) * 1991-04-10 1993-08-24 Parrillo Larry A Method and apparatus for improved security using access codes
US5241606A (en) * 1990-10-11 1993-08-31 Matsushita Electric Industrial Co., Ltd. Person identification apparatus
US5251259A (en) * 1992-08-20 1993-10-05 Mosley Ernest D Personal identification system
US5265162A (en) * 1990-01-16 1993-11-23 George Bush Portable pin card
US5274695A (en) * 1991-01-11 1993-12-28 U.S. Sprint Communications Company Limited Partnership System for verifying the identity of a caller in a telecommunications network
US5276314A (en) * 1992-04-03 1994-01-04 International Business Machines Corporation Identity verification system resistant to compromise by observation of its use
US5280527A (en) * 1992-04-14 1994-01-18 Kamahira Safe Co., Inc. Biometric token for authorizing access to a host system
US5321242A (en) * 1991-12-09 1994-06-14 Brinks, Incorporated Apparatus and method for controlled access to a secured location
US5325442A (en) * 1990-05-18 1994-06-28 U.S. Philips Corporation Fingerprint sensing device and recognition system having predetermined electrode activation
US5335288A (en) * 1992-02-10 1994-08-02 Faulkner Keith W Apparatus and method for biometric identification
US5343529A (en) * 1993-09-28 1994-08-30 Milton Goldfine Transaction authentication using a centrally generated transaction identifier
US5351303A (en) * 1993-02-25 1994-09-27 Willmore Michael R Infra-red imaging and pattern recognition system
US5354974A (en) * 1992-11-24 1994-10-11 Base 10 Systems, Inc. Automatic teller system and method of operating same
US5359669A (en) * 1992-04-13 1994-10-25 Motorola, Inc. Remote retinal scan identifier
US5383113A (en) * 1991-07-25 1995-01-17 Checkfree Corporation System and method for electronically providing customer services including payment of bills, financial analysis and loans
US5386104A (en) * 1993-11-08 1995-01-31 Ncr Corporation System and method for detecting user fraud in automated teller machine transactions
US5412738A (en) * 1992-08-11 1995-05-02 Istituto Trentino Di Cultura Recognition system, particularly for recognising people
US5465303A (en) * 1993-11-12 1995-11-07 Aeroflex Systems Corporation Automated fingerprint classification/identification system and method
US5485510A (en) * 1992-09-29 1996-01-16 At&T Corp. Secure credit/debit card authorization
US5499288A (en) * 1990-05-15 1996-03-12 Voice Control Systems, Inc. Simultaneous voice recognition and verification to allow access to telephone network services
US5546471A (en) * 1994-10-28 1996-08-13 The National Registry, Inc. Ergonomic fingerprint reader apparatus
US5546523A (en) * 1995-04-13 1996-08-13 Gatto; James G. Electronic fund transfer system
US5561718A (en) * 1992-01-17 1996-10-01 U.S. Philips Corporation Classifying faces
US5604802A (en) * 1993-10-29 1997-02-18 International Business Machines Corporation Transaction processing system
US5613012A (en) * 1994-11-28 1997-03-18 Smarttouch, Llc. Tokenless identification system for authorization of electronic transactions and electronic transmissions
US5615277A (en) * 1994-11-28 1997-03-25 Hoffman; Ned Tokenless security system for authorizing access to a secured computer system
US5636282A (en) * 1994-06-20 1997-06-03 Paradyne Corporation Method for dial-in access security using a multimedia modem
US5719950A (en) * 1994-03-24 1998-02-17 Minnesota Mining And Manufacturing Company Biometric, personal authentication system
US5745555A (en) * 1994-08-05 1998-04-28 Smart Tone Authentication, Inc. System and method using personal identification numbers and associated prompts for controlling unauthorized use of a security device and unauthorized access to a resource
US5757917A (en) * 1995-11-01 1998-05-26 First Virtual Holdings Incorporated Computerized payment system for purchasing goods and services on the internet
US5764789A (en) * 1994-11-28 1998-06-09 Smarttouch, Llc Tokenless biometric ATM access system
US5802199A (en) * 1994-11-28 1998-09-01 Smarttouch, Llc Use sensitive identification system
US5805719A (en) * 1994-11-28 1998-09-08 Smarttouch Tokenless identification of individuals
US5826245A (en) * 1995-03-20 1998-10-20 Sandberg-Diment; Erik Providing verification information for a transaction
US5870723A (en) * 1994-11-28 1999-02-09 Pare, Jr.; David Ferrin Tokenless biometric transaction authorization method and system
US5892824A (en) * 1996-01-12 1999-04-06 International Verifact Inc. Signature capture/verification systems and methods
US5930804A (en) * 1997-06-09 1999-07-27 Philips Electronics North America Corporation Web-based biometric authentication system and method
US5933515A (en) * 1996-07-25 1999-08-03 California Institute Of Technology User identification through sequential input of fingerprints
US5956700A (en) * 1994-06-03 1999-09-21 Midwest Payment Systems System and method for paying bills and other obligations including selective payor and payee controls
US6016476A (en) * 1997-08-11 2000-01-18 International Business Machines Corporation Portable information and transaction processing system and method utilizing biometric authorization and digital certificate security
US6023688A (en) * 1997-11-28 2000-02-08 Diebold, Incorporated Transaction apparatus and method that identifies an authorized user by appearance and voice
US6028950A (en) * 1999-02-10 2000-02-22 The National Registry, Inc. Fingerprint controlled set-top box
US6041309A (en) * 1998-09-25 2000-03-21 Oneclip.Com, Incorporated Method of and system for distributing and redeeming electronic coupons
US6040783A (en) * 1995-05-08 2000-03-21 Image Data, Llc System and method for remote, wireless positive identity verification
US6105010A (en) * 1997-05-09 2000-08-15 Gte Service Corporation Biometric certifying authorities
US6202151B1 (en) * 1997-05-09 2001-03-13 Gte Service Corporation System and method for authenticating electronic transactions using biometric certificates
US6269348B1 (en) * 1994-11-28 2001-07-31 Veristar Corporation Tokenless biometric electronic debit and credit transactions
US20010034837A1 (en) * 1997-12-23 2001-10-25 Arcot Systems, Inc. Method and apparatus for secure distribution of authentication credentials to roaming users
US6310966B1 (en) * 1997-05-09 2001-10-30 Gte Service Corporation Biometric certificates

Family Cites Families (148)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US3639905A (en) * 1970-11-27 1972-02-01 Omron Tateisi Electronics Co Credit card system having means for sensing if object is living
US3876864A (en) * 1973-12-11 1975-04-08 Diebold Inc Teller-assisted currency dispenser system
US3975711A (en) 1974-08-30 1976-08-17 Sperry Rand Corporation Real time fingerprint recording terminal
US3943335A (en) * 1974-09-03 1976-03-09 Diebold, Incorporated Automatic banking equipment
US4151512A (en) * 1976-09-10 1979-04-24 Rockwell International Corporation Automatic pattern processing system
US4048618A (en) 1976-11-24 1977-09-13 The Raymond Lee Organization, Inc. Method of identifying a check signer
US4213038A (en) 1976-12-20 1980-07-15 Johnson Everett A Access security system
JPS5936860B2 (en) 1977-08-30 1984-09-06 日立電線株式会社 Method for producing crosslinked polyolefin extrusion molded products
US4322163A (en) * 1977-10-25 1982-03-30 Fingermatrix Inc. Finger identification
US4227805A (en) 1978-01-25 1980-10-14 Michael Schiller Finger identification apparatus and method
US4208651A (en) * 1978-05-30 1980-06-17 Sperry Corporation Fingerprint identification by ridge angle and minutiae recognition
CA1087735A (en) * 1978-07-28 1980-10-14 Szymon Szwarcbier Process and apparatus for positive identification of customers
US4358677A (en) 1980-05-22 1982-11-09 Siemens Corporation Transducer for fingerprints and apparatus for analyzing fingerprints
US4353056A (en) 1980-06-05 1982-10-05 Siemens Corporation Capacitive fingerprint sensor
US4544267A (en) 1980-11-25 1985-10-01 Fingermatrix, Inc. Finger identification
SE425704B (en) * 1981-03-18 1982-10-25 Loefberg Bo DATABERARE
JPS57212851A (en) 1981-06-25 1982-12-27 Nec Corp User admitting system
US4429413A (en) * 1981-07-30 1984-01-31 Siemens Corporation Fingerprint sensor
US4752966A (en) * 1982-03-26 1988-06-21 Fingermatrix, Inc. Fingerprint identification system
GB2146815A (en) * 1983-09-17 1985-04-24 Ibm Electronic fund transfer systems
US4537484A (en) 1984-01-30 1985-08-27 Identix Incorporated Fingerprint imaging apparatus
US4699149A (en) 1984-03-20 1987-10-13 Joseph Rice Apparatus for the identification of individuals
US4649563A (en) * 1984-04-02 1987-03-10 R L Associates Method of and means for accessing computerized data bases utilizing a touch-tone telephone instrument
US4618988A (en) 1984-07-25 1986-10-21 Fingermatrix, Inc. Matcher
US4728186A (en) * 1985-03-03 1988-03-01 Fujitsu Limited Uneven-surface data detection apparatus
GB2174831B (en) * 1985-04-22 1988-12-14 Quantum Fund Ltd The Skin-pattern recognition method and device
DK155242C (en) 1985-05-02 1989-07-31 Jydsk Telefon As METHOD AND APPARATUS FOR AUTOMATIC DETECTION OF FINGERPRINT
US4696046A (en) 1985-08-02 1987-09-22 Fingermatrix, Inc. Matcher
US4720869A (en) * 1986-02-18 1988-01-19 International Business Machines Corporation Hand dimension verification
ATE78353T1 (en) 1986-05-07 1992-08-15 Brendan David Costello METHOD AND DEVICE FOR DETERMINING IDENTITY.
USD298536S (en) 1986-06-13 1988-11-15 Mastercard International, Inc. Credit card verification terminal
US4845636A (en) 1986-10-17 1989-07-04 Walker Mark E Remote transaction system
US4790564A (en) 1987-02-20 1988-12-13 Morpho Systemes Automatic fingerprint identification system including processes and apparatus for matching fingerprints
US4868376A (en) 1987-05-15 1989-09-19 Smartcard International Inc. Intelligent portable interactive personal data system
US5145102A (en) 1987-07-20 1992-09-08 Fuji Photo Film Co., Ltd. Method of splicing metal webs
US5025372A (en) * 1987-09-17 1991-06-18 Meridian Enterprises, Inc. System and method for administration of incentive award program through use of credit
US5146568A (en) * 1988-09-06 1992-09-08 Digital Equipment Corporation Remote bootstrapping a node over communication link by initially requesting remote storage access program which emulates local disk to load other programs
EP0359554B1 (en) 1988-09-16 1994-11-17 Fujitsu Limited Biological object detecting system and fingerprint collating system employing same
US4946276A (en) 1988-09-23 1990-08-07 Fingermatrix, Inc. Full roll fingerprint apparatus
CA2003131C (en) * 1988-11-25 1998-06-23 Seigo Igaki Biological object detection apparatus
US5073950A (en) 1989-04-13 1991-12-17 Personnel Identification & Entry Access Control, Inc. Finger profile identification system
US5621812A (en) * 1989-05-01 1997-04-15 Credit Verification Corporation Method and system for building a database for use with selective incentive marketing in response to customer shopping histories
US5056019A (en) 1989-08-29 1991-10-08 Citicorp Pos Information Servies, Inc. Automated purchase reward accounting system and method
KR920002928B1 (en) * 1989-11-28 1992-04-10 한국과학기술연구원 Finger print recognition method
US5103486A (en) * 1990-04-19 1992-04-07 Grippi Victor J Fingerprint/signature synthesis
US5517558A (en) * 1990-05-15 1996-05-14 Voice Control Systems, Inc. Voice-controlled account access over a telephone network
US5161204A (en) 1990-06-04 1992-11-03 Neuristics, Inc. Apparatus for generating a feature matrix based on normalized out-class and in-class variation matrices
US5267324A (en) 1990-07-05 1993-11-30 Ezel, Inc. Image comparison method
US5054090A (en) 1990-07-20 1991-10-01 Knight Arnold W Fingerprint correlation system with parallel FIFO processor
CA2059078C (en) 1991-02-27 1995-10-03 Alexander G. Fraser Mediation of transactions by a communications system
WO1992017975A1 (en) 1991-03-26 1992-10-15 Litle & Co. Confirming identity of telephone caller
GB9201949D0 (en) * 1992-01-30 1992-03-18 Jenkin Michael Large-scale,touch-sensitive video display
JPH0758234B2 (en) 1992-04-16 1995-06-21 株式会社エニックス Semiconductor matrix type fine surface pressure distribution sensor
US5400662A (en) * 1992-04-17 1995-03-28 Enix Corporation Matrix type surface pressure distribution detecting element
USD340919S (en) 1992-05-18 1993-11-02 Goldstar Electric Machinery Company, Limited Credit authorization terminal
EP0581421B1 (en) 1992-07-20 2003-01-15 Compaq Computer Corporation Method and system for certificate based alias detection
EP0598469A3 (en) 1992-10-27 1996-07-10 Daniel P Dunlevy Interactive credit card fraud control process.
US5484988A (en) * 1992-11-13 1996-01-16 Resource Technology Services, Inc. Checkwriting point of sale system
US5371797A (en) 1993-01-19 1994-12-06 Bellsouth Corporation Secure electronic funds transfer from telephone or unsecured terminal
US5466919A (en) * 1993-04-02 1995-11-14 Hovakimian; Henry Credit/charge card system enabling purchasers to contribute to selected charities
JP2759309B2 (en) * 1993-04-21 1998-05-28 株式会社松村エレクトロニクス Fingerprint matching method
US5677989A (en) 1993-04-30 1997-10-14 Lucent Technologies Inc. Speaker verification system and process
JP3647885B2 (en) 1993-05-07 2005-05-18 日本電信電話株式会社 Image processing device
US5794207A (en) 1996-09-04 1998-08-11 Walker Asset Management Limited Partnership Method and apparatus for a cryptographically assisted commercial network system designed to facilitate buyer-driven conditional purchase offers
US5416573A (en) * 1993-09-10 1995-05-16 Indentix Incorporated Apparatus for producing fingerprint images which are substantially free of artifacts attributable to moisture on the finger being imaged
JP2821348B2 (en) 1993-10-21 1998-11-05 日本電気ソフトウェア株式会社 Fingerprint collation device
US5371794A (en) 1993-11-02 1994-12-06 Sun Microsystems, Inc. Method and apparatus for privacy and authentication in wireless networks
US5613102A (en) * 1993-11-30 1997-03-18 Lucent Technologies Inc. Method of compressing data for use in performing VLSI mask layout verification
US5578808A (en) 1993-12-22 1996-11-26 Datamark Services, Inc. Data card that can be used for transactions involving separate card issuers
US5457747A (en) 1994-01-14 1995-10-10 Drexler Technology Corporation Anti-fraud verification system using a data card
US5986746A (en) 1994-02-18 1999-11-16 Imedge Technology Inc. Topographical object detection system
US5655116A (en) 1994-02-28 1997-08-05 Lucent Technologies Inc. Apparatus and methods for retrieving information
US5650217A (en) 1994-03-15 1997-07-22 Repro-Tronics, Inc. Tactile image enhancer
US5748780A (en) * 1994-04-07 1998-05-05 Stolfo; Salvatore J. Method and apparatus for imaging, image processing and data compression
US5572597A (en) 1994-03-29 1996-11-05 Loral Corporation Fingerprint classification system
US5598474A (en) * 1994-03-29 1997-01-28 Neldon P Johnson Process for encrypting a fingerprint onto an I.D. card
BE1008372A3 (en) 1994-04-19 1996-04-02 Materialise Nv METHOD FOR MANUFACTURING A perfected MEDICAL MODEL BASED ON DIGITAL IMAGE INFORMATION OF A BODY.
US5594806A (en) * 1994-06-20 1997-01-14 Personnel Identification & Entry Access Control, Inc. Knuckle profile indentity verification system
US5469506A (en) 1994-06-27 1995-11-21 Pitney Bowes Inc. Apparatus for verifying an identification card and identifying a person by means of a biometric characteristic
US5533123A (en) 1994-06-28 1996-07-02 National Semiconductor Corporation Programmable distributed personal security
US5544255A (en) * 1994-08-31 1996-08-06 Peripheral Vision Limited Method and system for the capture, storage, transport and authentication of handwritten signatures
US5826241A (en) 1994-09-16 1998-10-20 First Virtual Holdings Incorporated Computerized system for making payments and authenticating transactions over the internet
US5659626A (en) 1994-10-20 1997-08-19 Calspan Corporation Fingerprint identification system
US6012039A (en) * 1994-11-28 2000-01-04 Smarttouch, Inc. Tokenless biometric electronic rewards system
US6154879A (en) 1994-11-28 2000-11-28 Smarttouch, Inc. Tokenless biometric ATM access system
US6397198B1 (en) * 1994-11-28 2002-05-28 Indivos Corporation Tokenless biometric electronic transactions using an audio signature to identify the transaction processor
US6366682B1 (en) * 1994-11-28 2002-04-02 Indivos Corporation Tokenless electronic transaction system
US6230148B1 (en) * 1994-11-28 2001-05-08 Veristar Corporation Tokenless biometric electric check transaction
US6192142B1 (en) * 1994-11-28 2001-02-20 Smarttouch, Inc. Tokenless biometric electronic stored value transactions
US6950810B2 (en) * 1994-11-28 2005-09-27 Indivos Corporation Tokenless biometric electronic financial transactions via a third party identicator
US6029195A (en) * 1994-11-29 2000-02-22 Herz; Frederick S. M. System for customized electronic identification of desirable objects
US5513272A (en) * 1994-12-05 1996-04-30 Wizards, Llc System for verifying use of a credit/identification card including recording of physical attributes of unauthorized users
JP2937046B2 (en) 1994-12-26 1999-08-23 日本電気株式会社 Fingerprint image input device
US5825907A (en) 1994-12-28 1998-10-20 Lucent Technologies Inc. Neural network system for classifying fingerprints
US5647364A (en) 1995-02-15 1997-07-15 Ultra-Scan Corporation Ultrasonic biometric imaging and identity verification system
USD367044S (en) * 1995-02-24 1996-02-13 Verifone Inc. Transaction terminal console
US5602933A (en) * 1995-03-15 1997-02-11 Scientific-Atlanta, Inc. Method and apparatus for verification of remotely accessed data
US5577120A (en) 1995-05-01 1996-11-19 Lucent Technologies Inc. Method and apparatus for restrospectively identifying an individual who had engaged in a commercial or retail transaction or the like
US5657389A (en) 1995-05-08 1997-08-12 Image Data, Llc Positive identification system and method
US6070141A (en) * 1995-05-08 2000-05-30 Image Data, Llc System and method of assessing the quality of an identification transaction using an identificaion quality score
US5943235A (en) 1995-09-27 1999-08-24 3D Systems, Inc. Rapid prototyping system and method with support region data processing
FR2739977B1 (en) 1995-10-17 1998-01-23 France Telecom MONOLITHIC FINGERPRINT SENSOR
US5943423A (en) 1995-12-15 1999-08-24 Entegrity Solutions Corporation Smart token system for secure electronic transactions and identification
US5790668A (en) 1995-12-19 1998-08-04 Mytec Technologies Inc. Method and apparatus for securely handling data in a database of biometrics and associated data
US5841888A (en) 1996-01-23 1998-11-24 Harris Corporation Method for fingerprint indexing and searching
US5822737A (en) 1996-02-05 1998-10-13 Ogram; Mark E. Financial transaction system
USD397682S (en) 1996-02-21 1998-09-01 Kanda Tsushin Kogyo Co., Ltd. Portable credit card reader
US5850442A (en) 1996-03-26 1998-12-15 Entegrity Solutions Corporation Secure world wide electronic commerce over an open network
US5787187A (en) 1996-04-01 1998-07-28 Sandia Corporation Systems and methods for biometric identification using the acoustic properties of the ear canal
US6011858A (en) * 1996-05-10 2000-01-04 Biometric Tracking, L.L.C. Memory card having a biometric template stored thereon and system for using same
US6023783A (en) * 1996-05-15 2000-02-08 California Institute Of Technology Hybrid concatenated codes and iterative decoding
US5892838A (en) * 1996-06-11 1999-04-06 Minnesota Mining And Manufacturing Company Biometric recognition using a classification neural network
US5636038A (en) 1996-06-24 1997-06-03 Lynt; Ingrid H. Apparatus for converting visual images into tactile representations for use by a person who is visually impaired
US5848400A (en) 1996-07-01 1998-12-08 Sun Microsystems, Inc. Electronic check exchange, clearing and settlement system
US5876926A (en) * 1996-07-23 1999-03-02 Beecham; James E. Method, apparatus and system for verification of human medical data
US6266640B1 (en) 1996-08-06 2001-07-24 Dialogic Corporation Data network with voice verification means
US5770849A (en) 1996-08-23 1998-06-23 Motorola, Inc. Smart card device with pager and visual image display
US6268788B1 (en) 1996-11-07 2001-07-31 Litronic Inc. Apparatus and method for providing an authentication system based on biometrics
US6145738A (en) * 1997-02-06 2000-11-14 Mr. Payroll Corporation Method and apparatus for automatic check cashing
US6111977A (en) 1997-04-17 2000-08-29 Cross Match Technologies, Inc. Hand-held fingerprint recognition and transmission device
US6208746B1 (en) * 1997-05-09 2001-03-27 Gte Service Corporation Biometric watermarks
US5982914A (en) 1997-07-29 1999-11-09 Smarttouch, Inc. Identification of individuals from association of finger pores and macrofeatures
US6119096A (en) 1997-07-31 2000-09-12 Eyeticket Corporation System and method for aircraft passenger check-in and boarding using iris recognition
US5910988A (en) 1997-08-27 1999-06-08 Csp Holdings, Inc. Remote image capture with centralized processing and storage
US5991372A (en) 1997-09-02 1999-11-23 Northern Telecom Limited Method and apparatus for facilitating financial transactions within a communications system
US6073840A (en) 1997-09-26 2000-06-13 Gilbarco Inc. Fuel dispensing and retail system providing for transponder prepayment
USD400191S (en) 1997-10-15 1998-10-27 Motorola, Inc. Point-of-sale card reader
US6072894A (en) 1997-10-17 2000-06-06 Payne; John H. Biometric face recognition for applicant screening
US6084967A (en) 1997-10-29 2000-07-04 Motorola, Inc. Radio telecommunication device and method of authenticating a user with a voice authentication token
IL122230A (en) 1997-11-17 2003-12-10 Milsys Ltd Biometric system and techniques suitable therefor
US6233565B1 (en) * 1998-02-13 2001-05-15 Saranac Software, Inc. Methods and apparatus for internet based financial transactions with evidence of payment
US6233618B1 (en) * 1998-03-31 2001-05-15 Content Advisor, Inc. Access control of networked data
US6154727A (en) 1998-04-15 2000-11-28 Cyberhealth, Inc. Visit verification
US6052675A (en) * 1998-04-21 2000-04-18 At&T Corp. Method and apparatus for preauthorizing credit card type transactions
US6275944B1 (en) 1998-04-30 2001-08-14 International Business Machines Corporation Method and system for single sign on using configuration directives with respect to target types
US6219439B1 (en) * 1998-07-09 2001-04-17 Paul M. Burger Biometric authentication system
JP4031112B2 (en) 1998-07-23 2008-01-09 富士通株式会社 Passport transaction apparatus, passport transaction method and passport transaction system
US6522772B1 (en) * 1998-09-30 2003-02-18 Ncr Corporation Self-service checkout terminal having a biometric sensing device for verifying identity of a user and associated method
US20010011247A1 (en) 1998-10-02 2001-08-02 O'flaherty Kenneth W. Privacy-enabled loyalty card system and method
US6260024B1 (en) 1998-12-02 2001-07-10 Gary Shkedy Method and apparatus for facilitating buyer-driven purchase orders on a commercial network system
US20010000045A1 (en) * 1998-12-09 2001-03-15 Yuan-Pin Yu Web-based, biometric authentication system and method
US6327578B1 (en) 1998-12-29 2001-12-04 International Business Machines Corporation Four-party credit/debit payment protocol
US6256737B1 (en) 1999-03-09 2001-07-03 Bionetrix Systems Corporation System, method and computer program product for allowing access to enterprise resources using biometric devices
US6496107B1 (en) 1999-07-23 2002-12-17 Richard B. Himmelstein Voice-controlled vehicle control system
US7236596B2 (en) 2000-02-07 2007-06-26 Mikos, Ltd. Digital imaging system for evidentiary use
US7133792B2 (en) 2000-06-08 2006-11-07 Ensign Holdings, Llc Method and apparatus for calibration over time of histological and physiological biometric markers for authentication
US7269737B2 (en) * 2001-09-21 2007-09-11 Pay By Touch Checking Resources, Inc. System and method for biometric authorization for financial transactions
US7152787B2 (en) 2005-04-15 2006-12-26 Beacon Communications Kk Handheld system and method for age verification

Patent Citations (83)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4321672A (en) * 1979-11-26 1982-03-23 Braun Edward L Financial data processing system
US4390968A (en) * 1980-12-30 1983-06-28 Honeywell Information Systems Inc. Automated bank transaction security system
US4484328A (en) * 1981-08-03 1984-11-20 Schlafly Hubert J Television line multiplexed data communication system
US4675815A (en) * 1983-02-18 1987-06-23 Fujitsu Limited Transaction safety system for falsely indicating successful completion of illegal transaction
US4926480A (en) * 1983-08-22 1990-05-15 David Chaum Card-computer moderated systems
US4734858A (en) * 1983-12-05 1988-03-29 Portel Services Network, Inc. Data terminal and system for placing orders
US4734858B1 (en) * 1983-12-05 1997-02-11 Portel Services Network Inc Data terminal and system for placing orders
US5168520A (en) * 1984-11-30 1992-12-01 Security Dynamics Technologies, Inc. Method and apparatus for personal identification
US4998279A (en) * 1984-11-30 1991-03-05 Weiss Kenneth P Method and apparatus for personal verification utilizing nonpredictable codes and biocharacteristics
US5144680A (en) * 1985-03-01 1992-09-01 Mitsubishi Denki Kabushiki Kaisha Individual identification recognition system
US4995086A (en) * 1986-05-06 1991-02-19 Siemens Aktiengesellschaft Arrangement and procedure for determining the authorization of individuals by verifying their fingerprints
US4799156A (en) * 1986-10-01 1989-01-17 Strategic Processing Corporation Interactive market management system
US4821118A (en) * 1986-10-09 1989-04-11 Advanced Identification Systems, Inc. Video image system for personal identification
US4837422A (en) * 1987-09-08 1989-06-06 Juergen Dethloff Multi-user card system
US4961142A (en) * 1988-06-29 1990-10-02 Mastercard International, Inc. Multi-issuer transaction device with individual identification verification plug-in application modules for each issuer
US4947028A (en) * 1988-07-19 1990-08-07 Arbor International, Inc. Automated order and payment system
US4947028B1 (en) * 1988-07-19 1993-06-08 U S Order Inc
US5109428A (en) * 1988-12-06 1992-04-28 Fujitsu Ltd Minutia data extraction in fingerprint identification
US5054089A (en) * 1988-12-29 1991-10-01 Kabushiki Kaisha Toshiba Individual identification apparatus
US5191611A (en) * 1989-04-03 1993-03-02 Lang Gerald S Method and apparatus for protecting material on storage media and for transferring material on storage media to various recipients
US5095194A (en) * 1989-10-12 1992-03-10 Joseph Barbanell Holographic credit card with automatical authentication and verification
US5210797A (en) * 1989-10-30 1993-05-11 Kokusan Kinzoku Kogyo Kabushiki Kaisha Adaptive dictionary for a fingerprint recognizer
US5109427A (en) * 1989-11-13 1992-04-28 Goldstar Co., Ltd. Fingerprint recognition device using a hologram
US4993068A (en) * 1989-11-27 1991-02-12 Motorola, Inc. Unforgeable personal identification system
US5265162A (en) * 1990-01-16 1993-11-23 George Bush Portable pin card
US5146102A (en) * 1990-02-22 1992-09-08 Kabushiki Kaisha Toshiba Fingerprint image input apparatus including a cylindrical lens
US5499288A (en) * 1990-05-15 1996-03-12 Voice Control Systems, Inc. Simultaneous voice recognition and verification to allow access to telephone network services
US5036461A (en) * 1990-05-16 1991-07-30 Elliott John C Two-way authentication system between user's smart card and issuer-specific plug-in application modules in multi-issued transaction device
US5325442A (en) * 1990-05-18 1994-06-28 U.S. Philips Corporation Fingerprint sensing device and recognition system having predetermined electrode activation
US5180901A (en) * 1990-05-21 1993-01-19 Kabushiki Kaisha Toshiba IC card with individual authentication function
US5224164A (en) * 1990-05-22 1993-06-29 Peter Elsner Method and apparatus for transliterating messages
US5230025A (en) * 1990-08-31 1993-07-20 Digital Biometrics, Inc. Method and apparatus for capturing skin print images
US5241606A (en) * 1990-10-11 1993-08-31 Matsushita Electric Industrial Co., Ltd. Person identification apparatus
US5210588A (en) * 1990-11-17 1993-05-11 Goldstar Co., Ltd. Fingerprint identification apparatus for enhancing identification performance by forming an illumination source and a light conducting panel in a single body
US5274695A (en) * 1991-01-11 1993-12-28 U.S. Sprint Communications Company Limited Partnership System for verifying the identity of a caller in a telecommunications network
US5239583A (en) * 1991-04-10 1993-08-24 Parrillo Larry A Method and apparatus for improved security using access codes
US5229764A (en) * 1991-06-20 1993-07-20 Matchett Noel D Continuous biometric authentication matrix
US5383113A (en) * 1991-07-25 1995-01-17 Checkfree Corporation System and method for electronically providing customer services including payment of bills, financial analysis and loans
US5224173A (en) * 1991-10-29 1993-06-29 Kuhns Roger J Method of reducing fraud in connection with employment, public license applications, social security, food stamps, welfare or other government benefits
US5222152A (en) * 1991-11-19 1993-06-22 Digital Biometrics, Inc. Portable fingerprint scanning apparatus for identification verification
US5321242A (en) * 1991-12-09 1994-06-14 Brinks, Incorporated Apparatus and method for controlled access to a secured location
US5561718A (en) * 1992-01-17 1996-10-01 U.S. Philips Corporation Classifying faces
US5335288A (en) * 1992-02-10 1994-08-02 Faulkner Keith W Apparatus and method for biometric identification
US5276314A (en) * 1992-04-03 1994-01-04 International Business Machines Corporation Identity verification system resistant to compromise by observation of its use
US5359669A (en) * 1992-04-13 1994-10-25 Motorola, Inc. Remote retinal scan identifier
US5280527A (en) * 1992-04-14 1994-01-18 Kamahira Safe Co., Inc. Biometric token for authorizing access to a host system
US5412738A (en) * 1992-08-11 1995-05-02 Istituto Trentino Di Cultura Recognition system, particularly for recognising people
US5251259A (en) * 1992-08-20 1993-10-05 Mosley Ernest D Personal identification system
US5485510A (en) * 1992-09-29 1996-01-16 At&T Corp. Secure credit/debit card authorization
US5354974A (en) * 1992-11-24 1994-10-11 Base 10 Systems, Inc. Automatic teller system and method of operating same
US5351303A (en) * 1993-02-25 1994-09-27 Willmore Michael R Infra-red imaging and pattern recognition system
US5343529A (en) * 1993-09-28 1994-08-30 Milton Goldfine Transaction authentication using a centrally generated transaction identifier
US5604802A (en) * 1993-10-29 1997-02-18 International Business Machines Corporation Transaction processing system
US5386104A (en) * 1993-11-08 1995-01-31 Ncr Corporation System and method for detecting user fraud in automated teller machine transactions
US5465303A (en) * 1993-11-12 1995-11-07 Aeroflex Systems Corporation Automated fingerprint classification/identification system and method
US5719950A (en) * 1994-03-24 1998-02-17 Minnesota Mining And Manufacturing Company Biometric, personal authentication system
US5956700A (en) * 1994-06-03 1999-09-21 Midwest Payment Systems System and method for paying bills and other obligations including selective payor and payee controls
US5636282A (en) * 1994-06-20 1997-06-03 Paradyne Corporation Method for dial-in access security using a multimedia modem
US5745555A (en) * 1994-08-05 1998-04-28 Smart Tone Authentication, Inc. System and method using personal identification numbers and associated prompts for controlling unauthorized use of a security device and unauthorized access to a resource
US5546471A (en) * 1994-10-28 1996-08-13 The National Registry, Inc. Ergonomic fingerprint reader apparatus
US5613012A (en) * 1994-11-28 1997-03-18 Smarttouch, Llc. Tokenless identification system for authorization of electronic transactions and electronic transmissions
US6269348B1 (en) * 1994-11-28 2001-07-31 Veristar Corporation Tokenless biometric electronic debit and credit transactions
US5764789A (en) * 1994-11-28 1998-06-09 Smarttouch, Llc Tokenless biometric ATM access system
US5802199A (en) * 1994-11-28 1998-09-01 Smarttouch, Llc Use sensitive identification system
US5805719A (en) * 1994-11-28 1998-09-08 Smarttouch Tokenless identification of individuals
US5838812A (en) * 1994-11-28 1998-11-17 Smarttouch, Llc Tokenless biometric transaction authorization system
US5870723A (en) * 1994-11-28 1999-02-09 Pare, Jr.; David Ferrin Tokenless biometric transaction authorization method and system
US5615277A (en) * 1994-11-28 1997-03-25 Hoffman; Ned Tokenless security system for authorizing access to a secured computer system
US5826245A (en) * 1995-03-20 1998-10-20 Sandberg-Diment; Erik Providing verification information for a transaction
US5546523A (en) * 1995-04-13 1996-08-13 Gatto; James G. Electronic fund transfer system
US6040783A (en) * 1995-05-08 2000-03-21 Image Data, Llc System and method for remote, wireless positive identity verification
US5757917A (en) * 1995-11-01 1998-05-26 First Virtual Holdings Incorporated Computerized payment system for purchasing goods and services on the internet
US5892824A (en) * 1996-01-12 1999-04-06 International Verifact Inc. Signature capture/verification systems and methods
US5933515A (en) * 1996-07-25 1999-08-03 California Institute Of Technology User identification through sequential input of fingerprints
US6105010A (en) * 1997-05-09 2000-08-15 Gte Service Corporation Biometric certifying authorities
US6202151B1 (en) * 1997-05-09 2001-03-13 Gte Service Corporation System and method for authenticating electronic transactions using biometric certificates
US6310966B1 (en) * 1997-05-09 2001-10-30 Gte Service Corporation Biometric certificates
US5930804A (en) * 1997-06-09 1999-07-27 Philips Electronics North America Corporation Web-based biometric authentication system and method
US6016476A (en) * 1997-08-11 2000-01-18 International Business Machines Corporation Portable information and transaction processing system and method utilizing biometric authorization and digital certificate security
US6023688A (en) * 1997-11-28 2000-02-08 Diebold, Incorporated Transaction apparatus and method that identifies an authorized user by appearance and voice
US20010034837A1 (en) * 1997-12-23 2001-10-25 Arcot Systems, Inc. Method and apparatus for secure distribution of authentication credentials to roaming users
US6041309A (en) * 1998-09-25 2000-03-21 Oneclip.Com, Incorporated Method of and system for distributing and redeeming electronic coupons
US6028950A (en) * 1999-02-10 2000-02-22 The National Registry, Inc. Fingerprint controlled set-top box

Cited By (36)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050251688A1 (en) * 1999-05-14 2005-11-10 Nanavati Samir H Identity verification method using a central biometric authority
US7246244B2 (en) 1999-05-14 2007-07-17 Fusionarc, Inc. A Delaware Corporation Identity verification method using a central biometric authority
US20070234067A1 (en) * 1999-05-14 2007-10-04 Fusionarc, Inc. A Delaware Corporation Identity verfication method using a central biometric authority
US7366702B2 (en) 1999-07-30 2008-04-29 Ipass Inc. System and method for secure network purchasing
US20040117321A1 (en) * 1999-07-30 2004-06-17 Sancho Enrique David System and method for secure network purchasing
US20050108177A1 (en) * 1999-07-30 2005-05-19 Sancho Enrique D. System and method for secure network purchasing
US20020073046A1 (en) * 1999-07-30 2002-06-13 David Sancho Enrique System and method for secure network purchasing
US7885899B1 (en) 2000-02-08 2011-02-08 Ipass Inc. System and method for secure network purchasing
US20030061167A1 (en) * 2001-09-21 2003-03-27 Mann William Frederick System for providing cardless payment
US20040254890A1 (en) * 2002-05-24 2004-12-16 Sancho Enrique David System method and apparatus for preventing fraudulent transactions
US10706412B2 (en) 2002-07-09 2020-07-07 Neology, Inc. System and methods for providing secure transactional solutions
US10726414B2 (en) 2002-07-09 2020-07-28 Neology, Inc. System and methods for providing secure transactional solutions
US11663574B2 (en) 2002-07-09 2023-05-30 Neology, Inc. System and method for providing secure identification solutions
US10970716B2 (en) 2002-07-09 2021-04-06 Neology, Inc. System and method for providing secure identification solutions
US10867297B2 (en) 2002-07-09 2020-12-15 Neology, Inc. System and method for providing secure transactional solutions
US10762187B2 (en) 2002-07-09 2020-09-01 Neology, Inc. System and method for providing secure transactional solutions
US10719824B2 (en) 2002-07-09 2020-07-21 Neology, Inc System and method for providing secure transactional solutions
US10445719B2 (en) 2002-07-09 2019-10-15 Neology, Inc. System and method for providing secure identification solutions
US10235513B2 (en) * 2002-07-09 2019-03-19 Neology, Inc. System and method for providing secure identification solutions
US20170094516A1 (en) * 2002-07-09 2017-03-30 Neology, Inc. System and method for providing secure identification solutions
WO2006034584A1 (en) * 2004-09-28 2006-04-06 Doyle Brian J Cashless payment service provision method
US20060080198A1 (en) * 2004-09-28 2006-04-13 Doyle Brian J Cash transaction system
US11288666B1 (en) 2005-02-02 2022-03-29 Edge Mobile Payments Llc System and method for real-time processing of on-line financial transactions using a universal financial token and a remotely located rule-module clearinghouse
US8768838B1 (en) 2005-02-02 2014-07-01 Nexus Payments, LLC Financial transactions using a rule-module nexus and a user account registry
US8639629B1 (en) 2005-02-02 2014-01-28 Nexus Payments, LLC System and method for accessing an online user account registry via a thin-client unique user code
US7458510B1 (en) * 2005-04-19 2008-12-02 Sprint Spectrum L.P. Authentication of automated vending machines by wireless communications devices
US20070257104A1 (en) * 2006-04-24 2007-11-08 Encryptakey, Inc. Portable device and methods for performing secure transactions
US20070282754A1 (en) * 2006-04-24 2007-12-06 Encryptakey, Inc. Systems and methods for performing secure in-person transactions
US7780080B2 (en) * 2006-04-24 2010-08-24 Encryptakey, Inc. Portable device and methods for performing secure transactions
US20080038847A1 (en) * 2006-08-11 2008-02-14 Dongbu Hitek Co., Ltd. Method of forming dummy pattern
US20120116978A1 (en) * 2008-12-23 2012-05-10 Mtn Mobile Money Sa (Pty) Ltd Method of and system for securely processing a transaction
US20110087611A1 (en) * 2009-10-14 2011-04-14 Shyam Chetal Biometric identification and authentication system for financial accounts
US20130173466A1 (en) * 2011-12-28 2013-07-04 Nokia Corporation Method and apparatus for utilizing recognition data in conducting transactions
US8762276B2 (en) * 2011-12-28 2014-06-24 Nokia Corporation Method and apparatus for utilizing recognition data in conducting transactions
US11562353B2 (en) 2015-11-24 2023-01-24 Mastercard International Incorporated Method and system for gross settlement by use of an opaque blockchain
US10003464B1 (en) * 2017-06-07 2018-06-19 Cerebral, Incorporated Biometric identification system and associated methods

Also Published As

Publication number Publication date
US7698567B2 (en) 2010-04-13
US20060107069A1 (en) 2006-05-18

Similar Documents

Publication Publication Date Title
US7698567B2 (en) System and method for tokenless biometric electronic scrip
US6012039A (en) Tokenless biometric electronic rewards system
US6581042B2 (en) Tokenless biometric electronic check transactions
US6192142B1 (en) Tokenless biometric electronic stored value transactions
US6879966B1 (en) Tokenless biometric electronic financial transactions via a third party identicator
US6662166B2 (en) Tokenless biometric electronic debit and credit transactions
US6594376B2 (en) Tokenless electronic transaction system
US7248719B2 (en) Tokenless electronic transaction system
US7624073B1 (en) System and method for categorizing transactions
US7437330B1 (en) System and method for categorizing transactions
US20070119923A1 (en) Biometric authentication
US11288666B1 (en) System and method for real-time processing of on-line financial transactions using a universal financial token and a remotely located rule-module clearinghouse

Legal Events

Date Code Title Description
AS Assignment

Owner name: THE BANK OF NEW YORK, AS COLLATERAL AGENT, TEXAS

Free format text: GRANT OF PATENT SECURITY INTEREST (UNDER THE AMENDED AND RESTATED PATENT SECURITY AGREEMENT);ASSIGNOR:INDIVOS CORPORATION;REEL/FRAME:017176/0427

Effective date: 20060216

STCB Information on status: application discontinuation

Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION