WO2001061662A2

WO2001061662A2 - Accessing information for multiple financial accounts via the internet

Info

Publication number: WO2001061662A2
Application number: PCT/US2001/003130
Authority: WO
Inventors: Michael Carleton; Guido Belcic; Jimmy Hallac; Peter Heydon
Original assignee: Bpass, Inc.
Priority date: 2000-02-14
Filing date: 2001-01-31
Publication date: 2001-08-23
Also published as: AU2001231260A1; WO2001061662A3

Abstract

A system and method is described to access ATM enabled financial accounts over the Internet so that banking customers can consolidate account information among various financial institutions, view account balances and transactions, and transfer funds between accounts over the Internet. The system includes a computing system coupled between the Internet and the ATM network. During operation, the computing system is configured to receive a request from the Internet user to access their ATM enabled accounts. The computing system in response generates an ATM protocol message and passes in onto the ATM network. The bank or financial institution that issued the ATM card then processes the ATM protocol message, just like an ordinary ATM protocol message, and sends a reply back to the computing system. The reply is then converted into an Internet protocol message and provided to the user over the Internet.

Description

ACCESSING INFORMATION FOR MULTIPLE FINANCIAL ACCOUNTS VIA THE INTERNET

The present application claims priority under 35 USC §119(e) from Provisional Application No. 60/182,290, filed February 14, 2000 entitled "Accessing Information for Multiple Financial Accounts Via The Internet", incorporated by reference herein for all purposes.

FIELD OF THE INVENTION

The present invention relates to e-commerce, and more particularly, to a system and method to Internet enable the ATM banking network so that Internet users can register and access their ATM enabled financial accounts, consolidate at one web-site location account information among various banking or financial institutions, view account balances, and transfer funds between accounts, all over the Internet.

BACKGROUND OF THE INVENTION

With the popularity of the Internet, a number of banks now offer on-line banking capabilities. On-line banking allows customers to access their ATM enabled accounts with a particular bank with 24/7 convenience and from virtually any location. On-line banking typically provides a customer with a host of services, including for example: viewing account balances, transfer money between accounts, obtaining transaction records for checking, savings and credit card amounts, obtaining summary information on CD and IRA accounts, pay bills on-line, and download transaction and financial information to a financial management software package residing on the customers computer. In spite of its benefits and conveniences, on-line banking has achieved relatively low penetration among banking customers. In general only the larger banks and a few smaller but more progressive banks currently offer on-line banking services. The majority of banks in the United States, which are typically small to medium size local or regional banks, have not yet made the investment to develop on-line banking capabilities. Furthermore a relatively small number of customers at the banks that do offer on-line banking actually take advantage of this service. Many customers are reluctant to use on-line banking services because these systems are complex, they do not like paying monthly fees or are fearful of exposing their account information and financial records over the Internet. Consequently only a relatively small percentage of bank customers perform on-line banking. In contrast, banks have been much more successful in promoting the use of automated teller machines (ATM's) and ATM cards. The adoption rate of ATM cards is very high among bank customers in the United States. ATM's provide tremendous benefits to both customers and banks. For ATM cardholders, ATM machines allow the customer to withdraw or deposit money into an account, check account balances, and transfer money between accounts at the financial institution that issued the ATM card. Banks prefer customers to use ATM's because electronic transactions are much less expensive to process than those handled in person by a teller for instance.

Even though ATM cards are enormously popular, they do have their drawbacks. Foremost, the cardholder must be physically present at an ATM machine to perform any one of the above-defined transactions. Also the cardholder typically has to pay a transaction fee if they withdraw money from an ATM that does not belong to the financial institution that issued the card. Further a typical cardholder may have several ATM cards each issued by different financial institutions. For example, it is not uncommon for a person to have a first ATM card for a checking and savings account at a local bank, one or more ATM enabled Visa or MasterCard credit/debit cards issued by other banking institutions, and one or more ATM enabled cards for money market and/or stock accounts provided by a brokerage institution. Such a cardholder can access each account only one at a time from an ATM. Currently there is no way for the cardholder to consolidate the financial information from multiple ATM card issuers.

Recently financial aggregate companies have emerged. Several Internet account aggregate web sites that use "screen scraper" and OFX technology allow a bank customer, at least in theory, to consolidate financial accounts among different financial institutions. At these Internet sites, bank customers that have previously registered for on-line banking services at a financial institution are permitted to create a profile including their on-line bank user-name and password with the aggregator. This information is then stored by the aggregator and retrieved by the aggregator to access the on-line accounts each time the user logs on to the aggregator's web site. site. See for example verticalone.com and yodlee.com. A number of problems are associated with these account aggregate web sites, particularly when they are used for providing bank account information. Foremost a relatively small number of banks and financial institutions are Internet enabled. The number of banks and institutions that can provide account information over the Internet is therefore very limited. Also even if a bank is Internet enabled, it may be reluctant to make customer account information available to a screen scraper over the Internet for security reasons. In addition, a relatively small number of bank clients have registered for on-line services. Consequently there is no practical way for bank customers to consolidate their financial account information among different banking institutions over the Internet.

Accordingly a system and method to access ATM enabled financial accounts over the Internet so that banking customers can consolidate account information among various financial institutions, view account balances, and transfer funds between accounts issued by a single banking institution over the Internet is needed.

SUMMARY OF THE INVENTION

The present invention is a system and method to access ATM enabled financial accounts over the Internet so that banking customers can consolidate account information among various financial institutions, view account balances, and transfer funds between accounts over the Internet. The system includes a computing system coupled between the Internet and the ATM network. During operation, the computing system is configured to receive a request from the Internet user to access their ATM enabled accounts. The computing system in response generates an ATM protocol message and passes it onto a shared the ATM network. The ATM network switches the transaction to the bank or financial institution that issued the card. The issuing bank or financial institution then processes the ATM protocol message, just like an ordinary ATM transaction, and sends a reply back to the computing system through the ATM network. The reply is then converted into an Internet protocol message and provided to the user over the Internet. In various embodiments of the invention, the account number and PIN number for each ATM card are secured using either an encryption scheme that enables the Internet user to safely submit this information over a standard ATM machine, the Internet, via a telephone, or using a dynamically generated HTML translation symbol table that includes a randomly generated set of symbols that correspond to the complete set of alpha-numeric values that can possibly be used to define the PIN number for the card. During operation, the user is prompted to enter the symbols that correspond to the actual values of the PIN number. The symbols are then decoded by the computing system to obtain their true values. In yet another embodiment of the invention, ATM card numbers are encrypted and stored in one storage device and the corresponding PIN numbers are encrypted using a second encryption scheme and stored at a second storage device for security purposes. In yet another embodiment, the present invention enables banks and other financial institutions to provide customers with aggregate financial statements including account information from different financial institutions using a variety of delivery channels, including the Internet, email, or monthly statements for example.

BRIEF DESCRIPTION OF THE DRAWINGS

Figure 1 is a block diagram of a system allowing an Internet user to access their ATM enabled financial accounts over the Internet according to one embodiment of the present invention. Figure 2 is a block diagram of another system according to an alternative embodiment of the present invention.

Figure 3 is a diagram of a keystroke table used in yet another embodiment of the present invention.

Figure 4 is a diagram of a database structure containing a record of an Internet user in a database of the system of the present invention.

Figure 5 is a bank meter and a credit card meter for displaying account information according to one embodiment of the present invention.

Figures 6 A through 61 are a series of computer display screen print outs of web pages illustrating the sequence and operation of the present invention from a Internet users perspective.

Figures 7A and 7B are a flow diagram illustrating the operation of the system of the present invention according to one embodiment.

Figure 8 is a diagram of a system for a bank or financial institution to provide aggregate account statements to users according to another embodiment of the present invention. DETAILED DESCRIPTION OF SPECIFIC EMBODIMENTS Referring to Figure 1, a block diagram of a communication infrastructure allowing an Internet user to access their ATM enabled financial accounts over the Internet according to one embodiment of the present invention is shown. The infrastructure 10 includes a computing system 12 coupled between the Internet 14 and an ATM network 16. A plurality of financial institutions such as banks or brokerage houses 18a through 18z are coupled to the computing system 12 through the ATM network 16. The computing system 12 allows an Internet user to access their various accounts at one or more financial institutions 18a - 18z using any one of a plurality of computing devices, such as but not limited to, a personal computer 20, a laptop computer 22, and/or a cell phone or PDA 24 coupled to the Internet 14. In various embodiments, the personal computer 20 and/or laptop 22 can be connected either directly to the Internet 14 using a dial-up modem, Digital Subscriber line (DSL), cable modem, fiber optic interconnect, a wireless service or through an Internet Service Provider (ISP) 26,. Similarly the cell phone or PDA 24 is connected directly to the computing system 12 through wireless infrastructure 28 provided by a wireless service provider as shown or indirectly through the Internet 14.

The computing system 12 includes a web server 30 coupled to the Internet 14 through a firewall 32, two storage devices 34a and 34b for storing a database within the computing system 12, a first hardware encryption device 36, a switch server 38 coupled to the ATM network 16 through another firewall 40, and a second encryption device 42. In one embodiment of the invention, the web server 30 and switch server 38 are UltraSparc servers offered by Sun Microsystems, Inc, of Mountain View, CA. In alternative embodiments, other types of servers running either Unix, Linux, or Windows NT/2000 based operating systems can be used. In yet another alternative embodiment, the switch server 38 can be replaced with an ATM processor. The encryption devices 36 and 42 are for example from Racal Corporation, Sunrise Florida. These devices 36 and 42 are capable of decrypting and encrypting information in hardware, as opposed to software, and are generally safer than software encryption schemes which are more susceptible to being hacked. The only way to access information in a hardware encryption unit is to physically access the internal circuitry of the device. However most of these devices are designed to be tamper-proof, meaning the device becomes inoperable if it is tampered with. In yet other embodiments, all of the elements 30-42 can be maintained by a single information management organization, or in the alternative, one or more of the elements 30-42, such as an ATM processor, can be outsourced to a third party. For example, the switch server 38 can be replaced by an ATM processing server company.

The computing system 12 enables an ATM card holder to access their ATM enabled accounts from either their personal computer 20, lap top 22, or cell phone or PDA 24. The computing system 12 thus Internet enables the existing ATM network infrastructure and extends its delivery channels beyond just ATMs to on-line services, digital cellular services and PDAs. As will be described below, the computing system 12 enables ATM card holders to store account number(s) and personal identification numbers (PINs) from multiple ATM card issuing institutions at one location for the purpose of creating an on-line profile to consolidate financial information and conduct account transactions. Specifically the computing system 12 enables card holders of ATM credit and debit cards to, among other things, safely obtain the balance of deposit and credit accounts and transfer funds between linked accounts over the Internet and without the need to use an ATM machine or ATM cards.

ATM Cards A typical ATM card includes the user's name, card number, and the expiration date of the card, embossed on the front surface. A magnetic stripe is manufactured into the back surface of the card. The stripe typically stores data that is electronically encoded by the financial institution that issues the card. The organization of data encoded on cards is typically defined by ANSI and ISO standards. The data is organized on various tracks within the stripe. Track Two typically contains the primary account number, expire data, service code, and other discretionary data for the card.

One problem confronting financial institutions that issue ATM cards and cardholders alike is security. If an unscrupulous person somehow obtained an ATM card and PIN number, the accounts associated with the card could be accessed without the cardholder's permission. This problem is potentially even more significant in the context of the present invention because to obtain information on the account over the Internet, just the account number and the PIN are needed. The actual ATM card is not required to obtain information on an account. Further since this information is usually submitted by the user and stored in the computing system 12 in electronic form, it is susceptible to being stolen by hackers. According several security feature have been developed to safeguard the account and PIN numbers of ATM cardholders using the present invention.

Security Features The present invention allows the card holder to provide all or a portion of the Track

Two information for an ATM card to the computing system 12 so that this information can be used to access the ATM account, either on demand by the card holder or at times pre- designated by the card holder. The Track Two information, which is stored in the database maintained in the computing system 12, is retrieved, processes into an ATM protocol message, and provided to the ATM network 14 each time the ATM account is to be accessed. This arrangement, however, poises several potential security issues, including the: (i) exposure of the Track Two information when the user provides this information to the computing system 12; and (ii) unauthorized access to the Track Two information while stored in the computing system 12. The present invention contemplates several measures to eliminate or at least significantly reduce the possibility of either of these events from occurring. Several alternative embodiments for securing account and PIN numbers and for maintaining this information securely in the computing system 12 is discussed below.

In a first embodiment for securely obtaining ATM card account and PIN numbers, reference is again made to Figure 1. With this embodiment, users visit the web site application hosted by server 30 on the Internet using a browser enabled for 128 bit SSL encryption and are prompted to create a profile and register their ATM enabled cards. First, users create a username and password. Users are then prompted to enter card information for each card they wish to access. Users are then prompted to enter the corresponding PINs for cards registered. Once the user has entered all required card data the Internet registration process concludes.

The SSL message is passed through the web server 30, and is provided to the encryption device 36 where the entire message is decrypted. The hardware encryption device then passes the card data, in the clear, to the server 38. The PIN is re-encrypted by device 36 and is then stored in the storage device 34b. The server 38 then provides the card data to the second encryption device 42, where it is encrypted using a second encryption scheme and stored in device 34a. scheme, and then stored in device

This arrangement offers a number of benefits. The Track Two information is encrypted when it is transferred to and passed through the web server 30 to the hardware encryption device 36. The account number and PIN number are therefore not in the clear in the web server 30 where it is the most vulnerable within the computing system 12. Furthermore the PIN number is "never in the clear" within the computing system 12. In other words, the PIN number is always encrypted. The account number and the PIN number are also encrypted using different schemes and each is stored separately in two different devices 34a and 34b in the computing system 12. This makes it exceedingly difficult for a hacker to not only obtain both pieces of information, but to decrypt either one or both pieces of information. The aforementioned arrangement is therefore very secure. In an alternative embodiment, the card data can be stored on device 34a in the clear.

Referring to Figure 2, a block diagram of a system for securely obtaining ATM card account and PIN numbers according to an alternative embodiment of the present invention is shown. The system 200 of this embodiment includes the computing system 12 coupled between the ATM network 16 and the Internet 14, a plurality of financial institutions 18a -

18z coupled to the ATM network 16, a personal computer 20 (or laptop 22 pr PDA 24) connected to the Internet 14, and a telephone 202 connected to the computing system 12 through a telephone response unit 204. The computing system 12 contains the same elements 30-40 as described in relation to Figure 1, but are not illustrated or described in detail herein for the sake of simplicity.

With this embodiment, the user is required to first create a profile when signing up and registering for the service. This is accomplished by accessing the web site hosted by the web server 30 and entering a username and password. For each ATM enabled card, the user is prompted to enter the card number, expiration date, type of card, and the bank or financial institution that issued the card. This data is then stored in storage device 34a in a similar manner as described above. The user is purposely directed not to enter the corresponding

PIN number for the cards over the Internet. When the above information is submitted, the web server 30 responds by providing the user with an ID number, a 800 telephone number, and instructions to call the 800 number which connects the user to the telephone response unit 204. These instructions can be provided either by an email or the server 30 can generate a web page that presents this information to the user. When the user calls the telephone response unit 204, the user is prompted to enter the ID number and the PIN number for each card. The PIN number(s) are then stored in database 34b. Again preferably all the user and Track Two information except the PIN numbers are stored in the first storage device 34a either in encrypted form or in the clear and the PIN numbers are encrypted by the hardware encryption device 36 and maintained on separate storage device 34b. In alternative embodiments, the telephone response unit 204 can be a voice recognition unit or it can prompt the user to enter the information using the keypad on the phone. Also the telephone response unit 204 can be programmed to call the user to obtain the PIN number rather than the user calling the machine.

Referring to Figure 3, a diagram of a keystroke encryption table 350 used in yet another embodiment of the present invention is shown. One problem afflicting Internet users today is that hackers have the ability to secretly install over the Internet a program on a user's computer that allows the hacker to monitor the user's computer keystrokes without the user's knowledge. A hacker could therefore steal the user's ATM account and PIN number when the user submits this data to the computing system 12 over the Internet.. The table 350 is designed to eliminate or at least significantly reduce this risk. The table 350 includes a first row 352 of alpha and/or numeric characters and a second row 254 of dynamically generated symbols each corresponding to the alpha and or numeric characters of row 352 respectively. The symbols are randomly generated by the web server 30 so that a different set of symbols appears each time a user attempts to enter any account or PIN data. In the example shown, the alpha and/or numeric characters shown in row 352 are digits (0 through

9). With this embodiment, the server 30 generates the table 350 whenever the user requests to enter their account and/or PIN number. Since the table is dynamically generated, the symbols appearing in row 354 differs each time such a request is made. The user is also provided with text instructions to enter the symbols as they appear in the table 350 corresponding to their account number(s) and PIN numbers rather than the actual digits of these numbers. For example, if the user's PIN number was (2,4,6,8), the user would enter the symbols ($, @, ?, =) from table 350. Once the symbols for the account number(s) and

PIN number(s) and/or account numbers are entered, the server 30 forwards them to the hardware encryption device 36. Again preferably all the user and Track Two information except the PIN numbers are stored in the first storage device 34a either in encrypted form or in the clear and the PIN numbers are encrypted by the hardware encryption device 36 and maintained on separate storage device 34b. Since the sequence of symbols entered by the

Internet user are meaningless without the ability to decode them, the aforementioned problem of a hacker monitoring a user's keystrokes is eliminated or significantly reduced. The number of possible permutations of the table 350 can be very significant as the number of possible symbols used in row 354 increases. For example, if 35 distinct symbols are used, 183,579,396 possible combinations of the table 350 can be generated. Potentially the table 350 can be made even more secure and difficult to hack by adding more symbols or graphics to the symbol set. To do so, the Internet user would need to use the computer's mouse or other input device since the additional symbols would not map to keyboard characters, at least on the keyboards currently found on most computers today. Furthermore, the entered keystroke symbols can be encrypted as described above for additional security.

Referring again to Figure 2, an alternative embodiment for securely obtaining card and PIN data is through the use of ATM machines 44 is shown. With this embodiment, an ATM cardholder will be prompted to register a card for Internet access during a ATM transaction. To register a card at an ATM the cardholder will simply swipe or insert a card and enter the correct PIN when prompted. The information is then forwarded to the computing system 12 by the owner or driver of the ATM machine. The computing system

12 responds by sending a message back to the ATM machine. The cardholder issued a receipt that includes a URL and unique identification number. The information will be used to later complete the registration process on the Internet.

When the cardholder accesses the URL and enters the identification number listed on the receipt, the user prompted to enter the last 4 digits of the registered card for verification.

Upon completion of the verification process the user will be prompted to create a username and password for future access to account information driven by the ATM enabled card.

Users can register additional cards using the same ATM registration process and add them to an existing profile. Once registered, a user can access their ATM enabled accounts in the same manner as described above.Once a user has gone through the sign-up and registration process and has entered the account number and PIN number information for each ATM card, regardless of the technique used, this information is stored in the database and is used to create a user-profile. Subsequently when the user wishes to access their account(s), the user just needs to enter their User password and ID. This prompts the computing system 12 to retrieve the necessary Track Two information from the database to formulate an ATM request to access the account. A user-profile is thus advantageous in situations where a user would: (i) like to avoid typing in their account and PIN numbers every time they access the account information on-line; and/or (ii) like to have their account information automatically downloaded to their PC 20, laptop 22, or cell phone or PDA 24 at pre-designated times. In an alternative embodiment, the user may be required to enter their account and PIN numbers each time they wish to access their ATM accounts. Database Hierarchy

Referring to Figure 4, a diagram of the database hierarchy for storing an Internet user's record in the computing system 12 is shown according to one embodiment of the invention. A user's record 150 includes fields for storing the user's User ID and Password and profile information. The record 150 also includes a pointer 152 that points to a file of card data records 154. Each record 154 contains cardholder data (except the PIN number) for each of the user's cards. Each card record 154 also contains a pointer 156 that points to a record 158 that contains the PIN number associated with the card. As previously noted, the information contained in records 150 and 154 are stored in device 34a and are hardware encrypted using one encryption scheme. The PIN number in record 158 is stored in device 34b and is hardware encrypted using a different encryption scheme. Further since the storage devices 34a and 34b are physically separate, it is very difficult for a hacker to obtain both the account number and PIN number. The above-described arrangement therefore provides a very high level of security for the user.

Processing ATM Requests

Regardless of which of the above-described embodiments is used, once the card number and PIN number for an ATM card is entered into the computing system 12, a request to access the account on the ATM network 14 is processed in the same manner. In general, a request is generated in four ways: (i) immediately after a user signs-up and becomes a registered member of the web site maintained on the web server 30. In this situation, the user is required to enter the Track Two information for each ATM card they wish the computing system 12 to access; (ii) when a previously registered user wishes to access their ATM card accounts. To do so, the user is required to enter their previously defined Username and password to the web server 30 which prompts the computing system 12 to access the previously defined accounts; (iii) by a user who wishes to obtain information one time, without becoming a registered user. In this situation, the user enters the card data and PIN data to the computing system 12 and is provided a response. No card or PIN data is stored in the computing system 12 under this circumstance, (iv) The user has previously defined pre-designated times in which they wish the computing system 12 to automatically access their accounts over the ATM network 14 and provide this information to the user over the Internet. The computing system 12 automatically generates the request at the designated times with this alternative.

To access the ATM network for a given card, a query based on the user ID is sent to storage device 34a. The results of the query is to obtain the card data and the pointer to the PIN. The card data is then unencrypted and the pointer used to generate another query against storage device 34b. The results of the second query is to provide the encrypted PIN. The encrypted PIN is hardware decrypted then reencrypted in the format expected by an ATM access provider. Both card data and the encrypted PIN is sent within a standard ATM message (ISO 8583) to the ATM access provider over the ATM network 16. The ATM access provider switches the transaction to the financial institution 18 that issued the card. The financial institution 18 that issued the ATM card processes the transaction just like any other ATM transaction. The reply information from the financial institution is then sent back through the ATM network 16 and the computing system 12 to the user over the Internet

14. The account balance or balances associated with the ATM card are stored in the database along with the time the request was made. The balance information is thus available to the user at a later time. If the user believes that the balance information stored in the database is out of date or stale, the user can of course make a new request to retrieve the most up-to-date balance information. In one embodiment, only the account balance information, the card name, and a portion (i.e. the last four digits) of the account number are sent to the user. The entire account number and the PIN number are not sent back for security reasons. In alternative embodiments, this same sequence can be used to retrieve and send the users account information at pre-designated times. The only difference being that queries to the storage device 34a and 34b are automatically made by computing system 12 at the designated times as opposed to the user getting on-line and requesting the information.

Referring to Figure 5, a bank meter and a credit card meter for displaying account information according to the show meter option of the present invention is shown. The bank meter may be used in situations where a user would like to have a graphical representation of their account balances and available credit. For example, the "Account Balance Meter" 110 provides a graphical representation of a person's bank account balance. The graph includes a scale ranging from "Empty" to "Full". The monetary value of Full is previously defined by the user through the Enter Full data entry window web page (not shown) that requests this information. For example, if a person keeps no more than $5000.00 in their checking account, they would designated this amount as Full. Thus if they have a balance of $1250.00 in the amount, the meter 110 will show that it is approximately twenty five percent full.

Similarly the "Credit Card Meter" 112 graphically shows the amount of available credit a person may have on a credit card. If a credit card account is designed as having $10,000.00 credit limit, then the Credit Card Meter 112 will display the card owner's outstanding charges and the amount of credit left on the card. In the example shown, the charges are approximately $7,000.00 and therefore the available credit is approximately $3,000.00. In alternative embodiments, of the invention, the meters can be set display account balances and available credits in any currency selected by the user. Operation of the Present Invention

Referring to Figures 6A through 6J a series of web pages of the web site hosted on server 30 are shown to illustrate the sequence and operation of the present invention. It should be noted that the content and sequence of these web pages as shown is only exemplary and that other content and sequences of web pages could be used. These web pages of course can be readily modified to implement the other embodiments of the present invention as described herein.

Referring to Figure 6A, an exemplary home page for the web site hosted by web server 30 in system 12 is shown. The home web page includes icons for an Internet user to sign-up, login-in, and try the service of accessing the ATM enabled accounts on-line.

Figure 6B illustrates a exemplary web page for a new Internet user to sign up for the service. This page includes data entry fields for the user to enter their user name, password, email addresses and a field to select if they would like to enter their ATM card PIN numbers by telephone or on-line. When all the fields are completed, the user is required to select the "next" icon.

Figure 6C is the next page that appears in the sign-up process. This page includes data entry fields for card data including a card name, card number, expiration data, PIN number, and type of account(s) (checking/now, savings/money market, or credit.) After all the above fields have been entered a new card can be entered by selecting the "add" icon. The clear icon causes the existing data entered into the above fields to be removed. When all of the cards the user wishes to access over the Internet have been entered, the "done" icon is selected.

Figure 6D illustrates an exemplary web page that informs the user that they have successfully registered. It also informs the user that they can pre-select delivery options and the display options. Figure 6E illustrates an exemplary web page that enables the Internet user to pre-select delivery options of their account information. The web page includes data entry fields to allow the Internet user to select a delivery option (email and/or a hand held device such as a PDA), the frequency of the delivery (daily, weekly or monthly) and the ATM cards they wish to access.

Figure 6F illustrates an exemplary web page for enabling the Internet user to select a display option for their ATM cards. The web site provides the display options of showing balances/credits only, showing balance or credit in graphical form only, or both. The lower portion of the figure shows account balances in graphical form. Figure 6G shows an exemplary web page where an Internet user that previously registered can log-in and access their ATM enabled accounts over the Internet. In this web page, data entry fields are provided for the user to enter their user name and password. Once these are successfully entered, the "next" icon is selected to proceed.

Figure 6H shows an exemplary page of a user's balance for their checking/now and savings/MM accounts associated with an ATM card. Note the balances are shown in both numerical and graphical form. If the user had submitted multiple ATM cards issued by the same or different financial institutions, similar tables showing account balances would appear. Also note that a "Perform a Transfer" icon is provided.

Referring to Figure 61, an exemplary page for enabling on Internet user to transfer funds between different accounts associated with an ATM card is shown. With this web page, "To" and a "From" data entry fields are provided along with a data field to enter the amount to be transferred. When the above fields have been completed and the "submit" icon is selected, the system 12 generates the appropriate ATM network message to effectuate the transfer. The results of the transfer are shown in the table at the bottom of the web page. In alternative embodiments of the invention, the system 12 can be configured to effectuate fund transfers between accounts associated with different ATM cards issued by either the same institution or different institutions.

Flow Diagram Referring to Figure 7A, a flow diagram illustrating the sign-up and registration sequence over the Internet 14 is shown. Initially a user is required to access the web site hosted by the web server 30 (Step 120). The user is then requested to define and enter a User password and ID (Step 121). Next the user is prompted to enter user profile information and the Track Two information and PIN data for each ATM card they wish to enter into computing system 12 (Step 122). The computing system 12 in reply creates a user profile, encrypts and stores the Track Two information and PIN data in the storage devices 34a and

34b as described above (Step 123), completing the sign-up and registration process.

Referring to figure 7B, a flow diagram illustrating the access of an ATM account through the computing system 12 is shown. Initially the Internet user is required to access the web site hosted by the web server 30 (Step 130). The user is next required to enter their

User password and ID (Step 131). The User password and ID are then compared with the existing passwords and IDs stored in the computing system 12 for authentication (Step 132).

If there is no match, the user is prompted to enter the information again or the request is terminated. If authenticated, the request is processed, the storage device 34a and 34b are accessed, and the Track Two and PIN information is retrieved from the user's records in the database contained in the computing system 12 (Step 133). An ATM protocol message is then created from the Track Two information and passed onto the ATM network 16 through the switch server 38 (Step 134). When the financial institution that issued the card responds

(Step 135), the balance information is stored in the database in computing system 12 and the reply is forwarded to the Internet user over the Internet (Step 136). If the user wishes to access multiple ATM cards, the sequence of steps described above is repeated for each card. Similarly if the Internet user has requested that they receive their ATM account information at pre-designated times, the computing system 12 execute steps 133 through 136 automatically at the designated times. Finally in the embodiment described herein, the user is not required to enter the Track Two information to access the card account. However, it should be understood, that the present invention can be readily modified to require the Internet user to enter and authenticate the Track Two information before each request can proceed.

ATM Network Transaction Fees

The ATM network 14 is actually an aggregation of several ATM networks such as Nyce, Cirrus, Star, InTerlink and several others owned by individual compames or consortiums of banks. The major ATM players have agreed upon and defined a standardized set of messaging protocols and rules. The messaging protocols enable transactions to "seamlessly" occur between ATM networks, banks and other financial institutions. The rules define, among other things, the payment of interchange fees between financial institutions. For example, if an ATM card issued by a first bank is used at an ATM machine of a second bank, the first bank has to pay the second bank an interchange fee for the transaction under the rules. Currently this fee ranges from twenty five to thirty five cents, depending on how many "hops" across the ATM network is required to satisfy the transaction. With the present invention, it is possible for a cardholder to simultaneously initiate multiple requests to multiple financial institutions thereby generating multiple fees from one transaction. Furthermore when an Internet user pre-arranges to receive their ATM account information automatically, the increased traffic across the ATM network further increases the revenue stream generated by the computing system 12. The present invention thus enables a party that maintains or otherwise controls the computing system 12 to generate revenue in a number of possible ways.

The present invention could also be used as a "sticky application" by web portal sites. By developing partnerships with existing web sites and portals, such as Yahoo or AOL, a hyper-text link can be used to automatically forward an Internet user at a portal to the web server 30 so the user can sign-up and register to access their ATM card accounts over the Internet. This of course will help increase traffic to the web site 30, and hence, generate more transaction fees. Similarly, the banks and financial institutions could also provide a similar hyper-text link from their web sites to the web server 30, or they could build the computing system 12 into their existing information technology infrastructure so this capability can be offered to their customers and Internet users in general.

Referring to Figure 8, a diagram of a system for a bank or financial institution to provide aggregate account statements to users according to another embodiment of the present invention is shown. The diagram 800 includes the computing system 12. the Internet 14, an ATM network 16, a plurality of financial institutions 18a through 18z, an Internet user's personal computer 20 (or laptop, cell phone or PDA), an ATM machine 802, a bank

804 including its information system infrastructure, and a plurality of delivery channels 806 for providing the customers of bank 804 with the aggregate account statements. The ATM machine 802 can belong to the bank 804 and therefore be directly linked into the bank's information system infrastructure or, alternatively, can be linked through the ATM network

16. This embodiment empowers bank 804 to offer their customers a "true" consolidated financial statement of all of their ATM enabled accounts regardless of the financial institutions 18a through 18z that issued the cards. To offer this service, the bank 804 can obtain the Track Two information for each ATM enabled account of a customer, including for ATM cards issued by other financial institutions, either over the Internet 14, using a telephone response unit as discussed in the present application, by requiring the customer to visit the bank 804 in person and provide the information using a card reader, or through an

ATM machine 802 as previously described. Once the user profile and Track Two information is secured in the computing system 12, the bank 804 can request the computing system 12 to access the ATM enabled accounts so the bank 804 can generate a consolidated financial statement which include all the customer's ATM enabled accounts from various institutions 18a through 18z and not just those issued by the bank 804. The bank 804 can then deliver the consolidated report to the customer using a variety of delivery channels 806, including but not limited to on-line banking, by telephone, email, over the Internet, by monthly statements mailed to the customer, etc. and at times and frequencies desired by the customer. Not only would this be valuable service for customers, but it would generate additional ATM transaction fees for the bank 804 as the bank that originated the transaction.

Although information system infrastructure of the bank 804 is shown separate from the computing system 12 in Figure 8, it should be understood that the computing system 12 could be included in and managed by the bank 804' s information system infrastructure. In this embodiment, the bank 804 could directly access the Internet 14 and the ATM network

16.

The present invention provides numerous benefits and advantages. Foremost it empowers Internet user's to consolidate all of their ATM enabled financial accounts at one location on the Internet. It also provides these user's with the ability to perform certain

ATM network transactions over the Internet, such as balance transaction inquirers, and fund transfers between accounts at a given bank or financial institution. The present invention is also very useful to banks and other financial institutions considering that most banks today are not Internet enabled. The present invention allows these banks to at least offer partial on-line banking services to their customers. While the present invention has been described in relationship to the embodiments described in the accompanying specification, other alternatives, embodiments and modifications will be apparent to those skilled in the art. It is intended that the specification be only exemplary, and that the true scope and spirit of the invention be indicated by the following claims.

Claims

WHAT IS CLAIMED IS:

1. A method of collecting card data and a PIN number associated with an ATM enabled account issued by a financial institution from an Internet user so that the Internet user can access the ATM enabled account over an ATM network through the Internet, comprising: maintaining a computing system that enables the Internet user to access the ATM enabled account over the ATM network; receiving a request at the computing system from the Internet user seeking to access the ATM enabled account; obtaining the card data and the PIN number for the ATM enabled account from the

Internet user; accessing the ATM enabled account through the ATM network using the card data and PIN number; and receiving a reply over the ATM network from the financial institution; and forwarding the reply to the Internet user.

2. The method of claim 1, wherein the receiving the request from the Internet user to access the ATM enabled account further comprises: maintaining at the computing system a web site accessible by the Internet user over the Internet; permitting the Internet user to become a registered member of the web site by defining and submitting a user-ID and password; and prompting the Internet user to identify the ATM enabled account to be accessed through the computing system.

3. The method of claim 1, wherein the receiving the request from the Internet user to access the ATM enabled account further comprises: maintaining a web site accessible by the Internet user over the Internet; permitting the internet user to log-in to the web site by submitting a previously defined user-ID and password; and receiving a request at the web site from the Internet user to access the ATM enabled account which was previously entered into the web site.

4. The method of claim 1, wherein the obtaining the PIN number for the ATM enabled account from the Internet user further comprises: prompting the Internet user to enter the PIN number to an telephone response unit; and encrypting the PIN number received by the telephone response unit and storing it in a first storage device in the computing system.

5. The method of claim 4, wherein the obtaining the card data for the ATM enabled account from the Internet user further comprises: receiving the card data over the Internet at the computing system; and storing the card data on a second storage device separate from the first storage device in the computing system.

6. The method of claim 4, wherein the obtaining the card data for the ATM enabled account from the Internet user further comprises: prompting the Internet user to enter the card data to the automatic telephone answering unit; receiving the card data at the automatic telephone answering unit; and storing the card data in a second storage device separate from the first storage device in the computing system.

7. The method of claim 1, wherein the obtaining the card data and the PIN number for the ATM card from the Internet user further comprises: dynamically generating an HTML translation table including a first set of alpha and/or numeric values and a second set of symbols corresponding to the first set of alpha and or numeric values respectively: prompting the Internet user to enter keyboard strokes of selected symbols among the second set of symbols corresponding to the true values of the PIN number as they appear in the translation table to the web server; and decoding the entered keystrokes to obtain the true PIN number at the web server.

8. The method of claim 7, wherein obtaining the card data further comprises: prompting the Internet user to enter the card data to the web server over the Internet.

9. The method of claim 1, wherein obtaining the card data and the PIN number further comprises: providing a unique identification number and a web site url address to the Internet user when the Internet user uses an ATM card associated with the ATM enabled account in an ATM machine and provides the PIN number associated with the ATM card to the ATM machine; directing the Internet user to access the web site url address on the Internet; and prompting the Internet user to enter verification information to the web site when accessing the web site url.

10. The method of claim 9, further comprising prompting the Internet user to define a user name and password for future access to the ATM enabled account.

11. A system for collecting from an Internet user card data and a PIN number associated with an ATM enabled account issued by a financial institution for allowing the Internet user to access the ATM enabled account over an ATM network through the Internet, the system comprising: a web server configured to host a web site that enables the Internet user to request access to the ATM enabled account over the Internet; a security device configured to obtain the card data and the PIN number for the ATM enabled account from the Internet user; and a switch configured to access the ATM enabled account through the ATM network using the card data and PIN number and configured to receive a reply from the financial institution over the ATM network, the system further configured to forward the reply to the Internet user.

12. The system of claim 11 , wherein the security device configured to obtain the card data and the PIN number for the ATM enabled account from the Internet user further comprises: an encryption device to de-crypt the card data and PIN number received at the web site in encrypted form over the Internet, a first encryption device to re-encrypt the card data and a first storage device to store the re-encrypted card data and a second encryption device to re-encrypt the PIN number and a second storage device to store the re-encrypted PIN number.

13. The system of claim, 11 wherein the security device further comprising; an telephone response unit configured to receive the PIN number from the Internet user; an encryption device configured to encrypt the PIN number received by the telephone response unit using a first encryption scheme; and a storage device configured to store the encrypted PIN number in the computing system.

14. The method of claim 13, wherein the security device further comprises: a second storage device, separate from the first storage device, configured to store the card data received from the Internet user over the Internet.

15. The system of claim 11, wherein the security device further comprises configuring the web server web to: dynamically generating an HTML translation table including a first set of alpha and/or numeric values and a second set of symbols corresponding to the first set of alpha and/or numeric values respectively; generate a message prompting the Internet user to enter keyboard strokes of selected symbols among the second set of symbols corresponding to the true values of the PIN number as they appear in the translation table to the web server; and decode the keystrokes when entered to obtain the true PIN number at the web server.

16. The system of claim 15, wherein the security device further comprises: storing the card data in a first storage device; and an encryption device configured to encrypt the PIN number using an encryption scheme and storing the encrypted PIN number in a second storage device separate from the first storage device in the computer system.

17. The system of claim 11, wherein the security device implements a security scheme to obtain the card data and the PIN number using an ATM machine, the security scheme comprises: generating a unique identification number and a web site url address for the Internet user in response to the Internet user inserting an ATM card associated with the ATM enabled account into the ATM machine and entering the PIN number associated with the ATM card into the ATM machine; directing the Internet user to access the web site url address hosted on the web server over the Internet; and prompting the Internet user to enter verification information to the web site when accessing the web site url.

18. A method of securely maintaining an Internet user's PIN number and card data for an ATM enabled account in a computing system configured to enable the Internet user to access the ATM enabled account on an ATM network over the Internet, comprising: coupling the computing system to the ATM network; coupling the computing system to the Internet; receiving the Internet user's PIN number and card data for the ATM enabled account; storing the PIN number in a first storage device; and storing the card data in a second storage device separate from the first storage device.

19. The method of claim 18, further comprising encrypting the PIN number using a first encryption scheme prior to storing the PIN number in the first storage device.

20. The method of claim 19, wherein the encrypting the PIN number further comprises encrypting the PIN number using a hardware encryption device in the computing system.

21. The method of claim 18, further comprising encrypting the card data using a second encryption scheme prior to storing the card data in the second storage device.

22. The method of claim 21, wherein the encrypting the card data further comprises encrypting the card data using a hardware encryption device in the computing system.

23. The method of claim 18, wherein receiving the Internet user's PIN number and card data for the ATM enabled account further comprises: maintaining a web server within the computing system, the web sever being configured to receive an encrypted message from the Internet user over the Internet; decrypting the encrypted message to obtain the card data and PIN number; re-encrypting the PIN number in a first encryption device; and storing the re-encrypted PIN number in the first storage device.

24. The method of claim 23, further comprising: forwarding the decrypted card data to the application layer of the web server; and re-encrypting the card data and storing the re-encrypted card data in the second storage device.

25. The method of claim 24, wherein the encrypted message from the Internet user is a secure-socket-layer message.

26. The method of claim 18, wherein receiving the Internet user's PIN number for the ATM enabled account further comprises maintaining a telephone response unit, coupled to the computing system, the telephone response unit configured to receive the PIN number.

27. The method of claim 26, wherein receiving the Internet user's PIN number further comprises: configuring the telephone response unit to receive a call from the Internet user; prompting the Internet user to enter an access code previously received by the Internet user from the computing system over the Internet; and prompting the Internet user to enter the PIN number after entering the access code.

28. The method of claim 26, further comprising: encrypting the PIN number entered into the telephone response unit; transmitting the encrypted PIN number to the computing system; re-encrypting the PIN number in a first encryption device; and storing the re-encrypted PIN number in the first storage device.

29. The method of claim 18, wherein the receiving the PIN number for the ATM enabled account from the Internet user further comprises: dynamically generating and displaying to the Internet user a translation table including a first set of alpha and/or numeric values and a second set of symbols corresponding to the first set of alpha and/or numeric values respectively; prompting the Internet user to enter keyboard strokes of selected symbols among the second set of symbols corresponding to the true values of the PIN number as they appear in the first set of alpha and/or numeric values in the translation table to the computing system over the Internet; and decoding the entered keyboard strokes to obtain the true PIN number at the computing system.

30. The method of claim 29, further comprising: encrypting the PIN number after the PIN number has been decoded; re-encrypting the PIN number in a first encryption device; and storing the re-encrypted PIN number in the first storage device.

31. The method of claim 18, further comprising accessing the ATM enabled account on the ATM network by: retrieving the PIN number and card data from the first storage device and the second storage device respectively; re-encrypting the PIN number and the card number using an ATM network encryption key; formatting an ATM protocol message including the PIN number and the card data; and providing the ATM protocol message to the ATM network through an ATM switch.

32. The method of claim 18, further comprising: aggregating a plurality of the PIN numbers associated with a plurality of the ATM enable accounts belonging to one or more Internet users in the first storage device; aggregating a plurality of the card data associated with the plurality of the ATM enable accounts belonging to one or more of the Internet users in the second storage device; entering the plurality of card data and the plurality of PIN numbers associated with the plurality of ATM enabled accounts in a database having a first set of records for the plurality of card data and a second set of records for the plurality of PIN numbers respectively; and providing pointers from the first set of records containing the card data to the second set of records containing the PIN numbers for the associated ATM enabled accounts entered into the database respectively.

33. A system configured to securely maintain an Internet user's PIN number and card data for an ATM enabled account in a computing system so that an Internet user can access the ATM enabled account on the ATM network over the Internet, the computing system comprising: a switch configured to couple the computing system to the ATM network; a web server configured to couple the computing system to the Internet; a first storage device configured to store the PIN number; and a second storage device configured to store the card data separate from the first storage device.

34. The system of claim 33, wherein the computing system further comprises a hardware encryption device configured to encrypt the PIN number using a first encryption scheme prior to storing the PIN number in the first storage device.

35. The system of claim 33, further comprising a hardware encryption device configured to encrypt the card data using a second encryption scheme prior to storing the card data in the second storage device.

36. The system of claim 33, further comprising an encryption device configured to decrypt a secure socket layer message received at the web server to obtain the card data and the PIN number.

37. The system of claim 36, wherein the encryption device is further configured to re-encrypt the PIN number before being stored in the first storage device.

38. The system of claim 36, further comprising a second encryption device configured to re-encrypting the card data before storing the card data in the second storage device.

39. The system of claim 33, wherein the computing system further comprises: a telephone response unit configured to receive the PIN number; a first encryption device configured encrypting the PIN number received by the telephone response unit using a first encryption scheme before storing the encrypted PIN number in the first storage device.

40. The system of claim 33, wherein the web server is further configured to: dynamically generate and display to the Internet user a translation table including a first set of alpha and/or numeric values and a second set of symbols corresponding to the first set of alpha and/or numeric values respectively; receive from the Internet user keyboard strokes of selected symbols among the second set of symbols corresponding to the true values of the PIN number as they appear in the first set of alpha and/or numeric values in the translation table; decode the entered keyboard strokes to obtain the true PIN number at the computing system; and the computing system further comprises: a first encryption unit configured to encrypt the PIN number using a first encryption scheme before storing the PIN number in the first storage device.

41. The system of claim 33, wherein the computing system further comprises an ATM protocol messaging unit configured to generate an ATM protocol message from the

PIN number and the card data and to provide the ATM protocol message to the ATM network.

42. The system of claim 33, further comprising a database configured to aggregate a plurality of the PIN numbers associated with a plurality of the ATM enable accounts belonging to one or more Internet users in the first storage device and to aggregate a plurality of the card data associated with the plurality of the ATM enable accounts belonging to one or more of the Internet users in the second storage device, the database organized to provide pointers between a first set of records configured to maintain the plurality of card data and a second set of records configured to maintain the plurality of PIN numbers for the ATM enabled accounts entered in the database respectively.

43. A method of offering to an Internet user aggregate financial account information for multiple financial accounts linked to a first ATM card and a second ATM card, comprising: receiving a request from the Internet user to access the first account linked to the first ATM card and the second account linked to the second ATM card; transmitting a first ATM protocol message to access the first account and a second ATM message to access the second account; receiving a first ATM network reply regarding the first account and a second ATM network reply from the second account; aggregating the first reply and the second reply; and providing the aggregated first reply and second reply to the Internet user.

44. The method of claim 43, wherein the providing the aggregated first reply and second reply to the Internet user further comprises: listing each account associated with the first ATM card; and providing the balance or available credit for each of the listed accounts associated with the first ATM card.

45. The method of claim 44, wherein the providing the aggregated first reply and second reply to the Internet user further comprises: listing each account associated with the second ATM card account; and providing the balance or available credit for each of the listed accounts associated with the second ATM card account.

46. The method of claim 44, wherein the providing the balance for each of the listed accounts associated with the first ATM card further comprises providing the balance or available credit in numerical form.

47. The method of claim 44, wherein the providing the balance for each of the listed accounts associated with the first ATM card further comprises providing the balance or available credit in graphical form.

48. The method of claim 44, wherein the providing the balance for each of the listed accounts associated with the first ATM card further comprises providing the balance or available credit in a currency selected by the Internet user.

49. The method of claim 43, further providing the Internet user with the option to create a user profile including the first ATM card by requesting the Internet user to provide one or more of the following: a card name for the first ATM card; a card number for the first ATM card; a card type for the first ATM card; accounts affiliated with the first ATM card; an expiration date for the first ATM card; and a PIN number for the first ATM.

50. The method of claim 49, wherein providing the Internet user with the option to create the user profile including the second ATM card by requesting the Internet user to provide one or more of the following: a second card name for the second ATM card; a second card number for the second ATM card; a card type for the second ATM card; accounts affiliated with the second ATM card; an expiration date for the second ATM card; and a second PIN number for the second ATM card.

51. The method of claim 43, further comprising: receiving card data and a PIN number from the Internet user for the first ATM card account; creating the ATM protocol message including the card data and the PIN number; encrypting the ATM protocol message; and providing the encrypted ATM protocol message to an ATM network.

52. The method of claim 43, further comprising generating a web page including the aggregated first reply and second reply in response to the Internet user making the request to access the financial accounts linked to the first ATM card and the second ATM card over the Internet.

53. The method of claim 43, wherein receiving the request from the Internet user further comprises: obtaining from the Internet user a pre- designated time to receive the aggregated first reply and second reply; storing the pre-designated time; and transmitting the the first ATM protocol message and the second ATM protocol message at the pre-designated time.

54. The method of claim 43, wherein receiving the request from the Internet user further comprises providing the Internet user with the ability to pre-designate a selected frequency for the Internet user to receive the aggregate first reply and second reply.

55. The method of claim 43, wherein the providing the aggregate first reply and the second reply to the Internet user further comprises sending an email to the Internet user.

56. The method of claim 43, wherein the providing the aggregate first reply and the second reply to the Internet user further comprises mailing an aggregate statement to the

Internet user.

57. The method of claim 49, wherein the card name, card number, card type, affiliated accounts, expiration date and PIN number for the first ATM card is provided by the Internet user using one or more of the following: the Internet, by telephone, an ATM machine; or in person at a financial institution.

58. A system configured to offer to an Internet user aggregate financial account information for multiple financial accounts linked to a first ATM card and a second ATM card, comprising: a computing system, the computing system configured to: receive a request from the Internet user to access the first account linked to the first

ATM card and the second account linked to the second ATM card; transmit a first ATM protocol message to access the first account and a second ATM message to access the second account in response to the request; receive a first ATM network reply regarding the first account and a second ATM network reply from the second account; aggregate the first reply and the second reply; and provide the aggregated first reply and second reply to the Internet user.

59. The system of claim 58, wherein the system is further configured to provide the aggregated first reply and second reply to the Internet user by: listing each account associated with the first ATM card for the Internet user; and providing the balance or available credit for each of the listed accounts associated with the first ATM card.

60. The system of claim 59, wherein the system is further configured to provide the aggregated first reply and second reply to the Internet user by: listing each account associated with the second ATM card account; and providing the balance or available credit for each of the listed accounts associated with the second ATM card account.

61. The system of claim 59, wherein the system provides the balance for each of the listed accounts associated with the first ATM card by providing the balance or available credit in numerical form.

62. The system of claim 59, wherein the system provides the balance for each of the listed accounts associated with the first ATM card by providing the balance or available credit in graphical form.

63. The system of claim 44, wherein the system provides the balance for each of the listed accounts associated with the first ATM card further by providing the balance or available credit in a currency selected by the Internet user.

64. The system of claim 58, further providing the Internet user with the option to create a user profile including the first ATM card by requesting the Internet user to provide to the system one or more of the following: a card name for the first ATM card; a card number for the first ATM card; a card type for the first ATM card; accounts affiliated with the first ATM card; an expiration date for the first ATM card; and a PIN number for the first ATM.

65. The system of claim 64, wherein providing the Internet user with the option to create the user profile including the second ATM card by requesting the Internet user to provide the system one or more of the following: a second card name for the second ATM card; a second card number for the second ATM card; a card type for the second ATM card; accounts affiliated with the second ATM card; an expiration date for the second ATM card; and a second PIN number for the second ATM card.

66. The system of claim 58, wherein the system is further configured to: receive card data and a PIN number from the Internet user for the first ATM card account; create the ATM protocol message including the card data and the PIN number; encrypt the ATM protocol message; and provide the encrypted ATM protocol message to an ATM network.

67. The system of claim 58, wherein the system is further configured to generate a web page including the aggregated first reply and second reply in response to the Internet user making the request to access the financial accounts linked to the first ATM card and the second ATM card over the Internet.

68. The system of claim 58, wherein the system is further configured to receive the request from the Internet user by: obtaining from the Internet user a pre-designated time to receive the aggregated first reply and second reply; storing the pre-designated time; and performing transmitting the the first ATM protocol message and the second ATM protocol message at the pre-designated time.

69. The system of claim 58, wherein the system further comprises providing the Internet user with the ability to pre-designate a selected frequency for the Internet user to receive the aggregate first reply and second reply.

70. The system of claim 58, wherein the system is further configured to provide the aggregate first reply and the second reply to the Internet user by sending an email to the Internet user.

71. The system of claim 58, wherein the system is further configured to provide the aggregate first reply and the second reply to the internet user by mailing an aggregate statement to the Internet user.

72. The system of claim 64, wherein the system is configured to receive the card name, card number, card type, affiliated accounts, expiration date and PIN number for the first ATM from the Internet user via one or more of the following: over the Internet, by telephone, an ATM machine; or in person at a financial institution.

73. A method of maintaining a computing system capable of providing an Internet user with account information regarding an ATM enabled account, comprising: processing a request from the Internet user to access the ATM account at the computing system; providing the request at the computing system to the ATM network; and receiving at the computing system a reply form the ATM network and providing the reply to the Internet user.

74. The method of claim 73, further comprising receiving the request at the computing system by: maintaining a web site at the computing system; and prompting the Internet user to enter the request through the web site.

75. The method of claim 74, wherein the prompting the Internet user to enter the request through the web site further comprises: prompting the user to enter a user password and user ID; prompting the user to enter ATM card data and a PIN number for the ATM enabled account; and receiving the entered user password, user ID, ATM card data and PIN number for the ATM card at a web server maintaining the web site and located within the computing system.

76. The method of claim 75, further comprising storing the ATM card data in the computing system in a first storage device and storing the PIN number in a second storage device.

77. The method of claim 76, further comprising; receiving the ATM card data and PIN number at a web server in the computing system in encrypted form;

78. decrypting the ATM card data and PIN number; passing the ATM card data an PIN number through the web server in encrypted form; re-encrypting the ATM card data using a first encryption device and storing the re-encrypted ATM card data in a first storage device; and re-encrypting the PIN number using a second encryption device and storing the re- encrypted PIN number in a second storage device.

79. The method of claim 77, further comprising forwarding the decrypted card data to an application layer of the web server before re-encrypting the card data using the first encryption device.

80. The method of claim 74, wherein maintaining a web site in the computing system further comprises: enabling the Internet user to create a profile including one or more ATM enabled cards, the profile including: a card number for each of the one or more ATM cards; a PIN number for each of the one or more ATM cards; and information pertaining to the Internet user.

81. The method of claim 74, where maintaining the web site in the computing system further comprises enabling the Internet user to transfer funds between ATM enabled accounts by: causing information pertaining to at least two ATM enabled accounts to be displayed to the Internet user; prompting the Internet user to select a transfer "from" ATM enabled account among the at least two ATM enabled accounts; prompting Internet user to select a transfer "to" ATM enabled account among the at least two ATM enabled accounts; and prompting the Internet user to enter a fund amount to be transferred between the "from" ATM enabled account to the "to" ATM enabled account.

82. The method of claim 74, wherein maintaining the web site in the computing system further comprises enabling the Internet user to set delivery options for delivering the financial information regarding the ATM enable account, comprising: prompting the Internet user to select a delivery option; and prompting the Internet user to select the frequency of the delivery of the financial information to the Internet user via the selected delivery option.

83. The method of claim 82, wherein the delivery option includes at least one of the following delivery options: electronic mail message or text message to a hand-held device.

84. The method of claim 82, wherein prompting the Internet user to select the frequency of the delivery of the financial information to the Internet user further comprises providing the Internet user with a set of frequency options including at least one of the following delivery options: time of day, day of week, or day of month.

85. The method of claim 74, wherein maintaining the web site in the computing system further comprises enabling the Internet user to set display options for displaying the financial information regarding the ATM enable account on the Internet user's computer.

86. The method of claim 85, wherein the display options for displaying the financial information include one of the following display options: numerical form, graphical form, or in a selected currency.

87. The method of claim 73, wherein the processing of the request in the computing system further comprises translating the request into an ATM protocol message.

88. The method of claim 73, wherein the providing the processed request to the ATM network further comprises providing the processed request to the ATM network through a switch.

89. The method of claim 73, wherein providing the reply received at the computing system from the ATM network and providing it to the Internet user further comprises: receiving the reply in an ATM protocol; translating the reply into an Internet protocol; and transferring the translated reply in the Internet protocol to the internet user over the Internet.

90. An apparatus configured to Internet enable an ATM network so that an

Internet user can access an ATM card account over the Internet, the apparatus comprising: a computing system coupled between the Internet and the ATM network, the computing system configured to receive a request from the Internet user to access the ATM network and to provide the request received by the computing system to the ATM network and to provide a reply from the ATM network in response to the request to the Internet user.

91. The apparatus of claim 90, wherein the computing system further comprises a web server configured to receive the request from the Internet user.

92. The apparatus of claim 91, wherein the computing system further comprises a firewall coupled between the web server and the Internet.

93. The apparatus of claim 90, wherein the computing system further comprises a first storage device configured to store card data associated with the ATM card.

94. The apparatus of claim 90, wherein the computing system further comprises a second storage device configured to store a PIN number associated with the ATM card.

95. The apparatus of claim 88, wherein the system further comprises a switching server, coupled to the web server, the switching server configured to convert the request into an ATM protocol message.

96. The apparatus of claim 90, wherein the system further comprises a switching server which is configured receive the reply from the ATM network and a web server which is configured to convert the reply into an Internet message and forward it to the Internet user over the Internet.

97. The apparatus of claim 91, wherein the system further comprises a web site maintained on the web server and which is configured to be accessed by the Internet user over the Internet.

98. The apparatus of claim 97, wherein the web site is configured to enable the Internet user to enter an account number for the ATM card and a PIN number for the ATM card.

99. The apparatus of claim 97, wherein the web site is configured to enable the Internet user to create a user profile, the user profile including data pertinent to the user and card data and PIN numbers for one or more ATM cards.

100. The apparatus of claim 90, wherein the computing system is configured to present to the Internet user a consolidated financial report regarding the accounts of two or more ATM cards that are associated with different financial institutions.

101. The apparatus of claim 96, wherein the computing system is configured to enable the Intemet user to define the format in which the reply is displayed to the Internet user, the format including at least one of the following display formats: numerical, graphical, or in a selected currency.

102. The apparatus of claim 90, wherein the computing system is configured to enable the Internet user to designate, at a pre-selected frequency, times for which the request is generated and when the reply is provided to the Internet user.

103. The apparatus of claim 94, wherein the computing system further comprises an encryption unit configured to store the PIN number in the second storage device in encrypted form.