US20050044044A1 - Portable electronic authorization system and method - Google Patents
Portable electronic authorization system and methodDownload PDFInfo
- Publication number
- US20050044044A1 US20050044044A1US10/954,050US95405004AUS2005044044A1US 20050044044 A1US20050044044 A1US 20050044044A1US 95405004 AUS95405004 AUS 95405004AUS 2005044044 A1US2005044044 A1US 2005044044A1
- Authority
- US
- United States
- Prior art keywords
- routine
- pocket vault
- user
- proceeds
- computer
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Images
Classifications
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/32—User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/10—Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/341—Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/357—Cards having a plurality of specified features
- G06Q20/3576—Multiple memory zones on card
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/36—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes
- G06Q20/367—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes
- G06Q20/3674—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes involving authentication
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q30/00—Commerce
- G06Q30/02—Marketing; Price estimation or determination; Fundraising
- G06Q30/0207—Discounts or incentives, e.g. coupons or rebates
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q30/00—Commerce
- G06Q30/02—Marketing; Price estimation or determination; Fundraising
- G06Q30/0241—Advertisements
- G06Q30/0251—Targeted advertisements
- G06Q30/0264—Targeted advertisements based upon schedule
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q30/00—Commerce
- G06Q30/02—Marketing; Price estimation or determination; Fundraising
- G06Q30/0241—Advertisements
- G06Q30/0251—Targeted advertisements
- G06Q30/0269—Targeted advertisements based on user profile or attribute
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q30/00—Commerce
- G06Q30/06—Buying, selling or leasing transactions
- G06Q30/0601—Electronic shopping [e-shopping]
- G06Q30/0609—Qualifying participants for shopping transactions
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/0873—Details of the card reader
- G07F7/088—Details of the card reader the card reader being part of the point of sale [POS] terminal or electronic cash register [ECR] itself
- G07F7/0886—Details of the card reader the card reader being part of the point of sale [POS] terminal or electronic cash register [ECR] itself the card reader being portable for interacting with a POS or ECR in realizing a payment transaction
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/10—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
- G07F7/1008—Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
Definitions
- the present inventionsare directed to novel systems and methods for engaging in transactions involving financial and/or non-financial media.
- a typical walletis made of leather or other suitable material, and is generally a foldable structure that readily fits into a pocket or purse.
- a wallettypically includes a number of pockets, pouches, or the like for storing items such as a driver's license, a social security card, identification cards, credit cards, debit cards, membership cards, commuter passes, access tools, business cards, cash, coupons, event tickets, transportation tickets, frequent customer cards (e.g., a frequent flier card), medical information cards, receipts, photographs, etc.
- Walletsare frequently stolen, lost, or misplaced. When any of these events occurs, not only must the wallet itself be replaced, but all of the contents of the wallet must be replaced as well. As anyone who has lost a wallet can testify, replacing the contents of a wallet can be cumbersome and expensive. In addition, if a wallet is stolen or if a lost wallet falls into the wrong hands, the contents of the wallet may be used to engage in unauthorized activities which financially detriment the wallet owner, as well as any banks, credit issuers, and/or other institutions that issued financial media to the wallet owner.
- misappropriation of media issued by non-financial media issuers that contain personal informatione.g., a drivers license, social security card, identification card, etc.
- personal informatione.g., a drivers license, social security card, identification card, etc.
- identity thefte.g., a drivers license, social security card, identification card, etc.
- the possessormay assume the identity of the wallet owner for various fraudulent purposes, e.g., using the assumed identity to obtain and exploit one or more new financial media.
- a methodfor enabling a software module on a computer operated by a user to access restricted information on a server.
- an identity of the useris authenticated to determine that the user is permitted to access the restricted information on the server.
- the software module on the computeris permitted to access the restricted information on the server.
- a methodfor altering settings on a computer to correspond to settings on an electronic device distinct from the computer.
- an identity of a useris authenticated to determine that the user is authorized to use the electronic device.
- the settings on the computerare altered to correspond to settings on the electronic device.
- a system for enabling a software module on a computer operated by a user to access restricted information on a serverincludes an electronic device which includes a user-authenticator to authenticate an identity of the user to determine that the user is permitted to access the restricted information on the server.
- the systemfurther comprises means for, in response to the electronic device authenticating the identity of the user operating the computer, enabling the software module on the computer to access the restricted information on the server.
- a system for altering settings on a computer to correspond to settings on an electronic device distinct from the computercomprises a user authenticator included in the electronic device to authenticate an identity of a user to determine that the user is authorized to use the electronic device.
- the systemfurther comprises means for, in response to authenticating the identity of the user, altering the settings on the computer to correspond to settings on the electronic device.
- an apparatusincludes a housing; a user authenticator, supported by the housing, that authenticates an identity of a user; at least one memory, supported by the housing, that stores,transaction information for at least first and second media; and at least one output, supported by the housing, that releases at least a portion of the transaction information to a point-of-sale (POS) terminal after the user authenticator has authenticated the identity of the user.
- POSpoint-of-sale
- a methodinvolves steps of: (a) storing transaction information for at least first and second media in a memory of a device (b) using the device to authenticate an identity of a user; and (c) after authenticating the identity of the user with the device, transferring at least a portion of the transaction information from the device to a point-of-sale (POS) terminal.
- POSpoint-of-sale
- an apparatusincludes: a housing; at least one memory, supported by the housing, that stores transaction information for at least one media; a user authenticator, supported by the housing, that authenticates an identity of a user of the apparatus; and at least one output, supported by the housing, that, after the user authenticator has authenticated the identity of the user, releases an embedded identification code of the apparatus from the housing that enables a device receiving the embedded identification ID code to authenticate the identity of the apparatus.
- a methodinvolves steps of: storing transaction information for at least one media in a memory of a first device; using the first device to authenticate an identity of a user; and after authenticating the identity of the user with the first device, releasing an embedded identification code of the apparatus from the housing that enables a second device receiving the embedded identification code to authenticate the identity of the first device.
- an apparatusincludes: at least one memory that stores transaction information for at least first and second media; at least one input that enables a user to select one of the at least first and second media; a display that provides a visual indication to the user regarding which of the at least first and second media has been selected with the at least one input; and at least one output that selectively releases at least a portion of the transaction information to a point-of-sale (POS) terminal.
- POSpoint-of-sale
- a methodinvolves steps of: storing transaction information for at least first and second media in a memory of a device; receiving as input a user's selection of one of the at least first and second media; displaying a visual indication to the user regarding which of the at least first and second media has been selected; and transferring at least a portion of the transaction information from the device to a point-of-sale (POS) terminal.
- POSpoint-of-sale
- an apparatusincludes: at least one memory that stores transaction information for at least one financial media and at least one non-financial media; and at least one output that selectively releases at least a portion of the transaction information to a point-of-sale (POS) terminal.
- POSpoint-of-sale
- a methodinvolves steps of: storing transaction information for at least one financial media and at least one non-financial media in a memory of a device; and transferring at least a portion of the transaction information from the device to a point-of-sale (POS) terminal.
- POSpoint-of-sale
- a systemincludes: a housing; at least one memory, supported by the housing, that stores transaction information for at least one media; a device releasably attached to the housing; and configuring means, supported by the housing, for selectively configuring the device to hold the transaction information so that the device may be used to engage in a transaction involving the at least one media.
- a methodinvolves steps of: (a) storing transaction information for at least one media in a memory of a first device, the first device having a second device releasably attached thereto; (b) while the second device is attached to the first device, configuring the second device to hold the transaction information for the at least one media based on the contents of the memory; (c) detaching the second device from the first device; and (d) using the second device to engage in a transaction involving the at least one media.
- a systemincludes: a first device including a user authenticator that authenticates an identity of a user; and a second device releasably attached to the first device, wherein the second device holds transaction information for at least one media so that the second device may be used to engage in a transaction involving the at least one media, and wherein the second device is detached from the first device after the user authenticator has authenticated the identity of the user.
- a methodinvolves steps of: with a first device, authenticating an identity of a user; and after authenticating the identity of a user with the first device, detaching a second device from the first device, the second device holding transaction information for at least one media so that the second device may be used to engage in a transaction involving the at least one media.
- a systemincludes: a first device; a second device that has the first device releasably attached thereto, the second device including means for selectively configuring the first device to hold transaction information for a first media but not for a second media so that the first device may be used to engage in a transaction involving the first media but not the second media, and the second device further including means for selectively configuring the first device to hold transaction information for the second media but not for the first media so that the first device may be used to engage in a transaction involving the second media but not the first media.
- a methodinvolves steps of: selectively configuring a device to hold transaction information for a first media but not for a second media so that the device may be used to engage in a transaction involving the first media but not the second media; and selectively configuring the device to hold transaction information for the second media but not the first media so that the device may be used to engage in a transaction involving the second media but not the first media.
- a systemincludes: at least one memory that stores first transaction information for a first media; at least one output that selectively releases at least a portion of the first transaction information to a point-of-sale (POS) terminal; and means for enabling a person to whom the first media is issued to selectively add second transaction information for a second media to the memory.
- POSpoint-of-sale
- a methodinvolves steps of: storing first transaction information for a first media in a memory of a device; releasing at least a portion of the first transaction information to a point-of-sale (POS) terminal; and in response to a request by the person to whom the first transaction information is issued, adding second transaction information for a second media to the memory.
- POSpoint-of-sale
- a systemincludes: at least one memory that stores first transaction information for a first media and second transaction information for a second media; at least one output that selectively releases at least a portion of the first transaction information to a point-of-sale (POS) terminal; and means for enabling a person to whom the first media is issued to selectively remove at least a portion of the second transaction information from the memory.
- POSpoint-of-sale
- a methodinvolves steps of: storing first transaction information for a first media and second transaction information for a second media in a memory of a device; releasing at least a portion of the first transaction information to a point-of-sale (POS) terminal; and, in response to a request by the person to whom the second media is issued, removing at least a portion of the second transaction information from the memory.
- POSpoint-of-sale
- a systemincludes: at least one memory that stores transaction information for at least one media; at least one output that selectively releases at least a portion of the transaction information to a point-of-sale (POS) terminal; and means for enabling at least one functional characteristic of the at least one media to be altered by altering the contents of the least one memory.
- POSpoint-of-sale
- a methodinvolves: storing transaction information for at least one media in a memory of a device; releasing at least a portion of the transaction information to a point-of-sale (POS) terminal; and altering at least one functional characteristic of the at least one media by altering the contents of the least one memory.
- POSpoint-of-sale
- an apparatusincludes: a housing; a user authenticator, supported by the housing, that authenticates an identity of a user; at least one memory that, supported by the housing, stores first transaction information for a first media and second transaction information for a second media; and at least one output, supported by the housing, that releases the first transaction information only after the user authenticator has authenticated the identity of the user, and that releases the second information without requiring the user authenticator to have authenticated the identity of the user.
- a methodinvolves steps of: storing first transaction information for a first media and second transaction information for a second media in at least one memory of a device; using the device to authenticate an identity of a user; releasing the first transaction information only after the identity of the user has been authenticated; and releasing the second transaction information without requiring the identity of the user to be authenticated.
- a systemincludes: a first device; and a second device having the first device releasably attached thereto such that, when the first device is attached to the second device, the second device causes the first device to generate a machine-readable code for only a predetermined, finite period of time after the first device is detached from the second device.
- a methodinvolves a step of generating a machine-readable code on a device for only a predetermined, finite period of time.
- an apparatusincludes: a portable substrate; a power supply supported by the substrate; and at least one controller supported by the substrate and powered by the power supply, the at least one controller being configured to generate a simulated magnetic stripe on the substrate.
- an methodinvolves a step of generating a simulated magnetic stripe on a portable device.
- a systemincludes: at least one memory that stores transaction information for at least one media; a user authenticator that authenticates an identity of the user; and a display that provides a visual indication to the user regarding the at least one media, the visual indication being displayed for only a predetermined, finite period of time after the user authenticator has authenticated the identity of the user.
- a methodinvolves steps of: authenticating an identity of a user; and displaying a visual indication to the user regarding the at least one media for only a predetermined, finite period of time after authenticating the identity of the user.
- a systemincludes a portable device that can be used to engage in point-of-sale (POS) transactions; and a device remote from the portable device, that can disable an ability of the portable device to engage in POS transactions.
- POSpoint-of-sale
- a methodinvolves steps of: providing a portable device that can be used to engage in point-of-sale transactions; and at a location remote from the portable device, disabling an ability of the portable device to engage in POS transactions.
- a methodinvolves steps of: storing transaction authorization information for at least two media in a first memory of a first device; and storing the transaction authorization information for the at least two media in a second memory, which is disposed at a location remote from the first device.
- a systemincludes: a first device; and a second device having the first device releasably attached thereto such that, when the first device is attached to the second device, the second device can cause the first device to generate a machine-readable code after the first device is detached from the second device, the second device including at least one controller configured so as to be capable of causing the first device to generate the machine-readable code only for a finite, predetermined period of time.
- a methodinvolves a step of configuring a first device such that the first device is capable, for only a predetermined, finite period of time, of generating a machine-readable code on a second device.
- a methodinvolves steps of: receiving information at a first device that has been transmitted over an electronic communication link; and after receiving the information at the first device, using a media at the first device to access a quantity of credit or cash reserves that could not be accessed prior to the first device receiving the information.
- FIG. 1is a block diagram illustrating an example of a network system in which a portable electronic authorization device (also referred to herein as a “Pocket Vault”) may be employed according to one embodiment of the invention;
- a portable electronic authorization devicealso referred to herein as a “Pocket Vault”
- FIG. 2is a block diagram showing an illustrative embodiment of the Pocket Vault shown in FIG. 1 ;
- FIG. 3is a block diagram showing an illustrative embodiment of one of the interface stations shown in FIG. 1 ;
- FIG. 4is a block diagram showing an illustrative embodiment of the network server(s) shown in FIG. 1 ;
- FIG. 5is a diagram showing an example of how the memory of the Pocket Vault shown in FIG. 2 may be configured in accordance with one embodiment of the invention
- FIG. 6is a block diagram showing an illustrative embodiment of the token (e.g., a card) associated with the Pocket Vault shown in FIG. 2 ;
- the tokene.g., a card
- FIG. 7is a flow diagram illustrating a primary routine that may be executed by the controller of the Pocket Vault shown in FIG. 2 ;
- FIG. 8is a flow diagram illustrating an example implementation of the PROCESS POCKET VAULT VALIDATION routine shown in FIG. 7 ;
- FIG. 9is a flow diagram illustrating an example implementation of the UNAUTHORIZED HOLDER routine shown in FIG. 7 ;
- FIG. 10is a flow diagram illustrating an example implementation of the AUTHORIZED HOLDER routine shown in FIG. 7 ;
- FIG. 11is a flow diagram illustrating an example implementation of the PROCESS CARD TRANSACTION routine shown in FIG. 10 ;
- FIG. 12is a flow diagram illustrating an example implementation of the VERIFY CARD RETURN routine shown in FIG. 7 ;
- FIG. 13is a flow diagram illustrating an example implementation of a primary routine that may be executed by the controller of the pocket vault interface unit shown in FIG. 3 ;
- FIG. 14is a flow diagram illustrating an example implementation of a primary routine that may be executed by the controller of the interface station computer shown in FIG. 3 ;
- FIG. 15is a flow diagram illustrating an example implementation of the PROCESS REQUEST TO VALIDATE POCKET VAULT routine shown in FIG. 14 ;
- FIG. 16is a flow diagram illustrating an example implementation of the PROCESS REQUEST TO UPDATE INFO ON POCKET VAULT routine shown in FIG. 14 ;
- FIG. 17is a flow diagram illustrating an example implementation of the PROCESS REQUEST TO AUTHORIZE TRANSACTION routine in FIG. 14 ;
- FIG. 18is a flow diagram illustrating an example implementation of the PROCESS UNSUCCESSFUL OPERATOR AUTHENTICATION routine shown in FIG. 14 ;
- FIG. 19is a flow diagram illustrating an example implementation of a primary routine that may be executed by the controller(s) of the network server(s) shown in FIG. 4 ;
- FIG. 20is a flow diagram illustrating an example implementation of the PROCESS REQUEST TO REGISTER NEW POCKET VAULT HOLDER routine shown in FIG. 19 ;
- FIG. 21is a flow diagram illustrating an example implementation of the PROCESS REQUEST BY MEDIA ISSUER/ADVERTISER TO UPDATE NETWORK SERVER routine shown in FIG. 19 ;
- FIG. 22is a flow diagram illustrating an example implementation of the PROCESS REQUEST TO UPDATE INFO ON POCKET VAULT routine shown in FIG. 19 ;
- FIG. 23is a flow diagram illustrating an example implementation of the PROCESS REQUEST FROM HOLDER TO LOAD NEW FILE ONTO NETWORK SERVER routine shown in FIG. 19 ;
- FIG. 24is a flow diagram illustrating an example implementation of the PROCESS REQUEST TO AUTHORIZE TRANSACTION routine shown in FIG. 19 ;
- FIG. 25is a flow diagram illustrating an example implementation of the AUTHORIZED POCKET VAULT USE? routine shown in each of FIGS. 20, 22 , and 24 ;
- FIGS. 26 a - 26 pare illustrations of the portable electronic authorization device, as well as the token (e.g., a card) associated therewith, as these items may appear when in use;
- the tokene.g., a card
- FIG. 27is a block diagram illustrating several additional features that may optionally be added to a network system such as that shown in FIG. 1 so as to enhance the functionality of the network;
- FIG. 28is a block diagram illustrating example components that may optionally be added to software executing on a controller of the Pocket Vault, such as the software described in connection with FIGS. 7-12 , so as to enhance the functionality of the Pocket Vault in a network environment;
- FIG. 29is a data flow diagram illustrating an example of how data may flow between the Pocket Vault and a user interface of an interface station computer to which the Pocket Vault is interfaced/docked;
- FIG. 30is a flow diagram illustrating an example of a primary routine that may be executed by a website on the network server(s) shown in FIG. 27 , which website may be accessed, for example, by a browser executing on the interface station computer shown in FIG. 27 ;
- FIG. 31is a flow diagram illustrating an example implementation of the INSTALL DRIVER(S) routine shown in FIG. 30 ;
- FIG. 32is a flow diagram illustrating an example implementation of the NEW POCKET VAULT HOLDER routine shown in FIG. 30 ;
- FIG. 33is a flow diagram illustrating an example implementation of the EXISTING POCKET VAULT HOLDER routine shown in FIG. 30 ;
- FIG. 34is a flow diagram illustrating an example implementation of the CARD LOADING routine shown in FIG. 33 ;
- FIG. 35is a flow diagram illustrating an example implementation of the SYNCHRONIZATION routine shown in FIG. 33 ;
- FIG. 36is a flow diagram illustrating an example implementation of the RECOVERY routine shown in FIG. 33 ;
- FIG. 37is a flow diagram illustrating an example implementation of the IDENTITY PORTING SELECTION routine shown in FIG. 33 ;
- FIG. 38is a flow diagram illustrating an example implementation of the BACKUP routine shown in FIG. 33 ;
- FIG. 39is a flow diagram illustrating an example implementation of the SET PREFERENCES routine shown in FIG. 33 .
- a new method and system for producing, distributing, storing, and using the typical contents of an individual's walletis disclosed herein.
- the systemmay enable individuals to replace nearly all of the paper and plastic contents of their wallets with a single, hand-held portable electronic authorization device.
- the systemmay include the portable electronic authorization devices, removable morphing tokens or cards associated with such devices, associated computer peripherals, software and certain network capabilities. As a whole, the system may eliminate virtually all of the distribution costs and security concerns associated with paper and plastic media.
- the devicemay incorporate many different media that are commonly stored in a person's wallet, possibly including both financial and non-financial media, it is much more than a simple point-of-sale (POS) device. Therefore, the device may be more appropriately referred to as a multi-purpose, “point-of-transaction” device.
- POSpoint-of-sale
- the systemis designed to perform tasks more safely, securely and with greater ease than is possible with prior art systems.
- the preferred embodimentis such that some people may barely recognize it as a computer, seeing instead a more comfortable to carry, easier-to-use, safer and more securely packaged means of transporting typical wallet contents.
- the system's business modelmay comprise an independent organization acting as a media-neutral, multi-service provider of other issuers' various financial and non-financial media, that also may enable individuals and retailers to add or create their own secure (and where appropriate, non-secure media) using a device with a self-contained set of authentication security features, which may even be password-free.
- This devicemay operate over existing financial transaction networks, while also having links to a highly secure network system for certain functionality.
- the self-contained authentication functionality of the deviceitself ensures privacy, while providing sufficient accountability/traceability to satisfy law enforcement concerns.
- FIG. 1A network system 100 configured according to one illustrative embodiment of the invention is shown in FIG. 1 .
- the network system 100may include a portable electronic authorization device 102 (alternatively referred to herein as a “Pocket Vault”) and an associated token 102 a (alternatively referred to herein as a “Chameleon Card”).
- a portable electronic authorization device 102alternatively referred to herein as a “Pocket Vault”
- an associated token 102 aalternatively referred to herein as a “Chameleon Card”.
- Each person desiring to use the network system 100may possess his or her own the Pocket Vault 102 and associated token 102 a .
- Some individualsmay choose to own multiple Pocket Vaults or Chameleon Cards. The system and software therefore may accommodate the use of multiple Pocket Vaults and multiple Chameleon Cards by one individual.
- the network system 100may include one or more network servers 114 to which various other network components are coupled. Although multiple, load-sharing network servers 114 may be employed in a typical application, the network server(s) 114 will hereinafter, for convenience, occasionally be referred to as a single network server 114 .
- Coupled to the network server 114are: several different types of interface stations 104 (i.e., a validation interface station 104 a , a personal interface station 104 b , and a commercial interface station 104 c ), one or more commercial card readers 106 , one or more commercial bar code readers 107 , and several computers 108 , 110 , and 112 operated by one or more advertisers, non-financial media issuers, and financial media issuers, respectively.
- the structure and functionality of each of the components of the network system 100 in accordance with illustrative embodiments of the inventionare described below.
- the network server 114may form the hub of the network system 100 , with each of the interface stations 104 , the commercial card reader 106 , the commercial bar code reader 107 , and the computers 108 , 110 , and 112 being coupled thereto.
- the network server 114may therefore serve as: (1) a repository of information for the network, (2) the entity that controls access to the stored information by the other network devices, and (3) a service provider for financial and non-financial media issuers, advertisers, as well as Pocket Vault holders.
- the network server 114is coupled to the other elements in the network system 100 via the Internet or similar packet-switched communication system.
- dedicated or selectively established (e.g., using a dial-up modem) communication channels or time slots thereofmay be employed between the respective devices.
- the connections between the network devicesmay be either hardwired (including fiber optic connections) or wireless (e.g., infrared (IR) or radio frequency (RF) links).
- the Pocket Vault 102may be interfaced with any of the interface stations 104 a - c so as to permit information to be uploaded from the network server 114 to the Pocket Vault 102 , or to be downloaded from the Pocket Vault 102 to the network server 114 .
- each of the interface stations 104includes a docking mechanism that permits a Pocket Vault 102 to be physically, as well as electronically, interfaced therewith.
- the Pocket Vault 102may communicate with the interface station 104 using any now known or later discovered technique. For example, physical contact may be made between respective electrodes or plugs, a line of sight (e.g., infrared) wireless link may be established, or any other interfacing technique may be employed.
- the Pocket Vault 102may additionally or alternatively be configured such that it need not be physically docked with or even in the same room as the interface station 104 , as a wireless network such as Bluetooth may be employed to permit communication between devices on the network system 100 .
- a wireless networksuch as Bluetooth
- each Pocket Vault 102may communicate directly with the network server 114 , without the interface stations 104 a - c facilitating communication therebetween.
- Pocket Vaults 102may communicate directly with one another. In such embodiments, such inter-device communication may permit value to be exchanged directly between Pocket Vaults 102 .
- the personal docking station 104 bmay allow setting or changing of user preferences, recording of miscellaneous information by the Pocket Vault holder, replenishment or deletion of information regarding particular media, and may also permit additional media (e.g., a library card) to be added to the device.
- the Pocket Vault holdermay, for example, directly add non-value-based media (e.g., a membership number for the local Historical Society) and notes to the Pocket Vault 102 .
- value-based and certain identification media(a driver's license, passport, building security ID, etc.) may be added or reinstated only through a secure connection to the network server 114 (as described below), in response to an update request from the Pocket Vault holder.
- the personal interface stationmay provide a mechanism to download transaction activity involving the Pocket Vault 102 into an individual's home computer.
- home finance softwareThere are many users of home finance software. These applications can be relatively “data hungry,” and commonly require users to download checking and debit card data from their banks (or key it in manually) and to key in the details of credit card and cash purchases. All of this keying and internet file downloading from third parties may be replaced by a simple docking procedure, i.e., when the Pocket Vault 102 is interfaced with the personal docking station 102 b.
- the Pocket Vault 102may be equipped to generate the token 102 a such that the token 102 a has transactional information regarding a media (e.g., a simulated magnetic stripe or a bar code) produced thereon.
- a mediae.g., a simulated magnetic stripe or a bar code
- the token 102 amay be used by the Pocket Vault holder to engage in a transaction wherein an entity swipes the simulated magnetic stripe of the token 102 a through a card reader 106 or scans the bar code on the token 102 a using a bar code reader 107 .
- the token 102 amay include a suitable Smartcard interface so that the Chameleon Card 102 may be used with Smartcard compatible devices.
- the token 102 amay be caused to take on a different personality each time it is released from the Pocket Vault 102 , a plurality of media may be stored electronically in memory of the Pocket Vault 102 , and the token 102 a may, upon request, be generated to take on the personality selected by the Pocket Vault holder.
- the respective media stored on the Pocket Vault 102may be issued by different and unrelated media issuers. As used herein, two media issuers are “unrelated” if there exists no legal relationship between them.
- the token 102 amay also have display capacity, sufficient to indicate the media personality that it has taken on. This may or may not include display of the specific identity that is temporarily encoded on the token 102 a .
- valuemay be exchanged between two Pocket Vaults 102 when one the Pocket Vault 102 generates a token 102 a having a value-based or value-linked media stored thereon, and the token 102 a so generated is passed to the other the Pocket Vault 102 , which then may then access the media and extract value therefrom or add value thereto.
- this sort of value exchangemay also be accomplished directly between two Pocket Vaults 102 over a wireless network, such as Bluetooth.
- the Pocket Vault 102may also generate a bar code for a selected media on the Pocket Vault's display (not shown in FIG. 1 ), and the bar code reader 107 may be used to scan the displayed bar code to process a transaction.
- a transactionmay be processed via a commercial interface station 104 c either by use of a docking terminal or via a wireless network scheme such a Bluetooth.
- some commercial interface stations 104 cmay comprise an interface station linked to a standard commercial card reader 106 or commercial bar code reader 107 , with the card reader 106 or bar code reader 107 being modified to accept input from the station.
- the Pocket Vault 102may comprise a display (not shown in FIG. 1 ).
- a displayhaving a user-manipulable touch screen or a separate user input device (not shown in FIG. 1 )
- a Pocket Vault holdercan effectively flip through the contents of the Pocket Vault 102 to locate and select a desired media (e.g., a credit card, driver's license, library card, frequent flier card, etc.) much like a person can flip through the contents of his or her wallet to do the same.
- a desired mediae.g., a credit card, driver's license, library card, frequent flier card, etc.
- the use of a display on the Pocket Vault 102also creates an opportunity for media providers to go from a static presentation of their brand (logo, etc.) to having the option of dynamic branding and messaging.
- the displayuses the display, the presentment of active marketing at the “moment of buying decision” is possible.
- the logo and message displayed to the Pocket Vault holdermay incorporate motion, moving images and messages. To conserve power, moving images may be presented only at certain times, e.g., in response to internal or external events or communications.
- the computers 108 , 110 , and 112may represent a secure infrastructure of server databases capable of storing information for purposes of delivering personalized services to holders of Pocket Vaults 102 .
- the network server 114may also track activity of Pocket Vault holders and compile marketing information based thereupon that may prove useful to media issuers and/or advertisers.
- the Pocket Vault holdermay have control over the ability of the network server 114 to track activity.
- the information maintained on the network system 100may originate with the holders of Pocket Vaults 102 and/or may originate with the other entities having access to the network system 100 (e.g., advertisers and media issuers).
- a suitable user authentication techniquemay be employed in connection with each attempted use of any of these devices.
- One suitable user authentication technique that may be employedis the analysis of a bio-metric feature of the individual attempting use of the device (e.g., a fingerprint scan, retina scan, a speech pattern analysis, keystroke rhythm, etc.), and validating the identity of the individual on that basis.
- a personal identification (PIN) codemay be entered by the holder to verify the holder's identity.
- authentication information used to validate the holder's identitye.g., the stored fingerprint and/or PIN code
- the validationis performed in its entirety on-board the same device, such that the user-specific authentication information never leaves the device in which it is stored.
- authentication informatione.g., fingerprint data
- such authentication informationmay be maintained by the network server 114 .
- This authentication informationmay be transmitted to the network server 114 , for example, when Pocket Vaults 102 are first validated.
- a trust relationshipmay be established between the network server 114 and the Pocket Vault 102 .
- This relationshipmay involve, for example, the registration of a unique encrypted chip ID of the Pocket Vault 102 with the network server 114 through a secure Internet connection, the distribution of a digital certificate (e.g., a PKI certificate) to the Pocket Vault 102 , and the grant of authority to the Pocket Vault 102 to permanently store the Pocket Vault holder's authentication information.
- a similar level of caremay also be taken to ensure that only authorized individuals are permitted to validate interface stations 104 a - c by having their authentication information (e.g., their fingerprint data or PIN codes) stored therein. Therefore, as with the Pocket Vaults 102 , after it has been confirmed that each interface station's authorization information has been properly stored in the interface station 104 , a trust relationship may be set up between the network server 114 and the interface station 104 . This relationship may also involve, for example, the registration of a unique encrypted chip ID of the interface station 104 with the network server 114 through a secure Internet connection, the distribution of a digital certificate to the interface station 104 , and the grant authority to the interface station 104 to permanently store the interface station operator's authentication information.
- the Pocket Vault 102 and/or the interface stations 104are each permitted to store authentication information for only one individual, it should be appreciated that, in alternative embodiments, the Pocket Vault 102 and/or the interface stations 104 may each store authentication information for more than one individual, thereby permitting multiple people to use them.
- each Pocket Vault 102 and each interface station 104may communicate securely with the network server 114 , as well as with any other networked devices or sites that require a high-level of trust. Also, the existence of these trust relationships enable individual Pocket Vaults 102 to accept other services provided by the network servers 114 , such as the backup and recovery of information stored within the Pocket Vaults 102 . That is, the network servers 114 can serve as a repository for all of the information stored on every validated Pocket Vault 102 (except the holder's authentication information—which, in some embodiments, is stored only in the Pocket Vault 102 ).
- informationmay, for example, be uploaded from the network server 114 to a Pocket Vault 102 or downloaded from the Pocket Vault 102 to the network server 114 each time the Pocket Vault 102 is interfaced with any of the interface stations 104 a - c. Therefore, if a Pocket Vault 102 is lost or stolen, the Pocket Vault holder need only obtain a new Pocket Vault 102 , and the entire contents of the lost Pocket Vault 102 can be uploaded thereto, in a single communication, in a matter of seconds.
- the network server 114may void the chip ID of that Pocket Vault 102 , so that the Pocket Vault 102 cannot be used by a third party, even if the holder validation security (e.g., the bio-metric scanning or PIN entry requirement) is somehow breached. Voiding the chip ID of the Pocket Vault 102 may, for example, prevent the Pocket Vault 102 from assigning any media information to the associated Chameleon Card.
- the network server 114may also serve as a repository for information regarding media issuers or advertisers, and may further provide various services to these entities. For example, the network server 114 may facilitate transactions involving media issued by media issuers, and may permit new media to be issued or lost media to be replaced at a fraction of the cost of generating new physical tokens or replacing lost ones. Additionally, the network server 114 may serve as a conduit for advertisers to target particular classes of Pocket Vault holders, and channel information to them. The network server 114 may also function as an advocate for Pocket Vault holders, advertisers, and/or media issuers when it utilizes its portfolio of Pocket Vault holders, media issuers, and/or advertisers to secure privileges.
- Examples of such advocacyinclude the ability to secure buying power for Pocket Vault holders as a group or to provide media issuers and advertisers with a highly efficient tool for generating awareness for affinities or causes that fit appropriate holder markets.
- the services provided by the network server 114enable Pocket Vault holders to combine and manage their media data using a single, hand-held device, and enables advertisers and media issuers to understand more about, and more readily reach more of, their customers than ever before.
- FIG. 2shows an example embodiment of the Pocket Vault 102 of FIG. 1 .
- the Pocket Vault 102may employ components similar to those used in modern personal digital assistants (PDAs) and palm top computers. Examples of such products include PDAs such as the “Palm Pilot” from Palm, Inc. (www.palm.com), and the “Casiopedia” from Casio, Inc. of Dover, N.J. (www.casio.com).
- the Pocket Vault 102may include a controller 202 , as well as a transceiver 204 , a user input device 206 , a docking interface 208 , a read/write memory 210 , a write-once memory 212 , a power manager 214 , an indicator 215 , a display 216 , a token port 218 , and a fingerprint scanner 220 , all coupled to the controller 202 .
- the Pocket Vault 102may include a hard-wired memory (not shown) to store device serial numbers and key operating system and encryption software components.
- FIGS. 26A-26PActual views of an example embodiment of the Pocket Vault 102 , as well as the token 102 a associated therewith, are shown in FIGS. 26A-26P .
- the Pocket Vault 102may comprise a housing 2602 in which the components shown in FIG. 2 may be disposed.
- the housing 2602may be approximately seventy millimeters wide, approximately one hundred millimeters long, and approximately fifteen millimeters deep.
- the housing 2602has an internal volume of less than 105 cubic centimeters.
- the housing 2602may be slightly larger or smaller than that shown.
- the housing 2602may have an internal volume of less than five hundred cubic centimeters, or less than four hundred cubic centimeters, or less than three hundred cubic centimeters, or less than two hundred cubic centimeters, or less than one hundred cubic centimeters, or less than any other volume value that falls between one hundred and five hundred centimeters.
- the housing 2602is sized so that the Pocket Vault 102 may readily fit into the rear pocket of a pair of pants.
- FIG. 2One feature of the illustrative embodiment of the Pocket Vault 102 shown in FIG. 2 which may permit its size to be reduced below that of a standard personal computer is the fact that the embodiment shown lacks a disk drive (either hard or floppy) or any similar memory storage device (e.g., a tape drive) that consumes a significant volume within the housing 2602 . It should be appreciated, of course, that alternative embodiments may include such memory devices, and that the invention is not necessarily limited to embodiments that exclude them.
- the power manager 214may reduce the power consumption of the active components of the Pocket Vault 102 well below that of a standard personal computer, thereby enabling a very small and light weight battery to be employed, as opposed to the relatively large and heavy batteries typically employed in personal computers.
- the housing 2602may provide a water-resistant or waterproof environment for the components housed thereby.
- the housing materials of Pocket Vaults 102may be brightly colored, in addition to traditional black or brown, thereby helping their holders to make a fashion statement and/or permitting them to be readily spotted if misplaced.
- Deluxe versionsmay be clad in leather, KevlarTM, GortexTM, aluminum and/or stainless steel. In some embodiments, the housing 2602 may even be woven into garments.
- the controller 202comprises a low-power multiprocessor or microcomputer having an on-board SRAM and/or flash memory and a real time clock calendar.
- a suitable controlleris the “Motorola Dragonball” Processor from Motorola, Inc. (www.motorola.com).
- the controller 202may include a software-programmable and encryption-protected or hard-wired unique chip ID. In one embodiment, this chip ID is released from the Pocket Vault 102 only after the fingerprint scanner 220 (discussed below) has successfully authenticated the identity of the holder.
- a signal processor for Bluetooth or another wireless connectionmay also be employed within or along with the controller 202 .
- the transceiver 204may be any type of transceiver (or separate transmitter and receiver) capable of communicating with the other devices in the network 100 to enable the functionality described herein.
- an RF or an IR transceivermay be employed.
- Some embodimentsmay, in fact, include both an IR and an RF transceiver to be used in different applications.
- an IR transceivermay be employed to interface the Pocket Vault with a “docking station” type interface unit, and a separate RF transceiver may be employed to communicate over a wireless network such as Bluetooth.
- the user input device 206is implemented as part of a touch-screen display used as the display 216 (described below). Additionally or alternatively, the user input device 206 may include dedicated buttons, a keypad, a touch pad, a microphone and speech recognition software, a wand or joystick, or any other suitable implement that permits a person to provide input to the controller 202 . The user input device 206 may also be integrated into the fingerprint scanner 220 or into an alternative bio-metric input device.
- a Pocket Vault holdermay select one of a number of media stored in memory of the Pocket Vault 102 for display and/or use in connection with a transaction, and may otherwise control or provide input to software executing on the controller 202 .
- a keypadis employed as the user input device 206 , thereby permitting the holder to input a PIN code as a means of authenticating the holder's identity.
- the docking interface 208may take on any of numerous forms, and the invention is not limited to any particular type of interface device.
- the docking interface 208may, for example, include a multi-pin plug adapted to mate with a receptacle disposed on the interface units 104 a - c, or vice versa.
- the docking interface 208may also comprise one or more implements (e.g., grooves or keys) to ensure that the plug or other docking interface 208 mates correctly with the reciprocal device on an interface unit 104 when the two are physically mated together.
- the read/write memory 210may take on any of a number of forms, and the invention is not limited to any particular type of memory.
- the memory 210may, for example, comprise a suitable non-volatile SRAM.
- any suitable memory device that permits a only single write operation to take placemay be employed as the write-once memory 212 .
- the memory 210may have instructions stored therein which, when executed by the controller 202 , cause the controller 202 to implement the routines/software described below in connection with FIGS. 7-12 and/or FIG. 28 .
- the memory 210may also contain a suitable operating system (e.g., Palm OS, Microsoft's Windows CE, Microsoft's Windows for Smartcards, or some similar offering), appropriate device drivers, and other software employed in connection with the controller 202 and/or the peripherals thereof.
- the memory 210may also be used to store the various media and personal information retained by the Pocket Vault 102 .
- the memory 210stores a plurality of different media issued by different and unrelated media issuers, including both financial (e.g., a credit or debit card) and non-financial media (e.g., a drivers license or a library card).
- “financial media”refers to any media which can, as a matter of course, be used to purchase goods or services
- non-financial mediarefers to any media which, while possibly having some value to the Pocket Vault holder, cannot, as a matter of course, be used to purchase goods or services.
- financial mediainclude value-linked and value-based media such as debit or credit cards issued by a bank or other financial institution, telephone calling cards, etc.
- non-financial mediainclude: library cards, driver's licenses, building access cards, etc.
- the memory 210is large enough to store as many as one hundred compressed graphic image files, and full data sets for as many as one hundred types of media.
- the memory 210may store status information, where useful, for each type of media. Examples of this sort of status information include: information regarding the value remaining on a pre-paid phone card, information regarding an accumulated number of frequent flier miles, information regarding a total number of cups of coffee that have been purchased at a particular coffee shop (e.g., in connection with a buy-ten-get-one-free special), etc.
- the portion of the memory 210 devoted to memory storagemay be divided into three sections: (1) a high-security section, (2) a medium security section, and (3) a non-secure section.
- the high security sectionmay be used to store value-based or value-linked media such as debit and credit cards and certain ID information such as driver's licenses, passports, building security passes, etc.
- the medium security sectionmay be used to store low-value, limited use media that may be accessed, for example, by retailers to keep track of frequent purchase credits or the like.
- the non-secure sectionmay, for example, be used to store notes, membership ID records, emergency contact information, etc. Access to the information included in the various sections may require security or user authentication procedures commensurate with the indicated security level. For example, an accurate fingerprint scan and an accurate pin code entry may be required to access the high-security section, only an accurate PIN code entry (even by the retailer) may be required to access the medium-security section, and anyone may be permitted to access the non-secure section.
- the power manager 214may comprise any of numerous devices, and the invention is not limited to any particular type of power supply/management device.
- the power managermay, for example, employ a flat, rechargeable, lithium battery, and associated regulator and power management software.
- the battery usedmay be non-rechargeable and/or coin cell-shaped.
- Solar powered cellsmay also be a viable option as at least a supplement to battery power, if not a primary source of power for the Pocket Vault 102 . This may be made possible because of the typically modest on-time requirements for a Pocket Vault 102 .
- Power management softwaremay also assist in minimizing the power consumption of the Pocket Vault 102 .
- Such softwaremay, for example, invoke an auto-shutdown feature after a preference-set number of seconds, may control the level of screen back-lighting in response to feedback received from a photo-sensor that registers ambient light, and/or may provide battery charge level warnings to Pocket Vault holders.
- the indicator 215may be any device capable of generating a perceptible indication to the holder such as a bell, chime, buzzer, light, vibration, etc., and the invention is not limited to any particular type of device for accomplishing such a result.
- the indicatoris a chime generator that generates a “chime” sound that can be heard by the Pocket Vault holder.
- a touch-screen displaymay be employed such that at least a portion of the functionality of the user input device 206 may be incorporated therein.
- Suitable displaysmay, for example, include any of a black & white, gray-scaled, or color LCD display, or an LCD bi-stable display.
- the use of the display 216together with the user input device 206 (which may constitute the touch-screen functionality of the display 216 ) permits the Pocket Vault holder to flip or scroll through the various media stored in the memory 210 in much the same way as a person flips through the contents of his or her wallet.
- the indicator 215in addition to or in lieu of the display 216 , other user output devices may also be employed to provide information to the Pocket Vault holder. For example, light emitting diodes (LEDs), a beeper or buzzer, a speech synthesizer, a vibrator, etc., may be employed in some embodiments of the Pocket Vault 102 .
- LEDslight emitting diodes
- a beeper or buzzera speech synthesizer
- a vibratoretc.
- the token port 218 of the Pocket Vault 102may comprise a cavity or slot in which the token 102 a is retained until it is released to be used to engage in a transaction, as well as the hardware employed to secure the token 102 a in place when the token 102 a has not been authorized to be released.
- the token 102 astores a unique (and possibly encrypted) chip ID which is accessible to another device only when the token 102 a is successfully released form the token port 218 .
- the card port 218may include additional hardware employed in connection with properly generating or configuring the token 102 a prior to its release. This hardware is discussed in more detail below in connection with FIG. 6 .
- the fingerprint scanner 220may comprise any device capable of accurately scanning a fingerprint of an individual for comparison with one or more fingerprint images stored in memory.
- the fingerprint scanner 220may, for example, be a solid-state (non-optical) device. Devices that may be suitable for use as the fingerprint scanner 220 are available, for example, from Veridicom, Inc., of Santa Clara, Calif. (www.veridicom.com), from Polaroid Corporation of Cambridge, Mass. (www.polaroid.com), and from Identix Incorporated of Sunnyvale, Calif. (www.identix.com).
- the fingerprint scanner 220may incorporate a temperature sensor that enables it to ensure that a live finger is contacting the scanning surface when the scanning function is employed.
- bio-metric scanning devicesmay also be employed to verify the identity of the holder.
- some embodimentsmay employ a charge coupled device (CCD) to serve as an iris or retina scanner, an optical sensor, and/or a voiceprint.
- CCDcharge coupled device
- a keystroke rhythmmay be measured, either alone or in combination with another user authentication technique (e.g., a successful PIN code entry requirement), to validate the identity of the holder.
- the fingerprint scanner 220 and/or other bio-metric scannersmay have touch pad capabilities built into them, thereby permitting them to constitute at least a part of the user input device 206 shown in FIG. 2 .
- FIG. 3is a block diagram showing an example embodiment of one of the interface stations 104 a - c shown in FIG. 1 .
- the hardware employed to implement each of the stations 104 a - cmay be identical to the others or may be substantially different, depending on the environment in which the station 104 is to be used, as well as the functional requirements of the particular station. Therefore, while the example embodiment described herein may be suitable for use as any of the stations, it should be appreciated that each of the stations may, in fact, be configured quite differently than the others.
- each interface station 104may include both an the interface station computer 304 and a pocket vault interface unit 302 .
- the interface station computer 304may be a standard desktop personal computer (PC), and may, as shown, comprise a controller 308 , a user input device 318 , a memory 320 , a modem 322 , and a display 324 . These components are well known in the art and therefore will not be described in detail herein.
- the memory 320 of the interface station computer 304may have instructions stored therein which, when executed by the controller 308 , cause the controller to implement the routine described below in connection with FIGS. 14-18 as well as any other software, e.g., a browser, drivers, etc., executing on the interface station computer 304 .
- the pocket vault interface unit 302is coupled to the interface station computer 304 such that a controller 306 of the pocket vault interface unit 302 can communicate with the controller 308 of the interface station computer 304 .
- the communications interface between these devicesmay, for example, comprise a Smartcard, Bluetooth or USB interface.
- the pocket vault interface unit 302may comprise a transceiver 310 , a docking interface 312 , a finger print scanner 316 , a stripe reader 315 , and a memory 314 .
- the pocket vault interface unit 302may also comprise a display and/or another device used to provide feedback to the operator, e.g., an audio indicator or LED.
- the stripe reader 315may be any conventional device for electronically reading the magnetic stripe on a token card such as a credit/debit card or drivers license.
- the stripe reader 315may be used, for example, to read information from a token card so that such information can be downloaded to the network server 114 or the Pocket Vault 102 .
- the memory 314may be any conventional memory suitable to store the software executed by the controller 306 , as well as any data, e.g., stored fingerprint data, used in connection therewith.
- the memory 314 of the pocket vault interface unit 302may have instructions stored therein which, when executed by the controller 306 , cause the controller 306 to implement the routine described below in connection with FIG. 13 .
- the transceiver 310 of the pocket vault interface unit 302may be any type of transceiver (or separate transmitter and receiver) capable of communicating with the other devices in the network 100 to enable the functionality described herein.
- an RF or an IR transceivermay be employed.
- Some embodimentsmay even include both an IR and an RF transceiver to be used in different applications.
- an IR transceivermay be employed to interface the pocket vault interface unit 302 with a Pocket Vault 102
- a separate RF transceivermay be employed to communicate over a wireless network such as Bluetooth.
- the docking interface 312 of the pocket vault interface unit 302may take on any of numerous forms, and the invention is not limited to any particular type of interface device.
- the docking interface 312may, for example, include a multi-pin plug adapted to mate with a receptacle used as the docking interface 208 of a Pocket Vault 102 , or vice versa.
- the docking interface 312may also comprise one or more implements (e.g., keys or grooves) to ensure that the plug or the like of the docking interface 208 of the Pocket Vault 102 mates correctly with the corresponding implement of the docking interface 312 when the Pocket Vault 102 and pocket vault interface unit 302 are physically mated together.
- the fingerprint scanner 316 of the pocket vault interface unit 302may comprise any device capable of accurately scanning a fingerprint of an individual for comparison with one or more fingerprint images stored in memory.
- the fingerprint scanner 316may, for example, be a solid-state (non-optical) device.
- Devices that may be suitable for use as the fingerprint scanner 220are available, for example, from Veridicom, Inc., of Santa Clara, Calif. (www.veridicom.com), from Polaroid Corporation of Cambridge, Mass. (www.polaroid.com), and by Identix Incorporated of Sunnyvale, Calif. (www.identix.com).
- the fingerprint scannermay incorporate a temperature sensor that enables it to ensure that a live finger is contacting the scanning surface when the scanning function is performed.
- a fingerprint scannermay employ a charge coupled device (CCD) to serve as an iris or retina scanner, an optical sensor, and/or a voiceprint.
- CCDcharge coupled device
- a keystroke rhythmmay be measured, either alone or in combination with another user authentication technique (e.g., a successful PIN code entry requirement), to validate the identity of the operator.
- the pocket vault interface unit 302may additionally comprise one or more user input devices enabling the operator to control or provide input to the pocket vault interface unit 302 or the software executing thereon.
- the fingerprint scanner 316 and/or other bio-metric scannersmay, for example, have touch pad capability capabilities built into them, thereby permitting them to constitute such a user input device. Separate user input devices may also be employed.
- FIG. 4shows an example embodiment of the network server 114 shown in FIG. 1 .
- the network server 114may comprise one or more controllers 402 , as well as a local memory 404 , a database 406 , and a transceiver 408 coupled thereto.
- the illustrated components of the network server 114are well known, and therefore will not be described in detail.
- the transceiver 408may, for example, be used to communicate with other devices in the network system 100 ( FIG. 1 ) using a wireless network such as Bluetooth.
- the controller 404may also communicate with other network devices via the Internet or a direct connection such as the type established using a dial up modem.
- the local memory 404may have instructions stored therein which, when executed by the controller 402 , cause the controller 402 to implement the routines described below in connection with FIGS. 19-25 and/or FIGS. 30-39 .
- the local memory 404 and/or database 406act as a website and execute software which may be accessed by a browser or similar software module operating on a computer. One such embodiment is described below in connection with FIGS. 28-39 .
- the database 406may, for example, comprise a relational database, and may be used to store the majority, if not all, of the data maintained by the network server 114 .
- the database 406may, for example, keep a real-time record of critical reference data along with transaction histories, back-up files, and security audit trail information for key events.
- Examples of specific items that may be stored in the database 406include: a list of current Pocket Vault holders and appropriate contact information for each; records regarding the versions of software loaded onto each Pocket Vault 102 , each pocket vault interface unit 302 , and each interface station computer 304 ; a list of currently authorized or registered Pocket Vaults 102 , identified by chip ID and linked to the holder list; a list of currently authorized or registered tokens 102 a , identified by chip ID and linked to the holder list; a list of currently authorized locations for interface stations 104 and telephone or other access lines therefor, including business information for each such location and an indication as to the type of interface station 104 it is (e.g., a validation interface station, a personal interface station, or a commercial interface station); a list of currently authorized or registered interface station operators and the interface stations 104 with which they are associated; a list of currently authorized or registered interface stations 104 , identified by chip ID and linked to the list of authorized operators therefor, as well as encrypted cookie ID information (if any) for the respective
- the network server 114may analyze data regarding consumer transactions, and thereby accumulate demographic information. Using this information, merchants, media issuers, and/or advertisers may, for example, define targeted marketing programs, which the network server 114 may then deliver to Pocket Vault holders that meet particular demographic profiles.
- FIG. 5shows how the memory 210 of the Pocket Vault 102 ( FIG. 2 ) may be organized (conceptually) in accordance with one embodiment of the invention.
- the purpose of each of the illustrated memory componentswill be readily understood by those skilled in the art of the invention, and therefore will not be explained in detail.
- FIG. 6is a block diagram showing an example embodiment of the token 102 a shown in FIGS. 1 and 2 .
- the token 102may be equipped with a controller 602 .
- the controller 602may be selectively programmed, for example, via interface terminals 606 to generate a current in a wire loop 608 so as to generate a magnetic field about the wire loop 608 that simulates a magnetic stripe of a standard credit card-like token.
- a magnetic fieldmay be generated along the edge of the token 102 a as if a magnetic stripe were present on that edge.
- the location of the simulated magnetic stripe on the token 102 ais identified in FIG. 6 as a virtual magnetic stripe 610 .
- Appropriate softwaremay be loaded onto the controller 602 (e.g., in an on-board memory of the controller 602 ) so as to enable the controller to generate the virtual magnetic stripe 610 .
- the terminals 606 of the token 102 amay engage corresponding terminals of the token port 218 , thereby enabling the controller 602 to be programmed appropriately.
- the programming of the controller 602may be effected, for example, in response to commands from the controller 202 of the Pocket Vault 102 , which commands may be generated in response to software executing on the controller 202 .
- the controller 602may be powered by an appropriate resistor-capacitor (RC) circuit which stores a charge that decays over time.
- the RC circuitmay be initially charged via the terminals 606 when the token 102 a is disposed in the token port 218 and the controller 602 is being programmed. After the token 102 a is removed from the token port 218 , the controller 602 will remain powered only so long as sufficient charge remains stored by the RC circuit 604 . Because the controller 602 can generate the virtual magnetic stripe 610 only when it is driven by an adequate power supply, the virtual magnetic stripe will disappear after the charge in the RC circuit 604 has decayed beyond a certain threshold level.
- RCresistor-capacitor
- the virtual magnetic stripe 610is disposed on the token 102 a only for a finite, predetermined period of time after the token 102 a is removed from the token port 218 .
- the controller 602may cut off the power to the wire loop 608 after a preset amount of time or an amount of time determined by the Pocket Vault holder (possibly within preset limits).
- the token 102 amay have its own embedded chip ID, which may be accessible only when the token 102 a is successfully released form the token port 218 .
- the token 102 amay possess the characteristics of a bank-issued Smartcard, either in addition to or in lieu of the virtual magnetic stripe 610 . Accordingly, the token 102 a may include a specialized Smartcard chip or the controller 602 may be programmed to mimic such a chip. In any event, the token 102 a may be preloaded with the bank's chip operating system (OS) and possibly customer-specific secure information. In such embodiments, the functionality of the Smartcard components may, for example, be enabled only in response to successful authentication of the Pocket Vault holder, e.g., using the fingerprint scanner 220 of the Pocket Vault 102 . Therefore, the customer-specific “Smartcard” information may remain inaccessible so long as the Pocket Vault holder's identity has not been authenticated using the Pocket Vault 102 .
- OSbank's chip operating system
- FIGS. 7-12are flow diagrams illustrating an example implementation of software that may be executed by the controller 202 of the Pocket Vault 102 .
- this or additional proprietary softwaremay enable menu structures, handle preference management, provide the data on and safeguard the programmability of the virtual magnetic stripe 610 (if so equipped), and ensure proper encryption data management.
- local software for each Pocket Vault 102 and pocket vault interface station 104may be upgraded from time to time by automatic download from the network server 114 .
- various itemsmay be displayed on the display 216 , including prompts or icons regarding user input options (when a touch-screen display is employed as the display 216 or a point and click mechanism is employed herewith), and various items may also be displayed on the token 102 a when the token 102 a is ejected from the token port 218 of the Pocket Vault 102 .
- FIGS. 26 A-Pshow examples of how the display 216 and the token 102 a may appear as the routines of FIGS. 7-12 are executed, and therefore will be discussed in connection with the description of these routines.
- FIG. 7is a flow diagram illustrating an example implementation of a primary routine 700 that may be executed by the controller 202 of the Pocket Vault 102 . Instructions for the routine 700 may be stored, for example, in the “applications” section 508 of the memory 210 of the Pocket Vault 102 .
- the routine 700begins at a step 702 , wherein it is determined whether the Pocket Vault holder has applied his/her fingerprint to the fingerprint scanner 220 of the Pocket Vault 102 .
- the display 216 of the Pocket Vault 102may appear as shown in FIG. 26A . That is, the display 216 may be blank at the step 702 , as the Pocket Vault 102 is currently powered down.
- the routine 700proceeds to a step 704 , wherein the power manager 214 powers on the Pocket Vault 102 .
- the routine 700otherwise waits at the step 702 until the Pocket Vault holder has applied a fingerprint to the fingerprint scanner 220 .
- the step 702may not represent an instruction set executed by the processor 202 .
- the step 702may represent the detection of the occurrence of a physical action, e.g., the activation of a hardware switch, and the power manager 214 may be activated in response to the detection of such an action, without requiring intervention by the processor 202 .
- the routine 700proceeds to a step 706 , wherein the fingerprint scanner 220 scans the applied fingerprint of the Pocket Vault holder.
- the routine 700proceeds to a step 708 , wherein it is determined whether the Pocket Vault 102 has been validated.
- the Pocket Vault 102is not validated until: (1) a user's fingerprints have been stored in the fingerprint memory (e.g., the write-once memory 212 of FIG. 2 ), and (2) the Pocket Vault 102 has received and stored encrypted validation information (e.g., a PKI certificate) from the network server 114 , as described below.
- a user's fingerprintshave been stored in the fingerprint memory (e.g., the write-once memory 212 of FIG. 2 )
- the Pocket Vault 102has received and stored encrypted validation information (e.g., a PKI certificate) from the network server 114 , as described below.
- the routine 700proceeds to a step 710 , wherein a PROCESS POCKET VAULT VALIDATION routine (described below in connection with FIG. 8 ) is executed.
- the routine 700proceeds to a step 712 , wherein it is determined whether Pocket Vault 102 has been authenticated, e.g., whether the fingerprint scanned at the step 706 matches one of the fingerprints stored in the fingerprint memory 212 .
- the routine 700proceeds to a step 714 , wherein an UNAUTHORIZED HOLDER routine (discussed below in connection with FIG. 9 ) is executed.
- FIGS. 26 B-Dshow how the display 216 of the Pocket Vault 102 may appear during the UNAUTHORIZED HOLDER routine, and therefore are also discussed below in connection with FIG. 9 .
- the routine 700proceeds to a step 713 , wherein an encrypted message including the unique Pocket Vault chip ID is transmitted to the pocket vault interface unit 302 , in the event that the Pocket Vault 102 is interfaced or in communication with such a device.
- a checkmay be made to ensure that the components used to interface the Pocket Vault 102 with the other components in the network 100 (either wirelessly or directly) are in place and operating correctly, and have not been compromised. Alternatively, the operability and integrity of such components may be checked just prior to their use.
- a checkmay be made to ensure that the contents of the Pocket Vault 102 have been updated recently. For example, the Pocket Vault 102 may forbid its holder from accessing its contents if the Pocket Vault 102 has not been updated at least 48 hours (or some other specified time period) prior to the attempted use. Updating of the Pocket Vault 102 may be accomplished, for example, using the synchronization or backup and recovery methods described herein.
- the routine 700proceeds to a step 716 , wherein it is determined whether the Chameleon Card (i.e., the token 102 a ) is presently on-board the Pocket Vault 102 (i.e., whether the token 102 a is disposed within the card port 218 of FIG. 2 ).
- the routine 700proceeds to a step 718 , wherein the Pocket Vault holder is informed that the Chameleon Card is not on board, and is asked whether he/she wants to engage in a non-card transaction (i.e., a transaction not involving the token 102 a ).
- routine 700proceeds to a step 720 , wherein it is determined whether the holder has selected to engage in a non-card transaction.
- routine 700returns to the step 716 (described above), wherein it is again determined whether the Chameleon Card is on board the Pocket Vault 102 . Therefore, the holder is permitted to engage in a transaction involving the Chameleon Card only when it has been confirmed that the Chameleon Card is on board the Pocket Vault 102 .
- the routine 700proceeds to the step 722 , wherein the AUTHORIZED HOLDER routine (discussed below in connection with FIGS. 10 and 11 ) is executed.
- the routine 700also proceeds to the step 722 , wherein the AUTHORIZED HOLDER routine (discussed below in connection with FIGS. 10 and 11 ) is executed.
- FIGS. 26 G-N and 26 Pshow how the display 216 of the Pocket Vault 102 and the token 102 a ejected therefrom may appear (when employed) during the AUTHORIZED HOLDER routine, and therefore are also discussed below in connection with FIGS. 10 and 11 .
- the routine 700proceeds to a step 724 , wherein the VERIFY CARD RETURN routine (discussed below in connection with FIG. 12 ) is executed.
- FIG. 260shows how the display 216 of the Pocket Vault 102 may appear during the VERIFY CARD RETURN routine, and therefore is also discussed below in connection with FIG. 12 .
- routine 700proceeds to a step 726 , wherein the screen of the display 216 is caused to flash to indicate that the Pocket Vault 102 is being shut down.
- the routine 700proceeds to a step 728 , wherein the Pocket Vault 102 is powered down.
- the routine 700returns to the step 702 , wherein the Pocket Vault 102 again waits for a fingerprint to be applied to the fingerprint scanner 220 , and wherein the display 216 may again appear as shown in FIG. 26A .
- FIG. 8is a flow diagram illustrating an example embodiment of the PROCESS POCKET VAULT VALIDATION routine shown in FIG. 7 (step 710 ).
- the routine 710begins at a step 801 , wherein the holder is informed (e.g., on the display 216 ) that the Pocket Vault 102 is not currently validated, and that the holder must interface the Pocket Vault 102 with an interface unit 302 of an appropriate interface station 104 (e.g., a validation interface station 104 a ) if the holder desires to validate the Pocket Vault 102 .
- an appropriate interface station 104e.g., a validation interface station 104 a
- step 801the routine 710 proceeds to step 802 , wherein it is determined whether the Pocket Vault 102 has been interfaced with an appropriate interface unit 302 .
- the routine 710returns to the step 801 (discussed above).
- the routine 710proceeds to a step 803 , wherein it is determined whether the fingerprint memory, e.g., the write-once memory 212 , is empty.
- the routine 710proceeds to a step 804 a , wherein the holder is prompted to apply a fingerprint from one finger of his or her left hand to the fingerprint scanner 220 , waiting for a “beep” to be emitted (e.g., by indicator 215 ) after each fingerprint application.
- steps 806 a - 810 athe routine proceeds until the fingerprint of the selected finger has been scanned three times successfully.
- the routineproceeds to a step 804 b , wherein the holder is prompted to apply a fingerprint from one finger of his or her right hand to the fingerprint scanner 220 , waiting for a “beep” to be emitted (e.g., by indicator 215 ) after each fingerprint application.
- steps 806 b - 810 bthe routine proceeds until the fingerprint of the selected finger has been scanned three times successfully.
- routine 710proceeds to a step 812 , wherein an encrypted message including the pocket vault ID is transmitted to the interface unit 302 , for ultimate transmission to the network server 114 .
- the routine 710proceeds to a step 811 , wherein it is determined whether the fingerprint scanned at the step 706 ( FIG. 7 ) matches one of the stored fingerprints.
- the routine 710proceeds to the step 812 (discussed above).
- the routine 710proceeds to a step 818 , wherein an indication (e.g., a message on the display 216 or an audio signal from the indicator 215 ) is generated to inform the holder that the validation attempt was unsuccessful.
- an indicatione.g., a message on the display 216 or an audio signal from the indicator 215
- the routine 710waits at steps 814 and 816 to determine whether an encrypted message including validation information (e.g., a PKI certificate) has been received from the interface unit 302 .
- This encrypted validation informationmay, for example, be received by the Pocket Vault 102 via either the docking interface 208 or the transceiver 204 of the pocket vault interface unit 302 of a validation interface station 104 a .
- this encrypted validation informationmay, for example, be generated by the network server 114 and forwarded to the pocket vault interface unit 302 of a validation interface station 104 a (via the interface station computer 304 of the validation interface station 104 a ) after certain conditions have been met.
- the network server 114may therefore ultimately determine whether each Pocket Vault 102 is permitted to receive this validation information.
- the routine 710proceeds to the step 818 (discussed above).
- the routine 710proceeds to a step 820 , wherein the validation information is stored in memory.
- the routine 710proceeds to a step 822 , wherein an indication (e.g., a message on the display 216 or an audio signal from the indicator 215 of the Pocket Vault 102 ) is generated to inform the holder that the Pocket Vault 102 has been successfully validated.
- an indicatione.g., a message on the display 216 or an audio signal from the indicator 215 of the Pocket Vault 102
- FIG. 9is a flow diagram illustrating an example implementation of the UNAUTHORIZED HOLDER routine shown in FIG. 7 (step 714 ).
- the routine 714begins at a step 902 , wherein a menu is displayed on the display 216 that permits the holder to select one of several options: (1) TRY AGAIN, (2) POCKET VAULT RETURN INFORMATION, (3) EMERGENCY INFORMATION, or (4) END SESSION.
- FIG. 26Bshows how the display 216 may appear when the step 902 is reached. As shown, textual information and/or icons representing the various menu options may be displayed to the holder.
- routine 714proceeds to a step 904 , wherein the routine 714 waits for one of the displayed menu items to be selected by the holder (e.g., when the holder touches the location on the screen of the display 216 at which the menu item is displayed).
- the routine 714proceeds to a step 906 , wherein it is determined whether the TRY AGAIN option was selected.
- TRY AGAINthe holder may request that the holder again be permitted to attempt to access the secure contents of the Pocket Vault 102 by reapplying the holder's fingerprint to the fingerprint scanner 220 .
- routine 714proceeds to a step 912 , wherein it is determined whether this is the third sequential time that the scanned fingerprint has failed to match the fingerprint stored in memory.
- the routine 714proceeds to a step 914 , wherein certain security precautions are taken in light of the multiple failed attempts to match the holder's fingerprint with that stored in the Pocket Vault 102 . For example, when multiple failed matches have occurred, the Pocket Vault's secure memory may be erased, a security alert message may be broadcast by the transceiver 204 and/or any other prudent steps may be taken to ensure that an unauthorized user does not access the Pocket Vault's sensitive contents.
- the routine 714terminates, and the holder may then again attempt (at the step 702 ) to access the Pocket Vault 102 by reapplying his/her fingerprint to the fingerprint scanner 220 .
- routine 714proceeds to a step 908 , wherein it is determined whether there exist any nested menu items for the menu item selected at the step 904 .
- the routine 714proceeds to a step 910 , wherein the nested menu items for the selected menu item are displayed to the holder on the display 216 .
- routine 714After the step 910 , the routine 714 returns to the step 904 , wherein the routine 714 again waits for the holder to select one of the displayed menu items.
- routine 714proceeds to a step 916 , wherein it is determined whether the END SESSION option has been selected.
- the routine 714proceeds to a step 918 , wherein the information, if any, for the selected menu item is displayed to the holder on the display 216 .
- the information displayed at the step 918may, for example, include information as to where the Pocket Vault 102 may be returned if it is found by someone other than the Pocket Vault holder (see FIG. 26C ), or may be emergency information regarding the holder such as the holder's blood type, allergies, persons to contact in case of an emergency, etc. (see FIG. 26D ).
- any of a number of non-secure mediamay be selected using the menu access routine discussed above in connection with steps 904 - 910 , and may be displayed to the person accessing the Pocket Vault 102 , regardless of the identity of that person.
- this non-secure informationmay be information that the holder would not mind falling into the hands of a stranger should the holder misplace or have his/her Pocket Vault 102 stolen.
- the routine 714proceeds to a step 920 , wherein after a delay of a certain period of time (e.g., thirty seconds), the holder is prompted to reapply his/her fingerprint within a particular period of time (e.g., ten seconds) to avoid shut down of the Pocket Vault 102 .
- a delay of a certain period of timee.g., thirty seconds
- the holderis prompted to reapply his/her fingerprint within a particular period of time (e.g., ten seconds) to avoid shut down of the Pocket Vault 102 .
- the routine 714proceeds to a step 922 , wherein it is determined whether a fingerprint has been reapplied to the fingerprint scanner 220 within ten seconds.
- the routine 714returns to the step 918 (discussed above), wherein the selected information is again displayed to the user.
- the routine 714terminates.
- FIG. 10is a flow diagram illustrating an example implementation of the AUTHORIZED HOLDER routine of FIG. 7 (step 722 ).
- the routine 722begins at a step 1002 , wherein it is determined whether an advertisement is scheduled for display on the Pocket Vault 102 .
- Information regarding whether certain advertisements are to be displayed by the Pocket Vault 102may have been uploaded, for example, from the personal interface station 104 b in response to the holder previously interfacing the Pocket Vault 102 with the personal interface station 104 b to synchronize the contents of the Pocket Vault 102 with information stored on the network server 114 .
- the advertiser 108( FIG. 1 ) may, for example, have made arrangements with the company operating the network server 114 to have certain advertising information uploaded to Pocket Vaults 102 when particular Pocket Vault holders interface their Pocket Vaults 102 with their personal interface stations 104 b.
- the routine 722proceeds to a step 1004 , wherein the scheduled advertisement is displayed, for example, for approximately two seconds.
- FIG. 26Ishows an example of how the display 216 may appear when such an advertisement is displayed.
- the routine 722proceeds to a step 1006 , wherein a “welcome screen” is displayed for a brief period (e.g., one second).
- FIG. 26Gshows an example of how the display 216 may appear when such a welcome screen is displayed.
- routine 722proceeds immediately to the step 1006 , and no advertisement is displayed to the Pocket Vault holder.
- routine 722proceeds to a step 1008 , wherein it is determined whether a “preferred” menu has been selected or pre-set for initial display to the Pocket Vault holder.
- the routine 722proceeds to a step 1012 , wherein the display 216 fades to the preferred menu.
- FIGS. 26H and 26Jshow examples of how the display 216 may appear when such a preferred menu is displayed.
- the preferred menuimmediately shows the holder's preferred credit card as the selected menu item. Should the holder opt to use this media to engage in a transaction, the holder can simply choose the media directly. Alternatively, the holder may opt to access the HOME menu or other menu items by selecting appropriate icons displayed on the screen.
- the preferred menuimmediately shows, perhaps, a selected group of the holder's most frequently used menu items.
- the routine 722proceeds to a step 1010 , wherein the display 216 fades to a standard HOME menu of secure items.
- FIG. 26Lshows an example of how the display 216 may appear when the HOME menu is displayed.
- routine 722proceeds to a step 1014 , wherein the routine 722 waits for the holder to select one of the displayed menu items.
- routine 722proceeds to a step 1016 , wherein it is determined whether the holder has selected to enter or return to the HOME menu.
- the routine 722proceeds to the step 1010 , wherein the HOME menu of secure items is displayed.
- routine 722proceeds to a step 1018 , wherein it is determined whether there exist any nested menu items for the selected menu item.
- the routine 722proceeds to a step 1020 , wherein the nested menu items for the selected menu item are displayed.
- the holdermay work his/her way through various layers of menu items until the desired menu item is reached. It should be appreciated that the menu items on the higher-level layers therefore may be categorized so as to enable the holder to quickly reach the desired media or other menu option.
- routine 722proceeds to a step 1022 , wherein it is determined whether the holder has selected a media from among the available menu items.
- the routine 722proceeds to a step 1040 , wherein information relating to the selected non-media item may be displayed, or some other function may performed in accordance with the holder's selection.
- a non-media menu selectionmay involve, for example, preference settings for certain functional aspects of the Pocket Vault 102 , e.g., whether the holder has a preferred secure menu (see step 1008 ). Preferences for the services or the device can be selected and, as appropriate, distributed to the Pocket Vault 102 either on the spot or the next time the Pocket Vault 102 is interfaced with an appropriate interface station 104 .
- Preferencesmay, for example, include definition of home pages, connection of secure and non-secure media, order of media presentment, sort orders, user interface options, synchronization defaults, etc. Preferences that determine which items are displayed on the home page or on other pages may be defined. For example, a Pocket Vault holder may set up three preference sets: one for “business,” one for “personal,” and one for “vacation.” The “personal” and “business” preference sets may be set to be effective at different times of the day and/or different days of the week. The “vacation” preference set may be made effective for specific blocks of time determined by the Pocket Vault holder, possibly overriding the normal timing of the “personal” and “business” sets.
- the Pocket Vault holdermay choose to establish the various preference settings based on his or her judgment or he or she may choose to allow the network server 114 , supported by various databases, knowledge of the Pocket vault holder's various media and goals set by the Pocket Vault holder (e.g., minimize interest cost on credit cards or maximize frequent flyer miles, etc.), to determine optimal media use patterns and resulting media menu contents for a particular Pocket Vault holder.
- Preferencesmay also be defined between media that will link them for: (a) affiliate credits (like frequent flyer miles) that may be automatically presented to a merchant and tracked for a holder, (b) available discounts afforded by a membership (like senior citizen or AAA discounts), and/or (c) process improvement purposes (e.g., when information needs to be presented in a certain order to work properly).
- a linkage preferencemay facilitate presentation of a discount card before presentation of a payment card when buying groceries.
- routine 722proceeds to a step 1042 , wherein the holder is prompted either to END the session, or to return to the HOME menu.
- routine 722proceeds to a step 1044 , wherein it is determined whether the holder has opted to END the session or to return to the HOME menu.
- routine 722proceeds to the step 1010 (discussed above).
- routine 722terminates.
- the routine 722proceeds to a step 1024 , wherein the selected media is displayed to the holder on the display 216 .
- the selected mediamay, for example, be a particular credit card, in which case the name of the credit card and/or the logo for the credit card and any preferred advertisement, specials, etc., for the selected media may be displayed to the holder as well.
- routine 722proceeds to a step 1026 , wherein the holder is prompted to choose to: (1) EJECT the card, (2) to invoke a WIRELESS transaction, or (3) to return to the HOME menu.
- routine 722proceeds to a step 1028 , wherein it is determined which of these three options has been selected by the holder.
- routine 722proceeds to the step 1010 (discussed above).
- the routine 722proceeds to a step 1032 , wherein it is determined whether the Chameleon Card is on board the Pocket Vault 102 (i.e., whether the token 102 a is disposed in the token port 218 ).
- the routine 722proceeds to a step 1034 , wherein the holder is informed that the Chameleon Card is not on board the Pocket Vault 102 .
- step 1034the routine 722 proceeds to the step 1026 (discussed above).
- the routine 722proceeds to a step 1036 , wherein the PROCESS CARD TRANSACTION routine (discussed below in connection with FIG. 11 ) is executed.
- routine 722proceeds to a step 1038 , wherein the VERIFY CARD RETURN routine (discussed below in connection with FIG. 12 ) is executed.
- step 1038the routine 722 proceeds to the step 1042 (discussed above).
- the routine 722proceeds to a step 1030 , wherein the wireless transaction involving the selected media is executed.
- This wireless transactionmay be invoked, for example, using the transceiver 204 of the Pocket Vault 102 to communicate with the transceiver 310 ( FIG. 3 ) of a commercial interface station 104 c ( FIG. 1 ) over a wireless network, such as Bluetooth.
- a check of the wireless componentsmay be made (e.g., verifying that an internal antenna (not shown) is in place and connected, and that related circuitry is not defeated or compromised in any way), prior to granting the holder access to the contents of the Pocket Vault 102 .
- a checkmay be made in response to such a wireless transaction being requested, e.g., at the step 1030 .
- step 1030the routine 722 proceeds to the step 1042 (discussed above).
- FIG. 11is a flow diagram illustrating an example implementation of the PROCESS CARD TRANSACTION routine of FIG. 10 (step 1036 ).
- the routine 1036begins at a step 1102 , wherein the Chameleon Card is configured to carry the selected media, and is ejected from the card port 218 ( FIG. 2 ).
- the token 102 amay be configured to carry the selected media in any of a number of ways, and the invention is not limited to any particular type of configuration technique.
- the cardmay be configured, for example, by causing it to generate a simulated magnetic stripe for a limited period of time, by causing it to have a bar code disposed on it for a limited period of time, or simply by causing a card number to be visibly disposed on it for a limited period of time.
- E-inkwww.Eink.com
- the cardneed not be temporarily configured in all embodiments, and may alternatively be configured in a more permanent manner in some embodiments.
- the routine 1036proceeds to a step 1104 , wherein the selected media is grayed out on the display 216 to indicate that the media is currently in use by the Chameleon Card.
- the Pocket Vault's ability to configure another Chameleon Card with the grayed out mediamay also be disabled. Therefore, in such an embodiment, even if the Pocket Vault holder had an additional Chameleon Card available, the Pocket Vault 102 would be incapable of loading that media onto that Chameleon Card.
- the routine 1036proceeds to a step 1106 , wherein it is determined whether the selected media has stored value associated with it.
- the selected mediamay, for example, represent a pre-paid calling card from which value is deducted each time the media is used in a particular transaction, or a frequent flier card to which value (e.g., miles) is added in connection with each airline ticket purchased.
- routine 1036proceeds to a step 1108 , wherein a “stored value flag” (discussed below in connection with step 1126 of routine 1036 ( FIG. 11 ) and step 1212 of routine 724 ( FIG. 12 )) is set to TRUE.
- a “stored value flag”discussed below in connection with step 1126 of routine 1036 ( FIG. 11 ) and step 1212 of routine 724 ( FIG. 12 ) is set to TRUE.
- routine 1036proceeds to a step 1110 , wherein it is determined whether the holder has set a default option so as to permit the holder to maintain expense records by recording transactions into registers assigned to expense categories.
- routine 1036proceeds immediately to the step 1110 .
- routine 1036terminates.
- routine 1036proceeds to a step 1112 , wherein the holder is prompted to decide whether to record the currently-pending transaction.
- routine 1036proceeds to a step 1114 , wherein it is determined whether the holder has opted to record the pending transaction.
- routine 1036terminates.
- routine 1036proceeds to a step 1116 , wherein a menu including a number of options involving expense categories are displayed to the holder on the display 216 .
- routine 1036proceeds to a step 1118 , wherein the routine 1036 waits for the holder to select one of the displayed menu options.
- routine 1036proceeds to a step 1120 , wherein it is determined whether the holder selected the SKIP RECORD option, e.g., when the holder has changed his or her mind and opted not to record a particular transaction.
- routine 1036terminates.
- routine 1036proceeds to a step 1122 , wherein it is determined whether any nested menu items exist for the selected menu item.
- routine 1036proceeds to a step 1124 , wherein the nested menu items are displayed to the holder on the display 216 .
- routine 1036returns to the step 1118 (discussed above).
- routine 1036proceeds to a step 1126 , wherein it is determined whether the stored value flag was set to TRUE at the step 1108 (discussed above).
- routine 1036proceeds to a step 1128 , wherein a “record stored value transaction” flag (discussed below in connection with step 1216 of routine 724 ( FIG. 12 )) is set to TRUE.
- routine 1036proceeds to a step 1130 , wherein the holder is prompted to enter a dollar amount to be recorded for the transaction.
- routine 1036proceeds to a step 1132 , wherein the routine 1036 waits for the holder to enter a transaction amount.
- routine 1036proceeds to a step 1134 , wherein a “transaction summary approval” menu is displayed to the holder on the display 216 .
- this menupermits the holder to select (1) to APPROVE the recordation, (2) to change the expense CATEGORY for the transaction, or (3) to change the AMOUNT to be recorded.
- step 1134the routine 1036 proceeds to a step 1136 , wherein it is determined which of the menu items displayed in step 1134 the holder has selected.
- routine 1036returns to the step 1130 (discussed above).
- the routine 1036returns to the step 1116 (discussed above).
- the routine 1036proceeds to a step 1138 , wherein the entered transaction amount is added to the expense register for the selected category, and the balances associated therewith are updated accordingly.
- FIG. 12is a flow diagram illustrating the VERIFY CARD RETURN routine of FIG. 7 (step 724 ).
- the routine 724begins at a step 1202 , wherein it is determined whether the Chameleon Card is currently on board the Pocket Vault 102 (i.e., whether the token 102 a is disposed within the token port 218 ).
- the routine 724proceeds to a step 1204 , wherein the holder is prompted to return the Chameleon Card to the token port 218 (see FIG. 260 ).
- the routine 724proceeds to a step 1206 , wherein it is determined whether a timeout period (e.g., ten seconds) has elapsed since the user was last prompted to return the Chameleon Card to the token port 218 .
- a timeout periode.g., ten seconds
- routine 724returns to the step 1202 (discussed above).
- the routine 724proceeds to a step 1208 , wherein the user is again prompted to return the Chameleon Card, this time with an audio indication (e.g., a “chime” sound generated by the indicator 215 of FIG. 2 ).
- an audio indicatione.g., a “chime” sound generated by the indicator 215 of FIG. 2 .
- the routine 724proceeds to a step 1210 , wherein it is determined whether an extended timeout period (e.g., 10 minutes) has elapsed since the user was first prompted to return the Chameleon Card to the token port 218 .
- an extended timeout periode.g. 10 minutes
- routine 724returns to the step 1202 (discussed above).
- routine 724terminates.
- the routine 724proceeds to a step 1212 , wherein it is determined whether the “stored value” flag was set to TRUE in step 1108 of the routine 1036 ( FIG. 11 ).
- routine 724terminates.
- the routine 724proceeds to a step 1214 , wherein the stored value for the selected media is updated based on the amount deducted from the Chameleon Card during its use.
- routine 724proceeds to a step 1216 , wherein it is determined whether the “record stored value transaction” flag was set to TRUE in the step 1128 of the routine 1036 ( FIG. 11 ).
- routine 724proceeds to a step 1222 , wherein the “stored value” flag is set to FALSE.
- the routine 724proceeds to a step 1218 , wherein the dollar amount of the transaction is added to the selected expense register (i.e., the expense register selected at the step 1118 of the routine 1036 ( FIG. 11 )).
- the dollar amount enteredis determined based on the dollar amount that was deducted from the stored value on the Chameleon Card as a result of the transaction.
- routine 724proceeds to a step 1220 , wherein the “record stored value transaction” flag is set to FALSE.
- routine 724proceeds to the step 1222 (discussed above) After the step 1222 , the routine 724 terminates.
- certain software enhancementsmay also be disposed in the memory 210 of a Pocket Vault 102 for use with the controller 202 .
- One such software enhancementinvolves the use of “system preference file” software. This software may establish certain preferences that cannot be altered on the Pocket Vault 102 by the holder, and which may be stored in encrypted form, along with certain information regarding value-based media. For example, Pocket Vaults 102 may be sold with a choice of two or three advertising profiles.
- an encrypted system preference filemay be created that indicates whether the device was, for example, subject to a “Premium,” “Plus” or “Base” profile status. This status may have been selected, for example, on the Pocket Vault 102 itself, or using one of the interface stations 104 a - c when the Pocket Vault 102 was interfaced therewith.
- the Pocket Vault 102may be advertising-free, but cost a significant amount. Under the “Plus” profile, the Pocket Vault 102 may display only advertising related to shops or services you currently patronize, but cost significantly less than the “Premium” version. Under the “Base” profile, the Pocket Vault 102 may have a variety of advertising on a regular basis, subject only to network “saturation effectiveness” limitations, and the Pocket Vault 102 may be free, or nearly so (e.g., a small purchase charge to generate in-store revenue for the retailer may be charged).
- a holder's choice about participation in specific promotional campaigns linked to the holder's buying behaviormay -also be part of the registration process and affect retail pricing.
- the network server 114may send a message to the Pocket Vault 102 , e.g., via the validation interface station 104 a , and direct the storage of necessary encrypted information on the Pocket Vault 102 (e.g., “Buyer Profile Participant”).
- the advertising and marketing choicesmay be changed at a date after purchase and result in a changed set of costs (either credits or debits) to the Pocket Vault holder.
- Other system preference datamay include the “saturation effectiveness” limitations on the amount of advertising that can appear during any given single use window (a particular period during which the device is powered on), any given hour, any given day and/or any given month.
- the limitationsmay control both the number of advertisements permitted and the amounts of advertisement time permissible (e.g., seconds per advertisement), by category (e.g., such limitations may, for example, based on categories of advertisements be imposed general advertising, advertising from retailers that the Pocket Vault holder already patronizes and advisory notices from the network server 114 .
- these limitsmay be set to balance the need for advertising revenue with the need to not overwhelm or annoy Pocket Vault holders.
- This preference filemay, for example, limit all advertising to one advertisement per “on-session,” two advertisements per hour, four advertisements per day and/or twenty advertisements per month. General advertisements might get priority claim on this time up to a set limit (say 75% of all advertisement time), with targeted advertisements next, and advisory messages last.
- preference file management softwaremay, for example, include a default file which is periodically updated from the network server 114 , and a Pocket Vault holder custom file.
- the holdermay, for example, be able to modify: (1) the initial on-screen backdrop and message greeting; (2) the menu structure and media order within menu screens; (3) some (but not all) of the bio-metric input requirement parameters; (4) the amount of on-time after the bio-metric data is confirmed (within pre-set limits); (5) the ability to conceal all or part of the credit or debit account information on the Chameleon Card display area; (6) the normal restaurant tip percentage; (7) the links between certain media; and/or oversight preference restrictions.
- some of the menu tree structures for the Pocket Vault 102may be set by the holder. This may include the sequence in which certain screens appear (e.g., debit screens before credit screens), among credit screens (e.g., Visa before MasterCard) and media order-of-appearance within a screen (e.g., FirstCard Visa before ChaseVisa).
- certain screense.g., debit screens before credit screens
- credit screense.g., Visa before MasterCard
- media order-of-appearance within a screene.g., FirstCard Visa before ChaseVisa
- the Pocket Vault 102may be programmed to conceal this number, unless prompted to the contrary by the holder.
- a retailermay confirm the kind of credit or debit being presented and the full name on the card, without having to see or be told the account number.
- the holdermay, for example, repeat the bio-metric input to the Pocket Vault 102 to reveal the card account number. If placed in the personal interface station 104 c, such account numbers may be automatically revealed (e.g., through detection of an encrypted cookie on the interface station computer 304 of the personal interface station 104 c ).
- this preferred tip amountmay be automatically applied to restaurant checks. This may eliminate a step in restaurant check close-out and reduce the hassle of calculating an appropriate tip and eliminate the need for waitstaff to return to pick up the credit receipt with the tip.
- the holdermay also choose to link certain media on the Pocket Vault 102 to reduce selection tasks at the point-of-transaction. For example, the holder may link certain credit or debit cards to certain frequent buyer ID cards, thereby enabling the holder to pick a grocery store frequent buyer card (which would be linked to a debit card and brought up automatically after the grocery store card).
- a Pocket Vault holdermay be asked if there is to be any transaction oversight security. If the answer is yes, a second bio-metric input may be required from the individual endowed with that oversight role. For example, a parent may choose to get a Pocket Vault 102 for a child or other relative who may lack certain fiscal discipline.
- the oversight authoritymay need to be established. The person having such oversight authority may then have sole access to a profile of transaction preference data. The person having the oversight authority may therefore create and modify this profile any time after issuance.
- This data setmay limit one or more of the following: (1) debit and credit transaction dollar volume per day, per week and/or per month; (2) certain purchase restrictions such as the types of retailers to whom payments are permitted, such as exclusion of gambling establishments or liquor stores; and (3) geographic restrictions such as payments within 10 miles of a son's or daughter's college campus, but not beyond).
- a credit card imagemay comprise separate layers for: (1) the standard credit card background and icon; (2) the issuing bank's overlay icons and text; (3) the individual's account number; and (4) customized advertising from the issuing bank and/or credit card company.
- Pocket Vaults 102may be preloaded at point of manufacture with background images of the top ten credit images, three passport images (e.g., EU, US, Japan), and a handful of other globally-relevant backgrounds.
- a Pocket Vault holder living in Bostoninitially registers a device, it may trigger downloading of the top five additional background images prevalent in that area.
- the download from the network server 114may include a second layer credit card company overlay for the credit card, along with the third layer of account and name information, and the fourth layer of the most recent customized advertisement from the credit card company related to a seasonal promotion of card usage.
- the advertisement layermay be temporary in nature. This layer may, for example, remain on-screen for a given number of seconds, predetermined by the time period of the advertisement paid for by the advertiser. Underneath such an advertisement, a fifth layer of Pocket Vault holder-determined data may appear, also for a temporary period, in this case for privacy reasons and for a period set by the holder. This positioning of the holder's data below the advertising data increase the value of the advertisement time, since holders will be likely to view the display 216 awaiting the appearance of their data, which may also remain on-screen for only a set number of second.
- such holder-specific datamay include the last date of the next billing period, or the total charges since the last billing period on this particular card or on all of the holder's credit cards.
- Such balance informationmay be generated, for example, by the financial management software.
- the initial on-screen imagemay also be layered, for example, with a market-tailored backdrop and a sign-on message, both of which possibly being modifiable could be modified by the appropriate setting of user preferences.
- Another software enhancement that may be employedis software to manage memos. Certain screen choices may, for example, result in the viewing of memos created by and for the Pocket Vault holder. These memos may be written on a home PC and transferred to a Pocket Vault 102 when the Pocket Vault 102 is interfaced with the personal interface station 104 c for an update/download session. Alternatively, such memos may be created on the Pocket Vault 102 using a screen-based keyboard function similar to that of a Palm Pilot.
- the memo template softwaremay provide certain standard backgrounds and layouts to support this feature. This feature may help to eliminate the need for scraps of various notes now found in most wallets.
- Such advertising message management softwaremay, for example, perform several noteworthy functions: (1) limiting the appearance of advertising in accordance with the advertising profile (e.g., stored in the network server 114 ) of the particular Pocket Vault holder; (2) limiting the appearance of advertising to a certain number of times per on-session, per hour, per day, per week and/or per month; (3) tracking the number of times each advertisement appears since the last download/update session (since the number of on-sessions during any period will govern the number of opportunities certain advertisements have to run, this tracking may be necessary to enable billing of advertisers for actual advertisement exposure levels; (4) generating reminder advertisements for frequent buyer cards (e.g., a message such as “Ten weeks since your last car wash! One more and the next is free!”); and (5) tracking the effectiveness of advertising through linkage to the transaction files (e.g., the ability to build more accurate, comprehensive buying profiles since all of an individual's media are now “under one roof”).
- the advertising profilee.g., stored in the network server 114
- Such transaction processing softwaremay, for example, include the ability to track total outstanding transactions on particular media and compare those to media limits at the time of the next transaction, along with date validity of the media. If a particular piece of media is no longer valid, selection of this item from a menu may produce a message such as “expired,” or “requires update to extend period of validity,” or “payment of balance required before re-use.”
- Another software enhancement that may be employedis software to manage frequent buyer data.
- Such frequent buyer data management softwaremay, for example, track purchases at stores with frequent buying programs that participate in the network system 100 .
- This softwaremay also indicate any frequent buyer credits that are about to expire or create advertisements that remind their Pocket Vault holders that they are about to qualify for a free item. For example, a tenth gasoline purchase at a service station/car wash may generate a message indicating that the holder is “now entitled to free car wash.”
- Yet another software enhancement that may be employedis software for managing financial information.
- This type of softwaremay, for example, enable easy download advertisements into personal finance software used by some PC owners. It may also support certain on-board functionality in the Pocket Vault, such as charge card management, automatically shifting from the preferred credit card to another credit card, for example: (1) when a transaction would cause a credit limit to be exceeded, (2) when using a different card would lengthen the time after which actual payment would be due, (3) when using another card would garner desired contest eligibility, or maximize cash back points for a particular period, and/or (4) when use of another card would preclude having to pay annual dues.
- charge card managementautomatically shifting from the preferred credit card to another credit card, for example: (1) when a transaction would cause a credit limit to be exceeded, (2) when using a different card would lengthen the time after which actual payment would be due, (3) when using another card would garner desired contest eligibility, or maximize cash back points for a particular period, and/or (4) when use of another card would preclude having to pay annual dues.
- Global Positioning SoftwareAnother software enhancement that may be employed is Global Positioning Software. Integration of this functionality with memo information and frequent buyer information may induce visits to nearby stores at convenient times to take advantage of sales, frequent buyer credits, etc.
- FIG. 13is a flow diagram illustrating an example implementation of a primary routine 1300 that may be executed by the controller 306 of the pocket vault interface unit 302 ( FIG. 3 ).
- routine 1300begins at a step 1346 , wherein it is determined whether a card has been swiped through the stripe reader 315 of the interface unit 302 .
- routine 1300proceeds to a step 1348 , wherein information from the swiped card read by the stripe reader 315 is transmitted to the interface station computer 304 .
- the routine 1300proceeds to a step 1302 , wherein it is determined whether a first encrypted message has been received from the Pocket Vault 102 including an ID code that is released from the Pocket Vault 102 only upon proper user authentication (e.g., in response to a fingerprint match).
- routine 1300proceeds directly to the step 1302 (discussed above).
- the routine 1300proceeds to a step 1338 , wherein it is determined whether any encrypted information and/or commands have been received from the interface station computer 304 .
- the routine 1300proceeds to a step 1340 , wherein the received information and/or commands are forwarded to the Pocket Vault 102 .
- the routine 1330proceeds to a step 1342 , wherein it is determined whether any information and/or commands have been received from the Pocket Vault 102 .
- routine 1300proceeds directly to the step 1342 (discussed above).
- the routine 1300proceeds to a step 1344 , wherein the received information and/or commands are forwarded to the interface station computer 304 .
- routine 1300returns to the step 1346 (discussed above).
- the routine 1300proceeds directly to the step 1346 .
- the routine 1300proceeds to a step 1304 , wherein the first encrypted message is forwarded to the interface station computer 304 ( FIG. 3 ).
- routine 1300proceeds to steps 1306 and 1308 , wherein it is determined whether a fingerprint has been scanned by the fingerprint scanner 316 of the pocket vault interface unit 302 before a timeout period measured by the step 1308 has elapsed.
- routine 1300returns to the step 1346 (discussed above).
- routine 1300proceeds to a step 1310 , wherein it is determined whether the scanned fingerprint matches a fingerprint stored in the memory 314 of the pocket vault interface unit 302 .
- the routine 1300proceeds to a step 1312 , wherein a second encrypted message, including an ID of the pocket vault interface unit 302 that is released only after a successful fingerprint match, is transmitted to the interface station computer 304 .
- routine 1300returns to the step 1346 (discussed above).
- the routine 1300proceeds to a step 1314 , wherein a message is transmitted to the interface station computer 304 indicating there has been an unsuccessful attempt to authenticate an operator of the pocket vault interface unit 302 .
- routine 1300proceeds to steps 1316 and 1318 , wherein it is determined whether, before the expiration of a timeout period measured by the step 1318 , a request has been received from the interface station computer 304 to add a new operator to the pocket vault interface unit 302 .
- routine 1300returns to the step 1302 (discussed above).
- routine 1300proceeds to steps 1320 and 1322 .
- the steps 1320 and 1322it is determined whether three identical fingerprints have been stored in the interface unit 302 for each of the operator's two hands before the expiration of a timeout period measured by the step 1322 .
- the operatormay be prompted, e.g., on the display 324 of the interface station computer 304 , to take appropriate steps to ensure his or her fingerprints are properly scanned.
- An example routine for obtaining the requisite fingerprint data from a useris discussed above in connection with steps 804 a - 810 a and 804 b - 810 b (for the Pocket Vault 102 ), and therefore will not be repeated here.
- routine 1300proceeds to a step 1336 , wherein an indication (e.g., a message or an audio tone) regarding the unsuccessful new operator validation attempt is generated.
- an indicatione.g., a message or an audio tone
- the routine 1300returns to the step 1346 (discussed above).
- routine 1300proceeds to a step 1324 , wherein an encrypted message including an ID unique to the interface unit 302 is transmitted to the interface station computer 304 for ultimate registration with the network server 114 .
- step 1324the routine 1300 proceeds to step 1326 and 1328 , wherein is determined whether a message including validation information (e.g., a PKI certificate for the interface unit 302 ) has been received from the network server 114 (via the interface station computer 304 ) before the expiration of a timeout period.
- a message including validation informatione.g., a PKI certificate for the interface unit 302
- routine 1300proceeds to the step 1336 (discussed above).
- routine 1300proceeds to a step 1330 , wherein the validation information is stored for the new operator.
- routine 1300proceeds to a step 1332 , wherein an indication (e.g., a message or an audio tone) regarding the successful validation of the new operator is generated.
- an indicatione.g., a message or an audio tone
- routine 1300returns to the step 1346 (discussed above).
- FIG. 14is a flow diagram illustrating example implementation of a primary routine 1400 that may be executed by the controller 308 of the interface station computer 304 of FIG. 3 .
- the routine 1400begins at a step 1402 , wherein a menu is displayed on the display 324 of the interface station computer 304 that gives the operator of the interface station computer 304 several options to choose from. These options may, for example, include: (1) the option to request that a Pocket Vault 102 be validated (i.e., permitted to store a new finger print), (2) the option to request that the information currently stored on a Pocket Vault 102 be updated (e.g., information may be uploaded from the network server 114 ), (3) the option to request that a transaction involving a Pocket Vault 102 be authorized, and/or (4) the option to access a website on the network server 114 and take advantage of the functionality thereof.
- a menuis displayed on the display 324 of the interface station computer 304 that gives the operator of the interface station computer 304 several options to choose from. These options may, for example, include: (1) the option to request that a Pocket Vault 102 be validated (i.e., permitted to store a new finger print), (2) the option to
- a validation interface station 104 amay be provided only with option (1)
- a personal interface stationmay be provided only with option (2)
- a commercial interface stationmay be provided only with option (3).
- option (4)may be the only option required or desired to be employed by the user, as the website may itself provide all of the functionality of the other options (1)-(3). If fact, in such circumstances, the user need not be provided with a menu at all, as the user could simply log on the website using a browser.
- An embodiment of a network system in which a website may be accessed by a server in this manneris discussed below in connection with FIGS. 28-39 .
- the routine 1400proceeds to a step 1404 , wherein it is determined whether any requests to validate Pocket Vaults 102 have been received.
- the routine 1400proceeds to a step 1408 , wherein it is determined whether any requests to update information on Pocket Vaults 102 have been received.
- the routine 1400proceeds to a step 1412 , wherein it is determined whether any requests to authorize transactions involving Pocket Vaults 102 have been received.
- the routine 1400proceeds to a step 1416 , wherein it is determined whether the interface station computer has received any messages from Pocket Vault interface units 302 indicating that an unsuccessful operator authentication has occurred (i.e., the fingerprint of an operator scanned by the fingerprint scanner 316 has failed to match a fingerprint stored in the memory 314 ).
- routine 1400proceeds to a step 1420 , wherein it is determined whether a request to access a website on the network server 114 has been received.
- the routine 1400returns to the step 1402 , wherein the menu of the various options for the operator is again displayed.
- the menu 1402is displayed until one of the various options is selected in accordance with any of the steps 1404 , 1408 , 1412 , 1416 , or 1420 .
- the routine 1400proceeds to a step 1406 , wherein the PROCESS REQUEST TO VALIDATE POCKET VAULT routine (discussed below in connection with FIG. 15 ) is executed.
- routine 1400proceeds to the step 1408 (discussed above).
- the routine 1410proceeds to a step 1410 , wherein the PROCESS REQUEST TO UPDATE INFO ON POCKET VAULT routine (discussed below in connection with FIG. 16 ) is executed.
- the routine 1400proceeds to the step 1412 (discussed above).
- the routine 1400proceeds to a step 1414 , wherein the PROCESS REQUEST TO AUTHORIZE TRANSACTION routine (discussed below in connection with FIG. 17 ) is executed.
- routine 1400proceeds to the step 1416 (discussed above).
- routine 1400proceeds to a step 1418 , wherein the PROCESS UNSUCCESSFUL OPERATOR AUTHENTICATION routine (discussed below in connection with FIG. 18 ) is executed.
- routine 1400proceeds to the step 1420 (discussed above).
- the routine 1400proceeds to a step 1422 , wherein the PROCESS REQUEST TO ACCESS WEBSITE routine (discussed below in connection with FIGS. 30-39 ) is executed.
- routine 1400returns to the step 1402 (discussed above).
- FIG. 15is a flow diagram illustrating an example implementation of the PROCESS REQUEST TO VALIDATE POCKET VAULT routine of FIG. 14 (step 1406 ).
- the routine 1406begins at a step 1502 , wherein the potential new Pocket Vault holder is prompted to apply his or her fingerprint to the fingerprint scanner 220 of the Pocket Vault 102 , and to interface the Pocket Vault 102 with the pocket vault interface unit 302 . This may be accomplished, for example, by interfacing the docking interface 208 of the Pocket Vault 102 with the docking interface 312 of the pocket vault interface unit 302 .
- the routine 1406proceeds to steps 1504 and 1506 , wherein it is determined whether an encrypted message including the ID of the Pocket Vault 102 has been received from the pocket vault interface unit 302 prior to the expiration of a timeout period measured by the step 1506 .
- the routine 1406proceeds to a step 1526 , wherein a message is displayed on the display 324 of the interface station computer 304 indicating that an error has occurred in the Pocket Vault validation process.
- the routine 1406proceeds to a step 1506 , wherein the interface station operator is prompted to apply his or her fingerprint to the fingerprint scanner 316 of the pocket vault interface unit 302 .
- routine 1406proceeds to steps 1508 and 1510 , wherein it is determined whether an encrypted message including the ID of the pocket vault interface unit 302 has been received from the pocket vault interface unit 302 prior to the expiration of a timeout period measured by the step 1510 .
- routine 1406proceeds to the step 1526 , wherein a message is displayed on the display 324 of the interface station computer 304 indicating that the attempt to authorize the interface station operator was unsuccessful.
- the routine 1406proceeds to a step 1512 , wherein the interface station operator is prompted to input information regarding the new Pocket Vault holder into the interface station computer 304 .
- routine 1406proceeds to a step 1514 , whereat the routine 1406 waits until all of the requisite information regarding the new Pocket Vault holder has been entered properly (e.g., via the user input device 318 of the interface station computer 304 ).
- routine 1406proceeds to a step 1516 , wherein the network server 114 ( FIG. 1 ) is contacted.
- the routine 1406proceeds to a step 1518 , wherein the information regarding the new Pocket Vault holder is transmitted to the network server 114 , along with a request that the new Pocket Vault holder be validated.
- routine 1406proceeds to steps 1520 and 1522 , wherein it is determined whether the network server 114 has acknowledged the request by the interface station computer 304 prior to the expiration of a timeout period measured by the step 1522 .
- routine 1406proceeds to a step 1524 , wherein a message is displayed on the display 324 indicating that a transmission failure has occurred.
- the routine 1406proceeds to a step 1528 , wherein, in an encrypted format, the information regarding the new Pocket Vault holder is transmitted to the network server 114 , along with the interface station operator ID, the interface unit ID, and the Pocket Vault ID.
- the routine 1406proceeds to steps 1530 and 1532 , wherein it is determined whether encrypted validation information (e.g., a PKI certificate) has been received from the network server 114 prior to the expiration of a timeout period measured by the step 1532 , and prior to receiving a message from the network server 114 indicating that the request to validate the new Pocket Vault holder has been denied.
- encrypted validation informatione.g., a PKI certificate
- the routine 1406proceeds to a step 1538 , wherein a message is displayed on the display 324 indicating that the attempt to validate the Pocket Vault 102 was unsuccessful.
- the routine 1406proceeds to a step 1534 , wherein the encrypted validation information (e.g., a PKI certificate) from the network server 114 is forwarded to the pocket vault interface unit 302 for forwarding on to the Pocket Vault 102 .
- the encrypted validation informatione.g., a PKI certificate
- the routine 1406proceeds to a step 1536 , wherein a message is displayed on the display 324 indicating that the attempt to validate the Pocket Vault 102 was successful.
- the Pocket Vault 102itself may provide, for example, an audio indication such as a chime, indicating that the Pocket Vault 102 has been successfully validated.
- FIG. 16is a flow diagram illustrating an example implementation of the PROCESS REQUEST TO UPDATE INFO ON POCKET VAULT routine of FIG. 14 (step 1410 ).
- the routine 1410begins at a step 1602 , wherein the Pocket Vault holder is prompted to apply his or her fingerprint to the fingerprint scanner 220 of the Pocket Vault 102 , and to interface the Pocket Vault 102 with the pocket vault interface unit 302 .
- routine 1410proceeds to steps 1604 and 1606 , wherein it is determined whether an encrypted message including the ID of the Pocket Vault 102 has been received from the pocket vault interface unit 302 prior to the expiration of a timeout period measured by the step 1606 .
- the routine 1410proceeds to a step 1634 , wherein a message is displayed on the display 324 of the interface station computer 304 indicating that the attempt to authorize the Pocket Vault holder was unsuccessful.
- the routine 1410proceeds to a step 1606 , wherein the interface station operator is prompted to apply his or her fingerprint to the fingerprint scanner 316 of the pocket vault interface unit 302 .
- routine 1410proceeds to steps 1608 and 1610 , wherein it is determined whether an encrypted message including the ID of the pocket vault interface unit 302 has been received from the pocket vault interface unit 302 prior to the expiration of a timeout period measured by the step 1610 .
- routine 1410proceeds to the step 1634 , wherein a message is displayed on the display 324 of the interface station computer 304 indicating that the attempt to authorize the interface station operator was unsuccessful.
- routine 1410proceeds to a step 1612 , wherein the network server 114 is contacted.
- the routine 1410proceeds to a step 1614 , wherein a request to update the information on the Pocket Vault 102 is transmitted to the network server 114 .
- routine 1410proceeds to steps 1616 and 1618 , wherein it is determined whether the network server 114 has acknowledged the request by the interface station computer 304 prior to the expiration of a timeout period measured by the step 1618 .
- routine 1410proceeds to a step 1620 , wherein a message is displayed on the display 324 indicating that a transmission failure has occurred.
- the routine 1410proceeds to a step 1622 , wherein, in an encrypted manner, the interface station operator ID, the interface unit ID, and the Pocket Vault ID are transmitted to the network server 114 .
- the routine 1410proceeds to steps 1624 and 1626 , wherein it is determined whether encrypted updates have been received from the network server 114 for loading onto the Pocket Vault 102 prior to the expiration of a timeout period measured by the step 1620 , and prior to the network server 114 denying the requested attempt to upload information.
- routine 1410proceed to a step 1630 , wherein the received updates are transmitted to the pocket vault interface unit 302 so that they may be subsequently forwarded to the Pocket Vault 102 for uploading thereto.
- routine 1410proceeds to a step 1632 , wherein a message is displayed to the holder indicating that the requested updates have been successfully uploaded to the Pocket Vault 102 .
- the routine 1410proceeds to a step 1628 , wherein a message is displayed on the display 324 indicating that the attempt to update the information on the Pocket Vault 102 was unsuccessful.
- FIG. 17is a flow diagram illustrating an example implementation of the PROCESS REQUEST TO AUTHORIZE TRANSACTION routine of FIG. 14 (step 1414 ).
- routine 1414begins at a step 1702 , wherein the operator of the interface station computer 304 is prompted to input information regarding the proposed transaction involving the Pocket Vault 102 .
- the routine 1414waits at a step 1704 until all of the information regarding the requested transaction has been entered.
- the routine 1414proceeds to a step 1706 , wherein the Pocket Vault holder is prompted to apply his or her fingerprint to the fingerprint scanner 220 of the Pocket Vault 102 , and to interface the Pocket Vault with the pocket vault interface unit 302 .
- routine 1414proceeds to steps 1708 and 1710 , wherein it is determined whether an encrypted message including the ID of the Pocket Vault 102 has been received from the pocket vault interface unit 302 prior to the expiration of a timeout period measured by the step 1710 .
- the routine 1414proceeds to a step 1726 , wherein a message is displayed on the display 324 of the interface station computer 304 indicating that the attempt to authorize the Pocket Vault holder was unsuccessful.
- the routine 1414proceeds to a step 1712 , wherein the interface station operator is prompted to apply his or her fingerprint to the fingerprint scanner 316 of the pocket vault interface unit 302 .
- routine 1414proceeds to steps 1714 and 1715 , wherein it is determined whether an encrypted message including the ID of the pocket vault interface unit 302 has been received from the pocket vault interface unit 302 prior to the expiration of a timeout period measured by the step 1715 .
- routine 1414proceeds to the step 1726 , wherein a message is displayed on the display 324 of the interface station computer 304 indicating that the attempt to authorize the interface station operator was unsuccessful.
- routine 1414proceeds to a step 1716 , wherein the network server 114 is contacted.
- the routine 1414proceeds to a step 1718 , wherein the request regarding the proposed transaction involving the Pocket Vault 102 is transmitted to the network server 114 .
- step 1718the routine 1414 proceeds to step 1720 and 1722 , wherein it is determined whether the transaction request has been acknowledged by the network server 114 before the expiration of a timeout period measured by the step 1722 .
- routine 1414proceeds to a step 1724 , wherein a message is displayed on the display 324 indicating that a transmission failure has occurred.
- routine 1414terminates.
- routine 1414proceeds to a step 1728 , wherein encrypted information about the requested transaction is transmitted to the network server 114 , along with the interface station operator ID, the interface unit ID, and the Pocket Vault ID.
- routine 1414proceeds to steps 1730 and 1732 , wherein it is determined whether an encrypted transaction approval message has been received from the network server 114 prior to the expiration of a timeout period measured by the step 1732 .
- routine 1414proceeds to a step 1736 , wherein a message is displayed on the display 324 indicating that the attempt to authorize the requested transaction has failed.
- routine 1414proceeds to a step 1734 , wherein a message is forwarded to the pocket vault interface unit 302 indicating that the requested transaction has been approved.
- This messagemay also be used to update information on the Pocket Vault 102 , and/or to cause the Pocket Vault 102 to generate an indication (e.g., an audio tone) that the transaction has been approved.
- step 1734the routine proceeds to a step 1738 , wherein a message is displayed on the display 324 indicating that the requested transaction has been approved.
- FIG. 18is a flow diagram illustrating an example implementation of the PROCESS UNSUCCESSFUL OPERATOR AUTHENTICATION routine of FIG. 14 (step 1418 ).
- routine 1418begins at a step 1802 , wherein the operator of the interface station computer 304 is informed that the attempted use the pocket vault interface unit 302 (when the operator applied his or her finger print to the fingerprint scanner 316 ) was not authorized.
- routine 1418proceeds to a step 1804 , wherein the operator is prompted to either: (1) add a NEW OPERATOR to the interface unit 302 , or (2) ABORT the attempt to use the interface unit 302 .
- routine 1418terminates.
- the routine 1418proceeds to a step 1808 , wherein a message is transmitted to the pocket vault interface unit 302 indicating the operator's desire to add a new operator to the pocket vault interface unit 302 .
- the routine 1418proceeds to a step 1810 , wherein the operator is prompted to input information regarding the proposed new operator into the interface station computer 304 (e.g., using the user input device 318 ), and is provided with instructions as to the application of three identical fingerprints from each of his or her two hands to the fingerprint scanner 316 of the interface unit 302 .
- routine 1418proceeds to a step 1812 wherein the routine 1418 waits until all of the requisite information regarding the proposed new interface station operator has been entered properly.
- routine 1418proceeds to a step 1814 , wherein the network server 114 is contacted.
- routine 1418proceeds to a step 1816 , wherein the request to add the new operator to the pocket vault interface unit 302 is transmitted to the network server 114 .
- routine 1418proceeds to steps 1818 and 1820 , wherein it is determined whether the request by the interface station computer has been acknowledged by the network server 114 prior to the expiration of a timeout period measured by the step 1820 .
- routine 1418proceeds to the step 1822 , wherein a transmission failure message is displayed.
- routine 1418terminates.
- routine 1418proceeds to the step 1824 , wherein a message, including the information regarding the proposed new operator and the interface unit ID, is transmitted to the network server 114 in an encrypted manner.
- the routine 1418proceeds to steps 1826 and 1828 , wherein it is determined whether encrypted validation information (e.g., a PKI certificate) has been received from the network server 114 prior to the expiration of a timeout period measured by the step 1828 , and prior to the network server 114 denying the addition of the new interface station operator.
- encrypted validation informatione.g., a PKI certificate
- the routine 1418proceeds to a step 1830 , wherein the encrypted validation information (e.g., a PKI certificate) is forwarded from the interface station computer 304 to the pocket vault interface unit 302 .
- the encrypted validation informatione.g., a PKI certificate
- routine 1418proceeds to a step 1834 , wherein a message is generated indicating that the attempt to add the new operator to the pocket vault interface unit 302 was successful.
- routine 1418proceeds to a step 1832 , wherein a message is generated indicating that the attempt to add the new operator to the pocket vault interface unit 302 was unsuccessful.
- routine 1418terminates.
- FIG. 19is a flow diagram illustrating an example implementation of a primary routine 1900 that may be executed by the network server 114 of FIG. 1 .
- routine 1900may begin at a step 1902 , wherein it is determined whether any requests have been received to register new Pocket Vault holders.
- the routine 1900proceeds to a step 1904 , wherein the request to register the new Pocket Vault holder is processed.
- An example of a routine that may be employed to implement the step 1904is discussed in more detail below in connection with FIG. 20 .
- the routine 1900proceeds to a step 1906 , wherein consumer marketing information is compiled and transmitted to subscribing media issuers and advertisers.
- routine 1900proceeds to a step 1908 , wherein it is determined whether any requests from media issuers or advertisers have been received to update the network server 114 .
- media issuers and advertisersmay have the option to utilize the functionality of the network server 114 to update the account characteristics of authenticated Pocket Vault holders.
- These updatesmay, for example, be delivered from the computers 108 , 110 , and 112 to a secure location within the database 406 .
- any media characteristics updated by the media issuers or advertisersmay be uploaded to that holder's the Pocket Vault 102 .
- the database of account updatesmay be revised periodically based on the media issuer's systems (e.g., pursuant to the routine 1910 of FIG. 21 —described below). Confirmation of the update process may be provided to the issuer after a synchronization session is complete for a particular Pocket Vault holder (see step 2206 of routine 1914 ( FIG. 22 ) below).
- the routine 1900proceeds to a step 1910 , wherein the request from the media issuer or advertiser is processed.
- An example of a routine that may be employed to implement the step 1910is discussed in more detail below in connection with FIG. 21 .
- routine 1900proceeds to a step 1912 , wherein it is determined whether any requests have been received from holders to update information on their Pocket Vaults.
- the routine 1900proceeds to a step 1914 , wherein the request to update the Pocket Vault information is processed.
- An example of a routine that may be employed to implement the step 1914is described in more detail below in connection with FIG. 22 .
- the routine 1900proceeds to a step 1916 , wherein it is determined whether any holders have requested that new files be loaded onto the network server 114 .
- the routine 1900proceeds to a step 1918 , wherein the holder's request to load the new file onto the network server 114 is processed.
- An example of a routine that may be employed to implement the step 1918is described in more detail below in connection with FIG. 23 .
- the routine 1900proceeds to a step 1920 , wherein it is determined whether any requests have been made to authorize transactions.
- a requestmay be made, for example, by a merchant operating a commercial interface station 104 c.
- a request for transaction approvalmay not be made to the network server 114 . Instead such a transaction approval request may be made through conventional, existing communication and approval channels for such devices.
- the step 1922is generally reached only when it is possible for the network server 114 to check the identity of the Pocket Vault holder, the identity of the Pocket Vault 102 , and possibly identity of the operator of a commercial interface station, based on communications with the Pocket Vault 102 (e.g., via a commercial interface station 104 c or via a wireless network such as Bluetooth).
- routine 1900proceeds to a step 1922 , wherein the request to authorize the transaction is processed.
- An example of a routine that may be employed to implement the step 1922is discussed in more detail below in connection with FIG. 24 .
- routine 1900returns to the step 1902 (discussed above).
- routine 1900 of FIG. 19it should be appreciated that all of the requests to accomplish the various tasks may be placed in a queue so that they are serviced on a first-come, first-served or any other basis, rather than servicing them in the particular order shown in FIG. 19 .
- FIG. 20is a flow-diagram illustrating an example of a routine that may be employed to implement the step 1904 of the routine 1900 ( FIG. 1 ).
- the routine 1904begins at a step 2002 , wherein a request received from the interface station computer 304 to register a new Pocket Vault holder is acknowledged, and the network server 114 requests the interface station computer 304 to transfer the relevant information regarding the proposed new holder to the network server 114 .
- routine 1904proceeds to a step 2004 , wherein the routine 1904 waits for all of the requisite holder registration information to be received from the interface station computer 304 .
- the routine 1904proceeds to a step 2006 , wherein it is determined whether the proposed Pocket Vault use is authorized.
- An example of a routine that may be employed to implement the step 2006is discussed below in connection with FIG. 25 .
- determining whether a particular Pocket Vault use is authorizedthere are numerous parameters which may be checked. For example, the port to which the interface station computer is connected (e.g., the telephone number or IP address of the computer) may be checked to ensure that it is authorized. Additionally, information from the interface station computer 304 (e.g., a “cookie”) may be checked to ensure that the computer itself has been registered with the system.
- each piece of equipmentmay be checked to ensure that the particular use of the Pocket Vault is authorized. It should be appreciated fewer than all of these parameters, different parameters, and/or additional parameters can be checked in alternative embodiments of the invention, and that the invention is not limited to embodiments wherein all of the aforementioned parameters are checked to verify that a particular Pocket Vault use is authorized.
- the routine 1904terminates. In such a situation, it is also possible to generate some sort of security alert message to put someone or some entity on notice that an unauthorized use of a Pocket Vault has occurred.
- the routine 1904proceeds to a step 2008 , wherein all of the relevant information regarding the new Pocket Vault registration is logged into the database 406 of the network server 114 ( FIG. 4 ). As shown in FIG. 20 , this information may include, for example, the interface station operator ID, the interface unit ID, the Pocket Vault ID, and all of the relevant information relating to the new Pocket Vault holder.
- the routine 1904proceeds to a step 2010 , wherein the network server 114 transmits encrypted validation information to the interface station computer 304 , which then may be passed on to the pocket vault interface unit 302 , and then to the Pocket Vault 102 , so as to enable the new holder's fingerprint to be stored in the memory of the Pocket Vault 102 .
- routine 1904terminates.
- FIG. 21is a flow diagram illustrating example of a routine that may be employed to implement the step 1910 of the primary routine 1900 ( FIG. 19 ).
- routine 1910begins at a step 2102 , wherein it is determined whether all of the requested updates have been received from the media issuer or advertiser.
- the routine 1910proceeds to a step 2104 , wherein it is determined whether the media issuer or advertiser is authorized access to the network server 114 .
- This authorization processmay require some sort of authentication of the identity of the computer used by the media issuer or advertiser requesting the update, the operator of the computer, and/or the location of the computer, in a manner similar to that in which the interface stations 104 and their operators are authorized.
- the routine 1900proceeds to a step 2106 , wherein a message is transmitted to the media issuer or advertiser informing the media issuer or advertiser that access to the network server 114 has been denied.
- routine 1910terminates.
- the routine 1910proceeds to a step 2108 , wherein the updates received from the media issuer or advertiser are logged onto the network server 114 .
- routine 1910terminates.
- FIG. 22is a flow diagram illustrating an example a routine that may be employed to implement the step 1914 of the primary routine 1900 ( FIG. 19 ).
- routine 1914begins at the step 2006 (discussed below in connection with FIG. 25 ), wherein it is determined whether the attempted Pocket Vault use is authorized.
- the routine 1914terminates.
- the routine 1914proceeds to a step 2202 , wherein encrypted updates are transmitted to the interface station computer 304 for loading onto the Pocket Vault 102 .
- routine 1914proceeds to steps 2204 and 2206 , wherein the time and date of the updates are logged (step 2204 ), and the media issuers or advertisers are informed that the updates have been made (step 2206 ).
- FIG. 23is a flow diagram illustrating an example of a routine that may be employed to implement the step 1918 of the primary routine 1900 ( FIG. 9 ).
- routine 1918begins at a step 2302 , wherein it is determined whether the file to be loaded onto the network server 114 relates to a secure media issuer.
- routine 1918proceeds to a step 2304 , wherein the network server 114 is updated with the non-secure file.
- routine 1918terminates.
- the routine 1918proceeds to a step 2306 , wherein it is determined whether the secure media issuer is a Pocket Vault participant (i.e., a media issuer having access to the network server 114 ).
- the routine 1918proceeds to a step 2308 , wherein an advisory is sent to the holder indicating an inability to load the file, and inquiring as to whether the holder desires to load the file in a non-secure format.
- the holdermay, for example, opt to load the file to the network server 114 in such a way that the content of the file is not encodable to the Chameleon Card, but can be displayed and shown to a POS operator and manually keyed in at POS by the POS operator.
- routine 1918proceeds to a step 2316 , wherein it is determine whether the holder has elected to load the file in a non-secure format.
- routine 1918terminates.
- routine 1918proceeds to a step 2318 , wherein the file is loaded onto the network server 114 in a non-secure format.
- routine 1918terminates.
- the routine 1918proceeds to a step 2310 , wherein the media issuer is queried as to the account status of the holder.
- routine 1918proceeds to a step 2312 , wherein it is determined whether authorization has been received from the media issuer to load the file.
- routine 1918proceeds to the step 2308 (discussed above).
- routine 1918proceeds to a step 2314 , wherein the network server 114 is updated with the secure file.
- routine 1918terminates.
- FIG. 24is a flow diagram illustrating an example of a routine that may be employed to implement the step 1922 of the primary routine 1900 ( FIG. 19 ).
- routine 1922begins at the step 2006 (discussed below in connection with FIG. 25 ), wherein it is determined whether the attempted use of the Pocket Vault 102 is authorized.
- the routine 1922proceeds to a step 2402 , wherein it is determined whether the requested transaction is within acceptable account parameters (e.g., as set by the media issuer).
- routine 1922proceeds to a step 2404 , wherein a message is transmitted to the entity that requested the transaction (e.g., a commercial interface station 104 C, a card reader 106 , or a barcode reader 107 ) indicating that the transaction is outside of acceptable account parameters.
- entity that requested the transactione.g., a commercial interface station 104 C, a card reader 106 , or a barcode reader 107
- the logged informationmay include the identification of the entity with which the transaction took place, the Pocket Vault ID (if available), and the time and date of the transaction.
- the routine 1922proceeds to a step 2408 , wherein an encrypted approval message is transmitted to the entity with which the transaction is being attempted (e.g., a commercial interface station 104 C, a card reader 106 , or a barcode reader 107 ).
- entity with which the transaction is being attemptede.g., a commercial interface station 104 C, a card reader 106 , or a barcode reader 107 .
- FIG. 25is a flow diagram illustrating an example of a routine that may employed to implement the step 2006 of the routines 1904 ( FIG. 20 ), 1914 ( FIG. 22 ), and 1922 ( FIG. 24 ).
- the routine 2006begins at a step 2502 , wherein it is determined whether the point of sale terminal or other entity with which a transaction is being attempted is connected to a valid source (e.g., an authorized telephone line or an authorized internet protocol (IP) address).
- a valid sourcee.g., an authorized telephone line or an authorized internet protocol (IP) address.
- routine 2006proceeds to a step 2510 , wherein the transaction is refused, and a security alert is generated so that appropriate action(s) may be taken.
- routine 2006proceeds to a step 2504 , wherein it is determined whether the ID of the interface station, card reader or barcode reader is valid, and is properly linked to the source to which is connected.
- the routineproceeds to the step 2510 (discussed above).
- the routine 2006proceeds to a step 2506 , wherein it is determined whether the Pocket Vault ID (if available) is valid. It should be appreciated that, when a card reader 106 , a barcode reader 107 or an RF signal receiver is employed, it is possible that the ID from the Pocket Vault will not be transmitted to the network server 114 . Therefore, the step 2506 may be skipped in such a situation.
- the routine 2006proceeds to the step 2510 (discussed above).
- the routine 2006proceeds to a step 2508 , wherein it is determined whether the Pocket Vault ID (if available) is linked to the ID of the entity proposing the transaction, e.g., a commercial interface station 104 c, a card reader 106 , or a barcode reader 107 .
- the routine 2006proceeds to the step 2510 (discussed above).
- the routine 2006proceeds to a step 2512 , wherein the Pocket Vault use is authorized.
- FIG. 27illustrates a network system similar to that described hereinabove.
- the system of FIG. 27includes several additional components which serve to increase the network's functionality and utility. Accordingly, it should be appreciated that, in addition to the components illustrated in FIG. 27 , the system may also include all or some of the components and features of the system described above in connection with FIGS. 1-26 , and may also incorporate all or some of that system's functionality.
- the Pocket Vault 102may be coupled to an interface station 104 (including an interface unit 302 coupled to an the interface station computer 304 ).
- the interface unit 302may include a communication port 2706 , which is adapted to perform basic communications functions for interaction between the interface unit 302 and each of the Pocket Vault 102 and the interface station computer 304 .
- This communicationcan take place over physical wires using a USB protocol or HotWire, or any other suitable protocol.
- the communicationcan be wireless, using a standard wireless protocol, such as Bluetooth, or any other suitable protocol.
- the communication port 2706may, of course, be adapted to perform communications functions depending on the requirements on the particular protocol used.
- a USB protocolis used, and the interface unit 302 is connected to the interface station computer 304 through a USB port.
- the interface unit 302contains a stripe reader 315 .
- the purpose and operation of the stripe reader 315is described below in connection with FIG. 34 .
- the interface station computer 304may be any suitable computer that employs one or more processors to execute instructions stored in memory.
- the interface station computer 304may even comprise several inter-networked computers.
- the interface station computer 304may use the communication software 2710 to communicate with the network server 114 via the network 2724 .
- the communication software 2710may be any of a number of communication programs known in the art, and the invention is not limited to any particular type of software.
- the software 2710may, for example, comprise a web browser, a terminal emulation program, a proprietary program, or any other software module capable of communicating with other computers using the network 2724 .
- the network 2724may be any communication network known in the art.
- the network 2724may comprise the World Wide Web, a Local Area Network, or any other networking arrangement adapted for communication between digital computers.
- the communication software 2710uses internet settings 2722 when accessing the network 2724 .
- the internet settings 2710may include any user preferences or software settings relevant to communication functions and usability of the communication software 2710 .
- the internet settings 2722may comprise, for example, the network name and the identification of the interface station computer 304 , an identification of communications protocols used to connect to the network 2724 , network preferences, such as whether any proxy servers may or should be used, a list of frequently-used servers, cookies previously obtained from various websites, digital certificates, personal bookmarks, user identity data, user password data for various servers, etc.
- the communication software 2710may access the network 2724 through communication protocol layer 2714 .
- the communication protocol layer 2714may be dial-up software, a TCP/IP layer, or any other suitable networking layer.
- the communication protocol layer 2714may, for example, execute low-level communication functions, thereby providing useful abstractions to the communication software 2710 .
- the interface station computer 304is connected to the network 2724 using a modem, and the communication protocol layer 2714 is a dialup software module.
- the interface station computer 304may also contain one or more communication drivers 2712 . Although multiple drivers may, in fact, be employed, for simplicity of discussion, the description hereinafter may refer to all such drivers as a single “driver.”
- the communication driver 2712acts both as a device driver for the interface unit 302 , and also as a communications driver capable of accessing internet settings 2722 and facilitating communications between the Pocket Vault 102 and the server 114 by using the communication protocol layer 2714 to establish a connection to the network server 114 through the network 2724 .
- the network server 114may comprise any suitable processor-based device or its equivalent. It may be either a single or multi-processor machine, or even a collection of servers inter-networked together. In one embodiment, the network server 114 stores both data and applications that are accessible to users. The network server 114 may, for example, store and serve a website, i.e., a collection of web pages and data that are available to users via a browser.
- the network server 114may include one or more controllers 402 and a database 406 , as described above in connection with FIG. 4 .
- the network server 114may include a communication protocol layer 2716 , which provides low-level communication functions to server communications software.
- the communication protocol layer 2716may be, but need not be, the same as the communication protocol layer 2714 of the interface station computer 304 .
- the network server 114may communicate through the network 2724 with an issuer authority 2718 .
- the issuer authority 2718may correspond, for example, to any of the advertiser(s) 108 , non-financial media issuer(s) 110 , or financial media issuer(s) 112 described above in connection with FIG. 1 , or may be any entity designated to represent any of the same.
- the networking arrangement illustrated in FIG. 27allows the Pocket Vault 102 to access the network server 114 . It also allows the interface station computer 304 to access restricted portions of the network server 114 , such as, for example, user data stored in the database 406 , when access is authenticated through communication from the Pocket Vault 102 to the network server 114 . Authentication and access to restricted areas of the network server 114 will be further described below.
- FIG. 28is a block diagram illustrating example components of the control software 2708 that may be disposed on the Pocket Vault 102 .
- control software 2708may include components such as a communications software module 2802 , a card loading module 2804 , an internet settings management module 2806 , a synchronization module 2808 , a statistics module 2810 , and a security module 2812 . It should be appreciated, of course, that the control software 2708 is not limited to the illustrative modules shown, and that the control software 2708 may comprise fewer modules or additional modules to perform other functions, such as the functionality described above in connection with FIGS. 7-12 .
- the communications software module 2802may, for example, be responsible for communications with the network server 114 and with the interface station computer 304 , in the manner discussed below.
- the card loading module 2804may, for example, be responsible for loading data for new cards or tokens and storing such data in memory, as well as for transferring this data to the network server 114 , when appropriate. Examples of how card/token data may be loaded onto the Pocket Vault 102 are discussed below in connection with FIG. 34 .
- Internet settings management module 2806may, for example, be responsible for managing the storage and use of internet settings by the Pocket Vault 102 . Such internet settings may, for example, correspond to any of the internet settings 2722 that may be stored on the interface station computer 304 .
- the internet settings management module 2806may allow a user to store, manage, and transfer internet settings, e.g., cookies and preference settings, from one computer to another. Operation of the internet settings management module 2708 will be further described below in connection with the steps 3310 and 3320 of the routine 3024 ( FIG. 33 ).
- the synchronization module 2808may, for example, be responsible for synchronizing data and settings stored on the Pocket Vault 102 with data and settings stored on the network server 114 . Operation of the synchronization module 2808 is described below in connection with FIG. 35 .
- the statistics module 2810may, for example, collect statistics concerning use of the Pocket Vault 102 . Such statistics may, for example, include information such as the number of accesses to various cards stored in the memory of the Pocket Vault 102 , the number of financial transactions engaged in, the date of the last update of the Pocket Vault 102 , the total amount and kind of data transferred between the Pocket Vault 102 and each interface station 104 and/or the network server 114 . In addition, the statistics module 2810 may be adapted to be customized by the user.
- the security module 2812may, for example, ensure security of authentication and communications. All communications to and from the network server 114 and the interface station 104 may be encrypted by the security module 2812 , so that any attacker who intercepts those communications will receive no useful information.
- any of numerous types of encryptionmay be used to satisfactorily protect communications between the Pocket Vault 102 and the other devices in the network.
- one of the asymmetric-key encryption typessuch as public key encryption or private key encryption, may be used.
- public key encryption or private key encryptionmay be used.
- These public/private encryption techniquesare well known in the art and therefore will not be described here in detail.
- one-time pad encryption or other encryption techniquesmay be used to achieve a similar objective.
- the Pocket Vault 102may be adapted to not release any personal or secure information, even encrypted, until the holder presents satisfactory verification of his or her identity, such as, for example, presenting the holder's fingerprint to the fingerprint scanner 220 or entering a password.
- fingerprint and password protectionmay be used together for authentication purposes, such that personal or secure information can be transferred or released only if the holder has been successfully authenticated using both techniques.
- securitymay be implemented using different measures, or may be omitted altogether in situations where the interface station computer 304 is a trusted host.
- security module 2812may be called on to perform security functions in situations other than communicating with the network server 114 and the interface station computer 304 .
- FIG. 29is a data flow diagram illustrating how data may be transferred between the Pocket Vault 102 and a user interface 2902 of the interface station computer 304 .
- the user interface 2902may, for example, comprise a web browser included in the communications software 2710 running on the interface station computer 304 . Alternatively, it may be a stand-alone application that allows a user to interact with the communications software 2710 and, through it, interact with a website located on the network server 114 .
- the data transfertakes place via the communication driver 2712 , the network server 114 , and the communications software 2710 , data can flow in both directions at all connection points, and all communications between the Pocket Vault 102 and the user interface 2902 of the interface station computer 304 pass through the network server 114 .
- the usermay, for example, update settings on the Pocket Vault 102 by using the user interface 2902 and the communication software 2710 to update settings on the network server 114 , and then instructing the network server 114 to update settings on the Pocket Vault 102 via the communication driver 2712 .
- the network server 114implements a website, where user information may be selectively stored and accessed by a person using the communication software 2710 (e.g., a web browser) running on the interface station computer 304 , and any user may access the website on the network server 114 .
- the websitemay have a so-called “restricted area” which can be accessed only after the user has authenticated his or her identity.
- the term “restricted area” or “restricted information”means any data that is not available to general public without some sort of authentication.
- each usermay have preferences stored in the database 406 that would indicate how the main site should be presented to that user. Those preferences will not be available to other users.
- database 406may also contain private user information, such as information about a user's credit cards and identity information. Access to this restricted information may be limited, for example, to only “authenticated” users.
- Authentication of a Pocket Vault holdermay be achieved, for example, by the holder applying a fingerprint to the fingerprint scanner 220 of the Pocket Vault 102 , interfacing the Pocket Vault 102 with the interface unit 302 (which acts essentially as a pass-through device), and establishing a connection between the Pocket Vault 102 and the network server 114 via the communication driver 2712 .
- the websitemay determine: (1) whether the Pocket Vault 102 has been “validated,” i.e., whether a fingerprint has been stored in the fingerprint memory of the Pocket Vault 102 and whether validation information (e.g., a PKI certificate) is present on the Pocket Vault 102 , and (2) whether the Pocket Vault 102 has been authenticated, i.e., whether the fingerprint recently scanned by the Pocket Vault 102 matched the fingerprint stored in the fingerprint memory of the Pocket Vault 102 . If the website determines that the Pocket Vault 102 has not yet been validated, the user may be given an option to validate the Pocket Vault 102 using the website software. If the website determines that the Pocket Vault 102 has been validated and authenticated, then the network server 114 may enable the authenticated holder to access or perform functions relating to some or all of the restricted area of the database 406 containing that holder's information.
- validation informatione.g., a PKI certificate
- Communication driver 2712may be a light-weight application that can access and modify the internet settings 2722 , and can also access communications protocol layer 2714 , but cannot transfer information to any other software programs.
- the communication driver 2712may access the internet settings 2722 in order to determine that the interface station computer 304 is connected to the network 2724 through a dial-up connection; following that, it may initiate the dial-up connection or use an established connection through the communications protocol layer 2714 in order to tunnel packets from the Pocket Vault 102 to the network 2724 .
- FIG. 30is a flow diagram illustrating an example implementation of the PROCESS REQUEST TO ACCESS WEBSITE routine 1422 shown in FIG. 14 , which may be executed by the controller 308 of the interface station computer 304 .
- this routineneed not be accessed as a result of a user selecting it from the menu displayed in the step 1402 . Rather, a user may simply use a browser to directly log onto the website on the network server 114 .
- routine 1422begins at a step 3002 , wherein the interface station computer 304 is caused to access the website on the network server 114 , e.g., by using a browser to access the website.
- routine 1422proceeds to a step 3004 , wherein it is determined whether the requisite communication drivers 2712 have been installed.
- routine 1422proceeds to an INSTALL DRIVER(S) routine 3006 (discussed below in connection with FIG. 31 ), which is responsible for installing the communication drivers 2712 .
- routine 1422proceeds to a step 3008 , wherein the communication drivers 2712 are caused to become operational.
- routine 1422proceeds directly to the step 3008 (discussed above).
- the routine 1422proceeds to steps 3010 - 3016 , wherein attempts are made to establish a connection between the Pocket Vault 102 and the website on the network server 114 within a time out period determined by the step 3014 . Each time it is determined that the connection has not yet been established, the user is prompted to interface the Pocket Vault 102 with the interface unit 302 and to connect the interface unit 302 to the interface station computer 304 (e.g., using a USB cable).
- routine 1422proceeds to a step 3026 , wherein a message is displayed to the user regarding the unsuccessful communication attempt between the Pocket Vault 102 and the website on the network server 114 .
- the routine 1422proceeds to a step 3018 , wherein it is determined whether the Pocket Vault 102 has been validated, e.g., whether a holder's fingerprints and a PKI certificate are stored therein.
- the websitemay, for example, make this determination based upon the messages exchanged during the handshaking protocol engaged in between the Pocket Vault 102 and the network server 114 .
- the routine 1422proceeds to a NEW POCKET VAULT HOLDER routine 3020 , which is discussed below in connection with FIG. 32 .
- the routine 1422proceeds to an EXISTING POCKET VAULT HOLDER routine 3024 , which is discussed below in connection with FIG. 33 .
- routine 1422terminates.
- routine 1422proceeds to a step 3022 , wherein it is determined whether a new holder was successfully validated.
- routine 1422proceeds to the EXISTING POCKET VAULT HOLDER routine 3024 (discussed above).
- routine 1422terminates.
- FIG. 31is a flow diagram illustrating an example implementation of the INSTALL DRIVER(S) routine 3006 shown in FIG. 30 .
- routine 3006begins at a step 3102 , wherein the necessary communication drivers 2712 are downloaded from another computer, e.g., a website on the World Wide Web.
- the routine 3006proceeds to steps 3104 - 3108 , wherein the necessary communication drivers 2712 are installed on the interface station computer 304 and registered with network server 114 , and the preferences for the communication drivers 2712 are set either automatically or in response to user input.
- the communication driver 2712may communicate with the network server 114 in order to register itself and its attributes. Among these attributes can be such things as a unique identifier for the interface station computer 304 on which that driver is installed, the identity of the user registering it, and other such items.
- the preferences that may be set by the user during the step 3108may, for example, include information such as how and where to access the internet settings 2722 , how many attempts at connection should be performed, etc.
- routine 3006terminates.
- FIG. 32is a flow diagram illustrating an example implementation of the NEW POCKET VAULT HOLDER routine 3020 shown in FIG. 30 .
- routine 3020begins at a step 3202 , wherein it is determined whether the new holder has indicated that he or she has already established an account with the website on the network server 114 .
- routine 3020proceeds to a step 3204 , wherein a new account is established on the website on the network server 114 in response to user input to a browser running on the interface station computer 304 .
- the routine 3020proceeds to a step 3206 , wherein the new holder is prompted to apply his or her fingerprint to the fingerprint scanner 220 while the Pocket Vault 102 is interfaced with the interface unit 302 . The user is further prompted to follow the directions on the Pocket Vault 102 .
- the useris instructed by the Pocket Vault to apply six finger prints (three from one finger on the left hand and three from one finger on the right hand) sequentially to the fingerprint scanner 220 , waiting for a beep each time.
- a fingerprintis applied to a fingerprint scanner 220 of an un-validated device
- the useris instructed by the Pocket Vault to apply six finger prints (three from one finger on the left hand and three from one finger on the right hand) sequentially to the fingerprint scanner 220 , waiting for a beep each time.
- an encrypted message including the Pocket Vault IDmay be released from the Pocket Vault to the interface unit 302 . Because of the established connection between the Pocket Vault 102 and the website on the network server 114 , this encrypted message should reach the website. And, in response to receiving this encrypted message, the website should release encrypted validation information (e.g., a PKI certificate) back to the Pocket Vault 102 via the established connection.
- encrypted validation informatione.g., a PKI certificate
- the routine 3020proceeds to steps 3208 - 3210 , wherein it is determined whether the Pocket Vault 102 has released the encrypted message including the Pocket Vault ID to the website before a timeout period has elapsed.
- the routine 3020proceeds to a step 3220 , wherein a message is displayed to the user concerning the unsuccessful attempt to validate the Pocket Vault holder.
- routine 3020terminates.
- the routine 3020proceeds to a step 3212 , wherein it is determined whether the website has released the encrypted validation information (e.g., a PKI Certificate) to the Pocket Vault 102 .
- the encrypted validation informatione.g., a PKI Certificate
- the routine 3020proceeds to the step 3220 (discussed above).
- the routine 3020proceeds to a step 3216 , wherein a message is displayed to the user concerning the successful validation of the new Pocket Vault holder.
- the encrypted validation informatione.g., a PKI Certificate
- routine 3020terminates.
- the routine 3020proceeds to a step 3218 , wherein a check is made to verify the holder's identity.
- the holdermay, for example, be required to enter personal information, such as name, contact information, and security information to verify his or her identity.
- the routine 3020proceeds to the step 3206 (discussed above), with the holder's previously-stored account information being used for the new Pocket Vault 102 .
- routine 3020proceeds to the step 3220 (discussed above).
- FIG. 33is a flow diagram illustrating an example implementation of the EXISTING POCKET VAULT HOLDER routine 3024 shown in FIG. 30 .
- the routine 3024begins at a step 3302 , wherein it is determined whether the Pocket Vault 102 has been authenticated, e.g., whether the Pocket Vault 102 has determined that a fingerprint applied to the fingerprint scanner 220 matches one of the fingerprints stored in the fingerprint memory of the Pocket Vault 102 .
- This authentication proceduremay operate as described above in connection with the step 712 ( FIG. 7 ), or an additional or different routine may be employed (e.g., as part of the security module 2812 described above in connection with FIG. 28 ) to determine whether the holder has successfully authenticated his or her identity, thereby enabling the network server 114 to establish a “trust” relationship with the Pocket Vault 102 .
- the routine 3024proceeds to a step 3304 , wherein the holder is prompted to apply his or her fingerprint to the fingerprint scanner 220 of the Pocket Vault 102 while the Pocket Vault 102 is interfaced with the interface unit 302 , i.e., while keeping the connection established between the Pocket Vault 102 and the website on the network server 114 .
- the step 3306determines whether the Pocket Vault 102 has been properly authenticated prior to the expiration of a timeout period.
- the routine 3024proceeds to a step 3308 , wherein a message is displayed indicating that the authentication attempt was unsuccessful.
- routine 3024terminates.
- the routine 3024proceeds to a step 3310 , wherein the communication driver 2712 causes the internet settings 2722 of the interface station computer 304 to be adjusted to reflect certain internet settings stored in the Pocket Vault 102 , e.g., by the internet settings management module 2806 .
- the internet settings of the Pocket Vault 102may be “ported” to the interface station computer 304 so that the browser operating on the interface station computer 304 may take advantage of those settings while the Pocket Vault 102 is connected to the website on the network server 114 via the communication driver 2712 .
- the internet settings of the Pocket Vault 102 that may be ported to the interface station computer 304 in this mannermay comprise, for example, the network name and identification of the Pocket Vault 102 , an identification of communications protocols used to connect to the network 2724 , network preferences, such as whether any proxy servers may or should be used, a list of frequently-used servers, cookies previously obtained from various websites, digital certificates, personal bookmarks, user identity data, user password data for various servers, etc.
- the internet settings on the Pocket Vault 102may be managed, for example, by one or more modules of the control software, e.g., the internet settings management module 2806 .
- the usermay elect which internet settings are to be ported to the interface station computer 304 during the step 3310 . This functionality may be accomplished, for example, during a SET PREFERENCES routine 3324 (described below in connection with FIG. 39 ).
- the routine 3024proceeds to a step 3312 , wherein it is determined whether one of several “functions” has been selected.
- the seven available functionsare: (1) CARD LOADING (see CARD LOADING routine 3314 —discussed below in connection with FIG. 34 ), (2) SYNCHRONIZATION (see SYNCHRONIZATION routine 3316 —discussed below in connection with FIG. 35 ), (3) RECOVERY (see RECOVERY routine 3318 —discussed below in connection with FIG. 36 ), (4) IDENTITY PORTING OPTIONS (see IDENTITY PORTING OPTIONS routine 3320 —discussed below in connection with FIG.
- the SYNCHRONIZATION routine 3316may be initiated automatically after completion of the step 3310 , if preferences so indicate.
- certain steps required to accomplish synchronization of the Pocket Vault 102 and the website on the network server 114may be taken, without actually completing the synchronization.
- the synchronization module 2808 of the control software 2708may automatically initiate a comparison of the contents of the Pocket Vault 102 and the website to determine what data should be transferred if synchronization is initiated.
- Software on the network server 114may also or alternatively perform a similar comparison function automatically, if so desired.
- some of the above-noted functionsmay be performed without first requiring a Pocket Vault 102 to be authenticated.
- some functionsmay involve the transfer of public or non-sensitive data, and may not require protection via the authentication verification step 3302 .
- routine 3024proceeds to a step 3332 , wherein it is determined whether the connection between the Pocket Vault 102 and the website on the network server 114 is still established.
- the routine 3024returns to the step 3312 (discussed above).
- the routine 3024proceeds to a step 3327 , wherein some or all of the internet settings 2722 are ported from the interface station computer 304 to the Pocket Vault 102 .
- the communication driver 3712may cause the settings to be ported directly to the Pocket Vault 102 from the interface station computer 304 (via the interface unit 302 ), or the settings may be transferred first to the network server 114 and then to the Pocket Vault 102 (via the connection between the network server 114 and the Pocket Vault 102 ).
- only certain types or classes of settingsare ported from the interface station computer 304 to the Pocket Vault 102 in this manner.
- the classes or types of settings that are ported during the step 3327may, for example, be determined by the user in some embodiments. For example, the user may set certain preferences, e.g., during the SET PREFERENCES routine 3324 or by manipulating the Pocket Vault 102 directly, that control the nature and type of internet settings that are ported to the Pocket Vault 102 from the interface station computer 304 during the step 3327 .
- the routine 3024proceeds to a step 3328 , wherein the communication driver 2712 causes the internet settings 2722 on the interface station computer 304 to return to their original state, i.e., the configuration the internet settings 2712 were in before they were altered in the step 3310 .
- the routine 3024proceeds to a step 3330 , wherein any cached web pages or other information temporarily stored in the interface station computer 304 during the communication session between the Pocket Vault 102 and the website on the network server 114 are deleted from cache and other memory in the interface station computer 304 .
- the interface station computer 304is in essentially the same state it was in prior to the beginning of the routine 1422 .
- the communication driver 2712may remain on the interface station computer 304 or may be deleted in connection with the step 3330 . If the communication driver 2712 is kept on the interface station computer 304 , any cache or other memory associated with it that might store personal or sensitive information may also be erased.
- the communication driver 2712caches or stores very little, if any, information that is passed between the Pocket Vault 102 and the website on the network server 114 .
- the communication driver 2712may be constructed such that no useful data, i.e., data that reflects any personal or sensitive information, remains on it after completion of the step 3330 .
- the holderchooses the TERMINATE SESSION function
- the connection between the Pocket Vault 102 and the website on the network server 114is de-established, and the routine 3024 proceeds immediately to the steps 3327 , 3328 and 3330 (discussed above).
- routine 3024terminates.
- FIG. 34is a flow diagram illustrating an example implementation of the CARD LOADING routine 3314 shown in FIG. 33 .
- the routine 3314begins at a step 3402 , wherein a determination is made as to whether the card desired to be loaded is “swipeable.” The user may, for example, be prompted to indicate whether the card has an operational magnetic stripe disposed thereon.
- routine 3314proceeds to a step 3406 , wherein the user is prompted (e.g., via the browser on the interface station computer 304 ) to input information to be used in creating a card account.
- routine 3314proceeds to the step 3410 , wherein the user is prompted to swipe the card through the stripe reader 315 of the interface unit 302 .
- routine 3314proceeds to steps 3408 and 3409 , wherein it is determined whether the interface station computer 304 has received the information from a card swiped through the stripe reader 315 of the interface unit 302 prior to the expiration of a timeout period.
- the routine 3314proceeds to a step 3411 , wherein a message is displayed to the user concerning the failure to properly read the magnetic stripe.
- the routine 3314returns to the step 3402 (discussed above).
- the usermay determine that the magnetic stripe is non-operational, and may indicate at the step 3402 that the card is not swipeable. The user may thereafter create an account for the card manually at the step 3410 (discussed above).
- the routineproceeds to a step 3412 , wherein the website on the network server 114 determines whether the account for the card is valid. This determination may be made, for example, by confirming that the card is owned by the person attempting to add it to his or her Pocket Vault 102 , that the card has not expired, etc.
- the routine 3314proceeds to the step 3412 (discussed above), wherein a determination is made as the validity of the account based upon the information read by the stripe reader 315 .
- routine 3314proceeds to a step 3414 wherein appropriate security precautions are taken.
- routine 3314terminates.
- the routine 3314proceeds to a step 3416 , wherein the information for the card is downloaded from the website on the network server 114 to the Pocket Vault 102 via the communication driver 2712 .
- routine 3314proceeds to a step 3418 , wherein a message is displayed that indicates the card has been successfully loaded onto the Pocket Vault 102 for use in future transactions.
- FIG. 35is a flow diagram illustrating an example implementation of the SYNCHRONIZATION routine 3316 shown in FIG. 33 .
- the routine 3316begins at a step 3502 , wherein certain parameters required to synchronize the Pocket Vault 102 to the website on the network server 114 are determined based upon user preferences and the ID of the Pocket Vault 102 . For example, if a holder has two or more Pocket Vaults 102 , the holder may wish to elect one of them to be a master for synchronization purposes, or the holder may even elect to have the website act as the master. When a holder has more than one Pocket Vault 102 , the holder also may desire to be prompted to select either the current date or the date of the last synchronization as the basis for the synchronization operation.
- the routine 3316proceeds to a step 3504 , wherein the website on the network server 114 generates sets of current data to transfer to the Pocket Vault 102 .
- the websitemay, for example, compare its current data to the data stored on the Pocket Vault 102 so as to identify any data it needs to receive from the Pocket Vault 102 to properly synchronize therewith.
- the routine 3316proceeds to steps 3506 and 3508 , wherein it is determined whether the Pocket Vault 102 has indicated that it is ready to synchronize prior the expiration of a timeout period (measured by the step 3508 ).
- the Pocket Vault 102may, for example, also be performing a similar comparison (e.g., using the synchronization module 2808 ) between its data and the data stored on the website of the network server to determine what data it needs to receive from the website to properly synchronize therewith.
- the routine 3316proceeds to a step 3510 , wherein a message is generated indicating the attempt to synchronize the Pocket Vault 102 with the website on the network server 114 has failed.
- routine 3316terminates.
- the routine 3316proceeds to a step 3512 , wherein accumulated synchronization data is transferred from the website to the Pocket Vault 102 , and vice versa, via the communication driver 2712 .
- the routine 3316proceeds to a step 3516 , wherein the date of the successful synchronization is stored in both the Pocket Vault 102 and the network server 114 .
- the routine 3316proceeds to a step 3518 , wherein a message is generated indicating that the Pocket Vault 102 has been successfully synchronized with the website on the network server 114 .
- FIG. 36is a flow diagram illustrating an example implementation of the RECOVERY routine 3318 shown in FIG. 33 .
- the routine 3318begins at a step 3602 , wherein the website on the network server 114 compiles all data necessary to recover the Pocket Vault 102 to its state as of the last time its contents were synchronized with the website of the network server 114 (e.g., using the routine 3316 —described above) or backed up on the website of the network server 114 (e.g., using routine 3322 —described below).
- step 3604the routine 3318 proceeds to step 3604 , wherein the data compile in the step 3602 is downloaded from the website on the network server 114 to the Pocket Vault 102 via the communication driver 2712 , and a determination is made as to where that downloading has completed prior to the expiration of a timeout period measured at the step 3606 .
- routine 3318proceeds to a step 3608 , wherein a message is generated indicating that the attempted recovery was unsuccessful.
- the routine 3318proceeds to a step 3610 , wherein a message is generated indicating that the attempted recovery of data to the Pocket Vault 102 was successful.
- routine 3318terminates.
- FIG. 37is a flow diagram illustrating an example implementation of the IDENTITY PORTING SELECTION routine 3320 shown in FIG. 33 .
- routine 3320begins at a step 3702 , wherein the internet settings 2722 from the interface station computer 304 are downloaded from the interface station computer 304 to the website on the network server 114 .
- the routine 3320proceeds to a step 3704 , wherein the website on the network server 114 compiles and displays the downloaded internet settings to the user via the browser on the interface station computer 304 .
- the settingsmay be displayed to the user in any of a number of ways. Preferably, the settings are displayed in a manner that enables the user to readily distinguish between various classes of settings, and that permits the user to readily identify the purpose of each type of setting. In some embodiments, only a subset of the all of the internet settings 2722 (e.g., only settings such as cookies and PKI certificates) are transferred to the website for possible modification by the user.
- routine 3320proceeds to steps 3706 and 3708 , wherein the user is given an opportunity to modify the displayed internet settings.
- the usermay, for example, elect to keep certain cookies that were retained among the internet settings 2722 , while choosing to discard others.
- the routine 3320proceeds to a step 3710 , wherein the modified internet settings are downloaded from the website on the network server 114 to the Pocket Vault 102 via the communication driver 2712 .
- routine 3320terminates.
- routine 3320terminates.
- FIG. 38is a flow diagram illustrating an example implementation of the BACKUP routine 3322 shown in FIG. 33 .
- the routine 3322begins at a step 3802 , wherein the website on the network server 114 transmits a request to the Pocket Vault 102 via the communication driver 2712 , asking the Pocket Vault 102 to send the website backup data.
- This backup datamay, for example, constitute all data necessary to place the Pocket Vault 102 back into its present state if any portion of data on the Pocket Vault 102 was lost, or to place a new Pocket Vault 102 into the same state as the backed up Pocket Vault 102 (e.g., using the RECOVERY routine 3318 —discussed above).
- routine 3322proceeds to steps 3804 - 3806 , wherein it is determined whether the requested backup data has been successfully transferred from the Pocket Vault 102 to the website on the network server 114 before the expiration of a timeout period (measured by the step 3806 ).
- routine 3322proceeds to a step 3808 , wherein a message is displayed (e.g., via the browser on the interface station computer 304 ) informing the user that a communication error has occurred and that the backup operation was unsuccessful.
- the routine 3322determines that, before the timeout period, the backup data has been successfully transferred from the Pocket Vault 102 to the website on the network server 114 via the communication driver 2712 .
- the routine 3322proceeds to a step 3810 , wherein the received backup data is stored by the network server 114 , e.g., for use in connection with the RECOVERY routine 3318 .
- routine 3322proceeds to a step 3812 , wherein a message is displayed (e.g., via the browser on the interface station computer 304 ) informing the user that the backup operation was successfully completed.
- routine 3322terminates.
- FIG. 39is a flow diagram illustrating an example implementation of the SET PREFERENCES routine 3324 shown in FIG. 33 .
- the SET PREFERENCES routine 3324permits the holder to set or alter preferences on his or her Pocket Vault 102 using a browser on the interface station computer 104 .
- the routine 3324begins at a step 3902 , wherein the website on the network server 114 transmits a request to the Pocket Vault 102 via the communication driver 2712 , requesting the Pocket Vault 102 to transmit all “preferences” information stored on the Pocket Vault 102 to the website on the network server 114 via the communication driver 2712 .
- This informationmay, for example, comprise definitions of home pages, connection of secure and non-secure media, order of media presentment, sort orders, user interface options, synchronization defaults, etc.
- routine 3324proceeds to steps 3904 and 3906 , wherein it is determined whether the preferences information has been received from the Pocket Vault 102 prior to the expiration of a timeout period (measured by the step 3906 ).
- the routine 3324proceeds to a step 3908 , wherein a message is displayed (e.g., on the browser) indicating that a communication error has occurred.
- routine 3324terminates.
- the routine 3324proceeds to a step 3910 , wherein the website compiles and displays the current preference settings for the Pocket Vault 102 (e.g., on the browser) in a user friendly manner.
- routine 3324proceeds to steps 3912 and 3914 , wherein the user is given an opportunity to modify the displayed preference settings.
- routine 3324terminates.
- the routine 3324proceeds to a step 3916 , wherein the modified preference settings are downloaded from the website on the network server 114 to the Pocket Vault 102 via the communication driver 2712 .
- a messageis displayed (e.g., via the browser on the interface station computer 304 ) informing the user that the preference settings for the Pocket Vault 102 were successfully modified.
- One illustrative example of an application of the network system described hereinis in the distribution of building access key cards and similar limited-use, time-sensitive media to individual operators.
- the following typical scenarioinvolves distribution of hotel room key cards to hotel guests who make room reservations over the Internet.
- the prospective guestwho is also a Pocket Vault holder, may secure a room for a specific time period by providing a credit card number.
- This stepmay or may not involve use of a credit card stored on the Pocket Vault 102 . If it does involve use of a Pocket Vault credit card, this card may, for example, be accessed while the Pocket Vault 102 is interfaced with the holder's personal interface station 104 b .
- the prospective hotel guestmay link to the network server 114 (while staying within the hotel's website), and follow on-screen instructions for downloading the key card for his/her room onto the Pocket Vault 102 (e.g., to ensure that the Pocket Vault 102 is interfaced with the pocket vault interface unit 302 , and to ensure that the Pocket Vault holder has activated the Pocket Vault 102 by the appropriate security mechanism such as a thumbprint for bio-metric ID verification).
- the display 216 of the Pocket Vault 102may include an icon for the hotel room key (e.g., the hotel's logo), along with the icons for media previously loaded.
- the Pocket Vault 102may encode the Chameleon Card with the magnetic stripe coding to unlock the guest's hotel room.
- the Pocket Vault 102may automatically delete the room key icon. This deletion may occur for the convenience of the Pocket Vault holder, not necessarily for hotel security reasons, since the room's lock will reject any previously-used key card (Chameleon or traditional key card) after the key card's specified time period has expired.
Landscapes
- Business, Economics & Management (AREA)
- Engineering & Computer Science (AREA)
- Accounting & Taxation (AREA)
- Finance (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Strategic Management (AREA)
- General Business, Economics & Management (AREA)
- Development Economics (AREA)
- Economics (AREA)
- Computer Security & Cryptography (AREA)
- Marketing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Game Theory and Decision Science (AREA)
- Entrepreneurship & Innovation (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Microelectronics & Electronic Packaging (AREA)
- Databases & Information Systems (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Storage Device Security (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
- Telephonic Communication Services (AREA)
Abstract
Description
- This application is a divisional of application Ser. No. 09/968,628, filed Oct. 1, 2001, and now pending, which claims the benefit of each of the following U.S. Provisional Patent Applications: (1) Application Ser. No. 60/156,356, filed Sep. 28, 1999; (2) Application Ser. No. 60/167,050, filed Nov. 23, 1999; (3) Application Ser. No. 60/184,425, filed Feb. 23, 2000; and (4) Application Ser. No. 60/217,542, filed Jul. 12, 2000.
- The present inventions are directed to novel systems and methods for engaging in transactions involving financial and/or non-financial media.
- People often times carry wallets with them when they engage in their day to day activities. A typical wallet is made of leather or other suitable material, and is generally a foldable structure that readily fits into a pocket or purse. A wallet typically includes a number of pockets, pouches, or the like for storing items such as a driver's license, a social security card, identification cards, credit cards, debit cards, membership cards, commuter passes, access tools, business cards, cash, coupons, event tickets, transportation tickets, frequent customer cards (e.g., a frequent flier card), medical information cards, receipts, photographs, etc.
- Wallets are frequently stolen, lost, or misplaced. When any of these events occurs, not only must the wallet itself be replaced, but all of the contents of the wallet must be replaced as well. As anyone who has lost a wallet can testify, replacing the contents of a wallet can be cumbersome and expensive. In addition, if a wallet is stolen or if a lost wallet falls into the wrong hands, the contents of the wallet may be used to engage in unauthorized activities which financially detriment the wallet owner, as well as any banks, credit issuers, and/or other institutions that issued financial media to the wallet owner.
- While the wallet owner is generally able to “cancel” financial media in such situations by contacting the respective financial media issuers, often times this is done too late, i.e., after one or more media have been exploited by the unauthorized user. In some cases, the wallet owner may not recall all of the contents of the now stolen wallet, and so may fail to report theft of one or more items. Further, in addition to any cash contained in a lost or stolen wallet, many media issued by non-financial media issuers have a significant cash value, e.g., transportation tickets, event tickets, commuter passes, and the like, and therefore represent an immediate (and often times unrecoverable) financial loss to the wallet owner. Moreover, the misappropriation of media issued by non-financial media issuers that contain personal information, e.g., a drivers license, social security card, identification card, etc., present the opportunity for an unauthorized possessor of a wallet to engage in the practice known as “identity theft,” whereby the possessor may assume the identity of the wallet owner for various fraudulent purposes, e.g., using the assumed identity to obtain and exploit one or more new financial media.
- According to one aspect of the present invention, a method is disclosed for enabling a software module on a computer operated by a user to access restricted information on a server. With an electronic device distinct from the computer, an identity of the user is authenticated to determine that the user is permitted to access the restricted information on the server. In response to the electronic device authenticating the identity of the user, the software module on the computer is permitted to access the restricted information on the server.
- According to another aspect, a method is disclosed for altering settings on a computer to correspond to settings on an electronic device distinct from the computer. With the electronic device, an identity of a user is authenticated to determine that the user is authorized to use the electronic device. In response to authenticating the identity of the user, the settings on the computer are altered to correspond to settings on the electronic device.
- According to another aspect of the invention, a system for enabling a software module on a computer operated by a user to access restricted information on a server includes an electronic device which includes a user-authenticator to authenticate an identity of the user to determine that the user is permitted to access the restricted information on the server. The system further comprises means for, in response to the electronic device authenticating the identity of the user operating the computer, enabling the software module on the computer to access the restricted information on the server.
- According to yet another aspect, a system for altering settings on a computer to correspond to settings on an electronic device distinct from the computer comprises a user authenticator included in the electronic device to authenticate an identity of a user to determine that the user is authorized to use the electronic device. The system further comprises means for, in response to authenticating the identity of the user, altering the settings on the computer to correspond to settings on the electronic device.
- According to another aspect, an apparatus includes a housing; a user authenticator, supported by the housing, that authenticates an identity of a user; at least one memory, supported by the housing, that stores,transaction information for at least first and second media; and at least one output, supported by the housing, that releases at least a portion of the transaction information to a point-of-sale (POS) terminal after the user authenticator has authenticated the identity of the user.
- According to another aspect of the present invention, a method involves steps of: (a) storing transaction information for at least first and second media in a memory of a device (b) using the device to authenticate an identity of a user; and (c) after authenticating the identity of the user with the device, transferring at least a portion of the transaction information from the device to a point-of-sale (POS) terminal.
- According to another aspect of the present invention, an apparatus includes: a housing; at least one memory, supported by the housing, that stores transaction information for at least one media; a user authenticator, supported by the housing, that authenticates an identity of a user of the apparatus; and at least one output, supported by the housing, that, after the user authenticator has authenticated the identity of the user, releases an embedded identification code of the apparatus from the housing that enables a device receiving the embedded identification ID code to authenticate the identity of the apparatus.
- According to another aspect of the present invention, a method involves steps of: storing transaction information for at least one media in a memory of a first device; using the first device to authenticate an identity of a user; and after authenticating the identity of the user with the first device, releasing an embedded identification code of the apparatus from the housing that enables a second device receiving the embedded identification code to authenticate the identity of the first device.
- According to another aspect of the present invention, an apparatus includes: at least one memory that stores transaction information for at least first and second media; at least one input that enables a user to select one of the at least first and second media; a display that provides a visual indication to the user regarding which of the at least first and second media has been selected with the at least one input; and at least one output that selectively releases at least a portion of the transaction information to a point-of-sale (POS) terminal.
- According to another aspect of the present invention, a method involves steps of: storing transaction information for at least first and second media in a memory of a device; receiving as input a user's selection of one of the at least first and second media; displaying a visual indication to the user regarding which of the at least first and second media has been selected; and transferring at least a portion of the transaction information from the device to a point-of-sale (POS) terminal.
- According to another aspect of the present invention, an apparatus includes: at least one memory that stores transaction information for at least one financial media and at least one non-financial media; and at least one output that selectively releases at least a portion of the transaction information to a point-of-sale (POS) terminal.
- According to another aspect of the present invention, a method involves steps of: storing transaction information for at least one financial media and at least one non-financial media in a memory of a device; and transferring at least a portion of the transaction information from the device to a point-of-sale (POS) terminal.
- According to another aspect of the present invention, a system includes: a housing; at least one memory, supported by the housing, that stores transaction information for at least one media; a device releasably attached to the housing; and configuring means, supported by the housing, for selectively configuring the device to hold the transaction information so that the device may be used to engage in a transaction involving the at least one media.
- According to another aspect of the present invention, a method involves steps of: (a) storing transaction information for at least one media in a memory of a first device, the first device having a second device releasably attached thereto; (b) while the second device is attached to the first device, configuring the second device to hold the transaction information for the at least one media based on the contents of the memory; (c) detaching the second device from the first device; and (d) using the second device to engage in a transaction involving the at least one media.
- According to another aspect of the present invention, a system includes: a first device including a user authenticator that authenticates an identity of a user; and a second device releasably attached to the first device, wherein the second device holds transaction information for at least one media so that the second device may be used to engage in a transaction involving the at least one media, and wherein the second device is detached from the first device after the user authenticator has authenticated the identity of the user.
- According to another aspect of the present invention, a method involves steps of: with a first device, authenticating an identity of a user; and after authenticating the identity of a user with the first device, detaching a second device from the first device, the second device holding transaction information for at least one media so that the second device may be used to engage in a transaction involving the at least one media.
- According to another aspect of the present invention, a system includes: a first device; a second device that has the first device releasably attached thereto, the second device including means for selectively configuring the first device to hold transaction information for a first media but not for a second media so that the first device may be used to engage in a transaction involving the first media but not the second media, and the second device further including means for selectively configuring the first device to hold transaction information for the second media but not for the first media so that the first device may be used to engage in a transaction involving the second media but not the first media.
- According to another aspect of the present invention,a method involves steps of: selectively configuring a device to hold transaction information for a first media but not for a second media so that the device may be used to engage in a transaction involving the first media but not the second media; and selectively configuring the device to hold transaction information for the second media but not the first media so that the device may be used to engage in a transaction involving the second media but not the first media.
- According to another aspect of the present invention, a system includes: at least one memory that stores first transaction information for a first media; at least one output that selectively releases at least a portion of the first transaction information to a point-of-sale (POS) terminal; and means for enabling a person to whom the first media is issued to selectively add second transaction information for a second media to the memory.
- According to another aspect of the present invention, a method involves steps of: storing first transaction information for a first media in a memory of a device; releasing at least a portion of the first transaction information to a point-of-sale (POS) terminal; and in response to a request by the person to whom the first transaction information is issued, adding second transaction information for a second media to the memory.
- According to another aspect of the present invention, a system includes: at least one memory that stores first transaction information for a first media and second transaction information for a second media; at least one output that selectively releases at least a portion of the first transaction information to a point-of-sale (POS) terminal; and means for enabling a person to whom the first media is issued to selectively remove at least a portion of the second transaction information from the memory.
- According to another aspect of the present invention, a method involves steps of: storing first transaction information for a first media and second transaction information for a second media in a memory of a device; releasing at least a portion of the first transaction information to a point-of-sale (POS) terminal; and, in response to a request by the person to whom the second media is issued, removing at least a portion of the second transaction information from the memory.
- According to another aspect of the present invention, a system includes: at least one memory that stores transaction information for at least one media; at least one output that selectively releases at least a portion of the transaction information to a point-of-sale (POS) terminal; and means for enabling at least one functional characteristic of the at least one media to be altered by altering the contents of the least one memory.
- According to another aspect of the present invention, a method involves: storing transaction information for at least one media in a memory of a device; releasing at least a portion of the transaction information to a point-of-sale (POS) terminal; and altering at least one functional characteristic of the at least one media by altering the contents of the least one memory.
- According to another aspect of the present invention, an apparatus includes: a housing; a user authenticator, supported by the housing, that authenticates an identity of a user; at least one memory that, supported by the housing, stores first transaction information for a first media and second transaction information for a second media; and at least one output, supported by the housing, that releases the first transaction information only after the user authenticator has authenticated the identity of the user, and that releases the second information without requiring the user authenticator to have authenticated the identity of the user.
- According to another aspect of the present invention, a method involves steps of: storing first transaction information for a first media and second transaction information for a second media in at least one memory of a device; using the device to authenticate an identity of a user; releasing the first transaction information only after the identity of the user has been authenticated; and releasing the second transaction information without requiring the identity of the user to be authenticated.
- According to another aspect of the present invention, a system includes: a first device; and a second device having the first device releasably attached thereto such that, when the first device is attached to the second device, the second device causes the first device to generate a machine-readable code for only a predetermined, finite period of time after the first device is detached from the second device.
- According to another aspect of the present invention, a method involves a step of generating a machine-readable code on a device for only a predetermined, finite period of time.
- According to another aspect of the present invention, an apparatus includes: a portable substrate; a power supply supported by the substrate; and at least one controller supported by the substrate and powered by the power supply, the at least one controller being configured to generate a simulated magnetic stripe on the substrate.
- According to another aspect of the present invention, an method involves a step of generating a simulated magnetic stripe on a portable device.
- According to another aspect of the present invention, a system includes: at least one memory that stores transaction information for at least one media; a user authenticator that authenticates an identity of the user; and a display that provides a visual indication to the user regarding the at least one media, the visual indication being displayed for only a predetermined, finite period of time after the user authenticator has authenticated the identity of the user.
- According to another aspect of the present invention, a method involves steps of: authenticating an identity of a user; and displaying a visual indication to the user regarding the at least one media for only a predetermined, finite period of time after authenticating the identity of the user.
- According to another aspect of the present invention, a system includes a portable device that can be used to engage in point-of-sale (POS) transactions; and a device remote from the portable device, that can disable an ability of the portable device to engage in POS transactions.
- According to another aspect of the present invention, a method involves steps of: providing a portable device that can be used to engage in point-of-sale transactions; and at a location remote from the portable device, disabling an ability of the portable device to engage in POS transactions.
- According to another aspect of the present invention, a method involves steps of: storing transaction authorization information for at least two media in a first memory of a first device; and storing the transaction authorization information for the at least two media in a second memory, which is disposed at a location remote from the first device.
- According to another aspect of the present invention, a system includes: a first device; and a second device having the first device releasably attached thereto such that, when the first device is attached to the second device, the second device can cause the first device to generate a machine-readable code after the first device is detached from the second device, the second device including at least one controller configured so as to be capable of causing the first device to generate the machine-readable code only for a finite, predetermined period of time.
- According to another aspect of the present invention, a method involves a step of configuring a first device such that the first device is capable, for only a predetermined, finite period of time, of generating a machine-readable code on a second device.
- According to another aspect of the present invention, a method involves steps of: receiving information at a first device that has been transmitted over an electronic communication link; and after receiving the information at the first device, using a media at the first device to access a quantity of credit or cash reserves that could not be accessed prior to the first device receiving the information.
FIG. 1 is a block diagram illustrating an example of a network system in which a portable electronic authorization device (also referred to herein as a “Pocket Vault”) may be employed according to one embodiment of the invention;FIG. 2 is a block diagram showing an illustrative embodiment of the Pocket Vault shown inFIG. 1 ;FIG. 3 is a block diagram showing an illustrative embodiment of one of the interface stations shown inFIG. 1 ;FIG. 4 is a block diagram showing an illustrative embodiment of the network server(s) shown inFIG. 1 ;FIG. 5 is a diagram showing an example of how the memory of the Pocket Vault shown inFIG. 2 may be configured in accordance with one embodiment of the invention;FIG. 6 is a block diagram showing an illustrative embodiment of the token (e.g., a card) associated with the Pocket Vault shown inFIG. 2 ;FIG. 7 is a flow diagram illustrating a primary routine that may be executed by the controller of the Pocket Vault shown inFIG. 2 ;FIG. 8 is a flow diagram illustrating an example implementation of the PROCESS POCKET VAULT VALIDATION routine shown inFIG. 7 ;FIG. 9 is a flow diagram illustrating an example implementation of the UNAUTHORIZED HOLDER routine shown inFIG. 7 ;FIG. 10 is a flow diagram illustrating an example implementation of the AUTHORIZED HOLDER routine shown inFIG. 7 ;FIG. 11 is a flow diagram illustrating an example implementation of the PROCESS CARD TRANSACTION routine shown inFIG. 10 ;FIG. 12 is a flow diagram illustrating an example implementation of the VERIFY CARD RETURN routine shown inFIG. 7 ;FIG. 13 is a flow diagram illustrating an example implementation of a primary routine that may be executed by the controller of the pocket vault interface unit shown inFIG. 3 ;FIG. 14 is a flow diagram illustrating an example implementation of a primary routine that may be executed by the controller of the interface station computer shown inFIG. 3 ;FIG. 15 is a flow diagram illustrating an example implementation of the PROCESS REQUEST TO VALIDATE POCKET VAULT routine shown inFIG. 14 ;FIG. 16 is a flow diagram illustrating an example implementation of the PROCESS REQUEST TO UPDATE INFO ON POCKET VAULT routine shown inFIG. 14 ;FIG. 17 is a flow diagram illustrating an example implementation of the PROCESS REQUEST TO AUTHORIZE TRANSACTION routine inFIG. 14 ;FIG. 18 is a flow diagram illustrating an example implementation of the PROCESS UNSUCCESSFUL OPERATOR AUTHENTICATION routine shown inFIG. 14 ;FIG. 19 is a flow diagram illustrating an example implementation of a primary routine that may be executed by the controller(s) of the network server(s) shown inFIG. 4 ;FIG. 20 is a flow diagram illustrating an example implementation of the PROCESS REQUEST TO REGISTER NEW POCKET VAULT HOLDER routine shown inFIG. 19 ;FIG. 21 is a flow diagram illustrating an example implementation of the PROCESS REQUEST BY MEDIA ISSUER/ADVERTISER TO UPDATE NETWORK SERVER routine shown inFIG. 19 ;FIG. 22 is a flow diagram illustrating an example implementation of the PROCESS REQUEST TO UPDATE INFO ON POCKET VAULT routine shown inFIG. 19 ;FIG. 23 is a flow diagram illustrating an example implementation of the PROCESS REQUEST FROM HOLDER TO LOAD NEW FILE ONTO NETWORK SERVER routine shown inFIG. 19 ;FIG. 24 is a flow diagram illustrating an example implementation of the PROCESS REQUEST TO AUTHORIZE TRANSACTION routine shown inFIG. 19 ;FIG. 25 is a flow diagram illustrating an example implementation of the AUTHORIZED POCKET VAULT USE? routine shown in each ofFIGS. 20, 22 , and24; andFIGS. 26 a-26pare illustrations of the portable electronic authorization device, as well as the token (e.g., a card) associated therewith, as these items may appear when in use;FIG. 27 is a block diagram illustrating several additional features that may optionally be added to a network system such as that shown inFIG. 1 so as to enhance the functionality of the network;FIG. 28 is a block diagram illustrating example components that may optionally be added to software executing on a controller of the Pocket Vault, such as the software described in connection withFIGS. 7-12 , so as to enhance the functionality of the Pocket Vault in a network environment;FIG. 29 is a data flow diagram illustrating an example of how data may flow between the Pocket Vault and a user interface of an interface station computer to which the Pocket Vault is interfaced/docked;FIG. 30 is a flow diagram illustrating an example of a primary routine that may be executed by a website on the network server(s) shown inFIG. 27 , which website may be accessed, for example, by a browser executing on the interface station computer shown inFIG. 27 ;FIG. 31 is a flow diagram illustrating an example implementation of the INSTALL DRIVER(S) routine shown inFIG. 30 ;FIG. 32 is a flow diagram illustrating an example implementation of the NEW POCKET VAULT HOLDER routine shown inFIG. 30 ;FIG. 33 is a flow diagram illustrating an example implementation of the EXISTING POCKET VAULT HOLDER routine shown inFIG. 30 ;FIG. 34 is a flow diagram illustrating an example implementation of the CARD LOADING routine shown inFIG. 33 ;FIG. 35 is a flow diagram illustrating an example implementation of the SYNCHRONIZATION routine shown inFIG. 33 ;FIG. 36 is a flow diagram illustrating an example implementation of the RECOVERY routine shown inFIG. 33 ;FIG. 37 is a flow diagram illustrating an example implementation of the IDENTITY PORTING SELECTION routine shown inFIG. 33 ;FIG. 38 is a flow diagram illustrating an example implementation of the BACKUP routine shown inFIG. 33 ; andFIG. 39 is a flow diagram illustrating an example implementation of the SET PREFERENCES routine shown inFIG. 33 .- A new method and system for producing, distributing, storing, and using the typical contents of an individual's wallet is disclosed herein. Essentially, the system may enable individuals to replace nearly all of the paper and plastic contents of their wallets with a single, hand-held portable electronic authorization device. The system may include the portable electronic authorization devices, removable morphing tokens or cards associated with such devices, associated computer peripherals, software and certain network capabilities. As a whole, the system may eliminate virtually all of the distribution costs and security concerns associated with paper and plastic media.
- Because the device may incorporate many different media that are commonly stored in a person's wallet, possibly including both financial and non-financial media, it is much more than a simple point-of-sale (POS) device. Therefore, the device may be more appropriately referred to as a multi-purpose, “point-of-transaction” device. In any situation of presentment, whether for purposes such as building security, demonstrating membership or using credit or debit capacity, the system is designed to perform tasks more safely, securely and with greater ease than is possible with prior art systems. Further, while certain computer technologies are involved, the preferred embodiment is such that some people may barely recognize it as a computer, seeing instead a more comfortable to carry, easier-to-use, safer and more securely packaged means of transporting typical wallet contents.
- The system's business model may comprise an independent organization acting as a media-neutral, multi-service provider of other issuers' various financial and non-financial media, that also may enable individuals and retailers to add or create their own secure (and where appropriate, non-secure media) using a device with a self-contained set of authentication security features, which may even be password-free. This device may operate over existing financial transaction networks, while also having links to a highly secure network system for certain functionality. The self-contained authentication functionality of the device itself ensures privacy, while providing sufficient accountability/traceability to satisfy law enforcement concerns.
- A
network system 100 configured according to one illustrative embodiment of the invention is shown inFIG. 1 . As shown, thenetwork system 100 may include a portable electronic authorization device102 (alternatively referred to herein as a “Pocket Vault”) and an associated token102a(alternatively referred to herein as a “Chameleon Card”). Each person desiring to use thenetwork system 100 may possess his or her own thePocket Vault 102 and associated token102a. Some individuals may choose to own multiple Pocket Vaults or Chameleon Cards. The system and software therefore may accommodate the use of multiple Pocket Vaults and multiple Chameleon Cards by one individual. - Referring to
FIG. 1 , in addition to thePocket Vault 102, thenetwork system 100 may include one ormore network servers 114 to which various other network components are coupled. Although multiple, load-sharingnetwork servers 114 may be employed in a typical application, the network server(s)114 will hereinafter, for convenience, occasionally be referred to as asingle network server 114. Coupled to thenetwork server 114 are: several different types of interface stations104 (i.e., avalidation interface station 104a, a personal interface station104b, and acommercial interface station 104c), one or morecommercial card readers 106, one or more commercialbar code readers 107, andseveral computers network system 100 in accordance with illustrative embodiments of the invention are described below. - As shown in
FIG. 1 , thenetwork server 114 may form the hub of thenetwork system 100, with each of theinterface stations 104, thecommercial card reader 106, the commercialbar code reader 107, and thecomputers network server 114 may therefore serve as: (1) a repository of information for the network, (2) the entity that controls access to the stored information by the other network devices, and (3) a service provider for financial and non-financial media issuers, advertisers, as well as Pocket Vault holders. - Any of a number of techniques may be used to interconnect the various elements of the
network system 100, and the invention is not limited to any particular networking technique. In one illustrative embodiment, for example, thenetwork server 114 is coupled to the other elements in thenetwork system 100 via the Internet or similar packet-switched communication system. Alternatively, dedicated or selectively established (e.g., using a dial-up modem) communication channels or time slots thereof may be employed between the respective devices. The connections between the network devices may be either hardwired (including fiber optic connections) or wireless (e.g., infrared (IR) or radio frequency (RF) links). - As shown in
FIG. 1 , thePocket Vault 102 may be interfaced with any of theinterface stations 104a-cso as to permit information to be uploaded from thenetwork server 114 to thePocket Vault 102, or to be downloaded from thePocket Vault 102 to thenetwork server 114. In one illustrative embodiment, each of theinterface stations 104 includes a docking mechanism that permits aPocket Vault 102 to be physically, as well as electronically, interfaced therewith. In such an embodiment, once thePocket Vault 102 is physically “docked” with aninterface station 104, thePocket Vault 102 may communicate with theinterface station 104 using any now known or later discovered technique. For example, physical contact may be made between respective electrodes or plugs, a line of sight (e.g., infrared) wireless link may be established, or any other interfacing technique may be employed. - The
Pocket Vault 102 may additionally or alternatively be configured such that it need not be physically docked with or even in the same room as theinterface station 104, as a wireless network such as Bluetooth may be employed to permit communication between devices on thenetwork system 100. In fact, in some embodiments wherein appropriate networking capabilities are provided, eachPocket Vault 102 may communicate directly with thenetwork server 114, without theinterface stations 104a-cfacilitating communication therebetween. In addition, in some embodiments, Pocket Vaults102 may communicate directly with one another. In such embodiments, such inter-device communication may permit value to be exchanged directly between Pocket Vaults102. - The personal docking station104bmay allow setting or changing of user preferences, recording of miscellaneous information by the Pocket Vault holder, replenishment or deletion of information regarding particular media, and may also permit additional media (e.g., a library card) to be added to the device. The Pocket Vault holder may, for example, directly add non-value-based media (e.g., a membership number for the local Historical Society) and notes to the
Pocket Vault 102. In one embodiment, value-based and certain identification media (a driver's license, passport, building security ID, etc.) may be added or reinstated only through a secure connection to the network server114 (as described below), in response to an update request from the Pocket Vault holder. In addition, the personal interface station may provide a mechanism to download transaction activity involving thePocket Vault 102 into an individual's home computer. There are many users of home finance software. These applications can be relatively “data hungry,” and commonly require users to download checking and debit card data from their banks (or key it in manually) and to key in the details of credit card and cash purchases. All of this keying and internet file downloading from third parties may be replaced by a simple docking procedure, i.e., when thePocket Vault 102 is interfaced with the personal docking station102b. - As shown in
FIG. 1 , and as described below in more detail, thePocket Vault 102 may be equipped to generate the token102asuch that the token102ahas transactional information regarding a media (e.g., a simulated magnetic stripe or a bar code) produced thereon. In such an embodiment, after the token102ahas been generated, the token102amay be used by the Pocket Vault holder to engage in a transaction wherein an entity swipes the simulated magnetic stripe of the token102athrough acard reader 106 or scans the bar code on the token102ausing abar code reader 107. Additionally or alternatively, the token102amay include a suitable Smartcard interface so that theChameleon Card 102 may be used with Smartcard compatible devices. - Because the token102amay be caused to take on a different personality each time it is released from the
Pocket Vault 102, a plurality of media may be stored electronically in memory of thePocket Vault 102, and the token102amay, upon request, be generated to take on the personality selected by the Pocket Vault holder. The respective media stored on thePocket Vault 102 may be issued by different and unrelated media issuers. As used herein, two media issuers are “unrelated” if there exists no legal relationship between them. The token102amay also have display capacity, sufficient to indicate the media personality that it has taken on. This may or may not include display of the specific identity that is temporarily encoded on the token102a. In some embodiments, value may be exchanged between twoPocket Vaults 102 when one thePocket Vault 102 generates a token102ahaving a value-based or value-linked media stored thereon, and the token102aso generated is passed to the other thePocket Vault 102, which then may then access the media and extract value therefrom or add value thereto. As mentioned above, this sort of value exchange may also be accomplished directly between twoPocket Vaults 102 over a wireless network, such as Bluetooth. - As discussed in more detail below, in addition to or in lieu of the token102a, the
Pocket Vault 102 may also generate a bar code for a selected media on the Pocket Vault's display (not shown inFIG. 1 ), and thebar code reader 107 may be used to scan the displayed bar code to process a transaction. Further, a transaction may be processed via acommercial interface station 104ceither by use of a docking terminal or via a wireless network scheme such a Bluetooth. In one embodiment, somecommercial interface stations 104cmay comprise an interface station linked to a standardcommercial card reader 106 or commercialbar code reader 107, with thecard reader 106 orbar code reader 107 being modified to accept input from the station. - To permit the Pocket Vault holder to select from among the various media stored in memory of the
Pocket Vault 102, thePocket Vault 102 may comprise a display (not shown inFIG. 1 ). By employing either a display having a user-manipulable touch screen or a separate user input device (not shown inFIG. 1 ), a Pocket Vault holder can effectively flip through the contents of thePocket Vault 102 to locate and select a desired media (e.g., a credit card, driver's license, library card, frequent flier card, etc.) much like a person can flip through the contents of his or her wallet to do the same. - The use of a display on the
Pocket Vault 102 also creates an opportunity for media providers to go from a static presentation of their brand (logo, etc.) to having the option of dynamic branding and messaging. In addition, using the display, the presentment of active marketing at the “moment of buying decision” is possible. Specifically, the logo and message displayed to the Pocket Vault holder may incorporate motion, moving images and messages. To conserve power, moving images may be presented only at certain times, e.g., in response to internal or external events or communications. - In the embodiment of
FIG. 1 , thecomputers network server 114, may represent a secure infrastructure of server databases capable of storing information for purposes of delivering personalized services to holders of Pocket Vaults102. Thenetwork server 114 may also track activity of Pocket Vault holders and compile marketing information based thereupon that may prove useful to media issuers and/or advertisers. The Pocket Vault holder may have control over the ability of thenetwork server 114 to track activity. The information maintained on thenetwork system 100 may originate with the holders of Pocket Vaults102 and/or may originate with the other entities having access to the network system100 (e.g., advertisers and media issuers). - As discussed below in more detail, in some embodiments of the invention, certain uses of the
Pocket Vault 102, as well as each of theinterface stations 104a-c,may be permitted only by pre-authorized individuals. To this end, a suitable user authentication technique may be employed in connection with each attempted use of any of these devices. One suitable user authentication technique that may be employed is the analysis of a bio-metric feature of the individual attempting use of the device (e.g., a fingerprint scan, retina scan, a speech pattern analysis, keystroke rhythm, etc.), and validating the identity of the individual on that basis. Alternatively or additionally, a personal identification (PIN) code may be entered by the holder to verify the holder's identity. In one illustrative embodiment, authentication information used to validate the holder's identity (e.g., the stored fingerprint and/or PIN code) is stored within the to-be-accessed device, and the validation is performed in its entirety on-board the same device, such that the user-specific authentication information never leaves the device in which it is stored. Thus, using this technique, the likelihood that such information will be intercepted by unauthorized third parties may be reduced significantly. - It should be appreciated that, for some applications, it may be desirable to receive and store authentication information (e.g., fingerprint data) of some or all Pocket Vault holders in the
network server 114. Accordingly, in some embodiments, such authentication information may be maintained by thenetwork server 114. This authentication information may be transmitted to thenetwork server 114, for example, when Pocket Vaults102 are first validated. - As discussed below, great care may be taken to ensure that only authorized individuals are permitted to validate
Pocket Vaults 102 by having their authentication information (e.g., their fingerprint data or PIN codes) stored therein. Therefore, after it has been confirmed that the holder's authentication information has been properly stored in thePocket Vault 102, a trust relationship may be established between thenetwork server 114 and thePocket Vault 102. This relationship may involve, for example, the registration of a unique encrypted chip ID of thePocket Vault 102 with thenetwork server 114 through a secure Internet connection, the distribution of a digital certificate (e.g., a PKI certificate) to thePocket Vault 102, and the grant of authority to thePocket Vault 102 to permanently store the Pocket Vault holder's authentication information. - A similar level of care may also be taken to ensure that only authorized individuals are permitted to validate
interface stations 104a-cby having their authentication information (e.g., their fingerprint data or PIN codes) stored therein. Therefore, as with the Pocket Vaults102, after it has been confirmed that each interface station's authorization information has been properly stored in theinterface station 104, a trust relationship may be set up between thenetwork server 114 and theinterface station 104. This relationship may also involve, for example, the registration of a unique encrypted chip ID of theinterface station 104 with thenetwork server 114 through a secure Internet connection, the distribution of a digital certificate to theinterface station 104, and the grant authority to theinterface station 104 to permanently store the interface station operator's authentication information. While, in some embodiments, thePocket Vault 102 and/or theinterface stations 104 are each permitted to store authentication information for only one individual, it should be appreciated that, in alternative embodiments, thePocket Vault 102 and/or theinterface stations 104 may each store authentication information for more than one individual, thereby permitting multiple people to use them. - Because of the creation of the above-described trust relationships, each
Pocket Vault 102 and eachinterface station 104 may communicate securely with thenetwork server 114, as well as with any other networked devices or sites that require a high-level of trust. Also, the existence of these trust relationships enable individual Pocket Vaults102 to accept other services provided by thenetwork servers 114, such as the backup and recovery of information stored within the Pocket Vaults102. That is, thenetwork servers 114 can serve as a repository for all of the information stored on every validated Pocket Vault102 (except the holder's authentication information—which, in some embodiments, is stored only in the Pocket Vault102). To ensure that thenetwork server 114 stores an accurate version of the contents of eachPocket Vault 102, information may, for example, be uploaded from thenetwork server 114 to aPocket Vault 102 or downloaded from thePocket Vault 102 to thenetwork server 114 each time thePocket Vault 102 is interfaced with any of theinterface stations 104a-c.Therefore, if aPocket Vault 102 is lost or stolen, the Pocket Vault holder need only obtain anew Pocket Vault 102, and the entire contents of the lostPocket Vault 102 can be uploaded thereto, in a single communication, in a matter of seconds. In addition, in the event that a validatedPocket Vault 102 is lost or stolen, thenetwork server 114 may void the chip ID of thatPocket Vault 102, so that thePocket Vault 102 cannot be used by a third party, even if the holder validation security (e.g., the bio-metric scanning or PIN entry requirement) is somehow breached. Voiding the chip ID of thePocket Vault 102 may, for example, prevent thePocket Vault 102 from assigning any media information to the associated Chameleon Card. - In addition to serving as a repository for Pocket Vault information, the
network server 114 may also serve as a repository for information regarding media issuers or advertisers, and may further provide various services to these entities. For example, thenetwork server 114 may facilitate transactions involving media issued by media issuers, and may permit new media to be issued or lost media to be replaced at a fraction of the cost of generating new physical tokens or replacing lost ones. Additionally, thenetwork server 114 may serve as a conduit for advertisers to target particular classes of Pocket Vault holders, and channel information to them. Thenetwork server 114 may also function as an advocate for Pocket Vault holders, advertisers, and/or media issuers when it utilizes its portfolio of Pocket Vault holders, media issuers, and/or advertisers to secure privileges. Examples of such advocacy include the ability to secure buying power for Pocket Vault holders as a group or to provide media issuers and advertisers with a highly efficient tool for generating awareness for affinities or causes that fit appropriate holder markets. In sum, the services provided by thenetwork server 114 enable Pocket Vault holders to combine and manage their media data using a single, hand-held device, and enables advertisers and media issuers to understand more about, and more readily reach more of, their customers than ever before. FIG. 2 shows an example embodiment of thePocket Vault 102 ofFIG. 1 . ThePocket Vault 102 may employ components similar to those used in modern personal digital assistants (PDAs) and palm top computers. Examples of such products include PDAs such as the “Palm Pilot” from Palm, Inc. (www.palm.com), and the “Casiopedia” from Casio, Inc. of Dover, N.J. (www.casio.com). As shown, thePocket Vault 102 may include acontroller 202, as well as atransceiver 204, auser input device 206, adocking interface 208, a read/write memory 210, a write-once memory 212, apower manager 214, anindicator 215, adisplay 216, atoken port 218, and afingerprint scanner 220, all coupled to thecontroller 202. In addition, thePocket Vault 102 may include a hard-wired memory (not shown) to store device serial numbers and key operating system and encryption software components.- Actual views of an example embodiment of the
Pocket Vault 102, as well as the token102aassociated therewith, are shown inFIGS. 26A-26P . The views of FIGS.26A-P, including the items displayed on thedisplay 216, are discussed in more detail below in connection with the flow diagrams ofFIGS. 7-12 . At this point, however, with reference to FIGS.26A-L and260, it may be noted that thePocket Vault 102 may comprise ahousing 2602 in which the components shown inFIG. 2 may be disposed. As illustrated inFIGS. 26E and 26F , thehousing 2602 may be approximately seventy millimeters wide, approximately one hundred millimeters long, and approximately fifteen millimeters deep. Thus, in the embodiment shown, thehousing 2602 has an internal volume of less than 105 cubic centimeters. Of course, in alternative embodiments, thehousing 2602 may be slightly larger or smaller than that shown. For example, in different embodiments, thehousing 2602 may have an internal volume of less than five hundred cubic centimeters, or less than four hundred cubic centimeters, or less than three hundred cubic centimeters, or less than two hundred cubic centimeters, or less than one hundred cubic centimeters, or less than any other volume value that falls between one hundred and five hundred centimeters. In one embodiment, thehousing 2602 is sized so that thePocket Vault 102 may readily fit into the rear pocket of a pair of pants. One feature of the illustrative embodiment of thePocket Vault 102 shown inFIG. 2 which may permit its size to be reduced below that of a standard personal computer is the fact that the embodiment shown lacks a disk drive (either hard or floppy) or any similar memory storage device (e.g., a tape drive) that consumes a significant volume within thehousing 2602. It should be appreciated, of course, that alternative embodiments may include such memory devices, and that the invention is not necessarily limited to embodiments that exclude them. In addition to the lack of a disk drive or the like, in some embodiments, thepower manager 214 may reduce the power consumption of the active components of thePocket Vault 102 well below that of a standard personal computer, thereby enabling a very small and light weight battery to be employed, as opposed to the relatively large and heavy batteries typically employed in personal computers. - The
housing 2602 may provide a water-resistant or waterproof environment for the components housed thereby. The housing materials of Pocket Vaults102 may be brightly colored, in addition to traditional black or brown, thereby helping their holders to make a fashion statement and/or permitting them to be readily spotted if misplaced. Deluxe versions may be clad in leather, Kevlar™, Gortex™, aluminum and/or stainless steel. In some embodiments, thehousing 2602 may even be woven into garments. - Referring again to
FIG. 2 , any of a number of devices may be used to implement thecontroller 202, and the invention is not limited to any particular type of controller. In one illustrative embodiment, for example, thecontroller 202 comprises a low-power multiprocessor or microcomputer having an on-board SRAM and/or flash memory and a real time clock calendar. One example of a suitable controller is the “Motorola Dragonball” Processor from Motorola, Inc. (www.motorola.com). Thecontroller 202 may include a software-programmable and encryption-protected or hard-wired unique chip ID. In one embodiment, this chip ID is released from thePocket Vault 102 only after the fingerprint scanner220 (discussed below) has successfully authenticated the identity of the holder. A signal processor for Bluetooth or another wireless connection may also be employed within or along with thecontroller 202. - The
transceiver 204 may be any type of transceiver (or separate transmitter and receiver) capable of communicating with the other devices in thenetwork 100 to enable the functionality described herein. For example, either an RF or an IR transceiver may be employed. Some embodiments may, in fact, include both an IR and an RF transceiver to be used in different applications. For example, an IR transceiver may be employed to interface the Pocket Vault with a “docking station” type interface unit, and a separate RF transceiver may be employed to communicate over a wireless network such as Bluetooth. - In one illustrative embodiment, the
user input device 206 is implemented as part of a touch-screen display used as the display216 (described below). Additionally or alternatively, theuser input device 206 may include dedicated buttons, a keypad, a touch pad, a microphone and speech recognition software, a wand or joystick, or any other suitable implement that permits a person to provide input to thecontroller 202. Theuser input device 206 may also be integrated into thefingerprint scanner 220 or into an alternative bio-metric input device. By manipulating theuser input device 206, a Pocket Vault holder may select one of a number of media stored in memory of thePocket Vault 102 for display and/or use in connection with a transaction, and may otherwise control or provide input to software executing on thecontroller 202. In one embodiment, a keypad is employed as theuser input device 206, thereby permitting the holder to input a PIN code as a means of authenticating the holder's identity. - The
docking interface 208 may take on any of numerous forms, and the invention is not limited to any particular type of interface device. Thedocking interface 208 may, for example, include a multi-pin plug adapted to mate with a receptacle disposed on theinterface units 104a-c,or vice versa. Thedocking interface 208 may also comprise one or more implements (e.g., grooves or keys) to ensure that the plug orother docking interface 208 mates correctly with the reciprocal device on aninterface unit 104 when the two are physically mated together. - The read/
write memory 210 may take on any of a number of forms, and the invention is not limited to any particular type of memory. Thememory 210 may, for example, comprise a suitable non-volatile SRAM. Similarly, any suitable memory device that permits a only single write operation to take place may be employed as the write-oncememory 212. Thememory 210 may have instructions stored therein which, when executed by thecontroller 202, cause thecontroller 202 to implement the routines/software described below in connection withFIGS. 7-12 and/orFIG. 28 . Of course, thememory 210 may also contain a suitable operating system (e.g., Palm OS, Microsoft's Windows CE, Microsoft's Windows for Smartcards, or some similar offering), appropriate device drivers, and other software employed in connection with thecontroller 202 and/or the peripherals thereof. Thememory 210 may also be used to store the various media and personal information retained by thePocket Vault 102. In one illustrative embodiment, thememory 210 stores a plurality of different media issued by different and unrelated media issuers, including both financial (e.g., a credit or debit card) and non-financial media (e.g., a drivers license or a library card). Other examples of media or information that may be stored in thememory 210 include: a social security card, identification cards, membership cards, discount cards, commuter passes, toll passes, transit cards, access tools such as hotel keys, business cards, coupons, concert and theatre tickets, transportation tickets, frequent customer cards (e.g., a frequent flier card), medical information cards, receipt information, photographs, etc. - As used herein, “financial media” refers to any media which can, as a matter of course, be used to purchase goods or services, whereas “non-financial media” refers to any media which, while possibly having some value to the Pocket Vault holder, cannot, as a matter of course, be used to purchase goods or services. Examples of financial media include value-linked and value-based media such as debit or credit cards issued by a bank or other financial institution, telephone calling cards, etc. Examples of non-financial media include: library cards, driver's licenses, building access cards, etc. In one embodiment, the
memory 210 is large enough to store as many as one hundred compressed graphic image files, and full data sets for as many as one hundred types of media. - In addition, the
memory 210 may store status information, where useful, for each type of media. Examples of this sort of status information include: information regarding the value remaining on a pre-paid phone card, information regarding an accumulated number of frequent flier miles, information regarding a total number of cups of coffee that have been purchased at a particular coffee shop (e.g., in connection with a buy-ten-get-one-free special), etc. The portion of thememory 210 devoted to memory storage may be divided into three sections: (1) a high-security section, (2) a medium security section, and (3) a non-secure section. The high security section may be used to store value-based or value-linked media such as debit and credit cards and certain ID information such as driver's licenses, passports, building security passes, etc. The medium security section may be used to store low-value, limited use media that may be accessed, for example, by retailers to keep track of frequent purchase credits or the like. The non-secure section may, for example, be used to store notes, membership ID records, emergency contact information, etc. Access to the information included in the various sections may require security or user authentication procedures commensurate with the indicated security level. For example, an accurate fingerprint scan and an accurate pin code entry may be required to access the high-security section, only an accurate PIN code entry (even by the retailer) may be required to access the medium-security section, and anyone may be permitted to access the non-secure section. - The
power manager 214 may comprise any of numerous devices, and the invention is not limited to any particular type of power supply/management device. The power manager may, for example, employ a flat, rechargeable, lithium battery, and associated regulator and power management software. Alternatively, the battery used may be non-rechargeable and/or coin cell-shaped. Solar powered cells may also be a viable option as at least a supplement to battery power, if not a primary source of power for thePocket Vault 102. This may be made possible because of the typically modest on-time requirements for aPocket Vault 102. Power management software may also assist in minimizing the power consumption of thePocket Vault 102. Such software may, for example, invoke an auto-shutdown feature after a preference-set number of seconds, may control the level of screen back-lighting in response to feedback received from a photo-sensor that registers ambient light, and/or may provide battery charge level warnings to Pocket Vault holders. - The
indicator 215 may be any device capable of generating a perceptible indication to the holder such as a bell, chime, buzzer, light, vibration, etc., and the invention is not limited to any particular type of device for accomplishing such a result. In one embodiment, for example, the indicator is a chime generator that generates a “chime” sound that can be heard by the Pocket Vault holder. - Any of a number of devices may also be used for the
display 216, and the invention is not limited to any particular type of display. As mentioned above, in one embodiment, a touch-screen display may be employed such that at least a portion of the functionality of theuser input device 206 may be incorporated therein. Suitable displays may, for example, include any of a black & white, gray-scaled, or color LCD display, or an LCD bi-stable display. - As mentioned above, the use of the
display 216, together with the user input device206 (which may constitute the touch-screen functionality of the display216) permits the Pocket Vault holder to flip or scroll through the various media stored in thememory 210 in much the same way as a person flips through the contents of his or her wallet. As mentioned above in connection with the description of theindicator 215, in addition to or in lieu of thedisplay 216, other user output devices may also be employed to provide information to the Pocket Vault holder. For example, light emitting diodes (LEDs), a beeper or buzzer, a speech synthesizer, a vibrator, etc., may be employed in some embodiments of thePocket Vault 102. - The
token port 218 of thePocket Vault 102 may comprise a cavity or slot in which the token102ais retained until it is released to be used to engage in a transaction, as well as the hardware employed to secure the token102ain place when the token102ahas not been authorized to be released. In one embodiment, the token102astores a unique (and possibly encrypted) chip ID which is accessible to another device only when the token102ais successfully released form thetoken port 218. In addition to the elements described above, thecard port 218 may include additional hardware employed in connection with properly generating or configuring the token102aprior to its release. This hardware is discussed in more detail below in connection withFIG. 6 . - The
fingerprint scanner 220 may comprise any device capable of accurately scanning a fingerprint of an individual for comparison with one or more fingerprint images stored in memory. Thefingerprint scanner 220 may, for example, be a solid-state (non-optical) device. Devices that may be suitable for use as thefingerprint scanner 220 are available, for example, from Veridicom, Inc., of Santa Clara, Calif. (www.veridicom.com), from Polaroid Corporation of Cambridge, Mass. (www.polaroid.com), and from Identix Incorporated of Sunnyvale, Calif. (www.identix.com). Thefingerprint scanner 220 may incorporate a temperature sensor that enables it to ensure that a live finger is contacting the scanning surface when the scanning function is employed. In addition to or in lieu of a fingerprint scanner, other bio-metric scanning devices may also be employed to verify the identity of the holder. For example, some embodiments may employ a charge coupled device (CCD) to serve as an iris or retina scanner, an optical sensor, and/or a voiceprint. Alternatively or additionally, a keystroke rhythm may be measured, either alone or in combination with another user authentication technique (e.g., a successful PIN code entry requirement), to validate the identity of the holder. Thefingerprint scanner 220 and/or other bio-metric scanners may have touch pad capabilities built into them, thereby permitting them to constitute at least a part of theuser input device 206 shown inFIG. 2 . FIG. 3 is a block diagram showing an example embodiment of one of theinterface stations 104a-cshown inFIG. 1 . The hardware employed to implement each of thestations 104a-cmay be identical to the others or may be substantially different, depending on the environment in which thestation 104 is to be used, as well as the functional requirements of the particular station. Therefore, while the example embodiment described herein may be suitable for use as any of the stations, it should be appreciated that each of the stations may, in fact, be configured quite differently than the others.- As shown in
FIG. 3 , eachinterface station 104 may include both an theinterface station computer 304 and a pocketvault interface unit 302. Theinterface station computer 304, for example, may be a standard desktop personal computer (PC), and may, as shown, comprise acontroller 308, auser input device 318, amemory 320, amodem 322, and adisplay 324. These components are well known in the art and therefore will not be described in detail herein. Thememory 320 of theinterface station computer 304 may have instructions stored therein which, when executed by thecontroller 308, cause the controller to implement the routine described below in connection withFIGS. 14-18 as well as any other software, e.g., a browser, drivers, etc., executing on theinterface station computer 304. - The pocket
vault interface unit 302 is coupled to theinterface station computer 304 such that acontroller 306 of the pocketvault interface unit 302 can communicate with thecontroller 308 of theinterface station computer 304. The communications interface between these devices may, for example, comprise a Smartcard, Bluetooth or USB interface. As shown, in addition to thecontroller 306, the pocketvault interface unit 302 may comprise atransceiver 310, adocking interface 312, afinger print scanner 316, astripe reader 315, and amemory 314. Further, although not shown inFIG. 3 , the pocketvault interface unit 302 may also comprise a display and/or another device used to provide feedback to the operator, e.g., an audio indicator or LED. - The
stripe reader 315 may be any conventional device for electronically reading the magnetic stripe on a token card such as a credit/debit card or drivers license. Thestripe reader 315 may be used, for example, to read information from a token card so that such information can be downloaded to thenetwork server 114 or thePocket Vault 102. - The
memory 314 may be any conventional memory suitable to store the software executed by thecontroller 306, as well as any data, e.g., stored fingerprint data, used in connection therewith. For example, thememory 314 of the pocketvault interface unit 302 may have instructions stored therein which, when executed by thecontroller 306, cause thecontroller 306 to implement the routine described below in connection withFIG. 13 . - As with the
transceiver 204 of thePocket Vault 102, thetransceiver 310 of the pocketvault interface unit 302 may be any type of transceiver (or separate transmitter and receiver) capable of communicating with the other devices in thenetwork 100 to enable the functionality described herein. For example, either an RF or an IR transceiver may be employed. Some embodiments may even include both an IR and an RF transceiver to be used in different applications. For example, an IR transceiver may be employed to interface the pocketvault interface unit 302 with aPocket Vault 102, and a separate RF transceiver may be employed to communicate over a wireless network such as Bluetooth. - As with the
docking interface 208 of thePocket Vault 102, thedocking interface 312 of the pocketvault interface unit 302 may take on any of numerous forms, and the invention is not limited to any particular type of interface device. Thedocking interface 312 may, for example, include a multi-pin plug adapted to mate with a receptacle used as thedocking interface 208 of aPocket Vault 102, or vice versa. Thedocking interface 312 may also comprise one or more implements (e.g., keys or grooves) to ensure that the plug or the like of thedocking interface 208 of thePocket Vault 102 mates correctly with the corresponding implement of thedocking interface 312 when thePocket Vault 102 and pocketvault interface unit 302 are physically mated together. - Finally, as with the
fingerprint scanner 220 of thePocket Vault 102, thefingerprint scanner 316 of the pocketvault interface unit 302 may comprise any device capable of accurately scanning a fingerprint of an individual for comparison with one or more fingerprint images stored in memory. Thefingerprint scanner 316 may, for example, be a solid-state (non-optical) device. Devices that may be suitable for use as thefingerprint scanner 220 are available, for example, from Veridicom, Inc., of Santa Clara, Calif. (www.veridicom.com), from Polaroid Corporation of Cambridge, Mass. (www.polaroid.com), and by Identix Incorporated of Sunnyvale, Calif. (www.identix.com). The fingerprint scanner may incorporate a temperature sensor that enables it to ensure that a live finger is contacting the scanning surface when the scanning function is performed. In addition to or in lieu of a fingerprint scanner, other bio-metric scanning devices may also be employed to verify the identity of the interface station operator. For example, some embodiments may employ a charge coupled device (CCD) to serve as an iris or retina scanner, an optical sensor, and/or a voiceprint. Alternatively or additionally, a keystroke rhythm may be measured, either alone or in combination with another user authentication technique (e.g., a successful PIN code entry requirement), to validate the identity of the operator. Although not shown, the pocketvault interface unit 302 may additionally comprise one or more user input devices enabling the operator to control or provide input to the pocketvault interface unit 302 or the software executing thereon. Thefingerprint scanner 316 and/or other bio-metric scanners may, for example, have touch pad capability capabilities built into them, thereby permitting them to constitute such a user input device. Separate user input devices may also be employed. FIG. 4 shows an example embodiment of thenetwork server 114 shown inFIG. 1 . As shown, thenetwork server 114 may comprise one ormore controllers 402, as well as alocal memory 404, adatabase 406, and atransceiver 408 coupled thereto. The illustrated components of thenetwork server 114 are well known, and therefore will not be described in detail. Thetransceiver 408 may, for example, be used to communicate with other devices in the network system100 (FIG. 1 ) using a wireless network such as Bluetooth. Thecontroller 404 may also communicate with other network devices via the Internet or a direct connection such as the type established using a dial up modem.- The
local memory 404 may have instructions stored therein which, when executed by thecontroller 402, cause thecontroller 402 to implement the routines described below in connection withFIGS. 19-25 and/orFIGS. 30-39 . In some embodiments, thelocal memory 404 and/ordatabase 406 act as a website and execute software which may be accessed by a browser or similar software module operating on a computer. One such embodiment is described below in connection withFIGS. 28-39 . - The
database 406 may, for example, comprise a relational database, and may be used to store the majority, if not all, of the data maintained by thenetwork server 114. Thedatabase 406 may, for example, keep a real-time record of critical reference data along with transaction histories, back-up files, and security audit trail information for key events. Examples of specific items that may be stored in the database406 include: a list of current Pocket Vault holders and appropriate contact information for each; records regarding the versions of software loaded onto each Pocket Vault102, each pocket vault interface unit302, and each interface station computer304; a list of currently authorized or registered Pocket Vaults102, identified by chip ID and linked to the holder list; a list of currently authorized or registered tokens102a, identified by chip ID and linked to the holder list; a list of currently authorized locations for interface stations104 and telephone or other access lines therefor, including business information for each such location and an indication as to the type of interface station104 it is (e.g., a validation interface station, a personal interface station, or a commercial interface station); a list of currently authorized or registered interface station operators and the interface stations104 with which they are associated; a list of currently authorized or registered interface stations104, identified by chip ID and linked to the list of authorized operators therefor, as well as encrypted cookie ID information (if any) for the respective interface stations104; authorized media data received from media issuers that has not yet been downloaded to individual Pocket Vaults102; backup data sets for individual Pocket Vault holders; detailed transaction histories for Pocket Vault registrations indicating where each Pocket Vault102 was shipped from and to, where each Pocket Vault102 was registered, which authorized interface station operator conducted the registration process, when that authorized operator was added to the list of authorized operators at a particular location, who submitted the key information to add the operator, which corporate representative associated with the network server114 met with which representative associated with the interface station in establishing each new location for a validation interface station104a, to whom and when each Pocket Vault102 was issued; and communication encryption protocols. Each Pocket Vault account defined on thenetwork server 114 may be defined to support multiple Pocket Vaults102, as well as to identify other family members who may share certain contents of the Pocket Vaults102 (e.g., family membership in a local museum). - The
network server 114 may analyze data regarding consumer transactions, and thereby accumulate demographic information. Using this information, merchants, media issuers, and/or advertisers may, for example, define targeted marketing programs, which thenetwork server 114 may then deliver to Pocket Vault holders that meet particular demographic profiles. FIG. 5 shows how thememory 210 of the Pocket Vault102 (FIG. 2 ) may be organized (conceptually) in accordance with one embodiment of the invention. The purpose of each of the illustrated memory components will be readily understood by those skilled in the art of the invention, and therefore will not be explained in detail.FIG. 6 is a block diagram showing an example embodiment of the token102ashown inFIGS. 1 and 2 . As shown, the token102 may be equipped with acontroller 602. In the embodiment shown, thecontroller 602 may be selectively programmed, for example, viainterface terminals 606 to generate a current in awire loop 608 so as to generate a magnetic field about thewire loop 608 that simulates a magnetic stripe of a standard credit card-like token. In other words, a magnetic field may be generated along the edge of the token102aas if a magnetic stripe were present on that edge. The location of the simulated magnetic stripe on the token102ais identified inFIG. 6 as a virtualmagnetic stripe 610.- Appropriate software may be loaded onto the controller602 (e.g., in an on-board memory of the controller602) so as to enable the controller to generate the virtual
magnetic stripe 610. When the token102ais disposed in thetoken port 218, theterminals 606 of the token102amay engage corresponding terminals of thetoken port 218, thereby enabling thecontroller 602 to be programmed appropriately. The programming of thecontroller 602 may be effected, for example, in response to commands from thecontroller 202 of thePocket Vault 102, which commands may be generated in response to software executing on thecontroller 202. - As shown, the
controller 602 may be powered by an appropriate resistor-capacitor (RC) circuit which stores a charge that decays over time. The RC circuit may be initially charged via theterminals 606 when the token102ais disposed in thetoken port 218 and thecontroller 602 is being programmed. After the token102ais removed from thetoken port 218, thecontroller 602 will remain powered only so long as sufficient charge remains stored by theRC circuit 604. Because thecontroller 602 can generate the virtualmagnetic stripe 610 only when it is driven by an adequate power supply, the virtual magnetic stripe will disappear after the charge in theRC circuit 604 has decayed beyond a certain threshold level. Because the decay of an RC circuit is reasonably predictable, the virtualmagnetic stripe 610 is disposed on the token102aonly for a finite, predetermined period of time after the token102ais removed from thetoken port 218. In one embodiment, after thecontroller 602 loses power, the information with which it was programmed to enable it to generate the virtualmagnetic stripe 610 is also lost. Therefore, the virtualmagnetic stripe 610 of the token102acannot be used again until thecontroller 602 is again powered up and reprogrammed. Alternatively, thecontroller 602 may cut off the power to thewire loop 608 after a preset amount of time or an amount of time determined by the Pocket Vault holder (possibly within preset limits). Additionally or alternatively, the token102amay have its own embedded chip ID, which may be accessible only when the token102ais successfully released form thetoken port 218. - In some embodiments, the token102amay possess the characteristics of a bank-issued Smartcard, either in addition to or in lieu of the virtual
magnetic stripe 610. Accordingly, the token102amay include a specialized Smartcard chip or thecontroller 602 may be programmed to mimic such a chip. In any event, the token102amay be preloaded with the bank's chip operating system (OS) and possibly customer-specific secure information. In such embodiments, the functionality of the Smartcard components may, for example, be enabled only in response to successful authentication of the Pocket Vault holder, e.g., using thefingerprint scanner 220 of thePocket Vault 102. Therefore, the customer-specific “Smartcard” information may remain inaccessible so long as the Pocket Vault holder's identity has not been authenticated using thePocket Vault 102. - As mentioned above,
FIGS. 7-12 are flow diagrams illustrating an example implementation of software that may be executed by thecontroller 202 of thePocket Vault 102. As described below, this or additional proprietary software may enable menu structures, handle preference management, provide the data on and safeguard the programmability of the virtual magnetic stripe610 (if so equipped), and ensure proper encryption data management. In one embodiment, local software for eachPocket Vault 102 and pocketvault interface station 104 may be upgraded from time to time by automatic download from thenetwork server 114. - During execution of the routines of
FIGS. 7-12 , various items may be displayed on thedisplay 216, including prompts or icons regarding user input options (when a touch-screen display is employed as thedisplay 216 or a point and click mechanism is employed herewith), and various items may also be displayed on the token102awhen the token102ais ejected from thetoken port 218 of thePocket Vault 102. FIGS.26A-P show examples of how thedisplay 216 and the token102amay appear as the routines ofFIGS. 7-12 are executed, and therefore will be discussed in connection with the description of these routines. FIG. 7 is a flow diagram illustrating an example implementation of aprimary routine 700 that may be executed by thecontroller 202 of thePocket Vault 102. Instructions for the routine700 may be stored, for example, in the “applications”section 508 of thememory 210 of thePocket Vault 102.- As shown, the routine700 begins at a
step 702, wherein it is determined whether the Pocket Vault holder has applied his/her fingerprint to thefingerprint scanner 220 of thePocket Vault 102. At thestep 702, thedisplay 216 of thePocket Vault 102 may appear as shown inFIG. 26A . That is, thedisplay 216 may be blank at thestep 702, as thePocket Vault 102 is currently powered down. - When, at the
step 702, it is determined that the holder has applied his/her fingerprint to thefingerprint scanner 220, the routine700 proceeds to astep 704, wherein thepower manager 214 powers on thePocket Vault 102. The routine700 otherwise waits at thestep 702 until the Pocket Vault holder has applied a fingerprint to thefingerprint scanner 220. Is should be appreciated, however, that, in some embodiments, thestep 702 may not represent an instruction set executed by theprocessor 202. Instead, thestep 702 may represent the detection of the occurrence of a physical action, e.g., the activation of a hardware switch, and thepower manager 214 may be activated in response to the detection of such an action, without requiring intervention by theprocessor 202. - After the
step 704, the routine700 proceeds to astep 706, wherein thefingerprint scanner 220 scans the applied fingerprint of the Pocket Vault holder. - After the
step 706, the routine700 proceeds to astep 708, wherein it is determined whether thePocket Vault 102 has been validated. In one embodiment, thePocket Vault 102 is not validated until: (1) a user's fingerprints have been stored in the fingerprint memory (e.g., the write-once memory 212 ofFIG. 2 ), and (2) thePocket Vault 102 has received and stored encrypted validation information (e.g., a PKI certificate) from thenetwork server 114, as described below. - When, at the
step 708, it is determined that thePocket Vault 102 has not yet been validated, the routine700 proceeds to astep 710, wherein a PROCESS POCKET VAULT VALIDATION routine (described below in connection withFIG. 8 ) is executed. - When, at the
step 708, it is determined that thePocket Vault 102 has already been validated, the routine700 proceeds to astep 712, wherein it is determined whetherPocket Vault 102 has been authenticated, e.g., whether the fingerprint scanned at thestep 706 matches one of the fingerprints stored in thefingerprint memory 212. - When, at the
step 712, it is determined that the Pocket Vault has not been properly authenticated, the routine700 proceeds to astep 714, wherein an UNAUTHORIZED HOLDER routine (discussed below in connection withFIG. 9 ) is executed. FIGS.26B-D show how thedisplay 216 of thePocket Vault 102 may appear during the UNAUTHORIZED HOLDER routine, and therefore are also discussed below in connection withFIG. 9 . - When, at the
step 712, it is determined that thePocket Vault 102 has been properly authenticated, the routine700 proceeds to astep 713, wherein an encrypted message including the unique Pocket Vault chip ID is transmitted to the pocketvault interface unit 302, in the event that thePocket Vault 102 is interfaced or in communication with such a device. - In some embodiments, before a Pocket Vault holder is granted access to the contents of his or her
Pocket Vault 102, a check may be made to ensure that the components used to interface thePocket Vault 102 with the other components in the network100 (either wirelessly or directly) are in place and operating correctly, and have not been compromised. Alternatively, the operability and integrity of such components may be checked just prior to their use. - Moreover, in some embodiments, prior to granting a holder access to the contents of the
Pocket Vault 102, a check may be made to ensure that the contents of thePocket Vault 102 have been updated recently. For example, thePocket Vault 102 may forbid its holder from accessing its contents if thePocket Vault 102 has not been updated at least48 hours (or some other specified time period) prior to the attempted use. Updating of thePocket Vault 102 may be accomplished, for example, using the synchronization or backup and recovery methods described herein. - After the
step 713, the routine700 proceeds to astep 716, wherein it is determined whether the Chameleon Card (i.e., the token102a) is presently on-board the Pocket Vault102 (i.e., whether the token102ais disposed within thecard port 218 ofFIG. 2 ). - When, at the
step 716, it is determined that the token102ais not on-board thePocket Vault 102, the routine700 proceeds to astep 718, wherein the Pocket Vault holder is informed that the Chameleon Card is not on board, and is asked whether he/she wants to engage in a non-card transaction (i.e., a transaction not involving the token102a). - After the
step 718, the routine700 proceeds to astep 720, wherein it is determined whether the holder has selected to engage in a non-card transaction. - When, at the
step 720, it is determined that the holder has selected not to engage in a non-card transaction, routine700 returns to the step716 (described above), wherein it is again determined whether the Chameleon Card is on board thePocket Vault 102. Therefore, the holder is permitted to engage in a transaction involving the Chameleon Card only when it has been confirmed that the Chameleon Card is on board thePocket Vault 102. - When, at the
step 720, it is determined that the holder has selected to engage in a non-card transaction, the routine700 proceeds to thestep 722, wherein the AUTHORIZED HOLDER routine (discussed below in connection withFIGS. 10 and 11 ) is executed. - When, at the
step 716, it is determined that the Chameleon Card is on-board thePocket Vault 102, the routine700 also proceeds to thestep 722, wherein the AUTHORIZED HOLDER routine (discussed below in connection withFIGS. 10 and 11 ) is executed. FIGS.26G-N and26P show how thedisplay 216 of thePocket Vault 102 and the token102aejected therefrom may appear (when employed) during the AUTHORIZED HOLDER routine, and therefore are also discussed below in connection withFIGS. 10 and 11 . - After each of the
steps step 724, wherein the VERIFY CARD RETURN routine (discussed below in connection withFIG. 12 ) is executed.FIG. 260 shows how thedisplay 216 of thePocket Vault 102 may appear during the VERIFY CARD RETURN routine, and therefore is also discussed below in connection withFIG. 12 . - After the
step 724, the routine700 proceeds to astep 726, wherein the screen of thedisplay 216 is caused to flash to indicate that thePocket Vault 102 is being shut down. - After the
step 726, the routine700 proceeds to astep 728, wherein thePocket Vault 102 is powered down. - After the
step 728, the routine700 returns to thestep 702, wherein thePocket Vault 102 again waits for a fingerprint to be applied to thefingerprint scanner 220, and wherein thedisplay 216 may again appear as shown inFIG. 26A . FIG. 8 is a flow diagram illustrating an example embodiment of the PROCESS POCKET VAULT VALIDATION routine shown inFIG. 7 (step710).- As shown, the routine710 begins at a
step 801, wherein the holder is informed (e.g., on the display216) that thePocket Vault 102 is not currently validated, and that the holder must interface thePocket Vault 102 with aninterface unit 302 of an appropriate interface station104 (e.g., avalidation interface station 104a) if the holder desires to validate thePocket Vault 102. - After the
step 801, the routine710 proceeds to step802, wherein it is determined whether thePocket Vault 102 has been interfaced with anappropriate interface unit 302. - When, at the
step 802, it is determined that thepocket vault 102 has not yet been interfaced with anappropriate interface unit 302, the routine710 returns to the step801 (discussed above). - When, at the
step 802, it is determined that thePocket Vault 102 has been interfaced with anappropriate interface unit 302, the routine710 proceeds to astep 803, wherein it is determined whether the fingerprint memory, e.g., the write-once memory 212, is empty. - When, at the
step 803, it is determined that the fingerprint memory is empty, the routine710 proceeds to astep 804a, wherein the holder is prompted to apply a fingerprint from one finger of his or her left hand to thefingerprint scanner 220, waiting for a “beep” to be emitted (e.g., by indicator215) after each fingerprint application. - Next, during steps806a-810a,the routine proceeds until the fingerprint of the selected finger has been scanned three times successfully.
- After the steps806a-810a,the routine proceeds to a
step 804b, wherein the holder is prompted to apply a fingerprint from one finger of his or her right hand to thefingerprint scanner 220, waiting for a “beep” to be emitted (e.g., by indicator215) after each fingerprint application. - Next, during
steps 806b-810b,the routine proceeds until the fingerprint of the selected finger has been scanned three times successfully. - After completing the
steps 806b-810b,when a total of six fingerprints have been stored in memory, the routine710 proceeds to astep 812, wherein an encrypted message including the pocket vault ID is transmitted to theinterface unit 302, for ultimate transmission to thenetwork server 114. - When, at the
step 803, it is determined that the fingerprint memory, e.g., the write-once memory 212, is not empty, the routine710 proceeds to astep 811, wherein it is determined whether the fingerprint scanned at the step706 (FIG. 7 ) matches one of the stored fingerprints. - When, at the
step 811, it is determined that the fingerprint scanned at thestep 706 does match one of the stored fingerprints, the routine710 proceeds to the step812 (discussed above). - When, at the
step 811, it is determined that the fingerprint scanned at thestep 706 does not match any of the stored fingerprints, the routine710 proceeds to astep 818, wherein an indication (e.g., a message on thedisplay 216 or an audio signal from the indicator215) is generated to inform the holder that the validation attempt was unsuccessful. - After the
step 818, the routine710 terminates. - After the
step 812, the routine710 waits atsteps interface unit 302. This encrypted validation information may, for example, be received by thePocket Vault 102 via either thedocking interface 208 or thetransceiver 204 of the pocketvault interface unit 302 of avalidation interface station 104a. As discussed in more detail below, this encrypted validation information may, for example, be generated by thenetwork server 114 and forwarded to the pocketvault interface unit 302 of avalidation interface station 104a(via theinterface station computer 304 of thevalidation interface station 104a) after certain conditions have been met. Thenetwork server 114 may therefore ultimately determine whether eachPocket Vault 102 is permitted to receive this validation information. - When, at the
step 816, it is determined that the time-out period has elapsed, the routine710 proceeds to the step818 (discussed above). - When, at the
step 814, it is determined that encrypted validation information has been received before the timeout period of thestep 816 has elapsed, the routine710 proceeds to a step820, wherein the validation information is stored in memory. - After the step820, the routine710 proceeds to a
step 822, wherein an indication (e.g., a message on thedisplay 216 or an audio signal from theindicator 215 of the Pocket Vault102) is generated to inform the holder that thePocket Vault 102 has been successfully validated. - After the
step 822, the routine710 terminates. FIG. 9 is a flow diagram illustrating an example implementation of the UNAUTHORIZED HOLDER routine shown inFIG. 7 (step714).- As shown, the routine714 begins at a
step 902, wherein a menu is displayed on thedisplay 216 that permits the holder to select one of several options: (1) TRY AGAIN, (2) POCKET VAULT RETURN INFORMATION, (3) EMERGENCY INFORMATION, or (4) END SESSION.FIG. 26B shows how thedisplay 216 may appear when thestep 902 is reached. As shown, textual information and/or icons representing the various menu options may be displayed to the holder. - After the
step 902, the routine714 proceeds to astep 904, wherein the routine714 waits for one of the displayed menu items to be selected by the holder (e.g., when the holder touches the location on the screen of thedisplay 216 at which the menu item is displayed). - After one of the menu items has been selected at the
step 904, the routine714 proceeds to astep 906, wherein it is determined whether the TRY AGAIN option was selected. By selecting TRY AGAIN, the holder may request that the holder again be permitted to attempt to access the secure contents of thePocket Vault 102 by reapplying the holder's fingerprint to thefingerprint scanner 220. - When, at the
step 906, it is determined that the user has selected the TRY AGAIN option, the routine714 proceeds to astep 912, wherein it is determined whether this is the third sequential time that the scanned fingerprint has failed to match the fingerprint stored in memory. - When, at the
step 912, it is determined that three sequential failed matches have occurred, the routine714 proceeds to a step914, wherein certain security precautions are taken in light of the multiple failed attempts to match the holder's fingerprint with that stored in thePocket Vault 102. For example, when multiple failed matches have occurred, the Pocket Vault's secure memory may be erased, a security alert message may be broadcast by thetransceiver 204 and/or any other prudent steps may be taken to ensure that an unauthorized user does not access the Pocket Vault's sensitive contents. - After the step914, the routine714 terminates.
- When, at the
step 912, it is determined that this is not the third consecutive time that the holder's fingerprint has failed to match that stored in the Pocket Vault's memory, the routine714 terminates, and the holder may then again attempt (at the step702) to access thePocket Vault 102 by reapplying his/her fingerprint to thefingerprint scanner 220. - When, at the
step 906, it is determined that the TRY AGAIN option has not been selected, the routine714 proceeds to astep 908, wherein it is determined whether there exist any nested menu items for the menu item selected at thestep 904. - When, at the
step 908, it is determined that nested menu items do exist for the selected menu item, the routine714 proceeds to astep 910, wherein the nested menu items for the selected menu item are displayed to the holder on thedisplay 216. - After the
step 910, the routine714 returns to thestep 904, wherein the routine714 again waits for the holder to select one of the displayed menu items. - When, at the
step 908, it is determined that no nested menu items exist for the selected menu item, the routine714 proceeds to astep 916, wherein it is determined whether the END SESSION option has been selected. - When, at the
step 916, it is determined that the END SESSION option has been selected, the routine714 terminates. - When, at the
step 916, it is determined that the END SESSION option has not been selected, the routine714 proceeds to astep 918, wherein the information, if any, for the selected menu item is displayed to the holder on thedisplay 216. Because thestep 918 is reached only after a failed attempt to match the holder's fingerprint with that stored in the memory of thePocket Vault 102, the information displayed at thestep 918 may, for example, include information as to where thePocket Vault 102 may be returned if it is found by someone other than the Pocket Vault holder (seeFIG. 26C ), or may be emergency information regarding the holder such as the holder's blood type, allergies, persons to contact in case of an emergency, etc. (seeFIG. 26D ). It should be appreciated that any of a number of non-secure media may be selected using the menu access routine discussed above in connection with steps904-910, and may be displayed to the person accessing thePocket Vault 102, regardless of the identity of that person. Of course, this non-secure information may be information that the holder would not mind falling into the hands of a stranger should the holder misplace or have his/herPocket Vault 102 stolen. - After the
step 918, the routine714 proceeds to astep 920, wherein after a delay of a certain period of time (e.g., thirty seconds), the holder is prompted to reapply his/her fingerprint within a particular period of time (e.g., ten seconds) to avoid shut down of thePocket Vault 102. - After the
step 920, the routine714 proceeds to astep 922, wherein it is determined whether a fingerprint has been reapplied to thefingerprint scanner 220 within ten seconds. - When, at the
step 922, it is determined that a fingerprint has been reapplied to thefingerprint scanner 220 within ten seconds, the routine714 returns to the step918 (discussed above), wherein the selected information is again displayed to the user. - When, at the
step 922, it is determined that a fingerprint has not been reapplied to thefingerprint scanner 220 within ten seconds, the routine714 terminates. FIG. 10 is a flow diagram illustrating an example implementation of the AUTHORIZED HOLDER routine ofFIG. 7 (step722).- As shown, the routine722 begins at a
step 1002, wherein it is determined whether an advertisement is scheduled for display on thePocket Vault 102. Information regarding whether certain advertisements are to be displayed by thePocket Vault 102 may have been uploaded, for example, from the personal interface station104bin response to the holder previously interfacing thePocket Vault 102 with the personal interface station104bto synchronize the contents of thePocket Vault 102 with information stored on thenetwork server 114. The advertiser108 (FIG. 1 ) may, for example, have made arrangements with the company operating thenetwork server 114 to have certain advertising information uploaded toPocket Vaults 102 when particular Pocket Vault holders interface their Pocket Vaults102 with their personal interface stations104b. - When, at the
step 1002, it is determined that an advertisement has been scheduled, the routine722 proceeds to astep 1004, wherein the scheduled advertisement is displayed, for example, for approximately two seconds.FIG. 26I shows an example of how thedisplay 216 may appear when such an advertisement is displayed. - After the
step 1004, the routine722 proceeds to astep 1006, wherein a “welcome screen” is displayed for a brief period (e.g., one second).FIG. 26G shows an example of how thedisplay 216 may appear when such a welcome screen is displayed. - When, at the
step 1002, it is determined that an advertisement is not scheduled, the routine722 proceeds immediately to thestep 1006, and no advertisement is displayed to the Pocket Vault holder. - After the
step 1006, the routine722 proceeds to astep 1008, wherein it is determined whether a “preferred” menu has been selected or pre-set for initial display to the Pocket Vault holder. - When, at the
step 1008, it is determined that a preferred menu has been selected or pre-set, the routine722 proceeds to astep 1012, wherein thedisplay 216 fades to the preferred menu.FIGS. 26H and 26J show examples of how thedisplay 216 may appear when such a preferred menu is displayed. In the example ofFIG. 26H , the preferred menu immediately shows the holder's preferred credit card as the selected menu item. Should the holder opt to use this media to engage in a transaction, the holder can simply choose the media directly. Alternatively, the holder may opt to access the HOME menu or other menu items by selecting appropriate icons displayed on the screen. In the example ofFIG. 26J , the preferred menu immediately shows, perhaps, a selected group of the holder's most frequently used menu items. - When, at the
step 1008, it is determined that a preferred menu has not been selected or pre-set, the routine722 proceeds to astep 1010, wherein thedisplay 216 fades to a standard HOME menu of secure items.FIG. 26L shows an example of how thedisplay 216 may appear when the HOME menu is displayed. - After either one of the
steps step 1014, wherein the routine722 waits for the holder to select one of the displayed menu items. - When, at the
step 1014, it is determined that the holder has selected a particular menu item, the routine722 proceeds to astep 1016, wherein it is determined whether the holder has selected to enter or return to the HOME menu. - When, at the
step 1016, it is determined that the holder has selected the HOME option, the routine722 proceeds to thestep 1010, wherein the HOME menu of secure items is displayed. - When, at the
step 1016, it is determined that the holder has selected a menu item other than the HOME option, the routine722 proceeds to astep 1018, wherein it is determined whether there exist any nested menu items for the selected menu item. - When, at the
step 1018, it is determined that nested menu items do exist for the selected menu item, the routine722 proceeds to astep 1020, wherein the nested menu items for the selected menu item are displayed. Thus, the holder may work his/her way through various layers of menu items until the desired menu item is reached. It should be appreciated that the menu items on the higher-level layers therefore may be categorized so as to enable the holder to quickly reach the desired media or other menu option. - When, at the
step 1018, it is determined that no nested menu items exist for the selected menu item, the routine722 proceeds to astep 1022, wherein it is determined whether the holder has selected a media from among the available menu items. - When, at the
step 1022, it is determined that the holder has not selected a media, the routine722 proceeds to astep 1040, wherein information relating to the selected non-media item may be displayed, or some other function may performed in accordance with the holder's selection. A non-media menu selection may involve, for example, preference settings for certain functional aspects of thePocket Vault 102, e.g., whether the holder has a preferred secure menu (see step1008). Preferences for the services or the device can be selected and, as appropriate, distributed to thePocket Vault 102 either on the spot or the next time thePocket Vault 102 is interfaced with anappropriate interface station 104. Preferences may, for example, include definition of home pages, connection of secure and non-secure media, order of media presentment, sort orders, user interface options, synchronization defaults, etc. Preferences that determine which items are displayed on the home page or on other pages may be defined. For example, a Pocket Vault holder may set up three preference sets: one for “business,” one for “personal,” and one for “vacation.” The “personal” and “business” preference sets may be set to be effective at different times of the day and/or different days of the week. The “vacation” preference set may be made effective for specific blocks of time determined by the Pocket Vault holder, possibly overriding the normal timing of the “personal” and “business” sets. The Pocket Vault holder may choose to establish the various preference settings based on his or her judgment or he or she may choose to allow thenetwork server 114, supported by various databases, knowledge of the Pocket vault holder's various media and goals set by the Pocket Vault holder (e.g., minimize interest cost on credit cards or maximize frequent flyer miles, etc.), to determine optimal media use patterns and resulting media menu contents for a particular Pocket Vault holder. Preferences may also be defined between media that will link them for: (a) affiliate credits (like frequent flyer miles) that may be automatically presented to a merchant and tracked for a holder, (b) available discounts afforded by a membership (like senior citizen or AAA discounts), and/or (c) process improvement purposes (e.g., when information needs to be presented in a certain order to work properly). For example, a linkage preference may facilitate presentation of a discount card before presentation of a payment card when buying groceries. - After the
step 1040, the routine722 proceeds to astep 1042, wherein the holder is prompted either to END the session, or to return to the HOME menu. - After the
step 1042, the routine722 proceeds to astep 1044, wherein it is determined whether the holder has opted to END the session or to return to the HOME menu. - When, at the
step 1044, it is determined that the holder has selected to return to the HOME menu, the routine722 proceeds to the step1010 (discussed above). - When, at the
step 1044, it is determined that the holder has opted to END the session, the routine722 terminates. - When, at the
step 1022, it is determined that the holder has selected a media from the displayed menu items, the routine722 proceeds to astep 1024, wherein the selected media is displayed to the holder on thedisplay 216. The selected media may, for example, be a particular credit card, in which case the name of the credit card and/or the logo for the credit card and any preferred advertisement, specials, etc., for the selected media may be displayed to the holder as well. - After the
step 1024, the routine722 proceeds to astep 1026, wherein the holder is prompted to choose to: (1) EJECT the card, (2) to invoke a WIRELESS transaction, or (3) to return to the HOME menu. - After the
step 1026, the routine722 proceeds to astep 1028, wherein it is determined which of these three options has been selected by the holder. - When, at the
step 1028, it is determined that the holder has opted to return to the HOME menu, the routine722 proceeds to the step1010 (discussed above). - When, at the
step 1028, it is determined that the holder has selected the EJECT card option, the routine722 proceeds to astep 1032, wherein it is determined whether the Chameleon Card is on board the Pocket Vault102 (i.e., whether the token102ais disposed in the token port218). - When, at the
step 1032, it is determined that the Chameleon Card is not on board thePocket Vault 102, the routine722 proceeds to astep 1034, wherein the holder is informed that the Chameleon Card is not on board thePocket Vault 102. - After the
step 1034, the routine722 proceeds to the step1026 (discussed above). - When, at the
step 1032, it is determined that the Chameleon Card is on board thePocket Vault 102, the routine722 proceeds to astep 1036, wherein the PROCESS CARD TRANSACTION routine (discussed below in connection withFIG. 11 ) is executed. - After the
step 1036, the routine722 proceeds to astep 1038, wherein the VERIFY CARD RETURN routine (discussed below in connection withFIG. 12 ) is executed. - After the
step 1038, the routine722 proceeds to the step1042 (discussed above). - When, at the
step 1028, it is determined that the holder has opted to invoke a wireless transaction, the routine722 proceeds to astep 1030, wherein the wireless transaction involving the selected media is executed. This wireless transaction may be invoked, for example, using thetransceiver 204 of thePocket Vault 102 to communicate with the transceiver310 (FIG. 3 ) of acommercial interface station 104c(FIG. 1 ) over a wireless network, such as Bluetooth. As mentioned above, in embodiments that permit wireless transactions, a check of the wireless components may be made (e.g., verifying that an internal antenna (not shown) is in place and connected, and that related circuitry is not defeated or compromised in any way), prior to granting the holder access to the contents of thePocket Vault 102. Alternatively, such a check may be made in response to such a wireless transaction being requested, e.g., at thestep 1030. - After the
step 1030, the routine722 proceeds to the step1042 (discussed above). FIG. 11 is a flow diagram illustrating an example implementation of the PROCESS CARD TRANSACTION routine ofFIG. 10 (step1036).- As shown, the routine1036 begins at a
step 1102, wherein the Chameleon Card is configured to carry the selected media, and is ejected from the card port218 (FIG. 2 ). As discussed above, the token102amay be configured to carry the selected media in any of a number of ways, and the invention is not limited to any particular type of configuration technique. The card may be configured, for example, by causing it to generate a simulated magnetic stripe for a limited period of time, by causing it to have a bar code disposed on it for a limited period of time, or simply by causing a card number to be visibly disposed on it for a limited period of time. One example of technology that may be employed to cause information to appear temporarily on the token102ais available from E-ink (www.Eink.com). It should be appreciated, of course, that the card need not be temporarily configured in all embodiments, and may alternatively be configured in a more permanent manner in some embodiments. - After the
step 1102, the routine1036 proceeds to astep 1104, wherein the selected media is grayed out on thedisplay 216 to indicate that the media is currently in use by the Chameleon Card. When the selected media is grayed out, the Pocket Vault's ability to configure another Chameleon Card with the grayed out media may also be disabled. Therefore, in such an embodiment, even if the Pocket Vault holder had an additional Chameleon Card available, thePocket Vault 102 would be incapable of loading that media onto that Chameleon Card. - After the
step 1104, the routine1036 proceeds to astep 1106, wherein it is determined whether the selected media has stored value associated with it. The selected media may, for example, represent a pre-paid calling card from which value is deducted each time the media is used in a particular transaction, or a frequent flier card to which value (e.g., miles) is added in connection with each airline ticket purchased. - When, at the
step 1106, it is determined that the selected media does have stored value associated with it, the routine1036 proceeds to astep 1108, wherein a “stored value flag” (discussed below in connection withstep 1126 of routine1036 (FIG. 11 ) andstep 1212 of routine724 (FIG. 12 )) is set to TRUE. - After the
step 1108, the routine1036 proceeds to astep 1110, wherein it is determined whether the holder has set a default option so as to permit the holder to maintain expense records by recording transactions into registers assigned to expense categories. - When, at the
step 1106, it is determined that the selected media does not have stored value associated with it, the routine1036 proceeds immediately to thestep 1110. - When, at the
step 1110, it is determined that the holder has not opted for the ability to maintain expense records, the routine1036 terminates. - When, at the
step 1110, it is determined that the holder has opted for the ability to maintain expense records, the routine1036 proceeds to astep 1112, wherein the holder is prompted to decide whether to record the currently-pending transaction. - After the
step 1112, the routine1036 proceeds to a step1114, wherein it is determined whether the holder has opted to record the pending transaction. - When, at the step1114, it is determined that the holder has not opted to record the transaction, the routine1036 terminates.
- When, at the step1114, it is determined that the holder has opted to record the transaction, the routine1036 proceeds to a
step 1116, wherein a menu including a number of options involving expense categories are displayed to the holder on thedisplay 216. - After the
step 1116, the routine1036 proceeds to astep 1118, wherein the routine1036 waits for the holder to select one of the displayed menu options. - When, at the
step 1118, it is determined that the holder has selected a menu item, the routine1036 proceeds to astep 1120, wherein it is determined whether the holder selected the SKIP RECORD option, e.g., when the holder has changed his or her mind and opted not to record a particular transaction. - When, at the
step 1120, it is determined that the holder has selected the SKIP RECORD option, the routine1036 terminates. - When, at the
step 1120, it is determined that holder has not selected the SKIP RECORD option, the routine1036 proceeds to astep 1122, wherein it is determined whether any nested menu items exist for the selected menu item. - When, at the
step 1122, it is determined that nested menu items do exist for the selected menu item, the routine1036 proceeds to astep 1124, wherein the nested menu items are displayed to the holder on thedisplay 216. - After the
step 1124, the routine1036 returns to the step1118 (discussed above). - When, at the
step 1122, it is determined that no nested menu items exist for the selected menu item, the routine1036 proceeds to astep 1126, wherein it is determined whether the stored value flag was set to TRUE at the step1108 (discussed above). - When, at the
step 1126, it is determined that the stored value flag is set to TRUE, the routine1036 proceeds to astep 1128, wherein a “record stored value transaction” flag (discussed below in connection withstep 1216 of routine724 (FIG. 12 )) is set to TRUE. - After the
step 1128, the routine1036 terminates. - When, at the
step 1126, it is determined that the “stored value” flag is not TRUE, the routine1036 proceeds to a step1130, wherein the holder is prompted to enter a dollar amount to be recorded for the transaction. - After the step1130, the routine1036 proceeds to a
step 1132, wherein the routine1036 waits for the holder to enter a transaction amount. After the holder has entered a transaction amount, the routine1036 proceeds to astep 1134, wherein a “transaction summary approval” menu is displayed to the holder on thedisplay 216. In the example shown, this menu permits the holder to select (1) to APPROVE the recordation, (2) to change the expense CATEGORY for the transaction, or (3) to change the AMOUNT to be recorded. - After the
step 1134, the routine1036 proceeds to astep 1136, wherein it is determined which of the menu items displayed instep 1134 the holder has selected. - When, at the
step 1136, it is determined that the holder has selected to change the transaction AMOUNT, the routine1036 returns to the step1130 (discussed above). - When, at the
step 1136, it is determined that the holder has opted to change the expense CATEGORY, the routine1036 returns to the step1116 (discussed above). - When, at the
step 1132, it is determined that the holder has opted to APPROVE the recordation, the routine1036 proceeds to astep 1138, wherein the entered transaction amount is added to the expense register for the selected category, and the balances associated therewith are updated accordingly. - After the
step 1138, the routine1036 terminates. FIG. 12 is a flow diagram illustrating the VERIFY CARD RETURN routine ofFIG. 7 (step724).- As shown, the routine724 begins at a
step 1202, wherein it is determined whether the Chameleon Card is currently on board the Pocket Vault102 (i.e., whether the token102ais disposed within the token port218). - When, at the
step 1202, it is determined that the Chameleon Card is not on board thePocket Vault 102, the routine724 proceeds to astep 1204, wherein the holder is prompted to return the Chameleon Card to the token port218 (seeFIG. 260 ). - After the
step 1204, the routine724 proceeds to astep 1206, wherein it is determined whether a timeout period (e.g., ten seconds) has elapsed since the user was last prompted to return the Chameleon Card to thetoken port 218. - When, at the
step 1206, it is determined that the timeout period has not yet elapsed, the routine724 returns to the step1202 (discussed above). - When, at the
step 1206, it is determined that the timeout period has elapsed, the routine724 proceeds to astep 1208, wherein the user is again prompted to return the Chameleon Card, this time with an audio indication (e.g., a “chime” sound generated by theindicator 215 ofFIG. 2 ). - After the
step 1208, the routine724 proceeds to astep 1210, wherein it is determined whether an extended timeout period (e.g.,10 minutes) has elapsed since the user was first prompted to return the Chameleon Card to thetoken port 218. - When, at the
step 1210, it is determined that the extended timeout period has not yet elapsed, the routine724 returns to the step1202 (discussed above). - When, at the
step 1210, it is determined that the extended timeout period has elapsed, the routine724 terminates. - When, at the
step 1202, it is determined that the Chameleon Card is on board the Pocket Vault102 (i.e., the token102ais disposed within the token port218), the routine724 proceeds to astep 1212, wherein it is determined whether the “stored value” flag was set to TRUE instep 1108 of the routine1036 (FIG. 11 ). - When, at the
step 1212, it is determined that the “stored value” flag is not TRUE, the routine724 terminates. - When, at the
step 1212, it is determined that the “stored value” flag is TRUE, the routine724 proceeds to astep 1214, wherein the stored value for the selected media is updated based on the amount deducted from the Chameleon Card during its use. - After the
step 1214, the routine724 proceeds to astep 1216, wherein it is determined whether the “record stored value transaction” flag was set to TRUE in thestep 1128 of the routine1036 (FIG. 11 ). - When, at the
step 1216, it is determined that the “record stored value transaction” flag is FALSE, the routine724 proceeds to astep 1222, wherein the “stored value” flag is set to FALSE. - When, at the
step 1216, it is determined that the “record stored value transaction” flag is TRUE, the routine724 proceeds to astep 1218, wherein the dollar amount of the transaction is added to the selected expense register (i.e., the expense register selected at thestep 1118 of the routine1036 (FIG. 11 )). The dollar amount entered is determined based on the dollar amount that was deducted from the stored value on the Chameleon Card as a result of the transaction. - After the
step 1218, the routine724 proceeds to astep 1220, wherein the “record stored value transaction” flag is set to FALSE. - After the
step 1220, the routine724 proceeds to the step1222 (discussed above) After thestep 1222, the routine724 terminates. - In addition to a routine such as that discussed above in connection with
FIGS. 7-12 , certain software enhancements may also be disposed in thememory 210 of aPocket Vault 102 for use with thecontroller 202. One such software enhancement involves the use of “system preference file” software. This software may establish certain preferences that cannot be altered on thePocket Vault 102 by the holder, and which may be stored in encrypted form, along with certain information regarding value-based media. For example, Pocket Vaults102 may be sold with a choice of two or three advertising profiles. During the Pocket Vault registration and validation process (described below), an encrypted system preference file may be created that indicates whether the device was, for example, subject to a “Premium,” “Plus” or “Base” profile status. This status may have been selected, for example, on thePocket Vault 102 itself, or using one of theinterface stations 104a-cwhen thePocket Vault 102 was interfaced therewith. - Under the “Premium” profile, the
Pocket Vault 102 may be advertising-free, but cost a significant amount. Under the “Plus” profile, thePocket Vault 102 may display only advertising related to shops or services you currently patronize, but cost significantly less than the “Premium” version. Under the “Base” profile, thePocket Vault 102 may have a variety of advertising on a regular basis, subject only to network “saturation effectiveness” limitations, and thePocket Vault 102 may be free, or nearly so (e.g., a small purchase charge to generate in-store revenue for the retailer may be charged). - A holder's choice about participation in specific promotional campaigns linked to the holder's buying behavior may -also be part of the registration process and affect retail pricing. Once chosen, the
network server 114 may send a message to thePocket Vault 102, e.g., via thevalidation interface station 104a, and direct the storage of necessary encrypted information on the Pocket Vault102 (e.g., “Buyer Profile Participant”). - The advertising and marketing choices may be changed at a date after purchase and result in a changed set of costs (either credits or debits) to the Pocket Vault holder. Other system preference data may include the “saturation effectiveness” limitations on the amount of advertising that can appear during any given single use window (a particular period during which the device is powered on), any given hour, any given day and/or any given month. The limitations may control both the number of advertisements permitted and the amounts of advertisement time permissible (e.g., seconds per advertisement), by category (e.g., such limitations may, for example, based on categories of advertisements be imposed general advertising, advertising from retailers that the Pocket Vault holder already patronizes and advisory notices from the
network server 114. For example, these limits may be set to balance the need for advertising revenue with the need to not overwhelm or annoy Pocket Vault holders. This preference file may, for example, limit all advertising to one advertisement per “on-session,” two advertisements per hour, four advertisements per day and/or twenty advertisements per month. General advertisements might get priority claim on this time up to a set limit (say 75% of all advertisement time), with targeted advertisements next, and advisory messages last. - Another software enhancement that may be employed is software used for preference file management. Such “preference file management” software may, for example, include a default file which is periodically updated from the
network server 114, and a Pocket Vault holder custom file. Using this software, the holder may, for example, be able to modify: (1) the initial on-screen backdrop and message greeting; (2) the menu structure and media order within menu screens; (3) some (but not all) of the bio-metric input requirement parameters; (4) the amount of on-time after the bio-metric data is confirmed (within pre-set limits); (5) the ability to conceal all or part of the credit or debit account information on the Chameleon Card display area; (6) the normal restaurant tip percentage; (7) the links between certain media; and/or oversight preference restrictions. - For example, some of the menu tree structures for the
Pocket Vault 102 may be set by the holder. This may include the sequence in which certain screens appear (e.g., debit screens before credit screens), among credit screens (e.g., Visa before MasterCard) and media order-of-appearance within a screen (e.g., FirstCard Visa before ChaseVisa). - Generally, a retailer does not need to see a credit or debit account number, while the approving entity contacted on the dialup modem does. Today, credit and debit cards have this information embossed on the card and recorded in the magnetic stripe on the back of the card. If the magnetically encoded information is unreadable due to mechanical wear of the magnetic stripe or for other reasons, the embossed image can always be read by the clerk and manually keyed in. There is no way for this embossing to disappear when it is not needed and appear at just the right time, either with a standard card or a Smartcard. As a result, such numbers are generally in view and this visibility may lead to fraud. In one embodiment, the
Pocket Vault 102 may be programmed to conceal this number, unless prompted to the contrary by the holder. A retailer may confirm the kind of credit or debit being presented and the full name on the card, without having to see or be told the account number. On the rare occasion when the number itself is needed, the holder may, for example, repeat the bio-metric input to thePocket Vault 102 to reveal the card account number. If placed in thepersonal interface station 104c,such account numbers may be automatically revealed (e.g., through detection of an encrypted cookie on theinterface station computer 304 of thepersonal interface station 104c). - If the holder establishes a preferred tip percentage, this preferred tip amount may be automatically applied to restaurant checks. This may eliminate a step in restaurant check close-out and reduce the hassle of calculating an appropriate tip and eliminate the need for waitstaff to return to pick up the credit receipt with the tip.
- The holder may also choose to link certain media on the
Pocket Vault 102 to reduce selection tasks at the point-of-transaction. For example, the holder may link certain credit or debit cards to certain frequent buyer ID cards, thereby enabling the holder to pick a grocery store frequent buyer card (which would be linked to a debit card and brought up automatically after the grocery store card). - At the point of registration or issuance, a Pocket Vault holder may be asked if there is to be any transaction oversight security. If the answer is yes, a second bio-metric input may be required from the individual endowed with that oversight role. For example, a parent may choose to get a
Pocket Vault 102 for a child or other relative who may lack certain fiscal discipline. At issuance, and prior to any credit or debit media being added to thePocket Vault 102, the oversight authority may need to be established. The person having such oversight authority may then have sole access to a profile of transaction preference data. The person having the oversight authority may therefore create and modify this profile any time after issuance. This data set may limit one or more of the following: (1) debit and credit transaction dollar volume per day, per week and/or per month; (2) certain purchase restrictions such as the types of retailers to whom payments are permitted, such as exclusion of gambling establishments or liquor stores; and (3) geographic restrictions such as payments within10 miles of a son's or daughter's college campus, but not beyond). - Another software enhancement that may be employed is software for managing media image libraries. Every media image sent to the
display 216 may actually be a composite of from two to five layers of graphics files. Layers one, two and four may, for example, be stored in media library files while layers three and five may include text and data files stored in memory on thePocket Vault 102. For example, a credit card image may comprise separate layers for: (1) the standard credit card background and icon; (2) the issuing bank's overlay icons and text; (3) the individual's account number; and (4) customized advertising from the issuing bank and/or credit card company. - Layering the image in this fashion may minimize data transmission requirements, reduce memory storage requirements, and speed up screen display. For example, Pocket Vaults102 may be preloaded at point of manufacture with background images of the top ten credit images, three passport images (e.g., EU, US, Japan), and a handful of other globally-relevant backgrounds. When, for example, a Pocket Vault holder living in Boston initially registers a device, it may trigger downloading of the top five additional background images prevalent in that area. When the individual applies for and is electronically issued a new credit card over the
network system 100, the download from thenetwork server 114 may include a second layer credit card company overlay for the credit card, along with the third layer of account and name information, and the fourth layer of the most recent customized advertisement from the credit card company related to a seasonal promotion of card usage. - The advertisement layer may be temporary in nature. This layer may, for example, remain on-screen for a given number of seconds, predetermined by the time period of the advertisement paid for by the advertiser. Underneath such an advertisement, a fifth layer of Pocket Vault holder-determined data may appear, also for a temporary period, in this case for privacy reasons and for a period set by the holder. This positioning of the holder's data below the advertising data increase the value of the advertisement time, since holders will be likely to view the
display 216 awaiting the appearance of their data, which may also remain on-screen for only a set number of second. For example, such holder-specific data may include the last date of the next billing period, or the total charges since the last billing period on this particular card or on all of the holder's credit cards. Such balance information may be generated, for example, by the financial management software. The initial on-screen image may also be layered, for example, with a market-tailored backdrop and a sign-on message, both of which possibly being modifiable could be modified by the appropriate setting of user preferences. - Another software enhancement that may be employed is software to manage memos. Certain screen choices may, for example, result in the viewing of memos created by and for the Pocket Vault holder. These memos may be written on a home PC and transferred to a
Pocket Vault 102 when thePocket Vault 102 is interfaced with thepersonal interface station 104cfor an update/download session. Alternatively, such memos may be created on thePocket Vault 102 using a screen-based keyboard function similar to that of a Palm Pilot. The memo template software may provide certain standard backgrounds and layouts to support this feature. This feature may help to eliminate the need for scraps of various notes now found in most wallets. - Yet another software enhancement that may be employed is software to manage advertising messages. Such advertising message management software may, for example, perform several noteworthy functions: (1) limiting the appearance of advertising in accordance with the advertising profile (e.g., stored in the network server114) of the particular Pocket Vault holder; (2) limiting the appearance of advertising to a certain number of times per on-session, per hour, per day, per week and/or per month; (3) tracking the number of times each advertisement appears since the last download/update session (since the number of on-sessions during any period will govern the number of opportunities certain advertisements have to run, this tracking may be necessary to enable billing of advertisers for actual advertisement exposure levels; (4) generating reminder advertisements for frequent buyer cards (e.g., a message such as “Ten weeks since your last car wash! One more and the next is free!”); and (5) tracking the effectiveness of advertising through linkage to the transaction files (e.g., the ability to build more accurate, comprehensive buying profiles since all of an individual's media are now “under one roof”).
- Another software enhancement that may be employed is software to process transaction data. Such transaction processing software may, for example, include the ability to track total outstanding transactions on particular media and compare those to media limits at the time of the next transaction, along with date validity of the media. If a particular piece of media is no longer valid, selection of this item from a menu may produce a message such as “expired,” or “requires update to extend period of validity,” or “payment of balance required before re-use.”
- Another software enhancement that may be employed is software to manage frequent buyer data. Such frequent buyer data management software may, for example, track purchases at stores with frequent buying programs that participate in the
network system 100. This software may also indicate any frequent buyer credits that are about to expire or create advertisements that remind their Pocket Vault holders that they are about to qualify for a free item. For example, a tenth gasoline purchase at a service station/car wash may generate a message indicating that the holder is “now entitled to free car wash.” - Yet another software enhancement that may be employed is software for managing financial information. This type of software may, for example, enable easy download advertisements into personal finance software used by some PC owners. It may also support certain on-board functionality in the Pocket Vault, such as charge card management, automatically shifting from the preferred credit card to another credit card, for example: (1) when a transaction would cause a credit limit to be exceeded, (2) when using a different card would lengthen the time after which actual payment would be due, (3) when using another card would garner desired contest eligibility, or maximize cash back points for a particular period, and/or (4) when use of another card would preclude having to pay annual dues.
- Another software enhancement that may be employed is Global Positioning Software. Integration of this functionality with memo information and frequent buyer information may induce visits to nearby stores at convenient times to take advantage of sales, frequent buyer credits, etc.
FIG. 13 is a flow diagram illustrating an example implementation of a primary routine1300 that may be executed by thecontroller 306 of the pocket vault interface unit302 (FIG. 3 ).- As shown, the routine1300 begins at a
step 1346, wherein it is determined whether a card has been swiped through thestripe reader 315 of theinterface unit 302. - When, at the
step 1346, it is determined that a card has been swiped, the routine1300 proceeds to astep 1348, wherein information from the swiped card read by thestripe reader 315 is transmitted to theinterface station computer 304. - After the
step 1348, the routine1300 proceeds to astep 1302, wherein it is determined whether a first encrypted message has been received from thePocket Vault 102 including an ID code that is released from thePocket Vault 102 only upon proper user authentication (e.g., in response to a fingerprint match). - When, at the
step 1346, it is determined that a card has not been swiped, the routine1300 proceeds directly to the step1302 (discussed above). - When, at the
step 1302, it is determined that such a first encrypted message has not been received from thePocket Vault 102, the routine1300 proceeds to astep 1338, wherein it is determined whether any encrypted information and/or commands have been received from theinterface station computer 304. - When, at the
step 1338, it is determined that information and/or commands have been received from theinterface station computer 304, the routine1300 proceeds to astep 1340, wherein the received information and/or commands are forwarded to thePocket Vault 102. - After the
step 1340, the routine1330 proceeds to astep 1342, wherein it is determined whether any information and/or commands have been received from thePocket Vault 102. - When, at the
step 1338, it is determined that no information or commands have been received from theinterface station computer 304, the routine1300 proceeds directly to the step1342 (discussed above). - When, at the
step 1342, it is determined that information and/or commands have been received from thePocket Vault 102, the routine1300 proceeds to astep 1344, wherein the received information and/or commands are forwarded to theinterface station computer 304. - After the
step 1344, the routine1300 returns to the step1346 (discussed above). - When, at the
step 1342, it is determined that no information and/or commands have been received from thePocket Vault 102, the routine1300 proceeds directly to thestep 1346. - When, at the
step 1302, it is determined that a first encrypted message including a Pocket Vault ID has been received from thePocket Vault 102, the routine1300 proceeds to astep 1304, wherein the first encrypted message is forwarded to the interface station computer304 (FIG. 3 ). - After the
step 1304, the routine1300 proceeds tosteps fingerprint scanner 316 of the pocketvault interface unit 302 before a timeout period measured by thestep 1308 has elapsed. - When, at the
steps step 1308, the routine1300 returns to the step1346 (discussed above). - When, at the
steps fingerprint scanner 316 in a timely manner, the routine1300 proceeds to astep 1310, wherein it is determined whether the scanned fingerprint matches a fingerprint stored in thememory 314 of the pocketvault interface unit 302. - When, at the
step 1310, it is determined that the scanned fingerprint does match that of an authorized operator of theinterface unit 302, the routine1300 proceeds to astep 1312, wherein a second encrypted message, including an ID of the pocketvault interface unit 302 that is released only after a successful fingerprint match, is transmitted to theinterface station computer 304. - After the
step 1312, the routine1300 returns to the step1346 (discussed above). - When, at the
step 1310, it is determined that the scanned fingerprint does not match any fingerprint stored in thememory 314 of the pocketvault interface unit 302, the routine1300 proceeds to astep 1314, wherein a message is transmitted to theinterface station computer 304 indicating there has been an unsuccessful attempt to authenticate an operator of the pocketvault interface unit 302. - After the
step 1314, the routine1300 proceeds tosteps 1316 and1318, wherein it is determined whether, before the expiration of a timeout period measured by thestep 1318, a request has been received from theinterface station computer 304 to add a new operator to the pocketvault interface unit 302. - When, at the
steps 1316 and1318, it is determined that such a request has not been received from theinterface station computer 304 in a timely manner, the routine1300 returns to the step1302 (discussed above). - When, at the
steps 1316 and1318, it is determined that a request to add a new operator to the pocketvault interface unit 302 has been received from theinterface station computer 304 in a timely manner, the routine1300 proceeds tosteps - At the
steps interface unit 302 for each of the operator's two hands before the expiration of a timeout period measured by thestep 1322. The operator may be prompted, e.g., on thedisplay 324 of theinterface station computer 304, to take appropriate steps to ensure his or her fingerprints are properly scanned. An example routine for obtaining the requisite fingerprint data from a user is discussed above in connection with steps804a-810aand804b-810b(for the Pocket Vault102), and therefore will not be repeated here. - When, at the
steps step 1336, wherein an indication (e.g., a message or an audio tone) regarding the unsuccessful new operator validation attempt is generated. - After the
step 1336, the routine1300 returns to the step1346 (discussed above). - When, at the
steps interface unit 302 in a timely manner, the routine1300 proceeds to astep 1324, wherein an encrypted message including an ID unique to theinterface unit 302 is transmitted to theinterface station computer 304 for ultimate registration with thenetwork server 114. - After the
step 1324, the routine1300 proceeds to step1326 and1328, wherein is determined whether a message including validation information (e.g., a PKI certificate for the interface unit302) has been received from the network server114 (via the interface station computer304) before the expiration of a timeout period. - When, at the
steps interface unit 302 in a timely manner, the routine1300 proceeds to the step1336 (discussed above). - When, at the
steps interface unit 302 in a timely manner, the routine1300 proceeds to astep 1330, wherein the validation information is stored for the new operator. - After the
step 1330, the routine1300 proceeds to astep 1332, wherein an indication (e.g., a message or an audio tone) regarding the successful validation of the new operator is generated. - After the
step 1332, the routine1300 returns to the step1346 (discussed above). FIG. 14 is a flow diagram illustrating example implementation of a primary routine1400 that may be executed by thecontroller 308 of theinterface station computer 304 ofFIG. 3 .- As shown, the routine1400 begins at a
step 1402, wherein a menu is displayed on thedisplay 324 of theinterface station computer 304 that gives the operator of theinterface station computer 304 several options to choose from. These options may, for example, include: (1) the option to request that aPocket Vault 102 be validated (i.e., permitted to store a new finger print), (2) the option to request that the information currently stored on aPocket Vault 102 be updated (e.g., information may be uploaded from the network server114), (3) the option to request that a transaction involving aPocket Vault 102 be authorized, and/or (4) the option to access a website on thenetwork server 114 and take advantage of the functionality thereof. - It should be appreciated that the foregoing are only examples of menu options that may be provided to the operator of the
interface station computer 304, and that the invention is not limited to the particular examples described. It should also be appreciated that fewer than all of the options shown may be provided in connection with different types of interface stations. For example, avalidation interface station 104amay be provided only with option (1), a personal interface station may be provided only with option (2), and a commercial interface station may be provided only with option (3). In many instances, option (4) may be the only option required or desired to be employed by the user, as the website may itself provide all of the functionality of the other options (1)-(3). If fact, in such circumstances, the user need not be provided with a menu at all, as the user could simply log on the website using a browser. An embodiment of a network system in which a website may be accessed by a server in this manner is discussed below in connection withFIGS. 28-39 . - After displaying the menu at the
step 1402, the routine1400 proceeds to astep 1404, wherein it is determined whether any requests to validatePocket Vaults 102 have been received. - When, at the
step 1404, it is determined that no request to validate aPocket Vault 102 has been received, the routine1400 proceeds to astep 1408, wherein it is determined whether any requests to update information onPocket Vaults 102 have been received. - When, at the
step 1408, it is determined that no request to update the information on aPocket Vault 102 has been received, the routine1400 proceeds to astep 1412, wherein it is determined whether any requests to authorize transactions involving Pocket Vaults102 have been received. - When, at the
step 1412, it is determined that no request to authorize a transaction involving aPocket Vault 102 has been received, the routine1400 proceeds to astep 1416, wherein it is determined whether the interface station computer has received any messages from PocketVault interface units 302 indicating that an unsuccessful operator authentication has occurred (i.e., the fingerprint of an operator scanned by thefingerprint scanner 316 has failed to match a fingerprint stored in the memory314). - When, at the
step 1416, it is determined that no such messages have been received, the routine1400 proceeds to astep 1420, wherein it is determined whether a request to access a website on thenetwork server 114 has been received. - When at the
step 1420, it is determined that no request to access the website on thenetwork server 114 has been received, the routine1400 returns to thestep 1402, wherein the menu of the various options for the operator is again displayed. Thus, themenu 1402 is displayed until one of the various options is selected in accordance with any of thesteps - When, at the
step 1404, it is determined that a request to validate aPocket Vault 102 has been received, the routine1400 proceeds to astep 1406, wherein the PROCESS REQUEST TO VALIDATE POCKET VAULT routine (discussed below in connection withFIG. 15 ) is executed. - After the
step 1406, the routine1400 proceeds to the step1408 (discussed above). - When, at the
step 1408, it is determined that a request to update the information on aPocket Vault 102 has been received, the routine1410 proceeds to astep 1410, wherein the PROCESS REQUEST TO UPDATE INFO ON POCKET VAULT routine (discussed below in connection withFIG. 16 ) is executed. - After the
step 1410, the routine1400 proceeds to the step1412 (discussed above). - When, at the
step 1412, it is determined that a request to authorize a transaction involving aPocket Vault 102 has been received, the routine1400 proceeds to astep 1414, wherein the PROCESS REQUEST TO AUTHORIZE TRANSACTION routine (discussed below in connection withFIG. 17 ) is executed. - After the routine1414, the routine1400 proceeds to the step1416 (discussed above).
- When, at the
step 1416, it is determined that a message has been received from an theinterface station computer 304 indicating that an attempted fingerprint match of an operator has failed, the routine1400 proceeds to astep 1418, wherein the PROCESS UNSUCCESSFUL OPERATOR AUTHENTICATION routine (discussed below in connection withFIG. 18 ) is executed. - After the routine1418, the routine1400 proceeds to the step1420 (discussed above).
- When, at the
step 1420, it is determined that a request to access a website on thenetwork server 114 has been received, the routine1400 proceeds to astep 1422, wherein the PROCESS REQUEST TO ACCESS WEBSITE routine (discussed below in connection withFIGS. 30-39 ) is executed. - After the
step 1422, the routine1400 returns to the step1402 (discussed above). FIG. 15 is a flow diagram illustrating an example implementation of the PROCESS REQUEST TO VALIDATE POCKET VAULT routine ofFIG. 14 (step1406).- As shown, the routine1406 begins at a
step 1502, wherein the potential new Pocket Vault holder is prompted to apply his or her fingerprint to thefingerprint scanner 220 of thePocket Vault 102, and to interface thePocket Vault 102 with the pocketvault interface unit 302. This may be accomplished, for example, by interfacing thedocking interface 208 of thePocket Vault 102 with thedocking interface 312 of the pocketvault interface unit 302. - After the
step 1502, the routine1406 proceeds tosteps Pocket Vault 102 has been received from the pocketvault interface unit 302 prior to the expiration of a timeout period measured by thestep 1506. - When, at the
steps Pocket Vault 102 has not been received from the pocketvault interface unit 302 in a timely manner, the routine1406 proceeds to astep 1526, wherein a message is displayed on thedisplay 324 of theinterface station computer 304 indicating that an error has occurred in the Pocket Vault validation process. - When, at the
steps Pocket Vault 102 has been received from the pocketvault interface unit 302 in a timely manner, the routine1406 proceeds to astep 1506, wherein the interface station operator is prompted to apply his or her fingerprint to thefingerprint scanner 316 of the pocketvault interface unit 302. - After the
step 1506, the routine1406 proceeds tosteps vault interface unit 302 has been received from the pocketvault interface unit 302 prior to the expiration of a timeout period measured by thestep 1510. - When, at the
steps vault interface unit 302 has not been received from the pocketvault interface unit 302 in a timely manner, the routine1406 proceeds to thestep 1526, wherein a message is displayed on thedisplay 324 of theinterface station computer 304 indicating that the attempt to authorize the interface station operator was unsuccessful. - After the
step 1526, the routine1406 terminates. - When, at the
steps vault interface unit 302 has been received from the pocketvault interface unit 302 in a timely manner, the routine1406 proceeds to astep 1512, wherein the interface station operator is prompted to input information regarding the new Pocket Vault holder into theinterface station computer 304. - After the
step 1512, the routine1406 proceeds to astep 1514, whereat the routine1406 waits until all of the requisite information regarding the new Pocket Vault holder has been entered properly (e.g., via theuser input device 318 of the interface station computer304). - After the
step 1514, the routine1406 proceeds to astep 1516, wherein the network server114 (FIG. 1 ) is contacted. - After the
step 1516, the routine1406 proceeds to astep 1518, wherein the information regarding the new Pocket Vault holder is transmitted to thenetwork server 114, along with a request that the new Pocket Vault holder be validated. - After the
step 1518, the routine1406 proceeds tosteps network server 114 has acknowledged the request by theinterface station computer 304 prior to the expiration of a timeout period measured by thestep 1522. - When, at the
steps network server 114 has not acknowledged the request by theinterface station computer 304 in a timely manner, the routine1406 proceeds to astep 1524, wherein a message is displayed on thedisplay 324 indicating that a transmission failure has occurred. - When, at the
steps 1520 and i522, it is determined that thenetwork server 114 has acknowledged the request by theinterface station computer 304 in a timely manner, the routine1406 proceeds to astep 1528, wherein, in an encrypted format, the information regarding the new Pocket Vault holder is transmitted to thenetwork server 114, along with the interface station operator ID, the interface unit ID, and the Pocket Vault ID. - After the
step 1528, the routine1406 proceeds tosteps network server 114 prior to the expiration of a timeout period measured by thestep 1532, and prior to receiving a message from thenetwork server 114 indicating that the request to validate the new Pocket Vault holder has been denied. - When, at the
steps network server 114 in a timely manner, or it is determined that a message has been received indicating that the request to validate the new Pocket Vault holder has been denied, the routine1406 proceeds to astep 1538, wherein a message is displayed on thedisplay 324 indicating that the attempt to validate thePocket Vault 102 was unsuccessful. - When, at the
steps network server 114 in a timely manner, the routine1406 proceeds to astep 1534, wherein the encrypted validation information (e.g., a PKI certificate) from thenetwork server 114 is forwarded to the pocketvault interface unit 302 for forwarding on to thePocket Vault 102. - After the
step 1534, the routine1406 proceeds to astep 1536, wherein a message is displayed on thedisplay 324 indicating that the attempt to validate thePocket Vault 102 was successful. In addition to this message, when the pocketvault interface unit 302 forwards this message on to thePocket Vault 102, thePocket Vault 102 itself may provide, for example, an audio indication such as a chime, indicating that thePocket Vault 102 has been successfully validated. FIG. 16 is a flow diagram illustrating an example implementation of the PROCESS REQUEST TO UPDATE INFO ON POCKET VAULT routine ofFIG. 14 (step1410).- As shown, the routine1410 begins at a
step 1602, wherein the Pocket Vault holder is prompted to apply his or her fingerprint to thefingerprint scanner 220 of thePocket Vault 102, and to interface thePocket Vault 102 with the pocketvault interface unit 302. - After the
step 1602, the routine1410 proceeds tosteps Pocket Vault 102 has been received from the pocketvault interface unit 302 prior to the expiration of a timeout period measured by thestep 1606. - When, at the
steps Pocket Vault 102 has not been received from the pocketvault interface unit 302 in a timely manner, the routine1410 proceeds to astep 1634, wherein a message is displayed on thedisplay 324 of theinterface station computer 304 indicating that the attempt to authorize the Pocket Vault holder was unsuccessful. - When, at the
steps Pocket Vault 102 has been received from the pocketvault interface unit 302 in a timely manner, the routine1410 proceeds to astep 1606, wherein the interface station operator is prompted to apply his or her fingerprint to thefingerprint scanner 316 of the pocketvault interface unit 302. - After the
step 1606, the routine1410 proceeds tosteps vault interface unit 302 has been received from the pocketvault interface unit 302 prior to the expiration of a timeout period measured by thestep 1610. - When, at the
steps vault interface unit 302 has not been received from the pocketvault interface unit 302 in a timely manner, the routine1410 proceeds to thestep 1634, wherein a message is displayed on thedisplay 324 of theinterface station computer 304 indicating that the attempt to authorize the interface station operator was unsuccessful. - After the
step 1634, the routine1410 terminates. - When, at the
steps vault interface unit 302 has been received from the pocketvault interface unit 302 in a timely manner, the routine1410 proceeds to astep 1612, wherein thenetwork server 114 is contacted. - After the
step 1612, the routine1410 proceeds to astep 1614, wherein a request to update the information on thePocket Vault 102 is transmitted to thenetwork server 114. - After the
step 1614, the routine1410 proceeds tosteps network server 114 has acknowledged the request by theinterface station computer 304 prior to the expiration of a timeout period measured by thestep 1618. - When, at the
steps network server 114 has not acknowledged the request by theinterface station computer 304 in a timely manner, the routine1410 proceeds to astep 1620, wherein a message is displayed on thedisplay 324 indicating that a transmission failure has occurred. - When, at the
steps network server 114 has acknowledged the request by theinterface station computer 304 in a timely manner, the routine1410 proceeds to astep 1622, wherein, in an encrypted manner, the interface station operator ID, the interface unit ID, and the Pocket Vault ID are transmitted to thenetwork server 114. - After the
step 1622, the routine1410 proceeds tosteps network server 114 for loading onto thePocket Vault 102 prior to the expiration of a timeout period measured by thestep 1620, and prior to thenetwork server 114 denying the requested attempt to upload information. - When, at the
steps step 1630, wherein the received updates are transmitted to the pocketvault interface unit 302 so that they may be subsequently forwarded to thePocket Vault 102 for uploading thereto. - After the
step 1630, the routine1410 proceeds to astep 1632, wherein a message is displayed to the holder indicating that the requested updates have been successfully uploaded to thePocket Vault 102. - After the
step 1632, the routine1410 terminates. - When, at the
steps network server 114 in a timely manner, or that thenetwork server 114 has denied the request to upload information onto thePocket Vault 102, the routine1410 proceeds to astep 1628, wherein a message is displayed on thedisplay 324 indicating that the attempt to update the information on thePocket Vault 102 was unsuccessful. - After the
step 1628, the routine1410 terminates. FIG. 17 is a flow diagram illustrating an example implementation of the PROCESS REQUEST TO AUTHORIZE TRANSACTION routine ofFIG. 14 (step1414).- As shown, the routine1414 begins at a
step 1702, wherein the operator of theinterface station computer 304 is prompted to input information regarding the proposed transaction involving thePocket Vault 102. - After the
step 1702, the routine1414 waits at astep 1704 until all of the information regarding the requested transaction has been entered. - After, at the
step 1704, it is determined that all of information regarding the requested transaction has been entered, the routine1414 proceeds to astep 1706, wherein the Pocket Vault holder is prompted to apply his or her fingerprint to thefingerprint scanner 220 of thePocket Vault 102, and to interface the Pocket Vault with the pocketvault interface unit 302. - After the
step 1706, the routine1414 proceeds tosteps Pocket Vault 102 has been received from the pocketvault interface unit 302 prior to the expiration of a timeout period measured by thestep 1710. - When, at the
steps Pocket Vault 102 has not been received from the pocketvault interface unit 302 in a timely manner, the routine1414 proceeds to astep 1726, wherein a message is displayed on thedisplay 324 of theinterface station computer 304 indicating that the attempt to authorize the Pocket Vault holder was unsuccessful. - When, at the
steps Pocket Vault 102 has been received from the pocketvault interface unit 302 in a timely manner, the routine1414 proceeds to astep 1712, wherein the interface station operator is prompted to apply his or her fingerprint to thefingerprint scanner 316 of the pocketvault interface unit 302. - After the
step 1712, the routine1414 proceeds tosteps 1714 and1715, wherein it is determined whether an encrypted message including the ID of the pocketvault interface unit 302 has been received from the pocketvault interface unit 302 prior to the expiration of a timeout period measured by the step1715. - When, at the
steps 1714 and1715, it is determined that an encrypted message including the ID of the pocketvault interface unit 302 has not been received from the pocketvault interface unit 302 in a timely manner, the routine1414 proceeds to thestep 1726, wherein a message is displayed on thedisplay 324 of theinterface station computer 304 indicating that the attempt to authorize the interface station operator was unsuccessful. - After the
step 1726, the routine1414 terminates. - When, at the
steps 1714 and1715, it is determined that an encrypted message including the ID of the pocketvault interface unit 302 has been received from the pocketvault interface unit 302 in a timely manner, the routine1414 proceeds to astep 1716, wherein thenetwork server 114 is contacted. - After the
step 1716, the routine1414 proceeds to astep 1718, wherein the request regarding the proposed transaction involving thePocket Vault 102 is transmitted to thenetwork server 114. - After the
step 1718, the routine1414 proceeds to step1720 and1722, wherein it is determined whether the transaction request has been acknowledged by thenetwork server 114 before the expiration of a timeout period measured by thestep 1722. - When, at the
steps step 1724, wherein a message is displayed on thedisplay 324 indicating that a transmission failure has occurred. - After the
steps 1724, the routine1414 terminates. - When, at the
steps step 1728, wherein encrypted information about the requested transaction is transmitted to thenetwork server 114, along with the interface station operator ID, the interface unit ID, and the Pocket Vault ID. - After the
step 1728, the routine1414 proceeds tosteps network server 114 prior to the expiration of a timeout period measured by thestep 1732. - When, at the
steps network server 114, the routine1414 proceeds to astep 1736, wherein a message is displayed on thedisplay 324 indicating that the attempt to authorize the requested transaction has failed. - When, at the
steps step 1734, wherein a message is forwarded to the pocketvault interface unit 302 indicating that the requested transaction has been approved. This message may also be used to update information on thePocket Vault 102, and/or to cause thePocket Vault 102 to generate an indication (e.g., an audio tone) that the transaction has been approved. - After the
step 1734, the routine proceeds to astep 1738, wherein a message is displayed on thedisplay 324 indicating that the requested transaction has been approved. - After the
step 1738, the routine1414 terminates. FIG. 18 is a flow diagram illustrating an example implementation of the PROCESS UNSUCCESSFUL OPERATOR AUTHENTICATION routine ofFIG. 14 (step1418).- As shown, the routine1418 begins at a
step 1802, wherein the operator of theinterface station computer 304 is informed that the attempted use the pocket vault interface unit302 (when the operator applied his or her finger print to the fingerprint scanner316) was not authorized. - After the
step 1802, the routine1418 proceeds to astep 1804, wherein the operator is prompted to either: (1) add a NEW OPERATOR to theinterface unit 302, or (2) ABORT the attempt to use theinterface unit 302. - When, at the
step 1806, it is determined that the operator has chosen to ABORT the attempt to use theinterface unit 302, the routine1418 terminates. - When, at the
step 1806, it is determined that the operator has chosen to add a NEW OPERATOR, the routine1418 proceeds to astep 1808, wherein a message is transmitted to the pocketvault interface unit 302 indicating the operator's desire to add a new operator to the pocketvault interface unit 302. - After the
step 1808, the routine1418 proceeds to astep 1810, wherein the operator is prompted to input information regarding the proposed new operator into the interface station computer304 (e.g., using the user input device318), and is provided with instructions as to the application of three identical fingerprints from each of his or her two hands to thefingerprint scanner 316 of theinterface unit 302. - After the
step 1810, the routine1418 proceeds to astep 1812 wherein the routine1418 waits until all of the requisite information regarding the proposed new interface station operator has been entered properly. - When, at the
step 1812, it is determined that all of the requisite information regarding the proposed new operator has been entered properly, the routine1418 proceeds to astep 1814, wherein thenetwork server 114 is contacted. - After the
step 1814, the routine1418 proceeds to astep 1816, wherein the request to add the new operator to the pocketvault interface unit 302 is transmitted to thenetwork server 114. - After the
step 1816, the routine1418 proceeds tosteps network server 114 prior to the expiration of a timeout period measured by thestep 1820. - When, at the
steps step 1822, wherein a transmission failure message is displayed. - After the
step 1822, routine1418 terminates. - When, at the
steps step 1824, wherein a message, including the information regarding the proposed new operator and the interface unit ID, is transmitted to thenetwork server 114 in an encrypted manner. - After the
step 1824, the routine1418 proceeds tosteps network server 114 prior to the expiration of a timeout period measured by thestep 1828, and prior to thenetwork server 114 denying the addition of the new interface station operator. - When, at the
steps network server 114 in a timely manner, the routine1418 proceeds to a step1830, wherein the encrypted validation information (e.g., a PKI certificate) is forwarded from theinterface station computer 304 to the pocketvault interface unit 302. - After the step1830, the routine1418 proceeds to a
step 1834, wherein a message is generated indicating that the attempt to add the new operator to the pocketvault interface unit 302 was successful. - After the
step 1834, the routine1418 terminates. - When, at the
steps network server 114 in a timely manner, the routine1418 proceeds to a step1832, wherein a message is generated indicating that the attempt to add the new operator to the pocketvault interface unit 302 was unsuccessful. - After the step1832, routine1418 terminates.
FIG. 19 is a flow diagram illustrating an example implementation of a primary routine1900 that may be executed by thenetwork server 114 ofFIG. 1 .- As shown, the routine1900 may begin at a
step 1902, wherein it is determined whether any requests have been received to register new Pocket Vault holders. - When, at the
step 1902, it is determined that a request has been received to register a new Pocket Vault holder, the routine1900 proceeds to astep 1904, wherein the request to register the new Pocket Vault holder is processed. An example of a routine that may be employed to implement thestep 1904 is discussed in more detail below in connection withFIG. 20 . - When, at the
step 1902, it is determined that no request to register a new Pocket Vault holder has been received, the routine1900 proceeds to astep 1906, wherein consumer marketing information is compiled and transmitted to subscribing media issuers and advertisers. - After the
step 1906, the routine1900 proceeds to astep 1908, wherein it is determined whether any requests from media issuers or advertisers have been received to update thenetwork server 114. - According to one aspect of the invention, media issuers and advertisers may have the option to utilize the functionality of the
network server 114 to update the account characteristics of authenticated Pocket Vault holders. These updates may, for example, be delivered from thecomputers database 406. When each selected holder next synchronizes with network server114 (e.g., as described below in connection with routine1914 ofFIG. 22 ), any media characteristics updated by the media issuers or advertisers may be uploaded to that holder's thePocket Vault 102. The database of account updates may be revised periodically based on the media issuer's systems (e.g., pursuant to the routine1910 ofFIG. 21 —described below). Confirmation of the update process may be provided to the issuer after a synchronization session is complete for a particular Pocket Vault holder (seestep 2206 of routine1914 (FIG. 22 ) below). - When, at the
step 1908, it is determined that a request to update thenetwork server 114 has been received from a media issuer or advertiser, the routine1900 proceeds to astep 1910, wherein the request from the media issuer or advertiser is processed. An example of a routine that may be employed to implement thestep 1910 is discussed in more detail below in connection withFIG. 21 . - When, at the
step 1908, it is determined that no request from a media issuer or advertiser to update thenetwork server 114 has been received, the routine1900 proceeds to astep 1912, wherein it is determined whether any requests have been received from holders to update information on their Pocket Vaults. - When, at the
step 1912, it is determined that such a request has been received, the routine1900 proceeds to astep 1914, wherein the request to update the Pocket Vault information is processed. An example of a routine that may be employed to implement thestep 1914 is described in more detail below in connection withFIG. 22 . - When, at the
step 1912, it is determined that no request from a holder to update information on aPocket Vault 102 has been received, the routine1900 proceeds to astep 1916, wherein it is determined whether any holders have requested that new files be loaded onto thenetwork server 114. - When, at the
step 1916, it is determined that a holder has requested that a new file be loaded onto thenetwork server 114, the routine1900 proceeds to astep 1918, wherein the holder's request to load the new file onto thenetwork server 114 is processed. An example of a routine that may be employed to implement thestep 1918 is described in more detail below in connection withFIG. 23 . - When, at the
step 1916, it is determined that no request by a holder to load a file onto thenetwork server 114 has been received, the routine1900 proceeds to astep 1920, wherein it is determined whether any requests have been made to authorize transactions. Such a request may be made, for example, by a merchant operating acommercial interface station 104c.In this regard, it should be appreciated that, when a token102ais employed to engage in a transaction with acommercial card reader 106 or a commercialbar code reader 107, a request for transaction approval may not be made to thenetwork server 114. Instead such a transaction approval request may be made through conventional, existing communication and approval channels for such devices. Therefore, it should be understood that thestep 1922 is generally reached only when it is possible for thenetwork server 114 to check the identity of the Pocket Vault holder, the identity of thePocket Vault 102, and possibly identity of the operator of a commercial interface station, based on communications with the Pocket Vault102 (e.g., via acommercial interface station 104cor via a wireless network such as Bluetooth). - When, at the
step 1920, it is determined that a request to authorize a transaction has been made, routine1900 proceeds to astep 1922, wherein the request to authorize the transaction is processed. An example of a routine that may be employed to implement thestep 1922 is discussed in more detail below in connection withFIG. 24 . - When, at the
step 1920, it is determined no request to authorize a transaction has been made, the routine1900 returns to the step1902 (discussed above). With regard to the routine1900 ofFIG. 19 , it should be appreciated that all of the requests to accomplish the various tasks may be placed in a queue so that they are serviced on a first-come, first-served or any other basis, rather than servicing them in the particular order shown inFIG. 19 . FIG. 20 is a flow-diagram illustrating an example of a routine that may be employed to implement thestep 1904 of the routine1900 (FIG. 1 ).- As shown, the routine1904 begins at a
step 2002, wherein a request received from theinterface station computer 304 to register a new Pocket Vault holder is acknowledged, and thenetwork server 114 requests theinterface station computer 304 to transfer the relevant information regarding the proposed new holder to thenetwork server 114. - After the
step 2002, the routine1904 proceeds to astep 2004, wherein the routine1904 waits for all of the requisite holder registration information to be received from theinterface station computer 304. - When, at the
step 2004, it is determined that all of the requisite holder registration information has been received from theinterface station computer 304, the routine1904 proceeds to astep 2006, wherein it is determined whether the proposed Pocket Vault use is authorized. An example of a routine that may be employed to implement thestep 2006 is discussed below in connection withFIG. 25 . In determining whether a particular Pocket Vault use is authorized, there are numerous parameters which may be checked. For example, the port to which the interface station computer is connected (e.g., the telephone number or IP address of the computer) may be checked to ensure that it is authorized. Additionally, information from the interface station computer304 (e.g., a “cookie”) may be checked to ensure that the computer itself has been registered with the system. Further, it can be checked whether the current operator of theinterface station computer 304 is registered as being associated with theinterface station computer 304 being used, and that the proposed new Pocket Vault holder is authorized to use that particular thePocket Vault 102. In sum, the identity of (1) each piece of equipment, (2) each operator of each piece of equipment, and (3) each location of each piece of equipment may be checked to ensure that the particular use of the Pocket Vault is authorized. It should be appreciated fewer than all of these parameters, different parameters, and/or additional parameters can be checked in alternative embodiments of the invention, and that the invention is not limited to embodiments wherein all of the aforementioned parameters are checked to verify that a particular Pocket Vault use is authorized. - When, at the
step 2006, it is determined that the Pocket Vault use is not authorized, the routine1904 terminates. In such a situation, it is also possible to generate some sort of security alert message to put someone or some entity on notice that an unauthorized use of a Pocket Vault has occurred. - When, the routine2006 has determined that the proposed Pocket Vault use is authorized, the routine1904 proceeds to a
step 2008, wherein all of the relevant information regarding the new Pocket Vault registration is logged into thedatabase 406 of the network server114 (FIG. 4 ). As shown inFIG. 20 , this information may include, for example, the interface station operator ID, the interface unit ID, the Pocket Vault ID, and all of the relevant information relating to the new Pocket Vault holder. - After the
step 2008, the routine1904 proceeds to astep 2010, wherein thenetwork server 114 transmits encrypted validation information to theinterface station computer 304, which then may be passed on to the pocketvault interface unit 302, and then to thePocket Vault 102, so as to enable the new holder's fingerprint to be stored in the memory of thePocket Vault 102. - After the
step 2010, the routine1904 terminates. FIG. 21 is a flow diagram illustrating example of a routine that may be employed to implement thestep 1910 of the primary routine1900 (FIG. 19 ).- As shown, the routine1910 begins at a
step 2102, wherein it is determined whether all of the requested updates have been received from the media issuer or advertiser. - When, at the
step 2102, it has been determined that all of the requested updates have been received, the routine1910 proceeds to astep 2104, wherein it is determined whether the media issuer or advertiser is authorized access to thenetwork server 114. This authorization process may require some sort of authentication of the identity of the computer used by the media issuer or advertiser requesting the update, the operator of the computer, and/or the location of the computer, in a manner similar to that in which theinterface stations 104 and their operators are authorized. - When, at the
step 2104, it is determined that the media issuer or advertiser is not authorized access to thenetwork server 114, the routine1900 proceeds to astep 2106, wherein a message is transmitted to the media issuer or advertiser informing the media issuer or advertiser that access to thenetwork server 114 has been denied. - After the
step 2106, the routine1910 terminates. - When, at the
step 2104, it is determined that the media issuer or advertiser is authorized access to thenetwork server 114, the routine1910 proceeds to astep 2108, wherein the updates received from the media issuer or advertiser are logged onto thenetwork server 114. - After the
step 2108, the routine1910 terminates. FIG. 22 is a flow diagram illustrating an example a routine that may be employed to implement thestep 1914 of the primary routine1900 (FIG. 19 ).- As shown, the routine1914 begins at the step2006 (discussed below in connection with
FIG. 25 ), wherein it is determined whether the attempted Pocket Vault use is authorized. - When, at the
step 2006, it is determined that the Pocket Vault use is not authorized, the routine1914 terminates. - When, at the
step 2006, it is determined that the Pocket Vault use is authorized, the routine1914 proceeds to astep 2202, wherein encrypted updates are transmitted to theinterface station computer 304 for loading onto thePocket Vault 102. - After the
step 2202, the routine1914 proceeds tosteps FIG. 23 is a flow diagram illustrating an example of a routine that may be employed to implement thestep 1918 of the primary routine1900 (FIG. 9 ).- As shown, the routine1918 begins at a
step 2302, wherein it is determined whether the file to be loaded onto thenetwork server 114 relates to a secure media issuer. - When, at the
step 2302, it is determined that the file does not relate to a secure media issuer, the routine1918 proceeds to astep 2304, wherein thenetwork server 114 is updated with the non-secure file. - After the
step 2304, the routine1918 terminates. - When, at the
step 2302, it is determined that the to-be-loaded file does relate to a secure media issuer, the routine1918 proceeds to astep 2306, wherein it is determined whether the secure media issuer is a Pocket Vault participant (i.e., a media issuer having access to the network server114). - When, at the
step 2306, it is determined that the secure media issuer is not a Pocket Vault participant, the routine1918 proceeds to astep 2308, wherein an advisory is sent to the holder indicating an inability to load the file, and inquiring as to whether the holder desires to load the file in a non-secure format. The holder may, for example, opt to load the file to thenetwork server 114 in such a way that the content of the file is not encodable to the Chameleon Card, but can be displayed and shown to a POS operator and manually keyed in at POS by the POS operator. - After the
step 2308, the routine1918 proceeds to astep 2316, wherein it is determine whether the holder has elected to load the file in a non-secure format. - When, at the
step 2316, it is determined that the holder has elected not to load the file in a non-secure format, the routine1918 terminates. - When, at the
step 2316, it is determined that the holder has elected to load the file in a non-secure format, the routine1918 proceeds to astep 2318, wherein the file is loaded onto thenetwork server 114 in a non-secure format. - After the
step 2318, the routine1918 terminates. - When, at the
step 2306, it is determined that the secure media issuer is a Pocket Vault participant, the routine1918 proceeds to astep 2310, wherein the media issuer is queried as to the account status of the holder. - After the
step 2310, the routine1918 proceeds to astep 2312, wherein it is determined whether authorization has been received from the media issuer to load the file. - When, at the
step 2312, it is determined that authorization has not been received from the media issuer, the routine1918 proceeds to the step2308 (discussed above). - When, at the
step 2312, it is determined that authorization has been received from the media issuer, the routine1918 proceeds to astep 2314, wherein thenetwork server 114 is updated with the secure file. - After the
step 2314, the routine1918 terminates. FIG. 24 is a flow diagram illustrating an example of a routine that may be employed to implement thestep 1922 of the primary routine1900 (FIG. 19 ).- As shown, the routine1922 begins at the step2006 (discussed below in connection with
FIG. 25 ), wherein it is determined whether the attempted use of thePocket Vault 102 is authorized. - When, at the
step 2006, it is determined that the attempted Pocket Vault use is not authorized, the routine1922 terminates. - When, at the
step 2006, it is determined that the attempted Pocket Vault used is authorized, the routine1922 proceeds to astep 2402, wherein it is determined whether the requested transaction is within acceptable account parameters (e.g., as set by the media issuer). - When, at the
step 2402, it is determined that the requested transaction is not within acceptable account parameters, the routine1922 proceeds to astep 2404, wherein a message is transmitted to the entity that requested the transaction (e.g., a commercial interface station104C, acard reader 106, or a barcode reader107) indicating that the transaction is outside of acceptable account parameters. - After the
step 2404, the routine1922 terminates. - When, at the
step 2402, it is determined that the requested transaction is within acceptable account parameters, information regarding the transaction is logged into thedatabase 406 of the network server114 (FIG. 4 ). As shown, the logged information may include the identification of the entity with which the transaction took place, the Pocket Vault ID (if available), and the time and date of the transaction. - After the
step 2406, the routine1922 proceeds to astep 2408, wherein an encrypted approval message is transmitted to the entity with which the transaction is being attempted (e.g., a commercial interface station104C, acard reader 106, or a barcode reader107). - After the
step 2408, the routine1922 terminates. FIG. 25 is a flow diagram illustrating an example of a routine that may employed to implement thestep 2006 of the routines1904 (FIG. 20 ),1914 (FIG. 22 ), and1922 (FIG. 24 ).- As shown, the routine2006 begins at a
step 2502, wherein it is determined whether the point of sale terminal or other entity with which a transaction is being attempted is connected to a valid source (e.g., an authorized telephone line or an authorized internet protocol (IP) address). - When, at the
step 2502, it is determined that the entity proposing the transaction is not connected to a valid source, the routine2006 proceeds to astep 2510, wherein the transaction is refused, and a security alert is generated so that appropriate action(s) may be taken. - When, at the
step 2502, it is determined that the entity proposing the transaction is connected to a valid source, the routine2006 proceeds to astep 2504, wherein it is determined whether the ID of the interface station, card reader or barcode reader is valid, and is properly linked to the source to which is connected. - When, at the
step 2504, it is determined that the ID of the entity proposing the transaction is not valid, the routine proceeds to the step2510 (discussed above). - When, at the
step 2504, it is determined that the ID of the entity proposing the transaction is valid, the routine2006 proceeds to astep 2506, wherein it is determined whether the Pocket Vault ID (if available) is valid. It should be appreciated that, when acard reader 106, abarcode reader 107 or an RF signal receiver is employed, it is possible that the ID from the Pocket Vault will not be transmitted to thenetwork server 114. Therefore, thestep 2506 may be skipped in such a situation. - When, at the
step 2506, it is determined that the Pocket Vault ID (when available and required) is not valid, the routine2006 proceeds to the step2510 (discussed above). - When, at the
step 2506, it is determined that the Pocket Vault ID (when) is valid or is not required, the routine2006 proceeds to astep 2508, wherein it is determined whether the Pocket Vault ID (if available) is linked to the ID of the entity proposing the transaction, e.g., acommercial interface station 104c,acard reader 106, or abarcode reader 107. - When, at the
step 2508, it is determined that the ID of the Pocket Vault102 (when available) is not linked to the ID of the entity proposing the transaction, the routine2006 proceeds to the step2510 (discussed above). - When, at the
step 2508, it is determined that the Pocket Vault ID is linked to the ID of the entity proposing the transaction, or that the ID of the Pocket Vault is not required, the routine2006 proceeds to astep 2512, wherein the Pocket Vault use is authorized. - With regard to the information checked in connection with the routine2006 to determine whether a particular Pocket Vault use is authorized, it should be appreciated that, in some embodiments, fewer than all of the verification steps discussed above may be performed when lesser degrees of security are desired or required. For example, in some embodiments, there may be no restrictions as to who can operate an interface station, the source to which the station is connected, and/or the ID of the station.
FIG. 27 illustrates a network system similar to that described hereinabove. The system ofFIG. 27 , however, includes several additional components which serve to increase the network's functionality and utility. Accordingly, it should be appreciated that, in addition to the components illustrated inFIG. 27 , the system may also include all or some of the components and features of the system described above in connection withFIGS. 1-26 , and may also incorporate all or some of that system's functionality.- As shown in
FIG. 27 , thePocket Vault 102 may be coupled to an interface station104 (including aninterface unit 302 coupled to an the interface station computer304). Theinterface unit 302 may include acommunication port 2706, which is adapted to perform basic communications functions for interaction between theinterface unit 302 and each of thePocket Vault 102 and theinterface station computer 304. This communication can take place over physical wires using a USB protocol or HotWire, or any other suitable protocol. Alternatively, the communication can be wireless, using a standard wireless protocol, such as Bluetooth, or any other suitable protocol. Thecommunication port 2706 may, of course, be adapted to perform communications functions depending on the requirements on the particular protocol used. In an example embodiment, a USB protocol is used, and theinterface unit 302 is connected to theinterface station computer 304 through a USB port. Several suitable methods/techniques for interfacing thePocket Vault 102 with theinterface unit 302 are described above. - In addition to the
communication port 2706, as in the embodiment described above, theinterface unit 302 contains astripe reader 315. The purpose and operation of thestripe reader 315 is described below in connection withFIG. 34 . - The
interface station computer 304 may be any suitable computer that employs one or more processors to execute instructions stored in memory. Theinterface station computer 304 may even comprise several inter-networked computers. - In the illustrative embodiment shown, the
interface station computer 304 may use thecommunication software 2710 to communicate with thenetwork server 114 via thenetwork 2724. Thecommunication software 2710 may be any of a number of communication programs known in the art, and the invention is not limited to any particular type of software. Thesoftware 2710 may, for example, comprise a web browser, a terminal emulation program, a proprietary program, or any other software module capable of communicating with other computers using thenetwork 2724. Thenetwork 2724 may be any communication network known in the art. For example, thenetwork 2724 may comprise the World Wide Web, a Local Area Network, or any other networking arrangement adapted for communication between digital computers. - In the embodiment shown, the
communication software 2710 usesinternet settings 2722 when accessing thenetwork 2724. Theinternet settings 2710 may include any user preferences or software settings relevant to communication functions and usability of thecommunication software 2710. Theinternet settings 2722 may comprise, for example, the network name and the identification of theinterface station computer 304, an identification of communications protocols used to connect to thenetwork 2724, network preferences, such as whether any proxy servers may or should be used, a list of frequently-used servers, cookies previously obtained from various websites, digital certificates, personal bookmarks, user identity data, user password data for various servers, etc. - The
communication software 2710 may access thenetwork 2724 throughcommunication protocol layer 2714. Depending on how theinterface station computer 304 is physically connected to thenetwork 2724. Thecommunication protocol layer 2714 may be dial-up software, a TCP/IP layer, or any other suitable networking layer. Thecommunication protocol layer 2714 may, for example, execute low-level communication functions, thereby providing useful abstractions to thecommunication software 2710. In an example embodiment, theinterface station computer 304 is connected to thenetwork 2724 using a modem, and thecommunication protocol layer 2714 is a dialup software module. - As shown, the
interface station computer 304 may also contain one ormore communication drivers 2712. Although multiple drivers may, in fact, be employed, for simplicity of discussion, the description hereinafter may refer to all such drivers as a single “driver.” Thecommunication driver 2712 acts both as a device driver for theinterface unit 302, and also as a communications driver capable of accessinginternet settings 2722 and facilitating communications between thePocket Vault 102 and theserver 114 by using thecommunication protocol layer 2714 to establish a connection to thenetwork server 114 through thenetwork 2724. - The
network server 114 may comprise any suitable processor-based device or its equivalent. It may be either a single or multi-processor machine, or even a collection of servers inter-networked together. In one embodiment, thenetwork server 114 stores both data and applications that are accessible to users. Thenetwork server 114 may, for example, store and serve a website, i.e., a collection of web pages and data that are available to users via a browser. - The
network server 114 may include one ormore controllers 402 and adatabase 406, as described above in connection withFIG. 4 . In addition, thenetwork server 114 may include acommunication protocol layer 2716, which provides low-level communication functions to server communications software. Thecommunication protocol layer 2716 may be, but need not be, the same as thecommunication protocol layer 2714 of theinterface station computer 304. - As shown in
FIG. 27 , thenetwork server 114 may communicate through thenetwork 2724 with anissuer authority 2718. Theissuer authority 2718 may correspond, for example, to any of the advertiser(s)108, non-financial media issuer(s)110, or financial media issuer(s)112 described above in connection withFIG. 1 , or may be any entity designated to represent any of the same. - Overall, the networking arrangement illustrated in
FIG. 27 allows thePocket Vault 102 to access thenetwork server 114. It also allows theinterface station computer 304 to access restricted portions of thenetwork server 114, such as, for example, user data stored in thedatabase 406, when access is authenticated through communication from thePocket Vault 102 to thenetwork server 114. Authentication and access to restricted areas of thenetwork server 114 will be further described below. - In order for the
Pocket Vault 102 to perform communications functions, as well as other functions described elsewhere herein, thePocket Vault 102 may be driven bycontrol software 2708.FIG. 28 is a block diagram illustrating example components of thecontrol software 2708 that may be disposed on thePocket Vault 102. - As shown, the
control software 2708 may include components such as acommunications software module 2802, acard loading module 2804, an internetsettings management module 2806, asynchronization module 2808, a statistics module2810, and asecurity module 2812. It should be appreciated, of course, that thecontrol software 2708 is not limited to the illustrative modules shown, and that thecontrol software 2708 may comprise fewer modules or additional modules to perform other functions, such as the functionality described above in connection withFIGS. 7-12 . - The
communications software module 2802 may, for example, be responsible for communications with thenetwork server 114 and with theinterface station computer 304, in the manner discussed below. - The
card loading module 2804 may, for example, be responsible for loading data for new cards or tokens and storing such data in memory, as well as for transferring this data to thenetwork server 114, when appropriate. Examples of how card/token data may be loaded onto thePocket Vault 102 are discussed below in connection withFIG. 34 . - Internet
settings management module 2806 may, for example, be responsible for managing the storage and use of internet settings by thePocket Vault 102. Such internet settings may, for example, correspond to any of theinternet settings 2722 that may be stored on theinterface station computer 304. The internetsettings management module 2806 may allow a user to store, manage, and transfer internet settings, e.g., cookies and preference settings, from one computer to another. Operation of the internetsettings management module 2708 will be further described below in connection with thesteps FIG. 33 ). - The
synchronization module 2808 may, for example, be responsible for synchronizing data and settings stored on thePocket Vault 102 with data and settings stored on thenetwork server 114. Operation of thesynchronization module 2808 is described below in connection withFIG. 35 . - The statistics module2810 may, for example, collect statistics concerning use of the
Pocket Vault 102. Such statistics may, for example, include information such as the number of accesses to various cards stored in the memory of thePocket Vault 102, the number of financial transactions engaged in, the date of the last update of thePocket Vault 102, the total amount and kind of data transferred between thePocket Vault 102 and eachinterface station 104 and/or thenetwork server 114. In addition, the statistics module2810 may be adapted to be customized by the user. - The
security module 2812 may, for example, ensure security of authentication and communications. All communications to and from thenetwork server 114 and theinterface station 104 may be encrypted by thesecurity module 2812, so that any attacker who intercepts those communications will receive no useful information. - Any of numerous types of encryption may be used to satisfactorily protect communications between the
Pocket Vault 102 and the other devices in the network. For example, one of the asymmetric-key encryption types, such as public key encryption or private key encryption, may be used. These public/private encryption techniques are well known in the art and therefore will not be described here in detail. Alternatively, one-time pad encryption or other encryption techniques may be used to achieve a similar objective. - As discussed above, the
Pocket Vault 102 may be adapted to not release any personal or secure information, even encrypted, until the holder presents satisfactory verification of his or her identity, such as, for example, presenting the holder's fingerprint to thefingerprint scanner 220 or entering a password. In addition, fingerprint and password protection may be used together for authentication purposes, such that personal or secure information can be transferred or released only if the holder has been successfully authenticated using both techniques. - In alternative embodiments, security may be implemented using different measures, or may be omitted altogether in situations where the
interface station computer 304 is a trusted host. In addition,security module 2812 may be called on to perform security functions in situations other than communicating with thenetwork server 114 and theinterface station computer 304. - The manner of communication among the
Pocket Vault 102, thenetwork server 114, and aninterface station computer 304 will now be described in connection withFIG. 29 .FIG. 29 is a data flow diagram illustrating how data may be transferred between thePocket Vault 102 and auser interface 2902 of theinterface station computer 304. Theuser interface 2902 may, for example, comprise a web browser included in thecommunications software 2710 running on theinterface station computer 304. Alternatively, it may be a stand-alone application that allows a user to interact with thecommunications software 2710 and, through it, interact with a website located on thenetwork server 114. - In the illustrative embodiment shown, the data transfer takes place via the
communication driver 2712, thenetwork server 114, and thecommunications software 2710, data can flow in both directions at all connection points, and all communications between thePocket Vault 102 and theuser interface 2902 of theinterface station computer 304 pass through thenetwork server 114. - Using the arrangement shown, the user may, for example, update settings on the
Pocket Vault 102 by using theuser interface 2902 and thecommunication software 2710 to update settings on thenetwork server 114, and then instructing thenetwork server 114 to update settings on thePocket Vault 102 via thecommunication driver 2712. - In one embodiment, the
network server 114 implements a website, where user information may be selectively stored and accessed by a person using the communication software2710 (e.g., a web browser) running on theinterface station computer 304, and any user may access the website on thenetwork server 114. However, the website may have a so-called “restricted area” which can be accessed only after the user has authenticated his or her identity. As used herein, the term “restricted area” or “restricted information” means any data that is not available to general public without some sort of authentication. For example, each user may have preferences stored in thedatabase 406 that would indicate how the main site should be presented to that user. Those preferences will not be available to other users. In addition to such relatively low-security settings, such as website preferences,database 406 may also contain private user information, such as information about a user's credit cards and identity information. Access to this restricted information may be limited, for example, to only “authenticated” users. - Authentication of a Pocket Vault holder may be achieved, for example, by the holder applying a fingerprint to the
fingerprint scanner 220 of thePocket Vault 102, interfacing thePocket Vault 102 with the interface unit302 (which acts essentially as a pass-through device), and establishing a connection between thePocket Vault 102 and thenetwork server 114 via thecommunication driver 2712. Based on communications with thePocket Vault 102 via this “connection,” the website may determine: (1) whether thePocket Vault 102 has been “validated,” i.e., whether a fingerprint has been stored in the fingerprint memory of thePocket Vault 102 and whether validation information (e.g., a PKI certificate) is present on thePocket Vault 102, and (2) whether thePocket Vault 102 has been authenticated, i.e., whether the fingerprint recently scanned by thePocket Vault 102 matched the fingerprint stored in the fingerprint memory of thePocket Vault 102. If the website determines that thePocket Vault 102 has not yet been validated, the user may be given an option to validate thePocket Vault 102 using the website software. If the website determines that thePocket Vault 102 has been validated and authenticated, then thenetwork server 114 may enable the authenticated holder to access or perform functions relating to some or all of the restricted area of thedatabase 406 containing that holder's information. Communication driver 2712 may be a light-weight application that can access and modify theinternet settings 2722, and can also accesscommunications protocol layer 2714, but cannot transfer information to any other software programs. For example, thecommunication driver 2712 may access theinternet settings 2722 in order to determine that theinterface station computer 304 is connected to thenetwork 2724 through a dial-up connection; following that, it may initiate the dial-up connection or use an established connection through thecommunications protocol layer 2714 in order to tunnel packets from thePocket Vault 102 to thenetwork 2724.FIG. 30 is a flow diagram illustrating an example implementation of the PROCESS REQUEST TO ACCESS WEBSITE routine1422 shown inFIG. 14 , which may be executed by thecontroller 308 of theinterface station computer 304. As discussed above in connection withFIG. 14 , it should be appreciated that this routine need not be accessed as a result of a user selecting it from the menu displayed in thestep 1402. Rather, a user may simply use a browser to directly log onto the website on thenetwork server 114.- As shown, the routine1422 begins at a
step 3002, wherein theinterface station computer 304 is caused to access the website on thenetwork server 114, e.g., by using a browser to access the website. - After the
step 3002, the routine1422 proceeds to astep 3004, wherein it is determined whether therequisite communication drivers 2712 have been installed. - When, at the
step 3004, it is determined that therequisite communication drivers 2712 have not been installed, the routine1422 proceeds to an INSTALL DRIVER(S) routine3006 (discussed below in connection withFIG. 31 ), which is responsible for installing thecommunication drivers 2712. - After the routine3006 has completed, the routine1422 proceeds to a
step 3008, wherein thecommunication drivers 2712 are caused to become operational. - When, at the
step 3004, it is determined that therequisite drivers 2712 have already been installed, the routine1422 proceeds directly to the step3008 (discussed above). - After the
step 3008, the routine1422 proceeds to steps3010-3016, wherein attempts are made to establish a connection between thePocket Vault 102 and the website on thenetwork server 114 within a time out period determined by thestep 3014. Each time it is determined that the connection has not yet been established, the user is prompted to interface thePocket Vault 102 with theinterface unit 302 and to connect theinterface unit 302 to the interface station computer304 (e.g., using a USB cable). - When, during the steps3010-3016, it is determined that a connection has not been established between the
Pocket Vault 102 and the website in a timely manner, the routine1422 proceeds to astep 3026, wherein a message is displayed to the user regarding the unsuccessful communication attempt between thePocket Vault 102 and the website on thenetwork server 114. - After the
step 3026, the routine1422 terminates. - When, during the steps3010-3016, it is determined that a connection has been successfully established between the
Pocket Vault 102 and the website on thenetwork server 114, the routine1422 proceeds to astep 3018, wherein it is determined whether thePocket Vault 102 has been validated, e.g., whether a holder's fingerprints and a PKI certificate are stored therein. The website may, for example, make this determination based upon the messages exchanged during the handshaking protocol engaged in between thePocket Vault 102 and thenetwork server 114. - When, at the
step 3018, it is determined that thePocket Vault 102 has not yet been validated, the routine1422 proceeds to a NEW POCKET VAULT HOLDER routine3020, which is discussed below in connection withFIG. 32 . - When, at the
step 3018, it is determined that thePocket Vault 102 has already been validated, the routine1422 proceeds to an EXISTING POCKETVAULT HOLDER routine 3024, which is discussed below in connection withFIG. 33 . - After completion of the EXISTING POCKET
VAULT HOLDER routine 3024, the routine1422 terminates. - After completion of the NEW POCKET VAULT HOLDER routine3020, the routine1422 proceeds to a
step 3022, wherein it is determined whether a new holder was successfully validated. - When, at the
step 3022, it is determined that a new holder was successfully validated, the routine1422 proceeds to the EXISTING POCKET VAULT HOLDER routine3024 (discussed above). - When, at the
step 3022, it is determined that a new holder was not successfully validated, the routine1422 terminates. FIG. 31 is a flow diagram illustrating an example implementation of the INSTALL DRIVER(S) routine3006 shown inFIG. 30 .- As shown, the routine3006 begins at a
step 3102, wherein thenecessary communication drivers 2712 are downloaded from another computer, e.g., a website on the World Wide Web. - After the
step 3102, the routine3006 proceeds to steps3104-3108, wherein thenecessary communication drivers 2712 are installed on theinterface station computer 304 and registered withnetwork server 114, and the preferences for thecommunication drivers 2712 are set either automatically or in response to user input. During thestep 3106, thecommunication driver 2712 may communicate with thenetwork server 114 in order to register itself and its attributes. Among these attributes can be such things as a unique identifier for theinterface station computer 304 on which that driver is installed, the identity of the user registering it, and other such items. The preferences that may be set by the user during thestep 3108 may, for example, include information such as how and where to access theinternet settings 2722, how many attempts at connection should be performed, etc. - After the
step 3108, the routine3006 terminates. FIG. 32 is a flow diagram illustrating an example implementation of the NEW POCKET VAULT HOLDER routine3020 shown inFIG. 30 .- As shown, the routine3020 begins at a
step 3202, wherein it is determined whether the new holder has indicated that he or she has already established an account with the website on thenetwork server 114. - When, at the
step 3202, it is determined that the new holder has not indicated the existence of a previously-established account, the routine3020 proceeds to astep 3204, wherein a new account is established on the website on thenetwork server 114 in response to user input to a browser running on theinterface station computer 304. - After the
step 3204, the routine3020 proceeds to astep 3206, wherein the new holder is prompted to apply his or her fingerprint to thefingerprint scanner 220 while thePocket Vault 102 is interfaced with theinterface unit 302. The user is further prompted to follow the directions on thePocket Vault 102. As discussed above in connection withFIGS. 7 and 8 , when a fingerprint is applied to afingerprint scanner 220 of an un-validated device, the user is instructed by the Pocket Vault to apply six finger prints (three from one finger on the left hand and three from one finger on the right hand) sequentially to thefingerprint scanner 220, waiting for a beep each time. As discussed in connection withFIG. 8 , after the new holder has completed this task, an encrypted message including the Pocket Vault ID may be released from the Pocket Vault to theinterface unit 302. Because of the established connection between thePocket Vault 102 and the website on thenetwork server 114, this encrypted message should reach the website. And, in response to receiving this encrypted message, the website should release encrypted validation information (e.g., a PKI certificate) back to thePocket Vault 102 via the established connection. - After the
step 3206, the routine3020 proceeds to steps3208-3210, wherein it is determined whether thePocket Vault 102 has released the encrypted message including the Pocket Vault ID to the website before a timeout period has elapsed. - When, at the
step 3210, it is determined that the timeout period elapsed before the encrypted message including the Pocket Vault ID was released to the website, the routine3020 proceeds to astep 3220, wherein a message is displayed to the user concerning the unsuccessful attempt to validate the Pocket Vault holder. - After the
step 3220, the routine3020 terminates. - When, at the steps3208-3210, it is determined the
Pocket Vault 102 has released the encrypted message including the Pocket Vault ID to the website before the timeout period elapsed, the routine3020 proceeds to astep 3212, wherein it is determined whether the website has released the encrypted validation information (e.g., a PKI Certificate) to thePocket Vault 102. - When, at the
step 3210, it is determined that the timeout period elapsed before the website released the encrypted validation information (e.g., a PKI Certificate) to thePocket Vault 102, the routine3020 proceeds to the step3220 (discussed above). - When, at the
step 3210, it is determined that the website released the encrypted validation information (e.g., a PKI Certificate) to thePocket Vault 102 before the timeout period elapsed, the routine3020 proceeds to astep 3216, wherein a message is displayed to the user concerning the successful validation of the new Pocket Vault holder. - After the
step 3216, the routine3020 terminates. - When, at the
step 3202, it is determined that the new holder has indicated the existence of a previously-established account, the routine3020 proceeds to astep 3218, wherein a check is made to verify the holder's identity. The holder may, for example, be required to enter personal information, such as name, contact information, and security information to verify his or her identity. - When, at the
step 3218, it is determined that the holder has successfully verified his or her identity, the routine3020 proceeds to the step3206 (discussed above), with the holder's previously-stored account information being used for thenew Pocket Vault 102. - When, at the
step 3218, it is determined that the holder has not successfully verified his or her identity, the routine3020 proceeds to the step3220 (discussed above). FIG. 33 is a flow diagram illustrating an example implementation of the EXISTING POCKET VAULT HOLDER routine3024 shown inFIG. 30 .- As shown, the routine3024 begins at a
step 3302, wherein it is determined whether thePocket Vault 102 has been authenticated, e.g., whether thePocket Vault 102 has determined that a fingerprint applied to thefingerprint scanner 220 matches one of the fingerprints stored in the fingerprint memory of thePocket Vault 102. This authentication procedure may operate as described above in connection with the step712 (FIG. 7 ), or an additional or different routine may be employed (e.g., as part of thesecurity module 2812 described above in connection withFIG. 28 ) to determine whether the holder has successfully authenticated his or her identity, thereby enabling thenetwork server 114 to establish a “trust” relationship with thePocket Vault 102. - When, at the
step 3302, it is determined that thePocket Vault 102 has not been properly authenticated, the routine3024 proceeds to astep 3304, wherein the holder is prompted to apply his or her fingerprint to thefingerprint scanner 220 of thePocket Vault 102 while thePocket Vault 102 is interfaced with theinterface unit 302, i.e., while keeping the connection established between thePocket Vault 102 and the website on thenetwork server 114. - As shown, the
step 3306 determines whether thePocket Vault 102 has been properly authenticated prior to the expiration of a timeout period. - When, at the
step 3306, it is determined that the timeout period elapsed before thePocket Vault 102 was authenticated, the routine3024 proceeds to astep 3308, wherein a message is displayed indicating that the authentication attempt was unsuccessful. - After the
step 3308, the routine3024 terminates. - When, at the
step 3302, it is determined that thePocket Vault 102 has been properly authenticated, the routine3024 proceeds to astep 3310, wherein thecommunication driver 2712 causes theinternet settings 2722 of theinterface station computer 304 to be adjusted to reflect certain internet settings stored in thePocket Vault 102, e.g., by the internetsettings management module 2806. In this manner, the internet settings of thePocket Vault 102 may be “ported” to theinterface station computer 304 so that the browser operating on theinterface station computer 304 may take advantage of those settings while thePocket Vault 102 is connected to the website on thenetwork server 114 via thecommunication driver 2712. The internet settings of thePocket Vault 102 that may be ported to theinterface station computer 304 in this manner may comprise, for example, the network name and identification of thePocket Vault 102, an identification of communications protocols used to connect to thenetwork 2724, network preferences, such as whether any proxy servers may or should be used, a list of frequently-used servers, cookies previously obtained from various websites, digital certificates, personal bookmarks, user identity data, user password data for various servers, etc. - The internet settings on the
Pocket Vault 102, and porting of the same to theinterface station computer 304, may be managed, for example, by one or more modules of the control software, e.g., the internetsettings management module 2806. In one embodiment, the user may elect which internet settings are to be ported to theinterface station computer 304 during thestep 3310. This functionality may be accomplished, for example, during a SET PREFERENCES routine3324 (described below in connection withFIG. 39 ). - After the
step 3310, the routine3024 proceeds to astep 3312, wherein it is determined whether one of several “functions” has been selected. In the illustrative embodiment shown, the seven available functions are: (1) CARD LOADING (see CARD LOADING routine3314—discussed below in connection withFIG. 34 ), (2) SYNCHRONIZATION (seeSYNCHRONIZATION routine 3316—discussed below in connection withFIG. 35 ), (3) RECOVERY (seeRECOVERY routine 3318—discussed below in connection withFIG. 36 ), (4) IDENTITY PORTING OPTIONS (see IDENTITY PORTING OPTIONS routine3320—discussed below in connection withFIG. 337 ), (5) BACKUP (seeBACKUP routine 3322—discussed below in connection withFIG. 38 ), (6) SET PREFERENCES (see SET PREFERENCES routine3324—discussed below in connection withFIG. 39 ), AND (7) TERMINATE SESSION (see step3326). It should be appreciated that the invention is not limited to the specific functions shown, and that additional, different or fewer functions may be employed. - It should further be appreciated that some or all of the illustrated functions, or operations relating to such functions, may be initiated automatically or may require user initiation, depending on the setting of preferences. For example, the
SYNCHRONIZATION routine 3316 may be initiated automatically after completion of thestep 3310, if preferences so indicate. Alternatively, certain steps required to accomplish synchronization of thePocket Vault 102 and the website on thenetwork server 114 may be taken, without actually completing the synchronization. For example, thesynchronization module 2808 of thecontrol software 2708 may automatically initiate a comparison of the contents of thePocket Vault 102 and the website to determine what data should be transferred if synchronization is initiated. Software on thenetwork server 114 may also or alternatively perform a similar comparison function automatically, if so desired. - Moreover, it should be understood that, in some embodiments, some of the above-noted functions may be performed without first requiring a
Pocket Vault 102 to be authenticated. For example, some functions may involve the transfer of public or non-sensitive data, and may not require protection via theauthentication verification step 3302. - As shown in
FIG. 33 , when any of the above-listed seven functions is selected, either automatically or in response to user input, the selected function is performed. For each offunctions step 3332, wherein it is determined whether the connection between thePocket Vault 102 and the website on thenetwork server 114 is still established. - When, at the
step 3332, it is determined that the connection between thePocket Vault 102 and the website on thenetwork server 114 is still established, the routine3024 returns to the step3312 (discussed above). - When, at the
step 3332, it is determined that the connection between thePocket Vault 102 and the website on thenetwork server 114 is no longer established, the routine3024 proceeds to astep 3327, wherein some or all of theinternet settings 2722 are ported from theinterface station computer 304 to thePocket Vault 102. The communication driver3712 may cause the settings to be ported directly to thePocket Vault 102 from the interface station computer304 (via the interface unit302), or the settings may be transferred first to thenetwork server 114 and then to the Pocket Vault102 (via the connection between thenetwork server 114 and the Pocket Vault102). In some embodiments, only certain types or classes of settings, e.g., certain type of cookies, PKI certificates, etc., are ported from theinterface station computer 304 to thePocket Vault 102 in this manner. The classes or types of settings that are ported during thestep 3327 may, for example, be determined by the user in some embodiments. For example, the user may set certain preferences, e.g., during the SET PREFERENCES routine3324 or by manipulating thePocket Vault 102 directly, that control the nature and type of internet settings that are ported to thePocket Vault 102 from theinterface station computer 304 during thestep 3327. - After the
step 3327, the routine3024 proceeds to astep 3328, wherein thecommunication driver 2712 causes theinternet settings 2722 on theinterface station computer 304 to return to their original state, i.e., the configuration theinternet settings 2712 were in before they were altered in thestep 3310. - After the
step 3328, the routine3024 proceeds to astep 3330, wherein any cached web pages or other information temporarily stored in theinterface station computer 304 during the communication session between thePocket Vault 102 and the website on thenetwork server 114 are deleted from cache and other memory in theinterface station computer 304. Thus, after completion of thestep 3330, theinterface station computer 304 is in essentially the same state it was in prior to the beginning of the routine1422. Thecommunication driver 2712 may remain on theinterface station computer 304 or may be deleted in connection with thestep 3330. If thecommunication driver 2712 is kept on theinterface station computer 304, any cache or other memory associated with it that might store personal or sensitive information may also be erased. In some embodiments, thecommunication driver 2712 caches or stores very little, if any, information that is passed between thePocket Vault 102 and the website on thenetwork server 114. In any event, thecommunication driver 2712 may be constructed such that no useful data, i.e., data that reflects any personal or sensitive information, remains on it after completion of thestep 3330. - When, at the
step 3312, the holder chooses the TERMINATE SESSION function, the connection between thePocket Vault 102 and the website on thenetwork server 114 is de-established, and the routine3024 proceeds immediately to thesteps - After the
step 3330, the routine3024 terminates. FIG. 34 is a flow diagram illustrating an example implementation of the CARD LOADING routine3314 shown inFIG. 33 .- As shown, the routine3314 begins at a
step 3402, wherein a determination is made as to whether the card desired to be loaded is “swipeable.” The user may, for example, be prompted to indicate whether the card has an operational magnetic stripe disposed thereon. - When, at the
step 3402, the user indicates that the card does not have an operational magnetic stripe, the routine3314 proceeds to astep 3406, wherein the user is prompted (e.g., via the browser on the interface station computer304) to input information to be used in creating a card account. - When, at the
step 3402, the user indicates that the card does have an operational magnetic stripe, the routine3314 proceeds to thestep 3410, wherein the user is prompted to swipe the card through thestripe reader 315 of theinterface unit 302. - After the
step 3406, the routine3314 proceeds tosteps 3408 and3409, wherein it is determined whether theinterface station computer 304 has received the information from a card swiped through thestripe reader 315 of theinterface unit 302 prior to the expiration of a timeout period. - When, at the
step 3409, it is determined that the timeout period elapsed before information from a swiped card was received, the routine3314 proceeds to astep 3411, wherein a message is displayed to the user concerning the failure to properly read the magnetic stripe. - After the
step 3411, the routine3314 returns to the step3402 (discussed above). Thus, when a user is unsuccessful in swiping a card one or more times, the user may determine that the magnetic stripe is non-operational, and may indicate at thestep 3402 that the card is not swipeable. The user may thereafter create an account for the card manually at the step3410 (discussed above). - After the
step 3410, the routine proceeds to astep 3412, wherein the website on thenetwork server 114 determines whether the account for the card is valid. This determination may be made, for example, by confirming that the card is owned by the person attempting to add it to his or herPocket Vault 102, that the card has not expired, etc. - When, at the step3408, it is determined that information from the swiped card has been received prior to the expiration of the timeout period, the routine3314 proceeds to the step3412 (discussed above), wherein a determination is made as the validity of the account based upon the information read by the
stripe reader 315. - When, at the
step 3412, a determination is made that the account the user has requested to be added to thePocket Vault 102 is not valid, the routine3314 proceeds to astep 3414 wherein appropriate security precautions are taken. - After the
step 3414, the routine3314 terminates. - When, at the
step 3412, a determination is made that the account the user has requested to be added to thePocket Vault 102 is valid, the routine3314 proceeds to astep 3416, wherein the information for the card is downloaded from the website on thenetwork server 114 to thePocket Vault 102 via thecommunication driver 2712. - After the
step 3416, the routine3314 proceeds to astep 3418, wherein a message is displayed that indicates the card has been successfully loaded onto thePocket Vault 102 for use in future transactions. - After the
step 3418, the routine3314 terminates. FIG. 35 is a flow diagram illustrating an example implementation of theSYNCHRONIZATION routine 3316 shown inFIG. 33 .- As shown, the routine3316 begins at a
step 3502, wherein certain parameters required to synchronize thePocket Vault 102 to the website on thenetwork server 114 are determined based upon user preferences and the ID of thePocket Vault 102. For example, if a holder has two or more Pocket Vaults102, the holder may wish to elect one of them to be a master for synchronization purposes, or the holder may even elect to have the website act as the master. When a holder has more than onePocket Vault 102, the holder also may desire to be prompted to select either the current date or the date of the last synchronization as the basis for the synchronization operation. - After the
step 3502, the routine3316 proceeds to astep 3504, wherein the website on thenetwork server 114 generates sets of current data to transfer to thePocket Vault 102. The website may, for example, compare its current data to the data stored on thePocket Vault 102 so as to identify any data it needs to receive from thePocket Vault 102 to properly synchronize therewith. - After the
step 3504, the routine3316 proceeds tosteps Pocket Vault 102 has indicated that it is ready to synchronize prior the expiration of a timeout period (measured by the step3508). ThePocket Vault 102 may, for example, also be performing a similar comparison (e.g., using the synchronization module2808) between its data and the data stored on the website of the network server to determine what data it needs to receive from the website to properly synchronize therewith. - When at the
step 3508, it is determined that the timeout period has elapsed before thePocket Vault 102 had indicated its readiness to synchronize, the routine3316 proceeds to astep 3510, wherein a message is generated indicating the attempt to synchronize thePocket Vault 102 with the website on thenetwork server 114 has failed. - After the
step 3510, the routine3316 terminates. - When at the
step 3506, it is determined that thePocket Vault 102 has indicated its readiness to synchronize with the website prior to the expiration of the timeout period, the routine3316 proceeds to astep 3512, wherein accumulated synchronization data is transferred from the website to thePocket Vault 102, and vice versa, via thecommunication driver 2712. - After the
step 3512, the routine3316 proceeds to astep 3516, wherein the date of the successful synchronization is stored in both thePocket Vault 102 and thenetwork server 114. - After the
step 3516, the routine3316 proceeds to astep 3518, wherein a message is generated indicating that thePocket Vault 102 has been successfully synchronized with the website on thenetwork server 114. - After the
step 3518, the routine3316 terminates. FIG. 36 is a flow diagram illustrating an example implementation of theRECOVERY routine 3318 shown inFIG. 33 .- As shown, the routine3318 begins at a
step 3602, wherein the website on thenetwork server 114 compiles all data necessary to recover thePocket Vault 102 to its state as of the last time its contents were synchronized with the website of the network server114 (e.g., using the routine3316—described above) or backed up on the website of the network server114 (e.g., using routine3322—described below). - After the
step 3602, the routine3318 proceeds to step3604, wherein the data compile in thestep 3602 is downloaded from the website on thenetwork server 114 to thePocket Vault 102 via thecommunication driver 2712, and a determination is made as to where that downloading has completed prior to the expiration of a timeout period measured at thestep 3606. - When, at the
step 3606, it is determined that the timeout period elapsed prior to the downloading being completed, the routine3318 proceeds to astep 3608, wherein a message is generated indicating that the attempted recovery was unsuccessful. - After the
step 3606, the routine3318 terminates. - When, at the
step 3606, it is determined that the downloading was completed in a timely manner, the routine3318 proceeds to astep 3610, wherein a message is generated indicating that the attempted recovery of data to thePocket Vault 102 was successful. - After the
step 3610, the routine3318 terminates. FIG. 37 is a flow diagram illustrating an example implementation of the IDENTITY PORTING SELECTION routine3320 shown inFIG. 33 .- As shown, the routine3320 begins at a
step 3702, wherein theinternet settings 2722 from theinterface station computer 304 are downloaded from theinterface station computer 304 to the website on thenetwork server 114. - After the
step 3702, the routine3320 proceeds to astep 3704, wherein the website on thenetwork server 114 compiles and displays the downloaded internet settings to the user via the browser on theinterface station computer 304. The settings may be displayed to the user in any of a number of ways. Preferably, the settings are displayed in a manner that enables the user to readily distinguish between various classes of settings, and that permits the user to readily identify the purpose of each type of setting. In some embodiments, only a subset of the all of the internet settings2722 (e.g., only settings such as cookies and PKI certificates) are transferred to the website for possible modification by the user. - After the
step 3704, the routine3320 proceeds tosteps internet settings 2722, while choosing to discard others. - When at the
step 3708, the user has indicated that he or she has completed any modifications of the retrievedinternet settings 2722, the routine3320 proceeds to astep 3710, wherein the modified internet settings are downloaded from the website on thenetwork server 114 to thePocket Vault 102 via thecommunication driver 2712. - After the
step 3710, the routine3320 terminates. - When at the
step 3706, it is determined that the user did not elect to modify any settings, the routine3320 terminates. FIG. 38 is a flow diagram illustrating an example implementation of theBACKUP routine 3322 shown inFIG. 33 .- As shown, the routine3322 begins at a
step 3802, wherein the website on thenetwork server 114 transmits a request to thePocket Vault 102 via thecommunication driver 2712, asking thePocket Vault 102 to send the website backup data. This backup data may, for example, constitute all data necessary to place thePocket Vault 102 back into its present state if any portion of data on thePocket Vault 102 was lost, or to place anew Pocket Vault 102 into the same state as the backed up Pocket Vault102 (e.g., using theRECOVERY routine 3318—discussed above). - After the
step 3802, the routine3322 proceeds to steps3804-3806, wherein it is determined whether the requested backup data has been successfully transferred from thePocket Vault 102 to the website on thenetwork server 114 before the expiration of a timeout period (measured by the step3806). - When, at the
step 3806, it is determined that the timeout period elapsed prior to the backup data being successfully transferred, the routine3322 proceeds to astep 3808, wherein a message is displayed (e.g., via the browser on the interface station computer304) informing the user that a communication error has occurred and that the backup operation was unsuccessful. - After the
step 3808, the routine3322 terminates. - When, at the
step 3804, the routine3322 determined that, before the timeout period, the backup data has been successfully transferred from thePocket Vault 102 to the website on thenetwork server 114 via thecommunication driver 2712, the routine3322 proceeds to astep 3810, wherein the received backup data is stored by thenetwork server 114, e.g., for use in connection with theRECOVERY routine 3318. - After the
step 3310, the routine3322 proceeds to astep 3812, wherein a message is displayed (e.g., via the browser on the interface station computer304) informing the user that the backup operation was successfully completed. - After the
step 3312, the routine3322 terminates. FIG. 39 is a flow diagram illustrating an example implementation of the SET PREFERENCES routine3324 shown inFIG. 33 . The SET PREFERENCES routine3324 permits the holder to set or alter preferences on his or herPocket Vault 102 using a browser on theinterface station computer 104.- As shown, the routine3324 begins at a
step 3902, wherein the website on thenetwork server 114 transmits a request to thePocket Vault 102 via thecommunication driver 2712, requesting thePocket Vault 102 to transmit all “preferences” information stored on thePocket Vault 102 to the website on thenetwork server 114 via thecommunication driver 2712. This information may, for example, comprise definitions of home pages, connection of secure and non-secure media, order of media presentment, sort orders, user interface options, synchronization defaults, etc. - After the
step 3902, the routine3324 proceeds tosteps Pocket Vault 102 prior to the expiration of a timeout period (measured by the step3906). - When, at the
step 3906, it is determined that the timeout period elapsed before the preferences information was transferred from thePocket Vault 102 to the website, the routine3324 proceeds to astep 3908, wherein a message is displayed (e.g., on the browser) indicating that a communication error has occurred. - After the
step 3908, the routine3324 terminates. - When, at the
step 3904, it is determined that the preferences information has been successfully transferred from thePocket Vault 102 to the website on thenetwork server 114, the routine3324 proceeds to astep 3910, wherein the website compiles and displays the current preference settings for the Pocket Vault102 (e.g., on the browser) in a user friendly manner. - After the
step 3910, the routine3324 proceeds tosteps - When, at the
step 3912, the user opts not to modify any of the displayed settings, the routine3324 terminates. - When, at the
steps step 3916, wherein the modified preference settings are downloaded from the website on thenetwork server 114 to thePocket Vault 102 via thecommunication driver 2712. - After the
step 3918, a message is displayed (e.g., via the browser on the interface station computer304) informing the user that the preference settings for thePocket Vault 102 were successfully modified. - After the
step 3918, the routine3324 terminates. - One illustrative example of an application of the network system described herein is in the distribution of building access key cards and similar limited-use, time-sensitive media to individual operators. The following typical scenario involves distribution of hotel room key cards to hotel guests who make room reservations over the Internet. Using a hotel's secure web site, the prospective guest, who is also a Pocket Vault holder, may secure a room for a specific time period by providing a credit card number. This step may or may not involve use of a credit card stored on the
Pocket Vault 102. If it does involve use of a Pocket Vault credit card, this card may, for example, be accessed while thePocket Vault 102 is interfaced with the holder's personal interface station104b. Next, the prospective hotel guest may link to the network server114 (while staying within the hotel's website), and follow on-screen instructions for downloading the key card for his/her room onto the Pocket Vault102 (e.g., to ensure that thePocket Vault 102 is interfaced with the pocketvault interface unit 302, and to ensure that the Pocket Vault holder has activated thePocket Vault 102 by the appropriate security mechanism such as a thumbprint for bio-metric ID verification). After downloading is complete, thedisplay 216 of thePocket Vault 102 may include an icon for the hotel room key (e.g., the hotel's logo), along with the icons for media previously loaded. When the room key card icon is selected, thePocket Vault 102 may encode the Chameleon Card with the magnetic stripe coding to unlock the guest's hotel room. - After the time period of the guest's room reservation has expired, the
Pocket Vault 102 may automatically delete the room key icon. This deletion may occur for the convenience of the Pocket Vault holder, not necessarily for hotel security reasons, since the room's lock will reject any previously-used key card (Chameleon or traditional key card) after the key card's specified time period has expired. - Having thus described at least one illustrative embodiment of the invention, various alterations, modifications and improvements will readily occur to those skilled in the art. Such alterations, modifications and improvements are intended to be within the spirit and scope of the invention. Accordingly, the foregoing description is by way of example only and is not intended as limiting. The invention is limited only as defined in the following claims and the equivalents thereto.
Claims (23)
1. A method for altering Internet settings on a computer to correspond to settings on an electronic device distinct from the computer, comprising steps of:
(A) with the electronic device, authenticating an identity of a user to determine that the user is authorized to use the electronic device; and
(B) after the electronic device has authenticated the identify of the user, altering the Internet settings on the computer to correspond to settings on the electronic device.
2. The method ofclaim 1 , further comprising a step of:
(C) with the computer, accessing a server based upon the Internet settings on the computer.
3. The method ofclaim 2 , further comprising a step of:
(D) establishing a connection between the electronic device and the server.
4. The method ofclaim 3 , wherein the step (D) includes establishing the connection via a driver included in the computer.
5. The method ofclaim 4 , wherein the step (B) includes, using the driver to update the Internet settings on the computer.
6. The method ofclaim 3 , further comprising steps of:
(E) altering the Internet settings on the computer in response to user input to the computer; and
(F) transferring at least some of the altered Internet settings on the computer to the electronic device before the connection is de-established.
7. The method ofclaim 3 , further comprising a step of:
(E) restoring the Internet settings on the computer to their original state when the connection is de-established.
8. The method ofclaim 1 , wherein the step (A) comprises comparing, with the electronic device, a measured bio-metric parameter of the user with a stored bio-metric parameter of the user.
9. The method ofclaim 1 , wherein the Internet settings comprise at least one of a bookmark list, a web site cookie, an encoding of a user password, and personal user data.
10. A system for altering Internet settings on a computer to correspond to settings on an electronic device distinct from the computer, comprising:
a user authenticator included in the electronic device to authenticate an identity of a user to determine that the user is authorized to use the electronic device; and
means for altering the Internet settings on the computer to correspond to settings on the electronic device after the user authenticator has authenticated the identity of the user.
11. The system ofclaim 10 , further comprising:
means for accessing a server with the computer based upon the Internet settings on the computer.
12. The system ofclaim 11 , further comprising:
means for establishing a connection between the electronic device and the server.
13. The system ofclaim 12 , further comprising:
means for altering the Internet settings on the computer in response to user input to the computer; and
means for transferring at least some of the altered Internet settings on the computer to the electronic device before the connection is de-established.
14. The system ofclaim 12 , further comprising:
means for restoring the Internet settings on the computer to their original state when the connection is de-established.
15. The system ofclaim 11 , wherein the user authenticator includes a bio-metric authenticator.
16. The system ofclaim 11 , wherein the Internet settings comprise at least one of a bookmark list, a web site cookie, an encoding of a user password, and personal user data.
17. A system, comprising:
a computer configured to be operable by a user and including at least one first software module operable to access a server via the Internet based on particular Internet settings;
an electronic device, distinct from the computer, including a user authenticator configured to authenticate an identity of a user to determine that the user is authorized to use the electronic device; and
at least one second software module executable on the system, the at least one second software module being configured to, after the user authenticator has authenticated the identity of the user, cause the Internet settings used by the at least one first software module to correspond to settings on the electronic device.
18. The system ofclaim 17 , further comprising a connection established between the electronic device and the server, and wherein the at least one second software module is further configured to transfer Internet settings used by the at least one first software module to the electronic device before the connection is de-established.
19. The system ofclaim 17 , wherein the at least one second software module is further configured to restore the Internet settings used by the at least one first software module to their original state when the connection is de-established.
20. The system ofclaim 17 , wherein the Internet settings used by the at least one first software module comprise at least one of a bookmark list, a web site cookie, an encoding of a user password, and personal user data.
21. A system, comprising:
an electronic device;
a computer, distinct from the electronic device, configured to be operable by a user, the computer comprising at least one first software module adapted to access a server via the Internet, and further comprising a driver through which a connection can be established between the electronic device and the server; and
at least one second software module executable on the system, the at least one second software module being configured to enable the at least one first software module, in response to commands input to the computer by the user, to communicate commands to the server that cause the server to communicate with the electronic device via the connection so as to cause new information to be added to a memory of the electronic device;
wherein the electronic device is configured to access the new information stored in the memory to perform at least one operation after the connection between the electronic device and the server has been de-established.
22. The system ofclaim 21 , wherein the at least one software module comprises a Web browser and the server comprises a Web server.
23. The system ofclaim 21 , further comprising the electronic device and the server, and wherein the connection is established between the electronic device and the server via the driver.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US10/954,050US20050044044A1 (en) | 2001-10-01 | 2004-09-29 | Portable electronic authorization system and method |
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US09/968,628US7080037B2 (en) | 1999-09-28 | 2001-10-01 | Portable electronic authorization system and method |
| US10/954,050US20050044044A1 (en) | 2001-10-01 | 2004-09-29 | Portable electronic authorization system and method |
Related Parent Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| US09/968,628DivisionUS7080037B2 (en) | 1999-09-28 | 2001-10-01 | Portable electronic authorization system and method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| US20050044044A1true US20050044044A1 (en) | 2005-02-24 |
Family
ID=25514523
Family Applications (2)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| US09/968,628Expired - LifetimeUS7080037B2 (en) | 1999-09-28 | 2001-10-01 | Portable electronic authorization system and method |
| US10/954,050AbandonedUS20050044044A1 (en) | 2001-10-01 | 2004-09-29 | Portable electronic authorization system and method |
Family Applications Before (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| US09/968,628Expired - LifetimeUS7080037B2 (en) | 1999-09-28 | 2001-10-01 | Portable electronic authorization system and method |
Country Status (4)
| Country | Link |
|---|---|
| US (2) | US7080037B2 (en) |
| EP (1) | EP1436683A2 (en) |
| CA (1) | CA2462278A1 (en) |
| WO (1) | WO2003029942A2 (en) |
Cited By (36)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20050269402A1 (en)* | 2004-06-03 | 2005-12-08 | Tyfone, Inc. | System and method for securing financial transactions |
| US20050269401A1 (en)* | 2004-06-03 | 2005-12-08 | Tyfone, Inc. | System and method for securing financial transactions |
| US20060186209A1 (en)* | 2005-02-22 | 2006-08-24 | Tyfone, Inc. | Electronic transaction card |
| WO2006099892A1 (en)* | 2005-03-25 | 2006-09-28 | 3Dconnexion Holding Sa | Synchronizing settings for manual input devices |
| US20060226217A1 (en)* | 2005-04-07 | 2006-10-12 | Tyfone, Inc. | Sleeve for electronic transaction card |
| US20070016798A1 (en)* | 2005-07-15 | 2007-01-18 | Narendra Siva G | Asymmetric cryptography with user authentication |
| US20070014408A1 (en)* | 2005-07-15 | 2007-01-18 | Tyfone, Inc. | Hybrid symmetric/asymmetric cryptography with user authentication |
| US20070014407A1 (en)* | 2005-07-15 | 2007-01-18 | Tyfone, Inc. | Symmetric cryptography with user authentication |
| US20070131759A1 (en)* | 2005-12-14 | 2007-06-14 | Cox Mark A | Smartcard and magnetic stripe emulator with biometric authentication |
| US20080091944A1 (en)* | 2006-10-17 | 2008-04-17 | Von Mueller Clay W | Batch settlement transactions system and method |
| US20080126260A1 (en)* | 2006-07-12 | 2008-05-29 | Cox Mark A | Point Of Sale Transaction Device With Magnetic Stripe Emulator And Biometric Authentication |
| US20080189214A1 (en)* | 2006-10-17 | 2008-08-07 | Clay Von Mueller | Pin block replacement |
| US20080244208A1 (en)* | 2007-03-30 | 2008-10-02 | Narendra Siva G | Memory card hidden command protocol |
| US20080288403A1 (en)* | 2007-05-18 | 2008-11-20 | Clay Von Mueller | Pin encryption device security |
| US20090006985A1 (en)* | 2007-06-29 | 2009-01-01 | Fong Spencer W | Using interactive scripts to facilitate web-based aggregation |
| US20090152361A1 (en)* | 2007-12-14 | 2009-06-18 | Narendra Siva G | Memory card based contactless devices |
| US20090228714A1 (en)* | 2004-11-18 | 2009-09-10 | Biogy, Inc. | Secure mobile device with online vault |
| US20100033310A1 (en)* | 2008-08-08 | 2010-02-11 | Narendra Siva G | Power negotation for small rfid card |
| US7725726B2 (en) | 1996-02-15 | 2010-05-25 | Semtek Innovative Solutions Corporation | Method and apparatus for securing and authenticating encoded data and documents containing such data |
| US7740173B2 (en) | 2004-09-07 | 2010-06-22 | Semtek Innovative Solutions Corporation | Transparently securing transactional data |
| US20100213265A1 (en)* | 2009-02-24 | 2010-08-26 | Tyfone, Inc. | Contactless device with miniaturized antenna |
| US7961101B2 (en) | 2008-08-08 | 2011-06-14 | Tyfone, Inc. | Small RFID card with integrated inductive element |
| US20110171996A1 (en)* | 2008-08-08 | 2011-07-14 | Tyfone, Inc. | Smartcard performance enhancement circuits and systems |
| US7991158B2 (en) | 2006-12-13 | 2011-08-02 | Tyfone, Inc. | Secure messaging |
| US8144940B2 (en) | 2008-08-07 | 2012-03-27 | Clay Von Mueller | System and method for authentication of data |
| US8251283B1 (en) | 2009-05-08 | 2012-08-28 | Oberon Labs, LLC | Token authentication using spatial characteristics |
| US8355982B2 (en) | 2007-08-16 | 2013-01-15 | Verifone, Inc. | Metrics systems and methods for token transactions |
| US9235697B2 (en) | 2012-03-05 | 2016-01-12 | Biogy, Inc. | One-time passcodes with asymmetric keys |
| US9275218B1 (en) | 2012-09-12 | 2016-03-01 | Emc Corporation | Methods and apparatus for verification of a user at a first device based on input received from a second device |
| US9280645B1 (en) | 2012-11-15 | 2016-03-08 | Emc Corporation | Local and remote verification |
| US9294474B1 (en) | 2012-11-15 | 2016-03-22 | Emc Corporation | Verification based on input comprising captured images, captured audio and tracked eye movement |
| US9323911B1 (en) | 2012-11-15 | 2016-04-26 | Emc Corporation | Verifying requests to remove applications from a device |
| US9361617B2 (en) | 2008-06-17 | 2016-06-07 | Verifone, Inc. | Variable-length cipher system and method |
| WO2018009491A1 (en)* | 2016-07-06 | 2018-01-11 | Alibaba Group Holding Limited | Systems and methods for connecting disparate computing devices via standard interfaces and direct network connections |
| US10268843B2 (en) | 2011-12-06 | 2019-04-23 | AEMEA Inc. | Non-deterministic secure active element machine |
| US12147863B2 (en) | 2008-08-08 | 2024-11-19 | Icashe, Inc. | Method and apparatus for transmitting data via NFC for mobile applications including mobile payments and ticketing |
Families Citing this family (124)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8225089B2 (en) | 1996-12-04 | 2012-07-17 | Otomaku Properties Ltd., L.L.C. | Electronic transaction systems utilizing a PEAD and a private key |
| US7889052B2 (en) | 2001-07-10 | 2011-02-15 | Xatra Fund Mx, Llc | Authorizing payment subsequent to RF transactions |
| US7340439B2 (en) | 1999-09-28 | 2008-03-04 | Chameleon Network Inc. | Portable electronic authorization system and method |
| US7080037B2 (en) | 1999-09-28 | 2006-07-18 | Chameleon Network Inc. | Portable electronic authorization system and method |
| WO2001024123A1 (en) | 1999-09-28 | 2001-04-05 | Chameleon Network Inc. | Portable electronic authorization system and associated method |
| US7742967B1 (en)* | 1999-10-01 | 2010-06-22 | Cardinalcommerce Corporation | Secure and efficient payment processing system |
| US9430769B2 (en) | 1999-10-01 | 2016-08-30 | Cardinalcommerce Corporation | Secure and efficient payment processing system |
| US7373372B1 (en)* | 2000-09-08 | 2008-05-13 | International Business Machines Corporation | Method for accrediting event participants |
| WO2002025459A1 (en)* | 2000-09-20 | 2002-03-28 | Sony Corporation | Distribution system and distribution method |
| US7353014B2 (en)* | 2000-10-31 | 2008-04-01 | Vijay Raghavan Chetty | Universal portable unit |
| US7125335B2 (en)* | 2000-12-08 | 2006-10-24 | Igt | Casino gambling system with biometric access control |
| US7725427B2 (en) | 2001-05-25 | 2010-05-25 | Fred Bishop | Recurrent billing maintenance with radio frequency payment devices |
| US7668750B2 (en) | 2001-07-10 | 2010-02-23 | David S Bonalle | Securing RF transactions using a transactions counter |
| US7705732B2 (en) | 2001-07-10 | 2010-04-27 | Fred Bishop | Authenticating an RF transaction using a transaction counter |
| US8548927B2 (en) | 2001-07-10 | 2013-10-01 | Xatra Fund Mx, Llc | Biometric registration for facilitating an RF transaction |
| US20040236699A1 (en) | 2001-07-10 | 2004-11-25 | American Express Travel Related Services Company, Inc. | Method and system for hand geometry recognition biometrics on a fob |
| US8279042B2 (en) | 2001-07-10 | 2012-10-02 | Xatra Fund Mx, Llc | Iris scan biometrics on a payment device |
| US9031880B2 (en) | 2001-07-10 | 2015-05-12 | Iii Holdings 1, Llc | Systems and methods for non-traditional payment using biometric data |
| US8001054B1 (en) | 2001-07-10 | 2011-08-16 | American Express Travel Related Services Company, Inc. | System and method for generating an unpredictable number using a seeded algorithm |
| US9454752B2 (en) | 2001-07-10 | 2016-09-27 | Chartoleaux Kg Limited Liability Company | Reload protocol at a transaction processing entity |
| US7735725B1 (en) | 2001-07-10 | 2010-06-15 | Fred Bishop | Processing an RF transaction using a routing number |
| US7543738B1 (en) | 2001-07-10 | 2009-06-09 | American Express Travel Related Services Company, Inc. | System and method for secure transactions manageable by a transaction account provider |
| US7249112B2 (en) | 2002-07-09 | 2007-07-24 | American Express Travel Related Services Company, Inc. | System and method for assigning a funding source for a radio frequency identification device |
| US9024719B1 (en) | 2001-07-10 | 2015-05-05 | Xatra Fund Mx, Llc | RF transaction system and method for storing user personal data |
| US20030046420A1 (en)* | 2001-08-28 | 2003-03-06 | International Business Machines Corporation | Media service e-utility |
| US7904392B2 (en)* | 2001-10-25 | 2011-03-08 | Panasonic Corporation | Content usage rule management system |
| NZ534192A (en)* | 2001-12-25 | 2005-05-27 | Ntt Docomo Inc | Device and method for restricting content access and storage |
| US20060195402A1 (en)* | 2002-02-27 | 2006-08-31 | Imagineer Software, Inc. | Secure data transmission using undiscoverable or black data |
| WO2003081519A2 (en)* | 2002-03-19 | 2003-10-02 | Chameleon Network Inc. | Portable electronic authorization system and method |
| US8140635B2 (en) | 2005-03-31 | 2012-03-20 | Tripwire, Inc. | Data processing environment change management methods and apparatuses |
| US7822724B2 (en)* | 2002-07-03 | 2010-10-26 | Tripwire, Inc. | Change audit method, apparatus and system |
| US20040046018A1 (en)* | 2002-09-05 | 2004-03-11 | Ellenby Technologies, Inc. | System and method for electronic lock access |
| US6805287B2 (en) | 2002-09-12 | 2004-10-19 | American Express Travel Related Services Company, Inc. | System and method for converting a stored value card to a credit card |
| US20080133933A1 (en)* | 2002-09-24 | 2008-06-05 | Bender Steven L | Key sequence rhythm recognition system and method |
| US20040073688A1 (en)* | 2002-09-30 | 2004-04-15 | Sampson Scott E. | Electronic payment validation using Transaction Authorization Tokens |
| CN100543714C (en)* | 2002-09-30 | 2009-09-23 | 斯科特·桑普森 | Communication management using token action logs |
| US20060168089A1 (en)* | 2002-09-30 | 2006-07-27 | Sampson Scott E | Controlling incoming communication by issuing tokens |
| US6804687B2 (en)* | 2002-09-30 | 2004-10-12 | Scott E. Sampson | File system management with user-definable functional attributes stored in a token action log |
| US7010565B2 (en)* | 2002-09-30 | 2006-03-07 | Sampson Scott E | Communication management using a token action log |
| US8051172B2 (en) | 2002-09-30 | 2011-11-01 | Sampson Scott E | Methods for managing the exchange of communication tokens |
| US20040073432A1 (en)* | 2002-10-15 | 2004-04-15 | Stone Christopher J. | Webpad for the disabled |
| US20040111329A1 (en)* | 2002-12-10 | 2004-06-10 | First Data Corporation | Restricted-use transaction systems |
| GB2396330B (en)* | 2002-12-20 | 2005-05-11 | Motorola Inc | A smartcard |
| US20040139265A1 (en)* | 2003-01-10 | 2004-07-15 | Onset Corporation | Interfacing a battery-powered device to a computer using a bus interface |
| CA2457507A1 (en)* | 2003-02-14 | 2004-08-14 | Jonathan Kepecs | Use of limited identification on point-of-sale systems |
| WO2004102353A2 (en)* | 2003-05-12 | 2004-11-25 | Gtech Rhode Island Corporation | Method and system for authentication |
| CN1820279B (en) | 2003-06-16 | 2012-01-25 | Uru科技公司 | Method and system for creating and operating biometrically enabled multi-purpose credential management devices |
| US20050027991A1 (en)* | 2003-06-23 | 2005-02-03 | Difonzo Joseph | System and method for digital rights management |
| US7519989B2 (en)* | 2003-07-17 | 2009-04-14 | Av Thenex Inc. | Token device that generates and displays one-time passwords and that couples to a computer for inputting or receiving data for generating and outputting one-time passwords and other functions |
| US20050038879A1 (en)* | 2003-08-14 | 2005-02-17 | International Business Machines Corporation | System and method for discovery of remote device driver functionality and interface |
| US7225448B2 (en)* | 2003-08-14 | 2007-05-29 | Lenovo (Singapore) Pte. Ltd. | System and method for hibernating application state data on removable module |
| US7308584B2 (en)* | 2003-08-14 | 2007-12-11 | International Business Machines Corporation | System and method for securing a portable processing module |
| US7740168B2 (en) | 2003-08-18 | 2010-06-22 | Visa U.S.A. Inc. | Method and system for generating a dynamic verification value |
| US7761374B2 (en) | 2003-08-18 | 2010-07-20 | Visa International Service Association | Method and system for generating a dynamic verification value |
| US6817521B1 (en)* | 2003-08-21 | 2004-11-16 | International Business Machines Corporation | Credit card application automation system |
| JP4348173B2 (en)* | 2003-12-17 | 2009-10-21 | 株式会社エヌ・ティ・ティ・ドコモ | Communication terminal |
| US7861006B2 (en) | 2004-03-23 | 2010-12-28 | Mcnulty Scott | Apparatus, method and system for a tunneling client access point |
| EP1747550A2 (en)* | 2004-05-07 | 2007-01-31 | Infinium Labs, Inc. | Multi-position multi-level user interface system |
| US9286457B2 (en) | 2004-06-14 | 2016-03-15 | Rodney Beatson | Method and system for providing password-free, hardware-rooted, ASIC-based authentication of a human to a mobile device using biometrics with a protected, local template to release trusted credentials to relying parties |
| US7314165B2 (en) | 2004-07-01 | 2008-01-01 | American Express Travel Related Services Company, Inc. | Method and system for smellprint recognition biometrics on a smartcard |
| US7318550B2 (en) | 2004-07-01 | 2008-01-15 | American Express Travel Related Services Company, Inc. | Biometric safeguard method for use with a smartcard |
| US7341181B2 (en)* | 2004-07-01 | 2008-03-11 | American Express Travel Related Services Company, Inc. | Method for biometric security using a smartcard |
| US7562218B2 (en)* | 2004-08-17 | 2009-07-14 | Research In Motion Limited | Method, system and device for authenticating a user |
| US7469291B2 (en)* | 2004-09-22 | 2008-12-23 | Research In Motion Limited | Apparatus and method for integrating authentication protocols in the establishment of connections between computing devices |
| US8321269B2 (en)* | 2004-10-26 | 2012-11-27 | Validclick, Inc | Method for performing real-time click fraud detection, prevention and reporting for online advertising |
| US7124937B2 (en) | 2005-01-21 | 2006-10-24 | Visa U.S.A. Inc. | Wireless payment methods and systems |
| US20060178936A1 (en)* | 2005-01-27 | 2006-08-10 | Boxer Doreen C | Electronic device for verifying a user's personal information |
| US7890372B1 (en)* | 2005-01-27 | 2011-02-15 | Boxer Doreen C | Electronic device for verifying a user's personal information and associated method |
| JP2006217369A (en)* | 2005-02-04 | 2006-08-17 | Seiko Epson Corp | Encryption / decryption device, communication controller, and electronic device |
| US20060242306A1 (en)* | 2005-03-18 | 2006-10-26 | Boro Clifford T | Child-oriented computing facilities |
| US20080307339A1 (en) | 2006-03-20 | 2008-12-11 | Kidzui, Inc. | Child-oriented computing system |
| US7721969B2 (en) | 2005-04-21 | 2010-05-25 | Securedpay Solutions, Inc. | Portable handheld device for wireless order entry and real time payment authorization and related methods |
| JP4559943B2 (en)* | 2005-06-24 | 2010-10-13 | 株式会社東芝 | Playlist creation device, playlist creation method, playlist creation program, copyright information management device, and viewing terminal device |
| US9213992B2 (en)* | 2005-07-08 | 2015-12-15 | Microsoft Technology Licensing, Llc | Secure online transactions using a trusted digital identity |
| US8176158B2 (en) | 2005-08-09 | 2012-05-08 | Tripwire, Inc. | Information technology governance and controls methods and apparatuses |
| US10318894B2 (en)* | 2005-08-16 | 2019-06-11 | Tripwire, Inc. | Conformance authority reconciliation |
| US7609837B2 (en)* | 2005-09-01 | 2009-10-27 | Sharp Laboratories Of America, Inc. | System and method for automatic setup of a network device with secure network transmission of setup parameters |
| US7916869B2 (en)* | 2005-09-01 | 2011-03-29 | Sharp Laboratories Of America, Inc. | System and method for automatic setup of a network device with secure network transmission of setup parameters using a standard remote control |
| US7640579B2 (en) | 2005-09-09 | 2009-12-29 | Microsoft Corporation | Securely roaming digital identities |
| US8306918B2 (en)* | 2005-10-11 | 2012-11-06 | Apple Inc. | Use of media storage structure with multiple pieces of content in a content-distribution system |
| US8135385B2 (en)* | 2005-10-13 | 2012-03-13 | Ntt Docomo, Inc. | Mobile terminal, access control management device, and access control management method |
| US20070101010A1 (en)* | 2005-11-01 | 2007-05-03 | Microsoft Corporation | Human interactive proof with authentication |
| US20070124255A1 (en)* | 2005-11-28 | 2007-05-31 | Tripwire, Inc. | Pluggable heterogeneous reconciliation |
| US8145914B2 (en)* | 2005-12-15 | 2012-03-27 | Microsoft Corporation | Client-side CAPTCHA ceremony for user verification |
| US20070220585A1 (en)* | 2006-03-01 | 2007-09-20 | Farrugia Augustin J | Digital rights management system with diversified content protection process |
| US7818264B2 (en) | 2006-06-19 | 2010-10-19 | Visa U.S.A. Inc. | Track data encryption |
| US9065643B2 (en) | 2006-04-05 | 2015-06-23 | Visa U.S.A. Inc. | System and method for account identifier obfuscation |
| US20070239653A1 (en)* | 2006-04-07 | 2007-10-11 | Microsoft Corporation | User interface morph based on permissions |
| EP2016540A1 (en)* | 2006-04-20 | 2009-01-21 | Joern Berninger | Methods and systems for exchanging contact information |
| US8224751B2 (en) | 2006-05-03 | 2012-07-17 | Apple Inc. | Device-independent management of cryptographic information |
| US8108315B2 (en)* | 2006-06-19 | 2012-01-31 | Hewlett-Packard Development Company, L.P. | Discovering software code subject to licenses |
| US8181879B2 (en) | 2006-12-29 | 2012-05-22 | Solicore, Inc. | Mailing apparatus for powered cards |
| WO2008082616A1 (en) | 2006-12-29 | 2008-07-10 | Solicore, Inc. | Card configured to receive separate battery |
| US8239688B2 (en) | 2007-01-07 | 2012-08-07 | Apple Inc. | Securely recovering a computing device |
| US8254568B2 (en) | 2007-01-07 | 2012-08-28 | Apple Inc. | Secure booting a computing device |
| US8438652B2 (en)* | 2007-03-23 | 2013-05-07 | Seagate Technology Llc | Restricted erase and unlock of data storage devices |
| US9311492B2 (en) | 2007-05-22 | 2016-04-12 | Apple Inc. | Media storage structures for storing content, devices for using such structures, systems for distributing such structures |
| US8347098B2 (en)* | 2007-05-22 | 2013-01-01 | Apple Inc. | Media storage structures for storing content, devices for using such structures, systems for distributing such structures |
| WO2009009788A1 (en) | 2007-07-12 | 2009-01-15 | Jobmann Brian C | Identity authentication and secured access systems, components, and methods |
| JP4636058B2 (en)* | 2007-08-08 | 2011-02-23 | コニカミノルタビジネステクノロジーズ株式会社 | CONFERENCE SYSTEM, DATA PROCESSING DEVICE, DATA OUTPUT METHOD, AND DATA OUTPUT PROGRAM |
| JP4976991B2 (en)* | 2007-11-22 | 2012-07-18 | 株式会社東芝 | Information processing apparatus, program verification method, and program |
| US8868741B2 (en) | 2008-03-03 | 2014-10-21 | Leapfrog Enterprises, Inc. | Method and apparatus for custodial monitoring, filtering, and approving of content |
| US8150039B2 (en)* | 2008-04-15 | 2012-04-03 | Apple Inc. | Single security model in booting a computing device |
| CA2820983C (en)* | 2008-05-18 | 2019-02-05 | Google Inc. | Secured electronic transaction system |
| TW200951845A (en)* | 2008-06-11 | 2009-12-16 | Guang-Yao Li | Signature verification system and method capable of improving transaction safety of credit card |
| US8914341B2 (en) | 2008-07-03 | 2014-12-16 | Tripwire, Inc. | Method and apparatus for continuous compliance assessment |
| US8214329B2 (en)* | 2008-08-26 | 2012-07-03 | Zeewise, Inc. | Remote data collection systems and methods |
| US8407483B2 (en)* | 2008-12-18 | 2013-03-26 | Electronics And Telecommunications Research Institute | Apparatus and method for authenticating personal use of contents by using portable storage |
| US20100191551A1 (en) | 2009-01-26 | 2010-07-29 | Apple Inc. | Systems and methods for accessing hotel services using a portable electronic device |
| US8726032B2 (en) | 2009-03-25 | 2014-05-13 | Pacid Technologies, Llc | System and method for protecting secrets file |
| US20110095084A1 (en)* | 2009-10-23 | 2011-04-28 | Onbest Technology Holding Limited | Personal financial terminal device |
| US8332322B2 (en)* | 2010-05-07 | 2012-12-11 | Miicard Limited | Method of establishing identity validation based on an individual's ability to access multiple secure accounts |
| US20140052632A1 (en)* | 2011-08-05 | 2014-02-20 | Ivason J. Galloway | Financial card for online fund transfer and method therefor |
| US8479021B2 (en) | 2011-09-29 | 2013-07-02 | Pacid Technologies, Llc | Secure island computing system and method |
| US9166976B2 (en)* | 2011-10-17 | 2015-10-20 | Stephen Villoria | Creation and management of digital content and workflow automation via a portable identification key |
| US9021557B2 (en) | 2011-10-27 | 2015-04-28 | Stmicroelectronics Pte Ltd | System and method for security using a sibling smart card |
| US20130198056A1 (en)* | 2012-01-27 | 2013-08-01 | Verizon Patent And Licensing Inc. | Near field communication transaction management and application systems and methods |
| CA2775782C (en) | 2012-05-08 | 2013-09-24 | Guest Tek Interactive Entertainment Ltd. | Automatic service activation for user device upon detecting its device identifier on network of hospitality establishment |
| US9111082B2 (en)* | 2012-05-26 | 2015-08-18 | Joseph M Gangi | Secure electronic identification device |
| CA2788573C (en)* | 2012-09-06 | 2013-07-09 | Guest Tek Interactive Entertainment Ltd. | Allowing guest of hospitality establishment to utilize multiple guest devices to access network service |
| US10592888B1 (en)* | 2012-12-17 | 2020-03-17 | Wells Fargo Bank, N.A. | Merchant account transaction processing systems and methods |
| US20140222638A1 (en)* | 2013-02-05 | 2014-08-07 | Mastercard International Incorporated | System and Method for Merchant Transfer of a Forward-Sold Good Contract |
| US9466153B2 (en) | 2014-08-05 | 2016-10-11 | Myine Electronics, Inc. | Vehicle maintenance reminders |
| GB2546740A (en)* | 2016-01-26 | 2017-08-02 | Worldpay Ltd | Electronic payment system and method |
Citations (55)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US200405A (en)* | 1878-02-19 | Improvement in feed-water regulators | ||
| US4701601A (en)* | 1985-04-26 | 1987-10-20 | Visa International Service Association | Transaction card with magnetic stripe emulator |
| US4791283A (en)* | 1986-06-03 | 1988-12-13 | Intellicard International, Inc. | Transaction card magnetic stripe emulator |
| US4868376A (en)* | 1987-05-15 | 1989-09-19 | Smartcard International Inc. | Intelligent portable interactive personal data system |
| US5276311A (en)* | 1989-03-01 | 1994-01-04 | Hartmut Hennige | Method and device for simplifying the use of a plurality of credit cards, or the like |
| US5386104A (en)* | 1993-11-08 | 1995-01-31 | Ncr Corporation | System and method for detecting user fraud in automated teller machine transactions |
| US5544246A (en)* | 1993-09-17 | 1996-08-06 | At&T Corp. | Smartcard adapted for a plurality of service providers and for remote installation of same |
| US5546471A (en)* | 1994-10-28 | 1996-08-13 | The National Registry, Inc. | Ergonomic fingerprint reader apparatus |
| US5546523A (en)* | 1995-04-13 | 1996-08-13 | Gatto; James G. | Electronic fund transfer system |
| US5585787A (en)* | 1991-12-09 | 1996-12-17 | Wallerstein; Robert S. | Programmable credit card |
| US5590038A (en)* | 1994-06-20 | 1996-12-31 | Pitroda; Satyan G. | Universal electronic transaction card including receipt storage and system and methods of conducting electronic transactions |
| US5598474A (en)* | 1994-03-29 | 1997-01-28 | Neldon P Johnson | Process for encrypting a fingerprint onto an I.D. card |
| US5598792A (en)* | 1995-01-09 | 1997-02-04 | Wales; Forrest A. | Credit card security device having card invalidating electromagnet |
| US5623552A (en)* | 1994-01-21 | 1997-04-22 | Cardguard International, Inc. | Self-authenticating identification card with fingerprint identification |
| US5745574A (en)* | 1995-12-15 | 1998-04-28 | Entegrity Solutions Corporation | Security infrastructure for electronic transactions |
| US5748737A (en)* | 1994-11-14 | 1998-05-05 | Daggar; Robert N. | Multimedia electronic wallet with generic card |
| US5777903A (en)* | 1996-01-22 | 1998-07-07 | Motorola, Inc. | Solar cell powered smart card with integrated display and interface keypad |
| US5815657A (en)* | 1996-04-26 | 1998-09-29 | Verifone, Inc. | System, method and article of manufacture for network electronic authorization utilizing an authorization instrument |
| US5854891A (en)* | 1996-08-09 | 1998-12-29 | Tritheim Technologies, Inc. | Smart card reader having multiple data enabling storage compartments |
| US5867795A (en)* | 1996-08-23 | 1999-02-02 | Motorola, Inc. | Portable electronic device with transceiver and visual image display |
| US5870723A (en)* | 1994-11-28 | 1999-02-09 | Pare, Jr.; David Ferrin | Tokenless biometric transaction authorization method and system |
| US5907142A (en)* | 1995-12-12 | 1999-05-25 | Kelsey; Craig E. | Fraud resistant personally activated transaction card |
| US5915023A (en)* | 1997-01-06 | 1999-06-22 | Bernstein; Robert | Automatic portable account controller for remotely arranging for transfer of value to a recipient |
| US5917913A (en)* | 1996-12-04 | 1999-06-29 | Wang; Ynjiun Paul | Portable electronic authorization devices and methods therefor |
| US5920640A (en)* | 1997-05-16 | 1999-07-06 | Harris Corporation | Fingerprint sensor and token reader and associated methods |
| US5940525A (en)* | 1996-03-08 | 1999-08-17 | Kabushiki Kaisha Toshiba | Fingerprint detection apparatus |
| US5943423A (en)* | 1995-12-15 | 1999-08-24 | Entegrity Solutions Corporation | Smart token system for secure electronic transactions and identification |
| US5974146A (en)* | 1997-07-30 | 1999-10-26 | Huntington Bancshares Incorporated | Real time bank-centric universal payment system |
| US5978496A (en)* | 1996-04-26 | 1999-11-02 | U.S. Philips Corporation | Fingerprint sensing devices and systems incorporating such |
| US5979773A (en)* | 1994-12-02 | 1999-11-09 | American Card Technology, Inc. | Dual smart card access control electronic data storage and retrieval system and methods |
| US5982913A (en)* | 1997-03-25 | 1999-11-09 | The United States Of America As Represented By The National Security Agency | Method of verification using a subset of claimant's fingerprint |
| US6012636A (en)* | 1997-04-22 | 2000-01-11 | Smith; Frank E. | Multiple card data system having first and second memory elements including magnetic strip and fingerprints scanning means |
| US6016476A (en)* | 1997-08-11 | 2000-01-18 | International Business Machines Corporation | Portable information and transaction processing system and method utilizing biometric authorization and digital certificate security |
| US6038551A (en)* | 1996-03-11 | 2000-03-14 | Microsoft Corporation | System and method for configuring and managing resources on a multi-purpose integrated circuit card using a personal computer |
| US6095416A (en)* | 1998-02-24 | 2000-08-01 | Privicom, Inc. | Method and device for preventing unauthorized use of credit cards |
| US6182892B1 (en)* | 1998-03-25 | 2001-02-06 | Compaq Computer Corporation | Smart card with fingerprint image pass-through |
| US6188309B1 (en)* | 1998-01-07 | 2001-02-13 | At&T Corp | Method and apparatus for minimizing credit card fraud |
| US6308887B1 (en)* | 1997-12-02 | 2001-10-30 | Cash Technologies, Inc. | Multi-transactional architecture |
| US20010039512A1 (en)* | 1998-07-23 | 2001-11-08 | Nicholson G. Randy | System and method of maintaining a posted street price for fuel while offering different prices to identified customers |
| US6334121B1 (en)* | 1998-05-04 | 2001-12-25 | Virginia Commonwealth University | Usage pattern based user authenticator |
| US6374757B1 (en)* | 1999-12-02 | 2002-04-23 | Avner Farkash | Credit card security device |
| US20020052193A1 (en)* | 2000-10-31 | 2002-05-02 | Chetty Vijay Raghavan | Universal portable unit |
| US20020062251A1 (en)* | 2000-09-29 | 2002-05-23 | Rajan Anandan | System and method for wireless consumer communications |
| US20020093426A1 (en)* | 1995-10-11 | 2002-07-18 | Jackson Miles R. | Enabling/enhancing a feature of an electronic device using radio frequency identification technology |
| US6545605B2 (en)* | 1999-07-29 | 2003-04-08 | Micron Technology, Inc. | Methods of determining a communications range of an interrogator of a wireless identification system and methods of verifying operation of a wireless identification system |
| US20030106935A1 (en)* | 2001-11-19 | 2003-06-12 | Burchette Robert L. | Transaction card system having security against unauthorized usage |
| US20030218066A1 (en)* | 2001-12-26 | 2003-11-27 | Vivotech, Inc. | Adaptor for magnetic stripe card reader |
| US20040029569A1 (en)* | 2001-12-26 | 2004-02-12 | Vivotech, Inc. | Micropayment financial transaction process utilizing wireless network processing |
| US20040094624A1 (en)* | 2001-12-26 | 2004-05-20 | Vivotech, Inc. | Adaptor for magnetic stripe card reader |
| USD490840S1 (en)* | 2002-10-30 | 2004-06-01 | Vivotech, Inc. | Proximity interface for transaction acceptance systems |
| USD491186S1 (en)* | 2002-11-27 | 2004-06-08 | Vivotech, Inc. | Magnetic stripe simulacrum for transaction acceptance systems |
| USD491953S1 (en)* | 2002-10-10 | 2004-06-22 | Vivotech, Inc. | Proximity interface with advertising insert for transaction acceptance systems |
| USD496365S1 (en)* | 2003-02-28 | 2004-09-21 | Vivotech, Inc. | Coreless inductor magnetic strip simulacrum for right angle transaction acceptance systems |
| USD498236S1 (en)* | 2003-01-24 | 2004-11-09 | Vivotech, Inc. | Coreless inductor magnetic stripe simulacrum for transaction acceptance systems |
| US20040260608A1 (en)* | 2003-02-05 | 2004-12-23 | I-Coupon Limited | Discount and/or loyalty reward system and retail apparatus therefor |
Family Cites Families (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| IL104422A (en) | 1993-01-18 | 1996-03-31 | Labaton Isaac J | Method and apparatus for magnetically writing on plastic cards |
| US5963679A (en) | 1996-01-26 | 1999-10-05 | Harris Corporation | Electric field fingerprint sensor apparatus and related methods |
| CA2233942A1 (en) | 1996-09-18 | 1998-03-26 | Dew Engineering And Development Limited | Biometric identification system for providing secure access |
| JP2002501263A (en) | 1998-01-27 | 2002-01-15 | ビズテック インコーポレイテッド | Transmission of advertisements to smart cards |
| DE19816117A1 (en) | 1998-04-09 | 1999-10-14 | Primax Electronics Ltd | Electronic code controlled access to computer system |
| US7272723B1 (en)* | 1999-01-15 | 2007-09-18 | Safenet, Inc. | USB-compliant personal key with integral input and output devices |
| US6356941B1 (en) | 1999-02-22 | 2002-03-12 | Cyber-Ark Software Ltd. | Network vaults |
| WO2001024123A1 (en) | 1999-09-28 | 2001-04-05 | Chameleon Network Inc. | Portable electronic authorization system and associated method |
| US7080037B2 (en) | 1999-09-28 | 2006-07-18 | Chameleon Network Inc. | Portable electronic authorization system and method |
| WO2001029731A1 (en)* | 1999-10-21 | 2001-04-26 | 3Com Corporation | Access control using a personal digital assistant-type |
| WO2001065360A2 (en) | 2000-02-28 | 2001-09-07 | 360 Degree Web, Inc. | Smart card enabled mobile personal computing environment |
| US6950939B2 (en)* | 2000-12-08 | 2005-09-27 | Sony Corporation | Personal transaction device with secure storage on a removable memory device |
| US20020161708A1 (en) | 2001-02-01 | 2002-10-31 | Gero Offer | Method and apparatus for performing a cashless payment transaction |
| US20040159700A1 (en)* | 2001-12-26 | 2004-08-19 | Vivotech, Inc. | Method and apparatus for secure import of information into data aggregation program hosted by personal trusted device |
| USD491185S1 (en)* | 2002-07-31 | 2004-06-08 | Sony Corporation | Suspension for head |
- 2001
- 2001-10-01USUS09/968,628patent/US7080037B2/ennot_activeExpired - Lifetime
- 2002
- 2002-10-01WOPCT/US2002/031335patent/WO2003029942A2/enactiveApplication Filing
- 2002-10-01EPEP02763826Apatent/EP1436683A2/ennot_activeWithdrawn
- 2002-10-01CACA002462278Apatent/CA2462278A1/ennot_activeAbandoned
- 2004
- 2004-09-29USUS10/954,050patent/US20050044044A1/ennot_activeAbandoned
Patent Citations (58)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US200405A (en)* | 1878-02-19 | Improvement in feed-water regulators | ||
| US4701601A (en)* | 1985-04-26 | 1987-10-20 | Visa International Service Association | Transaction card with magnetic stripe emulator |
| US4791283A (en)* | 1986-06-03 | 1988-12-13 | Intellicard International, Inc. | Transaction card magnetic stripe emulator |
| US4868376A (en)* | 1987-05-15 | 1989-09-19 | Smartcard International Inc. | Intelligent portable interactive personal data system |
| US5276311A (en)* | 1989-03-01 | 1994-01-04 | Hartmut Hennige | Method and device for simplifying the use of a plurality of credit cards, or the like |
| US5585787A (en)* | 1991-12-09 | 1996-12-17 | Wallerstein; Robert S. | Programmable credit card |
| US5544246A (en)* | 1993-09-17 | 1996-08-06 | At&T Corp. | Smartcard adapted for a plurality of service providers and for remote installation of same |
| US5386104A (en)* | 1993-11-08 | 1995-01-31 | Ncr Corporation | System and method for detecting user fraud in automated teller machine transactions |
| US5623552A (en)* | 1994-01-21 | 1997-04-22 | Cardguard International, Inc. | Self-authenticating identification card with fingerprint identification |
| US5598474A (en)* | 1994-03-29 | 1997-01-28 | Neldon P Johnson | Process for encrypting a fingerprint onto an I.D. card |
| US5590038A (en)* | 1994-06-20 | 1996-12-31 | Pitroda; Satyan G. | Universal electronic transaction card including receipt storage and system and methods of conducting electronic transactions |
| US5546471A (en)* | 1994-10-28 | 1996-08-13 | The National Registry, Inc. | Ergonomic fingerprint reader apparatus |
| US5748737A (en)* | 1994-11-14 | 1998-05-05 | Daggar; Robert N. | Multimedia electronic wallet with generic card |
| US5870723A (en)* | 1994-11-28 | 1999-02-09 | Pare, Jr.; David Ferrin | Tokenless biometric transaction authorization method and system |
| US5979773A (en)* | 1994-12-02 | 1999-11-09 | American Card Technology, Inc. | Dual smart card access control electronic data storage and retrieval system and methods |
| US5598792A (en)* | 1995-01-09 | 1997-02-04 | Wales; Forrest A. | Credit card security device having card invalidating electromagnet |
| US5546523A (en)* | 1995-04-13 | 1996-08-13 | Gatto; James G. | Electronic fund transfer system |
| US20020093426A1 (en)* | 1995-10-11 | 2002-07-18 | Jackson Miles R. | Enabling/enhancing a feature of an electronic device using radio frequency identification technology |
| US5907142A (en)* | 1995-12-12 | 1999-05-25 | Kelsey; Craig E. | Fraud resistant personally activated transaction card |
| US5745574A (en)* | 1995-12-15 | 1998-04-28 | Entegrity Solutions Corporation | Security infrastructure for electronic transactions |
| US5943423A (en)* | 1995-12-15 | 1999-08-24 | Entegrity Solutions Corporation | Smart token system for secure electronic transactions and identification |
| US5777903A (en)* | 1996-01-22 | 1998-07-07 | Motorola, Inc. | Solar cell powered smart card with integrated display and interface keypad |
| US5940525A (en)* | 1996-03-08 | 1999-08-17 | Kabushiki Kaisha Toshiba | Fingerprint detection apparatus |
| US6038551A (en)* | 1996-03-11 | 2000-03-14 | Microsoft Corporation | System and method for configuring and managing resources on a multi-purpose integrated circuit card using a personal computer |
| US5978496A (en)* | 1996-04-26 | 1999-11-02 | U.S. Philips Corporation | Fingerprint sensing devices and systems incorporating such |
| US5815657A (en)* | 1996-04-26 | 1998-09-29 | Verifone, Inc. | System, method and article of manufacture for network electronic authorization utilizing an authorization instrument |
| US5854891A (en)* | 1996-08-09 | 1998-12-29 | Tritheim Technologies, Inc. | Smart card reader having multiple data enabling storage compartments |
| US5867795A (en)* | 1996-08-23 | 1999-02-02 | Motorola, Inc. | Portable electronic device with transceiver and visual image display |
| US6282656B1 (en)* | 1996-12-04 | 2001-08-28 | Ynjiun Paul Wang | Electronic transaction systems and methods therefor |
| US5917913A (en)* | 1996-12-04 | 1999-06-29 | Wang; Ynjiun Paul | Portable electronic authorization devices and methods therefor |
| US5915023A (en)* | 1997-01-06 | 1999-06-22 | Bernstein; Robert | Automatic portable account controller for remotely arranging for transfer of value to a recipient |
| US5982913A (en)* | 1997-03-25 | 1999-11-09 | The United States Of America As Represented By The National Security Agency | Method of verification using a subset of claimant's fingerprint |
| US6012636A (en)* | 1997-04-22 | 2000-01-11 | Smith; Frank E. | Multiple card data system having first and second memory elements including magnetic strip and fingerprints scanning means |
| US5920640A (en)* | 1997-05-16 | 1999-07-06 | Harris Corporation | Fingerprint sensor and token reader and associated methods |
| US5974146A (en)* | 1997-07-30 | 1999-10-26 | Huntington Bancshares Incorporated | Real time bank-centric universal payment system |
| US6016476A (en)* | 1997-08-11 | 2000-01-18 | International Business Machines Corporation | Portable information and transaction processing system and method utilizing biometric authorization and digital certificate security |
| US6308887B1 (en)* | 1997-12-02 | 2001-10-30 | Cash Technologies, Inc. | Multi-transactional architecture |
| US6188309B1 (en)* | 1998-01-07 | 2001-02-13 | At&T Corp | Method and apparatus for minimizing credit card fraud |
| US6095416A (en)* | 1998-02-24 | 2000-08-01 | Privicom, Inc. | Method and device for preventing unauthorized use of credit cards |
| US6182892B1 (en)* | 1998-03-25 | 2001-02-06 | Compaq Computer Corporation | Smart card with fingerprint image pass-through |
| US6334121B1 (en)* | 1998-05-04 | 2001-12-25 | Virginia Commonwealth University | Usage pattern based user authenticator |
| US20020040321A1 (en)* | 1998-07-23 | 2002-04-04 | Nicholson G. Randy | Method of cross-marketing utilizing electronic coupons |
| US20010039512A1 (en)* | 1998-07-23 | 2001-11-08 | Nicholson G. Randy | System and method of maintaining a posted street price for fuel while offering different prices to identified customers |
| US6545605B2 (en)* | 1999-07-29 | 2003-04-08 | Micron Technology, Inc. | Methods of determining a communications range of an interrogator of a wireless identification system and methods of verifying operation of a wireless identification system |
| US6374757B1 (en)* | 1999-12-02 | 2002-04-23 | Avner Farkash | Credit card security device |
| US20020062251A1 (en)* | 2000-09-29 | 2002-05-23 | Rajan Anandan | System and method for wireless consumer communications |
| US20020052193A1 (en)* | 2000-10-31 | 2002-05-02 | Chetty Vijay Raghavan | Universal portable unit |
| US20030106935A1 (en)* | 2001-11-19 | 2003-06-12 | Burchette Robert L. | Transaction card system having security against unauthorized usage |
| US20040094624A1 (en)* | 2001-12-26 | 2004-05-20 | Vivotech, Inc. | Adaptor for magnetic stripe card reader |
| US20040029569A1 (en)* | 2001-12-26 | 2004-02-12 | Vivotech, Inc. | Micropayment financial transaction process utilizing wireless network processing |
| US20030218066A1 (en)* | 2001-12-26 | 2003-11-27 | Vivotech, Inc. | Adaptor for magnetic stripe card reader |
| USD491953S1 (en)* | 2002-10-10 | 2004-06-22 | Vivotech, Inc. | Proximity interface with advertising insert for transaction acceptance systems |
| USD490840S1 (en)* | 2002-10-30 | 2004-06-01 | Vivotech, Inc. | Proximity interface for transaction acceptance systems |
| USD491186S1 (en)* | 2002-11-27 | 2004-06-08 | Vivotech, Inc. | Magnetic stripe simulacrum for transaction acceptance systems |
| USD498236S1 (en)* | 2003-01-24 | 2004-11-09 | Vivotech, Inc. | Coreless inductor magnetic stripe simulacrum for transaction acceptance systems |
| US20040260608A1 (en)* | 2003-02-05 | 2004-12-23 | I-Coupon Limited | Discount and/or loyalty reward system and retail apparatus therefor |
| USD496365S1 (en)* | 2003-02-28 | 2004-09-21 | Vivotech, Inc. | Coreless inductor magnetic strip simulacrum for right angle transaction acceptance systems |
| USD506998S1 (en)* | 2003-02-28 | 2005-07-05 | Vivotech, Inc. | Coreless inductor magnetic stripe simulacrum for right angle transaction acceptance systems |
Cited By (99)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7725726B2 (en) | 1996-02-15 | 2010-05-25 | Semtek Innovative Solutions Corporation | Method and apparatus for securing and authenticating encoded data and documents containing such data |
| US20050269401A1 (en)* | 2004-06-03 | 2005-12-08 | Tyfone, Inc. | System and method for securing financial transactions |
| US20050269402A1 (en)* | 2004-06-03 | 2005-12-08 | Tyfone, Inc. | System and method for securing financial transactions |
| US8249993B2 (en) | 2004-09-07 | 2012-08-21 | Verifone, Inc. | Transparently securing data for transmission on financial networks |
| US7740173B2 (en) | 2004-09-07 | 2010-06-22 | Semtek Innovative Solutions Corporation | Transparently securing transactional data |
| US20090228714A1 (en)* | 2004-11-18 | 2009-09-10 | Biogy, Inc. | Secure mobile device with online vault |
| US9715649B2 (en) | 2005-02-22 | 2017-07-25 | Tyfone, Inc. | Device with current carrying conductor to produce time-varying magnetic field |
| US20060186209A1 (en)* | 2005-02-22 | 2006-08-24 | Tyfone, Inc. | Electronic transaction card |
| US9092708B1 (en) | 2005-02-22 | 2015-07-28 | Tyfone, Inc. | Wearable device with time-varying magnetic field |
| US9004361B2 (en) | 2005-02-22 | 2015-04-14 | Tyfone, Inc. | Wearable device transaction system |
| US9202156B2 (en) | 2005-02-22 | 2015-12-01 | Tyfone, Inc. | Mobile device with time-varying magnetic field |
| US9208423B1 (en) | 2005-02-22 | 2015-12-08 | Tyfone, Inc. | Mobile device with time-varying magnetic field and single transaction account numbers |
| US8573494B2 (en) | 2005-02-22 | 2013-11-05 | Tyfone, Inc. | Apparatus for secure financial transactions |
| US10803370B2 (en) | 2005-02-22 | 2020-10-13 | Tyfone, Inc. | Provisioning wearable device with current carrying conductor to produce time-varying magnetic field |
| US11270174B2 (en) | 2005-02-22 | 2022-03-08 | Icashe, Inc. | Mobile phone with magnetic card emulation |
| US9251453B1 (en) | 2005-02-22 | 2016-02-02 | Tyfone, Inc. | Wearable device with time-varying magnetic field and single transaction account numbers |
| US8408463B2 (en) | 2005-02-22 | 2013-04-02 | Tyfone, Inc. | Mobile device add-on apparatus for financial transactions |
| US12223378B2 (en) | 2005-02-22 | 2025-02-11 | Icashe, Inc. | Electronic transaction mechanism |
| US7581678B2 (en) | 2005-02-22 | 2009-09-01 | Tyfone, Inc. | Electronic transaction card |
| US7954716B2 (en) | 2005-02-22 | 2011-06-07 | Tyfone, Inc. | Electronic transaction card powered by mobile device |
| US20090298540A1 (en)* | 2005-02-22 | 2009-12-03 | Tyfone, Inc. | Electronic transaction card |
| US11720777B2 (en) | 2005-02-22 | 2023-08-08 | Icashe, Inc. | Mobile phone with magnetic card emulation |
| US9626611B2 (en) | 2005-02-22 | 2017-04-18 | Tyfone, Inc. | Provisioning mobile device with time-varying magnetic field |
| US8136732B2 (en) | 2005-02-22 | 2012-03-20 | Tyfone, Inc. | Electronic transaction card with contactless interface |
| US11436461B2 (en) | 2005-02-22 | 2022-09-06 | Kepler Computing Inc. | Mobile phone with magnetic card emulation |
| US8091786B2 (en) | 2005-02-22 | 2012-01-10 | Tyfone, Inc. | Add-on card with smartcard circuitry powered by a mobile device |
| US7828214B2 (en) | 2005-02-22 | 2010-11-09 | Tyfone, Inc. | Mobile phone with electronic transaction card |
| US20110053644A1 (en)* | 2005-02-22 | 2011-03-03 | Tyfone, Inc. | Mobile device with transaction card in add-on slot |
| US20110073663A1 (en)* | 2005-02-22 | 2011-03-31 | Tyfone, Inc. | Memory card compatible financial transaction card |
| US20110073665A1 (en)* | 2005-02-22 | 2011-03-31 | Tyfone, Inc. | Electronic transaction card powered by mobile device |
| US7954717B2 (en) | 2005-02-22 | 2011-06-07 | Tyfone, Inc. | Provisioning electronic transaction card in mobile device |
| US7954715B2 (en) | 2005-02-22 | 2011-06-07 | Tyfone, Inc. | Mobile device with transaction card in add-on slot |
| US8083145B2 (en) | 2005-02-22 | 2011-12-27 | Tyfone, Inc. | Provisioning an add-on apparatus with smartcard circuity for enabling transactions |
| US8474718B2 (en) | 2005-02-22 | 2013-07-02 | Tyfone, Inc. | Method for provisioning an apparatus connected contactless to a mobile device |
| US10185909B2 (en) | 2005-02-22 | 2019-01-22 | Tyfone, Inc. | Wearable device with current carrying conductor to produce time-varying magnetic field |
| US20110223972A1 (en)* | 2005-02-22 | 2011-09-15 | Tyfone, Inc. | Provisioning an add-on apparatus with smartcard circuity for enabling transactions |
| US20110220726A1 (en)* | 2005-02-22 | 2011-09-15 | Tyfone, Inc. | Add-on card with smartcard circuitry powered by a mobile device |
| WO2006099892A1 (en)* | 2005-03-25 | 2006-09-28 | 3Dconnexion Holding Sa | Synchronizing settings for manual input devices |
| US20060226217A1 (en)* | 2005-04-07 | 2006-10-12 | Tyfone, Inc. | Sleeve for electronic transaction card |
| US20080093467A1 (en)* | 2005-04-07 | 2008-04-24 | Tyfone, Inc. | Folding electronic transaction card |
| US8189788B2 (en) | 2005-07-15 | 2012-05-29 | Tyfone, Inc. | Hybrid symmetric/asymmetric cryptography with user authentication |
| US8477940B2 (en) | 2005-07-15 | 2013-07-02 | Tyfone, Inc. | Symmetric cryptography with user authentication |
| US7805615B2 (en) | 2005-07-15 | 2010-09-28 | Tyfone, Inc. | Asymmetric cryptography with user authentication |
| US20070014408A1 (en)* | 2005-07-15 | 2007-01-18 | Tyfone, Inc. | Hybrid symmetric/asymmetric cryptography with user authentication |
| US20070016798A1 (en)* | 2005-07-15 | 2007-01-18 | Narendra Siva G | Asymmetric cryptography with user authentication |
| US20070014407A1 (en)* | 2005-07-15 | 2007-01-18 | Tyfone, Inc. | Symmetric cryptography with user authentication |
| US20070131759A1 (en)* | 2005-12-14 | 2007-06-14 | Cox Mark A | Smartcard and magnetic stripe emulator with biometric authentication |
| US20080126260A1 (en)* | 2006-07-12 | 2008-05-29 | Cox Mark A | Point Of Sale Transaction Device With Magnetic Stripe Emulator And Biometric Authentication |
| US8769275B2 (en) | 2006-10-17 | 2014-07-01 | Verifone, Inc. | Batch settlement transactions system and method |
| WO2008079488A3 (en)* | 2006-10-17 | 2008-08-21 | Semtek Innovative Solutions In | System and method for updating a transactional device |
| US9818108B2 (en) | 2006-10-17 | 2017-11-14 | Verifone, Inc. | System and method for updating a transactional device |
| US20080189214A1 (en)* | 2006-10-17 | 2008-08-07 | Clay Von Mueller | Pin block replacement |
| US8595490B2 (en) | 2006-10-17 | 2013-11-26 | Verifone, Inc. | System and method for secure transaction |
| US9123042B2 (en) | 2006-10-17 | 2015-09-01 | Verifone, Inc. | Pin block replacement |
| US9141953B2 (en) | 2006-10-17 | 2015-09-22 | Verifone, Inc. | Personal token read system and method |
| US20080091944A1 (en)* | 2006-10-17 | 2008-04-17 | Von Mueller Clay W | Batch settlement transactions system and method |
| US7991158B2 (en) | 2006-12-13 | 2011-08-02 | Tyfone, Inc. | Secure messaging |
| US20080244208A1 (en)* | 2007-03-30 | 2008-10-02 | Narendra Siva G | Memory card hidden command protocol |
| US20080288403A1 (en)* | 2007-05-18 | 2008-11-20 | Clay Von Mueller | Pin encryption device security |
| US9563718B2 (en)* | 2007-06-29 | 2017-02-07 | Intuit Inc. | Using interactive scripts to facilitate web-based aggregation |
| US20090006985A1 (en)* | 2007-06-29 | 2009-01-01 | Fong Spencer W | Using interactive scripts to facilitate web-based aggregation |
| US8355982B2 (en) | 2007-08-16 | 2013-01-15 | Verifone, Inc. | Metrics systems and methods for token transactions |
| US20090152361A1 (en)* | 2007-12-14 | 2009-06-18 | Narendra Siva G | Memory card based contactless devices |
| US9741027B2 (en) | 2007-12-14 | 2017-08-22 | Tyfone, Inc. | Memory card based contactless devices |
| US9361617B2 (en) | 2008-06-17 | 2016-06-07 | Verifone, Inc. | Variable-length cipher system and method |
| US8144940B2 (en) | 2008-08-07 | 2012-03-27 | Clay Von Mueller | System and method for authentication of data |
| US9390359B2 (en) | 2008-08-08 | 2016-07-12 | Tyfone, Inc. | Mobile device with a contactless smartcard device and active load modulation |
| US8937549B2 (en) | 2008-08-08 | 2015-01-20 | Tyfone, Inc. | Enhanced integrated circuit with smartcard controller |
| US8451122B2 (en) | 2008-08-08 | 2013-05-28 | Tyfone, Inc. | Smartcard performance enhancement circuits and systems |
| US12147863B2 (en) | 2008-08-08 | 2024-11-19 | Icashe, Inc. | Method and apparatus for transmitting data via NFC for mobile applications including mobile payments and ticketing |
| US20100033310A1 (en)* | 2008-08-08 | 2010-02-11 | Narendra Siva G | Power negotation for small rfid card |
| US11694053B2 (en) | 2008-08-08 | 2023-07-04 | Icashe, Inc. | Method and apparatus for transmitting data via NFC for mobile applications including mobile payments and ticketing |
| US10607129B2 (en) | 2008-08-08 | 2020-03-31 | Tyfone, Inc. | Sideband generating NFC apparatus to mimic load modulation |
| US8866614B2 (en) | 2008-08-08 | 2014-10-21 | Tyfone, Inc. | Active circuit for RFID |
| US10318855B2 (en) | 2008-08-08 | 2019-06-11 | Tyfone, Inc. | Computing device with NFC and active load modulation for mass transit ticketing |
| US7961101B2 (en) | 2008-08-08 | 2011-06-14 | Tyfone, Inc. | Small RFID card with integrated inductive element |
| US10949726B2 (en) | 2008-08-08 | 2021-03-16 | Icashe, Inc. | Mobile phone with NFC apparatus that does not rely on power derived from an interrogating RF field |
| US9483722B2 (en) | 2008-08-08 | 2016-11-01 | Tyfone, Inc. | Amplifier and transmission solution for 13.56MHz radio coupled to smartcard controller |
| US9489608B2 (en) | 2008-08-08 | 2016-11-08 | Tyfone, Inc. | Amplifier and transmission solution for 13.56MHz radio coupled to smartmx smartcard controller |
| US8410936B2 (en) | 2008-08-08 | 2013-04-02 | Tyfone, Inc. | Contactless card that receives power from host device |
| US9117152B2 (en) | 2008-08-08 | 2015-08-25 | Tyfone, Inc. | 13.56 MHz enhancement circuit for smartmx smartcard controller |
| US8072331B2 (en) | 2008-08-08 | 2011-12-06 | Tyfone, Inc. | Mobile payment device |
| US8814053B2 (en) | 2008-08-08 | 2014-08-26 | Tyfone, Inc. | Mobile payment device with small inductive device powered by a host device |
| US9122965B2 (en) | 2008-08-08 | 2015-09-01 | Tyfone, Inc. | 13.56 MHz enhancement circuit for smartcard controller |
| US20110171996A1 (en)* | 2008-08-08 | 2011-07-14 | Tyfone, Inc. | Smartcard performance enhancement circuits and systems |
| US9904887B2 (en) | 2008-08-08 | 2018-02-27 | Tyfone, Inc. | Computing device with NFC and active load modulation |
| US8231061B2 (en) | 2009-02-24 | 2012-07-31 | Tyfone, Inc | Contactless device with miniaturized antenna |
| US20100213265A1 (en)* | 2009-02-24 | 2010-08-26 | Tyfone, Inc. | Contactless device with miniaturized antenna |
| US8251283B1 (en) | 2009-05-08 | 2012-08-28 | Oberon Labs, LLC | Token authentication using spatial characteristics |
| US10268843B2 (en) | 2011-12-06 | 2019-04-23 | AEMEA Inc. | Non-deterministic secure active element machine |
| US10728027B2 (en) | 2012-03-05 | 2020-07-28 | Biogy, Inc. | One-time passcodes with asymmetric keys |
| US9235697B2 (en) | 2012-03-05 | 2016-01-12 | Biogy, Inc. | One-time passcodes with asymmetric keys |
| US9426132B1 (en) | 2012-09-12 | 2016-08-23 | Emc Corporation | Methods and apparatus for rules-based multi-factor verification |
| US9275218B1 (en) | 2012-09-12 | 2016-03-01 | Emc Corporation | Methods and apparatus for verification of a user at a first device based on input received from a second device |
| US9443069B1 (en) | 2012-11-15 | 2016-09-13 | Emc Corporation | Verification platform having interface adapted for communication with verification agent |
| US9323911B1 (en) | 2012-11-15 | 2016-04-26 | Emc Corporation | Verifying requests to remove applications from a device |
| US9294474B1 (en) | 2012-11-15 | 2016-03-22 | Emc Corporation | Verification based on input comprising captured images, captured audio and tracked eye movement |
| US9280645B1 (en) | 2012-11-15 | 2016-03-08 | Emc Corporation | Local and remote verification |
| WO2018009491A1 (en)* | 2016-07-06 | 2018-01-11 | Alibaba Group Holding Limited | Systems and methods for connecting disparate computing devices via standard interfaces and direct network connections |
Also Published As
| Publication number | Publication date |
|---|---|
| CA2462278A1 (en) | 2003-04-10 |
| US7080037B2 (en) | 2006-07-18 |
| US20020099665A1 (en) | 2002-07-25 |
| WO2003029942A3 (en) | 2004-02-26 |
| WO2003029942A2 (en) | 2003-04-10 |
| EP1436683A2 (en) | 2004-07-14 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US7080037B2 (en) | Portable electronic authorization system and method | |
| US7340439B2 (en) | Portable electronic authorization system and method | |
| US7003495B1 (en) | Portable electronic authorization system and method | |
| US20090212909A1 (en) | Portable electronic authorization system and method | |
| US20100031043A1 (en) | Portable electronic authorization system and method | |
| US9904800B2 (en) | Portable e-wallet and universal card | |
| US7516886B2 (en) | System for associating identification and personal data for multiple magnetic stripe cards or other sources to facilitate a transaction and related methods | |
| US8910862B2 (en) | Retail point-of-transaction systems, program products, and related methods to provide a customized set of identification data to facilitate a retail transaction using electronic coupons | |
| US10169750B2 (en) | Apparatus, systems and methods for wirelessly transacting financial transfers, electronically recordable authorization transfers, and other information transfers | |
| US8095113B2 (en) | Onetime passwords for smart chip cards | |
| KR100466826B1 (en) | Method of automatic ticket self-issuing with an integrated circuit card and system thereof | |
| EP1508883A2 (en) | Credit card application automation system | |
| JP2004531827A (en) | System and method for secure refund | |
| JP2005505824A (en) | System alignment method and memory device for integrated circuit card data recording device | |
| JP2003520372A (en) | Secure e-commerce system | |
| CA2534987A1 (en) | Systems and methods for facilitating transactions | |
| WO2017180360A1 (en) | System and method for providing token based employee corporate cards | |
| WO2005043438A1 (en) | Portable electronic authorization system and method | |
| TW201804388A (en) | Virtual card management method in digital wallet capable of integrating virtual cards issued by different card issuance banks | |
| KR20050006628A (en) | System and method for processing an electronic-receipt |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| STCB | Information on status: application discontinuation | Free format text:ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION | |
| AS | Assignment | Owner name:ZILOS NETWORKING LIMITED LIABILITY COMPANY, DELAWA Free format text:ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:CHAMELEON NETWORK INC.;REEL/FRAME:027037/0645 Effective date:20110918 | |
| AS | Assignment | Owner name:CHAMELEON NETWORK INC., MASSACHUSETTS Free format text:ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:BURGER, TODD O.;COHEN, ROBERT M.;REEL/FRAME:027220/0114 Effective date:20020107 | |
| AS | Assignment | Owner name:INTELLECTUAL VENTURES ASSETS 150 LLC, DELAWARE Free format text:ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:GULA CONSULTING LIMITED LIABILITY COMPANY;REEL/FRAME:050924/0979 Effective date:20191031 | |
| AS | Assignment | Owner name:KIOBA PROCESSING, LLC, GEORGIA Free format text:ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:INTELLECTUAL VENTURES ASSETS 150 LLC;REEL/FRAME:051464/0203 Effective date:20191115 |