Sun, Apr 20, 2014 03:19
HomeMost Recent NewsLone Star Business BlogContact Us
Advertise with Texas Business
A Smart Credit Card Or Debit Card Without A Chip
A Smart Credit Card Or Debit Card Without A Chip | dal_ftw_txbz, Ralph O. Doughty, Colleyville, Patrick R. Antaki, Plano, patent, 8015592, System, method and apparatus for enabling transactions, biometrically enabled programmable magnetic stripe, magnetic stripe,

U.S. Patent 8,015,592 for “System, method and apparatus for enabling transactions using a biometrically enabled programmable magnetic stripe.”

Texas Business reports: Two Texas men devised a way use the biometrics of a card owner to work with credit cards and debit cards without the use of a chip.

Ralph O. Doughty of Colleyville and Patrick R. Antaki of Plano received U.S. Patent 8,015,592 for “System, method and apparatus for enabling transactions using a biometrically enabled programmable magnetic stripe.”

The two filed for the patent almost eight years ago on October 7, 2003.

The patent assignee is Innovation Connection Corporation of Richardson, Texas.

The invention of Doughty and Antaki relates generally to the field of electronic devices and equipment used in the authentication and processing of commercial and security related transactions and, more particularly, to a system, method and apparatus for enabling transactions using biometrically enabled programmable magnetic stripes.

 The security of current magnetic stripe cards is suspect due to the ease of card theft and `skimming` of card data for creating and using fake cards. Current magnetic stripe cards such as access, credit, debit, identification, security, stored value and vendor-specific cards, typically have a strip of magnetic material which is commonly referred to as a magnetic stripe, embedded in a plastic or laminate.

This magnetic stripe carries data for the cardholder, such as name, account number, card expiration date, and other important information. This information is typically stored in three data tracks within the magnetic stripe that carry a pattern of magnetization, which is a magnetic representation of the stored information.

Other common features of magnetic stripe cards that are well known to those skilled in the art, such as the cardholder's name, account number, expiration date, issuer, signature stripe, validation code, photograph, etc., are not shown. The magnetic patterns on the magnetic stripes are easily created, read and damaged. As a result, the security of cards that rely solely on magnetic stripes for information storage and authentication is low and renders their use in applications involving highly sensitive information suspect. These types of cards are easily stolen and/or the data is "skimmed" for the creation and use of fake or counterfeit cards.

One way to increase the security of information bearing cards is the use of smart cards, also referred to as chip cards. Although smart cards may also include a magnetic stripe, they primarily rely on an integrated circuit, also commonly referred to as a controller or processor, embedded within the plastic or laminated substrate below the terminals to store the cardholder's information.

The integrated circuit is communicably coupled to a set of metallic terminals that are designed to interface with a special reader.   A smart card is capable of incorporating multiple applications or accounts on a single card or other media. As a result, smart cards are widely recognized as a viable way to improve the effectiveness and security of a given card or device. Such smart cards require a different reader from the standard magnetic stripe readers that currently make up virtually the entire card reader infrastructure throughout the world. As a result, the acceptance and wide-spread use of "true" smart cards (without a magnetic stripe) has been slow.

Various compromise technologies have been developed that incorporate some of the flexibility and security features of smart cards into a magnetic stripe card using either an adapter or a programmable magnetic stripe.    

There is, therefore, a need for a practical and secure card that has the advantages of a smart card and will interface with magnetic stripe readers without the use of adapters. Moreover, there is a need for a proper authentication in multiple account/application cards and devices to reduce the risk to the device holder in the event of loss or fraudulent capture of the data within the multiple accounts on the device.

 The present invention provides a system, method and apparatus for a practical and secure card or device that has the advantages of a smart card and will interface with existing world-wide magnetic stripe readers without the use of adapters or bridges. Moreover, the present invention allows for proper authentication in multiple account/application cards and devices to reduce the risk to the device holder due to loss of the device or fraudulent capture of the data within the multiple accounts on the device. As a result, the present invention provides a secure and flexible system for security and/or commercial transactions using access, credit, debit, identification, security, stored value and vendor-specific cards and/or devices.

The present invention as described herein provides stringent protections for magnetic stripe cards and devices through the use of on-card/device biometric authentication of the user and programmable magnetic stripes such that the data within the tracks of the stripe can be spatially manipulated and managed by the logic within the processor/controller of the card or device. This allows magnetic stripe data to be modified or completely erased for protection of the cardholder, and then re-created on-demand by the programmable features built into the card or device.

Alternatively, the data can be stored in the on-card processor/controller and then transmitted via time-varying signal to the card reader thereby emulating the swipe of a magnetic stripe through the magnetic card reader. In addition, the card or device can provide such information via a contactless communication system. These capabilities also enable multiple sets of data and applications to be incorporated onto a single card, device or media, thereby making it a universal card/device with numerous sets of data such as accounts  and/or applications that can be temporarily downloaded onto the magnetic stripe from the memory of the on-card processor, used in the desired application, and then modified or erased.

Finally, some or all of the above features can be disabled until the owner of the card enables them through use of an on-card biometrics sensor and logic that is pre-registered to the cardholder. As a result, maximum security is guaranteed since the card cannot be used if it is lost or stolen, and skimming can be virtually eliminated by prompt modification or erasure of the magnetic stripe data following the basic transaction authorized by the owner.

 

The present invention provides an apparatus or user device that includes a substrate, a magnetic field generator disposed within the substrate that is normally inactive, a biometric sensor mounted on the substrate, a memory disposed within the substrate and a processor disposed within the substrate that is communicably coupled to the magnetic field generator, the biometric sensor and the memory. The processor is operable to process biometric information received from the biometric sensor to verify that a user is authorized to use the apparatus and activate the magnetic field generator when the user is verified. A power source is also disposed within the substrate and electrically connected to the magnetic field generator, the biometric sensor and the processor. The magnetic field generator can create a spatial magnetic signal using a magnetic stripe and one or more induction coils, or create a time-varying magnetic signal for emulating data obtained from swiping a magnetic stripe card through a magnetic card reader. As a result, the magnetic field generator emulates a programmable magnetic stripe.

 

The present invention also provides a method for enabling a transaction using an apparatus containing information associated with one or more users, a magnetic field generator that is normally inactive and a biometric sensor. The method includes the steps of receiving authentication data from the biometric sensor, determining whether the authentication data is valid for one of the users, and activating the magnetic field generator and generating a magnetic signal corresponding to the information associated with the authenticated user whenever the authentication data is valid. The method can be performed by a computer program, such as middleware, embodied in a computer readable medium wherein each step is implemented as one or more code segments.

In addition, the present invention provides a system having one or more user devices, one or more system interfaces operable to communicate with the user device and a system processor communicably coupled to the one or more system interfaces. Each user device includes a substrate, a magnetic field generator disposed within the substrate that is normally inactive, a biometric sensor mounted on the substrate, a memory disposed within the substrate and a device processor disposed within the substrate and communicably coupled to the magnetic field generator, the biometric sensor and the memory. The device processor is operable to process biometric information received from the biometric sensor to verify that a user is authorized to use the apparatus and activate the magnetic field generator when the user is verified. The user device also includes a power source disposed within the substrate and electrically connected to the magnetic field generator, the biometric sensor and the device processor.