U.S. patent application number 12/420417 was filed with the patent office on 2009-07-30 for smart card application system and method.
This patent application is currently assigned to AT & T INTELLECTUAL PROPERTY I, L.P.. Invention is credited to Robert Wesley Bossemeyer, JR., Gayle Roberta Ekstrom, Wayne Robert Heinmiller, Edmond W. Iaraelski, Jordan Howard Light.
Application Number | 20090192907 12/420417 |
Document ID | / |
Family ID | 35966417 |
Filed Date | 2009-07-30 |
United States Patent
Application |
20090192907 |
Kind Code |
A1 |
Bossemeyer, JR.; Robert Wesley ;
et al. |
July 30, 2009 |
Smart Card Application System and Method
Abstract
A smart card application system and method are disclosed. A
method includes controlling access to first restricted data stored
at a database server of a transaction processing system. The first
restricted data is associated with a commercial transaction. Access
to the first restricted data is granted upon receipt of a first
merchant code associated with a first merchant and a first user
identification code associated with a smart card.
Inventors: |
Bossemeyer, JR.; Robert Wesley;
(St. Charles, IL) ; Iaraelski; Edmond W.; (Lake
Barrington, IL) ; Heinmiller; Wayne Robert; (Elgin,
IL) ; Light; Jordan Howard; (Chicago, IL) ;
Ekstrom; Gayle Roberta; (Chicago, IL) |
Correspondence
Address: |
AT & T LEGAL DEPARTMENT - Toler;ATTN: PATENT DOCKETING
ROOM 2A-207, ONE AT & T WAY
BEDMINISTER
NJ
07921
US
|
Assignee: |
AT & T INTELLECTUAL PROPERTY I,
L.P.
Reno
NV
|
Family ID: |
35966417 |
Appl. No.: |
12/420417 |
Filed: |
April 8, 2009 |
Related U.S. Patent Documents
|
|
|
|
|
|
Application
Number |
Filing Date |
Patent Number |
|
|
11314263 |
Dec 21, 2005 |
7523489 |
|
|
12420417 |
|
|
|
|
09420877 |
Oct 19, 1999 |
7010701 |
|
|
11314263 |
|
|
|
|
Current U.S.
Class: |
705/17 ; 235/382;
235/383; 705/21; 707/999.009; 707/E17.005; 726/10; 726/9 |
Current CPC
Class: |
G06Q 20/351 20130101;
H04L 63/0853 20130101; G06Q 20/367 20130101; G06Q 20/202 20130101;
G06Q 20/02 20130101; H04L 63/104 20130101; G06Q 20/401 20130101;
G06Q 20/204 20130101 |
Class at
Publication: |
705/17 ; 235/382;
235/383; 705/21; 707/9; 726/9; 707/E17.005; 726/10 |
International
Class: |
G06Q 20/00 20060101
G06Q020/00; G06K 5/00 20060101 G06K005/00; G06K 15/00 20060101
G06K015/00; G06Q 30/00 20060101 G06Q030/00; G06F 17/30 20060101
G06F017/30; G06F 21/00 20060101 G06F021/00 |
Claims
1. A method comprising: controlling access to first restricted data
stored at a database of a transaction processing system, the first
restricted data associated with a commercial transaction; wherein
access to the first restricted data is selectively granted upon:
receipt of a first merchant code associated with a first merchant;
and receipt of a first user identification code associated with a
smart card.
2. The method of claim 1, wherein access to the first restricted
data is denied prior to receipt of the first merchant code and the
first user identification code.
3. The method of claim 1, wherein the first merchant code comprises
a digital certificate.
4. The method of claim 1, wherein the first restricted data
comprises a purchasing restriction associated with the first user
identification code.
5. The method of claim 4, wherein access to the purchasing
restriction is selectively granted to the first merchant upon
receipt of the first merchant code and the first user
identification code.
6. The method of claim 5, wherein the first merchant limits a
transaction value associated with the commercial transaction based
at least in part on the purchasing restriction.
7. The method of claim 1, further comprising granting access by a
second merchant to second restricted data that is stored in the
database, wherein access to the second restricted data is granted
upon receipt of a second merchant code associated with the second
merchant.
8. The method of claim 7, wherein the first merchant code is
uniquely associated with the first merchant and the second merchant
code is uniquely associated with the second merchant, and wherein
the first merchant is prevented from accessing the second
restricted data.
9. A transaction processing system comprising: a central database
server comprising a processor coupled to a memory, the central
database server to control access to first restricted data that is
associated with a commercial transaction between a first merchant
and a first user; wherein access to the first restricted data is
granted upon receipt by the central database server of: a first
merchant identifier associated with the first merchant; and a first
user identification code stored at a smart card.
10. The transaction processing system of claim 9, further
comprising a smart card terminal, the smart card terminal to
receive the first user identification code from the smart card and
to transmit the first user identification code to the central
database server.
11. The apparatus of claim 9, wherein completion of the commercial
transaction is denied until the first merchant identifier has been
verified by the transaction processing system.
12. The apparatus of claim 9, wherein the central database server
comprises a plurality of database servers and wherein the first
restricted data resides in one of the plurality of database
servers.
13. The apparatus of claim 9, wherein upon receipt by the central
database server of a second merchant identifier associated with a
second merchant, access to the first restricted data is denied to
the second merchant.
14. The apparatus of claim 9, wherein an access permission list
stored at the smart card comprises a plurality of merchant
identifiers including a second merchant identifier associated with
a second merchant, wherein upon receipt of the second merchant
identifier and the first user identification code, access to the
first restricted data is granted to the second merchant.
15. The apparatus of claim 9, wherein access to second restricted
data is provided to the first merchant upon receipt at the central
database server of a second user identification code that is
associated with the second restricted data.
16. A computer-readable medium storing processor-executable
instructions that, when executed by a processor, cause the
processor to: selectively grant access to restricted data stored at
a database server, the restricted data associated with one or more
commercial transactions between a merchant and a user, wherein
access to the restricted data is granted by the processor upon
receiving: a merchant identifier associated with the merchant; and
a user identification code read from a smart card associated with
the user.
17. The computer-readable medium of claim 16, wherein access to the
restricted data is restricted to a predetermined time period.
18. The computer-readable medium of claim 16, wherein the database
server is located externally to the smart card.
19. The computer-readable medium of claim 16, wherein the merchant
identifier comprises a caller identification (ID) that is
associated with the merchant.
20. The computer-readable medium of claim 16, wherein the
restricted data comprises a user charge account, and wherein the
one or more commercial transactions are prevented from being
completed until access to the restricted data is granted to the
merchant.
Description
CROSS-REFERENCE TO RELATED APPLICATIONS
[0001] This application is a continuation of and claims priority
from U.S. patent application Ser. No. 11/314,263, filed Dec. 21,
2005, entitled "NETWORK ARRANGEMENT FOR SMART CARD APPLICATIONS,"
which is incorporated herein by reference in its entirety.
BACKGROUND
[0002] 1. Field of the Disclosure
[0003] The present disclosure relates to smart card
applications.
[0004] 2. Description of the Related Art
[0005] The present telephone network including the copper, fiber
optic, and wireless communications infrastructure, provides a
potential robust architecture for data card or smart card
applications.
[0006] The term "data card" as used herein includes financial cards
such as credit cards, debit cards, ATM cards, as well as
non-financial data cards such as energy company cards, department
store cards, car rental cards, hotel cards and airline cards. Data
cards can also include driver's licenses, building security cards,
and personal identification cards. Data cards commonly have a
magnetic strip containing a limited amount of read-only data. Such
data cards are very common and most people carry numerous cards to
function in modern society.
[0007] Partly due to the number and types of data cards,
substitute, replacement, or consolidation cards have been developed
allowing multiple card issuers to be represented with a single data
card, thereby allowing consumers to carry just one card for several
types of transactions including those identified above. Such cards
have been referred to as "smart" cards. The magnetic-striped data
cards, which are in general use, have limited capabilities. Smart
cards, however, differ from data cards in that they can hold much
more information and often include some "intelligence" such as a
microprocessor or the like.
[0008] While much prior work is focused on the design of smart
cards, smart card readers, and applications for smart cards, there
has been much less focus on the integration of a centralized server
architecture or a network arrangement for multiple smart card
applications.
BRIEF DESCRIPTION OF THE DRAWINGS
[0009] FIG. 1 is a block diagram of one embodiment of a network
arrangement for smart card applications.
[0010] FIG. 2 is a block diagram of another embodiment of the
network arrangement for smart card applications.
[0011] FIG. 3 is a block diagram of a central database server of
FIG. 1 or FIG. 2.
DETAILED DESCRIPTION
[0012] In an embodiment, a method includes controlling access to
first restricted data stored at a database of a transaction
processing system. The first restricted data is associated with a
commercial transaction. Access to the first restricted data is
selectively granted upon receipt of a first merchant code
associated with a first merchant and a first user identification
code associated with a smart card.
[0013] In another embodiment, a transaction processing system
includes a central database server including a processor coupled to
a memory. The central database server is to control access to first
restricted data associated with a commercial transaction between a
first merchant and a first user. Access to the first restricted
data is granted upon receipt by the central database server of a
first merchant identifier associated with the first merchant and a
first user identification code stored at a smart card.
[0014] In another embodiment, a computer-readable medium stores
processor-executable instructions that, when executed by a
processor, cause the processor to selectively grant access to
restricted data stored at a database server. The restricted data is
associated with one or more commercial transactions between a
merchant and a user. Access to the restricted data is granted by
the processor upon receiving a merchant identifier associated with
the merchant and a user identification code read from a smart card
associated with the user.
[0015] A network arrangement is disclosed that is readily
accessible from different types of smart card terminals supporting
various smart card applications. The network connections are
facilitated by a telephone network or an interconnected network of
computers such as the Internet. With a centralized server
architecture, data related to an individual can be accessed by an
individual smart card, predefined groups of smart card users, or
the general public.
[0016] Referring to FIG. 1, there is shown an embodiment of a
network arrangement for smart card applications. The network
arrangement makes use of a central database server 10 that supports
many different smart card applications, and supports many users
within a given application. A smart card 12, in combination with a
smart card terminal 14, is used to access the central database
server 10 through a network central office 16 of a Public-Switched
Telephone Network.
[0017] The central database server 10 includes partitioned memory,
described in further detail below, as well as a microprocessor for
processing data received from and transmitted to the smart card
terminal 14.
[0018] The central database server 10 is a centralized partitioned
database server which partitions information both in terms of the
smart card application as well as the accessibility of the
information. The information is stored by category (medical,
financial, etc.) as well as level of security (unrestricted, or
public limited access, restricted). Thus, for example, in a retail
purchase application 18, a merchant may require access to a user's
credit information to determine whether to accept the user's credit
for a particular dollar amount. This information may be partitioned
in a limited access region 20 of commercial transaction
applications 18.
[0019] Private or proprietary information is partitioned such that
an owner of the information has control over how the information is
transferred and used. Thus, for example, medical information 22
provided to a health professional may be considered private and
only available by way of special authorization from the owner of
the information. In this way, the owner of the information
contained within the central database server has control over how
the information is transferred and used.
[0020] A structure of the central database server is similar to a
UNIX-based file system. Different user identification codes, or
data pointers, provided by smart cards 12 allow access to
partitions in the database. The information contained within the
central database server is associated with the user identification
codes on the smart cards 12 such that it can be classified as
public information available to all the world; limited access
information available to persons or selected groups with a user
authentication code; or proprietary information accessible only by
the owner of the information or a group with privileges to that
directory information. Besides restricting others access to a smart
card holder's information/data, the information or data within the
server 10 can limit options available to cardholders. For example,
the information owner can specify that a smart card belonging to a
person or a collection of cards belonging to a group such as a
family unit can be restricted in commercial transactions using the
smart card to a maximum dollar value over a given time interval, or
to particular merchants. Further examples of system transactions
will be described with reference to FIG. 3.
[0021] Each smart card 12 used with the system provides data
pointers to relevant partitions of the central database server 10.
This reduces the amount of information that must be stored or
transferred to each smart card 12 and enables data to be shared
across groups of cards that may be treated as a single unit. These
pointers facilitate more complex applications which may otherwise
require more resources than could be economically stored or
transferred to the smart card 12. Thus, the network augments or
replaces the amount of card memory typically associated with smart
cards. This allows greater capacity than could otherwise be
achieved by storing information on the cards alone.
[0022] Although the central database server 10 is shown as a single
server, it is to be understood that multiple servers may comprise
the central database server 10. For example, in the merchant
transaction discussed above, a purchaser's credit files are more
likely to be stored in a database monitored by credit reporting
companies such as TransUnion or Equifax as opposed to the central
database server 10. In such cases, the central database server 10
acts as a network smart card server that facilitates data transfer
between the database containing the desired information and the
merchant or person requesting the information. In the same way,
insurance information would ultimately reside with an insurer,
medical records with a health provider, financial records with a
bank or a broker, and so on. The network smart card server acts as
a secured gatekeeper to such information and the smart card acts as
the enabling key.
[0023] In another embodiment, a central time/date and certification
authority 30 is integrated into the network arrangement to verify
authenticity and timeliness of the information involved in the
smart card transaction such as medical, financial, and commercial
information. In addition, the central database server 10 and
central time/date authority 30 can be used to provide certified
personal information 32, such as digitized photograph, that can be
included as part of a photo identification such as a driver's
license.
[0024] Smart card 12 is formed of plastic or other suitable
material and contains circuitry 40 which includes a microprocessor
and memory including random access memory (RAM) and read only
memory (ROM). A face of the smart card 12 may have information
printed or embossed on it such as a photograph, in addition to a
name of a card holder. The same information can alternatively or
additionally be provided in a memory contained within the card 12.
The card memory also preferably includes a users "certificate" or
"digital signature" as well as encryption capability for
security.
[0025] FIG. 1 shows the smart card 12 interacting with a smart card
terminal 14. Smart card terminal 14 is capable of reading
information contained within the memory 40 of the smart card and is
also capable of writing information to the smart card memory to
update various records thereon. Smart card terminal 14 is connected
by a data link such as the plain old telephone system (POTS) or a
digital subscriber line (DSL) to a network central office 16 of the
Public-Switched Telephone Network. Although only one smart card 12
and smart card terminal are shown in FIG. 1, it is to be understood
that a plurality of cards 12 and terminals 14 access the central
database server 10 through the network central office 16.
[0026] In operation, the smart card 12 is inserted into the smart
card terminal 14 and a personal identification number (PIN) is
optionally entered using an input device 44 such as a keypad,
mouse, or a track ball provided on the terminal 14. A digital
signature or a voice print or other security measure 46 that is
stored in the central database server 10 can optionally be verified
as well. A desired application is then selected that relates to a
memory partition of the central database server 10, such as medical
treatment, financial transaction, telephone services, commercial
transaction, insurance, personal information, security
access/authorization, entertainment, or other application. Once the
user's authorization has been verified, data pointers on the smart
card 12 provide access to relevant partitioned memory portions of
the central database server 10. Routing circuitry controlled by the
microprocessor within the central database server 10 routes the
data pointer to appropriate memory locations or database of the
information keeper relating to the application at issue, such as
medical, financial, etc. Data from these various locations is
supplied back to the smart card terminal 14, and if appropriate,
the data stored on the smart card 12 is updated.
[0027] Because the majority of the information is stored at a
central location, namely the central database server 10, the
present network arrangement allows for advance smart card terminals
50 which include a display unit 52, a keyboard 54, and a pointing
device such as a track ball 56 or mouse. A smart card 12 coupled
with such a terminal 50 having an established connection through
the network central office 16 to the central database server 10 has
the power of a typical networked computer. Smart card 12, in such a
case, provides access to the authorization procedure, user profile
information, and pointers to relevant data within the partitioned
central database server 10.
[0028] It is contemplated that such smart card "docking stations"
could transform hotel room entertainment centers or airplane seat
video screens into networked computers with the insertion of a
user's smart card.
[0029] Referring to FIG. 2, another embodiment of the network
arrangement for smart card applications is shown. In contrast to
FIG. 1, the network arrangement of FIG. 2 is implemented over an
interconnected network of computers such as the Internet 100 as
well as or alternatively to the traditional telephone network 102.
In this example, Merchant A can be identified to the network smart
card server 110 via the dial-up network of the telephone network
102. For example, the "caller ID" feature of the telephone network
102 could identify the merchant to the network smart card server
110. Alternatively, the server 110 can identify the merchant, such
as Merchant B by way of a digital certificate or access code
associated with the particular merchant transmitted over the
Internet. The merchant record at the server 110 identifies the
nature of the transaction, i.e., pharmacy, dentist/doctor,
insurance, financial, travel, retail, etc. This link between the
merchant and server 110 may be established at the start of each
business day, at the time of the transaction, or may be
continuously established until The merchant has "logged off" the
system.
[0030] FIG. 3 shows a schematic diagram of the partitioned server
database of FIGS. 1 and 2. A typical network transaction will now
be described with reference to FIGS. 1, 2 and 3. A user presents
their smart card 12 to a merchant such as a pharmacy. The card 12
is inserted into a card terminal 14, 50 to provide authentication
information to the merchant. Preferably, the smart card provides a
one-time encrypted user authentication code based on the user's
digital signature or certificate. This code, in turn, is
transmitted, over the communication network 100, 102 along with the
merchant identification code to the server 10, 110. Thus, the
digital signature of the card does not change, but an authorization
code generated by an encryption scheme known to the server provides
a unique access code each time the card is involved in a
transaction with the network.
[0031] The network server 10, 100 validates the user identification
by decrypting the authorization code. This information is then
cross-referenced with the merchant code to identify the information
available to the merchant. The merchant can then view the
information stored within the server 10, 110, upload/download
information and perform transactions which are recorded at the
server 10, 100.
[0032] The merchant's access to the information is limited by time
and/or number of transactions depending upon the type of merchant
or nature of information. Preferably, however, the merchant would
be allowed continuous access to information it has provided such as
all past transactions with a certain user even after access to the
user's information expires.
[0033] FIG. 3 provides one example of the type of information
accessible within or through the server 200. As mentioned above,
information is stored in three levels of security unrestricted,
limited access, and restricted. In the pharmacy example, once the
user's authentication code and merchant code have been verified by
the system, the pharmacist may have access to the user's digital
wallet 210, medical alerts 212, and insurance and prescription
information 214. Without further authorization, however, the
pharmacy would not have access to the user's medical history
216.
[0034] Similarly, a grocer may have access to the user's digital
wallet 210 and medical alerts 212, which may be necessary in the
event of a medical emergency, but is probably not be allowed to
access any other user information.
[0035] In contrast, a loan officer at a bank or automotive
dealership would be allowed to access to the user's credit history
218, as well as the user's financial account balances 220.
[0036] Data is stored in the server in several ways. Merchant
profiles become populated when a merchant subscribes to the
service. Default profiles can exist for merchants until a
sufficient number of transactions occur through that merchant to
provide network use information, which may be relevant to the
system. Similarly, the user data becomes populated when the user
subscribes as part of the smart card activation process. Additional
data is created as the user and the merchants interact with the
system.
[0037] While the invention has been described in connection with
one or more embodiments, it will be understood that the invention
is not limited to those embodiments. On the contrary, the invention
covers all alternatives, modifications, and equivalents, as may be
included within the scope of the appended claims.
* * * * *