EXHIBIT 2020
`
`EXHIBIT 2020
`
`Dynamics Inc. - Ex. 2020
`Page 1
`
`Dynamics Inc. - Ex. 2020
`Page 1
`
`

`

`(19) United States
`(12) Patent Application Publication (10) Pub. No.: US 2008/0126260 A1
`(43) Pub. Date:
`May 29, 2008
`Cox et al.
`
`US 2008O126260A1
`
`(54)
`
`(76)
`
`(21)
`(22)
`
`(63)
`
`(60)
`
`PONT OF SALE TRANSACTION DEVICE
`WITH MAGNETC STRIPE EMULATOR AND
`BOMETRICAUTHENTCATION
`
`Inventors:
`
`Mark A. Cox, West Chester, PA
`(US); John K. Bona, York, PA (US)
`Correspondence Address:
`FOX ROTHSCHILD, LLP
`625 LIBERTY AVENUE
`PITTSBURGH, PA 15222-3155
`Appl. No.:
`11/943,575
`
`Filed:
`
`Nov. 20, 2007
`
`Related U.S. Application Data
`Continuation-in-part of application No. 1 1/456,906,
`filed on Jul. 12, 2006.
`Provisional application No. 60/866,909, filed on Nov.
`22, 2006, provisional application No. 60/866,922,
`
`filed on Nov. 22, 2006, provisional application No.
`60/942,729, filed on Jun. 8, 2007.
`
`Publication Classification
`
`(51) Int. Cl.
`(2006.01)
`G06K 9/06
`(52) U.S. Cl. .......................................................... 705/67
`
`ABSTRACT
`(57)
`A handheld unit which is capable of emulating a plurality of
`Smartcards or magnetic stripe cards. The unit has the capabil
`ity of storing a plurality of data sets representing a plurality of
`accounts. The unit is equipped with an RF interface that can
`emulate a Smartcard interface that is capable of communicat
`ing with smartcard readers at POS or ATM terminals, or
`anywhere else a Smartcard may be utilized. The unit is also
`equipped with a programmable magnetic strip Such that it can
`be used anywhere a magnetic stripe card can be Swiped or
`inserted. The unit is equipped with a biometric sensor to
`positively verify an authenticated user.
`
`
`
`DISPLAY
`Ol
`
`ISSUERLOGO
`ACCOUNT INFO
`
`
`
`N
`
`
`
`LEFT/RIGHT
`UP/DOWN
`ENTER KEYS
`
`NUMERC
`KEYPAD
`lO3
`
`
`
`
`
`
`
`
`
`BEVELED
`AREA
`lO4
`
`
`
`BIOMETRIC
`INPUT
`O5
`
`Dynamics Inc. - Ex. 2020
`Page 2
`
`

`

`Patent Application Publication
`
`May 29, 2008 Sheet 1 of 18
`
`US 2008/O126260 A1
`
`
`
`
`
`
`
`d|HO OHN
`
`?OI
`
`
`
`N
`
`Dynamics Inc. - Ex. 2020
`Page 3
`
`

`

`Patent Application Publication
`
`May 29, 2008 Sheet 2 of 18
`
`US 2008/O126260 A1
`
`
`
`Dynamics Inc. - Ex. 2020
`Page 4
`
`

`

`Patent Application Publication May 29, 2008 Sheet 3 of 18
`
`US 2008/O126260 A1
`
`
`
`56
`
`155
`
`153
`
`154
`
`15
`
`152
`
`FIG. 3
`
`Dynamics Inc. - Ex. 2020
`Page 5
`
`

`

`Patent Application Publication May 29, 2008 Sheet 4 of 18
`
`US 2008/O126260 A1
`
`l62
`
`153
`
`150
`
`FIG. 4
`
`Dynamics Inc. - Ex. 2020
`Page 6
`
`

`

`Patent Application Publication May 29, 2008 Sheet 5 of 18
`
`US 2008/O126260 A1
`
`74
`
`75
`
`
`
`76
`
`150
`
`17
`
`Dynamics Inc. - Ex. 2020
`Page 7
`
`

`

`Patent Application Publication May 29, 2008 Sheet 6 of 18
`
`US 2008/O126260 A1
`
`
`
`704
`
`AR\ 4PA
`
`4PN
`ARA
`
`705
`
`702
`
`FIG. 6
`
`Dynamics Inc. - Ex. 2020
`Page 8
`
`

`

`Patent Application Publication May 29, 2008 Sheet 7 of 18
`
`US 2008/O126260 A1
`
`
`
`402
`ROM/RAM
`MEMORY
`
`403
`FLASH
`MEMORY
`
`404
`SMART CARD
`CONTROL
`
`405
`CONTACT
`SMART CARD
`READ/WRITE
`
`4Ol
`SYSTEM BOARD
`
`409
`DISPLAY
`CONTROL
`
`40
`o
`BIOMETRIC
`SENSOR
`CONTROL
`
`4O6
`POWER
`MANAGEMENT
`
`4O7
`MAGNETIC
`STRIPE
`CONTROL
`
`4ll
`PROGRAMMABLE
`SOFT KEY
`CONTROL
`
`FIG. 7
`
`Dynamics Inc. - Ex. 2020
`Page 9
`
`

`

`Patent Application Publication
`
`May 29
`
`9
`
`2008
`
`Sheet 8 of 18
`
`US 2008/O126260 A1
`
`
`
`109
`
`HOIABC]
`
`Dynamics Inc. - Ex. 2020
`Page 10
`
`

`

`Patent Application Publication May 29, 2008 Sheet 9 of 18
`
`US 2008/O126260 A1
`
`900
`
`INTIALIZE
`DEVICE
`
`DELETE
`ALL
`RECORDS
`
`DEFINE NUMBER OF
`BIOMETRIC MATCHES
`FOR AUTHENTICATION
`X = (1 OR 2)
`
`COUNTER - O
`
`
`
`
`
`
`
`
`
`BIOMETRIC
`CAPTURE ENCODE
`STORE PROCESS
`
`ADD TO COUNTER
`
`96
`
`ENROLL
`ANOTHER
`USER
`p
`
`END
`ENROLLMENT
`
`FIG. 9
`
`Dynamics Inc. - Ex. 2020
`Page 11
`
`

`

`Patent Application Publication May 29, 2008 Sheet 10 of 18
`
`US 2008/O126260 A1
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`OOO
`
`? OO2
`
`OO3
`?
`
`BIOMETRIC
`SENSOR
`ORSCROLL KEY
`IS TOUCHED
`DISPLAY
`ACTIVATION
`ERROR
`WESSAGE
`
`BIOMETRIC
`
`CAPTURE
`ENCODE MATCH
`PROCESS
`
`DISPLAY
`NVALIDENTRY
`MESSAGE
`
`NO
`
`POSITIVE
`MATCH?
`
`UPDATE
`COUNTER
`
`COUNTER
`MATCH
`SETTINGS
`
`REACHED
`RETRY LIMIT?
`
`
`
`CLEAR
`ACTIVATION
`ERROR
`MESSAGES
`
`RETURN
`TRUE
`
`O8
`
`END
`ENROLLMENT
`
`O2
`
`FIG. O
`
`Dynamics Inc. - Ex. 2020
`Page 12
`
`

`

`Patent Application Publication
`
`May 29
`
`9
`
`2008 Sheet 11 Of 18
`
`US 2008/O126260 A1
`
`
`
`
`
`Dynamics Inc. - Ex. 2020
`Page 13
`
`

`

`Patent Application Publication May 29, 2008 Sheet 12 of 18
`
`US 2008/O126260 A1
`
`
`
`
`
`
`
`
`
`
`
`
`
`DEVICE
`ACTIVATION
`
`RECORD
`
`USE
`
`1212
`
`KEY
`PRESSED
`
`SELECT
`NEXT OR PREVIOUS
`
`RECORD
`
`FIG. 2A
`
`1208
`
`DEVICE
`
`Dynamics Inc. - Ex. 2020
`Page 14
`
`

`

`Patent Application Publication May 29, 2008 Sheet 13 of 18
`
`US 2008/O126260 A1
`
`
`
`
`
`
`
`
`
`
`
`
`
`l2OO
`
`12O2
`
`l2O4.
`
`DEVICE
`ACTIVATION
`
`1DISPLAYY
`ACTIVE
`ACCOUNT
`N RECORD
`
`ENABLE ACTIVE
`ACCOUNT FOR
`USE
`
`DEACTIVATE
`DEVICE
`
`l2O8
`
`12
`
`
`
`CONTROL
`KEY
`PRESSED
`
`SOFT
`KEY
`PRESSED
`
`
`
`YES "R"
`FIG. 13
`
`SELECT
`NEXT OR PREVIOUS
`ACCOUNT
`RECORD
`
`1213
`
`FIG. 2B
`
`Dynamics Inc. - Ex. 2020
`Page 15
`
`

`

`Patent Application Publication
`
`May 29, 2008 Sheet 14 of 18
`
`US 2008/O126260 A1
`
`
`
`dO|
`
`TE/NET
`
`[]NEW
`
`NO||OETES
`
`ÕÕ?I
`
`Dynamics Inc. - Ex. 2020
`Page 16
`
`

`

`Patent Application Publication
`
`May 29, 2008 Sheet 15 of 18
`
`US 2008/O126260 A1
`
`
`
`EN||HEO
`
`MEN
`
`INDOOOVÝ
`
`CÈHOOHèl
`
`GO?I
`
`Dynamics Inc. - Ex. 2020
`Page 17
`
`

`

`Patent Application Publication May 29, 2008 Sheet 16 of 18
`
`US 2008/O126260 A1
`
`
`
`DEVICE
`100
`
`DEVICE
`OO
`
`POS WITH
`MAGNETIC STRIPE
`READER OR
`CONTACTLESS
`SMARTCARD
`
`NFC
`ENABLED POS
`DEVICE
`
`APPLICATION
`TRANSACTION
`
`APPLICATION
`TRANSACTION
`
`FIG. 15
`
`FIG. 6
`
`Dynamics Inc. - Ex. 2020
`Page 18
`
`

`

`Patent Application Publication
`
`May 29, 2008 Sheet 17 of 18
`
`US 2008/O126260 A1
`
`CONSUMER PROVIDES
`ACCOUNT AND
`ONE-TIME PASSWORD
`TO MERCHANT
`
`MERCHANT INCLUDES
`ONE-TIME PASSWORD
`DURING PAYMENT
`AUTHORIZATION
`
`PAYMENT
`PROCESSOR OR
`GATEWAY SERVICE
`
`16O2
`
`1603
`
`604
`
`FINANCIAL INSTITUTION
`CARD ISSUERVERIFIES
`ONE-TIME PASSWORD
`AND AUTHORIZES
`THE CHARGE
`
`PAYMENT PROCESSING
`SERVICE VERIFIES
`ONE-TIME PASSWORD
`AND AUTHORIZES
`THE CHARGE
`
`1606
`
`1605
`
`
`
`
`
`ACGURING
`BANK
`
`PAYMENT CARD
`ASSOCATION
`
`FIG. 17
`
`Dynamics Inc. - Ex. 2020
`Page 19
`
`

`

`Patent Application Publication May 29, 2008 Sheet 18 of 18
`
`US 2008/O126260 A1
`
`
`
`804
`
`806
`
`808
`
`8O
`
`812
`
`ACCOUNT
`PROPERTIES
`
`DISPLAY
`ICON
`
`TRACKDATA
`
`TRACK 2 DATA
`
`ar
`
`SMART CARD FILE SYSTEM
`
`8OO
`
`FIG. 8
`
`Dynamics Inc. - Ex. 2020
`Page 20
`
`

`

`US 2008/O126260 A1
`
`May 29, 2008
`
`PONT OF SALE TRANSACTION DEVICE
`WITH MAGNETIC STRIPE EMULATOR AND
`BIOMETRICAUTHENTICATION
`
`RELATED APPLICATIONS
`0001. This application is a continuation-in-part of
`co-pending U.S. application Ser. No. 1 1/456,906, filed Jul.
`12, 2006, and claims the benefit of U.S. provisional applica
`tions 60/866,909, filed Nov. 22, 2006, entitled “Biometrically
`Secured Point Of Sale Transaction Device, 60,866,922, filed
`Nov. 22, 2006, entitled “Affinity Card With Biometric Secu
`rity”, and 60/942,729, filed Jun. 8, 2007, entitled “Smartcard
`and Magnetic Stripe Emulator Having Biometric Authentica
`tion With Enhanced Features.
`
`BACKGROUND OF THE INVENTION
`0002 Plastic credit card issuers lose billions of dollars
`worldwide each year to credit card fraud. These losses are
`often offset to Some degree by passing off to consumers and
`merchants in the form of higher transaction fees and interest
`rates. However, the losses to the credit card issuers are still
`Substantial.
`0003 Credit card information can be obtained for fraudu
`lent use in a number of different ways. Recent cases have
`shown employees or hackers obtaining unauthorized access
`to merchant or card processor databases, compromising mil
`lions of credit and debit card accounts. Frequently, the credit
`cards themselves are lost or stolen, making it possible for the
`thief to make unauthorized charges on the account until the
`account can be cancelled. Account information can also be
`illegally obtained through identity theft, whereinathief poses
`as an individual, or by what is know as "skimming or "clon
`ing', which are high-tech methods used by thieves to capture
`personal information or account information from the mag
`netic stripe on a credit card.
`0004. Because account information is static, once it has
`been compromised, it can be used to make fraudulent trans
`actions at multiple merchant sites, or by online transactions
`and other "card not present transactions, such as mail order
`or phone order. It would therefore be desirable to have a way
`of making the information required to complete a credit card
`transaction dynamic, that is, changing after every transaction,
`thereby greatly limiting the opportunities for fraudulent
`transactions to occur. The “chip and pin' initiative in the
`United Kingdom is a step in this direction. This program
`utilizes a Smartcard type of credit card and requires the user to
`enter a PIN number when making a transaction in lieu of a
`signature. The PIN number is matched with the number
`stored on the chip inside the Smartcard. Note that this arrange
`ment, while a step in the right direction, does not solve fraud
`in "card not present transactions.
`0005 Radio frequency identification devices (RFID) are
`well known in the art. A typical RFID device includes an
`antenna and a chip that is activated by RF energy emitted by
`a reading device. The antenna on the reading device induces
`a signal into an RFID chip which is in close proximity to the
`reading device, causing the RFID device it to transmit a small
`amount of data back to the reading device. An RFID tag can
`be thought of as similar in usefulness to a bar code.
`0006 RFID has found its way into many applications,
`including inventory control and tracking, as Substitutes for
`traditional magnetic strip cards for electronic payments at
`point of sale (POS) locations, devices for automatically pay
`
`ing tolls on highways, passports and personal identification
`cards. RFID devices have even been used as embedded
`devices within living beings Such as domesticated pets and
`children.
`0007. A “smartcard is a card that is embedded with either
`a microprocessor and a memory chip or a memory chip with
`non-programmable logic. The microprocessor can add,
`delete, and otherwise manipulate information on the card,
`while a memory-chip card can only undertake a pre-defined
`operation. Although Smartcards utilize radio frequency (RF)
`to transmit and receive data, they are unlike traditional RFID
`tags or magnetic strip cards in that all necessary functions and
`information necessary for the completion of a transaction can
`be carried on the card. Therefore, they do not require access to
`remote databases at the time of the transaction. Smartcards
`are governed by many standards, in particular, ISO/IEC stan
`dards 7816 and 14443. The previously mentioned “chip and
`pin' program in the UK utilizes this type of card.
`0008. The Smartcard is quickly replacing the traditional
`method of 'Swiping credit cards with data contained on mag
`netic stripes. At a point-of-sale (POS), the smart card is acti
`vated by a contactless reader attached to an external device
`required for the application, for example, an RFID reader
`attached to a cash register. The readers RF antenna induces a
`signal into the cards RF antenna, thereby activating the Smart
`card. The application can then communicate with the Smart
`card via the reader unit to transmit the cardholder's account
`databack to the point of sale application, utilizing a command
`set specified by the ISO 7816 standard.
`0009 While smart cards allow transactions to be per
`formed at a faster rate than traditional magnetic stripe cards,
`they only offer a small improvement in security to guard
`against account data theft than the conventional magnetic
`stripe credit cards they are replacing. A closer examination of
`this technology reveals several inadequacies that will allow
`fraudulent and illegal trends to emerge. First, owners making
`a purchase no longer enter PIN numbers or sign a printed copy
`of the credit card transaction. Therefore, if a smartcard is lost
`or stolen, it can be used to make unauthorized purchases.
`Also, there are new security threats that are technically pos
`sible against contactless Smart cards. A lost or stolen Smart
`card also contains all the required information thereon,
`including the account number, CCV and any other informa
`tion necessary to complete a transaction, that can be easily
`read and copied. Differential Power Analysis (DPA) and
`Simple Power Analysis (SPA) may be used to steal the secu
`rity keys for communication encryption and decryption. In
`addition, Smartcards are subject to certain types of attacks,
`known as "relay attacks, in which a Smartcard not in close
`proximity to a POS-based reader can be used by “relaying its
`information through another reader and Smartcard pair.
`0010. These deficiencies represent a dramatic financial
`threat to both the issuing institutions and the card owners.
`While credit card companies and insurance companies that
`underwrite fraud coverage usually absorb the losses associ
`ated with fraudulent activity, the long-term implications for
`victims and their credit ratings are very serious. Additionally,
`it is intuitive that any perceived security risk associated with
`Smartcard technology would represent an obstacle to wide
`spread market acceptance. Therefore, it would be advanta
`
`Dynamics Inc. - Ex. 2020
`Page 21
`
`

`

`US 2008/O126260 A1
`
`May 29, 2008
`
`geous to provide a means of securing the data stored within
`Smartcards from being covertly and illegally harvested.
`
`SUMMARY OF THE INVENTION
`
`0011. The present invention is a cost effective device
`capable of storing the information from multiple Smartcards
`and data from multiple conventional magnetic stripe cards for
`use either through a magnetic stripe emulator or as a virtual
`contactless Smartcard, and preventing both unauthorized use
`of the device and outright theft of the information on the
`device via a biometric recognition technology, Such as, for
`example, fingerprint verification or Voice recognition. In this
`capacity, the theft of account data via relay attack, as well as
`crimes associated with lost or stolen Smartcards, will be vir
`tually eliminated.
`0012. In the preferred embodiment, the present invention
`is comprised of two components, a Software application run
`ning on a personal computer and a handheld portable data
`storage and transmission device. Optionally, an associated
`base unit may also be provided.
`0013 The handheld device, in the preferred embodiment,
`is the size of a credit card, and conforms to the ISO 7813
`standard of 0.76 mm in thickness. It contains a display and a
`keypad, as well as several navigation buttons to navigate
`through the accounts and applications and to make appropri
`ate selections. Optionally, a portion of the device also con
`tains a programmable magnetic stripe. The device is equipped
`With a main processor capable of executing simple applica
`tions, as well as a Smartcard chip set and related antenna.
`0014. The device may also incorporate a near field com
`munications (NFC) capability which is compatible with the
`ISO 14443 standard. NFC is a peer-to-peer connection that
`allows the transfer of larger amounts of data than a simple
`query and reply smartcard. The NFC capability can therefore
`emulate a smartcard. The NFC capability may also be used for
`downloading various data to device, such as electronic
`receipts, coupons, advertising content, electronic tickets, etc.
`Additionally, the device is capable of communicating with
`NFC-enabled POS terminals, for purposes of transmitting
`account information, coupon information, and other types of
`information to the POS terminal, and can also receive infor
`mation, such as an electronic receipts, from the POS terminal.
`Additionally, the device will be able to communicate with
`other NFC-enabled devices, such as kiosks, where discount
`coupons may be available, and ticketing agents, where event
`tickets may be purchased and stored electronically until their
`US
`00.15 Most importantly, the device incorporates a biomet
`ric sensor for performing fingerprint or other biometric iden
`tification to positively identify the user as the owner of the
`device. This provides the means to ensure that only the autho
`rized card owner is actually performing the transaction. In the
`preferred embodiment, fingerprint verification is used to bio
`metrically identify the authorized user, however, other means
`of identifying the users, both biometric and non-biometric
`may also be used. Authentication is required for each trans
`action, and the identity of the authorized user must be verified
`before the device's programmable magnetic stripe, Smartcard
`circuitry or NFC circuitry is activated, and its signal trans
`mitted to an RFID reader or NFC-enabled POS terminal.
`Authentication may not be required for all functions of
`device. For example, it may not be desirable to require
`authentication for the downloading of coupons.
`
`(0016 Preferably, one embodiment of the device will have
`standard Smartcard contacts. The optional base unit will con
`tain mating connectors which will allow data transfer
`between the device and an application program running on a
`standard personal computer, and which will also allow charg
`ing of the device's rechargeable batteries through the Smart
`card contacts. In addition, the base unit may optionally con
`tain an NFC or smartcard reader, such that the base can act as
`a POS terminal for on-line purchases.
`0017. The handheld device will communicate with an
`application running on a personal computer, and will prefer
`ably be connected to the personal computer via a base unit, or,
`alternatively, directly via a wireless connection, Such as Blue
`tooth. The personal computer application allows the down
`loading of account information from multiple credit or other
`type cards into the device, and can be synchronized with the
`handheld device when they are connected, such that the data
`on the personal computer mirrors the data on the handheld
`device. The personal computer application will also provide
`other functionality which will be discussed in detail herein.
`The device contains ample memory to store account informa
`tion from multiple conventional magnetic stripe cards and
`Smartcards.
`0018. The handheld device can also emulate a magnetic
`stripe card by utilizing a programmable magnetic stripe
`which can be re-programmed on the fly and which can be
`erased after a pre-determined period of time or number of
`uses for security purposes. Account information from cards
`having a magnetic stripe may also be transmitted via an RF
`signal, in the event that an RF reader is available at the POS
`terminal. In this fashion, conventional magnetic stripe card
`owners will be able to perform transactions at venues utilizing
`the more desirable contactless, RF technology.
`0019. The handheld device must be initialized prior to the
`downloading of account information. The initialization pro
`cess begins with a user enrollment step, in which the user is
`prompted to place one or more fingertips on the biometric
`sensor. The fingerprints are then Scanned, converted into digi
`tal templates, and stored in the memory of the handheld
`device. The fingerprint templates can then be used for the
`authentication and activation process prior to the program
`ming of the magnetic stripe or any RF signal transmission.
`Optionally, multiple users may be enrolled to use the various
`accounts stored on the card.
`0020. Use of an account stored on the device depends upon
`the user biometrically establishing his or her identity and then
`selecting a particular account, which becomes the “active'
`account. To authenticate, the user places a finger on the bio
`metric sensor and the fingerprint is scanned and matched
`against one of the fingerprint templates stored on the device.
`Optionally, multiple fingerprints from different fingers may
`be required to unlock the device. In this capacity, any unau
`thorized use of the card is prohibited, thereby adding a new
`level of security to transactions with both conventional and
`Smartcards.
`0021 One shortcoming offingerprint recognition is that a
`Small percentage of the population lacks a usable fingerprint
`pattern for this purpose. In such cases, the users may option
`ally have the ability to enter a personal identification number
`(PIN) as an alternate method of authentication. During ini
`tialization, the user will be prompted to select either finger
`print or PIN for authentication. Once the PIN is entered the
`device will store the selected application data set in memory.
`
`Dynamics Inc. - Ex. 2020
`Page 22
`
`

`

`US 2008/O126260 A1
`
`May 29, 2008
`
`0022. For security purposes and to prevent certain types of
`security attacks on the device. The RF antenna in the device is
`disabled after a single use. Without an enabled antenna, an
`interrogating RF signal will not be received and the device
`will not be able to transmit a response signal. When a subse
`quent transaction is desired, and the authentication process is
`completed, the antenna is re-enabled for a time sufficient to
`complete the transaction, then automatically disabled. Alter
`natively, the device could be enabled for a single transmission
`of the account data. For transactions involving a magnetic
`stripe, the programmable magnetic stripe on the device is
`erased after a predetermined period of time to prevent re-use.
`The device may also contain circuitry to record and time
`stamp all attempts at retrieving data, including both authen
`ticated attempts and attempts to use the device without
`authentication.
`0023 The device may optionally be equipped with a cam
`era of the type frequently found on cellular telephones. The
`camera may be used to capture information from coupons by
`taking a photo of the coupon's barcode. In such cases, the
`device is also equipped with barcode reading Software which
`is able to read the bar code from the captured photograph and
`display the information to the user in plain-text.
`0024. The inventors envision other types of biometric
`methods used with the device for authentication, including
`but not limited to, Voice recognition, skin resistance and skin
`capacitance, and any other type of biometric verification now
`known or later invented.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`0025 FIGS. 1a through 1d show front, back, side and
`bottom views of the device of a first embodiment of the
`device.
`0026 FIG. 2 shows the optional base unit of the invention
`to be used with the first embodiment.
`0027 FIG. 3 shows the front face of a preferred embodi
`ment of the device having a credit card or Smartcard form
`factor.
`0028 FIG. 4 shows the back face of the preferred embodi
`ment of the device, showing the magnetic stripe emulator.
`0029 FIG. 5 is an internal view of the preferred embodi
`ment of the device, showing components in schematic form.
`0030 FIG. 6 is a system diagram of the preferred embodi
`ment of the device, showing the interconnection of the Vari
`ous components.
`0031
`FIG. 7 is a schematic of an exemplary configuration
`of the hardware architecture of the preferred embodiment of
`the device.
`0032 FIG. 8 is an exemplary configuration of the high
`level software architecture of the device.
`0033 FIG. 9 is a flow chart showing the enrollment of a
`user on the device.
`0034 FIG. 10 is a flow chart showing the biometric
`authentication of a user.
`0035 FIG. 11 is a flow chart showing the device provi
`Sioning process wherein electronic account records are down
`loaded from account issuers.
`0.036 FIG.12a is a first embodiment of a flow chart show
`ing the selection and activation process of an account.
`0037 FIG. 12b is a flow chart showing an alternative
`embodiment of the process by which accounts are selected
`and activated.
`
`0038 FIG. 13 is a functional diagram of the menu struc
`ture of the software application which may optionally be
`present on the handheld device.
`0039 FIG. 14 is a functional diagram of the supporting
`application running on the personal computer.
`0040 FIG. 15 is a first example of a device and reader
`application utilizing a magnetic Swipe or a contactless Smart
`card model as a communications medium.
`0041
`FIG. 16 is a second example of a device and reader
`application utilizing NFC as the communications medium.
`0042 FIG. 17 is a flow chart of a transaction using the
`device of the present invention wherein a dynamic security
`code is generated on a per-transaction basis.
`0043 FIG. 18 is a diagram showing the general structure
`of a data record for an account downloaded into the device.
`
`DETAILED DESCRIPTION OF THE INVENTION
`0044) The device of the present invention is contemplated
`to be produced in one of two embodiments. In one embodi
`ment, shown in FIGS. 1a through 1d, the device has two
`portions having different thicknesses. One portion of the
`device is the thickness of a typical credit card, while a second
`portion is thicker, allowing more room for physical compo
`nents. In a second, and preferred embodiment, shown in
`FIGS. 3 and 4, the entire device is the thickness of a typical
`credit card, and is able to be used in all places that a credit card
`is able to be used, including those, such at ATMs and gas
`pumps, that require full insertion of the card.
`0045 FIG.1a-1c shows front, back and side views respec
`tively of the exterior of the first embodiment of device 100,
`which contains two portions, thinner portion 100a and thicker
`portion 100b. Thicker portion 100b preferably is about 10
`mm or less in thickness and may be composed of any material
`commonly used for housing electronic devices, but is prefer
`ably composed of a material that will not interfere with the
`transmission or reception of RF signals. The front of device
`100 contains display 101, which may be an LCD display, as
`well as menu selection keys 102 and numeric keypad 103.
`Menu selection keys 102 facilitate navigation through a series
`of menus displayed on display 101. Menu selection keys 102
`consist of directional keys, which may be used move a cursor
`up, down, left or right, while a central ENTER key may be
`used to select menu items. The directional keys and ENTER
`key may be of any configuration.
`0046. Thinner portion 100a of device 100 contains a pro
`grammable magnetic stripe 107 of the rear side thereof and is
`preferably approximately 0.76 mm in thickness, in accor
`dance with ISO standard 7813. The thickness of portion 100a
`of device 100 is such that it can be passed through a typical
`magnetic stripe card reader. Between sections 100a and 100b
`is a beveled area 104 which makes the transition from the thin
`portion of device 100 to the thick portion. The thinner portion
`100a of device 100 and magnetic stripe 107 are optional. It is
`envisioned that future versions of the device will be made
`without the programmable magnetic stripe 107, as magnetic
`stripe credit cards and readers are phased out in favor of
`contactless transaction devices. In Such cases, thinner portion
`100a of device 100 may be absent.
`0047. Also located on the front of device 100 is biometric
`input sensor 105 which, in the preferred embodiment, con
`sists of a fingerprint Scanner. In other embodiments of the
`invention, other biometric authentication devices may also be
`used. Such as Voice recognition, skin pH analysis, or any other
`means of identifying the user, now known or later invented. In
`
`Dynamics Inc. - Ex. 2020
`Page 23
`
`

`

`US 2008/O126260 A1
`
`May 29, 2008
`
`addition, the biometric authentication may be replaced an
`alphanumeric password or PIN that the user may enter into
`device 100 using numeric keypad 103.
`0048. The rear of the device contains programmable mag
`netic stripe 107 situated on the thin portion 100a of device
`100. Also located on the back of the device is optional camera
`106, which is used primarily in the preferred embodiment for
`taking photographs of barcodes which can be read through
`barcode recognition Software, however, any images may be
`captured and stored on the device for display or transmission.
`In addition, NFC chip 108 and Bluetooth chip 109 are shown
`on the rear of device 100, however, these chips are actually
`internal to the device. Also located on the back of device 100
`may be system reset button 110.
`0049. The side view of device 100 in FIG.1c shows device
`soft key 109, which is used by the user to interact with the
`Software application programmed into the device.
`0050 FIG. 1d shows the bottom of device 100 showing
`thin area 100a having the magnetic stripe 107 disposed
`thereon, thicker area 100b and the beveled transition 104
`therebetween. Also present on the bottom of device 100 is
`connector 201 which may be used to transfer data to and from
`PC application 1002, shown in FIG. 15, via a direct cable
`connection or via base unit 200, shown in FIG. 3.
`0051 Optional base unit 200, contains connector 202
`which mates with connector 201 on the bottom of device 100
`to provide the aforementioned functions. Base unit 205 may
`also contain an NFC chip 205, or other wireless means of
`communication, which will allow base unit 200 to act as an
`contactless point-of-sale (POS) terminal for purchases made
`on-line. Also present on base 200 is PC interface 204, which
`allows device 100 to communicate with PC application 1002.
`The means for allowing device 100 to communicate with PC
`application 1002 may also be any one of a number of wireless
`transfer protocols well known in the art, such as Bluetooth or
`may be a wired connection, such as a serial line or a USB
`connection.
`0052 Connector 201 may be used to charge rechargeable
`battery 405 within device 100, either via a connection to base
`unit 200 or via a direct cable connection to a PC. AC adapter
`203 for base unit 200 may provide power for re-charging
`battery 405. Alternatively, battery 405 may be inductively
`charged via Voltages induced on the RF antenna of the device
`through interaction with an electromagnetic field.
`0053 FIGS. 3 through 5 show the physical configuration
`of the preferred embodiment of the invention. In this embodi
`ment, device 150 has the dimensions and thickness of a typi
`cal credit card. The face of device 150 is shown in FIG.3 and
`includes display area 152 for displaying the active account
`information, which can be selected using buttons 153 and
`154. Although two buttons are shown in the exemplar pre
`ferred embodiment, it is obvious that any number of buttons
`could be used for the user interface of the device.
`0054) Note that the display area 152 is not meant to be
`limited to the size and shape shown, but may be of any
`convenient size and shape. Preferably, display 152 is an LCD
`display, but may be of any type well known in the art, includ
`ing specifically electrophoretic displays capable of retaining
`an image after device 150 is powered down. The device may
`be capable of displaying color pictures as well as video, in
`anticipation of uses of device 150 for other than financial
`transactions. In the preferred embodiment, display 152 will
`be used primarily for the display of the currently active
`account and for prompts for the user. The account information
`
`displayed may include a graphic, preferably representing a
`logo or trademark of the account issuer, as well as any other
`information necessary to complete the transaction, such as
`CCV codes or dynamically generated PIN numbers.
`0055. The account information which is displayed on dis
`play 152 will be the “active' account. The information
`required for transactions using the active account will be
`programmed into programmable magnetic stripe 161, shown
`in FIG. 4, or transmitted via an RF capability, after the user
`has authenticated himself utilizing biometric sensor 151.
`Preferably, biometric sensor 151 is a fingerprint scanning
`device capable of scanning the fingerprints of one or more
`fingers of a typical user and matching them against stored
`templates, however, any other biometric sensor, now known
`or later develop, may be used. Additionally, a PIN number
`may be utilized.
`0056 Area 156 on the front of device 150 is a printable
`area which allows logos or other information to be printed on
`the card. Preferably, the card will not be embossed an