CROSS-REFERENCE TO RELATED APPLICATION

[0001] This application claims priority to U.S. Provisional Application No. 62/540,757, which was filed on August 3, 2017.

BACKGROUND

[0002] A person often needs to authenticate his or her identity to process a payment, gain access to a physical location, or prove membership, for example. For payments, a person may authenticate with a credit card or mobile device if he or she is not paying with cash. For access or membership, a person may authenticate with a driver's license, ID, key, keycard, fob, badge, etc. The individual must therefore carry cash, a credit card, a key card, or a mobile device to complete the transaction or gain access. Physical objects can become lost, stolen, forgotten, or malfunction. Further, physical objects can be an inconvenience to carry everywhere. It would be more convenient, faster, and more secure, to avoid the requirement to carry these physical items.

SUMMARY

[0003] An illustrative example authentication system includes a customer terminal to facilitate a desired transaction. The customer terminal includes an interface configured to receive an input personal identifier from a user. The customer terminal includes a fingerprint reader configured to obtain information regarding a fingerprint of the user. The customer terminal is configured to communicate with a remote server including a customer database. The customer terminal is also configured to provide confirmation to the user that the desired transaction is authorized based on the input personal identifier and the fingerprint information corresponding to pre-stored personal identifier and fingerprint information in the customer database.

[0004] In an example embodiment having one or more features of the authentication system of the previous paragraph, the customer terminal comprises a touch screen configured to receive input from the user and to provide information to the user and a card reader configured to obtain information stored on a card of the user. [0005] In an example embodiment having one or more features of the authentication system of any of the previous paragraphs, the customer terminal comprises a camera configured to obtain an image of the user and wherein the personal identifier comprises the image of the user.

[0006] In an example embodiment having one or more features of the authentication system of any of the previous paragraphs, the customer terminal comprises a personal device detector that is configured to detect the presence of a user' s personal device within close proximity to the customer terminal.

[0007] In an example embodiment having one or more features of the authentication system of any of the previous paragraphs, the customer database includes information corresponding to a user payment account, wherein the user payment account is a bank account or a credit card account.

[0008] In an example embodiment having one or more features of the authentication system of any of the previous paragraphs, the customer terminal is configured to automatically provide an indication that the user is authorized to enter a facility based on the fingerprint and personal identifier corresponding to the pre-stored personal identifier and fingerprint information in the customer database when the desired transaction includes a desire to enter the facility and entry is based on payment upon entry or a prepaid membership.

[0009] In an example embodiment having one or more features of the authentication system of any of the previous paragraphs, the customer terminal is configured to automatically provide an indication that a waiver is accepted from the user based on the fingerprint and personal identifier corresponding to the pre-stored personal identifier and fingerprint information in the customer database when the customer database indicates that the user has a completed waiver.

[0010] In an example embodiment having one or more features of the authentication system of any of the previous paragraphs, the customer terminal is configured to automatically provide an indication regarding a loyalty program participation by the user based on the fingerprint and personal identifier corresponding to the pre-stored personal identifier and fingerprint information in the customer database when the desired transaction has a relationship with participation in the loyalty program. [0011] An example embodiment having one or more features of the authentication system of any of the previous paragraphs includes the remote server and the server includes a merchant database that provides information to facilitate transferring funds from the user account to a merchant's account to complete the desired transaction.

[0012] In an example embodiment having one or more features of the authentication system of any of the previous paragraphs, the server includes a payment facilitation module configured to facilitate fund transfers or payments between the user account and the merchant account.

[0013] An example embodiment having one or more features of the authentication system of any of the previous paragraphs includes a merchant device configured to allow the merchant to create at least part of a transaction record by entering at least pricing or item information.

[0014] An illustrative example method of authenticating a customer attempting to complete a desired transaction includes receiving a fingerprint from a customer at a customer terminal; receiving a personal identifier from the customer at the customer terminal; comparing the received fingerprint and the received identifier with a stored fingerprint and stored identifier in a customer database; and based on the comparing, determining whether the customer is authenticated for completing the desired transaction.

[0015] An example embodiment having one or more features of the method of the previous paragraph includes receiving the stored fingerprint and stored identifier through the customer terminal.

[0016] An example embodiment having one or more features of the method of any of the previous paragraphs includes authorizing a payment of the customer.

[0017] An example embodiment having one or more features of the method of any of the previous paragraphs includes storing credit or debit card information of the customer in the customer database.

[0018] In an example embodiment having one or more features of the method of any of the previous paragraphs, the credit or debit card information is received through a card reader on the customer terminal. [0019] In an example embodiment having one or more features of the method of any of the previous paragraphs, the personal identifier comprises at least one of alphabetic and numerical characters.

BRIEF DESCRIPTION OF THE DRAWINGS

[0020] Figure 1 schematically illustrates selected portions of an example system designed according to an embodiment of this invention.

[0021] Figure 2 illustrates a flow chart of an example registration process using the system of Figure 1.

[0022] Figure 3 illustrates a flow chart of an example transaction process using the system of Figure 1.

DETAILED DESCRIPTION

[0023] Figure 1 schematically illustrates selected portions of an example system 20 that is useful for authenticating individuals based on a personal identifier and a fingerprint to allow such individuals to complete a desired transaction, such as purchasing goods. In this example, a customer terminal 22 includes an interface 24 configured to allow an individual (i.e., a customer or user) to input an identifier known to that individual. Only one customer terminal 22 is shown for discussion purposes but the system 20 may include many customer terminals 22 at various locations.

[0024] The interface 24 includes at least one portion or component configured to receive input from the individual user, such as a fingerprint and a personal identifier, and at least one portion or component configured to provide information to the individual user. In the illustrated example, the interface 24 includes a touch screen 25, a fingerprint reader 26, a camera 27, a magnetic stripe reader 28 and a chip reader 29. This multi-purpose interface allows the customer terminal 22 to be used in different ways if needed to facilitate a variety of transactions.

[0025] The touch screen 25 in this example includes display capabilities to provide information to customers or users such as prompts to use the interface 24 in a manner that is required to complete a registration process or to complete a transaction. The touch screen 25 also allows an individual to enter information such as entering a personal identifier, which may be alphanumeric, based on a selection of images on the touch screen 25 or a gesture traced on the touch screen 25.

[0026] The fingerprint reader 26 detects a fingerprint of the user. The fingerprint reader 26 in some embodiments obtains fingerprint information, such as a scan or image of the fingerprint, based on the user placing a finger over the fingerprint reader 26. In other embodiments the fingerprint reader 26 is integrated into the touch screen 25 and obtains the fingerprint information by recognizing the user' s fingerprint while the user' s finger contacts the touch screen 25 for purposes of entering the personal identifier.

[0027] The camera 27 is capable of obtaining an image of the user's face for facial recognition purposes. In some embodiments the user's face will be at least part of the personal identifier used in combination with a fingerprint of that user to authenticate the user when trying to complete a transaction.

[0028] The magnetic stripe reader 28 and the chip reader 29 are configured to obtain information from a magnetic strip and a chip, respectively, from a card such as a credit card, a debit card or a membership card. The readers 28 and 29 are useful for obtaining payment card information during an initial use of the system 20 by an individual or for completing a transaction purely based on use of a credit or debit card even if an individual is not a registered user who can be authenticated based on a fingerprint. In other words, in some use cases, the customer terminal 22 functions as a conventional card reader for purposes of allowing an individual to complete a transaction without taking advantage of the authentication capabilities of the system 20.

[0029] The example customer terminal 22 is configured to communicate with a system server 30 to facilitate user registration and authentication based on the input from the user. The customer terminal 22 communicates over a secure connection that may be wireless or line-based. All communications between the server 30 and the customer terminal 22 are encrypted to protect all information that is provided by the user including the user's fingerprint information. The server 30 receives information from the customer terminal 22 and provides information, such as a confirmation that a transaction has been approved.

[0030] The server 30 may include any number of server or computing devices located remotely from the customer terminal(s) 22. The server 30 in this example includes a customer database 32 that includes information regarding registered users, subscribers or customers. The customer database 32 in this example includes information such as personal identification information (e.g., name, address and phone number), at least one account or source of funding (e.g., bank account or credit card account), personal identifier(s), and a data regarding the fingerprint for each user. The customer database 32 provides information to the server 30 to authenticate an authorized or registered user when an individual utilizes the customer terminal 22 to enter a personal identifier and a fingerprint. The customer database 32 includes personal information regarding each user sufficient to uniquely identify each user and to associate the source of funds for transactions with each user.

[0031] The system server 30 in this example also includes a merchant database 34 that includes information identifying participating merchants and any customer terminals 22 used by each merchant, for example. The merchant database 34 in some embodiments includes information regarding a rewards or loyalty program offered or managed by a merchant. Some merchants will have information in the database 34 corresponding to waivers or memberships associated with using or gaining access to facilities of that merchant.

[0032] In some examples, such as point of sale examples, the merchant database 34 provides information needed to transfer funds from a subscriber's account to the merchant's account as a result of a sale. The example server 30 includes a payment facilitation module 36 that is configured to facilitate fund transfers or payments between customer and merchant accounts using known fund transferring technologies and techniques. All communications involved in making such transfers are encrypted and occur over a secure connection whether wireless or line-based.

[0033] A merchant administration module 37 allows a participating merchant to obtain appropriate information from the databases of the server 30. For example, the merchant administration module 37 allows a merchant to see transaction information pertaining to transactions at that merchant's customer terminal 22. The merchant administration module 37 also allows a merchant to control aspects of a loyalty program offered by that merchant, such as seeing loyalty points earned by different customers or communicating loyalty program information to customers through the system 20.

[0034] The customer terminal 22 includes a processor 40 that is configured or programmed to process information received from a user or from the server 30. The processor 40 includes at least one computing device, such as a microprocessor. [0035] The server 30 is also capable of communicating with a user's personal device 42, such as a personal computer or a mobile station with computing and wireless communication abilities. In some examples, the mobile station is a mobile phone. The user in some examples accesses a website associated with the system 20 or accesses an application through the device 40 to obtain information from the server 30 or to supplement information regarding that user in the customer database 32. For example, a user may use the personal device 40 to manage various aspects of their account, such as view past transactions, view nearby locations where they can earn rewards, view rewards progress and redemption history at individual locations, change default payment method, change personal identifier, etc.

[0036] The customer terminal 22 includes a personal device detector 44 that is configured to recognize the presence of or communicate with the personal device 42 when that device is within a sufficiently close proximity to the customer terminal 22. For example, the personal device 42 may be a mobile phone that the user also uses to make payments through a payment application connected with a source of funds. The personal device detector 44 is configured to recognize such devices and to accept a payment through such a device. The personal device detector 44 may also be useful to recognize the presence of a device as part of an authentication process.

[0037] The illustrated example includes a merchant device 50 that allows the merchant to create at least part of the transaction record by entering pricing or item information that is then used to establish the total due which is authorized by the user or customer through the customer terminal 22. In some embodiments, such features or functions of the merchant device 50 and the customer terminal 22 are integrated into a single device.

[0038] The merchant may also use the merchant device 50 to access the merchant's information in the merchant database 34 or to utilize the features available through the merchant administrative module 37.

[0039] The customer terminal 22 uses two factor authentication to allow a user to complete a transaction without requiring the user to have any external items. Once a registered user of the system 20, the user simply provides a personal identifier and a fingerprint at any customer terminal 22 to complete a desired transaction.

[0040] The two factor authentication capabilities of the customer terminal 22, including the personal identifier information and the fingerprint, allows a user to have security over desired transactions without the inconvenience of having to carry an object or cash to make purchases. In some embodiments the customer terminal capabilities are used to gain admittance to a paid membership club or another facility requiring authorization for entry or to associate a transaction with a loyalty program without the user needing any extraneous objects, such as a card or passkey. Simply having knowledge of the personal identifier and the ability to touch a fingerprint reader is all that the user needs.

[0041] Figure 2 is a flow chart diagram summarizing an example registration process 60 using the system 20. The registration process may occur, for example, prior to an individual completing a transaction with the merchant. At 62, the customer terminal 22 presents the user with terms and conditions controlling use of the system 20. If the terms and conditions are accepted by the user at 64, through an accept feature on the touch screen 25, for example, the user is prompted at 66 to insert a chip-enabled card into the chip reader 29 or to swipe a magnetic stripe of a card through the magnetic stripe reader 28.

[0042] If the processor 40 determines at 64 that the user has not indicated acceptance of the terms and conditions presented at 62, then the registration process 60 ends at 68.

[0043] Assuming the user accepted the terms and conditions for use of the system 20, the processor 40 determines whether an appropriate card has been inserted or swiped at 70. If not, the touch screen 25 may repeatedly prompt the user to enter a valid card for a time (as schematically shown by the broken lines in Figure 2) before the processor 40 eventually determines to terminate the registration process at 68. If, on the other hand, a valid card is entered the server stores the payment card information in the customer database 32. In the illustrated embodiment, the payment card information is tokenized to further protect the user' s information.

[0044] The illustrated registration process continues at 72 where the processor 40 controls the touch screen 25 to prompt the user to scan a fingerprint using the fingerprint reader 26. In some embodiments the user has to scan the same fingerprint more than once to allow the system 20 to verify that the scan is accurate. If an accurate fingerprint scan is not achieved or the user fails to scan the fingerprint the required number of times, the touch screen 25 may repeatedly prompt the user for a time before the processor 40 determines to cancel the registration at 68. [0045] Once a fingerprint has been obtained it is converted into a template and stored securely in the customer database 32. The process 60 continues at 76 prompting the user to enter a phone number. The phone number can serve as customer identity information in the customer database 32 and provide an avenue for contacting the user with offers available through participating merchants or to alert the user of an issue concerning the account.

[0046] After the user provides the required phone number as confirmed at 78, the touch screen 25 prompts the user at 80 to provide a personal identifier that will be associated with the user's fingerprint information in the customer database 32 for purposes of authenticating the user for future transactions through the system 20. The two factor authentication including the fingerprint of the user and the personal identifier provides security over transactions while providing the user the convenience of completing a transaction without requiring the user to carry any particular item or device.

[0047] The personal identifier may take various forms depending on the particular embodiment. In some example embodiments, the user's identifier is a personal identification number, password or alphanumeric combination. Some embodiments include other forms of a personal identifier, such as a gesture made by the user (e.g., on the touch screen 25), a selection of one or more images presented on the touch screen 25, biometric information (e.g., facial recognition through an image obtained by the camera 27, or a personal device identifier obtained through a beacon or geo-fencing function of the device detector 44.

[0048] After the processor 40 determines at 82 that an appropriate personal identifier is established, which may require multiple entries to confirm accuracy, the registration is completed at 84. If the user fails to provide an appropriate personal identifier within a predetermined time limit, the processor determines at 82 that the registration process should be terminated.

[0049] If the registration process is terminated at 68 at any stage of the example process, any information entered or provided by the potential user during the process 60 will be deleted and no record will be kept in the customer database 32.

[0050] Once the user is registered the system 20 completes the transaction, such as a purchase of goods by the user. Additionally, now that the user is registered, the user need not bring anything to any customer terminal 22 to make a purchase at any participating merchant. Instead, the user simply enters the personal identifier and provides a fingerprint to authorize a purchase. No cash, card or mobile device is required to make a purchase. The user' s payment experience is simplified and more convenient using the system 20.

[0051] While the example registration process summarized in Figure 2 is completed at the customer terminal 22, other implementations include some use of the customer's personal device 40 for some or all of the registration process.

[0052] Figure 3 is a flow chart diagram summarizing an example transaction process 90. The user approaches the customer terminal 22 and enters the personal identifier and fingerprint at 92. At 94 the server 30 determines whether the received personal identifier and fingerprint match a record within the customer database 32. If a there is a match, the transaction is completed at 96 including authorizing payment to the merchant from the account associated with the customer's record in the customer database 32 (e.g., charging the account of the customer's credit card that was used during registration). The touch screen 25 will provide an indication of the successful transaction to notify the user and merchant that payment has been made. A purchase becomes that simple and automatic with the system 20.

[0053] If the fingerprint and personal identifier do not match a record in the customer database 32, the transaction will be declined at 98. An appropriate indication of the result is provided on the touch screen 25 to notify the merchant and user that there is a problem with the user' s attempt to use the system 20.

[0054] The customer terminal 22 and the system 20 not only simplify a purchase but allow for automatically associating multiple aspects of a transaction and automatically completing them while providing the user (and the merchant) the same level of convenience.

[0055] In some instances the desired transaction includes a desire to enter a building or facility based on a prepaid membership or payment upon entry. The example of Figure 3 includes automatically authorizing such access at 100. The user's fingerprint and personal identifier take the place of a membership card or passkey.

[0056] The system 20 also allows for automatically accepting a waiver by the user at 102 when the user has previously submitted a waiver and an appropriate entry has been made in the customer database 32. For example, a merchant that requires a waiver for use of an activity center can accept a waiver once from an individual and then associate that with the user in the customer database 32 so that upon future visits that user does not need to complete another waiver but, instead, can automatically have a waiver associated with each visit based on entry of a valid fingerprint and personal identifier.

[0057] Another feature of the example of Figure 3 is that a customer's participation in a loyalty program offered by the merchant can be automatically kept up to date at 104 through use of the customer terminal 22. The user no longer needs to carry a separate loyalty program card or enter a separate loyalty program identifier to obtain the full benefit of the loyalty program offered by the merchant. Once the user is authenticated based on a fingerprint scan by the fingerprint reader 26 and the personal identifier entered through the interface 24, that user's loyalty program account will be updated based on the current transaction.

[0058] Not all of the automated features shown at 96, 100, 102 and 104 need be used for any particular transaction. Some transactions will not include payment at 96, for example, while others will not include any loyalty program update at 104.

[0059] Although not specifically illustrated in Figures 2 or 3, another feature of the system 20 includes the customer terminal 22 presenting a marketing or loyalty offer displayed on the touch screen 25 for the customer to accept or deny before completing the transaction.

[0060] Once registered, a user may provide additional information to be included in the customer database 32 such as other debit and credit cards that the customer may desire to use at some point in the future. The customer can then select one of the cards as the "default" card, which will be the one normally used for completing a desired transaction at a customer terminal 22. The user can enter other personal information, such as email, home address, birthday, etc.

[0061] Users can use the system 20 to track and analyze spend across debit and credit cards. Customers can view marketing offers from merchants and take action if wanted (e.g., accept or decline the offer). Customers can view points from loyalty programs with merchants and rewards that may be available. Within a "map view" that may be accessible on the personal device 42, a customer can see the locations where authorized payments are accepted within a given city or area, as plotted on an interactive map. The map view allows users of the system 20 to find participating merchants, which can be important when the individual does not have any cash or a credit card at the time the individual desires to make a purchase.

[0062] In some embodiments, the system 20 facilitates automated clearing house payments allowing users to link bank accounts with a fingerprint and personal identifier so that payment to the merchant comes from a bank account of the user rather than through a credit or debit card. This feature allows merchants to save on card transaction fees that are typically associated with credit card transactions.

[0063] In a stand-alone point of sale example, the system 20 can offer merchants a point of sale (POS) service, which is a stand-alone POS that does not require another POS system. The POS service is typically a self-serve POS (i.e., the customer completes the transaction without the presence of a merchant employee). The self-serve POS service may be deployed at merchants where there is a store or market with a predetermined selection of goods. Customer terminal interface 24 displays a menu or list of items that can be purchased at the store. Customers simply select which items they want to buy, and they can pay with only a fingerprint and personal identifier. The self-serve POS service can create a business opportunity for merchants where the goods require no preparation (e.g., non-perishable goods or pre-made food in a refrigerator) and the rate of transactions is too low to justify employing a person to work at the store. Merchants can set up a store with a self-serve POS terminal and earn revenue through sales of food, beverages, or other goods.

[0064] POS software can also be used for inventory management. When customers buy items with the POS software, the software tracks the quantity of each item purchased. This information allows the merchant to determine when to restock items and the profitability of each item. The merchant can edit the items on the POS.

[0065] The authentication system 20 can offer merchants a membership management service integrated in the customer terminal 22 and deployed at merchants where customers need to verify their identity to gain access to membership-based places of business. For example, a season pass holder at a zoo may gain access to the zoo facility through a customer terminal 22 by entering the personal identifier and placing a finger on the fingerprint reader 26. This eliminates any need to carry a membership card or other physical object to verify an individual's identity and membership. [0066] In some examples, membership management may be combined with a payment component so that customers can gain access to the merchant location and pay for goods, all with the system 20. In one example, first-time customers scan a fingerprint and enter a personal identifier and phone number, which get stored in the customer database 32 as described above. When customers return to the merchant location, simply providing a fingerprint and entering the same personal identifier is enough to authenticate the customer's identity, thus giving the customer access to the facility.

[0067] The authentication system 20 allows merchants to manage waivers that may be required for use of certain facilities or equipment at the merchant's place of business. For example, the customer database 32 includes information regarding customers that have agreed to a waiver or disclaimer on the customer terminal 22 when they subscribed to membership at the merchant location. When such a user is authenticated through the system 20, no other proof of a waiver for repeat visits is needed. In an example embodiment, the customer reads the waiver, signs the waiver and associates a fingerprint with the waiver all on the customer terminal 22.

[0068] One or more of the example applications for authentication system 20 may be combined. For example, a payment and loyalty program may be combined, such as at a fast-casual restaurant where customers pay at a register.

[0069] In another example, POS software, payments and loyalty program are combined, such as at a shared workspace where there is a self-serve food market. Customers make purchases at a low frequency, so the shared workspace manager cannot justify hiring an employee to work at a register. This service model allows the shared workspace to make customers happy by offering them food and beverages while the merchant need not hire additional workers to complete transactions.

[0070] In another example, waiver management, payments, and loyalty program may be combined, such as at a trampoline park facility. When a customer arrives at the facility for the first time they sign a waiver on the customer terminal (e.g., with their finger) and associate the waiver to their fingerprint and a payment card; they also pay for entry to the facility during this time. While in the facility, the customer can buy items like food, equipment, or toys using the biometric payment service and earn rewards via the loyalty program. When the customer makes a subsequent visit, they authenticate with their fingerprint and personal identifier to regain access to the facility, and the system verifies whether they have a signed waiver on file; on all spend, they are eligible to earn rewards.

[0071] In another example, member management, payments, and loyalty program may be combined, such as at a yoga studio. Customers link their identity to their member account using their fingerprint and identifier. With their member account, the customer can gain access, make payments, manage subscriptions (e.g., personal training classes), and earn rewards via the loyalty program.

[0072] In another example, payments, loyalty program, POS software, waiver management, and member management may be combined, such as at an amusement park. Customers link their identity to their member accounts and their signed waivers. Using all the service components of system 20, customers can gain access to the amusement park, make payments, earn rewards via the loyalty program, sign a waiver, and operate a self-serve POS.

[0073] Once sufficient data has been collected on the system server 30, data analytics can be performed to create insights for merchants via a marketing and analytics platform delivered back to the merchant through the merchant administrative module 37. These insights may indicate actual customer behaviors and spending patterns. The marketing platform may uncover ways in which the merchant can improve its business and ultimately grow its profits. The marketing platform also offers merchants the ability to send promotions or marketing offers to their customers. A merchant may send a promotional offer to high volume customers to help retain them as loyal customers. The marketing platform may provide demographic information, such as the geographic location of customers, to enable more efficient and targeted marketing. Marketing communications may be sent by SMS text message or by email. The customer enters their phone number during the account registration process, and they can provide their email address using the mobile app or website. For example, the marketing platform may allow a merchant to send an SMS text message saying, "we haven't seen you in a while - come in to receive a free beverage with your order." The marketing platform goes beyond a vehicle for merchant-to-customer communications. It also can facilitate merchant-to-merchant communication whereby merchants may choose to engage in marketing campaigns to share customers with each other. Further, the marketing platform may create a forum for customers to communicate with each other, such as sharing information about promotions running at certain merchant locations.