METHOD FOR INCREASING CASH MACHINE SAFETY

TECHNICAL FIELD

The present invention relates to cash or payment terminal safety and in particular to a method of increasing the safety of authentication codes.

BACKGROUND OF THE INVENTION

Cash machines (ATM) and payment terminals are a common device in the community today and are widely used for withdrawing cash from the bank or credit account for each user. The bank system rely on people using this as their preferred method of withdrawing cash rather than visiting the bank office and standing in waiting lines. Also, in shops (e.g. supermarkets) users today pay for goods using payment terminals and sometimes even withdraw cash using payment or credit cards during payment of goods purchased at the shop. Some shop chains have their own bank facilities where people can store their money for purchases or obtaining interest rate.

However, using these cash machines or shop withdrawal systems involve a risk where it is possible for bystanders to see for instance authorization codes entered during transactions. If someone sees the code and later steals the card it is possible for them to quite anonymously withdraw money from the rightful owners account. Different technical solutions have been presented to reduce this risk, for instance screening the number pad in such a way that it is less easy to see when the user enters the code. Unfortunately this is not a failsafe method.

SUMMARY OF THE INVENTION It is an object of the present invention to provide a method that makes it even more difficult for someone to obtain private authorization codes during such cash withdrawal situations. It is further an object to provide a simple and cost effective solution that at the same time is easy to implement from a cash machine vendor perspective and to start using from a user perspective. These objectives are provided in a number of aspects wherein a first aspect a method of securing an authentication code for use in a cash withdrawal situation is provided, comprising the steps of: reading authentication numbers or characters from a user interface; storing at least temporarily the read numbers or characters in a memory;

obtaining a signal from the user indicating that no more authentication numbers or characters will be entered; searching the at least temporarily stored authentication numbers or characters for a sequence of legitimate authentication codes, - wherein the step of reading comprises reading at least one more authentication number or character than is stored as the legitimate authentication code.

The step of searching may comprise taking a sequence of the last numbers or characters entered as the legitimate authentication code. The authentication numbers may comprise single digit Arabic numbers in the range from 0 to 9 and/or at least one of western, Chinese, Japanese, Cyrillic, or other readable characters.

The legitimate sequence may be found as a consecutive series of characters or numbers.

Another aspect of the present invention, a device for card payment processing or cash withdrawal is provided, comprising a card interface for reading a user card; a user interface for displaying information to the user; a key pad for entering code numbers or characters; - a processing device for handling user interface and receiving entered code numbers or characters and other control signals from the user using the key pad and user interface; a memory for at least temporarily storing entered numbers, characters and other control signals; - a communication link for communicating with a central database; wherein the device is arranged to receive more code numbers or characters than are needed to authenticate the user and wherein the device is further arranged to communicate to the central database all entered codes or only the needed authentication codes for authentication of the user during cash withdrawal or payment processing.

Yet another aspect of the present invention, a set of instructions arranged to be executed in a processing device for authenticating a user in a network application is provided, comprising:

an instruction set for reading from a user interface connected to the processing device a series of authentication characters and/or digits with more characters and/or digits than is stored as legitimate authentication code; and an instruction set for extracting a sequence of predefined length at a certain location in the entered series.

The set of instructions may further comprise an instruction set for comparing the extracted sequence with a stored legitimate authentication code.

Still another aspect of the present invention is provided, a central authentication service for use in securing a monetary transaction, comprising a processing device arranged to receive on a network link a sequence of authentication numbers entered by a user and wherein the sequence of authentication numbers contain at least one number more than a stored legitimate authentication code and further arranged to extract the legitimate sequence using a pre determined filter.

These and other aspects will become apparent from the following examples of the invention.

BRIEF DESCRIPTION OF THE DRAWINGS

In the following the invention will be described in a non-limiting way and in more detail with reference to exemplary embodiments illustrated in the enclosed drawings, in which:

Fig. 1 illustrates schematically a cash withdrawal situation which the present invention relates to;

Fig. 2 illustrates schematically a method according to the present invention;

Fig. 3 illustrates schematically an example of code numbers entered during the method according to the present invention;

Fig. 4 illustrates schematically a cash withdrawal device according to the present invention.

DETAILED DESCRIPTION OF PREFERRED EMBODIMENTS

In Fig. 1 reference numeral 1 generally indicate a cash withdrawal machine (e.g. an ATM). The user 2 approaches the machine with the intent of withdrawing money from his account using a debit or credit card which is entered into a card receiving slot 6. The credit or debit card provides information about the user identity (or at least the owner of the account). A display 4 operates as a user interface giving instructions to the user 2. The user enters numbers and/or characters in response using a key pad 5 and if the transaction is successful receives money from a money release slot 8. Independent on the transactions success the machine 1 may provide a receipt and/or cash statement exiting from a receipt slot 7. Often, a number of persons are standing in a waiting line behind the user. This is indicated by the person referenced as 3.

A person may be present in other situations for instance in the situation when the user withdraws or pays in a shop using a direct debit/credit terminal using his/hers debit/credit card. The cash machine is often in communicative contact with a central database 9 through some type of network 10 via different communication links 1 1. This type of communication link may be secured physically and/or logically depending on type of link. Such links may be for instance normal telephone lines or dedicated communication lines (e.g. dedicated telephone lines, broadband solutions, or wireless links). Such a terminal is not shown in Fig. 1. The terminal is often a less complex device with a smaller display but with a normal key pad in many cases. The shop employee operating the cashier may provide information on how the transaction proceed and give receipt and money back in the transaction for instance when the user withdraws money from his/hers account during a purchase in the shop.

Fig. 2 illustrates in a block diagram a method according to the present invention. The method comprises a number of steps (31-36): obtaining information relating to a user (e.g. information on/from a credit card, cash withdrawal card, petrol station card, or information relating to a user identity (for use for instance at an Internet terminal)); reading authentication numbers or characters, one by one or batch wise, from a user interface; The number of numbers or characters are at least one more than a stored legitimate authentication code; - storing at least temporarily the read numbers or characters in a memory;

obtaining a signal from the user indicating that no more authentication numbers or characters will be entered; - extracting a sequence of authentication code from the at least temporarily stored authentication numbers or characters; - authenticating the user using the sequence by comparing the extracted sequence with the stored legitimate authentication code.

The cash withdrawal machine is arranged to operate the above steps either on its own or together with a central database, for instance located at a bank or credit institute. The actual authentication step may for instance be performed at a remote location in a server. It should also be understood that other steps not disclosed may be present relating to the cash withdrawal or similar operation, for instance steps relating to the amount of money to be obtained through the withdrawal process or steps relating to getting a receipt or fund statement.

In one embodiment of the present invention the communication steps may be as follows: reading in the cash withdrawal machine (or terminal) authentication code numbers/characters; receiving the signal from the user that no more authentication numbers/characters are to be entered; extracting the relevant numbers/characters in the machine/terminal; transmitting the extracted relevant numbers/characters to the central database using the communication link 11 ; control in the central database the authenticity of the entered code; - receiving in the machine/terminal from the database the result of the control.

In another embodiment of the present invention the communication steps may be as follows: - reading in the cash withdrawal machine (or terminal) authentication code numbers/characters; receiving the signal from the user that no more authentication numbers/characters are to be entered;

- transmitting the read authentication code numbers/characters to the central database using the communication link 1 1 ;

extracting the relevant code from the read authentication code numbers/characters and control in the central database the authenticity of the entered code; receiving in the machine/terminal from the database the result of the control.

5 In Fig. 3A reference numeral 300 indicate a display (or display part) showing the numbers (or characters) entered during authentication of the user as a password or secret authentication code. The authentication often comprises entering a code in the form of a number of digits or characters which only the user knows and which are stored in some secure manner so that the cash machine 1 or the central database 9 may control the

10 authenticity of the user by comparing the entered code with previously stored and agreed on code. The invention involves entering more numbers than is needed for authenticating the user. In the example of Fig. 3 21 digits are entered but the first 17 digits 305 are surplus and fake and only the last four digits entered 301-304 are the ones stored as authentication digits. The number of fake code characters/digits entered is not limited to

15 17 but a smaller or larger amount of code characters/digits may be entered by the user and/or accepted by the authentication system; for instance the larger the amount the harder it is for the normal person to remember the correct sequence. In many cases it would be recommended to use at least 8 fake digits and then the correct 4 digits may be entered. Fig. 3B illustrate that the digits entered is not shown in clear text on the display in

20 real life but only as some non digit distinguishing character, in this case an asterisk (*); however, it should be understood that any other character or number may be used, but preferably not the correct one. Different machine types use different ways of displaying entered authentication codes and the invention is not limited to any special type; the field may be rolling, i.e. each code is pushed in some direction as a new code is entered, the

25 display may show only the last entered, or in some circumstances the display may be non-existent regarding the authentication codes.

Fig. 4 illustrates a cash withdrawal terminal or machine 800 for communicating with the user and communicating with a central database for authenticating the user. The cash

30 machine is arranged to receive a number of digits or characters as an authentication code and the machine 800 may receive more digits or characters than is necessary for authentication and stored for comparison. The machine 800 comprises a processing unit 801 , at least one memory 802 for storing at least temporarily entered control signals and authentication digits or characters. The machine may further comprise a communication

35 interface unit 803 and a communication interface 806 for communication with the central

database 9; the interface unit 803 is arranged to control the communication protocol. However, it should be understood that in some solutions the processing device 801 may be arranged to handle any communication protocol and software. The machine 800 may further comprise a display/keypad interface 805 and subsequent user interface control unit 804; again it should be understood that this user interface control unit may be incorporated in the processing unit 801. The processing device (or a separate hardware control unit (not shown) may control hardware parts of the cash machine for operating release of money and/or receipt printing. The machine is arranged to run software for operating the machine and interacting with the user and with any internal and/or external devices such as central database, money counting, money release, receipt printing and receipt release.

The software may be arranged to analyze the entered authentication code by itself or it may be arranged to communicate all entered digits/characters to the central database 9 for analysis. The user need only remember a small number of digits and/or characters (e.g. four digits and/or characters) but can during the entering into the machine during authentication procedures hide them together with non essential digits/characters. For instance the system may be arranged to only analyze the last four entered digits/characters. The machine may be arranged to store each entered digit/character and when the user indicated that no more digits/characters will be entered, for instance by pressing a specific button on the machine (e.g. an enter or # button), the machine will then know that it can start to analyze the entered digits/characters. However, other schemes may be provided, for instance analyzing only a number of the first digits/characters or one may combine the correct digits/characters with a false digit/character in between each correct.

With the solution according to the present invention the user need only remember a small number of code digits or characters but can during entering into the cash withdrawal system provide an arbitrary or pre determined number of false digits and/or characters. This will make it very difficult for a third person looking at the key pad during the authentication procedure to remember the correct digits/characters, thus reducing the risk of spreading the correct authentication code to bystanders and the risk for being robbed of the card and the account used by non authorized persons.

The present invention allows banks, credit institutes, or cash machine vendors to provide an increased security for the user of the cash machines/terminals using software and they can upgrade existing cash machines/terminals remotely This is a very cost effective solution which can benefit the users

The invention will find applicability in a number of different areas of interest making use of authentication codes, such as, but not limited to, cash withdrawal machines, payment systems (in shops), vehicle fuel stations (e g for card payment of fuel), and any type of card payment terminal

The invention may also find applicability for entering authentication codes on an Internet enabled terminal, e g a personal computer (PC) or any other computational device with connection to the Internet The use of public Internet enabled terminals is becoming widespread, for instance for people travelling or for people without a home PC and/or suitable Internet connection The user may then with a reduced risk use an online connection to a bank or any other service available on the Internet for which the user would like to secure as good as possible Public Internet terminals are often located in an environment with many people in close vicinity of each other (since the provider of the Internet terminals often wants to provide as many terminals as possible in a given area in order to earn as much money as possible)

It should be noted that the word "comprising" does not exclude the presence of other elements or steps than those listed and the words "a" or "an" preceding an element do not exclude the presence of a plurality of such elements The invention can at least in part be implemented in either software or hardware It should further be noted that any reference signs do not limit the scope of the claims, and that several "means", "devices", and "units" may be represented by the same item of hardware

The above mentioned and described embodiments are only given as examples and should not be limiting to the present invention Other solutions, uses, objectives, and functions within the scope of the invention as claimed in the below described patent claims should be apparent for the person skilled in the art