A Method of and a System for Authentication

The invention relates to a method of and a system for authentication, and especially (but not solely) for authentication of a transaction, such as a bank card or credit card transaction.

Conventionally, authentication of a transaction, such as a bank card or credit card normally requires the card to be inserted into a card reader and a personal identification number (PIN) to be entered via a keypad by the user. The PIN entered by the user is then verified as the PIN corresponding to the card by either a central computer or by a semiconductor chip inside the card.

However, one of the problems with this conventional system is that the data that is compared (that is the PIN) is always the same, and this can result in an unauthorised transaction if a third party manages to obtain the PIN by an unauthorised means, such as by skimming the card. Unauthorised transactions can also occur when bank or credit cards are used to perform a transaction using a telephone or the Internet.

In accordance with a first aspect of the present invention, there is provided a method of authentication, the method comprising providing a first data set stored on a user authentication device and a second data set stored on a central database, selecting a portion of the first data set and reading the portion of the first data set from the user authentication device, comparing the portion of the first data set with the second data set, and authenticating the

user authentication device if the selected portion of the first data set matches a portion of the second data set.

In accordance with a second aspect of the present invention, there is provided a system for authentication, the system comprising a number of user authentication devices, a central processor and a number of user authentication device readers coupled to the central processor, each user authentication device having a first data set stored thereon and the central processor having a number of second data sets stored thereon, wherein each first data set stored on a user authentication device corresponds to a second data set stored on the central computer, and when a user authentication device is read by an authentication device reader, a portion of the first data set is selected and compared with a second data set, and the computer authenticating the user authentication device if the portion of the first data set matches a portion of the second data set corresponding to the read user authentication device.

Preferably, the method further comprises tagging the matched portion of the second data set. Typically, the user authentication device is only authenticated if the selected portion of the first data set matches a non-tagged portion of the second data set.

Typically, the first and second data sets are a digitised image, and preferably, a watermarked digitised image. In one example of the invention, the digitised

image may be an image of a user associated with the user authentication device. In other preferred embodiments, the digitized image may be, for example, a digitised photograph of any subject matter or a digitized image of any subject matter such as a printed page of text.

Preferably, the portion of the first data set is selected pseudo randomly.

In one example of the invention, the selected portion of the first data set may be transferred from the user authentication device to a transaction device and the device reader reads the selected portion of the first data set from the transaction device and transmits the read selected portion of the first data set to the central computer for comparison with the second data set.

Typically, the method of and system for authentication may be for authentication of a transaction. However, it is possible that the method of and system of authentication may be used to authenticate a user and this could be used for any security identification purposes, for example, for access to a secure area, for passport identification or cheque validation.

An example of a method of and a system for authentication will now be described with reference to the accompanying drawings in which:

Figure 1 is a schematic view of a portion of a system for authenticating a

transaction; and

Figure 2 is a perspective view of an electronic wallet for use with the system

shown in Figure 1 with a transaction card inserted into the electronic wallet.

Figure 1 shows an authentication system I which includes a retailer card reader 1 , an automatic teller machine (ATM) 2, transaction card 3, a users mobile phone 4 and a user's electronic wallet 5.

Figure 2 shows the electronic wallet 5 in more detail. As can be seen from Figure 2, it is in the form of a calculator type device with an alphanumeric keypad 11 , an LCD screen 12 and a solar panel 13. The solar panel 13 is used to provide power to the wallet 5 and the wallet 5 can partially powered by the solar panel 13 or wholly powered by the solar panel 13. If the wallet is only partially powered by the solar panel 13, the remaining power could be supplied by batteries of by a mains electricity supply, typically through an adapter.

For communication with other devices, the wallet 5 is provided with an infrared port 14 and in addition, or alternatively, may include other wireless communication devices, such as Bluetooth. The wallet also includes a card port 15 to permit a transaction card 3 or other data card to be inserted into the wallet 5 and to communicate with the wallet 5. The wallet also includes a processor and memory device (not shown).

In use, a data set is stored in the user's mobile phone 4 or electronic wallet 5. An identical data set is stored with a transaction authentication organisation that operates a central computer 6. Typically, the data set is a watermarked

digitised photograph. The photograph may be supplied by a user to a bank or credit card authority with an application for an account or an application to have a wallet 5. The photograph is then digitised and one copy of the digitised photograph forms the data set stored in the central computer 6 and an other copy of the digitised photograph forms the data set stored in the electronic wallet before it is issued to a user.

Alternatively, the user may already have an electronic wallet 5 or obtain an electronic wallet independently from the bank or credit card authority. In this case the account details and data set may be sent to a user loaded onto a smart card, magnetic strip card or any other suitable data card. The smart card, magnetic strip card or other suitable data card can be inserted into the port 15 to transfer the account details and data set to the electronic wallet 15. Transfer of the data from the card to the wallet 5 may require a PIN, which would typically, be sent to a user separately from the card.

By providing account details and the data set on a card so that they can be transferred to the wallet 5 enables more than one account to be stored on the electronic wallet 5.

The central computer 6 is coupled, typically by land lines 7, to a number of ATMs 2 (only one shown).

In addition, the central computer 6 is also coupled, typically by land lines 7, to a network of retailers' transaction equipment 1 (only one shown) via a card

issuer's computer server 8 and a transaction server 9 that obtains authentication for the transaction for the transaction equipment 1. In certain instances, it is possible that the transaction server and card issuer's server may be the same server.

When a user wishes to perform a transaction, such as withdrawing cash from the ATM 2 or buying goods at a retailer, the user first accesses the mobile phone 4 or wallet 5. Typically, the access would be controlled by a PIN known only to the user. After selecting the relevant account (if there is more than one account stored in the phone 4 or wallet 5) the user may then download a portion of the data from the data set on his mobile phone 4 or electronic wallet 5 to a transaction card 3. Therefore, the transaction card 3 only stores the selected portion of the data set. Typically, the selected portion of the data set is selected pseudo-randomly by the electronic wallet 5 or mobile phone 4 in response to a request entered by the user.

After the selected portion of the data set is transferred to the transaction card 3, the transaction card 3 can be used to perform a transaction by being inserted and read by the ATM 2 or the retailer's transaction equipment 1. When the transaction card 3 is read, the selected portion of the data set on the transaction card 3 is transmitted by the ATM 2 or the transaction equipment I via the land line 7 to the central computer 6. Alternatively, a portion of the data set may be manually transferred 10 to the retailer's transaction equipment 1 or the ATM 2. The central computer 6 then compares

the selected portion of the data set with the corresponding data set for that user on the central computer 6 and if the selected portion of the data set from the user matches a portion of the data set stored on the computer 6 the computer 6 authenticates the transaction and sends an appropriate message back to the ATM 2 or the retailer's transaction equipment 1 to enable the transaction to proceed.

In addition, the portion of the data set stored on the computer that matched with the data set sent from the transaction card 3, is tagged by the computer to show that it has been used to authenticate a transaction.

If subsequently, the transaction card 3 is used to perform a second transaction, the central computer 6 will detect that the portion of the user's data set transmitted to it has already been used to perform a transaction, by virtue of the tagging of the corresponding portion of the data set on the central computer 6, and the central computer 6 will reject the second transaction request.

If the user wishes to perform a further transaction, it is necessary for the transaction card 3 to be wiped or another transaction card 3 to be used to receive a second selected portion of the user's data set from the mobile phone 4 or the wallet 5. Alternatively, the second data set may be transmitted manually. This second selected data set can then be used to

perform a second transaction, provided that it has not already been used to authenticate a previous transaction.

In a preferred embodiment, the electronic wallet 5 may be used to wipe the data on the transaction card 3. Also, in a further preferred embodiment, the user may select the number of transactions permitted using the transaction card 3 over a predetermined time period, such as one day. This may be achieved by inserting the transaction card 3 into the port 15 and activating the wallet 5 to wipe the previously stored transaction data on the card 3. A PIN may then be entered by the user using the alphanumeric keypad 11 on the electronic wallet 5, to initiate the transfer of new data to the card 3 through the wallet 5. A request for the user to enter the number of desired transactions to be permitted either before the card needs to be reactivated and/or over the selected time period may be displayed on the LCD screen 12. Once the user enters the desired number of transactions, a code for the time period may then be requested by the wallet 5 through a message displayed on the LCD screen 12. The user may then enter a selected code for use over the predetermined time period using the keypad 11. The code may be, for example, a number of letters, numerals or a mixture of both and may be used in the predetermined time period when authentication of/for the card is required, for example in transactions. The wallet 5 is then ready for use as described above.

Hence, the invention minimises the risk of data being skimmed from a

transaction card and being used to perform transactions not authorised by the user, as the information sent to the central computer 6 to authenticate a transaction is only used once.

The invention also helps to protect retailers and card issuers from liability arising from unauthorised use.