VANKER ZUNAID EBRAHIM (ZA)
PATHER PATHMANATITAN GOPAL (ZA)
VANKER ZUNAID EBRAHIM (ZA)
| WO2001067402A2 | 2001-09-13 |
| EP1321907A2 | 2003-06-25 | |||
| US5969318A | 1999-10-19 |
| 1. | A method of securely distributing a financial instrument and an associated personal identification number (PIN), the method comprising: receiving, via a communications network, application data including personal information about an applicant for a financial instrument; receiving, via the same or a different communications network, personal identification number (PIN) data including a PIN which is to be used as the PIN for the financial instrument; storing in a database the application data and the associated PIN data; and transferring at least the application data to a financial instrument producer, which data is to be used to produce a financial instrument with which the PIN will be associated. |
| 2. | A method according to claim 1 wherein the financial instrument is a debit or a credit card. |
| 3. | A method according to claim 1 wherein the PIN data is also transferred to the financial instrument producer. |
| 4. | A method according to claim 1 wherein the application data and PIN data are received via a secure communications network. |
| 5. | A method according to claim 4 wherein the application data and PIN data are received via the secure communications network which is secure socket layer (SSL) secured. |
| 6. | A method of issuing a personal identification number (PIN) to a financial instrument holder, the method comprising: receiving, via a communications network, personal data and financial instrument data identifying a financial instrument and a holder of the financial instrument; verifying the validity of the financial instrument and that the entered holder of the financial instrument is the correct holder of the financial instrument; receiving, via the same or a different communications network, personal identification number (PIN) data including a PIN which is to be used as the PIN for the financial instrument; storing in a database the PIN data; and associating the PIN data with the financial instrument so that use of the financial instrument can be verified later with the PIN. |
| 7. | A method according to claim 6 wherein the financial instrument is a debit or a credit card. |
| 8. | A method according to claim 6 wherein the personal data, financial instrument data and PlN data are received via a secure communications network. |
| 9. | A method according to claim 8 wherein the personal data, financial instrument data and PIN data are received via the secure communications network which is secure socket layer (SSL) secured. |
| 10. | A method according to any one of claims 6 to 8 wherein the financial instrument data is a card verification check (CVC2) value. |
| 11. | A method of issuing a personal identification number (PIN) to a financial instrument holder, the method comprising: receiving, via a communications network, personal data and financial instrument data identifying a financial instrument and a holder of the financial instrument; verifying the validity of the financial instrument and that the entered holder of the financial instrument is the correct holder of the financial instrument; transmitting, via the same or a different communications network, personal identification number (PIN) data including a PIN which is to be used as the PIN for the financial instrument; storing in a database the PlN data; and associating the PIN data with the financial instrument so that use of the financial instrument can be verified later with the PIN. |
| 12. | A method according to claim 11 wherein the financial instrument is a debit or a credit card. |
| 13. | A method according to claim 11 wherein the personal data, financial instrument data and PlN data are received via a secure communications network. |
| 14. | A method according to claim 13 wherein the personal data, financial instrument data and PIN data are received via the secure communications network which is secure socket layer (SSL) secured. |
| 15. | A method according to any one of claims 11 to 14 wherein the financial instrument data is a card verification check (CVC2) value. |
| 16. | An electronic system for securely distributing a financial instrument and an associated personal identification number (PIN), the system including: a memory for storing: application data including personal information about an applicant for a financial instrument; and personal identification number (PIN) data including a PIN which is to be used as the PIN for a financial instrument; and a processor disposed in communication with the memory, the processor being adapted to: receive application data and PIN data and store it in the memory; and transfer at least the application data to a financial instrument producer, which data is to be used to produce a financial instrument with which the PlN will be associated. |
| 17. | An electronic system for issuing a personal identification number (PIN) to a financial instrument holder, the system including: a memory for storing: personal data including personal information about an applicant for a financial instrument; financial instrument data identifying a financial instrument; and personal identification number (PIN) data including a PIN which is to be used as the PIN for the financial instrument; and a processor disposed in communication with the memory, the processor being adapted to: receive, via a communications network, personal data and financial instrument data; verify the validity of the financial instrument and that the entered holder of the financial instrument is the correct holder of the financial instrument; receive, via the same or a different communications network, personal identification number (PIN) data; store in the memory the PIN data; and associate the PIN data with the financial instrument so that use of the financial instrument can be verified later with the PIN. |
| 18. | An electronic system for issuing a personal identification number (PIN) to a financial instrument holder, the system including: a memory for storing: personal data including personal information about an applicant for a financial instrument; financial instrument data identifying a financial instrument; and personal identification number (PIN) data including a PIN which is to be used as the PIN for the financial instrument; and a processor disposed in communication with the memory, the processor being adapted to: receive, via a communications network, personal data and financial instrument data; verify the validity of the financial instrument and that the entered holder of the financial instrument is the correct holder of the financial instrument; transmit, via the same or a different communications network, personal identification number (PIN) data; store in the memory the PIN data; and associate the PIN data with the financial instrument so that use of the financial instrument can be verified later with the PIN. |
PERSONAL IDENTIFICATION NUMBER AND ASSOCIATING THE
NUMBER WITH A FINANCIAL INSTRUMENT
BACKGROUND OF THE INVENTION
This invention relates to a method of securely distributing a financial instrument and an associated personal identification number.
The present invention attempts to improve the delivery of a financial instrument, typically a credit or debit card, to a customer of a financial institution.
The cards referred to are magnetic stripe cards or smart cards for conventional use at automatic teller machines (ATM) or point of sale devices. These cards have a personal identification number (PIN) associated with them which is used to authenticate the card at an ATM or point of sale.
Presently, these kinds of cards are delivered to the customer together with a PIN mailer which is an A5 tamper resistant paper on which the PIN is securely printed.
A typical requirement is that the customer needs to go into a branch of the financial institution to obtain the PIN and card. This is obviously time consuming for the customer and not very customer-friendly.
However, the overriding security concerns of having a card delivered to the customer has made financial institutions reluctant to change the system.
The present invention seeks to implement an improved method.
SUMMARY OF THE INVENTION
According to the present invention there is provided a method of securely distributing a financial instrument and an associated personal identification number (PIN), the method comprising:
receiving, via a communications network, application data including personal information about an applicant for a financial instrument;
receiving, via the same or a different communications network, personal identification number (PIN) data including a PlN which is to be used as the PIN for the financial instrument;
storing in a database the application data and the associated PIN data; and
transferring at least the application data to a financial instrument producer, which data is to be used to produce a financial instrument with which the PIN will be associated.
Preferably, the financial instrument is a debit or a credit card.
The PIN data may also be transferred to the financial instrument producer.
The application data and PIN data are preferably received via a secure communications network such as a secure socket layer (SSL) secured.
According to a second embodiment of the present invention there is provided a method of issuing a personal identification number (PIN) to a financial instrument holder, the method comprising:
receiving, via a communications network, personal data and financial instrument data identifying a financial instrument and a holder of the financial instrument;
verifying the validity of the financial instrument and that the entered holder of the financial instrument is the correct holder of the financial instrument;
receiving, via the same or a different communications network, personal identification number (PIN) data including a PIN which is to be used as the PIN for the financial instrument;
storing in a database the PIN data; and
associating the PIN data with the financial instrument so that use of the financial instrument can be verified later with the PIN.
According to a third embodiment of the present invention there is provided a method of issuing a personal identification number (PIN) to a financial instrument holder, the method comprising:
receiving, via a communications network, personal data and financial instrument data identifying a financial instrument and a holder of the financial instrument;
verifying the validity of the financial instrument and that the entered holder of the financial instrument is the correct holder of the financial instrument;
transmitting, via the same or a different communications network, personal identification number (PIN) data including a PIN which is to be used as the PIN for the financial instrument;
storing in a database the PIN data; and
- A -
associating the PIN data with the financial instrument so that use of the financial instrument can be verified later with the PIN.
The present invention extends to an electronic system for securely distributing a financial instrument and an associated personal identification number (PIN), the system including:
a memory for storing: application data including personal information about an applicant for a financial instrument; and personal identification number (PIN) data including a PIN which is to be used as the PIN for a financial instrument; and
a processor disposed in communication with the memory, the processor being adapted to: receive application data and PIN data and store it in the memory; and transfer at least the application data to a financial instrument producer, which data is to be used to produce a financial instrument with which the PIN will be associated.
The present invention further extends to an electronic system for issuing a personal identification number (PIN) to a financial instrument holder, the system including:
a memory for storing: personal data including personal information about an applicant for a financial instrument; financial instrument data identifying a financial instrument; and personal identification number (PIN) data including a PIN which is to be used as the PIN for the financial instrument; and
a processor disposed in communication with the memory, the processor being adapted to: receive, via a communications network, personal data and financial instrument data; verify the validity of the financial instrument and that the entered holder of the financial instrument is the correct holder of the financial instrument; receive, via the same or a different communications network, personal identification number (PIN) data; store in the memory the PIN data; and associate the PIN data with the financial instrument so that use of the financial instrument can be verified later with the PIN.
The present invention further extends to an electronic system for issuing a personal identification number (PIN) to a financial instrument holder, the system including:
a memory for storing: personal data including personal information about an applicant for a financial instrument; financial instrument data identifying a financial instrument; and personal identification number (PIN) data including a PIN which is to be used as the PIN for the financial instrument; and
a processor disposed in communication with the memory, the processor being adapted to: receive, via a communications network, personal data and financial instrument data; verify the validity of the financial instrument and that the entered holder of the financial instrument is the correct holder of the financial instrument;
transmit, via the same or a different communications network, personal identification number (PIN) data; store in the memory the PIN data; and associate the PIN data with the financial instrument so that use of the financial instrument can be verified later with the PIN.
BRIEF DESCRIPTION OF THE DRAWINGS
Figure 1 is a schematic system diagram of the system in which the present invention will operate;
Figure 2 is a flow chart illustration a method according to the present invention; and
Figure 3 is a flow chart illustration a method of a second embodiment according to the present invention.
DESCRIPTION OF EMBODIMENTS
The present invention allows a customer of a financial institution to apply for a financial instrument such as a credit or debit card and to select their PIN or to be issued with a PIN without any branch/call centre interface.
The present invention also allows a user to change the PIN number on their card without visiting their financial institution branch.
It will be appreciated that although the present invention will be described with reference to a credit card, the present invention could find equal use with respect to other financial instrument such as debit cards, for example.
In a first embodiment of the present invention a customer applying for a credit card uses an electronic device such as a computer 10 to access a processor typically in the form of a server 12 of the financial institution via a
communications network 14. The communications network 14 is typically the Internet.
The user inputs into the computer 10 application data including personal information about themselves to apply for the credit card. The personal information is received by the server 12.
Once all of the application data is received, the user is prompted by the communications network 14 to enter a selected PIN. The PIN needs to be keyed in via a secure medium and the customer will typically be presented with a scrambled PIN pad to prevent spy ware key loggers from obtaining the PIN. The scrambled PIN pad allows the customer to select the PIN using the mouse rather than the keyboard rendering the spy ware key logging software ineffective.
In addition, the application form session is preferably Secure Socket Layer (SSL) secured.
The application data and the PIN data are stored in a memory in the form of a database 16 associated with the server 12 and in communication with the server 12.
At some point in the future, at least the application data is transferred to a financial instrument producer 18 to produce the actual credit card.
The PlN data may or may not be transferred with the application dated depending on whether or not the PIN data needs to be stored on the credit card or not.
Once the credit card is produced it is securely mailed or delivered to the customer.
It will be appreciated that as the customer selected the PIN the Pin does not need to mailed or delivered to the customer together with the credit
card. This prevents the customer from having to go into the branch to collect the PIN for the card or prevents the financial institution from having to securely print the PIN on tamper evident paper and delivering this to the customer.
In a second embodiment of the present invention, the customer is able to apply for the credit card manually at a branch, for example. However, when it comes time to obtain a PIN the custom is guided to the financial institution's website and is able to select an option "Online PIN issue". The session will also be SSL secured.
The customer will firstly be presented with a screen requesting their personal information such as their identification number and data identifying the financial instrument which is typically the Card Verification Check (CVC2) value.
The CVC2 value is obtained from the back of the credit card and is the last three digits of the number printed on the signature panel of all Master and Visa credit cards. This value is used to validate that the customer is in possession of the physical card and for validation of transactions in which the card is not present.
The server 12 receives personal data and the financial instrument data containing the above information and the server verifies the validity of the financial instrument and that the entered holder of the financial instrument is the correct holder of the financial instrument. This is done by comparing the entered data with data stored in the database 16 or in another database.
In order to issue the customer with their PIN two options are available. Firstly, the PIN could be automatically generated by the server 12 and transmitted via the same or a different communications network back to the customer.
Transmitting the PIN back to the customer via the internet 14 is typically known as in band communication while transmitting the PIN back to the customer via another communication channels such as via an SMS to the customer's cellular telephone is known as out of band communication. The transmission of the PIN to the customer can be done either in band or out of band.
Alternatively, the customer is again presented with a scrambled PIN pad for purposes of selecting their own PIN and the entered PIN is transmitted to and then received by the server 12.
In either embodiment, the PIN is stored in the database 16 and associated with the financial instrument so that use of the financial instrument can be verified later with the input of the PIN.
The storage of the PIN in the database is obviously a secure storage using dynamic keys and other security devices.
It will be appreciated that the above process could be used for new PIN issues such as has been described above but could also be used where a customer wishes to change their PIN or where customers need to be issued with a one time only PIN for a special use.
Thus the present invention allows a financial institution to securely issue a PIN to a customer who will use the PIN to validate the use of a financial instrument.
Next Patent: A FLUID CONTROL VALVE