WO2002041236A2

WO2002041236A2 - High security data card

Info

Publication number: WO2002041236A2
Application number: PCT/US2001/043777
Authority: WO
Inventors: Paul Hanseen
Original assignee: Trinity Technologies Llc
Priority date: 2000-11-16
Filing date: 2001-11-16
Publication date: 2002-05-23
Also published as: WO2002041236A3; AU2002236473A1; WO2002041236A9

Abstract

A device (10) for use in a system for reducing fraud in financial transactions. The device (10) includes a member associated with a machine readable rotatably accessible optical data-containing structure (10), a machine readable magnetically encoded data-containing structure (12), and a circuit (14), each containing separate data sets. The device (10) is used as a data card in financial and other transactions. The separate data sets (12, 14) are individually accessible only with user input information (42), are compared (44) to such information and the other data sets to verify user identity and authorization.

Description

HIGH SECURITY DATA CARD

BACKGROUND

1. The Field of the Invention.

This invention relates to apparatus for portably containing data. More particularly, the present invention relates to devices which store data in multiple formats in one physical structure.

2. The Prior Art.

Currently available portable data-containing devices include plastic cards that are used to carry and transmit financial, medical and other data. Such cards are also used as credit cards and debit cards, in addition to other uses. Currently, machine readable data is carried on portable data cards in magnetic strips which require linear motion to read the data stored in the magnetic strip, or in electronic circuits from which the data is read using a digital protocol, or in linearly accessible optical storage formats which require linear movement in relation to the card to read the data, or in optical forms that are rotatably accessible which require rotational movement in relation to the card to read the data on the card.

Currently, there are financial transaction cards, such as credit cards, which possess both a data carrying magnetic strip and a data carrying electronic circuit which are used to identify the bearer of the card. These cards are capable of carrying data in two mediums. The limited data capacity of these dual medium cards requires that additional information must be obtained to verify that the user has the proper authority to use the card. Fraudulent use of financial transaction cards is, unfortunately, a common occurrence. MasterCard International, of Purchase, N.Y. reported that in 1995, worldwide, 9 cents of every $100 dollars was lost to fraud. This represents roughly $400 million out of $470 billion in transactions. It has been estimated that credit card fraud totals over $1 billion every year.

At present, to verify that a user is authorized to make a transaction with such a financial transaction card, a merchant must first verify the card' s validity through a computer network (e.g., a computer network known as VISAnet, a computer network provided by American Express, or some other credit card issuer) associated with the card, separate physical information must then be collected and compared by the merchant, for example signatures compared to the authorized signature provided on the card, or other forms of picture containing identification which are compared to the user. Disadvantageously, even the limited protection provided by comparing an authorized signature or picture provided on a financial transaction card becomes unavailable in a computer based (also referred to as an "online") transaction, where there are no merchant personnel physically present to make this comparison. Recent surveys have suggested that credit card fraud my be up to twelve times more common in "on-line" transactions than in "in person" transactions. Additionally, "on-line" retailers often have to bear the liability for this fraud, while the credit card companies generally absorb these costs for traditional "in person" retailers that take fraud prevention steps.

In view of the foregoing, it will be appreciated that it would be an improvement in the art to provide a financial transaction device or system which eliminates the need for using an additional identification card, and for comparison of signatures, while continuing to ensure that the user is authorized to make the transaction.

Also currently, there are wallet sized cards known which contain optically accessible data stored in a format which does not require rotating the card. While this type of non-rotating optically accessible data card is capable of containing more, data than a wallet sized card which stores data on a magnetic strip, it requires a specialized and proprietary reader for accessing the data, which reads the optically stored data in a linear fashion. In order to use this technology, the linear reading means must be available, which requires the user to have access to such means. To adapt this type of non-rotating optically accessible data card to online transactions, initiated from a consumer's personal computer, would require the attachment of a compatible proprietary reader to the consumer's personal computer. A system for preventing fraud in a computer based transaction, which uses optically stored data not requiring hardware in addition to that which is readily, or currently, available to consumers, would also be an improvement in the art.

Moreover, the previously available systems and devices do not sufficiently address privacy and security concerns.

For example, the loss of financial institution customer account numbers and theft of personal identity over the Internet is a serious problem. Such problems prevent the Internet from reaching its full potential of promised immense transactions savings.

Existing plastic financial transaction cards are supposed to be safe, but are not. Credit card issuers must promise to refund funds lost due to unauthorized card use and the problem is expensive to the merchant who must pay the cost of the fraudulent transaction and subsequently passes the loss to the consumer by way of higher prices. Moreover, privacy invasion continues against a card holder when their old account number is used to obtain their personal identity files, resulting in embarrassment or financial burden to the card holder.

It would be a significant advance in the art to provide a data containing card that provides greater security and prevents someone from using false identification, which also includes encryption, preventing unauthorized use and access to the data. Any transaction, be it financial or identification verification, would be reliable and would not compromise personal privacy of the user.

BRIEF SUMMARY OF THE INVENTION In accordance with one aspect of the present invention a transaction card is provided, that combines in one device the capability to store magnetically encoded data, rotatably accessible optically stored data, and data stored in a circuit. In one preferred embodiment of the present invention, a financial transaction card is provided with at least one structure capable of containing magnetically encoded data, at least one structure capable of holding rotatably accessible optically stored data and at least one circuit. Preferably, there are at least three independent data sets, accessible through different data retrieval methods. The plurality of data sets are preferably separately encrypted, namely, each set is encrypted using a different standard.

In other aspects of the present invention a multi-function card is provided with greatly increased processing and storage capacity. Such multi-function cards preferably have beneficial applications as driver licenses, passports, government and corporate employee verification, ingress and egress cards. In illustrative embodiments, one card preferably has several layers of security, encryption, password and biometric verification files. One illustrative card can contain fingerprint and facial recognition files, driver license information and records, passport information, credit/debit information, medical insurance records, and all of the functions provided by the card have running transaction results which are stored on the card. Such stored information is preferably used, for example, in each step of airline travel, from buying the ticket to checking national passport databases to boarding the plane. The illustrative card's multiple functions and combined security greatly increase the safety of the public and users of the card. The existing technology, for example smart card technology, is inadequate to serve the present needs of the market. The existing technology is severely limited because of the lack of digital memory space on existing devices . Advantageously, in accordance with another aspect of the present invention, high capacity optical storage technology, such as digital versatile disc technology, is included many illustrative embodiments of the present invention and in many embodiments in combination with smart card chips. The high storage capacity illustrative embodiments of the present invention preferably store biometric encrypted security data making all kinds of transactions secure and ensuring the identify of the presenter of the card. Advantageously, illustrative embodiments of the present invention address the needs of various markets and applications and one illustrative card could function instead of requiring many different cards using existing technology. Moreover, in accordance with another aspect of the present invention, the illustrative embodiments of the present invention are backwards compatible and can be introduced and implemented with the existing credit card infrastructure which is already present in the marketplace.

Moreover, the present invention provides the great advantage of not being server dependent. One well known example of a server dependent security system for electronic based commerce is the evolving public key infrastructure, commonly known as "PKI," which requires a trusted third party server involvement to secure transactions over the Internet. The PKI server system, as well as all other similarly structured systems, is open to numerous security breaches including: being susceptible to falsified digital certificates and corrupted digital certificates; allowing stolen identities to be used by unauthorized third parties undetected; and reliance on a third party server which must be trusted by those who are transacting business over the Internet. The present invention advantageously does not rely on a third party server but rather all the necessary data resides on the illustrative cards of the present invention providing much more security than previously possible using server-based public key infrastructure systems.

One preferred tri-format combination device of the present invention is particularly directed to reducing fraud in financial transactions. The separate data sets on the single card preferably contain different data and are separately accessible by different user inputs (such as personal identification numbers, machine readable physical information such as fingerprints, a photographic or digital image, or other biometric information) . The information from the separate data sets can be compared by the system to verify the user's identity and authorization to conclude the transaction.

One preferred embodiment of the present invention includes a rotatably accessible optically stored data- containing structure. This feature adds a third data set capable of containing much larger amounts of data than the prior art devices, allowing the user's machine readable physical information to be stored in the device. Machine readable physical information can include a photographic image, a fingerprint image, a retina image, or other biometric information that is physically unique to the user and can be recorded, or examined by a mechanical device. This information can be accessed by the machine reading the device and compared to information input by the user, to ensure identification and authenticity. The use of rotatably accessible machine readable optical data storage allows the reading of the device in the standard CD-ROM drive/DVD drive of a personal computer.

BRIEF DESCRIPTION OF THE DRAWINGS In order to better appreciate how the above-recited and other advantages and objects of the invention are obtained, a more particular description of the invention briefly described above will be rendered by reference to a specific embodiment thereof which is illustrated in the appended drawings. Understanding that these drawings depict only a typical embodiment of the invention and are not therefore to be considered limiting of its scope, the invention will be described and explained with additional specificity and detail through the use of the accompanying drawings in which:

Figure 1 is a view of the top planar surface of a first embodiment of the card device of the present invention.

Figure 2 is a side view of the first embodiment of the card device of the present invention.

Figure 2A is a view of the bottom planar surface of the first embodiment of the card device of the present invention.

Figure 3 is a top view of a second alternative embodiment of the card device of the present invention.

Figure 4 is a top view of a third alternative embodiment of the card device of the present invention.

Figure 5 is a view of an embodiment of a cover for the card device, included in the present invention. Figure 5A is a diagrammatic representation of how chips with contacts can be read with simple spindle modification.

Figure 5B is a diagrammatic representation of how card contacts would be aligned with the laser reading the cards data, determining its position on the disc and hence discs position relative to the contacts.

Figure 6 is a flow chart illustrating a method for verifying the authority to use the card in a transaction. Figure 7 is a chart comparing the accuracy of various biometric identification technologies.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS Reference will now be made to the drawings wherein like structures will be provided with like reference designations. The invention is a device, and a system for using that device. One preferred use of a preferred embodiment of the invention can be used for reducing fraud in computer based transactions. Financial transaction card based fraud is especially problematic for on-line transactions, occurring up to 12 times more frequently than with in-person transactions. It is estimated that credit card fraud costs financial companies, merchants and customers over a billion dollars each year, in the United States alone. By providing a device and method that may reduce these amounts for both in-person and on-line transactions, the present invention represents a substantial improvement over the prior art.

While the described embodiments will refer to the invention's use as a financial transaction card, it will be appreciated that alternative uses of both the device and method are included within the scope of the present invention. Some possible alternative uses include use as a medical data-containing device, as a data-containing device and system to control access to secure areas, as well as other uses for a data-containing device and authorization system for other types of transactions, known or readily ascertainable to those skilled in the art that are included within the scope of the present invention.

A first embodiment of the device of the present invention is illustrated in Figure 1. The device consists of a planar member, shown in this first embodiment as numeral 10. The planar member can be constructed of any material used for making data-containing cards, the preferred construction will result in a surface hardness at least equal to that of polycarbonate.

At least one structure associated with the planar member 10 is capable of containing magnetically encoded data. In the embodiment shown in Figure 1, this structure capable of containing magnetically encoded data is a magnetic strip 12. The information encoded on magnetic strip 12 contains at least one data set. The preferred structure capable of containing magnetically encoded data complies with ISO standard ISO 4909, hereby incorporated herein in its entirety by this reference, allowing the card to be used as a credit card or as a debit card.

Associated with the planar member 10 is at least one circuit. In the embodiment shown in Figure 1, this circuit is represented by a box, generally indicated at 14. The preferred circuit is an integrated circuit; installed so the card and circuit comply with ISO standards ISO 7816(1- 10), hereby incorporated by this reference in its entirety, or ISO 14443, hereby incorporated by this reference in its entirety; allowing the invention to function as what is commonly referred to in the industry as a "smart card." The circuit 14 contains a data set, is capable of receiving further data input to it, processing that further data based on the data set already contained in the circuit, and then outputting additional data based upon that processing. The original dataset, a modified dataset based upon the processing, or both may be retained by the circuit 14 after output. It will be appreciated that various methods known, or readily ascertainable to those skilled in the art may be used to receive and output data by the circuit 14, and all such methods are within the scope of the present invention. Also associated with the planar member 10 is a structure which is advantageously capable of containing machine readable optically stored data which requires that the planar member 10 be rotated in order to access the optically stored data. In the first preferred embodiment shown in Figure 1, the planar member 10 is constructed so that it can be accessed as a compact disc, readable through the bottom planar surface of planar member 10.

It will be appreciated by those skilled in the art that other rotatably accessible machine readable optically stored data formats can be used, examples of such formats include but are not limited to compact disc read only memory, compact disc recordable, compact disc rewritable, compact disk interactive, video compact disk and digital versatile disc (digital versatile video disc) , as well as others which are known to those skilled in the art. When used with the preferred embodiment, these formats are preferably in compliance with one or more of the following standards: IEC 908; the Phillips-Sony Compact Disc Digital Audio System Description (RED Book) ; the Phillips-Sony Enhanced Music CD Specification (BLUE Book); ISO/IEC 10149; the Phillips-Sony Compact Disc Read Only Memory System Description (YELLOW Book) ; the Phillips-Sony Recordable Compact Disk System Descriptions, Part II: CD-WO (Write Once) (ORANGE Book) ; the GREEN book; the Phillips-JVC- Matsushita-Sony Compact Disk Digital Video Specification (WHITE Book); ISO 9660; ISO 13346; ISO 16448; ISO 16449; ISO 16824; and ISO 16825; each of which is hereby incorporated herein, in its entirety, by this reference. In one illustrative embodiment, a hole 16 is passed through planar member 10, allowing the device to be installed and read in a compact disc drive. The preferred association of the planar member 10 with a structure capable of containing machine readable optically stored data is to construct the planar member in such a way that - li the planar member includes the structure capable of containing machine readable rotatably accessible optically stored data through the bottom planar surface of planar member 10. A data set is contained in the structure for containing machine readable rotatably accessible optically stored data.

Figures 2 and 2A show the first illustrative embodiment of the device with structures that allow the machine readable rotatably accessible optically stored data to be accessed by a compact disc drive or other drive, such as a digital versatile disc drive. The side view of Figure 2 shows ridges 20 which protrude from the bottom planar surface of the planar member 10. Figure 2A shows the ridges 20, and the hole 16 from the bottom planar surface. The ridges 20, as shown in Figures 2 and 2A, allow the planar member 10, which is longer than the diameter of a miniCD to rotate in a compact disc drive.

Alternative structures which allow the planar member 10 to rotate in a compact disc drive/digital versatile disc drive are represented by Figures 3 and 4. Figure 3 shows an embodiment of the device in which the planar member 10 is shaped as a card with curved first and second edges. The length of the planar member 10, shown in figure 3 at L, equals the diameter of a miniCD, the center hole 16 allows planar member 10 to be installed in compact disc drive, where the curved edges and the length allow it to rotate in the miniCD portion of the compact disk drive. Figure 4 shows an embodiment of the device where the planar member 10 is sized as a miniCD, this allows the planar member 10 to rotate in a compact disk drive. Other structures and methods for achieving this rotation will be readily apparent to those skilled in the art and are within the scope of the present invention.

Figure 5 shows a cover for the device useful for protecting the planar member 10, that is preferred to include in the present invention. Planar member 10 is inserted in cover 30, as shown in Figure 5. Cover 30 is preferably made of flexible plastic such as polyurethane. When planar member 10 is inserted in cover 30, the cover protects the circuit 14, and the structure capable of containing machine readable rotatably accessible optically stored data, an opening 32 in cover 30 allows the magnetic strip 12 to be accessed by means for reading the magnetically encoded data. Alternatively, cover 30, as shown in Figure 5 can be constructed of material which allows electromagnetic waves to pass through. If circuit 14 is a "contactless" integrated circuit, such as those complying with ISO 14443, then circuit 14 may also be accessed while planar member 10 is inserted in cover 30. It will be appreciated that while it is preferred to include a protective cover 30 with the planar member 10, that the present invention includes a tri-format device that does not feature such a removable protective cover. The cover 30, when it is used, is removable and many different embodiments of the invention can optionally utilize a removable cover, such as cover 30.

Reference will now be made to Figure 5A to explain how chips with contacts called "contact chips" can be read with simple spindle modification. The illustrated structure design allows reading the chip circuits while the card is spinning. The key notch is representative of an alignment system that aligns the cards circuit leads with the CDROM' s spindle leads and they connect to the platter leads which in turn are connected to the computer circuitry. The notch can be spring loaded allowing non-notched CDs to be used. In Figure 5A, the following reference numerals refer to the corresponding structures:

100 card with smart chip and DVD technology 102 IC chip - 13 -

103 contact leads

104 set groove which matches to spindle notch

106 contact reader platter which will be read by contact points under platter

108 contact needle under platter that reads from spinning platter contact points 110 contacts on CD spindle

112 enlarged CD spindle

114 set notch to match with card groove

Reference will now be made to Figure 5B, which should be considered in tandem with Figure 5A, to alternatively explain how the card contacts would be aligned with the laser reading the cards data, determining its position on the disc and hence discs position relative to the contacts.

The CDROM laser locates, assisted with software, the matched position of the cards contact leads and the spindle contacts. Once matched, the reader locks the card position, aligning contacts with the spindle contacts.

This completes the circuit. The signal is sent through the leads to the stationary platter contacts, located above or below the spindle, then back and forth through the card through the platter which is connected to the computer circuits. This structures illustrated in Figures 5A and 5B can be oriented with either the top or the bottom of the spindle. In Figure 5A, the following reference numerals refer to the corresponding structures: 120 card with smart chip and DVD technology

122 IC chip

123 contact leads

124 set groove which matches to spindle notch

126 spindle contacts 128 spring loaded notch key that will align with card alignment notch

130 contacts leads 132 stationary contact platter above or below spindle with circular contact points that will align and make contact with spindle contact leads

In addition to the device that may be used to increase security in computer based transactions, the present invention also includes a system that may be used to reduce fraud in a computer based transaction. This system works by the transmission of information contained in the datasets to a receiving computer system, and the collection of confirmatory user data which is also transmitted to the receiving computer system. The receiving computer system then compares the confirmatory user data to standards contained in the datasets to verify the authorization of the user to make the transaction. If the confirmatory user data matches the standards, authorization is confirmed and the transaction is allowed to proceed, otherwise the transaction is refused.

In the preferred embodiment of the system, depicted in Figure 6, the transaction is a financial transaction of a credit or debit type. To make the transaction the card is inserted into a means for accessing the data, as shown in box 40. In a preferred embodiment, the means may be the user's personal computer, although a proprietary reader, merchant computer system, or a proprietary card reader can be used, along with any other means that may perform the necessary functions. The user must then input information, as shown in box 42, to allow the means to compare the input information to information contained in the datasets. In the preferred embodiment, this information is one or more personal identification codes (associated with the independent datasets) , which are entered into the means for accessing the data. After the means receives the personal identification codes, it verifies them and compares the data in the datasets to data contained in the card> which may be contained in one or more of the data-containing structures of the card, as shown in box 44. Preferably, the comparison data is contained in at least two of the data-containing structures of the card, to allow for an additional comparison to be made between the data sets. If the compared user input and the data do not match, the transaction is refused, as shown in box 46.

The means for accessing the data preferably further includes a means for obtaining confirmation of user physically identifying data. The means may be a digital camera for taking a digital image, a camera for taking a photographic image, a means for reading a fingerprint, or any other means by which a machine can collect unique physical or biometric data from the user. In the illustrative embodiment, once the user input information is found to match the data contained in the financial transaction card, the means for accessing the data then collects confirmatory physical data from the user, as depicted in box 48. The confirmatory user data is compared to standards contained in the encrypted datasets on the financial transaction card, as depicted in box 50. Preferably, the standards are contained in more than one data-containing structure of the card, to allow for the standards to be compared to one another, further increasing security. The comparison of the collected confirmatory data may be done by the means for accessing the data, or the collected data may be transmitted, along with the standards to the receiving computer system, which may then make the comparison. If the confirmatory data matches the standards contained in the encrypted data sets, then the transaction is authorized, as shown in box 54, otherwise the transaction is denied, as depicted in box 56.

As used herein the term "data-containing structure" is intended to encompass any type of machine readable optically stored information such as executable programming code, such as programs that run on a PC compatible computer under the Windows operating system or any other platform using any other operating system, as well as any information which a computer program might use. Thus, the term "data-containing structure" encompasses any digital information without regard to its source or intended use.

Moreover, as used herein the term "data" is intended to encompass any type of digital information without regard to its source or intended use. An advantage of this system is that it will function for both in person and "on-line" transactions. In a preferred embodiment for online transactions, the means for accessing the datasets can be a personal computer, the tri- format device can be installed in a drive on the personal computer adapted for that purpose, the user information can be entered by keyboard, and the confirmatory user data can be an image taken by a digital camera connected to the computer. The information can be transmitted and compared to a receiving computer system, which does the comparison and authorization.

In a more preferred embodiment for on-line transactions the tri-format device includes a optically stored data structure that must be rotated to be accessed, that is either CD-ROM, CD-R, CD-RW, DVD-R Authoring, DVD-R General, DVD+RW, DVD-RAM, or DVD-RAM compliant. When the user is ready to make a transaction, the user places the device into the CD-ROM/DVD drive of a personal computer that is attached to a computer network. In response to the input of user information, the personal computer accesses the device and transmits information contained therein. Without the input of the user information the transaction is not allowed to proceed. An image of the user is taken by a digital camera attached to the personal computer, and transmitted to a receiving computer system. An image of the user that is previously contained in the data encoded in the tri-format device is also transmitted to the receiving computer system. The receiving computer system compares the two images and authorizes the transaction, if the images match to a sufficient degree. This matching is preferably accomplished through the use of biometric formulas that measure fixed features on the users face and calculate ratios based upon the relationship of those features, the ratios being unique to each individual user. If the features match to a sufficient degree, the transaction is authorized and allowed to proceed.

In a preferred embodiment for an in-person transaction, the user, or a merchant personnel, places the card into a CD-ROM/DVD drive of a merchant computer system. The user then enters user information, such as a personal identification code by way of a keypad that is provided. In response to the input of user information, the personal computer accesses the device and transmits information contained therein. Without the input of the user information the transaction is not allowed to proceed. Physically unique confirmatory data is collected by the merchant computer system, and transmitted to a receiving computer system. Preferably, this confirmatory data is a fingerprint image collected by a reader designed and adapted for that purpose. An image of the user's fingerprint that is previously contained in the data encoded in the tri-format device is transmitted to the receiving computer system, along with the collected image. The receiving computer system compares the two images and authorizes the transaction, if the images match to a sufficient degree. This matching is preferably accomplished through the use of biometric formulas that measure features of the user's fingerprint and calculates ratios based upon the relationship of those features, the ratios being unique to each individual user. If the features match to a sufficient degree, the transaction is authorized and allowed to proceed.

The present invention also provides a data containing card which provides greater security and prevents someone from using false identification and which includes encryption which prevents unauthorized access to the data and using which any transaction, be it financial or identification verification, and which is reliable and which does not compromise the personal privacy of the user. In accordance with the present invention, personal information is shared only in parts and is released only if the card owner affirms the release of the information.

In contrast to the previously available devices, the present invention allows both security and privacy concerns to be met. The present invention allows transactions to occur without personal information being intercepted by those who would gather such information for unauthorized use. Exemplary embodiments of the present invention can advantageously include the below listed features: Each transaction is made secure by demanding identification verification with fingerprint or face confirmation matching the on-card fingerprint and picture files. Outbound servers are not required but can be used as a second confirmation source; the card itself can authenticate identification. Picture and fingerprint files on the card are unchangeable.

All files on the card can be encrypted. Files transferred from the card are protected by the card's encryption key. Once the card is removed, the decryption key is not available and the transmitted files become unreadable.

Each function of the card is independent and firewall protected from each other. For example, a vender who is using the card to be paid for a user's purchase is limited to only the application provided on the card which is intended for use by the vendor. Before any process can take place, verification must be made by submitting, for example, a live fingerprint or a personal identification number. From the foregoing, it will be understood that the exemplary embodiments of the present invention provide encryption which protect the privacy of the user of the card and a lost or stolen card is useless without the actual face and actual fingerprint and encryption code of the owner of the card. If the owner of the card losses the card, there is no need to notify the issuer of the card because no one else can use or even read the information on the card. The owner of the lost card simply uses a backup card. The owner can have as many backup cards as they desire because each one is useless and secure outside of their control and possession.

It is preferred that each card in accordance with the present invention is delivered to the owner with instructions, for example with a compact disc instructing the owner to read and activate their new card and specify and customize the card to their own personal needs. The issuing entity, for example a financial institution, installs the picture and fingerprint files of the owner/user on the card. Only authorized private or governmental agencies are allowed to use this read-only encryption system. In the case of government agencies, the present invention is particularly advantageous when used to implement passports issued by governments and with the present invention the use of passports will be much more secure.

It will be appreciated that as used herein the term "card" includes the planar shaped structures which are commonly referred to by the term card but any structure which can be conveniently carried by a human being, for example, in a pocket, in a wallet, or hanging around a person' s neck, and which stores and presents information which is used to carry out various transactions.

Use of illustrative embodiments of the present invention allows the following procedures to be carried out to increase the security of the exemplary transactions:

Airline tickets: Airline tickets are purchased using the present invention's Credit, Personal ID and/or Passport, functions. A purchase with the present invention would be tracked, the card' s ID information files would cross check through the FBI files, revealing the holders true or false identity. Moreover, it is within the scope of the present invention to determine whether the presenter of the card (the person who is using the card to obtain tickets and boarding of the plane) or the owner of the card (the person whose identifying information is contained on the card) is wanted by any law enforcement agencies, such as the FBI, and appropriate action taken. Before the airline ticket is issued, the card owner' s fingerprint is submitted and compared to the cards stored fingerprint file. Also, a facial recognition program, as known in the industry, compares the holder's actual features with the encrypted data file on the card. A double check on true identification with both the fingerprint and picture is verified before the ticket is issued. Before boarding the airline, the ID is checked at the gate - a triple check of true identification. Carrying one card implementing the present invention is safe, efficient, and enables multiple applications to satisfy current and future lifestyles. All the features of the present invention reside on one secure card, processing each function and storing the results on the card.

Banking: Embodiments of the present invention issued by banks not only would offer a credit function card, they would offer multiple services such as cash purse, debit, insurance, securities, on-site authorization, and identification. All types of financial institutions benefit from the use of the present invention since customer loyalty increases and fraud decreases. Visa has accepted a cost value threshold of $1.00 per function. The embodiments of the present invention will provide 7 to 20 applications per card. Prior to the advent of the present invention, the average cardholder has 5 to 8 cards. The embodiments of the present invention replace a variety of previously existing cards with one card representing a value added market value of $5 - $20 per card customer or a 320 billion dollar added market value. In particular, the embodiments of the present invention provides a solution to the inadequacies of existing smart cards and they advantageously combine the security provided by biometrics, memory capacity, microchip processing power and an API which keeps applications residing on the card separate and secure. While many people throughout the world already use various cash cards, phone cards, security or ID cards, insurance cards and drivers licenses, the present invention provides the great advantage that all these applications can be provided on just one card. Moreover, the illustrative embodiments of the present invention can provide the advantageous feature of providing a limited life cycle for both the data and the applications which are embodied on the card. For example, the illustrative embodiments of the present invention can be structured to have a life cycle which expires after 1,000 or 10,000 or any number of transactions, or which expires after a predetermined number of hours, days, weeks, months, or years, thus providing additional security and control over use of the present invention.

While smart chip technology offers over 100 times the information storage of a magnetic stripe on a transaction card, the present invention optionally provides many, many times greater storage than provided by only smart card technoloy. The ample memory provided by embodiments of the present invention enables biometric applications to be included on the card so that visually perceptible features of the owner card can be stored and recognized. Biometric data requires significant storage space and the previously available cards limit the amount of biometric data which can be used. The embodiments of the present invention preferably are provided with sufficient storage space and processing power that one card can provide all of the functions which previously required multiple cards. Desirably, all of the data necessary to carry out a secure transaction is held on one illustrative card of the present invention. This illustrative feature of the present invention provides great advantages over the previously available systems and technology which required that such data be stored on a central server with the attendant disadvantages and security concerns which accompany a centralized server-based system.

It is common wisdom that the use of biometric technology on a transaction card is cost-prohibitive and too complex. It has been unrecognized in the industry that the inclusion of data, such as biometric data which provides sophisticated security, would provide great benefits in the marketplace. The present invention allows the biometric recognition applications to be readily and affordably implemented in a transaction card substantially no bigger than previously available cards.

It is within the scope of the present invention to include fingerprint readers and smart card readers to interface with the embodiments of the present invention. For example, fingerprint readers and smart card readers available from Digital Persona can be utilized with the present invention. Darfon Electronics Corporation is a source of keyboards which include fingerprint readers and smart card readers which can be utilized with the present invention. Moreover, it is within the scope of the present invention to utilize smart card readers and finger print readers which are built into the laptop computers, personal digital assistants (PDAs) and other devices. Industry experts forecast consumer spending to exceed $100 billion by 2002. Use of previously existing smart card technology is forecast to cut fraud by 90% and the cost of implementing infrastructure being less than 1.3 % over the existing cost to member banks. Considering these forecasts, an increase in $5 to $7 billion in new or incremental income is to be expected. A 10 percent loss of business could cost up to $30 billion.

The embodiments of the present invention, with the biometric security and multiple applications, allows the owner of the card, the issuing bank, to enjoy safer transactions at a lower cost. In 1999 alone, U.S. consumers wrote some estimated 19 billion checks at the point-of-sale. In that same year, merchants in the U.S. incurred an estimated $23 billion in check handling and fraud costs and losses - averaging more than one dollar for every check written at the point-of-sale.

The percentage of consumer purchases made in the U.S. with cash or checks has fallen from 80 percent in 1994 to 66 percent in 2001, according to Frost & Sullivan, a Mountain View, Calif., market research firm. Credit and debit card usage in the U.S. has jumped from 20 percent to 29 percent of purchases, with debit cards accounting for much of that gain. Purchases made via telephones and other technologies make up the difference. The embodiments of the present invention provide advantages which make them more advantageous to the consumer than using cash or previously available cards. Industry experts also expect multi-application cards to be a runaway success, over the next three years, offering opportunities galore and putting a fresh perspective on the industry. Multi-application, open-platform transaction cards like those provided by the present invention will become more cost-effective and will be readily deployed in the marketplace. Embodiments of the present invention provide the functions of acting as a credit/debit card that tracks purchases, applying airline mileage when applicable, holding a fingerprint for secure identification and transactions, acts as a drivers license with driving records, insurance card with medical records, as well as many other functions. These functions alone represent what previously required eight different cards. Since the present invention allows functions which previously required eight different cards, the present invention represents added market value estimated at $128 billion.

It has been proposed in the art that a financial transaction card should be issued which provides three applications: credit/debit, cash purse and PKI security. Disadvantageously, the proposed card is limited to the availability of PKI servers and network, password security and anti-forgery systems. The illustrative embodiments of the present invention will provide its own security with on-board biometric files. Advantageously, with the illustrative embodiments of the present invention there is no need of any other network other than the existing credit network. The card will supply verification itself with the owner's fingerprint recognition, face recognition, and personal identification number (PIN) .

The illustrative embodiments of the present invention are adapted for use with both wired and mobile internet connections, and electronic ticketing of airlines and, both of which are expected to see additional growth in the future. Moreover, the present invention can advantageously be used with technology such as PKI and existing servers which provides flexibility and increased confidence in the use of such existing technology when enhanced by the use of the illustrative embodiments of the present invention. The ongoing service enhancements in e-ticketing technology will enable subscribers to produce electronic tickets on airlines and other transportation providers using the illustrative embodiments of the present invention.

Financial institutions co-locate many different applications on the embodiments of the present invention. The illustrative embodiments of the present invention allow a user to have all of their card needs supplied on one card utilizing the present invention providing applications with functions such as insurance, investment portfolio, identification, medical records, and many other functions.

It is within the scope of the present invention to provide beneficial functions including those set forth below.

Ingress/Egress Security: Pilots/employees entering a check point or gate submit a card incorporating an embodiment of the present invention and the card is placed on a CD/DVD rom drive known in the art; the card's picture file is brought up on a screen provided at a check point and the face of the card holder is verified with that of the owner of the card; the name and picture is cross checked with computer employee files; a live print is submitted, which is verified by the fingerprint file in the card, and the card holder's identification is verified; the entire process preferably taking place in less than two minutes.

Retail: To complete a retail transaction the customer presents his/her card to the clerk for a purchase and the clerk places the card on the CD/DVD reader and the customer's picture comes up on the screen. The clerk asks if the purchase is a debit or credit transaction and the customer replies that credit will be used. The clerk enters the request and the card requires a live print to verify and authenticate the purchase. The live print is submitted and verified with the print file on the card. The bank also verifies that true identification was made by the card and verifies the account's balance. The transaction is recorded, and optimally encrypted, on the card to a specific register file. The loyalty mileage is recorded on the card to a specific file. The 3 second transaction is complete with greater security than previously possible. Medical: At the doctor's office, the patient submits his card in accordance with the present invention for insurance verification. Medical history is requested from a central database. With the submission of a PIN number the patient authorizes a temporary release of medical history for viewing only, which could include, for example, a diagnostic anomaly MRI . The patient's complaints are presented and recorded on the card in accordance with the present invention. A diagnosis of the patient's condition is made and the doctor prescribes treatment. A record of the check-up, diagnosis, treatment, prescription, outpatient therapy and future appointments are made, and optionally encrypted, on the card.

Investment: The card holder records his investment portfolio to his card. For example, using a PDA's smart card reader the card holder views his portfolio and takes note of changes he wants to make. With an internet connection on a laptop computer, the card holder inserts the card and notifies his broker of the changes he wants to make to the portfolio. The changes are made to the account and recorded on the card in accordance with the present invention. The card is removed from the laptop computer with no record left of the data on the laptop.

It will be appreciated that using the information disclosed herein, those skilled in the art can utilize materials and techniques available from many different sources. Among the sources for hardware, software and/or information which can be used in accordance with the present invention include: Sun Microsystems (which is a source of Java™ programming software which is particularly useful for programming smart cards) ; Gemplus International; Schlumberger; and, Oberthur, all of which are sources of chip cards and the hardware, software, and know-how needed to implement desirable features. Additional sources of hardware, software and/or information which can be used in accordance with the present invention include: major card issuers such as Providian Financial, First USA, American Express, Visa, and MasterCard.

It is predicted that by the year 2004 consumer PCs will have smart card readers as a standard feature, enabling customers to use them to shop online. It is also predicted that by the year 2006, smart cards will be required for any online purchases.

The magnetic stripe which is common on previously available credit cards is very limited in its storage capacity and adaptability. Still, in order to maintain backward compatibility the embodiments of the present invention preferably include a magnetic strip. Visa credit cards are now accepted in over 21 million merchant locations utilizing the magnetic stripe technology. The embodiments of the present invention preferably are compatible with existing mag stripe technology making it immediately backward compatible with all credit card terminals.

Some embodiments of the present invention preferably include DVD technology which allows the data to be read from, and written to, the card in accordance with industry standard Digital Versatile Disc ("DVD"), including read/write technology. Thus, it is preferred that embodiments of the present invention include structures which enable data to be stored on the both a microchip and in the DVD structures provided on the card. Advantageously, this arrangement of the present invention allows applications to be read from either medium depending on what reader technology is used at the point of the transaction. It is expected that computers and computing devices which include both DVD+RW units and/or contactless smart card readers will become commonplace in the near future and as such devices become widely available, cards incorporating the present invention will be compatible with such devices. It is preferred that, in accordance with the present invention, devices used to conduct transactions using the embodiments of the present invention have all, or various combinations, of the following devices to ensure compatibility with new and existing technologies: cd rom, DVD+RW, smart card reader, contactless reader, a magnetic stripe reader for debit/credit functions.

In accordance with the present invention, the technology incorporated into Verbatim 4.7GB DVD+RW discs which will store up to two hours of high quality (MPEG-2) video or four hours of MPEG-1 video. With the ability to provide more than 1, 000 overwrites and a data life of more than 100 years, Verbatim DVD+RW discs are also cost-effective for data backup, Web downloads, and video editing. In accordance with the present invention, the data storage capacity provided by the same technology present on a Verbatim 4.7GB DVD+RW can provide ample storage space on the cards which embody the present invention, providing space for an exemplary eight, twenty, or more applications on the card. It will be appreciated that any technology which provides enhanced or increased storage capacity can be utilized within the scope of the present invention and those skilled in the art will understand how to advantageously incorporate later developed technologies into the embodiments of the present invention. Examples of additional DVD technology which can be utilized in embodiments of the present invention include: DVD-Video and DVD-ROM. DVD technology provides greatly increased storage capacity. In a DVD the laser beam features a shorter wavelength of 650 or 635 nanometers, compared to 780 nanometers for a CD laser. With a wider aperture, this laser makes it possible to store the digital information as smaller 'pits', in tracks that can lie closer together. Compared to the standard CD, the information pits are about half as big and the tracks are more than twice as close to each other. This results in a storage capacity that is 7 times greater as the CD, and actually can be as much as 4.7 Gigabytes of information. Moreover, because there is so much information on the DVD disc, the error correction procedures have been greatly improved compared to CD, thanks to an advanced Reed Solomon Product Code error correction system.

With its storage capacity of 4.7 GB, a standard size DVD allows the storage of an entire movie, on a single sided, single layer DVD, with Dolby Digital or MPEG2 Multichannel Surround sound in various languages soundtracks and sub-titles. To be prepared for the future, the Digital Versatile Disc definition is available in four different disc configurations: The single sided, single layer disc is quite similar to CD except that its substrate is 0.6 mm thick; The double sided, single layer disc is composed of 2 single side, single layer substrates bonded back to back; The single sided, double layer disc is a single sided, single layer disc having one more storage layer below the first layer. To enable the pickup to read data on the second layer, the first layer is covered by semi-reflective material. The double sided, double layer disc is composed of 2 single side, double layer substrates bonded back to back. It is preferred that images on a DVD are processed with the internationally standardized image compression method MPEG2. This compression method is dependent on the specifications and the amount of movement in the image. A simple landscape can be substantially compressed without noticeable loss of image quality. If a jet fighter then streaks through the image, the data rate should be increased to reproduce faithfully this fast moving scene and to refresh the image rapidly and sharply. Audio can also be included on embodiments of the present invention. For example, sound can be sampled at 16 bits with a frequency of 44 kHz. Alternatively, the sampling frequency can be increased to 48 kHz. Also, a sampling frequency of 48 or 96 kHz and a resolution of 16, 20 or 24 bits can be used and any other appropriate technology can be used in accordance with the present invention.

Biometrics: With the ample storage space and processing power which is included in the illustrative embodiments of the present invention, security applications using biometrics to identify the card holder are readily implemented. Biometric security solutions are better than expensive and time-consuming password systems. Financial institutions, healthcare organizations, military and government agencies will benefit from a transition away from password-based security in favor of fingerprint recognition systems as each have recognized that eliminating employees' needs to maintain and update passwords saves both valuable time and money for the business. With the proliferation of data shared over the Internet, fingerprints provide an easy, non-intrusive method for users to guarantee only authorized recipients can obtain information or carry out transactions. As consumers and professionals demand even more convenient means of maintaining system integrity, keyboards and other computing devices with integrated biometric technology can advantageously be used in accordance with the present invention.

Fingerprint: This is the traditional method of identification used by the world's police forces. Although theoretically a very accurate biometric, it does need expert enrollment, trained and compliant subjects, and a 'clean' environment. It is also associated with actual or possible criminals. The present invention can readily utilize finger prints for identification of a human. Facial Recognition: This method analyzes the patterns in individual faces. The accuracy of face recognition engines has improved dramatically over the last few years and the technology is now perfectly suitable for verification applications in accordance with the present invention. Facial recognition applications are non-intrusive and there is already a general acceptance of more standard face recognition - photographs in passports, driving licenses and ID cards. It is possible to derive facial templates from existing video or still images that mean that this method is also very suitable for identification applications. Sophisticated video cameras that are capable of supplying the images necessary for identification are commonplace and digital video cameras can be adapted for use with the present invention. Various biometric identification technologies can be used in accordance with the present invention using the information set forth below. Biometric identification systems recognize individual characteristics of a person. An analysis of the four biometrics has been made and estimated their current strengths in four areas as detailed below.

Referring to Figure 7, the benefits of face recognition, voice recognition, iris recognition and fingerprint recognition are compared. In Figure 1 , accuracy refers to how accurate the technique was at identifying the subject; usability refers to the ease of use and whether the subject would find the system intrusive or acceptable when being checked; data refers to whether data already exists in this form about subjects and whether it is recorded, widely used and accessible; and tools refers to whether systems are widely in place to capture data in this format, e.g. cameras, recorders, readers, etc. Significantly for application with the present invention, there is a distinction between the use of biometrics for verification and for identification. As indicated above, some are suitable for one or the other but few are suitable for both types of application. With both fingerprint and picture data being preferably provided on the cards embodying the present invention, both verification and identification will be advantageously provided. By use of the present invention, fraud is greatly diminished, as each user would be identified from an unchangeable file stored within the card. The reduction of fraud alone is a great advantage over the previously available systems.

In accordance with the present invention, at the point of transaction DVD readers/writers with an embedded contactless smart card chip reader are provided and may also include magnetic stripe reader systems to provide backward compatibility. The illustrative systems of the present invention read chip and DVD information simultaneously allowing the card to respond as a networked device with its own processor and over a GB of memory. In accordance with the present invention, the card of the present invention performs the capacity and functionality of a PC compatible personal computer. It will be understood that inclusion of writable optical media on the cards of the present invention greatly increases the processing memory available for any processor which is included on the card. It is preferred that the processing memory be provided by an optical media compliant with one of the following standards: CD-ROM, CD-R, CD-RW, DRD-R General, DVD+RW, DVD-RAM, or DVD-RAM. The processing memory is structured via the instructions contained in the integrated circuit provided on the card or is physically structured during manufacture of the optical media on the card. It will be appreciated that the increased processing memory on the embodiments of the present invention provide the advantage of increasing the memory available to carry out processes and assists the chip provided on the card to carry out more processes. Advantageously, the result of a logical process can be stored and then recalculated between the contents of specific addresses on the cards of the present invention. It will be appreciated that the described processing memory on the card functions similarly to semiconductor memory known as RAM and ROM. Memory available in a smart chip integrated circuit is limited and such limited on-board memory limits the application functions which the smart chips can carry out. The present invention's feature of expanding the memory capacity and processing memory greatly increases the usefulness of the card of the present invention and allows one card to carry out the functions which previously required multiple cards.

Illustrative embodiments of the present invention are capable of carrying out or functioning as: Credit transactions; tracking product loyalty; drivers license identification; driving records; passport/visas; insurance information; biometrics identification; medical record storage; gasoline purchase charges; debit transactions; debit and credit register; and, corporate security. Each application or function is preferably provided with it's own API allowing or disallowing the transference of information and/or records by submitting the appropriate PIN or fingerprint. Utilization of known data encryption systems or those which may become available in the future provides that the data is secure, separate and in one's pocket. With processing memory within the card, the existing PKI server system is no longer needed because the card of the present invention itself certifies and authenticates. Still, due to the flexibility and adaptability of the present invention, it is within the scope of the present invention to provide an additional confirmation level when used with technologies such as the existing PKI server system and thus greatly enhance the security of systems such as the PKI server system.

The present invention provides numerous benefits including: Control of personal information; Purchase tracking; Control of secure records; Backward compatibility with existing technology; Failsafe identification; Cross market security; and, Owner maintained APIs. All these benefits being provided on one card. 'Open architecture APIs and complete backwards compatibility with existing card readers makes the cards of the present invention flexible and usable everywhere. Some of the additional technologies preferred to be used in accordance with the present invention will now be described. Those skilled in the pertinent art will be able to readily implement the embodiments of the present invention utilizing the guidance provided herein. Technologies available from Infineon, as a chip and biometric supplier, Verbatim as the DVD technology supplier and developer, and from Oberthur for card assembly supplier are all preferred for use in the present invention but other sources of technology can also be used. Giesecke & Devrient provides technology which can be used in accordance with the present invention in connection with smart cards, in particular Smart Card Operating Systems, Biometrics, and Digital Signature & E-Business technologies. Further information regarding such t e chno l o gy can be found at http : //www . gdm. de/ger /ma in /home /index . php4 and http : //www. gdm. de/eng/products/03/index.php4?product_id=3 19, both of which are incorporated herein in their entireties by this reference as well as any links provided therein.

DVD Technology. Verbatim DVD+RW technology is one preferred technology to allow for multiple applications to be written to the card of the present invention. Technology available under the trademark Maxell is also preferred for use in embodiments of the present invention. Over a Gigabyte of memory available on the cards of the present invention allows for biometric storage, picture identification, security protocols, information, encrypting, medical records etc. It is preferred that the wobble groove addressing system be used with the DVD technology to provide access to data on the disk that is faster than Header addressing. This allows the card to react more as a PC compatible device.

For video applications, the preferred DVD+RW format uses advanced "lossless linking" technology which allows the use of variable bit rate recording for longer playback. Verbatim's DVD+RW media will also simplify the task of combining digital video and digital data in multimedia applications. Because DVD+RW incorporates multi-session writing technology, users can quickly add documents, data and video segments without having to constantly open and close write sessions.

These features allow the card of the present invention to carry enough memory to provide the described functions and more memory than previously existing smart cards, to still be compatible with current CD and DVD players, and to utilize both CD and smart card readers to access data.

Regarding the CD technology which can be used in the embodiments of the present invention, the characteristics of a recordable CD were specified in the Orange Book II standard in 1990. The recordable CD technology involves changing the reflectivity of the organic dye layer. This is typically either cyanine (cyan blue in color) , phthalocyanine (more or less colorless) or azo (deep blue in color) . These dyes are photosensitive organic compounds, similar to those used in photography. A microscopic reflective layer—either a proprietary silvery alloy or 24-carat gold—is coated over the dye. Tests show a silver reflective layer provides improved reflectivity and maximizes read/write performance. The silver/blue CD-Rs, which are manufactured with a process patented by Verbatim, combine the benefits of silver reflectivity with the increased data reliability and long archival life offered with metal azo dye. The metalized azo layer also gives Verbatim CD-R media its unique deep blue appearance, which can be easily distinguished from the green of Cyan and gold of Phthalocyanine dyes.

The below provided DVD media specifications are exemplary of those which can be used in accordance with the present invention.

Another preferred technology which can be advantageously used in accordance with the present invention is available under the trademark Maxell and described below.

MODEL DVD-RAM2.6 DVD-RAM5.2

Maxell Item # 6 3 6 0 1 0 6 3 6 0 5 0

Recording Capacity 2.6 GB 5.2 GB

Laser Wavelength 650 nm

Aperture of Objective Lens 0 . 6

Track Pitch 0.74 μm

Minimum Data Bit Length 0.41 μm

Sector Size 2,048 Bytes

Data Transfer Rate 11.08 Mbps

Substrate Material P o l y c a r b o n a t e

Recording Layer Materials Phase Change Recording Materials

Cartridge Dimensions 4.88" x 5, 38" x .38" Operating Environment 5°C~60^*C (41' F~131'F) , 3%~85%RH (no condensation) High Capacity

5.2 Gigabyte (double-sided) 2.6 Gigabyte (single-sided)

Reliable/Durable

Maxell has achieved a highly reliable DVD-RAM disc with reduced noise, reduced disc tilt and enhanced durability of at least 100,000 read/write cycles.

Compatibility

DVD-RAM discs in cartridge can be written or read only in

DVD-RAM drives. DVD-RAM 2.6GB single-sided disc is removable from cartridge and can be read in later generation RAM readable DVD-ROM drives. DVD-RAM 5.25GB double-sided disc is not removeable from cartridge, thus compatible only with DVD-RAM drives.

Applications

Ideal for combined storage of music, video and data, transfer of video and large capacity data files, multimedia software title production, Internet downloads and massive archival storage. Maxell DVD-RAM employs the Wobbled Land and Groove recording method. When recording, pits are formed in both the groove and land of the disc's spiral track, resulting in high track density and minimal signal cross talk. D D-RAM is also the first Phase Change media to employ Mark Edge recording. To increase pit density and boost recording capacity, both edges of a recording mark are used as signal positions. Maxell ensures that even with a multi-layered disc structure, by utilizing a phase change layer and optimizing thermal conductivity, the recording layer is highly sensitive to laser intensity, providing clear and precise recording marks.

In accordance with industry standards, for PC applications, the DVD+RW format uses CAV (constant angular velocity) recording, which means the disc rotates at a constant speed during recording to provide fast, random-access reading of the disc. In addition, the technology incorporates extensive defect management to ensure that data is accurately written to and read from the disc.

The systems of the present invention can utilize the technology present in the Verbatim DataLifePlus 4.7GB DVD+RW discs and corresponding DVD+RW drives. Such drives are designed to provide broad backward read compatibility with current and future DVD-ROM drives and DVD-Video players. Verbatim Rewritable DVD+RW media will be used by consumers for both audio/video and data storage applications. Mitsubishi Chemical Media Co., Ltd. (MKM) , and Verbatim Corporation, both subsidiaries of Mitsubishi Chemical Corporation (MCC) are sources of the preferred technology.

Smart chip technology is preferred to be obtained from Infineon, but other sources of the technology can readily be used in accordance with the present invention. Siemens Semiconductors recently became Infineon Technologies.

The present invention can also beneficially utilize technology from the Ingentix joint venture with Saifun Semiconductors Ltd. and Infineon to jointly develop and manufacture flash memory products, based on Saifun 's patented NROM (Nitrided Read Only Memory) and Infineon's leading know-how for smart card applications such as the Ingentix MultiMediaCard storage products, the MultiMediaCard is a small form memory card that stores user programs and software updates in PLC devices. The MultiMediaCard combines small format with an enormous memory capacity (ROM or Flash) , a simple high-speed serial bus and a robust low cost packaging. The below listed integrated circuit chips can beneficially be utilized in embodiments of the present invention.

• Infineon 's SLE 66CL160 S/U Dual Interface Controller is approved for high security banking applications (e.g. ZKA) . The SLE 66CL160S/U is a part of the widely field proven 16-bit security chip-card controller family and provides compatibility with a full range of Infineon contact-based chip-card controllers. Features: Memory size: 32 Kbyte ROM, 1280 Byte RAM and 16 Kbyte EEPROM Controller: 16-bit security EC02000 controller Security: Fast 3DES and EC2 accelerator. Communication: ISO 14443 type A and B Data-rate: 106 kbit/scarrier frequency: 13.56NMz

• Infineon 's contactless reader IC compliant to ISO 14443 A and B SLF 9000N is a single logic chip for a contactless communication between terminal and all chip cards via an ISO 14443 contactless Interface. Features: Communication: ISO 14443 type A (ASK 100%) and type B (ASK 10%) data transfer rate: 106 kbit/s operating frequency: 13.56 MHz security: transparent for all data Interfaces: MPU-Interface for μC connection and EPP-interface for PC- connection Packaging: 44-pin Plastic Leaded Chip Carrier •Contactless Security Memories SLE 55R01 Infineon 's contactless, data carrier with 128 byte EEPROM memory, is the newest member of Infineon 's family of market-tested memory chip cards. The SLE 55R01 is the latest example of the memory chip card family's flexibility which allows different combinations of memory management philosophy, or what sizes and features are loaded for different applications. Features: Intelligent 128 Byte EEPROM Flexible memory management Memory segmentation 14 variable sized segmentations Mutual authentication with 64 bit key length for card authenticity check Contactless communication ISO 14443 type A (ASK 100%) compliant Contactless operating distance of 10 cm True anticollision 106 kbit/s data rate

•Contactless Security Memories SLE 55R02 Infineon' s contactless data, carrier with 256 byte EEPROM memory, is the newest member of Infineo 's family of marked-tested memory chip cards. The SLE 55R02 is the latest example of the memory chip card family's flexibility which allows different combinations of memory management philosophy, which sizes and features to be loaded for different applications. Features: Intelligent 256 Byte EEPROM Flexible memory management Memory segmentation 14 variable sized segmentations Mutual authentication with 64 bit key length for card authenticity check Contactless, communication ISO 14443 type A (ASK 100%) compliant Contactless operating distance of 10 cm True anticollision 106 kbit/s data rate

•Contactless Security Memories SLE 55R04 Infineon 's contactless data carrier with 512 byte EEPROM memory, is the newest member of Infineon 's family of market-tested memory chip cards. The SLE 55R04 is the latest example of the memory chip card family's flexible memory management philosophy, which allows different combinations of memory sizes and features to be loaded for different applications.

Features: 512 bytes EEPROM Value Counters: up to 65536 units High Security Authentication Unit Physical Interface and Anticollision complying to ISO/IEC 14443 Type A EEPROM updating (erase and program) time: max. 4 ms per page EEPROM endurance: > 100.000 write/erase cycles Data retention for minimum of 10 years ESD: 3 kV Ambient temperature. - 25... + 85°C •Contactless Securities Memories SLE 55R08

Infineon 's contactless data carrier with 1024 byte EEPROM memory, is the newest member of Infineon' s family of market-tested memory chip cards. The SLE 55R08 is the latest example of the memory chip card family's flexible memory management philosophy, which allows different combinations of memory sizes and features to be loaded for different applications. Features: 1024 bytes EEPROM Value Counters: up to 65536 units High Security Authentication Unit Physical Interface and Anticollision complying to ISO/IEC 14443 Type A EEPROM updating (erase and program) time: max. 4 ms per page EEPROM endurance: > 100.000 write/erase cycles Data retention for minimum of 10 years ESD: 3 kV Ambient temperature - 25... + 85°C •Contactless Securities Memories SLE 55R16 Infineon ' s contactless data carrier with 2048 byte EEPROM memory, is the newest member of Infineon 's family of market-tested memory chip cards. The SLE 55RI6 is the latest example of the memory chip card family's flexible memory management philosophy, which allows different combinations of memory sizes and features to be loaded for different applications. Features: 2048 bytes EEPROM Value Counters: up to 65536 units High Security Authentication Unit Physical Interface and Anticollision complying to ISO/IEC 14443 Type A EEPROM updating (erase and program) time: max. 4 ms per page EEPROM endurance: > 100.000 write/erase cycles Data retention for minimum of 10 years ESD: 3 kV Ambient temperature - 25... + 85°C

•SLE 44R3-5S contactless data carrier with I -Kbyte EEPROM for Automatic fare collection, Electronic purse and Access control according to the MIFARE®-System Features: 1 Kbyte EEPROM, organized in 16 sectors with 4 blocks of 16 bytes each User definable access conditions for each memory block Erasing and writing of one block (16 bytes) in one shot at 5 ms Contactless Interface (complying to the MIFARE®-System) : Read and write distance from 0 cm up to 10 cm Fast data transfer (106 Kbit/s) Mutual three pass authentication between card and reader Access to EEPROM protected by transport code on chip delivery Unique serial number for each circuit Ambient temperature - 25... + 75°C

The FingerTip technology available from Infineon is an easy-to-use, single-chip solution that utilizes a biometric fingerprint recognition method which can be incorporated into embodiments of the present invention using the information set forth herein. It is based on the principle that no two people have the same fingerprints because the patterns or ridges formed by prominent lines of skin on each person's fingertips are unique. A person's fingerprints do not change over his/her lifetime and, even after an injury, ridges grow back in the same ridge pattern. While a fingerprint consists of up to 100 ridge endings or minutiae, courts in Europe hold that just matching twelve minutiae is enough for a legal identification and the technology used in accordance with the present invention can utilize fingerprints to accurately identify individuals.

With FingerTIP, an individual's fingerprint pattern is first taken as a reference. When the individual wishes to access a FingerTIP-protected application, FingerTIP compares his or her fingerprint to the one stored in the FingerTIP database. There's no need for a PIN (Personal Identification Number). Plus FingerTIP offers: Top security; Small size; Low power consumption; User friendliness; High performance; Complete hardware solution with optimal software for individual applications; Fast scanning and identification; A single-chip solution based on CMOS technology.

Technology available from Oberthur Card Systems of America is preferably incorporated into the embodiments of the present invention to provide structure for the cards of the present invention. Oberthur Card Systems of America is the North American division of Oberthur Card Systems. All of the information found at http://www.oberthurcs.com, and all of the information found at all of the links therein, is incorporated herein by this reference in its entirety.

Technology from Rapsodia Software can also be a source of technology which is incorporated into the embodiments of the present invention. Rapsodia Software wireless software (SIMphonIC platform) can be beneficially used in embodiments of the present invention.

Smart card technology from Royal Philips Electronics can be utilized in embodiment of the present invention, including smart card microcontroller chips, including advanced security and crypto controller ICs, as well as modules for MIFARE® dual interface controller ICs. MIFARE® is an interface platform for contactless smart cards and readers according to the ISO 14443 A Standard. It is a well proven RF communication technology for transmitting data between a card and a reader device. The platform offers a range of compatible contactless smart card and reader ICs, as well as, dual-interface ICs which provide a secure link between the contactless, and contact card markets. The MIFARE® Interface Platform currently contains three product families. The MIFARE® CLASSIC range covers hardwired ICs with the dedicated MIFARE® CLASSIC protocol, such as the MIFARE® STANDARD. MIFARE® dual interface controllers include the MIFARE® PRO and the MIFARE® PR0X family, 8-bit microcontroller ICs with an open protocol on both interfaces. MIFARE® reader components include ICs, modules and OEM readers. One application for the MIFARE® Interface Platform is electronic ticketing in public transport. Travelers just pass their card over a reader area at the turnstiles or entry, benefitting from improved convenience and speed in the ticketing process. MIFARE® products are support multiple mobility applications including road tolling, airline tickets, access control and as a payment means for automotive fuel. MIFARE® is one standard for contactless smart card transactions which has a large installed base (> 450 000 readers; > 45 million card ICs sold; > 3 billion transactions to date) and complies to ISO 14443 X the international standard for contactless smart cards. Advantageously, inclusion of technology which is already in the marketplace ensures backward compatibility of the embodiments of the present invention. MIFARE® is an open platform. MIFARE® compatibility certification-by the independent MIFARE® which ensures that certified cards and readers from any supplier work together properly. Smart Card technology based on Philips Semiconductors' SmartXA smart card processor, can incorporate a highly secure operating system and enhanced JavaCard virtual machine software available from IBM Research. The new IBM-Philips Semiconductors approach allows multiple smart card applications to be written in different programming languages and then loaded onto the same card after it is issued. The approach supports applications written in native assembler language, high-level languages such as C compiled to native binary code, and interpreted languages such as Java. In addition, the software uses the strong security features of the SmartXA to provide an additional level of assurance that applications on the card cannot access any other vendor's information, no matter by whom or in what language they are written, and regardless of when they are loaded. The SmartXA technology also features a smart card hardware firewall, a future-oriented 16-bit CISC processor and a state-of-the-art memory configuration. It provides approximately 30 times the performance of today's 8-bit architectures, enabling it to run software interpreters such as Java quickly and efficiently. The higher code density of 16-bit machines also enables more flexibility and performance compared to 32-bit RISC machines, which code all instructions on a 32-bit level.

The IBM Research highly secure operating system provides a reliable link between the hardware and the enhanced JavaCard virtual machine or other application software. It is a building block for the SmartXA architecture, as it also manages the system resources, separating and securing applications from each other. IBM Research will define and publish the system interfaces and will implement this operating system and JavaCard virtual machine software for the 16-bit SmartXA. The technology from IBM Research builds on the Java technology partnership formed by IBM and Gemplus . The SmartXA technology provides 16-bit architecture and delivers great flexibility and performance which will benefit the present invention including smart card hardware firewalls for secure separation of applications on the card and optimization for high-level languages and multi-application operating systems, such as JavaCard or MULTOS and linear addressing of executable code (up to 16 Mbyte) . The dynamic memory management unit ensures secure data storage.

The Motorola BiStatix technology can also be used in accordance with the present invention. Motorola's RFID technoloy, BiStatix, provides RFID technology so cost effectively that the technology can be included on a disposable card, including printing antennas on materials including paper. Using only silicon and printed ink instead of a costly metal coil and resonant capacitor drastically reduces card costs.

Gemplus provides smartcard technology which can be used in embodiments of the present invention, including memory cards and microprocessor smart cards, contactless smart cards, electronic tags, smart objects and magnetic stripe cards to simplify and secure a wide range of applications. Gemplus offers a wide assortment of smart card technology which can beneficially be used in the present invention, including the following.

GemEasyδOOO Contactless card product with distances of up to 10 cm, the GemEasyδOOO card carries out read/write operations with a smart cardcoupler. Chip power supply and data are carried by the RF signal. When there is more than one card in the antenna field, the GemEasyδOOO ' s anticollision mechanism ensures that communication will occur with the right card. The GemEasyδOOO provides an 8-Kbit EEPROM memory on a MIFARE® chip. The memory is divided into 16 sectors, each with separate access rights for secure implementation of multiple applications. The two-way authentication sequence is based on a hardwired logic algorithm, random numbers and secret- keys. Data transmission to and from the card is encrypted to ensure confidentiality and protection against replay attacks. The GemEasyδOOO also features electronic purse functions. Credit and debit operations are managed directly inside the chip with distinct access rights, allowing implementation of electronic purse functions securely.

GemTwin offers a flexible combination of contact and contactless smart card technology. The GemTwin can be considered as a GemEasy 6000 card, in which a cavity has been milled to fit a contact module. The card thus offers both contactless and contact-smart card functionality using two separate chips. This two-chip configuration offers several advantages: GemTwin is truly flexible and can be manufactured with most available Gemplus contact applications; No operating system development is required to combine an existing Gemplus contact card application and contactless functionality; and, Security between the existing contact and contactless applications is ensured by physical separation of the chips. Set forth below are the most common application combinations:

Other applications can also be included in the embodiments of the present invention using the technology provided in GemTwin card, including loyalty, vending, etc.

Exemplary GemTwin card specifications are provided below:

The GemStart card is a Windows powered smart card which includes technology which can be utilized in the embodiments of the present invention. It allows seamless access to the open operating system, Windows for Smart - 46 - cards (WfSC) . The GemStart Development Card helps to configure and develop smart card applications in combination with the Microsoft® Windows Smart card Toolkit, available for free at http: //www.microsoft . com/smartcard. Using the Smart card Toolkit, customized versions of the operating system can be downloaded into the card of the present invention with their own applications, developed in Visual Basic. Due to its flash-memory, the development card can be reconfigured several times which allows quick, efficient debugging, and eliminates lengthy mask development before smart card manufacturing.

GemStart 1.1 smart cards incorporate a customized version of the WfSC 1. 1 operating system that is locked into the card by Gemplus. GemClub-Micro is an easy-to-use microprocessor card with advanced loyalty functions that has been developed for loyalty card applications. GemClub-Micro cards can provide technology useful in embodiments of the present invention with functions such as coupon schemes, stored-value cards., private electronic purses, metering (e.g., measuring consumption of gas or electricity), customer identification, etc. The products with beneficial technology include: GemClub-Micro IK cards with 1kilobyte of EEPROM memory and GemClub-Micro, EMV cards-cards that are EMV compatible (part 1 & 3) . SchlumbergerSema provides technology which is beneficially incorporated into the illustrative embodiments of the present invention. Smartcards offered by Schlumberger provide technology that is particularly adapted for use in information security, network, and physical access applications and which may be desirably incorporated into the embodiments of the present invention and are identified in the table provided below.

Among the smartcards offered by Schlumberger that provide technology particularly adapted for use in banking, payment, retail, loyalty applications and which may be desirably incorporated into the embodiments of the present invention are those identified in the below provided table.

Among the smartcards offered by Schlumberger that provide technology particularly adapted for use in memory applications and which may be desirably incorporated into the embodiments of the present invention are those identified in the below provided table.

Among the smartcards offered by Schlumberger that provide technology particularly adapted for use in wireless applications and which may be desirably incorporated into the embodiments of the present invention are those identified in the below provided table.

Among the smartcards offered by Schlumberger that provide technology particularly adapted for use in Transit: Contactless and hybrid (dual- interface) applications and which may be desirably incorporated into the embodiments of the present invention are those identified in the below provided table.

Among the smartcards offered by Schlumberger that provide technology particularly adapted for use in Transit: Memory applications and which may be desirably incorporated into the embodiments of the present invention are those identified in the below provided table.

Among the smartcards offered by Schlumberger that provide technology particularly adapted for use in Payphone: Memory cards applications and which may be desirably incorporated into the embodiments of the present invention are those identified in the below provided table.

Technology available from DigitalPersona is preferably incorporated into the embodiments of the present invention to biometric functions of the present invention. DigitalPersona' s U.are.U biometric security technology provides both heightened security and convenience to users. Technology from DigitalPersona provides fingerprint recognition with a user-friendly interface and high security. The inclusion of DigitalPersona' s U.are.U technology in embodiments of the present invention provides a desirable level of security. Additional technology available from DigitalPersona is Private Space which encrypts and decrypts data on the fly with the touch of a fingerprint.

Pass21 Co., Ltd. and Veridicom Inc. also provide biometric technology which can be desirably incorporated into embodiments of the present invention. OpenTouch is a rugged silicon sensor and robust software available from Veridicom which is adapted for collecting, enhancing, processing and verifying fingerprint images. Veridicom' s silicon fingerprint sensor provides government-grade high resolution (500-dpi) , essential for recognizing smaller fingers. Silicon technology enables the sensor to be compact, inexpensive and portable. It has an exceptionally hard, impervious surface resistant to scratches, abrasion, chemicals, corrosion, and impacts. The sensor uses solid-state capacitance sensing to capture unique fingerprint data. When an individual places his finger on the sensor, the finger acts as one of the plates of a capacitor. The other plate, on the surface of the sensor, consists of a silicon chip containing an array of 90,000 capacitor plates with sensing circuitry at 500-dpi pitch. The capacitor sensing plates create an 8-bit raster-scanned image of the ridges and valleys of -the finger pressed against the chip. This information is converted to a video signal. Creating the digital fingerprint Veridicom software creates a digital fingerprint template from the scanned image. The Imaging Suite software captures the image, performing automatic gain control and difficult finger extraction to create the best image, and converts it to a grayscale image at 500 dpi. The Verification Suite software analyzes image quality, enhances the image, converts it to binary form and extracts the minutia, a set of characteristics unique to that fingerprint which uniquely identifies that individual. The actual fingerprint image is erased at that instant, and the minutia data is stored and becomes a unique "digital fingerprint" template of that person. Future fingerprint readings for that individual are compared against it, using the fingerprint verification module in the Verification Suite. To verify an individual's identity, and to authorize transactions, the fingerprint verification module compares a live reading from a finger placed on the sensor with the minutia data template that has been stored for that individual. If the data matches, the individual's identity is verified and/or the transaction is authorized. If the data does not match, the attempt is rejected. The algorithms are sophisticated enough to recognize that people will rotate their fingers or press harder or softer, which can stretch the skin and distort the image, and are able to compensate for these changes. When a finger is scanned, only the minutia data extracted from the fingerprint is stored. The fingerprint itself is not saved. The minutia data is sufficient to perform the matching function. However, you cannot recreate the original fingerprint from the minutia data. In addition, the template is encrypted as it is stored on the card of the present invention so that the user's privacy is preserved.

In view of the foregoing, it will be appreciated that the present invention provides a means for reducing fraud in computer based transactions. The present invention allows a system to access encrypted information in multiple formats for different level of uses and security, the capacity to store biometric, or physical information allows an "in-person" transaction to be authorized without additional identification documents, the encryptions and ability to access the rotatably readable format in a drive allow the advantages of the high security transaction to be available in an on-line transaction with widely available technology. It also provides a system and a method for allowing the verification of a card based transaction, in an on-line transaction, in a secure manner, without the need for a proprietary reader.

The present invention provides a system for reducing fraud in computer based transactions and allows the same data-containing card to support multiple uses through different data formats and allows a merchant to carry out financial card based transactions which are verified without the need for additional photo-identification, or signature comparison by a clerk. Moreover, the present invention provides a system and method for allowing authorization to conduct card based transactions to be verified in a secure manner in an on-line transaction, using technology which is currently widely available and is non-proprietary. This technology allows financial card based transactions to be verified in a secure manner in an online transaction using equipment that is widely available and on personal computers which are widely available for home use. It will be appreciated that many other advantages of the invention will become more fully apparent from the description provided herein and claims which follow, or may be learned by the practice of the invention. The present invention may be embodied in other specific forms without departing from its spirit or essential characteristics. The described embodiments are to be considered in all respects only as illustrative and not restrictive. The scope of the invention is, therefore, indicated by the appended claims rather than by the foregoing description. All changes which come within the meaning and range of equivalency of the claims are to be embraced within their scope.

Claims

CLAIMS What is claimed and desired to be secured is:

1. A device for storing machine readable data, the device comprising: a planar member with first and second planar surfaces; a first machine readable data-containing structure capable of containing machine readable optically stored data which requires the planar member to be rotated to access the data, the first machine readable data-containing structure containing at least a first data set and the first machine readable structure being associated with the planar member; a second machine readable data-containing structure including at least one circuit capable of receiving, processing, and outputting data, the second machine readable data-containing structure containing at least a second data set contained in the circuit, the second machine readable data-containing structure being associated with the planar member; and a third machine readable data-containing structure comprising at least one area of the planar member capable of containing magnetically encoded data, the third machine readable data-containing structure containing at least a third data set and the third machine readable data- containing structure being associated with the planar member, such that the first machine readable data- containing structure, the second machine readable data- containing structure, and the third machine readable data- containing structure each being independently and selectively accessed to obtain data from the first data set, the second data set, or the third data set.

2. The device of claim 1, wherein said first machine readable data-containing structure compirses executable programming code.

3. The device of claim 1, wherein said first and second machine readable data-containing structures comprise executable programming code.

4. The device of claim 1, wherein said first and second machine readable data-containing structures comprise at least one type of data selected from the group consisting of: executable programming code and numeric data to be manipulated by the executable programming code.

5. The device of claim 1, wherein said first machine readable data-containing structure is compatible with a data storage protocol, the data storage protocol being one selected from the group consisting of: compact disc-read only memory protocol, compact disc-recordable protocol, compact disc-rewritable protocol, compact disc-interactive protocol, digital video disc protocol, DVD-R Authoring protocol, DRD-R General protocol, DVD+RW protocol, DVD-RAM protocol, and DVD-RAM protocol.

6. The device of claim 1, wherein said planar member possesses a surface hardness at least as great as the hardness of polycarbonate.

7. The device of claim 1, wherein the third machine readable data-containing structure comprises an area capable of containing magnetically encoded data which is located on the first planar surface of the planar member.

8. The device of claim 1, wherein the third machine readable data-containing structure comprises an area capable of containing magnetically encoded data complying with ISO standard ISO 4909.

9. The device of claim 1, wherein the second data set contained in the circuit is accessible from the first planar surface of the planar member.

10. The device of claim 1, wherein the first data- containing structure is optically accessible through the second planar surface of the planar member.

11. The device of claim 1, further comprising an opening formed in said planar member allowing the planar member to be installed in a device for rotatably accessing the machine readable optically stored data.

12. The device of claim 11, wherein the machine readable optically stored data complies with a standard selected from the group consisting of: IEC 908, the Phillips-Sony Compact Disc Digital Audio System Description, the Phillips-Sony Enhanced Music CD Specification, ISO/IEC 10149, Phillips-Sony Compact Disc

Read Only Memory System Description, Phillips-Sony

Recordable Compact Disk System Descriptions, Part II: CD-WO

(Write Once) , Phillips-JVC-Matsushita-Sony Compact Disk

Digital Video Specification, ISO 9660, ISO 13346, ISO 16448, ISO 16449, ISO 16824, and ISO 16825.

13. The device of claim 1, further comprising a structure formed on the second planar surface allowing the planar member to be rotated in a device for reading the optically stored data.

14. The device of claim 13, wherein the structure formed on the second planar surface allowing the planar member to be rotated consists of at least one ridge formed on the second planar surface.

15. A device for storing machine readable data, the device comprising: a planar member with first and second planar surfaces; a first machine readable data-containing structure capable of containing machine readable optically stored data which required the planar member to be rotated to access the data, the first machine readable data-containing structure containing at least a first data set and the first machine readable structure being associated with the planar member; a second machine readable data-containing structure including at least one integrated circuit capable of receiving, processing, and outputting data, the second machine readable data-containing structure containing at least a second data set in the integrated circuit, the second machine readable data-containing structure being associated with the planar member; and a third machine readable data-containing structure comprising at least one area of the planar member capable of containing magnetically encoded data, the third machine readable data-containing structure containing at least a third data set, associated with the planar member, such that the first machine readable data-containing structure, the second machine readable data-containing structure, and the third machine readable data-containing structure being each independently and selectively accessed to obtain data from the first data set, the second data set, or the third data set.

16. The device of claim 15, wherein the association of the planar member with at least one integrated circuit complies with ISO standards ISO 7816(1-10).

17. The device of claim 15, wherein the association of the planar member with at least one integrated circuit complies with ISO standard ISO 14443.

18. The device of claim 15, wherein said first machine readable data-containing structure is compatible with a data storage protocol, the data storage protocol being one selected from the group consisting of: compact disc-read only memory protocol, compact disc-recordable protocol, compact disc-rewritable protocol, compact disc- interactive protocol, and digital video disc protocol, DVD- R Authoring protocol, DRD-R General protocol, DVD+RW protocol, DVD-RAM protocol, and DVD-RAM protocol.

19. The device of claim 15, wherein said planar member possesses a surface hardness at least as great as the hardness of polycarbonate.

20. The device of claim 15, wherein the third machine readable data-containing structure comprises an area capable of containing magnetically encoded data which is located on the first planar surface of the planar member.

21. The device of claim 15, wherein the third machine readable data-containing structure comprises an area capable of containing magnetically encoded data complying with ISO standard ISO 4909.

22. The device of claim 15, wherein the second data set contained in the circuit is accessible from the first planar surface of the planar member.

23. The device of claim 15, wherein the first data- containing structure is optically accessible through the second planar surface of the planar member.

24. The device of claim 15, further comprising an opening formed in said planar member allowing the planar member to be installed in a device for rotatably accessing the machine readable optically stored data.

25. The device of claim 24, wherein the machine readable optically stored data complies with a standard selected from the group consisting of: IEC 908, the Phillips-Sony Compact Disc Digital Audio System Description, the Phillips-Sony Enhanced Music CD Specification, ISO/IEC 10149, Phillips-Sony Compact Disc Read Only Memory System Description, Phillips-Sony Recordable Compact Disk System Descriptions, Part II: CD-WO (Write Once) , Phillips-JVC-Matsushita-Sony Compact Disk Digital Video Specification, ISO 9660, ISO 13346, ISO 16448, ISO 16449, ISO 16824, and ISO 16825.

26. The device of claim 15, further comprising a structure formed on the second planar surface allowing the planar member to be rotated in a device for reading the optically stored data.

27. The device of claim 26, wherein the structure formed on the second planar surface allowing the planar member to be rotated consists of at least one ridge formed on the second planar surface.

28. A device for protecting a planar member with an area capable of containing magnetically encoded data associated with the planar member, and at least one circuit associated with the planar member, the device comprising: a cover, the cover being shaped as a planar pouch, the cover having an aperture adapted for the insertion of the planar member, the cover having an opening located such that when the planar member is inserted the area capable of containing magnetically encoded data is accessible through the opening.

29. The device of claim 28, wherein the cover is constructed of a material that allows electromagnetic signals to pass therethrough, such that at least one circuit may be accessed when the planar member is contained in device.

30. A system for reducing fraud in computer based transactions; comprising: a multiformat data-containing card, comprising a planar member with first and second planar surfaces, a first machine readable data-containing structure capable of containing machine readable optically stored data which requires the planar member to be rotated to access the data, the first machine readable data-containing structure containing at least a first data set and the first machine readable structure being associated with the planar member, a second machine readable data-containing structure including at least one circuit capable of receiving, processing, and outputting data, the second machine readable data-containing structure containing at least a second data set contained in the circuit, the second machine readable data-containing structure being associated with the planar member, and a third machine readable data-containing structure comprising at least one area of the planar member capable of containing magnetically encoded data, the third machine readable data-containing structure containing at least a third data set and the third machine readable data-containing structure being associated with the planar member, such that the first machine readable data-containing structure, the second machine readable data-containing structure, and the third machine readable data-containing structure each being independently and selectively accessed to obtain data from the first data set, the second data set, or the third data set, means for accessing at least one of the datasets contained in the multiformat data-containing card, the means for accessing further including a means for acquiring user information, means for comparing the user information to data contained in at least one of the three datasets contained in the multiformat data-containing card, means for collecting confirmatory physical data, and means for connecting to a receiving computer network.

31. The system of claim 30, wherein the means for accessing at least one of the datasets contained in the multiformat data-containing card further comprises a personal computer including an optical disc drive.

32. The system of claim 30, wherein the means for accessing at least one of the datasets contained in the multiformat data-containing card further comprises a merchant computer network including an optical disc drive.

33. The system of claim 32, wherein the merchant computer network further includes a magnetic stripe reader.

34. The system of claim 32, wherein the merchant computer system further includes a smart card reader.

35. The system of claim 30, wherein the means for acquiring user information is a keyboard adapted for receiving a personal identification code.

36. The system of claim 30, wherein the means for comparing the user information to data contained in at least one of the three datasets contained in the multiformat data-containing card comprises a protocol to be followed by the means for accessing at least one of the datasets contained in the multiformat data-containing card.

37. The system of claim 30, wherein the means for comparing the user information to data contained in at least one of the three datasets contained in the multiformat data-containing card comprises a protocol to be followed by the receiving computer network.

38. The system of claim 30, wherein the means for collecting confirmatory physical data comprises a digital camera attached to the means for accessing at least one of the datasets contained in the multiformat data-containing card.

39. The system of claim 30, wherein the means for collecting confirmatory physical data comprises a fingerprint collection device attached to the means for accessing at least one of the datasets contained in the multiformat data-containing card.

40. The system of claim 30, wherein the means for connecting to a receiving computer network, consists of a telephone connection between the means for accessing at least one dataset and the receiving computer network.

41. The system of claim 30, wherein the first dataset, the second dataset, and the third dataset are encrypted by separate encryption algorithms.

42. A method for conducting a computer based transaction; comprising the steps of: (a) inserting a multiformat data-containing card, comprising: a planar member with first and second planar surfaces, a first machine readable data-containing structure capable of containing machine readable optically stored data which requires the planar member to be rotated to access the data, the first machine readable data-containing structure containing at least a first data set and the first machine readable structure being associated with the planar member, a second machine readable data-containing structure including at least one circuit capable of receiving, processing, and outputting data, the second machine readable data-containing structure containing at least a second data set contained in the circuit, the second machine readable data-containing structure being associated with the planar member, and a third machine readable data-containing structure comprising at least one area of the planar member capable of containing magnetically encoded data, the third machine readable data-containing structure containing at least a third data set and the third machine readable data-containing structure being associated with the planar member, such that the first machine readable data-containing structure, the second machine readable data-containing structure, and the third machine readable data-containing structure each being independently and selectively accessed to obtain data from the first data set, the second data set, or the third data set, into a means for accessing at least one of the datasets contained in the multiformat data-containing card, the means for accessing further comprising a means for acquiring user information; (b) the user entering user information into the means for accessing and for acquiring user information;

(c) comparison of the entered user information to data contained in at least one dataset, such that the transaction is allowed to continue if the entered user information matches the information contained in at least one dataset;

(d) collection of confirmatory physical data from the user, by the means for accessing at least one of the datasets; and

(e) comparison of the collected confirmatory physical data to standards stored on the multiformat data-containing card, such that the transaction is allowed only if the collected confirmatory data matches the standards to a sufficient degree.

43. The method of claim 42, wherein the means for accessing at least one of the datasets contained in the multiformat data-containing card further comprises a personal computer including a CD-ROM drive.

44. The method of claim 42, wherein the means for accessing at least one of the datasets contained in the multiformat data-containing card further comprises a merchant computer network including a CD-ROM drive.

45. The method of claim 44, wherein the merchant computer network further includes a magnetic stripe reader.

46. The method of claim 44, wherein the merchant computer system further includes a smart card reader.

47. The method of claim 42, wherein the means for acquiring user information is a keyboard adapted for receiving a personal identification code.

48. The method of claim 47, wherein the user information consists of at least one personal identification code put into the means for accessing by the use of the keyboard.

49. The method of claim 42, wherein the means for comparing the user information to data contained in at least one of the three datasets contained in the multiformat data-containing card comprises a protocol to be followed by the means for accessing at least one of the datasets contained in the multiformat data-containing card.

50. The method of claim 49, wherein the comparison is made by the means for accessing.

51. The method of claim 42, wherein the means for comparing the user information to data contained in at least one of the three datasets contained in the multiformat data-containing card comprises a protocol to be followed by the receiving computer network.

52. The method of claim 51, wherein the comparison is made by the receiving computer system.

53. The method of claim 42, wherein the means for collecting confirmatory physical data comprises a digital camera attached to the means for accessing at least one of the datasets contained in the multiformat data-containing card.

54. The method of claim 53, wherein the step of collecting confirmatory physical data comprises the collection of a digital image of the user.

55. The method of claim 54, wherein the step of comparison of the collected confirmatory physical standards consists of comparison of ratios obtained by applying at least one algorithm to the user's features in the digital image to the standards contained on the multiformat data- containing card.

56. The method of claim 55, wherein the step of comparison of the collected confirmatory physical data to standards stored on the multiformat data-containing card is conducted by the means for accessing.

57. The method of claim 55, wherein the step of comparison of the collected confirmatory physical data to standards stored on the multiformat data-containing card is conducted by the receiving computer network.

58. The method of claim 42, wherein the means for collecting confirmatory physical data comprises a fingerprint collection device attached to the means for accessing at least one of the datasets contained in the multiformat data-containing card.

59. The method of claim 58, wherein the step of collecting confirmatory physical data comprises the collection of an image of at least one of the user's fingerprints.

60. The method of claim 59, wherein the step of comparison of the collected confirmatory physical standards consists of comparison of ratios obtained by applying at least one algorithm to features in the image of at least one fingerprint to the standards contained on the multiformat data-containing card.

61. The method of claim 60, wherein the step of comparison of the collected confirmatory physical data to standards stored on the multiformat data-containing card is conducted by the means for accessing.

62. The method of claim 60, wherein the step of comparison of the collected confirmatory physical data to standards stored on the multiformat data-containing card is conducted by the receiving computer network.

63. The method of claim 42, wherein the means for connecting to a receiving computer network, consists of a telephone connection between the means for accessing at least one dataset and the receiving computer network.

64. The method of claim 42, wherein the first dataset, the second dataset, and the third dataset are encrypted by separate encryption algorithms.

65. A device for storing machine readable data, the device comprising: a planar member with first and second planar surfaces; a first machine readable data-containing structure capable of containing machine readable optically stored data in accordance with a digital versatile disc protocol which requires rotation motion to access the data, the first machine readable data-containing structure containing at least a first data set and the first machine readable structure being associated with the planar member; and a second machine readable data-containing structure including at least one circuit capable of receiving, processing, and outputting data, the second machine readable data-containing structure containing at least a second data set contained in the circuit, the second machine readable data-containing structure being associated with the planar member, such that the first machine readable data-containing structure and the second machine readable data-containing structure each being independently and selectively accessed to obtain data from the first data set or the second data set .