Note: Descriptions are shown in the official language in which they were submitted.
CA 02270694 1999-04-29
METHOD AND APPARATUS FOR
SECURING DATA TRANSMISSIONS
BACKGROUND OF THE INVENTION
The present invention relates to a security device and more particularly,
relates to a security device for securing data transmission and a method of so
doing.
The emergence of modern communication and the globalization thereof
has presented many advantages to our industrial society. Instantaneous
communication means fewer delays in conducting transactions and thus the
achievement of greater efficiencies. The use of computer networks such as the
Internet as well as other telephone technology, both cellular and otherwise,
has
led to a tremendous increase in the type and number of data transmissions.
Included among such transmissions are banking and other commercial
transactions. However, the field is open to fraudulent activity and
accordingly it
has become necessary to ensure that only the proper person or persons
authorized to receive the date do so. Also, the sending of data electronically
frequently requires that the data be encrypted to maintain secrecy and/or
confidentiality.
There have been a number of systems developed in the prior art for
transmitting messages between a transmitter and receiver in a secure fashion.
-1-
CA 02270694 1999-04-29
Well known are the use of pre-determined encoding/decoding keys to
respectively encode and decode data. The security of the data depends upon the
number of keys used. While such methods and systems have received wide
usage, there is always the danger of the key either becoming known to an
unauthorized user who could then decipher the information.
SLmrIMARY OF THE INVENTION
It is an object of the present invention to provide a security device to
permit authorization in a transaction and which device is simple and functions
in
a secure manner.
It is a further object of the present invention to provide a method and
system to authorize a transaction and which device will allow for
identification
of the user and secure transmission of data.
According to one aspect of the present invention a security device suitable
for authorizing a transaction, the device comprising means to generate random
data, first treatment means to mathematically treat the random data to produce
a
first data output, second treatment means remote from the first treatment
means
to mathematically treat the random data to produce a second data output, the
first
treatment means and the second treatment means each producing an identical
data output upon receiving identical random data, comparator means for
comparing the first output data and the second output data, and authorization
-2-
CA 02270694 1999-04-29
means to authorize the transaction when the first data output and the second
data
output are identical.
In a further aspect of the present invention there is provided a method
for authorizing a transaction, the method comprising the steps of generating
random data, transmitting the random data to a first treatment means,
mathematically treating the random data in the first treatment means to
generate a
first data output, transmitting the random data to a second treatment means
remote from the first treatment means, mathematically treating the random data
in the second treatment means to thereby generate a second data output, the
first
treatment means and the second treatment means each providing an identical
data
output upon receiving identical random data, comparing the first data output
and
the second data output, and authorizing the transaction when the first data
output
and the second data output are identical.
The device of the present invention may be used in many different
applications, exemplary of which are the authorization of any transaction or
the
sending of any data. In particular, the security device of the present
invention
may be utilized in authorization procedures and such as for bank transaction
operations wherein one it requires not only secure transmission of the data,
but
also an accurate identification of the user.
-3-
CA 02270694 1999-04-29
The device of the present invention has many features including the fact
that one does not need to utilize random access memory for operation of the
device.
BRIEF DESCRIPTION OF THE DRAWINGS
Having thus generally described the invention, reference will be made to
the accompanying drawings illustrating embodiments thereof, in which:
Figure 1 is a schematic diagram illustrating a basic authorization
procedure;
Figure 2 is a schematic diagram similar to Figure 1, but also including the
step of date encryption; and
Figure 3 is a schematic diagram illustrating a typical exchange unit for
treating the data from a random data generating system.
DESCRIPTION OF THE PREFERRED EMBODIMENTS
Referring to the drawings in greater detail and by reference characters
thereto, there is shown in Figure 1 a schematic of a security device
permitting
authentication or authorization and which device is generally designated by
reference numeral 10.
Security device 10 includes a first unit having a random data generator
generally designated by reference numeral 12 and having associated therewith a
transmitter 14. Random data generator 12 may be any suitable generator well
-4-
CA 02270694 1999-04-29
known in the art and in the illustrated embodiment, would generate random
digits.
From random data generator 12, the random data is transmitted to a first
treatment means generally designated by reference numeral 16.
First treatment means 16, as may be seen in Figure 1, includes a binary to
decimal conversion unit 18. Certain output from binary to decimal module 18
then goes into exchange units 20. From exchange units 20 the data is then
transmitted to an algorithm module 22 wherein it undergoes a mathematical
treatment.
It will be understood that the first treatment means 16 may comprise any
suitable software, programmable circuit, etc. including any suitable device
adapted to perform a predetermined mathematical operation on the data in a
predetermined sequence.
The output data 24 from the first treatment means 16 is then passed to a
comparator 26.
At the same time (preferably), the transmitter 14 then transmits the data
from random data generator 12 to a receiver 28 and then to a second treatment
means generally designated by reference numeral 16'. Second treatment
means 16' is illustrated as being identical to first treatment means 16
although it
is not required as long as an identical output is achieved for any given
input.
-5-
CA 02270694 1999-04-29
As was the case with first treatment means 16, second treatment means 16'
includes a binary to decimal module 18', exchange units 20', and an algorithm
module 22' to thereby provide output data 24'. Output data 24' then goes to
comparator 26. If output data 24 and 24' a.re identical, then comparator 26
permits authorization of the transaction.
As shown in Figure 3, exchange units 20 may conduct a numeral exchange
or conversion. Only certain of the digits may undergo exchange while others do
not.
A further embodiment of the present invention is illustrated in Figure 2 and
reference will now be made thereto. It will be understood that similar
reference
numerals are used for similar components.
In the embodiment of Figure 2, a random data generator 12 generates
random numerals. Transmitter unit 14 transmits the random numerals to a first
treatment means 16 and a second treatment means 16'.
As was the case in the embodiment of Figure 1, first treatment means 16
includes a binary to decimal conversion module 18, a plurality of exchange
units 20, and an algorithm module 22 to thereby generate output data 24.
Similarly, second treatment means 16' includes a binary to decimal module 18',
exchange units 20' and algorithm module 22'. There is thus generated an output
data 24'.
-6-
CA 02270694 1999-04-29
In this embodiment, the output data 24 from first treatment means 16
has data 30 representing the information to be transmitted added thereto. The
thus encrypted data 32 is transmitted as indicated by reference numeral 34 to
the output from second treatment means 16'. The output data 24' is then
utilized
to decrypt the encrypted data 32 to thereby provide the original information
or
data 30.
It will be understood that the above described embodiments are for
purposes of illustration only and that changes and modifications may be made
thereto without departing from the spirit and scope of the invention.