Securing the Internet of Things: A Technology for Seamlessly Improving Credit Card Security

On July 30, 2015, ICAP Patent Brokerage will hold it second Internet of Things patent auction. According to COO Tim Schnurr, the first Internet of Things auction (in April) was extremely successful, enough to warrant a second (and possibly third later in the year). “We experienced significantly more sales volume relative to auctions in the past, which were not geared towards a specific vertical. Perhaps more significantly, we saw a large spike in buyer interest which gave us a sense that the market is in an upswing it hasn’t seen in several years.”

The success of the auction may come as a surprise to those who believe the patent market is dead. It is certainly down from its peak, but the buzz at the recent IP Business Congress in San Francisco related to the fact that foreign entities are buying up U.S. patents and portfolios, certain that the momentum away from strong patent rights has ceased. This long-term strategy and optimism, which is not shared by some in the U.S., should reap significant rewards for foreign corporations and others who can be patient over the next 5 years.

Of course, whether you have a long-term positive outlook for the U.S. patent market or not, the sheer size of the Internet of Things market is staggering. Forecasts predict that the worldwide market for Internet of Things solutions will grow to $7.1 trillion in 2020. See Internet of Things By the Numbers (Forbes). There are some things, however, that could hold the Internet of Things back, including both security problems and communication standards, as recently pointed out by Motley Fool. For the Internet of Things to thrive there is no doubt that security will need to be robust and communications will need to be facilitated in a meaningful way across platforms. Both are manageable tasks and both have already been the work of a variety of innovators.

For example, this Internet of Things 2.0 auction powered by ICAP Patent Brokerage will feature 20 different lots relating to a variety of innovations such as portfolios covering multi-key encryption, multi-frequency RFID tags, multi-purpose credit card readers and even wearables that monitor the drowsiness of the wearer. But one of the most interesting portfolios is one that covers a sensor-based secure credit card technology. This lot, titled RFID/Fingerprint Enabled Credit Card & Secure Payments, is a portfolio comprising 15 US granted patents, 4 allowances, and 5 applications, disclosing a comprehensive set of systems for improving and securing the existing payment card system. It contains the work of acclaimed inventor Moon J. Kim, a former IBM Master Inventor who is responsible for over 120 issued patents throughout his illustrious career.

[Internet-Things]

Moon’s solutions represent a natural evolution to changes already taking place within the payment infrastructure, with applications for mobile devices, proximity devices, credit card providers, ATMs, Banks, and online payment services. His portfolio fundamentally addresses the need within the industry for improvements in payment card security, as made evident by mounting losses due to fraud, which are now estimated to affect over 10 million people worldwide at a cost of over $50 billion annually.

The core of the Kim portfolio discloses systems and methods involving a secure credit card with onboard biometric fingerprint capabilities, RFID, and display that can be powered either by ambient light, backlight from a point-of-sale terminal or mobile device, RFID coupling, smart IC contact, or battery. Card information is transmitted to the terminal and receives a secure validation code after which some combination of a card validation and/or biometric-based user validation code are generated and transmitted back to the point of validation. By decoupling authorization of the fingerprint image and the user’s personal information, transmission and data vulnerabilities within the existing payment card system are addressed while consumer behavior remains unchanged.

I recently had the opportunity to speak with Moon, who explained to me that he has always been curious about developing a solution that would allow for greater security in the credit card transaction process.

“When you lose your credit card what happens? You go through a lot of hassles,” Moon explained to me. “When you lose your credit card you panic. You try and call the company to stop payments.” The idea of using a fingerprint sensor is an easy way to implement security to the credit card.

Currently, when you swipe a card the information is transferred through the network to the authorizing institution, which uses an authentication process. Ultimately, the authorizing institution approves the transaction and the consumer is able to purchase. Moon’s sensor-based process similarly uses a card reader, which reads both the credit card information and fingerprint image data. Like the current method credit, card data is sent to a traditional authentication process. Fingerprint data is also sent to a separate authentication process, which uses the authorizing institution’s unique fingerprint authentication algorithm. If one of the authentications is not available the credit card is not usable.

Security considerations are becoming essential, and will remain essential if the Internet of Things is to flourish. Any active device is accessible to hackers, and that means the need for increased security precautions if the Internet of Things is going to reach its full potential. Many issuers are betting on tokenization as the solution to current security concerns, but tokenization applies specifically to active devices (e.g. smartphones), and does nothing to prevent data theft from the smart phone itself.

“Hackers also get into financial institutions, and they can download customer information,” said Moon. “We are quite vulnerable in this area, as we have seen with breaches at Target department stores, for example.”

But as vulnerable as people are, Moon knows that most people are simply not going to change their behaviors. With this in mind he set out to develop a security regimen that would allow everything to remain the same from the user’s perspective while still providing enhanced security. Perhaps more importantly, the card is designed to work with the existing infrastructure – it contains a dynamic ferromagnetic strip compatible with current POS readers, and many banks have biometric systems already in place for internal use. Depending on materials used, the fingerprint-sensor enabled card will add less than 50% of current card costs to produce.

The portfolio also contains some forward thinking elements, anticipating the use of cameras within ATMs and POS terminals as a scanner in conjunction with the card’s on-board display. Said Kim, “All you have to do to make a transaction is take the credit card, place it by the camera, and authentication will take place through the camera interface.” The portfolio also provides a secure device to device direct file transfer capability.

U.S. patents that will be auctioned are:

1. US Patent No. 8,231,054
2. US Patent No. 8,256,673
3. US Patent No. 8,408,462
4. US Patent No. 8,408,471
5. US Patent No. 8,418,922
6. US Patent No. 8,490,872
7. US Patent No. 8,561,899
8. US Patent No. 8,596,549
9. US Patent No. 8,675,928
10. US Patent No. 8,699,762
11. US Patent No. 8,783,578
12. US Patent No. 8,816,819
13. US Patent No. 8,820,647
14. US Patent No. 8,885,896
15. US Patent No. 8,958,134

Those interested in additional information can visit ICAP Patent Brokerage.