MXPA00009309A - Credit card system and method - Google Patents

Abstract

A credit card system (100) is provided which has the added feature of providing additional limited-use credit card numbers (126) and/or cards. These numbers and/or cards can be used for a single transaction, thereby reducing the potential for fraudulent reuse of these numbers and/or cards. The credit card system finds application to"card remote"transactions such as by phone or Internet (112). Additionally, when a single use credit card is used for"card present"transactions, so called"skimming"fraud is eliminated. Various other features enhance the credit card system which will allow secure trade with the use of elaborate encryption techniques.

Description

SYSTEM AND METHOD OF CREPITO CARDS This invention relates to a credit card system and method, and more particularly, to a credit card system and method that offers a reduced potential for misuse of the credit card number.

The development of electronic commerce of retail sales has been relatively slow despite the demand that has been perceived for this trade. The biggest single deterrent to the expansion of e-commerce retail sales is the potential for fraud. This potential for fraud has been a major concern for credit card companies and financial institutions, as well as for customers and suppliers of goods and services. The former are concerned about fraud because, essentially, financial institutions have to bear the initial cost of fraud. Additionally, credit card companies have an efficient credit card system, which is working well for face-to-face transactions, that is, "present card" transactions where the credit card is physically presented A merchant and the merchant can obtain the credit card number, compare the signatures and, in many cases the photographs, before accepting a particular credit card. The latter are also concerned about fraud, knowing that lately the user must pay for fraud. However, there are particular personal concerns for the consumer because the fraudulent use of the credit card by an erroneous use of the credit card number by a third party, may not be apparent for a while. This can happen even if the card is in your possession. In addition, when fraud does occur, the consumer has the task of persuading the card provider that fraud actually occurred on the part of another person. There is also the additional fear of overcharging on a credit card. There are therefore particular risks for those credit card owners, who have relatively high spending limits, so if fraud occurs, a considerable amount of time may pass before it is detected. A particular form of fraud referred to as "inspection" is particularly difficult to control. What happens is that the owner of the credit card offers his credit card in an establishment, to make a transaction, the relevant information is copied electronically and / or physically from the card and the card is reproduced in a subsequent manner. This could be a particular problem with travelers, particularly during an extended travel period, since the fraudulent card could appear elsewhere and a considerable amount of time could pass before fraud is detected. For the remote use of the credit card, the owner of the credit card has to provide the details of the name, the number of the master credit card, the due date and the address and usually, many other pieces of information for the its verification; the storage and updating of information is expensive but necessary. This in itself is a considerable security risk, since anyone will realize that this information could be used to fraudulently collect goods and services to the cardholder's credit card account. This fraudulent use is not limited to those people who have been legitimately given credit card information, but it extends to anyone who can illegitimately obtain these details. A major problem in relation to this form of fraud is that the credit card could still be in the hands of the legitimate owner at the time these fraudulent transactions are taking place. This is often referred to as "committed numbers" fraud. Actually, all that this fraud needs is a dishonest member of the staff, for example in a store, hotel or restaurant, to register the credit card number. Therefore, it is not the same as the theft of the card. The current approaches to limit credit card fraud depend on the report of the theft of a card and on the development of verification systems through which altered usage patterns initiate some investigation of the credit card company. Many credit card users have undoubtedly received phone calls, when their use of the credit card has been exceptional, or unusual in any other way in the eyes of the organization that is providing the verification services. In this way, there have been many developments in an effort to overcome this fundamental problem of fraud, both in the general area of fraud for the ordinary use of the credit card, as well as for the particular problems associated with remote use. One of the developments is the provision of smart cards, which are credit card devices that contain an embedded electronic circuitry that can either store information or perform calculations. Generally speaking, they contribute to the security systems of credit cards by using some encryption system. In U.S. Patent Number 5,317,636 (Vizcaino), a typical example of this smart card is described. Another development is the Secure Electronic Transaction (SET) protocol, which represents collaboration between many leading computer companies and the credit card industry, which is particularly related to the electronic transmission of the details of the credit card and, in particular, through the Internet. This provides a detailed protocol for encrypting the details of the credit card and the verification of the participants in an electronic transaction. In U.S. Patent No. 5,715,314 (Payne et al.), Another method is described which addresses the Internet in particular. U.S. Patent No. 5,715,314 discloses the use of an access message comprising a product identifier and an access message authenticator that is based on a cryptographic key. A buyer's computer sends a payment message that identifies a particular product, to a payment computer. The payment computer is programmed to receive the payment message, to create the access message, and to send the access message to a merchant computer. Because the access message is linked to a particular product and to a particular merchant's computer, the access message can not be generated until the user sends the payment message to the payment computer. Because the access message is different from the existing credit card formats, the access message is not suitable for phone / mail orders and other traditional credit card transactions. There are also specific electronic transaction systems such as "Cyber Cash" ("Cyber Cash"), "Check Free" ("No Check") and "First Virtual" ("First Virtual"). Unfortunately, there are problems that have been perceived with what has been proposed to date. First, any form of confidence in encryption is a challenge for those who will later try to break it. The way in which access to extremely sensitive information has been obtained in government facilities, would make anyone cautious about any confidence in an encryption system. Second, an additional problem is that some of the most secure forms of the encryption system are not widely available due to government requirements and other security requirements. The limitation of electronic commerce systems and security systems for use on the Internet is relatively unhelpful. While it is perceived that electronic commerce is a high risk area, in practice until now it is not. Additionally, several approaches have been taken to make the "present card" transaction more attractive. For example, Japanese Patent Laid-open Publication No. Hei 6-282556 describes a one-time credit card installation system for use by, for example, the adolescent children of the credit card owners. This system uses a credit card that can be used only once, in which different information is recorded, such as specific personal information, conditions of use, and an approved credit limit identical to that of the original credit card, in a data record element and displayed visually on the face of the card. The one-time credit card contains the same member number, expiration date, card company code, and the like, as in the credit card that already exists, as well as a credit card expiration date at one time, that does not exceed the expiration date of the credit card, the credit limit available for the card, and others. The one-time credit card makes use of some of the different installation elements than the conventional credit card. However, the system also requires that the use permit information be recorded on the credit card, the information that allows the credit card to be used only once or make it impossible to use the credit card when it has been used. exceeded the credit limit. A device of the special card terminal verifies that the information that was taken from the card is correct and provides the usage permit information for when the card on the transmission is not allowed to be used to the issuing company of the card. credit. The usage permit information takes the form of a hole drilled in the card itself. This system has obvious disadvantages, such as having to be modified for additional functions (eg, drilling holes, drilled holes detected, imparting additional information, etc.). Also, this system offers little additional security as soon as the fraud can still be practiced by covering the holes or by replacing the use permit information on the credit card in any other way. In addition, this system would require a change in almost all the terminal equipment of the card, if this were adopted. U.S. Patent Nos. 5,627,355 and 5,478,994 (Rahman et al.) Describe another type of system that uses a plurality of pin numbers, which are added to a credit card number in an electronic visual display. U.S. Patent No. 5,627,355 discloses a credit card having a memory element that contains a series of passwords in a previously determined sequence. These passwords are identical to another sequence that is stored in a memory of a host control computer. In addition, the card contains a first fixed field that contains an account number (for example, "444 222 333"). In operation, the memory element of the credit card device provides a unique password from the sequence with each use of the credit card device. This allows verification by comparing the account number and the password that is provided with each use of the device, with the account number and the next number in the sequence, as indicated by the host computer. The host computer deactivates the password after the transaction. Among the disadvantages with this type of system is the need for a power supply, a visual display, a memory device, a sound generator and the need to recycle a limited sequence of pin numbers. This system is not easily adapted to current credit card transactions, because it lacks the ability to provide a checksum of the card number and can not be read by a standard card reader. Also, if the card is lost or stolen, very little can be done to prevent a person from using the card until the correct owner reports that it was lost or stolen. See also, U.S. Patent Number 5,606,614 (Brady et al.). Other attempts have been made to make the funds available to an individual, but with limitations. For example, U.S. Patent Nos. 5,350,906 (Brody et al.) And 5,326,960 (Tannenbaum et al.) Describe the issuance of temporary PINs for one time or limited times and limited credit access to an ATM account. These patents describe a system and method of transferring current currency for an ATM network. In this system, a principal account owner (ie the guarantor) establishes a sub-account to which a non-subscriber can access, by presenting a fixed credit card associated with the sub-account and by entering a password that corresponds to the subaccount. Once the fixed limit is reached, the card can no longer be used. The fixed limit card contains information about your magnetic strip that is related to the guarantor's account. One of the problems with all these systems, is that there are many competing technologies and therefore, there is a multiplicity of incompatible formats that will be a deterrent factor for both merchants and consumers. Similarly, many of these systems require modifications to the technology used at the point of sale, which will require considerable investment and further limits the understanding of the systems. Many solutions have been proposed for the security problem of credit card transactions. However, none of them allow the use of existing credit cards and existing credit card formats or terminal equipment. Ideally, as the present inventors realized, the solution would be to obtain the functionality of a credit card, while, in fact, the number of the master credit card is never revealed. Unfortunately, the only way to make sure that the master credit card numbers can not be used fraudulently, is to never transmit the master credit card number by any direct route, ie telephone1, mail, Internet, not even to print the number of the master credit card during the transaction, as is commonly the case here. In accordance with exemplary embodiments, the present invention is directed toward the improvement of the credit card system that currently exists, by providing a safer way to use existing credit cards and, in particular, to provide an improved way. to use existing credit cards in remote credit card transactions. The present invention is further directed towards provisioning in a more secure manner to use existing credit cards, which generally will not require any major modification to existing credit card systems. It is also directed further towards the provisioning of an improved credit card system that will be more pleasing to the user and will provide customers with greater reliability in the security of the system. In addition, the invention is directed toward providing an improved credit card system, in a "mode," which will not necessarily require the use of expensive and potentially fallible encryption systems.The present invention is also directed toward the provisioning of a card system of improved credit that will allow the user to obtain the functionality of a credit card, while never revealing the number of the master credit card. Additionally, the invention is directed towards overcoming, as much as possible, the incidence of scrutiny and the frauds of the numbers included.

These and other objects of the present invention are met by a first exemplary embodiment, which has to do with a credit card technique that includes: maintaining a grouping of numbers of credit cards, which share an identical format; assign at least one credit card number from the grouping of credit card numbers, to be the number of the master credit card; assign at least one credit card number from the grouping of credit card numbers, to be a limited use credit card number, which is deactivated after a condition unleashed by subsequent use; and associate the master credit card number with the limited use credit card number, while ensuring that the number of the master credit card can not be discovered based on the credit card number of the credit card. limited use. The technique further comprises: receiving notification that the limited use credit card number has been used in a credit card transaction; determine if a limited use event has occurred based on the notification, and if so, generate a deactivation command; and deactivating the limited use credit card if a limited use event has occurred, based on the deactivation command that was generated after a condition unleashed by subsequent use. In one mode, the limited use event is satisfied when the limited use credit card is used only once. In another embodiment, the limited use event is satisfied when the limited-use credit card is used to increase charges that are greater than a prescribed monetary amount, which is greater than a prescribed frequency of use, and / or a combination frequency of use, amount of individual transaction and total amount. In one embodiment of the invention, additional limited use credit card numbers are automatically assigned as soon as the credit card owner uses more than the previously established amount of limited use credit card numbers. The advantage of this is that the owner of the master credit card does not have to request the credit card numbers each time they are required. In another embodiment, a technique is provided for performing a credit card transaction that is based on one of a master credit card number and a limited use credit card number, wherein the credit card number limited use is randomly selected with respect to the master credit card number, but the limited use credit card number includes identical formatting to the number of the master credit card and is associated with the number of the credit card. the master credit card. The technique comprises: entering a transaction based on the number of the master credit card or the limited use credit card number, to generate a transaction message; and receive the transaction message and process the transaction. The transaction processing step includes: authorizing or rejecting the transaction; determine whether or not to deactivate e-1 limited use credit card number when the limited use credit card number was used to perform the transaction, and generate a deactivation command in response to it, where the pass of determination determines whether or not to disable the limited-use credit card number based on the baseline techniques if a limited-use event has occurred that has to do with the use of the limited-use credit card number, and if it is thus, it generates the deactivation command when the limited use event has occurred; and deactivating the limited use credit card number based on the deactivation command. An advantage of the techniques mentioned above, is that the owner of the credit card obtains the functionality of a credit card without ever revealing, in fact, the number of the master credit card in the course of the transaction. More specifically, in accordance with a preferred embodiment, there is no mathematical relationship between the limited use credit card number and the master credit card number. This is attributed to the fact that the numbers are randomly selected from a linear list of limited use credit card numbers available, which are based on the requests and / or needs of different customers. In this way, it is virtually impossible to predict which customers are looking for numbers at any time or how these numbers will be assigned. In addition, the technique can use a limited use credit card number, and therefore the possibility of credit card fraud of compromised numbers can be eliminated, or at least greatly reduced. Additionally, in a modality of the credit card technique, a present credit limit is assigned, et cetera. No matter how a merchant behaves (for example, by charging more fraudulently or by providing additional goods), the total risk to the credit card owner is directly related to the credit limit that was previously established, and can be minimized by the same. The foregoing, and other, objects, features and advantages of the present invention will be understood more simply after reading the following detailed description, in conjunction with the drawings in which: Figure 1 shows an exemplary system for implementing the present invention; Figure 2 shows, in high-level form, the operation of the central processing station shown in Figure 1; Figure 3 is a flow chart illustrating an exemplary process for assigning credit card numbers; Figure 4 is a flow chart illustrating an exemplary process for limiting the use of a credit card number; Figure 5 is a flow chart illustrating an exemplary process for distributing the numbers of the credit card; Figure 6 is a flow chart illustrating an exemplary process for using the electronic numbers of the credit card electronically; Figure 7 is a flow chart illustrating an exemplary process for processing a transaction; Figure 8 is a flow chart illustrating another exemplary process for processing a transaction; and Figure 9 is a flow chart illustrating an exemplary process for using a credit card number as a PIN number. In this specification, the term "credit card" refers to credit cards (MasterCard®, Visa®, Diners Club®, etc.), as well as charge cards (for example, "American Express®, some departmental store cards). ), debit cards such as those that can be used at ATMs and many other places or that are associated with a particular account, and their hybrids (for example, American Express® extended payment, bank debit cards) with the Visa® logo, etc.) Also, the terms "master credit card number" and "master credit card" refer to the credit card number and the credit card as they are generally understood, namely, that which is assigned by the credit card provider to the customer for his account.It will be appreciated that an account can have many master credit cards within the meaning of this specification, for example, a corporation. You can provide many of your employees with credit cards, but essentially each of these employees owns a master credit card even if there is only one customer account. Each of these master credit cards will have a unique master credit card number, whose set of master credit card numbers will be linked to the account. Similarly, in families, several members of the family can have a master credit card, all of which are paid from the same customer account. The term "limited use" credit card number is used to include at least both the modality in which the credit card is designated for a single use, and the modality in which the credit card is designated for multiple uses. , provided that the charges that were increased do not exceed a prescribed threshold or thresholds, such as a single total charge, total charges that exceed a limited period of time, total charge in a single transaction, and so on. A common feature is that the limit is based on a condition triggered by subsequent use, and not just the expiration date of the card. 1. General View of System Characteristics There are at least two different ways of realizing the present invention. In summary, there is the assignment of additional credit card numbers for remote commerce and secondly, the provision of credit cards that are effectively discarded for trading the present and remote card, both of which have the characteristic that, in the case of single use or in the case of multiple uses, they protect against the worst effects of fraud or inspection of the compromised numbers. In a refinement of the invention, it is possible to control the manner in which a real transaction is made as an additional protection against unscrupulous suppliers of goods and services. Essentially, there are some issues that will be considered in relation to this invention. In the first place, there are operational or functional characteristics in terms of affecting the clients and then there are technical characteristics, namely how the invention was implemented, how the invention is provided to the clients, and finally, how the invention is manipulated by the suppliers of the invention. goods and services and the processors of the credit cards, that is, the financial institutions' and / or their service providers. First, the operational or functional characteristics of this invention will be discussed in the context of a standard credit card system.

A basic feature of the invention is to provide in a credit card system so that each owner of a master credit card could be provided with one or more of the following: 1) additional one-time credit card numbers for remote transactions; 2) multiple-use credit card numbers for remote transactions; 3) additional one-time credit cards for present and remote card transactions; and 4) multiple-use credit cards for present and remote card transactions. It is also contemplated that in certain situations, credit cards may be provided to people who do not have an account with any credit card company. Later, this last feature is described in more detail. Many other features can be provided in the above situations that will further improve the security of credit card transactions. Addressing first the situation where the owner of a master credit card has an additional credit card number that is assigned to him or her for a single use, it will be appreciated that, because only the number can be used to a single transaction, the fact that the number is in the hands of anyone is irrelevant, since it has been deactivated and the number of the master credit card has not been revealed to a third person. Other different features may be added to these single-use credit card numbers, for example, the value of the transaction may be limited, so that the owner of the master credit card has a plurality of credit card numbers of single use of different values. For example, when a remote transaction is made, the owner of the master credit card will use a credit card number that has a credit card limit only marginally greater than or equal to that of the transaction value. This would reduce the chances of, or prevent an unscrupulous merchant from using the credit card number to supply additional goods or services over those ordered or to increase the charge that was agreed upon. A second embodiment of the invention provides the owner of the master credit card with an additional credit card number for use in the remote commerce, whose credit card number could have, as in the previous example of the invention, a limit credit for each specific transaction or such a credit limit that when the aggregate amount of a series of transactions exceeded a specific credit limit, the credit card number would be canceled, invalidated or otherwise disabled. Similarly, the multiple-use credit card number could be limited to, for example, five uses with a credit limit not to exceed $ 100 on each transaction and an aggregate credit limit not to exceed $ 400. Similarly, a time restriction could be placed on that credit card number, so that it is deactivated if it is used with a frequency higher (or lower) than the given threshold, for example, more than once a week. It will be appreciated that the limits that can be placed on the use of a single-use credit card number or a multi-use credit card number are practically unlimited and those who are experienced in the art will consider other ways in which which could limit the use of the credit card number, either by time, by the amount, the frequency of use, by the geographical region, or by the purpose of use (such as limited to Internet commerce and so on). like that), or by some combination of these separate criteria. The third way in which the invention could be realized, is by means of physically providing additional one-time credit cards., each of which would have a unique additional credit card number. Then these additional single-use credit cards could be used, both for remote trading by using the additional credit card numbers for the respective transactions, as well as for the "present card" trade where each card is "revoked" "in the normal way. This disposable credit card could be made as any common credit card, or from a relatively inexpensive material, such as paperboard or thin plastic, with the relevant information entered therein in a readable manner (eg, magnetic) , as is already the case with many forms of passes for use in public transport and the like. Again, substantially the same features as with the credit card number could be provided. In this way, for example, you could limit the disposable credit card to use it geographically, to a use, to an amount, to a frequency of use, to an expiration date, and so on. Again, those skilled in the art will appreciate that there are many variations for this concept. Another way of carrying out the invention is to provide a master credit card owner with an additional multiple-use credit card, wherein the additional credit card provides any limitations as to the conditions triggered by the subsequent use that could be incurred. to wish. Ideally, regardless of the manner in which the invention is made, the owner of the master credit card will be provided either with additional single use credit card numbers, or with multi-use credit card numbers, or a mix of one-time and multi-use credit cards. It will be appreciated that with the use of either single-use credit card numbers, or with additional single-use credit cards, it is possible to eliminate or reduce the risk of fraud of the credit card number. In addition, depending on the credit limit that is given to the particular credit card number or the additional credit card number or the additional single use credit card, it is possible to further limit the possibilities in any remote transaction and that with the use From a disposable single-use credit card, it is possible to eliminate or reduce the risk of inspection. With additional multiple-use credit card numbers and additional multiple-use credit cards, it may be that the problems identified above will not be completely eliminated due to user preferences. This is because, under certain circumstances, credit card users may prefer to have, for example, an additional credit card number for remote trading with a specific credit limit that they use all the time and are willing to accept the risk of committed number fraud, in the sense that they can control the severity of misuse.

This would be particularly the case where some of the different limitations of the conditions unleashed by the subsequent user that were previously suggested are used with the additional credit card number. Substantially, the same criteria would apply to an additional multiple-use credit card. Effectively, the present invention solves the problem by obtaining the functionality of a credit card, while the number of the master credit card is never revealed in fact, since it is never necessary to give the number of the credit card. the master credit card in a remote transaction. Also, you never need to give the same master credit card to a merchant. In another embodiment of the invention, it is contemplated that people who do not possess master credit cards can buy disposable credit cards, which would have a credit limit for the total purchases in them, equal to the amount for which they were purchased. The credit card. These could then be used both for the present card trade, as the remote card, being the only exception that if the credit limit was not reached, then it will be necessary for the financial institution or the credit card provider to grant a refund . An obvious way to obtain this reimbursement would be through an automatic payment machine (ATM, for its acronym in English). In this way, the existing credit card transaction system is used and the owner of the card is given the convenience of having a credit card. As an alternative, the cards described above could, in effect, be debit cards in the true sense, in which the funds were withdrawn against a customer's account. In this case, the "credit card" that was issued, whether it is a use card, single card, or one of multiple uses, and whether it has a credit limit or not, will be used to charge the account immediately . Preferably, the credit card issued under these circumstances would be single-use with or without a limit on the amount of transaction that would be used and processed by the customer and the merchant for a transaction as if it were a credit card, while in the The customer's bank would be treated like any other charge to the account. 2¿_ Exemplary Implementation 2. 1 General View of the Implementation Many aspects of the invention may be included in a general-purpose digital computer that is running a program or segments of a program that originates from a medium that can be read or used from a computer, including the medium, but not limited to magnetic storage medium (eg, ROMs, floppy disks, hard drives, etc.), optically readable media (eg, CD-ROMs, DVDs, etc.) and carrier waves (eg, Internet transmissions) ). An experienced computer programmer can derive a functional program, code and code segments, which are used to implement the present invention, from the description of the invention contained herein. Figure 1 shows an exemplary overview of a system for implementing the limited use credit card system of the present invention. The system 100 comprises a central processing station 102, which, in accordance with exemplary embodiments, can be operated by the credit card provider. In general, this station 102 receives and processes transactions with credit cards that are generated remotely. Transactions with credit cards can originate from a merchant in the conventional manner, for example, by sweeping a credit card through a card scanning unit 106. Alternatively, transaction requests with credit card credit can originate from any remote electronic device 104 (e.g., a personal computer). These remote devices can be interconnected with the central processing station 102 through any type of network, which includes any type of proprietary networks, or some combinations thereof. For example, personal computer 104 interconnects with central processing station 102 via Internet 112. In reality, there may be one or more merchant computer devices (not shown) that receive credit card transactions at starting from the electronic device 104, and then sending these requests to the central processing station 102. The central processing station 102 can also be interconnected with other types of remote devices, such as a wireless device 140 (e.g., a cell phone) , by means of radio communication, using a transmitting / receiving antenna 138. The central processing station 102 itself can include a central processing unit 120, which is interconnected with the remote units by means of the I / O unit 118 of the net. Central processing unit 120 has access to a database of credit card numbers 124, a subset 126 of which is designated as available for limited use (referred to as "available range"). Also, the central processing unit 120 has access to a central data base 122, which is referred to as the "conditions" database. This database is a database of general purposes that stores the information that has to do with the accounts of the clients, such as the information that is related to the different conditions that will apply to the account of each client. In addition, this database 122 can store the mapping between a customer's fixed master credit card number and any outstanding associated limited use credit cards, "using, for example, some type of linked list mechanism. data 122 and 124 are shown separately only to illustrate the type of information that the central processing station 102 can maintain; The information in these databases can be intertwined in a common database in a way that is well understood by those who have experience in data processing techniques. For example, you can store each limited use credit card number with a field that identifies your master account, and different conditions that have to do with its use. The central processing unit 120 can internally perform the approval and rejection of the credit card transaction requests, by referring to the credit history information and other information, in the conventional manner. Alternatively, this function can be delegated to a separate approval processing facility (not shown). Finally, the central processing station includes the ability to transmit the limited use credit card numbers to customers. In a first embodiment, a local automatic card distributor 128 may be used to generate a plurality of limited use cards 132 and / or master credit cards 134 for delivery to a customer. In a second mode, the numbers of limited use credit cards can be printed in a form 136, by means of the printer 130, which are then sent to the customer by mail. The printed form 136 may include the material that covers the numbers until they are scratched, indicating by the same what numbers have been used and no longer active. This listing of numbers can be included in a monthly or periodic account statement that is sent to the customer. In a third embodiment, these limited use numbers can be downloaded electronically to a personal computer of the client 104, where they are stored in the local memory 142 of the personal computer 104 for subsequent uses. they can encrypt credit card numbers (described later in more detail.) Instead of personal computer 104, numbers can be downloaded to a customer's smart card through an appropriate interface. the numbers of the one-time credit cards can be downloaded to a radio unit 140 (such as a portable telephone), by means of a wireless communication In a fifth mode, an ATM 108 can be used to distribute the cards. limited use 110. Those skilled in the art will readily appreciate that other elements may be employed to transmit the numbers / cards. in use together The logic used to perform the actual assignment and deactivation of the limited use credit card numbers, preferably comprises a microprocessor that implements a program stored inside the central processing unit 120. Special purpose will be enough. In alternative modes, the logic used to assign and deactivate limited-use credit card numbers may comprise discrete components of the logic, or some combination of discrete components of the logic and the implemented control of the computer. Figure 2 shows a high level description of the functions performed by the central processing station 102 or the like. The process starts at step 202 by assigning one or more limited use numbers to a client. These numbers are finally selected from the list 126 of limited use numbers available, or some other list of the subset that has been previously formed from the numbers in list 126. Also, although not shown in Figure 2, a master account number would preferably be assigned to the customer at a previous time point. The conditions database 122 may comprise a mechanism for associating the master credit card number with the limited use credit card number. Because limited-use cards are arbitrarily selected from the limited-use number 126 enlistment, there should not be a discernible link that would allow anyone to determine the number of the master credit card from any of the limited use numbers. Then, the process proceeds to step 204, where it is determined whether a customer requests or if an event triggers a request for limited use cards or additional card numbers. If so, additional limited use cards or card numbers are assigned to the customer. The process then proceeds to step 206, wherein the central processing station determines whether a transaction has been made using a limited use card that was previously issued. This step is followed by a determination (in step 208) on whether or not to disable a limited use number. For example, if the card is a single-use card, it will be deactivated. If the card is a fixed limit card, the card will be deactivated only if the recent transaction exceeds any stored threshold limit. These threshold limits can be stored in the card itself or in the conditions database 122. The actual step to deactivate is performed by means of generating a deactivation command, as represented in step 210 which is shown in FIG. Figure 2 ,. Naturally, there are other steps to process a credit card transaction, such as verifying if the card is deactivated or invalidated in any other way, before completing the transaction. These additional steps are system specific and are not described here for brevity. Once a number is deactivated, this number can not be used again fraudulently. Therefore, the risk of fraudulent capture of these numbers on the Internet (or through another element of transmission) disappears effectively. In an alternative embodiment of the invention, these deactivated numbers can be reactivated provided a sufficiently long time has elapsed since their first activation. As long as there is a sufficiently large number of limited use credit card numbers to choose from, it will be possible to wait a long time before it is necessary to repeat any number. At this point, it would be very unlikely that someone who has mistakenly intercepted a credit card number years ago would be motivated to use it fraudulently before the legitimate owner. After the limited-use card has been deactivated or a limited number of cards have been deactivated, an additional limited use card (s) may be activated, as described in detail in the next section, activation The actual credit card number may include several intermediate processing steps, for example, credit card numbers in list 126 may be assigned first to an "assigned" range of numbers, and then to a "issued" range. not valid "of numbers, and then finally to a" issued and valid "range of numbers Figure 2 is a high-level description of the process, and covers this specific modality, as well as the most basic case in which the numbers of cards Credit is retrieved from the database and then activated immediately, having established a summary of how the invention can be implemented, additional details are provided below. nte. 2. 2 Assignment of credit card numbers The first thing that the credit card provider should do is generate a list of additional credit card numbers, whether they are single use or multiple uses, and assign additional credit numbers to a master credit card. as an additional credit card number for optional use, instead of the master credit card number. This list can be produced by any suitable software package in the exemplary manner that is described in more detail below. Because the numbers that were assigned to a particular master credit card owner will not have any link to the master credit card number, the master credit card number can not be derived from the card numbers of additional credit. In effect, a random sense in the numbers of the credit cards is provided by the fact that a linear list is formed by the clients requesting the numbers. In addition, it should not be possible, even knowing the numbers of additional credit cards on a particular master credit card in the possession of the owner he or she has used, to predict the next set of numbers that will be assigned to that card owner. particular master credit, as there will be a sense - * - "- * - < - random access to additional credit card numbers in the true sense Even if the credit card provider assigned the numbers sequentially, there would be no way to predict the number that the owner of the credit card will subsequently acquire, because the numbers will be assigned by virtue of a linear list, the random sense of this assignment being such that it avoids any prediction. Credit that was generated through the central computer, do not need to be random numbers per se, but preferably, these numbers are valid credit card numbers with the restriction that they must conform to the specifications of the format industry. terms of their numerical content, in such a way that they can be manipulated without any (or minimal) modification by the merchant's systems and networks / of acquisition and that can be routed to the appropriate center for processing. An additional restriction is that they should be different from all other conventional account numbers and all other single use numbers during their validity lifetime. These restrictions are practical requirements to produce a commercially viable system, which would surely not be met by any process that generates random numbers in isolation.

To achieve these allocation requirements, an issuing bank decides within its available range of credit cards, to assign a certain range or number ranges to the single use system, referred to herein as the "available range". . This could represent supplementary numbers that use existing header sequences (for example, the usually 4-6 digit sequence that defines the issuing institution and that are used to route the card to the appropriate transaction processor) or within the sequences of header that were created recently. The numbers that are not assigned include existing credit card accounts for that issuer and sufficient additional capacity for new account owners and replacement numbers for existing customers. Additional components that are not embossed from card details and any card-specific information that is transmitted during a transaction can be varied from card to card to improve the security and privacy of card transactions. credit. Although each limited use number is unique during its validity life timeThe information required to route the card number and transaction details to the appropriate processor is maintained to ensure that limited use numbers are processed in the appropriate manner. limited use do not need to include the master card account number, nor the coded version of the account number.In reality privacy and security are improved when no identifier of the unique owner of the account is included within the number of the account. limited use credit card Also, the information that is verified before the card is processed for authorization and payment, such as expiration date and verification digit is added, must be valid.This information may vary from. limited use number in limited use number, but it must be valid to make sure that the number passes the verifications that can be completed within the terminal of the merchant, that is, the checksum is calculated appropriately for each limited use number and the associated due date is valid at the time of use. Within the restriction of using a valid credit card format, the randomisation process used to generate lists of unique limited use numbers may include allocation from a range of numbers in which it is varied. either the complete number or portions of the number of how many. In addition, the assignment may include combinations of all or parts of the account number, together with all or part of the additional information, such as additional numbers that are embossed, expiration date and other information that identifies the card and that the merchant passes to the card processor during a transaction. Sequential random allocation from a list of available valid credit / debit / charge card codes that have been assigned only for use as limited use numbers, ensures that the criteria that are specified for the limited use numbers are met , that is, there are no two limited use numbers that are the same, the unrestricted use number is the same as an existing account number, and no conventional card number that was recently issued is the same as a usage number limited that has been previously issued. To achieve true computational independence between account numbers and limited use cards and between limited use numbers for the same account, the randomization process requires a truly random progeny value. This true random sense can be obtained from a physically random system with well-defined properties, such as a white noise generator. An analog-to-digital converter that receives an analog signal from that random physical system can be used to ensure a truly random assignment.

Other approaches can give the same result with lower computational efficiency. For example, the allocation process could randomly select valid credit card numbers within the full range for a given card issuer and then discard the number if it is already in use as a limited or conventional card number, or if the same number was assigned within a given time frame. The above process generates a series of single use numbers available. To repeat, the allocation process is achieved through a truly random mapping process (or less ideally, pseudo-random), where a single use number is randomly selected and then assigned to a selected account owner. (either an owner of existing credit / debit cards, a new single use only account owner or a bank account). The additional single use numbers can be assigned to buy on an individual basis. Then, each assigned unique use number is removed from the sequence of available numbers before the next assignment, ensuring a unique allocation of each unique use number. An alternative mechanism for direct assignment to a specific account owner is to assign lists of single use numbers to unique storage locations. The list from a location of ^ ^ ^ ^ ^^^ specific storage can then be assigned directly to a given account at a later date. This allows the quick assignment of the cards to new clients without any delay arising from the need to perform a new allocation procedure for each new client. This allocation process generates another series of single use numbers, the "assigned range" with an associated identification field to determine how the account will be established once it was used, that is, on which account the transaction will be charged. The allocation process can take a significant amount of time before single-use numbers are required. Once they are assigned, they are not added to the list of valid accounts until the user requires them. Figure 3 is a flow chart illustrating an exemplary process for assigning credit card numbers. A central processing unit (CPU) generates a database of credit card numbers (step 302), and selects a master credit card number. (Step 304). In step 306, the CPU checks to make sure that the number of the master credit card is not the same as another credit card number. The CPU selects the additional credit card numbers to assign to the master credit card number. (Step 308). The CPU may use any of the techniques described above to select the additional numbers. In step 310, the CPU checks to make sure that the additional numbers are not the same as another credit card number. Additional numbers can be used, for example, for single use cards. When a customer needs single-use cards, the CPU can issue the additional credit card numbers to the customer. Unless these single use numbers are emitted directly into the hands of the customer (for example, through an automatic payment machine (ATM)), they are not added directly to the list of valid account numbers kept within the customer's system. central computer. These numbers are added to an "issued, but not valid" list of numbers. (Step 312). The number of single use numbers that was issued at one time depends on the speed at which the customer uses the cards and the capacity of the device used to store the single use numbers until they use it. The CPU can provide the customer with enough single use numbers to fill their requirements for single-use copra by up to, for example, 2 years. Each unique use number can be endowed with specific restrictions in terms of the type or value of the transaction, provided that these properties do not exceed the restrictions that were placed on the customer's account (such as the available credit balance). Once the series of single use numbers is issued, the user has the option of confirming the reception by telephone, before any of the s-e numbers become valid in the processing system. (Step 314). Once reception has been confirmed (or assumed), each unique use number is not added to the "issued and valid" list. (Step 316). To prevent single-use numbers from being kept in excess within the processing system, the number of unique use numbers declared valid at any time is limited to the account for waste of numbers (ie, the numbers to which the client accesses but they are never used to complete a transaction) and to allow time delays between the different transactions that lead to differences in sequence, in which access to the unique use numbers is obtained by the client and the sequence in which they arrive at the processing center. The maximum number of valid one-time use numbers can be determined at any time by the issuer of the card but will preferably be in the range of 5-10. In the case of any attempt to use outside of the assigned range, the following unique use number can be used as an additional identifier to validate the transaction. In this case, the customer should only give a subset of digits to prevent a fraudulent merchant from gaining access to the multiple unused single use numbers. As soon as a unique use number is invalidated (step 320) in use (step 318), an additional number is assigned from the "issued, but not valid" list for that client, to the "issued and valid" list. , ensuring a continuous supply of single use numbers up to the maximum allowed, until the next set of single use numbers is issued. (Step 322). In relation to the actual supply of additional credit card numbers, this will not cause any difficulty to the credit card provider. For example, with a standard master credit card number, there are up to fifteen or more digits, the first of which are used to identify the credit card provider, for example, American Express®, VISA®, Mastercard®, etc., for the main banks, three digits are used to identify the issuing bank. The last digit on a typical sixteen-digit master credit card number is a checksum used to confirm that the number is a valid number. This leaves a total of up to 11 digits or more for the account identifier number and the expiration date. In some cases, the expiration date may not be sent for authorization, while with certain credit card providers, the i iii _-ja -,? aM -_-_-_- á-numbers of additional credit cards or even additional information, for authorization. For example, certain credit card providers print additional numbers on the card, whose additional numbers are not embossed on the card and are not part of the master credit card number. These additional credit card numbers that are printed and not embossed can be used to identify that the person offering the card for a present transaction without a card is actually in possession of the card when the order is placed. , whether it is in writing or by phone. There are many devices, digits, pieces of information, etc. that a credit card issuer or processor uses to work for a credit card issuer to authorize the credit card for the specific transaction. According to another embodiment, when additional credit card numbers are being issued in accordance with the present invention, these additional credit card numbers could include a code that could identify that the person using the additional credit card number In a remote transaction, it is to which the numbers were sent or, in the case of a disposable credit card, to which the disposable credit card was sent.

A preferred feature of these additional credit card numbers is that they are restricted so that they are in the correct format for a credit card number with a valid sum of verification, while at the same time not being mathematically related to the credit card number. another or with the master credit card. In certain situations, for single use numbers, the due date is virtually irrelevant. In this way, using the code of the month of the expiration date 'with the eleven digits, there are 12 x 1011, that is, 1.2 x 1012, that is, 1,200 billion unique codes available for any given credit card provider . This would allow 50 transactions per month for 10 years for 200 million account owners, before any of the codes had to be recycled or a new header code had to be entered. When it is understood that there are other 104 header numbers that can be used by a credit card provider, it will be appreciated that the structure and configuration of the existing credit card numbers are sufficient to operate this invention with the advantage that the Existing infrastructure to deal with credit card transactions with minimal modifications. All that the credit card provider requires is to store the numbers that were generated against the master credit card number.

If, for example, the card is a VISA card, there are approximately 21,000 issuing banks. The sixteen-digit number has a "4" followed by a five-digit code to identify the issuer of the card. The last number is a check sum to verify that it is a valid number. As a result, there are 21,000 x 109 x 12 (252 trillion) of unique numbers and associated maturity months. This code number is sufficient for 36,000 years of transaction processing at the current annual rate of approximately 7 billion transactions per year. Although the existing credit card formats allow a large enough number of available card numbers, eventually the numbers for the allocation will need to be recycled. Since the range of numbers available is reduced in size over time, additional or recycled numbers should be added back to their range, to ensure that the allocation process is done from a sufficiently large range to maintain the allocation random The length of time before recycling depends on the total number of unique card codes available to an issuer and the number of transactions using the limited-use numbers. This recycling can only occur after a number has been invalidated for additional use and is no longer valid for refunds. Once recycled, the automatic fraud detection mechanisms that would normally be activated when it will be attempted to use again a card that was previously inactivated, need to be altered by removing the recycled number from the list of limited use numbers that was previously issued. 2. 3 Limitations on the use of credit card numbers The subsequent limitations of the condition unleashed by the use that is placed on the numbers of credit cards of limited use, that is to say, the limitations of value of the transaction, the number of limits of the transaction, etc., are central for its flexibility and additional security compared to conventional credit / debit / charge cards. These limitations can be imposed and controlled in a variety of ways. For example, limitations can be stored inside a database maintained by the card issuer and used to verify that the transaction falls within these limitations during the authorization process. Figure 4 is a flow chart illustrating an exemplary process for limiting the use of a credit card number. A CPU can assign a credit card number to a master credit card number (step 402), and assign a condition to the credit card number. (Step 404). The CPU can then store the condition in a condition database. (Step 406). These limitations can be assigned by the issuer in a certain way previously or can be imposed in accordance with the requests of the owner of the card. These limitations are coded with limited use numbers when the numbers are issued to a user so that the user can determine the limitations associated with a particular card. These limitations can be altered once a number is issued by updating the sender's database and the user's kept list of numbers. The communication between the user and the issuer of the card to make these changes can be sent by mail, transmitted verbally or electronically. (Step 408). When the card is used for a transaction (step 410), the details of the transaction are compared by the processing software, with the limitations and the transaction is authorized only if the transaction falls within these limitations (Step 412). Alternatively, limitations may be encoded in part of the number format that is transmitted during a transaction. The limitations will then be decoded from the details of the transaction that were transmitted, through the card processor. This would offer the user more control, but would offer less security since knowledge of the encoding format could be used to fraudulently alter the limitations that were selected by altering the appropriate portion of the limited use number format. As Internet commerce develops, there will be an increased need for a wide range of financial transactions. You can use the limitations that are placed on the numbers of limited use cards to implement a wide range of payment options. For example, you can limit a credit card number to a single transaction for a transaction limit that you have previously configured, or, alternatively, you can use a credit card number, for example, to implement a credit card number. installation plan where the credit card number is, for example, valid only for twelve payments for a transaction limit that was previously arranged for twelve months to a single merchant This plan provides security against fraud because it is insured to a single merchant, and it's only good for one year, or similarly, you can use a credit card number to implement a debit plan where the credit card number is limited to a specific merchant. The limited use number is limited to a specific merchant, the user can pre-arrange the merchant or it can be determined by first use. and use a credit card number as a gift certificate, where the credit card number is limited to a specific transaction value, but can be used for any merchant. 2. 4 Distribution of credit card numbers The next issue that is considered is how they distribute these additional credit card numbers and / or additional credit cards to a credit card owner. One way to provide these additional credit card numbers and / or additional credit cards is to physically provide them in some way to the owner of the master credit card, whether by collection, by courier, by mail or in some other way that can usually be covered under the heading of the provision by mail. Obviously, financial institutions wish to provide additional credit card numbers or additional credit cards to the user as efficiently as possible with the minimal risk that additional credit card numbers and / or cards will fall into the hands of a ? iZ? lil ¿? ¿¿¿A ^ ^ ^^^^ iz third person. Although one can never avoid the theft, for example, of a user's credit card, what is important is to ensure that these disposable credit cards and / or credit card numbers are sent to the user with the least chance that a third party obtains either the numbers or the disposable credit cards from the moment they are generated, until the moment in which the user physically receives them. It is contemplated that there are different methods by which a credit card provider could issue the numbers of additional credit cards and / or credit cards to the user. One of the simplest ways would be to send them by mail per order. Another way would be for the credit card provider, after receiving a payment from an account or with an account statement from an account, to provide a sufficient number of additional credit card numbers and / or additional credit cards to replace the that were used from the previous account statement. Particularly, if these account statements do not cite the master credit card number or a code number, it would be possible to place additional checks on the activation of the credit card numbers or additional credit cards. Some form of reception system could be used. In this way, effective theft would be reduced.

Figure 5 is a flow chart illustrating an exemplary process for distributing credit card numbers. A credit card issuer assigns a master credit card number to a master credit card owner. (Step 502). The credit card issuer then assigns the limited use numbers to the master credit card number. (Step 504). For cards that were previously prepared, the card issuer may decide whether to print (or incorporate by other means, such as embossing) one number per card or multiple numbers per card. (Step 506). The issuer of the card can distribute multiple numbers using a single card (step 508) or distribute multiple numbers using multiple cards. (Step 512). In any case, it is important that the user can keep informed about what numbers have been used. If the card has only one number, an opaque cover can be used that can be removed to cover one or more portions of the card. (Step 510). For example, the opaque cover that can be removed can cover the portion of the card number, so that the cover must be removed before the card can be used. The act of removing the cover indicates that access has been obtained to, or that the card number has been used.

Or alternatively, an opaque cover that can be removed can hide a message such as "used". The opaque cover that can be removed can be a scraping layer that is scraped before or after the card is used. The scraping layer can remember the layer that is frequently used to cover lottery numbers or the like. 0 alternatively, you can place single use cards in a self-contained container that looks like a razor blade dealer. (Step 516). The owner can remove a single use card from the first compartment and then place the used card in a second compartment. If the card has multiple numbers, the owner can stay informed about the numbers by using a device that covers one or more portions of the card.

(Step 510). The device can cover the numbers until they are used. As described above, the device may comprise multiple opaque layers which must be removed before the use of each number. Alternatively, each number could be visible when the card is issued and each number is associated with a panel in which an opaque cover hides a message indicating that the number has been used. After each use, the corresponding cover is removed or scraped, to indicate that the number has been used.

In the two previous cases, the solutions that are incorpod into the cards act to remind the user what numbers have been used. Critical verification of the validity of the number is carried out by the processing software responsible for the authorization of card transactions. The numbers of credit cards and / or additional cards can be sent with a statement of account. (Step 518). Additional credit card numbers are not activated until the statement is paid. (Step 520). The issuer of the card may also require that the payment be accompanied by the master credit card number or other identifier. Or, for example, an additional security step could be used that includes either direct contact with the issuing company of the credit card or a password issued independently to allow the activation of an electronic device. An additional way in which the numbers of additional credit cards and / or additional credit cards could be distributed to the user, is by means of an ATM machine. (Step 522). The ATM machine, with very few modifications, could provide the additional credit card numbers. Similarly, with relatively few modifications, an ATM machine could provide additional credit cards.

Single use numbers / cards can be issued directly on an electronic device that can store these numbers. This applies to mobile phones and paging devices to which information can be transmitted using existing systems and computers, either directly or through a telecommunications system to the Internet or a specific host computer system. In this situation, a mechanism is required to protect these numbers in transit to prevent unauthorized access. For the global application, this mechanism should not be subject to export restrictions. In addition, this protection should not be susceptible to decryption techniques. "brute force". This system is described below in relation to the storage of single use cards. An alternative method to provide the numbers of additional credit cards could be through computer programs. Obviously, it would be necessary for the credit card provider to have sufficient security so that when the computer program was dispatched, either through the telecommunications network or through the mail, that unauthorized access could not be obtained. 2. 5 Electronic use of credit card numbers t? H? íámí? eH AaSAá¡t In the situation where the user stores and obtains access to limited use numbers by means of an electronic device such as a computer in any form (desktop, television, or Internet access device linked by cable, laptop, palmtop, personal organizer, etc.), any device that can send the same functions as a computer or dedicated Internet access device, a dedicated microprocessor device with keyboard and screen or any form of telephone with a circuit system controlled by microprocessor, the associated software can perform some or all of the following functions: 1) Password controlled access to the software or other security activation system that can verify that the user has a valid access right. 2) Secure storage of limited credit / debit / charge card numbers until required by the user. These numbers can be stored in a variety of encrypted forms. An additional security step is to encrypt the number in the form of a valid credit card number, as previously described. 3) Secure storage of the details of the transaction and date of use for reconciliation with the records kept by the credit / debit / charge card company, in the event of a disagreement. This could include the electronic signature of each transaction record. 4) Facility for the user to review the last use of the numbers and transactions of the limited use card. 5) Notification to the user of the available number of limited use cards. 6) Initiate automatic request of the software to the card issuing organization or the agreed agent so that additional cards are issued by the previously agreed route, if requested by the user or if e-1 number of limited use cards available is less than limit that was agreed previously. 7) Secure communication between the software package and the issuing organization of the agreed card or agent to download the additional limited use numbers. This secure communication can take advantage of any form of encryption suitable for this purpose. 8) Secure communication between the issuing organization of the agreed card or agent and the software package for the transmission of information with respect to credit card transactions, account balances and other information, as required by the user or issuer of the card. This secure communication can take advantage of any available form of encryption suitable for this purpose. ) Automatic or manual elements for the transfer of credit card information to the merchant. The software can be integrated with the software of the Internet in the situation where it is executed in a device linked to the Internet or similar electronic network and that allows the automatic transmission of the details of the transaction if the software of the merchant allows it so . To ensure compatibility with any form of merchant software, the user also has the option to drag and drop a limited use number that visually displays the software on the appropriate part of a web page, or by entering the number manually. In the case of a device that is intended for use by the telephone, the user can say the number or the appropriate tones can be generated to automatically transmit the number to the merchant. ) Use of digital signature verification to verify the two parts of a credit card transaction (ie the merchant and the card owner). ) Use of digital signature verification to verify the two parts of a communication that includes the transmission of financial information or the additional limited use credit card numbers (ie, the card issuer and the card owner) . 12) Use of stored lists of limited use numbers maintained by the user and the issuer of the card as dynamic passwords, to verify the two parties (user and card issuer) of a communication that includes the transmission of financial information or of additional limited card numbers. For "no present card" transactions, it is proposed that the customer use an electronic device to store the unique use numbers that were issued. This could represent a range of devices from a mobile phone, pager, dedicated single-use storage device or a software package that can run over the range of platform, such as a conventional desktop, device access to the Internet that is based on television (for example, WebTV) or a laptop device. The software used within these devices to store and access these numbers will have specific characteristics that are common to all platforms / devices.

For security reasons, access to the software will be password protected or protected by any other security system that allows user identification. Multiple passwords can be used to provide limited access to certain individuals, for ele, limiting access to a family member to single use numbers with specific limits previously assigned on the application or maximum transaction value. The single use numbers are preferably stored in a secure manner that includes one or more encryption systems. It is proposed that a dual system using a standard protocol (eg, DES or RSA encryption) and a specific system designated for credit cards, as described below, be employed. The decryption of "brute force" includes the use of multiple fast computers and specific algorithms to test large numbers of possible encryption "keys". Success can be determined by observing whether the result appears in the expected format, for ele as an English text that can be understood, in the case of an encrypted document. If the encrypted version is in a format identical to the decrypted version (although I received different information), then the brute force decryption can not be successful. This is not a computationally viable option for the text, but it is possible for credit cards. The approach is to break each component of a credit card number and encrypt these with a particular password, in order to maintain the numerical composition of each component. The final result should be encrypted securely but should not represent another existing credit card account. This can be achieved by restricting the encryption system to convert the header sequence of the credit card used to identify the issuing bank (usually 4-6 digits) in a sequence not currently used. Because this information will be constant for all cards of the same issuer, this information should be random (rather than encrypted), to avoid recognition of a valid decryption solution. Once the program decrypts the rest of the number, the appropriate heading sequence can be added. Then, the remaining digits that exclude the verification sum (the last digit) are encrypted using any private key encryption system that will maintain the same number of digits and produce a result that represents numerals 0 through 9. The date is also encrypted of expiration and any other identification digits, so that its existing structure is respected, that is, the month is encrypted between 1 and 12 and the year is encrypted in order to represent a number within the following three years, which ensures that the expiration date is valid. After these steps, the digits that were used to calculate the checksum in a normal card number are processed to calculate a valid checksum for the encrypted card. The result is a credit card number that appears to be valid, that has a valid amount of verification and from which it can be guaranteed that it does not belong to any existing credit / debit / charge card account owner. For ele, for a card with a 6-digit header and a valid checksum, for ele, "1234 5678 9012 3452 due date of 12/99", 123456 is randomly assigned to a heading sequence that is not use at that time, for ele, 090234 (this is an ele and does not necessarily represent an unused header sequence). It is encrypted 789012345 in another 9-digit number, for ele, 209476391. It is encrypted 12/99 in a valid date format that ensures that the card does not expire, for ele, 3/00. The checksum is recalculated to produce a credit card number that looks valid, for this ele the checksum is 4, that is, 0902 3420 9476 3914 expiration 3/00.

To decrypt this number for use or after transmission from the bank, the appropriate header sequence for the sender is exchanged for the digits in eg. number that was encrypted. The other numbers are decrypted using the private password and the checksum is recalculated. As long as the header number is unused and the private password remains private, then this number is encrypted so that brute force encryption can not be used to determine the original number, since it will not be possible to determine when it has been reached the right solution In combination with standard encryption systems, this allows an element to securely store credit cards - and transmit them over unsafe systems with confidence. Once the appropriate password is entered into the software, the next available single use number is decrypted and displayed visually, allowing the customer to use it in any form of commerce that can be obtained by citing card information. of credit, or directly transmitted through the software to the merchant. Once it is used, the unique use number is removed from the stored list. Then, the access date, the accessed number and any additional available transaction details are stored in a secure manner and digitally signed to allow verification in the case of a disputed transaction. Each access to a unique use number requires the introduction of a password, to prevent unauthorized access if the client leaves his software / computer device unattended and active. Figure 6 is a flow chart illustrating an exemplary process for using electronic credit card numbers. You can start the software either on its own or activate it using an integrated icon in an Internet browser. (Step 602). The software can provide a simple interface with a graphic appearance that takes advantage of the familiar images of credit cards and / or ATMs. The software can be programmed using the Java code or a Java kernel embedded in a c / c ++ application or the equivalent programming language. Once activated, the user enters a password to access the main screen, which contains a keyboard to allow a PIN to be entered, either through the keyboard or by mouse clicks. (Step 604). The latter protects against any sneaky attempts to register passwords by catching the keystrokes. A consecutive number of errors in the introduction of the password will permanently disable the program and overwrite the remaining encrypted numbers. After the correct PIN is entered, the user can select a new limited use number, with or without additional restrictions (for example, the maximum transaction value). (Step 606). The new limited use number is then displayed visually on the graphic interface. The software can provide secure access to the numbers of encrypted credit cards that are stored on a computer hard drive. (Step 608). Access to these numbers can be obtained for use on the Internet or to be used over an order by phone / mail. (Step 610). Therefore, you should be able to insert the numbers directly into a web page (step 612), or printed / copied from the screen to be used in other ways. (Step 614). The limited use number can be copied, printed, pasted by means of the paper clip (or equivalent), or dragged and placed on a web page. The user can configure the duration of time in which it is displayed visually and how the program ends. The user can also record a comment to provide additional information about how a number should be applied. For automatic transactions, the software should ideally be able to intercept and respond to signals initiated by the client's server, which activate the integrated functions within the browser.

Once the number has been accessed, it can be deleted from the encrypted lists. (Step 616). Afterwards, the date, number, current URL in the case of the use of the Web and any comments of the user are stored, by means of a separate form of encryption to facilitate the audit / revision. (Step 618). The user can review, but edit, this information. There should be an installation to download the additional numbers, either from the additional flexible disks or through the Internet using high security protocols. (Step 620). This last function can be done through a separate program. The program must include a maximum degree of transparent security features that do not affect a normal user, but that protect so that the program is not reinstalled or copied to a second machine.

This means that encrypted limited use numbers must either be stored within the file that can be run or stored in a file that also stores the encrypted copies of machine-specific information (Step 622). requires to ensure that only numbers can be accessed on the machine on which the software was first installed, and that the data files should be stored as hidden system files.

Some users may wish to have the equivalent of an electronic purse that can be disassembled from one computer and reinserted into another, for example, when a "purse" is transferred from an office machine to a household machine. This transfer process ensures that only one version of the program is running on anyone's link and that no problems arise in terms of the reconciliation lists of the numbers used. Appropriate security mechanisms can be implemented to identify the valid user. The encryption of limited use numbers should include two levels. On the first level, the credit card numbers are encrypted using an algorithm that only acts to alter the free digits inside the credit card. The header sequence (ie, the binary file number) is left unaltered or converted to an unused binary file number and the checksum is recalculated. This avoids any form of gross decryption because there will be no way to tell when the correct algorithm has been selected, since each number starts and ends like a credit card number that seems valid. After this step, each number is encrypted with industry-standard encryption methods (for example, RSA or DES). After decryption within the program, the checksum is recalculated by the final number and the appropriate binary file number is reinserted. The software can be sent on a single 1.4 MB floppy disk (or any other computer medium that can be used and read) in an encrypted or downloaded form from a Web site. Limited use numbers can be issued either with the program or independently. A password sent independently for the installation may be required. The installation process will allow the program to install a restricted number of times after which the critical data is overwritten. The precise number of permissible facilities can easily be altered within the software design. Once installed on the host computer, the program encrypts the internal information regarding the configuration of the machine, to protect against copying the program on other machines. In the first installation, the user can select their own passwords. These will be used both to control access to programs, and to influence the pattern of an encryption level that applies to limited use numbers. As you get access to the numbers, in graphic display of the remaining amount of limited use numbers, provides an early warning. if additional numbers are required. The software can also provide a record of previous numbers to which access was obtained, the date, the associated URL if it was activated from inside a browser and the comment; a summary of the issuance of the account; help with the addition of additional numbers from the disk or through the Internet; the ability to configure additional passwords / users for shared cards; and / or access to the Internet of active linkage for the website of the issuer of the card number. 2. 6 Processing of the transaction with cards It is contemplated that merchants will process additional credit card numbers and / or additional credit cards, in the same way as existing credit card numbers and / or credit cards, with the merchant obtaining credit card number validation. of the credit card company or an authorized third party. Much like in the present, the additional credit card number will be matched to the customer's account and the account will be charged accordingly. The merchant's refund after the verification of an additional credit card transaction would be made in the normal manner. A particular advantage for the merchant is that, since he is never in possession of the master credit card number or in reality, in many cases, of the master credit card, he has no responsibility for the security of the cardholder. of master credit. It is contemplated that where there are additional credit cards used, it would not be preferable to take an impression of the credit card manually, since the printing can be taken electronically. Similarly, those who are processing credit cards will process them in the same way as described above. The processing systems for handling limited use cards perform a number of functions that include some or all of the following: 1) Verify that the limited use number is valid. 2) Verify that the transaction falls within the limitations that were placed on the specific number. 3) In the case of a limited use number associated with another account, verify that the transaction falls within the limits lcfs acceptable for the associated account. 4) Provide the authorization to the merchant if it is valid and if it is within the limitations for the specific number and the associated account. 5) Allow subsequent transactions to be charged to a limited use number that has been invalidated for additional authorizations, only if the transaction is generated by the same merchant that obtained prior authorization for the same transaction. ) Deny the authorization if it is invalid or exceeds the limitations on the number or associated account. ) Activate fraud detection mechanisms if the number is invalid or an attempt is made to reuse a limited use number that was invalidated. ) Invalidate the limited use number for additional authorizations / payments, if limitations on use are met or exceeded by a specific transaction. ) Keep the list of numbers invalidated for reimbursement in the case of goods that were returned or that were in poor condition, during a defined period. 0) Limited use numbers and transaction details registered and linked to the associated account. 1) Transmit the limited use records and other transactions with the card to the user by mail or by email. ) Instigate the payment to the merchant for the transactions that were approved. ) Instigate the reintegration to the owner of the account, in the case of a refund. 14) Bill the account owner for payment for the charges incurred or agree to an arrangement by means of another account Many of the procedures associated with the limited use cards represent functions that were already performed through the authorization systems. These existing functions include: adding new credit / debit card numbers to the processing database, allowing these card numbers to be activated by following a confirmation call to the issuer by the customer, conferring a credit limit on a number of credit card, and invalidating a credit card number so that it is not used anymore and marking any additional fraudulent use.It is a superposition represents part of the commercial value of the invention of single use, minimizing the changes that are required. Once a limited use number enters the authorization system, it can be manipulated in a normal way, for example, by making sure that it has not been reported stolen and that it represents a valid account number within the base of data. If the transaction is within the credit limits of the customer and the limit of the transaction or the restricted use limitations of the imitated use number, it is authorized.

Different specific modifications to the processing software should be made to implement the characteristics of the single use cards. For example, valid limited use numbers are stored in a database of valid account numbers, along with other information specific to single use numbers. This includes sufficient information to identify the customer to whom it was issued and any additional limitations placed on the card, in terms of the value of the transaction or the category of the merchant for whom the card may be used. Once authorized, the limited use number is invalidated to ensure that no additional authorizations / charges can be made to that number. To allow the authorization to precede the request for payment for a substantial delay, for example in the context of an order purchase by mail where a credit / debit card number can be authorized at the time of the order and charged only When the product is shipped, the delayed payment must be allowed to the same merchant. Once the number of transactions allowed for a limited use card is reached, the central card processing software invalidates the card. Because the time delay that may occur comes from the authorization and a request from the merchant for payment, improved security is achieved by linking the invalidation process with the authorization. Linking the invalidation with the payment facilitates the authorizations prior to the cost of the increased risk of, for example, multiple uses of a card number that is intended for limited use. Prior authorizations may be used with authorization, depending on the invalidation, as described above. In the case where a transaction is not authorized before it is accepted by a merchant, the invalidation process will occur when the details of the transaction are transmitted to the processor for payment. When an authorization for a limited use number is not obtained, the system will therefore still operate normally with an increased level of risk for the issuer / merchant, as is the case with an unauthorized conventional card transaction. Whenever the credit limit or validity of a customer's account changes, all currently valid limited use numbers are identified, and their associated credit limit is altered to the lowest of either their assigned transaction or the limit of existing credit. If the client's account is closed or declared delinquent, all valid unique use numbers are handled in the same way. Whenever a limited use number is used, the next available single use number that was previously assigned to the same customer and that was issued to the customer is added to the database of valid account numbers. When a transaction is loaded to the limited use number, the details of the transaction and the details of the customer's account are stored together for audit purposes and the transaction value is added to the customer's billing account. The software for storing the transaction details and printing the account statements can be modified to allow both the conventional customer account details and the transaction details of the limited use number to be reported. The processing of limited use numbers can be integrated into existing systems in a variety of ways. The authorization and payment process can be completed in a single cycle or divided into separate authorization and payment processes, as is common in existing credit card systems. In the case of a completely new, independent, limited-use credit / debit card processing system, the above functions can be implemented without restriction on any suitable computer that can incorporate the database and communication functions required. . This system should be able to provide an authorization for a transaction within the same time scale as the transaction of the credit / debit / charge cards. In the case where the previous functions have to be integrated within the existing systems, different approaches can be taken to minimize the changes that are required. It is possible to add steps to the chain of procedure that is found as soon as a number of credit / debit / charge cards is received from a merchant. Figure 7 is a flow chart illustrating an exemplary process for processing a transaction. In step 702, a software system receives the details of the transaction from a merchant. The software system determines whether the number is a limited use number or a conventional card number. (Step 704). If the number is a conventional card number, it is passed without changes to the processing system and can be manipulated by existing systems without modifications. (Step 706). The merchant receives authorization from the system responsible for authorizing the numbers of conventional cards. Similarly, the merchant's refund remains unchanged. (Step 708). The system can verify the limited use number and the corresponding limitations. (Step 710). If the number is valid for the designated transaction, the transaction is rejected. (Step 712). Otherwise, a database search procedure determines the number of the associated master account and transmits this number (that is, the master account number) back to the processing system. (Step 714). This allows all detection procedures for existing frauds, authorization and demographic software to be completed without alterations. (Step 716). Once the master account number is replaced by the limited use number, a number of additional steps are required. (Step 718). If the criteria for invalidating the limited use number during this transaction have been met, then the limited use number is invalidated for all future transactions, except refunds. An additional limited use number can be issued automatically if a continuous supply of single use numbers is required. Afterwards, the details of the transaction and the master account number are transmitted for inclusion into a database to allow the tracking of the transaction details and the user's billing. These functions do not need to be performed before an authorization is issued, but can be terminated afterwards. (Step 720). With the previous system, the software responsible for substituting the master account number for the limited use number can also process the additional features unique to the limited use numbers. These features include limitations on the value of the transaction, restrictions on the type of merchant and geographical limitations. If the transaction exceeds the limitations that were placed on the limited use card, then the authorization is declined and the master credit card need not be passed for further processing. In the case of a transaction that falls within the limitations of a limited use card, then the details of the transaction are passed with the master account number for conventional validation. In this way, the restrictions in place for the master account (for example, available balance, expiration date) are verified for each limited use transaction. Specific fraud detection mechanisms can also be incorporated into the software. For example, the first time a limited use number is invalidated, this transaction can be reported as potentially fraudulent and appropriate action taken. Repeated attempts to authorize invalid numbers by a single merchant or group of merchants also potentially points to fraud and may lead to the activation of appropriate fraud management measures. The previous system requires the minimum modification of existing systems but can take up to twice the .,. -? processing time of a conventional transaction, due to the double authorization process, once inside the limited use verification and the translation step, and once inside the standard systems. It might be advantageous to initially process the limited use card as a master credit card, by using a single list of limited use numbers and the numbers of master credit cards. Figure 8 is a flow chart illustrating another exemplary process for processing a transaction. In step 802, a software system receives the details of a merchant's transaction. The software system has access to a database that contains additional information to identify the associated account or the elements of the account statement and the specific limitations for the use of the limited use cards. As a result, limited use numbers can be associated with the existing • accounts in the manner currently used to associate the multiple existing accounts in the case of the multiple cards that were issued to a single company for corporate use. (Step 804). During an authorization, you do not need to identify the associated account number, as long as each limited use account is updated each time the associated account status changes (for example, available balance, validity of the account, etc.). The system may reject the authorization (step 806) or authorize a transaction (step 808), without identifying the associated account number. For payment and billing purposes (step 812), you need to identify the associated account (step 810), but this does not need to be done during the course of an authorization. The existing software must modify or link a new program that performs the specific tasks for the limited use card numbers, as described above. (Steps 814, 816, and 818). These functions do not need to be performed before an authorization is issued. These functions can be completed later. This system requires further modification of existing processing software systems, but offers authorization times within the same time scale as existing transactions, because only one authorization step is included. Other activities, such as updating limitations on the limited use card when the master account changes, can be performed outside of the authorization process (ie, "offline"). The invention is not limited to the embodiments described hereinabove, but can be varied both in construction and in detail. As an example, the invention has been described here above mainly in the context of a system in which a customer receiving a single use card already has a main account with the credit card provider. But this does not need to be like that. For example, it is contemplated that an ATM machine (or similar device) could be used by people who did not have a credit card account to buy disposable credit cards, which disposable credit cards could then be used for credit transactions. present or remote card. When the card has been used, the card would simply be reinserted into the ATM machine, and after an appropriate period of time, the buyer's account would be credited with any money that had not been spent. Similarly, if the person purchasing the disposable credit card does not have an account of any kind with the credit card provider, the credit card could still be purchased with the ATM machine and then any refund could take place long enough After the transaction has been authorized, such refund could be in the form of a cash refund to the buyer or an accreditation to the account of that buyer, with another financial institution. In a similar way, it will be appreciated that the use of an ATM machine is not essential, since disposable credit cards could be purchased in the normal manner in which one buys any other goods or services, such as directly in a face-to-face transaction or mail. Similarly, although it has been suggested in the foregoing that there may be single-use credit cards that could be purchased, there is no reason why they could not be multiple-use credit cards with an aggregate credit limit. In addition, these cards could, instead of being credit cards, be simply credit card numbers for single or multiple use. It is contemplated, however, that for operational efficiency, these numbers are more likely to be issued as disposable credit cards or single use cards. In this way, for those who do not wish to handle a credit card or whose credit merit is such that they would not be allowed to have a credit card, it will now be possible for them to have the use of a credit card. This would have considerable advantages for credit card providers. 2. 7 Additional uses of credit card numbers In situations where the cardholder and the card issuer are in communication and authentication is required from one or both parties, the list of limited use credit card numbers that each party has as a form can be used. of identification. In the manner of a dynamic password, all or part of a single sequence of limited use numbers of these numbers could be used to identify any of the parties, without the need to issue any additional security system. Because this identification does not need to be handled by conventional transaction systems, all or part of the limited use number may be used for this purpose. Figure 9 is a flow chart illustrating an exemplary process for using a credit card number as a PIN number. In step 902, a card issuer generates a database of available credit card numbers. The card issuer selects a master credit card number (step 904) and distributes the master credit card number to an owner of the master credit card number. (Step 906). Next, the card issuer assigns additional credit card numbers to the master credit card number (step 908), and distributes the additional credit numbers to the owner of the master credit card number. (Step 910). When the owner of the master credit card number needs or wishes to obtain access to the account information (step 912), the owner of the master credit card can use one of the additional credit card numbers as a PIN number. (Step 914). --- á ^ -1-.

As can easily be seen, there are fundamental differences between the system of the present invention and any system that uses a PIN or another number (either s ^ a constant or transaction variable in transaction), to validate a transaction. In the present system, the numerical details that are transmitted in the course of a transaction are identical in format to an existing credit card number but no unique account code is included. This maximizes the security and privacy of a transaction with credit / debit / charge cards. Within the processing system, the validity of the unique use number is first verified and then the associated account is identified by means of examining the stored information with the limited use number. With the transmission of an additional PIN or other number in addition to the account number or other unique identifier, there is a lower level of security and privacy. Within any form of PIN identification (and as Rahman describes it), the associated account is first identified and then the PIN is verified after this step. For this reason, many cardholders can share the same PIN, in reality in most cases, due to the short length of PIN codes, many users do have identical PINs but different account numbers. For our system, each limited use number must be unique at the time of its use and in that way, the associated account can be uniquely identified. Although the foregoing description refers to particular illustrative modalities, these examples should not be considered as limitations. Not only can the inventive system be modified by other numbered card systems; It can also be modified by other computer networks or numbering schemes. In this way, the present invention is not limited to the modalities that were described, but should be harmonized as the broadest scope, consistent with the claims below.

Claims (64)

1. A credit card system of the type comprising elements for maintaining a group of credit card numbers, which share an identical format and elements for assigning at least one credit card number from that group of credit card numbers. credit to a master credit card number, characterized in that elements (120) are provided to assign at least one credit card number (126) from the group of credit card numbers (124) to be a limited credit card number (126), which is deactivated by a deactivation command (210) after a condition unleashed by subsequent use, and elements to associate the card number of the card. master credit with the limited use credit card number (126), while ensuring that the master credit card number can not be discovered based on the limited use credit card number (126).

A credit card system according to claim 1, characterized in that it further comprises: elements (206) for receiving notification that the limited use credit card number has been used in a credit card transaction; elements to determine if a limited use event has occurred, based on that notification, and if so, generate the deactivation command (210); and items for deactivating the limited credit card (126) if the limited use event has occurred.

3. A credit card system according to claim 1 or 2, wherein the limited use event is satisfied when the limited use credit card (126) is used only once.

4. Limited use event is satisfied when the limited use credit card (126) is used to increase charges that are greater than a prescribed monetary amount.

5. A credit card system according to any of the preceding claims ", characterized in that it further comprises elements for assigning another limited use credit card number (126), in response to the deactivation command, and for associating the another limited use credit card number (126) with the master credit card number 6.

A credit card system according to any of the preceding claims, characterized in that it also comprises elements for receiving a request for another number limited use credit card (126) of a user, and elements for assigning another limited use credit card number, in response to that request 7.

A credit card system in accordance with claim 5 or 6 , in which the system (1) maintains a linear list of limited use credit card numbers (126) available, and the elements for The other limited use credit card number selects the other limited use credit card number from that linear list.

A credit card system according to any of the preceding claims, wherein the system includes transmission elements for downloading the limited use credit card number (126) to a user.

9. A credit card system according to claim 8, wherein the transmission is by means of a telecommunications system (112).

10. A credit card system according to claim 9, wherein the transmission elements include a computer (120) that is connected to the telecommunications system (112).

11. A credit card system according to any of claims 8 to 10, in which the limited use credit card number is encrypted before downloading it.

12. A credit card system according to any of the preceding claims, in which the system includes elements for distributing the numbers of limited use credit cards to a user, with a statement of account (518) for the master credit card number.

13. A credit card system according to any of claims 1 to 7, wherein the credit card number is distributed on a card comprising an opaque cover that can be removed (510).

14. A credit card system according to claim 13, wherein the credit card number is on the card comprising a cover that can be removed by scratching it.

15. A credit card system according to claim 13, wherein the credit card number is on an individual card that is removed from the first compartment and subsequently placed in a second compartment.

16. A credit card system according to any of claims 1 to 7 or 13 to 15, wherein the system includes distribution elements for distributing a credit card containing the limited use credit card number to a credit card. user.

17. A credit card system according to claim 16, wherein the distribution elements comprise an automatic payment machine (112).

18. A credit card system according to claim 16 or 17, wherein the distribution elements comprise printing elements for printing an indication of the limited use credit card number for sending to the user.

19. A credit card system is claimed in any of the preceding claims, wherein the elements for assigning credit card numbers include: a database (302) of credit card numbers, which share a identical formatting; a master credit card number selector that can select at least one credit card number from the database (302) to a master credit card number (304); and a credit card number allocator who can assign at least one credit card number. additional credit (312) from the database, to the master credit card number.

20. A credit card according to claim 19, wherein the system assigns the credit card numbers sequentially to a linear list of master credit card numbers.

21. A credit card system according to claim 19 or 20, characterized in that it further comprises a white noise generator for providing random numbers as credit card numbers.

22. A credit card system according to any of claims 19 to 21, characterized in that it further comprises an analog to digital converter for the generation of the random number, from a random physical system.

23. A credit card system according to any of claims 19 to 22, wherein the credit card number allocator selects a credit card number (304) from the database (302), the credit card number assignor discarding the credit card number (304) if the credit card number (304) has already been assigned to a 'master credit card number (306).

24. A credit card system according to any of claims 19 to 23, wherein the database (302) further comprises an available range of credit card numbers.

25. A credit card system according to claim 24, wherein the credit card number allocator selects a credit card number (304) from the available range of credit card numbers (302).

26. A credit card system according to claim 25, wherein the credit card number allocator removes the credit card number (304) from the available range of credit card numbers (302). , after it was selected.

27. A credit card system according to claim 25 or 26, wherein the credit card number allocator returns the credit card number (304) to the available range (302), after a condition triggered by the subsequent use.

28. A credit card system according to any of claims 19 to 27, wherein the system assigns the credit card number (304) to a list of issued, but not valid, numbers.

29. A credit card system according to claim 28, wherein the system assigns at least one credit card number (304) from the list of numbers issued, but not valid to a list of issued numbers. and valid, after a condition triggered by subsequent use.

30. A credit card system according to claim 29, wherein the system assigns at least one credit card number (304) from the list of the issued numbers, and valid to a list of issued numbers, but not valid, after a condition unleashed by subsequent use.

31. A credit card system according to any of the preceding claims, wherein elements are provided for determining conditions of limited use for the limited use credit card number, comprising: a database of numbers of credit cards that share an identical format; a conditions database: a master credit card number selector that can select at least one credit card number (402) from the database of credit card numbers, to be a number of credit cards. master credit card; a credit card number allocator that can assign at least one credit card number (402) from the database of credit card numbers to the master credit card number; and a conditioner that can assign at least one condition (404) to the credit card number and store the condition in the condition database (406), the condition (404) limiting the use of the credit card number (402).

32. A credit card system according to claim 31, wherein the system verifies the condition (404) when the credit card number (402) is used.

33. A credit card system according to claim 31 or 32, wherein the condition (404) that was assigned to the credit card number can be updated (408).

34. A credit card system according to any of claims 31 to 33, wherein the credit card number (402) reflects the conditions (404) that were assigned to the credit card number.

35. A credit card system according to any of claims 31 to 34, wherein the database (406) of conditions comprises the conditions of the transaction, the time of the conditions of the transactions, the number of the conditions of the transactions, the frequency of the conditions of the transactions, and the conditions of purpose.

36. A credit card system according to any of claims 31 to 35, in which the credit card number (126) is limited to a particular merchant.

37. A credit card system according to any of claims 31 to 36, wherein the credit card number (126) is limited to a single transaction for a maximum transaction value for a single purpose.

38. A credit card system according to any of claims 31 to 37, wherein the credit card number (126) is limited to an established number of transactions by a maximum transaction value within a set time .

39. A credit card system according to any of claims 31 to 38, wherein the credit card number (126) is limited to a single purpose.

40. A credit card system according to any of claims 31 to 39, wherein the credit card number (126) is limited to a single transaction for a maximum transaction value. -41

41. A credit card system according to any of the preceding claims, comprising: a database of credit card numbers (124) that share an identical format; a master credit card number selector that can select at least one credit card number from the database, to be a master credit card number; a credit card number allocator that can assign at least one credit card number from the database to the master credit card number; a master credit card computer (102), the master credit card computer and the credit card number allocator interconnected by a computer network.

42. A credit card system according to claim 41, wherein the credit card number allocator can distribute the credit card numbers to the master credit card computer (102) through the network. of computer.

43. A credit card system according to claim 41 or 42, wherein the master credit card computer (102) stores the credit card numbers in an encrypted state (608).

44. A credit card system according to claim 43, wherein the master credit card computer (102) decrypts one of the encrypted credit card numbers (608) to provide a decrypted credit card number.

45. A credit card system according to claim 44, wherein the master credit card computer (102) decrypts another of the encrypted credit card numbers (608) when the credit card number is used. decrypted.

46. A credit card system according to any of claims 41 to 45, wherein the credit card number allocator can distribute a second batch of credit card numbers to the master credit card computer ( 102), when a first batch of credit card numbers is used.

47. A credit card system according to any of claims 41 to 46, characterized in that it further comprises a merchant's computer, the merchant's computer that interconnects with the master credit card computer (102) by means of the computer network.

48. A credit card system according to claim 47, wherein the computer ...-_. -a ^ m. - -. -. . ... , *** - ***! Master credit cards can transmit the credit card number (606) via the computer network to the merchant's computer (102).

49. A credit card system according to any of claims 41 to 48, characterized in that the system has a merchant computer in which the master credit card computer and the merchant's computer are interconnected by a computer network. , the master credit card computer being able to transmit the credit card number by means of the computer network, to the merchant's computer.

50. A credit card system according to any of claims 41 to 49, wherein there is a credit card number processor (102) that can associate the master credit card number with the number of the credit card. credit card, so that a merchant can make a transaction without ever knowing the number of the master credit card.

51. A credit card system according to claim 50, wherein the system further comprises a list of valid credit card numbers and the conditions for each.

52. A credit card system according to claim 51, in which the system includes elements for removing (210) the credit card number from the list of valid credit card numbers, after a condition unleashed by subsequent use (206).

53. A credit card system according to claim 52, wherein elements are provided for assigning a new credit card number (202) to the master credit card number, after the card number is removed. credit (210) from the list of valid credit card numbers.

54. A credit card system according to any of claims 50 to 53, characterized in that it includes maintaining a second list of credit card numbers that are removed from the list of valid credit card numbers.

55. A credit card system according to claim 54, wherein the second list is used in the case of returned goods.

56. A credit card system according to claim 54 or 55, wherein the second list is used to detect fraud.

57. A credit card system according to any of the preceding claims, wherein the system provides elements to obtain access to account information, the system comprising: a database of credit card numbers (902) ) that share an identical format; a master credit card number selector that can select at least one credit card number from the database (902), to be a master credit card number (904); a credit card number allocator that can assign at least one credit card number (908) from the database (902) to the master credit card number; an account information provider, using the account information provider's credit card number as a personal identification number (912), to obtain access to the account information for the master credit card number ( 904).

58. A credit card system according to any of the preceding claims, wherein the system is performed by a computer means that can be used that has included in it a computer program for the system.

59. A credit card system according to any of the preceding claims, wherein the physical signals that are transmitted on a transmission medium represent a computer program for performing the system.

60. A method for managing a group of credit card numbers, comprising the steps of: maintaining a group of credit card numbers (302), which share an identical format; assign at least one credit card number from the group of credit card numbers, to be a master credit card number (304); assigning at least one credit card number from the group of credit card numbers, to be a limited use credit card number (308), which is deactivated after a condition unleashed by subsequent use; and associate the master credit card number (304) with the limited use credit card number (308), while ensuring that the master credit card number is not discovered on the basis of the credit card number. limited use credit.

61. A credit card system for performing a credit card transaction, characterized in that it is based on one of a master credit card number or a limited use credit card number, wherein the card number Limited-use credit card is randomly selected with respect to the master credit card number, but the limited-use credit card number includes a format identical to the master credit card number and is associated with the credit card number. Master credit card number, the system comprising: transaction elements to enter a transaction (702) based on the number of the master credit card or the limited use credit card number (704), for generate a transaction message; processing elements for receiving the transaction message and processing the transaction, which includes: - elements for authorizing (706) or rejecting (712) the transaction; - elements (718) to determine whether or not to disable the limited use credit card number when the limited use credit card number was used to perform the transaction, and to generate a deactivation command in response to the same, where the elements to determine whether or not to disable the limited use credit card number, determines if a limited use event has occurred that has to do with the use of the limited use credit card number, and if it has been like this, generates the deactivation command when the limited use event occurs; and - items for deactivating the limited use credit card number, based on the deactivation command.

62. A credit card system according to claim 61, wherein the limited use event is satisfied when the limited use credit card (702) is used only once.

63. A credit card system according to claim 61 or 62, wherein the limited use event is satisfied when the limited use credit card (704) is used to increase charges that are greater than a monetary amount. prescribed

64. A method for conducting a credit card transaction characterized in that it is based on one of a number of the master credit card or a limited use credit card number, wherein the credit card number limited use (704) that has no mathematical relationship to the master credit card number, but the limited use credit card number (704) includes a format identical to the number of the master credit card and it is associated with the master credit card number, the system comprising: entering a transaction based on the number of the master credit card or the limited use credit card number (704), to generate a message of transaction; receive the transaction message and process the transaction, which includes: - authorizing (706) or rejecting (712) the transaction; - determine (716) whether to disable the limited-use credit card number when using the limited-use credit card number to complete the transaction, and generating a deactivation command in response thereto, wherein the determination step (718) determines whether or not to disable the limited use credit card number (704) based on whether a limited use event has occurred. that has to do with the use of the limited use credit card number (704), and if so, generates the deactivation command when the imitated use event has occurred; and disable the limited use card number (704) based on the deactivation command.