Transaction execution system with secure data storage and communications

Abstract

A transaction execution system includes a host data processing system having a multiple account data base and a plurality of transaction terminals in communication with the host. The terminals each include a keyboard, a display, document handling subsystems, a hardware control subsystem, a communication subsystem and a programmable control subsystem supervising the other subsystems. A user initiates a transaction request by inserting a card into one of the terminals. After reading acceptable account identification information from the card the terminal requests entry of a preassigned personal ID number through the keyboard. The ID number is encrypted by the terminal at least once and communicated to the host along with information read from the card and entered via the keyboard. The host accesses from its stored data base an encrypted ID number corresponding to the received card information and makes a verification comparison of the stored encrypted ID number with the encrypted ID number received from the terminal. By requiring the entry of a nonencrypted ID number at a terminal while storing only encrypted ID numbers at the host, the correspondence between credit card account information and ID numbers need be known only to a few key personnel having access to both the encryption algorithm and a particular key therefor.