Abstract: Systems and methods are disclosed for providing a provision of access to services. A time delimited, multiple use ticket/admissions card is provided that controls admission to services offered by participating service providers. The ticket/admissions card is issued to a ticket holder, and the card is valid for a certain amount of uses, where each use should be completed during a certain period of time. The first use of the card, for example, should be completed within a first time period, and if the first use is not completed during this first time period, then the first use expires; the second use of the card should be completed within a second time period, and if the second use is not completed during this second time period, then the second use expires. In this way, the ticket/admissions card provides a time delimited, multiple use scheme to control allowed admittance to authorized services.

Abstract: The present invention extends to managing prepaid purchasing accounts and depositing funds therein. A kiosk and management system are connected over a network. The management system maintains purchasing accounts usable for multiple product or service purchases. To make a deposit, the consumer enters credentials at the kiosk, the credentials identifying a purchasing account. The consumer selects a payment method for making the deposit. For one or more payment methods (e.g., electronic check payment), the consumer selects a method to guarantee the deposit. The consumer also enters a deposit amount which is verified. Cash payments may be verified by an automated cash acceptor or a retail attendant. Credit card or debit card payments may be accepted by a card authorization network. Embodiments of the system also include debiting the purchasing account by a purchase amount. In addition, the purchasing account can be managed to view prior deposits and purchases.

Abstract: Electronic currency consists of data in a form suitable to be stored in a user's data storage medium, comprising information on the data value, identification of each specific set of data or data point, and authentication information suitable to verify that said data has been generated by a specific Currency Issuing Authority (CIA). A method and a system for effecting currency transactions between two users over the Internet or other communication network are also described.

Abstract: When a portable terminal receives a condition for an exchange object from a portable terminal, it selects electronic values as exchange objects, out of lists constituting the condition. An IC card deletes the electronic value and sends a message addressed to the portable terminal. An IC card deletes the electronic value in conjunction with fulfillment of a predetermined condition and thereafter sends a message addressed to the IC card. The IC card stores the electronic value in conjunction with fulfillment of a predetermined condition and sends a message addressed to the IC card. The IC card stores the electronic value.

Abstract: Between an IC card (1) and a electronic ticket server (2), upon purchasing an electronic ticket a public key cryptosystem is employed for a mutual authentication to keep a strict security, and a shared secret between the electronic ticket and a ticket collecting machine is sent on a secure channel as well as the electronic ticket. Upon usage of the electronic ticket, the IC card (1) and the ticket collecting machine (6) mutually judge whether they carry out the mutual authentication by using a public key cryptosystem or a symmetric key cryptosystem. When they determine to use the symmetric key cryptosystem, they carry out the mutual authentication by using the shared secret exchanged beforehand. When they determine to use the public key cryptosystem, they carry out the mutual authentication by using the same method as that used upon purchasing the electronic ticket.

Abstract: Digital cash token protocols use a combination of blind digital signatures and pseudonym authentication with at least two pairs of public and private keys. A user is provided with one master pair of private and public keys and as many pseudonym pairs of private and public keys as desired. The resulting digital cash token based hybrid protocols combine the advantages of blind digital signature and pseudonym authentication. Blind digital signatures based on the master pair of keys are used to withdraw digital cash from the user's bank account under the user's real identity. A pseudonym pair of keys is used for converting digital cash into digital cash tokens by a digital cash issuer. All pseudonyms can be used for spending the digital cash tokens. These protocols ensure anonymity when withdrawing digital cash from the user's account under the user's real identity in addition to providing pseudonym authentication when spending digital cash tokens under a pseudonym.

Abstract: A method and system for obtaining ATM device services utilizes a service provider framework in which data is received by an ATM application that indicates there is a need for the performance of an ATM device function. The ATM application issues a request to an XFS manager to get the ATM device service by making a sub-routine call to the XFS manager to get the ATM device service from a service provider. The XFS manager translates the sub-routine call as an entry point into the service provider for processing by the service provider, and a request object associated with the request is instantiated. The service provider is implemented by instantiating an instance of the service provider framework XFS service provider base class and one or more instances of the service provider framework request objects required to process the request. After processing the request, the service provider returns a result to the ATM application.

Abstract: A system is disclosed for a digital rights management system which enforces license rights by incorporating a decryption key in a license rights package that further includes an account number associated with a primary consumer. The digital rights management system also includes a mechanism for renewing/updating the license by charging the account number associated with a primary consumer. This way, the consumer may transfer the license rights package along with the digital content to any personal devices he likes but he is discouraged from freely disseminating the license package as uses by other consumers will be debited against his package or, if renewed/extended, charged against his account.

Abstract: The present invention extends to managing the dispensing of petroleum products. A kiosk (e.g., at a gas station) and fuel management system are connected over a network. The fuel management system maintains balances for fuel purchasing accounts that can be debited to purchase fuel. To purchase fuel, a customer enters credentials identifying a fuel purchasing account at the kiosk. After fueling is complete, the fuel purchasing account is debited by the amount of the fuel purchase. Embodiments of the fuel system can also include networked (e.g., Internet) based payments into a fuel purchasing account, either from a kiosk or from a personal computer. Consumers can pay for increased amounts of fuel, such as, for example, multiple tanks of gasoline, in a single payment, potentially reducing or even eliminating returned check losses and/or card fees associated with “tank-at-a-time” purchases.

Abstract: An electronic transaction system, comprising bearer bond means for providing an online electronic bearer bond having a monetary value, transaction means for performing monetary transactions with said bearer bond means, and network means for providing user access to said bearer bond means and said transaction means.

Abstract: Virtual account based digital cash protocols use a combination of blind digital signatures and pseudonym authentication with at least two pairs of public and private keys. A user is provided with one master pair of private and public keys and as many pseudonym pairs of private and public keys as desired. The resulting virtual account based hybrid protocols combine the advantages of blind digital signature and pseudonym authentication. Blind digital signatures based on the master pair of keys are used to withdraw digital cash from the user's bank account under the user's real identity. A pseudonym pair of keys is used for converting digital cash into virtual account based digital cash by a digital cash issuer. All pseudonyms can be used for spending the virtual account based digital cash.

Abstract: Techniques for generating a token that can be used to transfer value. The token may be used to transfer value in a value-based transaction with a vendor in a way that is secure and safe and maintains anonymity of the source of the value and preserves secrecy of information that should preferably not be disclosed to an untrusted third party such as a vendor. The token comprises sufficient information that enables value to be transferred from an account associated with the token to a vendor during a value-based transaction. Such a token may be presented by a user to a vendor in a value-based transaction with the purpose of transferring value involved in the transaction to the vendor in order to complete the transaction.

Abstract: A literary work royalty meter rate accounting method is provided by which a royalty based on the frequency of use of literary works such as music data distributed through a communication circuit is imposed on a customer. A management terminal apparatus sells a right of use of music data to a customer through a communication circuit, receives literary work use situation information such as the number of times of use, the hour of use or the amount of use of the music data by the customer, and imposes a royalty on the customer through the communication circuit in accordance with the literary work use situation information. A literary work provider terminal apparatus distributes the literary works to a customer terminal apparatus through the communication circuit.

Abstract: One-time-use tickets containing a unique identification code that allow for prepayment of entertainment or personal services are distributed and sold. When a ticket is sold, it is activated by the seller notifying a ticket information manager of its sale, at which time the ticket's unique identification code is recorded by the ticket information manager. Part of the sale price is transferred by the vendor to an account maintained by a ticketing program manager. Ticket-holders present the ticket for redemption of the particular service from an agreed service provider. The service provider verifies the ticket's validity by checking with the ticket information manager that the ticket's unique identification code is valid and that the ticket has been activated.

Abstract: A platform discrimination indication register is stored in a wireless network card. This register holds a platform discrimination indication that indicates whether the wireless network card can be used to transfer data with notebook computers or whether the wireless network card is restricted to transferring data from a personal digital assistant or defined set of restricted devices. The platform discrimination indication can be upgraded using a key value obtained from an Internet site. This key value is limited to a specific wireless network card because of the use of a unique electronic I.D. An Internet site encrypts the electronic I.D. to produce the first key, such as a platform activation key (PAK). This first key is then decrypted at the personal data device in order to obtain a unique calculated I.D. value. If the calculated I.D. value matches the electronic I.D.

Abstract: A system relating to a fee address is described. A method of directing mail to a public mailbox, determining a fee based upon the preferences of the mail recipient, receiving the fee and forwarding the mail to a private mailbox is also provided. Many different types of addresses can be employed, including for example, email, telephone, facsimile, pager, zip code and identification pin numbers. Fees may be determined by person, size, time or urgency.

Abstract: A system and method for preventing interception and decryption of information by an unauthorized party when that information is transmitted over a network is provided. A token is used to encrypt one-time password that is different for each network session, to prevent decryption thereof. The encrypted one-time password is returned to a network server for authentication by the server. The network server generates its response in a similar fashion. The server compares its response to the one-time password, to determine if they match. If they match, then the client is granted access to the network. If they responses do not match, then the client is denied access to the network by the server.

Abstract: A Transaction Authorization Method operating over a computer network comprising a plurality of interconnected computers and a plurality of resources, each computer including a processor, memory and input/output devices, each resource operatively coupled to at least one of the computers and executing at least one of the activities in the process flow, the method characterized in that it assembles an electronic authorization of a transaction in a manner which is verifiable by extracting and verifying whether role certificates of at least one type, associated with the authorization, are themselves authentic. The method eliminates the need of having to authorize each and every signature on a transaction individually by providing an authorization structure based on roles, this structure being accessible on a public network for verification that the transaction is authorized.

Abstract: A user registers a user public key PKU as a pseudonym at a trustee or issuer and obtains an signature for the pseudonym as a license. The sends the pseudonym, PKU identification information IdU and the amount of withdrawal x to the issuer institution. The issuer increments a balance counter of the pseudonym by x, then generates an issuer signature SKI(PKU, x) with a secret key SKI, and sends the issuer signature as an electronic cash to the user. The user verifies the validity of the issuer signature with a public key SKI, and if valid, increments an electronic cash balance counter Balance by x. At the time of payment, user sends the public key PKU and the license to a shop, and the shop verifies the validity of the license, and if valid, sends a challenge to the user. The user attaches a signature to the challenge with user secret key SKU, then sends it to the shop together with the amount due y, and decrements the electronic cash balance counter by y.

Abstract: A transaction network contains a networked certificate authority, by which one or more virtual certificates may be remotely defined and stored, such as by an issuer user through a issuer web portal interface. An acquirer user, through an acquirer web portal interface, may acquire one or more virtual certificates, which contain a public key portion, as well as a corresponding private key, which is established at the time of acquisition, and is stored at the certificate authority. At a redemption location associated with an acquired certificate, the acquirer (or an alternate recipient of an acquired certificate to whom the acquirer has communicated the established private key), submits the certificate information, along with the established private key, to redeem the certificate.

Abstract: A method and system to enable data packets to engage in two-way transactions with various facilities, electronic equipment, and data sources, performing various services. This is accomplished by the loading of data packets with access tokens, denominated at certain values and issued by certain institutions. These tokens are then transferred, according to the instructions of a packet controller that is part of a packet, and according to the interaction of packet controller and facility gateway access controller, from packets to facilities (or vice versa) that provide services, and are redeemed by the facility or the source of the packet. This system enables information, communication, and general commercial activities by establishing a generalized mechanism for payment, transactions, negotiation, and differentiation on the packet level.

Abstract: One-time-use tickets containing a unique identification code that allow for prepayment of entertainment or personal services are distributed and sold. When a ticket is sold, it is activated by the seller notifying a ticket information manager of its sale, at which time the ticket's unique identification code is recorded by the ticket information manager. Part of the sale price is transferred by the vendor to an account maintained by a ticketing program manager. Ticket-holders present the ticket for redemption of the particular service from an agreed service provider. The service provider verifies the ticket's validity by checking with the ticket information manager that the ticket's unique identification code is valid and that the ticket has been activated.

Abstract: A system and method for permitting gold or other commodities to circulate as currency requires a network of system users that participate in financial transactions where payment is made in units of gold. The gold is kept in secure storage at a deposit site for the benefit of the users. The payments in gold are effected through a computer system having data storage and transaction processing programs that credit or debit the units of account of gold for the account of each system user. The system and method allows gold to circulate as an electronic payment through the global computer network (Internet) and/or private communication networks. The sum total of all circulating electronic gold (denominated in physical measures such as weights such as grams and/or ounces and fractions thereof) will equal the weight of all the gold held for safekeeping at the storage site(s) for the users of the system.

Abstract: To obtain a digital license for rendering a piece of digital content, a license requester contacts a license provider and sends a license request. The license provider checks the license request for validity and negotiates with the license requestor terms and conditions for the requested license. The license provider generates the requested license and issues the generated license to the license requestor.

Abstract: Systems and methods for effecting online financial transactions between individuals or between individuals and entities such as banks, merchants and other companies. Each user accesses a fund exchange server to establish an online account, which is used to transfer funds to and from other entities' online accounts. To fund an online account, funds can be transferred to the online account from a funding account, e.g., credit card account, checking or savings account, or other account, or from another online account. To withdraw funds, money can be transferred to a funding account. A verification procedure requires that a user enter information sufficient to effect financial transfers to and from a funding account. The system deposits one or more small amounts into the funding account, and queries the user to enter the amount of each deposit. If the amount(s) match, the account is considered verified.

Abstract: One-time-use tickets containing a unique identification code that allow for prepayment of entertainment or personal services are distributed and sold. When a ticket is sold, it is activated by the seller notifying a ticket information manager of its sale, at which time the ticket's unique identification code is recorded by the ticket information manager. Part of the sale price is transferred by the vendor to an account maintained by a ticketing program manager. Ticket-holders present the ticket for redemption of the particular service from an agreed service provider. The service provider verifies the ticket's validity by checking with the ticket information manager that the ticket's unique identification code is valid and that the ticket has been activated.

Abstract: Techniques for providing secure processing and data storage for a wireless communication device. In one specific design, a remote terminal includes a data processing unit, a main processor, and a secure unit. The data processing unit processes data for a communication over a wireless link. The main processor provides control for the remote terminal. The secure unit includes a secure processor that performs the secure processing for the remote terminal (e.g., using public-key cryptography) and a memory that provides secure storage of data (e.g., electronics funds, personal data, certificates, and so on). The secure processor may include an embedded ROM that stores program instructions and parameters used for the secure processing. For enhanced security, the secure processor and memory may be implemented within a single integrated circuit. Messaging and data may be exchanged with the secure unit via a single entry point provided by a bus.

Abstract: A user anonymously acquires a first sequence of encryption key material. An encryption server, having a second sequence complementary to the first sequence, receives and forwards encrypted messages and monitors utilization of encryption key material by the user. As the key material is used, the server adjusts user accounts to exhaust the first sequence. Thus, the first sequence provides for secure, anonymous communication and, correspondingly, can serve as a payment media for conducting electronic transactions.

Abstract: An electronic asset system mints a stick of electronic assets that can be spent by the user with multiple vendors. Assets sticks are issued anonymously or non-anonymously in a way without requiring dedication to a particular vendor, hence allowing the user to spend one or more assets from the stick with different vendors. The auditor randomly audit samples of the spent assets to detect whether the assets have been fraudulently used. The electronic asset system employs tamper-resistant electronic wallets constructed as dedicated hardware devices, or as devices with secure-processor architecture. The electronic asset system also facilitates handling of electronic coupons in a manner that enforces compliance between the user and the vendor. The user and vendor each maintain a stick of corresponding coupons with pointers to the most recent and oldest coupons available for expenditure.

Abstract: Method and system for providing client privacy on the Internet when the client requests content from a public application server. The method is well-suited to key management protocols that utilize the concept of tickets. The client name or identity is encrypted in all key management messages where the client is requesting a ticket for a specific application server. The key management messages are between the client and a key distribution center (KDC) and between the client and the specific application server. The KDC does not provide the client name or identity in the clear in such messages. This prevents the client's identity from being linked with the content provided by the specific application server, which results in improved user privacy.

Abstract: A system and method for performing and settling an electronic scrip transaction between a merchant and a member includes a database storing accounts for one or more participating merchants, scrip distributors, sponsoring organizations, and members. The system also includes merchant terminals, scrip distributor terminals, sponsoring organization terminals, and a system manager terminal, which are interconnected to one another, as well as to the database, over a network, and a member scrip card, such as a magnetic stripe card or a smart card. Transaction information, including the transaction amount, is entered at a merchant terminal and sent over the network to a scrip distributor terminal or system manager terminal, and the member's account is automatically debited by the transaction amount. Additionally, merchant loyalty point credit or tuition credit can be awarded and stored for the member in connection with the transaction amount.

Abstract: A system and method for interactively affecting the course of a program or programming content. Viewer purchase electronic tokens which can be used to vote on the sequence of content in a broadcast whether it be audio, video or a combination thereof. Users are periodically polled by a server to vote on the direction that a broadcast is taking. The broadcast is then modified with real-time or stored content based upon the polling results from the viewers. Thus communities of voters have a chance to vote on the direction of content. The invention also allows sub-communities to be formed to pre-vote on a broadcast so that the sub-community can possible vote as a bloc on the direction and content of programming that is presented.

Abstract: In accordance with the present invention, consumers and merchants use computing devices connected to a network, such as the Internet, through wired and wireless means, wherein the consumer connects to a clearing server device to purchase or retrieve previously purchased token, the consumer then connects to the merchant's computer or website to attain price quotes of goods and services, selects the goods and/or services to be purchased, and then communicates a request for purchase to the merchant. The merchant then communicates a request for an update key to the clearing server. The update key is used as an authorization to modify the value of the token. To debit the customer the decrement key is requested and to credit the customer an increment key is asked for. An overwrite key is another type of update key. Together with the overwrite key a replacement token is provided to the merchant who in turn forwards the new token to the customer.

Abstract: A method of providing an electronic business card (EBC) access and organization service on the Web. The cardholder database is accessible and searchable from any browser connected to the Internet or the EBC service may be installed behind a conventional firewall and thus accessible only to intranet users. The service thus provides easy access to cardholder contact information with privacy assured by use of integrated access restrictions. Access to and delivery of contact information by the service is not limited to a Web browser interface as commonly known today. The service provides multi-mode access and/or data delivery interfaces. The service also provides an export feature that formats search results into a pre-defined file structure readable by a conventional contact management programs. Custom export file formats may also be defined provide even wider connectivity and cross-platform utility.

Abstract: An automated banking machine (12) is operative to conduct transactions in response to HTML documents and TCP/IP messages exchanged with a local computer system (14) through an intranet (16), as well as in response to messages exchanged with foreign servers (20, 22, 24, 26, 28, 96) in a wide area network (18). The banking machine includes a computer (34) having an HTML document handling portion (76, 80, 82). The HTML document handling portion is operative to communicate through a proxy server (88), with a home HTTP server (90) in the intranet or the foreign servers in the wide area network. The computer further includes a device application portion (84) which interfaces with the HTML document handling portion and dispatches messages to operate devices (36) in the automated banking machine. The devices include a sheet dispenser mechanism (42) which dispenses currency as well as other transaction devices.

Abstract: There are provided an electronic payment system using a multifunctional prepaid card which is commonly used in payment for use of services and purchase of goods, and a method of selling the multifunctional prepaid card. The electronic payment system includes a multifunctional prepaid card having a predetermined Personal Identification Number (PIN), shopping/service providing means for providing services and goods to a user of the multifunctional prepaid card and requesting the PIN of the multifunctional prepaid card for payment, and a prepaid card management system for managing state/balance information for PIN for the multifunctional prepaid card on a database, making a settlement by referring to the balance amount of the corresponding PIN if payment for a specific PIN is requested by the shopping/service providing means, and updating the settlement result on the database.

Abstract: A security system which notifies a card-holder when a charge is made on the card-holder's account. The merchant computer communicates the account number and amount to the processing computer. Using this information, the processing computer identifies the card-holder and sends a message that the card is being used. Ideally this message is an e-mail message sent to the card-holder's cellular phone. In the preferred embodiment, the card-holder is able to respond to the proposed charge by sending a “block” to the processing computer.

Abstract: A method and system for effecting a financial transaction over a public network without the submission of sensitive information. The system comprises a common controller in data communication with at least one public network. The common controller includes a processor for generating digital tokens wherein each digital token represents a particular monetary value and contains a particular digital signature and alterable digital token status data indicating ownership of the digital token. The system includes a plurality of user data communication interfaces in data communication with the public network. The processor of the common controller includes data bases for storing user account information such as user identification and PIN, and account values and for authenticating the user identification and PIN to determine whether access to the common controller is permitted.

Abstract: The present invention relates to producing and presenting negotiable instruments and, more specifically, to printing and presenting checks, which are resistant to forgery or fraud. The negotiable instrument comprises a numeric sequence printed in MICR font upside down across the top face of the negotiable instrument for electronic reading by a MICR reader. The numeric sequence provides for authentication of the payee name and the payment amount by a secure authentication server.

Abstract: A method of authenticating electronic data is disclosed. In the preferred embodiment, when a Receiver makes a request to a Signer (e.g., a bank customer asks the bank to issue E-Coin), the Receiver includes a “hint generation value” in the request, and from the hint generation value, a “hint value” is derived and recorded on a signing transcript. The hint generation value is essentially an encrypted version of the request submitted from the Receiver to the Signer. When a merchant/Verifier transmits deposit signatures corresponding to spent E-Coin to be deposited, the transmitted signature is decrypted and blinded by the Signer in the same manner as that used to create the hint value. Thus, the encrypted incoming deposit signature from the merchant/Verifier should match the hint value stored on the signing transcript, confirming that the E-Coin is valid without revealing any identifying information about who spent the E-Coin, i.e., anonymity is preserved.

Abstract: An IC card incorporates a processor, a memory, etc. The memory stores therein a general electronic money balance having an unlimited use range, a specific electronic money balance having a limited use range, and available genre information defining a use range of the specific electronic money balance. A transfer processing unit serves to transfer a specified amount of money from the general electronic money balance to the specific electronic money balance between two IC cards. A settlement processing unit compares genre information acquired from a purchased commodity or a provided service with the available genre information of the IC card and, only when a coincidence has occurred, deducts the purchased amount of money from the specific electronic money balance of the IC card.

Abstract: A payment management method and system for performing suitable payment management, wherein a user of a credit IC card can store a transaction history in the IC card, collate the transaction history with charged amount data possessed by a credit company, quickly confirm a payment due date, judge an illegal demand for purchase by a non-authorized user, and know charged amounts claimed for the next time. The system includes the IC car which stores the transaction history data therein, a terminal device for accessing the data within the IC card, and a serve of the credit company connected to the terminal device via network for storing credit user data demanded by a credit member store therein. The terminal device stores transaction history data at the time of a purchase into the IC card, extracts the credit user data from the server of the credit company, and collates the transaction history data read out from the IC card with the credit user data extracted from the server.

Abstract: A value transfer system of at least one VCD (Value Carrying Device) (1) and at least one VAD (Value Accepting Device) (2), the VAD (2) having a memory (53) for storing at least an aggregate value (28) of previous accepted values and a device for transferring a claiming message (13), the VCD (1) having a memory (52) for storing at least a balance value (7) and a device for transferring a proving message (14), wherein the VAD (2) includes into the claiming message (13) a transaction value (20), a previous aggregate value (21) and a corresponding previously computed proving cryptogram (22), the VCD (1) computes and includes into the electronic message (14) a transaction proving cryptogram (35), computed on the basis of the previous aggregate value (21), the corresponding previously computed proving cryptogram (22) and the transaction value (20), and the VCD (1) computes the at least one transaction proving cryptogram (35) only if it has established the correctness of the received previous aggregate value (21) by

Abstract: A user registers a user public key PKU as a pseudonym at a trustee or issuer and obtains an signature for the pseudonym as a license. The sends the pseudonym, PKU identification information IdU and the amount of withdrawal x to the issuer institution. The issuer increments a balance counter of the pseudonym by x, then generates an issuer signature SKI(PKU, x) with a secret key SKI, and sends the issuer signature as an electronic cash to the user. The user verifies the validity of the issuer signature with a public key SKI, and if valid, increments an electronic cash balance counter Balance by x. At the time of payment, user sends the public key PKU and the license to a shop, and the shop verifies the validity of the license, and if valid, sends a challenge to the user. The user attaches a signature to the challenge with user secret key SKU, then sends it to the shop together with the amount due y, and decrements the electronic cash balance counter by y.

Abstract: The present invention provides a system for electronic commerce that reduces the amount of data needed to be stored on a user computer or electronic device. A bank processor stores information corresponding to coins or funds and the user device (such as a payer or merchant processor) needs to only store a single secret key needed to access the data stored in the bank's memory. The user's device can be a smart card since only a minimal amount of data needs to be stored on the user's device. The bank processor of the present invention may hold disposable anonymous accounts in a bank memory. When a coin is spent, the corresponding account is deleted from the bank's memory and a new account is created which corresponds to a new coin. This completes a payment from a payer processor to a merchant processor. The new account is the merchant's account. This implementation avoids the threat of computer virus attacks since a smart card is far less susceptible to these.

Abstract: An electronic payment device and its method using an unbalanced binary tree are disclosed. The total unit n of the amount of money that user purchases is decomposed first into a Matrix of p rows×q columns. Then, a first one-way function h1 and a second one-way function h2 serve to define the one-way function operation of the first row and each column, respectively. When two numbers of operation times a and b are calculated by their formulas respectively, they are substituted into formula Xk=h2b(h1a(Xpq)). Namely, by the first one-way function h1, a times of operation is performed, and then by the second one-way function h2, b times of operation is performed, thus, a first data Xk of current consumption can be derived rapidly. The present invention has only a few times of operation, thus the calculating efficiency is improved greatly.

Abstract: A payment management method and system for performing suitable payment management, wherein a user of a credit IC card can store a transaction history in the IC card, collate the transaction history with charged amount data possessed by a credit company, quickly confirm a payment due date, judge an illegal demand for purchase by a non-authorized user, and know charged amounts claimed for the next time. The system includes the IC card which stores the transaction history data therein, a terminal device for accessing the data within the IC card, and a server of the credit company connected to the terminal device via a network for storing credit user data demanded by a credit member store therein. The terminal device stores transaction history data at the time of a purchase into the IC card, extracts the credit user data from the server of the credit company, and collates the transaction history data read out from the IC card with the credit user data extracted from the server.

Abstract: According to the present invention, when electronic money is sent from a given network to another network, a money change apparatus performs a money change process to change electronic money current on the given network into electronic money current on another network, and therefore when a user of the given network uses a settling process, by managing this money change process, it is possible to manage the interchange of electronic money between each of the users of the given network and each of the users of another network without affecting the working environment of electronic commerce. Electronic money current on LAN20 is referred to as local electronic money current only on the network.

Abstract: According to a data display method, data having a program unit and instruction data for the program unit multiplexed on bit stream data is received. The program unit is extracted from the received data and is stored in a memory. The instruction data is extracted from the received data, and the program unit or part thereof specified by the instruction data is read from the memory and is executed. Then, the bit stream data and the execution result are displayed. This ensures smooth synchronization of reproduction of a bit stream with execution of an associated program and efficient use of resources.

Abstract: A data copyright management system comprises a database for storing original data, a key control center for managing crypt keys, copyright management center for managing data copyrights, and a communication network for connecting these sections. Data supplied from the database to users is encrypted and distributed. The users decrypts the encrypted data by crypt keys obtained from the key control center or copyright management center. To supply data to users, there are the following two methods: a one-way supplying of encrypted data to users by means of broadcasting or the like; and two-way supplying of encrypted data to users corresponding to users' requests. A crypt key system used for encrypting data uses a secret-key cryptosystem, a public-key cryptosystem or a cryptosystem combining a secret-key and a public-key and further uses a copyright control program to control data copyrights.