TREA

Electronic equipment point-of-sale activation to avoid theft

Follow

Information

  • Patent Grant
  • 7275686
  • Patent Number
    7,275,686
  • Date Filed
    Tuesday, December 14, 2004
    19 years ago
  • Date Issued
    Tuesday, October 2, 2007
    17 years ago
Information
Abstract
In accordance with an embodiment of the present invention, an electronic device is displayed for purchase by a user and includes a controller and a protected area for storing a key and a bar code associated with and for identifying the device including a password unique to the device, wherein upon purchase of the device, the password is compared to the key and upon successful activation thereof, the device is activated, otherwise, the device is rendered inoperable.
Description
BACKGROUND OF THE INVENTION

1. Field of the Invention


The present invention relates generally to activation of electronic equipment, purchased by consumers, to avoid theft and particularly to activation of such electronic equipment at the point-of-sale thus allowing such electronic equipment to be displayed in the open, in a self-serve setting, yet avoiding theft of the same.


2. Description of the Prior Art


It has become customary and, in fact, prevalent to sell electronic equipment at retail stores that in the past did not participate in such sales. For example, retail stores, such as Walmart, Kmart, Walgreens, etc., regularly sell complex and sophisticated electronic cards as a big part of their retail sales. Flash cards fall into the category of such complex electronic cards and are thus an example of electronic card sales at the foregoing and other retail stores.


Flash cards and other types of electronic cards have become small in size throughout the years as modern technology advances and reaches new transistor size reductions. Due to the complexity and size of these types of cards, they are rather expensive. Sales of such cards is however, best done on a self-serve basis. That is, in the retail store, the customer generally likes to see the product at a location where it can be readily picked up and observed prior to purchase thereof as opposed to presented behind a locked window counter where a salesperson is required to present the product to the customer.


Self-serve sales of expensive electronic equipment, such as complex electronic cards, has posed a major problem to retail stores in that they can be easily stolen. This is particularly true of smaller-sized products, such as flash cards, as they can be easily hidden. Indeed, it has been shown, that fifty percent of shoplifting is performed by either casual shoppers or employees of the store. The amount of loss due to theft has risen and is now astronomical.


Thus, the need arises for a method and apparatus to avoid theft of electronic equipment at stores by activating the equipment only at the point-of-sale such that the equipment is inoperational prior to the activation thus discouraging the general public from inappropriately taking the equipment from the store.


SUMMARY OF THE INVENTION

Briefly, an embodiment of the present invention includes an electronic device displayed for purchase by a user, which includes a controller and a protected area for storing a key and a bar code associated with and for identifying the device including a password unique to the device, wherein upon purchase of the device, the password is compared to the key and upon successful activation thereof, the device is activated, otherwise, the device is rendered inoperable.


The foregoing and other objects, features and advantages of the present invention will be apparent from the following detailed description of the preferred embodiments which make reference to several figures of the drawing.





IN THE DRAWINGS


FIG. 1 shows an embodiment of the present invention using the “smart” card.



FIG. 2 shows an alternative embodiment of the present invention.



FIG. 3 illustrates an activation system 30 in accordance with an embodiment of the present invention.



FIG. 4 shows an enablement/activation system 50 in accordance with an embodiment of the present invention.



FIG. 5 shows another electronic card activation system 70 to present an application of an embodiment of the present invention.



FIG. 6 shows a flow chard describing the operation of the system 70 of FIG. 5.



FIG. 7 shows an anti-theft system 1000 including a device 1002 to be purchased and to be coupled to a barcode reader 1004, which is operated by a salesperson 1006 located in a store.



FIG. 8 shows the device 1002 coupled to the host 1010 and including the bar code 1008 and a protected area 1012, which is an area located in non-volatile memory or other storage media that is not alterable by a user.



FIG. 9 shows yet another embodiment of the present invention wherein each or a portion of the bits of the password reveal a code used to identify an adjacent or remaining bit.



FIGS. 10-13 show, in flow chart form, the steps performed by the system 1000 and the device 1002 during production of the device 1002, the sale of the device 1002, the use of the device 1002 and the application of the device 1002.



FIGS. 14-16 show various processes performed when the device 1002 is being activated on the Web or Internet, i.e. Web-activation.





DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS

Referring now to FIG. 1, an electronic card activation system 10 is shown to include a cash register 12, for use by a cashier 14, a reader 16, a card or product to be sold 18 and a server 20, in accordance with an embodiment of the present invention.


The cashier 14 is shown to operate the cash register 12, which is used to ring up or account for the sale of the card or product 18. The cash register 12 is shown coupled to the reader 16, which is shown coupled to the card 18. The server 20 is shown coupled to the cash register 12. The system 10 is typically located inside of a retail store although the server 20 may be physically located outside of the store, in perhaps, a remote central location with other servers serving all of the branches of the retail chain. The server 20 communicates with the reader 16 through the cash register 12. Alternatively, the server 20 is coupled for communication with the reader 16 directly.


In operation, a potential customer of the card 18 (not shown in FIG. 1) chooses to purchase the card 18 and thus presents the card to the cashier 14 for purchase thereof. The card 18 is first authenticated, a step well known to those of ordinary skill in the art. The card 18 is then placed in the reader 16 where it is determined that activation of the card 18 is required prior to proper operation thereof. This is done by reading the bar code that appears on the card 18. That is, the particular bar code, appearing on the card 18, indicates to the reader 16 that the card is yet to be activated, prior to proper operation.


If the card 18 was purchased by bypassing the reader 16, the cashier would read the bar code of the card 18, through the cash register 12, and communicate this information to the server 20, which would determine that the card 18 is inoperable unless activated, thus, sale of the card to the customer would be avoided until such activation occurred. This is one method and apparatus of the present invention.


Another method and apparatus is to have a host device read the information on the card and the host, through a command, enables the card.


The reader 16 optionally includes a controller circuit 24. The need for the controller 24 is based on the type of card or product that the card (or product) 18 is known to be. In one embodiment of the present invention, the card 18 is other than a “smart” card indicating that it includes memory as well as a controller circuit in which case the reader 16 may not include the controller circuit 24. In fact, the card can activate itself, as will be discussed later. The latter embodiment is shown in FIG. 2.


In another embodiment of the present invention, as shown in FIG. 1, the card 18, while including memory, does not include a controller circuit. In this case, the reader 16 will need to include the controller circuit 24. Preferably, the reader 16 includes the controller circuit 24 so as to be able to accommodate non-smart cards as well as smart cards (different form factors) that do not have a controller circuit.


Once the card 18 has been placed in the reader 16, the former is interrogated by the latter as to whether or not a controller is included within the card 18, as shown in FIG. 2, within the card 26, where the controller 30 is shown to be coupled to the non-volatile memory 28. In the embodiment of FIG. 2, encrypted communication is used between the server 20 (of FIG. 1) and the card. It should be noted that while not shown, the coupling and structures of FIG. 1 apply to FIG. 2 except for those already shown in FIG. 2.


In the embodiment of FIG. 2, the card 26 activates itself. Activation will be discussed in further detail below. Once a card has been activated, whether the card is a “smart card”, i.e. does not include a controller, or otherwise, an area in the memory of the card is reserved by the reader 16, which includes “purchase” information regarding the card. The “purchase” information is typically unique to the card being purchased by the consumer or customer. Examples of the information included within the “purchase” information are the purchase price of the card, the particular store in which the card is being sold, the location of the store in which the card is being purchased, time of purchase of the card, the person or customer to which the card is being sold, and the like. Such “purchase” information can prove to be valuable to retail store owners in that they help to provide valuable inventory information. Alternatively, such “purchase” information is stored in a server, such as server 20 of FIG. 1. For example, a collection of such “purchase” information of a large number of sales of cards in a particular store is perhaps indicative of the need for additional cards in the particular store. This information can prove valuable to the manufacturer of such cards or electronic equipment, as the latter can be assessed by its manufacturing requirements and thus avoid over-stocking or under-stocking.


Even more importantly, the “purchase” information provides information regarding the legitimacy of the sale in that the information would provide when the card was purchased, by whom, the location of the sale, etc. The “purchase” information, once residing in the reserved area of the memory of the card, can only be read by the reader 16 and no other application will have access to it. To other applications, the reserved area may appear to be “defective”, whereas to the reader 16 and only to the reader 16, it includes the “purchase” information and can be read accordingly this reserved area can also be designed to include specific information regarding the type of camera or digital application which the customer has purchased and it would enable the customer to download specific drivers or software from a web site where it would enhance the performance of the overall system. It is also possible to store in the reserved location, data such as rebate information which can be enabled by the register, so that the customer can receive such information on its web site or have it printed.


More specifically, a reserved area is designated within the memory and within the reserved area, which is typically organized in blocks, a block that does not have manufacturing defect is identified and it is programmed with the “purchase” information and then designated as being “defective” by setting a flag. This is only to indicate to other applications not to use the reserved area and actually, the reserved area is not necessarily defective. This is known to the current application by yet another designation of a signature that is identified in the future indicating that the reserved block is o.k. and does actually include the “purchase” information.


An additional advantage of the “purchase” information is eliminating photo processing time. That is, since the customer's information is included in the purchased card, if, for example, the card is to be used to store photos, the processing time can be significantly reduced because the customer's information is already available on the card. Thus, each time the customer returns to the store for the processing of a new set of photos recently stored on the card, the card can be merely dropped off without any further information being requested by the store and can be picked up without much processing once the photos have been developed.


It should be noted that the card 18 of FIG. 1 or the card 26 of FIG. 2 includes non-volatile memory (in FIG. 1, this is shown as non-volatile memory 22 and in FIG. 2, this is shown as non-volatile memory 28) as memory. In fact, the “purchase” information ultimately resides in the reserved area within the non-volatile memory, or it can reside in a hard disk drive. Such non-volatile memory exhibits characteristics readily known to those of ordinary skill in the art, such as preserving the value which has been programmed therein even when power is disconnected. One of the applications of such non-volatile memory to store electronic photographs. Thus, the card 18 of FIG. 1 or the card 26 of FIG. 2 can be used as digital film, purchased by a consumer to use in a digital camera. This is however, only one application of many known to or perceived by those of ordinary skill in the art.


In FIG. 1, as stated earlier, the server 20 can be physically located within the retail store or may be physically located elsewhere. Typically, the server 20 is connected to a central server, which hosts many other servers as well. For example, a retail store such as Walmart, may have a server or two located within each of its retail chain stores and each of these servers would be such as server 20 and then the server 20 may be connected to a central server that is physically remotely located with respect to the server 20 and to which many other servers that serve the rest of the retail chain stores are connected.


In yet another embodiment of the present invention, the server 20 is not needed and the reader 16 is self-contained in that the software that resides within the server 20 to detect what type of card is being purchased and to then activate the latter, resides within the reader 16 rather than the server 20. However, a drawback with the latter embodiment is that if the reader 16 is stolen, which is likely to happen by an employee of the store or even a casual shopper, cards, such as the card 18, need not be purchased and can rather be stolen and programmed or activated by the stolen reader 16. This can be avoided by the use of the server 20 in that the server is not likely to be stolen given its large size and that it is generally located in a secure area within the store. Even if the reader 16 is stolen, the card 18 cannot be activated without the server 20.


In the case of the embodiment of FIG. 2, where the controller 30 is provided within the card 26, the server 20 and the controller 30 communicate using encryption, thus, making it harder for an outsider to intercept the information being communicated therebetween. Also, as mentioned hereinabove, the controller 26 can activate itself without the need for the reader 20 to do the same.


Now, a discussion of the “activation” of the card, such as cards 18 or 26, will be presented, with respect to the use of a “smart” card, such as the card 18, which does not include a controller and will use the reader 16 to activate the card. This discussion will be presented with reference to FIG. 3.


In FIG. 3, an activation system 30 is shown in accordance with an embodiment of the present invention to include a “smart” card to be sold 32 coupled to a reader 34. As noted earlier, in the case of the smart card, no controller resides within the card 32, thus, the reader 34 includes a controller and is used to activate the card 32. Whereas, alternatively, if a card includes a controller, the activation can take place without the need for a reader as the card is self-contained including a controller circuit.


In FIG. 3, the card 32 is shown to include a flash ready/bsy* port 36, a flash data bus port 38 and a control port 40. The port 38 is used for transferring data between the card 32 and other electronic circuits, such as perhaps, the reader 34 although the same is not shown in FIG. 3. The control port 40 is used for transferring control signals to and from the card 32 and the flash ready/bsy* port 36 indicates whether the card 32 is accessible or busy and is used in the activation process. That is, the port 36 is connected to a pull-up resistor 42, which is connected to Vcc or a high logic state, within the reader 34 or a host of some sort. This creates an open drain signal such that prior to activation, the port 36 will indicate that the card is busy by being at a “low” logic state, as the other end of the port, within the card 32 is connected to ground by the fuse/switch 44.


When activation takes place, a large amount of current, such as one Amp, enough to “pop” or disconnect the fuse 44 is applied at 46 and when this occurs, the port 36 will go to a “high” logic state indicating that it is ready as opposed to busy and is then operational. It should be understood that more than one time is required for the application of enough current for the fuse 44 to blow. For example, current is applied at 46 for the first time in an effort to blow the fuse 44, then a timer is set within which time, it will be determined as to whether or not the card has become operational, i.e. the port 36 is at a ready state. The reader reads the port 36 after the application of current, if the port still appears to read as “busy” rather than “ready”, a higher or the same amount of current is applied at 46 and the then the port 36 is read and again, if it is not at a ready state, still current is applied until the fuse 44 is blown within the time frame set by the timer. After the fuse is blown such that the port 36 is read as being ready, the card is declared operational. If the fuse is not blown by the time frame indicated by the timer, the card does not become operational and perhaps the process is repeated or another card is purchased.


Alternatively, no fuse is used; rather, the port 36 is controlled through firmware where it is programmed to be at a ready state. The latter is particularly practical when other than a smart card is used where the card includes a controller and the controller can then program the port 36. The embodiment of using firmware to program the port 36 is obviously faster than the embodiment of blowing the fuse.


Presently, in the market, there are many technologies using radio frequency (RF) for the purpose of reading information from a device/product and using the same for applications such as inventory handling, such is commonly referred to as RF identification (RFID).


But there are no products in the marketplace currently where RF can enable the product at the point of sale, such as presented in an embodiment of the present invention. There are products currently in the market, such as sensors, for detecting theft, however, this can be easily bypassed resulting in the theft of the product. Thus, point of sale enablement is the best way to discourage theft.


In another embodiment of the present invention, another method of enablement of a device is through RF communication with the device where a card can be enabled by a simple RF signal which can be basically an electronic ‘short’ circuit or ‘open’ bit or signal/switch to the internal circuitry. An example of such a method is illustrated in FIG. 4.


In FIG. 4, an enablement/activation system 50 is shown, in accordance with an embodiment of the present invention, to include a controller 52 coupled to two or more nonvolatile or flash memory devices, 54 and 56. The controller is coupled to a switch 58, which can be caused to switch between Vcc at 60 or ground at 62. Depending on the programming or setting of the switch 58, the system 50 is enabled or not.


That is, the switch 58 acts as an open or short signal to the controller 52. In this mode, once the system 50, which can be in the form of an electronic card, is placed into an application slot or socket (not shown), the value of a signal 64, sensed at switch 58, is evaluated and if the sensed value is high or Vcc (generally 5V although any other value indicating a logic ‘1’ or high state may be used), the card remains disabled. However, if the card has been through a proper scanner with the appropriate frequency having been applied thereto, the value at the signal 64 will indicate a state of zero because the switch 58 would have basically caused a short or grounded. In the latter case, the controller 52 will have been enabled and operational in the application socket, whereas, in the case where it was disabled, it would have been inoperational. For better security, the switch 58 is placed physically within the controller 52. Alternatively, the sense of the switch 58 can be implemented as a value in a register.


In FIG. 5, another electronic card activation system 70 is shown to present an application of an embodiment of the present invention, as perhaps, used by the retail store Walmart. The system 70 is shown to include a server 72, a Walmart headquarter operation 74 and a local Walmart retail store 76. The server 72 is shown to be coupled to the operation 74 and the store 76. In fact, it makes sense for a large retail store, such as Walmart, to use a central server, such as the server 72. The operation 74 is shown linked to the store 76.


The store 76 is shown to include a number of cash registers 78 and each cash register is shown to include reader devices 80. The reader devices 80 operate to enable a card being purchased at the corresponding cash register by using the server 72.


The operation of FIG. 5 is discussed in conjunction with the flowchart of FIG. 6. In FIG. 6, at step 82, a card (not shown) that is to be purchased by a customer of Walmart is inserted into one of the readers 80 of a corresponding cash register 78. Next, at step 84, the server 72 interrogates the card to be purchased (referred to as the ‘device’ or ‘electronic device’ in FIG. 6) with specific commands. Next, at step 86, the device sends encrypted information back to the server 72 regarding its identification. The server 72, at step 88, evaluates the received encrypted information and at 90, a determination is made as to the validity of the received information by the server 72. If at 90, it is determined that the data is not valid, the operation stops at 92 and the card or device is not activated or enabled, thus, the customer is unable to operate it as the card is rendered inoperational. However, at 90, if a determination is made that the data is valid, a handshake occurs between the server 72 and the device or card by using vender-unique commands and/or encrypted data and the card is enabled or activated thus being operational and usable by the customer.


In accordance with yet another embodiment of the present invention, a device, such as the card 18 of FIG. 1 or any other consumer electronic device, includes or is associated therewith a bar code including a password as a theft-prevention measure. The bar code appears on the card or packaging of the card as bar codes generally seen on products in stores for purchase. However, the bar code includes a password, which may be either in its raw format or encrypted or encoded in some fashion and as described hereinbelow. The password is generally embedded in the bar code so that upon reading the bar code the password becomes known. Verification of the password enables the card or device to operate properly, otherwise, the card or device remains inoperable and essentially useless thus discouraging theft thereof. To this end, perhaps, an example of such an anti-theft system will be helpful to the reader.



FIGS. 7-16 show yet another anti-theft embodiment(s) of the present invention, as will be discussed in detail below with respect to each figure but for now, suffice it to say that in the embodiments to follow, a product or device for purchase is displayed in a retail store. A potential user of the user, i.e. the customer, then wishes to purchase the device and the device is brought to the cash register to be purchased. At the cash register, the device is scanned by the salesperson using the Unique Product Code (UPC) of the device. The scanned code is processed by the server of the retail store and the scanned code is then encoded with a key (or another code) thereby generating a password that is then printed on a receipt that is provided to the customer.


A record of the sale of the device is then maintained by the retail store, such as in the retail store's server, i.e. the scanned code is recorded in the retail store's server for future verification of authorized sale of the device.


The customer or user then activates the device using the password in various ways, such as at a kiosk, at a home computer or other ways anticipated by those skilled in the art. Some of these methods of activation are discussed below, others, are anticipated.


The foregoing method may be employed for different reasons, one is obviously for security, another is for inventory, yet another reason is for product integrity.



FIG. 7 shows an anti-theft system 1000 including an electronic device 1002 to be purchased and to be coupled to a bar code reader 1004, which is operated by a salesperson 1006 located in a store. The device 1002 includes a bar code 1008, which is similar to bar codes appearing on products currently displayed for purchase in stores. However, the bar code 1008 includes a password, unknown to prior art systems, that may be one or more bits and that may appear as a raw value or encrypted or encoded in some manner. In alternative embodiments, the bar code 1008 of FIG. 7 may appear on the packaging of the device 1002 rather than on the device itself. Packaging is used for physical protection or security of the device. In fact, the bar code 1008 may appear in any location visible and readable by the reader 1004. In yet another embodiment, the password may be included in a bar code other than the bar code 1008, in other words, there may be two bar code being employed, one for the inclusion of the password and the other for use in purchasing the device. In yet other embodiments, the password may be included in values other than a code.


In operation, during purchase of the device 1008, the latter is presented to the salesperson 1006 for purchase and is then scanned, by the salesperson, to specifically scan or read the bar code 1008 of the device 1002 by coupling the device 1002 to the reader 1004 to allow reading of the bar code 1008 and verification thereof prior to purchase. It should be noted that without such verification, the device 1002 is essentially inoperable and thus rendered useless. The verification process includes confirmation or verification of a password assigned to the particular device 1002, which is unique to the latter and that will be discussed in further detail hereinbelow.


The reader 1004 reads the bar code 1008 and upon reading the same, the reader 1004 becomes aware or deciphers the password embedded in the bar code 1008. The password (not shown in FIG. 7) is then printed on a receipt that is presented to the user or purchaser of the device 1002 upon completion of purchase of the device. The user ultimately enters such a password prior to using the device 1002 and upon verification of the password, the device 1002 is enabled for use. Thus, for example, if the device 1002 is digital film or a storage device, it is enabled for use where electronic images may be stored therein after verification of the password. That is, upon verfication of the password, the device 1002 becomes readable and/or writable.



FIG. 8 shows the device 1002 coupled to the host 1010 and including the bar code 1008 and a protected area 1012, which is an area located in non-volatile memory or other storage media that is not alterable by a user. The protected area 1012 is used to store code or software for execution thereof and for the sole purpose of verifying the password and ultimately enabling the device 1002 upon verification of the password.



FIGS. 10-13 show, in flow chart form, the steps performed by the system 1000 and the device 1002 during production of the device 1002, the sale of the device 1002, the use of the device 1002 and the application of the device 1002.



FIG. 10 shows the steps performed during manufacturing or production of the device 1002. At 1020, two codes are generated by a unit that is used to test the device 1002, i.e. the tester. One of these two codes is used to generate the bar code, or the bar code 1008 and another is a key, which is an ‘n’ digit value used as password. In the example that is being discussed, the key is four digits and the code that is used to generate the bar code is a ten digit value. At 1022, the ten digit code or number is used to generate the barcode 1008. At 1024, the tester stores the four digit key in a protected area. An example of a protected area is in the same area that is used to store firmware (executable code), i.e. an area of memory within the device 1002 for storing firmware and that can be read only by the manufacturer of the device 1002.


At 1026, a vendor unique command is sent to the device 1002 causing the device 1002 to be inoperable as to any function it is intended on performing except for the purpose of verifying the password. After 1022, at 1028, the bar code 1008 that was generated at 1022 is printed and placed on either the packaging of the device 1002 or the device 1002 itself.



FIG. 11 shows the steps performed at the time of sale of the device 1002. At 1030, the bar code 1008 is scanned by the reader 1004. Next, at 1032, the bar code is used to generate a four-digit key or password, which may be any ‘n’ or integer number of digits and need not be four. There are various ways in which the key is generated, which will be discussed in further detail below. This is performed either by the reader 1004 of FIG. 7 or by a cash register. Next, at 1034, the key or password is printed on a receipt that is provided to the customer.


In one embodiment of the present invention, the password is a raw value that appears as a part of or embedded within the bar code 1008. The password or key may be ‘n’ digits. In another embodiment of the present invention, the password is encoded such that the bar code 1008 alone will not reveal the actual value of the password. Such encoding may be done using any known encoding schemes.


In yet another embodiment of the present invention, an example of which is provided in FIG. 9, each or a portion of the bits of the password reveal a code used to identify an adjacent or remaining bit. An example of such a coding of every or some bits is shown in FIG. 9 such that the password 1058 includes the value ‘5’ at location 1060 meaning that the value adjacently to the left thereof, or at 1062, is a value resulting the value at location 1060, or 5, minus ‘1’, which is the value ‘4’. Any algorithm or coding may be employed to generate adjacent or other bits of the password 1058.


In FIG. 12, steps for the activation of the device 1002 after purchase thereof are shown. Steps 1036-1040 show the activation process for home activation and steps 1042-1046 show the activation process for store or kiosk activation right after the purchase of the device in the store.


At 1036, due to the execution of a software program, located in the protected area 1012 of FIG. 7, an activation code or password is requested of the purchaser, user or customer. The code or password appears on the customer receipt, as noted with reference to FIG. 11. Next, at 1038, the user enters the activation code or password, which is then sent to a controller, such as the controller 1060 of FIG. 8, shown coupled to the host 1010. A comparison is made of the activation code entered by the customer and that which is stored in the purchased device and particularly in the protected area 1012. Upon the detection of a match or successful comparison of the customer-provided activation code and the stored activation code, the device 1002 is declared and becomes readable and writeable. From this point on, the device 1002 can be used, as it is intended to function, by the customer.


Another manner for accomplishing proper operation of the device is to activate the device at the store or kiosk. That is, in FIG. 12, at step 1042, a customer or user inserts the device 1002, an example of which may be a memory card, into a (media) reader and the customer is then asked for the activation code or password, which is obtained, as described hereinabove. Next, at 1044, the customer enters the activation code and the activation code is provided to the controller 1060. Next, the customer-provided activation code is compared with an activation code that is stored in the controller 1060 and if a match is detected, at 1046, the device 1002 becomes readable and writeable, i.e. operational. If a match is not detected either at the store/kiosk or during home activation, the device 1002 maintains its status of limited access and will not be operational in a manner intended.


Yet another way of activating the device 1002, which is not depicted in the figures herein is to have the customer enter the activation code or password in a website, such as in the website of the manufacturer of the device. The activation code would then be provided to the controller for comparison in a manner as described hereinabove.



FIG. 13 is an example of how the device is activated at step 1040 without using a vendor unique command. It should be understood that other methods of implementing password match may be used for activating the device.


In FIG. 13, at step 1048, the controller 1060 is in a locked state, i.e. inoperable, and awaiting a write operation to the partition boot record (PBR). Next, at step 1050, the software program of step 1036 that is being executed receives an activation code from the user 1006 and passes the received activation code onto the controller 1060 via a standard or vendor unique command. Next, at step 1052, using a Windows Operating System standard format command, the PBR is attempted to be written and a volume label of the PBR is embedded with the activation code. A volume label is a letter that is assigned by a personal computer manufacturer or operating system manufacturer to a drive, for example, the letter “C:” is normally assigned to the hard disk drive of a computer and other letters are assigned to identify other drives. Next, at 1054, when the controller 1060 receives a write PBR command, it parses the sector that was sent for the volume label. Next, at 1056, if the volume label is sent from the software application being executed, and the password written in the firmware or protected area 1012 match, the device 1002 is unlocked, otherwise, a predetermined number of failed attempts is allowed before the device is permanently locked and can then only be unlocked by the manufacturer of the device, such as Lexar Media, Inc. of Fremont, Calif. An exemplary embodiment will allow a total number of eight attempts to match the password, although, other number of matches may be employed.



FIGS. 14-16 show various processes performed when the device 1002 is being activated on the Web or Internet, i.e. Web-activation.


In FIG. 14, at the level of production of the device 1002, at 1060, a tester generates two codes, a first code is a random number that is 10 digits in an exemplary embodiment but can be more or less digits in other embodiments, the code is used as a bar code and the second code is a four digit code in an exemplary embodiment but may be other number of digits. At 1062, the tester writes the second code in the protected area 1012 or in the area where the firmware or software code is located. Next, optionally, at 1064, the password is scrambled within 512 bytes (or a sector size of data bytes) of random data. In other embodiments, the password is not scrambled, thus, step 1064 is avoided.


Next, at 1066, a vendor unique command is sent to the device 1002 in order to render the device 1002 as a read-only device to avoid undesirable alteration of its contents. After 1060, at 1068, the first code is coupled to the Unique Product Code (UPC) (or bar code) of the device 1002 and the coupled value is stored in the manufacturer's server. The UPC (or bar code) is the bar code appearing on a product displayed for purchase that is currently used on most products.


In FIG. 15, a retail level processes are shown where at 1070, the UPC associated with the device 1002 that is now on display for purchase and the user 1006 has decided to purchase the same is scanned at the retail register, such as 12 of FIG. 1. The UPC is then stored on the retail store's server, at 1072, to signify that the device 1002 has been purchased and the UPC is then printed on the receipt provided to the customer/user upon purchase of the device 1002.



FIG. 16 shows steps or processes, at the user/controller level, where the user has already purchased the device 1002 and wishes to activate the device 1002. At 1074, the user executes application to connect to the Internet. Next, at 1076, the application prompts the user for UPC of the device 1002. At 1078, the user enters the UPC and the UPC is sent to the manufacturer (such as Lexar Media Inc.) via the Internet. Next, at 1080, the manufacturer's server checks the retail store's server, the retail store being the store in which the user purchased the device, to verify purchase of the device 1002. As a reminder, the UPC was stored in the retail store's server at step 1072 of FIG. 15 and this is what the manufacturer server checks for verification of purchase of the device 1002 at 1080.


Next, at 1082, the manufacturer's server uses the first code that was coupled to the UPC at step 1068 of FIG. 14, to generate the second code (or key). As previously stated, the first code in one embodiment of the present invention is a 10 digit code and the second code in one embodiment of the present invention is a four digit code. Next, at 1084, the manufacturer's server returns the second code (or key) to an activation program. Next, at 1086, the activation program sends the second code to the device 1002 and a comparison operation is performed between the second code and the key that is stored in the protected area 1012. If a match between the second code and the key that is stored in the protected area 1012 is found, the device 1002 becomes operable and it is thereafter capable of being written thereto and being read therefrom.


It should be understood that wherever use of the vendor unique command is indicated herein, other types of identification may be employed with any known interface without departing from the scope and spirit of the present invention. It should also be understood that wherever the structure or term ‘server’ is used in the foregoing, any other storage device may be employed without departing from the scope and spirit of the present invention.


Although the present invention has been described in terms of specific embodiments it is anticipated that alterations and modifications thereof will no doubt become apparent to those skilled in the art. It is therefore intended that the following claims be interpreted as covering all such alterations and modification as fall within the true spirit and scope of the invention.

Claims
  • 1. A method for reducing the incidence of theft of an electronic device for purchase comprising: generating a first code uniquely identifying an electronic device, during manufacturing of the device that is only known to the manufacturer of the device, for purchase;generating a second code;embedding a password including the second code in the first code;storing the second code in a protected area that is in a non-volatile location within the device and accessible only by use of a vendor unique command;during purchase of the device, determining if the device comprises a controller;if the device comprises a controller, the controller receiving an encrypted version of the password that is decrypted to a decrypted password;comparing a portion of the decrypted password with the stored code; andupon successful comparison of the portion of the decrypted password with the stored code, allowing activation of the device.
  • 2. A method for reducing the incidence of theft of an electronic device for purchase comprising: generating a code uniquely identifying an electronic device for purchase;authenticating the device using the code;during purchase of the device, determining if the device comprises a controller;during purchase of the device and if the device comprises a controller, enabling operation of the device using radio frequency (RF) over an encrypted communication that is decrypted by the controller; andupon lack of authentication, avoiding enabling operation of the device.
CROSS REFERENCE TO RELATED APPLICATION

This application claims the benefit of a previously filed U.S. Provisional Patent Application No. 60/530,876, filed on Dec. 17, 2003 and entitled “Electronic Equipment Point-of-Sale Activation To Avoid Theft”, the disclosure of which is hereby incorporated by reference as though set forth in full.

US Referenced Citations (272)
Number Name Date Kind
4099069 Cricchi et al. Jul 1978 A
4130900 Watanabe Dec 1978 A
4210959 Wozniak Jul 1980 A
4309627 Tabata Jan 1982 A
4355376 Gould Oct 1982 A
4398248 Hsia et al. Aug 1983 A
4405952 Slakmon Sep 1983 A
4414627 Nakamura Nov 1983 A
4450559 Bond et al. May 1984 A
4456971 Fukuda et al. Jun 1984 A
4468730 Dodd et al. Aug 1984 A
4473878 Zolnowsky et al. Sep 1984 A
4476526 Dodd Oct 1984 A
4498146 Martinez Feb 1985 A
4525839 Nozawa et al. Jun 1985 A
4532590 Wallach et al. Jul 1985 A
4609833 Gutterman Sep 1986 A
4616311 Sato Oct 1986 A
4654847 Dutton Mar 1987 A
4710871 Belknap et al. Dec 1987 A
4746998 Robinson et al. May 1988 A
4748320 Yorimoto et al. May 1988 A
4757474 Fukushi et al. Jul 1988 A
4774700 Satoh et al. Sep 1988 A
4780855 Iida et al. Oct 1988 A
4788665 Fukuda et al. Nov 1988 A
4797543 Watanabe Jan 1989 A
4800520 Iijima Jan 1989 A
4829169 Watanabe May 1989 A
4843224 Ohta et al. Jun 1989 A
4896262 Wayama et al. Jan 1990 A
4914529 Bonke Apr 1990 A
4920518 Nakamura et al. Apr 1990 A
4924331 Robinson et al. May 1990 A
4943745 Watanabe et al. Jul 1990 A
4953122 Williams Aug 1990 A
4970642 Yamamura Nov 1990 A
4970727 Miyawaki et al. Nov 1990 A
5016274 Micali et al. May 1991 A
5070474 Tuma et al. Dec 1991 A
5093785 Iijima Mar 1992 A
5168465 Harari Dec 1992 A
5180902 Schick et al. Jan 1993 A
5198380 Harari Mar 1993 A
5200959 Gross et al. Apr 1993 A
5218695 Noveck et al. Jun 1993 A
5220518 Haq Jun 1993 A
5226168 Kobayashi et al. Jul 1993 A
5227714 Lou Jul 1993 A
5253351 Yamamoto et al. Oct 1993 A
5267218 Elbert Nov 1993 A
5268318 Harari Dec 1993 A
5268870 Harari Dec 1993 A
5270979 Harari et al. Dec 1993 A
5293560 Harari Mar 1994 A
5297148 Harari et al. Mar 1994 A
5303198 Adachi et al. Apr 1994 A
5305276 Uenoyama Apr 1994 A
5305278 Inoue Apr 1994 A
5315541 Harari et al. May 1994 A
5315558 Hag May 1994 A
5329491 Brown et al. Jul 1994 A
5337275 Garner Aug 1994 A
5341330 Wells et al. Aug 1994 A
5341339 Wells Aug 1994 A
5341341 Fukazo Aug 1994 A
5353256 Fandrich et al. Oct 1994 A
5357475 Hasbun et al. Oct 1994 A
5359569 Fujita et al. Oct 1994 A
5365127 Manley Nov 1994 A
5369615 Harari et al. Nov 1994 A
5371702 Nakai et al. Dec 1994 A
5381539 Yanai et al. Jan 1995 A
5382839 Shinohara Jan 1995 A
5384743 Rouy Jan 1995 A
5388083 Assar et al. Feb 1995 A
5396468 Harari et al. Mar 1995 A
5404485 Ban Apr 1995 A
5406527 Honma Apr 1995 A
5418752 Harari et al. May 1995 A
5422842 Cernea et al. Jun 1995 A
5422856 Sasaki et al. Jun 1995 A
5428621 Mehrotra et al. Jun 1995 A
5430682 Ishikawa et al. Jul 1995 A
5430859 Norman et al. Jul 1995 A
5431330 Wieres Jul 1995 A
5434825 Harari Jul 1995 A
5438573 Mangan et al. Aug 1995 A
5465235 Miyamoto Nov 1995 A
5465338 Clay Nov 1995 A
5471478 Mangan et al. Nov 1995 A
5473765 Gibbons et al. Dec 1995 A
5479638 Assar et al. Dec 1995 A
5485595 Assar et al. Jan 1996 A
5490117 Oda et al. Feb 1996 A
5495442 Cernea et al. Feb 1996 A
5504760 Harari et al. Apr 1996 A
5508971 Cernea et al. Apr 1996 A
5513138 Manabe et al. Apr 1996 A
5515333 Fujita et al. May 1996 A
5519847 Fandrich et al. May 1996 A
5523980 Sakui et al. Jun 1996 A
5524230 Sakaue et al. Jun 1996 A
5530673 Tobita et al. Jun 1996 A
5530828 Kaki et al. Jun 1996 A
5530938 Akasaka et al. Jun 1996 A
5532962 Auclair et al. Jul 1996 A
5532964 Cernea et al. Jul 1996 A
5534456 Yuan et al. Jul 1996 A
5535328 Harari et al. Jul 1996 A
5541551 Brehner et al. Jul 1996 A
5544118 Harari Aug 1996 A
5544356 Robinson et al. Aug 1996 A
5552698 Tai et al. Sep 1996 A
5554553 Harari Sep 1996 A
5563825 Cernea et al. Oct 1996 A
5566314 DeMarco et al. Oct 1996 A
5568439 Harari Oct 1996 A
5572466 Sukegawa Nov 1996 A
5579502 Konishi et al. Nov 1996 A
5581723 Hasbun et al. Dec 1996 A
5583812 Harari Dec 1996 A
5592415 Kato et al. Jan 1997 A
5592420 Cernea et al. Jan 1997 A
5596526 Assar et al. Jan 1997 A
5598370 Niisima et al. Jan 1997 A
5602987 Harari et al. Feb 1997 A
5603001 Sukegawa et al. Feb 1997 A
5606660 Estakhri et al. Feb 1997 A
5611067 Okamoto et al. Mar 1997 A
5640528 Harney et al. Jun 1997 A
5642312 Harari Jun 1997 A
5648929 Miyamoto Jul 1997 A
5663901 Wallace et al. Sep 1997 A
5693570 Cernea et al. Dec 1997 A
5712819 Harari Jan 1998 A
5719808 Harari et al. Feb 1998 A
5723990 Roohparvar Mar 1998 A
5734567 Griffiths et al. Mar 1998 A
5745418 Ma et al. Apr 1998 A
5754567 Norman May 1998 A
5757712 Nagel et al. May 1998 A
5758100 Odisho May 1998 A
5761117 Uchino et al. Jun 1998 A
5768190 Tanaka et al. Jun 1998 A
5768195 Nakamura et al. Jun 1998 A
5773901 Kanter Jun 1998 A
5778418 Auclair et al. Jul 1998 A
5781478 Takeeuchi et al. Jul 1998 A
5787445 Daberko Jul 1998 A
5787484 Norman Jul 1998 A
RE35881 Barrett et al. Aug 1998 E
5799168 Ban Aug 1998 A
5802551 Komatsu et al. Sep 1998 A
5809515 Kaki et al. Sep 1998 A
5809558 Matthews et al. Sep 1998 A
5809560 Schneider Sep 1998 A
5818350 Estakhri et al. Oct 1998 A
5818781 Estakhri et al. Oct 1998 A
5822245 Gupta et al. Oct 1998 A
5822252 Lee et al. Oct 1998 A
5822781 Wells et al. Oct 1998 A
5831929 Manning Nov 1998 A
5835935 Estakhri et al. Nov 1998 A
5838614 Estakhri et al. Nov 1998 A
5845313 Estakhri et al. Dec 1998 A
5847552 Brown Dec 1998 A
5860083 Sukeawa Jan 1999 A
5860124 Matthews et al. Jan 1999 A
5862099 Gannage et al. Jan 1999 A
5874902 Heinrich et al. Feb 1999 A
5890192 Lee et al. Mar 1999 A
5901086 Wang et al. May 1999 A
5907856 Estakhri et al. May 1999 A
5909586 Anderson Jun 1999 A
5920884 Jennings, III et al. Jul 1999 A
5924113 Estakhri et al. Jul 1999 A
5928370 Asnaashari Jul 1999 A
5930815 Estakhri et al. Jul 1999 A
5933368 Ma et al. Aug 1999 A
5933846 Endo Aug 1999 A
5936971 Harari et al. Aug 1999 A
5937425 Ban Aug 1999 A
5953737 Estakhri et al. Sep 1999 A
5956473 Ma et al. Sep 1999 A
5959926 Jones et al. Sep 1999 A
5966727 Nishino et al. Oct 1999 A
5986933 Takeuchi et al. Nov 1999 A
5987563 Itoh et al. Nov 1999 A
5987573 Hiraka Nov 1999 A
5991849 Yamada et al. Nov 1999 A
5995006 Walsh Nov 1999 A
6011322 Stumfall et al. Jan 2000 A
6011323 Camp Jan 2000 A
6018265 Keshtbod Jan 2000 A
6021408 Ledain et al. Feb 2000 A
6026020 Matsubara et al. Feb 2000 A
6026027 Terrell, II et al. Feb 2000 A
6034897 Estakhri et al. Mar 2000 A
6035357 Sakaki Mar 2000 A
6040997 Estakrhi Mar 2000 A
6047352 Lakhani et al. Apr 2000 A
6055184 Acharya et al. Apr 2000 A
6055188 Takeuchi et al. Apr 2000 A
6069827 Sinclair May 2000 A
6072796 Christensen et al. Jun 2000 A
6076137 Asnaashari Jun 2000 A
6081447 Lofgren et al. Jun 2000 A
6081878 Estakhri et al. Jun 2000 A
6084483 Keshtbod Jul 2000 A
6097666 Sakui et al. Aug 2000 A
6104281 Heinrich et al. Aug 2000 A
6115785 Estakhri et al. Sep 2000 A
6122195 Estakhri et al. Sep 2000 A
6125424 Komatsu et al. Sep 2000 A
6125435 Estakhri et al. Sep 2000 A
6128695 Estakhri et al. Oct 2000 A
6134145 Wong Oct 2000 A
6134151 Estakhri et al. Oct 2000 A
6141249 Estakhri et al. Oct 2000 A
6145051 Estakhri et al. Nov 2000 A
6151247 Estakhri et al. Nov 2000 A
6172906 Estakhri et al. Jan 2001 B1
6173362 Yoda Jan 2001 B1
6181118 Meehan et al. Jan 2001 B1
6182162 Estakhri et al. Jan 2001 B1
6202138 Estakhri et al. Mar 2001 B1
6223308 Estakhri et al. Apr 2001 B1
6226708 McGoldrick et al. May 2001 B1
6230234 Estakhri et al. May 2001 B1
6249227 Brady et al. Jun 2001 B1
6257486 Teicher et al. Jul 2001 B1
6262918 Estakhri et al. Jul 2001 B1
6272610 Katayama et al. Aug 2001 B1
6275436 Tobita et al. Aug 2001 B1
6279069 Robinson et al. Aug 2001 B1
6279114 Toombs et al. Aug 2001 B1
6285607 Sinclair Sep 2001 B1
6298236 Yamada et al. Oct 2001 B1
6327639 Asnaashari Dec 2001 B1
6345367 Sinclair Feb 2002 B1
6374337 Estakhri Apr 2002 B1
6393513 Estakhri et al. May 2002 B2
6397314 Estakhri et al. May 2002 B1
6411546 Estakhri et al. Jun 2002 B1
6467021 Sinclair Oct 2002 B1
6467684 Fite et al. Oct 2002 B2
6490649 Sinclair Dec 2002 B2
6567307 Estakhri May 2003 B1
6578127 Sinclair Jun 2003 B1
6587382 Estakhri et al. Jul 2003 B1
6641050 Kelley et al. Nov 2003 B2
6711059 Sinclair et al. Mar 2004 B2
6725321 Sinclair et al. Apr 2004 B1
6728851 Estakhri et al. Apr 2004 B1
6751155 Gorobets Jun 2004 B2
6757800 Estakhri et al. Jun 2004 B1
6813678 Sinclair et al. Nov 2004 B1
6832720 Dawson Dec 2004 B2
6862175 McClendon et al. Mar 2005 B1
6898662 Gorobets May 2005 B2
6912618 Estakhri et al. Jun 2005 B2
6950918 Estakhri Sep 2005 B1
6957295 Estakhri Oct 2005 B1
6973519 Estakhri et al. Dec 2005 B1
6978342 Estakhri et al. Dec 2005 B1
6981767 Schmitt et al. Jan 2006 B2
7000064 Payne et al. Feb 2006 B2
20020088855 Hodes Jul 2002 A1
20030004889 Fiala et al. Jan 2003 A1
20030033471 Lin et al. Feb 2003 A1
20050198424 Harari et al. Sep 2005 A1
Foreign Referenced Citations (67)
Number Date Country
0 557 723 Jan 1987 AU
0 220 718 May 1987 EP
0 243 503 Nov 1987 EP
0 392 895 Oct 1990 EP
0 424 191 Apr 1991 EP
0 489 204 Jun 1992 EP
0 522 780 Jan 1993 EP
0 544 252 Jun 1993 EP
0 613 151 Aug 1994 EP
0 617 363 Sep 1994 EP
0 619 541 Oct 1994 EP
0 663 636 Jul 1995 EP
0 686 976 Dec 1995 EP
0 897 579 Jul 2000 EP
0 891 580 Nov 2000 EP
0 896 669 Nov 2000 EP
0 852 766 May 2001 EP
0 852 765 Sep 2001 EP
0 722 585 May 2002 EP
0 910 826 Jun 2002 EP
0 691 008 Nov 2002 EP
0 861 468 Apr 2003 EP
0 978 040 May 2004 EP
1 157 328 May 2005 EP
93 01908 Aug 1993 FR
2 251 323 Jul 1992 GB
2 291 990 Feb 1996 GB
2 291 991 Jul 1996 GB
2 297 637 Jul 1996 GB
2 304 428 Mar 1997 GB
2 348 991 Dec 2002 GB
2 351 822 Jan 2003 GB
2 384 337 Jul 2003 GB
2 384 883 Oct 2005 GB
2 384 338 Nov 2005 GB
2 384 072 Dec 2005 GB
2 411 499 Feb 2006 GB
117881 May 2003 IS
62-283496 Dec 1987 JP
1-138694 May 1989 JP
3-228377 Oct 1991 JP
4-57295 Feb 1992 JP
4-254994 Sep 1992 JP
4-268284 Sep 1992 JP
4-278297 Oct 1992 JP
5-128877 May 1993 JP
5-282883 Oct 1993 JP
6-36578 Feb 1994 JP
6-124175 May 1994 JP
6-124231 May 1994 JP
6-131889 May 1994 JP
6-132747 May 1994 JP
6-149395 May 1994 JP
6-266596 Sep 1994 JP
7-93499 Apr 1995 JP
7-311708 Nov 1995 JP
8-18018 Jan 1996 JP
8-69696 Mar 1996 JP
9-147581 Jun 1997 JP
1388877 Apr 1988 SU
1408439 Jul 1988 SU
1515164 Oct 1989 SU
1541619 Feb 1990 SU
1573458 Jun 1990 SU
1686449 Oct 1991 SU
WO8400628 Feb 1984 WO
WO9420906 Sep 1994 WO
Related Publications (1)
Number Date Country
20050133593 A1 Jun 2005 US
Provisional Applications (1)
Number Date Country
60530876 Dec 2003 US