GB2434661A - Portable communication device with smart card functionality - Google Patents

Portable communication device with smart card functionality Download PDF

Info

Publication number
GB2434661A
GB2434661A GB0600701A GB0600701A GB2434661A GB 2434661 A GB2434661 A GB 2434661A GB 0600701 A GB0600701 A GB 0600701A GB 0600701 A GB0600701 A GB 0600701A GB 2434661 A GB2434661 A GB 2434661A
Authority
GB
United Kingdom
Prior art keywords
smart card
host
smart
communication interface
software application
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
GB0600701A
Other versions
GB0600701D0 (en
Inventor
Yurong Lin
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
DEEPNET SECURITY Ltd
DEEPNET TECHNOLOGIES Ltd
Original Assignee
DEEPNET SECURITY Ltd
DEEPNET TECHNOLOGIES Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by DEEPNET SECURITY Ltd, DEEPNET TECHNOLOGIES Ltd filed Critical DEEPNET SECURITY Ltd
Priority to GB0600701A priority Critical patent/GB2434661A/en
Publication of GB0600701D0 publication Critical patent/GB0600701D0/en
Publication of GB2434661A publication Critical patent/GB2434661A/en
Withdrawn legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • G06F21/35User authentication involving the use of external additional devices, e.g. dongles or smart cards communicating wirelessly
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K19/00Record carriers for use with machines and with at least a part designed to carry digital markings
    • G06K19/06Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code
    • G06K19/067Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components
    • G06K19/07Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components with integrated circuit chips
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/42Confirmation, e.g. check or permission by the legal debtor of payment
    • G06Q20/425Confirmation, e.g. check or permission by the legal debtor of payment using two different networks, one for transaction and one for security confirmation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/326Payment applications installed on the mobile devices

Abstract

The invention provides a portable communication device 4, 6, 8 such as a mobile phone, PDA or handheld PC with smart card functionality for use in a smart card system including a host 2. The smart card functionality may be achieved by way of a virtual smart card implemented as a software application, software module or firmware in a memory of the device. The device provides at least one smart card function from authentication, data encryption, access control, secure memory and the provision of digital signatures. A software application may provide one or more smart card functions with reference to data held in a secure data store. The device may be compatible with more than one host. By using a non-dedicated device to provide smartcard functions, users no longer need to carry dedicated smart cards. Furthermore, since the device communicates 10, 12 with the host, the system does not require a smart card reader.

Description

<p>Smart Card Systems</p>
<p>Field of the Invention</p>
<p>The present invention relates to smart card systems operable without the intermediation of a smart card reader</p>
<p>Background</p>
<p>Smart cards are being used increasingly for a variety of interactions with computer systems, including authenticating the identity of an individual, securely providing personal or other confidential information, making payments and other such applications where there is a requirement to hold data in a secure and tamper-proof but portable environment In conventional smart card systems the interaction between the smart card and the computer system it is exchanging data with is achieved via a smart card reader. Generally these dedicated smart card readers are of the contact-type, there being a physical connection between a smart card chip on the card an the reader It is also known to provide contactiess smart card -reader systems using RFID technology.</p>
<p>Smart card readers, whether of the contact-or contactless-type, are relatively costly, dedicated devices and consequently the requirement for a smart card reader is perceived as a barrier to smart card security being adopted even more widely than it is already with the potential benefits that might bring. The users of such systems must also carry the smart card itself and quite likely will have multiple smart cards for use with different systems.</p>
<p>In their published US patent application US200410073726, Aladdin Knowledge Systems, Ltd. describe a smart card system in which a smart card connects with a host through a USB interface, obviating the need for a separate smart card reader A smart card chip is housed in a portable device having a USB interface that can be connected to a USB interface of the host</p>
<p>Summary of Invention</p>
<p>The present invention proposes to provide smart card functionality by way of a portable, preferably handheld, smart device Such devices (especially when enabled with smart card functionality in accordance with the invention) will be referred to in the following as a "multi-purpose smart card device".</p>
<p>A portable smart device is a device (e g. an information appliance) that is mobile and capable of running third-party software applications. Examples of portable smart devices that can be used as a multi-purpose smart card device in accordance with embodiments of the present invention include general purpose or multi-purpose handheld computers such as a mobile (e g cellular or satellite) smartphone, PDA (personal digital assistant), Pocket PC', portable games console or MP3 player for example (referred to in the following as a "multi-purpose smart card device").</p>
<p>By using a non-dedicated device (i e. a device that has another purpose in addition to the provision of smart card functionality) in this way, especially devices such as a PDA5 or mobile telephones that have been widely adopted, users no longer need carry dedicated smart cards.</p>
<p>The use of a multi-purpose smart card device such as a PDA or mobile telephone also obviates the need for a smart card reader to interface with a host because, as with the USB device disclosed in US2004/0073726, it becomes possible to interface directly with the host using one or more standard communications interfaces Examples of possible interfaces include BluetoothTM, IR (infra-red), WiFi, USB, GSM, GPRS and 30, all of which have the benefit that they are commonly found in the preferred portable devices to which embodiments of the present invention are applied In a first aspect, the invention provides a smart card system comprising: a host having a communication interface, and a multi-purpose smart card device having a communication interface compatible with the communication interface of the host, and smart card means resident on the device and operable to perform at least one smart card function Smart card functions include authentication, data encryption, access control, secure memory and the provision of digital signatures.</p>
<p>The smart card means may be a smart card chip (e g. a smart card chip in conformity with lS07816) but more preferably the smart card means is a virtual smart card implemented as a software application, software module or firmware in a memory of the multi-purpose smart card device. Preferably the smart card means includes a secure data store and a software application that provides one or more smart card functions with reference to data held in the secure data store The secure data store may reside in any form of digital data storage device incorporated in the multi-purpose smart card device, e g. hard disk, USB memory, SIM memory, etc. Irrespective of the form that the smart card means take (e g. smart card chip or "virtual smart card", i e software-based) it preferably supports recognised smart card application interface standards, for example PKCS#1 I (one of RSA's Public-Key Cryptography Standards -Cryptographic Token Interface Standard' specifying an API to devices that hold cryptographic information and perform cryptographic functions) and/or MS-CAPI (an open cryptographic API provided by Microsoft, also known as CryptoAPi) standards.</p>
<p>The multi-purpose smart card device may be adapted to be compatible with more than one host. It may comprise a plurality of smart card means For example multiple smart card applications may be installed on the device or one application may be adapted to provide the functionality of multiple smart cards.</p>
<p>The multi-purpose smart card device is preferably a PDA, a handheld PC, a mobile (e.g. cellular or satellite) telephone, or other handheld communications device. The device may be a hybrid device including the functionality of more that one of these devices, e g. a combined PDA and mobile telephone The communication interface may comprise a wired connection such as USB, but is more preferably a wireless interface. Possible wireless interfaces include short range interfaces such as IR, REID, WiFi (e.g 802.llbIg) and BluetoothTM. Additionally or alternatively, the multi-purpose device may interface with the host via a telecommunications network such as a GSM, GPRS or 3G network.</p>
<p>In a second aspect, the invention provides a multi-purpose smart card device for use with the smart card system of the first aspect, the device comprising.</p>
<p>a communication interface, and smart card means resident on the device and operable to perform at least one smart card function.</p>
<p>The preferred and other optional features set out above in relation to the first aspect are equally preferred in relation to this second aspect.</p>
<p>In a third aspect the invention provides a computer program for installation on a multi-purpose smart card device (e g mobile telephone or PDA) in accordance with the second aspect above to provide the smart card means.</p>
<p>Brief Description of Drawings</p>
<p>An embodiment of the invention will now be described, by way of example only, with reference to the accompanying drawing which schematically shows a smart card system in accordance with the present invention.</p>
<p>Description of Embodiment</p>
<p>Figure 1 illustrates a smart card system in which a host computer 2 communicates via one or more communication channels 10, 12 with one or more portable devices 4, 6, 8 that function as smart cards with respect to the host.</p>
<p>The host 2 will typically be part of a transactional system or an information system The smart cards on the portable devices are used as a conventional smart card and smart card reader would be used to authenticate the user of the device to the host, to authorise or effect a payment through the system, or to securely provide data to the host for operation of the transactional or information system for example They can be used for the same applications that prior art physical smart cards have been used.</p>
<p>The host 2 may be a PC, server or some other computer processing device (e g a dedicated device for a particular application) It includes one or more communication interfaces to facilitate the communication with the portable devices 4, 6, 8. The host may be a networked group of computers.</p>
<p>The portable devices illustrated in this example are a PDA 4 and mobile telephones 6, 8.</p>
<p>They each include a memory in which a smart card software application is installed to provide the device with smart card functionality and at least one, possibly multiple, communication interfaces for transmitting data to and/or receiving data from the host 2. In some cases the device may also include a secure data store, accessible to the smart card software application, either in the same memory or different memory to that in which the application is resident The smart card software application in this example complies with both PKCS#1 I and MS-CAPI application interface standards The PDA 4 and one of the mobile telephones 6 are interfaced directly with the host. The interface may, for example, be an IR, WiFi or BluetoothTM interface. The other mobile telephone 8 is interfaced indirectly with the host 2 via a communications network 10 such as a GSM, GPRS or 3G network.</p>
<p>In use, the smart card application provides data to the communication interface for transmission to the host 2 and may also receive data from the host 2 via the communication interface The skilled person will appreciate that the specific embodiment described above is given by way of example only. Many and various modifications are possible within the scope of the invention</p>

Claims (1)

  1. <p>Claims 1. A smart card system comprising: a host having a communication
    interface; and a multi-purpose smart card device having a communication interface compatible with the communication interface of the host, and smart card means resident on the device and operable to perform at least one smart card function.</p>
    <p>2. A system according to claim 1, wherein the at least one smart card function is io selected from authentication, data encryption, access control, secure memory and the provision of digital signatures.</p>
    <p>3. A system according to claim 1 or claim 2, wherein the smart card means is a virtual smart card implemented as a software application, software module or firmware in a memory of the multi-purpose smart card device.</p>
    <p>4. A system according to any one of the preceding claims, wherein the smart card means includes a secure data store and a software application that provides one or more smart card functions with reference to data held in the secure data store.</p>
    <p>5. A system according to any one of the preceding claims, wherein the multi-purpose smart card device is adapted to be compatible with more than one host.</p>
    <p>6. A system according to any one of the preceding claims, wherein the multi-purpose smart card device is a PDA, a handheld PC, a mobile (e.g. cellular or satellite) telephone, or other handheld communications device, or a hybrid device including the functionality of more that one of these devices.</p>
    <p>: , 7. A multi-purpose smart card device for use with the smart card system of any one of 3 0 claims 1 to 6, the device comprising: a communication interface, and *. ,. 9.. S</p>
    <p>* smart card means resident on the device and operable to perform at least one smart * card function.</p>
    <p>*::: : s 8. A computer program for installation on a multi-purpose smart card device according to * a claim 7 to provide the smart card means.</p>
    <p>SS</p>
GB0600701A 2006-01-13 2006-01-13 Portable communication device with smart card functionality Withdrawn GB2434661A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
GB0600701A GB2434661A (en) 2006-01-13 2006-01-13 Portable communication device with smart card functionality

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
GB0600701A GB2434661A (en) 2006-01-13 2006-01-13 Portable communication device with smart card functionality

Publications (2)

Publication Number Publication Date
GB0600701D0 GB0600701D0 (en) 2006-02-22
GB2434661A true GB2434661A (en) 2007-08-01

Family

ID=35998015

Family Applications (1)

Application Number Title Priority Date Filing Date
GB0600701A Withdrawn GB2434661A (en) 2006-01-13 2006-01-13 Portable communication device with smart card functionality

Country Status (1)

Country Link
GB (1) GB2434661A (en)

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE102008017630A1 (en) * 2008-04-04 2009-10-08 Deutsche Telekom Ag Authentication method for application running off on e.g. personal computer, involves transferring authentication data of authentication unit to application as function of result of examination
WO2010067211A1 (en) * 2008-12-12 2010-06-17 Sony Ericsson Mobile Communications Portable electronic devices, systems, methods and computer program products for accessing remote secure elements
CN101252436B (en) * 2008-03-27 2011-11-23 上海柯斯软件有限公司 Smart card dynamic password creating and judging system
US8240558B2 (en) 2008-01-15 2012-08-14 Aristocrat Technologies Australia Pty Limited Method of processing a user data card, an interface module and a gaming system
US20130281055A1 (en) * 2012-04-24 2013-10-24 Martin PATEFIELD-SMITH Methods and systems for conducting smart card transactions
US20130311373A1 (en) * 2012-05-18 2013-11-21 Samsung Electronics Co., Ltd. Apparatus and method for paying for a product using a near field communication device
WO2014047135A2 (en) * 2012-09-18 2014-03-27 Interdigital Patent Holdings, Inc. Generalized cryptographic framework
EP2809054A1 (en) * 2013-05-29 2014-12-03 Legic Identsystems AG Mobile electronic device with transceiver for wireless data exchange

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0936530A1 (en) * 1998-02-16 1999-08-18 Siemens Nixdorf Informationssysteme AG Virtual smart card
WO2001093212A2 (en) * 2000-05-30 2001-12-06 Pointsec Mobile Technologies, Inc. Apparatus and methods for using a virtual smart card
WO2002031760A2 (en) * 2000-10-13 2002-04-18 Gemplus Deployment of smart card based applications via mobile terminals
WO2003050661A2 (en) * 2001-12-12 2003-06-19 Canal+ Technologies Societe Anonyme Processing data
WO2004057890A2 (en) * 2002-12-20 2004-07-08 Motorola Inc Wireless communication device, associated smartcard and method of operation therefor
WO2005020097A1 (en) * 2003-08-23 2005-03-03 International Business Machines Corporation Method, system and device for mobile access of subscription content

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0936530A1 (en) * 1998-02-16 1999-08-18 Siemens Nixdorf Informationssysteme AG Virtual smart card
WO2001093212A2 (en) * 2000-05-30 2001-12-06 Pointsec Mobile Technologies, Inc. Apparatus and methods for using a virtual smart card
WO2002031760A2 (en) * 2000-10-13 2002-04-18 Gemplus Deployment of smart card based applications via mobile terminals
WO2003050661A2 (en) * 2001-12-12 2003-06-19 Canal+ Technologies Societe Anonyme Processing data
WO2004057890A2 (en) * 2002-12-20 2004-07-08 Motorola Inc Wireless communication device, associated smartcard and method of operation therefor
WO2005020097A1 (en) * 2003-08-23 2005-03-03 International Business Machines Corporation Method, system and device for mobile access of subscription content

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8240558B2 (en) 2008-01-15 2012-08-14 Aristocrat Technologies Australia Pty Limited Method of processing a user data card, an interface module and a gaming system
CN101252436B (en) * 2008-03-27 2011-11-23 上海柯斯软件有限公司 Smart card dynamic password creating and judging system
DE102008017630A1 (en) * 2008-04-04 2009-10-08 Deutsche Telekom Ag Authentication method for application running off on e.g. personal computer, involves transferring authentication data of authentication unit to application as function of result of examination
WO2010067211A1 (en) * 2008-12-12 2010-06-17 Sony Ericsson Mobile Communications Portable electronic devices, systems, methods and computer program products for accessing remote secure elements
US20130281055A1 (en) * 2012-04-24 2013-10-24 Martin PATEFIELD-SMITH Methods and systems for conducting smart card transactions
EP2657877A3 (en) * 2012-04-24 2014-06-11 Daon Holdings Limited Methods and systems for conducting smart card transactions
US8990572B2 (en) * 2012-04-24 2015-03-24 Daon Holdings Limited Methods and systems for conducting smart card transactions
US20130311373A1 (en) * 2012-05-18 2013-11-21 Samsung Electronics Co., Ltd. Apparatus and method for paying for a product using a near field communication device
WO2014047135A2 (en) * 2012-09-18 2014-03-27 Interdigital Patent Holdings, Inc. Generalized cryptographic framework
WO2014047135A3 (en) * 2012-09-18 2014-07-10 Interdigital Patent Holdings, Inc. Method and device for a generalized cryptographic framework
EP2809054A1 (en) * 2013-05-29 2014-12-03 Legic Identsystems AG Mobile electronic device with transceiver for wireless data exchange
US9483417B2 (en) 2013-05-29 2016-11-01 Legic Identsystems Ag Mobile electronic device with transceiver for wireless data exchange

Also Published As

Publication number Publication date
GB0600701D0 (en) 2006-02-22

Similar Documents

Publication Publication Date Title
KR101354804B1 (en) Updating mobile devices with additional elements
US8016192B2 (en) User-configurable priority list for mobile device electronic payment applications
GB2434661A (en) Portable communication device with smart card functionality
US7861015B2 (en) USB apparatus and control method therein
KR20130108639A (en) Hand-held self-provisioned pin red communicator
EP2458507A1 (en) Storage device, access controlling system, sd card and data access controlling method
CN102497465A (en) High-secrecy mobile information safety system and safety method for distributed secret keys
KR101389468B1 (en) Method for issuing mobile credit card in portable terminal using credit card and credit card for the same
CN100534039C (en) Financial-transaction terminal for processing information carrier according to USB interface normalization and its operation
US20130275641A1 (en) Mobile device, transaction system including the mobile device, and method of signal transmission in a mobile device
KR20100110642A (en) Hardware security module
JPWO2005059816A1 (en) Information display method, portable information device, and contactless communication device
EP2338244B1 (en) Use of a secure element for writing to and reading from machine readable credentials
CN102542697A (en) POS (Point of Sale) terminal based on electronic equipment having network access function
KR20110062620A (en) Financial cooperation services offer system using electronic wallet apparatus and financial cooperation services offer method thereby
Csapodi et al. New applications for NFC devices
US9135423B2 (en) Information processing system
US10728728B2 (en) Method and a device for managing contactless applications
US8276188B2 (en) Systems and methods for managing storage devices
US8369894B1 (en) Confirming certification of combinations of secure elements and mobile devices
US9152831B2 (en) Smart card reader with space-saving and combined user-specific data input and output
Lepojevic et al. Implementing nfc service security–se vs tee vs hce
CN100483468C (en) Mobile communication terminal mounting bank safety information card and information handling method thereof
KR20060102941A (en) Method and apparatus of settling electronic money
KR101686631B1 (en) Apparatus for Smart Secure Storage

Legal Events

Date Code Title Description
WAP Application withdrawn, taken to be withdrawn or refused ** after publication under section 16(1)