JPS6349966A - Ic card system - Google Patents

Abstract

PURPOSE:To surely prevent an IC card from troubles such as data alteration due to the forgery of a terminal by executing on-line processing without depending upon the validity of a terminal. CONSTITUTION:A keyboard 2, a display part 3 and an IC card insertion port 4 for an IC card loading part are arranged on the surface of a terminal 1. An IC card 5 having a connector 6 is inserted from the insertion port 4. A security card insertion port 7 for a security loading part is formed on the side of the terminal 1 and a security card 8 is loaded into the insertion port 7. The security card 8 has a cipher calculating part necessary for all security checks in the IC card system.

Description

DETAILED DESCRIPTION OF THE INVENTION [Technical Field of the Invention] The present invention relates to an IC card system that enables highly secure transactions.

[Prior Art and Its Problems] In recent years, it has become known as the cashless era, and by using cards issued by credit card companies, it has become possible to purchase products without having to handle cash.

Conventionally, there are plastic cards, embossed cards, magnetic stripe cards, etc., but these cards (because they are easy to make for seedlings)
Illegal use is a problem.

Therefore, in order to solve this problem, information cards, so-called IC cards, have been developed that incorporate an IC circuit that stores a PIN number inside the card so that the PIN number cannot be read easily from the outside. An IC card system that combines such an IC card and a terminal has been developed.

By the way, in such an IC card system, there are two types of transactions: offline processing in which authentication is performed using a terminal at a store or the like, and online processing in which authentication is performed using a computer at a bank or the like.

Here, offline processing is performed only in the direction of decreasing the balance stored in the IC card8), and the writing of data in the IC card and the processing of the data are controlled by the terminal. I have to. In addition, online processing allows you to update the current balance on your IC card.
Data is exchanged between the terminal and the bank's computer using proprietary encryption, and data is written into the IC card and other processing is done offline. Similarly, everything is controlled by the terminal.

However, according to this method, especially in online processing, all updates, including increases in the current balance in the IC card, are made by the terminal, which means that the legitimacy of online processing depends entirely on the terminal. Therefore, if the terminal is fraudulently forged, there is a risk that the amount of card transaction data will be increased inappropriately during online processing, which could seriously impair the security of card transactions. There was a risk.

[Purpose of the Invention] This invention was made in view of the above circumstances, and by being able to perform online processing without relying on the validity of the terminal, it prevents situations such as falsification of IC card data due to forgery of the terminal. To provide an IC card system that can reliably prevent the above and ensure the safety of card transactions.

[Summary of the Invention] An IC card system according to the present invention includes a terminal means, a security means for encrypting and decoding transaction data based on a first method, and a security means for encrypting and decoding transaction data based on a first method, and a first method for decrypting transaction data. the transaction data provided from the terminal means and encrypted by the security means, and the transaction data provided from outside the terminal at least based on the first and second methods; and an IC card having storage means for storing each encrypted transaction data, and among the transaction data stored in the IC card, the transaction data given from the terminal means is decrypted by the security means. Transaction data taken out by the terminal means and given from outside the terminal means is decoded by the IC card and the security means, respectively, and taken out to the terminal means.

[Embodiments of the invention] An embodiment of the present invention will be described below with reference to the drawings.

FIG. 1 shows an external view of a terminal, an IC card and a security card attached to the terminal. In the figure, 1 is the terminal, and this terminal 1
On its surface, it has a keyboard 2 with numerical keys etc., a display section 3 for displaying messages, input data, etc., and an IC card insertion slot 4 for 854 IC cards. Then, insert the IC from this IC card insertion slot 4.
Card 5 is now installed. This IC card 5 has an IC circuit incorporated therein and a connector 6 consisting of, for example, six terminals on its surface.

On the other hand, the side surface of the terminal 1 has a security card insertion lower part of the security card installation section. A security card 8 is attached to this security card insertion lower. This security card 8 has a cryptographic calculation unit necessary for performing all security checks in the IC card system.

FIG. 2 shows the circuit configuration of such terminal 1. In the figure, 11 is a system bus, and this system bus 11 includes a sound controller 12, a working RAM 13, a system program ROM 14, a terminal tropism ROfv 115, and an initial parameter R.
AM16, main controller 17, display drive controller 18, key controller 19, reader/writer controller 20, comparison unit 21, input/output controller 22
, output buffer 124 via output controller 23, input controller 26 via input buffer 25, rcA
A latch circuit 42 for latching J, rDEsJ (
Data Encryption On 5tancje
rcl) < rDEsJ method encryption calculation unit 43, similar rDEsJ method decryption calculation unit 4
4 are connected respectively.

A speaker 27 is connected to the sound controller 12 and outputs an alarm sound as necessary.

The working RAM 13 stores rPANJ, rCHNJ, rE, which will be described later, sent from the IC card 5 side in the memory area.
PDJ, etc. are stored, as well as various processing data within the terminal 1.

System programs RO to 114 are E for matching with the IC card 5 along with various system programs.
Equipped with NQ code etc.

The terminal residence ROM 15 stores terminal codes TC (eg, manufacturing code, issue code, store code, etc.) depending on its purpose.

Initial parameter RAM 16 stores answer-to-reset data from IC card 5 all at once. This initial parameter RAM 16 contains the transmission line 16.
Output controller 23, input controller 2 via a
6, a Vpp level latch section 28, a Vpp timer latch section 29, and an Ipp level latch section 30 are connected, and these latches 28, 29, and 30 are connected to a corresponding Vpp power supply 31.
, Vpp timer 32, and Ipp limiter 33 are connected.

Here, the Vpp power supply 31 is for securing the voltage vpp used for writing data to the data memory of the IC card 5. In addition, the Vpp timer 32 is
This is to ensure the maximum unit processing time specified by. Further, the Ipp limiter 33 determines the permissible value of the data write current.

In this case, the data maximum write voltage by the Vpp voltage 71i31, the Vpp application time by the Vpp timer 32, the Ipp
The maximum allowable data write current by the limiter 33, etc.
The answer/answer stored in the initial parameter RAM16
Set based on two-reset data.

An IC card operating frequency selector 34 is connected to the data transmission line 16a. A generated signal from an oscillator 35 is supplied to this selector 34 via a frequency divider 36.
It is output from the Cl0Ck terminal as a signal with the operating frequency set.

A timer 37 is connected to the initial parameter RAM 16. This timer 37 is the initial parameter RA
Based on the answer-to-reset data stored in M16, the maximum response waiting time from the time when an ENQ signal or other command signal is sent to the IC card 5 side is counted, and within this waiting time If there is no response signal from the card 5 side, the main controller 17 will instruct the transmission of these signals again, or the reader/writer mechanism section 38 will be disconnected from the IC card 5 via the reader/writer controller 2o. I try to give instructions.

A comparator 21 and an input/output controller 1 to a roller 22 are connected to the system control line 17a of the main controller 17, and the main controller 17 is connected depending on the operating state of the system.
Control commands are sent to each circuit from

The display drive controller 18 is connected to the terminal 1 mentioned above.
This is to control the display on the display section 3 of.

One key controller provides a key sampling signal to the keyboard 2 of the terminal 1 described above so as to detect a key human input signal.

The reader/writer controller 20 drives and controls the reader/writer mechanism section 38. Here, the component 38 is equipped with a card transport motor, and transports the IC card 5 inserted from the card insertion slot of the terminal 1 to a predetermined position, electrically connects the card 5 to the terminal 1, and When the processing is completed, the IC card 5 is returned to the card insertion slot.

An output buffer 24, a reset controller 39, an Ipp level latch section 30, an operating frequency selector 34, and a Vcc power supply 40 are connected to such a reader/writer board structure 38. These output buffers 24, three reset controllers, lpp level latch section 30. ijJ
The operating frequency selector 34, the I10 terminal connected to the above-mentioned IC card 5 side in correspondence with Vcci140, and the Re5
It has an et terminal, a Vpp terminal, a C1ock terminal, and a Vcc terminal, among which the I10 terminal, Re5et terminal, and Cl
The ock terminal and Vcc terminal can be connected to the security card 8 side. In this case, the connection of the L'0 terminal to the IC card 5 or the security card 8 is switched via the transfer 1 gate 41 controlled by the main controller 17.

The input controller 26 and the output controller 23 control data exchange with the IC card 5 in accordance with commands from the main controller 17 via the initial parameter RAM 16. Among these, the input controller 26 outputs the data sent from the IC card 5 to the working RAM 13 etc. via the input buffer 725 and also provides it to the comparator 21, and provides the comparison output here to the main controller 17. Further, the output controller 23 sends data provided from the terminal attribute ROM 15 or the like to the IC card 5 or security card 8 via the output buffer 724.

The latch circuit 42 inputs the latched rcAJ to the encryption arithmetic unit 43 and the decryption arithmetic unit 44. The encryption arithmetic unit 43 receives predetermined data via the system bus 11, and performs cryptographic processing on [PANj, etc., stored in the working RAM 13 according to instructions from the main controller 17 using rCAJ as a key.
It is configured to output to the input/output controller 22. Furthermore, the decoding arithmetic unit 44 is connected to the input/output controller 22.
The encrypted data input to the system is decoded based on rcAJ and output to the system bus 11.

The input/output controller 22 sends and receives data encoded in 418 when a database, ie, a host computer, is connected online.

Next, Figure 3 shows the IC installed in terminal 1 like this.
The circuit configuration of the card 5 is shown.

In the figure, 51 is a system bus, and this system bus 51 includes data ROM 52, application RO~
153, system program ROM54, working R
A M 55, a system controller 56, a dark@decoder 57, a read/write controller 58, a card status buffer 59, an input controller 61 via an input buffer 760, and an output controller 63 via an output buffer 762 are connected, respectively. Further, a data input/output terminal I10 is connected to the input controller 61 and the output controller 63.

Here, the data ROM 52 stores all operating conditions for the IC card 5 itself (for example, data writing, applied voltage, current permissible value and maximum applied voltage, maximum data transmission amount, maximum response waiting time, etc.), and these conditions Once the card's internal initialization is completed, the data will be reset to answer in a predetermined format.
The data is sent to the terminal 1 side as data.

The application ROM 53 contains card type data rAPNJ indicating what kind of IC card 5 it is.
This card (separate data is sent in a predetermined format when exchanging attributes with terminal attributes after initial parameter setting based on the above answer-to-reset data) .

The system program ROM 54 contains a code signal rAcKJ or rN indicating whether the signals transmitted and supplied from the terminal 1 side are correct or not along with various system programs.
Equipped with AcJ. Regarding the above-mentioned answer-to-reset and tropism exchange, etc., it was written by Ganto Toyama in 1985.
Patent application No. 15683 filed on July 16th
Details are given in No. 1.

The working RAM 55 stores various processing data within the card.

The system controller 56 outputs operation commands to each circuit according to the data reception signal transmitted and supplied via the input buffer 60 and the operation state.

The read/write controller 58 writes and reads data to and from the data memory 64 in response to commands from the system controller 56.

For example, an EEP-ROM is used as the data memory 64. In this case, the data memory 64 has a zone address table 641, a public zone 642, a secret zone 643, a transaction 644, and a credit zone 645, as shown in FIG. Here, the zone address table 641 stores a predetermined zone address as test data used for card authentication, for example, and extracts verification data from a predetermined zone based on the address, and performs card authentication by comparing with the test data. It is now possible to do this. Public zone 642 stores public data. The secret zone 643 is, for example, the PIN number rPIN.
J, number of data re-inputs rRTNJ (Re-Try
Number), number rlPINJ (Initial tzation) until the PIN is used.
Personal Identification
Account number “PANJ (Pri
mary Account Number> etc. are stored. Further, the secret zone 643 stores secret information regarding the card holder. The transaction zone 644 stores various data related to general transactions, and as shown in FIG. 5, has transaction data areas 644a #1 to #n that store data for each transaction unit. here,
Each transaction data area 644a contains 2-byte year and month data representing the year and month of the transaction, rOFFL
1-ine, or was it forwarded to ON 1-ine?” [Whether the customer saw the transaction details.
1-byte status data that represents various statuses such as F Line transactions, date data that does not represent the date of the transaction, 1-byte format data that represents the type of transaction format, 1-byte SIG data that represents the company code, security card NO
1 byte of SCN data representing the currency unit, 1 representing the currency unit
Stored are currency unit data in bytes, TAC data in 2 bytes representing the transaction completion number, and balance data in 6 bytes representing the credit balance. The credit zone 645 stores data regarding credit transactions.

The code decryptor 57 uses the F stored in the code key ROM 67.
The FD8 key (E2) is used to decrypt data encrypted based on a predetermined algorithm.

The card status buffer 59 is used to set a flag when the card is invalid and to disable the card from being used thereafter.

The contents of the data memory 64 read by the read/write controller 58 are applied to one input terminal of the comparator 65 or to the system bus 51.

The data decrypted by the decryptor 57 is applied to the other input terminal of the comparator 65. The comparison output of this comparison section 65 is sent to the system controller 56 via the system control line 56a.

When the 1c card 5 is installed in the terminal 1, a reset signal is supplied from the terminal 1 to the Re5et terminal, a system clock is supplied to the clock terminal, and V is supplied to the Vcc terminal and the vpp terminal.
CC power supply and Vpp power supply are connected. Here, the ■cc power supply is the system lσ working power supply, the Vpp power supply is the power supply for occupying the data memory 64, and the power supply voltage is the answer-to-reset power supply (
・Set on the terminal 1 side based on the data. On the other hand, the system operation signal from the C1ock terminal is transmitted to the frequency divider 66.
is supplied to each circuit via.

Next, FIG. 6 shows the circuit configuration of the security card 8 attached to the terminal 1.

In the figure, 71 is a system bus, and this system bus 71 includes an input control circuit 72, an output control circuit 73, a working RAM 74, a data ROM 2S, and an encryption key ROM.
76, the main controller 77 is connected.

Here, the input control circuit 72 and the output control circuit 73 are I/
This is for exchanging data with the terminal 1 mentioned above via the O terminal. Working RΔ~174 is designed to store various processing data within the card. The data ROM 75 stores various data necessary for encrypting and decoding data. The encryption key ROM 76 stores an encryption key (El) for encryption and decoding. The main controller 77 generates control commands to each circuit according to the state of the system.

A computing unit 78 is connected to the system bus 71 .

The output of this arithmetic unit 78 is then sent to the system bus 71.

Here, the arithmetic unit 78 performs arithmetic operations based on a predetermined algorithm. Data to be abbreviated or encrypted data to be decoded is given to one input terminal of the arithmetic unit 78, and the encryption key R is given to the other input terminal.
Encryption key for encryption and wI reading from OM76 (
El) is given.

Note that the arithmetic unit 78 here is used for encryption and decryption when online.

In addition, when the security card 81 is attached to the terminal, the Re5
A reset signal is supplied to the et terminal, a system clock is supplied to the C1ock terminal, and a Vcc power supply is connected to the Vcc terminal.

Here, the Vcc power supply is a system driving power supply.

On the other hand, the clock signal from the Clock terminal is passed through the frequency divider 7.
9 to the timing bus 77a as a timing signal.

Next, the operation of the embodiment configured as described above will be explained.

First, in Figure 1, card insertion slot 4 of terminal 1
The IC card 5 is inserted through the lower security card insertion lower part, and then the security card 8 is inserted through the lower security card insertion lower part.

In this state, the case of offline transaction will be explained according to the flowchart of FIG. First, transaction data is input from the keyboard 2 of the terminal 1. This data is then immediately transferred from the terminal 1 to the security card 8 in step A1. In this case, transaction data is stored in the working RAM 13 of the terminal 1 and transferred to the security card 8 via the output controller 23 and output buffer 24. At this time,
Output buffer 24 according to instructions from main controller 17
security card 8 by transfer gate 41
Connected to the side I/033 child.

Next, the process proceeds to step A2, where encryption is performed using the encryption key (El) within the security card 8. In this case, in the security card 8, transaction data from the terminal 1 is input to the input control circuit 72 via the I/O terminal. When input, the input control circuit 72 converts the serial data into parallel data and normalizes it.
The data is written to the working RAM 74. Thereafter, the data stored in the working RAM 74 and the encryption key (El) in the encryption key ROM 76 are given to the arithmetic unit 78 via the system bus 71, where an operation using the encryption key (El) is performed. Transaction data from is encrypted.

This lla coded transaction data is then sent back to the terminal 1 via the output control circuit 73.

Then, the process advances to step A3.

In step A3, an offline flag is added to the encrypted transaction data at terminal 1, and this
It is sent to the card 5 side. In this case, in the terminal 1, transaction data encrypted by the security card 8 is taken in via the input controller 26 and the input buffer 25, and stored in the working RAM 13. After that, the working RAM 13 is
Encrypted transaction data will be retrieved and an offline flag will be added to it. Then, it is sent to the IC card 5 side via the output controller 1 to roller 23 and output buffer 24.

In the IC card 5, encrypted transaction data is taken in via the input controller 61 and input buffer 60, stored in the working RAM 55, and then read/write controller 58 according to a command from the system controller 56.
transaction zone 6 of data memory 64 via
44. In this case, the storage status of the transaction data area 644a where such transaction data is stored becomes as shown in FIG. 5, and part of the status data is flagged as an offline transaction (in this case, a flag is set). will be memorized.

Next, the case of online transactions will be explained according to the flowchart of FIG. In this case as well, transaction data is input from the keyboard 2 of the terminal 1. This data is then immediately transferred from the terminal 1 to the security card 8 in step B1. In this case, the transaction data is stored in the working RAM 13 of the processing unit of terminal 1.
This is then transferred to the security card 8 side via the output controller 23 and output buffer 24.

At this time, according to a command from the main controller 17, the output buffer 24 is connected to the I, 709+1+ child on the security card 8 side through the transfer gate 41.

Next, the process proceeds to step B2, where encryption is performed within the security card 8 using the encryption key (El). In this case, in the security card 8, when transaction data from the terminal 1 is applied to the input control circuit 72 via the + and 10 terminals, it is normalized by the input control circuit 72 and written into the working RAM 74. Thereafter, the data in the working RAM 74 and the encryption key (El) in the encryption key ROM 76 are transferred to the arithmetic unit 78 via the system bus 71.
given to. Then, an operation is performed using the encryption key (El), and the transaction data from the terminal 1 is encrypted.

This encrypted transaction data is sent back to the terminal 1 via the output control circuit 73. Then, proceed to step B3.

In step B3, the transaction data encrypted by the security card 8 is sent to the host computer of the bank. In this case, in the terminal 1, the transaction data encrypted by the security card 8 is taken in via the input controller 26 and the input buffer 25, stored in the working RAM 13, and then the main controller 17
Transaction data is taken out from the working RAM 13 in response to the command, and sent to the host computer side via the I10 controller 22.

The bank's host computer decrypts the encrypted transaction data from Terminal 1 in step B4, and based on this! - Execute ranzaktion processing. Transaction processing in this case is terminal 1
After performing account processing such as approval and authentication on transaction data from (
I try to give. Then, the process proceeds to step B5.

In step B5, encryption processing is performed on the transaction data having j-new balance information determined by the transaction processing. In this case, transaction data is encrypted with encryption keys (El) and (E2).

The encrypted transaction data is then sent back to the terminal 1 in step B6. In this case, terminal 1
Then, the latest transaction data encrypted by the host computer is taken in via the input controller 26 and input buffer 25 and stored in the working RAM 13. Then, the process advances to step B7.

In this step B7, an online flag is added to the encrypted transaction data by the terminal 1, and this is sent to the IC card 5 side.

In this case, in terminal 1, working RA~113
The data stored in the main controller 17 is retrieved according to a command from the main controller 17, and an online flag is added to the data. Then, it is sent to the IC card 5 side via the output controller 23 and output buffer 724.

In the IC card 5, encrypted transaction data is taken in via the input controller 561 and input buffer 760, stored in the working RAM 55, and then read/write controller 58 according to a command from the system controller 56.
transaction zone 6 of data memory 64 via
44. In this case, the storage status of the transaction data area 644a where such transaction data is stored becomes as shown in FIG. ) will be stored.

Next, the case where transaction data stored in the IC card 5 is read by the terminal 1 will be explained with reference to the flowchart of FIG.

First, a request to read transaction data from the IC card 5 is output from the terminal 1. As a result, transaction data from the IC card 5 is read out in step C1. In this case, in the IC card 5, the contents of the transaction area 644a of the transaction zone 644 of the data memory 64, which has been requested to be read, are read out via the read/write controller 58 in response to a command from the system controller 56. Then, in step C2, the flag state of the state data in the transaction area 644a is determined. Here, assuming that the flag is not currently set, the 'transaction area 644a for which the read request was made is determined to be for online transactions, and the process proceeds to step C3.

In this step C3, the transaction area 6 that has been requested to be read by the command from the system controller 56
The transaction data 44a is sent to the decryptor 57. Then, the encryption key (E
2). Then, the process advances to step C4.

On the other hand, in step C2, transaction area 6
If it is determined that the flag is set in the flag state of the status data in 44a, it is determined that the transaction area 644a for which the read request was made is for an offline transaction, and the process immediately proceeds to step C4.

In step C4, the transaction data read from the IC card 5 is transferred to the security card via the terminal 1. In this case, in terminal 1, IC card 5
The transaction data read out is taken in via the input controller 26 and input buffer 25, and is stored in the working RAM
3, and then sent to the security card 8 via the output controller 1-roller 23 and output buffer 24 according to a command from the main controller 17.

Next, the process advances to step C5. In this step C5,
Transaction data transferred from the terminal 1 is decrypted by the encryption key (El) within the security card 8. In this case, in the security card 8, when transaction data from the terminal 1 is applied to the input control circuit 72 via the terminal 110, it is normalized by the input control circuit 72 and written into the working RAM 74. After that, working R
AM74 data and encryption key ROM76 encryption key (E
l) is given to the arithmetic unit 78 via the system bus 71, where an arithmetic operation using the encryption key (El) is performed,
Transaction data from Terminal 1 is decrypted.

This decoded transaction data is then sent to the output control circuit 73.
is sent back to Terminal 1 via Then, the process advances to step C6.

In step C6, the transaction data decrypted by the security card 8 is taken in via the input controller 26 and input buffer 25, and stored in the working RAM 13. Thereafter, the information is displayed on the display section 3 according to a command from the main controller 17.

Next, offline and online processing obtained by such operations will be explained in more detail.

First, in the case of offline processing, when transaction data X is input from the keyboard 2 of the terminal 1 as shown in FIG.
is transferred to (x)El using the encryption key (El).
will be encrypted and sent back. This encrypted transaction data (X)El is then sent to the IC card 5 and stored.

When a request is made to read transaction data from the IC card 5, the transaction data (X) 21 for which the read request was requested is taken out and transferred to the security card 8 via the terminal processing section, where it is then encrypted. It is decrypted by the key (El) and sent back to the terminal 1 as transaction data X.

Next, in the case of online processing, when transaction data y is input from the keyboard 2 of the terminal 1 as shown in FIG.
is transferred to (y)El using the encryption key (El).
will be encrypted and sent back. This encrypted transaction data (y)El is then sent to the bank's host computer. The host computer decrypts the transaction data (y)El sent from the terminal using the encryption key E1, and then performs account processing such as settlement and authentication. The transaction data 2 having the latest balance data obtained in this way is encrypted into transaction data (x)El by the encryption key E1, and is further encrypted by the encryption key E2 into transaction data [(Z)
It is encrypted by Elco E2 and sent back to terminal 1.

Then, this transaction data [(Z)E1]E2 is directly transferred to the IC card 5 and stored therein. After that, when there is a request to read the transaction data of the IC card 5 and the transaction data [(Z)E1]E2 is retrieved, the IC card 5
The transaction data (z
) El is transferred to the security card 8 via the terminal processing section, where it is further decrypted using the encryption key (El) and sent back to the terminal 1 as transaction data 2.

Therefore, in online processing, transaction data having the latest balance information after account processing by the bank's computer is double encrypted using the encryption key (El) (E2) on the computer. In addition, since the information is stored as is in the IC card and no judgment is made at the terminal, such online processing can be executed without depending on the validity of the terminal. As a result, even if the terminal is illegally forged, it is possible to reliably prevent situations such as the amount data related to online transactions in the IC card being tampered with. By doubly encrypting data, it is extremely difficult to decipher the data illegally, so it is possible to prevent unauthorized Nffl of transaction data and dramatically improve the security of card transactions. .

On the other hand, IC cards store a mixture of transaction data that is encrypted only once during online processing and transaction data that is double encrypted during offline processing. For processing data, the data decoded by the security card is output to the terminal, and for online processing data, the data decoded by the IC card and security card is output to the terminal, and offline processing and online processing are performed at the terminal. Since the normalization can be performed using the same procedure regardless of the situation, the processing time at the terminal can be shortened and the removal process can be simplified.

It should be noted that the present invention is not limited only to the above-mentioned embodiments, but can be put into practice with appropriate modifications without changing the gist. For example, in the above embodiment, a security card may be prepared separately from the terminal, or the terminal itself may serve as the security card.

[Effects of the Invention] According to the present invention, online processing can be executed without depending on the validity of the terminal, so it is possible to reliably prevent situations such as falsification of IC card data due to false j sounds from the terminal. It is possible to ensure the security of card transactions.

[Brief explanation of drawings]

FIG. 1 is an external view showing an embodiment of the present invention, FIG. 2 is a block diagram showing the circuit configuration of the terminal of the same embodiment, and FIG.
The figure is a block diagram showing the circuit configuration of the IC card of the same embodiment, FIG. 4 is a diagram for explaining the data memory used in the same embodiment, and FIG. 5 is a diagram for explaining the transaction zone of the same memory. , FIG. 6 is a block diagram showing the circuit configuration of the security card of the same embodiment, and FIGS. 7 to 9
The figure is a flow chart for explaining the operation of the same embodiment.
FIG. 10h11 is a diagram for explaining the same embodiment more specifically. 1... Terminal body, 2... Keyboard, 3...
・Display section, 5... IC card, 8... Security card, 13... Working RAM, 17... Main controller, 21... Comparator, 52... Data RO ~ 1.55. ... Working RAM, 56... System controller, 57... Code decryptor, 64...
- Data memory, 65... Comparison unit, 67... Encryption key ROM, 74... Working RA~1.75...
Data ROM, 76... Encryption key ROM, 77...
Main controller, 78... performance equipment. Questioner: Casio J1 Mathematics (Iku Co., Ltd. Kai 4th Figure m5 Figure 7 Figure 8 Figure 9) Figure 10 Figure 11

Claims (1)

[Claims] a terminal means, a security means for encrypting and decrypting transaction data based on a first method, and a decryption means attached to the terminal means and decrypting the transaction data based on a second method; Storage means for storing transaction data provided from the terminal means and encrypted by the security means, and transaction data provided from outside the terminal and doubly encrypted based on at least the first and second methods; Among the transaction data stored in the IC card, the transaction data given from the terminal means is decrypted by the security means and taken out to the terminal means, and the transaction data given from the outside of the terminal means is provided. The IC card system is characterized in that the transaction data is decoded by the IC card and the security means and taken out to the terminal means.