AT512958B8 - Method for transmitting card data - Google Patents

Method for transmitting card data Download PDF

Info

Publication number
AT512958B8
AT512958B8 ATA595/2012A AT5952012A AT512958B8 AT 512958 B8 AT512958 B8 AT 512958B8 AT 5952012 A AT5952012 A AT 5952012A AT 512958 B8 AT512958 B8 AT 512958B8
Authority
AT
Austria
Prior art keywords
cryptogram
card
card reader
random number
card data
Prior art date
Application number
ATA595/2012A
Other languages
German (de)
Other versions
AT512958A1 (en
AT512958B1 (en
Inventor
Edith Dipl Ing Gruber
Original Assignee
Card Complete Service Bank Ag
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Card Complete Service Bank Ag filed Critical Card Complete Service Bank Ag
Priority to ATA595/2012A priority Critical patent/AT512958B8/en
Publication of AT512958A1 publication Critical patent/AT512958A1/en
Publication of AT512958B1 publication Critical patent/AT512958B1/en
Application granted granted Critical
Publication of AT512958B8 publication Critical patent/AT512958B8/en

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1008Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/346Cards serving only as information carrier of service
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions

Abstract

Die Erfindung betrifft ein Verfahren zur Übertragung von auf einer Karte (1)gespeicherten Kartendaten über einen Kartenleser (2) an einen Endpunkt (3), wobei derKartenleser (2) vom Endpunkt (3) authentifiziert wird, wobei das Verfahren folgendeSchritte umfasst: der Kartenleser (2) generiert eine Zufallszahl, legt sie in einemgeschützten Speicherbereich ab und verschlüsselt sie als erstes Kryptogramm (4); daserste Kryptogramm wird gemeinsam mit einer Identifikationsnummer des Kartenlesers(2) in einer Datenbank (5) abgelegt; der Kartenleser (2) verschlüsselt die in seinemgeschützten Speicherbereich abgelegte Zufallszahl gemeinsam mit weiteren von derKarte gelesenen Kartendaten und sendet sie als zweites Kryptogramm (6) gemeinsammit seiner Identifikationsnummer an den Endpunkt (3); der Endpunkt (3) empfängt daszweite Kryptogramm (6), bezieht durch Abfrage der Datenbank (5) das ersteKryptogramm (4), entschlüsselt das erste Kryptogramm (4) und das zweiteKryptogramm (6) und vergleicht die resultierende erste Zufallszahl mit derresultierenden zweiten Zufallszahl.The invention relates to a method for transmitting card data stored on a card (1) via a card reader (2) to an endpoint (3), wherein the card reader (2) is authenticated by the endpoint (3), the method comprising the steps of: the card reader (2) generates a random number, places it in a protected memory area and encrypts it as the first cryptogram (4); the first cryptogram is stored together with an identification number of the card reader (2) in a database (5); the card reader (2) encrypts the random number stored in its protected memory area together with other card data read from the card and sends it as the second cryptogram (6) together with its identification number to the end point (3); the end point (3) receives the second cryptogram (6), obtains the first cryptogram (4) by polling the database (5), decrypts the first cryptogram (4) and the second cryptogram (6) and compares the resulting first random number with the resulting second random number.

ATA595/2012A 2012-05-21 2012-05-21 Method for transmitting card data AT512958B8 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
ATA595/2012A AT512958B8 (en) 2012-05-21 2012-05-21 Method for transmitting card data

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
ATA595/2012A AT512958B8 (en) 2012-05-21 2012-05-21 Method for transmitting card data

Publications (3)

Publication Number Publication Date
AT512958A1 AT512958A1 (en) 2013-12-15
AT512958B1 AT512958B1 (en) 2014-07-15
AT512958B8 true AT512958B8 (en) 2014-08-15

Family

ID=49919819

Family Applications (1)

Application Number Title Priority Date Filing Date
ATA595/2012A AT512958B8 (en) 2012-05-21 2012-05-21 Method for transmitting card data

Country Status (1)

Country Link
AT (1) AT512958B8 (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE19641776A1 (en) * 1996-09-04 1997-03-13 Telecash Kommunikations Servic Program-controlled selective line connection for chip card terminal
JPH11282998A (en) * 1998-03-31 1999-10-15 Oki Electric Ind Co Ltd User card, communication terminal equipment, communication server, communication system and user authentication method for communication system
FR2796232A1 (en) * 1999-07-09 2001-01-12 Scm Schneider Microsysteme Mic METHOD AND DEVICE FOR SECURING ACCESS AND TRANSFERS OF DATA IN A COMPUTER SYSTEM
EP1701312A1 (en) * 2005-03-11 2006-09-13 NTT DoCoMo Inc. Authentication device, mobile terminal, and authentication method
US20070168674A1 (en) * 2003-12-09 2007-07-19 Masao Nonaka Authentication system, authentication apparatus, and recording medium

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE19641776A1 (en) * 1996-09-04 1997-03-13 Telecash Kommunikations Servic Program-controlled selective line connection for chip card terminal
JPH11282998A (en) * 1998-03-31 1999-10-15 Oki Electric Ind Co Ltd User card, communication terminal equipment, communication server, communication system and user authentication method for communication system
FR2796232A1 (en) * 1999-07-09 2001-01-12 Scm Schneider Microsysteme Mic METHOD AND DEVICE FOR SECURING ACCESS AND TRANSFERS OF DATA IN A COMPUTER SYSTEM
US20070168674A1 (en) * 2003-12-09 2007-07-19 Masao Nonaka Authentication system, authentication apparatus, and recording medium
EP1701312A1 (en) * 2005-03-11 2006-09-13 NTT DoCoMo Inc. Authentication device, mobile terminal, and authentication method

Also Published As

Publication number Publication date
AT512958A1 (en) 2013-12-15
AT512958B1 (en) 2014-07-15

Similar Documents

Publication Publication Date Title
WO2017091730A3 (en) Automated health data acquisition, processing and communication system and method
Li et al. Empirical study of influence factors of adaption intention of mobile payment based on TAM model in China
WO2013045743A3 (en) Payment system
MY187905A (en) Method and apparatus for providing card service using electronic device
MX2015009683A (en) Smart card and smart card system with enhanced security features.
MX2017001114A (en) Transaction management method by recognition of the registration number of a vehicle.
EP2579116A3 (en) Method for securing the authorized access to an automation field device
WO2017081603A3 (en) Method and system for protecting and utilizing internet identity, using smartphone
GB201309396D0 (en) Payment unit, system and method
MX2021012650A (en) Data logger unit, sensor unit, absorbent article management system and identification method.
AT512958B8 (en) Method for transmitting card data
EP3334086A4 (en) Online authentication method based on smart card, smart card and authentication server
GB201212545D0 (en) Data entry
MY180416A (en) Method for generating and displaying a security code for a payment card, payment card
WO2015108924A3 (en) Authentication system
Gaul et al. Aktuelles Arbeitsrecht
TW201612832A (en) Cloud-type insurance product marketing system and its implementing method
Ozturkcan et al. On-line Reviews’ Impact on Trust Building
Spath et al. A quick-check to identify potentials by urban manufacturing for industrial enterprises
문상영 et al. Determinants of Entrepreneurship: Gender Differences in Korea
TH166504A (en) The command-entry terminal and the command-entry system use the same and a method for changing the input mode of the command-receiving terminal.
ZAVIALOV et al. VALIDITY OF PROPERTY RENTAL AGREEMENTS DURING THE MARTIAL STATE
Dougill et al. Keep Talking & Monitoring: the importance of longitudinal research & community-based monitoring to support sustainable land management in southern Africa
He et al. Influencing Factors of Agricultural Products Logistics Transportation Mode Selection-an Empirical Research Based on SEM
Vishnevskiy Effect of corporate hedging on financial ratios: evidence from Russian companies