AU2003206928A1 - Method for determination of the authorisation of a person to use a portable data support - Google Patents

Method for determination of the authorisation of a person to use a portable data support

Info

Publication number
AU2003206928A1
AU2003206928A1 AU2003206928A AU2003206928A AU2003206928A1 AU 2003206928 A1 AU2003206928 A1 AU 2003206928A1 AU 2003206928 A AU2003206928 A AU 2003206928A AU 2003206928 A AU2003206928 A AU 2003206928A AU 2003206928 A1 AU2003206928 A1 AU 2003206928A1
Authority
AU
Australia
Prior art keywords
data support
person
authorisation
determination
portable data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
AU2003206928A
Other versions
AU2003206928A8 (en
Inventor
Gisela Meister
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Giesecke and Devrient GmbH
Original Assignee
Giesecke and Devrient GmbH
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Giesecke and Devrient GmbH filed Critical Giesecke and Devrient GmbH
Publication of AU2003206928A1 publication Critical patent/AU2003206928A1/en
Publication of AU2003206928A8 publication Critical patent/AU2003206928A8/en
Abandoned legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1008Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • G06Q20/40145Biometric identity checks
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/20Individual registration on entry or exit involving the use of a pass
    • G07C9/22Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder
    • G07C9/25Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder using biometric data, e.g. fingerprints, iris scans or voice recognition
    • G07C9/257Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder using biometric data, e.g. fingerprints, iris scans or voice recognition electronically
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3231Biological data, e.g. fingerprint, voice or retina
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/56Financial cryptography, e.g. electronic payment or e-cash
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless
    • H04L2209/805Lightweight hardware, e.g. radio-frequency identification [RFID] or sensor

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • General Engineering & Computer Science (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Signal Processing (AREA)
  • Health & Medical Sciences (AREA)
  • Human Computer Interaction (AREA)
  • Biodiversity & Conservation Biology (AREA)
  • Biomedical Technology (AREA)
  • General Health & Medical Sciences (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Finance (AREA)
  • Storage Device Security (AREA)
  • Measuring Pulse, Heart Rate, Blood Pressure Or Blood Flow (AREA)
  • Burglar Alarm Systems (AREA)
  • Collating Specific Patterns (AREA)
  • Time Recorders, Dirve Recorders, Access Control (AREA)

Abstract

A method for determination of the authorisation of a person to use a portable data support (10), with a checking device (32) is disclosed. A biometric feature of the authorised person is used by the checking device (32) to reproduce a data support code also stored on the data support (10) on a utilisation occurring. The data support code (DTK, CV) is formed by modification of a reference data set (BIOR) derived from the biometric feature. The data support code (DTK, CV) unequivocally assigns the data support (10) to a present authorised person. As the biometric feature is only used in modified form it is not possible to simulate a data support (10) merely with knowledge of the biometric reference data set (BIOR).
AU2003206928A 2002-02-20 2003-02-19 Method for determination of the authorisation of a person to use a portable data support Abandoned AU2003206928A1 (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
DE10207056A DE10207056A1 (en) 2002-02-20 2002-02-20 Procedure for proving a person's authorization to use a portable data carrier
DE10207056.3 2002-02-20
PCT/EP2003/001678 WO2003071492A2 (en) 2002-02-20 2003-02-19 Method for determination of the authorisation of a person to use a portable data support

Publications (2)

Publication Number Publication Date
AU2003206928A1 true AU2003206928A1 (en) 2003-09-09
AU2003206928A8 AU2003206928A8 (en) 2003-09-09

Family

ID=27674768

Family Applications (1)

Application Number Title Priority Date Filing Date
AU2003206928A Abandoned AU2003206928A1 (en) 2002-02-20 2003-02-19 Method for determination of the authorisation of a person to use a portable data support

Country Status (6)

Country Link
EP (1) EP1479049B1 (en)
AT (1) ATE339745T1 (en)
AU (1) AU2003206928A1 (en)
DE (2) DE10207056A1 (en)
ES (1) ES2271531T3 (en)
WO (1) WO2003071492A2 (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1199138C (en) * 2000-03-31 2005-04-27 日立建机株式会社 System for determining rental of construction machine
JP4869944B2 (en) * 2003-12-24 2012-02-08 テレコム・イタリア・エッセ・ピー・アー User authentication methods and related architectures based on the use of biometric identification technology
DE102005008257A1 (en) * 2005-02-23 2006-08-24 Giesecke & Devrient Gmbh Person authenticating method for use in test control unit, involves reconstructing error corrected un-alienated authentication data from alienated data and authenticating person based on un-alienated data and reference authentication data

Family Cites Families (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4993068A (en) * 1989-11-27 1991-02-12 Motorola, Inc. Unforgeable personal identification system
US5280527A (en) * 1992-04-14 1994-01-18 Kamahira Safe Co., Inc. Biometric token for authorizing access to a host system
AT405218B (en) * 1995-12-21 1999-06-25 Siemens Ag Oesterreich IDENTIFICATION SYSTEM WITH ELECTRONIC CHIP CARD
DE19702049C1 (en) * 1997-01-22 1998-05-14 Ibm Chipcard cryptographic key certification method
WO1998050875A2 (en) * 1997-05-09 1998-11-12 Gte Government Systems Corporation Biometric certificates
DE19811332A1 (en) * 1998-03-16 1999-09-23 Giesecke & Devrient Gmbh Method of checking a biometric characteristic satisfies very high safety standard and can be implemented at supportable cost
DE19851074C2 (en) * 1998-11-05 2002-03-14 Elsdale Ltd System and method for the secure identification and registration of people as well as a suitable registration device
DE19922946A1 (en) * 1999-05-14 2000-11-23 Daimler Chrysler Ag Applying authentication data to hardware unit, e.g. chip card having private key by encrypting data using public key and transmitting to hardware unit
DE19924628A1 (en) * 1999-05-28 2000-11-30 Giesecke & Devrient Gmbh Setup and method for biometric authentication
DE19940341A1 (en) * 1999-08-25 2001-03-01 Kolja Vogel Data protection procedures
DE10037176C2 (en) * 2000-07-31 2002-10-17 Orga Kartensysteme Gmbh Data carrier with encrypted personalized data

Also Published As

Publication number Publication date
DE10207056A1 (en) 2003-09-04
DE50305032D1 (en) 2006-10-26
WO2003071492A2 (en) 2003-08-28
WO2003071492A3 (en) 2004-03-04
ES2271531T3 (en) 2007-04-16
EP1479049A2 (en) 2004-11-24
ATE339745T1 (en) 2006-10-15
AU2003206928A8 (en) 2003-09-09
EP1479049B1 (en) 2006-09-13

Similar Documents

Publication Publication Date Title
WO1999030238A3 (en) Secure class resolution, loading and definition
WO2005124551A3 (en) System and method for building full batch test environments
WO2006127359A3 (en) System and method for unlimited licensing to a fixed number of devices
WO2003087982A3 (en) Method and system for problem determination in distributed enterprise applications
WO2004032462A3 (en) Identification based operational modification of a portable electronic device
WO2003062946A3 (en) System and method for generating user interface code
WO2004006536A3 (en) Method of preventing unauthorized distribution and use of electronic keys using a key seed
WO2005033875A3 (en) Method and system for managing dynamic terms and conditions and user interaction
WO2004114095A3 (en) Improved resource allocation technique
WO2003017053A3 (en) Test enabled application execution
CA2365315A1 (en) Method for permitting debugging and testing of software on a mobile communication device in a secure environment
ATE325384T1 (en) SYSTEMS AND METHODS FOR INTEGRITY CERTIFICATION AND VERIFICATION OF CONTENT CONSUMPTION ENVIRONMENTS
EP1571528A3 (en) Computer security system and method
AU2003267042A1 (en) Methods and systems for archiving data
WO2004051406A3 (en) Enhanced system, method and medium for certifying and accrediting requirements compliance utilizing robust risk assessment model
GB2440697A (en) Computer security system and method
GB0400021D0 (en) Methods and apparatus for rapidly activating inactive components in a computer system
WO2003038550A3 (en) Systems and methods for table driven automation testing of software programs
WO2007035580A3 (en) Providing local access to managed content
WO2003023993A3 (en) Mobile apparatus for configuring portable devices to be used on-board mobile platforms
WO2008017052A3 (en) Personal location code
WO2003090050A3 (en) System and method for detecting malicicous code
EP1672871A3 (en) Trust based relationships
WO2004044738A3 (en) Techniques for supporting application-specific access controls with a separate server
WO2005026877A3 (en) Methods and apparatus for determining device integrity

Legal Events

Date Code Title Description
MK6 Application lapsed section 142(2)(f)/reg. 8.3(3) - pct applic. not entering national phase