AU656245B2 - Method and system for secure, decentralised personalisation of smart cards - Google Patents
Method and system for secure, decentralised personalisation of smart cards Download PDFInfo
- Publication number
- AU656245B2 AU656245B2 AU29183/92A AU2918392A AU656245B2 AU 656245 B2 AU656245 B2 AU 656245B2 AU 29183/92 A AU29183/92 A AU 29183/92A AU 2918392 A AU2918392 A AU 2918392A AU 656245 B2 AU656245 B2 AU 656245B2
- Authority
- AU
- Australia
- Prior art keywords
- smart card
- issuer
- terminal device
- retailer
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Ceased
Links
Description
4 t
I
I
~i I' C cr
~I
"OPI DATE 15/06/93 AOJP DATE 19/08/93 APPLN. ID 29183/92 PCT NUMBER PCT/AU92/00608 11111111111 111111111111111 111111 I l1ll AU9229183 11' ii I 'tiv11tii IfAL ArtrL-LjiAI iuI runLIi I1 U UINULK 11t- 'AlbNI tN UUIRtKA lUN IKEAI'Y(PCT) (51) International Patent Classification 5 (11) International Publication Number: WO 93/10509 G06K 19/073, G09C 1/00 Al (43) International Publication Date: 27 May 1993 (27.05.93) (21) International Application Number: PCT/AU92/00608 (81) Designated States: AT, AU, BB, BG, BR, CA, CH, CS, DE, DK, ES, FI, GB, HU, JP, KP, KR, LK, LU, MG, (22) International Filing Date: 10 November 1992 (10.11.92) MN, MW, NL, NO, PL, RO, RU, SD, SE, UA, US, European patent (AT, BE, CH, DE, DK, ES, FR, GB, GR, IE, IT, LU, MC, NL, SE), OAPI patent (BF. BJ, CF, Priority data: CG, CI, CM, GA, GN, ML, MR, SN, TD, TG).
PK9443 12 November 1991 (12.11.91) AU Published (71) Applicant (for all designated States except US): SECURITY With international search report.
DOMAIN PTY. LTD. [AU/AU]; 32 Ridge Street, North Sydney, NSW 2060 (AU).
(72) Inventors; and 5 6 Inventors/Applicants (for US only) LAING, Simon, Gordon [IE/AU]; 54 Valley Road, Hornsby, NSW 2077 BOWCOCK, Matthew, Philip [AU/AU]; 7 Wharf Road, Longueville, NSW 2066 (AU).
(74) Agent: GRIFFITH HACK CO.; G.P.O. Box 4164, Sydney, NSW 2001 (AU).
(54)Title: METHOD AND SYSTEM FOR SECURE, DECENTRALISED PERSONALISATION OF SMART CARDS (57) Abstract This invention concerns a method for securely writing ADS confidential data from an Issuer to a customer smart card at a A remote location, comprising the steps of: establishing a com- munications link between a retailer data terminal device at the r remote location and the Issuer's secure computer; establishing a communications link between a secure terminal device, which t j includes a smart card reader/writer, and the data terminal de- DTE vice; authenticating the retailer to the Issuer and the Issuer to the retailer, by means of a retailer smart card presented to the secure terminal device; establishing a session key for enciphering data traffic between the secure terminal device and the Is- suer's computer, using the retailer smart card; presenting the customer smart card to the secure terminal device; then enci- 7 phering the confidential data under the session key and writing STE it from the Issuer's computer to the customer smart card. In a further aspect the invention concerns a system for securely writing confidential data from an Issiter to a customer smart card in a remote location. 8 i
K/
WO093/10509 PCr/AU92/00608 "ME2THOD AND SYSTEM FOP. SECURE, DECENTRALISED PERSONALIS.ATION OF SMART CARDS" TECHNICAL FIELD This invention concerns a method for securely writing confidential data to smart cards in remote, insecure locations. In a second aspect the invention concerns a system for securely writing the confidential data. Smart Cards are used as a highly-secure means of storing data in a portable form. They are of particular use, for example, in cryptographic applications for the storage of cipher keys.
BACKGROUND OF THE INVENTION When a smart card is manufactured, the manufacturer 'burns in' a unique identifying serial number. In addition the manufacturer installs a manufacturer's 'Master' Secret Code.
The card and the Master Secret Code are subsequently conveyed to the Issuer by separate means. Upon receipt by the Issujr the card is accessed by presenting the Master Secret Code and that code is then changed to a fresh 'Issuer' Secret Code not known to the manufacturer. One or more User Secret Codes are then stored in the card and used to protect access to confidential user Initial user data may then be stored in the card. The card and the User Secret Code(s) are ultimately conveyed to a user by separate means, and the appropriate User Secret Code(s) must be correctly presented to the smart card by thi user, before access to the card is allowed.
The process of presentation of the Master Secret Code, storage of the Issuer Secret Code, storage of the User Secret Codes, and initial storage of user data, is commonly called Personalisation, and is traditionally donej b.' WO 93/10509 PCT/AU92/00608 -2in a secure "Personalisation Centre" by the Issuer. This approach is costly, time-consuming and relatively insecure.
SUMMARY OF THE INVENTION According to the present invention, as currently envisaged, there is provided a method for securely writing confidential data from an Issuer to a customer smart card at a remote location, comprising the steps of: establishing a communications link between a retailer data terminal device at the remote location and the Issuer's secure computer; establishing a communications link between a secure terminal device, which includes a smart card reader/writer, and the data terminal device; authenticating the retailer to the Issuer and the Issuer to the retailer, by means of a retailer smart card presented to the secure terminal device; establishing a session key for enciphering data traffic between the secure terminal device and the Issuer's computer, using the retailer smart card; presenting the customer smart card to the secure terminal device; then enciphering the confidential data under the session key and writing it from the Issuer's computer to the customer smart card.
Preferably the method includes the step of i establishing a second session key for enciphering data traffic between the data terminal device and the Issuer's computer.
Preferably the retailer is authenticated to the Issuer by entering a retailer secret code which is checked by the retailer smart card, then a cipher key is read from the retailer smart card to the secure terminal device and I i' WO 93/10509 PCT/AU92/00608 3 checked by a challenge sent by the Issuer. Optionally the Issuer is subsequently authenticated to the retailer using a cipher key which is read from the retailer smart card to the secure terminal device and used to challenge the Issuer.
Preferably the session keys are established by using a cipher key to encrypt the combined product of two random numbers, one of which was generated by the first party and sent to the second party, the other of which was generated by the second party and sent to the first party.
Advantageously the confidential data is an Issuer Secret Code present in the customer smart card to prevent access to the card, and required to open the card to accept data.
Preferably the confidential data comprises a directory and file structures, and data.
According to a further aspect of the invention, as currently envisaged, there is provided a system for securely writing confidential data from an Issuer to a customer smart card in a remote location, comprising: the Issuer's secure computer; a retailer data terminal device at the remote location selectively in communication with the computer by means of a communizations link; a secure terminal device at the remote location, including a smart card reader/writer, selectively in communication with the computer via the data terminal device; a retailer smart card containing the data required to authenticate the retailer to the Issuer and the Issuer to the retailer, and the data required to establish a session i key for enciphering traffic between the secure terminal device and the Issuer's computer; a customer smart card able to accept the confidential
I
WO 93/10509 PCT/AU92/00608 4 data, when presented to the secure terminal device, written from the computer enciphered under the session key.
Preferably the retailer smart card also contains the data required to establish a second session key for enciphering traffic between the data terminal device and the Issuer's computer.
Preferably the confidential data is an Issuer Secret Code, present in the customer smart card to prevent access to the card, and required to open the card to accept data.
This method and system permit personalisation of the smart card at a location convenient to the customer, such as the point of sale of the item, or service, with which the smart card is subsequently to be used. Such locations are unlikely to be secure, may be widely dispersed from any central administrative centre, and may be operated by staff who do not work for the Card Issuer. Furthermore the method provides a decentralised personalisation service in a manner that ensures the security of all confidential data transferred between components of the system.
As smart cards are used more widely in mass consumer applications such as mobile telephony and Pay TV, the high volume of smart cards issued, and the widely dispersed customer population will make decentralised personalisation highly cost-effective and competitive.
Once the infrastructure for a decentralised personalisation system is in place, it can be used for securely loading data other than personalisation data into previously personalised smart cards.
BRIEF DESCRIPTION OF THE DRAWING The invention will now be described by way of example 'i only, with reference to the accompanying drawing which is S- WO 93/10509 PCT/AU92/00608 a schematic diagram showing the relationships between the components of the system.
BEST MODE FOR CARRYING OUT THE INVENTION Method and system 1 involve the interaction of three entities: The Issuer 2 is the organisation which ultimately provides the goods or services that are obtained through the use of the customer smart card. It is responsible for the system as a whole, for the purchase of smart cards, and for their supply to Retailers. This organisation coulu be the central office of a bank, or a telecommunications operator, for example.
The Retailer 3 is the institution which represents the Issuer 2 in a particular local area. It could be a bank branch, or a newsagent, for example.
The Customer 4 is the end-user of the service, and the holder of the smart card that gives access to that service.
The elements involved in the process of decentralised personalisation are: A Central Administration System 5 (ADS) A computer system in a secure location that is equipped to communicate by telecommunications links with the other, remotely sited, components of the system. These links are assumed to be insecure. The system 5 also includes a secure database of Retailer Keys.
S A Data Terminal Device 6 (DTE).
A small computer system (such as a Personal Computer) located in the Retailer's premises. It is equipped to communicate, by a telecommunications link, with the Central Administration System. This system is not considered to be secure by the Issuer.
WO 9310509PCT/A U92/00608 -6- 4 A Secure Terminal Device 7 (STE) A tamper-resistant, progranmmable device comprising a numeric and function keypad, a display, and a smart card reader/writer. It communicates with the Data Terminal device 6 by a serial conmmunications l ink.
Smart Cards or Integrated Circuit Cards (ICC).
These are read and written to by the Secure Terminal device. Two categories of smart card are used within the system: Retailer Cards 8.
Each Retailer is issued with one Retailer Card, which has already been securely personalised by the Issuer. It contains the data required to gain access to, and use, the system. This data is protected from access by several Secret Codes, some known only to the Retailer, and some known only to the Central Administration System.
Customer Smart Cards 9.
These are the smart cards that will be issued by the Retailer 3 to his Customers 4.
They are held in stock in an unpersonalised state, exactly as they were shipped from the card manufacturer.
The operation of the method and system will be described by analysing each phase in the personalisation of a Customer smart card from the perspective of the Retailer. These phases are identified as: Session Establishment; Personalisation of Customer Smart Card; Session Termination; Modification of Data on Customer Smart Cards.
WO 93/10509 PCT/AU92/00608 7 In general, there are several different operations involved in each phase.
Session Establishment 1) Retailer System Startup On startup, the Data Terminal device sets up a communications link with the Central Administration System. This link is used for all future communications between the Central Administration System and the Data Terminal device.
2) Retailer Sign-On Once the communications link is established, the Retailer is prompted to insert his Retailer Card in the Secure Terminal device. The Retailer is then prompted by the Secure Terminal device to enter his personal Secret Code which is passed directly to the smart card for checking.
3) Retailer Authentication Ii the check of the Retailer's Secret Code succeeds, the Secure Terminal device reads a unique unprotected, read-only serial number from the smart card, and sends it to the Central Administration System via the Data Terminal device. Thus the Administration System knows which smart card is in use.
The Secure Terminal device then reads a unique cipher key out of a file on the smart card which was set up during personalisation so that it can only be read after the Retailer's Secret Code has been correctly presented.
The Central Administration System then sends a random number (a challenge) to the Secure Terminal device, via the Data Terminal device. The Secure Terminal device enciphers the challenge using the WO 93/10509 PCT/AU92/00608 -8 cipher key read from the smart card and sends the result (the response) back to the Central Administration System. Since the Central Administration System maintains a record of the keys held on every Retailer Card issued, it is able to validate the response by also enciphering the random number challenge using the same cipher key, and comparing the result with the response received from the Secure Terminal device. If the two values are identical, the Retailer has successfully authenticated himself to the Central Administrative System.
4) Issuer Authentication Authentication of the Retailer only provides part of the seci:ity needed. It is equally important to ensure that the Central Administration System is authentic. This is achieved by performing an enciphered challenge-response in the reverse direction using a random data challenge generated within the Secure Terminal device, and using a key read from the Retailer Card. If the Central Administration System is authentic, it will also have a record of this key, and will be able to encipher the challenge and send back the correct response. 5) Establishment of Session Keys Once both the Central Administration System and the Retailer System have authenticated each other, they can mutually establish session keys for enciphering future data traffic between them. This is done by one party sending the other a random number. Both parties then combine these two numbers together (for example, by exclusive ORing them) and encipher the result, using a key known only to them, to produce a new number the Session Key. Future I WO 93/10509 PCT/AU92/00608 -9data traffic can then be enciphered using this session key. Whenever the session is terminated, and a new one started, new random numbcrs are used, resulting in a new session key.
Two session keys are required for securing communication between the different components of the system, one 10 between the Secure Terminal device 7 and the Central Administration System 5 and a second, optional, key 11 between the Data Terminal device 6 and the Central Administration System 5. By using different session keys, tight security can be maintained because intermediate parties in an exchange of messages between two parties are not privy to the contents of the messages they are simply passing on.
6) Collection and Transmission of Customer Details The Retailer may now obtain from the Customer any personal data required by the Central Administration System before personalisation of a Customer smart card can proceed. This data may be entered into the Data Terminal device, enciphered under the Data Terminal device-Central Administration System sessic, key 11 (to protect the confidentiality of the Customer data in transit over the link), and sent to the Central Administration System.
7) Assessment of Customer Data If appropriate, the Central Administration System now checks t*he Customer data (for example, runs a credit check), and determines whether or not personalisation of a Customer smart card may proceed.
The decision is communicated to the Retailer via the Data Terminal device.
Personalisation of Customer smart card WO 93/10509 i 1. PCT/AU92/08608 10 8) Selection of Customer smart card If the Central Administration System allows personalisation to proceed, the Retailer removes his Retailer Card from the Secure Terminal device, selects a smart card from stock, and inserts it in the Secure Terminal device. The identity of the smart card is then communicated to the Central Administration System, either by the Retailer entering identifying information into the Data Terminal device, or by the Secure Terminal device reading a Serial Number out of the smart card and sending it to the Central Administration System.
9) Presentation of Manufacturer's Master Secret Code At this stage, the smart card is protected from general access by a unique Master Secret Code written into it by the manufacturer. The method by which the Master Secret Code can be computed for any smart card in a batch will have been separately communicated to the Czrd Issuer. In order to gain access to the smart card, its Master Secret Code must be presented and this is done by computing the Master Secret Code in the Central Administration System then sending it to the Secure Terminal device, enciphered under the Central Administration System-Secure Terminal device session key 10. In the Secure Terminal device, it is deciphered and presented to the smart card. This has the effect of opening up the smart card for further accesses.
10) Smart Card Set Up Once the smart card has been "opened" by presentation of the Master Secret Code, it can be set up to meet the Customer's and Issuer's requirements.
This involves creating various data structures on the smart card, and writing appropriate data to them, and
V
WO 93/10509 PCT/AU92/00608 11 to other locations on the smart card. All instructions on the manner in which the smart card is to be set up are sent from the Central Administration System enciphered under the Central Administration System-Secure Terminal device session key Similarly, all data written to the smart card are sent from the Central Administration System enciphered under the Central Administration System-Secure Terminal device session key 11) Entry of Customer Secret Code At this point, the Customer may be required to enter the Secret Code he will subsequently use to protect access to his personal data held on the smart card. He is prompted on the Secure Terminal device display to enter his Customer Secret Code, and does so using the Secure Terminal device's keypad. This ensures that nobody else, not even the Retailer, knows his Secret Code. The entered Secret Code is written to the smart card where it is securely stored to be used by the smart card microprocessor to validate future presentations of the Customer Secret Code.
Session Termination 12) Customer Smart Card Handover The Customer may now remove his smart card from the Secure Terminal device and begin to use it.
13) Termination of Communications Session The communications session with the Central Administration System is now terminated, which involves erasure of all session keys that were being used. I 14) Breaking of Communications Link The communications link with the Central
-L~
1~~ PCr/AU92/00608 I WO093/10509 12 Administration System may now be broken, or left open for use in the personalisation of other smart cards.
Modification of Data on Customer- smrart cards There may be a need to modify some of the secure data on the Customer's smart card, at some stage after personal isat ion. This can be accomplished by using exactly the same method, but varying the data that is written to the Customer smart card during the "Smart Card Set Up" step.
Lm Example of Practical Implementation To take a specific example, the GSM digital mobile telephone network relies upon smart cards called Subscriber Identity Modules (SIMs) inserted in mobile telephone handsets to authenticate users as valid subscribers to the network. It also subsequently uses the Subscriber Identity Module to generate a different session key f or each phone call made. This session key is used to encipher all data, such as voice data, transmitted f rom, and to, that mobile telephone during that call. In order to operate, therefore, each Subscriber Identity Module must be individually initialised to contain unique, identifying information and cryptographic keys prior to issue to a suLocriber.
Each Retailer is provided with the following: a Personal Computer (Data Terminal device); a secure, tamper-resistant PIN pad (Secure Terminal device), which incorporates a smart card reader; a Retailer smart card, already personalised by the Issuer and set up to contain: a Retailer Secret Code known only to the Retailer; :1 h-.
WO 93/10509 PCT/AU92/00608 13 cipher keys known only to the Issuer, in a file protected by an Issuer Secret Code from general access; a stock of unpersonalised blank Subscriber Identity Modules, that are protected from general access by a Manufacturing Secret Code.
When a prospective new Subscriber to the network approaches the Retailer to open a subscription, the Retailer establishes a communications link with the Central Administration Syscem, using his Retailer smart card to authenticate himself, and to authenticate the Central Administration System, and to establish session keys between the Secure Terminal device and Central Administration System, and between the Data Terminal device and Central Administration System.
The Retailer then enters the new Subscriber's personal, and financial details into the Data Terminal device, where they are enciphered using the Central Administration System-Data Terminal device session key and sent to the Central Administration System. In the Central Administration System, the details are deciphered and used to run a credit check on the new Subscriber. If this is successful, the Retailer is notified, by means of an enciphered message sent from the Central Administration System to the Data Terminal device, that personalisation can proceed.
l ~The Retailer selects a Subscriber Identity Module Sfrom his stock, depending on Subscriber preference, and the type of mobile telephone the Subscriber will use. He inserts the Subscriber Identity Module in the Secure Terminal device and the personalisation data is sent from the Central Administration System, enciphered under the Central Administration System-Secure Terminal device WO 93/10509 PCT/AU92/00608 14 session key. This data is deciphered in the Secure Terminal device before being written to the Subscriber Identity Module. This data includes instructions on the directory and file structures to be set up in the Subscriber Identity Module, as well as the information that is to be written to certain of these files, and to other locations in the Subscriber Identity Module. Data of particular note that is wricten to the Subscriber Identity Module at this time is: the Subscriber's unique International Mobile Subscriber Identification (IMSI) number; the authentication key (Ki); the Subscriber Identity Module Service Table, which defines which of the available network services the Subscriber has actually accepted; the PLMN Selector, which sets up an initial order of preference for the selection of network, when the Subscriber is out of range of his home network.
Once the Subscriber Identity Module has been set up, the Subscriber may enter his PIN Code '(which will be his personal Secret Code protecting access to the Subscriber Identity Module) into the Secure Terminal device, which writes it to the Subscriber Identity Module. He may also enter his PIN unblocking key which is also written to the Subscriber Identity Module for use in the event the user forgets his PIN code.
The telephone number of the Subscriber is then communicated, enciphered under the Central Administration System-Data Terminal device session key, from the Central Administration System to the Data Terminal device. The Retailer informs the Subscriber of the number, prints out a record of the entire transaction, and hands the new Subscriber his Subscriber Identity Module. The Subscriber WO 93/10509 PCT/AU92/00608 15 is then in a position to use the network.
At this point all communications sessions are terminated by the erasure of the session keys and the communictions link may be broken.
Since all information written to the Subscriber Identity Module originated from the Central Administration Syatem, the Central Administration System holds a complete record of what is stored on the Subscriber Identity Module, as well as personal, financial and other Subscriber information. It is therefore able to route calls to the Subscriber, allocate charges correctly as they are incurred, and issue bills.
r
Claims (12)
1. A method for securely writing confidential data from an Issuer to a customer smart card at a remote location, comprising the steps of: establishing a communications link between a retailer data terminal device at the remote location and the Issuer's secure computer; establishing a communications link between a secure terminal device, which includes a smart card reader/writer, and the data terminal device; authenticating the retailer to the Issuer and the Issuer to the retailer, by means of a retailer smart card presented to the secure terminal device; establishing a session key for enciphering traffic between the secure terminal device and the Issuer's computer, using the retailer smart card; presenting the customer smart card to the secure terminal device; then enciphering the confidential data under the session key and writing it from the Issuer's computer to the customer smart card.
2. A method according to claim 1 comprising the additional step of establishing a second session key for enciphering traffic between the data terminal device and the Issuer's computer.
3. A method according to claim 1 or 2 wherein the retailer is authenticated to the Issuer by entering a retailer secret code which is checked by the retailer smart card, then a cipher key is read from the retailer smart card to the secure terminal device and checked by a challenge sent by the Issuer.
4. A method according to claim 3 wherein the Issuer is subsequently authenticated to the retailer using a cipher key which is read from the retailer smart card to i ;j WO 93/10509 17 the secure terminal device and used to check the validity of the response of the Issuer to a challenge sent by the secure terminal device equipment.
A method according to any one of claims 1 to 4, wherein the session keys are established by using a cipher key to encrypt the combined product of two random numbers, one of which was generated by the first party and sent to the second party, the other of which was generated by the second party and sent to the first party.
6. A method according to any one of claims 1 to wherein the confidential data is an Issuer Secret Code, present in the customer smart card to prevent access to the card, and required to open the card to accept data.
7. A method according to any one of claim 6, wherein the confidential data also comprises a directory and file structures, and data.
8. A method for securely writing confidential data from an Issuer to a customer smart card at a remote location substantially as herein described with reference to the accompanying drawing.
9. A system for securely writing confidential data from an Issuer to a customer smart card in a remote location, comprising: the Issuer's secure computer; a retailer data terminal device at the remote location selectively in communication with the computer by means of a communications link; a secure terminal device at the remote location, 1 including a smart card reader/writer, selectively in communication with the computer via the data terminal device; a retailer smart card containing the data required to authenticate the retailer to the Issuer and the Issuer to the retailer, and the data required to establish a WO 93/10509 PCT/AU92/00608 18 session key for enciphering traffic between the secure terminal device and the computer; a customer smart card able to accept the confidential data, when presented to the secure terminal device, written from the computer enciphered under the session key.
A system according to claim 9, wherein the retailer smart card also contains the data recruired to establish a second session key for enciphering traffic between the data terminal device and the computer.
11. A system according to claim 9 or 10, wherein the confidential data is an Issuer Secret Code, present in the customer smart card to prevent access to the card, and required to open the card to accept data.
12. A system for securely writing confidential data from an Issuer to a customer smart card in a remote location substantially as herein described with reference to the accompanying drawing. r* '4i
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| AU29183/92A AU656245B2 (en) | 1991-11-12 | 1992-11-10 | Method and system for secure, decentralised personalisation of smart cards |
Applications Claiming Priority (4)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| AUPK944391 | 1991-11-12 | ||
| AUPK9443 | 1991-11-12 | ||
| AU29183/92A AU656245B2 (en) | 1991-11-12 | 1992-11-10 | Method and system for secure, decentralised personalisation of smart cards |
| PCT/AU1992/000608 WO1993010509A1 (en) | 1991-11-12 | 1992-11-10 | Method and system for secure, decentralised personalisation of smart cards |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| AU2918392A AU2918392A (en) | 1993-06-15 |
| AU656245B2 true AU656245B2 (en) | 1995-01-27 |
Family
ID=25620989
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| AU29183/92A Ceased AU656245B2 (en) | 1991-11-12 | 1992-11-10 | Method and system for secure, decentralised personalisation of smart cards |
Country Status (1)
| Country | Link |
|---|---|
| AU (1) | AU656245B2 (en) |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US4453074A (en) * | 1981-10-19 | 1984-06-05 | American Express Company | Protection system for intelligent cards |
| EP0374012A1 (en) * | 1988-12-07 | 1990-06-20 | ETAT FRANCAIS représenté par le Ministre des Postes, Télécommunications et de l'Espace | Authentication apparatus for an interactive server |
| EP0385400A2 (en) * | 1989-03-01 | 1990-09-05 | Tandem Computers Incorporated | Multilevel security apparatus and method with personal key |
-
1992
- 1992-11-10 AU AU29183/92A patent/AU656245B2/en not_active Ceased
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US4453074A (en) * | 1981-10-19 | 1984-06-05 | American Express Company | Protection system for intelligent cards |
| EP0374012A1 (en) * | 1988-12-07 | 1990-06-20 | ETAT FRANCAIS représenté par le Ministre des Postes, Télécommunications et de l'Espace | Authentication apparatus for an interactive server |
| EP0385400A2 (en) * | 1989-03-01 | 1990-09-05 | Tandem Computers Incorporated | Multilevel security apparatus and method with personal key |
Also Published As
| Publication number | Publication date |
|---|---|
| AU2918392A (en) | 1993-06-15 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US5534857A (en) | Method and system for secure, decentralized personalization of smart cards | |
| US7362869B2 (en) | Method of distributing a public key | |
| US5864667A (en) | Method for safe communications | |
| CN100468469C (en) | Electronic wallet | |
| US5475756A (en) | Method of authenticating a terminal in a transaction execution system | |
| US5721781A (en) | Authentication system and method for smart card transactions | |
| US8601260B2 (en) | Creation of user digital certificate for portable consumer payment device | |
| RU2554529C2 (en) | Activation of service using algorithmically configured key | |
| US20110047082A1 (en) | Remote Electronic Payment System | |
| US20020161708A1 (en) | Method and apparatus for performing a cashless payment transaction | |
| US20030055792A1 (en) | Electronic payment method, system, and devices | |
| US20030069792A1 (en) | System and method for effecting secure online payment using a client payment card | |
| US6529886B1 (en) | Authenticating method for an access and/or payment control system | |
| CN103812649B (en) | Method and system for safety access control of machine-card interface, and handset terminal | |
| CA2418050A1 (en) | Linking public key of device to information during manufacture | |
| NO309346B1 (en) | Procedure for carrying out money transactions using a mobile phone system | |
| RU2323530C2 (en) | Method for registration and activation of pki functions | |
| KR20010022588A (en) | Method for the safe handling of electronic means of payment and for safely carrying out business transactions, and device for carrying out said method | |
| CA2551965A1 (en) | Secure transaction string | |
| WO2008052592A1 (en) | High security use of bank cards and system therefore | |
| GB2365264A (en) | System and method of authentication | |
| AU2715501A (en) | A system for recharging a prepaid value in respect of a telephone connection | |
| AU656245B2 (en) | Method and system for secure, decentralised personalisation of smart cards | |
| JP2003157366A (en) | Personal information management method, management device, physical distribution device, and goods physical distribution system | |
| EP1171849B1 (en) | Communication system and method for efficiently implementing electronic transactions in mobile communication networks |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| MK14 | Patent ceased section 143(a) (annual fees not paid) or expired |