AU716546B2 - Method when using synchronously operated chip cards - Google Patents
Method when using synchronously operated chip cards Download PDFInfo
- Publication number
- AU716546B2 AU716546B2 AU10964/97A AU1096497A AU716546B2 AU 716546 B2 AU716546 B2 AU 716546B2 AU 10964/97 A AU10964/97 A AU 10964/97A AU 1096497 A AU1096497 A AU 1096497A AU 716546 B2 AU716546 B2 AU 716546B2
- Authority
- AU
- Australia
- Prior art keywords
- chip card
- value
- state
- authentication operation
- switching arrangement
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Ceased
Links
Classifications
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/10—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
- G07F7/1008—Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/341—Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/409—Device specific authentication in transaction processing
- G06Q20/4093—Monitoring of device authentication
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/0806—Details of the card
- G07F7/0813—Specific details related to card security
- G07F7/082—Features insuring the integrity of the data on or in the card
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/0866—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means by active credit-cards adapted therefor
Landscapes
- Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- Computer Security & Cryptography (AREA)
- Strategic Management (AREA)
- General Business, Economics & Management (AREA)
- Theoretical Computer Science (AREA)
- Finance (AREA)
- Microelectronics & Electronic Packaging (AREA)
- Computer Networks & Wireless Communication (AREA)
- Control Of Vending Devices And Auxiliary Devices For Vending Devices (AREA)
Description
-1- Method when using synchronously operated chip cards Technical Field of the Invention The invention relates to a method of using synchronously operated chip cards as a cash-less payment means in an automatic vending machine.
The method according to the invention is used in particular in independently operated automatic vending machines whose operators are not identical to the sellers or resellers of the chip cards which are used as cash-less payment means in the automatic vending machines in question. The automatic vending machines are preferably automatic article or service vending machines, while the latter are preferably telephone stations.
Background Art Chip cards of the so-called third generation are known, which can cause the card content to become involved in a respective cryptographic operation to prove the authenticity of the chip card. Examples of such chip cards are the known SLE 443X from Siemens.
:Disclosure of the Invention 20 The object of the present invention is to improve the cryptographic method used ,in the known third-generation chip cards so that: not only the authenticity of the chip card but also the amount of a sum of money debited is cryptographically safeguarded; and excessive billed charge amounts of an independent operator to the card sellers or 25 card resellers which are caused by improper use of the chip cards, undertaken with fraudulent intent, are prevented, so that the respective charge amounts are necessarily paired with equivalent debits in respect of the chip cards.
According to the invention there is provided a method of using a synchronously operated chip card as a cash-less payment means in an automatic vending machine, wherein said chip card is provided with a switching arrangement having at least a first, second, third and fourth state, said method comprising the steps of: reading an image of said chip card by an evaluation unit; deriving a chip card code key in said evaluation unit; subjecting said chip card to a first authentication operation, wherein said first RA 5, authentication operation authenticates said chip card; (I:\DAYLIB\LBL]256.doc:dcm after said first authentication operation, subjecting said chip card to a further authentication operation if said first authentication operation authenticates said chip card and a money value has been deducted from a chip card money value contained in a money value counter of said chip card at least once since said first authentication operation, wherein said further authentication operation determines whether and by what amount said chip card money value was reduced; increasing a money value contained in a charging meter of said evaluation unit by an amount equal to said money value deducted from said chip card money value if said further authentication operation authenticates said amount by which said chip card money value was reduced; during each said authentication operation, producing on said chip card an actual value answer signal by means of a corresponding random signal with a respective authentication operation, wherein said random signal is supplied by said evaluation unit and said actual value answer signal is not only a function of said corresponding random 15 signal but is also a function inter alia, entirely or partially, of said image of said chip card, wherein said image comprises: identification details of said chip card; said chip card money value; said chip card code key; and an algorithm of said chip card; during each said authentication operation, said actual value answer signal is compared to a corresponding reference answer signal which is produced within said evaluation unit using said corresponding random signal in a similar manner as said actual value answer signal; during each one of said authentication operations, a respective state value of said switching arrangement which is precisely present at the beginning of said authentication operation is also taken into account in producing both said reference value answer signal 25 and said actual value answer signal, so that said reference value answer signal and said actual value answer signal are also a function of said state value, wherein said first state is in each case a defined initial state assumed by said switching arrangement after each switching-on of a chip card power supply, wherein said second state is assumed by said switching arrangement after a triggering of said first authentication operation and is produced on said chip card following receipt of a corresponding first random signal associated with said first authentication operation if said switching arrangement is in said first state, wherein said third state is assumed by said switching arrangement after a first reduction has occurred in said chip card money value, wherein said first reduction is effected on said chip card if said switching arrangement is in said second state; and vherein said fourth state is assumed by said switching arrangement after a triggering of A' [I:\DAYLIB\LIBL]256.doc:dcm said further authentication operation and is produced on said chip card at the end of a further corresponding random signal associated with said further authentication operation if said switching arrangement is in said third state.
Brief Description of the Drawings An embodiment of the invention is illustrated in the drawing and described in greater detail hereinafter. In the drawing: Figure 1 shows a basic circuit diagram of an evaluation unit of an automatic vending machine, into the card slot of which a chip card fits.
Figure 2 shows a circuit diagram of a possible arrangement for producing an answer signal triggered by a random signal, and Figure 3 shows a basic circuit diagram of a switching arrangement having four states.
Detailed Description including Best Mode As already mentioned the automatic vending machines are preferably automatic i" article or service vending machines, the latter preferably being telephone stations. The
I
automatic vending machines include an evaluation unit 1 which in turn has a terminal 2, a 4444 security module SM and a power supply 3 for supplying the electronic circuits both of the 4444 20 evaluation unit 1 and also a chip card 4 if the latter is inserted into a card slot of the automatic vending machine (see Figure The security module includes a charging meter 5 for the accumulation of charge amounts which an operator of the automatic vending machine can bill to a seller or reseller of the chip cards. The power supply 3 supplies the security module SM and the chip card 4 with power as indicated at 6 and 7 o 25 respectively by way of the terminal 2 which can switch the power supply of the chip card ooeoo on and off. Items of information 8 or 9 are transmitted in both transmission directions between the terminal 2 and the security module SM and between the terminal 2 and the 44444.
S* chip card 4 respectively. Provided on each of the chip cards 4 is a money value counter 4a and a switching arrangement 4b ("state machine"). In addition, on each of the chip cards 4 there is preferably also a power supply switch-on counter 4c which in principle counts the number of power supply switch-on operations for the chip card 4, to which the chip card 4 had been exposed since it was first brought into operation (count value x 0) up to the respective moment in question (count value x).
A respective cryptographic arrangement is provided on the chip card 4 and in the security module SM to produce an answer signal 10 by means of a random signal 11. The [I:\DAYLIBLIBL]256.doc:dcm random signal 11 is preferably a random bit sequence. The cryptographic arrangement is any of the many known arrangements of this kind, of which a possible arrangement is shown in Figure 2. It includes a gating switching arrangement 12 for producing a call-up signal 13 which is a function of the random signal 11, identification details 14 of the chip card 2 and money value details 15. On the chip card 4 the money value details correspond to the money value contained in the money value counter 4a. The details 14 and 15 are passed to first and second inputs respectively of the switching arrangement 12 while the random signal 11, coming from the security module SM by way of the terminal 2, feeds a third input of the switching arrangement 12. The call-up signal 13 at the output of the switching arrangement 12 is a serial input signal of a shift register 16 which is provided with feedbacks and which with its feedbacks represents an algorithm. A chip card code key is stored in the shift register 16 at the beginning of each authentication operation. An output signal produced at a serial output of the shift register 16 is the answer signal 10 of the shift register 16 to the call-up signal 13. It is a function of the code key, the algorithm and the call-up signal 13 and it is thus also a function of the random signal 11, the identification details 14 and the money value details 15. The chip card code key, the algorithm and the details 14 and 15 together represent an image of the known chip card 4. Further details in this respect are to be found in EP 0 616 429 Al and EP 0 624 839 A1.
The switching arrangement or "state machine" 4b has at least four states (see *Figure 3) which are for example consecutively numbered from zero to three. The consecutive serial numbers are for example 2 bit binary numbers which are stored on the chip card 4 in two storage cells of a RAM (Random Access Memory), that is to say a write/read memory. It is therefore assumed hereinafter that the switching arrangement 4b 25 has at least a first state 00, a second state 10, a third state 11 and a fourth state 01 which
*SSS,~
are all four passed through in the specified sequence during an operating procedure. In the authentication operations AUTo to AUTn+m in accordance with the invention a respective ooSstate value of the switching arrangement 4b, which is just exactly present at the commencement thereof, is also taken into consideration in the procedure for the production of reference value and actual value answer signals so that the two latter are each also a respective function of said state value. The first state 00 is in each case a defined initial or starting state of the switching arrangement 4b, which is assumed by the latter after each switch-on operation P0n of the chip card power supply 3. The second state 10 is that which is assumed by the switching arrangement 4b after triggering of a Sfirst authentication operation AUTo and is produced on the chip card 4 at the end of a first _J [I:\DAYIB\LBL]256.doc:dcm [I:\DAYLB3\LfBL]256.doc:dcm random signal associated with the first authentication operation AUTo when the switching arrangement 4b is in the first state 00. In the second state 10 without changes in state of the switching arrangement 4b additional authentication operations AUT, to AUTn.
1 can optionally also be initiated by the evaluation unit 1, utilising the same chip card money value as in the first authentication operation AUTo. The third state 11 is that which is assumed by the switching arrangement 4b after a first reduction AGW 0 of the chip card money value, wherein the first reduction AGW 0 is implemented on the chip card 4 when the switching arrangement 4b is in the second state 10. In the third state 11 without changes in the state of the switching arrangement 4b additional reductions AGW 1 to AGWk in the chip card money value can optionally also be implemented by the evaluation unit 1. The fourth state 01 is that which is assumed by the switching arrangement 4b after triggering of a further authentication operation AUTn and is produced on the chip card 4 at the end of a further random signal associated with the further authentication operation AUTn, when the switching arrangement 4b is in the third state 11. If a still further reduction AGWk+l in the chip card money value is implemented by the evaluation unit 1 in the fourth state 01, the switching arrangement 4b again previously adopts the third state 11.
When a power supply switch-on counter 4c is provided, the count value x thereof is incremented by a given predetermined value, preferably one, after the chip card feed is switched on at each occasion at the beginning of the first subsequent authentication operation AUTo or shortly before the triggering thereof. It is assumed hereinafter that the incrementation is effected in each case by the value one. Then, in each of the authentication operations AUTo to AUTn+m the respective count value x+l which applies at that time is also taken into consideration in the operation for producing the associated 25 reference value and actual value answer signals so that the latter two are each also a S: function of the applicable count value x+l. The power supply switch-on counter 4c comprises for example a 16 bit EZPROM ("Electrical Erasable Programmable Read Only S Memory"). The non-decrementable power supply switch-on counter 4c then counts to a maximum value of 216 65,536.
The method according to the invention includes the following time procedure: If in a use the synchronously operated chip card 4 has been inserted as a cashless payment means into the card slot of an automatic sales machine the terminal 2 switches on the power supply for the chip card 4, which causes resetting to zero of the NTc7; RAM of the chip card 4 and therewith also resetting of the two storage cells storing the 2 [I:\DAYL1B\L1BL256.doc:dcm bit binary number which represents the state of the switching arrangement 4b. In other words the latter assumes the state 00 on the chip card 4.
The terminal 2 then reads an image of the chip card 4, that is to say its identification details 14, its chip card money value which is stored in the money value 4a at that time (that is to say the money value details 15) and, if present, the count value x of the power supply switch-on counter 4c, and it transmits that image with an initiation signal "INIT_AUT" to the security module SM. The same algorithm is present in the latter as on the chip card 4. The security module SM derives the chip card code key from the received identification details 14.
After reading of the image of the chip card 4 by the evaluation unit and its transmission to the security module SM and after derivation of the chip card code key from the received identification details 14, which is implemented in the evaluation unit 1 the chip card 4 is subjected at the beginning of a use to a first authentication operation AUTo which is triggered by means of the initiation signal "INIT_AUT", for the purposes of establishing card authenticity.
In other words: reception of the initiation signal "INIT AUT" in the security module SM has therein the consequence that the instantaneous state YY of the switching arrangement 4b is assumed by the security module SM to be equal to 00, that the count 20 value x is changed to x+l and a first random signal is produced, which latter is serially passed by way of the terminal 2 to the chip card 4. In addition, a first reference value answer signal is produced in the security module SM by means of the first random signal, the identification details 14, the chip card money value, the algorithm, the chip card code key and the value x+l and YY 00.
25 With the reception for example of a first pulse of the first random signal the S• count value of the power supply switch-on counter 4c on the chip card 4 is incremented by a value of one so that its new value is x+l.
:In the same or a similar manner to the way in which the first reference value answer signal is produced in the security module SM, an actual value answer signal is produced on the chip card 4 by means of the first random signal, and is passed by way of the terminal 2 to the security module SM. Just like the reference value answer signal the actual value answer signal is a function of the first random signal, the identification details 14, the chip card money value, the algorithm, the chip card code key and the values x 1 and YY 00. A for example last pulse of the actual value answer signal causes YY to assume on the chip card 4 the value [I:\DAYLB\LBL]256.doc:dcm The reference value and actual value answer signals are compared together in the security module SM. In the event of card authenticity both answer signals are the same and YY also assumes the value 10 in the security module SM.
In the state 10 the terminal 2 of the evaluation unit 1 can also trigger and implement any desired number of further authentication operations AUT 1 to AUTn-1. The values x+l and YY 10 remain unchanged during those further authentication operations.
In the event of card authenticity which is recognised on the occasion of the last of the authentication operations performed the terminal 2 causes debiting of the money value AGW 0 of the sold article or service in the money value counter 4a of the chip card 4. Its original money value is thus reduced by the money value AGW 0 The switching arrangement 4b on the chip card 4 then assumes the state 11.
In practice it can happen that in the state YY 11 of the switching arrangement 4b, a plurality of money value debits AGWI to AGWk in respect of sold articles or services are effected in quick succession before a next authentication operation is triggered.
In the event of recognised card authenticity and after at least one reduction
AGW
1 to AGWk, caused by purchase of an article or service, in respect of the chip card money value contained in the money value counter 4a of the chip card 4, the chip card 4 20 is subjected to a further authentication operation AUTn for the purposes of establishing whether and by what amount the chip card money value was reduced. For that purpose the terminal 2 reads the new chip card money value contained in the money value counter Ca 4a and transmits it with an initiation signal "increase content of the charging meter 5" to the security module SM in which YY now assumes the state value 11.
S 25 This further authentication operation is effected in the same or a similar manner o° to the first, that is to say a further random signal is produced in the security module SM and transmitted by way of the terminal 2 to the chip card 4. By means of this last random oo signal, a reference value and actual value analog signal respectively is again produced in the security module SM and on the chip card 4, both of which signals this time are a function of the new random signal, the identification details 14, the new chip card money value, the algorithm, the chip card code key and the values x 1 and YY 11.
The new actual value answer signal is passed by way of the terminal 2 to the security module SM where it is compared to the new reference value answer signal produced therein. The for example last pulse of the new actual value answer signal 3 provides on the chip card 4 that the switching arrangement 4b assumes the state YY 01.
)[I:\DAYLIB\LIBL]256.doc:dcm In the event of identity of the two answer signals, in the security module SM of the evaluation unit 1 a money value contained in the charging meter 5 is increased by the same amount as that by which the chip card money value contained in the money value counter 4a of the chip card 4 was reduced.
In the state YY 01 of the switching arrangement 4b further money value debits AGWk+l to AGWk+m are possible and can be implemented by the terminal 2 if additional articles or services are purchased by the user of the chip card 4. In that case the money value debits occur with previous resetting of the switching arrangement 4b from the state YY 01 into the state Y 11. Once the switching arrangement has reached the state 01, therefore without previous money value debit no authentication and thus no increase in the content of the charging meter 5 is then possible. If the power supply is taken from the chip card 4 ("Poweroff") the RAM of the chip card 4 and thus also the two memory cells thereof, in which the value of YY is stored, lose its or their value.
The next time that the power supply for the chip card 4 is switched on again, the above-described cycle begins afresh.
To sum up it should once again be noted that in all authentication operations AUTo to AUTn+m an actual value answer signal is produced in each case by means of a random signal which is associated with the authorisation operation in question and which is supplied by the evaluation unit 1, on the chip card 4, and that actual value answer 0090 20 signal, besides a function of the random signal in question, is also a function inter alia, .entirely or partially, of the chip card identification details 14, the chip card money value which is respectively still contained in the money value counter 4a of the chip card, the chip card code key and the algorithm of the chip card 4, which all four are a part of the image thereof, to which moreover the state YY of the switching arrangement 4b and, if 25 present, the count value x, also belong. The actual value answer signal is thus also a o °function of the last two. During the authentication operations AUTo to AUTn+n, the S° respective actual value answer signal is compared to a reference value answer signal o produced in a similar manner in the evaluation unit 1 by the same random signal.
If the terminal 2 seeks to increase again the content of the charging counter 5 in an improper manner without having debited the chip card money value of the chip card 4, in the security module YY will assume the value 11 while YY on the chip card 4 retains the value 01. The reference value and the actual value of the answer signal would not be the same. Likewise if the terminal 2 switches the power supply of the chip card 4 off and then on again in an improper manner, the subsequent authentication operation will t' increment the count value x of the power supply switch-on counter 4c so that the values [I:\DAYLB\LIBL]256.doc:dcm of x in the reference value and actual value answer signals and therewith also those two answer signals are no longer the same. Correct functioning of the respective cycle is therefore guaranteed only so long as the switching arrangement 4b and, if present, the power supply switch-on counter 4c each involve a correct value on the occasion of the authentication operations being initiated. An increase in the charging meters 5 of a plurality of security modules SM with the same chip card 4 is for example no longer possible so that this prevents abuse which is related thereto.
Industrial Applicability It is apparent from the above that the embodiment of the invention is applicable to the chip card industry.
The foregoing describes only one embodiment of the present invention, and modifications and/or changes can be made thereto without departing from the scope and spirit of the invention as being illustrative and not restrictive.
In the context of this specification, the word "comprising" means "including principally but not necessarily solely" or "having" or "including" and not "consisting only of'. Variations of the word comprising, such as "comprise" and "comprises" have corresponding meanings.
oooe a [I:\DAYL1B\LBL]256.doc:dcm
Claims (8)
1. A method of using a synchronously operated chip card as a cash-less payment means in an automatic vending machine, wherein said chip card is provided with a switching arrangement having at least a first, second, third and fourth state, said method comprising the steps of: reading an image of said chip card by an evaluation unit; deriving a chip card code key in said evaluation unit; subjecting said chip card to a first authentication operation, wherein said first authentication operation authenticates said chip card; after said first authentication operation, subjecting said chip card to a further authentication operation if said first authentication operation authenticates said chip card and a money value has been deducted from a chip card money value contained in a money value counter of said chip card at least once since said first authentication operation, wherein said further authentication operation determines whether and by what amount said chip card money value was reduced; increasing a money value contained in a charging meter of said evaluation unit by an amount equal to said money value deducted from said chip card money value if said 4• further authentication operation authenticates said amount by which said chip card money 0I0 20 value was reduced; during each said authentication operation, producing on said chip card an actual value answer signal by means of a corresponding random signal with a respective authentication operation, wherein said random signal is supplied by said evaluation unit and said actual value answer signal is not only a function of said corresponding random 25 signal but is also a function inter alia, entirely or partially, of said image of said chip card, ,0 wherein said image comprises: identification details of said chip card; said chip card money value; said chip card code key; and an algorithm of said chip card; S-during each said authentication operation, said actual value answer signal is compared to a corresponding reference answer signal which is produced within said evaluation unit using said corresponding random signal in a similar manner as said actual value answer signal; during each one of said authentication operations, a respective state value of said switching arrangement which is precisely present at the beginning of said authentication operation is also taken into account in producing both said reference value answer signal 7$ 5) >and said actual value answer signal, so that said reference value answer signal and said i< ,[I:\DAYLIB\LIBL]256.doc:dcm -11- actual value answer signal are also a function of said state value, wherein said first state is in each case a defined initial state assumed by said switching arrangement after each switching-on of a chip card power supply, wherein said second state is assumed by said switching arrangement after a triggering of said first authentication operation and is produced on said chip card following receipt of a corresponding first random signal associated with said first authentication operation if said switching arrangement is in said first state, wherein said third state is assumed by said switching arrangement after a first reduction has occurred in said chip card money value, wherein said first reduction is effected on said chip card if said switching arrangement is in said second state; and wherein said fourth state is assumed by said switching arrangement after a triggering of said further authentication operation and is produced on said chip card at the end of a further corresponding random signal associated with said further authentication operation if said switching arrangement is in said third state.
2. A method according to claim 1, wherein that in said second state, without changes in state of said switching arrangement, additional authentication operations are initiated by said evaluation unit, utilising said chip card money value as in said first authentication operation. 20
3. A method according to either claim 1 or 2, wherein that in said third state, without changes in state of said switching arrangement, additional reductions in said i chip card money value are also implemented by said evaluation unit.
4. A method according to any one of claims 1 to 3, wherein that if a further 25 reduction of said chip card money value is implemented by said evaluation unit in said fourth state, said switching arrangement again assumes said third state. '0
5. A method according to any one of claims 1 to 4, wherein provided on said chip o'i card is a power supply switch-on counter, said power supply switch-on counter contains a count value, said count value is incremented by a constant value after said chip card power supply is switched on at the beginning of said first authentication operation on said chip card or shortly before triggering thereof on said chip card, and in each said authentication operation an applicable count value is also taken into account in producing said reference value answer signal and said actual value answer signal, so said reference [I:\DAYLIB\LIBL]256.doc:dcm -12- value answer signal and said actual value answer signal are also a function of said applicable count value.
6. A method according to any one of claims 1 to 5, wherein said automatic vending machines are automatic article or service vending machines.
7. A method according to claim 6, wherein said automatic service vending machines are telephone stations.
8. A method of using a synchronously operated chip card as a cash-less payment means in an automatic vending machine, said method being substantially as herein described with reference to the drawings. DATED this tenth Day of November 1999 Landis Gyr Technology Innovation AG Patent Attorneys for the Applicant SPRUSON FERGUSON V. V V V V V.. V.. V AVA. V V V V V V *VVV..~ a. [I:\DAYLIB\LIBL]256.doc:dcm
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CH3452/95 | 1995-12-07 | ||
CH345295A CH689813A5 (en) | 1995-12-07 | 1995-12-07 | Process at a use of synchronously operated smart card. |
PCT/EP1996/005341 WO1997021198A1 (en) | 1995-12-07 | 1996-12-02 | Method of using synchronously operated chip cards |
Publications (2)
Publication Number | Publication Date |
---|---|
AU1096497A AU1096497A (en) | 1997-06-27 |
AU716546B2 true AU716546B2 (en) | 2000-02-24 |
Family
ID=4256259
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
AU10964/97A Ceased AU716546B2 (en) | 1995-12-07 | 1996-12-02 | Method when using synchronously operated chip cards |
Country Status (5)
Country | Link |
---|---|
EP (1) | EP0865643B1 (en) |
AU (1) | AU716546B2 (en) |
CH (1) | CH689813A5 (en) |
DE (1) | DE59602905D1 (en) |
WO (1) | WO1997021198A1 (en) |
Families Citing this family (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
UA62003C2 (en) | 1998-09-30 | 2003-12-15 | Infineon Technologies Ag | Data processor and the method for the authentication of data in a nonvolatile memory unit |
FR2807249B1 (en) * | 2000-03-30 | 2006-01-20 | Ascom Monetel Sa | METHOD FOR AUTHENTICATING CHIP CARDS |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO1989002140A1 (en) * | 1987-08-28 | 1989-03-09 | Mars Incorporated | Data carrying devices |
EP0570924A2 (en) * | 1992-05-20 | 1993-11-24 | Siemens Aktiengesellschaft | Authentication method of one system-participant by another system-participant in an information transfer system composed of a terminal and of a portable data carrier |
EP0607950A2 (en) * | 1993-01-19 | 1994-07-27 | Siemens Aktiengesellschaft | Method and data carrier for checking the authenticity of chip memories |
Family Cites Families (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
ES2119832T3 (en) * | 1992-05-20 | 1998-10-16 | Siemens Ag | PROCEDURE AND PROVISION OF DATA SUPPORT FOR THE AUTHENTICATION OF MEMORY CHIPS. |
FR2704081B1 (en) * | 1993-04-16 | 1995-05-19 | France Telecom | Method for updating a memory card and memory card for implementing this method. |
-
1995
- 1995-12-07 CH CH345295A patent/CH689813A5/en not_active IP Right Cessation
-
1996
- 1996-12-02 DE DE59602905T patent/DE59602905D1/en not_active Expired - Fee Related
- 1996-12-02 WO PCT/EP1996/005341 patent/WO1997021198A1/en active IP Right Grant
- 1996-12-02 AU AU10964/97A patent/AU716546B2/en not_active Ceased
- 1996-12-02 EP EP96941638A patent/EP0865643B1/en not_active Expired - Lifetime
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO1989002140A1 (en) * | 1987-08-28 | 1989-03-09 | Mars Incorporated | Data carrying devices |
EP0570924A2 (en) * | 1992-05-20 | 1993-11-24 | Siemens Aktiengesellschaft | Authentication method of one system-participant by another system-participant in an information transfer system composed of a terminal and of a portable data carrier |
EP0607950A2 (en) * | 1993-01-19 | 1994-07-27 | Siemens Aktiengesellschaft | Method and data carrier for checking the authenticity of chip memories |
Also Published As
Publication number | Publication date |
---|---|
DE59602905D1 (en) | 1999-09-30 |
EP0865643A1 (en) | 1998-09-23 |
EP0865643B1 (en) | 1999-08-25 |
CH689813A5 (en) | 1999-11-30 |
WO1997021198A1 (en) | 1997-06-12 |
AU1096497A (en) | 1997-06-27 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN1121020C (en) | Method for protectedly debiting electronic payment means | |
US5914471A (en) | Method and apparatus for recording usage data of card operated devices | |
CN1134749C (en) | Method of debiting an electronic payment means | |
US4450535A (en) | System and method for authorizing access to an article distribution or service acquisition machine | |
US5915226A (en) | Prepaid smart card in a GSM based wireless telephone network and method for operating prepaid cards | |
US4910775A (en) | Portable electronic device for use in conjunction with a screen | |
KR100420600B1 (en) | METHOD FOR PROCESSING EMV PAYMENT BY USING IrFM | |
RU2134904C1 (en) | Data transmission system with terminal and portable data medium; method for recharging portable data medium by means of terminal | |
US6003764A (en) | Method of securely storing and retrieving monetary data | |
WO1996036026A1 (en) | Method for effecting an electronic payment transaction | |
CA2252258A1 (en) | Pricing control system for multi-operation vending machines | |
AU716546B2 (en) | Method when using synchronously operated chip cards | |
US6152367A (en) | Wired logic microcircuit and authentication method having protection against fraudulent detection of a user secret code during authentication | |
AU703043B2 (en) | Method when using synchronously operated chip cards | |
WO1997046983A2 (en) | Method and device for loading input data into an algorithm during authentication | |
AU704773B2 (en) | Method of authenticity checking of a prepaid payment means used in a transaction | |
JPH09319845A (en) | Key data setting method of ic card system | |
DE69526300T2 (en) | Circuit and how it works | |
AU722824B2 (en) | Method of securely storing and retrieving monetary data | |
CA2244126C (en) | Procedure and device for loading input data into an algorithm during authentication | |
MXPA98004542A (en) | Method to load an electronic payment to an account | |
CZ16897A3 (en) | Process and apparatus for paying from chip cards with stock exchange functions |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
FGA | Letters patent sealed or granted (standard patent) | ||
PC | Assignment registered |
Owner name: IPM INTERNATIONAL S.A. Free format text: FORMER OWNER WAS: IP-TPG HOLDCO S.A.R.L. |