CH619551A5 - Method for obtaining a high degree of protection against falsification of a card which bears permanent and variable, machine-readable information - Google Patents

Description

619 551

PATENT CLAIMS

1. A method for achieving a high level of security against forgery in the case of a card (1) which carries machine-readable information and on which one piece of information (IU) and another piece of information (IM) is stored in a changeable manner, 5 characterized in that the changeable information hereinafter referred to as authenticity information (IAi) during the creation of the card by encryption using at least selected parts of the permanent information (IU) present on the card and a secret key information (IE,) and stored on 10 of the card (1) and that when the Using the same selected parts of the permanent information (IU) and the secret key information (IEj), test information (IA,) is formed and checked for agreement with the authenticity information stored on the card.

2. The method according to claim 1, characterized in that

that additional information (IV), which is essentially different for each formation, is used to form the authenticity information and is stored unencrypted, preferably according to the same physical principle as the authenticity information (IA,), on the card (1) and that during the test the card, the additional information stored thereon together with at least the selected parts of the permanent information and the secret key information is used to form the test information.

3. The method according to claim 2, characterized in

that when creating and checking the card from the secret key information (IEt) and at least the additional information (IV) a selection information (IA2) 3 is formed by encryption, on the basis of which the parts of the permanent information (IV) to be used for the encryption are selected .

4. The method according to any one of the preceding claims, characterized in that a personal secret information (IE4) of the card user is additionally used to form the authenticity information (IA () and the test information (IA [)) (FIG. 9).

5. The method according to any one of the preceding claims, characterized in that additional data information 40 (IDj) is encrypted by means of the authenticity information (IA [) and stored in encrypted form and preferably on the card according to the same physical principle as the authenticity information and that during the check the card the additional data information (ID2) is recovered by deciphering it with the authenticity information (IA [) in an unencrypted form (FIG. 9).

6. The method according to any one of the preceding claims, characterized in that each time the card (1) is checked

a part of the permanent information (IU) is irreversibly deleted 50 and the deletion information (IL) resulting from the deletion state of the permanent information is also used to form the authenticity information (IAj) and the test information (IAt).

7. The method according to claim 2, characterized in that a sequence number changing during each test process is used as additional information (IV).

8. The method according to claim 2, characterized in

that date and / or time is used as additional information (IV). so

9. The method according to claim 2, characterized in

that random information is used as additional information (IV).

10. The method according to any one of the preceding claims, 65 characterized in that a predetermined part of the permanent information (IU) as e.g. identification information (IDu) containing the identity of the card user is used.

11. The method according to any one of the preceding claims, characterized in that certain parts of the permanent information (IU) are used as identification information by the authenticity or test information.

12. The method according to any one of the preceding claims, characterized in that the permanent information (IU) on the card (1) by the spatial arrangement of a plurality of embedded in the card, the mechanical scanning not accessible optical reflection surfaces (Rt-Rn, RZ ) is shown and all other information is stored on a magnetic track (2) (Fig. 9).

13. The method according to claims 3 and 12, characterized in that groups of reflective surfaces (Rp-Rn) are combined in reflex zones (RZ) and that at least one of these reflex zones (RZ) is selected by the selection information (IA2) for the encryption.

14. Device for carrying out the method according to claim 1, with cards that carry two machine-readable information, the one information (IU) is permanently and the other information (IM) stored changeable, and with a creation and testing station for the cards (1) which station has first means (67) for reading the permanent information, second means (3) for reading the changeably stored information and writing means (3) for changeably storing information on the cards, and one with the two reading means (67, 3) and the writing means (3) interacting evaluation stage (52), characterized in that the evaluation stage (52) has a memory

(17) for secret key information, a decision stage (18) and a encryption generator (16), which contains a first one from the secret key information stored in the memory (17) and the permanent information read from the cards by the first reading means (67) Output information that generates the decision level

(18) when checking a card, checks the first output information as test information for correspondence with the changeable information read by the second card (3) from the card in question as authenticity information, and that the writing means (3) checks the first output information when a card is created save as authenticity information on the respective card.

15. Device according to claim 14, characterized in that the evaluation stage (52) comprises a generator (26) connected to the encryption generator (16) for generating additional information that changes from test to test, that writing means (3) for storing this additional information the cards are provided that reading means (3) are provided which read the additional information from the cards, and that the encryption generator generates the first output information from the key information, the permanent information and the additional information (FIG. 9).

16. The device according to claim 15, characterized in that the writing means for changeably storing information and the writing means for storing the additional information are formed by one and the same writing means (3) and that the reading means for the changeably stored information and the reading means for the additional information are formed by one and the same reading means (3) (Fig. 9).

17. Device according to one of claims 14-16, characterized in that means (25) connected to the encryption generator (16) are provided for inputting a memory information into the encryption generator and that the encryption generator also takes this memory information into account when generating the first output information.

18. Device according to claim 15, characterized in that means (67) for selecting parts of the permanent information stored on the cards are provided that

3rd

619 551

the cipher generator uses the additional information and the cardholder to generate secret key information, second key information, and secret key information into the keypad of the test station from the additional information and during the test process, on the basis of which the selection means select the parts of the information entered and, on correspondence with the card information, select permanent information (Fig. 9). is checked.

19. Device according to one of claims 15-18, thereby 5 The disadvantages here are that, on the one hand, the system is only characterized in that the creation and testing station is tamper-proof, as long as the secret code number does not contain the input and output level (32b) Data information, one of ten, and further that this identification number of this and the encryption generator (16) controlled encryption key is to be entered with each identification.

mixer (27), which the data information by means of the first In another known method to achieve

Initial information is encrypted, writing means (3) for the protection against forgery of such cards, such as

The encrypted data information on the cards, as described in CH Patent 554 574, is saved on a con

means (3) for reading the conventional recordable and erasable information track of the frozen data information stored on the cards and one of these reading means (3) card, for example a magnetic track which can be varied slightly

and the encryption generator controlled and to the input and bare main information and stored in another

Output stage connected decryption mixer (28) contains, 15 card part is the difficult to counterfeit, fixed and individual which the encrypted Da identification or authenticity information read from these readers in another,

ten information stored using the first output information difficult to copy storage. This identification

decrypted and passed on to the input and output stage (Fig. cation information is also stored in the magnetic track

9). and during the test process for compliance with

20. The device according to claim 19, characterized in that the information which is difficult to forge is checked. Although it does not mean that the reading means for the changeably stored information, additional storage of the individual identification information and the reading means for the encrypted data information are formed in a different coding than that of the difficult-to-counterfeit by one and the same reading means (3) and that information takes place or in the main information entered

the writing means for changeably storing information boxes can be, there is a fixed and recognizable function and the writing means for storing the encrypted correspondence between that in the information track and that in

Data information stored by one and the same writing means (3) of the information that is difficult to copy

are formed (Fig. 9). mation, and counterfeit security is only guaranteed to a limited extent

21. Device according to one of claims 14-20, thereby stet.

characterized in that the creation and testing station is an object of the invention to improve a method in such a way

selection stage (32a), the parts of the permanent informers that it has the disadvantages of the known methods mentioned as e.g. avoids the identity of the card user. This object is achieved by the in claim 1

Selects identification information. listed measures solved.

22. Device according to one of claims 14-21, characterized in the case of the method according to the invention, the case marked that the creation and testing station provides a reliable information or selected parts thereof, the erase head (11) and positioning means (32a) for the erase head 35 can be varied easily Information by means of crypto-technical (11) has the parts selected each time a card is checked, so that correspondence between the two pieces of information of the permanently stored card information is irreversibly undetectable and delete the easily variable information (FIG. 9). is just as forgery-proof as the information that is difficult to copy.

40 By cryptotechnical selection of small parts of the

T,, ",. "_ Counterfeit-proof information can be counterfeit-proof

Cards of this type are used for machine per- as well as bd use of the entire counterfeiting

identification by credit card, ID card or other information.

for withdrawing money from ATMs and the- In a particularly effective embodiment of the comparison. Most of the time. In a prestation during a 45 drive, the type of encryption is changed with each new test procedure îe c ei er ar eu origin, such that no correspondence between the two. From a good card, a high level of security against counterfeiting, various types of information stored on the card that means security against copying by unauthorized persons, recognizable is required, for example, to allow access to the room by computing. ",, • ,, ... ......

° ',,, ... T The invention also relates to a device for performing

or to prevent unauthorized withdrawals. In, n, c, D,. , ... ..

, 6, ^ _, .... r—. I. • 1- t. u. j j, tion of the procedure. In the known systems, the device according to the invention is often counterfeit-proof i. 00 0

• j rr. t. • • j ■ <. 1 <. • i- f— ■. ». Claim 14 defined.

achieves that cards are difficult and only with expensive

are producible, which are only in the mass production of the following. The invention based on the in the figures

Maps are economical, and copies of individual examples shown are explained in more detail.

are far too expensive. Most of these systems have 55 It shows:

the information stored in the cards cannot be changed. 1a and 1b show a schematic diagram of a map in perspective

has the following two disadvantages. First, a shear presentation (la) and under supervision (lb),

User organization of the identification system the cards Fig. 2. a basic arrangement for carrying out the already encoded refer to the manufacturer and can process itself,

do not recode. Secondly, variable data such as the account 60 is an enlarged partial section from FIG.

a cash withdrawal account or the time balance for flextime. Fig. 4 a section according to section line IV + IV from systems cannot be saved on the card. Figure 3,

5 is a lower half from FIG. 4,

mation in a magnetic track easily writable, readable and Fig. 6 contains a detail from Figure 4 with a scanning device erasable. Recoding by the user 65 Fig. 7 and 8 another embodiment in elevation and

Organization is easy, but the counterfeit-proof floor plan and the card itself are very small. 9 is a detailed exemplary embodiment for carrying out

increases that for identification in addition to the card information of the procedure.

619 551

4th

On a card 1, which can serve, for example, as a personal credit card, a magnetic track 2 is applied, on which information is recorded by means of a magnetic head 3 or from which information can be read by means of the same head 3. Furthermore, the card receives a field RF with a 5 number of storage locations RZ, which contain counterfeit-proof information IU. This latter information can be scanned with a scanning head 67.

In the block diagram of FIG. 2, an identification card for carrying out the method according to the invention is drawn schematically, the storage locations RZ being arranged in rows and columns of an X-Y coordinate system in this exemplary embodiment. As an example, there are ten rows Y [to YI () and twenty columns X! up to X20 of storage locations RZ, totaling 200 storage locations. Each storage location can e.g. Contain IO6 bit information, in which case the total counterfeit-proof information of the card according to this exemplary embodiment would be 2 · IO8 bit. The storage locations RZ can be designed according to FIGS. 3 to 5. The scanning head 67 for scanning the memory locations RZ 20 can be controlled with control information IS via a line 50 such that the information of each individual memory location can be scanned.

The scanning head can e.g. in the Y direction, driven by a stepper motor to be able to select the row, while the column selection is made in a time window during the card pass through the test station in the X direction.

Both row and column selection is controlled by the control information IS.

In Figure 2, all information flows are marked with arrows 111. At a cipher computer 16 provided in a test station 52, at least the secret key information IE [taken from a secret key memory 17] and at least parts of the forgery-proof information IU are available as input information IE2 as input information.

With this input information, the output information IAt is calculated, which is stored directly or indirectly via a mixer and comparator circuit 18 as magnetic information IM by means of the magnetic head 3 on the magnetic track 2 40. As a result of the encryption, it is practically impossible to draw conclusions from the magnetically stored information IM about the tamper-proof information IU.

45

However, such conclusions are completely impossible if variable information IV, generated in a generator 26, is entered into the encryption computer 16 as additional input information IE3. The variable information changes with each test process, so that the output information IAj calculated in the encryption computer 16 and thus also the magnetically stored information IM is different again after each test process. The variable information IV is entered in a write phase of the test process on the one hand into the encryption computer as information IE3, where it also determines the output information 55 IAj, the latter being written on the magnetic track. On the other hand, the variable information IV is written directly onto the magnetic track via a line 51 and a further line 8. During the next test process, it is then read out with the magnetic head 3 in the read and test phase and used as input information IE3 of the encryption computer 16 to form the output information IA. These processes are described in detail below with reference to FIG. 9.

The variable information IV can be a consecutive sequence number, which is generated in the generator 26 and assumes a new value with each test process. The variable information IV can also be date-time information, which is then taken from an electronic clock of the generator 26. Furthermore, the variable information IV can be a random number, which is then extracted in a noise or random generator or a pseudo-random generator of the generator 26.

Each individual card can contain counterfeit-proof information that differs from all others. This achieves a very high level of security, since in this case a counterfeiter for every single card in an organization would have to spend a great deal of time copying.

For lower security requirements, however, the tamper-proof information can be the same for all cards with the exception of the card number, whereby the costs for card production are somewhat reduced. Security is guaranteed by the pseudo-random selection of certain parts of the forgery-proof information using an encryption computer. Part of the tamper-proof information IU can be identification information ID, j, that is to say, for example, an encoded card number which differs from card to card. This information can be checked in the control station 32 in a control part 32.

This identification information could, for example, consist of the information of a single one of the 200 memory locations RZ with IO6 bit, that is to say, for example, the memory location at the cross point X7, Y5 of FIG. 2.

To increase the security against counterfeiting, information selected with the scanning head 67 from the memory field RF could be used as additional identification information for this fixed identification information IDy, the control information IS for this selection being output information IA2 of the encryption computer 16, which is associated with the fixed identification information IDu Input information IE2 of the encryption computer 16 would be obtained.

A counterfeiter would therefore not only have to copy a single memory location RZ, but the entire card, since he does not know which memory location is selected by the encryption computer.

Much more counterfeit-proof information, namely, for example 2 • IO8 bit, can be applied to card 1 than can be processed within a useful period of time. Nevertheless, the full security offered by the large, entire amount of information can be exploited. For example, it can be used with the variable information IV as input information IE3 of the encryption computer 16, of course together with the secret key information IE1; an output information item IA2 is calculated which, by controlling the scanning head on one of the 200 memory locations RZ, selects part information of the counterfeit-proof information IU and makes it available as new input information item IE2 of the encryption computer for calculating the output information item IAt. This partial information can, for example, only be the content of a single storage location RZ selected in this way pseudorandomly, i.e. here about 0.5% of all counterfeit-proof information.

One only has to scan and process the information from a single storage location RZ, and yet the counterfeit security is practically as great as if all 200 storage locations were taken into account, since the counterfeiter does not know which storage location is "randomly" selected by the encryption computer.

FIG. 3 shows an enlarged partial section from the map 1 with only two partially sketched reflex zones RZ. These reflex zones RZ consist of a number of boundary surfaces Rn that run across the width B of the zones and are separated from one another by boundary edges K. So-called separation zones TZ are provided between the individual reflex zones RZ. The dimension of an interface Rn in the direction of arrow L can be, for example, 0.2 mm

5

619 551

, the width B across it is approx. 2 mm, so that the reflex zone with 10 interfaces forms a square of 2X2 mm2.

In the section through the card shown in FIG. 4, it is shown that the card essentially consists of an upper card layer 1 b made of plastic and a lower card layer 1 a made of a similar material. The latter is the carrier of the interfaces R with corresponding boundary edges K, which form the reflex zones RZ and are separated from one another by separation zones TZ. The lower card layer 1 a carries a magnetic track layer i 2 on its underside. The two card layers are firmly connected to one another. The upper card layer 1b must therefore either be a negative of the lower card layer la, or it must be applied to the lower card layer 1a in a plastic or liquid state without, however, changing the interface i s R.

The connection can be made, for example, by thermal ultrasonic welding at the separation zones TZ or by gluing the entire card area. The connection 0 of the two card layers must in any case be such that subsequent separation without damaging the interfaces cannot be achieved either mechanically or with solvents.

FIG. 5 shows a section along the line V — V through 25 the lower card layer 1 a (the upper card layer 1 b was not shown in this figure for the sake of clarity), which, as already mentioned, is divided into reflex zones RZ and separation zones TZ. The reflex zones in turn are equipped with a number of interfaces RI ... Rn, which have different angular positions, a2, a4, a5 and .an_ [, with respect to the plane of the map. The arrangement of the interfaces R usually differs from reflex zone to reflex zone. In the exemplary embodiment outlined, 10 interfaces with four possible angular positions are provided per reflex zone, which means that 35 410 = 106 different reflex zones are possible. Of course, the number of interfaces per reflex zone and also the number of different interfaces can deviate from this exemplary embodiment. The reflex zones RZ with the base areas R can be produced with an embossing die 40 by pressing them into the plastic in a plastic state or in a plastic injection molding process. In the exemplary embodiment, the upper side of the lower card layer is metallized, for example by vapor deposition or galvanically, so that the interfaces R are provided with a metal layer 1c reflecting the light. The metal layer is applied in the area of the separation zones TZ, so that a plastic layer ld is available in these zones and thus ensures a good connection between the two cards.

An exemplary embodiment of an optical scanning device of the card is shown schematically in FIG. The optical scanning device and also the read and write head 3 for scanning the magnetic track are installed in the test station, which passes through card 1 for testing in the direction of arrow L.

A light source 5, for example a LASER generator, supplies 55 a fine light beam 5a, which falls on the card and is reflected by the interfaces R [to R10. These interfaces can have, for example, four different angular positions a (FIG. 5), and the reflected light beam 5b can have four different angles <pt to cp4 60 to the incident light beam. A photodiode P [to P4 is present for each of these four directional angles. In the card position shown in FIG. 6, the light beam 5a strikes the reflecting interface R4 and is thrown as a reflected beam 5b onto the photodiode P2, which emits a photocurrent to the distributor circuit 7. When passing through the reflex zone RZ of FIG. 6 under the scanning light beam 5 a, corresponding to the angular positions of the interfaces R! to R10, through the four photodiodes Pt to P4 in sequence ten photocurrent signals to the distribution circuit 7, which are amplified in this and, for example, binary coded with a different 3-bit number per photodiode to the output 10 of the circuit 7 .

The counting start for the ten photocurrent signals is determined by the transition of the scanning light beam 5a from the separation zone TZ, where no photocurrent flows, to the first interface. The edges of the separation zones are diffusely reflective.

The four photodiodes P (to P4 with the light source 5 together form the photo-scanning system 6, which can also be adjusted transversely to the direction of the card, in order to be able to scan all of the areally arranged reflex zones, as already described above. The photo-scanning system 6 with the Distribution circuit 7 together form the scanning head 67, which scans the storage locations RZ of the forgery-proof information IU.

When using the card for cash dispensing by means of automatic cash dispensers, the current account balance is enciphered on the cards,

For all authorized cardholders who have a real and individual card and who also work with their individual memory key figure, there is the possibility of fraud despite all the counterfeit-proof methods described.

The authorized cardholder only has to copy the magnetically stored information, which also contains the current account balance, onto a tape before withdrawing money, then withdraw money at one of the machines, at the same time the new, reduced account balance is encrypted and written into the magnetic track. He can then overwrite this information with the tape copy, which still corresponds to the higher account balance, and withdraw money at a second machine and so on.

Of course, this could be prevented if an account amount only had to be obtained from a very specific machine, this machine number would act as further input information to the encryption computer. Or you could switch on a timeout between two withdrawals by means of the electronic clock, which supplies the date-time information as variable information, until the account balance has been communicated to all cash dispensers working offline.

However, all of this is cumbersome, and it is therefore proposed to obtain at least one counterfeit-proof control of the number of card checks after each individual card check.

According to FIGS. 7 and 8, this can be done in that the card material contains a thermally blackable substance, as is known from thermal printing. Controlled by an input 13, a pin IIa is heated in an erasing head 11 of a heating coil 12, which blackens the reflection zone underneath and thus erases it.

By controlling the input 13, the erase head 11 can be set to any desired reflex zone.

Individual reflex zones can also be extinguished by punching out, the erasing head 11 being replaced by a punching head.

The deleted reflex zones are also checked with the scanning head 67. In the case of 200 reflex zones, for example, 100 could be deleted, that is to say 100 card checks, until the card has to be replaced.

According to FIG. 9, the memory locations or reflex zones RZ of the counterfeit-proof information are deleted irreversibly with the delete head 11, starting in the bottom line YI; controlled by a first station 32a of the control part 32 with information IL via the input 13, a memory location RZ is deleted in each test process. The erase head 11 is in the storage location X9 of the line Yj.

619 551

During each test process, controlled by the first station 32a, the scanning head 67 will scan the line with the deleted memory locations and enter it as further input information into the encryption computer. In this way, the possibility of fraud described above is excluded, since the old magnetic track does not match the new information to be deleted.

In the method according to the invention, an essential part of the security against counterfeiting is that the selection of the counterfeit-proof information is determined by a secret key with an encryption computer.

This selection can be changed easily on the one hand by the variable information IV and on the other hand by changing the secret key.

The security against incorrect scanning of the card can be guaranteed by the known redundancy methods such as multiple storage, error-detecting or error-correcting codes, etc. Incorrect scanning of the optically scannable forgery-proof information due to contamination of a reflex zone RZ can be rendered ineffective by allowing the card to be scanned several times, with a new reflex zone RZ being selected by the encryption computer with each new scan due to the effect of the variable information.

Using FIG. 9, it will now be explained how the identification and the tamper-proof storage of variable data, for example amounts of money or time balances, can proceed. Only one example is described here, but the invention is by no means limited to this.

The example refers to a very high level of security against counterfeiting, and in many practical cases individual measures described can be omitted.

For the identification, a test process consists of an identification phase and a subsequent input phase. Although the test process begins with the identification phase, the input phase is described first.

A selection switch 30 is set in position a by the first station 32a by means of information IC. In addition to the secret key information IEj, which is always available, the following are entered on the encryption computer 16:

- The input information IE3 from the generator 26 for the variable information IV

- The secret, individual key figure or memory number from a keyboard 25.

The variable information IV is written as magnetic information IM by a write head 3a of the magnetic head onto the magnetic track. The information 10 from the first station 32a, as the information IS controlling the scanning head 67, causes the identification information IDu thereof to be part of the tamper-proof information IU (for example reflex zone RZ with crossing point X ,, Y2 in the field RF of the tamper-proof information) read and on the one hand it arrives in the first station 32a and on the other hand as input information IE2 on the encryption computer 16, in which together with the other input information an output information IA2 is calculated, which repositions the scanning head 67 as control information in position b of the selection switch 30 and pseudo-randomly. The rotary switch 30 is brought into position c and the partial information read by the scanning head 67 reaches the first station 32a on the one hand as further identification information IDu and on the other hand as further input information IE2 on the encryption computer in which the output information IAi is calculated and on the magnetic track as magnetic information IM is written.

In the identification phase, the switch position of the selection switch 30 is also initially at a. Using the keyboard 25, the individual characteristic number is input into the encryption computer 16 as input information IE4. From the magnetic track 2, the variable information written in the previous test process is read out as magnetic information IMb by means of a read head 3b of the magnetic head and is input into the encryption computer as input information IE3. The remaining processes until the output information IAi is generated are the same as in the input phase. Then, in position c of the selection switch 30, the output information IMb (authenticity information) magnetically stored in the previous test process is read out, put on a line 46 and compared in a comparator 29 with the output information IAt (test information) generated in the encryption computer during the identification phase. The result of the comparison is called identity or non-identity and is output as information ID3 at point 22. If identity is present and the identification information IDu 'n of the first station 32a has also been recognized as correct, the identification is also assessed as correct. In the first station 32a, the identification information IDu, which consists of a fixed part and a pseudo-randomly selected part of the counterfeit-proof information IU, is stored for all cardholders of the organization for the comparison.

The tamper-proof storage and modification of variable data, such as amounts of money or the like, on the identification card normally takes place after the identification processes of the checking process and likewise has two phases. During a writing phase, which takes place after the input phase, in position d of the selection switch 30, for example, the current account balance is sent as digital data from a second station 32b of the control part 32 in the form of an input / output device as information IDj Cipher mixer 27 of known type and mixed in this with the output information IAj created according to the methods described above for the cipher and fed via a line 48 as magnetic information IMa to the magnetic write head 3a and written as an encrypted account balance on the magnetic track.

During a reading phase of the test process, which takes place after the identification phase, in position d of the selection switch 30 the encrypted account balance written during the previous test process is read from the magnetic track and supplied as magnetic information IMb via a line 44 to a decryption mixer 28 and in it the output information IAj resulting from the method described above is decrypted and sent to the second station 32b as an account balance in plain text. This account balance can also be checked for authenticity by setting a number of zeros in the second station 32b.

The authenticity of the account balance can also be ensured, as described, for example, in DT-OS 23 50 418, in that the account balance serves on the one hand as input information for the encryption computer 16 and on the other hand is stored "clearly" on the magnetic track. In this case, one is in the encryption computer using the input information

- Secret key information IEi

—Infraction-proof information IE2

- variable information IV

—Account balance ID t generated output information IA, stored as a crypto number together with the account balance IDj on the magnetic track 2 of the identification card during the writing phase. During the later check of the authenticity of the account balance during a reading phase, the information just listed is entered into the encryption computer and the resulting output information is checked for correspondence with the stored crypto number.

6

5

10th

15

20th

25th

30th

35

40

45

50

55

60

65

7

619 551

To withdraw money from a cash dispensing machine, an amount of money is then keyed in via the keyboard 25, which is paid out by the machine and which is deducted from the current account balance in the second station 32b, and the new encrypted account balance 5 is recorded on the magnetic track in the writing phase becomes.

It is not possible to forge the account balance stored in encrypted form, since the encryption depends on the secret key and also on the forgery-proof card information. St.

All of the processes described are carried out digitally and electronically.

The line points 8, 9, 10, 19, 20, 50 correspond to those of the simplified block diagram of FIG. 2. The first station 32a controls all 15 processes in the test station that are not described further with the control information ACT.

As mentioned, the processes described apply to very high security requirements and can be significantly reduced for many applications. For lower security requirements, the counterfeit-proof information 20 can be omitted or only one card number can be present and the card information can be contained in the magnetic track. For example, with slightly higher demands, only a single track, for example the line Y1 of

Figure 2, of counterfeit-proof information, which can be scanned simultaneously with the magnetic track while the card passes through the test station. Furthermore, the forgery-proof information selected with the encryption computer, by means of secret key and variable information could directly determine the output information IA as the encryption computer input information.

In order to eliminate errors in the card scanning, the counterfeit-proof information can be stored in redundant, error-correcting codes of a known type and the two readings selected from the three identical ones as the correct ones.

Furthermore, if the variable information is used, it could be permissible to carry out further test operations in the event of a test operation which is unsuccessful, for example because of card contamination, whereby the pseudo-random selection of the tamper-proof information would switch to perfectly readable storage locations.

The entire control process and the encryption could be carried out by means of one or more microprocessors, as a result of which, due to the relatively slow processes, all the processes would be carried out in sequence and the control effort for the test processes for higher security would also be relatively small.

C.

7 sheets of drawings