EP0627713A1 - Monitoring and controlling device of the differential access to at least two separate sections provided in an enclosed space - Google Patents
Monitoring and controlling device of the differential access to at least two separate sections provided in an enclosed space Download PDFInfo
- Publication number
- EP0627713A1 EP0627713A1 EP94201452A EP94201452A EP0627713A1 EP 0627713 A1 EP0627713 A1 EP 0627713A1 EP 94201452 A EP94201452 A EP 94201452A EP 94201452 A EP94201452 A EP 94201452A EP 0627713 A1 EP0627713 A1 EP 0627713A1
- Authority
- EP
- European Patent Office
- Prior art keywords
- compartment
- central unit
- key
- actuator
- dialogue
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000012544 monitoring process Methods 0.000 title abstract 2
- 238000004891 communication Methods 0.000 claims description 7
- 230000015654 memory Effects 0.000 claims description 5
- 241001484259 Lacuna Species 0.000 abstract 1
- 241001071864 Lethrinus laticaudis Species 0.000 description 38
- 238000012423 maintenance Methods 0.000 description 19
- 238000012795 verification Methods 0.000 description 8
- 230000001276 controlling effect Effects 0.000 description 6
- 230000008439 repair process Effects 0.000 description 6
- 230000006870 function Effects 0.000 description 3
- 230000009471 action Effects 0.000 description 1
- 238000013475 authorization Methods 0.000 description 1
- 230000015556 catabolic process Effects 0.000 description 1
- 230000007123 defense Effects 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000000034 method Methods 0.000 description 1
- 238000005192 partition Methods 0.000 description 1
- 230000008569 process Effects 0.000 description 1
- 230000001105 regulatory effect Effects 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 238000010079 rubber tapping Methods 0.000 description 1
- 238000004088 simulation Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/10—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F5/00—Coin-actuated mechanisms; Interlocks
- G07F5/26—Interlocks, e.g. for locking the doors of compartments other than that to be used
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/10—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
- G07F7/1016—Devices or methods for securing the PIN and other transaction-data, e.g. by encryption
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/10—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
- G07F7/1025—Identification of user by a PIN code
- G07F7/1058—PIN is checked locally
- G07F7/1066—PIN data being compared to data on card
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F9/00—Details other than those peculiar to special kinds or types of apparatus
- G07F9/02—Devices for alarm or indication, e.g. when empty; Advertising arrangements in coin-freed apparatus
- G07F9/026—Devices for alarm or indication, e.g. when empty; Advertising arrangements in coin-freed apparatus for alarm, monitoring and auditing in vending machines or means for indication, e.g. when empty
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F9/00—Details other than those peculiar to special kinds or types of apparatus
- G07F9/06—Coin boxes
Definitions
- the present invention relates to a device capable of controlling and controlling access, according to a given hierarchy, to at least first and second compartments delimited inside an enclosure.
- the invention is more particularly applicable to a distributor of products and / or services, such as consumable products, or transport tickets, or even a parking meter.
- dispensers generally include an enclosure in which are arranged the devices capable of enabling the dispenser to operate, said enclosure being generally divided so as to delimit at least one first compartment containing the means of operation of the dispenser, such as for example the means of conveying the currency, the means of issuing a ticket corresponding to the requested service, the means of printing the ticket, or any other device necessary for the operation of the dispenser.
- the enclosure also includes a second compartment called to contain the values, and in particular the sums in cash introduced by the user. Said second compartment forms what is commonly called the piggy bank compartment.
- the latter may contain, for example, a "coin piggy bank” and a "bank notes piggy bank".
- Each compartment has its own access door.
- Access to the first compartment in which the various devices and operating systems of the dispenser are located is not regulated in the same way as access to the piggy bank.
- the people having to intervene inside the distributor for reasons of maintenance or upkeep do not normally have to intervene inside the piggy bank, access to which is reserved only for persons authorized to withdraw the funds resulting from the transactions carried out.
- Known distributors include locks making it possible to block access to the first compartment, and also to the second compartment (piggy bank compartment).
- each person called upon to intervene inside the distributor is the holder of a key.
- the persons in charge of maintenance and upkeep have a key giving access to the first compartment, while the persons authorized to withdraw the sums contained in the piggy bank, hold two keys, one for the first compartment and the another for the piggy bank.
- Devices have been proposed to try to control and regulate access to the piggy bank, and in particular to know its content.
- devices in particular in the field of parking meters, comprising a collection center, associated with a memory card, and also associated with portable computer means capable of interacting on the one hand, with the collection and on the other hand, with each parking meter, in encrypted language, in particular with a view to knowing the content of the sums contained inside the piggy bank of the parking meter questioned.
- This device provides relative control of access to the piggy bank.
- access to the piggy bank is always carried out by means of a conventional key, with the resulting limitations mentioned above.
- this device is satisfactory, it is capable of being improved, and it is precisely the object of the invention to provide a device making it possible to control and command differential access to at least two compartments delimited inside. of an enclosure, so as to identify the person seeking to intervene inside the device, and to check that it is indeed the person empowered in this regard.
- the device of the invention also aims to ensure the security of the device allowing the opening of the piggy bank, in an encrypted manner, without it being possible, for a person not authorized by a fraudulent operation inside the first compartment (maintenance) to cause the opening of the piggy bank.
- the device for controlling and controlling differential access to at least a first and a second compartment delimited inside an enclosure of a distributor of products and / or services, so to prevent access to the second compartment, while allowing access to the first compartment is characterized in that it comprises means for recognizing an object of identification of the operator and introduced from the outside, said recognition means being able to communicate in encrypted manner by means of dialogue, with a central unit capable itself of communicating in encrypted manner by second means of dialogue with an actuator, with a view to controlling the latter, the latter being disposed inside the second compartment and being capable of allowing the opening / closing of a lock associated with said second compartment, said central unit comprising means able to engen drer an encrypted message using a key specific to the central unit (mother key), said actuator having means capable of decrypting said message to find said own key, the latter thus becoming the daughter key capable of '' be used to generate at least one communication message between the actuator and the central unit and vice versa.
- said own key consists of a random number generated by the central unit.
- said object introduced by the operator is a memory card and the recognition means include a memory card reader (LCAM).
- LCAM memory card reader
- the dialogue means include a preference type algorithm, D.E.S (DATA ENCRIPTION STANDARD).
- the recognition means are also able to control a code specific to the holder of the memory card in order to control, in addition to the key (CAM), the identity of the card holder and therefore to ensure that the holder is the authorized person.
- CAM key
- the device also includes a memory capable of recording all of the operations carried out, and the identity of the participants.
- the distributor of products or services such as for example a distributor of transport tickets, bearing the general reference 1, consists of a box 2 which is rectangular and delimits inside an enclosure itself divided into a first compartment 3 and a second compartment 4.
- the second compartment 4 is delimited with respect to the first compartment 3 by partitions referenced 5.
- the second compartment 4 is of the armored type, and is called upon to contain the sums collected in exchange for the service provided to users of such a distributor.
- the second compartment 4 is commonly called the piggy bank compartment.
- the cash stored inside the piggy bank is symbolically represented and bears a general reference 6.
- the dispenser comprises inside the first compartment 3 a central unit represented by the functional block 7 and intended for the command and control of the set of devices and systems necessary and specific to the operation of the ticket dispenser.
- the central unit controls and monitors the progress of the operation of the coin selector and the routing of the coin either to the piggy bank or to the coin return; the central unit also makes it possible to control the opening and closing systems of the interior doors of the device; also, the central unit is associated with software management systems and comprising memories called to contain information specific to the operations carried out inside the dispenser.
- the piggy bank 4 is disposed inside the dispenser, and is accessible by a door of its own.
- the dispenser itself has a door allowing access to the first compartment 3, it being understood that access to the piggy bank is not possible directly since the latter is provided with a clean door actuated by a lock disposed at the interior.
- the piggy bank includes an actuator 8 capable of acting on a lock 9 capable of allowing the opening of the door (not shown) of the piggy bank 4.
- the actuator is connected to the central unit by connections symbolically represented by line 10 .
- LCAM memory card reader 11
- FIG. 1 symbolically, the hand 13 of a user carrying a memory card 14, and moreover the hand 13A of this same user in the process of striking keys 14 of a keyboard 16 arranged on one of the outer walls of the dispenser.
- a ticket 17 represents the counterpart, in the form of a service, of the cash introduced by the user / customer.
- One of the aims of the device of the invention is to allow access to the interior of the dispenser to authorized persons only, and this, moreover, in the form of a specific hierarchy according to the authorization of these the latter, certain persons being authorized to intervene inside the apparatus, in the first compartment 3, to carry out maintenance and / or repair operations there, while other persons, different from the first, will be authorized to have access to the interior of the piggy bank.
- the person called upon to intervene is symbolically represented by the hand 13 and carrying a memory card 14, of known type and comprising storage means and electronic means capable of enabling dialogue with the memory card reader "(LCAM).
- the card 14 is inserted by the user into a slot provided for this purpose and associated with LCAM) 11. This corresponds to functional block 18 of the Figure 2 (the memory card being referenced as CAM).
- the first operation carried out by LCAM is to check whether the CAM introduced complies with the type of CAM expected and suitable for the interventions to be carried out in the dispenser (see function block 19). Verification gives rise to either a negative or a positive response. If the CAM does not comply (answer no), LCAM 11 delivers information to the user, in the form of a return of the card inserted (functional block 20). This constitutes a first security step insofar as this avoids the introduction of false cards or cards which are manipulated or which do not comply with the use for which it is intended, in the context for example of the maintenance of this type of distributor.
- the device of the invention proceeds to a second verification step, namely the identification of the wearer. Indeed, it is not enough that the CAM introduced is a compliant card, but it is also appropriate that the person who introduced this card is among those who are authorized to work inside the dispenser.
- the holder of the card (block 21), the latter, as shown diagrammatically in FIG. 1, indicates on the keyboard 16 arranged on an external face of the device, a code which is specific to it, by tapping the corresponding keys 15 of the keyboard 16.
- the transaction is rejected, and therefore the card is returned to the user (block 22), or the transaction is validated, the carrier being identified. as being a suitable carrier; the device then proceeds to a third step (block 23) aimed at determining what type of operations are to be carried out, in other words, determining the identity of the person and in particular the type of intervention which he requests and that '' it is authorized to carry out (maintenance and / repair, or withdrawal of the sums disposed in the piggy bank).
- the functional block 23 offers, in the example shown, three possibilities, namely a so-called first level maintenance intervention, a so-called maintenance intervention second level, and a so-called collection intervention, that is to say access to the piggy bank in order to collect the cash it contains. These three possibilities are represented by way of example by the functional blocks of FIG. 2 referenced 24, 25 and 26.
- Access to the various possibilities is carried out by the operator who, depending on the code he has introduced at the start, or depending on the card inserted, which itself carries information specific to the operation that is capable of carrying out the service provider, thus chooses the corresponding functional block (24, 25 or 26).
- the operator wishes a so-called first level maintenance operation (that is to say on only some of the devices contained in the distributor and / or for the consultation of certain computer files, or repair )
- it should be checked once again that this is possible taking into account the nature of the card introduced, the holder, and / or other information such as the advisability of a maintenance operation and / or repair, and depending for example on the date of the last intervention or any other factual element, such as a breakdown requiring intervention.
- Blocks 27, 28 and 29 correspond to these last verification steps.
- blocks 30, 31 and 32 symbolizing the unlocking of the corresponding door, namely for blocks 30 and 31, unlocking the main door for operations maintenance and / or repair, and for block 32, unlocking of the piggy bank compartment door.
- the card holder and card identification verification operations and requested operations make it possible, by memorizing this information, in the central unit during the course of the latter, that the persons intervening are the correct ones people, but also that, for example, the person responsible for collecting data is indeed an authorized person. It is also ensured that the latter does not intervene to carry out maintenance and / or repair operations which would exceed its function and / or its capacities.
- FIG. 3 shows, in more detail, the means which allow the dialogue between the various elements of the invention, and in particular between the LCAM, the central unit, the actuator and the lock of the piggy bank.
- the central unit 7 is connected, symbolically for the convenience of understanding the invention, to a means capable of generating a random number, reference 40, and a memory 41 containing a mother key in the form of a numerical value. These numerical values (random number and mother key) are used to encrypt the information which is conveyed between the central unit and the actuator, by the communication line 10.
- the encryption means are known in themselves, on the hardware level, and for example can call, in the form of software, a known algorithm, such as an algorithm of the DES (DATA ENCRIPTION STANDARD) type. These algorithms are known in themselves and are not described below in more detail.
- the encryption / decryption means are symbolically represented by the block.
- the central unit 7 receives from the functional block 32 (corresponding to the functional block 32 of FIG. 2) a request to unlock the access door to the piggy bank, with a view to collection.
- the actuator 8 is associated with the mother key from the block 41, and also with means for encryption / decryption referenced 43.
- the actuator is capable of controlling, by a command line in bold line and bearing the reference 44, the lock 9 capable of opening the door of the piggy bank 4.
- the central unit upon receipt of a request to open the door of the piggy bank 4, draws a random number from block 40 and encrypts this value by means 42, using the mother key of block 41
- This encrypted value of the random value is addressed by the communication line 10 to the actuator 8.
- the actuator in turn, by its own decryption means 43, knowing the mother key of block 41, is able to find said random number.
- the latter then becomes the daughter key which will encrypt the communication between the central unit 7 and the actuator 8.
- the encryption may be carried out as indicated above using an algorithm of the known type such as call to a DES function.
- the communication between the central unit and the actuator is carried out in encrypted form, in an inviolable manner, since the daughter key used to encrypt the message is a random number which is known only to the central unit and the actuator. It is therefore not possible to intervene at the communication level, by fraudulent maneuvers of simulation, display or detection of the commands or orders communicated, to actuate the actuator with a view to the opening of the piggy bank 4
- the link 44 between the actuator and the lock is a so-called power link since the lock is essentially an electrical-mechanical device which requires electrical power, in particular significant power.
- the device of the invention makes it possible to isolate the actuator part inside the piggy bank, and thus to prevent any direct action on the lock, by means of power relatively easy to duplicate.
- the device includes means for memorizing the characteristics of the operations carried out, such as the number of operations, the identity of the people involved and also the memorization of the characteristics of valid memory cards but which have been lost and then found by an unauthorized person and fraudulently introduced into the dispenser. This allows from the start of operations to identify any fraudulent maneuver.
- the system of the invention also makes it possible to ensure security of access to the maintenance compartment which can hold, in the form of pre-printed transport tickets, very important values.
- the actuator and the encryption system of the invention control the opening of the two doors of the two compartments "piggy bank” and "maintenance".
- a person authorized for maintenance who has opened the maintenance door, must not have access to the closing system of this same door; otherwise, he could fraudulently block the actuator and thus intervene later on a machine without "defense".
Landscapes
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- Lock And Its Accessories (AREA)
- Control Of Vending Devices And Auxiliary Devices For Vending Devices (AREA)
- Medical Treatment And Welfare Office Work (AREA)
- Vending Machines For Individual Products (AREA)
- Time Recorders, Dirve Recorders, Access Control (AREA)
Abstract
Description
La présente invention concerne un dispositif susceptible de contrôler et commander l'accès, selon une hiérarchie donnée, à au moins un premier et un second compartiments délimités à l'intérieur d'une enceinte. L'invention est plus particulièrement applicable à un distributeur de produits et/ou services, tel que produits consommables, ou de tickets de transport, ou encore un horodateur.The present invention relates to a device capable of controlling and controlling access, according to a given hierarchy, to at least first and second compartments delimited inside an enclosure. The invention is more particularly applicable to a distributor of products and / or services, such as consumable products, or transport tickets, or even a parking meter.
On sait que de tels distributeurs comportent généralement une enceinte dans lequel sont disposés les appareils aptes à permettre le fonctionnement du distributeur, ladite enceinte étant généralement divisée de manière à délimiter au moins un premier compartiment contenant les moyens de fonctionnement du distributeur, tels que par exemple les moyens d'acheminement de la monnaie, les moyens de délivrance d'un ticket correspondant au service demandé, les moyens d'impression du ticket, ou tout autre appareil nécessaire au fonctionnement du distributeur. L'enceinte comporte également un second compartiment appelé à contenir les valeurs, et notamment les sommes en numéraire introduites par l'utilisateur. Ledit second compartiment formae ce qu'on appelle communément le compartiment tirelire. Ce dernier peut contenir par exemple une "tirelire pièces" et une "tirelire billets".We know that such dispensers generally include an enclosure in which are arranged the devices capable of enabling the dispenser to operate, said enclosure being generally divided so as to delimit at least one first compartment containing the means of operation of the dispenser, such as for example the means of conveying the currency, the means of issuing a ticket corresponding to the requested service, the means of printing the ticket, or any other device necessary for the operation of the dispenser. The enclosure also includes a second compartment called to contain the values, and in particular the sums in cash introduced by the user. Said second compartment forms what is commonly called the piggy bank compartment. The latter may contain, for example, a "coin piggy bank" and a "bank notes piggy bank".
Chaque compartiment possède sa propre porte d'accès.Each compartment has its own access door.
L'accès au premier compartiment dans lequel se trouvent les différents appareils et systèmes de fonctionnement du distributeur n'est pas réglementé de la même manière que l'accès à la tirelire. En d'autres termes, les personnes ayant à intervenir à l'intérieur du distributeur pour des raisons de maintenance ou d'entretien, n'ont pas, normalement, à intervenir à l'intérieur de la tirelire, dont l'accès est réservé aux seules personnes habilitées à prélever les fonds résultants des transactions effectuées.Access to the first compartment in which the various devices and operating systems of the dispenser are located is not regulated in the same way as access to the piggy bank. In other words, the people having to intervene inside the distributor for reasons of maintenance or upkeep, do not normally have to intervene inside the piggy bank, access to which is reserved only for persons authorized to withdraw the funds resulting from the transactions carried out.
Les distributeurs connus comportent des serrures permettant de bloquer l'accès au premier compartiment, et également, au second compartiment (compartiment tirelire) Ainsi, chaque personne appelée à intervenir à l'intérieur du distributeur est détenteur d'une clé. Les personnes chargées de la maintenance et de l'entretien possèdent une clé permettant d'accéder au premier compartiment, tandis que les personnes habilitées à prélever les sommes contenues dans la tirelire, détiennent deux clés, l'une pour le premier compartiment et l'autre pour la tirelire.Known distributors include locks making it possible to block access to the first compartment, and also to the second compartment (piggy bank compartment). Thus, each person called upon to intervene inside the distributor is the holder of a key. The persons in charge of maintenance and upkeep have a key giving access to the first compartment, while the persons authorized to withdraw the sums contained in the piggy bank, hold two keys, one for the first compartment and the another for the piggy bank.
Ce système de clés soulève des difficultés. La première est que les clés sont susceptibles d'être dupliquées relativement facilement, et il est donc possible de faire circuler ces clés ou de les donner à d'autres personnes que celles habilitées. Il est certain également que les personnes à intervenir dans ces appareils peuvent être tentées d'effectuer des manoeuvres frauduleuses à l'intérieur des distributeurs. Par ailleurs, des contraintes de simplification de gestion conduisent à prévoir des clés identiques pour un grand nombre de distributeurs. Cependant, ce faisant, on augmente les risques de tentative de fraude.This key system raises difficulties. The first is that the keys are likely to be duplicated relatively easily, and it is therefore possible to circulate these keys or to give them to people other than those authorized. It is also certain that the people involved in these devices may be tempted to carry out fraudulent maneuvers inside the dispensers. In addition, management simplification constraints lead to the provision of identical keys for a large number of distributors. However, doing so increases the risk of attempted fraud.
Egalement, du point de vue de la gestion d'un parc de distributeurs de ce type, il est important pour le gestionnaire de connaître avec le plus d'exactitude possible, la nature des opérations effectuées ainsi que leur fréquence, et également l'identité des personnes intervenues à cette occasion et ceci est particulièrement important en ce qui concerne les personnes chargées du prélèvement des sommes contenues dans la tirelire.Also, from the point of view of the management of a fleet of distributors of this type, it is important for the manager to know with as much accuracy as possible, the nature of the operations carried out as well as their frequency, and also the identity of persons intervened on this occasion and this is particularly important with regard to the persons responsible for the collection of the sums contained in the piggy bank.
En conclusion, il est souhaitable de déterminer, à chaque intervention à l'intérieur du distributeur, l'identité de la personne effectuant cette intervention, afin de contrôler si la personne cherchant à intervenir est une personne habilitée. Il est évident qu'un système de serrures à clé classique ne permet pas d'assurer ce contrôle, puisque les clés peuvent être dupliquées et le détenteur d'une clé n'est pas forcément une personne habilitée.In conclusion, it is desirable to determine, at each intervention inside the distributor, the identity of the person carrying out this intervention, in order to check whether the person seeking to intervene is an authorized person. It is obvious that a conventional key lock system does not allow this control, since the keys can be duplicated and the holder of a key is not necessarily an authorized person.
On a proposé des dispositifs pour tenter de contrôler et réglementer l'accès à la tirelire, et notamment pour connaître son contenu. Il existe ainsi des dispositifs, notamment dans le domaine des horodateurs, comportant un centre de collecte, associé à une carte à mémoire, et également associé à des moyens informatiques portables susceptibles de dialoguer d'une part, avec le centre de collecte et d'autre part, avec chaque horodateur, en langage crypté, en vue notamment de connaître le contenu des sommes contenues à l'intérieur de la tirelire de l'horodateur interrogé. Ce dispositif assure un contrôle relatif de l'accès à la tirelire. Cependant, l'accès à la tirelire est toujours réalisé par l'intermédiaire d'une clé classique, avec les limitations qui en résultent et mentionnées précédemment.Devices have been proposed to try to control and regulate access to the piggy bank, and in particular to know its content. There are thus devices, in particular in the field of parking meters, comprising a collection center, associated with a memory card, and also associated with portable computer means capable of interacting on the one hand, with the collection and on the other hand, with each parking meter, in encrypted language, in particular with a view to knowing the content of the sums contained inside the piggy bank of the parking meter questioned. This device provides relative control of access to the piggy bank. However, access to the piggy bank is always carried out by means of a conventional key, with the resulting limitations mentioned above.
Bien que ce dispositif donne satisfaction, il est susceptible d'être amélioré, et c'est précisément l'objet de l'invention de proposer un dispositif permettant de contrôler et commander l'accès différentiel à au moins deux compartiments délimités à l'intérieur d'une enceinte, de façon à identifier la personne cherchant à intervenir à l'intérieur de l'appareil, et à contrôler que celle-ci est bien la personne habilitée à cet égard. Le dispositif de l'invention a également pour but d'assurer la sécurité du dispositif permettant l'ouverture de la tirelire, de manière cryptée, sans qu'il soit possible, pour une personne non autorisée par une manoeuvre frauduleuse à l'intérieur du premier compartiment (maintenance) de provoquer l'ouverture de la tirelire.Although this device is satisfactory, it is capable of being improved, and it is precisely the object of the invention to provide a device making it possible to control and command differential access to at least two compartments delimited inside. of an enclosure, so as to identify the person seeking to intervene inside the device, and to check that it is indeed the person empowered in this regard. The device of the invention also aims to ensure the security of the device allowing the opening of the piggy bank, in an encrypted manner, without it being possible, for a person not authorized by a fraudulent operation inside the first compartment (maintenance) to cause the opening of the piggy bank.
A cette fin, selon l'invention, le dispositif pour contrôler et commander l'accès différentiel à au moins un premier et un second compartiments délimités à l'intérieur d'une enceinte d'un distributeur de produits et/ou services, de manière à empêcher l'accès au second compartiment, tout en permettant l'accès au premier compartiment, est caractérisé en ce qu'il comporte des moyens de reconnaissance d'un objet d'identification de l'intervenant et introduit depuis l'extérieur, lesdits moyens de reconnaissance étant aptes à communiquer de manière cryptée par des moyens de dialogue, avec une unité centrale apte elle-même à communiquer de manière cryptée par des seconds moyens de dialogue avec un actionneur, en vue de commander ce dernier, celui-ci étant disposé à l'intérieur du second compartiment et étant susceptible de permettre l'ouverture/fermeture d'une serrure associée audit second compartiment, ladite unité centrale comportant des moyens aptes à engendrer un message crypté à l'aide d'une clé propre à l'unité centrale (clé-mère), ledit actionneur possédant des moyens aptes à décrypter ledit message pour retrouver ladite clé propre, cette dernière devenant ainsi la clé-fille susceptible d'être utilisée pour engendrer au moins un message de communication entre l'actionneur et l'unité centrale et inversement.To this end, according to the invention, the device for controlling and controlling differential access to at least a first and a second compartment delimited inside an enclosure of a distributor of products and / or services, so to prevent access to the second compartment, while allowing access to the first compartment, is characterized in that it comprises means for recognizing an object of identification of the operator and introduced from the outside, said recognition means being able to communicate in encrypted manner by means of dialogue, with a central unit capable itself of communicating in encrypted manner by second means of dialogue with an actuator, with a view to controlling the latter, the latter being disposed inside the second compartment and being capable of allowing the opening / closing of a lock associated with said second compartment, said central unit comprising means able to engen drer an encrypted message using a key specific to the central unit (mother key), said actuator having means capable of decrypting said message to find said own key, the latter thus becoming the daughter key capable of '' be used to generate at least one communication message between the actuator and the central unit and vice versa.
De manière avantageuse, ladite clé propre est constituée d'un nombre aléatoire engendré par l'unité centrale.Advantageously, said own key consists of a random number generated by the central unit.
Selon une forme préférée de réalisation, ledit objet introduit par l'intervenant est une carte à mémoire et les moyens de reconnaissance incluent un lecteur de carte à mémoire (LCAM).According to a preferred embodiment, said object introduced by the operator is a memory card and the recognition means include a memory card reader (LCAM).
Les moyens de dialogue incluent un algorithme du type de préférence, D.E.S (DATA ENCRIPTION STANDARD).The dialogue means include a preference type algorithm, D.E.S (DATA ENCRIPTION STANDARD).
Les moyens de reconnaissance sont également aptes à contrôler un code propre au porteur de la carte à mémoire en vue de contrôler, en plus de la clé (CAM), l'identité du porteur de la carte et donc de s'assurer que le porteur est bien la personne autorisée.The recognition means are also able to control a code specific to the holder of the memory card in order to control, in addition to the key (CAM), the identity of the card holder and therefore to ensure that the holder is the authorized person.
Le dispositif comporte également une mémoire apte à enregistrer l'ensemble des opérations effectuées, et l'identité des intervenants.The device also includes a memory capable of recording all of the operations carried out, and the identity of the participants.
L'invention sera bien comprise à la lumière de la description qui suit, se rapportant à un exemple illustratif mais non limitatif, en référence aux dessins annexés dans lequel:
- la figure 1 montre de façon schématique un distributeur, en coupe longitudinale, et incluant les moyens de l'invention;
- la figure 2 est un schéma synoptique du fonctionnement du dispositif de l'invention; et
- la figure 3, montre de manière schématique, le dialogue entre l'unité centrale et l'actionneur.
- Figure 1 schematically shows a distributor, in longitudinal section, and including the means of the invention;
- Figure 2 is a block diagram of the operation of the device of the invention; and
- Figure 3 shows schematically the dialogue between the central unit and the actuator.
Comme montré sur la figure 1, le distributeur de produits ou services, tel que par exemple un distributeur de tickets de transport, portant la référence générale 1, est constitué d'un caisson 2 parallélipipédique et délimitant à l'intérieur une enceinte elle-même divisée en un premier compartiment 3 et un second compartiment 4. Le second compartiment 4 est délimité par rapport au premier compartiment 3 par des cloisons référencées 5. Le second compartiment 4 est du type blindé, et est appelé à contenir les sommes perçues en échange du service procuré aux utilisateurs d'un tel distributeur. Le deuxième compartiment 4 est communément appelé compartiment tirelire. Le numéraire stocké à l'intérieur de la tirelire est symboliquement représenté et porte une référence générale 6. Le distributeur comporte à l'intérieur du premier compartiment 3 une unité centrale représentée par le bloc fonctionnel 7 et destinée à la commande et au contrôle de l'ensemble des appareils et systèmes nécessaires et propres au fonctionnement du distributeur de tickets. Par exemple, l'unité centrale commande et surveille le déroulement du fonctionnement du sélecteur de monnaie et l'acheminement de la monnaie soit vers la tirelire, soit vers le rendu monnaie; l'unité centrale permet également de commander les systèmes d'ouverture et de fermeture des portes intérieures du dispositif; également, l'unité centrale est associée à des systèmes de gestion par logiciel et comportant des mémoires appelées à contenir des informations propres aux opérations effectuées à l'intérieur du distributeur.As shown in FIG. 1, the distributor of products or services, such as for example a distributor of transport tickets, bearing the
La tirelire 4 est disposée à l'intérieur du distributeur, et est accessible par une porte qui lui est propre. Le distributeur comporte lui-même une porte permettant d'accéder au premier compartiment 3, étant entendu que l'accès à la tirelire n'est pas possible directement puisque cette dernière est munie d'une porte propre actionnée par une serrure disposée à l'intérieur.The
La tirelire comporte un actionneur 8 apte à agir sur une serrure 9 susceptible de permettre l'ouverture de la porte (non représentée) de la tirelire 4. L'actionneur est relié à l'unité centrale par des liaisons symboliquement représentées par la ligne 10.The piggy bank includes an
Egalement à l'intérieur du distributeur est disposé un lecteur de carte à mémoire 11 (LCAM), lui-même relié à l'unité centrale par une liaison 12.Also inside the distributor is a memory card reader 11 (LCAM), itself connected to the central unit by a
Sont également représentées sur la figure 1, de manière symbolique, la main 13 d'un utilisateur portant une carte à mémoire 14, et par ailleurs la main 13A de ce même utilisateur en train de frapper des touches 14 d'un clavier 16 disposé sur une des parois extérieure du distributeur.Also shown in FIG. 1, symbolically, the
Un ticket 17 représente la contrepartie, sous forme d'un service, du numéraire introduit par l'utilisateur/client.A ticket 17 represents the counterpart, in the form of a service, of the cash introduced by the user / customer.
Un des buts du dispositif de l'invention est de permettre l'accès à l'intérieur du distributeur aux seules personnes autorisées et ce, de plus, sous forme d'une hiérarchie spécifique en fonction de l'habilitation de ces dernières, certaines personnes étant autorisées à intervenir à l'intérieur de l'appareil, dans le premier compartiment 3, pour y effectuer des opérations de maintenance et/ou de réparation, tandis que d'autres personnes, différentes des premières, seront habilitées à avoir accès à l'intérieur de la tirelire.One of the aims of the device of the invention is to allow access to the interior of the dispenser to authorized persons only, and this, moreover, in the form of a specific hierarchy according to the authorization of these the latter, certain persons being authorized to intervene inside the apparatus, in the
En référence aux figures 1 et 2, la personne appelée à intervenir (pour maintenance ou accès à la tirelire) est symboliquement représentée par la main 13 et porteuse d'une carte à mémoire 14, de type connu et comportant des moyens de mémorisation et des moyens électroniques aptes à permettre un dialogue avec le lecteur de carte à mémoire" (LCAM). La carte 14 est introduite par l'utilisateur dans une fente prévue à cet effet et associée au LCAM) 11. Ceci correspond au bloc fonctionnel 18 de la figure 2 (la carte à mémoire étant reférencée comme CAM).With reference to FIGS. 1 and 2, the person called upon to intervene (for maintenance or access to the piggy bank) is symbolically represented by the
La première opération qu'effectue le LCAM est de vérifier si la CAM introduite est conforme au type de CAM attendu et propre aux interventions à effectuer dans le distributeur (voir bloc fonctionnel 19). La vérification donne lieu à une réponse soit négative, soit positive. Si la CAM n'est pas conforme (réponse non) le LCAM 11 délivre une information à l'utilisateur, sous forme du renvoi de la carte introduite (bloc fonctionnel 20). Ceci constitue une première étape de sécurité dans la mesure où on évite ainsi l'introduction de fausses cartes ou de cartes manipulées ou qui ne seraient pas conformes à l'utilisation à laquelle elle est destinée, dans le cadre par exemple de la maintenance de ce type de distributeur.The first operation carried out by LCAM is to check whether the CAM introduced complies with the type of CAM expected and suitable for the interventions to be carried out in the dispenser (see function block 19). Verification gives rise to either a negative or a positive response. If the CAM does not comply (answer no), LCAM 11 delivers information to the user, in the form of a return of the card inserted (functional block 20). This constitutes a first security step insofar as this avoids the introduction of false cards or cards which are manipulated or which do not comply with the use for which it is intended, in the context for example of the maintenance of this type of distributor.
Dans l'hypothèse ou la CAM a été reconnue comme conforme, le dispositif de l'invention procède à une seconde étape de vérification, à savoir l'identification du porteur. En effet, il ne suffit pas que la CAM introduite soit une carte conforme, mais il convient également que la personne ayant introduit cette carte soit bien parmi celles qui sont autorisées à intervenir à l'intérieur du distributeur. Afin d'identifier le porteur de la carte (bloc 21), ce dernier, comme représenté schématiquement sur la figure 1, indique sur le clavier 16 disposé sur une face extérieure de l'appareil, un code qui lui est propre, en tapant sur les touches 15 correspondantes du clavier 16.In the event that the CAM has been recognized as compliant, the device of the invention proceeds to a second verification step, namely the identification of the wearer. Indeed, it is not enough that the CAM introduced is a compliant card, but it is also appropriate that the person who introduced this card is among those who are authorized to work inside the dispenser. In order to identify the holder of the card (block 21), the latter, as shown diagrammatically in FIG. 1, indicates on the
Là encore, en fonction du résultat de cette vérification, on aboutit soit au rejet de l'opération, et donc au renvoi de la carte vers l'utilisateur (bloc 22), soit à la validation de l'opération, le porteur étant identifié comme étant un porteur approprié; le dispositif procède alors à une troisième étape (bloc 23) visant à déterminer quel type d'opérations sont à effectuer, en d'autres termes, déterminer l'identité de la personne et notamment le type d'intervention qu'elle sollicite et qu'elle est autorisée à effectuer (maintenance et/réparation, ou prélèvement des sommes disposées dans la tirelire).Again, depending on the result of this verification, either the transaction is rejected, and therefore the card is returned to the user (block 22), or the transaction is validated, the carrier being identified. as being a suitable carrier; the device then proceeds to a third step (block 23) aimed at determining what type of operations are to be carried out, in other words, determining the identity of the person and in particular the type of intervention which he requests and that '' it is authorized to carry out (maintenance and / repair, or withdrawal of the sums disposed in the piggy bank).
Les éléments qui précèdent relatifs au fonctionnement du dispositif en relation avec la figure 2, ont été réalisés par un dialogue entre le LCAM 11 et l'unité centrale, par la liaison 12 (figure 1). Les vérifications de la conformité de la carte, de la conformité du porteur, et la détermination de la nature de l'intervention à effectuer sont réalisées par l'unité centrale.The above elements relating to the operation of the device in relation to FIG. 2, were produced by a dialogue between the
En ce qui concerne la détermination de la nature de l'intervention demandée par l'utilisateur, le bloc fonctionnel 23 offre, dans l'exemple représenté, trois possibilités, à savoir une intervention de maintenance dite de premier niveau, une intervention de maintenance dite de second niveau, et une intervention dite de collecte, c'est-à-dire d'accès à la tirelire en vue de prélever le numéraire qu'elle contient. Ces trois possibilités sont représentées à titre d'exemple par les blocs fonctionnels de la figure 2 référencés 24, 25 et 26.As regards the determination of the nature of the intervention requested by the user, the
L'accès aux différentes possibilités est effectué par l'intervenant qui, en fonction du code qu'il a introduit au départ, ou encore en fonction de la carte introduite qui elle-même porte une information propre à l'opération qu'est apte à effectuer l'intervenant, choisit ainsi le bloc fonctionnel correspondant (24, 25 ou 26). Dans l'hypothèse où l'intervenant souhaite une opération de maintenance dite de premier niveau (c'est-à-dire sur certains seulement des appareils contenus dans le distributeur et/ou en vue de la consultation de certains fichies informatiques, ou de réparation), il convient de s'assurer encore une fois que celle-ci est possible compte tenu de la nature de la carte introduite, du porteur, et/ou d'autres informations telles que l'opportunité d'une opération de maintenance et/ou de réparation, et en fonction par exemple de la date de la dernière intervention ou tout autre élément de fait, tel qu'une panne nécessitant une intervention.Access to the various possibilities is carried out by the operator who, depending on the code he has introduced at the start, or depending on the card inserted, which itself carries information specific to the operation that is capable of carrying out the service provider, thus chooses the corresponding functional block (24, 25 or 26). In the event that the operator wishes a so-called first level maintenance operation (that is to say on only some of the devices contained in the distributor and / or for the consultation of certain computer files, or repair ), it should be checked once again that this is possible taking into account the nature of the card introduced, the holder, and / or other information such as the advisability of a maintenance operation and / or repair, and depending for example on the date of the last intervention or any other factual element, such as a breakdown requiring intervention.
Pour le bloc 24, on aboutit ainsi au bloc 27 symbolisant la dernière étape de vérification consistant à vérifier si l'opération demandée est possible; dans l'affirmative, l'unité centrale provoquera le déverrouillage de la porte de l'ensemble distributeur et permettra ainsi l'accès à l'intérieur de ce dernier (sauf à la tirelire). Dans le cas où l'accès est refusé, le dispositif provoque le retour de l'information vers le menu de maintenance premier niveau.For
Ainsi, pour chaque type d'opération souhaitée, une vérification est effectuée, aboutissant à un refus ou à une acceptation, qui se traduit par l'ouverture de la porte correspondante ou le maintien fermé de ladite porte (en cas de refus). Les blocs 27, 28 et 29 correspondent à ces dernières étapes de vérification.Thus, for each type of operation desired, a verification is carried out, leading to a refusal or acceptance, which results in the opening of the corresponding door or the keeping of the said door closed (in case of refusal).
En cas d'acceptation des opérations demandées, on aboutit aux blocs 30, 31 et 32, symbolisant le déverrouillage de la porte correspondante, à savoir pour les blocs 30 et 31, le déverrouillage de la porte principale en vue d'opérations de maintenance et/ou de réparation, et pour le bloc 32, le déverrouillage de la porte du compartiment tirelire.If the requested operations are accepted, it leads to
Les opérations de vérification de porteurs de carte et d'identification de carte et d'opérations demandées, permettent de s'assurer, en mémorisant ces informations, dans l'unité centrale lors du déroulement de ces dernières, que les personnes intervenant soient les bonnes personnes, mais également que par exemple la personne amenée à faire la collecte, soit bien une personne autorisée. On s'assure également que cette dernière n'intervient pas pour effectuer des opérations de maintenance et/ou de réparation qui dépasserait sa fonction et/ou ses capacités.The card holder and card identification verification operations and requested operations make it possible, by memorizing this information, in the central unit during the course of the latter, that the persons intervening are the correct ones people, but also that, for example, the person responsible for collecting data is indeed an authorized person. It is also ensured that the latter does not intervene to carry out maintenance and / or repair operations which would exceed its function and / or its capacities.
La figure 3 montre, plus en détail, les moyens qui permettent le dialogue entre les différents éléments de l'invention, et notamment entre le LCAM, l'unité centrale, l'actionneur et la serrure de la tirelire.FIG. 3 shows, in more detail, the means which allow the dialogue between the various elements of the invention, and in particular between the LCAM, the central unit, the actuator and the lock of the piggy bank.
L'unité centrale 7 est reliée, de façon symbolique pour la commodité de la compréhension de l'invention, à un moyen susceptible d'engendrer un nombre aléatoire, référence 40, et une mémoire 41 contenant une clé-mère sous forme d'une valeur numérique. Ces valeurs numériques (nombre aléatoire et clé-mère) sont utilisées pour crypter l'information qui est véhiculée entre l'unité centrale et l'actionneur, par la ligne de communication 10. Les moyens de cryptage sont connus en eux-mêmes, sur le plan matériel, et par exemple peuvent faire appel, sous forme d'un logiciel, à un algorithme connu, tel qu'un algorithme du type DES (DATA ENCRIPTION STANDARD). Ces algorithmes sont connus en eux-mêmes et ne sont pas décrits ci-après plus en détail. Les moyens de cryptage/décryptage sont symboliquement représentés par le bloc.The
L'unité centrale 7 reçoit du bloc fonctionnel 32 (correspondant au bloc fonctionnel 32 de la figure 2) une demande de déverrouillage de la porte d'accès à la tirelire, en vue de la collecte. L'actionneur 8 est associé à la clé-mère issue du bloc 41, et également à des moyens de cryptage/décryptage référencés 43. L'actionneur est susceptible de commander, par une ligne de commande en trait gras et portant la référence 44, la serrure 9 apte à ouvrir la porte de la tirelire 4.The
L'unité centrale, au reçu d'une demande d'ouverture de la porte de la tirelire 4, tire un nombre aléatoire du bloc 40 et crypte cette valeur par les moyens 42, à l'aide de la clé-mère du bloc 41. Cette valeur cryptée de la valeur aléatoire est adressée par la ligne de communication 10 vers l'actionneur 8. L'actionneur à son tour, par ses propres moyens de décryptage 43, connaissant la clé-mère du bloc 41, est capable de retrouver ledit nombre aléatoire.The central unit, upon receipt of a request to open the door of the
Ce dernier devient alors la clé-fille qui permettra de crypter la communication entre l'unité centrale 7 et l'actionneur 8. Le cryptage pourra être effectué comme indiqué ci-dessus à l'aide d'un algorithme du type connu tel que faisant appel à une fonction DES.The latter then becomes the daughter key which will encrypt the communication between the
Ainsi la communication entre l'unité centrale et l'actionneur est réalisée sous forme cryptée, de manière inviolable, puisque la clé-fille servant à crypter le message est un nombre aléatoire qui n'est connu que de l'unité centrale et de l'actionneur. Il n'est donc pas possible d'intervenir au niveau de la communication, par des manoeuvres frauduleuses de simulation, de visualisation ou de détection des commandes ou ordres communiqués, d'actionner l'actionneur en vue de l'ouverture de la tirelire 4. La liaison 44 entre l'actionneur et la serrure est une liaison dite de puissance puisque la serrure est essentiellement un appareil électricomécanique qui nécessite une puissance électrique, notamment importante. Le dispositif' de l'invention permet d'isoler la partie actionneur à l'intérieur de la tirelire, et ainsi d'empêcher toute action directe sur la serrure, par des moyens de puissance relativement aisés à dupliquer.Thus, the communication between the central unit and the actuator is carried out in encrypted form, in an inviolable manner, since the daughter key used to encrypt the message is a random number which is known only to the central unit and the actuator. It is therefore not possible to intervene at the communication level, by fraudulent maneuvers of simulation, display or detection of the commands or orders communicated, to actuate the actuator with a view to the opening of the
En complément, le dispositif comporte des moyens de mémorisation des caractéristiques des opérations effectuées, telles que le nombre d'opérations, l'identité des personnes intervenant et également de mémorisation des caractéristiques de cartes à mémoire valables mais qui ont été égarées puis retrouvées par une personne non autorisée et introduites dans le distributeur de manière frauduleuse. Ceci permet dès le début des opérations d'identifier toute manoeuvre frauduleuse.In addition, the device includes means for memorizing the characteristics of the operations carried out, such as the number of operations, the identity of the people involved and also the memorization of the characteristics of valid memory cards but which have been lost and then found by an unauthorized person and fraudulently introduced into the dispenser. This allows from the start of operations to identify any fraudulent maneuver.
La description qui précède se réfère à l'aspect sécurité vis-à-vis de la tirelire (monnaie).The above description refers to the security aspect vis-à-vis the piggy bank (money).
Le système de l'invention permet également d'assurer la sécurité d'accès au compartiment maintenance pouvant détenir, sous forme de titres de transport pré-imprimés, des valeurs très importantes.The system of the invention also makes it possible to ensure security of access to the maintenance compartment which can hold, in the form of pre-printed transport tickets, very important values.
En effet, l'actionneur et le système de cryptage de l'invention commandent l'ouverture des deux portes des deux compartiments "tirelire" et "maintenance".Indeed, the actuator and the encryption system of the invention control the opening of the two doors of the two compartments "piggy bank" and "maintenance".
Une personne autorisée pour la maintenance, ayant ouvert la porte maintenance ne doit pas avoir accès au système de fermeture de cette même porte; à défaut, il pourrait frauduleusement bloquer l'actionneur et ainsi intervenir plus tard sur une machine sans "défense".A person authorized for maintenance, who has opened the maintenance door, must not have access to the closing system of this same door; otherwise, he could fraudulently block the actuator and thus intervene later on a machine without "defense".
C'est pourquoi l'ensemble de fermeture complet compartiment maintenance et compartiment tirelire sont situés dans la zone blindée du compartiment tirelire.This is why the complete maintenance compartment and piggy bank closing assembly are located in the shielded zone of the piggy bank compartment.
L'invention n'est pas limitée au mode de réalisation décrit ci-dessus, mais englobe toute variante telle qu'elle apparaît dans les revendications ci-après.The invention is not limited to the embodiment described above, but encompasses any variant as it appears in the claims below.
Claims (6)
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
FR9306589A FR2706058B1 (en) | 1993-06-02 | 1993-06-02 | Device for controlling and controlling differential access to at least two compartments inside an enclosure. |
FR9306589 | 1993-06-02 |
Publications (2)
Publication Number | Publication Date |
---|---|
EP0627713A1 true EP0627713A1 (en) | 1994-12-07 |
EP0627713B1 EP0627713B1 (en) | 1997-09-24 |
Family
ID=9447671
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP94201452A Expired - Lifetime EP0627713B1 (en) | 1993-06-02 | 1994-05-24 | Monitoring and controlling device of the differential access to at least two separate sections provided in an enclosed space |
Country Status (6)
Country | Link |
---|---|
US (1) | US5434399A (en) |
EP (1) | EP0627713B1 (en) |
JP (1) | JPH07173959A (en) |
DE (1) | DE69405811T2 (en) |
ES (1) | ES2108365T3 (en) |
FR (1) | FR2706058B1 (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP1612747A1 (en) * | 2004-07-02 | 2006-01-04 | NCR International, Inc. | A self-service terminal |
CN109448206A (en) * | 2018-12-29 | 2019-03-08 | 合肥美的智能科技有限公司 | Lock body control method, retail units and storage medium |
Families Citing this family (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5614892A (en) * | 1995-04-24 | 1997-03-25 | Pom, Inc. | Payment slot communicating apparatus for vendng prices |
GB2338816B (en) * | 1995-10-18 | 2000-03-15 | David Brian Johnson | Access mechanism for vending apparatus gaming machines and the like |
GB9521398D0 (en) * | 1995-10-18 | 1995-12-20 | Johnson David B | Vending apparatus |
US6823317B1 (en) * | 1996-04-02 | 2004-11-23 | Axxian Technologies Inc | Urban parking system |
US6505774B1 (en) | 1998-12-09 | 2003-01-14 | Miti Manufacturing Company | Automated fee collection and parking ticket dispensing machine |
DE20109609U1 (en) | 2001-06-08 | 2001-08-30 | Bode-Panzer AG, 30916 Isernhagen | Automatic money dispenser |
US6942144B2 (en) * | 2002-11-26 | 2005-09-13 | Neopost Industrie Sa | Secure remote access to metering product enclosure |
WO2007045051A1 (en) * | 2005-10-21 | 2007-04-26 | Honeywell Limited | An authorisation system and a method of authorisation |
AU2011224140B2 (en) | 2010-09-27 | 2015-12-17 | Multitrode Pty Ltd | Controlling Access to a Control Panel Compartment |
DE102011052575A1 (en) * | 2011-08-11 | 2013-02-14 | Wincor Nixdorf International Gmbh | Device for handling coins |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
NL8204672A (en) * | 1982-12-01 | 1984-07-02 | Nedap Nv | Night-safe for bank - uses electronic detector to accept only cash cassettes which respond with authorisation code |
WO1985001139A1 (en) * | 1983-08-25 | 1985-03-14 | Ncr Corporation | A system having controlled access thereto and a method of operating such a system |
US4512453A (en) * | 1982-09-24 | 1985-04-23 | Umc Industries, Inc. | Vendor accountability system |
US4730117A (en) * | 1986-10-03 | 1988-03-08 | General Signal Corporation | Cash box identification system |
WO1991001428A1 (en) * | 1989-07-17 | 1991-02-07 | Axyval | System for protecting documents or objects enclosed in a tamper-proof container |
WO1993012510A1 (en) * | 1991-12-17 | 1993-06-24 | Gemplus Card International | Method for intervention on a terminal delivering goods or services |
Family Cites Families (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4234932A (en) * | 1978-09-05 | 1980-11-18 | Honeywell Information Systems Inc. | Security system for remote cash dispensers |
JPS5936868A (en) * | 1982-08-25 | 1984-02-29 | Omron Tateisi Electronics Co | Electronic cash register |
US4630201A (en) * | 1984-02-14 | 1986-12-16 | International Security Note & Computer Corporation | On-line and off-line transaction security system using a code generated from a transaction parameter and a random number |
DE3433774A1 (en) * | 1984-09-14 | 1986-03-27 | Peter 6451 Ronneburg Friedrich | Cashless operation of automatic machines of any kind, particularly automatic entertainment, gaming, ticket and vending machines, by data carrier (plastic card or the like) |
JPS629470A (en) * | 1985-07-05 | 1987-01-17 | Casio Comput Co Ltd | Identity collation system for individual identification card |
US4870400A (en) * | 1988-01-26 | 1989-09-26 | Yale Security Inc. | Electronic door lock key re-sequencing function |
US5226080A (en) * | 1990-06-22 | 1993-07-06 | Grid Systems Corporation | Method and apparatus for password protection of a computer |
-
1993
- 1993-06-02 FR FR9306589A patent/FR2706058B1/en not_active Expired - Fee Related
-
1994
- 1994-05-24 DE DE69405811T patent/DE69405811T2/en not_active Expired - Fee Related
- 1994-05-24 ES ES94201452T patent/ES2108365T3/en not_active Expired - Lifetime
- 1994-05-24 EP EP94201452A patent/EP0627713B1/en not_active Expired - Lifetime
- 1994-05-31 US US08/251,582 patent/US5434399A/en not_active Expired - Lifetime
- 1994-06-02 JP JP6121371A patent/JPH07173959A/en active Pending
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4512453A (en) * | 1982-09-24 | 1985-04-23 | Umc Industries, Inc. | Vendor accountability system |
NL8204672A (en) * | 1982-12-01 | 1984-07-02 | Nedap Nv | Night-safe for bank - uses electronic detector to accept only cash cassettes which respond with authorisation code |
WO1985001139A1 (en) * | 1983-08-25 | 1985-03-14 | Ncr Corporation | A system having controlled access thereto and a method of operating such a system |
US4730117A (en) * | 1986-10-03 | 1988-03-08 | General Signal Corporation | Cash box identification system |
WO1991001428A1 (en) * | 1989-07-17 | 1991-02-07 | Axyval | System for protecting documents or objects enclosed in a tamper-proof container |
WO1993012510A1 (en) * | 1991-12-17 | 1993-06-24 | Gemplus Card International | Method for intervention on a terminal delivering goods or services |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP1612747A1 (en) * | 2004-07-02 | 2006-01-04 | NCR International, Inc. | A self-service terminal |
CN109448206A (en) * | 2018-12-29 | 2019-03-08 | 合肥美的智能科技有限公司 | Lock body control method, retail units and storage medium |
Also Published As
Publication number | Publication date |
---|---|
FR2706058A1 (en) | 1994-12-09 |
DE69405811T2 (en) | 1998-02-26 |
JPH07173959A (en) | 1995-07-11 |
US5434399A (en) | 1995-07-18 |
EP0627713B1 (en) | 1997-09-24 |
ES2108365T3 (en) | 1997-12-16 |
FR2706058B1 (en) | 1995-08-11 |
DE69405811D1 (en) | 1997-10-30 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP0055986B1 (en) | Security system and apparatus for the three-way communication of confidential data | |
EP0028965B1 (en) | System for the identification of persons requesting access to certain areas | |
CH633379A5 (en) | SECURITY INSTALLATION, PARTICULARLY FOR THE EXECUTION OF BANKING OPERATIONS. | |
CA1289240C (en) | Method to authentify external validation data by means of a portable device such as a memory card | |
CA2171626C (en) | Access control system for restricting access to authorised hours and renewing it using a portable storage medium | |
EP0426541B1 (en) | Method of protection against fraudulent use of a microprocessor card and device for its application | |
EP0671712B1 (en) | Method and device to authenticate a data carrier, intended to approve a transaction or the access to a service or a place; and corresponding data carrier | |
EP0627713B1 (en) | Monitoring and controlling device of the differential access to at least two separate sections provided in an enclosed space | |
EP0617819B1 (en) | Device for intervention on a terminal delivering goods or services | |
FR2979726A1 (en) | Electronic lock for safe utilized for selling e.g. goods, has keyboard actuated by operator, and smart card connected to reader by utilizing modem that is in communication with central server | |
EP1293062B1 (en) | Method for secure biometric authentication/identification, biometric data input module and verification module | |
ES2313872T3 (en) | AUTOMATIC CASHIER AND ASSOCIATED METHOD. | |
WO1995030976A1 (en) | Method for the production of a key common to two devices for implementing a common cryptographic procedure and associated apparatus | |
EP0856624B1 (en) | Safety device for motor vehicle and learning method therefor | |
EP0995172A1 (en) | Personal computer terminal capable of safely communicating with a computer equipment, and authenticating method used by said terminal | |
EP1371025B1 (en) | Device for limiting access to a confined space | |
EP0833281B1 (en) | Access control equipment and access badge for this equipment | |
EP1451783A1 (en) | Method, system and device for authenticating data transmitted and/or received by a user | |
EP1337976A1 (en) | Device for securing access to a content located inside an enclosure | |
EP0935041A1 (en) | Apparatus and method for physical or logical access control | |
FR2651058A1 (en) | SYSTEM AND METHOD FOR CONTROLLING THE COLLECTION OF PREPAID TERMINALS | |
EP0831434A1 (en) | Method for blocking a plurality of services by blacklisting them, and associated blocking server, receiving terminal and portable device | |
WO1998032103A1 (en) | Computer communication for on-site processing of payment issues | |
OA18298A (en) | Machine for automating insurance operations, securing insurance premiums, money transfers and popularization of banking products | |
FR2650094A1 (en) | Device making safe and rationalising payments by cheques and banker's cards |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
AK | Designated contracting states |
Kind code of ref document: A1 Designated state(s): CH DE ES FR GB IT LI |
|
17P | Request for examination filed |
Effective date: 19950413 |
|
17Q | First examination report despatched |
Effective date: 19960109 |
|
GRAG | Despatch of communication of intention to grant |
Free format text: ORIGINAL CODE: EPIDOS AGRA |
|
GRAH | Despatch of communication of intention to grant a patent |
Free format text: ORIGINAL CODE: EPIDOS IGRA |
|
GRAH | Despatch of communication of intention to grant a patent |
Free format text: ORIGINAL CODE: EPIDOS IGRA |
|
GRAA | (expected) grant |
Free format text: ORIGINAL CODE: 0009210 |
|
AK | Designated contracting states |
Kind code of ref document: B1 Designated state(s): CH DE ES FR GB IT LI |
|
REG | Reference to a national code |
Ref country code: CH Ref legal event code: EP |
|
ITF | It: translation for a ep patent filed | ||
REG | Reference to a national code |
Ref country code: CH Ref legal event code: NV Representative=s name: A. BRAUN, BRAUN, HERITIER, ESCHMANN AG PATENTANWAE |
|
REF | Corresponds to: |
Ref document number: 69405811 Country of ref document: DE Date of ref document: 19971030 |
|
GBT | Gb: translation of ep patent filed (gb section 77(6)(a)/1977) |
Effective date: 19971009 |
|
REG | Reference to a national code |
Ref country code: ES Ref legal event code: FG2A Ref document number: 2108365 Country of ref document: ES Kind code of ref document: T3 |
|
PGFP | Annual fee paid to national office [announced via postgrant information from national office to epo] |
Ref country code: FR Payment date: 19980519 Year of fee payment: 5 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: GB Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 19980524 |
|
PLBE | No opposition filed within time limit |
Free format text: ORIGINAL CODE: 0009261 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: NO OPPOSITION FILED WITHIN TIME LIMIT |
|
26N | No opposition filed | ||
GBPC | Gb: european patent ceased through non-payment of renewal fee |
Effective date: 19980524 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: FR Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20000131 |
|
REG | Reference to a national code |
Ref country code: FR Ref legal event code: ST |
|
PGFP | Annual fee paid to national office [announced via postgrant information from national office to epo] |
Ref country code: ES Payment date: 20040518 Year of fee payment: 11 |
|
PGFP | Annual fee paid to national office [announced via postgrant information from national office to epo] |
Ref country code: CH Payment date: 20040527 Year of fee payment: 11 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: IT Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES;WARNING: LAPSES OF ITALIAN PATENTS WITH EFFECTIVE DATE BEFORE 2007 MAY HAVE OCCURRED AT ANY TIME BEFORE 2007. THE CORRECT EFFECTIVE DATE MAY BE DIFFERENT FROM THE ONE RECORDED. Effective date: 20050524 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: ES Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20050525 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: LI Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20050531 Ref country code: CH Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20050531 |
|
REG | Reference to a national code |
Ref country code: CH Ref legal event code: PL |
|
REG | Reference to a national code |
Ref country code: ES Ref legal event code: FD2A Effective date: 20050525 |
|
PGFP | Annual fee paid to national office [announced via postgrant information from national office to epo] |
Ref country code: DE Payment date: 20090512 Year of fee payment: 16 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: DE Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20101201 |