EP0771452A1 - Authentication technique - Google Patents
Authentication techniqueInfo
- Publication number
- EP0771452A1 EP0771452A1 EP95924429A EP95924429A EP0771452A1 EP 0771452 A1 EP0771452 A1 EP 0771452A1 EP 95924429 A EP95924429 A EP 95924429A EP 95924429 A EP95924429 A EP 95924429A EP 0771452 A1 EP0771452 A1 EP 0771452A1
- Authority
- EP
- European Patent Office
- Prior art keywords
- data
- storage means
- article
- card
- storing
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
- 238000000034 method Methods 0.000 title claims abstract description 21
- 238000013500 data storage Methods 0.000 claims abstract description 8
- 238000003860 storage Methods 0.000 claims description 31
- 238000012062 charged aerosol detection Methods 0.000 description 3
- 238000001360 collision-induced dissociation Methods 0.000 description 3
- 238000011960 computer-aided design Methods 0.000 description 3
- 238000010586 diagram Methods 0.000 description 3
- 238000010348 incorporation Methods 0.000 description 2
- 238000004519 manufacturing process Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 239000002131 composite material Substances 0.000 description 1
- 230000001010 compromised effect Effects 0.000 description 1
- 238000009826 distribution Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 230000005389 magnetism Effects 0.000 description 1
- 239000000463 material Substances 0.000 description 1
- 235000015096 spirit Nutrition 0.000 description 1
Classifications
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/10—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
- G07F7/1016—Devices or methods for securing the PIN and other transaction-data, e.g. by encryption
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/086—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means by passive credit-cards adapted therefor, e.g. constructive particularities to avoid counterfeiting, e.g. by inclusion of a physical or chemical security-layer
Definitions
- This invention relates to a technique for authenticating products, cards, tokens and the like so as to combat illicit copying thereof.
- valued articles to avoid repetition
- techniques have been devised based upon the inclusion, on valued articles, of twin sets of data, one set being characteristic of the holder of the valued article or its producer or issuer (as the case may be) and the other set being derived from the first set by some unique route that is difficult to replicate.
- the valued article is to be authenticated
- the two sets of data included thereon are read, the derivative set by way of a device which is conscious of the aforementioned unique route, and the two sets of data thus recovered are compared to authenticate the valued article, or at least to show that the person purporting to be the owner or holder of the valued article is not an impostor.
- This invention aims to further improve upon such techniques by (inter alia) taking advantage of certain special characteristics of recording media available for incorporation in valued articles.
- an authentication means for an article of value comprising first and second data-storage means being carried by the article, each data-storage means storing data for authenticating or identifying the article and/or a transaction associated with the article, the first data-storage means storing first data as a non-random permanently structured magnetic characteristic which varies from place to place on the first storage means, the second storage means storing data obtained by operation of the secret key of a secret key/public key cryptosystem pair upon data comprising the first data and additional data.
- Such an authentication means can make copying and counterfeiting more difficult than with a permanently structured magnetic characteristic alone whilst enabling conventional read heads to be employed to read the data in the first storage means.
- a method of authenticating an article of value comprising: a) storing authentification data in a first storage means carried by the article as a non-random permanently structured magnetic characteristic which varies from place to place on the storage means, b) operating on said authentification data and additional data using the secret key of a secret key/public key cryptosystem pair hereby creating encrypted data, c) storing the encrypted data in a second storage means carried by the article, d) reading the encrypted data from the second storage means, e) operating on the encrypted data with the public key of said cryptosystem pair to give decrypted authentification data and decrypted additional data, and f) comparing the decrypted authentification data with the authentification data stored in the first storage means thereby authenticating the article of value and/or the additional data.
- Figure 1 shows a credit card which can be authenticated by means of one example of the invention
- Figure 2-4 illustrates schematically and by way of example the operation of various features of the invention in a typical transaction.
- Figure 5 shows a block diagram of a method of authentication according to an aspect of the invention.
- a valued article in this case a credit card, is shown schematically at 1.
- the credit card 1 comprises conventional printed and/or embossed material 2 including holograms and trade marks or logos characteristic of the card issuing and/or handling company.
- the magnetic strip 4 is formed with a magnetic watermark in the manner described, for example, in UK patent no. 1331604 whereby a structural variation of a magnetic characteristic from place to place along the strip is indelibly formed into the strip.
- This information can be read quite readily but the structural variation is exceedingly difficult to replicate in any manner which is not immediately rejected by the technique used to read the relevant information.
- Tape containing the structural function described above is marketed by THORN Secure Science International Ltd under the trade mark Watermark Magnetism and thus the structural variation aforesaid will be referred to hereinafter as a magnetic watermark.
- this example of the invention provides that the information recorded indelibly in strip 4, together with further information, is operated on, as described hereinafter, to generate a second piece of information which (hereinafter called a "certificate") is also recorded on the card 1 , but in a conventional "soft magnetic” form; either on the strip 4 itself or on a further strip (not shown).
- a "certificate" is also recorded on the card 1 , but in a conventional "soft magnetic” form; either on the strip 4 itself or on a further strip (not shown).
- information can be recorded conventionally on strip 4, superimposed upon the structural variations which have been referred to hereinbefore.
- there are two or more tracks of the strip 4 which are assigned to conventionally recorded data, and the strip is read by a composite head which contains normal magnetic heads for the conventionally recorded information and one or more special heads for the information recorded by structural variation.
- the operation upon the information recorded indelibly in strip 4 referred to above comprises, in its most basic form, signature by the secret key of a cryptosystem pair.
- the signed information is recorded on the card 1 , in this example on one of the tracks of strip 4 read by a conventional head. It can thus be reproduced and, after being operated on by the public key of the cryptosystem pair to "de-sign" it, compared with the information indelibly recorded as described earlier, to confirm that the "de-signed" information contains information which matches that recorded indelibly as the magnetic watermark.
- the conventionally recorded information need not be recorded on the strip 4. It could, for example, be recorded on a separate magnetic strip on the card, or in a different medium altogether, such as an integrated circuit chip. In this latter event, the chip can be relatively cheap since it is not required to contain high levels of security or complex anti- copying procedures. In essence it operates as a low-level storage medium only.
- the certificate information which is conventionally recorded, eg., on strip 4 or on a separate strip or in a chip, can usefully comprise a commencement date for the card's utility and also other information, such as the expiry date, credit limit, transaction availability and one or more pieces of information about the card-holder and/or biometric information derived from and characteristic to the holder.
- the maiden name of the holder's mother might be included, as may basic physiological information such as height, hair colour, eye colour, etc., or a scan of a fingerprint or some other data peculiar to the card holder.
- basic physiological information such as height, hair colour, eye colour, etc.
- a scan of a fingerprint or some other data peculiar to the card holder is described in European Patent Application No.91302280.2 (Publication No. 450786). the contents of which are incorporated herein by reference.
- the invention may, as mentioned previously, be used on a wide variety of value articles, such as (without limitation) sound recordings, spirits, vehicle components, and a wide range of secure documents, such as passports, identity cards, driving licences and the like.
- the strength of the magnetic watermark and the use of the secret key is all that is required to obtain the significantly improved level of security provided by this invention.
- the technique ensures that valued articles cannot be used before they have officially been issued, or after they have expired.
- the reader can be sure that card expiry data and credit limits, for example are genuine. If the off-line reader includes biometric sensing, the reader can also be sure that the registered card holder is present.
- the credit limit, expiry date and PIN (if present) can be up-dated if required since the central computer can generate a new signed certificate to be written on the card.
- RSA public key cryptography is used, but alternative procedures can be used if desired.
- a particular "certificate” ie., signed information including the watermark data
- the certificate can be stored on a soft magnetic track with no loss of security.
- Secure operation of an extended system is largely concerned with communication among system components, some of which are more trusted than others.
- the functionality of several of those data links which are particularly relevant to valued articles, protected as described hereinbefore, will now be described.
- FIG. 2 A simplified diagram of key usage is shown in Fig. 2. As it is based on RSA public key cryptography, only the public keys are communicated. Each secret key remains in a highly secure location, within the organisation that generated it.
- the system provider's public key (PPK) is stored witiiin each card reader (CAD), in a memory location which cannot be overwritten. It is used by the CAD to check other data that has been signed by the provider, and is therefore trustworthy.
- IPK public key
- PSK system provider's secret key
- each CAD holds its own unique key (not shown), which distinguishes it from all other CADs, and enables it to communicate unambiguously with the issuer.
- the issuer To initialise a card, the issuer first collects all the data that the CAD might need to know about the card holder and the card, as shown in Fig. 3 in a block marked DATA. This includes the number recorded as the magnetic watermark, the PAN, expiry date, PIN policy, and so on, and is sufficient for the CAD to decide when an off-line transaction is appropriate.
- the DATA block when signed by the issuer's secret key (ISK), becomes the secure certificate, which is then copied onto a soft data area on the card.
- ISK issuer's secret key
- the CAD reads the certificate from the card, and decrypts the original data.
- the card is preferably provided with a transaction counter, which resides on the card, and the main purpose of which is to restrict the number of off-line transactions allowed before a new certificate is required.
- a transaction counter which resides on the card, and the main purpose of which is to restrict the number of off-line transactions allowed before a new certificate is required.
- the availability of a transaction count allows the issuer to carry out further checks against attempted fraud. Printing the transaction number on each receipt gives the card holder a convenient indication of card usage.
- Fig. 4 the CAD has read the DATA block from the certificate, as described above. Held within the data block is the issuer's off-line policy, and the maximum off-line transaction count. The CAD also reads the card transaction count (CTC) from the card. It then has enough information to decide whether the transaction can continue off-line or not.
- CTC card transaction count
- the CAD increments the CTC on the card, and prints the CTC as part of the card holder's receipt.
- the increment line to the card has been shown in Fig. 4 as a separate connection, for clarity. In practice, it would be part of a digital interface, whose operation could not readily be blocked. To check that the transaction count has indeed incremented, the CAD re-reads the new transaction count from the card.
- the issuer For instance, suppose that an issuer's secret key becomes known. The consequent threat is that a fraudster might produce certificates purporting to come from the issuer, and thereby use out-of-date cards for off-line transactions. To recover from this situation, the issuer generates a new key set, and gets the public key signed by the system provider. As each CAD comes on-line, the suspect public key is replaced by the new one. To allow this, the CAD must have a protocol which allows issuer keys to be updated. As the new key is signed by the system provider, it can be accepted by the CAD as genuine.
- any card using the old public key is given an on-line transaction, which results is its next certificate being signed with the new public key.
- an updated card when presented to a CAD which was still using the old public key, would result in an on-line transaction during which the CAD would be updated.
- the procedure for updating the system provider's key is similar, but somewhat more complex, since the system provider is the centre of trust.
- One option is to store a choice of system provider public keys in each CAD, when the system is initialised. If one key becomes compromised, the system can move over to the next key. This involves re-signing all the issuer's keys, and updating the CADs as and when they come on line. The cards need not be updated. As before, the change is transparent to the user.
- the article contains a PIN
- that information may be secured within a relatively inaccessible region of an integrated circuit chip.
- the card itself can check the PIN when keyed in.
- an encrypted PIN may be stored within the "certificate" on the article and the CAD can then check the PIN, as is presently done at off ⁇ line ATMs.
- the integrated circuit chip is replaced by a two dimensional bar code which can be read optically.
- Block 50 denotes storing authentification data in a first storage means carried by the article as a non-random permanently structured magnetic characteristic which varies from place to place on the storage means.
- Block 51 denotes operating on said authentification data and additional data using the secret key of a secret key/public key cryptosystem pair hereby creating encrypted data. This will normally be performed by, for example, the card issuing authority in the case of credit or other cards.
- Block 52 denotes storing the encrypted data in a second storage means carried by the article.
- Block 53 denotes reading the encrypted data from the second storage means.
- Block 54 denotes operating on the encrypted data with the public key of said cryptosystem pair to give decrypted authentification data and decrypted additional data. This will normally be performed by, for example, the card reading machine in the field in the case of credit or other cards.
- Block 55 denotes comparing the decrypted authentification data with the authentification data stored in the first storage means thereby authenticating the article of value and/or the additional data. This will normally also be performed by the card reading system.
- the data stored in the second storage means may be read magnetically, optically or electronically depending upon the nature of the storage means employed.
Landscapes
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Credit Cards Or The Like (AREA)
- Signal Processing For Digital Recording And Reproducing (AREA)
- Storage Device Security (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
GB9414368 | 1994-07-15 | ||
GB9414368A GB9414368D0 (en) | 1994-07-15 | 1994-07-15 | Authentication technique |
PCT/GB1995/001611 WO1996002901A1 (en) | 1994-07-15 | 1995-07-07 | Authentication technique |
Publications (1)
Publication Number | Publication Date |
---|---|
EP0771452A1 true EP0771452A1 (en) | 1997-05-07 |
Family
ID=10758427
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP95924429A Withdrawn EP0771452A1 (en) | 1994-07-15 | 1995-07-07 | Authentication technique |
Country Status (11)
Country | Link |
---|---|
EP (1) | EP0771452A1 (ja) |
JP (1) | JPH10503037A (ja) |
KR (1) | KR970705106A (ja) |
CN (1) | CN1152968A (ja) |
AU (1) | AU682778B2 (ja) |
BR (1) | BR9508281A (ja) |
CA (1) | CA2195003A1 (ja) |
GB (2) | GB9414368D0 (ja) |
TW (1) | TW278167B (ja) |
WO (1) | WO1996002901A1 (ja) |
ZA (1) | ZA955824B (ja) |
Families Citing this family (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO1998055970A1 (en) * | 1997-06-05 | 1998-12-10 | Dix It S.R.L. | Method for ascertaining the authenticity of a predetermined product |
FR2771196B1 (fr) * | 1997-11-19 | 2001-08-03 | Jacques Rivailler | Procede pour assurer la tracabilite d'elements successifs d'une serie de transformations et applications de ce procede |
FR2815155B1 (fr) * | 2000-10-09 | 2003-06-06 | Jacques Rivaillier | Principe et procede pour marquer, identifier et securiser les fichiers informatiques, les documents, les sous, les composes chimiques et appareillages de mise en oeuvre |
WO2003043000A1 (fr) * | 2001-10-10 | 2003-05-22 | Jacques Rivaillier | Procede pour marquer, identifier et securiser les fichiers informatiques, les documents, les sons et les composes chimiques |
AU2002327238A1 (en) * | 2001-12-18 | 2003-06-30 | The Ludlow Company Lp | Flexible interconnect cable with ribbonized ends and method of manufacturing |
US7137553B2 (en) * | 2001-12-31 | 2006-11-21 | Digital Data Research Company | Security clearance card, system and method of reading a security clearance card |
CN101596820B (zh) * | 2008-06-03 | 2010-08-18 | 北京中维华盾科技发展有限公司 | 指纹加密证书及证卡的制作方法 |
US8742369B2 (en) | 2010-11-01 | 2014-06-03 | Honeywell International Inc. | Value documents and other articles having taggants that exhibit delayed maximum intensity emissions, and methods and apparatus for their authentication |
US20150295919A1 (en) * | 2014-04-09 | 2015-10-15 | De Sonneville International Ltd. | Self-authenticating card |
US9590983B2 (en) | 2014-04-09 | 2017-03-07 | Cardex Systems Inc. | Self-authenticating chips |
Family Cites Families (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US3927393A (en) * | 1973-05-02 | 1975-12-16 | Minnesota Mining & Mfg | Magnetic record medium authentication system |
US4806740A (en) * | 1986-09-19 | 1989-02-21 | Light Signatures, Inc. | Magnetic characteristic identification system |
US4837426A (en) * | 1987-01-16 | 1989-06-06 | Rand, Mcnally & Company | Object verification apparatus and method |
FR2618002B1 (fr) * | 1987-07-10 | 1991-07-05 | Schlumberger Ind Sa | Procede et systeme d'authentification de cartes a memoire electronique |
FR2657981A1 (fr) * | 1990-02-05 | 1991-08-09 | Kodak Pathe | Procede de certification d'un support d'informations et support obtenu selon le procede. |
EP0583709B1 (en) * | 1992-08-17 | 1999-05-06 | THOMSON multimedia | Unforgeable identification device, identification device reader and method of identification |
US5388158A (en) * | 1992-11-20 | 1995-02-07 | Pitney Bowes Inc. | Secure document and method and apparatus for producing and authenticating same |
-
1994
- 1994-07-15 GB GB9414368A patent/GB9414368D0/en active Pending
-
1995
- 1995-07-07 AU AU28929/95A patent/AU682778B2/en not_active Ceased
- 1995-07-07 EP EP95924429A patent/EP0771452A1/en not_active Withdrawn
- 1995-07-07 CN CN95194137A patent/CN1152968A/zh active Pending
- 1995-07-07 KR KR1019970700256A patent/KR970705106A/ko not_active Application Discontinuation
- 1995-07-07 CA CA002195003A patent/CA2195003A1/en not_active Abandoned
- 1995-07-07 GB GB9513946A patent/GB2291522B/en not_active Expired - Fee Related
- 1995-07-07 WO PCT/GB1995/001611 patent/WO1996002901A1/en not_active Application Discontinuation
- 1995-07-07 BR BR9508281A patent/BR9508281A/pt unknown
- 1995-07-07 JP JP8504786A patent/JPH10503037A/ja active Pending
- 1995-07-13 ZA ZA955824A patent/ZA955824B/xx unknown
- 1995-08-03 TW TW084108104A patent/TW278167B/zh active
Non-Patent Citations (1)
Title |
---|
See references of WO9602901A1 * |
Also Published As
Publication number | Publication date |
---|---|
AU2892995A (en) | 1996-02-16 |
GB9513946D0 (en) | 1995-09-06 |
TW278167B (ja) | 1996-06-11 |
ZA955824B (en) | 1996-02-21 |
AU682778B2 (en) | 1997-10-16 |
WO1996002901A1 (en) | 1996-02-01 |
KR970705106A (ko) | 1997-09-06 |
BR9508281A (pt) | 1997-10-28 |
CN1152968A (zh) | 1997-06-25 |
GB2291522B (en) | 1997-04-30 |
CA2195003A1 (en) | 1996-02-01 |
JPH10503037A (ja) | 1998-03-17 |
GB2291522A (en) | 1996-01-24 |
GB9414368D0 (en) | 1994-09-07 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US5351302A (en) | Method for authenticating objects identified by images or other identifying information | |
US5694471A (en) | Counterfeit-proof identification card | |
US5786587A (en) | Enhancement of chip card security | |
EP0640946B1 (en) | Method and apparatus for verification of classes of documents | |
US5796835A (en) | Method and system for writing information in a data carrier making it possible to later certify the originality of this information | |
JP5274020B2 (ja) | 真贋判別可能なカード | |
Jurgensen et al. | Smart cards: the developer's toolkit | |
US5336871A (en) | Holographic enhancement of card security | |
US6996543B1 (en) | System for protection of goods against counterfeiting | |
US6615351B1 (en) | Method for checking the authenticity of a data medium | |
EP0683471A1 (en) | Enhancement of document security | |
RU2435218C2 (ru) | Карта с возможностью аутентификации | |
GB2297856A (en) | Electronic negotiable documents | |
AU682778B2 (en) | Authentication technique | |
JP3787027B2 (ja) | 認証式セキュリティシステム | |
JP3117122B2 (ja) | 認証式セキュリティシステム | |
JP3980706B2 (ja) | Icカードおよびその認証装置 | |
JPH01173411A (ja) | 保護機能付き磁気カード | |
JP2839954B2 (ja) | 情報のオリジナル性を後で証明することを可能にする媒体上に情報を書き込む方法及びシステム | |
JP4046918B2 (ja) | Icカード、icカード読取装置及びicカードシステム | |
JP2000251050A (ja) | Icカード、icカード情報読取装置、icカード情報集中管理装置、icカードの不正記録情報検知方法及びシステム | |
CA2163749C (en) | Method for authenticating objects identified by images or other identifying information | |
JPH09282433A (ja) | セキュリティシステム | |
KR19990021789A (ko) | 위/변조 방지 기능을 갖는 마그네틱 카드 및 그 처리 시스템 | |
JPH10247229A (ja) | 磁気カードシステム |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
17P | Request for examination filed |
Effective date: 19970125 |
|
AK | Designated contracting states |
Kind code of ref document: A1 Designated state(s): CH DE DK ES FR GB IT LI NL PT SE |
|
17Q | First examination report despatched |
Effective date: 19970716 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: THE APPLICATION HAS BEEN WITHDRAWN |
|
18W | Application withdrawn |
Withdrawal date: 19980728 |