EP0771452A1 - Authentication technique - Google Patents

Authentication technique

Info

Publication number
EP0771452A1
EP0771452A1 EP95924429A EP95924429A EP0771452A1 EP 0771452 A1 EP0771452 A1 EP 0771452A1 EP 95924429 A EP95924429 A EP 95924429A EP 95924429 A EP95924429 A EP 95924429A EP 0771452 A1 EP0771452 A1 EP 0771452A1
Authority
EP
European Patent Office
Prior art keywords
data
storage means
article
card
storing
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP95924429A
Other languages
German (de)
English (en)
French (fr)
Inventor
Michael F. A. Thorn Secure Science Ltd. DEROME
Andrew Laurence Thorn Secure Science Ltd. SMITH
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Thorn Secure Science Ltd
Original Assignee
Thorn Secure Science Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Thorn Secure Science Ltd filed Critical Thorn Secure Science Ltd
Publication of EP0771452A1 publication Critical patent/EP0771452A1/en
Withdrawn legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1016Devices or methods for securing the PIN and other transaction-data, e.g. by encryption
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/086Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means by passive credit-cards adapted therefor, e.g. constructive particularities to avoid counterfeiting, e.g. by inclusion of a physical or chemical security-layer

Definitions

  • This invention relates to a technique for authenticating products, cards, tokens and the like so as to combat illicit copying thereof.
  • valued articles to avoid repetition
  • techniques have been devised based upon the inclusion, on valued articles, of twin sets of data, one set being characteristic of the holder of the valued article or its producer or issuer (as the case may be) and the other set being derived from the first set by some unique route that is difficult to replicate.
  • the valued article is to be authenticated
  • the two sets of data included thereon are read, the derivative set by way of a device which is conscious of the aforementioned unique route, and the two sets of data thus recovered are compared to authenticate the valued article, or at least to show that the person purporting to be the owner or holder of the valued article is not an impostor.
  • This invention aims to further improve upon such techniques by (inter alia) taking advantage of certain special characteristics of recording media available for incorporation in valued articles.
  • an authentication means for an article of value comprising first and second data-storage means being carried by the article, each data-storage means storing data for authenticating or identifying the article and/or a transaction associated with the article, the first data-storage means storing first data as a non-random permanently structured magnetic characteristic which varies from place to place on the first storage means, the second storage means storing data obtained by operation of the secret key of a secret key/public key cryptosystem pair upon data comprising the first data and additional data.
  • Such an authentication means can make copying and counterfeiting more difficult than with a permanently structured magnetic characteristic alone whilst enabling conventional read heads to be employed to read the data in the first storage means.
  • a method of authenticating an article of value comprising: a) storing authentification data in a first storage means carried by the article as a non-random permanently structured magnetic characteristic which varies from place to place on the storage means, b) operating on said authentification data and additional data using the secret key of a secret key/public key cryptosystem pair hereby creating encrypted data, c) storing the encrypted data in a second storage means carried by the article, d) reading the encrypted data from the second storage means, e) operating on the encrypted data with the public key of said cryptosystem pair to give decrypted authentification data and decrypted additional data, and f) comparing the decrypted authentification data with the authentification data stored in the first storage means thereby authenticating the article of value and/or the additional data.
  • Figure 1 shows a credit card which can be authenticated by means of one example of the invention
  • Figure 2-4 illustrates schematically and by way of example the operation of various features of the invention in a typical transaction.
  • Figure 5 shows a block diagram of a method of authentication according to an aspect of the invention.
  • a valued article in this case a credit card, is shown schematically at 1.
  • the credit card 1 comprises conventional printed and/or embossed material 2 including holograms and trade marks or logos characteristic of the card issuing and/or handling company.
  • the magnetic strip 4 is formed with a magnetic watermark in the manner described, for example, in UK patent no. 1331604 whereby a structural variation of a magnetic characteristic from place to place along the strip is indelibly formed into the strip.
  • This information can be read quite readily but the structural variation is exceedingly difficult to replicate in any manner which is not immediately rejected by the technique used to read the relevant information.
  • Tape containing the structural function described above is marketed by THORN Secure Science International Ltd under the trade mark Watermark Magnetism and thus the structural variation aforesaid will be referred to hereinafter as a magnetic watermark.
  • this example of the invention provides that the information recorded indelibly in strip 4, together with further information, is operated on, as described hereinafter, to generate a second piece of information which (hereinafter called a "certificate") is also recorded on the card 1 , but in a conventional "soft magnetic” form; either on the strip 4 itself or on a further strip (not shown).
  • a "certificate" is also recorded on the card 1 , but in a conventional "soft magnetic” form; either on the strip 4 itself or on a further strip (not shown).
  • information can be recorded conventionally on strip 4, superimposed upon the structural variations which have been referred to hereinbefore.
  • there are two or more tracks of the strip 4 which are assigned to conventionally recorded data, and the strip is read by a composite head which contains normal magnetic heads for the conventionally recorded information and one or more special heads for the information recorded by structural variation.
  • the operation upon the information recorded indelibly in strip 4 referred to above comprises, in its most basic form, signature by the secret key of a cryptosystem pair.
  • the signed information is recorded on the card 1 , in this example on one of the tracks of strip 4 read by a conventional head. It can thus be reproduced and, after being operated on by the public key of the cryptosystem pair to "de-sign" it, compared with the information indelibly recorded as described earlier, to confirm that the "de-signed" information contains information which matches that recorded indelibly as the magnetic watermark.
  • the conventionally recorded information need not be recorded on the strip 4. It could, for example, be recorded on a separate magnetic strip on the card, or in a different medium altogether, such as an integrated circuit chip. In this latter event, the chip can be relatively cheap since it is not required to contain high levels of security or complex anti- copying procedures. In essence it operates as a low-level storage medium only.
  • the certificate information which is conventionally recorded, eg., on strip 4 or on a separate strip or in a chip, can usefully comprise a commencement date for the card's utility and also other information, such as the expiry date, credit limit, transaction availability and one or more pieces of information about the card-holder and/or biometric information derived from and characteristic to the holder.
  • the maiden name of the holder's mother might be included, as may basic physiological information such as height, hair colour, eye colour, etc., or a scan of a fingerprint or some other data peculiar to the card holder.
  • basic physiological information such as height, hair colour, eye colour, etc.
  • a scan of a fingerprint or some other data peculiar to the card holder is described in European Patent Application No.91302280.2 (Publication No. 450786). the contents of which are incorporated herein by reference.
  • the invention may, as mentioned previously, be used on a wide variety of value articles, such as (without limitation) sound recordings, spirits, vehicle components, and a wide range of secure documents, such as passports, identity cards, driving licences and the like.
  • the strength of the magnetic watermark and the use of the secret key is all that is required to obtain the significantly improved level of security provided by this invention.
  • the technique ensures that valued articles cannot be used before they have officially been issued, or after they have expired.
  • the reader can be sure that card expiry data and credit limits, for example are genuine. If the off-line reader includes biometric sensing, the reader can also be sure that the registered card holder is present.
  • the credit limit, expiry date and PIN (if present) can be up-dated if required since the central computer can generate a new signed certificate to be written on the card.
  • RSA public key cryptography is used, but alternative procedures can be used if desired.
  • a particular "certificate” ie., signed information including the watermark data
  • the certificate can be stored on a soft magnetic track with no loss of security.
  • Secure operation of an extended system is largely concerned with communication among system components, some of which are more trusted than others.
  • the functionality of several of those data links which are particularly relevant to valued articles, protected as described hereinbefore, will now be described.
  • FIG. 2 A simplified diagram of key usage is shown in Fig. 2. As it is based on RSA public key cryptography, only the public keys are communicated. Each secret key remains in a highly secure location, within the organisation that generated it.
  • the system provider's public key (PPK) is stored witiiin each card reader (CAD), in a memory location which cannot be overwritten. It is used by the CAD to check other data that has been signed by the provider, and is therefore trustworthy.
  • IPK public key
  • PSK system provider's secret key
  • each CAD holds its own unique key (not shown), which distinguishes it from all other CADs, and enables it to communicate unambiguously with the issuer.
  • the issuer To initialise a card, the issuer first collects all the data that the CAD might need to know about the card holder and the card, as shown in Fig. 3 in a block marked DATA. This includes the number recorded as the magnetic watermark, the PAN, expiry date, PIN policy, and so on, and is sufficient for the CAD to decide when an off-line transaction is appropriate.
  • the DATA block when signed by the issuer's secret key (ISK), becomes the secure certificate, which is then copied onto a soft data area on the card.
  • ISK issuer's secret key
  • the CAD reads the certificate from the card, and decrypts the original data.
  • the card is preferably provided with a transaction counter, which resides on the card, and the main purpose of which is to restrict the number of off-line transactions allowed before a new certificate is required.
  • a transaction counter which resides on the card, and the main purpose of which is to restrict the number of off-line transactions allowed before a new certificate is required.
  • the availability of a transaction count allows the issuer to carry out further checks against attempted fraud. Printing the transaction number on each receipt gives the card holder a convenient indication of card usage.
  • Fig. 4 the CAD has read the DATA block from the certificate, as described above. Held within the data block is the issuer's off-line policy, and the maximum off-line transaction count. The CAD also reads the card transaction count (CTC) from the card. It then has enough information to decide whether the transaction can continue off-line or not.
  • CTC card transaction count
  • the CAD increments the CTC on the card, and prints the CTC as part of the card holder's receipt.
  • the increment line to the card has been shown in Fig. 4 as a separate connection, for clarity. In practice, it would be part of a digital interface, whose operation could not readily be blocked. To check that the transaction count has indeed incremented, the CAD re-reads the new transaction count from the card.
  • the issuer For instance, suppose that an issuer's secret key becomes known. The consequent threat is that a fraudster might produce certificates purporting to come from the issuer, and thereby use out-of-date cards for off-line transactions. To recover from this situation, the issuer generates a new key set, and gets the public key signed by the system provider. As each CAD comes on-line, the suspect public key is replaced by the new one. To allow this, the CAD must have a protocol which allows issuer keys to be updated. As the new key is signed by the system provider, it can be accepted by the CAD as genuine.
  • any card using the old public key is given an on-line transaction, which results is its next certificate being signed with the new public key.
  • an updated card when presented to a CAD which was still using the old public key, would result in an on-line transaction during which the CAD would be updated.
  • the procedure for updating the system provider's key is similar, but somewhat more complex, since the system provider is the centre of trust.
  • One option is to store a choice of system provider public keys in each CAD, when the system is initialised. If one key becomes compromised, the system can move over to the next key. This involves re-signing all the issuer's keys, and updating the CADs as and when they come on line. The cards need not be updated. As before, the change is transparent to the user.
  • the article contains a PIN
  • that information may be secured within a relatively inaccessible region of an integrated circuit chip.
  • the card itself can check the PIN when keyed in.
  • an encrypted PIN may be stored within the "certificate" on the article and the CAD can then check the PIN, as is presently done at off ⁇ line ATMs.
  • the integrated circuit chip is replaced by a two dimensional bar code which can be read optically.
  • Block 50 denotes storing authentification data in a first storage means carried by the article as a non-random permanently structured magnetic characteristic which varies from place to place on the storage means.
  • Block 51 denotes operating on said authentification data and additional data using the secret key of a secret key/public key cryptosystem pair hereby creating encrypted data. This will normally be performed by, for example, the card issuing authority in the case of credit or other cards.
  • Block 52 denotes storing the encrypted data in a second storage means carried by the article.
  • Block 53 denotes reading the encrypted data from the second storage means.
  • Block 54 denotes operating on the encrypted data with the public key of said cryptosystem pair to give decrypted authentification data and decrypted additional data. This will normally be performed by, for example, the card reading machine in the field in the case of credit or other cards.
  • Block 55 denotes comparing the decrypted authentification data with the authentification data stored in the first storage means thereby authenticating the article of value and/or the additional data. This will normally also be performed by the card reading system.
  • the data stored in the second storage means may be read magnetically, optically or electronically depending upon the nature of the storage means employed.

Landscapes

  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Credit Cards Or The Like (AREA)
  • Signal Processing For Digital Recording And Reproducing (AREA)
  • Storage Device Security (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
EP95924429A 1994-07-15 1995-07-07 Authentication technique Withdrawn EP0771452A1 (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
GB9414368 1994-07-15
GB9414368A GB9414368D0 (en) 1994-07-15 1994-07-15 Authentication technique
PCT/GB1995/001611 WO1996002901A1 (en) 1994-07-15 1995-07-07 Authentication technique

Publications (1)

Publication Number Publication Date
EP0771452A1 true EP0771452A1 (en) 1997-05-07

Family

ID=10758427

Family Applications (1)

Application Number Title Priority Date Filing Date
EP95924429A Withdrawn EP0771452A1 (en) 1994-07-15 1995-07-07 Authentication technique

Country Status (11)

Country Link
EP (1) EP0771452A1 (ja)
JP (1) JPH10503037A (ja)
KR (1) KR970705106A (ja)
CN (1) CN1152968A (ja)
AU (1) AU682778B2 (ja)
BR (1) BR9508281A (ja)
CA (1) CA2195003A1 (ja)
GB (2) GB9414368D0 (ja)
TW (1) TW278167B (ja)
WO (1) WO1996002901A1 (ja)
ZA (1) ZA955824B (ja)

Families Citing this family (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1998055970A1 (en) * 1997-06-05 1998-12-10 Dix It S.R.L. Method for ascertaining the authenticity of a predetermined product
FR2771196B1 (fr) * 1997-11-19 2001-08-03 Jacques Rivailler Procede pour assurer la tracabilite d'elements successifs d'une serie de transformations et applications de ce procede
FR2815155B1 (fr) * 2000-10-09 2003-06-06 Jacques Rivaillier Principe et procede pour marquer, identifier et securiser les fichiers informatiques, les documents, les sous, les composes chimiques et appareillages de mise en oeuvre
WO2003043000A1 (fr) * 2001-10-10 2003-05-22 Jacques Rivaillier Procede pour marquer, identifier et securiser les fichiers informatiques, les documents, les sons et les composes chimiques
AU2002327238A1 (en) * 2001-12-18 2003-06-30 The Ludlow Company Lp Flexible interconnect cable with ribbonized ends and method of manufacturing
US7137553B2 (en) * 2001-12-31 2006-11-21 Digital Data Research Company Security clearance card, system and method of reading a security clearance card
CN101596820B (zh) * 2008-06-03 2010-08-18 北京中维华盾科技发展有限公司 指纹加密证书及证卡的制作方法
US8742369B2 (en) 2010-11-01 2014-06-03 Honeywell International Inc. Value documents and other articles having taggants that exhibit delayed maximum intensity emissions, and methods and apparatus for their authentication
US20150295919A1 (en) * 2014-04-09 2015-10-15 De Sonneville International Ltd. Self-authenticating card
US9590983B2 (en) 2014-04-09 2017-03-07 Cardex Systems Inc. Self-authenticating chips

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US3927393A (en) * 1973-05-02 1975-12-16 Minnesota Mining & Mfg Magnetic record medium authentication system
US4806740A (en) * 1986-09-19 1989-02-21 Light Signatures, Inc. Magnetic characteristic identification system
US4837426A (en) * 1987-01-16 1989-06-06 Rand, Mcnally & Company Object verification apparatus and method
FR2618002B1 (fr) * 1987-07-10 1991-07-05 Schlumberger Ind Sa Procede et systeme d'authentification de cartes a memoire electronique
FR2657981A1 (fr) * 1990-02-05 1991-08-09 Kodak Pathe Procede de certification d'un support d'informations et support obtenu selon le procede.
EP0583709B1 (en) * 1992-08-17 1999-05-06 THOMSON multimedia Unforgeable identification device, identification device reader and method of identification
US5388158A (en) * 1992-11-20 1995-02-07 Pitney Bowes Inc. Secure document and method and apparatus for producing and authenticating same

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See references of WO9602901A1 *

Also Published As

Publication number Publication date
AU2892995A (en) 1996-02-16
GB9513946D0 (en) 1995-09-06
TW278167B (ja) 1996-06-11
ZA955824B (en) 1996-02-21
AU682778B2 (en) 1997-10-16
WO1996002901A1 (en) 1996-02-01
KR970705106A (ko) 1997-09-06
BR9508281A (pt) 1997-10-28
CN1152968A (zh) 1997-06-25
GB2291522B (en) 1997-04-30
CA2195003A1 (en) 1996-02-01
JPH10503037A (ja) 1998-03-17
GB2291522A (en) 1996-01-24
GB9414368D0 (en) 1994-09-07

Similar Documents

Publication Publication Date Title
US5351302A (en) Method for authenticating objects identified by images or other identifying information
US5694471A (en) Counterfeit-proof identification card
US5786587A (en) Enhancement of chip card security
EP0640946B1 (en) Method and apparatus for verification of classes of documents
US5796835A (en) Method and system for writing information in a data carrier making it possible to later certify the originality of this information
JP5274020B2 (ja) 真贋判別可能なカード
Jurgensen et al. Smart cards: the developer's toolkit
US5336871A (en) Holographic enhancement of card security
US6996543B1 (en) System for protection of goods against counterfeiting
US6615351B1 (en) Method for checking the authenticity of a data medium
EP0683471A1 (en) Enhancement of document security
RU2435218C2 (ru) Карта с возможностью аутентификации
GB2297856A (en) Electronic negotiable documents
AU682778B2 (en) Authentication technique
JP3787027B2 (ja) 認証式セキュリティシステム
JP3117122B2 (ja) 認証式セキュリティシステム
JP3980706B2 (ja) Icカードおよびその認証装置
JPH01173411A (ja) 保護機能付き磁気カード
JP2839954B2 (ja) 情報のオリジナル性を後で証明することを可能にする媒体上に情報を書き込む方法及びシステム
JP4046918B2 (ja) Icカード、icカード読取装置及びicカードシステム
JP2000251050A (ja) Icカード、icカード情報読取装置、icカード情報集中管理装置、icカードの不正記録情報検知方法及びシステム
CA2163749C (en) Method for authenticating objects identified by images or other identifying information
JPH09282433A (ja) セキュリティシステム
KR19990021789A (ko) 위/변조 방지 기능을 갖는 마그네틱 카드 및 그 처리 시스템
JPH10247229A (ja) 磁気カードシステム

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 19970125

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): CH DE DK ES FR GB IT LI NL PT SE

17Q First examination report despatched

Effective date: 19970716

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION HAS BEEN WITHDRAWN

18W Application withdrawn

Withdrawal date: 19980728