EP0772164B1 - Vorrichtung und Verfahren zur geschützten Datenübermittlung - Google Patents

Vorrichtung und Verfahren zur geschützten Datenübermittlung Download PDF

Info

Publication number
EP0772164B1
EP0772164B1 EP96116885A EP96116885A EP0772164B1 EP 0772164 B1 EP0772164 B1 EP 0772164B1 EP 96116885 A EP96116885 A EP 96116885A EP 96116885 A EP96116885 A EP 96116885A EP 0772164 B1 EP0772164 B1 EP 0772164B1
Authority
EP
European Patent Office
Prior art keywords
numerical value
pin
generator
card
account number
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Revoked
Application number
EP96116885A
Other languages
German (de)
English (en)
French (fr)
Other versions
EP0772164A2 (de
EP0772164A3 (de
Inventor
Frank Culjak
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Publication of EP0772164A2 publication Critical patent/EP0772164A2/de
Publication of EP0772164A3 publication Critical patent/EP0772164A3/de
Application granted granted Critical
Publication of EP0772164B1 publication Critical patent/EP0772164B1/de
Anticipated expiration legal-status Critical
Revoked legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data

Definitions

  • the invention relates to a device and a method for protected Data transmission, in particular for protected data transmission of individual PIN values for payment cards.
  • PIN personal identification number
  • PIN The PIN of most major credit cards is used in computer systems Random numbers generated and assigned to the credit cards to be produced.
  • the PIN is usually sent to the cardholder using a so-called PIN letter.
  • a PIN letter consists of a firmly glued one Envelope on which the card number of the associated credit card, as well (sometimes) the address of the cardholder is printed.
  • Inside the PIN letter is a single sheet on which the PIN is printed
  • the PIN letter is physically designed so that unauthorized reading of the PIN Value without visible damage to the PIN letter is impossible.
  • printing (Personalize) the PIN letter is through a special printing process ensures that even during the printing process never on the PIN letter production of employees involved Get to know the PIN values can.
  • a method for personalizing chip cards is known from DE 39 27 270 A1, at all data and numbers are stored in a register in a secure area be a pseudo-identity instead of the actual identity of the cardholder is used, which is subsequently replaced by the actual identity of the user can be.
  • the object of the present invention is therefore to provide a method which enables a cardholder or an account holder to determine PIN values themselves, without any security risk in the transmission of the PIN values. It is further object of the present invention, a corresponding device for performing to provide such a method. This task is accomplished through a process according to claim 1 and by an apparatus for performing such a method solved according to claim 11. Claims 2 to 10 relate to particularly advantageous ones Embodiments of the method according to the invention.
  • the invention is based on the basic idea that knowledge the result of a mathematical operation between a PIN value and a second secret operand is worthless if the value of the second Operand is unknown.
  • the card issuer generates for each card applicant - or for each card number to be issued - a secret numerical value (operands).
  • the generation can by encrypting the card number with an internal key (known only to the card issuer's IT system) or as a random number.
  • the result of the encryption is then converted into a decimal number converted.
  • the decimal number serves as a secret operand.
  • the secret operand is sent to the card applicant by means of a (accordingly modified) "PIN letter" communicated.
  • the card applicant then carries along a predetermined PIN value and the secret operand communicated - Mathematical operation (e.g. addition) that is as easy to choose as possible and writes the result on a form that he provides with the sender and return the card number to the card issuer.
  • Mathematical operation e.g. addition
  • the result is transmitted together with the card number entered into a computer system.
  • This computer system calculates the value of the secret operand by matching it with the card number the same procedure as for the first generation of the secret operand performs.
  • the result returned by the card applicant becomes the mathematical one Reverse function (e.g. subtraction) carried out, whereby the desired PIN value of the card applicant is received.
  • This value then becomes the one to be produced Card assigned as a PIN value. From this moment on the normal Reinstall the process for personalizing payment cards.
  • the random number can be obtained, for example, from the computer system of the card issuer is generated.
  • the operand generated in this way is stored together with the card number in a database.
  • the result sent back is then sent to the secret operand by means of an IT system mapped through the database, using the card number as the mapping index serves.
  • the advantage of this invention is maximum security against unauthorized persons Recognize the PIN value because the PIN value is in plain text during of the entire process is never visible.
  • the invention is also suitable for defining individual PIN values for Telephone banking accounts. All that is required is the account number instead of the Card number can be used.

Landscapes

  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Small-Scale Networks (AREA)
  • Credit Cards Or The Like (AREA)
EP96116885A 1995-11-03 1996-10-21 Vorrichtung und Verfahren zur geschützten Datenübermittlung Revoked EP0772164B1 (de)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
DE19541081 1995-11-03
DE19541081A DE19541081C2 (de) 1995-11-03 1995-11-03 Vorrichtung zur geschützten Datenübermittlung

Publications (3)

Publication Number Publication Date
EP0772164A2 EP0772164A2 (de) 1997-05-07
EP0772164A3 EP0772164A3 (de) 1999-11-17
EP0772164B1 true EP0772164B1 (de) 2003-08-06

Family

ID=7776588

Family Applications (1)

Application Number Title Priority Date Filing Date
EP96116885A Revoked EP0772164B1 (de) 1995-11-03 1996-10-21 Vorrichtung und Verfahren zur geschützten Datenübermittlung

Country Status (4)

Country Link
EP (1) EP0772164B1 (es)
AT (1) ATE246829T1 (es)
DE (2) DE19541081C2 (es)
ES (1) ES2204984T3 (es)

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR2767406B1 (fr) * 1997-08-13 1999-10-22 France Telecom Procede pour etablir une carte ou un moyen d'identification personnelle a code confidentiel
NL1008287C2 (nl) * 1998-02-12 1999-08-13 Rdc Datacentrum B V Systeem voor het distribueren van PIN-codes.
WO2001038950A2 (en) 1999-11-22 2001-05-31 Ascom Hasler Mailing Systems, Inc. Generation and management of customer pin's
FR2922395B1 (fr) * 2007-10-12 2010-02-26 Ingenico Sa Procede de transmission d'un code confidentiel, terminal lecteur de cartes, serveur de gestion et produits programme d'ordinateur correspondants
EP2461297B1 (en) * 2008-11-12 2020-10-07 Idemia Denmark A/S Personal identification number distribution device and method
EP2704071A1 (en) * 2012-08-31 2014-03-05 Gemalto SA System and method for secure customization of a personal token during a personalization step

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPS5329542B2 (es) * 1974-07-08 1978-08-22
US4616852A (en) * 1984-11-26 1986-10-14 The Talman Home Federal Savings And Loan Association Of Illinois Money debit card application form and method of processing same
JPS6356785A (ja) * 1986-08-28 1988-03-11 Toshiba Corp 携帯可能記憶媒体処理装置
US4947027A (en) * 1988-02-02 1990-08-07 Golightly Cecelia K System for identifying authorized use of credit cards
DE3927270C2 (de) * 1989-08-18 1996-07-11 Deutsche Telekom Ag Verfahren zum Personalisieren von Chipkarten
US5477038A (en) * 1993-10-25 1995-12-19 Visa International Method and apparatus for distributing currency

Also Published As

Publication number Publication date
DE19541081C2 (de) 1998-04-09
DE59610645D1 (de) 2003-09-11
ES2204984T3 (es) 2004-05-01
ATE246829T1 (de) 2003-08-15
EP0772164A2 (de) 1997-05-07
EP0772164A3 (de) 1999-11-17
DE19541081A1 (de) 1997-05-07

Similar Documents

Publication Publication Date Title
DE69900169T3 (de) Kreditkartensystem und verfahren
DE3044463C2 (es)
DE2645564C2 (de) Automatischer Geldausgeber
DE3103514C2 (de) Verfahren und Vorrichtung zum Sichern von Transaktionen
DE2760486C2 (es)
EP0976113B1 (de) Verfahren zur erzeugung eines guthabens mittels eines vorausbezahlten wertgutscheins
DE69738266T2 (de) Verfahren und Mittel zum Begrenzen des Missbrauches von gefälschten Kreditkarten, Zugangskarten, elektronischen Konten oder dergleichen
DE3886623T2 (de) Transaktionssystem mit einer oder mehreren zentralen Schnittstellen und mit einer Anzahl von verteilten Endstationen, welche an jede zentrale Schnittstelle über ein Netzwerk gekoppelt werden können; Concentrator und Endstation, geeignet für den Gebrauch in solch einem Transaktionssystem und Bedieneridentifizierungselement für den Gebrauch in einer solchen Endstation.
DD282308A5 (de) Schaltungsanordnung mit einer zumindest einen teil der anordnung enthaltenden karte fuer geschaefts-, indentifizierungs- und/oder betaetigungszwecke
DE19956359A1 (de) Kartenbuchung mittels einer virtuellen Eintrittskarte
DE2901521A1 (de) Persoenliches identifizierungssystem
DE19739488A1 (de) Verfahren zur Durchführung sicherer Finanztransaktionen, indem Faxübertragungen verwendet werden
EP0772164B1 (de) Vorrichtung und Verfahren zur geschützten Datenübermittlung
DE3300850A1 (de) System zum taetigen von geschaeftsabschluessen
EP1971108B1 (de) Identifikation eines Benutzers eines Mobilterminals und Generierung einer Aktionsberechtigung
DE69014269T2 (de) Kreditversorgungssystem.
WO2010020430A1 (de) Rücknehmen und zerstören von datenträgern
EP0950999B1 (de) Datenerfassungsvorrichtung und Verfahren zum Betreiben der Vorrichtung
DE102004039365A1 (de) Datenträger zur kontaktlosen Übertragung von verschlüsselten Datensignalen
DE2706154C2 (de) Zugangskontrollvorrichtung mit einem zentralen Computer und wenigstens einem vom Computer entfernt angeordneten Terminal
EP1276081A2 (de) Ticket-System
DE4027735A1 (de) Verfahren und vorrichtung zur gesicherten datenfernuebermittlung
DE60005521T2 (de) Gesichertes zahlungssystem zur auswahl eines beliebigen betrages
DE4441413A1 (de) Datenaustauschgerät
EP2281259B1 (de) Änderbare pin für hardwaretoken

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

AK Designated contracting states

Kind code of ref document: A2

Designated state(s): AT BE CH DE ES FR GB GR IT LI NL SE

PUAL Search report despatched

Free format text: ORIGINAL CODE: 0009013

AK Designated contracting states

Kind code of ref document: A3

Designated state(s): AT BE CH DE ES FR GB GR IT LI NL SE

17P Request for examination filed

Effective date: 20000310

17Q First examination report despatched

Effective date: 20011017

GRAH Despatch of communication of intention to grant a patent

Free format text: ORIGINAL CODE: EPIDOS IGRA

GRAH Despatch of communication of intention to grant a patent

Free format text: ORIGINAL CODE: EPIDOS IGRA

GRAA (expected) grant

Free format text: ORIGINAL CODE: 0009210

AK Designated contracting states

Designated state(s): AT BE CH DE ES FR GB GR IT LI NL SE

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: NL

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20030806

REG Reference to a national code

Ref country code: GB

Ref legal event code: FG4D

Free format text: NOT ENGLISH

REG Reference to a national code

Ref country code: CH

Ref legal event code: EP

GBT Gb: translation of ep patent filed (gb section 77(6)(a)/1977)

Effective date: 20030806

REF Corresponds to:

Ref document number: 59610645

Country of ref document: DE

Date of ref document: 20030911

Kind code of ref document: P

REG Reference to a national code

Ref country code: CH

Ref legal event code: NV

Representative=s name: N&G PATENT SERVICES SA

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: BE

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20031031

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: SE

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20031106

Ref country code: GR

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20031106

NLV1 Nl: lapsed or annulled due to failure to fulfill the requirements of art. 29p and 29m of the patents act
ET Fr: translation filed
BERE Be: lapsed

Owner name: *CULJAK FRANK

Effective date: 20031031

REG Reference to a national code

Ref country code: ES

Ref legal event code: FG2A

Ref document number: 2204984

Country of ref document: ES

Kind code of ref document: T3

PLBE No opposition filed within time limit

Free format text: ORIGINAL CODE: 0009261

26N No opposition filed

Effective date: 20040507

REG Reference to a national code

Ref country code: DE

Ref legal event code: 8364

Ref document number: 59610645

Country of ref document: DE

REG Reference to a national code

Ref country code: CH

Ref legal event code: PCAR

Free format text: NOVAGRAAF INTERNATIONAL SA;25, AVENUE DU PAILLY;1220 LES AVANCHETS (CH)

REG Reference to a national code

Ref country code: CH

Ref legal event code: PFA

Owner name: CULJAK, FRANK

Free format text: CULJAK, FRANK#MUENSTERPLATZ 39#89073 ULM (DE) -TRANSFER TO- CULJAK, FRANK#MUENSTERPLATZ 39#89073 ULM (DE)

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: IT

Payment date: 20120315

Year of fee payment: 16

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: GB

Payment date: 20130306

Year of fee payment: 17

Ref country code: CH

Payment date: 20130312

Year of fee payment: 17

Ref country code: FR

Payment date: 20130325

Year of fee payment: 17

Ref country code: DE

Payment date: 20130304

Year of fee payment: 17

Ref country code: ES

Payment date: 20130315

Year of fee payment: 17

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: AT

Payment date: 20130312

Year of fee payment: 17

REG Reference to a national code

Ref country code: DE

Ref legal event code: R084

Ref document number: 59610645

Country of ref document: DE

REG Reference to a national code

Ref country code: DE

Ref legal event code: R084

Ref document number: 59610645

Country of ref document: DE

Effective date: 20130628

REG Reference to a national code

Ref country code: AT

Ref legal event code: MA04

Ref document number: 246829

Country of ref document: AT

Kind code of ref document: T

Effective date: 20130920

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: AT

Free format text: THE PATENT HAS BEEN ANNULLED BY A DECISION OF A NATIONAL AUTHORITY

Effective date: 20130920

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: ES

Free format text: LAPSE BECAUSE OF THE APPLICANT RENOUNCES

Effective date: 20131119

REG Reference to a national code

Ref country code: DE

Ref legal event code: R231

Ref document number: 59610645

Country of ref document: DE

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: DE

Free format text: LAPSE BECAUSE OF THE APPLICANT RENOUNCES

Effective date: 20140310

REG Reference to a national code

Ref country code: CH

Ref legal event code: PL

GBPC Gb: european patent ceased through non-payment of renewal fee

Effective date: 20131021

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: LI

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20131031

Ref country code: GB

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20131021

Ref country code: CH

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20131031

REG Reference to a national code

Ref country code: FR

Ref legal event code: ST

Effective date: 20140630

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: FR

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20131031

Ref country code: IT

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20131021

REG Reference to a national code

Ref country code: DE

Ref legal event code: R057

Ref document number: 59610645

Country of ref document: DE

REG Reference to a national code

Ref country code: DE

Ref legal event code: R061

Ref document number: 59610645

Country of ref document: DE

PLBR Kind of request for revocation recorded

Free format text: ORIGINAL CODE: EPIDOSNRVR2

PLBT Request for revocation filed by patent holder

Free format text: ORIGINAL CODE: EPIDOSNRVR1

PLDH Decision on request for revocation

Free format text: ORIGINAL CODE: EPIDOSNRVR3

RDAA Patent revoked on request of proprietor

Free format text: ORIGINAL CODE: 0009220

PLBU Request for revocation filed by patent holder

Free format text: ORIGINAL CODE: EPIDOSNRVR6

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: PATENT REVOKED BY PROPRIETOR

REG Reference to a national code

Ref country code: DE

Ref legal event code: R103

Ref document number: 59610645

Country of ref document: DE

Ref country code: DE

Ref legal event code: R064

Ref document number: 59610645

Country of ref document: DE

RVAA Request for revocation filed after opposition period found admissible

Filing date: 20180320

RIC2 Information provided on ipc code assigned after grant

Ipc: G07F 7/10 20060101AFI19970228BHEP

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: ES

Free format text: LAPSE BECAUSE OF THE APPLICANT RENOUNCES

Effective date: 20131022

REG Reference to a national code

Ref country code: DE

Ref legal event code: R060

Effective date: 20180726