EP0772164B1 - Vorrichtung und Verfahren zur geschützten Datenübermittlung - Google Patents
Vorrichtung und Verfahren zur geschützten Datenübermittlung Download PDFInfo
- Publication number
- EP0772164B1 EP0772164B1 EP96116885A EP96116885A EP0772164B1 EP 0772164 B1 EP0772164 B1 EP 0772164B1 EP 96116885 A EP96116885 A EP 96116885A EP 96116885 A EP96116885 A EP 96116885A EP 0772164 B1 EP0772164 B1 EP 0772164B1
- Authority
- EP
- European Patent Office
- Prior art keywords
- numerical value
- pin
- generator
- card
- account number
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Revoked
Links
- 238000000034 method Methods 0.000 title claims description 32
- 230000005540 biological transmission Effects 0.000 abstract description 5
- 230000006870 function Effects 0.000 description 1
- 238000013507 mapping Methods 0.000 description 1
- 230000007087 memory ability Effects 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/10—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
Definitions
- the invention relates to a device and a method for protected Data transmission, in particular for protected data transmission of individual PIN values for payment cards.
- PIN personal identification number
- PIN The PIN of most major credit cards is used in computer systems Random numbers generated and assigned to the credit cards to be produced.
- the PIN is usually sent to the cardholder using a so-called PIN letter.
- a PIN letter consists of a firmly glued one Envelope on which the card number of the associated credit card, as well (sometimes) the address of the cardholder is printed.
- Inside the PIN letter is a single sheet on which the PIN is printed
- the PIN letter is physically designed so that unauthorized reading of the PIN Value without visible damage to the PIN letter is impossible.
- printing (Personalize) the PIN letter is through a special printing process ensures that even during the printing process never on the PIN letter production of employees involved Get to know the PIN values can.
- a method for personalizing chip cards is known from DE 39 27 270 A1, at all data and numbers are stored in a register in a secure area be a pseudo-identity instead of the actual identity of the cardholder is used, which is subsequently replaced by the actual identity of the user can be.
- the object of the present invention is therefore to provide a method which enables a cardholder or an account holder to determine PIN values themselves, without any security risk in the transmission of the PIN values. It is further object of the present invention, a corresponding device for performing to provide such a method. This task is accomplished through a process according to claim 1 and by an apparatus for performing such a method solved according to claim 11. Claims 2 to 10 relate to particularly advantageous ones Embodiments of the method according to the invention.
- the invention is based on the basic idea that knowledge the result of a mathematical operation between a PIN value and a second secret operand is worthless if the value of the second Operand is unknown.
- the card issuer generates for each card applicant - or for each card number to be issued - a secret numerical value (operands).
- the generation can by encrypting the card number with an internal key (known only to the card issuer's IT system) or as a random number.
- the result of the encryption is then converted into a decimal number converted.
- the decimal number serves as a secret operand.
- the secret operand is sent to the card applicant by means of a (accordingly modified) "PIN letter" communicated.
- the card applicant then carries along a predetermined PIN value and the secret operand communicated - Mathematical operation (e.g. addition) that is as easy to choose as possible and writes the result on a form that he provides with the sender and return the card number to the card issuer.
- Mathematical operation e.g. addition
- the result is transmitted together with the card number entered into a computer system.
- This computer system calculates the value of the secret operand by matching it with the card number the same procedure as for the first generation of the secret operand performs.
- the result returned by the card applicant becomes the mathematical one Reverse function (e.g. subtraction) carried out, whereby the desired PIN value of the card applicant is received.
- This value then becomes the one to be produced Card assigned as a PIN value. From this moment on the normal Reinstall the process for personalizing payment cards.
- the random number can be obtained, for example, from the computer system of the card issuer is generated.
- the operand generated in this way is stored together with the card number in a database.
- the result sent back is then sent to the secret operand by means of an IT system mapped through the database, using the card number as the mapping index serves.
- the advantage of this invention is maximum security against unauthorized persons Recognize the PIN value because the PIN value is in plain text during of the entire process is never visible.
- the invention is also suitable for defining individual PIN values for Telephone banking accounts. All that is required is the account number instead of the Card number can be used.
Landscapes
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
- Small-Scale Networks (AREA)
- Credit Cards Or The Like (AREA)
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
DE19541081 | 1995-11-03 | ||
DE19541081A DE19541081C2 (de) | 1995-11-03 | 1995-11-03 | Vorrichtung zur geschützten Datenübermittlung |
Publications (3)
Publication Number | Publication Date |
---|---|
EP0772164A2 EP0772164A2 (de) | 1997-05-07 |
EP0772164A3 EP0772164A3 (de) | 1999-11-17 |
EP0772164B1 true EP0772164B1 (de) | 2003-08-06 |
Family
ID=7776588
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP96116885A Revoked EP0772164B1 (de) | 1995-11-03 | 1996-10-21 | Vorrichtung und Verfahren zur geschützten Datenübermittlung |
Country Status (4)
Country | Link |
---|---|
EP (1) | EP0772164B1 (es) |
AT (1) | ATE246829T1 (es) |
DE (2) | DE19541081C2 (es) |
ES (1) | ES2204984T3 (es) |
Families Citing this family (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
FR2767406B1 (fr) * | 1997-08-13 | 1999-10-22 | France Telecom | Procede pour etablir une carte ou un moyen d'identification personnelle a code confidentiel |
NL1008287C2 (nl) * | 1998-02-12 | 1999-08-13 | Rdc Datacentrum B V | Systeem voor het distribueren van PIN-codes. |
WO2001038950A2 (en) | 1999-11-22 | 2001-05-31 | Ascom Hasler Mailing Systems, Inc. | Generation and management of customer pin's |
FR2922395B1 (fr) * | 2007-10-12 | 2010-02-26 | Ingenico Sa | Procede de transmission d'un code confidentiel, terminal lecteur de cartes, serveur de gestion et produits programme d'ordinateur correspondants |
EP2461297B1 (en) * | 2008-11-12 | 2020-10-07 | Idemia Denmark A/S | Personal identification number distribution device and method |
EP2704071A1 (en) * | 2012-08-31 | 2014-03-05 | Gemalto SA | System and method for secure customization of a personal token during a personalization step |
Family Cites Families (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPS5329542B2 (es) * | 1974-07-08 | 1978-08-22 | ||
US4616852A (en) * | 1984-11-26 | 1986-10-14 | The Talman Home Federal Savings And Loan Association Of Illinois | Money debit card application form and method of processing same |
JPS6356785A (ja) * | 1986-08-28 | 1988-03-11 | Toshiba Corp | 携帯可能記憶媒体処理装置 |
US4947027A (en) * | 1988-02-02 | 1990-08-07 | Golightly Cecelia K | System for identifying authorized use of credit cards |
DE3927270C2 (de) * | 1989-08-18 | 1996-07-11 | Deutsche Telekom Ag | Verfahren zum Personalisieren von Chipkarten |
US5477038A (en) * | 1993-10-25 | 1995-12-19 | Visa International | Method and apparatus for distributing currency |
-
1995
- 1995-11-03 DE DE19541081A patent/DE19541081C2/de not_active Revoked
-
1996
- 1996-10-21 AT AT96116885T patent/ATE246829T1/de active
- 1996-10-21 ES ES96116885T patent/ES2204984T3/es not_active Expired - Lifetime
- 1996-10-21 EP EP96116885A patent/EP0772164B1/de not_active Revoked
- 1996-10-21 DE DE59610645T patent/DE59610645D1/de not_active Expired - Lifetime
Also Published As
Publication number | Publication date |
---|---|
DE19541081C2 (de) | 1998-04-09 |
DE59610645D1 (de) | 2003-09-11 |
ES2204984T3 (es) | 2004-05-01 |
ATE246829T1 (de) | 2003-08-15 |
EP0772164A2 (de) | 1997-05-07 |
EP0772164A3 (de) | 1999-11-17 |
DE19541081A1 (de) | 1997-05-07 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
DE69900169T3 (de) | Kreditkartensystem und verfahren | |
DE3044463C2 (es) | ||
DE2645564C2 (de) | Automatischer Geldausgeber | |
DE3103514C2 (de) | Verfahren und Vorrichtung zum Sichern von Transaktionen | |
DE2760486C2 (es) | ||
EP0976113B1 (de) | Verfahren zur erzeugung eines guthabens mittels eines vorausbezahlten wertgutscheins | |
DE69738266T2 (de) | Verfahren und Mittel zum Begrenzen des Missbrauches von gefälschten Kreditkarten, Zugangskarten, elektronischen Konten oder dergleichen | |
DE3886623T2 (de) | Transaktionssystem mit einer oder mehreren zentralen Schnittstellen und mit einer Anzahl von verteilten Endstationen, welche an jede zentrale Schnittstelle über ein Netzwerk gekoppelt werden können; Concentrator und Endstation, geeignet für den Gebrauch in solch einem Transaktionssystem und Bedieneridentifizierungselement für den Gebrauch in einer solchen Endstation. | |
DD282308A5 (de) | Schaltungsanordnung mit einer zumindest einen teil der anordnung enthaltenden karte fuer geschaefts-, indentifizierungs- und/oder betaetigungszwecke | |
DE19956359A1 (de) | Kartenbuchung mittels einer virtuellen Eintrittskarte | |
DE2901521A1 (de) | Persoenliches identifizierungssystem | |
DE19739488A1 (de) | Verfahren zur Durchführung sicherer Finanztransaktionen, indem Faxübertragungen verwendet werden | |
EP0772164B1 (de) | Vorrichtung und Verfahren zur geschützten Datenübermittlung | |
DE3300850A1 (de) | System zum taetigen von geschaeftsabschluessen | |
EP1971108B1 (de) | Identifikation eines Benutzers eines Mobilterminals und Generierung einer Aktionsberechtigung | |
DE69014269T2 (de) | Kreditversorgungssystem. | |
WO2010020430A1 (de) | Rücknehmen und zerstören von datenträgern | |
EP0950999B1 (de) | Datenerfassungsvorrichtung und Verfahren zum Betreiben der Vorrichtung | |
DE102004039365A1 (de) | Datenträger zur kontaktlosen Übertragung von verschlüsselten Datensignalen | |
DE2706154C2 (de) | Zugangskontrollvorrichtung mit einem zentralen Computer und wenigstens einem vom Computer entfernt angeordneten Terminal | |
EP1276081A2 (de) | Ticket-System | |
DE4027735A1 (de) | Verfahren und vorrichtung zur gesicherten datenfernuebermittlung | |
DE60005521T2 (de) | Gesichertes zahlungssystem zur auswahl eines beliebigen betrages | |
DE4441413A1 (de) | Datenaustauschgerät | |
EP2281259B1 (de) | Änderbare pin für hardwaretoken |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
AK | Designated contracting states |
Kind code of ref document: A2 Designated state(s): AT BE CH DE ES FR GB GR IT LI NL SE |
|
PUAL | Search report despatched |
Free format text: ORIGINAL CODE: 0009013 |
|
AK | Designated contracting states |
Kind code of ref document: A3 Designated state(s): AT BE CH DE ES FR GB GR IT LI NL SE |
|
17P | Request for examination filed |
Effective date: 20000310 |
|
17Q | First examination report despatched |
Effective date: 20011017 |
|
GRAH | Despatch of communication of intention to grant a patent |
Free format text: ORIGINAL CODE: EPIDOS IGRA |
|
GRAH | Despatch of communication of intention to grant a patent |
Free format text: ORIGINAL CODE: EPIDOS IGRA |
|
GRAA | (expected) grant |
Free format text: ORIGINAL CODE: 0009210 |
|
AK | Designated contracting states |
Designated state(s): AT BE CH DE ES FR GB GR IT LI NL SE |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: NL Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20030806 |
|
REG | Reference to a national code |
Ref country code: GB Ref legal event code: FG4D Free format text: NOT ENGLISH |
|
REG | Reference to a national code |
Ref country code: CH Ref legal event code: EP |
|
GBT | Gb: translation of ep patent filed (gb section 77(6)(a)/1977) |
Effective date: 20030806 |
|
REF | Corresponds to: |
Ref document number: 59610645 Country of ref document: DE Date of ref document: 20030911 Kind code of ref document: P |
|
REG | Reference to a national code |
Ref country code: CH Ref legal event code: NV Representative=s name: N&G PATENT SERVICES SA |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: BE Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20031031 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: SE Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20031106 Ref country code: GR Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20031106 |
|
NLV1 | Nl: lapsed or annulled due to failure to fulfill the requirements of art. 29p and 29m of the patents act | ||
ET | Fr: translation filed | ||
BERE | Be: lapsed |
Owner name: *CULJAK FRANK Effective date: 20031031 |
|
REG | Reference to a national code |
Ref country code: ES Ref legal event code: FG2A Ref document number: 2204984 Country of ref document: ES Kind code of ref document: T3 |
|
PLBE | No opposition filed within time limit |
Free format text: ORIGINAL CODE: 0009261 |
|
26N | No opposition filed |
Effective date: 20040507 |
|
REG | Reference to a national code |
Ref country code: DE Ref legal event code: 8364 Ref document number: 59610645 Country of ref document: DE |
|
REG | Reference to a national code |
Ref country code: CH Ref legal event code: PCAR Free format text: NOVAGRAAF INTERNATIONAL SA;25, AVENUE DU PAILLY;1220 LES AVANCHETS (CH) |
|
REG | Reference to a national code |
Ref country code: CH Ref legal event code: PFA Owner name: CULJAK, FRANK Free format text: CULJAK, FRANK#MUENSTERPLATZ 39#89073 ULM (DE) -TRANSFER TO- CULJAK, FRANK#MUENSTERPLATZ 39#89073 ULM (DE) |
|
PGFP | Annual fee paid to national office [announced via postgrant information from national office to epo] |
Ref country code: IT Payment date: 20120315 Year of fee payment: 16 |
|
PGFP | Annual fee paid to national office [announced via postgrant information from national office to epo] |
Ref country code: GB Payment date: 20130306 Year of fee payment: 17 Ref country code: CH Payment date: 20130312 Year of fee payment: 17 Ref country code: FR Payment date: 20130325 Year of fee payment: 17 Ref country code: DE Payment date: 20130304 Year of fee payment: 17 Ref country code: ES Payment date: 20130315 Year of fee payment: 17 |
|
PGFP | Annual fee paid to national office [announced via postgrant information from national office to epo] |
Ref country code: AT Payment date: 20130312 Year of fee payment: 17 |
|
REG | Reference to a national code |
Ref country code: DE Ref legal event code: R084 Ref document number: 59610645 Country of ref document: DE |
|
REG | Reference to a national code |
Ref country code: DE Ref legal event code: R084 Ref document number: 59610645 Country of ref document: DE Effective date: 20130628 |
|
REG | Reference to a national code |
Ref country code: AT Ref legal event code: MA04 Ref document number: 246829 Country of ref document: AT Kind code of ref document: T Effective date: 20130920 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: AT Free format text: THE PATENT HAS BEEN ANNULLED BY A DECISION OF A NATIONAL AUTHORITY Effective date: 20130920 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: ES Free format text: LAPSE BECAUSE OF THE APPLICANT RENOUNCES Effective date: 20131119 |
|
REG | Reference to a national code |
Ref country code: DE Ref legal event code: R231 Ref document number: 59610645 Country of ref document: DE |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: DE Free format text: LAPSE BECAUSE OF THE APPLICANT RENOUNCES Effective date: 20140310 |
|
REG | Reference to a national code |
Ref country code: CH Ref legal event code: PL |
|
GBPC | Gb: european patent ceased through non-payment of renewal fee |
Effective date: 20131021 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: LI Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20131031 Ref country code: GB Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20131021 Ref country code: CH Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20131031 |
|
REG | Reference to a national code |
Ref country code: FR Ref legal event code: ST Effective date: 20140630 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: FR Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20131031 Ref country code: IT Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20131021 |
|
REG | Reference to a national code |
Ref country code: DE Ref legal event code: R057 Ref document number: 59610645 Country of ref document: DE |
|
REG | Reference to a national code |
Ref country code: DE Ref legal event code: R061 Ref document number: 59610645 Country of ref document: DE |
|
PLBR | Kind of request for revocation recorded |
Free format text: ORIGINAL CODE: EPIDOSNRVR2 |
|
PLBT | Request for revocation filed by patent holder |
Free format text: ORIGINAL CODE: EPIDOSNRVR1 |
|
PLDH | Decision on request for revocation |
Free format text: ORIGINAL CODE: EPIDOSNRVR3 |
|
RDAA | Patent revoked on request of proprietor |
Free format text: ORIGINAL CODE: 0009220 |
|
PLBU | Request for revocation filed by patent holder |
Free format text: ORIGINAL CODE: EPIDOSNRVR6 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: PATENT REVOKED BY PROPRIETOR |
|
REG | Reference to a national code |
Ref country code: DE Ref legal event code: R103 Ref document number: 59610645 Country of ref document: DE Ref country code: DE Ref legal event code: R064 Ref document number: 59610645 Country of ref document: DE |
|
RVAA | Request for revocation filed after opposition period found admissible |
Filing date: 20180320 |
|
RIC2 | Information provided on ipc code assigned after grant |
Ipc: G07F 7/10 20060101AFI19970228BHEP |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: ES Free format text: LAPSE BECAUSE OF THE APPLICANT RENOUNCES Effective date: 20131022 |
|
REG | Reference to a national code |
Ref country code: DE Ref legal event code: R060 Effective date: 20180726 |