EP0970446A2 - Procede de modification destine a des ensembles de donnees d'autorisation - Google Patents

Procede de modification destine a des ensembles de donnees d'autorisation

Info

Publication number
EP0970446A2
EP0970446A2 EP98914870A EP98914870A EP0970446A2 EP 0970446 A2 EP0970446 A2 EP 0970446A2 EP 98914870 A EP98914870 A EP 98914870A EP 98914870 A EP98914870 A EP 98914870A EP 0970446 A2 EP0970446 A2 EP 0970446A2
Authority
EP
European Patent Office
Prior art keywords
data
authorization
security module
authorization data
terminal
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
EP98914870A
Other languages
German (de)
English (en)
Inventor
Siegfried Hartleif
Frank Schaefer-Lorinser
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Deutsche Telekom AG
Original Assignee
Deutsche Telekom AG
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Deutsche Telekom AG filed Critical Deutsche Telekom AG
Publication of EP0970446A2 publication Critical patent/EP0970446A2/fr
Ceased legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1008Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/355Personalisation of cards for use
    • G06Q20/3552Downloading or loading of personalisation data
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/36Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes
    • G06Q20/363Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes with the personal data of a user
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/409Device specific authentication in transaction processing
    • G06Q20/4097Device specific authentication in transaction processing using mutual authentication between devices and transaction partners
    • G06Q20/40975Device specific authentication in transaction processing using mutual authentication between devices and transaction partners using encryption therefor
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/0866Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means by active credit-cards adapted therefor

Definitions

  • the invention relates to a method for carrying out changes in authorization data records which are stored on data carriers, in particular on chip cards, the data carrier being connected to a terminal and a security module for exchanging data.
  • Permissions are often acquired in daily life and are documented on paper. Examples of this are the authorization to use means of transport in the form of tickets and season tickets, the use of parking spaces in the form of parking tickets. In this context, tickets for cultural or sporting events, swimming pools, museums and other facilities should also be mentioned. In most cases, such a receipt is only used for control purposes and is discarded by the customer after use. Some of these documents are so small that they can easily be lost. On some occasions, for example when traveling, various receipts are carried so that the search for the correct receipt can be difficult when checking.
  • authorization data records are stored within the memory architecture of chip cards in the variable memory area, for example the EEPROM area.
  • the memory areas are processed or managed using the chip card operating system.
  • Corresponding specifications are part of international standardization (CEN prEN 726-3, ISO 7816-4). In accordance with this standard, a data record that characterizes authorizations would - in the following
  • access conditions are set for the entire EF, but not for individual data fields.
  • the access conditions regulate the security-related conditions under which the EF can be accessed.
  • the operating system of the chip card monitors compliance with the access conditions, i.e. if changes are made to an authorization data record, they can be made at any point in the Authorization data contained EF can be made.
  • this possibility is not necessary and, on the other hand, it is questionable in terms of safety. In most cases, an entry in a validation field or a change in a text field is sufficient. A corresponding limitation of the change options is not provided for in the standardization.
  • defining different access conditions for individual data fields would require a considerable increase in storage space.
  • the invention has for its object to provide a method that allows secure changes to authorizations.
  • the known storage space or security architecture should preferably be retained.
  • Authorization data record is transmitted to the data carrier in cryptographically secured form and that the changed authorization data record is stored in the data carrier after checking the authenticity.
  • the possibility of changing not only can be restricted to one or more data fields within the respective authorization data record, but the type of change can also be restricted.
  • FIG. 1 shows the structure of an EF, namely a data field EF_BER provided for the storage of authorizations,
  • FIG. 2 shows the structure of an authorization data record within the EF shown in FIG. 1,
  • Fig. 3 is a schematic representation of a terminal with a security module and a smart card and
  • Fig. 4 is a schematic representation of the processes when changing an authorization record.
  • the structure of an EF_BER is shown in table form in FIG. 1.
  • the EF_BER initially contains an identifier at 1, which identifies this file as EF_BER.
  • the access conditions for reading, writing, deleting, etc. are then stored.
  • the actual data content consists of data records which represent authorizations 1 to n.
  • a first data record for authorization 1 requires bytes 1-X
  • a second data record for authorization 2 requires bytes XY etc.
  • FIG. 2 several data fields are provided, of which only four data fields are explained by way of example.
  • data fields A and B are created for X bytes each, which are coded in any way (xx) and contain, for example, names for the type of authorization.
  • the type of multiple use is stored in binary form in a further data field with a length of one byte.
  • a code field with a length of three bytes is also in binary stored information in the data record.
  • the block diagram according to FIG. 3 comprises a terminal 31, which contains a processor 32, a security module 33 and a card writing and reading device 34. Furthermore, a keyboard 35 is provided for inputs by a user, if necessary.
  • the security module 33 is designed such that data and program changes and reading programs and data are not possible.
  • the individual modules of the terminal 31 are connected to one another by data lines 36.
  • a chip card 37 can be inserted into the writing and reading device 34.
  • FIG. 4 shows the data exchange between the terminal and the security module on the one hand and the chip card on the other. Since it is not necessary to constantly distinguish between the terminal and the security module to explain the invention, these have been summarized in FIG. 4. In the case of processes in which processing of data in the security module is important for the invention, this is pointed out in connection with FIG. 4.
  • the commands Select EF_INFO and Read EF_INFO are sent from the terminal to the chip card.
  • This turns data out read the chip card, which are stored at 42 in the terminal or in the security module.
  • the card-specific key is calculated using the data and the system key stored in the security module. With this key, cryptograms of the chip card are recalculated or checked for authenticity.
  • the terminal then sends the commands Select EF_BER and Read EF_BER with the addition secure.
  • the authorization data record is then read from the memory in the chip card and transmitted to the terminal in unencrypted form together with a MAC (Message Authentication Code), which is calculated in the chip card via the authorization data record BER.
  • the security module then also calculates a MAC at 44 from the transmitted authorization data record and compares this at 45 with the MAC transmitted by the chip card.
  • the authorization data record is changed by the terminal via the security module at 46, for example one of several multiple authorizations is deleted.
  • the changed authorization data record BER ' is transmitted together with a MAC' formed from BER 'and the card-specific key and with the Write EF_BER secure command to the chip card, whereupon the transmitted changed authorization data record BER' is checked in the chip card at 47 by recalculating the MAC 'and at 48 is saved. Then there is a feedback "O.K.” to the terminal.

Abstract

L'invention concerne un procédé permettant d'apporter des modifications dans des ensembles de données d'autorisation mémorisés dans des supports de données, notamment des cartes à puces. Le support de données est relié à un terminal et à un module de sécurité pour permettre l'échange de données. L'ensemble de données à modifier est lu, sous une forme protégée par voie cryptographique, dans le support de données par le module de sécurité. Après authentification de l'ensemble de données d'autorisation, ce dernier est modifié dans le module de sécurité selon les consignes fournies par le terminal. L'ensemble de données d'autorisation ainsi modifié est transmis sous forme protégée par voie cryptographique au support de données où il est mémorisé après authentification.
EP98914870A 1997-03-06 1998-03-05 Procede de modification destine a des ensembles de donnees d'autorisation Ceased EP0970446A2 (fr)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
DE19709275 1997-03-06
DE19709275 1997-03-06
PCT/EP1998/001270 WO1998039743A2 (fr) 1997-03-06 1998-03-05 Procede de modification destine a des ensembles de donnees d'autorisation

Publications (1)

Publication Number Publication Date
EP0970446A2 true EP0970446A2 (fr) 2000-01-12

Family

ID=7822498

Family Applications (1)

Application Number Title Priority Date Filing Date
EP98914870A Ceased EP0970446A2 (fr) 1997-03-06 1998-03-05 Procede de modification destine a des ensembles de donnees d'autorisation

Country Status (4)

Country Link
EP (1) EP0970446A2 (fr)
HU (1) HUP0001506A3 (fr)
NO (1) NO326478B1 (fr)
WO (1) WO1998039743A2 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8543210B2 (en) 2008-01-25 2013-09-24 Endostim, Inc. Device and implantation system for electrical stimulation of biological systems

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7319986B2 (en) 1999-09-28 2008-01-15 Bank Of America Corporation Dynamic payment cards and related management systems and associated methods
WO2002069290A2 (fr) * 2000-10-23 2002-09-06 Works Operating Company Cartes de paiement dynamiques, systemes de gestion associes et procedes associes
TW200500887A (en) * 2003-03-03 2005-01-01 Nagracard Sa Security modules deactivation and reactivation method
US7895119B2 (en) 2003-05-13 2011-02-22 Bank Of America Corporation Method and system for pushing credit payments as buyer initiated transactions

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2698588B2 (ja) * 1987-11-13 1998-01-19 株式会社東芝 携帯可能電子装置
DE4119924C3 (de) * 1991-06-17 1996-06-20 Siemens Ag Verfahren zur Sicherung von ladbaren Guthaben in Chipkarten
GB2267626A (en) * 1992-05-12 1993-12-08 Westinghouse Cubic Limited Ticket
FR2697929B1 (fr) * 1992-11-10 1995-01-13 Innovatron Sa Protocole sécurisé d'échange de données entre un dispositif de transfert et un objet portatif.
FR2704081B1 (fr) * 1993-04-16 1995-05-19 France Telecom Procédé de mise à jour d'une carte à mémoire et carte à mémoire pour la mise en Óoeuvre de ce procédé.
DE4441038A1 (de) * 1994-11-18 1996-05-23 Deutsche Telekom Ag Verfahren zum Erwerb und Speichern von Berechtigungen mit Hilfe von Chipkarten
DE19522050A1 (de) 1995-06-17 1996-12-19 Uestra Hannoversche Verkehrsbe Speicherkarte

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See references of WO9839743A2 *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8543210B2 (en) 2008-01-25 2013-09-24 Endostim, Inc. Device and implantation system for electrical stimulation of biological systems

Also Published As

Publication number Publication date
HUP0001506A2 (hu) 2000-09-28
NO994236D0 (no) 1999-09-01
WO1998039743A2 (fr) 1998-09-11
HUP0001506A3 (en) 2001-01-29
NO326478B1 (no) 2008-12-15
NO994236L (no) 1999-10-29
WO1998039743A3 (fr) 1999-01-21

Similar Documents

Publication Publication Date Title
DE3811378C3 (de) Informationsaufzeichnungssystem
EP0355372B1 (fr) Terminal commandé par support de données dans un système d'échange de données
DE69320900T3 (de) IC-Karte mit hierarchischer Dateienstruktur
DE69730712T2 (de) Kommunikationssystem mit gesicherter, unabhängiger verwaltung mehrerer anwendungen pro gebraucherkarte, gebraucherkarte und verwaltungsverfahren dafür
DE69823649T2 (de) Multi-anwendungs ic-kartensystem
DE69927643T2 (de) Informationsverarbeitung und Datenspeicherung
EP0805607B1 (fr) Méthode d'accès d'au moins une partie des données d'une carte à microprocesseur
DE19839847A1 (de) Speichern von Datenobjekten im Speicher einer Chipkarte
DE3103514A1 (de) Verfahren und vorrichtung zum steuern einer gesicherten transaktion
WO2000074001A1 (fr) Dispositifs et procede pour l'authentification biometrique
EP0811204B1 (fr) Traitement de longues informations dans une carte a puce
EP0920684B1 (fr) Carte a puce avec memoire de personnalisation et procede pour l'entree et la sortie de donnees
DE3636703A1 (de) Tragbare elektronische vorrichtung
EP0970446A2 (fr) Procede de modification destine a des ensembles de donnees d'autorisation
DE3804618A1 (de) Programmierbare chipkarte
EP1185960A2 (fr) Procede et dispositif servant a sauvegarder et a retrouver des codes pin
DE19626339A1 (de) Sicheres Laden von Anwendungen und Daten auf Chipkarten
DE19716015A1 (de) Einbringen von Information auf einer Chipkarte
EP2093720A2 (fr) Terminal pour cartes à puce
EP0970449B1 (fr) Support de donnees portable et procede permettant son utilisation de fa on protegee par voie cryptographique avec des cles de chiffrement interchangeables
EP0203543B1 (fr) Méthode et dispositif de vérification de cartes à circuit intégré
DE69738548T2 (de) Dynamisches dateninterpretationsverfahren für eine chipkarte
DE60213375T2 (de) Kontaktloses elektronisches Identifizierungssystem
DE19705620C2 (de) Anordnung und Verfahren zur dezentralen Chipkartenidentifikation
EP1008966A2 (fr) Système d'échange de données

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 19991006

AK Designated contracting states

Kind code of ref document: A2

Designated state(s): AT BE CH DE DK ES FI FR GB GR IE IT LI LU MC NL PT SE

17Q First examination report despatched

Effective date: 20040210

17Q First examination report despatched

Effective date: 20040210

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION HAS BEEN REFUSED

18R Application refused

Effective date: 20090206