Classifications

• • G—PHYSICS
  • G07—CHECKING-DEVICES
  • G07F—COIN-FREED OR LIKE APPARATUS
  • G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
  • G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
  • G07F7/10—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
  • G07F7/1008—Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
• • G—PHYSICS
  • G07—CHECKING-DEVICES
  • G07F—COIN-FREED OR LIKE APPARATUS
  • G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
  • G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
  • G07F7/10—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
  • G07F7/1025—Identification of user by a PIN code

Definitions

• Patent family documents are indicated in the appendix.
• PCT / ISA 210 form (continuation of second sheet) (July 1992) Information relating to members of patent families
• PCT / ISA 210 form (appendix patent families) (July 1992) Method and device for processing confidential codes
• the invention relates to the field of code devices and code processing methods. More specifically, the invention relates to the field of systems with confidential access code, in particular, devices and methods making it possible to secure access to certain operations such as transactions, in particular electronic banking.
• This numerical code typically 2 to 12 digits, associated with a holder identification profile authorized to hold this code, allows the holder to use certain protected functions, and only knowing the code allows the functions to be unlocked.
• An object of the invention is to simplify this type of device and process, while minimizing the risks run by the holder of a code, victim of such attacks and while preserving the protection of the functions to be protected.
• the invention proposes a method for processing confidential codes in a system with secure functions comprising the steps consisting in: - receiving a code;
• the code in order to check a second authorization, conditioned by a second code distinct from the first code, to trigger at least a second function by not revealing the fact that the code does not allow not get the first clearance; characterized in that the step of verifying the second authorization comprises the operations consisting in obtaining a new code, by a second reverse transformation of a first simple transformation allowing the holder of the first code to obtain the second code from the first code, and execute the first authorization verification step again to test the new code.
• the victim can reveal a second code to the aggressor; thanks to the method according to the invention, this second code is distinguished from a first code, empowered to access a first function; there is then no access to the first function which remains protected; but this second code can be empowered to trigger a second function which can serve as a decoy, intended to divert the aggressor from the project to access the first function.
• the attacker diverted from his project will not seek to further threaten his victim for whom the risks incurred are therefore reduced.
• this process remains simple to implement, since the step of verifying the first authorization is common to the test of the code entered directly in the system with secure functions and to the test of the code obtained after the second transformation.
• the first function of the method according to the invention is a banking transaction.
• the steps of the method according to the invention consisting in verifying the first and second authorizations, involve a microprocessor card.
• said first simple transformation of the method according to the invention is carried out by an elementary shift of one character of the first code.
• the method according to the invention also comprises an invalidation step, if the step consisting in verifying the first authorization has been tested more than a determined number of times without success.
• the second function of the method according to the invention, consists in displaying a message chosen randomly from among several messages indicating that access to the first function is not possible, without however specifying that the code is not that allowing to obtain the first authorization.
• the second simple transformation of the method according to the invention is a function of parameters accessible on the microprocessor card.
• the invention is a device for controlling access to secure functions, with confidential code.
• this device comprises:
• the means for verifying the second authorization allow the operations consisting in obtaining a new code, by a second inverse transformation of a first simple transformation allowing the holder of the first code to obtain the second code at from the first code, and execute the verification step of the first authorization again to test the new code.
• the device according to the invention is a terminal for a bank card.
• the device according to the invention is used to secure a bank transaction.
• the steps consisting in verifying the first and second authorizations involve a digitally registered user profile.
• the means of the device according to the invention, to verify the first and second authorizations involve a microprocessor card.
• said simple transformation of the device according to the invention is carried out by an elementary shift of one character of the first code.
• the device according to the invention further comprises means of invalidation implemented if the first authorization has been tested more than a determined number of times without success.
• the second function of the device according to the invention is carried out by means which display a message chosen randomly from among several messages indicating that access to the first function is not possible, without however specifying that the code is not DCui allowing to obtain the first authorization.
• the second simple transformation of the device according to the invention is a function of parameters accessible on the microprocessor card.
• - Figure 1 is a diagram schematically representing the main units making up a particular device for the implementation of the invention.
• - Figure 2 is a synopsis of all the steps of an example of implementation of the method according to the invention.
• the device is an automatic cash dispenser.
• FIG. 1 it conventionally comprises in itself a central unit 1 which processes and exchanges information with a reader 2 of bank cards 10, and a keyboard 3 (or any other interactive input device), for controlling a mechanism 4 for distributing banknotes, the reader 2. for bank cards 10 and producing messages displayed on a screen 5.
• the processing of information and the control of the mechanisms composing the device according to the invention by the central unit 1, is based on exchanges with a memory unit 6.
• a card 10 is provided with a microprocessor.
• This microprocessor corresponds to a holder profile authorized to hold a first code.
• the holder also holds a second code which will be used as a backup code as will be explained below.
• the user therefore has two codes.
• the first code is its usual confidential code, empowered to access a first function, in this case, for the example described here, an electronic payment transaction of the automatic ticket distribution type.
• the second code is a backup code. It can be revealed by a user threatened by an attacker instead of his confidential code.
• This second code is easily memorized and is obtained by a first simple arithmetic transformation starting from the first.
• the second code differs from the first code only by a digit, which digit is advantageously modified only by plus 1 or minus 1 with respect to the digit of the same rank in the first and second codes.
• the device according to the invention is implemented according to the following method, described with reference to FIG. 2.
• a user When a user wishes to obtain a first function 180, in in this case the distribution of tickets on the part of the device according to the invention, he inserts his card 10 into the reader 2 and composes a code on the keyboard 3.
• the central unit 1 then begins at the start 100 a test procedure, with successive steps as indicated below.
• a test procedure followed by successive steps as indicated below.
• An indicator 110 testifying to the fact that the code has not yet been transformed is generated.
• the code is tested, by a code 120 test to verify a first authorization.
• test 120 gives a negative result, it is because the code supplied to the device according to the invention does not correspond to the first code held by the user, that is to say his confidential code.
• a first indicator test 130 is then carried out. If the indicator testifies to the fact that the code has not yet been transformed, the central unit 1 initiates a second authorization test and proceeds to a derivation 140 of a second transformation, opposite of a first simple transformation allowing the holder of a first code to obtain a second code (his backup code) from the first code.
• An indicator 145 testifying to the fact that the derivation 140 has been carried out is generated.
• This code obtained by derivation 140 is used to reproduce the verification step of the first authorization, at the level of the code test 120. If after the derivation 140, the code obtained still does not correspond to the first code (usual confidential code) is that the code entered at the beginning 100 was not the second code (backup code). For example, it could be a typing error on the part of the user.

Landscapes

• Physics & Mathematics (AREA)
• General Physics & Mathematics (AREA)
• Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
• Storage Device Security (AREA)
• Compression, Expansion, Code Conversion, And Decoders (AREA)
• Communication Control (AREA)
• Record Information Processing For Printing (AREA)

Applications Claiming Priority (3)

Publications (2)

Family

ID=9515368

Family Applications (1)

Country Status (9)

Families Citing this family (1)

Family Cites Families (5)

• 1997
  • 1997-12-31 FR FR9716786A patent/FR2773250B1/fr not_active Expired - Fee Related
• 1998
  • 1998-12-30 WO PCT/FR1998/002918 patent/WO1999035621A1/fr active IP Right Grant
  • 1998-12-30 CA CA002316818A patent/CA2316818A1/fr not_active Abandoned
  • 1998-12-30 ES ES98964554T patent/ES2186249T3/es not_active Expired - Lifetime
  • 1998-12-30 DE DE69809292T patent/DE69809292T2/de not_active Expired - Fee Related
  • 1998-12-30 AT AT98964554T patent/ATE227454T1/de not_active IP Right Cessation
  • 1998-12-30 PT PT98964554T patent/PT1044435E/pt unknown
  • 1998-12-30 EP EP98964554A patent/EP1044435B1/de not_active Expired - Lifetime
  • 1998-12-30 DK DK98964554T patent/DK1044435T3/da active

Non-Patent Citations (1)

Also Published As

Similar Documents

Legal Events