EP1044435B1 - Method and device for processing confidential codes - Google Patents

Method and device for processing confidential codes Download PDF

Info

Publication number
EP1044435B1
EP1044435B1 EP98964554A EP98964554A EP1044435B1 EP 1044435 B1 EP1044435 B1 EP 1044435B1 EP 98964554 A EP98964554 A EP 98964554A EP 98964554 A EP98964554 A EP 98964554A EP 1044435 B1 EP1044435 B1 EP 1044435B1
Authority
EP
European Patent Office
Prior art keywords
code
function
entitlement
fact
verifying
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Lifetime
Application number
EP98964554A
Other languages
German (de)
French (fr)
Other versions
EP1044435A1 (en
Inventor
Claude Meggle
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
GROUPEMENT DES CARTES BANCAIRES "CB"
Original Assignee
GROUPEMENT DES CARTES BANCAIRES "CB"
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by GROUPEMENT DES CARTES BANCAIRES "CB" filed Critical GROUPEMENT DES CARTES BANCAIRES "CB"
Publication of EP1044435A1 publication Critical patent/EP1044435A1/en
Application granted granted Critical
Publication of EP1044435B1 publication Critical patent/EP1044435B1/en
Anticipated expiration legal-status Critical
Expired - Lifetime legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1008Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1025Identification of user by a PIN code

Definitions

  • the invention relates to the field of code devices and code processing methods. More specifically, the invention relates to the domain of systems with confidential access code, in particular, devices and methods for securing access to certain operations such as transactions, in particular electronic banking.
  • An object of the invention is to simplify this type of device and procedures, while minimizing the risks incurred by the holder of a code, victim of such attacks and retaining the protection of functions at protect.
  • the victim can reveal to the aggressor a second code; thanks to the method according to the invention, this second code is distinguished from a first code, empowered to access a first function; there is then no access to the first function which remains protected; but second code can be enabled to trigger a second function which can serve as a decoy, intended to divert the aggressor from the project to access to the first function.
  • the aggressor diverted from his project will not seek to further threaten the victim for whom the risks involved are found therefore reduced.
  • this process remains simple to implement. work, since the verification stage of the first authorization is common to testing the code entered directly into the function system secure and to the test of the code obtained after the second transformation.
  • the first function of the method according to the invention is a bank transaction.
  • the steps of the method according to the invention consisting in verifying the first and second authorizations, involve a microprocessor card.
  • said first simple transformation of the process according to the invention is carried out by an elementary shift of one character of the first code.
  • the method according to the invention further comprises an invalidation step, if the step of verifying the first clearance has been tested more than a specified number of times without success.
  • the second function, of the method according to the invention consists in displaying a message randomly chosen from several messages indicating that access to the first function is not possible, without however specifying that the code is not the one allowing to obtain the first authorization.
  • the second simple transformation of the process according to the invention is a function of parameters accessible on the card to microprocessor.
  • the invention is a control device access to secure functions, with confidential code.
  • the device according to the invention is a terminal for Bank card.
  • the device according to the invention is used for secure a bank transaction.
  • the steps consisting in verifying the first and second authorizations involve a registered user profile numerically.
  • the means of the device according to the invention for check the first and second authorizations, involve a credit card microprocessor.
  • said simple transformation of the device according to the invention is carried out by an elementary shift of one character of the first code.
  • the device according to the invention further comprises means of invalidation implemented if the first authorization has been tested more than a specified number of times without success.
  • the second function of the device according to the invention is carried out by means which display a message chosen at random among several messages indicating that access to the first function is not not possible, without however specifying that the code is not the one allowing to obtain the first authorization.
  • the second simple transformation of the device according to the invention is a function of parameters accessible on the card to microprocessor.
  • this is an automatic cash dispenser.
  • a central unit 1 which processes and exchanges information with a reader 2 bank cards 10, and a keyboard 3 (or any other interactive device for entry), to control a mechanism for dispensing 4 banknotes, the reader 2 of bank cards 10 and produce messages displayed on a screen 5.
  • Information processing and control of mechanisms composing the device according to the invention by the central unit 1, is based on exchanges with a memory unit 6.
  • a card 10 is provided with a microprocessor. This microprocessor corresponds to a holder profile authorized to hold a first code.
  • the holder also holds a second code which will be used as emergency code in the manner which will be explained below.
  • the user therefore has two codes.
  • the first code is his code confidential usual, authorized to access a first function, in the occurrence, for the example described here, of an electronic payment transaction of the type automatic ticket distribution.
  • the second code is a backup code. It can be revealed by a user threatened by an attacker instead of his confidential code.
  • This second code is easily memorized and is obtained by a first simple arithmetic transformation from the first.
  • the second code differs from the first code only by a digit, which digit is advantageously modified only by plus 1 or minus 1 compared to the number of the same rank in the first and second codes.
  • the device according to the invention is implemented work according to the following process, described with reference to FIG. 2.
  • the central unit 1 then begins at the start 100 a procedure for test, with successive steps as shown below.
  • An indicator 110 testifying to the fact that the code has not yet been transformed is generated.
  • the code is tested, by a code 120 test to verify a first empowerment.
  • test 120 gives a negative result, it means that the code supplied to the device according to the invention does not correspond to the first code held by the user, ie his confidential code.
  • a first indicator test 130 is then performed. If the indicator shows that the code has not still been transformed, central unit 1 initiates a second test empowerment and proceeds to a derivation 140 of a second transformation, reverse of a simple first transformation allowing the holder of a first code to obtain a second code (its backup code) from the first code.
  • This code obtained by derivation 140 is used to reproduce the first authorization verification step, at the code test level 120. If after the derivation 140, the code obtained still does not correspond to the first code (usual confidential code), is that the code introduced to early 100 was not the second code (backup code). It can be, by example of a typing error on the part of the user.
  • a second test 160 of the indicator is performed. If the indicator shows that the code has not not transformed, the user has access to protected function 180 (by example ticket distribution). If the indicator shows that the code has already been transformed, is that the code having successfully passed the first clearance test, had previously undergone bypass 140. The code entered at the beginning of 100 of the procedure was therefore the emergency code. The the procedure then continues with a second function 170, in this case, a rescue transaction 170, which can be a decoy function.
  • the second function 170 corresponds for the example described here to a rescue transaction which can cover several solutions.
  • a solution can consist in displaying on screen 3, a message randomly chosen from several messages indicating that access to the first function 180 is not possible, without however specifying that the code provided to the device according to the invention is not the one allowing to obtain the first clearance.
  • the message will be of the type “momentary transaction unavailable “or” insufficient credit "or any of the other common messages used to indicate a malfunction an ATM or a malfunction of the bank account holder.
  • the normal ticket distribution procedure will be initiated, for example by asking how much is desired, then if the user wants a receipt, but a failure will be simulated and the sum requested will not be issued.
  • the second simple transformation 140 makes it possible to find the first code (usual confidential code) from the second code (code rescue).
  • this simple second transformation 140 is variable, depending for example on parameters accessible on the card with microprocessor. For example, for a certain banking organization, the second transformation 140 can consist in incrementing by 1 the digit of second in the code, while for another organization, the transformation will consist in subtracting a unit from the figure of the last row.
  • the second transformation 140, and in particular the direction of variation on a digit can also depend on the even or odd nature of the number constituting the "bank code", the "bank code”, etc.
  • Another advantage of the invention in its form described above is that only one code needs to be tested at the microprocessor of card 10.
  • the cards 10 currently used are therefore compatible with this embodiment of the invention and it is not no need to change the cards already in circulation.
  • the second function 170 described above is a decoy function simulating a malfunction of the system to be protected. It might be considered in other cases, as a second function 170, the triggering of an alert signal, emission of defense gases, etc.

Landscapes

  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Storage Device Security (AREA)
  • Compression, Expansion, Code Conversion, And Decoders (AREA)
  • Communication Control (AREA)
  • Record Information Processing For Printing (AREA)

Abstract

The invention concerns a method for processing confidential codes in a system with security functions (180) consisting in receiving a code; verifying a first clearance, conditioned by a fist code, to access a first function (180); authorising access to the first function (180) if the first clearance is identified; and if the first clearance is not identified, using the code to verify a second clearance, conditioned by a second code distinct from the first code, to activate at least a second function (170), without revealing the fact that the code does not enable to obtain the first clearance. The invention also concerns a device for implementing the method.

Description

L'invention concerne le domaine des dispositifs à codes et des procédés de traitement de codes. Plus précisément, l'invention concerne le domaine des systèmes avec code d'accès confidentiel, notamment, les dispositifs et procédés permettant de sécuriser l'accès à certaines opérations telles que des transactions, en particulier monétiques.The invention relates to the field of code devices and code processing methods. More specifically, the invention relates to the domain of systems with confidential access code, in particular, devices and methods for securing access to certain operations such as transactions, in particular electronic banking.

De nombreuses fonctions de sécurité utilisent un code confidentiel. Ce code, numérique, typiquement de 2 à 12 chiffres, associé à un profil d'identification de titulaire autorisé à détenir ce code, permet au titulaire d'utiliser certaines fonctions protégées, et seule la connaissance du code permet le déverrouillage des fonctions.Many security features use a PIN. This code, numeric, typically from 2 to 12 digits, associated with a profile holder identification authorized to hold this code, allows the holder to use certain protected functions, and only knowledge of the code allows unlocking of functions.

La généralisation de ce moyen d'authentification, notamment combinant code et carte à microprocesseur, entraíne le développement d'attaques lors desquelles le titulaire du code, sous la menace, est contraint de révéler son code.The generalization of this means of authentication, in particular combining code and microprocessor card, leads to development attacks in which the holder of the code, under threat, is forced to reveal his code.

Des solutions ont été cherchées pour tenter d'éviter ces attaques. Ainsi, le document « Alert pin for personal banking terminais » (IBM Disclosure Bulletin, vol. 36, n° 5, 1993, pages 309-312) décrit un procédé et un dispositif de traitement de codes confidentiels permettant de donner l'alerte d'une utilisation frauduleuse, sans en avertir le fraudeur, grâce à l'utilisation d'un code de secours (voir également US A-5 354 974).Solutions have been sought to try to avoid these attacks. Thus, the document “Alert pin for personal banking terminais” (IBM Disclosure Bulletin, vol. 36, No. 5, 1993, pages 309-312) describes a process and a confidential code processing device making it possible to give alert of fraudulent use, without notifying the fraudster, thanks to the use of a backup code (see also US A-5,354,974).

Un but de l'invention est de simplifier ce type de dispositifs et de procédés, tout en minimisant les risques encourus par le titulaire d'un code, victime de telles attaques et en conservant la protection des fonctions à protéger.An object of the invention is to simplify this type of device and procedures, while minimizing the risks incurred by the holder of a code, victim of such attacks and retaining the protection of functions at protect.

Ainsi l'invention propose un procédé de traitement de codes confidentiels dans un système à fonctions sécurisées comprenant les étapes consistant à :

  • recevoir un code ;
  • vérifier une première habilitation, conditionnée par un premier code, pour accéder à une première fonction ;
  • autoriser l'accès à la première fonction si la première habilitation est reconnue ;
  • utiliser, si la première habilitation n'est pas reconnue, le code afin de vérifier une deuxième habilitation, conditionnée par un deuxième code distinct du premier code, pour déclencher au moins une deuxième fonction en ne révélant pas le fait que le code ne permet pas d'obtenir la première habilitation ;
   caractérisé en ce que l'étape de vérification de la deuxième habilitation comprend les opérations consistant à obtenir un nouveau code, par une deuxième transformation inverse d'une première transformation simple permettant au titulaire du premier code d'obtenir le deuxième code à partir du premier code, et exécuter à nouveau l'étape de vérification de la première habilitation pour tester le nouveau code.Thus, the invention proposes a method for processing confidential codes in a system with secure functions comprising the steps consisting in:
  • receive a code;
  • check a first authorization, conditioned by a first code, to access a first function;
  • authorize access to the first function if the first authorization is recognized;
  • use, if the first authorization is not recognized, the code in order to verify a second authorization, conditioned by a second code distinct from the first code, to trigger at least a second function by not revealing the fact that the code does not allow obtain the first authorization;
characterized in that the step of verifying the second authorization comprises the operations consisting in obtaining a new code, by a second reverse transformation of a first simple transformation allowing the holder of the first code to obtain the second code from the first code, and execute the first authorization verification step again to test the new code.

Grâce à l'invention, la victime peut révéler à l'agresseur un deuxième code ; grâce au procédé selon l'invention, ce deuxième code est distingué d'un premier code, habilité pour accéder à une première fonction ; il n'y a alors pas accès à la première fonction qui reste protégée ; mais ce deuxième code peut être habilité pour déclencher une deuxième fonction qui peut servir de leurre, destiné à détourner l'agresseur du projet d'accéder à la première fonction. L'agresseur détourné de son projet ne cherchera pas à menacer davantage sa victime pour qui les risques encourus se trouvent par conséquent réduits. Néanmoins ce procédé reste simple à mettre en oeuvre, puisque l'étape de vérification de la première habilitation est commune au test du code entré directement dans le système à fonctions sécurisées et au test du code obtenu après la deuxième transformation.Thanks to the invention, the victim can reveal to the aggressor a second code; thanks to the method according to the invention, this second code is distinguished from a first code, empowered to access a first function; there is then no access to the first function which remains protected; but second code can be enabled to trigger a second function which can serve as a decoy, intended to divert the aggressor from the project to access to the first function. The aggressor diverted from his project will not seek to further threaten the victim for whom the risks involved are found therefore reduced. However, this process remains simple to implement. work, since the verification stage of the first authorization is common to testing the code entered directly into the function system secure and to the test of the code obtained after the second transformation.

Avantageusement, la première fonction du procédé selon l'invention est une transaction bancaire.Advantageously, the first function of the method according to the invention is a bank transaction.

Avantageusement, les étapes du procédé selon l'invention, consistant à vérifier les première et deuxième habilitations, font intervenir une carte à microprocesseur. Advantageously, the steps of the method according to the invention, consisting in verifying the first and second authorizations, involve a microprocessor card.

Avantageusement, ladite première transformation simple du procédé selon l'invention est réalisée par un décalage élémentaire d'un caractère du premier code.Advantageously, said first simple transformation of the process according to the invention is carried out by an elementary shift of one character of the first code.

Avantageusement, le procédé selon l'invention, comprend en outre une étape d'invalidation, si l'étape consistant à vérifier la première habilitation a été testée plus d'un nombre déterminé de fois sans succès.Advantageously, the method according to the invention further comprises an invalidation step, if the step of verifying the first clearance has been tested more than a specified number of times without success.

Avantageusement, la deuxième fonction, du procédé selon l'invention, consiste à afficher un message choisi aléatoirement parmi plusieurs messages indiquant que l'accès à la première fonction n'est pas possible, sans toutefois spécifier que le code n'est pas celui permettant d'obtenir la première habilitation.Advantageously, the second function, of the method according to the invention consists in displaying a message randomly chosen from several messages indicating that access to the first function is not possible, without however specifying that the code is not the one allowing to obtain the first authorization.

Avantageusement, la deuxième transformation simple du procédé selon l'invention est fonction de paramètres accessibles sur la carte à microprocesseur.Advantageously, the second simple transformation of the process according to the invention is a function of parameters accessible on the card to microprocessor.

Selon un autre aspect, l'invention est un dispositif de contrôle d'accès à des fonctions sécurisées, à code confidentiel.According to another aspect, the invention is a control device access to secure functions, with confidential code.

Avantageusement, ce dispositif comprend :

  • des moyens pour recevoir un code ;
  • des moyens pour vérifier avec ce code une première habilitation, conditionnée par un premier code, pour accéder à une première fonction ;
  • des moyens pour autoriser l'accès à la première fonction si l'habilitation est reconnue ; et
  • des moyens pour utiliser, si l'accès à la première fonction est refusé, le code pour vérifier une deuxième habilitation conditionnée par un deuxième code distinct du premier code pour déclencher au moins une deuxième fonction en ne révélant pas le fait que le code ne permet pas d'obtenir la première habilitation ;
   et il est caractérisé en ce que les moyens pour vérifier la deuxième habilitation permettent les opérations consistant à obtenir un nouveau code, par une deuxième transformation inverse d'une première transformation simple permettant au titulaire du premier code d'obtenir le deuxième code à partir du premier code, et exécuter à nouveau l'étape de vérification de la première habilitation pour tester le nouveau code.Advantageously, this device comprises:
  • means for receiving a code;
  • means for verifying with this code a first authorization, conditioned by a first code, for accessing a first function;
  • means to authorize access to the first function if the qualification is recognized; and
  • means for using, if access to the first function is refused, the code for verifying a second authorization conditioned by a second code distinct from the first code to trigger at least a second function by not revealing the fact that the code does not allow not get the first clearance;
and it is characterized in that the means for verifying the second authorization allow the operations consisting in obtaining a new code, by a second reverse transformation of a first simple transformation allowing the holder of the first code to obtain the second code from the first code, and execute the first authorization verification step again to test the new code.

Avantageusement, le dispositif selon l'invention est un terminal pour carte bancaire.Advantageously, the device according to the invention is a terminal for Bank card.

Avantageusement, le dispositif selon l'invention est utilisé pour sécuriser une transaction bancaire.Advantageously, the device according to the invention is used for secure a bank transaction.

Avantageusement, les étapes consistant à vérifier les premières et deuxièmes habilitations font intervenir un profil d'utilisateur enregistré numériquement.Advantageously, the steps consisting in verifying the first and second authorizations involve a registered user profile numerically.

Avantageusement, les moyens du dispositif selon l'invention, pour vérifier les première et deuxième habilitations, font intervenir une carte à microprocesseur.Advantageously, the means of the device according to the invention, for check the first and second authorizations, involve a credit card microprocessor.

Avantageusement, ladite transformation simple du dispositif selon l'invention, est réalisée par un décalage élémentaire d'un caractère du premier code.Advantageously, said simple transformation of the device according to the invention is carried out by an elementary shift of one character of the first code.

Avantageusement, le dispositif selon l'invention comprend en outre des moyens d'invalidation mis en oeuvre si la première habilitation a été testée plus d'un nombre déterminé de fois sans succès.Advantageously, the device according to the invention further comprises means of invalidation implemented if the first authorization has been tested more than a specified number of times without success.

Avantageusement, la deuxième fonction du dispositif selon l'invention est réalisée par des moyens qui affichent un message choisi aléatoirement parmi plusieurs messages indiquant que l'accès à la première fonction n'est pas possible, sans toutefois spécifier que le code n'est pas celui permettant d'obtenir la première habilitation.Advantageously, the second function of the device according to the invention is carried out by means which display a message chosen at random among several messages indicating that access to the first function is not not possible, without however specifying that the code is not the one allowing to obtain the first authorization.

Avantageusement, la deuxième transformation simple du dispositif selon l'invention est fonction de paramètres accessibles sur la carte à microprocesseur.Advantageously, the second simple transformation of the device according to the invention is a function of parameters accessible on the card to microprocessor.

On comprendra mieux l'invention à l'aide de la description détaillée qui suit et des dessins joints sur lesquels:

  • la figure 1 est un diagramme représentant schématiquement les principales unités composant un dispositif particulier pour la mise en oeuvre de l'invention ; et
  • la figure 2 est un synopsis de l'ensemble des étapes d'un exemple de mise en oeuvre du procédé selon l'invention.
The invention will be better understood with the aid of the detailed description which follows and of the accompanying drawings in which:
  • FIG. 1 is a diagram schematically representing the main units making up a particular device for implementing the invention; and
  • FIG. 2 is a synopsis of all the steps of an example of implementation of the method according to the invention.

Dans un mode privilégié, mais non limitatif, de réalisation du dispositif selon l'invention, celui-ci est un distributeur automatique de billets. Comme représenté sur la figure 1, il comprend de façon classique en soi une unité centrale 1 qui traite et échange des informations avec un lecteur 2 de cartes bancaires 10, et un clavier 3 (ou tout autre dispositif interactif de saisie), pour commander un mécanisme distributeur 4 de billets, le lecteur 2 de cartes bancaires 10 et produire des messages affichés sur un écran 5. Le traitement des informations et la commande des mécanismes composant le dispositif selon l'invention par l'unité centrale 1, s'appuie sur des échanges avec une unité de mémoire 6.In a preferred, but not limiting, mode of carrying out the device according to the invention, this is an automatic cash dispenser. As shown in Figure 1, it conventionally comprises per se a central unit 1 which processes and exchanges information with a reader 2 bank cards 10, and a keyboard 3 (or any other interactive device for entry), to control a mechanism for dispensing 4 banknotes, the reader 2 of bank cards 10 and produce messages displayed on a screen 5. Information processing and control of mechanisms composing the device according to the invention by the central unit 1, is based on exchanges with a memory unit 6.

Une carte 10 est munie d'un microprocesseur. Ce microprocesseur correspond à un profil de titulaire autorisé à détenir un premier code.A card 10 is provided with a microprocessor. This microprocessor corresponds to a holder profile authorized to hold a first code.

Le titulaire détient aussi un deuxième code qui sera utilisé comme code de secours de la manière qui sera exposée plus loin.The holder also holds a second code which will be used as emergency code in the manner which will be explained below.

L'utilisateur détient donc deux codes. Le premier code est son code confidentiel usuel, habilité pour accéder à une première fonction, en l'occurrence, pour l'exemple décrit ici, une transaction monétique du type distribution automatique de billets.The user therefore has two codes. The first code is his code confidential usual, authorized to access a first function, in the occurrence, for the example described here, of an electronic payment transaction of the type automatic ticket distribution.

Le deuxième code est un code de secours. Il peut être révélé par un utilisateur menacé par un agresseur à la place de son code confidentiel.The second code is a backup code. It can be revealed by a user threatened by an attacker instead of his confidential code.

Ce deuxième code est facilement mémorisable et est obtenu par une première transformation arithmétique simple à partir du premier.This second code is easily memorized and is obtained by a first simple arithmetic transformation from the first.

Préférentiellement, le deuxième code ne diffère du premier code que par un chiffre, lequel chiffre est avantageusement modifié seulement de plus 1 ou moins 1 par rapport au chiffre de même rang dans les premier et deuxième codes.Preferably, the second code differs from the first code only by a digit, which digit is advantageously modified only by plus 1 or minus 1 compared to the number of the same rank in the first and second codes.

Préférentiellement, aussi, le dispositif selon l'invention est mis en oeuvre suivant le procédé suivant, décrit en référence en la figure 2.Preferably, too, the device according to the invention is implemented work according to the following process, described with reference to FIG. 2.

Lorsqu'un utilisateur souhaite obtenir une première fonction 180, en l'occurrence la distribution de billets de la part du dispositif selon l'invention, il introduit sa carte 10 dans le lecteur 2 et compose un code sur le clavier 3.When a user wishes to obtain a first function 180, in the occurrence of the distribution of tickets from the device according to the invention, he inserts his card 10 into the reader 2 and dials a code on the keyboard 3.

L'unité centrale 1 commence alors au début 100 une procédure de test, avec des étapes se succédant comme indiqué ci-dessous.The central unit 1 then begins at the start 100 a procedure for test, with successive steps as shown below.

Suit une étape de lecture du profil de l'utilisateur et de réinitialisation 105 du décompte du nombre de fois où le code est composé.Follow a step to read the user profile and reset 105 of the count of the number of times the code is dialed.

Un indicateur 110 témoignant du fait que le code n'a pas encore été transformé est généré.An indicator 110 testifying to the fact that the code has not yet been transformed is generated.

Vient alors l'étape de saisie 115 du code.Then comes the step 115 for entering the code.

Le code est testé, par un test de code 120 pour vérifier une première habilitation.The code is tested, by a code 120 test to verify a first empowerment.

Si le test 120 donne un résultat négatif, c'est que le code fourni au dispositif selon l'invention ne correspond pas au premier code détenu par l'utilisateur, c'est à dire son code confidentiel. Un premier test d'indicateur 130 est alors effectué. Si l'indicateur témoigne du fait que le code n'a pas encore été transformé, l'unité centrale 1 engage un test de deuxième habilitation et procède à une dérivation 140 d'une deuxième transformation, inverse d'une première transformation simple permettant au titulaire d'un premier code d'obtenir un deuxième code (son code de secours) à partir du premier code.If test 120 gives a negative result, it means that the code supplied to the device according to the invention does not correspond to the first code held by the user, ie his confidential code. A first indicator test 130 is then performed. If the indicator shows that the code has not still been transformed, central unit 1 initiates a second test empowerment and proceeds to a derivation 140 of a second transformation, reverse of a simple first transformation allowing the holder of a first code to obtain a second code (its backup code) from the first code.

Un indicateur 145 témoignant du fait que la dérivation 140 a été effectuée, est généré.An indicator 145 testifying to the fact that the bypass 140 has been performed, is generated.

Ce code obtenu par la dérivation 140 est utilisé pour reproduire l'étape de vérification de la première habilitation, au niveau du test de code 120. Si après la dérivation 140, le code obtenu ne correspond toujours pas au premier code (code confidentiel usuel), c'est que le code introduit au début 100 n'était pas le deuxième code (code de secours). Il peut s'agir, par exemple, d'une erreur de frappe de la part de l'utilisateur. La procédure se poursuit en recommençant le premier test d'indicateur 130. Mais cette fois-ci, le test d'indicateur 130 détecte qu'une deuxième habilitation a déjà été testée (T=1). La procédure se poursuit donc par un traitement de code erroné 150 semblable à ceux connus de l'homme du métier. Plus particulièrement, un test du nombre de fois où le code a été composé 190 est effectué. Si ce nombre est égal à 3, par exemple, une étape d'invalidation 200 est effectuée pour mettre fin 210 à la procédure. Si ce nombre est inférieur à 3, il est demandé à l'utilisateur s'il souhaite un abandon 220 de la procédure. Si c'est le cas, la procédure prend fin 210, sinon le code doit être ressaisi après que l'indicateur 110 ait été réinitialisé.This code obtained by derivation 140 is used to reproduce the first authorization verification step, at the code test level 120. If after the derivation 140, the code obtained still does not correspond to the first code (usual confidential code), is that the code introduced to early 100 was not the second code (backup code). It can be, by example of a typing error on the part of the user. The procedure is continues by repeating the first indicator test 130. But this time, indicator test 130 detects that a second authorization has already been tested (T = 1). The procedure therefore continues with code processing erroneous 150 similar to those known to those skilled in the art. More specifically, a test of the number of times the code was dialed 190 is done. If this number is equal to 3, for example, a step 200 is invalidated to terminate 210 the procedure. If this number is less than 3, the user is asked if he wants a abandonment 220 of the procedure. If so, the procedure ends 210, otherwise the code must be re-entered after the indicator 110 has been reset.

Si le test de code 120 donne un résultat positif, un deuxième test 160 de l'indicateur est effectué. Si l'indicateur témoigne du fait que le code n'a pas été transformé, l'utilisateur a accès à la fonction protégée 180 (par exemple la distribution de billets). Si l'indicateur témoigne du fait que le code a déjà été transformé, c'est que le code ayant passé avec succès le test de première habilitation, avait préalablement subi la dérivation 140. Le code entré au début 100 de la procédure était donc le code de secours. La procédure se poursuit alors par une deuxième fonction 170, en l'occurrence, une transaction de secours 170, qui peut être une fonction leurre.If code test 120 gives a positive result, a second test 160 of the indicator is performed. If the indicator shows that the code has not not transformed, the user has access to protected function 180 (by example ticket distribution). If the indicator shows that the code has already been transformed, is that the code having successfully passed the first clearance test, had previously undergone bypass 140. The code entered at the beginning of 100 of the procedure was therefore the emergency code. The the procedure then continues with a second function 170, in this case, a rescue transaction 170, which can be a decoy function.

La deuxième fonction 170 correspond pour l'exemple décrit ici à une transaction de secours qui peut recouvrir plusieurs solutions.The second function 170 corresponds for the example described here to a rescue transaction which can cover several solutions.

Une solution peut consister à afficher sur l'écran 3, un message choisi aléatoirement parmi plusieurs messages indiquant que l'accès à la première fonction 180 n'est pas possible, sans toutefois spécifier que le code fourni au dispositif selon l'invention n'est pas celui permettant d'obtenir la première habilitation.A solution can consist in displaying on screen 3, a message randomly chosen from several messages indicating that access to the first function 180 is not possible, without however specifying that the code provided to the device according to the invention is not the one allowing to obtain the first clearance.

Par exemple, le message sera du type «transaction momentanément indisponible » ou «crédit insuffisant » ou encore n'importe quel autre des messages courants utilisés pour indiquer un incident de fonctionnement d'un guichet automatique bancaire ou un dysfonctionnement du compte du titulaire.For example, the message will be of the type “momentary transaction unavailable "or" insufficient credit "or any of the other common messages used to indicate a malfunction an ATM or a malfunction of the bank account holder.

Selon une autre solution, la procédure normale de distribution de billets sera initiée, par exemple en demandant quelle somme est désirée, puis si l'utilisateur souhaite un reçu, mais une panne sera simulée et la somme demandée ne sera pas délivrée.Alternatively, the normal ticket distribution procedure will be initiated, for example by asking how much is desired, then if the user wants a receipt, but a failure will be simulated and the sum requested will not be issued.

Selon une autre solution, il sera délivré une somme, mais limitée, par exemple, à celle minimale pouvant être distribuée.According to another solution, a sum, but limited, will be issued by example, the minimum that can be distributed.

Par ailleurs, la deuxième transformation 140 simple permet de retrouver le premier code (code confidentiel usuel) à partir du deuxième code (code de secours). Avantageusement, cette deuxième transformation 140 simple est variable, en fonction par exemple de paramètres accessibles sur la carte à microprocesseur. Par exemple, pour un certain organisme bancaire, la deuxième transformation 140 peut consister à incrémenter de 1 le chiffre du deuxième rang du code, alors que pour un autre organisme, la transformation consistera à retrancher une unité au chiffre du dernier rang. La deuxième transformation 140, et notamment le sens de variation sur un chiffre, peut aussi dépendre de la nature paire ou impaire du nombre constituant le «code de banque », le «code de guichet », etc.Furthermore, the second simple transformation 140 makes it possible to find the first code (usual confidential code) from the second code (code rescue). Advantageously, this simple second transformation 140 is variable, depending for example on parameters accessible on the card with microprocessor. For example, for a certain banking organization, the second transformation 140 can consist in incrementing by 1 the digit of second in the code, while for another organization, the transformation will consist in subtracting a unit from the figure of the last row. The second transformation 140, and in particular the direction of variation on a digit, can also depend on the even or odd nature of the number constituting the "bank code", the "bank code", etc.

De nombreuses autres possibilités peuvent être envisagées.Many other possibilities can be envisaged.

Un autre avantage de l'invention dans sa forme décrite ci-dessus est qu'il n'est nécessaire de tester qu'un seul code au niveau du microprocesseur de la carte 10. Les cartes 10 utilisées actuellement sont donc compatibles avec cette forme de réalisation de l'invention et il n'est aucunement nécessaire de changer les cartes 10 déjà en circulation.Another advantage of the invention in its form described above is that only one code needs to be tested at the microprocessor of card 10. The cards 10 currently used are therefore compatible with this embodiment of the invention and it is not no need to change the cards already in circulation.

On comprendra tout de même qu'il est possible d'utiliser des cartes 10 permettant de tester le premier code et le deuxième code, indépendamment l'un de l'autre, et sans effectuer la deuxième transformation 140, sans s'écarter de l'esprit de l'invention.We will understand all the same that it is possible to use cards 10 allowing to test the first code and the second code, independently from each other, and without performing the second transformation 140, without depart from the spirit of the invention.

On comprendra aussi qu'il a été utilisé pour la description détaillée ci-dessus l'exemple des dispositifs de type distributeur de billets, mais que l'invention s'applique également aux terminaux de paiement par carte bancaire ainsi qu'à tout type de système à fonction sécurisée 180, comme certains dispositifs informatiques, certains sites militaires, industriels, etc..It will also be understood that it has been used for the detailed description above. the example of cash dispenser type devices, but that the invention also applies to card payment terminals banking as well as any type of system with a secure function 180, such as certain IT devices, certain military, industrial sites, etc.

Au lieu de tester le code composé en combinaison avec une carte 10 à microprocesseur, pour accéder aux systèmes à fonction sécurisée 180, on peut envisager de le tester en combinaison avec un nom d'utilisateur, ou n'importe quel autre élément de profil d'utilisateur.Instead of testing the code composed in combination with a 10 to microprocessor, to access systems with secure function 180, we may consider testing it in combination with a username, or any other user profile item.

La deuxième fonction 170 décrite ci-dessus est une fonction de leurre simulant un dysfonctionnement du système à protéger. Il pourrait être envisagé dans d'autres cas, comme deuxième fonction 170, le déclenchement d'un signal d'alerte, l'émission de gaz de défense, etc.The second function 170 described above is a decoy function simulating a malfunction of the system to be protected. It might be considered in other cases, as a second function 170, the triggering of an alert signal, emission of defense gases, etc.

Claims (16)

  1. A method of processing confidential codes in a system having secure functions (180), the method comprising the steps consisting in:
    receiving a code;
    verifying a first entitlement for accessing a first function (180), and as determined by a first code;
    authorizing access to the first function (180) if the first entitlement is recognized; and
    if the first entitlement is not recognized, using the code to verify a second entitlement as determined by a second code that is different from the first code, to trigger at least one second function (170) without revealing the fact that the code does not make it possible to obtain the first entitlement;
       the method being characterized in that the step of verifying the second entitlement comprises the operations consisting in: obtaining a new code from the first code by means of a second transformation (140) that is the inverse of a first simple transformation that enables the holder of the first code to obtain the second code from the first code; and testing the new code by performing again the step of verifying the first entitlement.
  2. A method according to claim 1, characterized by the fact that said first simple transformation is performed by a unit shift of one character of the first code.
  3. A method according to either preceding claim, characterized by the fact that the steps consists in verifying the first and second entitlements make use of digitally-recorded user profile.
  4. A method according to any preceding claim, characterized by the fact that the second function (170) consists in displaying a message selected randomly from a plurality of messages stating that access to the first function (180) is not possible, without specifying that the code is not the right code for obtaining the first entitlement.
  5. A method according to any preceding claim, characterized by the fact that the first function (180) is a bank transaction.
  6. A method according to any preceding claim, characterized by the fact that it further comprises a disabling step (200) if the step that consists in verifying whether the first entitlement has been tested more than a determined number of times without success.
  7. A method according to any preceding claim, characterized by the fact that the steps consisting in verifying the first and second entitlements make use of a microprocessor card (10).
  8. A method according to claim 7, characterized by the fact that the second simple transformation (140) is itself a function of parameters that are accessible on the microprocessor card (10).
  9. Apparatus for controlling access to secure functions (180) by means of a code, the apparatus comprising:
    means for receiving a code;
    means for using said code to verify a first entitlement for accessing a first function (180), and as determined by a first code;
    means for authorizing access to the first function (180) if the entitlement is recognized; and
    if the first function (180) is refused, means for using the code to verify a second entitlement as determined by a second code which is different from the first code in order to trigger at least one second function (170) without revealing the fact that the code does not enable the first entitlement to be obtained;
       the apparatus being characterized in that the means for verifying the second entitlement perform operations consisting in obtaining a new code from the first code by means of a second transformation (140) that is the inverse of a first simple transformation that enables the holder of the first code to obtain the second code from the first code, and executing again the step of verifying the first entitlement in order to test the new code.
  10. Apparatus according to claim 9, characterized by the fact that said first simple transformation is performed by a unit shift of one character of the first code.
  11. Apparatus according to claim 9 or 10, characterized by the fact that it is used for making a banking transaction secure.
  12. Apparatus according to any one of claims 9 to 11, characterized by the fact that the second function (170) is performed by means which display a message selected randomly from a plurality of messages stating that access to the first function (180) is not possible, but without specifying that the code is not the right code for obtaining the first entitlement.
  13. Apparatus according to any one of claims 9 to 12, characterized in that it constitutes a bank card terminal.
  14. Apparatus according to any one of claims 9 to 13, characterized in that it further comprises disabling means that are implemented if the first entitlement is tested more than a determined number of times without success.
  15. Apparatus according to any of claims 9 to 14, characterized by the fact that the means for verifying the first and second entitlements make use of a microprocessor card (10).
  16. Apparatus according to claim 15, characterized by the fact that the second simple transformation (140) is itself a function of parameters accessible on the microprocessor card (10).
EP98964554A 1997-12-31 1998-12-30 Method and device for processing confidential codes Expired - Lifetime EP1044435B1 (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
FR9716786 1997-12-31
FR9716786A FR2773250B1 (en) 1997-12-31 1997-12-31 METHOD AND DEVICE FOR PROCESSING CONFIDENTIAL CODES
PCT/FR1998/002918 WO1999035621A1 (en) 1997-12-31 1998-12-30 Method and device for processing confidential codes

Publications (2)

Publication Number Publication Date
EP1044435A1 EP1044435A1 (en) 2000-10-18
EP1044435B1 true EP1044435B1 (en) 2002-11-06

Family

ID=9515368

Family Applications (1)

Application Number Title Priority Date Filing Date
EP98964554A Expired - Lifetime EP1044435B1 (en) 1997-12-31 1998-12-30 Method and device for processing confidential codes

Country Status (9)

Country Link
EP (1) EP1044435B1 (en)
AT (1) ATE227454T1 (en)
CA (1) CA2316818A1 (en)
DE (1) DE69809292T2 (en)
DK (1) DK1044435T3 (en)
ES (1) ES2186249T3 (en)
FR (1) FR2773250B1 (en)
PT (1) PT1044435E (en)
WO (1) WO1999035621A1 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR2874440B1 (en) 2004-08-17 2008-04-25 Oberthur Card Syst Sa METHOD AND DEVICE FOR PROCESSING DATA

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US3633167A (en) * 1970-05-25 1972-01-04 Phinizy R B Security system
JPS59151261A (en) * 1983-02-18 1984-08-29 Fujitsu Ltd Dealing securing system
GB2281649B (en) * 1992-05-08 1995-11-29 Wesco Software Ltd Authenticating the identity of an authorised person
US5354974A (en) * 1992-11-24 1994-10-11 Base 10 Systems, Inc. Automatic teller system and method of operating same
NL9202113A (en) * 1992-12-07 1994-07-01 Nederland Ptt Method for securing a smart card system.

Also Published As

Publication number Publication date
EP1044435A1 (en) 2000-10-18
WO1999035621A1 (en) 1999-07-15
DK1044435T3 (en) 2003-03-03
ES2186249T3 (en) 2003-05-01
PT1044435E (en) 2003-03-31
FR2773250B1 (en) 2000-03-10
DE69809292T2 (en) 2003-07-17
ATE227454T1 (en) 2002-11-15
DE69809292D1 (en) 2002-12-12
CA2316818A1 (en) 1999-07-15
FR2773250A1 (en) 1999-07-02

Similar Documents

Publication Publication Date Title
EP0055986B1 (en) Security system and apparatus for the three-way communication of confidential data
US5534683A (en) System for conducting transactions with a multifunctional card having an electronic purse
CA2124891C (en) Process for authentifying a portable object by an off-line terminal and portable object and terminal using said process
EP0427601B2 (en) Method for authenticating a microprocessor-card, and system for implementing it
US7623844B2 (en) User authentication system and method
EP1829281B1 (en) Authentication device and/or method
EP1780680B1 (en) Procedure for control of interlock and lock
Anderson Liability and computer security: Nine principles
EP0426541B1 (en) Method of protection against fraudulent use of a microprocessor card and device for its application
FR2854303A1 (en) METHOD FOR SECURING A MOBILE TERMINAL AND METHOD APPLICATIONS, THE EXECUTION OF APPLICATIONS REQUIRING A HIGH SECURITY LEVEL
JP2010086552A (en) Tokenless identification system for authorization of electronic transaction and electronic transmission
HUE032360T2 (en) Methods and systems for secure user authentication
EP1055203B1 (en) Protocol between an electronic key and a lock
FR2608809A1 (en) SYSTEM FOR PROVIDING BENEFITS WITH REVALIDATION
EP1460593A1 (en) Secure payment terminal
EP1044435B1 (en) Method and device for processing confidential codes
EP1266364A1 (en) Cryptographic method for protection against fraud
FR2757972A1 (en) METHOD FOR SECURING A SECURITY MODULE, AND RELATED SECURITY MODULE
Fairweather et al. Technical options report
EP2016700B1 (en) Terminal activation method
CN111552985B (en) Information verification method and device
KR100830969B1 (en) Method and System for Implementing Financial Transactions Using OTP
EP0924600A1 (en) Electronic apparatus comprising a memory protection device and a method for protecting data in a memory
CA2982787C (en) Game terminal
CN117709962A (en) Transaction verification method and device

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20000724

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LI LU MC NL PT SE

GRAG Despatch of communication of intention to grant

Free format text: ORIGINAL CODE: EPIDOS AGRA

17Q First examination report despatched

Effective date: 20020204

GRAG Despatch of communication of intention to grant

Free format text: ORIGINAL CODE: EPIDOS AGRA

GRAH Despatch of communication of intention to grant a patent

Free format text: ORIGINAL CODE: EPIDOS IGRA

GRAH Despatch of communication of intention to grant a patent

Free format text: ORIGINAL CODE: EPIDOS IGRA

GRAA (expected) grant

Free format text: ORIGINAL CODE: 0009210

AK Designated contracting states

Kind code of ref document: B1

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LI LU MC NL PT SE

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: IE

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20021106

Ref country code: AT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20021106

REF Corresponds to:

Ref document number: 227454

Country of ref document: AT

Date of ref document: 20021115

Kind code of ref document: T

REG Reference to a national code

Ref country code: GB

Ref legal event code: FG4D

Free format text: NOT ENGLISH

REG Reference to a national code

Ref country code: CH

Ref legal event code: EP

REG Reference to a national code

Ref country code: IE

Ref legal event code: FG4D

Free format text: FRENCH

REF Corresponds to:

Ref document number: 69809292

Country of ref document: DE

Date of ref document: 20021212

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: LI

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20021231

Ref country code: CY

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20021231

Ref country code: CH

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20021231

REG Reference to a national code

Ref country code: GR

Ref legal event code: EP

Ref document number: 20030400355

Country of ref document: GR

REG Reference to a national code

Ref country code: DK

Ref legal event code: T3

REG Reference to a national code

Ref country code: PT

Ref legal event code: SC4A

Free format text: AVAILABILITY OF NATIONAL TRANSLATION

Effective date: 20030128

GBT Gb: translation of ep patent filed (gb section 77(6)(a)/1977)

Effective date: 20030320

REG Reference to a national code

Ref country code: ES

Ref legal event code: FG2A

Ref document number: 2186249

Country of ref document: ES

Kind code of ref document: T3

REG Reference to a national code

Ref country code: IE

Ref legal event code: FD4D

Ref document number: 1044435E

Country of ref document: IE

REG Reference to a national code

Ref country code: CH

Ref legal event code: PL

PLBE No opposition filed within time limit

Free format text: ORIGINAL CODE: 0009261

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: NO OPPOSITION FILED WITHIN TIME LIMIT

26N No opposition filed

Effective date: 20030807

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: GR

Payment date: 20031219

Year of fee payment: 6

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: SE

Payment date: 20031222

Year of fee payment: 6

Ref country code: MC

Payment date: 20031222

Year of fee payment: 6

Ref country code: FI

Payment date: 20031222

Year of fee payment: 6

Ref country code: DK

Payment date: 20031222

Year of fee payment: 6

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: GB

Payment date: 20031224

Year of fee payment: 6

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: PT

Payment date: 20031226

Year of fee payment: 6

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: ES

Payment date: 20031230

Year of fee payment: 6

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: NL

Payment date: 20031231

Year of fee payment: 6

Ref country code: DE

Payment date: 20031231

Year of fee payment: 6

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: LU

Payment date: 20040106

Year of fee payment: 6

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: BE

Payment date: 20040217

Year of fee payment: 6

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: FI

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20041204

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: LU

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20041230

Ref country code: GB

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20041230

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: SE

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20041231

Ref country code: MC

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20041231

Ref country code: ES

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20041231

Ref country code: BE

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20041231

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: DK

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20050103

BERE Be: lapsed

Owner name: GROUPEMENT DES CARTES BANCAIRES *CB

Effective date: 20041231

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: PT

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20050630

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: NL

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20050701

Ref country code: DE

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20050701

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: GR

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20050704

REG Reference to a national code

Ref country code: DK

Ref legal event code: EBP

EUG Se: european patent has lapsed
GBPC Gb: european patent ceased through non-payment of renewal fee

Effective date: 20041230

REG Reference to a national code

Ref country code: PT

Ref legal event code: MM4A

Effective date: 20050630

NLV4 Nl: lapsed or anulled due to non-payment of the annual fee

Effective date: 20050701

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: IT

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20051230

REG Reference to a national code

Ref country code: ES

Ref legal event code: FD2A

Effective date: 20041231

BERE Be: lapsed

Owner name: GROUPEMENT DES CARTES BANCAIRES *CB

Effective date: 20041231

REG Reference to a national code

Ref country code: FR

Ref legal event code: CA

REG Reference to a national code

Ref country code: FR

Ref legal event code: PLFP

Year of fee payment: 18

REG Reference to a national code

Ref country code: FR

Ref legal event code: PLFP

Year of fee payment: 19

REG Reference to a national code

Ref country code: FR

Ref legal event code: PLFP

Year of fee payment: 20

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: FR

Payment date: 20171027

Year of fee payment: 20