EP1254438A1 - Procede de protection contre le vol de la valeur d'authentification pour cartes a puce(s) multi-applications, cartes a puce(s) mettant en oeuvre le procede et terminaux susceptibles de recevoir lesdites cartes - Google Patents
Procede de protection contre le vol de la valeur d'authentification pour cartes a puce(s) multi-applications, cartes a puce(s) mettant en oeuvre le procede et terminaux susceptibles de recevoir lesdites cartesInfo
- Publication number
- EP1254438A1 EP1254438A1 EP01907630A EP01907630A EP1254438A1 EP 1254438 A1 EP1254438 A1 EP 1254438A1 EP 01907630 A EP01907630 A EP 01907630A EP 01907630 A EP01907630 A EP 01907630A EP 1254438 A1 EP1254438 A1 EP 1254438A1
- Authority
- EP
- European Patent Office
- Prior art keywords
- authentication value
- application
- card
- terminal
- operating system
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Classifications
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/10—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
- G07F7/1008—Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/341—Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/355—Personalisation of cards for use
- G06Q20/3552—Downloading or loading of personalisation data
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/357—Cards having a plurality of specified features
- G06Q20/3576—Multiple memory zones on card
- G06Q20/35765—Access rights to memory zones
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/36—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes
- G06Q20/367—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/10—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
- G07F7/1025—Identification of user by a PIN code
- G07F7/1083—Counting of PIN attempts
Definitions
- the invention relates to a method of protection against theft of the authentication value for multi-application smart cards capable of communicating with the outside by means of a terminal. It also relates to smart cards implementing said method and to terminals capable of receiving said cards.
- the invention applies very particularly to multi-application smart cards used with mobile telephones such as telephones defined by the GSM standard.
- multi-application chip card is understood to mean cards containing one or more integrated circuit chips, said cards being intended to be able to execute different application programs loaded or downloaded during the life of the card.
- the term authentication value which is also known as the authentication code, is used to authenticate the card holder.
- the authentication value can be a known datum of the holder alone (in general, a personal identification number or PIN- Personnal Identifier Number), deduced from a biometric characteristic of the holder (for example, voice, fingerprint, heat ...) or resulting from an action that only the holder can perform (for example, signature).
- multi-application smart cards generally have a single authentication value for all applications.
- the OP specification defined by VISA and which currently serves as the standard for loading / downloading and internal management of applications on multi-application smart cards, defines a single global PIN for all resident and future applications of the map.
- the depositor identified an attack enabling the authentication value of the card to be found.
- the verification of the identity of the user of the card is generally carried out via an application responsible for displaying, on the screen of the terminal in which the smart card (s) is inserted. , a menu inviting the user to present the authentication value. Once the authentication value has been presented, the terminal returns this value to said application which verifies
- Access to the application in charge of displaying, on the screen of the terminal in which the smart card (s) is inserted, the menu inviting the user to present the authentication value is generally controlled so that only authorized applications can initiate verification of the authentication value.
- a malicious application having access to a terminal can simulate on this terminal the menu inviting the user to present its authentication value. The user will then confidently present its authentication value, thus allowing the malicious application to discover this value. Subsequently, the malicious application may, thanks to its ability to communicate with the outside world, provide authentication value to the developer of the malicious application. This will be all the easier in the case of a terminal such as a mobile phone for which the malicious application can dial a number in order to communicate the authentication value.
- the object of the present invention is to remedy these problems.
- the subject of the present invention is a method of protecting against theft the authentication value for multi-application smart card (s) comprising an operating system, mainly characterized in that it comprises, to prevent an application having a access to a terminal to simulate the menu inviting the user to present the authentication value, a mechanism forcing access to the interface for presentation of the authentication value by the operating system of the card whatever the application that initiated the process, as soon as there is a request for authentication value.
- the mechanism comprises the reservation on the terminal of at least one function key or of a sequence of function keys able to trigger a call from the card's operating system.
- the implementation of the mechanism includes the following sequence of actions: - pressing the function key (s) by the user of the card to authorize the presentation of the authentication value and causing a temporary locking of the applications of the card, - presentation of the authentication value,
- the invention also relates to a multi-application smart card (s) comprising an operating system and means of communication with a terminal, mainly characterized in that it comprises means for system calls from the terminal for the presentation of the authentication value cannot be intercepted by the applications.
- a multi-application smart card comprising an operating system and means of communication with a terminal, mainly characterized in that it comprises means for system calls from the terminal for the presentation of the authentication value cannot be intercepted by the applications.
- the invention relates to a terminal capable of communicating with a smart card (s), mainly characterized in that it comprises at least one function key or a sequence of function keys reserved for making a system call to the card and initiating the presentation. of the authentication value.
- a smart card mainly characterized in that it comprises at least one function key or a sequence of function keys reserved for making a system call to the card and initiating the presentation. of the authentication value.
- FIG. 1 represents the diagram illustrating the implementation of the method according to the invention
- FIG. 2 represents the diagram of a terminal capable of communicating with a smart card (s) according to the invention
- FIG. 3 represents the diagram a multi-application card according to the invention. A practical embodiment of the method according to the invention will be described below with reference to FIG. 1.
- the method comprises temporarily locking the application selected by the user or an application called by the application selected by this user; a call from the operating system of the smart card (s) for the implementation by the operating system of the procedure for verifying the authentication value.
- the locking is obtained by the association of a function key or a sequence of keys provided on the terminal in order to be able to initiate the presentation of the authentication value and a system call triggered by pressing this function key or the function key sequence.
- the operating system of the card unlocks the running application which can then resume its execution at the place where it was suspended; otherwise, the operating system displays an error message and performs the appropriate security actions (for example, permanently locking the application and displaying an alert message).
- FIG. 2 illustrates a terminal T able to communicate with a smart card (s).
- This terminal has, in known manner, a central processing unit UC with a program memory MPT.
- This memory includes an IT interface for communication with smart cards (s) per se. Only a modification is provided to allow the terminal to wait for pressing the P IN key (or the sequence of function keys) after the display of the message requesting the authentication value and send a call to the card's operating system.
- a multi-application smart card (s) C has been shown diagrammatically in FIG. 3 in order to illustrate the various elements involved in the implementation of the method according to the invention.
- a single integrated circuit chip P is present in the card, it is a chip containing one or more microprocessor (s) and its associated memories in particular a program memory MPC.
- This memory contains the operating system and the interface for presenting and verifying the authentication value.
- another MPA program memory is intended to memorize the different application programs A1, A2, ... An.
Landscapes
- Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Physics & Mathematics (AREA)
- Accounting & Taxation (AREA)
- General Physics & Mathematics (AREA)
- Computer Networks & Wireless Communication (AREA)
- Strategic Management (AREA)
- General Business, Economics & Management (AREA)
- Theoretical Computer Science (AREA)
- Microelectronics & Electronic Packaging (AREA)
- Finance (AREA)
- Telephone Function (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
Description
Claims
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
FR0000829A FR2804234B1 (fr) | 2000-01-24 | 2000-01-24 | Procede de protection contre le vol de la valeur d'authentification pour cartes a puce(s) multi-applications, cartes a puce(s) mettant en oeuvre le procede et terminaux susceptibles de recevoir lesdites cartes |
FR0000829 | 2000-01-24 | ||
PCT/FR2001/000165 WO2001055980A1 (fr) | 2000-01-24 | 2001-01-18 | Procede de protection contre le vol de la valeur d'authentification pour cartes a puce(s) multi-applications, cartes a puce(s) mettant en oeuvre le procede et terminaux susceptibles de recevoir lesdites cartes |
Publications (1)
Publication Number | Publication Date |
---|---|
EP1254438A1 true EP1254438A1 (fr) | 2002-11-06 |
Family
ID=8846206
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP01907630A Withdrawn EP1254438A1 (fr) | 2000-01-24 | 2001-01-18 | Procede de protection contre le vol de la valeur d'authentification pour cartes a puce(s) multi-applications, cartes a puce(s) mettant en oeuvre le procede et terminaux susceptibles de recevoir lesdites cartes |
Country Status (6)
Country | Link |
---|---|
US (1) | US20030079127A1 (fr) |
EP (1) | EP1254438A1 (fr) |
CN (1) | CN1416559A (fr) |
AU (1) | AU2001235546A1 (fr) |
FR (1) | FR2804234B1 (fr) |
WO (1) | WO2001055980A1 (fr) |
Families Citing this family (26)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
FR2790844B1 (fr) * | 1999-03-09 | 2001-05-25 | Gemplus Card Int | Procede et dispositif de surveillance du deroulement d'un programme, dispositif programme permettant la surveillance de son programme |
US7322043B2 (en) * | 2002-06-20 | 2008-01-22 | Hewlett-Packard Development Company, L.P. | Allowing an electronic device accessing a service to be authenticated |
US8010405B1 (en) | 2002-07-26 | 2011-08-30 | Visa Usa Inc. | Multi-application smart card device software solution for smart cardholder reward selection and redemption |
US20040122774A1 (en) * | 2002-08-02 | 2004-06-24 | Martin Studd | Method and system for executing applications on a mobile device |
US8626577B2 (en) | 2002-09-13 | 2014-01-07 | Visa U.S.A | Network centric loyalty system |
US8015060B2 (en) | 2002-09-13 | 2011-09-06 | Visa Usa, Inc. | Method and system for managing limited use coupon and coupon prioritization |
US9852437B2 (en) | 2002-09-13 | 2017-12-26 | Visa U.S.A. Inc. | Opt-in/opt-out in loyalty system |
US7121456B2 (en) | 2002-09-13 | 2006-10-17 | Visa U.S.A. Inc. | Method and system for managing token image replacement |
US7827077B2 (en) | 2003-05-02 | 2010-11-02 | Visa U.S.A. Inc. | Method and apparatus for management of electronic receipts on portable devices |
US8554610B1 (en) | 2003-08-29 | 2013-10-08 | Visa U.S.A. Inc. | Method and system for providing reward status |
US7104446B2 (en) | 2003-09-03 | 2006-09-12 | Visa U.S.A., Inc. | Method, system and portable consumer device using wildcard values |
US7051923B2 (en) | 2003-09-12 | 2006-05-30 | Visa U.S.A., Inc. | Method and system for providing interactive cardholder rewards image replacement |
US8407083B2 (en) | 2003-09-30 | 2013-03-26 | Visa U.S.A., Inc. | Method and system for managing reward reversal after posting |
US8005763B2 (en) | 2003-09-30 | 2011-08-23 | Visa U.S.A. Inc. | Method and system for providing a distributed adaptive rules based dynamic pricing system |
US7653602B2 (en) | 2003-11-06 | 2010-01-26 | Visa U.S.A. Inc. | Centralized electronic commerce card transactions |
FR2864292B1 (fr) * | 2003-12-17 | 2006-03-31 | Gemplus Card Int | Maintien en fonction pleinement simultanee d'un objet a interface duale |
CN100413359C (zh) * | 2005-01-28 | 2008-08-20 | 北京握奇数据系统有限公司 | 移动终端 |
US20070192840A1 (en) * | 2006-02-10 | 2007-08-16 | Lauri Pesonen | Mobile communication terminal |
US8095977B2 (en) * | 2007-01-19 | 2012-01-10 | Microsoft Corporation | Secure PIN transmission |
FR2917868B1 (fr) * | 2007-06-22 | 2009-09-25 | Eads Defence And Security Syst | Systeme et procede de securisation utilisant un dispositif de securite |
US7992781B2 (en) | 2009-12-16 | 2011-08-09 | Visa International Service Association | Merchant alerts incorporating receipt data |
US8429048B2 (en) | 2009-12-28 | 2013-04-23 | Visa International Service Association | System and method for processing payment transaction receipts |
US10020847B2 (en) * | 2011-11-15 | 2018-07-10 | Famoco | NFC device and connection system of NFC devices |
US10147090B2 (en) | 2012-10-01 | 2018-12-04 | Nxp B.V. | Validating a transaction with a secure input without requiring pin code entry |
US9495524B2 (en) | 2012-10-01 | 2016-11-15 | Nxp B.V. | Secure user authentication using a master secure element |
EP2942733A1 (fr) * | 2014-05-09 | 2015-11-11 | Nxp B.V. | Architecture de sécurité de plate-forme dédiée à l'aide d'un dispositif de sécurité pour l'interaction de l'utilisateur |
Family Cites Families (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4918653A (en) * | 1988-01-28 | 1990-04-17 | International Business Machines Corporation | Trusted path mechanism for an operating system |
CA2288824A1 (fr) * | 1997-03-24 | 1998-10-01 | Marc B. Kekicheff | Procede et dispositif de carte a puce multi-application permettant de telecharger une application sur la carte posterieurement a son emission |
US6824064B2 (en) * | 2000-12-06 | 2004-11-30 | Mobile-Mind, Inc. | Concurrent communication with multiple applications on a smart card |
-
2000
- 2000-01-24 FR FR0000829A patent/FR2804234B1/fr not_active Expired - Fee Related
-
2001
- 2001-01-18 WO PCT/FR2001/000165 patent/WO2001055980A1/fr not_active Application Discontinuation
- 2001-01-18 CN CN01806403.5A patent/CN1416559A/zh active Pending
- 2001-01-18 AU AU2001235546A patent/AU2001235546A1/en not_active Abandoned
- 2001-01-18 US US10/181,884 patent/US20030079127A1/en not_active Abandoned
- 2001-01-18 EP EP01907630A patent/EP1254438A1/fr not_active Withdrawn
Non-Patent Citations (1)
Title |
---|
See references of WO0155980A1 * |
Also Published As
Publication number | Publication date |
---|---|
FR2804234A1 (fr) | 2001-07-27 |
CN1416559A (zh) | 2003-05-07 |
AU2001235546A1 (en) | 2001-08-07 |
WO2001055980A1 (fr) | 2001-08-02 |
FR2804234B1 (fr) | 2003-05-09 |
US20030079127A1 (en) | 2003-04-24 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP1254438A1 (fr) | Procede de protection contre le vol de la valeur d'authentification pour cartes a puce(s) multi-applications, cartes a puce(s) mettant en oeuvre le procede et terminaux susceptibles de recevoir lesdites cartes | |
EP2455923B1 (fr) | Serveur de transaction NFC | |
FR2885424A1 (fr) | Dispositif de traitement de donnees, terminal de telecommunications et procede de traitement de donnees au moyen d'un dispositif de traitement de donnees. | |
FR2989799A1 (fr) | Procede de transfert d'un dispositif a un autre de droits d'acces a un service | |
EP0785514A1 (fr) | Procédé de mise en oeuvre d'un programme sécurisé dans une carte à microprocesseur et carte à microprocesseur comportant un programme sécurisé | |
WO2005084107A2 (fr) | Dispositif et procede faisant appel a un equipement a carte sim | |
FR2987150A1 (fr) | Securisation d'une transmission de donnees. | |
EP1250686B1 (fr) | Proc d de protection contre le vol du code secret dans les cartes puce(s) multi-applications et cartes puce(s) mettant en oeuvre le proc d | |
FR2852717A1 (fr) | Terminal de paiement securise | |
FR2945141A1 (fr) | Procede et systeme de gestion d'une application de paiement mobile sans contact mettant en oeuvre une verification de code personnel | |
EP3987416A1 (fr) | Procede et dispositif d'authentification d'un utilisateur utilisant la conductivité du corps humain | |
EP3173998A1 (fr) | Méthode de paiement et dispositif utilisant cette méthode | |
EP1297653A1 (fr) | Traitement de donnees avec une cle | |
WO2002067212A1 (fr) | Procede de stockage securise de donnees personnelles et de consultation, carte a puce, terminal et serveur pour la mise en oeuvre du procede | |
EP1142193A1 (fr) | Procede de chargement securise de donnees entre des modules de securite | |
EP1616256A1 (fr) | Procede de gestion d un code executable telecharge dans un s ysteme embarque reprogrammable | |
FR2923041A1 (fr) | Procede d'ouverture securisee a des tiers d'une carte a microcircuit. | |
WO2009138641A1 (fr) | Procede d'utilisation d'un terminal hote par un dispositif externe connecte au terminal | |
EP0974131B1 (fr) | Procede d'interpretation dynamique de donnees pour une carte a puce | |
FR2834366A1 (fr) | Carte a puce autoverrouillable, dispositif de securisation d'une telle carte et procedes associes | |
EP2252978B1 (fr) | Carte a circuit integre ayant un programme d'exploitation modifiable et procede de modification correspondant | |
WO2019211533A1 (fr) | Authentification mutuelle d'un dispositif ou d'un système contenant des données sensibles ou confidentielles commandable par un utilisateur | |
FR2913551A1 (fr) | Methode d'authentification mutuelle et recurrente sur internet. | |
WO2013098238A1 (fr) | Procédé et système de sécurisation d'un paiement réalisé à l'aide d'une carte de paiement | |
FR3129757A1 (fr) | Procédé d’établissement d’une transaction entre un objet communicant et un module de contrôle de la transaction associé à un dispositif de fourniture de bien(s) ou de service(s) |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
17P | Request for examination filed |
Effective date: 20020826 |
|
AK | Designated contracting states |
Kind code of ref document: A1 Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LI LU MC NL PT SE TR |
|
AX | Request for extension of the european patent |
Free format text: AL;LT;LV;MK;RO;SI |
|
RIN1 | Information on inventor provided before grant (corrected) |
Inventor name: BIDAN, CHRISTOPHE Inventor name: GIRARD, PIERRE |
|
17Q | First examination report despatched |
Effective date: 20040204 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN |
|
18D | Application deemed to be withdrawn |
Effective date: 20040615 |