EP1358640A1 - Verfahren zur herstellung von privaten, sicheren dateien und chipkarte mit privaten, sicheren dateien - Google Patents

Verfahren zur herstellung von privaten, sicheren dateien und chipkarte mit privaten, sicheren dateien

Info

Publication number
EP1358640A1
EP1358640A1 EP02700344A EP02700344A EP1358640A1 EP 1358640 A1 EP1358640 A1 EP 1358640A1 EP 02700344 A EP02700344 A EP 02700344A EP 02700344 A EP02700344 A EP 02700344A EP 1358640 A1 EP1358640 A1 EP 1358640A1
Authority
EP
European Patent Office
Prior art keywords
card
smart card
terminal
tool
private
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP02700344A
Other languages
English (en)
French (fr)
Inventor
Frédéric LAPORTE
Murielle Rose
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Gemplus SA
Original Assignee
Gemplus Card International SA
Gemplus SA
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Gemplus Card International SA, Gemplus SA filed Critical Gemplus Card International SA
Publication of EP1358640A1 publication Critical patent/EP1358640A1/de
Withdrawn legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1008Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/355Personalisation of cards for use
    • G06Q20/3552Downloading or loading of personalisation data
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/0873Details of the card reader
    • G07F7/088Details of the card reader the card reader being part of the point of sale [POS] terminal or electronic cash register [ECR] itself
    • G07F7/0886Details of the card reader the card reader being part of the point of sale [POS] terminal or electronic cash register [ECR] itself the card reader being portable for interacting with a POS or ECR in realizing a payment transaction

Definitions

  • the invention relates to a method for creating secure private data files.
  • the invention also relates to smart cards intended to communicate with a terminal. It also relates to telecommunications terminals and in particular mobile telephones equipped with a subscriber identification smart card, provided with a communication program with the mobile telephone.
  • bank account numbers • subscription numbers to services, secret codes or passwords and, of course, telephone numbers whose volume increases simply because It is increasingly common to join a mobile phone number to a number on the fixed telephone network.
  • Paper calendars can remain an interesting solution, of course insofar as personal information is only telephone numbers and this information does not require frequent changes (updates).
  • the present invention aims to solve this problem.
  • the present invention therefore relates to a method for creating one or more data files, secure private (s), mainly characterized in that it comprises the following steps:
  • a smart card reader terminal fitted with a display screen 'and a man machine interface, capable of establishing communication with a smart card and being controlled by it and a card comprising a communication program capable of establishing communication sessions with this terminal, loading a support tool for the generation and / or consultation of data from private files 5 on the smart card, and the implementation of an operation to authorize any consultation or update after verification of secret information.
  • the tool comprises:
  • the tool includes: the provision of a storage space to store confidential information and constitute a set of private files.
  • the assistance tool for generating and / or consulting file data implements the following commands which allow the card to control the terminal: 25 - display request '' an information message,
  • the subject of the invention is also a smart card comprising a processing unit and one or more program memories comprising programs including, the operating system of
  • the card and at least one suitable communication program to establish communication sessions and to control a terminal provided with a man-machine interface, mainly characterized in that it includes a tool for assisting in the generation and / or consultation of file data, and authorizing any consultation or updates to this file data after verification of secret information.
  • the tool comprises a securing operation for during a step of initialization of said support tool • enter the secret information to be stored in the card.
  • the tool provides a storage space for storing confidential information and constituting a set of private files.
  • FIG. 1 illustrates the steps implemented by the assistance tool for generating and / or consulting data from private files on a smart card
  • FIG. 2 illustrates the steps implemented by the assistance tool for generating and / or consulting data from private files on a smart card
  • Figure 3 illustrates a first example of submenu
  • FIG. 4 illustrates a second example of a submenu
  • FIG. 5 illustrates a third example of a submenu
  • FIG. 6 illustrates a fourth example of a sub-menu
  • FIG. 7, illustrates a functional diagram of a smart card
  • FIG. 8 illustrates a terminal provided with a smart card.
  • the application smart cards currently developed are similar to a computer in that they have an operating system and one or more application programs that can be loaded or downloaded. These smart cards have the means to communicate with a communication terminal.
  • the operating system is protected by the very fact that it is memorized in read-only memory (ROM memory). The operating system is therefore not modifiable inside the card.
  • Chip cards which are intended to communicate with a terminal. have a communication program with the terminal. It is an application program, just like a banking or telephony application program.
  • the application programs are generally stored in electrically programmable memory. These programs can thus be updated and some downloaded using the terminal.
  • SIM cards which are subscriber identification cards. These cards include in memory a communication program known by the acronym STK (from SIM TOOL KIT) and which corresponds to the communication protocol with • terminals. GSM 11-14 standard 98 mobile telephony.
  • This communication program allows communications between the card and the terminal and between the card and the terminal user through the man-machine interface of the terminal.
  • the user has at his disposal a menu which takes place on the screen and the terminal keyboard for dialoguing with the card through the terminal.
  • the man-machine interface can include a display screen or a printer.
  • the method according to the invention provides a tool to assist in the generation and / or consultation of data from private files loaded into the smart card.
  • this tool is in the form of a function added to the communication program with a terminal (telecommunications or other) residing in the card. It is a program of assistance for the generation and the private files of data consultation for the holder of 'the card.
  • This tool includes the implementation of commands used • by the card to control the terminal. Piloting is carried out in particular by the execution of an application residing in the card.
  • commands used are: demand. display of an information message; - the request to enter information and return the data entered; the request to display a menu and return the number of the item selected by the user in this menu.
  • the display commands can be print commands or equivalent intended for the user.
  • the card thus has a secure electronic safe function due to the implementation of a password consultation authorization operation and the intrinsic security of the card.
  • the secret information can be a password, a fingerprint, .
  • the secret data can be stored encrypted or encrypted, 'in particular on the basis of the password.
  • the data is decrypted.
  • the tool for assisting in the generation and / or consultation of data from private files stored on a smart card includes security by the very fact of being in a smart card.
  • the operating system of a smart card is in ROM memory (non-volatile memory) and it is the operating system of the card which launches the execution of the application programs and therefore of the tool program.
  • This tool program can also be stored in the card's non-volatile memory.
  • the tool has a second security for private files since it allows the card holder to choose secret information which includes a password. and possibly a user name to protect said files.
  • the tool may also include additional security since a card intended for communicate with a telecommunications terminal, any session of the terminal can only be opened after presentation of a secret code (PIN code: Personal Identifier Number) and validation by the card of this 5 secret code.
  • PIN code Personal Identifier Number
  • the tool firstly implements a securing operation B] I) figure 1 and B] II) figure 2.
  • this step includes initialization B] I) Figure 1;
  • this step consists of verifying secret information which the user has entered and which has been stored in the card during initialization B] II) FIG. 2.
  • the tool allows the user to initialize his smart card - "Initialization phase".
  • the step can be optional on certain terminals or deactivated.
  • the tool ' then has according to the invention
  • This information is chosen by the user and saved on the card.
  • the tool then controls the display of free information fields on the screen to allow the user to type one or more menus which are saved on the card (step C]).
  • FIGS. 1 and 2 Several fields have been illustrated in FIGS. 1 and 2 for entering submenus.
  • the tool also makes it possible, before entering any user name and password, to order the display of an IDT information field for entering the holder identification.
  • the identity of the holder could be accessible as soon as the mobile is switched on without having to satisfy a PIN code check.
  • the tool then allows the user, at any time, to consult his private files in the various menus and ' submenus to search for information stored in the card (B] II) figure 2).
  • the tool After validation of the secret code (PIN CODE) (step A] figure 2), the tool controls the display of the terminal screen to request the entry of the secret information IS. The user must then type on the terminal keyboard the name he has chosen and the password.
  • the tool then performs a verification of the secret information IS compared to the information recorded on the card (in step B] II) Figure
  • Figures 3, 4, 5 and 6 illustrate examples of information which can be recorded on the card and which can be read on the display screen by scrolling through the corresponding menu.
  • FIG. 3 illustrates an example of menu 1 in which the user has stored information relating to computer hardware.
  • the ' Name of the submenu field is login / password.
  • Sub-directories are reserved for the various IT equipment, with each information sub-directory.
  • PC is illustrated as well as the information recorded concerning said PC.
  • FIG. 4 illustrates an example of menu 2 in which the user has stored information concerning the bank cards of the holder.
  • FIG. 5 illustrates an example of menu 3 in which the user has stored information concerning the official identity documents of the holder. (passport, identity card, driving license, etc.).
  • the_card. smart thus has a secure electronic diary function.
  • FIG. 7 illustrates the functional diagram of a smart card CP.
  • the card comprises a central unit U connected to a non-volatile program memory Ml and at least one electrically programmable program memory M2.
  • the memory M1 includes the operating system of the card CP and possibly the communication program with the telecommunication terminal. It also includes the program carrying out the additional function which has just been described.
  • the smart card can perform this function in association with the telecommunications terminal which then becomes a human-machine interface for the user.
  • FIG. 8 illustrates the diagram of a terminal T.
  • This terminal has the functions of a smart card reader which enable it to communicate with the smart card CP. It has a screen E and a keyboard C.
  • the terminal T is a mobile telephone
  • the card is a SIM card
  • the communication program is the STK protocol (SIM TOOL KIT).
  • the terminal can be a terminal in which the smart card does not reside but must be inserted by a user of the terminal. It may for example be a bank terminal.

Landscapes

  • Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Business, Economics & Management (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Accounting & Taxation (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Theoretical Computer Science (AREA)
  • Storage Device Security (AREA)
EP02700344A 2001-01-22 2002-01-21 Verfahren zur herstellung von privaten, sicheren dateien und chipkarte mit privaten, sicheren dateien Withdrawn EP1358640A1 (de)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
FR0100826A FR2819909B1 (fr) 2001-01-22 2001-01-22 Procede pour la creation de fichiers de donnees, prives securises et carte a puce comportant un fichier prive securise
FR0100826 2001-01-22
PCT/FR2002/000230 WO2002058019A1 (fr) 2001-01-22 2002-01-21 Procede pour la creation de fichiers de donnees, prives securises et carte a puce comportant un fichier prive securise

Publications (1)

Publication Number Publication Date
EP1358640A1 true EP1358640A1 (de) 2003-11-05

Family

ID=8859095

Family Applications (1)

Application Number Title Priority Date Filing Date
EP02700344A Withdrawn EP1358640A1 (de) 2001-01-22 2002-01-21 Verfahren zur herstellung von privaten, sicheren dateien und chipkarte mit privaten, sicheren dateien

Country Status (3)

Country Link
EP (1) EP1358640A1 (de)
FR (1) FR2819909B1 (de)
WO (1) WO2002058019A1 (de)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE102004005043A1 (de) * 2004-01-30 2005-08-25 Giesecke & Devrient Gmbh System mit einem Endgerät und einem tragbaren Datenträger

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH0734215B2 (ja) * 1985-02-27 1995-04-12 株式会社日立製作所 Icカ−ド
EP0490455B1 (de) * 1990-12-10 1997-10-08 THOMSON multimedia Verfahren und Vorrichtung zum Bilden einer Schnittstelle zwischen Chipkarten und Endgeräten
FR2730330B1 (fr) * 1995-02-02 1997-04-18 Cohen Solal Bernard Simon Systeme d'information universel interactif par appareil et carte multi-services
FR2734934B1 (fr) * 1995-05-30 1997-07-04 Syseca Carte a puce intelligente securisee
WO1997022092A2 (en) * 1995-12-14 1997-06-19 Venda Security Corporation Secure personal information card and method of using the same
DE19839847A1 (de) * 1998-09-02 2000-03-09 Ibm Speichern von Datenobjekten im Speicher einer Chipkarte
FR2786051B1 (fr) * 1998-11-16 2001-01-12 Dassault Automatismes Procede de mise a niveau des equipements destines au traitement des cartes sante et au paiement electronique des actes medicaux

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See references of WO02058019A1 *

Also Published As

Publication number Publication date
WO2002058019A1 (fr) 2002-07-25
FR2819909A1 (fr) 2002-07-26
FR2819909B1 (fr) 2003-05-02

Similar Documents

Publication Publication Date Title
FR2748834A1 (fr) Systeme de communication permettant une gestion securisee et independante d'une pluralite d'applications par chaque carte utilisateur, carte utilisateur et procede de gestion correspondants
WO2006053958A9 (fr) Support personnel de mémoire de masse portatif et système informatique d'accès sécurisé a un espace utilisateur via un réseau
FR2779018A1 (fr) Terminal et systeme pour la mise en oeuvre de transactions electroniques securisees
CA2309293A1 (fr) Procede, carte a puce et terminaux pour effectuer des transactions a travers un reseau de telecommunication
EP0614303A1 (de) Verfahren zur Erteilung einer mit einem Telefonabonnement verbundenen Telefonnummer, Telefonapparate und Mobiltelefon dafür
CA2293546A1 (fr) Carte a puce, telephone sans fil, systeme et procede d'acces et de communication par internet
EP1862948A1 (de) IC-Karte mit OTP-Client
EP1362276A1 (de) Dynamische verwaltung der listen von zugriffsrechten in einem tragbaren elektronischen gegenstand
EP1460593A1 (de) Gesichertes Zahlungsterminal
EP1364349A1 (de) Verfahren zum gesicherten speichern und nachschlagen von persönlichen daten, chipkarte, endgerät und server zur durchführung des verfahrens
EP1064769A1 (de) Kartenlesetelecommunicationsendgerät
CA2694335C (fr) Gestion et partage de coffres-forts dematerialises
WO2000042731A1 (fr) Procede de chargement securise de donnees entre des modules de securite
WO2002058019A1 (fr) Procede pour la creation de fichiers de donnees, prives securises et carte a puce comportant un fichier prive securise
CA2468890A1 (fr) Procede de securisation d'un acces a une ressource numerique
EP1538857B1 (de) Verfahren zur Sicherstellung von Daten eines Mobiltelefons
EP1076886B1 (de) Verfahren zum durchführen einer gesicherten transaktion mittels einer chipkarte über ein telekommunikationsnetzwerk
EP2048632A1 (de) Verfahren zur Übertragung eines vertraulichen Kodes, entsprechendes Kartenlesegerät, entsprechender Verwaltungsserver und entsprechende Computerprogramm-Produkte
FR3114714A1 (fr) Procédé d’accès à un ensemble de données d’un utilisateur.
CA2652140A1 (fr) Procede d'activation d'un terminal
EP1578064B1 (de) Verfahren zum Zugriff auf einen Dienst durch ein an ein Kommunikationsnetz angeschlossenes Endgerät
FR2853785A1 (fr) Entite electronique securisee avec compteur modifiable d'utilisations d'une donnee secrete
FR3080693A1 (fr) Authentification mutuelle d'un dispositif ou d'un systeme contenant des donnees sensibles ou confidentielles commandable par un utilisateur
FR2888437A1 (fr) Procede et systeme de controle d'acces a un service d'un fournisseur d'acces implemente sur un serveur multimedia, module, serveur, terminal et programmes pour ce systeme
FR2793980A1 (fr) Procede pour realiser lors d'une premiere operation autorisee par une premiere carte au moins une seconde operation

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20030822

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LI LU MC NL PT SE TR

AX Request for extension of the european patent

Extension state: AL LT LV MK RO SI

17Q First examination report despatched

Effective date: 20041007

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20050419