EP1388137A2 - Carte a puce virtuelle - Google Patents

Carte a puce virtuelle

Info

Publication number
EP1388137A2
EP1388137A2 EP02717924A EP02717924A EP1388137A2 EP 1388137 A2 EP1388137 A2 EP 1388137A2 EP 02717924 A EP02717924 A EP 02717924A EP 02717924 A EP02717924 A EP 02717924A EP 1388137 A2 EP1388137 A2 EP 1388137A2
Authority
EP
European Patent Office
Prior art keywords
vcc
key
chip card
data
encrypted
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP02717924A
Other languages
German (de)
English (en)
Inventor
Walter Gygli
Markus Hof
William Grant Rothwell
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Eracom Technologies Schweiz AG
Original Assignee
Eracom Technologies Schweiz AG
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Eracom Technologies Schweiz AG filed Critical Eracom Technologies Schweiz AG
Publication of EP1388137A2 publication Critical patent/EP1388137A2/fr
Withdrawn legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1008Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/04Payment circuits
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3823Payment protocols; Details thereof insuring higher security of transaction combining multiple encryption tools for a transaction
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/409Device specific authentication in transaction processing
    • G06Q20/4097Device specific authentication in transaction processing using mutual authentication between devices and transaction partners
    • G06Q20/40975Device specific authentication in transaction processing using mutual authentication between devices and transaction partners using encryption therefor

Definitions

  • the invention relates to a virtual chip card and a method for accessing sensitive data stored on such a virtual chip card, and a system for storing and accessing such virtual chip cards.
  • Payment transactions using such cards are, for example, as follows: The customer (cardholder) requests that the payment is processed electronically from the place of payment. To do this, he inserts his card into a device provided for this purpose. This device then requests the entry of the personal PIN code. After the PIN code has been entered, a check is carried out on the chip of the smart card to determine whether the PIN code entered matches the PIN code stored on the chip
  • This authorization check takes place, for example, via a communication link Communication with the computer of the cardholder's bank takes place. This communication can be used to check, for example, whether the cardholder's account still has sufficient cover for the desired payment amount or whether there is a suitable framework for a credit facility. If this is the case, the payment is authorized and the payment process is completed.
  • Transaction e.g. in the case of a transfer
  • a transfer requires both the entry of the name of the account holder and a (static) "password” or a “passphrase” for authorization of the user, as well as the entry of a (dynamic, i.e. different for each transaction)
  • TAN Transaction number
  • the user receives a list of TANs from his bank when registering for "Internet banking", which have to be processed in sequence for computer transactions. If the first TAN has already been used for a transaction, the cardholder must note in some way that the first TAN has already been used and the second TAN is to be used in the next transaction, and so on. This procedure increases security against abuse.
  • an intelligent physical chip card which is currently considered one of the safest, if not the safest, medium, such as:
  • these intelligent physical chip cards have several disadvantages. On the one hand, they must be available at the desired location for your use, i.e. the user must carry it with them. A suitable physical reading device must also be available. The appropriate driver software must also be installed on the computer to which the reader is connected. Finally, the chip card can be lost, forgotten, or it can be damaged or stolen.
  • the idea on which the invention is based is to provide an intelligent virtual - that is to say intangible - chip card and to be able to access this virtual chip card from anywhere in the world via any network and to be able to use its functions, such as if User would have inserted a physical chip card into the slot of a physical reader.
  • this immaterial chip card it does not need to be physically present, there is also no need for a physical reader, and the chip card cannot be forgotten or lost or stolen.
  • FIG. 1 shows an embodiment of a virtual chip card according to the invention
  • 3A and 3B illustrate the method steps when accessing the virtual chip card
  • Fig. 4 shows the hierarchical arrangement of different types of virtual smart cards in
  • FIG. 1 shows an exemplary embodiment of a virtual chip card VCC according to the invention.
  • the exemplary embodiment of the virtual chip card VCC shown in FIG. 1 is encrypted in its entirety with an inaccessible master key K BB and is stored in this encrypted form on the computer 3 (FIG. 2) of a service provider.
  • the virtual chip card VCC is therefore completely inaccessible to the staff of the service provider since it is stored in encrypted form and the staff of the service provider do not have the master key K BB (possibly with the exception of a few people such as the chief information officer) knows.
  • the virtual chip card VCC is stored in encrypted form with the key K BB on the computer 3 (FIG. 2) of the service provider; in principle, it could also be stored in unencrypted form on the computer 3. In principle, there would then be the possibility that the service provider staff can view the stored virtual chip card VCC as a whole, but the data on such a virtual chip card VCC would still not be visible, as will become clear below.
  • the virtual chip card VCC comprises a control part CP and a data part DP.
  • the data part DP contains the sensitive data, for example personal data, keys for asymmetrical encryption methods, passwords for computer applications, etc., but in a form encrypted with the key K.
  • the control part CP of the virtual chip card VCC comprises the complementary key with which it is possible to decrypt the data encrypted with the key K in the data part DP.
  • the complementary key for decrypting is identical to the key K with which the data has been encrypted (symmetrical encryption method).
  • the complementary key K for decrypting the data is not present unencrypted in the control part CP, but is present encrypted on the one hand with a password PW (or a "passphrase") - that is, statically encrypted - and on the other hand in one with different transaction numbers T1, T2, T3 , ..., TN encrypted form (or with the transaction number and a number of characters of the password PW) - ie dynamically encrypted.
  • the public key K PUB of the holder of the virtual chip card VCC is also present in the control part, for example.
  • a counter C can be present in the control part CP, which counts the number of access attempts during the authorization check and, for example, blocks the virtual chip card VCC after three unsuccessful authorization checks as part of access attempts for further access attempts.
  • FIG. 2 schematically shows a system with the necessary components for access to the virtual chip card VCC according to FIG. 1.
  • a device 1 for Internet access of the holder of the virtual chip card VCC such as a "staff" can be seen in FIG. 2 Computer "(PC), a terminal or a mobile phone.
  • a network 2, for example the Internet, can also be seen, via which communication with a computer 3 of the service provider takes place.
  • the virtual chip card VCC of the user is stored on this computer 3 of the service provider, but encrypted with the master key K BB .
  • an inaccessible unit BB (“black box”) can be seen in FIG. 2, which can be a separate physical unit but does not necessarily have to be a separate physical unit, but also in terms of software in the computer 3 of the service provider can be realized.
  • the communication between the device 1 and the computer 3 takes place via the network 2, which serves as a communication link.
  • the holder of a virtual chip card VCC uses the device 1 (for example PC) to report via the network 2 (for example Internet) with his name (and possibly with a PIN) to computer 3 of the service provider (step 41).
  • the computer 3 then checks whether a cardholder with this name exists (step 42). If there is no cardholder with this name, the communication is terminated in a suitable manner or a message is transmitted that no cardholder with this name exists (step 43). However, there is a cardholder with the entered name, its encrypted with the master key K BB virtual smart card VCC is transferred to the inaccessible unit BB (step 44). This transfer of the virtual chip card VCC to the inaccessible unit BB can, if necessary, be carried out using a recognized, secure method.
  • a secure, logical connection is then established between the inaccessible unit BB and the device 1 or between the inaccessible unit BB and the holder of a virtual chip card VCC located on the device 1.
  • This can take place, for example, in such a way that the holder of the virtual chip card VCC determines a session key ("session key") K s and communicates this session key K s to the inaccessible unit BB.
  • This session key K s represents both the Encryption key as well as the decryption key for the subsequent communication between the holder of the virtual chip card VCC (or device 1) and the inaccessible unit BB (symmetrical encryption method).
  • the session key K s cannot, of course, be transmitted in unencrypted form from the holder of a virtual chip card VCC (or from the device 1) to the inaccessible unit BB, since the session key K s could otherwise be intercepted by malicious third parties. Consequently, the session key K s is first encrypted with the public key K PUB , BB of the inaccessible unit BB (asymmetrical encryption method) and transmitted in this encrypted form to the inaccessible unit BB.
  • the inaccessible unit BB knows (as the only one) the private key which is complementary to its public key and, after using this private key, can read the session key K s communicated to it in encrypted form.
  • the further communication between the holder of the virtual chip card VCC (or between the device 1) and the inaccessible unit BB can now take place - encrypted with the session key K s - because now the inaccessible unit BB also knows the session key K s .
  • Master key K BB complementary key available.
  • this complementary key is identical to the main key K BB , with which the virtual chip card VCC has been encrypted (symmetrical encryption method).
  • the virtual chip card VCC encrypted with the master key K BB is in the unit BB with the key complementary to the master key K BB (also K BB , symmetric encryption method) decrypted (step 45).
  • the virtual chip card VCC is therefore only present in unencrypted form in the inaccessible unit BB. However, this is inaccessible even for the staff of the service provider, even if the unit BB is implemented in software in the same computer 3 as the database of the virtual chip cards VCC.
  • the entire content of a virtual chip card VCC stored on the computer 3 of the service provider (database) is inaccessible to third parties because the virtual chip card VCC is only present in decrypted form in the inaccessible unit BB.
  • the data part DP of the chip cards is still VCC encrypted and in the control part CP could at most information intended for public access anyway, such as the public key K PUB , can be read in plain text.
  • the encrypted with the password PW would be complementary key K for access to the data or with the different transaction numbers T1, T2, T3, ..., TN (or with the transaction number plus some characters of the Passwords PW) encrypted complementary keys K are in principle accessible.
  • an unauthorized third party in particular also the staff of the service providers
  • this information could not do anything even if he had access to it (which is not the case in the exemplary embodiment described, but would be the case with the variant without additional encryption of the virtual chip card VCC with the master key K BB ).
  • the cardholder can be asked whether, when accessing the data, which are still present in encrypted form in the data part DP of the virtual chip card VCC (namely encrypted with the key K), the static password PW is to be used or a (dynamic) transaction number
  • T1, T2, T3, ..., TN step 46
  • Communication with the cardholder with regard to these options is encrypted, as described above with the session key K s instead.
  • step 47 If the cardholder decides to use the (static) password PW, he selects this option and enters the static password PW (step 47).
  • the complementary key K encrypted with the key PW is then decrypted in step BB (step 48) and with the aid of this complementary key
  • the data in the data part DP are then decrypted (step 51).
  • the data of the data part DP are then in plain text in the inaccessible unit BB, but only in the inaccessible unit BB.
  • the cardholder decides to use the transaction number (or a few characters of the static password), he selects this option and enters the corresponding transaction number.
  • the cardholder can carry the transaction numbers with him, for example in the form of a serial list of transaction numbers, whereby he must monitor which of the
  • Transaction numbers have already been processed so that he uses the correct transaction number.
  • Another option is to send the cardholder a "checkerboard pattern" (eg via courier service) in advance instead of a serial list of transaction numbers.
  • This type of access using transaction numbers has the advantage that you can As a cardholder, there is no need to note which transaction numbers have already been processed, because the required transaction number is queried character by character (step 49).
  • the cardholder may also be required to enter a number of characters (eg the first four characters) of his static password PW, which provides additional security in the event that a cardholder misplaces his "checkerboard pattern" has lost or stolen.
  • a number of characters eg the first four characters
  • the complementary key K encrypted with the transaction number T1, T2, T3,... TN or the transaction number and the additional characters of the static password is then decrypted (step 50) and with the aid of this complementary key K the data in the data part are then DP decrypted (step 51).
  • the data of the data part DP are then available in plain text in the inaccessible unit BB, but only in the inaccessible unit BB.
  • the encryption / decryption of the data using the complementary key K is carried out - as already described - using a symmetrical encryption method (same key K for
  • Encrypt as for decryption because the speed of the encryption or decryption process is considerably faster than an asymmetrical encryption method (keys for encryption and keys for decryption are different).
  • the further communication between the inaccessible unit BB and the holder of the virtual chip card VCC (or the device 1) encrypted with the session key K s (step 52) instead.
  • data in plain text in the inaccessible unit BB is transmitted in encrypted form using the session key K s to the destination (that is to say to the device 1 or to the cardholder located there) or other operations are also carried out under the session key K s ,
  • the data is safe and not accessible to third parties, or any operations are carried out in a safe and inaccessible manner. At no time can unauthorized third parties access any confidential information, be it keys or data.
  • the virtual chip card is encrypted with the master key K BB in the inaccessible unit BB and, if necessary, in an updated form if the card holder has made changes returned in this form to the computer 3 of the service provider (step 53), where the - possibly updated - virtual chip card VCC is stored. Communication is then ended (step 54).
  • the virtual chip card VCC is stored on the computer 3 of the service provider, but in an encrypted form (namely encrypted with the master key K BB of the black box BB), which is used by the staff of the service provider cannot be decrypted.
  • the virtual chip card VCC were not encrypted with the master key K BB but were stored unencrypted on the computer 3, the data in plain text are nevertheless not readable by third parties, not even by the service provider staff.
  • Embodiment two more levels of virtual chip cards, namely a so-called issuer chip card IVCC ("Issuer-VCC”) and a so-called root chip card RVCC
  • issuer chip card IVCC issuer chip card
  • RVCC root chip card
  • the RVCC root chip card is created in the inaccessible unit BB (black box) and is able to have the issuing chip cards IVCC issued by the inaccessible unit BB.
  • a service provider is entitled to issue virtual (VCC) smart cards to its (end) customers, its computer must be authorized to do so by the inaccessible unit BB, i.e. it must receive an IVCC issuer chip card. Since the service provider should never have knowledge of the data on a VCC of an end customer, even when creating a VCC for a cardholder, the data at the service provider must not be in plain text.
  • VCC virtual chip cards
  • IVCC virtual chip cards
  • the end customer requests the creation of a virtual chip card VCC, which in the exemplary embodiment described is stored in encrypted form (namely encrypted with the main key K BB of the black box) on the computer 3 (database) of the service provider, he must first compare to identify the service provider and to inform the service provider of the desired password (However, in encrypted form, namely encrypted with the public key of the inaccessible unit K PUB , BB , so that the service provider cannot read this password). The service provider will check the creditworthiness of the end customer.
  • the service provider determines that he is creating a virtual chip card VCC for the end customer and wants to save it in an encrypted form on his computer 3 (database) and make it available, he informs the inaccessible unit BB, which knows that the Service provider is authorized due to its issuer chip card IVCC to issue new virtual chip cards VCC.
  • the inaccessible unit BB then generates a corresponding virtual chip card VCC for the user (end customer of the service provider), decrypts the password communicated by the user with the public key K PUB , EB with the complementary private key, and assigns this password to the password to be created virtual chip card VCC and generates an associated checkerboard pattern.
  • the virtual chip card VCC generated in this way is encrypted using the master key K BB in the inaccessible unit BB before it is returned to the computer 3 of the service provider, where it is then stored.
  • the checkerboard pattern is transmitted to the service provider without encryption using the master key K BB (if necessary with the aid of a recognized secure method), is printed out there and, for example, sent to the end customer via a courier service.
  • the end customer Once the end customer has received his checkerboard pattern, he can access his VCC in the manner described in detail above. However, it should be noted that the first time the end customer (cardholder) accesses his virtual chip card VCC the user has not been identified. The cardholder must be identified the first time it is accessed using a transaction number (checkerboard pattern) or a transaction number and individual characters of the static password. If this process is successfully completed, the end customer (cardholder) can choose in the future whether access should take place using a static password (or passphrase) PW or using a transaction number (or transaction number plus a number of characters from the static password, see above) , In addition, data can be entered and changed etc. The virtual chip card VCC is now available to the end customer (card holder) with all its functions.
  • Issuer chip cards IVCC can be generated in a similar manner.
  • the customer is an exhibitor, for example a service provider.
  • the latter contacts the Chief Information Officer (CIO) or the person who knows the key complementary to the K BB master key (here also K BB ) and informs the Chief Information Officer that he is creating an IVCC issuer chip card wishes.
  • CIO Chief Information Officer
  • the Chief Information Officer identifies himself to the inaccessible unit BB using the RVCC root chip card and then arranges for the inaccessible unit BB to generate an IVCC issuer chip card for the service provider. If this issuer chip card IVCC has been generated, the inaccessible unit BB knows that it has been assigned
  • the black box BB does not have to be a separate physical unit, but can be installed in software on the computer 3 of the service provider without the service provider personnel having the possibility of accessing the data of the virtual chip cards VCC.
  • two software components are installed on the computer 3 of the service provider when the Black Box BB is implemented in software, an administration software and a processing software.
  • the management software is to a certain extent the link between the device 1 of the cardholder at the destination and the database of the encrypted virtual chip cards VCC on the computer 3. It essentially fulfills two tasks, namely on the one hand to ensure communication between the software of the device 1 and the
  • VCC virtual chip card processing software and, on the other hand, management of the contents of the VCC virtual chip card database.
  • the management software can perform the following operations in particular: - Have a new virtual chip card VCC added - Delete existing virtual chip cards.
  • the processing software is for the service provider inaccessible and to a certain extent represents the Black Box BB. It has the following tasks in particular:

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Theoretical Computer Science (AREA)
  • Finance (AREA)
  • Computer Security & Cryptography (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Storage Device Security (AREA)

Abstract

L'invention concerne une carte à puce virtuelle (VCC) permettant d'enregistrer et de charger des données sensibles. Cette carte à puce virtuelle (VCC) contient une partie données (DP), dans laquelle ces données sensibles sont enregistrées sous forme codée, et une partie vérification (CP) qui contient au moins la clé (K) servant à décoder les données contenues dans la partie données (DP) sous forme codée. Cette invention concerne également un système correspondant, qui permet d'enregistrer cette carte à puce virtuelle (VCC) et d'accéder à cette dernière, ainsi qu'un procédé d'accès correspondant et un système servant à émettre cette carte à puce virtuelle (VCC).
EP02717924A 2001-05-11 2002-04-12 Carte a puce virtuelle Withdrawn EP1388137A2 (fr)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
CH8652001 2001-05-11
CH865012001 2001-05-11
PCT/CH2002/000205 WO2002093512A2 (fr) 2001-05-11 2002-04-12 Carte a puce virtuelle

Publications (1)

Publication Number Publication Date
EP1388137A2 true EP1388137A2 (fr) 2004-02-11

Family

ID=4543564

Family Applications (1)

Application Number Title Priority Date Filing Date
EP02717924A Withdrawn EP1388137A2 (fr) 2001-05-11 2002-04-12 Carte a puce virtuelle

Country Status (2)

Country Link
EP (1) EP1388137A2 (fr)
WO (1) WO2002093512A2 (fr)

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CA2186415A1 (fr) * 1995-10-10 1997-04-11 David Michael Claus Methodes sures de transfert de fonds utilisant des cartes a puce
DE19711210A1 (de) * 1996-11-17 1998-05-20 Tils Peter Sicherungseinrichtung für Datenspeicher
EP0950972A2 (fr) * 1997-11-12 1999-10-20 Citicorp Development Center, Inc. Système et méthode pour le stockage sécurisé de données électroniques
US6704714B1 (en) * 1999-05-03 2004-03-09 The Chase Manhattan Bank Virtual private lock box

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See references of WO02093512A3 *

Also Published As

Publication number Publication date
WO2002093512A3 (fr) 2003-02-20
WO2002093512A2 (fr) 2002-11-21

Similar Documents

Publication Publication Date Title
DE69814406T2 (de) Tragbare elektronische vorrichtung für systeme zur gesicherten kommunikation und verfahren zur initialisierung der parameter
DE69521156T2 (de) Verfahren zum Authentisieren eines Schalterterminals in einem System zur Durchführung von Überweisungen
DE69435079T2 (de) Chipkarte für eine Vielzahl von Dienstleistungsanbietern und für entfernte Aufstellung derselben
DE69531711T2 (de) Sichere Geldübertragungstechniken mit Chipkarten
EP0281057B1 (fr) Circuit pour la sécurité de l'accès à un ordinateur à l'aide d'une carte à circuit intégré
DE69829642T2 (de) Authentifizierungssystem mit chipkarte
DE10297521T5 (de) Verbraucher-zentrisches kontext-bewußtes Vermittlungsmodell
DE3319919A1 (de) Schutzsystem fuer intelligenz-karten
WO2002023303A2 (fr) Procede destine a securiser une transaction sur un reseau informatique
DE3103514A1 (de) Verfahren und vorrichtung zum steuern einer gesicherten transaktion
DE3044463A1 (de) Verfahren und vorrichtung zum codieren einer karte
EP0970447B1 (fr) Procede de transaction assistee par un reseau au moyen de cartes a puce
DE69330743T2 (de) Verfahren zur Beurkundung einer Informationseinheit durch eine andere
DE60008795T2 (de) Informatikvorrichtung zur anwendung von akkredtierungsdaten auf eine software oder auf einen dienst
DE102011116489A1 (de) Mobiles Endgerät, Transaktionsterminal und Verfahren zur Durchführung einer Transaktion an einem Transaktionsterminal mittels eines mobilen Endgeräts
DE4230866B4 (de) Datenaustauschsystem
DE60029379T2 (de) Verfahren und Gerät, die einem Rechnerbenutzer erlauben, vor der Eingabe von privilegierten Informationen ein System zu authentifizieren
DE102007008651A1 (de) Chipkarte und Verfahren zur Freischaltung einer Chipkarten-Funktion
EP4381408A1 (fr) Élément sécurisé, procédé d'enregistrement de jetons et registre de référence de jeton
WO2009121197A1 (fr) Système et procédé de production de supports utilisateur
WO1998050894A1 (fr) Systeme permettant une lecture et un traitement proteges de donnees sur des supports de donnees intelligents
DE69825410T2 (de) Verfahren zur Kompression von digitalen Zertifikaten zur Verwendung in einer Chipkarte
EP2399218B1 (fr) Procédé pour générer un identifiant
DE10297517T5 (de) Automatisiertes digitales Rechte-Management und Zahlungssystem mit eingebettetem Inhalt
DE10048939B4 (de) Bedingte Unterdrückung der Überprüfung eines Karteninhabers

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20031210

AK Designated contracting states

Kind code of ref document: A2

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LI LU MC NL PT SE TR

AX Request for extension of the european patent

Extension state: AL LT LV MK RO SI

RIN1 Information on inventor provided before grant (corrected)

Inventor name: ROTHWELL, WILLIAM, GRANT

Inventor name: HOF, MARKUS

Inventor name: GYGLI, WALTER

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20081101