EP1763850A1 - Smart card comprising a keypad - Google Patents

Smart card comprising a keypad

Info

Publication number
EP1763850A1
EP1763850A1 EP05857316A EP05857316A EP1763850A1 EP 1763850 A1 EP1763850 A1 EP 1763850A1 EP 05857316 A EP05857316 A EP 05857316A EP 05857316 A EP05857316 A EP 05857316A EP 1763850 A1 EP1763850 A1 EP 1763850A1
Authority
EP
European Patent Office
Prior art keywords
code
card
card according
keys
module
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP05857316A
Other languages
German (de)
French (fr)
Inventor
Cyril Lalo
Philippe Guillaud
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Audiosmartcard International SA
Original Assignee
Audiosmartcard International SA
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Audiosmartcard International SA filed Critical Audiosmartcard International SA
Publication of EP1763850A1 publication Critical patent/EP1763850A1/en
Withdrawn legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1008Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K19/00Record carriers for use with machines and with at least a part designed to carry digital markings
    • G06K19/06Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code
    • G06K19/067Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components
    • G06K19/07Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components with integrated circuit chips
    • G06K19/077Constructional details, e.g. mounting of circuits in the carrier
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • G06Q20/3415Cards acting autonomously as pay-media
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1025Identification of user by a PIN code
    • G07F7/1083Counting of PIN attempts

Definitions

  • the present invention relates to a standard format memory card.
  • Such cards are generally used in interface with devices intended to perform operations requiring identification of the user. This identification is conventionally performed by contacting, with or without contact, the card with a device. The card is then subjected to electrical or magnetic signals so that data present on the card are read. Reading this data makes it possible to identify the user.
  • Such cards generally include several identification elements for reading data present on the card. These identification elements include a card number, a magnetic strip, a semiconductor component or "chip" including data relating to a secret code. In the case of the use of a chip, signals enter the card and the chip provides an answer. These cards, which do not have their own power supply, only work with the device to perform operations and are passive in the absence of such a device.
  • the invention overcomes the disadvantages presented above by providing increased security for a card as presented in the introductory part, and provided with a keyboard to ensure compliance of the card with the standard.
  • the invention relates to a standardized format card comprising keys, a functional module and an activation module for activating the functional module when a given code is entered by means of the keys, said keys being positioned in a single row located near the edge of a large side of the map, so that the keys are in an area left free by the standard.
  • the card comprises at most six keys.
  • each key has a convex shape, to make them easily distinguishable to the touch.
  • the keys are of sufficient diameter, for example between 6 and 8 millimeters, to make them easily manipulable to the touch.
  • the determined code to be entered is a sequence of five characters.
  • the code is a series of letters, each key corresponding to one or more letters.
  • the card includes a module for inhibiting the activation module, the latter being inhibited for a predetermined duration of inhibition, for example of a value of 5 seconds, or after a determined number of incorrect codes. , for example three, have been entered consecutively, or after the entry of a sequence of a given size, for example 15 characters, this sequence does not include the correct code.
  • the predetermined duration of inhibition is increased, for example incrementally, at each new entry of an incorrect code, or the entry of any new sequence does not include the correct code.
  • the predetermined inhibition duration has a limit value, for example 30 seconds.
  • the inhibition time resumes its initial value when entering the correct code.
  • the card comprises means for transmitting a first characteristic sound of the pressure of a key, as well as for emitting a second characteristic sound of the correct code input, the two sounds being differentiated.
  • the card includes means for modifying the code.
  • the functional module includes an acoustic module for transmitting an acoustic signature.
  • the card is such that it meets the specifications of the ISO 7810 and / or ISO 7816 standards.
  • FIG. 1 represents a card according to the invention.
  • FIG. 1 is a schematic diagram of the card illustrating the operation of the card according to the invention.
  • a card 100 according to the invention comprises a certain number of standardized zones 104 to 109.
  • Such zones include, in particular, an embossing zone 104, an area for the magnetic strip 105 located on the backside, a zone for a chip 106, a zone for the identification of the organism that delivered the card 107, a zone for the client of said organism 108, a zone 109 for a hologram ...
  • Keys 101 are present on an unassigned area 110 by the standard. These keys 101 make it possible to enter a code.
  • the keys are arranged in a single row near the edge of a large side of the map. The zone thus occupied by the keys is left free by the norm.
  • the keys 201 are connected to an activation module 202 intended to activate the functional module 203 when a correct code is entered using the keys 201.
  • This activation module 202 activates the functional module 203 when a correct code is entered using the keys.
  • This functional module 203 is advantageously an acoustic module for emitting an acoustic signature.
  • This signature guarantees the identification of the user.
  • the use of an acoustic module has many advantages. An acoustic signature can be easily modified. An acoustic signature is generally not resident in a precise but traveling machine. In addition, an acoustic signature is difficult to copy. Indeed, on a computer, the most common device in which the invention can be advantageously implemented, an acoustic microphone, the most widespread acoustic drive, can be set listening only one software at a time. It is therefore not possible for a pirate program to copy the acoustic signature.
  • the functional module 203 of the card can also be a GPS function, an active access authorization module when the card is inserted into a reader ...
  • the card 100 has 6 buttons. Indeed, this number of buttons enters the non-standard area 110 ISO cards without harming the accessibility and ergonomics buttons, which are typically 6 to 7 mm in diameter.
  • a corollary problem with the use of 6 keys to enter a code is the decrease of the possibilities for the code.
  • Each of the 6 keys 101 correspond, for example, to a set of four letters, as shown in FIG. 1. This characteristic makes it possible to propose codes that are words and, therefore, that are easier to memorize.
  • the keys are located at the top left of the map and along the upper edge. This allows the user to easily enter the code with the thumb when the map is rotated 90 ° to the right. The ergonomics of the input is thus guaranteed.
  • the card advantageously has sound elements for emitting sounds, especially when the keys are pressed and when a correct code has been entered, the latter case can advantageously give rise to a different sound.
  • the card advantageously has a timer module 210.
  • This module 210 may, for example, be triggered from a number of typed keys, for example 5 or 40, without a good sequence of characters including the correct code is capture. In the map this is practically translated by the presence of a counter of keystrokes with a trigger threshold. Beyond such a threshold, it then triggers an inhibition module 211 which will inhibit the operation of the activation module 202 for a predetermined period.
  • the predetermined duration may for example be 5 seconds. During this time, pressing the keys is not taken into account during the muting period and it is advantageous that pressing the keys does not trigger sound.
  • the timer module 210 may also be such that the duration of inhibition has a duration that increases as and for example, so that to perform 100 unsuccessful code tests, it takes one hour. This helps to delay fraud.
  • the inhibition time can be incrementally increased, for example by a value of 5 seconds, each time a new code is entered incorrectly.
  • the inhibition time advantageously has a limit value, for example 30 seconds, beyond which it will not increase, even in case of new entry of an incorrect code. Conversely, entering the correct code resets the value of the predetermined inhibition time, which therefore resumes its initial value.
  • the timing module 210 takes into account all the activations of the keys 201 even accidental.
  • the card may also include a muting module 211 triggered when a good sequence corresponding to the code is not entered during the equivalent of 3 trials, especially after 15 keys typed in the example presented above.
  • Such an inhibition module 211 may also be user-controllable if it wishes to temporarily disable its card. It can be implemented in combination with the timing module 210 presented before. It is then triggered after multiple delays when too many keys have been pressed.
  • the code can be modified.
  • the user In order to change the code, the user must enter the current code. Then two possibilities can be implemented. The first is to enter a new code twice in a row. The second is to enter a command, CH for example (to "change") followed twice by a new code.
  • CH for example (to "change")
  • a password longer than a sequence of 5 characters can also be implemented according to the invention.
  • the card according to the invention may comprise, in combination with the invention, means for performing the usual functions generally proposed with this type of card, in particular the use of an identification code entered on a terminal.
  • the modules of a card according to the invention can implement hardware or software means or a combination of such means.
  • the invention may use a computer program product including instructions for making the modules according to the invention.

Abstract

The invention relates to a standard-format, self-powered card comprising keys (201) which are provided in at least one zone that is not defined by the standard format, a functional module (203) and an activation module (202) which is intended to activate the functional module (203) when the correct code is entered using the keys (201). The invention can be used to render the use of such cards secure.

Description

CARTE A MEMOIRE A CLAVIER KEYBOARD MEMORY CARD
La présente invention concerne une carte à mémoire de format normalisé.The present invention relates to a standard format memory card.
De telles cartes, notamment celles normalisées par la norme ISO 7810 et/ou 7816, sont en général utilisées en interface avec des appareils destinés à effectuer des opérations nécessitant une identification de l'utilisateur. Cette identification est classiquement réalisée par une mise en relation, avec ou sans contact, de la carte avec un appareil. La carte est alors soumise à des signaux électriques ou magnétiques de manière à ce que soient lues des données présentes sur la carte. La lecture de ces données permet notamment l'identification de l'utilisateur.Such cards, in particular those standardized by the ISO 7810 and / or 7816 standard, are generally used in interface with devices intended to perform operations requiring identification of the user. This identification is conventionally performed by contacting, with or without contact, the card with a device. The card is then subjected to electrical or magnetic signals so that data present on the card are read. Reading this data makes it possible to identify the user.
De telles cartes incluent généralement plusieurs éléments d'identification permettant une lecture de données présentes sur la carte. Ces éléments d'identification sont notamment un numéro de carte, une piste magnétique, un composant semi-conducteur ou « puce » incluant des données relatives à un code secret. Dans le cas de l'usage d'une puce, des signaux pénètrent dans la carte et la puce fournit une réponse. Ces cartes qui ne possèdent pas d'alimentation propre, fonctionnent seulement avec l'appareil destiné à effectuer des opérations et sont passives en l'absence d'un tel appareil.Such cards generally include several identification elements for reading data present on the card. These identification elements include a card number, a magnetic strip, a semiconductor component or "chip" including data relating to a secret code. In the case of the use of a chip, signals enter the card and the chip provides an answer. These cards, which do not have their own power supply, only work with the device to perform operations and are passive in the absence of such a device.
Le point faible de telles cartes utilisées pour l'identification est que, du fait de leur passivité, elles peuvent être interrogées de manière à découvrir les données qui y sont stockées. Ainsi il est bien connu que ces cartes sont piratées par exemple en envoyant diverses questions sous la forme de flux électriques ou magnétiques vers la puce. Ces flux sont analysés par la puce et une réponse est fournie. En fonction des réponses de la puce, il est alors possible de savoir ce que la puce contient, notamment un code secret. Dans la situation actuelle, l'usage d'un code secret, bien que sécurisant pour l'utilisateur, ne constitue pas une garantie suffisante contre la fraude.The weak point of such cards used for identification is that, because of their passivity, they can be interrogated in order to discover the data stored therein. Thus it is well known that these cards are hacked for example by sending various questions in the form of electrical or magnetic flows to the chip. These flows are analyzed by the chip and a response is provided. Depending on the responses of the chip, it is then possible to know what the chip contains, including a secret code. In the current situation, the use of a secret code, while reassuring for the user, does not constitute a sufficient guarantee against fraud.
Le piratage des bandes magnétiques de telles cartes est également répandu ainsi que l'usage frauduleux des numéros de carte, par exemple sur Internet. Ces divers piratages nuisent à la confiance des utilisateurs en de telles cartes et donc à leur expansion, notamment pour des opérations de paiement.The piracy of magnetic tapes of such cards is also widespread and the fraudulent use of card numbers, for example on the Internet. These various hacks undermine the trust of users in such cards and therefore their expansion, especially for payment transactions.
Pour accroître la sécurité de telles cartes de paiement, il est connu d'utiliser une carte munie d'un clavier, le clavier permettant de saisir un code secret pour activer la carte. Cependant, disposer un clavier sur une telle carte pose deux problèmes antagonistes : d'une part celui-ci doit être suffisamment grand pour des questions d'ergonomie, d'autre part sa taille est un inconvénient si l'on veut disposer le clavier de manière à rendre la carte compatible avec les normes internationales sur le format des cartes de paiement. En effet les zones dites libres selon ces normes sont peu nombreuses, et leur surface réduite.To increase the security of such payment cards, it is known to use a card with a keyboard, the keyboard to enter a secret code to activate the card. However, having a keyboard on such a card poses two antagonistic problems: on the one hand it must be large enough for ergonomic issues, on the other hand its size is a disadvantage if one wants to have the keyboard of to make the card compatible with international standards on the payment card format. Indeed the so-called free zones according to these standards are few, and their surface reduced.
L' invention remédie aux inconvénients présentés ci avant en permettant d'obtenir une sécurité accrue pour une carte telle que présentée dans la partie introductive, et munie d'un clavier garantissant la conformité de la carte avec la norme.The invention overcomes the disadvantages presented above by providing increased security for a card as presented in the introductory part, and provided with a keyboard to ensure compliance of the card with the standard.
L'invention concerne une carte de format normalisé comportant des touches, un module fonctionnel et un module d' activation destiné à activer le module fonctionnel lorsqu'un code déterminé est saisi par le biais des touches, lesdites touches étant positionnées sur une rangée unique située à proximité de l'arête d'un grand côté de la carte, de manière à ce que les touches soient dans une zone laissée libre par la norme. Selon une réalisation la carte comporte au plus six touches .The invention relates to a standardized format card comprising keys, a functional module and an activation module for activating the functional module when a given code is entered by means of the keys, said keys being positioned in a single row located near the edge of a large side of the map, so that the keys are in an area left free by the standard. According to one embodiment, the card comprises at most six keys.
Selon une autre réalisation, chaque touche présente une forme bombée, pour les rendre aisément différenciables au toucher.According to another embodiment, each key has a convex shape, to make them easily distinguishable to the touch.
Selon une réalisation, les touches sont d'un diamètre suffisant, par exemple entre 6 et 8 millimètres, pour les rendre facilement manipulables au toucher.In one embodiment, the keys are of sufficient diameter, for example between 6 and 8 millimeters, to make them easily manipulable to the touch.
Dans une réalisation, le code déterminé à saisir est une suite de cinq caractères.In one embodiment, the determined code to be entered is a sequence of five characters.
Dans une autre réalisation, le code est une suite de lettres, chaque touche correspondant à une ou plusieurs lettres.In another embodiment, the code is a series of letters, each key corresponding to one or more letters.
Selon une réalisation, la carte comporte un module d' inhibition du module d' activation, ce dernier étant inhibé pendant une durée prédéterminée d'inhibition, par exemple d'une valeur de 5 secondes, soit après qu'un nombre déterminé de codes incorrects, par exemple trois, aient été saisis consécutivement, soit à l'issue de la saisie d'une séquence de taille donnée, par exemple 15 caractères, cette séquence ne comportant pas le code correct .According to one embodiment, the card includes a module for inhibiting the activation module, the latter being inhibited for a predetermined duration of inhibition, for example of a value of 5 seconds, or after a determined number of incorrect codes. , for example three, have been entered consecutively, or after the entry of a sequence of a given size, for example 15 characters, this sequence does not include the correct code.
Dans une autre réalisation, la durée prédéterminée d'inhibition est augmentée, par exemple par incrément, lors de chaque nouvelle saisie d'un code incorrect, ou de la saisie de toute nouvelle séquence ne comportant pas le code correct. Selon une réalisation, la durée d'inhibition prédéterminée présente une valeur limite, par exemple 30 secondes .In another embodiment, the predetermined duration of inhibition is increased, for example incrementally, at each new entry of an incorrect code, or the entry of any new sequence does not include the correct code. According to one embodiment, the predetermined inhibition duration has a limit value, for example 30 seconds.
Dans une réalisation, la durée d' inhibition reprend sa valeur de départ lors de la saisie du code correct. Selon une autre réalisation, la carte comporte des moyens pour émettre un premier son caractéristique de la pression d'une touche, ainsi que pour émettre un deuxième son caractéristique de la saisie du code correct, les deux sons étant différenciés . Dans une réalisation, la carte comporte des moyens de modifier le code.In one embodiment, the inhibition time resumes its initial value when entering the correct code. According to another embodiment, the card comprises means for transmitting a first characteristic sound of the pressure of a key, as well as for emitting a second characteristic sound of the correct code input, the two sounds being differentiated. In one embodiment, the card includes means for modifying the code.
Dans une autre réalisation, le module fonctionnel inclut un module acoustique pour émettre une signature acoustique.In another embodiment, the functional module includes an acoustic module for transmitting an acoustic signature.
Selon une réalisation, la carte est telle qu' elle répond aux spécifications des normes ISO 7810 et/ou ISO 7816.According to one embodiment, the card is such that it meets the specifications of the ISO 7810 and / or ISO 7816 standards.
D'autres caractéristiques et avantages de l'invention apparaîtront avec la description faite ci-dessous, cette dernière étant effectuée à titre descriptif et non limitatif en faisant référence aux dessins ci-après sur lesquels:Other characteristics and advantages of the invention will become apparent with the description given below, the latter being carried out for descriptive and non-limiting purposes with reference to the following drawings in which:
La figure 1 représente une carte selon l'invention.FIG. 1 represents a card according to the invention.
La figure 2 est un diagramme schématique de la carte illustrant le fonctionnement de la carte selon l'invention. Selon la figure 1, une carte 100 selon l'invention comprend un certain nombre de zones normalisées 104 à 109. De telles zones incluent notamment une zone d'embossage 104, une zone pour la piste magnétique 105 située sur l'envers, une zone pour une puce 106, une zone pour l'identification de l'organisme qui a délivré la carte 107, une zone pour le client dudit organisme 108, une zone 109 pour un hologramme...Figure 2 is a schematic diagram of the card illustrating the operation of the card according to the invention. According to FIG. 1, a card 100 according to the invention comprises a certain number of standardized zones 104 to 109. Such zones include, in particular, an embossing zone 104, an area for the magnetic strip 105 located on the backside, a zone for a chip 106, a zone for the identification of the organism that delivered the card 107, a zone for the client of said organism 108, a zone 109 for a hologram ...
Des touches 101 sont présentes sur une zone non attribuée 110 par la norme. Ces touches 101 permettent de saisir un code. Les touches sont disposées sur une rangée unique située à proximité de l'arête d'un grand côté de la carte. La zone ainsi est occupée par les touches est laissée libre par la norme.Keys 101 are present on an unassigned area 110 by the standard. These keys 101 make it possible to enter a code. The keys are arranged in a single row near the edge of a large side of the map. The zone thus occupied by the keys is left free by the norm.
Ainsi que représenté sur la figure 2, les touches 201 sont reliées à un module d'activation 202 destiné à activer le module fonctionnel 203 lorsqu'un code correct est saisi à l'aide des touches 201.As shown in FIG. 2, the keys 201 are connected to an activation module 202 intended to activate the functional module 203 when a correct code is entered using the keys 201.
Ce module d'activation 202 active le module fonctionnel 203 lorsqu'un code correct est saisi à l'aide des touches. Ce module fonctionnel 203 est avantageusement un module acoustique pour émettre une signature acoustique. Cette signature garantit l'identification de l'utilisateur. L'utilisation d'un module acoustique présente de nombreux avantages. Une signature acoustique peut être modifiée aisément. Une signature acoustique n'est généralement pas résidente dans une machine précise mais itinérante. De plus, une signature acoustique est difficilement copiable. En effet, sur un ordinateur, dispositif le plus commun dans lequel l'invention peut être avantageusement mise en oeuvre, un microphone acoustique, lecteur acoustique le plus répandu, ne peut être mis en écoute que par un logiciel à la fois. Il n'est donc pas possible qu'un programme pirate puisse copier la signature acoustique .,This activation module 202 activates the functional module 203 when a correct code is entered using the keys. This functional module 203 is advantageously an acoustic module for emitting an acoustic signature. This signature guarantees the identification of the user. The use of an acoustic module has many advantages. An acoustic signature can be easily modified. An acoustic signature is generally not resident in a precise but traveling machine. In addition, an acoustic signature is difficult to copy. Indeed, on a computer, the most common device in which the invention can be advantageously implemented, an acoustic microphone, the most widespread acoustic drive, can be set listening only one software at a time. It is therefore not possible for a pirate program to copy the acoustic signature.
Le module fonctionnel 203 de la carte peut également être une fonction GPS, un module d'autorisation d'accès actif lorsque la carte est introduite dans un lecteur...The functional module 203 of the card can also be a GPS function, an active access authorization module when the card is inserted into a reader ...
La carte 100 selon le mode de réalisation proposé sur la figure 1, possède 6 boutons. En effet, ce nombre de boutons entre sur la zone non normalisée 110 des cartes ISO sans nuire à l'accessibilité et à l'ergonomie des boutons, qui sont classiquement de 6 à 7 mm de diamètre. Un problème corollaire à l'usage de 6 touches pour saisir un code est la diminution des possibilités pour le code. Ainsi selon un mode de réalisation, le code à saisir est à 5 caractères . De cette façon, la probabilité est proche de celle obtenue avec un code à 4 caractères sur un pavé numériques à 10 touches. En effet, le nombre de possibilités est de 6A5=7776 alors qu'il est de 10A4= 10000 avec un pavé numérique.The card 100 according to the embodiment proposed in FIG. 1, has 6 buttons. Indeed, this number of buttons enters the non-standard area 110 ISO cards without harming the accessibility and ergonomics buttons, which are typically 6 to 7 mm in diameter. A corollary problem with the use of 6 keys to enter a code is the decrease of the possibilities for the code. Thus according to one embodiment, the code to be entered is 5 characters. In this way, the probability is close to that obtained with a 4-digit code on a 10-key numeric keypad. Indeed, the number of possibilities is 6 A 5 = 7776 while it is 10 A 4 = 10000 with a numeric keypad.
Chacune des 6 touches 101 correspondent par exemple à un ensemble de quatre lettres, ainsi que représenté sur la figure 1. Cette caractéristique permet de proposer des codes qui sont des mots et, donc, qui sont plus faciles à mémoriser.Each of the 6 keys 101 correspond, for example, to a set of four letters, as shown in FIG. 1. This characteristic makes it possible to propose codes that are words and, therefore, that are easier to memorize.
Selon la figure 1, les touches sont situées en haut à gauche de la carte et le long de l'arête supérieure. Cela permet que l'utilisateur puisse saisir le code aisément avec le pouce lorsque la carte est tournée de 90° vers la droite. L'ergonomie de la saisie est ainsi garantie.According to Figure 1, the keys are located at the top left of the map and along the upper edge. This allows the user to easily enter the code with the thumb when the map is rotated 90 ° to the right. The ergonomics of the input is thus guaranteed.
La carte possède avantageusement des éléments sonores pour émettre des sons, notamment lorsque les touches sont pressées et lorsqu'un code correct a été saisi, ce dernier cas peut avantageusement donner lieu à un son différent.The card advantageously has sound elements for emitting sounds, especially when the keys are pressed and when a correct code has been entered, the latter case can advantageously give rise to a different sound.
La carte possède avantageusement un module de temporisation 210. Ce module 210 peut, par exemple, se déclencher à partir d'un certain nombre de touches tapées, par exemple 5 ou 40, sans qu'une bonne séquence de caractères incluant le code correct soit saisie. Au sein de la carte cela se traduit pratiquement par la présence d'un compteur d'appuis de touches avec un seuil de déclenchement. Au-delà d'un tel seuil, il déclenche alors un module d'inhibition 211 qui va inhiber le fonctionnement du module d'activation 202 pendant une période prédéterminée. La durée prédéterminée peut par exemple être de 5 secondes. Pendant cette durée, l'appui sur les touches n'est pas pris en compte pendant la période d'inhibition et il est avantageux que l'appui sur les touches ne déclenche pas de son.The card advantageously has a timer module 210. This module 210 may, for example, be triggered from a number of typed keys, for example 5 or 40, without a good sequence of characters including the correct code is capture. In the map this is practically translated by the presence of a counter of keystrokes with a trigger threshold. Beyond such a threshold, it then triggers an inhibition module 211 which will inhibit the operation of the activation module 202 for a predetermined period. The predetermined duration may for example be 5 seconds. During this time, pressing the keys is not taken into account during the muting period and it is advantageous that pressing the keys does not trigger sound.
Le module de temporisation 210 peut aussi être tel que la durée d' inhibition possède une durée qui augmente au fur et à mesure de manière, par exemple, que pour réaliser 100 essais de code infructueux, il faille une heure. Cela permet de retarder la fraude . La durée d' inhibition peut être augmentée par incrément, par exemple d'une valeur de 5 secondes, lors de chaque nouvelle saisie d'un code incorrect. La durée d'inhibition présente avantageusement une valeur limite, par exemple de 30 secondes, au-delà de laquelle elle n'augmentera plus, même en cas de nouvelle saisie d'un code incorrect. A l'inverse, la saisie du code correct réinitialise la valeur de la durée prédéterminée d'inhibition, qui reprend donc sa valeur de départ.The timer module 210 may also be such that the duration of inhibition has a duration that increases as and for example, so that to perform 100 unsuccessful code tests, it takes one hour. This helps to delay fraud. The inhibition time can be incrementally increased, for example by a value of 5 seconds, each time a new code is entered incorrectly. The inhibition time advantageously has a limit value, for example 30 seconds, beyond which it will not increase, even in case of new entry of an incorrect code. Conversely, entering the correct code resets the value of the predetermined inhibition time, which therefore resumes its initial value.
Le module de temporisation 210 tient compte de toutes les activations des touches 201 même accidentelles. La carte peut également inclure un module d' inhibition 211 déclenché lorsqu'une bonne séquence correspondant au code n'est pas entré lors de l'équivalent de 3 essais, notamment après 15 touches tapées dans l'exemple présenté plus haut. Un tel module d'inhibition 211 peut également être commandable par l'utilisateur s'il souhaite neutraliser temporairement sa carte. Il peut être implémenté en combinaison avec le module de temporisation 210 présenté auparavant. Il se déclenche alors après de multiples temporisations lorsqu'un trop grand nombre de touches ont été appuyées.The timing module 210 takes into account all the activations of the keys 201 even accidental. The card may also include a muting module 211 triggered when a good sequence corresponding to the code is not entered during the equivalent of 3 trials, especially after 15 keys typed in the example presented above. Such an inhibition module 211 may also be user-controllable if it wishes to temporarily disable its card. It can be implemented in combination with the timing module 210 presented before. It is then triggered after multiple delays when too many keys have been pressed.
Avantageusement le code peut être modifié. Afin de changer le code, l'utilisateur doit entrer le code actuel. Ensuite deux possibilités peuvent être mise en œuvre. La première consiste à saisir deux fois de suite un nouveau code. La seconde consiste à saisir une commande, CH par exemple (pour « changer ») suivie de deux fois de suite un nouveau code. Un mot de passe plus long qu'une suite de 5 caractères peut également être mis en œuvre selon l'invention.Advantageously, the code can be modified. In order to change the code, the user must enter the current code. Then two possibilities can be implemented. The first is to enter a new code twice in a row. The second is to enter a command, CH for example (to "change") followed twice by a new code. A password longer than a sequence of 5 characters can also be implemented according to the invention.
La carte selon l'invention peut comprendre, en combinaison avec l'invention, des moyens pour réaliser les fonctions habituelles généralement proposées avec ce genre de carte, notamment l'usage d'un code d'identification saisi sur un terminal .The card according to the invention may comprise, in combination with the invention, means for performing the usual functions generally proposed with this type of card, in particular the use of an identification code entered on a terminal.
Les modules d'une carte selon l'invention peuvent implémenter des moyens matériels ou logiciels ou une combinaison de tels moyens . Lorsque la mise en œuvre est réalisée par des moyens logiciels, l'invention peut utiliser un produit programme d' ordinateur incluant des instructions pour réaliser les modules selon l' invention. The modules of a card according to the invention can implement hardware or software means or a combination of such means. When the implementation is carried out by software means, the invention may use a computer program product including instructions for making the modules according to the invention.

Claims

REVENDICATIONS
1. Carte de format normalisé comportant des touches, un module fonctionnel et un module d' activation destiné à activer le module fonctionnel lorsqu'un code déterminé est saisi par le biais des touches, lesdites touches étant positionnées sur une rangée unique située à proximité de l'arête d'un grand côté de la carte, de manière à ce que les touches soient dans une zone laissée libre par la norme.A standardized format card comprising keys, a functional module and an activation module for activating the functional module when a given code is entered by means of the keys, said keys being positioned on a single row located near the edge of a large side of the map, so that the keys are in an area left free by the standard.
2. Carte selon la revendication 1, comportant au plus six touches . 2. Card according to claim 1, comprising at most six keys.
3. Carte selon l'une des revendications 1 et 2, dans laquelle chaque touche présente une forme bombée, pour les rendre aisément différenciables au toucher.3. Card according to one of claims 1 and 2, wherein each key has a convex shape, to make them easily distinguishable to the touch.
4. Carte selon l'une des revendications précédentes, dans laquelle les touches sont d'un diamètre suffisant, par exemple entre 6 et 8 millimètres, pour les rendre facilement manipulables au toucher.4. Card according to one of the preceding claims, wherein the keys are of sufficient diameter, for example between 6 and 8 millimeters, to make them easily manipulable to the touch.
5. Carte selon l'une des revendications précédentes, dont le code déterminé à saisir est une suite de cinq caractères . 5. Card according to one of the preceding claims, the code determined to be entered is a sequence of five characters.
6. Carte selon la revendication 5, dont le code est une suite de lettres, chaque touche correspondant à une ou plusieurs lettres.6. The card of claim 5, the code is a series of letters, each key corresponding to one or more letters.
7. Carte selon l'une des revendications précédentes, comportant un module d' inhibition du module d' activation, ce dernier étant inhibé pendant une durée prédéterminée d'inhibition, par exemple d'une valeur de 5 secondes, soit après qu'un nombre déterminé de codes incorrects, par exemple trois, aient été saisis consécutivement, soit à l'issue de la saisie d'une séquence de taille donnée, par exemple 15 caractères, cette séquence ne comportant pas le code correct.7. Card according to one of the preceding claims, comprising a module for inhibiting the activation module, the latter being inhibited for a predetermined duration of inhibition, for example a value of 5 seconds, or after a determined number of incorrect codes, for example three, have been entered consecutively, or after the entry of a sequence of a given size, for example 15 characters, this sequence does not include the correct code.
8. Carte selon la revendication 7, dans laquelle la durée prédéterminée d'inhibition est augmentée, par exemple par incrément, lors de chaque nouvelle saisie d'un code incorrect ou de la saisie de toute nouvelle séquence ne comportant pas le code correct.The card according to claim 7, wherein the predetermined duration of inhibition is increased, for example incrementally, at each new entry of an incorrect code or entering any new sequence that does not have the correct code.
9. Carte selon la revendication 8, dans laquelle la durée d'inhibition prédéterminée présente une valeur limite, par exemple 30 secondes .9. The card of claim 8, wherein the predetermined inhibition time has a limit value, for example 30 seconds.
10. Carte selon l'une des revendications 8 et 9, dans laquelle la durée d' inhibition reprend sa valeur de départ lors de la saisie du code correct.10. Card according to one of claims 8 and 9, wherein the inhibition period resumes its initial value when entering the correct code.
11. Carte selon l'une des revendications précédentes, comportant des moyens pour émettre un premier son caractéristique de la pression d'une touche, ainsi que pour émettre un deuxième son caractéristique de la saisie du code correct, les deux sons étant différenciés.11. Card according to one of the preceding claims, comprising means for transmitting a first sound characteristic of the pressure of a key, and for transmitting a second sound characteristic of the correct code input, the two sounds being differentiated.
12. Carte selon l'une des revendications précédentes, comportant des moyens de modifier le code.12. Card according to one of the preceding claims, comprising means for modifying the code.
13. Carte selon l'une des revendications précédentes, dans laquelle le module fonctionnel inclut un module acoustique pour émettre une signature acoustique.The card according to one of the preceding claims, wherein the functional module includes an acoustic module for transmitting an acoustic signature.
14. Carte selon l'une des revendications précédentes, telle qu'elle répond aux spécifications des normes ISO 7810 et/ou ISO 7816. 14. Card according to one of the preceding claims, as it meets the specifications of ISO 7810 and / or ISO 7816.
EP05857316A 2004-06-29 2005-06-22 Smart card comprising a keypad Withdrawn EP1763850A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
FR0451358A FR2872362B1 (en) 2004-06-29 2004-06-29 KEYBOARD MEMORY CARD
PCT/FR2005/050482 WO2006087435A1 (en) 2004-06-29 2005-06-22 Smart card comprising a keypad

Publications (1)

Publication Number Publication Date
EP1763850A1 true EP1763850A1 (en) 2007-03-21

Family

ID=34946034

Family Applications (1)

Application Number Title Priority Date Filing Date
EP05857316A Withdrawn EP1763850A1 (en) 2004-06-29 2005-06-22 Smart card comprising a keypad

Country Status (5)

Country Link
US (1) US20070246529A1 (en)
EP (1) EP1763850A1 (en)
JP (1) JP4721367B2 (en)
FR (1) FR2872362B1 (en)
WO (1) WO2006087435A1 (en)

Families Citing this family (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7874488B2 (en) * 2007-05-31 2011-01-25 Red Hat, Inc. Electronic ink for identity card
US20090037275A1 (en) * 2007-08-03 2009-02-05 Pollio Michael J Consolidated membership/rewards card system
US9646240B1 (en) * 2010-11-05 2017-05-09 Dynamics Inc. Locking features for powered cards and devices
US9430633B2 (en) * 2012-07-12 2016-08-30 International Business Machines Corporation Aural cuing pattern based mobile device security
US8955746B2 (en) 2012-09-27 2015-02-17 Intel Corporation Providing a locking technique for electronic displays
EP3518570B1 (en) 2014-03-19 2020-11-04 Bluefin Payment Systems, LLC Systems and methods for creating fingerprints of encryption devices
US9461973B2 (en) 2014-03-19 2016-10-04 Bluefin Payment Systems, LLC Systems and methods for decryption as a service
US11256798B2 (en) 2014-03-19 2022-02-22 Bluefin Payment Systems Llc Systems and methods for decryption as a service
EP3631718A4 (en) 2017-06-02 2020-12-16 Bluefin Payment Systems, LLC Systems and methods for managing a payment terminal via a web browser
US11070534B2 (en) 2019-05-13 2021-07-20 Bluefin Payment Systems Llc Systems and processes for vaultless tokenization and encryption
US11711350B2 (en) 2017-06-02 2023-07-25 Bluefin Payment Systems Llc Systems and processes for vaultless tokenization and encryption

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5180902A (en) * 1988-04-21 1993-01-19 David Schick Self verifying transaction card with disabling capability
US5452352A (en) * 1990-03-20 1995-09-19 Talton; David Automatic dialing system
FR2665279A1 (en) * 1990-07-24 1992-01-31 Aschenbroich Yves Process for protecting portable cards containing information in memory and device for its implementation
FR2740582B1 (en) * 1995-10-26 1997-11-28 Gemplus Sca HYBRID DEVICE WITH FLUSHING CONTACTS AND PRODUCING ACOUSTIC SIGNALS, AND MANUFACTURING METHOD
US6257486B1 (en) * 1998-11-23 2001-07-10 Cardis Research & Development Ltd. Smart card pin system, card, and reader
IL138323A0 (en) * 2000-09-07 2009-02-11 Av Doron Smart magnetic card
US7347382B2 (en) * 2004-02-06 2008-03-25 T-Ink, Llc System for securing personal cards

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See references of WO2006087435A1 *

Also Published As

Publication number Publication date
JP2008504619A (en) 2008-02-14
US20070246529A1 (en) 2007-10-25
JP4721367B2 (en) 2011-07-13
FR2872362A1 (en) 2005-12-30
WO2006087435A1 (en) 2006-08-24
FR2872362B1 (en) 2007-06-01

Similar Documents

Publication Publication Date Title
WO2006087435A1 (en) Smart card comprising a keypad
US20060266831A1 (en) System & apparatus for improving proximity smartcard security
CN107223254B (en) Method, user device, and storage medium for hidden setting processing
FR2685510A1 (en) METHOD OF AUTHENTICATING, BY AN OUTER ENVIRONMENT, A PORTABLE OBJECT CONNECTED THROUGH THIS MEDIUM THROUGH A TRANSMISSION LINE, AND SYSTEM FOR IMPLEMENTING THE SAME.
US8117652B1 (en) Password input using mouse clicking
WO1998028720A1 (en) Self-diagnostic or supervisory terminal and method and portable object used in such terminal or method
EP1958132B1 (en) Microprocessor and/or memory card provided with a display
EP2569735B1 (en) Payment card comprising an electronic game chip
BE1026023B1 (en) Device and method for identifying a user
EP3234848B1 (en) Method of dispatching an item of security information and electronic device able to implement such a method
FR2928755A1 (en) METHOD FOR SECURING A PROGRAM EXECUTION
BE1026342B9 (en) DEVICE AND METHOD FOR SECURE IDENTIFICATION OF A USER
EP3803813A1 (en) Device and method for secure identification of a user
FR2969342A1 (en) Method for entering confidential code to device e.g. computer, to authenticate user, involves selecting character based on time of detection switching of input button, and forming ring for entering each letter in confidential code
WO2007042556A1 (en) Control system with fingerprint sensor
FR2834366A1 (en) SELF-LOCKING CHIP CARD, DEVICE FOR SECURING SUCH A CARD AND RELATED METHODS
AU2021101257A4 (en) Usb: auto data store your gmail and link share your mobile no.) using ai- based programming
FR3045876A1 (en) METHOD FOR PRODUCING A CHALLENGE WORD, ELECTRONIC DEVICE, PERIPHERAL DEVICE AND SYSTEM IMPLEMENTING SAID METHOD
EP3552190B1 (en) Method for securing data input, communication terminal and corresponding program
FR3092412A1 (en) Authentication of a user of an electronic device
EP3690685A1 (en) Method for authenticating a user and associated device
EP3924806A1 (en) Method for controlling a computer device for entering a personal code
FR3115127A1 (en) Biometric enrollment with verification
FR3010813A1 (en) METHOD FOR AUTHENTICATING A USER OF A TERMINAL
FR2916593A1 (en) METHOD AND DEVICE FOR DETECTING A SUBSTITUTION TEST OF A GENUINE PART OF AN ELECTRONIC SYSTEM BY A REPLACEMENT PART

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LI LT LU MC NL PL PT RO SE SI SK TR

AX Request for extension of the european patent

Extension state: AL BA HR LV MK YU

17P Request for examination filed

Effective date: 20070418

RBV Designated contracting states (corrected)

Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LI LT LU MC NL PL PT RO SE SI SK TR

DAX Request for extension of the european patent (deleted)
17Q First examination report despatched

Effective date: 20081121

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20090402