GB2434905A - Smart card reaffirmation service - Google Patents

Smart card reaffirmation service Download PDF

Info

Publication number
GB2434905A
GB2434905A GB0602143A GB0602143A GB2434905A GB 2434905 A GB2434905 A GB 2434905A GB 0602143 A GB0602143 A GB 0602143A GB 0602143 A GB0602143 A GB 0602143A GB 2434905 A GB2434905 A GB 2434905A
Authority
GB
United Kingdom
Prior art keywords
service
smart card
reaffirming
pin
card
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
GB0602143A
Other versions
GB0602143D0 (en
Inventor
Eyal Webber-Zvik
Yossi Fixman
Jacob Mendel
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
SCsquare Ltd
Original Assignee
SCsquare Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by SCsquare Ltd filed Critical SCsquare Ltd
Priority to GB0602143A priority Critical patent/GB2434905A/en
Publication of GB0602143D0 publication Critical patent/GB0602143D0/en
Publication of GB2434905A publication Critical patent/GB2434905A/en
Withdrawn legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1008Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1025Identification of user by a PIN code
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1025Identification of user by a PIN code
    • G07F7/1083Counting of PIN attempts

Landscapes

  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Accounting & Taxation (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Theoretical Computer Science (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

An Internet based system for reactivating (reaffirming) a smart card is available only to a cardholder who has registered in advance of a denial or blocking of the card. A reaffirming service provider works on behalf of the smart card service provider. Personal data provided by a cardholder to the reaffirming service provider during the registration process is encrypted and stored in a user database that is used in the reaffirming procedure for identifying the applicant (174) in conjunction with the PIN associated with the PIN associated with the card (172). The card is unblocked (178) when a second PIN (an 'unblocking PIN') is verified (176). A new unblock PIN is then generated for future use (180).

Description

<p>FIELD OF THE INVENTION</p>
<p>The present invention relates in general to smart cards and in particular to re -affirming denied card service.</p>
<p>BACKGROUND OF THE INVENTION</p>
<p>Smart cards (SC) are commonly employed as an authentication means for identifying a user. In a variety of known services such as electronic financial transactions, mobile communications, or accessing computer networks, a user is identified by means of the SC and by a variety of additional means, for example by a personal password or a personal identifying number (PIN). SCs typically get an automatic service denial following submission of a succession of erroneous PINs. A reaffirming service (RS) associated with a SC service is provided as described by reference to Fig. I in which a flow chart of a typical reaffirming process of a blocked SC is shown. A user whose smart card has been blocked applies for RS in step 10. The RS provider may negotiate with the user terms of the service in step 12. This step usually includes additional identification procedures such as comparing between newly provided answers to personal data stored in the user database controlled by the service provider. If the user identity is confirmed, the SC service is unblocked in step 16. If the identity is not confirmed the denied SC service is not unblocked. RS providers normally operate help desks in which authorized personnel members carry out the reaffirming process. Often a user from his/her personal computer or terminal in the computer network individually carries out a reaffirming process, such as by means of a web site. Typically in such a case, the user has to answer a security questionnaire. The newly provided answers are automatically compared to personal data stored in the user database managed by the service provider. By successful completion of such comparison the applicant gets a re-approval for his SC service and may change the previous PIN to a new one. However, such a web page, which is linked to the database of the service provider, is publicly accessible and is therefore potentially exposed to an unauthorized intruder.</p>
<p>BRIEF DESCRIPTION OF THE DRAWINGS</p>
<p>Fig. I is a flowchart of a prior art reaffirming process; Fig. 2 is a flowchart describing the registration process to a re-affirming service (RS) according to a preferred embodiment of the present invention; Fig. 3 is a flowchart of a re-affirming process of a denied smart card employing a RS of the invention;</p>
<p>DETAILED DESCRIPTION OF THE PRESENT INVENTION</p>
<p>In accordance with a preferred embodiment of the invention reaffirming a previously denied service for smart cards is done by a web based procedure described below. In order to apply for a reaffirming service the cardholder has to register his/her name in the reaffirming service (RS) provider list first. The RS provider works on behalf of the SC card service provider or in an association with it. The registration process is available to a cardholder at any time as long as his/her smart card is active. A cardholder whose smart card service has been denied, and who has not registered prior to the time of the denial of service, has to personally approach a help desk where an authorized personnel member is to carry out the process of re-approval of the service. To explain the registration procedure reference is first made to Fig. 2. A cardholder who applies for the service, whose smart card is active and having in his possession an unlocking PIN, accesses the web site of the RS provider within the Internet and selects the registration process, in step 20. From this moment up to the end of the process the communications between the applicant and the RS server are carried out via a secured communications channel. In step 22 the terms and conditions (T&Cs) of the service are presented to the applicant. If the applicant accepts the T&Cs in step 24, he/she would then proceed to step 26. If the applicant declines to accept the T&Cs, the process is ended in step 28. In step 26, the applicant is requested to insert the smart card (SC) in the card reader in order to read the identification data. The data of the SC is verified against a list of cards data approved for service in step 30. If not approved, the procedure goes to step 28 and the process ends. If approved, in step 30, encryption keys are generated in step 32 and the details of the applicant's identity are stored in a user database in step 34.</p>
<p>The applicant is required to provide answers to a security questionnaire and the answers are stored in the user database in step 36. The applicant is asked then to submit the current unblocking PIN in step 38. In return, a new unblocking PIN is generated and provided to the applicant for subsequent use at step 40. The newly received data as well as the newly generated data are encrypted by means of the new keys in step 42. The newly generated data is stored in the user database while some of the newly generated data is stored encrypted in the smart card at step 44. The applicant is notified of the successful completion of the registration process in step 46 and the process terminates in step 48. To assist the applicant, one or more applets may be sent by the service provider to be embedded in the user interface, for example in the registration process or in a reaffirming process. In accordance with the present invention The user database described hereinabove is separated from the user database of the SC service provider and is associated only with the RS service.</p>
<p>Once the applicant has been properly registered and approved for RS, the applicant becomes a user eligible for a reaffirmation service. A user can apply through the Internet to affirm a SC denied of service, which has been blocked for use. Basically, the process of reaffirmation includes verifying the applicants' identity, and unblocking the denied card. The actual unblocking is typically done providing a new PIN. A flowchart of an exemplary process of reaffirming of the blocked smart card is shown in Fig. 3. The applicant accesses the RS provider's website in the Internet and selects the reaffirming service in step 160. The T&Cs of the service are presented in step 162. The applicant is requested to confirm his/her acceptance of the T&Cs in step 164. The process terminated in step 166 if the user declines to reconfirm the T&Cs. If the T&Cs are confirmed, the smart card is inserted into the card reader and its identification details are entered in the system. From this moment on the communication between the user's interface and the RS server is carried out employing a secured communication channel. The eligibility of the SC for the RS is verified in step 170. If denied, the process terminates in step 166. If the card is approved for the service in step 170 the applicant's identity is verified by means of the PIN in step 172. The applicant's identity is verified by correct answers provided in response to some questions selected from the security questionnaire in step 174.</p>
<p>The applicant is asked to input the unblocking PIN in step 176, which is then checked with its stored value in step 177. A failure toprovide the correct unblocking PIN results in termination of the process in step 166. By inserting the correct PIN the smart card is unblocked in step 178. A new set of keys and unblocking PIN are generated in step 180. The newly generated data is is encrypted employing the new keys in step 182. The new data is stored in the smart card and in the service provider's database in step 184. The applicant is notified that the process is successfully accomplished in step 186 and the process ends in step 188.</p>

Claims (1)

  1. <p>CLAIMS</p>
    <p>1. A method for re-affirming a smart card (SC) having had a service denied with a subsequent blocking of use, said method comprising: t registering interactively through a network to a reaffirmation service (RS) as long as said SC is active; t applying for a RS subsequent to a denial of service to a SC over the Internet; i. submitting personal identification, and i. unbiocking said denied service if the identity is verified.</p>
    <p>2. A method as in claim 1, further comprising verifying identity of a cardholder by employing data originated at said registration.</p>
    <p>3. A smart card system comprising at least a reaffirming service (RS) server employing a user database.</p>
    <p>4. A smart card system as in claim 3, wherein said RS server is accessible through the Internet.</p>
GB0602143A 2006-02-03 2006-02-03 Smart card reaffirmation service Withdrawn GB2434905A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
GB0602143A GB2434905A (en) 2006-02-03 2006-02-03 Smart card reaffirmation service

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
GB0602143A GB2434905A (en) 2006-02-03 2006-02-03 Smart card reaffirmation service

Publications (2)

Publication Number Publication Date
GB0602143D0 GB0602143D0 (en) 2006-03-15
GB2434905A true GB2434905A (en) 2007-08-08

Family

ID=36100948

Family Applications (1)

Application Number Title Priority Date Filing Date
GB0602143A Withdrawn GB2434905A (en) 2006-02-03 2006-02-03 Smart card reaffirmation service

Country Status (1)

Country Link
GB (1) GB2434905A (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020138445A1 (en) * 2001-01-24 2002-09-26 Laage Dominic P. Payment instrument authorization technique
US20030037259A1 (en) * 2001-08-20 2003-02-20 Koistinen Martin J. Remote unblocking with a security agent

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020138445A1 (en) * 2001-01-24 2002-09-26 Laage Dominic P. Payment instrument authorization technique
US20030037259A1 (en) * 2001-08-20 2003-02-20 Koistinen Martin J. Remote unblocking with a security agent

Also Published As

Publication number Publication date
GB0602143D0 (en) 2006-03-15

Similar Documents

Publication Publication Date Title
US8510797B2 (en) Online user authentication
US20010027527A1 (en) Secure transaction system
US20070022196A1 (en) Single token multifactor authentication system and method
US20130262303A1 (en) Secure transactions with a mobile device
KR102479454B1 (en) Mobile communication terminal for personal authentification, personal authentification system and personal authentification method using the mobile communication terminal
US20090260072A1 (en) Identity ownership migration
US20080127321A1 (en) System and method for handling permits for user authentication tokens
WO2003009201A1 (en) Method and system for user authentication and authorization of services
US11924203B1 (en) Systems and methods for secure logon
KR20130084727A (en) Method for providing services of user identification processing
US7210163B2 (en) Method and system for user authentication and authorization of services
CN104584479B (en) The method that safety service is provided using CyberID
EP3017563B1 (en) Method of privacy preserving during an access to a restricted service
WO2010050406A1 (en) Service providing system
EP1349122B1 (en) Method and system for user authentication in a digital communication system
US20160021102A1 (en) Method and device for authenticating persons
KR100622086B1 (en) System and method for furnishing the authentication key to users to be identified
KR101547730B1 (en) Apparatus and method for managing financial account having two or more secret numbers in an account
KR20100040413A (en) Method for authenticating single sign on id supporting openid
US20210136064A1 (en) Secure use of authoritative data within biometry based digital identity authentication and verification
GB2434905A (en) Smart card reaffirmation service
KR20090048145A (en) Agent system and method for managing of identity information
JP2006215699A (en) Authentication apparatus, authentication system, authentication support system and function card
KR101354887B1 (en) The system which supports a authentication process of a user who using a non-facing service
JP7516896B2 (en) Card provision method, server and computer program

Legal Events

Date Code Title Description
WAP Application withdrawn, taken to be withdrawn or refused ** after publication under section 16(1)