GB2567682A - Authentication device - Google Patents

Authentication device Download PDF

Info

Publication number
GB2567682A
GB2567682A GB1717302.2A GB201717302A GB2567682A GB 2567682 A GB2567682 A GB 2567682A GB 201717302 A GB201717302 A GB 201717302A GB 2567682 A GB2567682 A GB 2567682A
Authority
GB
United Kingdom
Prior art keywords
security feature
authentication device
security
feature
compartment
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
GB1717302.2A
Other versions
GB2567682B (en
GB201717302D0 (en
Inventor
Moffatt Benjamin
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to GB1717302.2A priority Critical patent/GB2567682B/en
Publication of GB201717302D0 publication Critical patent/GB201717302D0/en
Publication of GB2567682A publication Critical patent/GB2567682A/en
Application granted granted Critical
Publication of GB2567682B publication Critical patent/GB2567682B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/352Contactless payments by cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K19/00Record carriers for use with machines and with at least a part designed to carry digital markings
    • G06K19/06Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code
    • G06K19/067Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components
    • G06K19/07Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components with integrated circuit chips
    • G06K19/073Special arrangements for circuits, e.g. for protecting identification code in memory
    • G06K19/07309Means for preventing undesired reading or writing from or onto record carriers
    • G06K19/07345Means for preventing undesired reading or writing from or onto record carriers by activating or deactivating at least a part of the circuit on the record carrier, e.g. ON/OFF switches
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/20Point-of-sale [POS] network systems
    • G06Q20/206Point-of-sale [POS] network systems comprising security or operator identification provisions, e.g. password entry
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/409Device specific authentication in transaction processing
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/0806Details of the card
    • G07F7/0813Specific details related to card security
    • G07F7/0826Embedded security module

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • General Physics & Mathematics (AREA)
  • Accounting & Taxation (AREA)
  • Theoretical Computer Science (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Computer Hardware Design (AREA)
  • Finance (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Lock And Its Accessories (AREA)

Abstract

A passive authentication device 60 comprises an authentication circuit 63 including an induction antenna and a security feature 65 operable to be pressed by a user. The security feature comprises first and second electrical contacts (17, 19) within the authentication circuit. The security feature has an active condition (Fig. 4A) in which the first and second contacts are separated and the authentication circuit is broken, and an inactive condition (Fig. 4B) in which the contacts are in electrical contact so as to complete the authentication circuit. The security feature is biased so as to delay return of the first and second contacts from the inactive condition to the active condition for a predefined time interval after pressure is released by the user. The security feature could be a fluid-filled button having a two-way valve (30). The device could also comprise dummy security feature(s) 67 which are visually and/or tactilely similar to the security feature but which are not operable to complete the authentication circuit when pressed by a user.

Description

AUTHENTICATION DEVICE
FIELD OF THE INVENTION
The invention relates to authentication devices, and particularly to passive authentication devices including an authentication circuit comprising an antenna. The invention relates particularly but not exclusively to contactless, radio-frequency identification (RFID), or near field communication (NFC) devices such as cards.
BACKGROUND TO THE INVENTION
Contactless, RFID or NFC enabled identification circuits built into cards, key fobs and smart devices use radio signalling to exchange information with a host system. Such devices and associated systems have widespread use in user authentication for building access, vehicle access, car sharing services, payment and transport. Often embedded into an ISO/IEC 7810 (bank sized) cards, many contactless, RFID and NFC circuits are passive such that they require no battery to be embedded into the circuit. Instead, the authentication circuit uses an antenna to parasite power off a transmitter/reader using magnetic induction. The power from the induction powers the RFID chip which subsequently uses induction to transfer identifying information.
Communication using such devices takes place without the need for the user to bring the identification circuitry into direct contact with a reader for the host system. If the device, such as a card, with the embedded circuitry is dropped, it is possible for it to be picked up and used by any person without permission or authentication from the original owner. This can result in loss of money, security or theft of connected items. Moreover, because RF-enabled devices can be read at a distance using a suitably powered transmitter/receiver, it can be possible to amplify the signal using a repeater module, making it appear that the RF-enabled device is physically near an authentic reader, thus allowing remote authentication without need to ever be in possession of the original device.
It is an object of the invention to provide an authentication device which is more difficult to access by an unauthorised user.
SUMMARY OF THE INVENTION
According to a first aspect of the invention there is provided a passive authentication device comprising an authentication circuit including an induction antenna; and a security feature operable to be pressed by a user, the security feature comprising a first electrical contact and a second electrical contact comprised within the authentication circuit. The security feature has an active condition in which the first and second contacts are separated and the authentication circuit is broken, and an inactive condition in which the first and second contacts are in electrical contact so as to complete the authentication circuit. The security feature is biased so as to delay return of the first and second contacts from the inactive condition to the active condition for a first predefined time interval after pressure on the security feature is released by the user.
The invention thus incorporates a requirement for physical manipulation of a security feature built into an authentication device in order to activate authentication circuitry within the device. The security feature is biased to return to the active condition, so that the authentication circuit is disabled in its default state and thus cannot be read remotely without the knowledge of the device owner. Delaying return of the security feature to the active condition for a predefined time interval means the user does not have to hold down the security feature whilst presenting the device to the reader. This can prevent unauthorised onlookers from observing that a security feature has been pressed.
The security feature preferably comprises a fluid-filled compartment operable to be compressed by a user, wherein the first contact is provided on a first inner wall of the compartment and the second contact is provided on a second inner wall of the compartment.
The fluid may be a gas, such as air. The compartment may operate to bias the security feature towards the active condition, such that fluid pressure within the compartment acts to return the security feature to the active condition when pressure on the security feature is released by the user.
The compartment may be formed from a moulded material such as plastic. The material from which the compartment is constructed may operate to bias the security feature towards the active condition, in that the compartment reforms to its moulded shape to return the security feature to the active condition when pressure on the security feature is released by the user.
The passive authentication device may further include a valve, such that fluid from the compartment is expelled through the valve when the security feature is compressed. The valve may be operable to open when fluid pressure is greater on one side of the valve than another side of the valve, and to close when fluid pressure is substantially equal on both sides of the valve. The valve may comprise a self-sealing valve, and may be formed of a flexible material such as rubber or silicon. Such a valve permits fluid to exit the compartment when the security feature is pressed by a user, and regulates the return of fluid into the compartment when pressure is released by the user.
The passive authentication device may further include a manifold, such that fluid from the compartment is expelled through the valve and into the manifold when the security feature is compressed. The device may further include at least one verification feature in fluid communication with the manifold, such that when the security feature is compressed fluid from the manifold activates the verification feature. The verification feature may comprise an outer layer provided with a first pattern and an inner layer provided with a second pattern, wherein fluid from the manifold is operable to separate the outer and inner layers to reveal a verification code. Such a verification code might be a CVV code, for instance.
The passive authentication device described herein may comprise a plurality of security features, each security feature comprising respective first and second contacts and each having an active condition in which the first and second contacts are separated and the authentication circuit is broken and an inactive condition in which the first and second contacts are in electrical contact, wherein the plurality of security features must simultaneously be in the inactive condition to complete the authentication circuit. Each security feature is biased so as to delay return of the first and second contacts from the inactive condition to the active condition for a predefined time interval after pressure on the security feature is released by the user. Thus a user can conveniently press the plurality of security features in succession rather than needing to press all the features simultaneously, so long as all of the security features are pressed within the first predefined time interval.
The passive authentication device may comprise at least one dummy security feature which is visually similar to the one or more security features but which is not operable to complete the authentication circuit when pressed by a user. The at least one dummy security feature may comprise a third electrical contact and a fourth electrical contact disposed within an alarm circuit. Such a circuit could be operable to indicate to a host system that an incorrect security feature has been pressed.
The passive authentication device may be shaped as a card. The one or more security features and (if present) dummy security features) may be disposed on a first face of the card and the at least one verification feature (if present) may be disposed on a second face of the card.
The time interval between a user releasing pressure from the security feature (e.g. removing a finger) and the security feature returning to the active condition may be at least 2 seconds, and is preferably at least 3 seconds. For example, the time interval may be between 2 and 15 seconds, and is preferably between 3 and 10 seconds.
The security feature, or one of the security features, may have a low profile such that it is not visible from an exterior of the authentication device.
It will be appreciated that the various features of the above aspects of the invention may be combined together in any appropriate combination in use, as desired by the skilled man.
BRIEF DESCRIPTION OF THE DRAWINGS
The invention will now be described in more detail, by way of example only, with reference to the accompanying drawings in which:
Figure 1 shows an exemplary passive authentication device including a security feature and a verification feature;
Figure 2 illustrates an exemplary security feature;
Figure 3 illustrates an exemplary verification feature;
Figure 4 is a cross sectional view through an exemplary authentication device including a plurality of security features;
Figure 5 is a cross sectional view through a valve of the type shown in Figures 1 and 4;
Figure 6 shows an alternative exemplary passive authentication device including a plurality of security features, a dummy security feature and a verification feature;
Figure 7 shows a further alternative exemplary passive authentication device including a security feature and a plurality of dummy security features: and
Figure 8 shows another further alternative exemplary passive authentication device including a plurality of security features.
DETAILED DESCRIPTION
Figure 1 shows an example of a passive authentication device 10. The device includes an authentication circuit 13. The circuit is passive, in that it does not include a dedicated power source, but rather includes an antenna that is operable to draw power from a transmitter/receiver within a host system (not shown) via magnetic induction. Such devices are well known in the art, and include, for example RFID, NFC and contactless devices. Such circuits typically also include a memory, such as a chip 14, which stores security information and is operable to transmit that information when interrogated by a host system.
As explained above, a problem with prior art authentication devices is that it is possible for the security information stored in the chip 14 to be read remotely without knowledge of the owner of the device. This is because the authentication circuit 13 is always operational.
In order to reduce the risk of unauthorised access, the device 10 as disclosed herein additionally includes a security feature 15 operable to be pressed by a user. As shown in more detail in Figures 2 and 4, the security feature 15 comprises a first electrical contact 17 and a second electrical contact 19. The contacts 17, 19 are comprised within the authentication circuit 13, such that the security feature has an active condition (see Figure 4, diagram A) in which the first and second contacts are separated and the authentication circuit is broken, and an inactive condition (see Figure 4, diagrams B and C) in which the first and second contacts are in electrical contact so as to complete the authentication circuit. As will be described in more detail below, the security feature is biased so as to delay return of the first and second contacts from the inactive condition to the active condition for a predefined time interval after pressure on the security feature is released by the user.
The security feature may be provided as a compartment 21 that is operable to be compressed by a user. The compartment includes an internal cavity 23 which is filled with a fluid, such as air. The first contact 17 is provided on a first inner wall 25 of the compartment and the second contact 19 is provided on a second inner wall 27 of the compartment, such that when the compartment is in an undeformed state the contacts are separated but when the compartment is compressed by the user the first and second contacts are brought together, so completing the authentication circuit. In this condition the security feature is inactive, meaning that the antenna is able to function and the chip 14 can be interrogated by a host system. The compartment 21 thus functions as a button which can be operated by a user to switch on the authentication circuit 13 of the authentication device 10.
It will be appreciated that the compartments could be of any shape and size suitable for the particular application intended for the authentication device. For instance, the device 10 shown in the Figures is provided in the form of a card 29, such as a bank card enabled for contactless payment. The example compartments shown have a height of around 0.5mm, which allows them to fit easily within a user’s purse or wallet. However, the height of the compartment may be selected to be lower or higher as required, e.g. between 0.1mm-2mm, or 0.2mm-1mm. The compartments are approximately lOmmxlOmm square, but could have any footprint appropriate for the desired implementation of the device, e.g. 0.5mmx0.5mm-15mmxl5mm.
The device 10 may further include a valve 30. In the example shown the valve is a self-sealing valve that is located in a wall of the compartment. The valve 30 may be a pressure-operated two-way valve, in that the valve is operable to open when fluid pressure is greater on one side of the valve than another side of the valve, and to close when fluid pressure is substantially equal on both sides of the valve.
Referring to Figure 4, picture A, when the security feature is in the active condition (i.e. contacts 17, 19 are separated), the pressure in the interior 23 of the compartment 21 is substantially equal to the pressure in a region exterior to the compartment, such that the valve 30 remains closed. As shown in Figure 4, picture B, when the compartment 21 is compressed by a user in order to bring the contacts together (i.e. to place the security feature in the inactive condition) the valve 30 is forced open. This is because the pressure in the interior of the compartment rises as the volume of the interior reduces, thus creating a pressure differential between the interior of the compartment and the exterior. When open, the valve 30 provides a fluid path between the internal cavity 23 of the compartment 21 and the exterior of the compartment, such that fluid from the compartment 21 is expelled through the valve as indicated by arrow 31.
With reference to Figure 4, picture C, the valve is operable to permit fluid to return to the interior of the compartment when pressure on the security feature is released, as indicated by arrows 33. For instance, the compartment may be biased to return to its initial shape, and the valve may be caused to remain open by the compartment reforming to its initial shape, thus creating a pressure differential between a negative pressure created inside the compartment when the compartment reforms and the relatively higher pressure exterior to the compartment. The valve automatically closes when the pressure in the interior of the compartment is equal to the pressure exterior to the compartment. The time until the valve recloses is governed by the size of the valve opening 32 and the volume of the internal cavity 23, as well as by the material from which the compartment is made (which might be a plastic). For instance, the smaller the valve opening 32 for a given cavity volume, the longer it will take to refill the cavity, and hence the longer the time interval until the contacts 17, 19 re-separate. Alternatively, or additional, the material the compartments are manufactured from can affect the refill time - a thicker material will exert a greater force (so increased pressure differential) when attempting to return to its original shape than a thinner material, for example. The material properties for the material chosen can also affect the time it takes the compartment to reform. The construction and/or dimensions of the security feature can thus be tailored to define the time interval until the contacts return from the inactive condition to the active condition. It is preferred that the button should remain depressed for between 3-10 seconds.
Figure 5 shows further detail of the valve 30 opening and closing. In picture A the valve is closed, such that the valve opening 32 is substantially fully sealed and does not allow fluid to flow through the valve. In picture B, the valve is shown part way through the act of opening under fluid pressure 34 - as pressure rises on one side of the valve the material from which the valve is formed begins to deform causing the valve opening 32 to begin to separate. In picture C, the valve is fully open, permitting fluid to flow through the valve as indicated by arrow 31. Once the pressure on either side of the valve begins to equalise, the valve will begin to close. The valve may be formed from any suitably resilient material which is operable to open and then substantially reseal under the pressure differential created by depressing the security feature. In one example, the valve is formed from silicone in which a pinhole is pierced (e.g. approximately 0.25mm diameter). The hole is small enough that the valve essentially reseals almost completely once the air has been pushed out to allow enough time to usefully have the button depressed while the compartment slowly refills.
If required, the device 10 may further include a manifold 35. The manifold 35 may be in fluid communication with the interior 23 of the compartment via the valve 30, such that fluid from the compartment is expelled through the valve and into the manifold when the security feature is compressed. This arrangement results in an increased pressure in the manifold when the security feature is compressed, thus assisting the return of the fluid into the compartment when pressure on the security feature is released.
Referring again to Figure 1, the device further includes a verification feature 37. The verification feature 37 is in fluid communication with the manifold, such that when the security feature is compressed fluid from the manifold activates the verification feature. One example of a verification feature 37 is shown in Figure 3. In this example, the verification feature comprises an outer layer 39 provided with a first pattern and an inner layer 41 provided with a second pattern. When the first and second patterns are overlaid, neither pattern is clearly visible, as indicated in panel 43. However, when the first and second patterns are separated, a verification code 45 becomes visible. The verification feature may thus be in the form of an inflatable pocket, such that fluid from the manifold is operable to separate the outer and inner layers to reveal the verification code when it flows into the pocket.
When the authentication device is provided in the form of a card 29, such as a bank card enabled for contactless payment, the card 29 may include a body 47 and may have a first face 49 and a second face 51. The security feature 15 may be provided on the first face of the card, whilst the verification feature 37 may be provided on the second, opposing face of the card.
The device described above incorporates at least one squeezable liquid or gas compartment moulded into the device, such as into a face of a contactless card. The compartment acts as a security feature operable to secure the card from unauthorised use: when pressed liquid or air in the compartment is released through the narrow rubber/silicone valve built into the body of the card. When pressure is removed from the top of the compartment the air is slowly sucked back through the value due to a negative pressure caused by the material reforming back to its moulded shape. This allows the button formed by the compartment to continue to be depressed for a time without finger pressure. A conductive coating is applied to the top and bottom layers of the compartment; when the button is pressed, contact is made completing an antenna circuit, such as an RFID circuit.
Figure 6 shows an alternative passive authentication device 60 that comprises an authentication circuit 63 and a plurality of security features 65. Each security feature 65 is similar to the security feature 15 described above, in that the security features 65 each comprise respective first and second contacts (not shown) and each have an active condition in which the first and second contacts are separated and the authentication circuit 63 is broken and an inactive condition in which the first and second contacts are in electrical contact. In the device shown in Figure 6, the plurality of security features 65 must simultaneously be in the inactive condition to complete the authentication circuit 63. Each security feature is biased so as to delay return of the first and second contacts from the inactive condition to the active condition for a predefined time interval after pressure on the security feature is released by the user. Thus a user can conveniently press the plurality of security features in succession rather than needing to press all the features simultaneously, so long as all of the security features are pressed within the first predefined time interval.
The passive authentication device 60 also comprises a dummy security feature 67. Figure 6 shows one example of a dummy security feature which is visually similar to the one or more security features 65 but which is not operable to complete the authentication circuit when pressed by a user. Figure 7 shows another example of a dummy security feature 67a, which is connected to an alarm circuit 69.
Three examples of a passive authentication device have been described above, but it will be appreciated that many alternative implementations are possible. The device could have one or a plurality of security features, e.g. 2, 3, 4 or more. The device could also have one or more dummy security features, e.g. 2, 3, 4 or more, one or more of which could be connected to an alternative circuit to the authentication circuit.
A device of the type described herein can have multiple levels of security built in, for example normal and high. In the case of normal security, there may be four squeezable compartments embedded into the device, such as a card. The user must press one of the four, release the pressure, then hold the card to a contactless reader. If the correct button has been pressed, the RFID authentication circuit will be completed and authentication/communication can take place. If any of the other three ‘incorrect’ buttons are pressed and held to the reader, the RFID authentication circuit will not be activated. In some examples, a separate RFID circuit will be enabled instead that will signal to the reader that an incorrect button press has taken place, potentially disabling the card until a higher level of security re-enables the card on the host system.
In the case of a ‘high’ security option a two button press may be required (i.e. two compartments on the face of the card must be depressed simultaneously to enable the authentication circuit). This could be achieved one handed due to the time delay between a compartment being depressed and restored. Again, if the wrong button combinations are pressed, a separate circuit might be enabled, signalling when held to the reader of the host system that an incorrect combination of button presses has been made.
A further option is to build in gestures, where a user’s finger is drawn over multiple compartments in a certain pattern. Each of these compartments will be depressed connecting up the circuit. For a small time the pattern will remain depressed in its entirety, allowing the user to hold the device up to the reader and authenticate. The device could again include dummy security features which may be avoided if the correct pattern is followed.
In the examples shown in Figures 1, 6 and 7, the compartments are approximately 10mm x 10mm square with a height of around 0.5mm, and are visibly located at an end of the first face 49 of the card. It will be appreciated however that other sizes, shapes and locations are possible for the security features. In particular, the security features could be another shape (e.g. round, rectangular, star-shaped, letter- or numeral-shaped, to name but a few possibilities). The security features could be placed anywhere on the face of the card, and could be of any dimension appropriate for a button.
The security features need not all require the same amount of pressure to activate some might require more pressure or less pressure than other security features provided on the same device. The security features may be made sufficiently small and/or low in profile to be substantially invisible from the exterior of the card. A combination of buttons, for example, one visible and one hidden, might need to be pressed to activate the authentication circuit.
For example, Figure 8 shows an alternative arrangement in which an authentication device 80 includes a plurality of security features 85, including a security feature 85a. Security feature 85a is smaller than the remainder of the security features 85, and is located in a central region of the face of the card. Security feature 85a is constructed so as to require less pressure to activate than the other security features 85, and is “hidden” in that it cannot be visibly seen from the outside of the card, yet will still activate the circuitry when pressure is applied and held.
It will be appreciated that the method by which a passive authentication device of the type described herein is manufactured may vary. For instance, the manufacture process may vary depending on the type of device being manufactured (e.g. whether the device is a card, or a key fob, or a security document, etc.) A prototype exemplary step by step manufacturing process for authentication device is described below, wherein the device being manufactured is in the form of a card. This process is an example only, and other manufacturing methods can be used if preferred. For instance, known processes for manufacturing cards featuring RFID chips may be adapted to produce a card of the type described herein if preferred.
[Circuit board creation] (1) Print a circuit on flexible copper sheet, including an antenna, break points for pressure compartments to complete the circuit and connection points for the RFID chip (2) Etch the exposed copper using a chemical etchant to leave just the printed circuit (3) Remove the printed layer using a solvent to expose copper
Note: this can also be generated using conductive printing techniques [Silicone valve creation] (1) Drill holes into a preformed plastic sheet (for example, styrene) (2) Cure silicone in these holes (3) Create a hole in the silicone using either a pin or sharp implement [Top layer creation] (1) Generate a 3D mould of the surface including buttons and any other raised features (2) Using a vacuum forming process, mould over this form to create a thin sheet replica (3) Apply conductive coating to the top of each formed compartment (4) Cut the correct dimensioned card from the vacuumed formed sheet [Base layer creation] (1) Cut from a sheet the correct card dimensions [Assembly] (1) Adhere using a suitable adhesive the layers together.
(2) Alternatively heat press the layers together using a suitable heat press mould (3) Alternatively used a chemical melting process to join the layers, such as Plastiweld.
In terms of manufacture, a device of the type described herein may have a layered/laminated construction. The authentication circuit may be constructed, for example using a flexible copped coated polymer, on which the circuit form is chemically etched. The circuit may then form the body of the device, onto which a first face layer comprising the compartments is laminated. A second face layer may be laminated onto the reverse of the circuit to form the manifold and/or verification feature(s) if required.
The circuit generation could also be achieved by directly printing between the layers using a conductive ink. Current RFID cards are produced by having a thin copper wire coil and these are soldered to an RFID chip. This is all then laminated/layered into the card body. Another alternative method of creating the circuitry is thus to use thin copper wire that forms the antenna and connections to the compartment contacts, as well as to the RFID (or similar) chip. Such a manufacturing process may be lower cost that etching a circuit on a copper sheet.
The top of each button/compartment may be coated either with a thin foil or a conductive paint in order to create the contacts.
The silicone valves have so far been created by having a 0.5mm core layer of styrene, drilling holes and curing silicone within these. A hole is then pierced through the silicone to make a valve. Alternatively, the valves could be created via injection moulding. If required, the valves might be formed directly in the base layer (e.g. if no manifold required) or directly in the circuit board.
Although an authentication device has been described herein primarily with reference to a card, such as a bank card, it will be appreciated that the device could be embodied in any other portable device which includes a passive authentication circuit of a type which might be interrogated remotely (e g. a device incorporating an RFID, NFC, or contactless chip). Examples of such devices include, but are not limited to, keys (including key fobs and key cards), smart devices such as mobile phones, watches and tablets, security documents such as passports, ID cards, payment cards and drivers licences.
Although the device described herein includes an automatic valve, it will be appreciated that the device may be arranged to require the user to undertake a further manipulation after the security feature has been compressed, such as flexing the device, to reopen the valve and allow air to re-enter.
As explained above, it will be appreciated that the amount and location of the security features can be varied by a manufacturer. It will also be appreciated that the pressure needed to activate the security features can be varied by a manufacturer.

Claims (15)

1. A passive authentication device comprising:
an authentication circuit including an induction antenna; and a security feature operable to be pressed by a user, the security feature comprising a first electrical contact and a second electrical contact comprised within the authentication circuit;
wherein the security feature has an active condition in which the first and second contacts are separated and the authentication circuit is broken, and an inactive condition in which the first and second contacts are in electrical contact so as to complete the authentication circuit; and wherein the security feature is biased so as to delay return of the first and second contacts from the inactive condition to the active condition for a predefined time interval after pressure on the security feature is released by the user.
2. The passive authentication device of claim 1, wherein the security feature comprises a fluid-filled compartment operable to be compressed by a user, and wherein the first contact is provided on a first inner wall of the compartment and the second contact is provided on a second inner wall of the compartment.
3. The passive authentication device of claim 2, wherein the device further includes a valve, such that fluid from the compartment is expelled through the valve when the security feature is compressed.
4. The passive authentication device of claim 3, wherein the valve comprises a pressure-activated silicon or rubber valve.
5. The passive authentication device of claim 3 or claim 4, wherein the device further includes a manifold, such that fluid from the compartment is expelled through the valve and into the manifold when the security feature is compressed.
6. The passive authentication device of claim 5, wherein the device further includes at least one verification feature in fluid communication with the manifold, such that when the security feature is compressed fluid from the manifold activates the verification feature.
7. The passive authentication device of claim 6, wherein the verification feature comprises an outer layer provided with a first pattern and an inner layer provided with a second pattern, wherein fluid from the manifold is operable to separate the outer and inner layers to reveal a verification code.
8. The passive authentication device of any preceding claim, wherein the device comprises a plurality of security features, each security feature comprising respective first and second contacts and each having an active condition in which the first and second contacts are separated and the authentication circuit is broken and an inactive condition in which the first and second contacts are in electrical contact, wherein the plurality of security features must simultaneously be in the inactive condition to complete the authentication circuit.
9. The passive authentication device of any preceding claim, wherein the device comprises at least one dummy security feature which is visually similar to the one or more security features but which is not operable to complete the authentication circuit when pressed by a user.
10. The passive authentication device of claim 9, wherein the at least one dummy security feature comprises a third electrical contact and a fourth electrical contact disposed within an alarm circuit.
11. The passive authentication device of any preceding claim, wherein the device is shaped as a card.
12. The passive authentication device of claim 11 as dependent directly or indirectly on claim 6, wherein the one or more security features are disposed on a first face of the card and the at least one verification feature is disposed on a second face of the card.
13. The passive authentication device of any preceding claim, wherein the time interval is at least 2 seconds, and is preferably at least 3 seconds.
14. The passive authentication device of claim 13 wherein the time interval is between 2 and 15 seconds, and is preferably between 3 and 10 seconds.
15. The passive authentication device of any preceding claim, wherein the security
5 feature has a low profile such that it is not visible from an exterior of the authentication device.
GB1717302.2A 2017-10-20 2017-10-20 Authentication device Active GB2567682B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
GB1717302.2A GB2567682B (en) 2017-10-20 2017-10-20 Authentication device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
GB1717302.2A GB2567682B (en) 2017-10-20 2017-10-20 Authentication device

Publications (3)

Publication Number Publication Date
GB201717302D0 GB201717302D0 (en) 2017-12-06
GB2567682A true GB2567682A (en) 2019-04-24
GB2567682B GB2567682B (en) 2020-12-23

Family

ID=60481790

Family Applications (1)

Application Number Title Priority Date Filing Date
GB1717302.2A Active GB2567682B (en) 2017-10-20 2017-10-20 Authentication device

Country Status (1)

Country Link
GB (1) GB2567682B (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030132301A1 (en) * 2002-12-31 2003-07-17 Massachusetts Institute Of Technology Manually operated switch for enabling and disabling an RFID card
US20040124248A1 (en) * 2002-12-31 2004-07-01 Massachusetts Institute Of Technology Methods and apparatus for wireless RFID cardholder signature and data entry

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2012073955A (en) * 2010-09-29 2012-04-12 Fujitsu Ltd Transmitter/receiver and authentication system

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030132301A1 (en) * 2002-12-31 2003-07-17 Massachusetts Institute Of Technology Manually operated switch for enabling and disabling an RFID card
US20040124248A1 (en) * 2002-12-31 2004-07-01 Massachusetts Institute Of Technology Methods and apparatus for wireless RFID cardholder signature and data entry

Also Published As

Publication number Publication date
GB2567682B (en) 2020-12-23
GB201717302D0 (en) 2017-12-06

Similar Documents

Publication Publication Date Title
EP2055034B1 (en) Proximity payment card with user-actuated switch and methods of making the card
US7967214B2 (en) Card configured to receive separate battery
US6863220B2 (en) Manually operated switch for enabling and disabling an RFID card
US9471825B2 (en) Method of manufacturing an electronic card
EP1004980A2 (en) Smart card PIN system, card, and reader
US20070200681A1 (en) Identity Device Including Switchable RFID Tag
US20070200684A1 (en) RFID Device Configured for Data Entry
US20070200679A1 (en) RFID Device Including Multiple RFID Tags
US20100102131A1 (en) Systems and Methods for Disabling a Contactless Transaction Device
US11797816B2 (en) Multi-purpose smart card with user trusted bond
US8490880B2 (en) Proximity payment device with active switch
US20020060249A1 (en) Authentication device with transmission speed synchronization capabilities
GB2567682A (en) Authentication device
US20100052912A1 (en) Methods and apparatus for an id card security switch
US20100078485A1 (en) Subscriber identity module card
US20200265289A1 (en) Secure rfid device
KR20210050644A (en) Double-side Metal Card and method of manufacturing the double-side metal card
CN102257517B (en) Slim electronic apparatus with embossed key protection and process for providing same
JP2006268410A (en) Non-contact communication medium and portable equipment
CN113661500A (en) Switch button for contactless passive NFC and RFID devices
EP3646156A1 (en) Embedded trace capacitive signet stamp
US12061947B2 (en) Load matching in a smart card
JP2006216083A (en) Non-contact identification tag, external device and security system using them
US20120256004A1 (en) Selectively enabled rfid tag
KR200335758Y1 (en) Luminous Plastic Card