GB2607954A - Smartcard with dynamic card security code - Google Patents

Smartcard with dynamic card security code Download PDF

Info

Publication number
GB2607954A
GB2607954A GB2108752.3A GB202108752A GB2607954A GB 2607954 A GB2607954 A GB 2607954A GB 202108752 A GB202108752 A GB 202108752A GB 2607954 A GB2607954 A GB 2607954A
Authority
GB
United Kingdom
Prior art keywords
smartcard
display
secure element
display module
module
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
GB2108752.3A
Other versions
GB202108752D0 (en
Inventor
Vogel Kolja
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zwipe AS
Original Assignee
Zwipe AS
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zwipe AS filed Critical Zwipe AS
Priority to GB2108752.3A priority Critical patent/GB2607954A/en
Publication of GB202108752D0 publication Critical patent/GB202108752D0/en
Publication of GB2607954A publication Critical patent/GB2607954A/en
Withdrawn legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K19/00Record carriers for use with machines and with at least a part designed to carry digital markings
    • G06K19/06Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code
    • G06K19/067Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components
    • G06K19/07Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components with integrated circuit chips
    • G06K19/077Constructional details, e.g. mounting of circuits in the carrier
    • G06K19/07701Constructional details, e.g. mounting of circuits in the carrier the record carrier comprising an interface suitable for human interaction
    • G06K19/07703Constructional details, e.g. mounting of circuits in the carrier the record carrier comprising an interface suitable for human interaction the interface being visual
    • G06K19/07707Constructional details, e.g. mounting of circuits in the carrier the record carrier comprising an interface suitable for human interaction the interface being visual the visual interface being a display, e.g. LCD or electronic ink
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4018Transaction verification using the card verification value [CVV] associated with the card

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Computer Hardware Design (AREA)
  • Finance (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Credit Cards Or The Like (AREA)

Abstract

A smartcard 2 comprising a display module 6 configured to display a dynamic card security code. A secure element 12 is configured to receive power from an external source and generate a new dynamic card security code for display upon performing a transaction. The smartcard may be a payment card and the transaction an authorisation of a financial transaction. The transaction, and power to the smartcard, may be conducted wirelessly via an antenna 8 or through physical contacts 10. The secure element may be configured to generate dynamic card security codes from a seed value in a predetermined, random or pseudo-random sequence. The display may be a bi-stable display that only requires power to change the displayed information. The new dynamic card security code may be transmitted to a remote server during the transaction. The smartcard may comprise a laminated structure with interconnections 18a&b embedded therethrough to allow the smartcard module 4 and display 6 to be mounted on opposite sides of the credit card. The smartcard module 4 and display 6 may be located in cavities and electrically connected to the interconnectors with an anisotropic conductive adhesive.

Description

SMARTCARD WITH DYNAMIC CARD SECURITY CODE
The present disclosure relates to a smartcard having a dynamic card security code.
A card security code (CSC), also known as a card verification value (CVV), is a series of numbers that is traditionally printed on the smartcard, in addition to the bank card number. The CSC is used as a security feature for card-not-present (CNP) transactions, where there is no communication with the card and so a personal identification number (PIN) cannot be entered by the cardholder and verified by the card, as they would during card-present transactions, such as a point-of-sale transaction, in order reduce the incidence of card fraud.
Whilst the use of CSCs has reduced instances of fraud, the use of a static CSC printed on the card means that the CSC can be easily obtained by a malicious third party that has temporary possession, or even just vision, of the smartcard. In order to counteract this type of fraud, smartcards having dynamic CSCs have been proposed.
Smartcards having dynamic CSCs comprise an embedded dynamic CSC module that is laminated into the card body. The dynamic CSC module is a self-contained module including a battery, a programmable display, and a dynamic CSC generating circuit. The CSC generating circuit periodically (anywhere from once per month to every 30 minutes) generates a new CSC and causes this to be displayed on the display. The CSCs are generated in a predetermined sequence based on a secret seed value that is also known by the card-issuing authority.
The use of dynamic CSCs addresses some of the problems associated with static CSCs. However, the dynamic CSC module is relatively expensive, resulting in a significant increase in smartcard cost, and the capacity of the battery limits the usable lifetime of the card.
A need exists for an improved smartcard having a dynamic CSC.
Viewed from a first aspect, the present invention provides a smartcard comprising: a secure element configured to perform a smartcard function and to receive power from a source external to the smartcard; and a display module configured to display a dynamic card security code, wherein the secure element is configured to generate a new dynamic card security code responsive to the performing of the smartcard function, and wherein the secure element is configured to supply power to the display module and to cause the display module to display the new dynamic card security code.
The described smartcard advantageously moves the function of generating the CSC to the secure element, both removing the need for a separate component to generate the CSC and potentially increasing security as secure element are typically highly secured. Additionally, by changing the CSC only when a smartcard function is performed and powering the display module via the secure element, the described smartcard avoids the need for a battery to power the display module.
The smartcard may comprise an antenna, which may be configured to harvest power from a radio-frequency excitation field, such as an RFID or NEC excitation field. Such excitation fields may be generated by a contactless smartcard reader or the like. The antenna may be electrically connected to the secure element, and may be configured to provide power to the secure element. The antenna may be configured to permit communication between the secure element and an external device, such as a contactless smartcard reader.
The smartcard may conform to the ISO/IEC 14443 standard, which is an international standard that defines contactless integrated circuit cards used for identification, and the transmission protocols for communicating with such cards.
The secure element may be electrically connected to a contact plate, which may be configured to receive power from an external device, such as a contact smartcard reader. The contact plate may be configured to allow communication between the secure element and the external device.
At least the contact plate, and optionally the entire smartcard, may conform to the ISO/IEC 7816 standard, which is an international standard defining electronic identification cards with contacts.
The smartcard may comprise a smartcard module, which may be a single component, and which may be received in a cavity in a body of the smartcard. The smartcard module may comprise the secure element and may comprise the contact pad.
In other embodiments, the secure element may be separate from the contact pad. For example, the secure element may be embedded within the smartcard body or integrated within the display module.
The display module is preferably a bi-stable display module, i.e. where power is only required to change the displayed data (the dynamic card security code), and the displayed data remains static when power is not supplied to the 3 -display module. For example, the display module may comprise a bi-stable liquid crystal display.
The display module may comprise a display screen having a plurality of individually-controllable, bi-stable display elements. The display module may comprise a display controller, which may be configured to receive data from the secure element and to responsively control the individual, bi-stable display elements of the display screen, based on the data received from the secure element.
The display controller preferably has minimal processing capabilities and does not generate the card security code. As the card security code is a relatively low priority secret, there is no need for encrypted communication between the display controller and the secure element, for example. Nevertheless, encrypted communication may be used in some instances, for example to assure integrity of the card security code.
The secure element may be configured to generate dynamic card security codes in a predetermined sequence, where the predetermined sequence is based on a seed value. The seed value is preferably a secret value and the secure element is preferably configured not to transmit the seed value from the secure element.
The secure element may be configured to generate dynamic card security codes in a random or pseudo-random manner, which may be in a predetermined sequence or in any other manner. The secure element may be configured to transmit the new dynamic card security code to a remote server, such as a remote server controlled by a payment processing authority. The transmission may be via a secure communication channel.
The smartcard may comprise an inlay, which may be configured to permit communication and/or transmission of power between the secure element and the display module. The inlay may be a passive inlay, i.e. such that it does not comprise any active electronic components. In particular, the inlay preferably does not comprise a processor (e.g. a microcontroller unit) and preferably does not comprise a battery. Optionally, the inlay may comprise no electronic components, e.g. no capacitors, resistors, inductors, etc. The inlay may comprise a substrate and electrical interconnections. The electrical interconnections may comprise wires embedded within the substrate. The substrate may be formed of the same material as a body of the smartcard, such as 4 -PVC, although other materials may also be used. The wires may comprise copper wires and may have a circular cross-section.
The inlay may comprise the antenna, which may be formed using the wires embedded within the substrate. However, in other embodiments, the antenna may instead be formed by printing or etching.
The inlay may comprise contacts for connection to the smartcard module and/or to the display module. The contacts may comprise contact pads electrically connected to the interconnections or may comprise portions of the interconnections, such as coiled portions of the wires. The faces of the contacts may be at or below a surface level inlay and may be exposed by one or more cavity formed in a body of the smartcard. Such cavities can by formed by milling, for example. The or each cavity may receive a respective component, either the smartcard module or the display module, and that the respective component was preferably installed after formation of the smartcard body, e.g. by lamination.
The use of an inlay comprising embedded wires is advantageous, as it permits components to be connected to the wires from either side, for example by milling cavities to expose the respective side of the contacts of the wires. This differs from printed circuit boards, where all the components are usually connected to the same side of the card.
This arrangement is particularly advantageous because the display module is preferable exposed from a rear face of the smartcard, whilst the smartcard module is preferable exposed from a front face of the smartcard. Card security codes are typically provided on the rear face of the smartcard because the card owner may be required to take a photograph of the front face of their smartcard, e.g. as part of a payment method, but they are not supposed to take a photograph of the rear of the smartcard.
The smartcard module and/or the display module may comprise contacts corresponding to the contacts of the inlay. The contacts of the smartcard module and/or the display module may be electrically connected to the respective contacts of the inlay by any suitable electrical interconnection. Preferably, an anisotropic conductive adhesive is used, such as an anisotropic conductive film (ACF). However, other electrical interconnection means may be used, such as soldering or conductive epoxy connection.
-
Optionally, the smartcard module and/or the display module may be secured within the respective cavity, for example using an adhesive such as an epoxy adhesive.
The smartcard function is preferably performed whilst power is being supplied to the secure element, such as from an external device. The power may be supplied either via the contact plate or via the antenna. The smartcard preferably does not comprise a battery.
The smartcard is preferably a payment card, such as a debit card, a credit card, a charge card or a prepaid card. The smartcard function may comprise validation for authorisation of a financial transaction (also known as attestation).
The smartcard function may comprise a card-present (CP) transaction, e.g. where the user directly interacts with payment machinery using the smartcard, such as by inserting the smartcard into or tapping the smartcard against a point-of-sale terminal.
The smartcard may comprise a smartcard body that has been formed by a lamination process, and particularly a hot lamination process, e.g. a lamination process involving temperatures above 100°C and/or pressures above 3 N/cm2. The smartcard body may be at least partly formed from plastic materials, such as PVC. The smartcard body may comprise a front core and a rear core having an inlay interposed therebetween. Optionally, the smartcard body may comprise one or more additional layers, such as one or more print layer and/or one or more protective or overlay layer.
The smartcard preferably has a width of between 85.47 mm and 85.72 mm, and a height of between 53.92 mm and 54.03 mm. The smartcard may have a thickness less than 0.84 mm, and preferably of about 0.76 mm (e.g. ± 0.08 mm).
Viewed from a second aspect, the present invention provides a method of manufacturing a smartcard, comprising: providing a smartcard body comprising a first set of electrical contacts and a second set of electrical contacts embedded therein, the first and second sets of electrical contacts being electrically interconnected with one another; forming first and second cavities in the smartcard body to respectively expose the first set of electrical contacts and the second set of electrical contacts; installing a smartcard module in the first cavity and electrically connecting the smartcard module to the first set of electrical contacts, the smartcard module including a secure element configured to perform a smartcard function and to receive power from a source external to the smartcard; and installing a display 6 -module in the second cavity and electrically connecting the display module to the second set of electrical contacts, the display module being configured to display a dynamic card security code, wherein the secure element is configured to generate a new dynamic card security code responsive to the performing of the smartcard function, and wherein the secure element is configured to supply power to the display module and to cause the display module to display the new dynamic card security code via the first and second sets of electrical contacts.
The method may be for manufacture of a smartcard as described above. Consequently, the components of the method may share any of the features of the respective components of the smartcard described above.
The first cavity may be formed in a front face of the smartcard body, and the second cavity may be formed in a rear face of the smartcard body, i.e. the face opposite to the front face of the smartcard body.
The cavities may have a dual function: a) providing space for the modules to be inserted and b) electrically exposing the contacts. Forming the first cavity and/or the second cavity may comprise forming a first, relatively-shallow cavity to expose the contacts and forming a second, relatively-deep cavity within the first cavity to provide space for the respective module to be mounted into the smartcard.
The first cavity and/or the second cavity may be formed by removal of material from the smartcard body, for example by milling.
The step of electrically connecting the smartcard module or the display module to the respective set of electrical contacts may use any suitable electrical interconnection. Preferably, an anisotropic conductive adhesive is used, such as an anisotropic conductive film (ACF).
The step of installing the smartcard module or the display module in the respective cavity may comprise securing the smartcard module or the display module within the respective cavity, for example using an adhesive such as an epoxy adhesive. The securing is preferably performed at a temperature below a melting temperature of a material forming the body of the smartcard.
Providing the smartcard body may comprise forming the smartcard body.
The forming may comprise a lamination process, and particularly a hot lamination process, e.g. a lamination process involving temperatures above 100°C and/or pressures above 3 N/cm2.
The lamination process may comprise interposing an inlay between a front core and a rear core to form a pre-lamination layup. Optionally, the lamination 7 -stack may comprise one or more additional layers, such as one or more print layer and/or one or more protective or overlay layer. The lamination process may comprise applying heat and/or pressure to the lamination stack to bond the layers of the lamination stack together to form a laminated sheet.
In some embodiments, the laminated sheet may comprise a plurality of smartcard bodies. Therefore, forming the smartcard body may comprise punching the smartcard body from the laminated sheet.
Certain preferred embodiments of the present invention will now be described in greater detail, by way of example only, and with reference to the accompanying drawings, in which: Figure 1 shows a front view of a smartcard; Figure 2 shows a rear view of the smartcard; Figure 3 shows an exploded view of the smartcard; and Figure 4 shows a cross-sectional side view of the smartcard.
Figures 1 to 4 show a smartcard 2. The smartcard 2 comprises a smartcard module 4 on the front face of the card, and a display module 6 on the rear face of the smartcard 2 for displaying a dynamic card security code.
The functionality of the smartcard 2 will first be discussed with reference to Figures 1 and 2.
The smartcard 2 is a dual interface smartcard 2 comprising an embedded antenna 8 connected to the smartcard module 4 having an externally-exposed contact plate 10. Thus, the smartcard 2 is capable of use in both a contact mode of operation, where power transmission and communication between the smartcard module 4 and an external reader (not shown) are via the contact plate 10, and a contactless mode of operation, where power transmission and communication between the smartcard module 4 and the external reader are via the antenna 8. The smartcard 2 is a payment card, and the smartcard module 4 includes a secure element 12 that is configured to authorise payment transactions, such as using the EMV standard. The illustrated smartcard 2 complies with the ISO/IEC 7816 and ISO/IEC 14443 internationals standards, which relate to contact cards and contactless cards, respectively.
The secure element 12 is further configured to generate dynamic card security codes and display them on the display module 6 on the rear of the smartcard 2. Any suitable technique for generating the dynamic card security codes can be used, so long as the codes can be independently verified by a 8 -payment processing authority, i.e. without requiring access to the smartcard 2. For example, the secure element 12 may store a secret seed value, shared only with the payment processing authority, and the dynamic card security codes may be generated by supplying the secret seed value to a code-generating algorithm stored in a memory of the secure element 12, and known also by the payment processing authority.
The dynamic card security codes generated by the secure element 12 are therefore generated in a deterministic manner, i.e. in a predetermined order that is known by the payment processing authority. Consequently, when performing a card-not-present transaction, the current card security code is supplied alongside the card details by a user of the smartcard 2 to the payment processing authority in order to authorise a payment.
The use of dynamic card security codes improves security since each card security code is valid only for a limited period of time, and thus a compromised card security code will automatically become invalid as the smartcard 2 is used, rather than requiring cancelling and re-issuing of the smartcard 2.
In order to achieve this effect, it is necessary for a new card security code to be regularly generated. In the present embodiment, a new card security code is generated when a card-present payment transaction is completed using the secure element 12. Thus, each time the secure element 12 is used to complete a payment, either in a contact mode or a non-contact mode, the secure element 12 generates a new dynamic card security code.
It will be appreciated that other powered interactions with the secure element 12 may be used to trigger the generation of a new card security code, such as balance enquiries, PIN changes, etc. However, interactions involving the payment processing authority are preferred.
By using payment transactions, or the like, the payment processing authority can track the number of transactions completed, and hence can determine the number of card security codes generated by the smartcard 2. This means that the payment processing authority can also determine what current card security code should be valid at any particular time.
Furthermore, whilst the preferred embodiment generates a new card security code every time the selected action is performed, the secure element 12 may be configured to generate a new card security code upon completion of only a subset of these actions. For example, the secure element 12 may only generate a 9 -new card security code if at least a predetermined period of time has passed since the last new card security code was generated (e.g. where the period is at least 30 minutes, at least an hour, at least a day, or at least a week), or after a predetermined number of such actions have been completed (e.g. every two transactions).
This may improve card security by limiting the number of new card security codes that can be generated in rapid succession, which could be used to reverse engineer the code-generating algorithm or to determine the secret seed value.
Interaction between the smartcard 2 and the payment processing authority is performed over a secure channel, and which ensures the integrity and confidentiality of communication therebetween. Therefore, the secure element 12 could be configured to transmit the new card security code to the payment processing authority as part of the relevant interaction. In such instances, the payment processing authority would not necessarily need to know the secret seed value or the code-generating algorithm. In such instances, the new card security code could be generated in a random or pseudo-random manner.
In order for the user to obtain the new card security code for use with a card-not-present transaction, it is necessary for the card security code to be displayed to the user. This is achieved using the display module 6.
The physical construction of the smartcard 2 will now be described with reference to Figures 3 and 4.
The smartcard 2 is a laminated-type smartcard comprising a front plate 14, an inlay 16, and a rear plate 18, as illustrated in Figure 3. Whilst only three layers are shown in the illustrated, the smartcard 2 may comprise additional layers outside of or interposed between these three layers.
The inlay 16 is a passive inlay 16 formed from PVC and comprising an antenna 8, contacts 20, 22 for connection to the smartcard module 4 and the display module 6 and interconnections 18 between the contacts 20, 22. The antenna 8 and the interconnections 18 are each formed by embedded copper wires. The inlay 16 in the illustrated embodiment does not comprise any electronic components, which simplifies manufacture, increases reliability, and reduces costs compared to smartcards 2 using active inlays.
The interconnections comprise interconnection wires 18 configured to connect contacts 20 for connection to the smartcard module 4 and the contacts 22 for connection display module 6. The interconnection wires 18 are configured to -10 -transmit power from the smartcard module 4 to the display module 6. The interconnection wires 18 are also configured to permit communication between the smartcard module 4 and the display module 6. In the illustrated embodiment, first and second interconnection wires 18a are configured to transmit power, and third and fourth interconnection wires 18b are configured to transmit data to permit communication between the smartcard module 4 and the display module 6.
The wires of the inlay 16 also form an antenna coil 8, connected to the contacts 20 for connection to the smartcard module 4.
The smartcard module 4 comprises a contact plate 10 and a secure element 12, as discussed above, which are electrically connected to permit transmission of power and data between the contact plate 10 and the secure element 12. In the illustrated embodiment, the secure element 12 is fixed to the rear of the contact plate 10, such that the smartcard module 4 comprises a single component.
The contact plate 10 is configured to exposed from the front face of the smartcard 2 and comprises six or eight "pins" that are configured in accordance with the ISO/I EC 7816 standard for contact cards. These pins permit transmission of power and transmission of data between the secure element of the smartcard module 4 and an external device, such as a smartcard reader (known as an "interface device").
In addition to the contact plate 10, the smartcard module 4 further comprises a plurality of contacts (not shown) for connection to the inlay 16 via the smartcard module contacts 20 of the inlay 16. In the illustrated embodiment, the smartcard module 4 comprises a first set of contacts for connection to the antenna 8 of the smartcard 2, and a second set of contacts for connection to the display module 6.
In the illustrated embodiment, the second set of contacts include contacts for power transmission and contacts for data transmissions, which connect to the respectively interconnecting wires 18 for data and power transmission from the secure element 12 to the display module 6. However, in alternative embodiments, data and power may be transmitted simultaneous along the same interconnecting wire, in which case fewer interconnecting wires and contacts may be required.
The secure element 12 comprises a memory and a processor, which are configured in a tamper-resistant manner, such that the secure element 12 is capable of securely hosting applications and storing confidential and cryptographic data. The secure element 12 is configured to perform various smartcard functions, such as authorising payments, as well as generating card security codes as described above.
The display module 6 is a bi-stable display module, such that power is only required to change the displayed value and the displayed values will remain static whilst power is not being supplied. Thus, as a new card security code is only generated whilst power is being supplied to the smartcard, the display unit 6 is always able to update to display the new card security code. This removes the need for a battery or the like, which reduces costs and complexity of the smartcard 2.
The display module 6 comprises a display screen 24 and a display controller 26.
The display screen 24 has a plurality of individually-controllable, bi-stable display elements, which are configured to display a card verification code. For example, the display elements may be configured in three or four sets of display elements, depending on the length of the card verification code, where each set is arranged to display a character of the code, e.g. a number from 1 to 9. For example, as shown in Figure 2, each set may comprise seven display elements arranged in a figure-8 configuration.
The display controller 26 is configured to receive power and data from the secure element 12 and to responsively control the individual display elements of the display screen 24, based on the data received from the secure element 12.
The display controller 26 is connected to the contacts of the display module 6, for receiving the power and data from the smartcard module 4. The display controller 26 comprises a simple processor having minimal processing capabilities, and is capable of receiving data for display and determining which display elements must be actuated to display that data. For example, the display controller 26 may comprise independent connections to each of the display elements of the display screen 24, such that they can each be independently controlled in accordance with the received data.
The front plate 14 and the rear plate 18 are formed from PVC. The front plate and rear plate 14, 18 are bonded to the inlay 16 during a "hot" lamination process, in which the front plate 14, the inlay 16 and the rear plate 18 are stacked to form a lamination stack, which is then subjected to heat and pressure are applied to the layup to form the smartcard body. In one example, the lamination stack is laminated at a temperature of 150 °C and a pressure of 80 N/cm2.
-12 -However, other temperatures and pressures can be used. Often, in such processes, multiple card bodies are laminated simultaneously on a single sheet, from which individual card bodies are then punched by a suitable cutting tool. After formation of the smartcard body, e.g. by lamination and punching, cavities are milled into the front and rear faces of the smartcard body so as to expose the contacts 20, 22 of the inlay 16. Due to the use of an inlay 16 with embedded wires, the contacts 20, 22 can be exposed from either side of the inlay 16. The front cavity is sized to closely receive the smartcard module 4, and the rear cavity is sized to closely receive the display module 6.
The smartcard module 4 and display module 6 are then fitted in their respective cavities, and the contacts of the smartcard module 4 and display module 6 are connected to the respective contacts 20, 22 of the inlay 16. In the illustrated embodiment, an anisotropic conductive film or an anisotropic conductive epoxy is used within each cavity to electrically connect the contacts of the smartcard module 4 or display module 6 to the respective contacts 20, 22 of the inlay 16.
Optionally, an adhesive epoxy may be applied to side walls of the cavities to retain the smartcard module 4 and display module 6.

Claims (16)

  1. -13 -CLAIMS1. A smartcard comprising: a secure element configured to perform a smartcard function and to receive power from a source external to the smartcard; and a display module configured to display a dynamic card security code, wherein the secure element is configured to generate a new dynamic card security code responsive to the performing of the smartcard function, and wherein the secure element is configured to supply power to the display module and to cause the display module to display the new dynamic card security code.
  2. 2. A smartcard according to claim 1, wherein the smartcard comprises a smartcard module including a contact plate and the secure element, the smartcard module being received within a cavity formed in a body of the smartcard.
  3. 3. A smartcard according to claim 1 or 2, wherein the smartcard comprises an antenna, the antenna being electrically connected to the secure element and configured to provide power to the secure element.
  4. 4. A smartcard according to any preceding claim, wherein the display module is a bi-stable display module.
  5. 5. A smartcard according to any preceding claim, wherein the display module comprises a display controller and a display screen having a plurality of individually-controllable, bi-stable display elements, the display module being received within a cavity formed in a body of the smartcard.
  6. 6. A smartcard according to any preceding claim, wherein the secure element is configured to generate dynamic card security codes in a predetermined sequence, and wherein the predetermined sequence is based on a seed value.
  7. 7. A smartcard according to any of claims 1 to 6, wherein the secure element is configured to generate dynamic card security codes in a random or pseudo- -14 -random manner, and to transmit the new dynamic card security code to a remote server.
  8. 8. A smartcard according to any preceding claim, wherein the smartcard comprises an inlay comprising a substrate and interconnection wires embedded within the substrate, the interconnection wires being configured to permit communication between the secure element and the display module and to permit transmission of power between the secure element and the display module.
  9. 9. A smartcard according to claim 8, wherein the secure element and the display module are each electrically connected to the inlay via an anisotropic conductive adhesive.
  10. 10. A smartcard according to any preceding claim, wherein the smartcard is a payment card and the smartcard function comprises validation for authorisation of a financial transaction.
  11. 11. A smartcard according to any preceding claim, wherein the smartcard is a laminated smartcard 20
  12. 12. A method of manufacturing a smartcard, comprising: providing a smartcard body comprising a first set of electrical contacts and a second set of electrical contacts embedded therein, the first and second sets of electrical contacts being electrically interconnected with one another; forming first and second cavities in the smartcard body to respectively expose the first set of electrical contacts and the second set of electrical contacts; installing a smartcard module in the first cavity and electrically connecting the smartcard module to the first set of electrical contacts, the smartcard module including a secure element configured to perform a smartcard function and to receive power from a source external to the smartcard; and installing a display module in the second cavity and electrically connecting the display module to the second set of electrical contacts, the display module being configured to display a dynamic card security code, wherein the secure element is configured to generate a new dynamic card security code responsive to the performing of the smartcard function, and -15 -wherein the secure element is configured to supply power to the display module and to cause the display module to display the new dynamic card security code via the first and second sets of electrical contacts.
  13. 13. A smartcard according to claim 12, wherein the first cavity is formed in a front face of the smartcard body, and the second cavity is formed in a rear face of the smartcard body.
  14. 14. A smartcard according to claim 12 or 13, wherein the first cavity and the second cavity are formed by removal of material from the smartcard body.
  15. 15. A smartcard according to any of claims 12 to 14, wherein the step of electrically connecting the smartcard module to the first set of electrical contacts or the step of electrically connecting the display module to the second set of electrical contacts comprises use of an anisotropic conductive adhesive.
  16. 16. A smartcard according to any of claims 12 to 15, wherein providing the smartcard body comprises forming the smartcard body by a lamination process, the lamination process involving temperatures above 100°C.
GB2108752.3A 2021-06-18 2021-06-18 Smartcard with dynamic card security code Withdrawn GB2607954A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
GB2108752.3A GB2607954A (en) 2021-06-18 2021-06-18 Smartcard with dynamic card security code

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
GB2108752.3A GB2607954A (en) 2021-06-18 2021-06-18 Smartcard with dynamic card security code

Publications (2)

Publication Number Publication Date
GB202108752D0 GB202108752D0 (en) 2021-08-04
GB2607954A true GB2607954A (en) 2022-12-21

Family

ID=77050682

Family Applications (1)

Application Number Title Priority Date Filing Date
GB2108752.3A Withdrawn GB2607954A (en) 2021-06-18 2021-06-18 Smartcard with dynamic card security code

Country Status (1)

Country Link
GB (1) GB2607954A (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070136211A1 (en) * 2004-03-15 2007-06-14 Brown Kerry D Financial transactions with dynamic card verification values
US20140263624A1 (en) * 2013-03-14 2014-09-18 NagralD Security, Inc. Radio Frequency Powered Smart, Debit, and Credit Card System Employing A Light Sensor To Enable Authorized Transactions
US20180165684A1 (en) * 2016-08-08 2018-06-14 Ellipse World S.A. Method for a Prepaid, Debit and Credit Card Security Code Generation System
US20190354986A1 (en) * 2018-05-17 2019-11-21 Bank Of America Corporation Dynamically generating verification values using electronic ink and power derived from external source
US20210049439A1 (en) * 2019-08-15 2021-02-18 Federal Card Services, LLC Contactless metal cards with fingerprint sensor and display

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070136211A1 (en) * 2004-03-15 2007-06-14 Brown Kerry D Financial transactions with dynamic card verification values
US20140263624A1 (en) * 2013-03-14 2014-09-18 NagralD Security, Inc. Radio Frequency Powered Smart, Debit, and Credit Card System Employing A Light Sensor To Enable Authorized Transactions
US20180165684A1 (en) * 2016-08-08 2018-06-14 Ellipse World S.A. Method for a Prepaid, Debit and Credit Card Security Code Generation System
US20190354986A1 (en) * 2018-05-17 2019-11-21 Bank Of America Corporation Dynamically generating verification values using electronic ink and power derived from external source
US20210049439A1 (en) * 2019-08-15 2021-02-18 Federal Card Services, LLC Contactless metal cards with fingerprint sensor and display

Also Published As

Publication number Publication date
GB202108752D0 (en) 2021-08-04

Similar Documents

Publication Publication Date Title
KR102416954B1 (en) Methods for prepaid, debit and credit card security code generation systems
US12056684B2 (en) Multi-function electronic payment card and device system
CA2612589C (en) Security document comprising an integrated circuit and an integrated display element
CN108780516B (en) Method for producing a smart card
US20180068316A1 (en) Prepaid, Debit and Credit Card Security Code Generation System
US9436940B2 (en) Embedded secure element for authentication, storage and transaction within a mobile terminal
US9396467B2 (en) Transaction card with security code generator and the method of the same
CN105580036A (en) Silicone-polyether copolymers, adhesives and medical articles comprising same, and methods of making same
US20200380096A1 (en) Multimode smart card system with embedded usb connectivity
RU2742347C2 (en) System for generating a security code of a prepaid, a debit and a credit card
CN102301385A (en) Portable object including a display and application for carrying out electronic transactions
WO2016183338A1 (en) Dynamic security codes, tokens, displays, cards, devices, multi-card devices, systems and methods
EP1407418A2 (en) Manufacture of self-powered identification devices
GB2607954A (en) Smartcard with dynamic card security code
US11037152B2 (en) Enhanced security credit card system
US11392189B1 (en) Interactive core for electronic cards
US20180165684A1 (en) Method for a Prepaid, Debit and Credit Card Security Code Generation System
FR2864286A1 (en) Electronic module for electronic transaction device e.g. electronic payment device, has communication interface connecting external processing unit with CPU that executes secured software component of electronic transaction application
TW202331596A (en) Biometric smartcard module
WO2016135720A2 (en) A method and an apparatus for processing a transaction
CN102947868B (en) Method for personalizing a portable data carrier, in particular a chip card
KR20120021117A (en) Card
JPS63296993A (en) Portable memory medium

Legal Events

Date Code Title Description
WAP Application withdrawn, taken to be withdrawn or refused ** after publication under section 16(1)