JP3980706B2 - IC card and authentication device thereof - Google Patents

Description

[0001]
[Technical field to which the invention belongs]
The present invention relates to prevention of forgery of an IC card. In the present invention, when an IC card is forged and used, the IC card can identify that the card is forged, a terminal device using the IC card, and connected to many terminal devices by communication means It is related with the center apparatus made. The present invention is a telephone card, a pachinko card, a ticket for transportation such as a railroad or bus, a coupon ticket for amusement facilities, a prepaid card used for other purposes, or an ID card including a large amount of information and / or an arithmetic circuit. Can be widely used.
[0002]
[Prior art]
In recent years, unauthorized use of counterfeit prepaid cards has become a social problem. In particular, in the case of using a card with a magnetic stripe formed, the fraudster analyzes the data recorded on the magnetic stripe of the genuine card and overwrites the new information using a magnetic writer. A counterfeit card in which information or the like has been tampered with can be created relatively easily. Since overwriting of a magnetic stripe can be performed relatively easily and in large quantities, once a counterfeit is performed by an unauthorized person, the damage can be serious. Therefore, when a prepaid card is used, the terminal device that reads the information of the prepaid card can identify whether it is a genuine prepaid card or a forged prepaid card, and also an unauthorized person. Requires an authentication method that can never be bypassed.
[0003]
In crime investigations, human DNA and fingerprints are used to identify individuals. this is,
1) DNA and fingerprints are information unique to an individual, and it can be considered that different people have different DNA and fingerprints (uniqueness).
2) DNA and fingerprints cannot be controlled and changed by humans (reproduction difficulty),
3) DNA and fingerprints are permanent and anyone can confirm them (reproducibility),
This is because it satisfies the conditions for identifying an individual.
[0004]
The same thing can be set for prepaid cards. If a feature value equivalent to DNA or fingerprint can be set inside the prepaid card, the terminal device can detect an improperly forged prepaid card. Can prevent in advance.
[0005]
Fernandez disclosed in US Pat. Nos. 5,235,166 and 5,430,279 that the jitter that occurs when writing digital information on a magnetic stripe can be used as information that is inherent, difficult to reproduce, and reproducible. Jitter that occurs in a magnetic stripe is a natural phenomenon caused by physical unevenness of the magnetic stripe, such as fluctuations in the physical thickness of the magnetic stripe, uneven operation of the magnetic writer, unevenness of the voltage current applied to the magnetic writer, etc. Once a prepaid card is created, the jitter is unique, it is difficult to reproduce the same jitter, and once generated, the jitter can be read and reproduced any number of times. Then, the jitter generated in a specific part of the magnetic stripe at the time of preparation of the prepaid card is observed, and the checksum of the jitter (and defined by Fernandez) is made, and this is digital information in another part of the magnetic stripe of the prepaid card. The invention to be recorded as is disclosed.
[0006]
In the conventional invention, when a prepaid card is used, information on the amount recorded in the magnetic stripe is read, and the jitter of a specific portion of the magnetic stripe is actually observed, which is the same as when the prepaid card is created. A checksum is calculated by logic, and it is checked whether or not it matches the checksum recorded as digital information. If they match, it is determined to be a genuine prepaid card, and if they do not match, a forged prepaid card is determined.
[0007]
For example, a fraudulent person purchases a genuine prepaid card, prepares another prepaid card of the same format, and copies all the digital information of the genuine prepaid card onto a magnetic stripe prepared separately. Suppose you make a fake prepaid card that looks exactly like a prepaid card. In many cases, a counterfeit prepaid card created in this way cannot be distinguished from a genuine prepaid card by a terminal device using the prepaid card. However, since the jitter of a specific part of the magnetic stripe is unique for each card, the genuinely purchased genuine one is different from the one created by copying, so the checksum obtained from the jitter of that specific part is It does not match the checksum recorded on the prepaid card. In this way counterfeiting can be found.
[0008]
Furthermore, Fernandez disclosed an invention related to anti-counterfeiting technology in the international patent application PCT / US95 / 17075 regarding IC cards, but the present inventor understands that this is not a technology for authenticating cards using a random pattern. is doing. This is not related to a technique for authenticating the validity of a card using a random pattern, but to a technique for generating a random number using an IC chip provided in an IC card.
[0009]
Here, the “random pattern” is a feature quantity that occurs accidentally when a prepaid card is manufactured, and is a random parameter that is difficult to control and functions as a digest of the card. The random pattern needs to be unique, difficult to reproduce, and reproducible. The uniqueness is that there is originally a one-to-one correspondence between patterns and cards, but in reality, the number of cards may be greater than the number of patterns. In that case, even if it is difficult physically and computationally difficult to find another card having the same pattern as that of a certain card, it may be unique. Reproduction difficulty means that it is difficult to intentionally create a specific pattern on another card. Reproducibility is the property that a pattern does not change over the lifetime of one card, and it can be directly recognized by a person who verifies the prepaid card when necessary.
[0010]
The position (or magnitude) of pulsed jitter that occurs in the magnetic stripe of the card is a typical example of a random pattern. In other words, jitter that occurs in the magnetic stripe occurs by chance due to the material and thickness of the magnetic stripe, the nature of the magnetic writer to be recorded, the drive speed of the magnetic writer, drive unevenness, and other causes. The generation position (and size) is unique. This can be read by a general magnetic reader, and a specific jitter cannot be written by a general magnetic writer. When information is newly overwritten on the magnetic stripe with a magnetic writer, the previous jitter disappears and new jitter is generated. For this reason, even if the card is forged by copying the magnetic stripe, the position (and size) of the jitter is different, so the terminal device can determine the authenticity if the position (and size) of the jitter is confirmed. it can. Jitter can be recognized as pulse-like noise as amplitude information, and can also be recognized as unevenness in clock frequency or clock timing as frequency information or time information.
[0011]
[Problems to be solved by the invention]
As semiconductor memory manufacturing technology advances, IC cards can be provided at a low price. An IC card can store a larger amount of information than a card using a magnetic stripe, and can process information in the card, not just storing information. It is thought that it will become widely used in place of the card used. The anti-counterfeiting method for a card on which a magnetic stripe by Fernandez is formed is an effective method, but it cannot be applied to an IC card as it is.
[0012]
A technique for immediately determining whether an IC card is legitimate when the card is used is extremely important. Until a technology for preventing unauthorized use of an IC card is established to a considerable extent, it cannot be widely used no matter how excellent the function of the IC card is.
[0013]
The present invention has been made in such a background, and an object thereof is to provide a counterfeit identification technique for an IC card by utilizing jitter on a magnetic stripe and other random patterns. SUMMARY OF THE INVENTION An object of the present invention is to provide an IC card and an identification device thereof that are difficult to forge and can immediately and easily identify forgery with a terminal device used by the IC card when forged. To do.
[0014]
[Means for Solving the Problems]
The first aspect of the present invention is characterized in that a magnetic stripe is provided on a part of an IC card and jitter generated in the magnetic stripe is used as a random pattern. That is, the present invention is characterized in that a magnetic stripe is formed on a part of a card, and information relating to jitter generated in the magnetic stripe is recorded on the IC chip of the card and / or the magnetic stripe. It is desirable that the information relating to jitter be recorded after being encrypted. Further, it is desirable that the information relating to the jitter is encrypted by a secret key of the center device and recorded by a cipher that can be decrypted by a public key set in a terminal device in which the card is used.
[0015]
The present invention is further an IC card authentication apparatus, comprising: a means for reading information recorded on a card to be used; and an IC card authentication apparatus comprising means for determining its validity from information read from the card. The IC card is provided with a magnetic stripe in addition to the IC chip, information relating to jitter generated in the magnetic stripe is recorded on the IC chip of the card and / or the magnetic stripe, and a means for determining the validity is: And means for comparing the jitter observed from the magnetic stripe with the jitter obtained by calculating from the information relating to the jitter recorded on the card, and determining whether or not the card can be accepted.
[0016]
The apparatus includes a center device including a database for storing information on issued IC cards, a terminal device in which the IC card is used, and a bidirectional communication means provided between the center device and the terminal device. It is desirable that the center device can strictly manage information regarding illegal use of the IC card.
[0017]
The present invention is further characterized in that when installed in hardware including a computer controlled by a program, the hardware is a machine-readable recording medium in which software serving as an authentication device for the IC card is recorded. To do.
[0018]
The second aspect of the present invention uses a failure of a digital memory on an IC card as a random pattern. That is, the present invention is an IC card characterized in that information relating to a position where a memory failure has occurred in a digital memory is recorded on a part of the card. It is desirable that the information regarding the position be recorded after being encrypted. Further, it is desirable that the information regarding the position is encrypted by a secret key of the center device and recorded by a cipher that can be decrypted by a public key set in a terminal device in which the card is used.
[0019]
The present invention further provides an IC card authentication apparatus comprising means for reading information recorded on a card to be used, and means for determining validity from the information read from the card. In the IC chip digital memory, information on the failure location that occurs at the time of manufacture is recorded in the IC chip of the card, and the means for judging the validity is the failure location obtained by observing the IC chip and the The IC card authentication apparatus includes means for comparing the failure position obtained by calculation from information on the failure position recorded on the card and determining whether or not the card can be accepted. This device includes a center device including a database for storing information on issued IC cards, a terminal device in which the IC card is used, and a bidirectional communication means provided between the center device and the terminal device. It can be set as the structure provided with.
[0020]
According to another aspect of the present invention, there is provided a machine-readable record in which software is recorded as an IC card authentication device according to claim 10 or 11 when installed in hardware including a program-controlled computer. It is a medium.
[0021]
A third aspect of the present invention uses an analog value of a digital memory as a random pattern. That is, according to the present invention, for a large number of binary digital memory cells formed on a card, information on values obtained by observing an electrical analog value held by the memory cell at a q value level (q value is an integer of 3 or more). The IC card is characterized in that the hashed digest is recorded on the IC chip of the card. The hash function is a compression function without collision. It is desirable to encrypt and record the information regarding the digest of the value obtained by observing the electrical analog value at the q value level as a signature. This can be configured to be encrypted with a secret key of the center device and recorded with a cipher that can be decrypted with a public key set in a terminal device in which the card is used. FIG. 4 is a diagram for explaining this procedure.
[0022]
The present invention further relates to an IC card authentication apparatus comprising means for reading information recorded on a card to be used, and means for determining validity from the information read from the card. In the case of a specific memory cell (desirably, a plurality of binary digital memories) formed on a card, an electrical analog value held by the memory cell is set to a q-value level (q is 3 or more). (Integer, q is preferably 16 or more) information on the observed value is recorded on the IC chip of the card, and the means for judging the validity is an electrical analog value held by the specific memory cell. Comparing the value observed at the q-value level with the value obtained by calculating from information about the electrical analog value recorded on the card, it is determined whether or not the card can be accepted Characterized in that it comprises a means that. This device includes a center device including a database for storing information on issued IC cards, a terminal device in which the IC card is used, and a bidirectional communication means provided between the center device and the terminal device. Can be provided.
[0023]
Furthermore, the present invention is a machine-readable recording medium on which software is recorded that becomes an IC card authentication device when installed in hardware including a computer device controlled by a program.
[0024]
DETAILED DESCRIPTION OF THE INVENTION
A magnetic stripe is formed on or inside the IC card, and for example, the type, identification number, and other digital information of the IC card are recorded on the magnetic stripe. When information is recorded on the magnetic stripe, pulsed jitter is randomly generated in the magnetic stripe. FIG. 1 schematically shows such a state. This jitter can be read by an existing magnetic reader, but it cannot be written at a specific position using a magnetic writer. The jitter existing on the magnetic stripe disappears if it is newly overwritten with a magnetic writer.
[0025]
Therefore, even if the counterfeit card is made by copying the magnetic stripe, the jitter on the magnetic stripe exists at a different position. The first jitter position is read, encoded, and recorded in a digital memory of the IC chip or a part of the magnetic stripe. When the prepaid card is used, the terminal position and the jitter position are recorded. It is possible to identify whether or not the prepaid card has been rewritten by collating it with the jitter position obtained from the recording. This utilizes the fact that the read capability exceeds the write capability with respect to jitter, and in general, the physical quantity on which such a fact holds is highly likely to satisfy the requirements as a random pattern.
[0026]
In the IC card of the present invention, a random pattern generated in the magnetic stripe provided side by side is used for authenticating the validity of the IC card. In each IC card, a random pattern read at the time of manufacture, that is, a jitter position on the magnetic stripe is recorded as a digital code. At this time, it is preferable not to simply record as a digital code, but to encrypt the jitter position on the magnetic stripe with the secret key of the center device and record it as a signature. This is shown in FIG.
[0027]
In the terminal device using the IC card manufactured in this way, the jitter position of the magnetic stripe is actually read from the used IC card, and the read signature is decrypted with the public key corresponding to the secret key. . The decoded data should be a random pattern of the magnetic stripe, that is, a jitter position, and the validity of the IC card can be identified by checking whether or not this is verified. In a legitimate IC card, the decoded jitter position should match the read jitter position. If the magnetic stripe has been overwritten, the jitter position has been changed, and the read jitter position does not match the jitter position obtained by decoding the signature. Even if an illegal IC card is manufactured by rewriting the internal information with a used IC card in the same way as the internal information of a legitimate IC card, the jitter of the magnetic stripe provided on the IC card is not Since it is unique to the card, it cannot be used unless information relating to the jitter is rewritten in accordance with the inherent jitter. Also, if you observe the jitter position that was changed by overwriting the scale and try to encrypt it, you cannot make a correct signature without knowing the secret key. Can not.
[0028]
A terminal device using an IC card includes an interface for connecting the IC card, and a program-controlled computer that transmits and receives digital information through the interface. Such an apparatus is configured as a general apparatus that uses an IC card. By installing unique software for implementing the present invention in such an apparatus, the IC card authenticating apparatus of the present invention can be obtained. The software also includes an encryption key for decrypting random pattern information related to jitter positions and the like recorded on the IC card. The software is recorded and sold on a machine-readable recording medium such as a magnetic recording medium or an optical recording medium. The recording medium is the subject of the patent of the present invention.
[0029]
As shown in FIG. 3, such a device is provided with one center device for managing the issuance of IC cards to a plurality of terminal devices, which are connected by bidirectional communication means, and issued IC cards. It is desirable to record and manage With such a configuration, an unauthorized card can be more strictly identified, and unauthorized use of an IC card can be prevented.
[0030]
Next, a case where the failure rate of the digital memory is used will be described. Digital memories fail during manufacturing. The memory information of the failed digital memory cell is fixed to 1 or 0. The memory location where this memory failure has occurred is used as a random pattern. At the time of manufacturing a digital memory, if the failure rate can be controlled by another method for controlling the manufacturing process, the failure rate may be increased to the extent that it can be used as a random pattern. And, it is considered that this failure location does not change once it occurs (uniqueness), it is difficult for a person to set it arbitrarily and generate this failure location (regeneration difficulty), and the failure location will be later However, it can be observed and confirmed separately (reproducibility).
[0031]
When the IC card is manufactured, the position where the memory failure occurs is observed, information on the position is encrypted, and recorded as digital information on the IC chip of the IC card. When the IC card is used, the digital information is read from the IC chip, and the position where the memory failure has occurred is actually observed separately for the IC card. Then, the read digital information is decoded to obtain a memory failure position, which is collated with the actually observed failure position. If the collation matches, the IC card is valid, and if the collation does not match, the IC card is rejected as being invalid.
[0032]
Also in this case, a large database is provided in the center device to manage issued IC cards, and a bidirectional communication means is provided between the center device and the terminal device so that all of the used IC cards are used. By performing management with the center device, fraud can be more strictly prevented.
[0033]
Further, the terminal device or the center device can be configured to obtain the device of the present invention by recording software on a machine-readable recording medium and installing the software on computer-controlled hardware.
[0034]
Next, an invention using the electrical analog value of the digital memory as a random pattern will be described.
[0035]
A specific memory cell in the IC card is set. The number m of memory cells to be set is preferably as large as possible, but is physically limited. For example, m = 128 memory cells are set. In the memory cell, 1 and 0 are repeatedly recorded several times, and then information 1 or 0 is recorded in accordance with an arbitrarily set pattern. Then, the value of each memory cell exhibits E voltage (5 volts in TTL) or 0 volt according to the information 1, but this is not exactly 5 volts or 0 volt in practice. . This voltage value is measured as a q value level, for example, a 32 value level, and this is used as a random pattern. That is, a table of voltage levels of 32 values is obtained for 128 memory cells. A digest of this table is created by a hash function, which is encrypted and recorded as a signature for identification in the IC chip of the IC card. When this IC card is used, the identification signature encrypted from the IC chip is read and decrypted. On the other hand, for the specific memory cell, the voltage value is measured at the q value level, this is hashed to create a digest, and the signature is verified against the decrypted information. If they match, the IC card is valid, and if it does not match, the IC card is rejected as illegal.
[0036]
Also in this case, providing a plurality of terminal devices using the IC card and the center device and managing the usage status of the issued IC card is an effective technique for preventing fraud.
[0037]
In addition, for the terminal device and the center device, the device of the present invention can be obtained by installing software for causing the terminal device and the center device to function as the device of the present invention in hardware including a program-controlled computer. A machine-readable recording medium in which software for this purpose is recorded is subject to patent.
[0038]
【The invention's effect】
According to the present invention, forgery identification using a random pattern can be performed for an IC card, and unauthorized use of the IC card can be prevented.
[Brief description of the drawings]
FIG. 1 is a diagram illustrating a configuration of an IC card according to an embodiment of the present invention.
FIG. 2 is a diagram illustrating a relationship between a random pattern and a signature of an IC card according to an embodiment of the present invention.
FIG. 3 is a diagram illustrating a relationship between a center device and a terminal device according to an embodiment of the present invention.
FIG. 4 is a diagram for explaining a procedure for using an analog value of a digital memory.

Claims (3)

In an IC card authentication device comprising means for reading information recorded on a card to be used and means for determining its validity from information read from the card,
In the IC card, information on the failure location that occurs at the time of manufacture is recorded in the IC chip digital chip memory,
The means for determining the legitimacy compares the failure position obtained by observing the IC chip with the failure position obtained by calculating from the information on the failure position recorded on the card, and accepts the card. An IC card authentication apparatus comprising: means for determining   Claims comprising a center device including a database for storing information of issued IC cards, a terminal device using the IC card, and a bidirectional communication means provided between the center device and the terminal device. Item 2. An IC card authentication device according to Item 1.   A machine-readable recording medium on which software is recorded that becomes an IC card authentication device according to claim 1 by being installed in hardware including a computer under program control.

Images