JP6925849B2 - IC cards, IC card systems, server devices, and programs - Google Patents

Description

Embodiments of the present invention relate to IC cards, IC card systems, server devices, and programs.

In recent years, IC cards incorporating IC (Integrated Circuit) chips have been widely used. For example, in a payment system for a financial IC card represented by the EMV specification, transaction authentication is performed using a common key shared between the issuer host, which is the host server device of the card issuing company, and the IC card in the payment transaction. Is executed. Therefore, in the payment system of financial IC cards, it is required to strengthen the security for the common key, and the conventional IC card may not be sufficient.

Japanese Unexamined Patent Publication No. 2005-269128

An object to be solved by the present invention is to provide an IC card, an IC card system, a server device, and a program capable of improving security.

The IC card of the embodiment has a communication unit, a key information storage unit, a key selection unit, and a processing unit. The communication unit communicates with the terminal device. The key information storage unit stores a plurality of common keys. The key selection unit selects a common key from the plurality of common keys stored in the key information storage unit. The processing unit uses the communication unit to perform transaction authentication for authenticating a transaction with a server device connected to the terminal device via a network, and the common key selected by the key selection unit. the key specifying information specifying to transmit the communication unit, it's on a match has been by that calculated value to the encryption processing based on a common key selected by the key selecting unit, each other between said server device and the IC card The transaction authentication is performed to confirm the validity of the transaction and the validity of the transaction content. The key information storage unit stores the key version information that identifies the updated key and the common key in association with each other. The key selection unit selects a common key from the plurality of common keys stored in the key information storage unit based on a random number. The processing unit causes the communication unit to transmit the key version information associated with the selected common key as the key identification information.

The figure which shows the appearance example of the IC card of 1st Embodiment, and the configuration example of an IC card system. The figure which shows the hardware configuration example of the IC card of 1st Embodiment. The block diagram which shows the functional structure example of the IC card of 1st Embodiment. The figure which shows the data example of the key information storage part of 1st Embodiment. The block diagram which shows the functional configuration example of the issuer host and the terminal apparatus of 1st Embodiment. The figure which shows the data example of the key information storage part of the issuer host of 1st Embodiment. The flowchart which shows an example of the key selection process of the IC card of 1st Embodiment. The flowchart which shows an example of the processing of the GENERATE AC command of the IC card of 1st Embodiment. The flowchart which shows an example of the transaction authentication processing of the IC card system of 1st Embodiment. The block diagram which shows the functional structure example of the IC card of 2nd Embodiment. The figure which shows the data example of the key information storage part of the 2nd Embodiment. The flowchart which shows an example of the key selection process of the IC card of 2nd Embodiment. The block diagram which shows the functional structure example of the IC card of 3rd Embodiment. The figure which shows the data example of the key information storage part of the 3rd Embodiment. The flowchart which shows an example of the key selection process of the IC card of 3rd Embodiment.

Hereinafter, the IC card, the IC card system, the server device, and the program of the embodiment will be described with reference to the drawings.

(First Embodiment)
FIG. 1 is a diagram showing an appearance example of the IC card 1 of the first embodiment and a configuration example of the IC card system 200.
As shown in FIG. 1, the IC card system 200 includes an IC card 1, a terminal device 2, and an issuer host 9. Further, the IC card 1 includes an IC module 10. The IC module 10 includes a contact portion 3 and an IC chip 100 inside.

The terminal device 2 and the issuer host 9 are connected via the network NT, and the IC card 1 communicates with the issuer host 9 via the terminal device 2. The details of the configurations of the terminal device 2 and the issuer host 9 will be described later.

The IC card 1 is formed by mounting the IC module 10 on, for example, a plastic card base material PT (an example of a card body). That is, the IC card 1 includes an IC module 10 and a card base material PT in which the IC module 10 is embedded. Further, the IC card 1 can communicate with the terminal device 2 via the contact unit 3.

The IC card 1 receives, for example, a command (process request) transmitted by the terminal device 2 via the contact unit 3, and executes a process (command process) according to the received command. Then, the IC card 1 transmits a response (processing response), which is the execution result of the command processing, to the terminal device 2 via the contact unit 3.

The IC module 10 is a module that includes a contact portion 3 and an IC chip 100, and is traded in the form of, for example, a COT (Chip On Tape) in which a plurality of IC modules 10 are arranged on a tape. The single IC module 10 that is separated from the tape by removing it from the tape may be referred to as COT.

The contact unit 3 has terminals for various signals necessary for the IC card 1 to operate. Here, the terminals of various signals have a terminal that receives power supply voltage, a clock signal, a reset signal, and the like from the terminal device 2, and a serial data input / output terminal (SIO terminal) for communicating with the terminal device 2. ..
The IC chip 100 is, for example, an LSI (Large Scale Integration) such as a one-chip microprocessor.

Next, the hardware configuration of the IC card 1 of the present embodiment will be described with reference to FIG.
FIG. 2 is a diagram showing a hardware configuration example of the IC card 1 of the present embodiment.
As shown in FIG. 2, the IC card 1 includes an IC module 10 including a contact portion 3 and an IC chip 100. The IC chip 100 includes a UART (Universal Asynchronous Receiver Transmitter) 4, a CPU 5, a ROM (Read Only Memory) 6, a RAM (Random Access Memory) 7, and an EEPROM (Electrically Erasable Programmable ROM) 8. Further, each configuration (4 to 8) is connected via the internal bus BS1.

The UART 4 performs serial data communication with the terminal device 2 via the SIO terminal described above. The UART4 outputs the data (for example, 1-byte data) obtained by parallel-converting the serial data signal received via the SIO terminal to the internal bus BS1. Further, the UART 4 serially converts the data acquired via the internal bus BS1 and outputs the data to the terminal device 2 via the SIO terminal. The UART 4 receives a command from the terminal device 2 via, for example, the SIO terminal. Further, the UART 4 transmits a response to the terminal device 2 via the SIO terminal.

The CPU 5 (an example of a hardware processor) executes a program stored in the ROM 6 or the EEPROM 8 to perform various processes of the IC card 1. The CPU 5 executes command processing according to the command received by the UART 4 via, for example, the contact unit 3.

The ROM 6 is, for example, a non-volatile memory such as a mask ROM, and stores data such as a program for executing various processes of the IC card 1 and a command table.
The RAM 7 is, for example, a volatile memory such as an SRAM (Static RAM), and temporarily stores data used when performing various processes of the IC card 1.

The EEPROM 8 is, for example, an electrically rewritable non-volatile memory. The EEPROM 8 stores various data used by the IC card 1. The EEPROM 8 stores, for example, information used for various services (applications) using the IC card 1.

Next, an example of the functional configuration of the IC card 1 according to the present embodiment will be described with reference to FIG.
FIG. 3 is a block diagram showing a functional configuration example of the IC card 1 of the present embodiment.
As shown in FIG. 3, the IC card 1 includes a communication unit 40, a control unit 50, a transaction number storage unit 81, a key information storage unit 82, and a PIN information storage unit 83.
Here, each part of the IC card 1 shown in FIG. 3 is realized by using the hardware of the IC card 1 shown in FIG.

The communication unit 40 is realized by, for example, the UART 4, the CPU 5, and the program stored in the ROM 6, and sends and receives commands and responses to and from the terminal device 2, for example, via the contact unit 3. That is, the communication unit 40 receives a command (processing request) requesting a predetermined process from the terminal device 2, and transmits a response (processing response) to the command to the terminal device 2. The communication unit 40 stores the received data received from the terminal device 2 via the UART 4 in the RAM 7. Further, the communication unit 40 transmits the transmission data stored in the RAM 7 to the terminal device 2 via the UART 4.

The transaction count storage unit 81 is, for example, a storage unit configured by the EEPROM 8. The transaction number storage unit 81 stores, for example, the number of transactions for credit card payment processing (for example, ATC (Application Transaction Counter)). The number of transactions is updated by adding "1" by the GET PROCESSING OPTIONS command, which is a command to start a transaction.

The key information storage unit 82 (an example of the first key information storage unit) is, for example, a storage unit configured by EEPROM 8. The key information storage unit 82 stores a plurality of common keys. Here, the common key is an encryption key used for transaction authentication of credit card payment processing, and is shared with the issuer host 9. The key information storage unit 82 stores, for example, the key version information and the common key in association with each other. Here, a data example of the key information storage unit 82 will be described with reference to FIG.

FIG. 4 is a diagram showing a data example of the key information storage unit 82 of the present embodiment.
As shown in FIG. 4, the key information storage unit 82 stores the “key number”, the “key version”, and the “key value” in association with each other. Here, the "key number" is the identification number of the common key, and the "key version" is the key version information for identifying the updated key. The "key value" indicates the value of the common key. The key information storage unit 82 stores a plurality of set information in which such a "key number", a "key version", and a "key value" are associated with each other.

In the example shown in FIG. 4, it is shown that the "key version" corresponding to the "key number" of "0" is "A" and the "key value" is "α". Further, it is shown that the "key version" corresponding to the "key number" of "1" is "B" and the "key value" is "β". In the key information storage unit 82 of the present embodiment, one "key version" (key version information) is associated with one "key value".

Returning to the description of FIG. 3, the PIN information storage unit 83 is, for example, a storage unit configured by the EEPROM 8. The PIN information storage unit 83 stores a PIN (Personal Identification Number) which is a password for authenticating a card user (card holder).

The control unit 50 is realized by, for example, a CPU 5, a RAM 7, a ROM 6 or an EEPROM 8, and controls the IC card 1 in an integrated manner. The control unit 50 includes a key selection unit 51 and a command processing unit 52.

The key selection unit 51 selects a common key from a plurality of common keys stored in the key information storage unit 82. The key selection unit 51 selects a common key from a plurality of common keys stored by the key information storage unit 82, for example, based on a random number. Specifically, the key selection unit 51 acquires a random number and calculates a remainder value obtained by dividing the acquired random number by the total number of the above-mentioned "key numbers" (that is, a remainder value based on the total number of "key numbers" of the random numbers). , The common key corresponding to the "key number" equal to the remainder value is selected from the key information storage unit 82. The random number may be generated by a hardware random number generator (not shown), or may be generated by a pseudo-random number calculation by the control unit 50.

The command processing unit 52 (an example of the processing unit) executes various command processing. For example, as the GENERATE AC command process described later, the command processing unit 52 transmits key identification information for identifying the common key selected by the key selection unit 51 by the communication unit 40 and is selected when performing transaction authentication. Transaction authentication is performed by cryptographic processing based on a common key. Here, the transaction authentication is an authentication process executed in the payment process of the credit card, and the issuer host 9 and the IC card 1 connected to the terminal device 2 via the network have mutual legitimacy. , And the authentication process to execute the transaction after confirming the validity of the transaction content.

Further, in the present embodiment, when the command processing unit 52 transmits the response of the GENERATE AC command processing, the key version information associated with the selected common key is used as the key identification information via the terminal device 2. , Send to issuer host 9. The command processing unit 52 acquires the key version information associated with the common key selected by the key selection unit 51 from among the plurality of common keys stored in the key information storage unit 82, and obtains the acquired key version information. It is transmitted to the terminal device 2 as key identification information.

The transaction authentication is executed in two GENERATE AC command processes. For example, when the command processing unit 52 receives the first GENERATE AC command (first transaction authentication command) by the communication unit 40, the command processing unit 52 and the transaction information included in the first GENERATE AC command are selected in common. The calculation result MAC1 (first authentication information) is generated by the encryption process based on the key. The command processing unit 52 transmits a response including the generated calculation result MAC1, key version information, and information such as the number of transactions (ATC) by the communication unit 40.

In addition, the second GENERATE AC command (second transaction authentication command) includes the authentication result information for authenticating the calculation result MAC1 by the issuer host 9 and the calculation result MAC3 (second authentication information) generated by the issuer host 9. Etc. are included. When the second GENERATE AC command is received by the communication unit 40, the command processing unit 52 encrypts based on the authentication result information included in the second GENERATE AC command and the common key selected by the key selection unit 51. The calculation result MAC3 (second authentication information) is authenticated by the process.

For example, the command processing unit 52 generates the operation result MAC4 by cryptographic processing based on the information included in the second GENERATE AC command and the selected common key. The command processing unit 52, for example, authenticates whether or not the generated calculation result MAC4 and the received calculation result MAC3 (second authentication information) match, thereby confirming the validity of the issuer host 9 and the transaction. Check the legitimacy.
The details of GENERATE AC command processing by the command processing unit 52 will be described later.

In addition, the command processing unit 52 performs various command processing such as a GET PROCESSING OPTIONS command for updating the number of transactions, a READ RECORD command for reading information in the IC card 1, and a VERIFY command for confirming the identity of the card user by PIN verification. Run.

Next, the configuration of the terminal device 2 and the issuer host 9 will be described with reference to FIG.
FIG. 5 is a block diagram showing a functional configuration example of the issuer host 9 and the terminal device 2 of the present embodiment.
As shown in FIG. 5, the terminal device 2 is connected to the issuer host 9 via the network NT, and includes a reader / writer 21, an input unit 22, a display unit 23, and a NW (network) communication unit 24. , A terminal control unit 25 is provided. The terminal device 2 is, for example, a credit card payment terminal.

The reader / writer 21 communicates between the IC cards 1 via the contact portion 3 of the IC card 1.
The input unit 22 is, for example, a keyboard or a touch panel, and receives various operation information for operating the terminal device 2 and various input information such as a PIN.

The display unit 23 is, for example, a liquid crystal display or the like, and displays various operation screens, various messages, input information, and the like.
The NW communication unit 24 is connected to the network NT and communicates with the issuer host 9 via the network NT.

The terminal control unit 25 is, for example, a processor including a CPU and the like, and controls the terminal device 2 in an integrated manner. The terminal control unit 25 transmits a command to the IC card 1 and receives a response from the IC card 1 via, for example, the reader / writer 21. Further, the terminal control unit 25 transmits information based on the response received from the IC card 1 to the issuer host 9 via the NW communication unit 24. Further, the terminal control unit 25 transmits a command to the IC card 1 based on the information received from the issuer host 9 via the NW communication unit 24.

The issuer host 9 (an example of a server device) is, for example, a server device of a card issuing company, and is connected to a terminal device 2 capable of communicating with an IC card 1 via a network NT. The issuer host 9 includes a NW communication unit 91, a host storage unit 92, and a host control unit 93.

The NW communication unit 91 is connected to the network NT and communicates with the terminal device 2 via the network NT.
The host storage unit 92 stores various information used by the issuer host 9. The host storage unit 92 includes a key information storage unit 921.

The key information storage unit 921 (an example of the second key information storage unit) stores a plurality of common keys. Here, it is assumed that the key information storage unit 921 stores in advance a plurality of common keys that are the same as the common key stored in the key information storage unit 82 of the IC card 1 described above. The key information storage unit 921 stores, for example, the key version information and the common key in association with each other. Here, a data example of the key information storage unit 82 will be described with reference to FIG.

FIG. 6 is a diagram showing a data example of the key information storage unit 921 of the issuer host 9 of the present embodiment.
As shown in FIG. 6, the key information storage unit 921 stores the "key version" and the "key value" in association with each other. The "key version" and "key value" here are the same as those in FIG. The key information storage unit 921 stores a plurality of set information in which the "key version" and the "key value" are associated with each other.

In the example shown in FIG. 6, it is shown that the “key value” corresponding to the “key version” of “A” is “α”. It also indicates that the "key value" corresponding to the "key version" of "B" is "β". In the key information storage unit 921, the "key value" (common key) can be searched from the "key version" (key version information).

Returning to FIG. 5, the host control unit 93 (an example of a transaction control unit) is, for example, a processor including a CPU and the like (an example of a hardware processor), and controls the issuer host 9 in an integrated manner. The host control unit 93 receives from the IC card 1 via the terminal device 2 via the NW communication unit 91, for example, when performing transaction authentication for authenticating a transaction between the IC card 1 and its own device. Based on the key version information, a common key is selected from a plurality of common keys stored in the key information storage unit 921. In addition, the host control unit 93 performs transaction authentication by encryption processing based on the selected common key.

The host control unit 93 authenticates, for example, the calculation result MAC1 (first authentication information) received from the IC card 1 via the terminal device 2 by encryption processing based on the selected common key. Specifically, the host control unit 93 performs the same as the method of generating the calculation result MAC1 generated by the IC card 1 by the encryption processing based on the information such as the transaction information received from the IC card 1 and the selected common key. Calculation result MAC2 is generated. The host control unit 93 authenticates whether or not the generated calculation result MAC2 and the calculation result MAC1 received from the IC card 1 match, thereby determining the validity of the IC card 1 and the validity of the transaction information. Check.

Further, the host control unit 93 generates the calculation result MAC3 (second authentication information) by the encryption processing based on the information such as the authentication result information that authenticates the calculation result MAC1 and the selected common key. The host control unit 93 transmits the generated calculation result MAC3 (second authentication information) and the authentication result information to the terminal device 2 via the NW communication unit 91.
Further, the host control unit 93 receives transaction authentication completion information (for example, TC (Transaction Certificate) indicating transaction completion confirmation) from the terminal device 2 via the NW communication unit 91 and stores it in the host storage unit 92. ..

Next, the operation of the IC card 1 and the IC card system 200 of the present embodiment will be described with reference to the drawings.
FIG. 7 is a flowchart showing an example of the key selection process of the IC card 1 of the present embodiment.
As shown in FIG. 7, the IC card 1 first generates a random number when selecting a common key (step S101). For example, a random number generator (not shown) included in the IC card 1 or a control unit 50 generates random numbers.

Next, the key selection unit 51 of the IC card 1 converts a random number into a key number (step S102). The key selection unit 51 acquires a random number, divides the acquired random number by the total number of key numbers, calculates a remainder value, and uses this remainder value as the key number.

Next, the key selection unit 51 selects a key version (key version information) and a common key based on the key number (step S103). For example, when the key number converted from a random number is "1", in the data example of the key information storage unit 82 shown in FIG. 4, the key selection unit 51 uses "B" of the "key version" and "key value". "(Common key)" β "is selected. After the process of step S103, the key selection unit 51 ends the key selection process.

Next, the GENERATE AC command processing of the IC card 1 of the present embodiment will be described with reference to FIG.
FIG. 8 is a flowchart showing an example of processing of the GENERATE AC command of the IC card 1 of the present embodiment.

The command processing unit 52 of the IC card 1 starts the processing shown in FIG. 8 when the command received via the communication unit 40 is a GENERATE AC command.
The command processing unit 52 first determines whether or not the GENERATE AC command is executed for the first time (step S201). The command processing unit 52 advances the processing to step S202 when it is the first execution (step S201: YES). Further, the command processing unit 52 advances the processing to step S209 when it is not the first execution (the second execution) (step S201: NO).

In step S202, the command processing unit 52 executes the risk management process. The command processing unit 52 manages the risk of whether or not the transaction may be performed based on the transaction information included in the GENERATE AC command, the previous transaction result, the transaction history of offline processing and online processing, and the like. Here, the transaction information includes transaction details such as a transaction amount and a transaction date and time.

Next, the command processing unit 52 determines whether or not to perform online processing (step S203). The command processing unit 52 determines whether or not to perform online processing based on the result of the risk management processing. Here, the online process is to perform an authentication process with the issuer host 9. Further, the transaction processing when the authentication processing is not performed with the issuer host 9 is referred to as offline processing. When the command processing unit 52 performs online processing (step S203: YES), the command processing unit 52 advances the processing to step S204. Further, the command processing unit 52 advances the processing to step S206 when the online processing is not performed (offline processing) (step S203: NO).

In step S204, the command processing unit 52 performs a cryptographic operation on the received transaction information with the common key selected by the key selection unit 51 to generate the calculation result MAC1. The command processing unit 52 generates the calculation result MAC1 based on the transaction information, the information including the number of transactions (ATC), and the common key.

Next, the command processing unit 52 transmits a response including the calculation result MAC1, the key version, and the number of transactions (ATC) to the terminal device 2 (step S205). The command processing unit 52 transmits the generated calculation result MAC1 as an ARPC (Application Request Cryptogram) to the terminal device 2 together with the number of transactions (ATC) and the key version via the communication unit 40. After the processing in step S205, the command processing unit 52 ends the GENERATE AC command processing.

Further, in step S206, the command processing unit 52 determines whether or not to approve the transaction. That is, the command processing unit 52 determines whether or not to approve the transaction by the offline processing based on the result of the risk management processing. When the command processing unit 52 approves the transaction by the offline processing (step S206: YES), the command processing unit 52 advances the processing to step S207. Further, when the command processing unit 52 does not approve the transaction by the offline processing (step S206: NO), the command processing unit 52 advances the processing to step S208.

In step S207, the command processing unit 52 transmits a response including transaction approval information to the terminal device 2. The command processing unit 52 updates the transaction history and the like, and transmits a response including transaction approval information such as TC of the transaction by offline processing to the terminal device 2 via the communication unit 40. After the processing in step S207, the command processing unit 52 ends the GENERATE AC command processing.

Further, in step S208, the command processing unit 52 transmits a response including information that does not approve the transaction to the terminal device 2. The command processing unit 52 updates the transaction history and the like, and transmits a response including information that does not approve the transaction by offline processing to the terminal device 2 via the communication unit 40. After the processing in step S208, the command processing unit 52 ends the GENERATE AC command processing.

Further, in step S209, which is the second GENERATE AC command process, the command processing unit 52 executes the risk management process. The command processing unit 52 re-performs risk management as to whether or not the transaction may be performed based on the transaction information included in the GENERATE AC command, the previous transaction result, the transaction history of offline processing, and the like.

Next, the command processing unit 52 encrypts the received result information with the common key selected by the key selection unit 51 to generate the calculation result MAC4 (step S210). The command processing unit 52 generates the calculation result MAC4 based on, for example, information such as the previously transmitted ARQC and the received authorization result information ARC (Authorization Response Code) and the common key.

Next, the command processing unit 52 determines whether or not to approve the transaction (MAC3 = MAC4?) (Step S211). The command processing unit 52 determines whether or not the operation result MAC3, which is the received ARPC (Application Response Cryptogram), and the operation result MAC4 match. When the operation result MAC3 and the operation result MAC4 match (step S211: YES), the command processing unit 52 advances the processing to step S212. Further, when the operation result MAC3 and the operation result MAC4 do not match (step S211: NO), the command processing unit 52 advances the processing to step S213.

In step S212, the command processing unit 52 transmits a response including transaction approval information to the terminal device 2. The command processing unit 52 updates the transaction history and the like, and transmits a response including transaction approval information such as TC of the transaction by online processing to the terminal device 2 via the communication unit 40. After the processing in step S212, the command processing unit 52 ends the GENERATE AC command processing.

Further, in step S213, the command processing unit 52 transmits a response including information that does not approve the transaction to the terminal device 2. The command processing unit 52 updates the transaction history and the like, and transmits a response including information that does not approve the transaction by online processing to the terminal device 2 via the communication unit 40. After the processing of step S213, the command processing unit 52 ends the GENERATE AC command processing.

Next, the transaction authentication process of the IC card system 200 of the present embodiment will be described with reference to FIG.
FIG. 9 is a flowchart showing an example of the transaction authentication process of the IC card system 200 of the present embodiment.

As shown in FIG. 9, first, the terminal device 2 transmits a SELECT command to the IC card 1 to the IC card 1 (step S301). After activating the IC card 1 via the reader / writer 21, the terminal control unit 25 of the terminal device 2 sends a SELECT command to the IC card 1 to select an application (for example, credit card payment) to be used for this transaction. Send.

Next, the IC card 1 transmits a response to the SELECT command to the terminal device 2 (step S302). The command processing unit 52 of the IC card 1 selects the target application, and transmits a response including a status byte indicating that the selection is successful to the terminal device 2 via the communication unit 40.

Next, the terminal device 2 transmits a GET PROCESSING OPTIONS command to the IC card 1 (step S303). The terminal control unit 25 transmits a GET PROCESSING OPTIONS command, which is a command for starting a transaction, to the IC card 1 via the reader / writer 21.

Next, the IC card 1 transmits a response to the GET PROCESSING OPTIONS command to the terminal device 2 (step S304). The command processing unit 52 increments and updates the number of transactions (ATC) stored in the transaction number storage unit 81, and includes, for example, information such as AIP (Application Interchange Profile) and AFL (Application File Locator), and status bytes. The response including the above is transmitted to the terminal device 2 via the communication unit 40.

Next, the terminal device 2 confirms the received AIP and AFL, and transmits a READ RECORD command to read the data set in the card to the IC card 1 (step S305). The terminal control unit 25 transmits a READ RECORD command for reading various data based on AIP and AFL to the IC card 1 via the reader / writer 21.

Next, the IC card 1 transmits a response to the READ RECORD command to the terminal device 2 (step S306). The command processing unit 52 reads the information specified by the READ RECORD command (for example, CDOL (Card Risk Management Data Object List)), and sends a response including the information and the status byte to the terminal device 2 via the communication unit 40. Send to.
The processes of steps S305 and S306 are executed a plurality of times as needed.

Next, the terminal device 2 transmits a VERIFY command to the IC card 1 (step S307). The terminal control unit 25 transmits a VERIFY command including a personal identification number PIN acquired via the input unit 22 to the IC card 1 via the reader / writer 21 to confirm the identity of the card user.

Next, the IC card 1 transmits a response to the VERIFY command to the terminal device 2 (step S308). The command processing unit 52 executes identity verification (PIN verification) of the card user depending on whether or not the PIN included in the VERIFY command matches the PIN stored in the PIN information storage unit 83. The command processing unit 52 transmits a response including the status byte of the confirmation result to the terminal device 2 via the communication unit 40.

Next, the terminal device 2 transmits the GENERATE AC command (first time) to the IC card 1 (step S309). The terminal control unit 25 transmits a GENERATE AC command including transaction information to the IC card 1 via the reader / writer 21 based on the CDOL read by the READ RECORD command.

Next, the IC card 1 transmits a response to the GENERATE AC command (first time) to the terminal device 2 (step S310). The command processing unit 52 executes the GENERATE AC command processing (processing from step S202 to step S208) shown in FIG. 8 described above. The command processing unit 52 transmits a response including the generated calculation result MAC1 ARQC, the number of transactions (ATC), the key version, and the status byte to the terminal device 2 via the communication unit 40.

Next, the terminal device 2 transmits the transaction approval request to the issuer host 9 (step S311). The terminal control unit 25 uses the information obtained by adding the transaction information to the calculation result MAC1, the number of transactions (ATC), and the key version received from the IC card 1 as a transaction approval request via the NW communication unit 24, and the issuer host 9 Send to.

Next, the issuer host 9 executes the key selection process (step S312). The host control unit 93 of the issuer host 9 selects a common key based on the key version received from the IC card 1 via the terminal device 2. That is, the host control unit 93 selects the common key corresponding to the received key version from the plurality of common keys stored in the key information storage unit 921.

Next, the issuer host 9 executes the transaction authentication process (step S313). The host control unit 93 generates the calculation result MAC2 by cryptographic processing based on the transaction information received from the IC card 1 and the selected common key. The host control unit 93 determines whether or not the generated calculation result MAC2 and the calculation result MAC1 received from the IC card 1 match.

Next, the issuer host 9 transmits the authentication result to the terminal device 2 (step S314). The host control unit 93 generates the calculation result MAC3 as an ARPC by the encryption process based on the authentication result information including the determination result of the transaction authentication process described above and the selected common key. The host control unit 93 transmits the authentication result including the approval result information and the calculation result MAC 3 to the terminal device 2 via the NW communication unit 91.

Next, the terminal device 2 transmits a GENERATE AC command (second time) to the IC card 1 (step S315). The terminal control unit 25 transmits the GENERATE AC command including the authentication result information and the calculation result MAC3 received from the issuer host 9 via the NW communication unit 24 to the IC card 1 via the reader / writer 21.

Next, the IC card 1 transmits a response to the GENERATE AC command (second time) to the terminal device 2 (step S316). The command processing unit 52 executes the GENERATE AC command processing (processing from step S209 to step S213) shown in FIG. 8 described above. The command processing unit 52 transmits the generated transaction approval information (for example, TC, etc.) and the response including the status byte to the terminal device 2 via the communication unit 40.

Next, the terminal device 2 transmits the transaction approval information to the issuer host 9 (step S317). The terminal control unit 25 transmits the transaction approval information received from the IC card 1 to the issuer host 9 via the NW communication unit 24. As a result, the transaction authentication and transaction of the settlement process are completed.
In the above-described flow, the key selection unit 51 of the IC card 1 executes a process of selecting a common key from a plurality of common keys stored by the key information storage unit 82 between steps S303 and S310. ..

As described above, the IC card 1 according to the present embodiment includes a communication unit 40, a key information storage unit 82, a key selection unit 51, and a command processing unit 52 (processing unit). The communication unit 40 communicates with the terminal device 2. The key information storage unit 82 stores a plurality of common keys. The key selection unit 51 selects a common key from a plurality of common keys stored in the key information storage unit 82. The command processing unit 52 uses the communication unit 40 to select a key when performing transaction authentication for authenticating a transaction with an issuer host 9 (server device) connected to the terminal device 2 via a network NT. Key identification information (for example, a key version) that identifies the common key selected by the unit 51 is transmitted to the communication unit 40, and transaction authentication is performed by encryption processing based on the common key selected by the key selection unit 51.

As a result, the IC card 1 according to the present embodiment is encrypted with a common key selected from a plurality of common keys when performing transaction authentication, and the common key is appropriately assigned to the issuer host 9 by the key identification information. Can be selected. Therefore, the IC card 1 according to the present embodiment can enhance the security for the common key and can improve the security.

Further, in the present embodiment, the key information storage unit 82 stores the key version information (key version) for identifying the updated key and the common key in association with each other. The key selection unit 51 selects a common key from a plurality of common keys stored in the key information storage unit 82 based on a random number. Then, the command processing unit 52 transmits the key version information associated with the selected common key as the key identification information to the issuer host 9 via the terminal device 2 by causing the communication unit 40 to transmit the key version information.
As a result, the IC card 1 according to the present embodiment can dynamically change the common key based on a random number when performing transaction authentication, and appropriately assigns the common key to the issuer host 9 based on the key version information. You can choose.

Further, in the present embodiment, when the command processing unit 52 receives the first GENERATE AC command (first transaction authentication command) by the communication unit 40, the command processing unit 52 and the transaction information included in the first GENERATE AC command , The operation result MAC1 (first authentication information) is generated by the encryption processing based on the selected common key, and the response including the generated operation result MAC1 and the key identification information (for example, the key version) is communicated. It is transmitted by unit 40. Further, the command processing unit 52 includes the authentication result information for authenticating the calculation result MAC1 on the issuer host 9 and the calculation result MAC3 (second authentication information) generated on the issuer host 9 for the second GENERATE AC command (second). When the communication unit 40 receives the transaction authentication command), the calculation result MAC3 is authenticated by the encryption process based on the authentication result information included in the second GENERATE AC command and the selected common key.
As a result, the IC card 1 according to the present embodiment can appropriately confirm the validity of both the IC card 1 and the issuer host 9 in the transaction processing and the validity of the transaction information.

Further, in the present embodiment, the transaction authentication is the authentication in the payment transaction of the credit card.
As a result, the IC card 1 according to the present embodiment can enhance the security for the common key in the authentication in the payment transaction of the credit card, and can improve the security.

Further, the IC module 10 according to the present embodiment includes the key information storage unit 82, the key selection unit 51, and the command processing unit 52 (processing unit) described above.
As a result, the IC module 10 according to the present embodiment has the same effect as the IC card 1 described above, and can improve security.
The IC card 1 includes an IC module 10 and a card base material PT (card body) in which the IC module 10 is embedded.

Further, the IC card system 200 according to the present embodiment includes an IC card 1 and an issuer host 9. The IC card 1 includes the above-mentioned key information storage unit 82 (first key information storage unit), a key selection unit 51, and a command processing unit 52. Further, the issuer host 9 includes a key information storage unit 921 (second key information storage unit) and a host control unit 93 (transaction control unit). The key information storage unit 921 stores a plurality of common keys. The host control unit 93 uses key identification information (for example, a key version) received from the IC card 1 via the terminal device 2 when performing transaction authentication for authenticating a transaction between the IC card 1 and its own device. Based on this, a common key is selected from a plurality of common keys stored in the key information storage unit 921, and transaction authentication is performed by encryption processing based on the selected common key.
As a result, the IC card system 200 according to the present embodiment has the same effect as the IC card 1 described above, and can improve security.

Further, the issuer host 9 (server device) according to the present embodiment is a server device connected to a terminal device 2 capable of communicating with the IC card 1 via a network, and is the above-mentioned key information storage unit 921 and a host. A control unit 93 is provided.
As a result, the issuer host 9 according to the present embodiment has the same effect as the IC card 1 and the IC card system 200 described above, and can improve security.

(Second Embodiment)
Next, the IC card 1a according to the second embodiment will be described with reference to the drawings.
FIG. 10 is a block diagram showing a functional configuration example of the IC card 1a of the second embodiment.
As shown in FIG. 10, the IC card 1a includes a communication unit 40, a control unit 50a, a transaction number storage unit 81, a key information storage unit 82a, and a PIN information storage unit 83.

The appearance and hardware configuration of the IC card 1a and the configuration of the IC card system 200 according to the present embodiment are the same as those of the first embodiment shown in FIGS. 1, 2, and 5. The explanation is omitted. Further, in FIG. 10, the same components as those shown in FIG. 3 are designated by the same reference numerals, and the description thereof will be omitted.
Further, each part of the IC card 1a shown in FIG. 10 is realized by using the hardware of the IC card 1 shown in FIG.

In this embodiment, an example in which the information stored in the key information storage unit 82a and the key selection process are different from those in the first embodiment and a common key is selected using the number of transactions (ATC) will be described.

The key information storage unit 82a (an example of the first key information storage unit) is, for example, a storage unit configured by EEPROM 8. As shown in FIG. 11, the key information storage unit 82a stores the number of transactions (ATC), the key version information, and the common key in association with each other.

FIG. 11 is a diagram showing a data example of the key information storage unit 82a of the present embodiment.
As shown in FIG. 11, the key information storage unit 82a stores the “number of transactions”, the “key version”, and the “key value” in association with each other. Here, the "transaction count" is key identification information for selecting a common key, and is a value having a predetermined range such as "1 to 9999" times. The key information storage unit 82a stores a plurality of set information in which such a "transaction count", a "key version", and a "key value" are associated with each other.

In the example shown in FIG. 11, it is shown that the “key version” corresponding to the “number of transactions” “1 to 9999” is “A” and the “key value” is “α”. Further, it is shown that the "key version" corresponding to the "number of transactions" of "1000 to 19999" is "B" and the "key value" is "β".

Returning to the description of FIG. 10, the control unit 50a is realized by, for example, a CPU 5, a RAM 7, a ROM 6 or an EEPROM 8, and controls the IC card 1a in an integrated manner. The control unit 50a includes a key selection unit 51a and a command processing unit 52.

The key selection unit 51a selects a common key from a plurality of common keys stored in the key information storage unit 82a, for example, based on the number of transactions (ATC). The key selection unit 51a acquires, for example, the number of transactions (ATC) stored in the transaction number storage unit 81, and stores the key version information and the common key corresponding to the acquired transaction number (ATC) in the key information storage unit 82a. Select from.

The command processing unit 52 of the present embodiment transmits, for example, transaction count information indicating the transaction count (ATC) as key identification information to the issuer host 9 via the terminal device 2.

Next, the operation of the IC card 1a of the present embodiment will be described with reference to FIG.
FIG. 12 is a flowchart showing an example of the key selection process of the IC card 1a of the present embodiment.
As shown in FIG. 12, when selecting the common key, the IC card 1a first acquires the number of transactions (ATC) (step S401). The key selection unit 51a of the IC card 1a acquires the number of transactions stored in the transaction number storage unit 81.

Next, the key selection unit 51a selects the key version (key version information) and the common key based on the acquired number of transactions (step S402). For example, when the number of transactions (ATC) stored in the transaction number storage unit 81 is 10,000, the key selection unit 51a may use the "key version" in the data example of the key information storage unit 82a shown in FIG. "B" and "β" of "key value" are selected. After the process of step S402, the key selection unit 51a ends the key selection process.

Since the GENERATE AC command processing of this embodiment is the same as the processing of the first embodiment shown in FIG. 8, the description thereof will be omitted here.
Further, since the transaction authentication process by the IC card system 200 of this embodiment is the same as the process of the first embodiment shown in FIG. 9, the description thereof will be omitted here.

The key information storage unit 921 of the issuer host 9 of the present embodiment includes, for example, the "number of transactions", the "key number", and the "key version", similarly to the key information storage unit 82a shown in FIG. Stores in association with the "key value".
Further, the host control unit 93 of the issuer host 9 has a plurality of common units stored in the key information storage unit 921, similarly to the key selection unit 51a of the IC card 1a, based on the number of transactions (ATC) received from the IC card 1a. Select a common key from the keys.

As described above, the IC card 1a according to the present embodiment includes a communication unit 40, a key information storage unit 82a, a key selection unit 51a, and a command processing unit 52 (processing unit). The key information storage unit 82a stores the number of transactions, the key version information that identifies the updated key, and the common key in association with each other. The key selection unit 51a selects a common key from a plurality of common keys stored in the key information storage unit 82a based on the number of transactions executed (ATC). The command processing unit 52 causes the communication unit 40 to transmit transaction count information indicating the number of executed transactions as key identification information, and performs transaction authentication by encryption processing based on the selected common key.

As a result, the IC card 1a according to the present embodiment can dynamically change the common key based on the number of transactions (ATC) when performing transaction authentication, and the common key is given to the issuer host 9 according to the number of transactions. Can be selected appropriately. Therefore, the IC card 1a according to the present embodiment can enhance the security for the common key and can improve the security.

In the issuer host 9 according to the present embodiment described above, the key information storage unit 921 stores a plurality of common keys in the same manner as the key information storage unit 82a, and the host control unit 93 stores a plurality of common keys based on the number of transactions (ATC). , An example of selecting a common key from a plurality of common keys stored by the key information storage unit 921 has been described, but the present invention is not limited to this. For example, the key information storage unit 921 stores a plurality of common keys as in the first embodiment, and the host control unit 93 stores a plurality of common keys stored by the key information storage unit 921 based on the key version information. You may choose a common key from among them.

(Third Embodiment)
Next, the IC card 1b according to the third embodiment will be described with reference to the drawings.
FIG. 13 is a block diagram showing a functional configuration example of the IC card 1b according to the third embodiment.
As shown in FIG. 13, the IC card 1b includes a communication unit 40, a control unit 50b, a transaction number storage unit 81, a key information storage unit 82b, and a PIN information storage unit 83.

The appearance and hardware configuration of the IC card 1b and the configuration of the IC card system 200 according to the present embodiment are the same as those of the first embodiment shown in FIGS. 1, 2, and 5. The explanation is omitted. Further, in FIG. 13, the same components as those shown in FIG. 3 are designated by the same reference numerals, and the description thereof will be omitted.
Further, each part of the IC card 1b shown in FIG. 13 is realized by using the hardware of the IC card 1 shown in FIG.

In the present embodiment, the information stored in the key information storage unit 82b and the key selection process are different from those in the first embodiment, and an example in which a common key is selected by using a combination of the number of transactions (ATC) and the key version information. explain.

The key information storage unit 82b (an example of the first key information storage unit) is, for example, a storage unit configured by EEPROM 8. As shown in FIG. 14, the key information storage unit 82b stores the key version information, the number of transactions (ATC), and the common key in association with each other.

FIG. 14 is a diagram showing a data example of the key information storage unit 82b of the present embodiment.
As shown in FIG. 14, the key information storage unit 82b stores the "key version", the "transaction count", and the "key value" in association with each other. The key information storage unit 82b stores a plurality of set information in which such a "key version", a "transaction count", and a "key value" are associated with each other.

In the example shown in FIG. 14, it is shown that the “key version” is “A” and the “key value” corresponding to the “number of transactions” is “1 to 9999” is “α”. Further, it is shown that the "key version" is "B" and the "key value" corresponding to the "number of transactions" is "1 to 9999" is "α2". In the key information storage unit 82b of the present embodiment, a plurality of "key values" are associated with one "key version" (key version information). That is, the key information storage unit 82b stores a plurality of common keys in association with one key version information.

Returning to the description of FIG. 13, the control unit 50b is realized by, for example, the CPU 5, the RAM 7, the ROM 6 or the EEPROM 8, and controls the IC card 1b in an integrated manner. The control unit 50b includes a key selection unit 51b and a command processing unit 52.

The key selection unit 51b selects a common key from a plurality of common keys stored in the key information storage unit 82b, for example, based on the number of transactions (ATC) and the key version information. The key selection unit 51b acquires, for example, the number of transactions (ATC) stored in the transaction number storage unit 81. Further, the key selection unit 51b acquires, for example, the key version information received from the terminal device 2 or the like. The key selection unit 51b selects a common key corresponding to the acquired transaction count (ATC) and key version information from the key information storage unit 82b.

The command processing unit 52 of the present embodiment transmits, for example, transaction count information and key version information indicating the transaction count (ATC) to the issuer host 9 via the terminal device 2 as key identification information.

Next, the operation of the IC card 1b of the present embodiment will be described with reference to FIG.
FIG. 15 is a flowchart showing an example of the key selection process of the IC card 1b of the present embodiment.
As shown in FIG. 15, when selecting a common key, the IC card 1b first acquires the number of transactions (ATC) and the key version (step S501). The key selection unit 51b of the IC card 1b acquires the number of transactions stored in the transaction number storage unit 81, and also acquires the key version (key version information) received from the terminal device 2 or the like.

Next, the key selection unit 51b selects a common key based on the acquired number of transactions and the key version (step S502). For example, when the number of transactions (ATC) stored in the transaction number storage unit 81 is 10,000 and the key version is “B”, the key selection unit 51b is the key information storage unit shown in FIG. In the data example of 82b, "β2" of "key value" is selected. After the process of step S502, the key selection unit 51b ends the key selection process.

Since the GENERATE AC command processing of this embodiment is the same as the processing of the first embodiment shown in FIG. 8, the description thereof will be omitted here.
Further, since the transaction authentication process by the IC card system 200 of this embodiment is the same as the process of the first embodiment shown in FIG. 9, the description thereof will be omitted here.

The key information storage unit 921 of the issuer host 9 of the present embodiment includes, for example, the "key version", the "number of transactions", and the "key value", similarly to the key information storage unit 82b shown in FIG. Are associated and stored.
Further, the host control unit 93 of the issuer host 9 stores the key information storage unit 921 in the same manner as the key selection unit 51b of the IC card 1b based on the number of transactions (ATC) and the key version information received from the IC card 1b. Select a common key from multiple common keys.

As described above, the IC card 1b according to the present embodiment includes a communication unit 40, a key information storage unit 82b, a key selection unit 51b, and a command processing unit 52 (processing unit). The key information storage unit 82b stores the number of transactions, the key version information that identifies the updated key, and the common key in association with each other, and a plurality of common keys are associated with one key version information. Is remembered. The key selection unit 51b selects a common key from a plurality of common keys stored in the key information storage unit 82b based on the number of transactions executed and the key version information. The command processing unit 52 causes the communication unit 40 to transmit transaction count information and key version information as key identification information, and performs transaction authentication by encryption processing based on the selected common key.

As a result, the IC card 1b according to the present embodiment can dynamically change the common key based on the transaction count (ATC) and the key version information when performing transaction authentication, and the transaction count and the key version can be changed. The information allows the issuer host 9 to properly select a common key. Therefore, the IC card 1b according to the present embodiment can enhance the security for the common key and can improve the security.

In each of the above embodiments, the command processing unit 52 and the host control unit 93 have described an example in which the selected common key is used as it is, but a derived key based on the selected common key is generated and the derived key is used. You may try to authenticate the transaction.

Further, in each of the above embodiments, an example of executing transaction authentication by using the GENERATE AC command has been described, but transaction authentication may be executed by using the GENERATE AC command and the EXTERNAL AUTHENTICATE command. .. In this case, the IC card 1 (1a, 1b) executes the processes of steps S210 and S211 of the second GENERATE AC command (second transaction authentication command) shown in FIG. 8 described above by the EXTERNAL AUTHENTICATE command. do. That is, the terminal device 2 transmits the EXTERNAL AUTHENTICATE command to the IC card 1 (1a, 1b) before transmitting the GENERATE AC command in step S315 of FIG.

Further, in each of the above embodiments, the IC card 1 (1a, 1b) is configured to include the EEPROM 8 as a rewritable non-volatile memory, but the present invention is not limited to this. For example, the IC card 1 (1a, 1b) may include a flash memory, FeRAM (Ferroelectric Random Access Memory), or the like instead of the EEPROM 8.

According to at least one embodiment described above, the transaction is authenticated between the key selection unit 51 that selects the common key from the plurality of common keys stored in the key information storage unit 82 and the issuer host 9. When performing transaction authentication, it has a command processing unit 52 that transmits key identification information that identifies the common key selected by the key selection unit 51 and performs transaction authentication by encryption processing based on the selected common key. As a result, the security for the common key can be strengthened, and the security can be improved.

The above embodiment can be expressed as follows.
The communication unit that communicates with the terminal device,
A key information storage unit that stores multiple common keys,
A storage unit that stores information and
A hardware processor that executes a program stored in the storage unit is provided.
In the storage unit, in the hardware processor,
A process of selecting a common key from the plurality of common keys stored by the key information storage unit, and
When performing transaction authentication for authenticating a transaction with a server device connected to the terminal device via a network using the communication unit, the key identification information for identifying the selected common key is provided. The process of sending to the communication unit and
The program that executes the transaction authentication processing by the encryption processing based on the selected common key is stored.
IC card.

A program for realizing the functions of each configuration included in the IC card system 200 and the IC card 1 (1a, 1b) in the embodiment is recorded on a computer-readable recording medium, and the program recorded on the recording medium. May be read into a computer system and executed to perform processing in each configuration of the IC card system 200 and the IC card 1 (1a, 1b) described above. Here, "loading and executing a program recorded on a recording medium into a computer system" includes installing the program in the computer system. The term "computer system" as used herein includes hardware such as an OS and peripheral devices. Further, the "computer system" may include a plurality of computer devices connected via a network including a communication line such as the Internet, WAN, LAN, and a dedicated line.
Further, the "computer-readable recording medium" refers to a portable medium such as a flexible disk, a magneto-optical disk, a ROM, or a CD-ROM, or a storage device such as a hard disk built in a computer system. As described above, the recording medium in which the program is stored may be a non-transient recording medium such as a CD-ROM.

The recording medium also includes an internal or external recording medium that can be accessed from the distribution server to distribute the program. It should be noted that the program is divided into a plurality of parts, and after downloading at different timings, the IC card system 200 and the IC card 1 (1a, 1b) are combined with each other, or the divided programs are distributed. The servers may be different. Furthermore, a "computer-readable recording medium" is a volatile memory (RAM) inside a computer system that serves as a server or client when a program is transmitted via a network, and holds the program for a certain period of time. It shall also include things. Further, the above program may be for realizing a part of the above-mentioned functions. Further, it may be a so-called difference file (difference program) that can realize the above-mentioned function in combination with a program already recorded in the computer system.

Although some embodiments of the present invention have been described, these embodiments are presented as examples and are not intended to limit the scope of the invention. These embodiments can be implemented in various other forms, and various omissions, replacements, and changes can be made without departing from the gist of the invention. These embodiments and modifications thereof are included in the scope and gist of the invention, as well as in the scope of the invention described in the claims and the equivalent scope thereof.

1,1a, 1b ... IC card, 2 ... terminal device, 3 ... contact part, 4 ... UART, 5 ... CPU, 6 ... ROM, 7 ... RAM, 8 ... EEPROM, 9 ... issuer host, 10 ... IC module, 21 ... reader / writer, 22 ... input unit, 23 ... display unit, 24,91 ... UART communication unit, 25 ... terminal control unit, 40 ... communication unit, 50, 50a, 50b ... control unit, 51, 51a, 51b ... key selection Unit, 52 ... Command processing unit, 81 ... Transaction count storage unit, 82, 82a, 82b, 921 ... Key information storage unit, 83 ... PIN information storage unit, 92 ... Host storage unit, 93 ... Host control unit, 100 ... IC Chip, 200 ... IC card system, BS1 ... Internal bus, NT ... Network, PT ... Card base material

Claims (10)

The communication unit that communicates with the terminal device,
A key information storage unit that stores multiple common keys,
A key selection unit that selects a common key from the plurality of common keys stored by the key information storage unit, and
A key that identifies a common key selected by the key selection unit when performing transaction authentication for authenticating a transaction with a server device connected to the terminal device via a network using the communication unit. to send specific information to the communication unit, it's on a match has been by that calculated value to the encryption processing based on a common key selected by the key selecting unit, mutual legitimacy between the server apparatus and the IC card , And a processing unit that authenticates the transaction to confirm the validity of the transaction content .
The key information storage unit stores the key version information that identifies the updated key and the common key in association with each other.
The key selection unit selects a common key from the plurality of common keys stored in the key information storage unit based on a random number.
The processing unit causes the communication unit to transmit the key version information associated with the selected common key as the key identification information.
I C card. The communication unit that communicates with the terminal device,
A key information storage unit that stores multiple common keys,
A key selection unit that selects a common key from the plurality of common keys stored by the key information storage unit, and
A key that identifies a common key selected by the key selection unit when performing transaction authentication for authenticating a transaction with a server device connected to the terminal device via a network using the communication unit. Specific information is transmitted to the communication unit, and by matching the calculated values by the encryption process based on the common key selected by the key selection unit, the server device and the IC card have mutual legitimacy and transaction details. With the processing unit that performs the transaction authentication to confirm the validity
With
The key information storage unit stores the number of transactions, the key version information that identifies the updated key, and the common key in association with each other.
The key selection unit selects a common key from the plurality of common keys stored in the key information storage unit based on the number of transactions in which the transaction is executed.
The processing unit causes the communication unit to transmit the transaction number information indicating the number of executed transactions as the key identification information.
IC card. The key information storage unit stores a plurality of common keys in association with one key version information.
The key selection unit selects a common key from the plurality of common keys stored in the key information storage unit based on the number of transactions executed and the key version information.
The IC card according to claim 2 , wherein the processing unit transmits the transaction number information and the key version information as the key identification information to the communication unit. The processing unit
When the communication unit receives the first transaction authentication command, the first authentication information is generated by encryption processing based on the transaction information included in the first transaction authentication command and the selected common key. Then, the communication unit is made to transmit a response including the generated first authentication information and the key identification information.
The authentication result information obtained by authenticating the first authentication information by the server device, and the second authentication information which is the calculation result generated by the encryption process based on the authentication result information and the selected common key by the server device. the second transaction authentication command including, when received by the communication unit, generating a calculation result by the encryption processing based on a common key the authenticated result information before Symbol selection included in the second transaction authorization command The second authentication information is authenticated by authenticating whether or not the generated calculation result and the received second authentication information match, according to any one of claims 1 to 3. IC card. The IC card according to any one of claims 1 to 4 , wherein the transaction authentication is authentication in a credit card settlement transaction. The communication unit that communicates with the terminal device,
A key information storage unit that stores multiple common keys,
A key selection unit that selects a common key from the plurality of common keys stored by the key information storage unit, and
A key that identifies a common key selected by the key selection unit when performing transaction authentication for authenticating a transaction with a server device connected to the terminal device via a network using the communication unit. to send specific information to the communication unit, it's on a match has been by that calculated value to the encryption processing based on a common key selected by the key selecting unit, mutual legitimacy between the server apparatus and the IC card , And an IC module equipped with a processing unit that performs the transaction authentication to confirm the validity of the transaction content, and
It is equipped with a card body in which the IC module is embedded .
The key information storage unit stores the key version information that identifies the updated key and the common key in association with each other.
The key selection unit selects a common key from the plurality of common keys stored in the key information storage unit based on a random number.
The processing unit causes the communication unit to transmit the key version information associated with the selected common key as the key identification information.
I C card. The communication unit that communicates with the terminal device,
A first key information storage unit that stores multiple common keys,
A key selection unit that selects a common key from the plurality of common keys stored by the first key information storage unit, and a key selection unit.
A key that identifies a common key selected by the key selection unit when performing transaction authentication for authenticating a transaction with a server device connected to the terminal device via a network using the communication unit. to send specific information to the communication unit, it's on a match has been by that calculated value to the encryption processing based on a common key selected by the key selecting unit, mutual legitimacy between the server apparatus and the IC card , And an IC card equipped with a processing unit that performs the transaction authentication to confirm the validity of the transaction content, and
A second key information storage unit that stores multiple common keys,
Authenticate a transaction between the IC card and its own device When performing the transaction authentication, the second key information storage unit is based on the key identification information received from the IC card via the terminal device. A server device including a transaction control unit that performs transaction authentication by selecting a common key from the plurality of common keys stored by the user and performing encryption processing based on the selected common key.
The first key information storage unit stores the key version information for identifying the updated key and the common key in association with each other.
The key selection unit selects a common key from the plurality of common keys stored in the first key information storage unit based on a random number.
The processing unit causes the communication unit to transmit the key version information associated with the selected common key as the key identification information.
I C card system. A server device connected to a terminal device that can communicate with an IC card via a network.
A key information storage unit that stores multiple common keys,
The key information is based on the key identification information that identifies the common key received from the IC card via the terminal device when performing transaction authentication for authenticating a transaction between the IC card and the own device. from among the plurality of common key storage unit stores, select the common key, it's on a match by that calculated value to the encryption processing based on the common key selected, with the server apparatus and the IC card It is equipped with a transaction control unit that performs the transaction authentication to confirm the validity of each other and the validity of the transaction content .
The key information storage unit stores the key version information that identifies the updated key and the common key in association with each other.
The transaction control unit receives the key version information associated with the common key selected based on a random number as the key identification information from the IC card, and based on the received key version information, the key. A common key is selected from the plurality of common keys stored in the information storage unit, and the transaction authentication is performed by encryption processing based on the selected common key.
Servers apparatus. An IC card computer equipped with a communication unit that communicates with a terminal device and a key information storage unit that stores a plurality of common keys.
A key selection step of selecting a common key from the plurality of common keys stored in the key information storage unit, and
A key that identifies a common key selected by the key selection step when performing transaction authentication for authenticating a transaction with a server device connected to the terminal device via a network using the communication unit. to send specific information to the communication unit, I by the coincidence of the key selection operation value that by the encryption processing based on a common key selected by step, legal one another between said server device and said IC card It is a program that executes the processing step of performing the transaction authentication to confirm the sex and the validity of the transaction content.
The key information storage unit stores the key version information that identifies the updated key and the common key in association with each other.
In the key selection step, a common key is selected from the plurality of common keys stored in the key information storage unit based on a random number.
In the processing step, the key version information associated with the selected common key is transmitted to the communication unit as the key identification information.
Program. A server device connected to a terminal device capable of communicating with an IC card via a network, and a computer of the server device provided with a key information storage unit for storing a plurality of common keys.
The key information is based on the key identification information that identifies the common key received from the IC card via the terminal device when performing transaction authentication for authenticating a transaction between the IC card and the own device. A key selection step of selecting a common key from the plurality of common keys stored in the storage unit, and
Selected I by the coincidence of the common key that by the encryption process based on the calculated value, mutual legitimacy between said server device and said IC card, and the transaction authentication to verify the validity of the transaction content It is a program to execute the transaction control steps to be performed.
The key information storage unit stores the key version information that identifies the updated key and the common key in association with each other.
In the key selection step, the key version information associated with the common key selected based on a random number is received from the IC card as the key identification information, and the key is based on the received key version information. Select a common key from the plurality of common keys stored in the information storage unit.
Program.

Images