JPH03198183A - Ic card data processing system - Google Patents

Abstract

PURPOSE:To improve the security of the whole system by constituting the system so that when a password code, etc., coincide, information related to encipherment such as key information, etc., is received from an IC card. CONSTITUTION:By receiving the information related to encipherment such as key information, etc., from an IC card 10 at the time when a password code, etc., coincide, data stored in an external storage medium 11 which can be attached and detached to and from a terminal equipment 1 can be enciphered and stored in accordance with this information. Also, the key information for encipherment or information related to encipherment for designating the algorithm for encipherment, etc., does not exist in the terminal equipment 1 but is held in the inside of the IC card for managing the use authority information. Accordingly, it is difficult to obtain it directly, and unless there is the use authority, the terminal equipment cannot obtain the algorithm related to encipherment and the key information. In such a way, the security of the whole system can be improved.

Description

[Detailed Description of the Invention] [Industrial Application Field] The present invention relates to an IC card data processing system, and more specifically, in a system in which a central computer of a financial institution and a terminal device exchange data, the terminal device side processes data. The present invention relates to a firm banking terminal device using an IC card that can manage data with high security when data is stored as a file in an external storage medium.

[Prior Art] Financial institutions, such as banks, install many terminal devices in their stores and connect them to a central computer via a dedicated line to make transfers, transfers, withdrawals, deposits, etc. Conventionally, data is exchanged with a central computer and processed.

The terminal device in this case is generally a so-called general-purpose terminal device in place of a personal computer, which is installed inside the financial institution and operated by an employee.

On the other hand, in recent years, customers have been able to directly operate terminal devices using their own IC cards at home or at financial institution stores to make transfers, transfers, advance payments, automatic payment processing, etc.
A computer processing system that performs balance inquiries, etc. has been proposed, and a so-called firm banking terminal device has been developed as one of its terminal devices. This type of terminal device is
Usually, important information such as amount, destination bank code, account number, etc. is recorded on an external storage medium such as a floppy disk, and communicated with the bank's host computer via a public line network.

[Problem to be solved] In farm banking terminal devices, data files that record important information such as amount, destination bank code, account number, etc. are written and managed on a removable storage medium such as a floppy disk. The data is usually processed by a general-purpose O8 or the like which is formed into a film. Therefore, if this floppy disk is installed in another computer, workstation, etc., important information such as the one mentioned above can be easily obtained, but there is a high risk of fraudulent acts such as checking or falsifying the information. expensive.

The present invention solves the problems of the prior art, and improves the security of data stored in an external storage medium of a terminal device when the terminal device is operated using an IC card. The purpose is to provide an IC card data processing system that can

[Means for Solving the Problems] The feature of the IC card data processing system of the present invention for achieving the above object is that when the IC card matches predetermined information and confirmation information, it encrypts the information. When the terminal device receives the information regarding encryption, the terminal device performs predetermined encryption on the processed data and stores it in an external storage medium. When the data is read out, it is decrypted according to the information regarding encryption and data processing is performed.

[Operation: Do this] By receiving information about encryption such as key information from the IC card when the PIN code, etc. matches, the information is stored in an external storage medium that can be attached to and detached from the terminal device according to this information. Data can be encrypted and stored. Furthermore, information regarding encryption for specifying key information to be encrypted, encryption algorithm, etc. is not held within the terminal device (but is held within the IC card that manages usage authority information). Therefore, it is difficult to obtain it directly, and the terminal device cannot obtain the algorithm or key information related to encryption unless it is authorized to use it.

As a result, no matter how much you operate the terminal device, it is impossible to obtain the encrypted information, and since the contents of the recording medium that records the data processed by the terminal device are also encrypted accordingly, it is impossible to decipher it. becomes difficult. Therefore, this recording medium is another computer.

Even if the device is attached to a workstation or the like and used, there is almost no risk of fraudulent acts such as checking or tampering with information, and the security of the entire system can be improved.

[Example] Hereinafter, an example of the present invention will be described with reference to the drawings.

FIG. 1 is a block diagram of a firm banking terminal device (hereinafter referred to as a firm banking terminal) according to an embodiment to which the IC card data processing system of the present invention is applied, and FIG. 2 shows key information stored in the IC card. FIG. 3 is an explanatory diagram of a specific example of the relationship between the algorithm selection information stored in the IC card and the processed data stored on the floppy disk. It is an explanatory diagram.

In FIG. 1, reference numeral 1 denotes a farm banking terminal equipped with an IC card 10 and a floppy disk 11 and used at home, etc., and a communication control unit 161 including a modem etc. in a central host computer 4 of a bank or the like. Communication line 2
．． It is connected via a public line network 3 and exchanges data with a host computer 4.

The farm banking terminal 1 includes a microprocessor (C
The CPU 12 has a floppy disk drive device 1 including an IC card reader/writer 13 and a floppy disk interface via a bus 101.
4, memory section 15, communication control section 16, display 17
, are connected to the keyboard 18, etc., and exchange data with these circuits, and the IC card reader/writer 13 and floppy disk drive device 1.
4. And IC card reader writer 13
The data etc. are transferred to the IC card 10 via the IC card 10, and the data etc. are transferred from there to the floppy disk drive device 1.
Data, etc. are written to the floppy disk 11 via the floppy disk 11, and the data, etc. are read therefrom. In addition, bus 101 has
A data bus, an address bus, and a control bus are provided.

The memory unit 15 is composed of a RAM and a ROM, and stores a processing program for encrypting and decoding information such as file data to be stored on the floppy disk 11 in addition to the processing program in the firm banking terminal 1. . Further, the memory section 15 is backed up by a battery (not shown).

The CPU 12 also has a built-in ROM, which contains a control program to control the hardware and a PIN code (hereinafter referred to as PIN) to confirm the authenticity of the card user.
) etc., basic processing programs for displaying input messages (guidance processing), displaying work menus, etc. are stored.

In addition, including account number, balance, and other transaction data,
Various processing programs stored in the memory unit 15 and various processing programs related to the processing of work specified in the work menu etc. are executed by the CPU 1 according to the program load processing program stored in the ROM of the CPU 2.
2, the data is read in advance from the floppy disk 11 into the memory section 15, or read each time as necessary, and stored in a predetermined area.

The display 17 is composed of an LCD display device that is controlled by the CPU 12 and displays guidance, graphics, etc., and displays data processing results, operation messages, work menus, etc. for the operator who operates the farm banking terminal 1. .

Note that the operator instructs the firm banking terminal 1 to execute processing in a predetermined work menu, inputs various information including characters, and inputs a PIN, etc. from the keyboard 18, and the CPU 12 executes the instructions according to the input information. performs various processing.

The farm banking terminal 1 is connected to the bank's host computer 4 and receives services from it, but the information to be communicated is once stored in the memory section 15, and when the communication is completed, it is stored on the floppy disk 11 by the floppy disk drive ai! 14 in an encrypted form. Therefore, the floppy disk 11 stores transaction information data such as account numbers and balances, or various business data in an encrypted manner. In addition, here, the processing program stored in the memory unit 15 of the farm banking terminal, the O81, an encryption processing program for encrypting various important data, a decryption processing program for decrypting the same, etc. are stored on a floppy disk. It is stored in 11.

For example, as shown in FIG. 2(b), the file data recorded on the floppy disk 11 is managed in three sections A, B, and C, and the data in these areas is stored as encrypted data. ing. These files are herein referred to as a transaction information file (class AA), a salary transfer information file (class BB), and a funds transfer information file (class CC). Note that the account number and specific common information may be encrypted and stored in an area separate from these files.

The IC card 10 has a PIN indicating the card issuer, the owner, etc., the owner's address and name, expiration date, number of errors,
This is a card that stores key information for encryption/decryption. This IC card IO does not store transaction information such as account numbers and balances, or various business data, and these are stored on the floppy disk 11 as described above.
is encrypted and stored. It is a condition for the firm banking terminal l to obtain key information and the like from the IC card 10 in order to access them. Further, the ROM of the IC card 10 stores a determination processing program for determining whether the PIN matches or does not match, and the EEPROM stores the following, as shown in FIG. 2(a).
Multiple P according to the above classifications AA, BB, CC, ...
KA, KB, K as key information corresponding to IN verification information PA, PB, PC, etc. and each PIN verification information.
A key table 5 is provided which stores C, *fist m.

Now, in such a configuration, the firm banking terminal 1 is powered on and the floppy disk 11 is loaded.
When the computer is installed, the encryption processing program and the decryption processing program are read into a predetermined area of the memory section 15 along with the processing program necessary for operation.

Next, according to the message on the display 17, the IC card 10 is attached to the IC card reader/writer 13 of the firm banking terminal 1, and when an operator manually enters the PIN from the keyboard 18, the manually entered PIN is transferred to the CPU 12.
is processed by the IC card reader/writer 13.
is sent to the IC card 10 via the .

When the IC card 10 receives the PIN, it internally checks if the PIN matches, and as a result, sends a response signal corresponding to the match or mismatch to the CPU 12. If the result is a match, the IC card 10 sends the key information to the firm banking terminal l. When the firm banking terminal 1 receives this, it stores it in a predetermined area of the -H memory unit 15. Then, it allows the operator to select one of the work menus, reads the file or part of the information for the work instructed by the operator from the floppy disk 11, and also executes the necessary processing program, if any. is read and stored in the memory section 15. At this time, the file information or a part of the read information is encrypted using the key information obtained from the previously stored IC card 10, and is stored as is in the memory unit 15. Ru. Therefore, even when stored in the memory unit 15, the security key is in a high state.

Next, C according to the information or instructions input by the operator.
The PU 12 reads the information part necessary for processing from among the information of the file stored in the memory unit 15, and decrypts it using the algorithm of the decryption processing program stored in advance and the key information stored in advance. The information is returned to the original information, and data is exchanged with the host computer 4. Also, among the information transferred from the host computer 4, information related to file updates, etc. is encrypted in the memory using an algorithm of a pre-stored encryption processing program and pre-stored key information. 15
Update file information.

Note that if the result of the verification in the IC card 10 is a mismatch, the IC card 10 updates the number of errors and sends the answer of mismatch to the firm banking terminal 1. The firm banking terminal 1 instructs the operator to input the PIN information again.

When the processing is completed in this way, the CPU 12 writes the information in the memory section 15 in the encrypted state to the floppy disk 11, and performs processing to update the original file.

FIG. 2(a) shows a specific example of this. For example, the IC card 10 checks the key table 5 from the input PIN and determines a match.
When the information corresponding to the PIN input from 8 is PIN verification information PA, the key information KA for the transaction information file (category AA) for which access rights have been established by matching the PIN is sent to the firm banking terminal 1. Forward. The farm banking terminal 1 receives the information and stores it in the memory unit 15, and further reads necessary processing programs or data from the floppy disk 11 into the memory unit 15, and performs encryption/decryption that has preloaded necessary information. Decryption is performed using the decryption algorithm of the processing program for the encryption algorithm and the previous key information. Then, it performs predetermined processing instructed by the operator, assembles the information into a predetermined transfer format, and sends and receives transaction-related data to and from the center computer 4. The information sent from the host computer 4 in response to this is encrypted/
Encryption algorithm and key KA of decryption processing program
The content of the transaction information file that has been encrypted and read into the memory section 15 is updated in an encrypted state and written to the floppy disk 11 again.

In addition, to access the salary transfer information file where account numbers, amounts, etc. are created and stored before starting work,
The firm banking terminal 1 obtains the key information KB, reads the salary transfer information file from the floppy disk 11, and similarly uses the decryption algorithm of the encryption/decryption processing program and the key information KB. The necessary information is decoded and transmitted to the center computer 4 via the line 3 to execute a predetermined service instructed by the operator. When the processing is completed, the file is updated by encrypting it with the encryption algorithm and key information KB, and the latest information is transferred to the floppy disk 11 and stored, thereby rewriting the original file.

Similarly, the funds transfer file is verified by the PIN verification information PC, and the firm banking terminal 1 receives the key information K.
C is obtained and similar processing is performed.

In this example, the information files are divided into groups and the encryption and decryption key information is assigned to each group, but in this case, it is also possible to provide one common key information for each information file. good. Also, as shown in (C) below, the PIN
A PIN-key information correspondence table 6 that combines a plurality of pieces of verification information may be used.

The table 6 shown in FIG. 2(C) is designed so that key information can be obtained by double matching. For example, the firm banking terminal 1 becomes operational with PIN verification information PA. When handling information on a specific file among the information stored on the floppy disk 11, the PIN is further manually entered and the PIN verification information PR matches on the IC card 10, and under the condition that these two pieces of PIN information match. For the first time, IC card 10 has key information K
Transfer A to firm banking terminal 1.

In this case, the PIN verification information PA and the PIN verification information PB may be input consecutively in advance.

Now, in the above case, the processing program for the encryption or decryption algorithm has the same mathematical formula or a part of a certain function in the key information, and completes the function or formula of the certain encryption algorithm or decryption algorithm. The key information can be used in this way. In addition, information obtained at a certain stage of the algorithm may be scrambled using key information and converted into other information. In addition, in the case of using a mathematical formula or a function, the encryption key information and the decryption key information may be different as long as the algorithms used for encryption and decryption are different.

Fig. 2 shows an example in which a single encryption/decryption algorithm is used, but as shown in Fig. 3, the encryption/decryption algorithm of formulas and functions can be transferred to the floppy disk 11 without using key information. A plurality of codes may be stored and one of them may be selected and encrypted using a PIN.

FIG. 3(a) is an example of the algorithm selection information table 7 when performing such processing, and the IC card 1
Identification information A, B, and C for selecting an algorithm for the key information part of the key table 5 of 0.

..., these are stored in correspondence with the PIN information, and the firm banking terminal 1 stores one of the identification information as
The encryption/decryption algorithm A (corresponding to the key information) and the algorithm B (I
Compatible with I information KA).

One of the algorithms C (corresponding to key information KB), etc. is selected and read, and information such as the transaction information file shown in FIG. 2(b) is decrypted and processed according to the selected algorithm. After processing, the necessary data is encrypted using the algorithm and stored on the floppy disk 11.
This is what is returned.

In this case, each algorithm A, B, C.

... without making it a specific completed formula or function, I
Information such as key information KA, KB, KC, etc. as shown in FIG. 2(a) is provided in another area of the C card 10, and the key information and identification information for selecting an algorithm are transferred to the firm banking terminal. 1 may be received from the IC card 10, and encryption and decryption may be performed using a combination of key information and a selected algorithm.

Figure 3 (C) corresponds to Figure 2 (C), and the PIN
- The key information of the key table 7 is used as algorithm selection information.

As the identification information of the algorithm for the above processing, address information that directly specifies the start address where the program or information of the algorithm is stored, or information that is converted to become the start address can be used.

By the way, in this embodiment, the key information for encryption and decryption is stored in the IC card in a table format in pairs with the PIN verification information, so that the person using the firm banking terminal 1 and the user who selects the You can easily set a PIN according to your business. In addition, as already mentioned, the PIN is verified using the IC card 10, and if it matches, the firm banking terminal 1 is given access rights to the corresponding information and information about encryption and decryption. , unless an IC card is present, the firm banking terminal 1 cannot perform important processing.

As explained above, in the embodiment, when the input PIN and the confirmation information (PIN) stored in the IC card match, key information etc. are sent to the firm banking terminal. In this case, a match includes a match obtained after scrambling one of the two.

In the embodiment, the encryption algorithm and decryption algorithm are stored on the floppy disk, but these are stored on the IC.
It may be stored in the memory on the card side, or it may be read into the memory unit 15 by the firm banking terminal. Furthermore, any encryption process may be applied to the firm banking terminal.

In the embodiment, the information transferred from the floppy disk is processed by decoding the necessary information using key information, but before the information of the file transferred from the floppy disk is stored in the memory unit 15. It may be decrypted and stored in memory, and then encrypted and returned to the floppy disk at the end of processing.

Although the embodiment shows an example in which a floppy disk is used as an external storage medium, the present invention is not limited to a floppy disk, and may be a memory card or other external storage medium.

In the embodiment, a firm banking terminal is used as an example, but the present invention is not limited to such a terminal device, but can be applied to various general terminal devices that use an IC card.

[Effect of the invention] In this invention, when the password code etc. match, the I
By receiving information regarding encryption such as key information from the C card, data to be stored in an external storage medium that is removably attached to the terminal device can be encrypted and stored in accordance with this information.

Furthermore, the encryption information for specifying the encryption key information or encryption algorithm is not stored within the terminal device, but is held within the IC card that manages usage authority information. Even if this W2N record is installed and used in other computers, workstations, etc., it is difficult to decrypt and there is almost no risk of unauthorized acts such as information inquiry or falsification, thereby reducing the security of the entire system. can be improved.

[Brief explanation of drawings]

FIG. 1 is a block diagram of a firm banking terminal device according to an embodiment to which the IC card data processing system of the present invention is applied, and FIG. 2 shows key information stored in the IC card and processing stored in the floppy disk. FIG. 3 is an explanatory diagram of a concrete example of the relationship between the algorithm selection information stored on the IC card and the processing data stored on the floppy disk. 1...Farm banking terminal, 3...Public line,
4... host computer, 5... key table,
6...PIN-key table, 7...Algorithm selection information table, 10...IC card, 11...
・Floppy disk, 13...IC card reader/writer, 12...Microprocessor (CPU), 14
... Floppy disk drive, 15... Random access memory (RAM), 16... Read only memory (ROM), 17... Display, 18...
Keyboard, 19...Printer. Figure (b) Figure (C) Figure (b) Figure (Q) Figure (c)

Claims (2)

[Claims] (1) A terminal device that is connected to a line, and an IC that is attached to this terminal device and has confirmation information and information regarding encryption, and that collates predetermined information sent from the terminal device and the confirmation information. The IC card includes a removable external storage medium that is attached to the terminal device and stores processing data of the terminal device, and the IC card is configured such that the predetermined information and the confirmation information match. When the information regarding the encryption is sent to the terminal device, the terminal device receives the information regarding the encryption, performs a predetermined encryption on the processed data according to the information, and stores the encrypted data in the external storage medium. An IC card data processing system characterized in that, when the processing data is read from the external storage medium, it is decrypted according to the information regarding the encryption and data processing is performed. (2) The IC card data processing system according to claim 1, wherein the information read from the external storage medium is stored in an internal memory of the terminal device in an encrypted state.