KR20120129617A - Identification card, apparatus and method for issuing card - Google Patents
Identification card, apparatus and method for issuing card Download PDFInfo
- Publication number
- KR20120129617A KR20120129617A KR1020110047977A KR20110047977A KR20120129617A KR 20120129617 A KR20120129617 A KR 20120129617A KR 1020110047977 A KR1020110047977 A KR 1020110047977A KR 20110047977 A KR20110047977 A KR 20110047977A KR 20120129617 A KR20120129617 A KR 20120129617A
- Authority
- KR
- South Korea
- Prior art keywords
- applet
- card
- identification card
- key
- distribution module
- Prior art date
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06K—GRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K19/00—Record carriers for use with machines and with at least a part designed to carry digital markings
- G06K19/06—Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code
- G06K19/08—Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code using markings of different kinds or more than one marking of the same kind in the same record carrier, e.g. one marking being sensed by optical and the other by magnetic means
- G06K19/10—Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code using markings of different kinds or more than one marking of the same kind in the same record carrier, e.g. one marking being sensed by optical and the other by magnetic means at least one kind of marking being used for authentication, e.g. of credit or identity cards
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q50/00—Systems or methods specially adapted for specific business sectors, e.g. utilities or tourism
- G06Q50/10—Services
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
Abstract
Description
The present invention relates to a card issuing apparatus and a method thereof, and more particularly, to an identification card for identifying a user, and an apparatus and method for issuing such a card.
Recently, technologies for identifying an individual using a smart card and using various services based on the smart card have been developed. While conventional cards are plastic products using magnetics, smart cards are electronic cards that can hold a large amount of information by embedding at least one integrated circuit (IC) memory device in the plastic card. Smart cards have memory, two-way communication, and information protection functions, which can be used in various fields such as ID cards, credit cards, and cash cards, and can store 100 times more information than magnetic cards. Such smart cards include memory type smart cards, microprocessor embedded smart cards, interactive smart cards, and the like.
However, issuing such a smart card requires a separate device and takes a long time to manufacture the card. For example, when a separate group or company wants to issue a smart card for personal authentication of members or employees, it takes a long time to produce a card and an additional cost increases.
The problem to be solved by the present invention is to provide an apparatus and a method for issuing a card for identifying a user more quickly and simply.
In addition, an object of the present invention is to provide a device and method for issuing such a SD card more simply and stably while using a secure digital (SD) card having a smart card function as a card for identifying a user. It is.
In addition, the problem to be solved by the present invention is to provide an identification card that is easy to issue.
For the above problem, the card issuing method according to a feature of the present invention, in the method for issuing an identification card, the identification card is initialized; Loading at least one applet associated with a key distribution module and an identification card function to the initialized identification card; Obtaining, by the key distribution module of the identification card, a key for the applet; And providing the obtained key to the applet and providing the identification card related information to the applet.
Card issuing apparatus according to another aspect of the present invention is a device for issuing an identification card, card interface for performing an interface with the identification card; A card initialization unit for initializing the identification card by driving the operation module of the identification card; A loading processor configured to load at least one applet associated with the identification card and a key distribution module for issuing applets into the initialized identification card; And an issuing processing unit communicating with a management server through a network to obtain a key for the applet and a password for using the applet, and provide the obtained key and password to the key distribution module of the identification card.
According to another aspect of the present invention, an identification card comprises: an operation module for initializing the identification card and performing authentication for mounting an applet; At least one applet for performing the function of the identification card; And a key distribution module for distributing a key for use to the applet, wherein the key distribution module receives the key of the applet from a card issuing device and provides the key to the applet.
According to an embodiment of the present invention, an identification card can be easily issued using a terminal having a communication function without using a separate device for issuing a card. In particular, the number of communication transactions with the server through the network at the time of issuance is reduced, so that the card can be issued more stably and without processing load.
1 is a view showing the relationship between the structure of the identification card and the card issuing apparatus according to an embodiment of the present invention.
2 is a diagram showing the structure of a card issuing apparatus according to an embodiment of the present invention.
3 to 5 are flowcharts illustrating a card issuing method according to an embodiment of the present invention.
6 is a flowchart illustrating an information update process according to an embodiment of the present invention.
Hereinafter, exemplary embodiments of the present invention will be described in detail with reference to the accompanying drawings so that those skilled in the art may easily implement the present invention. In the following detailed description of the preferred embodiments of the present invention, a detailed description of known functions and configurations incorporated herein will be omitted when it may make the subject matter of the present invention rather unclear. In the drawings, like reference numerals are used throughout the drawings.
Hereinafter, a card issuing apparatus and a method thereof according to an embodiment of the present invention will be described with reference to the drawings.
1 is a view showing the relationship between the structure of the identification card and the card issuing apparatus according to an embodiment of the present invention.
According to an embodiment of the present invention, a card, that is, a
The
The
The
The
The applet 13 is an applet for various transactions using an identification card, and may be at least one. For example, it may include a public certificate, a cash card applet, and the like.
The
2 is a structural diagram of a card issuing apparatus according to an embodiment of the present invention.
As shown in FIG. 2, the
When the SD card for functioning as an identification card for storing user information is connected to the
The
The issuing
Specifically, the
The
The
By the card issuing device according to the embodiment of the present invention having such a structure, after the initialization of the identification card and the applet loading process (first process) is performed, the applet key distribution process (second process) and the user The process of recording the information on the identification card (third process) is performed. The first process is performed by the communication between the card issuing device and the identification card on the offline, the second process is performed based on the communication through the network while the card issuing device is connected to the management server on-line, and the third process is offline By means of communication between the card issuing device and the identification card.
On the other hand, the
Next, a card issuing method according to an embodiment of the present invention will be described based on the card issuing device having such a structure.
3 to 5 are flowcharts of a card issuing method according to an embodiment of the present invention.
In particular, FIG. 3 is a flowchart illustrating an initialization process and an applet loading process in a card issuing method according to an exemplary embodiment of the present invention.
As shown in FIG. 3, when a user wants to issue an identification card that stores information related to a user, the
When the
Thereafter, authentication for mounting the applet on the identification card may be performed (S130). When performing authentication for applet loading, the
After the identification card is initialized or after the authentication for mounting the applet is completed, applet loading is performed on the identification card 10 (S140). For example, the
As described above, the initialization and applet loading process for the identification card is performed offline through communication between the
4 and 5 are flowcharts illustrating a key distribution and information recording process in the card issuing method according to an embodiment of the present invention.
After the initialization of the identification card and the applet loading process are completed, the
To this end, the issuing
The
After the real name verification is selectively performed, the
In addition, an issue response message in which the applet unique key and the applet PIN correspond to the identification number is generated and transmitted to the card issuing device 20 (S250). In addition to the identification number, the corresponding applet unique key and the applet PIN, the data included in the transmitted issuance response message may include information (resident number, etc.) about the user who requested the issuance. In addition, when the generated unique key is for a financial applet, related financial information (eg, an account number, etc.) may be included. Data included in the issuance response message may be encrypted and transmitted.
The
Meanwhile, the issuing
Next, based on the information obtained from the full issuance response received online, the process of providing a key to the applet and recording the information.
As shown in FIG. 5, the
The
Thereafter, the
The applet unique key provided from the
Specifically, after PIN verification is performed, the issuing
On the other hand, in order to store the information in the applet 13, the issuing
The above process is performed individually for each installed applet, and when a plurality of applets exist, they may be performed in parallel through different channels. That is, the unique key and information storage process for the first applet through the first channel and the unique key and information storage process for the second applet through the second channel may be performed in parallel.
Through the process as described above, the unique key and user-related information for the applet mounted on the
Through such a card issuing process, an actual online transaction is performed only when a card issuing device receives a key through a management server. Therefore, since the number of online transactions is performed significantly less than the conventional method of issuing a card, it is possible to reduce the load caused by performing online transactions and to further reduce the risk of information breach caused by online transactions. .
In addition, since a module for issuing a card is conventionally installed in a separate terminal to perform card issuance, at least two terminals including a terminal for processing an identification card for card issuance and a terminal for processing a module for key issuance are provided. Was required. However, according to an embodiment of the present invention, the module for issuing a key is installed and operated in the issued identification card, so that the identification card can be easily issued using one terminal.
Next, as described above, after the issuance of the identification card is completed, the process of updating the information stored in the applet of the identification card will be described.
6 is a flowchart illustrating an information update process for an identification card according to an embodiment of the present invention.
When the
The
The
Thereafter, the PIN verification is performed (S540), specifically, the
The
In response to a request from the
In contrast, when the
Through this process, the information of the applet stored in the
The embodiments of the present invention described above are not implemented only through the apparatus and the method, and the program or the computer on which the program is recorded can execute a method corresponding to the method and the configuration of the apparatus according to the embodiment of the present invention. It can also be implemented through a recording medium that can be read, such an implementation can be easily implemented by those skilled in the art from the description of the embodiments described above.
While the present invention has been particularly shown and described with reference to exemplary embodiments thereof, it is to be understood that the invention is not limited to the disclosed exemplary embodiments, It belongs to the scope of right.
Claims (13)
Initializing the identification card;
Loading a key distribution module and at least one applet associated with the identification card into the initialized identification card;
Obtaining, by the key distribution module of the identification card, a key for the applet; And
Providing the obtained key to the applet and providing the identification card related information to the applet.
Card issuing method comprising a.
Acquiring the key
Transmitting, by the card issuing device, to which the identification card is connected, an issuing request message for requesting key issuance to a management server through a network;
Receiving, by the card issuing device, an issuing response message including a key for the applet and a password for using the applet from the management server; And
The card issuing device providing the key and password to a key distribution module of the identification card
Including, card issuing method.
The steps provided to the applet
The card issuing device verifying a password provided to the key distribution module to form a communication path between the key distribution module and the applet; And
Providing a key stored in the key distribution module to the applet through the communication path
Including, the card issuing method.
Updating the information stored in the applet.
The updating step
Generating, by the key distribution module, an authentication value for updating information;
The applet performing authentication on the authentication value;
Updating the stored information based on the information provided by the applet when the authentication is performed.
Including, card issuing method.
Updating the stored information based on the provided information
And the applet receives the information along with the authentication value, and updates the stored information based on the received information when the authentication is performed on the authentication value.
Updating the stored information based on the provided information
Providing information to the applet to be updated by the card issuing value when the authentication value is authenticated by the applet; And
Updating the stored information based on the information provided by the applet
Card issuing method comprising a.
A card interface unit for performing an interface with the identification card;
A card initialization unit for initializing the identification card by driving the operation module of the identification card;
A loading processor configured to load at least one applet associated with the identification card and a key distribution module for issuing applets into the initialized identification card; And
Issuing processing unit for communicating with a management server through a network to obtain a key for the applet and a password for using the applet, and to provide the obtained key and password to the key distribution module of the identification card.
Card issuing device comprising a.
A verification processing unit for verifying a password provided to the key distribution module to obtain an access right to the key distribution module
Card issuing device further comprising.
And a key provided from the key distribution module of the identification card is provided to the applet through the issuing processing unit, and the issuing processing unit provides identification card related information to the applet.
At least one applet for performing the function of the identification card; And
A key distribution module for distributing keys for use to the applet
/ RTI >
And the key distribution module receives the key of the applet from a card issuing device and provides the key to the applet.
And the key distribution module and applet are loaded into the identification card after the identification card is initialized.
The key distribution module
Verifying a password provided from the card issuing device and a password that is stored in itself, and providing the applet's key to the applet through the card issuing device if the two passwords match.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020110047977A KR20120129617A (en) | 2011-05-20 | 2011-05-20 | Identification card, apparatus and method for issuing card |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020110047977A KR20120129617A (en) | 2011-05-20 | 2011-05-20 | Identification card, apparatus and method for issuing card |
Publications (1)
Publication Number | Publication Date |
---|---|
KR20120129617A true KR20120129617A (en) | 2012-11-28 |
Family
ID=47514088
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
KR1020110047977A KR20120129617A (en) | 2011-05-20 | 2011-05-20 | Identification card, apparatus and method for issuing card |
Country Status (1)
Country | Link |
---|---|
KR (1) | KR20120129617A (en) |
-
2011
- 2011-05-20 KR KR1020110047977A patent/KR20120129617A/en not_active Application Discontinuation
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11218480B2 (en) | Authenticator centralization and protection based on authenticator type and authentication policy | |
US11223948B2 (en) | Anonymous authentication and remote wireless token access | |
US8863308B2 (en) | System and methods for providing identity attribute validation in accordance with an attribute disclosure profile | |
US10586229B2 (en) | Anytime validation tokens | |
TWI497336B (en) | Data security devices and computer program | |
JP2018516505A (en) | Authentication in the ubiquitous environment | |
US20160155123A1 (en) | System and method for user authentication by using a physical financial card and mobile communication terminal | |
TW200539644A (en) | A method, a hardware token, a computer and a program for authentication | |
KR20120108599A (en) | Credit card payment service using online credit card payment device | |
JP6691582B2 (en) | User authentication method and authentication management method | |
CN113595714A (en) | Contactless card with multiple rotating security keys | |
KR102122555B1 (en) | System and Method for Identification Based on Finanace Card Possessed by User | |
KR102348823B1 (en) | System and Method for Identification Based on Finanace Card Possessed by User | |
KR20110122432A (en) | Authentication system and method using smart card web server | |
TWI596547B (en) | Card application service anti-counterfeiting writing system and method based on multi-card combination | |
KR101480034B1 (en) | Method for providing financial service using qr security code | |
CN106355404B (en) | Debit credit transaction system and method with security vulnerability protection mechanism | |
KR20140063256A (en) | Payment method and system | |
KR20110005612A (en) | System and method for managing otp using biometric, otp device and recording medium | |
KR20120129617A (en) | Identification card, apparatus and method for issuing card | |
JP6009521B2 (en) | User identification system, method and program | |
KR101619282B1 (en) | Cloud system for manging combined password and control method thereof | |
KR102652497B1 (en) | Did authentication method using smart card and smart card device | |
JP5386860B2 (en) | Payment system, payment processing apparatus, validity verification apparatus, validity verification request processing program, validity verification processing program, and validity verification method | |
KR20230058574A (en) | Method and system for authenticating for on-line financial transaction |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
A201 | Request for examination | ||
E902 | Notification of reason for refusal | ||
E601 | Decision to refuse application |