OA11120A

OA11120A - Cryptographic medium

Info

Publication number: OA11120A
Application number: OA9900104A
Authority: OA
Inventors: John H Wack Carl J Hershlow; Edward M Scheidt
Original assignee: Tecsec Inc
Priority date: 1996-11-20
Filing date: 1999-05-19
Publication date: 2003-04-04
Also published as: AP1098A; AP9901571A0; KR100372628B1; EA199900482A1; HUP0001638A3; HUP0001638A2; NZ336338A; WO1998022914A3; EP1008101A2; NO992416L; NO992416D0; PL333506A1; UA43455C2; WO1998022914A2; AU5688298A; BR9713162A; CA2272383A1; CN1246188A; EA001552B1; AU728517B2

Abstract

A cryptographic medium including embedded metallic particles. The particles provide a unique signature when the card is exposed to a radio frequency signal. The medium includes programming and storage capability, so that protocols for different types of transactions may be stored on the medium, along with personal information associated with the user of the token. The token may take the form of a plastic card, which includes an electronic module fabricated using a multi-chip module design and including the programming and storage capability. The design allows greater computing and storage capacity on the card. At least the electronic module is encapsulated in a plascon material, giving the overall card a more physically secure construction.

Description

011120

CRYPTQGRAPHIC MEDIUM

HELP OF THE INVENTION

The présent invention relates in general to a medium used for performing5 transactions. In particular, the présent invention relates to a medium used for performing secure transactions, such as banking or other commercialtransactions.

BACKGROUND OF THE INVENTION o Currentiy, activity in the area of Smart cards has been driven primarily by the need to protect the téléphoné industry. Cellular téléphonés in particular aresubject to fraudulent billing, at worst, and refusai to pay problems at best; in anyevent, the losses are measured in the millions of dollars per day in N.Y. Cityalone. In Europe, the GSM cellular System took action and instituted the 15 téléphoné card System, which required the use of a card to prepay the call orcash débit a prepaid account. This approach corrected the problems with thetéléphoné charge System to some degree. However, the criminal element movedits attentions to different methods, from cloning (counterfeiting) the téléphoné tothe attacking (fraudulent use) the prepaid cards. These cards, designed for 20 téléphoné use, are for the most part decrement-only cards, or prepaid cardswhich are used and then thrown away. This type of card representsapproximately 90% of the total number of “smart” cards generated in the world.

Industry standard cards, having been developed with the phone cardapplication in mind, took advantage of the ready accessibility of semiconductor 25 memory chips, and the card manufacturers, seeing a disposable market as beingidéal, decided to make the "smart card” as an inexpensive throwaway. Bymaking as few changes in existing products as possible, a method of billingphone calls only required the insertion of a small semiconductor die, which wasthen connected by wire to the minimum of contact points, into a card (paper or 30 plastic). The very requirements which were necessary for the one application drove the rest of the industry. The poor physical security of a die embedded into a 25mm sq. well milled in the plastic card also meant that the lifetime of the card could be measured in days. Still, this continued to be suitable for the téléphonéindustry.

Security as a whole, has been under review at ail levels of the informationinfrastructure. Computers, which are used to access control to information, to 5 physical locations, and to spécial areas are also under review. Ail softwaresolutions for security are ail too easily compromised. A token device to be heldby the individual user was required.

Currently, the widespread adoption of these concepts is évident by theneed for an average individual to carry a haif-dozen cards, or more. What was io once a simple need and requirement, has over time developed into an acceptedpractice. The downside of the widespread adoption of cards is the sheer numberof cards required by an individual.

Also involved is the relationship of each individual with the computer-aidedenvironment. Microsoft, and others in the computer software business, hâve is gone to great lengths to encourage each person to rely, to an ever-greaterdegree, with a computer at home and the computer in the workplace. Industryhas also invested great sums of money to take advantage of the efficiencies andworkflow improvements provided by the computer.

Available computer software includes hundreds of applications, which 20 would at first giance seem benign, but may render users vulnérable and evenwhole industries are now blurred with respect to the computer. For example,where or what is a “Virtual point of presence”? Banking in particular, which as anindustry has traditionally made its profit margins on services and the need forcustomers to visit, or at least exchange paper (money, stocks, bonds, etc.), hâve 25 a serious problem with the provision of these traditional banking services usingsoftware, through on-line companies like Microsoft and Intuit.

In recent years security of information within the banking community hasbeen deemed as only necessary during the transmission of information overspécial leased “private network" lines. The banks hâve placed cryptographie link 30 devices between one point of communications and another, e.g., bank to bank.

In the original scheme of things this worked. Banks were primarily paper houses and the only transfer of information was in the form of messages or spécifie types û11120 of information, having format and structure, but still just between the banks andultimately to the Fédéral Reserve or Treasury Department

As computers reached the desktop in size and capability, the banks, eagerto become efficient, began to connect more and more employées and service 5 groups together. The interoffice connection was considered “safe” largelybecause ail of the connectivity was internai to the bank and relatively isolated.

As the banks branched out to reach customers so did the banks networkfacility reach out and expand the ability of the bank employées and executives tocommunicate with one another. Still, the security solution was defined as only o being necessary for those transactions between facilities, and this requirementcould be satisfied by the communications link equipment. However, the growth ofthe intra-bank communications paths reached a degree of complexity andcompleteness which was not entirely expected. The hardware engineers hadsucceeded, everyone could talk electronically to everyone else about anything. 15 However, ail information is not equal and something must be done to control theflow of information proportional to the need to know access of the variousindividuals within the bank. Customer data needed to be protected from thoseemployées who did not need to know about account balances. Merger andacquisition trader information could not be allowed to be available to the teller at 20 the computer-based drive in window.

Moreover, as the interconnectivity of the bank as an institution increased, the availability of information became more and more accessible to more andmore people. Encryption of the links between facilities, while still necessary toprotect the information being sent from one location to another, did not provide 25 the séparation of information required. Other examples of the need for the séparation of information were established with the passage of the Privacy Act of1974. This law made it mandatory for the confidential information acquired eitherby employers, or banks or doctors and the like, be held in confidence andprotected from unauthorized or inappropriate access. 30 To further complicate the information distribution pool, is the rising demand to provide banking services and products to the customer via EDI or the internet.

Current use of hardware link devices does not allow for protection of the information moving from address to address or person to person within the 011120 network of a given bank or organization. Nor does the process of protecting thelink of communications provide any confidentiality to the information movingwithin the iink.

The same situation is true for information moving from an Automated 5 Teller Machine (ATM) to a bank or clearinghouse. The industry as a whole hasbeen trying to résolve this and has submitted a spécification: “The SecureElectronic Transaction Spécification” or SET. This spécification provides for theprotection of information in transmission from one EDI position to another, that is,from merchant to bank or ATM to clearinghouse. This spécification, however, is o not intended to protect the information itself, just the path. It is up to the functional owner of the information to provide security to the information. To thisproblem is offered this solution.

It is the parallel needs of these circumstances which demands an overallsolution. The deficiencies présent in conventional cards which make them 15 unsuitable as a solution are many. For example, each has a small die sizedefined by the 25mm well or hole in the card. Further, the practice of mountingthe die in a drop of epoxy exposes it to environmental, logical, and physicalabuse. This type of product offers limited physical and logical security. Theresuit is minimal functionality and memory capacity available if the sëmiconductor 20 industry is bound by the 25mm square définition imposed by the card industry.

An additional limitation is the dependence of the industry on existing solutions incryptographie security, and the overall misappiication of these generic solutionsto a very spécifie task.

On the logical issue, conventional cards hâve, on the whole, tried to use a 25 public/private key approach for controlling access to the card information. Thishas had its limitations for several reasons. First, the public/private key processrequires a separate co-processor to accomplish the actual computations, and thisco-processor can take up to 40% of the total die size and also of the limitedspace in the card well. Further, the computations of public/private key are time 30 consuming and each effort provides an unwelcomed delay in performance. The issue of protection of an individual’s private key is often overlooked, that is, the entire security scheme is dépendent on the private half of thë key remaining a secret. 4 011120

Plastic cards hâve been in use for a number of years. Plastic isinexpensive, allows for shaping, printing, embossing, and for the addition of astrip of magnetic tape. However, ail of these common characteristics also enablemisuse when a plastic card is applied.to a financial or crédit application. Crédit 5 card fraud is a major problem precisely because of the ease of duplication of theplastic card.

What is required is a method or process to provide a unique characteristicto the plastic card/material which is also inexpensive so as to not impact theubiquitous use of the product, and at the same time defeat the misuse of the 10 device in financial applications.

SUMMARY OF THE INVENTION

The approach of using a small 25mm sq. hole in a card was defined by thephysics of the semiconductor die. The overall dimensions of a single memory die 15 is measured in width, length, and height. The length and width are fixed andimmutable. However, the average die is between 20 and 25 mils thick. And ofthatthickness, approximately 12 to 17 mils is occupied by the alumina substratenecessitated by the photoetching process of semiconductor manufacturing. Byputting together a multi-chip module (MCM) design which provides a high degree 20 of density and capability, and then encapsulating the MCM in a plascon materiai,similar to the materiai currently used in the standard semiconductormanufacturing process, to provide stability, a thinning process can be executedwhich renders the thickness of the entire module to between 6 and 10 mils inthickness. This very thin product also takes on a very high degree of flexibility, 25 analogous to aluminum foil and aluminum plate. This thinning removes the needfor the 25mm limitation found in ail other industry products. In fact, 80% of thearea of the plastic card can be used to house electronic components.

Because of the plascon, the flexible MCM is compietely sealed fromoutside environmental contaminâtes. The résultant module can be laminated so within two outer layers of plastic and actually be reused if the outer housing should be damaged by accident or misuse.

This provides an improvement in security, which in existing cards is minimal in the physical sense. The unprotected die of memory or processor 5 011120 functions is currently wire bonded to an ISO-specified métal contact material (see ISO Std. 7816-2 ! Physical Spécifications and -3 / Electrical Spécifications).

As such, the die is open to probing, attachments, or any other type of physical analysis. Further, when you flex the current industry standard card, the 5 imbedded die jumps up and off of the card like a flea.

BRIEF DESCRIPTION OF THE DRAWING

Fig. 1 a block diagram showing an exèplary use of the présent invention.

10 DETAILED DESCRIPTION OF THE INVENTION

Metallic materiai can be shaped into very small particles. Slivers of métalof varying lengths hâve a particular characteristic when used as an antenna forradio frequency. When the métal length and the wavelength of the radiofrequency are the same, the métal material resonates, or more accurately reflects 15 the signal in a very efficient manner. The mixing of very small, sub-micronbipolar antennas, that is, métal particles in the plastic slurry at the time ofmanufacturing, would generate a naturally random disbursement of the métalparticles in the résultant plastic card. This random placement of particles canthen be illuminated with a very low level RF signal which reflects a unique pattern 20 based on the physical position of the particles suspended in the material. Thisreflected pattern is unique for each card, unique to the frequency used toilluminate the card, and different depending on which portion of the card is usedto compare patterns.

This unique physical signature can be used to assure the physical integrity 25 of the card as well as the unique identity of the card because the disturbance ofthe particles, not only as individual particles but also in relationship to each otherparticle as a whole entity (this is a 3 dimensional event), is détectable.

In the case of crédit cards or Automatic Teller Machines (ATM)applications, the card and its unique RF signature can be read at the time of 30 insertion, very quickly, and the physical integrity and unique identification of the card is corroborated. The frequency at which the card is read may also change or be varied at what ever periodicity is desired. For example, on the first day of manufacture, the card is read in a stripe fashion much the same as a common 6 011120 magnetic stripe is read today. However, this RF reading is made at an initialfrequency of 10Ghz. The refiected signai is characterized and stored in adatabase along with the account number and name of the récipient of the card.

At each reading of the card thereafter, not only can the initial reading be 5 conftrmed, the card can be read at another frequency to add to thé initial,characteristic database and can be used to check the same integrity anduniqueness. In a matter of days, the continuous use of the card would allow forcheck and counter-check against an immutable physical characteristic, assuringthe issuer of the card that it had not been tampered with in any physical way. o The card of the présent invention has two physical components, the plastic carrier or body of the card and the eiectronic module (approximately 1 squareinch of semiconductor die, interconnected and embedded in piascon). The RFsignature can be read on the module as a separate entity and/or combined withthe signature of the card itself, to assure the relationship of the two devices is as 15 originaily intended. Moreover, if the card body or carrier should be damagedbeyond the toieration level of the issuer or holder, the original card can bedestroyed and the eiectronic module portion can be embedded into another cardbody, at which time a new signature would be read and used for future RFvalidation processes. This would allow continuous use of the content of the 20 electronics, and reduce the replacement cost to the issuer of the cost of theplastic body or card. A token device is consistent with Fédéral Information Publication SystemBulletin #140-1. It is within this document that the concept is expressed thatidentification of an individual to a System should be token-based. The idea is that 25 individual information should résidé off of the computer System that is used forinformation sharing and in a platform that is separate and isolated from access byothers on that System. This means that the token may be represented by afioppy disk, a PCMCIA card, or a smartcard. The limitations of function andcapacity of other cards hâve restricted the application of this type of a System. 30 Tokens hâve been in use for a number of years. In fact, one of the problems in the security/access control market is the number of different tokens necessary in the day’s events. A token (swipe card) is used to enter a garage area, another permits entry into a building, a third allows for access to a spécial 7 011120 secured area, and yet another token is required for access to a computerterminal. In certain environments, the number of tokens may exceed a dozén.

This situation is caused primarily by the development of each of the variousSystems under different manufacturera, each of whom, in trying to get the most 5 out of a sale, insists on their own token. A common token for ail functions hasnot been possible for lack of computationai power and memory capacity.

The présent invention with its 16-bit CPU and large (initially 1 Megabyte)memory capacity offers several significant parts to the overall solution set ofproblems associated with security and electronic transactions. io The 16-bit CPU offers the computationai capability necessary not only to process large addressing schemes, but also to process a variety of protocols andthe communications structures of different manufacturer. The card of theprésent invention can support large memory transfers and more importantiy, cansupport multiple applications on a single card. The introduction of Constructive 15 Key Management cryptography enables the card to enforce this applicationséparation. Each functional owner of a memory segment or application canoperate a completely different process of access and data storage, with theknowledge that it is not possible for any one else to hâve access to aninappropriate information object. 20 Such a card has been manufactured by Lockheed Martin, Sillcocks Plastics,and Secure Transaction Solutions using an Intel 80188EB CPU; 64k bytes ofOne Time Programmable processor instructions; 512k bytes of DRAM formemory buffer and scratchpad memory for CPU activity (program execution);512k bytes of Electrically altérable program memory; and the associated latches 25 and switches necessary to operate the card. Additional configurations may beutilized. The CPU addressing scheme allows for direct memory addressing of 32megabytes of memory in various configurations of RAM and ROM consistent withthe requirements of the various applications.

The plastic stock material from which the card is eut is impregnated with the

30 sub-micron chaff material necessary for the RF ID process to operate. The RF

Signature and ID process is thereby associated with the card (for example, the RF signature at various frequencies and various locations on the card). 8

The card is also capable of supporting magnetic stripe, printed information such as a 4-color photo, fingerprint, signature block, spécial symbols or logos, holograms, and other pièces of printed or attached information.

The basic operating System for the CPU may be installed in the EEPROM at 5 the time of manufacture, or prior to manufacturing, at the EEPROM factory.

The card is assigned to a particular user, with a unique account number, andthe RF ID is read and stored in non-volatile memory along with any other issuer /user-necessary information that might be desired, like a 4-color photo of the user(compressed and hashed), and a File Allocation Table (FAT) is created to âllow o the CPU to parse the memory sectors for later activation for additional applications. The user, upon receipt, will activate the card if received remotely, -much as one does with conventional cards, and consistent with security practiceif access is granted under a separate channel of distribution, e.g., téléphoné, U.S.Mail, or courier. The user can accept the offered Personal Identification Number 15 (PIN) or select his/her own.

An exemplary use ofthe card of the invention is now illustrated, with referenceto Fig. 1. The card is presented to an ATM. The RF ID is read from the card andits value is read into a register. The CPU ofthe card and the ATM exchange asériés of signais to establish a common protocol. The card is capable of multiple 20 protocols and therefore allows for a much greater degree of freedom ofparticipation for the user.

Having achieved a common communications base, the ATM requests the PINof the user of the card, which is stored in an encrypted form in the memory sectorappropriate to that type machine, for example a MOST, or Cirrus transaction. The 25 PIN is transmitted on-line to the respective clearing house via the dedicated SET-approved communications link, along with the previously-stored RF ID number.This information is sent to a clearing house firewall where the format oftheinformation is screened for.conformity. If it is acceptable, the packet is allowed tocontinue onward to the decryption area, where the information packet is 30 decrypted using the indexina information bits in the header of the sent information along with the RF ID data to create a user key, which when combined with the database-stored component of a user access table generates the key to decrypt the actual packet. Within the packet are the credentials ofthe individuai account, 9 011120 the confirmation of the holder and card, and an audit of a predetermined numberof past transactions which are relevant to this particular issuer. The pasttransactions are validated and the permission is sent to the ATM to proceed. Thevalidation of past transactions includes the performance of several fonctions, the 5 obvious update or correction if necessary, and also the assurance offered to theissuer that the message or content of encrypted data is large enough to assureno tampering or partial changes hâve occurred. The ATM then présents a list ofactions which can be chosen by the user, and those sélections are used ascryptographie splits to generate at the ATM an encrypted request/instruction o which is sent to the clearing house. The screening process is repeated and ifappropriate, the transaction is allowed. The updated (audit trail included) userpacket is encrypted at the clearing house and sent back to the ATM to be enteredon the user’s card. No encryption occurred, on the card, in this particulartransaction. In another protocol, or in a different application, encryption may be 15 desired and desired to occur on the card. The powerful 16-bit processor andmemory configuration of the card supports the choice.

Use of the card of the présent invention in making a crédit card transaction isnow described. The card is offered to the merchant terminal. The terminal readsthe RF ID value and stores it in a register. The card negotiates an exchange to 20 détermine correct protocol with the merchant device. The card, having a powerful 16-bit CPU, is capable of processing many different applications andprotocols, and having achieved an acceptable communications link, aisonegotiates the highest baud rate that is mutually acceptable, up to 115,200 baud(currently). The merchant terminal requests on-line status with the respective 25 clearing house and the combined value of the RF ID and the merchant membership number, aiong with the terminal ID number, are used to generate aunique key which is used to communicate and build a session key with theclearing house. The unique session key assures the participating merchant andthe user of the card that the total transaction will be transmitted to the clearing 30 house and the resulting answer will be encrypted using the identical components for key construction, assuring that the answer or acknowledgement can only be deciphered by the appropriate parties, i.e., the user and the merchant, at that 10 011120 particular device. The information at the clearing house is decrypted and processed and the audited transaction is processed.

The card of the présent invention may also be used to establish a secure

Internet commerce relationship. A user of the Internet selects a Web page of a 5 particular vendor. The page offers an opportunity to download transaction software. A click of the mouse and the transfer is complété. The software is sentas a serialized self-extracting exécutable file, which when selected will extractand install itself and présent a screen that asks if now would be a good time to fillout the registration form for that particular vendor. This is also suggested to 10 occur off-line. The registration form is filled out and ail significant data is entered,including the type of payment, crédit card number, etc. The software asks if theuser wishes to take advantage of a Storage of Permissions Feature, which àllowsthe user to store on the card, the permission/identifying splits that were generatedby the vendor software. The user agréés and the card is presented and the 15 information stored. The send button is seiected and the automatically-encryptedbundle is sent back to the vendor of choice. The vendor receives the encryptedbundle and opens it. Recognizing the form/structure of the bundle, the encryptionis automatically keyed with the serial number of the copy of the downloadedsoftware, and the vendor firewall allows the bundle to pass to the Processing 20 area. The user, having gone back to the Web page, is now looking at the vendorcatalog and selecting items for purchase, each of which has a number. It is thecombination of these numbers and the number of the serialized software thataenerates the seiected components of the split key encryption. Ail messages areprotected and ail communications are unique between the vendor and the user.

Claims

ο ί ί i ; ο What is claimed is:

1. A cryptographie medium, comprising·. a plastic base; 5 metallic slivers embedded in random locations in the plastic base for providing a unique RF signature; and an electronic module coupled to the plastic base, comprisingProcessing means, andstorage means. 10
2. The cryptographie medium of claim 1, wherein the plastic base includes aplascon material encapsulating at least the electronic module.
3. The cryptographie medium of claim 1, wherein the metallic slivers are formed15 in random sizes.
4. The cryptographie medium of claim 1, wherein the metallic siivers are formedin random, submicron sizes.
5. The cryptographie medium of ciaim 1, wherein the electronic module includes a central processing unit.
6. The cryptographie medium of claim 5, wherein the central processing unit is a16-bit central processing unit. 25
7. The cryptographie medium of claim 1, wherein the electronic module includesstorage memory.
8. The cryptographie medium of claim 7, wherein the storage memory includes30 user identification data. 12 011120
9. The cryptographie medium of claim 8, wherein the user identification number ‘is suitable for providing access to a financial account through use of anautomated teiler machine. 5 10. A method of forming a cryptographie medium, comprising: a) forming a plastic base having a void therein, and metaliic slivers embeddedtherein; b) fabricating an electronic module using a multi-chip module design; c) placing the electronic module within the void; and io d) encapsulating at least the electronic module in a plascon material.
11. The method of claim 10, wherein fabricating an electronic module inciudesfabricating a central processing unit.
12. The method of claim 11, wherein fabricating a central processing unit inciudes fabricating a 16-bit central processing unit
13. The method of claim 10, wherein fabricating an electronic module inciudesfabricating a storage memory. 20
14. A method of using a cryptographie medium in a transaction, comprising: a) presenting a token at a transaction point; b) reading physical characteristics of the token to obtain a signature of the token; c) interpreting the signature to extract information; and 25 d) determining whether the transaction will proceed based on the extractedinformation.
15. The method of claim 14, wherein the physical characteristics of the tokeninclude the presence of metaliic slivers inciuded in the token. 30
16. The method of claim 15, wherein the signature of the token is a radiofrequency signature. 13 011120
17. The method of claim 14, wherein the extracted information is securityinformation.
18. The method of ciaim 14, wherein the information is token user identification5 information·.
19. The method of ciaim 14, further comprising reading data from the token.
20. The method of ciaim 19, wherein reading data from the token inciudes îo communicating with a processing unit disposed on the token to read the datastored in memory disposed on the token. I4