TW491980B - Chip card and its using method - Google Patents

Abstract

The chip card transfers currency units or other valuable data representing non-money giving between the card holder and at least one transaction partner (service provider), or is displayed in the authority giving period authorized by the service provider for performing transaction. The chip card includes a storage area for storing the data required for performing transaction. The chip card further comprises the following features: means for loading one or more chip application programs (VAS application programs) into the chip card, and means for allowing the card holder to perform transaction with one or more service provider.

Description

491980 A7 B7 2497pif.doc / 002 V. Description of the Invention The invention relates to a chip card, a terminal using the chip card, and a method for using the chip card and its system. (Please read the notes on the back before filling in the true) Microprocessor chip cards with payment, such as e-wallets, e-cash, credit functions, etc., are already in use, and according to their nature, they are systematically pre-empted Classifications such as ZKA (Zentraler Kredi tauss chu / 3), VISA or EMV (Europay Mastercard VISA) can therefore be used as a payment method. Here are some examples: -ZKA, Zentraler Kredi tausschu / 3, "Special Interaction Between Electronic Cards and Chips" 27, 10, 1995; -Europay International, "Integrated Circuit Card, Specific Payment System" EMV'96 ", V3.0, 30, 1, 1996; -IS0 / IEC 7816-4, "Information Technology_Identification Card_Integrated Circuit Contact Card, Part 4: Exchange Control Between Businesses: 01—09—1995; -PrEN 1546_1, "Identification Card System-Cross-E-Wallet, Part 1: Definition: Mind and Structure", 15,03, 1995 -PrEN 1546j, "Identification Card System-Cross-E-Wallet, Part 2: Security Structure" 03, 07, 1995; Printed by the Consumer Cooperatives of the Central Standards Bureau of the Ministry of Economic Affairs-P1ΈN 1546_3, "Identification Card System-Cross-E-Wallet, Part 3: Data Components and Exchange" 09, 12, 1994 For an overview of recent chip cards, you can find F: —Stefan Schutt Bertt Kolraf: u Chipkarten, Technische MERKMALE Normung, Einsatzgeloiete ", (" chip card, technical characteristics, standards, scope of use "), R. Oldenboung This paper size applies to China Quasi (CNS) A4 size (210X297 mm) 491980 2497pif.doc / 〇〇2 A7 ___ B7 V. invention is described (>)

Vevlag, Munich / Vienna, 1996, ISBN, 3-486-23738-1. Traditional chip cards are often used only for special purposes, such as for e-wallets or electronic identification methods. However, the applicability attached to these chip cards is usually static, meaning that after the applicability of the chip card manufacturing process is added, it remains the same throughout its life cycle. Traditional chip cards have limited variability (Va r ab ab t t y) and functionality (fumctionaUty). In particular, conventional chip cards have their functionality fixed and not changed in accordance with their manufacturing process'. Therefore, the main object of the present invention is to provide a chip card whose functionality can be changed. Another purpose of this issue is to provide chip cards, even after the manufacture is completed, the nature and number of applications of the chip chip or the use and transactions can be changed. It can load other applications or remove applications from the chip card, and each application is independently defined and independently performed in terms of data and security technology. For example, the chip card should comply with the relevant data and security technical conditions of IS07816, but its individual applications are particularly independent of the chip card receiving station (Platf0rm) itself. Printed by the staff of the Central Standards Bureau of the Ministry of Economic Affairs for consumer cooperation (please read the precautions on the back before filling out this page) In addition, the present invention also provides a chip card, and the user can decide or combine or change the application nature of the card And times, using this chip card's internal services (intraservices) (ie closed path (clOsedJ0oop) applications that do not involve external member reservations or service transfers) * and interactive services (mter services) (ie have additional relationships with external members Applications) are possible and executable. _ A feature of the present invention is provided for one instrument for one or more applications. 5 Exhaust, the Zhang scale is applicable to the Chinese National Standard (CNS) A4 specification (210x297). 491980 A7 B7 2497pif.doc / 〇〇2 5. Description of the invention (4) It can be recorded on the card, so the cardholder and the provider of one or more services can conduct transactions. (Read the precautions on the back before filling out this page.) If you load the chip card so that it can have a new function, you can execute applications that were previously unavailable. The basic functions of the loaded data link chip card, such as the operating system not previously provided, can define and understand the application itself. The functionality of a chip card can therefore be extended by loading applications in a special way. According to the embodiment of the present invention, a data structure (S ϋ atraist re 13 re) (DF_VAS) on the chip card is provided. This data structure is further subdivided into an even structure and a definition data set (xlsJUUqi data set), and the code format It is separate from the chip card receiving station. The so-called application can load the functions or applications of the chip structure, that is, the chip card. It is therefore possible to include a special application of chip cards for transactions between cardholders and service providers. A defined data set of the information correction structure includes the application structure and properties of the load space structure. However, the entire data structure uses at least one system key to avoid modification, and only this key can be modified. In addition to the system keys, other security mechanisms or methods can be thought of to prevent the system from being modified. Printed by a Consumer Cooperative of the Central Bureau of Standards of the Ministry of Economic Affairs, for example, by a personal identification number (PIN) or other means of providing such security. From the above architecture, various applications of the structure of the space can be loaded, and they can be deleted from the structure again. The chip card has variability due to functions and applicable applications. Load and delete applications by writing down the spatial structure-specific data and keys provided. Provision of system keys and data structure passwords The use of data structures has multiple functionalities and the security structure can be self-independent. 6 This paper size applies to China National Standard (CNS) A4 specifications (210X297 mm) 4,91980 497pif.doc / 002 A7

V. Description of the invention (¥) The crystal card receiving desk printed by the Consumer Cooperatives of the Central Bureau of Quasi-Economic Bureau of the Ministry of Economic Affairs. According to the application of the load space architecture, the chip card transaction of the card holder and the provider regarding the load application can be performed. The chip card further includes a transfer storage region (transfer storage region) to perform transactions and the data exchanged can be written or read. In order to retrieve data from the transfer storage area, a terminal_specific key is required. From a women's perspective, individual accesses are independent. The comparison of individual space structures or applications provided in the card is independent of each other and is assigned to a particular service provider individually. In other words, Yan said that they execute a special application and provide the server with private special data. Depending on the application form and the service provider, they include different information, such as data representing a particular bank (bonus points, budget balance, etc.), application data, and information about the service provider. However, it is better that they contain keys in particular; they are particularly magnetically applied so that spatially structured data can be obtained while security technology is independent of other spatial architectures. Load or generate $ space framework or the application itself to attach at least one system key flag for security. The chip card and the terminal are verified with each other before the transaction is executed, and a special verification key for individual space architecture is provided for this purpose. In order to execute transactions, data is written into the spatial architecture, kept read as a special VAS application or spatial architecture, or executed via a transfer storage area. In the first example, application-specific keys are used 'in the last-mentioned example', in addition to application-specific keys, terminal-specific keys are used, such as those generated by keys on the wafer and application-specific data. The data written in the transfer storage area in this way can be used by the service provider through the 7 paper sizes. The Chinese national standard (CNS) A4 specification (210X297 mm) is applicable. (Please read the notes on the back 1 · Items before filling · Loading— : Write this page) Order 491980 Μ Β7 2497pif.d〇c / 〇〇2 V. Description of the invention (f) (Please read the precautions on the back before filling this page) Take out and mark invalid 'If the process involves a service provider There is no specific application written, which is the so-called internal service (intergervice), that is, the exchange of currency data between cardholders and different service providers. Furthermore, for extra security, a PIN or password is provided as a correct proof of execution of the transaction procedure. The changed structure of the chip card can be used on the card for different numbers of applications. The data taken from the transfer storage area is preferably a signature key (signature key) or a digital signature or at least one key. However, in this article, this method is particularly beneficial if the fetched data is still in the transfer storage area and is only marked as having been fetched from the wafer. From this point of view, it is possible to obtain the information related to the transaction even if the transaction has occurred. By taking out the security protection of the data, it can ensure that the transaction is executed only once. Printed by the Consumer Standards Cooperative of the Central Bureau of Standards of the Ministry of Economics This method is particularly useful if the data written to the transfer storage area is appended with an expiration date when they have lost their value. Therefore, it is possible to carry out, for example, an application for one special period only. Using the transaction counter (COUNTER) transaction date, according to the individual price data of the relevant transaction can be correctly determined and certified. In an advantageous embodiment, the chip card according to the present invention therefore contains a hierarchical data base database concept. Different keys are used in each layer to protect it from modification, according to the application of data base storage The application level is variable. Each application is protected by its own special key independently of other applications. The entire structure is up to 8. This paper size applies the Chinese National Standard (CNS) A4 specification (210X297 mm) 491980. 2497pif ^ doc / 〇〇2 8 7 B7 5. Description of the invention (?) One system key is used to protect and the structure is identified by a password. The independent chip card receiving station itself. The transfer of stored data allows the exchange of data between cardholders and service providers and the exchange of data between different service providers. Moreover, reading or writing data from the transfer storage is guaranteed because the key design is like applying special keys and terminal special keys. According to the present invention, identification is performed before each transaction, and a PIN or password can be used to further increase the security protection of the chip card. Articles 21 to 30 of the scope of the patent application define a terminal (TERMINAL) for use with the chip card according to the present invention. This terminal is used to load or delete applications to perform transactions. Functions. The process of executing transactions between cardholders and service providers is defined in Articles 31 to 33 of the Declaration. Loading data into the chip card according to the present invention is defined in declarations 34 and 35 'and declaration 36 defines the entire system including the chip card and the terminal. The progress of the present invention is described below with reference to a preferred embodiment in conjunction with the accompanying drawings'. Figure 1: Block diagram of a chip card according to the present invention. Fig. 2: Schematic diagram of the entire system of the present invention. Printed by the Consumers' Cooperative of the Central Standards Bureau of the Ministry of Economic Affairs (please read the notes on the back before filling out this page) D. --- Port Figure 3: Data flow in the entire system. Figure 4: Possible applications through transaction mode Schematic diagram of classification and operation. Figure 5 ... Schematic diagram of the chip card security protection structure according to the present invention. Figure 6: Data structure of the general design type of VAS teller machine. This paper size applies the Chinese National Standard (CNS) A4 specification (210X297 mm) 491980 2497pif.doc / 〇〇2 A7 B7 V. Description of the invention (?) Same design type. Figure 8: An effective example according to the present invention , The basic structure of the data of the VAS teller machine. Figure 9: The basic structure of the DF_PT data basic structure. Figure 10: The design of the basic structure of the DF_AD data structure. Before describing the present invention, several items are defined. Below · · VAS · Value Added Services

VASK: VASK is a chip card that can participate in additional services. The VAS film contains VAS ATMs in addition to other applications such as paid applications (ie, e-wallets). VAS ATM: The VAS ATM contains data structures, path status keys, and management (additional) commands obtained by the VAS — application and VAS application functions. Printed by the Consumer Cooperatives of the Central Standards Bureau of the Ministry of Economic Affairs (Please read the notes on the back before filling out this page. 4 VAS application: The VAS application contains VAS data. The path to the VAS data is controlled by the VAS application. A VAS provider can Execute one or more VAS applications in the VAS teller machine. The use of VAS applications is defined by the application, reading and operation of VAS data. VAS applications can be in the form of internal services or interactive services. VAS provider ·· The VAS provider is responsible for the development of the VAS application program according to the basic conditions of the system operator, as well as its own decisions and afterwards to make it available to the operator through the terminal and the terminal. The VAS application program is blocked before the VAS ATM of the VAS chip card is operated. Loading. Internal service: Internal service is an exclusive management of individual VAS providers. 10 paper sizes are applicable to Chinese National Standard (CNS) A4 specifications (210X297 mm) 491980 2497pif.doc / 002 A7 B7 Employees of the Central Standards Bureau of the Ministry of Economic Affairs Printed by Consumer Cooperatives V. VAS application used in invention description (public), internal service application A closed-loop application means a transfer without thinking or performing with an external partner. Interactive services: Interactive service applications are internal service applications that use additional external links to connect with external partners. A VAS application can have Internal service or interactive service features. System operator: The system operator provides VAS providers and operators to use the VAS system. Issuer (1881 ^ 〇: Issuer issues ^ 8 cards including \ ^ 3 ATMs. Card holder: The card holder or the owner of the chip card is the person who owns and uses the chip card (referred to as VAS) to perform price-added services. The chasing individual is not necessarily the actual owner of the chip card. Service Terminal: Service terminal The machine is created by the system operator for the VAS application. At the service terminal, the cardholder can manage the VAS application (load, view, delete, and transfer the VAS application) on its VAS card. ° Transaction terminal (Dealer Terminal): The transaction terminal has a payment function and provides a VAS function. Here the cardholder uses a VAS card to pay on the one hand , On the other hand, participate in the benefits of VAS. Application Identifier (aid for short): The clear error is not longer than the name of the 16-bit application and the application program that does not know the chip card data base structure comes from the outside. AID is determined by Five-digit registered application provider certifier (WD) and no longer than ιι bit (please read the precautions on the back before filling this stomach): installed.

、 1T This paper size applies the Chinese National Standard (CNS) A4 specification (210X: W Gongchu 491980 kl B7 2497pif.doc / 002 V. Description of the invention (y) Proprietary Application Identifier Registration ) (PIX). DF: Directory file according to IS07861 EF · · Elementary file according to IS07816 Valid VAS ATM: Ability to authenticate VAS ATMs related to the outside world. KID : (Key authenticator) Includes the number of keys in the key basic file R & R: Rules and regulations P: Maximum number of design type DIPT objects. A: Maximum number of design type DF_AD objects. NrDIR: Maximum total number of objects : NrDIR = p + a L · · n rEF —TRANSFER · EF —TRANSFER The number of records. Figure 1 shows the structure of the chip card according to the present invention. In addition to static, data such as the master file MF and master file MF and (Optionally available) Wallet function DF_purse, which provides an index or a data structure or data base layer structure DF_VAS according to the present invention on the chip card. This kind of service is called VAS additional service to accommodate additional functions. Based on these additional functions that are represented in chip cards manufactured by applications that can be loaded into chip cards. Card functions and transactions that can be executed are flexible, It can be changed. The so-called VAS teller machine (DF_VAS) provided on the chip card according to the present invention allows the variability and flexibility of the function of the chip card. In addition, it also enables the application program on the chip card to be safely released from the chip card receiving station with security technology. It is independent of the chip card receiving station and allows these programs to be transferred to another chip card. 12 This paper size applies to China National Standard (CNS) A4 specifications (210X297 mm): (Read the precautions on the back before filling in this Page) Ordered by the Central Bureau of Standards of the Ministry of Economic Affairs, Consumer Cooperatives, Cooperative Policy 491980 2497pif.doc / 002 A7 _ Zhu7 V. Description of the invention (/ 〇 According to the present invention (price plus service VAS), new additional functions are learned through the microprocessor chip card These additional functions can be converted by the VAS teller machine, and the VAS teller mechanism on the microprocessor chip card becomes the receiving table to accommodate VAS application. VAS application is an individual understanding of special additional functions. When the electronic wallet is paid through the chip card (pay function) and the VAS application (additional function) is performed through separate mechanisms, however, the chip card user or the card holder In the hands of the two, both can be viewed as a single procedure. The microprocessor chip card is extended by a VAS teller machine that can accommodate multiple independent applications. It enables these applications to use delete or transfer, which can only be used by authoritative system operators. The VAS teller machine is independent of other system components on the microprocessor chip card from the viewpoint of data and security technology protection. All VASJK aircraft are self-defined or self-functional. It defines an independent security protection architecture for VAS applications to use independent security protection functions. These security architectures use special keys, which are not special manufacturers and are independent of the identification characteristics of the chip card receiving station. Printed by the Consumers' Cooperative of the Central Standards Bureau of the Ministry of Economic Affairs (please read the notes on the back before filling this page) The VAS application also uses a mechanism to obtain special keys for the terminal. With these VAS applications, the terminals and the individual data generated by them can be positively identified. In the VAS teller machine, the VAS application forms a file through the function of the VAS teller machine and uses the available data to control the relevant 4 interface points. The VAS teller machine also allows and controls the secure exchange of service data between peers. VAS ATMs actively control the authentication and uniqueness of the converted data frame. VAS ATMs and other 13 paper sizes are applicable to Chinese National Standard (CNS) A4 specifications (21 × 297 mm) ': 497pif.d〇c / 002 ΚΒ Β7 Printed by the Consumers' Cooperative of the Central Standards Bureau of the Ministry of Economic Affairs Explanation (//) An advantage when using the program chip card comparison is that this view is independent of the special chip card receiving station. It provides a security protection architecture that is independent of the receiver's special security mechanisms (for example: keys, identification data, PIN, signature program). A further advantage of the VAS ATM concept is that the number of different application programs for chip cards is not strictly restricted and preset in advance when the chip card is manufactured or issued. At present, loading application programs into chip cards can be freely chosen by chip card users and is limited only by the amount of storage capacity available on special chip cards. The number of chip card VAS applications loaded at any time depends on the actual use of the chip card. The chip card user individually assembles the VAS application on the card; this combination will need to be modified later. The VAS holder allows a multi-function card. The functions of the card can be assembled and used in different ways according to the number and nature of applications in the life cycle. It is therefore also possible to load and use a single chip card application as required for individual special chip cards in the past. VAS applications can also be converted to other cards. In this way, the VAS application can continue to be used beyond the life cycle of the card; during the life cycle of such an application, the user of the follower chip card is followed. The microprocessor chip card with additional services is a very suitable medium for the distribution and sales of services. The path of the microprocessor chip card with data protection can be used as a payment method, a billing unit and price storage. It can provide additional services and is very flexible to control compliance with customer needs after the card is issued. It also actively controls the authentication and security of participating terminals to ensure the uniqueness and correctness of the converted data. (Please read the notes on the back before filling this page)-The size of the bound paper is applicable to the Chinese National Standard (CNS) A4 (210X297 mm) 491980 A7 B7 2497pif.doc / 002 5. Description of the invention (/ 〆) Section 2 Figure ·· Shows a system block diagram. It shows the elements of the system. A system operator makes the system available. VAS applications can be loaded, deleted, and transferred on the service terminal (ST), and the VAS applications can be selected, viewed, and translated. The providers of VAS applications, so-called VAS providers, design their own VAS applications based on the basic conditions of the system operators and try their best to follow their own wishes. The corresponding terminal program can later be checked for correctness and closed with a digital signature. Figure 3: Data flow in the system. The VAS application can be used by the system operator at the terminal of the chip card user. Similarly, the VAS application of the present invention must be loaded into the VAS teller machine of the chip card after a possible action occurs. The VAS application that appears on the card at the transaction terminal (HT) is used to use or delete VAS data. In order to provide the microprocessor chip card VAS function, a chip card VAS teller machine is added in addition to the existing applications (such as payment applications like e-wallets). VAS ATMs use functions that allow entry, deletion and transfer of VAS applications. These management functions are used by external system operators and the card has security to prevent them from being used by outsiders. The VAS ATM includes a transfer data repository that can be used to perform data exchange between VAS applications. Two instructions, TRANSFER and TAKE are used to control transfer storage. Instruction ★ Move > Create a space in the transfer memory area to collect data specifically for individual applications. In addition to practical data, these spaces (please read the notes on the back before filling this page)

、 1T Printed by the Consumer Cooperatives of the Central Standards Bureau of the Ministry of Economic Affairs This paper is printed in accordance with the Chinese National Standard (CNS) A4 specification (21 × 297 mm) Printed by the Consumer Cooperatives of the Central Standards Bureau of the Ministry of Economy 491980 2497pif.d〇c / 002 A7 B7 _ V. The description of the invention (〇) also includes the date, the end date and the identification data required for the control process. Using the command `` Get '' the object will be removed from the transfer storage area and marked as removed. Objects are marked as valid or invalid according to a special application. The transferred data is reviewed for correctness and uniqueness by a VAS teller machine. The VAS application uses the VAS application to make the application available and controlled. The path to obtain VAS data is controlled by the VAS application using a mechanism applicable to all applications in the VAS teller machine. A VAS provider operates one or more VAS applications in a VAS teller machine. The use of VAS applications is defined by the entry, reading and processing of VAS data. VAS teller machines have interactive services. Interactive services require paths to obtain general data, transfer service requirements, and send services between different partners. The following list of possible services and applications for chip cards according to the invention with reference to several examples. Each example describes its function and further understanding based on current know-how. Future functionality can be mimicked by one or more applications. First look at "internal services": Example A: Customer club A department store runs a customer club. The customer becomes a club member and meets this status to accept special, club services that are not available to non-members. Club members now verify their identity in the club environment with a club employee file. Club employee documents are prepared upon joining and are non-transferable and subject to restrictions as required. Club membership cards are not eligible for special parent transactions, that is, they do not pick up customer transactions. Therefore, the club membership card is separate from the bonus program that exists in the identity and transaction amount. This paper size applies the Chinese National Standard (CNS) Α4 specification (2l〇 ^ 7 ^ i7 (please read the precautions on the back before filling this page). 491980 2497pif.doc / 002 A7 B7 V. Description of the invention (// ) Mingbi · Wholesaler membership card, _member card, book membership card. Purpose · The members of the ministry can print an application in a VAS teller machine to print an example of the employee ’s consumer cooperative of the Central Standards Bureau of the Ministry of Economics. Example B: Bonus system. Dividend claim. This bonus will accumulate and can be exchanged for monetary profit at any time when the customer decides. Dividend right is valid for a certain period and can be used anonymously or generically. Dividend right increases with the transaction amount or frequency of use. Contrast: Miles & Moore's point-to-point identity. Purpose: Point calculations are managed by an application in a VAS teller machine. Example C: Discount customers receive a scheduled transaction discount. This discount is available for each transaction. The chip does not manage the history of the transaction, and each transaction is conducted independently. Purpose: The discount is granted by the VAS application. Example D: Recognition Document function I can prove to the third party the prerequisite service granted to him by the nature of the chip. This person's connection with the authentication document must be determined in each transaction [picture, personal identification number PIN, biometrics]. The identity of the authentication document is used as a security protection feature. Comparison: Internet path, home banking path, phone card. Purpose: The correctness is proved by the VAS application. Example E: Price unit. Price unit is purchased or consumed for single or multiple purposes. 17 papers per transaction are applicable to China National Standard (CNS) A4 specifications (2 丨 〇 < 297 mm) (#. Please read the precautions on the back before filling this page) One pack ·,? Τ Economy Printed by the Consumer Standards Cooperative of the Ministry of Standards of the People's Republic of China 491980 24 97pif .doc / 0 02 A7 ____ B7_ V. Description of the invention () This price will be reduced by one or more units, the user is transferable, and there are restrictions on use. Contrast: one-way travel ticket, one-way travel ticket, donor concert ticket, rubber ball + point ticket, movie ticket, telephone unit. The transaction is reasonably arranged by the VAS application. Example F: Send by the user. The use of the service is recorded in time, frequency and quantity and provided according to the price list. The service cannot be known before it is requested. Comparing: meal coupons, short-term stop bills. Purpose : The VAS application allows the service to be provided according to the price list. The data sent for each special case will be stored in the VAS ATM. Example G: Data recording (mobile data base) This application allows data to be transferred by the cardholder to the VAS Therefore, the transaction can be carried out automatically. At present, it must still be carried out manually, and no spare money can be transferred from these data. Comparison: Complete swimming ticket, shopping list, cash receipt, telephone registration. Purpose · A VAS provider can obtain data from chip cards, and therefore can directly provide the required services (for example: providing telephone connections' links to purchases, sales, electronic composition and records of swimming tickets). The data can be stored on the chip card in the short or long term. Here are some examples of "interactive services". When multiple VAS provide participation services, interactive services are generated. This has been linked to data leaving a VAS-provided environment. It is now done with paper records. 18 This paper size applies the Chinese National Standard (CNS) A4 specification (21〇 > < 297 mm) ~ (Read the precautions on the back before filling out this page}: Bookmark the 'Staff Consumer Cooperative of the Central Standards Bureau of the Ministry of Economic Affairs Printing 491980 2497pif.doc / 002 A7 B7 V. Description of Invention (/) Example A: Travel fare refund A department store refunds a travel ticket from a customer to a department store using public transportation. The customer must give the department store a one-way travel ticket. The department store records that the ticket has been refunded. It is possible that the department store took turns losing money from the public to the customer. Purpose: The refund process is performed electronically. Example B: Travel voucher department store when the invoice purchase price is the return journey The customer's money is refunded. The customer receives (from) a ticket for public transportation at the ticketing company or pays less than the fare. The transportation business sends a voucher to the department store. Purpose: To imitate the VAS application on trade and public transportation Electronic billing mechanism between businesses Example C: Customer parking When a special parking garage is used, the department store refunds the customer's parking The parking garage is operated by an independent business and each customer can receive money to pay from the department store. Purpose: To imitate the VAS application regarding the electronic billing mechanism between trade and parking garages. Example D: Multilateral bonus program for a group of trading businesses and services The provider agrees to the joint bonus program. Purpose: Each partner can inflate or credit the debit column with a bonus point method other than the general chip card billing method. Service billing between partners is performed using this system. Example E: Service Provider Recognition of bonus points 19 This paper size is applicable to Chinese National Standard (CNS) A4 (210X297 mm) (） Please read the notes on the back before filling this page), τ 491980 2497pif.doc / 002 A7 B7 Central Standard of the Ministry of Economic Affairs Printed by the Bureau ’s Consumer Cooperatives. 5. Description of the Invention (/ 7) Each service provider operates its own bonus program but collects the bonus points with other consent groups. Known examples are the identification of car rental and shipping mileage collection. Purpose: Support the transfer of bonus points to chip cards. Each VAS provider collects his own points at the beginning, unlike others There is interference. Some mechanisms can be transferred. Example F: Evening taxis can purchase taxi tickets of public transportation companies at the same time (for example, after 10 pm). For accounting purposes, the taxi business must ensure that the tickets are provided. Indicate the use of a taxi to avoid abuse. Purpose: The VAS application allows the use, control, and billing of this service. According to the present invention, the structure of the chip card is further described: More specifically, the microprocessor chip card with VAS function contains VAS ATM: The VAS ATM independently constructs an application and exists alone or in parallel with other applications on the base chip card receiving desk. The VAS teller machine is completely self-defined and has its own functions. It can be operated without paying functions. In particular, the VAS teller machine defines an independent security protection structure. The VAS application can use independent security protection functions. Part of the price / additional services are performed by customers at the VAS provider's terminal. The VAS provider intentionally monitors these transactions for system control purposes or collects statistical or other data. In order to unify the data structure on the chip card and optimize it, the special identification of the application program does not recommend using 20 (read first Note on the back, please fill in this page again) This paper size is applicable to China National Standards (CNs) M specifications (210X297 mm) 491980 4 9 7p if. Doc / 0 0 2 A7 B7 5. Description of the invention (β), and it is recommended to use the functions provided above to reduce the burden of managing self-numbering systems. The security protection architecture of the VAS teller machine uses this system's broad and clear identity card to get special keys for chip cards. In principle, chip card-specific numbers can be used but it is best not to use conflicting counting systems in some cases when VAS tellers are executed at different reception desks. The VAS ATM ID is provided by the system author and entered by the chip card issuer when making the VAS ATM. When the VAS teller machine is deleted, it will be removed from the system following the destruction. If the VAS application is not included and the VAS ATM ID is removed, the VAS ATM is considered deleted. During the entire transfer process of the VAS ATM from the old to the new chip card, the VAS ATM ID and the VAS application are transferred together. This transfer corresponds to the release of the VAS teller machine from the old one to the new chip card. The old chip card no longer contains the VAS teller machine. The original VAS ATM on the new chip card was overwritten during operation and was deleted. Since the VAS accommodates the ID card holder from the old to the new chip card, the VAS provider basic system does not need to switch reference numbers. Individual VAS applications can be transferred between two different vas teller machines under the control of the current vas provider. During the process, the association between the vas teller machine ID and the VAS application will change and will be recorded in the VAS provider basic system in. VAS ATMs do not contain personal qualities. VAS applications may contain personalised data, but for data protection reasons and increased memory usage, try to keep the smallest amount of personalised data. VAS application If the paper size is required, the Chinese national standard (CNS) A4 specification (210X297 mm) is applied (read the precautions on the back before filling in this page)-installed, 11 491980 2497pif.d〇c / 〇〇2 A7 ____ B7 Printed by the Consumer Cooperatives of the Central Standards Bureau of the Ministry of Economic Affairs 5. Description of the invention (7) Personal data must be stored in the basic system and contact with the chip card must be generated using the VAS ATM ID. Providing interactive services constitutes an important VAS ATM The characteristics of the interactive service fit are to obtain general data, the transfer of service requirements and the path of accounting for different partner services. The VAS teller machine must be able to do so but to ensure that the applications in the internal service are secure. The so-called internal service VAS application It is a wooden application under the external control of a VAS provider. The VAS provider defines the security of the application and is independent of external things. Without the key to open the outside, VAS data cannot be modified. In order to effectively perform interactive services, the companion must Able to get general data, through multi-step (mul t iple-s tep) security protection machine The system can understand the link access to obtain data (joint access). The first step of the link path is through the public transfer fields (publ ict rans fer field). VAS providers can use these fields without the need for keys and do not know each other's applications Exchange data. The terminal only needs the appropriate keys to enter data into the transfer range, but it ca n’t read it. Anyone can read it unlimitedly. If both have input keys available, VAS providers and companions Data can be exchanged in both directions. The transfer data can be generated by the VAS provider's internal service VAS application or, in contrast, the VAS provider can send data from the transfer area to his internal service VAS application. The second step is to cancel The price unit represented by the VAS data. The VAS provider introduces the price unit to the VAS data through a special key for inputting data. The price unit can be consumed by partners who interact with the service. They have 22 paper standards that are applicable to Chinese national standards (CNS ) A4 size (210X297mm) (Please read the notes on the back before filling out this page)! 0, fill in the items again. · Order 491980 24 97pif.doc / 0 〇2 A7 B7 Printed by the Consumer Cooperatives of the Central Standards Bureau of the Ministry of Economic Affairs. 5. Description of the invention (>) The VAS provider responsible for the unit as a key for unit elimination. At this stage 'Partners have mutually different rights to interact with private VAS data. The third step is the path for direct data to be entered into VAS data by all participating services. This method requires an appropriate level of trust between partners because VAS Data can be modified without restrictions. The transfer scope acts as a link between VAS applications. The transfer range data is generated by the VAS application in the VAS teller machine. If the person doing this does not use his own VAS application, the data can also be entered directly into the transfer range. In principle, the transfer range can be used for all applications, but only those who grant the key can enter, and only the recipients who have been granted rights according to the rule, namely the rule R & R, can remove data from the transfer range. The recipient checks the transfer data sent to him and retrieves the data in his own system. In order to avoid operating transfer data in mass exchange, producers introduce a certification feature and VAS teller machines introduce a serial number. The uniqueness of the forwarding report is ensured by these elements as well as the original appearance of the data. When necessary, the producer provides the recipient of the transferred data and performs a correctness check. If the data is not needed, it will be counted accurately. At that time, correct characteristics were checked only when accounting was required in the basic system that produced the VAS provider. There is only one chance for data to be retrieved from the transfer range without losing accuracy. The data is marked at the time of extraction and retained in the transfer range as a vice. This ensures the correctness of the transfer procedure even if the data is removed for a period of time. 23 (Please read the notes on the back before filling this page)% ·

、 1T This paper size applies the Chinese National Standard (CNS) A4 specification (210X297 mm). Printed bags for employees' cooperatives of the Central Standards Bureau of the Ministry of Economic Affairs 491980 2497pif.doc / 002 A7 B7_ 5. Description of the invention (> 0 The data has an expiration date. The number is terminated. The data in the transfer range is marked when it is taken out and will not be replaced immediately. However, if the transfer storage area is completely full at the end of a set of transfer data, it will be durable. The user must delete the content that is no longer needed on the service terminal. Define three operations for the VAS application model. These operations operate on the VAS data. Loading and deleting applications is a function of the VAS teller machine, the article below Not considered. Shopping: Generally, the service is given for purchase and the certification is established in the VAS data of the VAS application. Cancellation: Generally refers to the behavior of the VAS data grant service that does not use the application completely or partially. This procedure generates an electronic receipt that is stored in the transfer area. This receipt counts for an appropriate expiration date, at which time Delete it in the storage area. Take out: Generally refers to the receipt of electronic receipts from the transfer area for further procedures (such as the basic system). Keep a copy of the receipt and use it as proof of cancellation. The "access" of VAS data is only through individual VAS provider. "Cancellation" of VAS data will only occur if the VAS provider generated the service by using an interactive service partner authenticated by shopping or VAS provider. "Fetch" can also be performed by any other VAS provider. An interaction There is no equal right for the service to enter VAS data and it will cause the partner to "exit out" identity transfer. The electronic receipt thus discovered will be recorded by the system operator and the VAS provider's system. "Shopping" and "Cancel" can occur in a single step . 24 This paper size applies the Chinese National Standard (CNS) A4 specification (210X297 mm) " '(Please read the precautions on the back before filling out this page)-binding 491980 2497pif.d〇c / 0〇. A7 B7 Printed by the Consumer Cooperatives of the Central Standards Bureau of the Ministry of Economic Affairs 5. Description of the invention (") VAS applications with the same characteristics can be divided into several These categories form the basis of the data structure in the VAS teller machine. VAS provides a choice of application categories when executing applications. The following categories of applications are defined in this article: • Points database • Tickets • Identification documents • Vouchers • Databases The credits database refers to an application category that uses credits and credits for billing. By entering or withdrawing credits, credits can be recorded and deleted. The credits are registered through the VAS provider, so the database enters a new accounting balance. "Cancel, the operation of the electronic receipt exists in the transfer storage area as proof of price debit registration. Access to these two functions is accomplished by two different path keys. A "ticket" represents an application category where the presence market can be cancelled and disappeared one or more times. Price billing in the application category, "tickets" can only be executed once. The identification file represents an application category for the certificate of receipt of VAS data. Proofs are usually cancelled without being used. However, after a predetermined standard, for example, after a period of time, it becomes ineffective. According to the definition of the application, depending on the design of the application to identify the correctness of the document or the act of issuing the document will be documented, for example: a group taxi journey using a monthly pass: an electronic receipt generated by a chip card. The receipt is submitted to the public transportation company by the taxi industry and the 25 paper sizes are applicable to the Chinese National Standard (CNS) A4 specification (210X297 mm) ~ Seoul (please read the precautions on the back before filling this page):

1T 491980 A7 B7 2497pif.doc / 002 V. Description of the invention). The identification file is optionally documented via an electronic receipt in the transfer storage area of the chip card. A certificate represents an application category used to place service offerings in the chip card's temporary storage area. These electronic vouchers are additionally stored in the transfer storage area of the VAS ATM. An application that uses a certificate must not be the same as a production application. The voucher is removed from the transfer storage area and used only once and is documented by the chip card. The correctness trait that can be generated by the VAS teller in the memory of the basic system. Data memory (Data memory) represents that VAS providers store data on VAS teller machines to provide additional services to customers (for example: the latest menu of fast food restaurants, the latest numbers of backup numbers, service trends, and suggestion columns). These data are only used for information. VAS providers must not request any services. The path to the data is controlled by the VAS provider. Each application category has the characteristics of a traditional usage cycle. The table below shows the frequency of the three operations defined above for the VAS data of the application category (please note that "shopping, 'does not mean" loading the application, And "remove, do not show" delete the application.) (Please read the precautions on the back before filling in this page); install, and order printed by the Central Consumers Bureau of the Ministry of Economic Affairs, Consumer Cooperatives 26 This paper size applies to Chinese national standards (CNS) A4 specification (21 × 297 mm) 491980 kl V. Description of the invention (W) _ "__1 Table 1. Use _ period 2497pif.doc / 002 points 4 ticket ID voucher data memory database purchase plural singular singular singular Plural *** Cancel plural, plural, singular, do not take out plural, plural, singular, and *** do not require usage rights in the application category "data memory", the application only puts data into the application. Figure 4 does not show the application categories and operations via transaction models. According to the present invention, the security architecture of the chip card will be discussed in one step. In order to ensure security, the keys below are defined. ^ (Read the precautions on the back before filling out this page) Printed Names and Locations Table of Employees' Cooperatives of the Central Standards Bureau of the Ministry of Economic Affairs 2. Key Table --__— Owner -------- Describe Kso VAS ATM system Operator manages the keys of VAS teller machine KaUT VAS teller machine keys Operator authentication key of VAS teller machine KsiGVASC VAS teller machine key that translates parent easy data into password KGKoec VAS teller machine operator receives key of KGKDED PIX ____ KlVASP VAS application Key for program VAS provider to write VAS data KrvaSP VAS Application key for VAS provider to read VAS data KGKDECi PIX VAS provider VAS provider to obtain KDEC key ^ DEC Trading terminal VAS provider key to authenticate trading terminal 27 This paper size applies to Chinese National Standard (CNS) A4 (210X 297 mm) Printed by the Consumer Cooperative of the Central Standards Bureau of the Ministry of Economic Affairs 491980 2497pif.doc / 002 A7 B7 V. Description of the invention (The security architecture is based on a VAS teller machine or VAS The life cycle of the program is based on and is managed hierarchically according to the responsibilities of participating instances. From Figure 5, it is obvious that The following explains the structure of the VAS teller machine and the applications used. The VAS teller machine and the special supplementary instructions of the VAS are either linked by the publisher to other non-VAS applications and used on the chip card, or put in by the authorized VAS provider at the latest. The current chip card receiving station on the service terminal. Below is the second possible mechanism: the system operator agrees with the issuer on a temporary key KSQ *. The issuer opens the chip card with a key only known to him, and establishes the VAS teller machine. File and specifically write KSQ * into DF_VAS. The system operator later (for example, the chip card first contacts the service terminal) replaces the key KSQ * with the key KSQ that only he knows. The system operator can now enter further data For example, KGKDEC or he may generate or delete VAS application files when receiving desks with dynamic memory management. This ensures that after the first use of the VAS card, the issuer can no longer access the VAS teller machine and only the system operator can In. Because of the lack of any data structure and data exchange with other applications, VAS tellers The security architecture is thus independent of other applications appearing on the chip card receiving desk. In a special embodiment used in the present invention is called the first possibility: The publisher must have the instructions of the system operator to enable the VAS teller machine to include VAS All keys on the chip card. The VAS teller machine consists of a preset data structure, predetermined path conditions (Acs) and some general (global) data. The general data includes 28 paper sizes which are applicable to Chinese National Standards (CNS), Ba Na (21〇 × 297). 1: (Please read the precautions on the back before filling out this page)-Binding · Order 491980 2497pif .doc / 002 A7 B7 The policy of employee consumer cooperatives of the Central Standards Bureau of the Ministry of Economic Affairs. 5. Description of invention (W) The key ksq for entering or deleting applications. Using this key, which is known only to the system operator, ensures that only allowed VAS applications can be loaded. Therefore, the chip card requires external verification of the KSQ by the system operator. As long as the cardholder wants to load the VAS application on the kiosk, the available VAS provider will instruct the system to operate in accordance with the order. When the VAS application is loaded into the VAS teller machine, the VAS provider keys KuASP and KRVASP are transferred to the system operator and these keys are then put into the hands of the system operator of the application. The key KRVASP allows VAS providers to protect application data from being written and internal data cannot be read. Therefore, the chip card needs external verification based on KLVASP by the VAS provider, that is, the chip card actively checks the correctness of the terminal. After successfully performing this function, the terminal is allowed to write to the VAS application and can also read the internal VAS data in the application. An internal verification can optionally occur by checking the correctness of the VAS application (and chip card) via the transaction terminal. When the VAS application is used by the cardholder, these internal VAS data can be written to the application or modified on a selective terminal that has access to the K ^ ASP key path. The "Buy" function can therefore be achieved by the UPDATE RECORD instruction. It must be performed using the KtVASP key for external verification. Only if before by KRVASPS Ks. Or the correct path of the PIN or the password of the system operator for external verification is allowed to read all non-internal data of the VAS application. Provide PIN / Password protection path to allow cardholders to observe the data on the terminal or wallet. Cardholders can selectively generate or remove PIN / password protection for reading price or identity data on the service terminal. 29 (Please read the notes on the back before filling this page)-installed.

, TT This paper size applies to Chinese National Standard (CNS) A4 (210X297 mm) Printed by the Consumer Cooperatives of the Central Standards Bureau of the Ministry of Economic Affairs 491980 2497pif.doc / 002 A7 _ B7 V. Description of the invention (>;;) VAS teller machine The general data and key KSIG_VASC: Off for annotating data obtained from the transition range. By note, the integrity of these transaction data can be checked as long as they must be safely transferred to avoid interactions between mutual billing interactions between service partners. In addition to the selective introduction of annotations by interactive service partners, KSIC_VASC-based annotations and transaction registers managed by VAS tellers are added to the data set issued by the chip card by the "remove" operation. Because on the one hand, the reading of the transfer range can be done by anyone, but in some aspects the chip card's note on KSIG_VASC is only generated when a “remove” operation is required (and it can only happen once). Any double voucher accounting that would not be allowed is visible. Each interactive service partner can have the system operator agree on the correctness of the withdrawal ticket. In addition, the correctness of the VAS teller machine can be proved by checking the notes by the system operator. When the chip card receiving station uses an asymmetric key program, KSIG_VASC can also be used as a private (secret) key in the chip card to annotate or obtain such a key from a private key production key. VAS providers can use their own public keys in this case to check the annotations for themselves without infringing other operators. Part of the data of the VAS teller machine is generated by the general key KGKdec; it has the ability to generate the path key KDEC for all terminals of all VAS providers to testify the "cancel" operation. (The acquisition and verification of subject keys will be further processed below). The cancellation of monetary value data does not follow the same security metrics as when loading or purchasing usage rights. Therefore, it is sufficient to use a general key instead of a special key that is used only for the application. This general key was initially converted into an application key and later re-converted into a terminal key. VAS Provider 30 This paper size is applicable to Chinese National Standard (CNS) A4 specification (210X297 mm) 'One-pack-(Please read the precautions on the back before filling this page)

1T 噃 491980 Printed by the Consumer Cooperatives of the Central Standards Bureau of the Ministry of Economic Affairs 2497pif.doc / 002 A7 B7 V. Description of the Invention (>) Only the general keys are applied to generate special terminal keys. This is briefly described below: Let us use rnac (k, d) to represent the calculation of the message d and the DES key K by DES. As long as the message is not eight bits long, this corresponds to such a compilation (default ICV = 0). We use the macp (k, d) table mac (k, d) to calculate the adaptation of the paired Wuzi series. As a result, k '= macp (k, d) becomes a valid DES key again. The calculation of the special terminal keys of the application program is performed as follows: 1. Each chip card stores one key of KGKDEC, which is equal to all chip cards and kept confidential by the system operator. The system operator personally places the key in the chip card. All other VAS applications and terminal keys can be derived from this key. 2 · VAS provider wants to introduce VAS application A so that AIDa = RIDvas, PIXA. The system operator calculates KGK DEC PIX = macp (KGKDEC, PIXA) from the key KGKDEC and the application Jute key PIX and gives this key to the VAS provider. 3. This VAS provider uses their terminal identity for all terminal's KGKDEC, PIX derives their special keys and the "transfer" instruction is assumed to be used in VAS application A · KDEC two macp (KGKDEC, PIx, terminal identity) = macp (macp (KGKDEC :, PIXA), terminal identity) The VAS provider stores these keys on his terminal stack. When the VAS provider does not use the terminal himself, he generates keys and assigns them to the terminal. The paper size is applicable to the Chinese national standard (CNS> A4 specification (210X297mmt)) (Please read the precautions on the back before filling this page. ): Binding and printing printed by the Consumer Cooperatives of the Central Standards Bureau of the Ministry of Economic Affairs 491980 2497pif.doc / 002 A7 _____B7_ _ V. Operators of the invention description (> 7) 4. If the instruction includes a group of special information Data "data" and password C, the VAS card only executes the "transfer" instruction. The chip card identity recognizes KGPEC and in addition the user data is obtained by the terminal "data" and password C terminal identity and PIX (or the chip card itself knows PIX, also You can see the description of the "Transfer" instruction). The chip card can now calculate the password C 'from user data: mac (macp (macp (KGKDEC, PIX), terminal identity), data) = mac (macp (KGKDE ( :, PIX, terminal identity), data) = mac (KDEC, data) = C 'Now the chip card compares the password C' calculated by itself with the password C obtained by the terminal. If the two are different, it will Stop the transaction and display an error message. When the two are similar, the VAS card will execute the "transfer" instruction. Various security measures have different service terminals or trader terminal structures (individual for loading or purchasing) And a simple trader terminal structure (for cancellation). In order to perform a "cancel" operation, the terminal must know whether KDEC has verified that it is correct with the chip card. If that key KDEC is violated, the invader can perform the function of a single terminal. However, this program will be recorded in the chip card. The file format includes a clear serial number cancellation bar and terminal identity. The VAS application uses the security service of the VAS teller machine to regularize the access to the VAS data channel. The implementation of VAS special functions is limited to channel use The authorized scope as defined. Generally speaking, every VAS application should be accessible to the public. This paper size is applicable to the Chinese National Standard (CNS) A4 specification (210X297 mm) (Please read the precautions on the back before filling out (This page) Binding · Order 491980 A7 B7 2497pif.doc / 002 V. Description of the invention (>) Enter Data area (eg, read through a wallet) and the private data area of the responsible VAS provider, the latter can be protected from access by a third party (such as internal management data). If considered, it is provided according to IS07816-4 chip card Differentiating paths to protect individual Basic Archive Records (EF) must use multiple files, each containing one record, showing browsing to different VAS applications. Ϋϋ tfrlai m mat ιϋϋ mu —ϋ ϋιϋ mi a- ^ m emMi§ ma— 1 · —— ^ mi · · 1111 > In m nil— (Just read the notes on the back before filling in this page) Printed by the Staff Consumer Cooperatives of the Central Bureau of Standards of the Ministry of Economics 33 This paper size applies to China National Standard (CNS) A4 (210X297 mm) 491980 2497pif.doc / 002 A7 B7 V. Description of the invention) Table 3 · Archive summary file contents Traditional use access protection basic files _ Keys include keys K_P, KRVASP only known to VAS providers' (Note : For each VAS application and each chip card, the VAS provider provides a single key. The VAS provider is allowed to write VAS data into EFJNFO, EF_INTERNAL and EF_VALUE, and Before being allowed to read data from EF_INTERNAL, KlVASP must be used to verify its own terminal. Before being allowed to read VAS data from EF_INF0, EFJVALUE, it must be verified by KRVASP. (#Please read the notes on the back 1 · Items, then fill and install—: (Write this page) Order basic file_Information via VAS application Non-internal information Bill information Dividend program information Identification document information Parking ticket Information Ministry of the Central Standards Bureau of the Ministry of Economy Staff Consumer Cooperatives Print basic files_Internal VAS application Internal data Internal calculator Use the extra keys to describe the account and tax information: • Bonus program • Discount rule ___ 4 3 The content of these data units can only be written by the VAS provider (known as LVASP for external authentication), and it is only possible to have access to KRVASP in the terminal. Or Kso reads or if the cardholder enters the correct PIN (PIN is protected by the cardholder) These data unit contents are written and read only by the VAS provider 'Basically used by hVASp's knowledge as an outside door home country Measure one size * paper | centimeter 7 9 2 491980 2497pif.doc / 002 Λ1 B7 V. Description of the invention (W) • Hidden identity nature • Password to protect channel security Basic file VAS application The price list chases a data unit that includes only a VAS provider that can write a case_ Price 値 元 A VAS provider application writes these data from the outside (by the price of the formula 値. The understanding of kVASP is externally recognized. • Account description is authorized. • Authorized by VAS provider. • Surplus price: Public transportation partners can use the ticket “cancel” order to reduce the price internally. • Credit card (canceled by KDEC. (Signature method) Read about ef ^ info (Please read the notes on the back 1 · • Fill in the items and then fill in:: write this page) Order printed by the Staff Consumer Cooperative of the Central Standards Bureau of the Ministry of Economic Affairs The point storage transfer identification file and the data jitter memory can be distinguished for path protection by dividing the VAS data into four basic files (as shown in Figure 6). The four basic files contain assets or are protected by them. This basic file structure supports the same differentiated rights for all application categories.

Remember that the application category is now integrated in a single design category. It will record the number and size of basic files. Because of the different space requirements for the application, the wasted storage capacity can be minimized. The application category points are stored. The district call ticket needs the same resources EF-KEY, ef JNF0, EF_INTERNAL, EF_VALUE, so a design f class "DFjrr," is entered. Identify the file and data memory of the application category 'basic project EF_KEY 35 This paper size applies Chinese National Standard (CNS) A4 specification (210X297 mm) ------- 491980 2497pif.doc / 002 A7 B7 Printed by the Consumer Cooperative of the Central Standards Bureau of the Ministry of Economic Affairs And EF_INFO are enough, so the design category EF_PT is considered. Considering the number, there are P design category EF_PT objects and a design category EF_AD in the VAS application of the application category point storage area and bill . Individual identification files and data storage can be loaded. In particular, the application category certificate should provide a public read path for all VAS participants for linking data exchange. We use The design category is used to transfer the range. The writing path may be reached indirectly by the use of the "transfer" instruction to preset the correct KDEC mark. This design category consists of an item of the basic file EFJTRANSFER belonging to the general data of the VAS teller machine. Objects in this category Recorded in the file. We also consider this design type as EF_TRANSFER. The design types shown in Figure 7 are stored in the VAS ATM. These design types form the storage mode of the VAS ATM. The storage mode can be obtained in two ways. The characteristics depend on the characteristics Chip card receiving station. Fixed division of storage area in VAS teller machine: For the implementation of DF_PT and DF_AD, the maximum number of objects p or a is fixed by the issuer and is sent to the chip card by the issuer's "CREATE FILE" instruction . Objects are individually labeled as DFJT and DF_AD. VAS applications can then be loaded into free objects, ie not used by other VAS applications B. To load or delete applications, only the "Update Record" (UPDATE RECORD) instruction is required. Therefore, the publisher fixes the number of possible objects of two design types according to his own needs. However, these may be different from those of the actual card holder. VAS user form, finely divided and retained throughout the life cycle of the chip card. VAS application process 36 This paper size applies Chinese National Standard (CNS) A4 specifications (21〇 > < 297mm) Note for this page, please fill in this page) Order 491980 2 4 9 7p i f. Doc / 〇〇2 ΑΊ B7 Economy, then printed by the Consumer Standards Cooperative of the Central Bureau of Standards 5. The invention description (w) is loaded into a suitable design category. Therefore, for example, a VAS application representative identifies the document. If no design type DFJU is available, the object can also be contained in the design type EFJP object. The VAS application is assigned to an object by inputting the PIX of the VAS application. The three items of the FID of the input object and the name of the application are entered into the general data base EF-DIR of the VAS teller machine. The removal of the application corresponds to these three 'Remove from EF-DIR' and follow the application's memory destructive reading (indicated by "Update Record"). This modification to the chip card receiving station does not dynamically generate or delete the DF / EF structure. The dynamic concatenation of design objects of each VAS application to be loaded must use the "create file" command to construct a file to emphasize the importance of the design type. When a VAS application is deleted, the EDFJEF it occupies is completely removed from the wafer table, so The storage space is empty. The maximum number of design types of objects is not determined by the publisher here. It only depends on the available storage capacity. Such a modification assumes a dynamic data base management by the chip card operating system in advance. In the following example, we will start with the first modification, because the second one has higher requirements for the usable chip card receiving station. However, if dynamic memory management is available and ensure more storage than the management price Capacity can be saved by the dynamic construction of objects, and current ideas can promote and provide cardholders with more flexibility. Data structure and instructions, so that the function of the VAS teller machine and the VAS customer card can be compared with other system elements. Further, this paper size applies the Chinese National Standard (CNS) A4 specification (210X297 mm) (please read the back first) Please pay attention to this page and fill in this page) Factory-installed, 1T 491980 2 4 9 7 pif. Doc / 0 0 2 A7 _______B7 V. Description of the invention (now () For the traditional commercial description of the individual reaction between the VAS teller and the terminal Perform VAS operations under the circumstances. The following are the prerequisites for implementation: • Ignore the receiving station and provide the same data and order price for the transaction terminal for each chip card. The instructions required to do so are described clearly when they are coded. • The service terminal can understand the chip card receiving station, and achieve the function by the special instruction of the receiving station. Accordingly, these transactions were formally written down. The way to provide such functionality is reserved for chip card makers. Figure 7 depicts various VAS teller machine designs. Figure 8 shows the data structure in the VAS teller machine. Figure 9 shows the data structure of the design type DF__PT. Figure 10 shows the data structure of the execution class DFJVD. Access to the files in the VAS teller machine is restricted by the following access conditions (AC): (Please read the precautions on the back before filling out this tribute)

1.1 Printed by the Consumer Cooperatives of the Central Standards Bureau of the Ministry of Economic Affairs 8 3 This paper size applies to the Chinese National Standard (CNS) A4 specification (210 × 297 mm) 491980 2497pif.doc / 002 A7 B7 V. Description of the invention (today B) Table 4. Access condition database Admin read access write access DF-VAS Ks〇NEV NEV EF-ID Kso ALW Kso EF-DIR Ks〇ALW Ks〇Global key Kso NEV Ks〇PIN Kso NEV Kso EF-VERSION Kso ALW Kso EF-SEQ Ks〇ALW Kso EF_TRANSFER Ks〇ALW Kso DF-X (X = PTl9 ... PTD, ..ADi, ... ADa) Kso NEV NEV EF-KEY Kso NEV Kso EF_INF〇Ks〇PIN or KRVASP Or Kso Klvasp EF_INTERNAL Kso Klvasp Klvasp EF_VALUE Kso PIN or KRVASP or Kso i Klvasp Printed by the Consumer Cooperatives of the Central Standards Bureau of the Ministry of Economic Affairs (please read the notes on the back before filling this page) AC has the following meaning in the article: • ALW (Always) = The path to the data base is always allowed. 39 This paper size applies the Chinese National Standard (CNS) A4 specification (210X297 mm) 491980 2497pif · doc / 002 A7 B7 Printed by the Consumer Cooperatives of the Central Standards Bureau of the Ministry of Economic Affairs 5. Description of invention (") • NEV (never ) = Instruction to the data base is never allowed. KSQ = The key operator KsQ must be used as the external operator's external authentication before passing the path. • Klvasp = The key klvasp must be used as the outside of the VAS provider before passing the path. Authentication. • KRVASp = The external authentication of the VAS provider must be performed by the key klvasp before passing the path. • PIN = The cardholder must enter the correct piN before passing the path and send it to the chip card with the command VERIFY. • PIN or KRVASPS KS (): r The cardholder can enter the correct PIN before passing the path, or external authentication using Krvasp by the VAS provider or external authentication using Kso by the system operator. In the article, pay special attention to the above means "or, the connection path selection The rights are not provided in the chip card operating system according to regulations. The party using it must involve a special performance price (or: a special read instruction with a fixed safety quality). The data fields in the base file record are distinguished according to the following formats: Information exchange standard (ASCII), binary, binary-coded decimal (BCD), date, format string. The data elements in the format string include packaged VAS data that can be viewed by the cardholder on the terminal. The best data storage uses clear text and a combination of binary data to become displayable through formatted macro instructions. The basic files (EF) of all VAS ATMs are defined as linear format EF 40 with fixed length records according to IS07816-4. This paper size is applicable to Guanjia County (CNS) A4 specifications (210 > < 297). C Read the notes on the reverse side and fill out this page)-Binding-Order a line 491980 A7 B7 497pif .doc / 〇〇2 V. Description of invention (w) Database. The basic file EF_IS of DF_VAS consists of an identity record containing a VAS teller machine. The basic file EF_DIR of DF_VAS consists of nrDIR records. For each VAS application loaded into a VAS teller machine, its ownership identification extension (PIX) and physical storage base (application loaded into DFJ (FID) are fixed in a record of EFJ) IR. PIX is like a cryptographic digital authentication application and the service provider assigned by the application. The EF_DIR entry is dynamically built on the service terminal of the system operator. The record without entry date is constructed with an empty TLV object '61'. When loading a VAS application, it is necessary to find a free storage area of appropriate design type, input some VAS data, and finally generate a new record in EF_DIR. When deleting an application, an empty TLV object must therefore be written to EFJIR. The DF__VAS basic file EF_VERSION consists of a record containing the version number of the VAS teller. The version number can be used by the terminal to distinguish between different VAS teller machine corrections and / or different software versions. The basic file EFjEQ of DF_VAS is recorded by one containing the number of the next transfer range item. The serial number is read by the auxiliary 'Move' instruction. This instruction generates a record in the branch range EFJTRANSFER. In particular, the sequence number from EF__SEQ will be forwarded to k records. Together with the "Remove" instruction to ensure that each record from the transfer range is retrieved only once and recorded with a serial number note, it can ensure that the original certificate or receipt is only applicable to the Chinese National Standard (CNS) A4 specification (210X297 mm) on this paper size ) -----:-,-Private clothing ------ Order ----- ^ line Γ Please read the precautions on the back before filling out this page} Production 491980 2497pif.doc / 002 A7 B7 Printed by the Consumer Cooperatives of the Central Standards Bureau of the Ministry of Economic Affairs 5. Description of Invention (Outside). Take out once. Next, we deal with transfer storage in more detail. The transfer storage area is constructed in the VAS ATM and includes records. The items recorded in these archives include branch data generated by the 'transfer' instruction. The data exchanged between VAS applications is the same as the VAS data storage type of "Certificate". The transfer memory area can be read without restriction, however the write path can only be executed by the VAS special 'Move' and 'Fetch' instructions. The data loaded by the 'transfer' instruction is 'latest used' and the algorithm is performed on the chip card. The oldest record in the data base can be determined by looking for the lowest two bits of the record. When the data field has data fetched and / or removed, it will be marked in the transfer storage area by the 'fetch' instruction. Each time data is written in the transfer storage area as new data, it is deleted. Each entry in the transfer storage area contains, for example, an expiration date, terminal identity, PIX, serial number, and optionally further data. Each basic file EF_INFO in the EFJ table (where LPL, " · Ρίρ, AD!, ... Ada) includes a record with the end date and general VAS data of the VAS application. For example, the nature of the ticket ( One-way or multiple votes) or boarding | The location can be entered here. However, F_INF0 must contain at least a clear application text name. It can be read by 'View, application operation. Practical data must first be VAS The provider is protected by the current external key algorithm. If KSQ or KRAVASP is used for external authentication or the enabled PIN is guaranteed 42 Γ Please read the precautions on the back before filling in this page} * m ml In —Ji I 11— -I -1 · 1 ^ 1! — I— mi i_li _

、 1T-line · This paper size is applicable to China National Standard (CNS) A4 specification (210X297mm) 24 9 7pif .doc / 0 02 A7 _____B7___ 5. Description of invention (f〇) The cardholder under protection enters a correct This basic file is readable at the PIN. Each elementary file EFJNTERNAL in the DF-X record (where XιζΡΐ, ... Ptp, ADi, ... Ada) consists of a record that can contain VAS data from a VAS provider and involves loading a VAS application program. This internal data can be read by neither the cardholder nor any other VAS provider. In the DFJ (records (where XziPTi, " .Ptp, AD!, ... Ada)) each basic file EF_VALUE contains a record with a VAS data integer 値 field. If KSQ or KRVASP is used for external authentication or is enabled In the case of PIN protection, the cardholder can input the correct PIN or correct password, and this basic file can be read. The key fields below are used by the VAS teller machine or VAS application. Next we start with a simple DS decoding That is, the keys of all VAS teller machines are DES keys and are encoded in eight bits (including the same accountant). The keys indicated by their KID (key identification) in VAS teller machines and VAS applications are for reference: Table 5. VAS teller machines Keys KID Kso '00, Kaut '01, KsiGVASC '02, KGK Hall '03, printed by the Consumer Cooperatives of the Central Standards Bureau of the Ministry of Economic Affairs (please read the precautions on the back before filling this page) Each key is associated with an error A suitable register cannot be applied to 43 paper sizes in accordance with the Chinese National Standard (CNS) A4 (210X297 mm) 491980 2497pif.doc / 〇〇2 A7 B7 Economy Printed by the Ministry of Standards and Staff ’s Consumer Cooperatives. 5. Description of the invention (with) This key is certified and cannot be used further once the input of the calculator is restricted. In the VAS application, the keys indicated by their KIDs are used as a reference: Table 6. VAS uses the key keys KID Klvasp, 04, Krvasp, 05. Each key is equipped with a wrong calculator. Such registration cannot be authenticated with this key and cannot be further used once the calculator input limit. VAS ATM includes a private Identification number or password (PIN). This is used to identify the cardholder with a 'proof' command. The PIN is connected to an error calculator to register each error entry and set limits to prevent PIN comparison. This limit can be operated by the system The user uses management instructions to eliminate it. Once the correct PIN is entered, the wrong calculator will be removed. The parameters below are selected by the chip card issuer in the available space of the chip card receiving desk to provide a VAS teller machine according to its personal wishes. • P design type EF_PT Maximum number of objects = Application category 'point storage' that can be loaded into VAS ATM simultaneously The maximum number of VAS applications that are 'turned'. • a The maximum number of design types DF_AD objects = the maximum number of VAS applications that can be loaded with bamboo VAS ATMs at the same time, such as 'identity documents' and 'data storage'. 44 This paper size applies Chinese National Standard (CNS) A4 specification (210X297 mm) (Read the precautions on the back before filling out this page) • Packing · 491980 2497pif.d〇c / 002 A7 B7 V. Description of the invention

• The maximum total number of nrDiR objects: nrDIR = p + a The number of records in EF_DIR is nrDIR • nrEF_TRANSFER · The number of EEJRANSFER records describes the basic file and data storage requirements are as follows: The overall data of the byte VAS teller machine EF_ID 4 9 * (p + a) 1 2 64 + 2 48 * πref.transfer (p + a) * 32 (p + a) * 62 p * 10 p * 3 r Please read the notes on the back before filling this page)

EF-DIR EF.VERSI0N EF-SEC overall key, Pin transfer range EF_TRANSFER

VAS provider's ownership data EF_KEY

EF_INFOREF_INTERN AL

EF VALUE Printed by the Consumer Cooperatives of the Central Standards Bureau of the Ministry of Economic Affairs. If we select 値 as the parameter P, a and nrEF_ TRANSFER? ^ What is the minimum storage requirement for VAS teller machines (there is no storage requirement for auxiliary instructions): Parameter storage requirement P = 8, a = 3, nrEF_TRANSFER = 15 2030 Bit group p = 10, a = 5, πγερ transfer = 2〇 2758 The maximum storage requirement of the faa group is approximately higher than the minimum storage requirement by approximately 10% ° 45 This paper scale applies to China National Standard (CNS) A4 Specification (210X297 mm) 491980 2497pif.doc / 002 A7 B7 Employee Consumer Cooperatives of the Central Standards Bureau of the Ministry of Economic Affairs of the People's Republic of China and India 5. Description of the Invention ○ The instructions for the chip card according to the present invention are explained in detail at the bottom . The READ RECORD instruction is used to read data from a linear basic file. The chip card provided the content of the record in the answer. The Elementary File (EF) refers to the short file identifier (HSFI). The status code '9000' indicates a successful instruction execution; any different code is considered an error. The 'UPDATE RECORD' instruction is used to enter data into the records of the linear base file. This command message includes basic file reference 値 ’records and data. The chip card's response contains a status code. The status code '9000' shows the successful instruction conclusion. Other status codes indicate errors. The "GETCHALLNGE" instruction requests a random number from the chip card. This random number is used to connect the dynamic authentication in the 'External Authentication' instruction. The chip card response message includes a random number, eight bits long, and a status code. A status code of '9000' indicates successful execution of the indication. Any different status code indicates an error. The instruction 'EXTERNAL AUTHENTICATE' allows the terminal to authenticate the chip card. This directive is used in VAS application articles for certification system operators and VAS providers. The instruction forwards a password to the chip card and is previously generated by the terminal by random number encoding. The chip card compares the password with a participant. If two key paths are recorded internally on the same chip card, conditional authentication has occurred. If the comparison is negative, the chip card will issue an 'unauthorized' state and reduce internal error operation operations. Once such an operation reaches zero, any further implementation of 'external certification' will be interrupted by 'authentication'. 46 This paper size applies to China National Standard (CNS) A4 specifications (210X297 mm). Please read the back first and fill in this shirt. Page guide

Printed by the Consumer Standards Cooperative of the Central Standards Bureau of the Ministry of Economic Affairs II 491980 2497pif.doc / 002 A7 B7 V. Description of Invention (^) The status shall be stopped. The reply message of the chip card contains a status code. Successful execution of the instruction and authentication of the chip card terminal is indicated by the status code '9000'. Any different code indicates an error. The internal authentication (INTERNAL AUTHENTICATE) instruction is used by the terminal to check the correctness of the VAS teller machine. For this purpose, the chip card calculates a password by deriving the reference data from the terminal. The terminal turns to form a password and compares it with the chip card. When equal, the terminal verifies the correctness of the VAS teller machine. The chip card's reply contains the password and the status code of the execution command. Successful execution is indicated by status code '9000'. Any different status code indicates an error. The VERIFY command is used to verify the cardholder PIN. The command transfers the uncoded PIN data to the chip card and compares it with the stored reference entry. If the input and j store 値 are equal, the path condition "PIN" is considered allowed. The reply message of the chip card includes a status code, and the status code '9000' indicates a $ work execution instruction. Other codes indicate errors. The TRANSFER instruction generates an item in the transfer storage area. Three operating modes are defined for this instruction: 1. By reducing the number in the E_VALUE field of the 'ticket' or 'point storage' category application, ~ targets are generated in the transfer range. 2. Generate an item in the transfer scope by granting a receipt in the 'identity document' category application. 3 · By transferring the certificate in the “Certificate” category application 47 paper sizes are applicable to the Chinese National Standard (CNS) A4 specification (210X 297 mm) (Please read the precautions on the back before filling this page}- Install · -line 491980 2497pif.doc / 002 Employee Consumer Cooperatives of the Central Standards Bureau of the Ministry of Economic Affairs of the People's Republic of China printed five. Invention Description (0 items are generated in the scope. The operation mode is automatically selected by the chip card: if the instruction DF is selected to execute The first line checks whether EF JALUE appears. If EF_VALUE appears, the chip card executes the 1 or mode 2 instruction. If no application DF is selected in the VAS teller machine, mode 3 is used. When the 'Transfer' instruction is called, the terminal Provide the following data of the chip card: • Current date • The end date of the project in the transfer area • The certification of the terminal that generated this item • User data of the transfer area • PIX of the VAS application (only mode 3 is applicable) • Removed Number of units (only for mode 1) • Macro instruction (MAC), serial number and VAS teller machine number related to the above data. Once ' When calling the 'Move' command, the chip card performs the following procedures: 1. Look for a free item in the transfer storage area. (The following provides the priority of existing items being rewritten in the reverse order "items marked for removal", "The item marked for removal" has reached the end date "). 2. Paste PIX on the terminal data in modes 1 and 2. 3. Paste the serial number on the data from step 2. 4. On step 3, VAS teller identity is attached to the data. 5 · Compile and export KGKdec, pix under KGKdec. 6 · Compile terminal identity under KGKDE (:, PIX to export KDEC. 7. Generate macro instruction (MAC) via step 4 data. Γ Please (Please read the notes on the back before filling out this page)

、 1T ------ 1-----11 —If-II »n ^ l ϋϋ-1 —I— -1-- This paper size applies to China National Standard (CNS) Α4 specification (210X297 mm) ) 491980 2497pif.doc / 002 A7 B7

Printed by the Consumer Standards Cooperative of the Central Bureau of Standards of the Ministry of Economic Affairs I. Explanation of the Invention (Required) 8. Compare with the MAC of the terminal from step 7. If different chip cards interrupt the function and reduce KGKDEC error calculation. 9. For Mode 1: Measure the EF_VALUE in the application load register. If there is not a unit in the domain, the chip card interrupts the function at this time, otherwise the domain of the application program should be reduced by this number. 10. Combination of command messages. 11. The range included in the increment of the EF_SEQ content in the instruction message, such as the expiration date, terminal body, transaction data, and operation mode (including mode 3, PIX), is like a password. The calculation of the password is based on the key KDEC, and the data is via, for example, a MAC including transaction data and terminal identity. If the response message of the TRANSFER instruction is successful, it includes an 8-byte data range and a 2-byte status code π9000 ”. The response message with a status code different from " 9000 " is interpreted as an error The data range of the response message includes the status of whether there is an error (such as especially when the password of the command message is correct), using the command message KDEC: coded password. In this way, the VAS teller machine performs authentication for whatever reason. The TAKE instruction provides the cancellation of the subject matter in the design type EFJTRANSFER. Theoretically, the execution of the TAKE instruction represents the reading from the record stored in EFJTRANSFER, and the record continues to be stored in storage until the storage space needs to be replaced by a new input element. This data set is marked as canceled when replaced. Considering the theoretical situation, in order to cancel a data set, anyone can use TAKE 49 (_Please read the precautions on the back before filling this page).

1. The paper size of the 1T line is applicable to the Chinese National Standard (CNS) A4 specification (210X 297 mm) 491980 2 4 9 7pi f. Doc / 0 0 2 A7 Printed by the Consumer Cooperatives of the Central Standardization Bureau of the Ministry of Economic Affairs Θ)-instruction, but according to R & R, this set of data is only useful for the VAS provider. The removal procedure can be assumed as described below. The VAS provider who wishes to remove the certificate or receipt first searches for the appropriate data set Transfer storage (such as in the SEEK instruction or by explicit reading of each record), this data set can be read under any conditions and its content can also be checked. Display of the data set under this response Therefore, it is not necessary, and the number of records can be considered to be known. The B ^ TAKE instruction provides the following modes ... • When data is invalid, it is removed and annotated at the same time. When removed without the above annotations, the data is still valid. The instruction message includes the identity of the terminal, the application of ρίχ and a random number generated by the terminal. The instruction PIX stands for the application of removing data. It is different from the removed data group ρχ, which completely provides impact Derivation of KDEC of the transaction terminal. The response message of the card includes a password Q of KSnVASC related to the recorded data presented in the instruction message and the transfer range in the VAS teller machine, and a password c2 removed by C! Due to the KDEC of the terminal. And the random number obtained from the command message. The response message also includes a status code. The key KDEC is obtained as described above. The authenticity of the password obtained by the KDEC through the VAS teller machine is beyond doubt. Confirmation of authenticity and unity can be borrowed. It is verified by the calculation of the password C in the system operator (because C is obtained by the number of serials, the removed bits of the transfer record range, and the identity of the VAS teller machine). The status code " 9000 "indicates the successful execution of the instruction. The status code was found to be an error. 50 This paper size applies the Chinese National Standard (CNS) Α4 specification (210X297 mm) (Please read the 4 notes on the back before filling it out. '' Loading-: Write this page}

1T 491980 2497pif.doc / 002 A7 B7 V. Description of the invention (< 4) What is to be identified is that it requires AIDvas according to one of ID0 / IEC 7816_5. In other words, RIDvas, one of the 5-byte leaders in the VAS system, is required. Table DF—VAS's AIDvas is read as ... AIDvas = RIDvasxPIXdf_vas 〇 For each VAS application a, in order to be able to explicitly authenticate the former from the teller machine with AIDa = RIDvasxPIXdf_vas, one or three digits of the leader of the group R & R was declared. After the selection of DF_VAS, one of the tables containing the VAS application A can be selected using the selection file < pIXa >. The update key (KID, K) represents an instruction from one of the card receiving stations, thereby using a key authentication identity to replace a key with a new K 値. Before the VAS application leaves the design type DF-PT or DF_AD (relative to the application type index storage, ticket, authentication document or database) used by the cardholder at the transaction terminal, it must be in the appropriate VAS holder's The service terminal is loaded into the VAS teller machine. Basically, when the VAS teller machine is set, the card announcer can load more than one VAS application program from a VAS provider and a SO to the VAS provider to give instructions. Such loading procedures constitute a special situation, which is described here. VAS application loading procedure: Printed by the Consumer Cooperatives of the Central Standards Bureau of the Ministry of Economic Affairs 1. The cardholder inserts a VAS card into a service terminal. 2. The service terminal checks whether the VAS teller machine exists: • Select the file < AIDvas > (if the VAS teller machine is not selectable, an error is displayed) • Read the file < SFI of EF_JD, 0 > (display the number of VAS teller machines) Standards are applicable to China National Standard (CNS) A4 specifications (210X297 mm) 491980 2497pif.doc / 002 A7 B7 V. Description of the invention (ingenious) Selectively check the validity of the VAS ATM, the service terminal needs an internal certification of the VAS ATM : • Internal authentication < random number, KAUT $ KID > The service terminal checks the response and errors in this state to terminate the program (shown with an error). 3. The service terminal provides various options for cardholders. One of them is to load and load VAS applications, which can be selected by the cardholder. All VAS applications that can be loaded into the kiosk are displayed to the cardholder and wait for a choice. Therefore, to start the operation of viewing the VAS application, the cardholder chooses one of the design type or DF_AD VAS application A. Printed by the Consumer Cooperatives of the Central Standards Bureau of the Ministry of Economic Affairs (please read the notes on the back before filling out this page) 4. The service terminal checks the VAS teller machine through the choice of operating the VAS application. As to whether the selected VAS application has PIXA It has been loaded into the card. Surely, the error message will be displayed. If not, check the object of the design type suitable for A is still applicable to the VAS ATM, you can do this by searching one of the records in EFJ) IR. (Eg using the SEEK command); if not, an error message is displayed. If the record is empty, no VAS application is loaded in the FIDdf_x including DFJ (. 5 · The next free object of the design type suitable for A is loaded with VAS application A. For this service terminal requires the The VAS provider is offline (for example, through the VAS provider SAM) two keys KLVASP and KRVASP and assign these to the new VAS application: • Select the file < FIDdf_x > This paper size applies the Chinese National Standard (CNS) A4 specification (210X297) PCT) 491980 Employee Consumer Cooperatives, Central Standards Bureau, Ministry of Economic Affairs, India 2497pif.doc / 002 _____B7 V. Description of the invention (θ) • Obtain password • External authentication < KS0 (random number), KID of KS0 > • Update key < KuASP KID, kVASP > • Update key < KID, KRVASP > of KRVASP; External authentication < KLVASP (random number hKwspiKID〉) • Update record < DFJ (of EF_INFO SFI, data) • Update record < DFJ (of EF_INTERNAL SFI, data> • Optional (start): Update record < SFI of EF_VALUE of DF_X, data > 6. When the input element successfully enters the EFs, the service terminal executes the entry VAS application S < PIX A, FIDdf_x > operation, which connects to DFJ (to PIXA, and allows selection of files by PIXA (after preferential selection via selection file AIDvas2). This mechanism, which is enabled by transfer storage, may be intended, for example Used by VAS providers who perform internal or various services without a proper DF structure. A cardholder, especially a user who prefers to use this VAS application, does not need to be loaded first in such a terminal. Instead, he A voucher or a receipt must be self-declared directly in the transaction terminal, and cashed in different terminals (removed by operation), or only vouchers or receipts (by reading) appear. Design type EFJTRANSFER VAS Application loading can be clearly understood by entering VAS data or obtaining such operations. In this article, the transaction reference of the design type EFJTRANSFER is described below. The following describes the mode of input VAS application operation. If the VAS application is loaded into the VAS teller machine, a terminal 53 paper size is applicable to the national standard (CNS) A4 specification (210 father 297 public Chu 1 1 & quo) t; 'Γ Please read the notes on the back before filling this page) • 装 _

1T line 491980 2497pif.doc / 002 A7 B7 V. The description of the invention (to) will not know its actual location, where X = ΡΊ \, ... PTP, ADi, ... ADa VAS application has been loaded in DF-X or not loaded. From the card maker's point of view, there may be two design models that can be checked separately; in this article, special attention should be paid to the consistency of the ZKA standard. The first situation: EFJ) IR access will encounter the following conditions first: • Among the AIDs currently related to DF_X's FIDs, an EF_DIR (especially under DF_VAS) exists in the card receiving station standard Type. • This EFJDIR can be read by anyone (AC: ALW for reading records) • If the VAS application A of the county has PIX ^ is loaded into an unused DF_X by the system operator, for example, an input element (Welcome_111) When loading (made into) the existing basic file (not creating the file), it is possible to increase the database by updating the input element of the UPDATE RECORD by a DF_X sent from FIDX EF_DIR. Therefore, the AC for updating records can be enforced through the key Kso-external authentication. Printed by the Consumers 'Cooperative of the Central Standards Bureau of the Ministry of Economic Affairs (please read the precautions on the back before filling out this page) • If it is after DF__VAS's priority selection (prior selecti 〇 ugly)' Select file (SELECT FILE) < E14 > instruction When sending to the card, you can directly select a DFJ () that has been loaded into the VAS application A. • If it is a VAS application A loaded into DF_X and its auxiliary basic files, the cardholder will use the service terminal When requesting deletion of the machine 'This paper size applies to Chinese National Standard (CNS) A4 (210X297 mm) Printed by the Consumer Cooperatives of the Central Standards Bureau of the Ministry of Economic Affairs 491980 2497pif.doc / 002 A7 _____B7____ V. Description of the invention DELETE FILE is not deleted, but the input data will be replaced by the dummy value. Therefore, EF_DIR can be used to delete the input element PIXA. (Especially the input files of the input element PIXA and DFJ ( For example, update records based on priority external authentication via key KSQ.) • Since the number of DFJ (is fixed, the number of EF_DIR records can be known. If this method is implemented, then the following results can be obtained: • Direct selection of the VAS application, after the selection of DF_VAS, the selection file PIXA can be used. The second situation: if EF_DIR cannot be accessed, it will be accepted for a special card (Card platform), as described in the previous paragraph, when EF-DIR is unacceptable or EF_DIR read-write access cannot be performed, DF-VAS under database EF-VASDIR must have a preparatory measure to connect to a PIXA The VAS application program system is stored in the DFJ's actual storage area (storage locality), which is brought in by a clear update record command of the system operator (after the priority external authentication by KSQ), and read by the records of EF-VASDIR The operation of the input meta VAS application is performed as follows: A VAS application A including PIXA is first loaded into a free DF-X with FIDdf_x, and the number of records including FiDdf_x is recorded in the service Terminal cjn 〇1. Select file 410 ^ > (If the VAS teller machine is not selectable, it will display an error) 55 This paper size Gu Jinguan (CNS) A4 specifications 21〇 、 / 297mm 1 1 ~ '-----; 丨 丨 installed ------- order ----- 00 (read the precautions on the back before filling this page) 491980 2497pif. doc / 002 A7 B7 V. Description of the invention (θ) 2. Get password (CHALLENGE) 3. External authentication < KS0 (random number), KID of Kso > 4. Update record < SFI of EF_DIR of DF_VAS, recorded as FIDdf_x Number, PIXa, FIDdf_x) VAS applications of design type DF ^ PT or DF_AD can only be deleted at the request of the cardholder of the terminal (under the control of the system operator). VAS applications of design type EN_TRANSFER can be downloaded at Deleted anywhere by anyone. When deleting, it is necessary to distinguish between design types DF_PT and DF_AD and VAS applications of individual design types ENJTRANSFER. The procedure for deleting a VAS application such as the design type DF_PT or DF__AD is as follows: 1. The cardholder inserts the VAS card into the kiosk. 2. The service terminal checks if a VAS teller machine exists. • Selected file < AIDvas > (if VAS teller machine is not selectable, error will be displayed) • Read record < ef_id > (display of vas teller machine's identity) Printed by employee consumer cooperative of Central Standard Bureau of Ministry of Economic Affairs (Fill in this page again) 3. The service terminal provides cardholders with a variety of options' from which you can read the delete VAS application, which is chosen by the cardholder. All VAS applications of all design types loaded in the VAS teller machine are now displayed to the cardholder and waiting for their choice. For this purpose, observe the operation of the VAS application and start it. The cardholder chooses the design type DF_PT or DF_! AD for VAS application A through AIDa. The object loaded into the VAS application will be marked as DF A ° This paper size applies the Chinese National Standard (CNS) A4 specification (210X297) (%) Printed by the Consumer Cooperatives of the Central Standards Bureau of the Ministry of Economic Affairs 491980 V. Description of the Invention (Clever) 4. After the selection of DF_A2, the self-authentication of the service terminal is as follows: • Selection file < PIXA > • Get password • External authentication < KSQ (random number), KID of KSQ> 5. The content of the DF_A file is deleted (EF_KEY requirements

Klvasp, EF_INTERNAL and EF_VALUE, so the former will be deleted by the system operator first): • Update key &lt; KID of KLVASP, "00 .. · 00"> • Update key &lt; KRVASP2KID, "00 ... 00" &gt; • Obtain password • External authentication &lt; KlVASP (random number), KlVASP2KID &gt; • Update record &lt; SFI of EF_INF0 of DF_A, "00 · ..00" &gt; • Update record &lt; SFI of EF_INTERNAL of DF_A, "00 · ·· 00 "&gt; • Update record &lt; SFI of EF_VALUE of DF_A," 00 ··· 00 "&gt; 6. When the input element successfully enters EF, the service terminal will later make the input element of the VAS application EF_DIR is deleted: • Select file &lt; AIDvas &gt; (If VAS ATM cannot be selected, display error) • Update record &lt; SFI of EF_DIR of DF_VAS, number of FIDdf_a records, "00 ·· .00, &gt; If it is PIXA When the selection file is not implemented, the internal link of PIXA to DF_A becomes invalid. &Lt; The next is the design type EF_TRANSFER: According to R & R, the VAS application of design type EF_TRANSFER is only! .II ------ (· (Please read the notes on the back before filling out this page) ----- ^ The size of the paper is applicable to China National Standard (CNS) A4 (210X29 * 7mm) 491980: 497pif.doc / 002 A7 B7 Printed by the Consumer Cooperatives of the Central Standards Bureau of the Ministry of Economic Affairs β) Can be deleted at the explicit request of the cardholder of the transaction terminal or the service terminal (only if there may actually be one). If the transfer storage does not have enough space to store new objects (For example, a voucher or a receipt) when the subject matter deleted from EFJTRANSFER becomes particularly needed, the deleted program often needs to be executed indirectly with a supplementary instruction TAKE. This ^ instruction is only used for the subject being moved. The "note" can be replaced freely by an accompanying instruction TRANSFER. The deletion procedure of the VAS application is as follows: 1. The cardholder inserts a VAS card into a terminal that can display EFJTRANSFER (you can view the operation of the VAS application) (Special cabinet) 2. The terminal checks if the VAS teller machine exists: • Select the file &lt; AIDvas &gt; (if the VAS teller machine cannot be selected, an error is displayed) • Read the record &lt; EF_ID S FI, 0 &gt; (Display of VAS teller identity) 3. The terminal provides many options for cardholders. One is to read and delete the VAS application, which can be selected by the cardholder. At least, the VAS application of design type EFJTRANSFER is now displayed to cardholders and can choose here, which can be viewed by the special cabinet of the VAS application. The card holder selects a target from the design cabinet including a certificate and a receipt. This target has a record number A. The card holder can make this choice. 4. When moving in, the terminal marks the record with the record number A and transmits the instruction TAKE (—by itself, its own PIX and Γ, please read the precautions on the back before filling this page) • Install · ιϋ_— ml ϋϋ ϋϋ —ϋ I &quot;. ^ — ^ 1 ϋΗη m ι ^ ϋ I ϋϋ · 1 ^ ϋ This paper size applies to China National Standard (CNS) A4 (210X297 mm) 491980 2497pif.doc / 〇〇2 A7 B7 Printed by the Employees' Cooperative of the Central Standards Bureau of the Ministry of Economic Affairs 5. Description of the Invention (0) Random number for terminal identity calculation): • TAKE &lt; A, random number, PIX, terminal identity &gt; Marked records being moved are now available To receive a new voucher or receipt. The choice of VAS application program is as follows: If the design type DF-PT or DF-AD VAS application program A is used to load the VAS application program into the VAS teller machine, it can be a stage of a terminal Make your choice. At the beginning, the VAS ATM was selected first, and then the VAS application included its PIXA: 1 · M selection file &lt; AIDvas &gt; (Right shows an error when the VAS ATM cannot be selected) The service terminal can be used to check the authenticity of the VAS ATM Therefore, the service terminal needs one of the internal authentications of the VAS teller machine: • Read the record &lt; SFI of EF_ID, &gt; (display of the identity of the VAS teller machine) • Internal authentication &lt; random number, KID of KAUT &gt; The service terminal checks the response and Terminates incorrect operation (display error). 2 · Selection file (if VAS application A is not loaded on the VAS teller machine, an error is displayed) The transaction terminal (KGKAUT cannot be used) can indirectly determine the recognition of the VAS teller machine through the certification check of the VAS application A. This is because of the VAS application The program can only be loaded into a service terminal, and the VAS teller certificate is checked during the loaded program. VAS application A certification inspection can be 59 paper size applicable to China's national standard (CNS) A4 size (210X297 mm 1 extra ----- * --- r ---- Ί-,-installed- ---- Order ----- line • ('Please read the notes on the back before filling this page) Printed by the Consumer Cooperatives of the Central Standards Bureau of the Ministry of Economic Affairs 491980 2 4 9 7pi f. Doc / 0 02 A7 B7 5 2. Description of the invention (β) Take it back to the trading terminal and test whether the VAS teller machine includes the key of the VAS application program KlVASPS KRVASP. This can be tested in the trading terminal as follows: • Internal certification (random number, KRVASP or KLVASP) KID> In order to test whether the VAS teller machine A is loaded in the VAS teller machine, it can be randomly selected; under the error display of the response message of the selected file, a conclusion that does not currently exist can be obtained. The choice of the VAS application of the design type EFJTRANSFER can be By viewing the data storage of the VAS application and the terminal, there is no need to doubt 'Because the terminal knows the number of records of the indicated object from EFJTRANSFER, it can choose the required object based on the number of records. View the performance of the VAS application Fang As follows: View the operation of the VAS application, you can list all VAS applications of the design type DF_PT, DF_AD and EF_TRANSER on the terminal. Since the VAS application of the design type EFJTRANSFER has no access protection, it can be displayed on the trading terminal On-board, and the application of the design type DFJT or DF_AD of the transaction terminal also has selective read rights (KRVASP belongs). So the VAS application program is as follows: 1. The cardholder inserts a VAS card (VAS ATM is valid Chip card) on the terminal. 2. The service terminal tests whether the VAS teller machine &lt; exists: • Select file, &lt; AIDvas &gt; (display error when VAS cannot be selected) • Read record &lt; SFI of EF_ID, 〇 &gt; ( VAS teller machine identity display 60 This paper size is applicable to China National Standards (CNS) A4 specification (21〇'〆297mm) &quot;-:-,-^-装 ------ Order --- -^ Line ('Please read the notes on the back before filling out this page) Printed by the Consumer Cooperatives of the Central Bureau of Standards of the Ministry of Economic Affairs of the People's Republic of China 5. Description of the Invention (^) The validity of the VAS teller machine is selectively checked, so the service Terminal_machine The internal authentication of the VAS teller machine is required: • Internal authentication &lt; random number, KID of KAUT &gt; Service terminal test response and error (and error display) interrupt procedures. 3. The service terminal shows the cardholder various options. One of them is the reading and viewing VAS app, which can be chosen by the cardholder. 4. Self-authentication of the service terminal: • Obtain a password • External authentication &lt; KS0 (random number), KID of KS0 &gt; 5. For VAS applications of design types DF_PT and DF_AD, each VAS application can be selected, Can be successfully controlled by the contents of EF_DIR. After external authentication of key KSQ, the respective contents of EFJNF0 and EF_VALUE (or part of R &amp; R) are displayed: • For i: 0, ..., nrDIR-l • Read Record <SFI, i of EF_DIR> If the DF is loaded in the VAS application, the response message and PIXA will display "00 ·· 00". You can use a search command when selecting the record of EF_DIR. • If PIXA is not “00. .〇〇” • Select file &lt; PIXA &gt; • Read the record &lt; SFI of EF_INFO, 〇 &gt; — ^ ---- p --.— ^-装-('Please read the notes on the back before filling this page)

'1T Printed by the Consumers' Cooperative of the Central Bureau of Standards of the Ministry of Economic Affairs 491980 2497pif.d〇c / 002 Αη B7 V. Description of the Invention (^ 7) • Display of the response message (partially selective) • Read the record &lt; EF_VALUE of SFI &Gt; • Select file &lt; AIDvas &gt; 6. For VAS applications of design type EF ^ TRANSFER, each record of EFJTRANSFER content (or part of R & R) shows: • Select file &lt; AIDvas &gt; • Right i = 0, ..., nrEF_TRANSFER—1 • Read record &lt; SFI, i of EF_TRANSFER (response message shows the i-th record content of EF_TRANSFER) • If the content is empty, the content is displayed with a description (for example: Termination) For transaction terminals with inspection rights (KRVASP), the application of the inspection design type DF_PT or DF_AD is described in two ways: for external authentication, use the key KRVASP instead of KSQ (only applicable to system operators) ). If the transaction terminal cannot perform KGKAUT and still want to check the VAS application certification, you can request authentication (at least one) of the VAS application through the transaction terminal instead of internal authentication, according to the familiar description of the KRVASP or KlVASP key card . For VAS applications of design type EF_TRANSFER, the contents of each recorded EFJTRANSFER (or part of R &amp; R) can be successfully listed as described above. The procedure for explaining the VAS application is similar. Therefore, the terminal provides the cardholder with a choice of explaining the VAS application. Except for the operation review, 62 paper sizes are applicable to the Chinese National Standard (CNS) A4 specification (210X297 mm) ( (Please read the notes on the back before filling out this page)

1T 491980 2497pif.doc / 〇〇2 8 7 B7 Printed by the Consumers' Cooperative of the Central Standards Bureau of the Ministry of Economic Affairs of the People's Republic of China 5. Inventory (") In addition to the data displayed, it can also be displayed from the VAS provider (such as an external code) Data) EF-INFO and EFJALUE data, as well as data from EF_INTERNAL. In any case, for a VAS provider (as it chooses), the VAS application can be used at the appropriate key on the terminal. Read VAS The EF_INTERNAL of the application requires the KLVASP key (external authentication). For the external encoding data of the basic files EF_INFO, EF_INTERN and EF_VALUE, as well as the transfer and storage of EF_TRANSFER, the appropriate key of the VAS provider is also required. The terminal program can quickly identify the VAS application The program selects the PIX auxiliary, so the application key of the data description can be used. The "VAS application transfer" operation represents the transfer of all or selected source card VAS applications to the target chip card on the service terminal ( target card). This prerequisite is that in the VAS ATM of the target card, no VAS application is loaded and All VAS applications after the transfer will be deleted from the chip card. Both can be achieved by continuous use of the "delete a VAS application" operation. In addition, the VAS chip card must be authenticated and the underlying card must provide sufficient storage capacity. The transfer operation itself Basically, it is an extension of the VAS application viewing operation that reads data from EF_INTERNAL and the keys KLVASP, KRVASP, and the repeated use of the "Load a VAS application" operation. Linking the VAS data, the VAS ATM identity is also transferred to the target card, so that the VAS application of the standard card can also correctly teach 1 line in the source card. The reason is that the keys obtained from the VAS provider were verified by the VA &lt; S teller machine identity however the keys were copied without change. Furthermore, the VAS provider does not want to change the billing method in the basic system because it generally uses a VAS teller machine. 63 This paper size is applicable to the Chinese National Standard (CNS) A4 specification (210X297 mm) Γ Please read the notes on the back first (Fill in this page again)-Install.

, 1T line 491980

Printed by the Consumers Cooperative of the Central Standards Bureau of the Ministry of Economic Affairs I 2497pif.doc / 002 A7 ___B7_ V. Description of Invention (Heart) Identity to authenticate the VAS chip card. Basically confirm that the number representing the uniqueness of the system in the VAS ATM identity transfer will be deleted from the source card. In order to be able to specifically read the basic file EF_INTERNAL and the key, KRVASP, via key KSC) (as in the "Delete a VAS application" operation) for external authentication, the service terminal first rewrites the key ΚίνΑ5Ρ and after re-certifying KuASP Data is rewritten by EF_INTERNAL. In addition to designing VAS applications of type 01 and DF_AD, the file EFJTRANSFER must also be rewritten. To this end, the "remove" operation must be continuously used to remove objects that are not marked as removed or terminated, check their annotations by KSIG_VASC and transfer them to the EF JRANSFER of the target card. On the subject card, on the other hand, the objects are marked as unremoved so that they are still valid. Finally, the overall data of the VAS teller machine must be transferred. In particular, the serial number of the target card must be suitable for the number of source cards. The procedure for entering VAS data is as follows: According to the characteristics of the VAS application, there are three possible situations for entering VAS data on the transaction terminal: First, the design type DFJ or DF_AD Case of purchase. The VAS provider enters data into the VAS application A of design type DF_PT or DF_AD. The input of VAS data is as follows: 1. The cardholder puts the VAS card into the transaction terminal. 2.Trader terminal checks if VAS teller machine exists: • Select file &lt; AIDvas &gt; (error display when VAS teller machine cannot be selected) 64 This paper size applies to China National Standard (CNS) A4 (210X297 mm) (Please read first Note on the back, please fill out this page again.) Refill the items, install, 11 491980 2497pif.doc / 002 A7 B7, the Consumers' Cooperative of the Central Standards Bureau of the Ministry of Economic Affairs, Printing and Publication of the Fifth, the description of the invention uy • Read the record &lt; (Show VAS ATM ID) 3 · Check the correctness of the VAS ATM. If the parent terminal itself has the master key KGKAUT, it can require the internal authentication of the VAS ATM: • Internal authentication <random number, Kaut2 KID> The transaction terminal (no KGKaut available) can be indirectly verified by the VAS application A to verify the correctness of the VAS ATM, because the VAS application can only be loaded on the service terminal when the VAS ATM is authenticated. VAS application The authentication of program A can also be used to check whether the trading terminal VAS teller machine contains the key KlVASP or KRVASP to open the VAS application a. This can be done by the transaction Terminal check. For example: • Select file &lt; PiXA &gt; (incorrect display of VAS application A is not loaded into VAS teller machine) • Internal authentication <random number, KRVASP KIDS Kmsp> When the transaction terminal checks its coverage and there are errors ( (Error display) Interrupt the program. 4. The trading terminal selects VAS application A for self-authentication and describes the basic files required to execute the transaction: • Select file &lt; PIXA &gt; (omitted when it has been performed in the third step) • Obtain a password • External authentication &lt; KLVASP (random number) 'KLVASP + KID &gt; • Selectivity: update record &lt; DFJ (of EF_INFO SFI, data>) • Selectivity: update record &lt; DFJ (of EFJNTERNAL SFI, data) this Paper size applies Chinese National Standard (CNS) A4 specification (210X297 mm) (Please read the notes on the back before filling out this page) Pack '491980 2497pif.doc / 002 A7 B7 V. Description of invention (“) • Optional: Update record &lt; DF_X of EF_VALUE SFI, data &gt; Now let's talk about the purchase in design type ef_transfer. Especially for VAS applications of design type EF_TRANSFER Applications program: Category "Documents ,,), VAS providers do not need to occupy the application file structure DFJ all right (junction storm is not required before using VAs application documents' past service terminals for loading VAS applications. He can also issue a certificate or receipt directly on the transaction terminal and return it on a different terminal (using the 'remove' operation) or display the certificate or receipt directly (by reading). Therefore, inputting VAS data causes the design type EF_TRANSFER VAS application to be loaded internally. For this application category, the design category consists of individual 'record' type objects. It is possible to enter EF_TRANSFER only by instruction, branch. To do this, the transaction terminal must have a valid cancel key KDEC and the PIXVAS data entry procedure for the available VAS application A as follows: 1. The cardholder places the VAS card in the transaction terminal. 2. Check whether the VAS teller machine exists in the transaction terminal: Printed by the Central Standards Bureau of the Ministry of Economic Affairs, Consumer Cooperatives Γ Please read the precautions on the back before filling in this page) • Select file &lt; AIDvas &gt; (Error display when VAS teller machine cannot be selected ) • Read record &lt; EF_ID of SFI, 0 &gt; (display VAS teller number) 3. Transaction terminal read serial number additionally enter MAC from step 4: v • Read record (EFFI's SFI, 0) (serial number display) 4 · The instruction "Transfer" enables records to be entered into EFJTRANSFER: • Transfer &lt; Transaction Date, Termination Date, Generator Password, Date, 66 This paper size applies to China National Standard (CNS) Α4 Specification (210X297 mm) 491980 2497pif. doc / 002 8 7 B7 5. Invention Description (PIXA, MAC with KDEC> 5) The transaction terminal can observe the reply message of the 'Transfer' instruction to check whether the VAS teller machine is real (that is, it has the link key KDEC). In this article The reply message of the 'Transfer' instruction is further referenced as follows. Finally, the purchase of VAS data is cancelled by the price. VAS providers can use the 'Transfer' instruction to値 The cancellation step generates an authorization right (such as a certificate or a receipt) in the transfer range EF-TRANSFER. It can be used by different VAS providers. The data is cancelled by the EF_VALUE or EF-INFO that the VAS provider can cancel. Hold the card The user requires the form of the object in EF_TRANSFER. The procedure for inputting VAS data is as follows: 1. The cardholder places the VAS card in the transaction terminal. 2. The transaction terminal checks whether a VAS teller machine exists. • Select the file &lt; AIDvas &gt; (when VAS When application A cannot be selected, an error is displayed.) • Read the record &lt; EF_ID of SFI, 0 &gt; (display of VAS teller machine identity) 5 copies printed by the Employees ’Cooperative of the Central Standards Bureau of the Ministry of Economy (Fill in this page) 3. The transaction terminal reads the serial number and enters the MAC from step 4: • Read the record &lt; EF_SEQ of SFI, 0 &gt; (ordinal display) 4. Select VAS application A for the transaction terminal: • Select the file &lt; PIXA &gt; (error display, when vks application A is not loaded into the VAS teller machine) 5 · The transaction terminal uses the 'transfer' instruction from EF_VALUE or EF_INF0 This paper standard applies to China Standard (CNS> A4 specification (210X297 mm) 491980 24 97pif.doc / 0 02 A7 B7 Printed by the Central Consumers Bureau of the Ministry of Economic Affairs Employee Cooperatives. V. Description of the invention Possible examples of cancellation of data are as follows: • Transfer &lt; Data with KDEC : MAC &gt; The composition of the instruction message for 'Transfer' has been described. If the correct data can be made by KDEC, the terminal can get the right to cancel. This note is checked by a VAS teller. If successful, the VAS teller creates a record in .EFJTRANSFER and the sequence number is incremented. 6. The trader's terminal can reply to the message by the 'Transfer' instruction to check whether the VAS teller machine is correct (ie, possesses the general key KDEe). We will now proceed with the procedure for cancelling VAS data. There are two cancellation procedures: On the one hand, the VAS data of the VAS application of the design type DF_PT or DFJVD can be cancelled by the appropriate VAS provider with a cancel operation, that is, purchased from the cancelled VAS data. In that way, the price is spent and the potential use rights of different prices are created. On the other hand, VAS data can be fetched from EF_TRANSFER only by the auxiliary instruction 'TAKE' once. In that case, the use right is exhausted, and the remaining data that can be further used in the transfer range (for example, the return ticket is still used for the return journey) is taken out when needed until other objects overlap. The procedure for canceling the VAS data by instruction 'TAKE' is as follows: 1. The cardholder places the VAS card in the transaction terminal. 2. The transaction terminal checks whether the VAS teller machine <exists. • Select file &lt; AIDvas &gt; (when VAS application A cannot be selected, display error) 68 This paper size applies Chinese National Standard (CMS) A4 specification (210X297 mm) (Please read the precautions on the back before filling this page ) .------ Order ----- line --- j ---- 491980 24 97pif, doc / 0 02 A7 B7 Printed by the Consumer Cooperatives of the Central Standards Bureau of the Ministry of Economic Affairs Μ) • Read the record &lt; SFI of EF-ID, 0 &gt; (display of VAS teller identity) 3. The transaction terminal is first displayed and used from EFJTRANSFER, and check the available objects of the "VAS application" operation to determine whether or not The required objects can be obtained. In the same way, the instruction, search, can be used to find a sample. If successful, the terminal can know the newly searched record number i. 4. The terminal displays the record and displays the record number, where the command TAKE is used to send i Alas, its PIX and terminal identity are calculated as a random number. • ΤΑΚΕ (ι, random number, PIX, terminal identity) The transaction terminal uses the instruction 'TAKE' to read data from EFJRANSFER. It is also determined that the data has been Take out. In addition, the execution of the command produced two different passwords and daggers. The password was calculated by the VAS teller machine using the KSIC_VASC key. Therefore, the producer of the object whose record q was removed can obtain uniqueness and correctness from the system operator. The uniqueness and correctness of the transaction comes from the password of the VAS contributor who originally originated the object (and verified by the chip card, refer to "Transfer") and the password used by the chip card when maintaining and removing the transaction sequence calculator.丨. The password (: 2 is taken out by the VAS teller machine using the KGKDEC key and obtained by the VAS teller machine from the KGKDEe, PIX and terminal identity. By understanding the key KDEC, the VAS teller machine can directly prove the correctness of the terminal. Because of the use of instructions A similar test will be performed during the 'transfer'. Only the authentic documents or receipts will be stored in a 69-sheet paper. Applicable to China National Standard (CNS) A4 (210X297 mm) ~ (Please read the precautions on the back before filling out this page.) I ιϋ ί —J i ml I · ϋι m ^ i i_i— ^ nn —ϋ.

1T 491980 2497pif.doc / 002 8 7 B7 V. Description of the invention uy correct VAS teller machines, the correctness of taking out items can be guaranteed. Once C2 is indirectly formed by the serial number, the take-out bit and the identity of the VAS teller machine, the VAS teller machine can even prove the uniqueness of the retrieved item to the terminal. Anyone has the right to take out using the 'TAKE' instruction. Moreover, on the service terminal, it is possible to design the VAS applications of the types DF_PT and DF_AD to read the required password or PIN to protect their enabling or slowing down. Moreover, the PIN of the VAS teller machine can be changed by the cardholder who knows the PIN and can be saved by the system operator in Ks using external authentication. Non-numeric symbols or symbol sequences of optional length can also be used as a PIN or password. In summary, although the present invention has been disclosed as above with a preferred embodiment, it is not intended to limit the present invention. Any person skilled in the art can make various changes without departing from the spirit and scope of the present invention. And retouching, so the scope of protection of the present invention shall be determined by the scope of the attached patent application. -------, --- install ------ order ----- line Γ Please read the notes on the back before filling out this page) Printed by the paper Applicable to China National Standard (CNS) A4 (210X297 mm)

Claims (1)

491980 2497pif2.doc / 002 Cage ft 7 Ί η 9 Γ »Q / 1 奄 奄 π owe A8 Β8 C8 D8 il; 4, τ Ria 8 9 / H / 2J Printed by the Consumers’ Cooperative of Intellectual Property Bureau of the Ministry of Economic Affairs 1. Patent application scope 1. A chip card for trading, in which monetary units or other valuable data granted on behalf of non-money are transferred between the cardholder and at least one trading partner (service provider) or displayed to the service provider Certificate of Grant 'Where the chip card includes a storage area for storing the data required to execute the transaction, the chip card includes the following features: A device for loading one or more chip card applications onto the chip card, allowing the holder to hold Transaction execution between the cardholder and the service provider who designated the application; a transfer storage area (ef_transfer) that contains the data exchanged or displayed in the execution of the transaction and data granted on behalf of the monetary unit or non-money; and Data is written to a device in the transfer storage area by a write instruction (transfer). 2. The chip card as described in item 1 of the patent application scope, wherein the loading device includes: a data structure (DFJVAS, VAS teller machine) storage includes: a space structure (DFJP, DF_AD, VAS application program), card holder The data (VAS application) required to perform transactions with the service provider can be loaded; a definition data set 'contains information about the nature and / or structure of the data stored in the spatial structure, and the definition The data group further includes: a symbol (identity of the teller machine), authenticating the data structure (VAS teller machine) and / or chip card; and a small 'system' key (kso) to ensure the definition of the data group and / or data paper The scale has been used T4 circle standard (CNS) A4 specification (2 ^ x 297 mm ------------- ^ ___ w -------- Order -------- -Line (Please read the notes on the back before filling this page) 491980 2497pif2.doc / 002 A8 B8 C8 D8 Printed by the Consumer Cooperatives of the Intellectual Property Bureau of the Ministry of Economic Affairs 6. The complete scope of the patent application structure is not modified. The chip card described in item 2 of the scope of patent application, the chip card includes at least the following special features One: using at least one system key to load data required to execute a transaction into a device of the spatial structure; writing the data into a definition data set to rewrite the device to load the data of the spatial structure; on the chip The card database generates a space structure to load a device required to execute a transaction; and / or a device for dynamic memory management on a chip card. 4. The chip card described in item 2 of the patent application scope, the chip The characteristics of the card are: The space structure (VAS application program) is represented by an independent space structure with a special service provider; The definition data set is protected by at least one system key (Ks〇) from being modified and can only be modified by This key is modified; and the space structure (VAS application) can only be manned when using the system key included in the definition data set. 5. The chip card 'the definition data as described in item 2 of the patent application scope The group contains at least one of the following characteristics: at least one identification key (KAUT), as the chip card's granting authority for the terminal and / or the terminal's granting of the chip card Certificate; at least one note key (KSICVASC), note the data removed from the transfer storage area; 72 (Please read the precautions on the back before filling out this page) See the order --------- line. This paper Standards are applicable to Chinese National Standard (CNS) A4 specifications (210 X 297 mm) 491980 2497pif2 · doc / 〇〇2 A8 B8 C8 D8 Printed by the Consumer Cooperatives of the Intellectual Property Bureau of the Ministry of Economic Affairs 6. Applying for a patent scope (Kgkdec), generating a special key for the terminal and application as a verification procedure for entering the transfer storage area and / or verification of the invalidity of valuable data; a PIN that is correctly authenticated by the cardholder to a transaction program; the system Key (Kso) 'Recognize the date key (KAUT)' Note The key (KSIG VASC) and the key generated by the key (KGKDEC) are the keys to the chip card or specifically to the data structure (DF_VAS); and the space The structure (VAS application) includes at least one of the following characteristics: at least one value storage area (EF_VALUE) for storing valuable data; at least one internal storage area (EF_INTERNAL) for storing internal data about the space structure; at least one information storage (EF_INFO) for the storage of non-internal data about the space structure; One-key storage area (EFJCEY), which stores at least one key (Kw, KRVASP) to provide the write to or from the price storage area and / or the internal storage area and / or The information storage area retrieves the security of the information and the chip card further includes: a device that writes or retrieves the information from the internal storage area of the price storage area or the information storage area, and the loading device includes: at least one system The key is written to a device in the key storage area under the key protection. 6 · As for the chip card described in the second item of the patent application scope, the space structure includes at least one of the following components: A ^ key (KLVASP) is used to write the Phai space structure data to verify the correctness, 73 (Please read the Please fill in this page again) 0 Order --------- Line-I Paper size applies Chinese National Standard (CNS) A4 (210 X 297 mm) 491980 2497pif2.d〇c / 〇〇2 Shenjing Patent Range One Key (KL VASP) is used to retrieve the spatial structure data for inspection. 7 · As described in the patent application scope item No.2, the temperature is below 4 °, which is stored in the key storage area. The key system is specifically for the space structure, and at least one space structure (VAS application) is protected by at least ~ (KLVASP 'KRVASP), wherein the key is specifically for the space structure (VAS application) and for other space structures. % ^ (Programmatic) keys are independent. 8. As for the chip card described in item 2 of the scope of patent application, the multiple spatial structures can be used as the transaction between ~ special service providers, and the transaction includes the individual transfer of data from the transaction. Range writing and / or fetching and / or individually writing from this price storage area. / 9 · The chip card described in item 2 of the scope of patent application, further includes the following features = an individual space structure (VAS application program) and a device for a space structure to conduct transactions with a service provider. 8.10. The chip card described in item 2 of the scope of the patent application. Among the characteristics of the chip card, the ghai system key (Kso) is only known to the operator of the Hai system (SQ) and is a separate chip. Card and / or a key specific to a data structure (VAS teller machine), and the key in the defined data set is also individual to the chip card or key specific to the data structure (VAS teller machine). 11 · As for the chip card described in item 2 of the scope of patent application, the definition data 74 This paper size is applicable to the Chinese National Standard (CNS) A4 specification (210 X 297 mm) (Please read the note on the back? Matters before filling (This page) Order --------- line. Printed by the Consumer Cooperative of the Intellectual Property Bureau of the Ministry of Economic Affairs 491980 Printed by the Consumer Cooperative of the Intellectual Property Bureau of the Ministry of Economic Affairs 2 4 97pif2. Doc / 002 The enclosing group contains one or more of the following components: an authentication number (ef_id) that specializes the data structure; a space structure directory included in the data structure, which contains the data structure (VAS teller machine) loaded in the space Part of the structure (VAS application program) special authentication number and part of the data structure information including the storage space structure; and a version number of the data structure (EF_VERSION). 12. A chip card as described in item 2 of the patent application scope, including at least one of the following features: a device that executes a take-out procedure ("take-out"), whereby data can be taken out and / or prices removed from the transfer storage area; A device that generates one or more of the data authentication characteristics from the storage transfer storage area. 13. The chip card as described in item 12 of the scope of patent application, the chip card generating the authentication characteristics includes the following characteristics: a * note key (KSIC_VASC), generating a ^ digital note taken out of the data; generating the digital note A device that is used to generate a transaction with the transaction number. 14. The chip card described in item 13 of the scope of the patent application, the annotation key (KSI () _ VASC) is a ^ private key 'generated from a ^ private key generated key' and checked by the service provider to use the public key Note: 15. The chip card as described in item 14 of the scope of patent application, which contains at least one of the following components: The key generation key (kgkdec) generates a terminal and a local special structure key. 75 This paper size applies to the Chinese National Standard (CNS) A4 specification (210 X 297 mm) (Please read the note on the back? Matters before filling out this page) -------- Order ---- I I --- · 2497pif2.doc / 〇〇2 A8 B8 C8 D8 A device printed by the Consumer Cooperatives of the Intellectual Property Bureau of the Ministry of Economic Affairs for the application of the patent scope (KDEC); = Mind the following-a device that can be easily protected by the positive and negative test of the lion axis: X 乂 The terminal and local special structure Key (KM.), The at least one authentication key (κΑυτ), the at least one system key (KSQ), the test lacks a local special structure key (KtVASP, KRVASP), the note key (Ksm_VAse), the PIN, a space The certification of the structure and the certification of a terminal. The chip card according to item 5, the chip card includes at least one of the following components: before the data is retrieved or written into the program, the authentication key is used as a device for the sovereignty and / or the terminal authentication, and a digital An annotation and / or key formatting protects a device that performs data retrieval or writing procedures. &Gt; Π · The chip card as described in item 16 of the patent application scope, which chip card further includes at least one of the following components: enabled Or slow down a device protected by the PIN, change a device of the PIN. 18 · As described in the application of the SR patent 轺 Waidi 2 chip card, the data structure is independent of the chip card receiving station and the chip card is more packaged栝: 76 paper sizes of this data structure or part of the data structure transferred to another chip card are applicable to China National Standard (CNS) A4 specifications (210 x 297 mm) ----------- -.-- Aw -------- Order --------- line (please read the notes on the back before filling this page) 491980 A8 B8 C8 D8 2497pif2.doc / 002 VI.Application Patent scope a device. (Please read the precautions on the back before filling this page) 19 · As any of the above applications The chip card described in the patent scope has the following characteristics: A storage area in which data is written or retrieved from the storage area, the storage area does not belong to a service provider, and is a currency unit between different service providers / or Valuable data transfer granted on behalf of non-money. 20. A terminal using a chip card 'uses one of the chip cards described in item 2 of the patent application scope. The terminal features include: authentication of the data structure of the chip card (VAS teller machine) ) And a device that proves the characteristics of the data structure (the identity of the container); and further includes one of the following characteristics: the data is taken from at least one of the spatial structure and / or the defined data set and / or the chip card transfer storage area A device; a device that writes data to the transfer storage area of the chip card; a device that loads the data required for the transaction into at least one of the chip cards (the VAS application program). 21. The terminal as described in item 20 of the scope of patent application, including at least one of the following components: A device printed by the Consumer Cooperative of the Intellectual Property Bureau of the Ministry of Economic Affairs to conduct a transaction between a service provider and the cardholder. The process includes at least one of the following steps: writing the data into the price storage area, writing the data into the transfer storage area, removing or removing the data from the transfer storage area, retrieving the data from the space structure, 77 papers Standards are applicable to China National Standard (CNS) A4 specifications (210 X 297 mm) 491980 2497pif2.doc / 002 A8 B8 C8 D8-\ 71- The scope of patents printed by employees' consumer cooperatives of the Intellectual Property Bureau of the Ministry of Economic Affairs is taken from this transfer storage area Back to the data. 22. The terminal set described in item 21 of the scope of patent application, further comprising the following features: A device that uses at least one of the following characteristics to verify the correctness of the transaction and / or protect the security of the transaction: a terminal and a local special structure key (KDEC) 'At least one authentication key (KAUT), used individually for the chip card or specifically for the data structure (DF_VAS), at least one system key (Ks.), Used individually for the chip card or special data structure (DF —VAS), at least one spatial structure special key (KLVASP, KRVASP), at least one note key (KSICVASC), used individually for the chip card or specifically used for the data structure (DE_VAS), a PIN, used individually for the chip card Or specifically used for the data structure (DE_VAS), an application-specific feature of a spatial structure, and a terminal-specific feature of a terminal. 23. The terminal as described in claim 22, wherein the device for writing data to the transfer storage area includes: using a terminal and a special key of the spatial structure to compile the data to verify the write authorization. Device. 24. The terminal described in item 20 of the scope of patent application, further includes the following features: The process of taking data from the transfer storage area and using it to transfer from the transfer storage 78 (Please read the precautions on the back before filling this page) # Order --------- line. This paper size applies to China National Standard (CNS) A4 (210 X 297 mm) 2497pif2-cioc / 〇〇2 Α8 Β8 C8 D8 Intellectual Property Bureau of the Ministry of Economic Affairs employee consumption The cooperative prints a device that retrieves data and / or cancels the data in the patent application storage area. 25. The terminal described in item 24 of the scope of the patent application, the following-components are reduced: It also includes a method that describes the characteristics of the transferred storage area data as being removed, and a method that describes the characteristics of the transferred storage area data as terminated . 26. The terminal as described in item 20 of the scope of patent application, wherein the device used to execute the transaction includes at least one of the following components: a device that changes the valuable data in the space structure; A device that conducts transactions (interactive services) that differ from the service provider. 27. The terminal as described in claim 20 of the scope of patent application, further comprising the following features: a terminal using at least one of the following authentication keys related to the chip card and / or a device related to the chip card sovereignty authentication of the terminal; using A device that the PIN protects the transaction from being secure by the cardholder; a device that enables and slows down the protection of the PIN. 28. The terminal as described in item 20 of the scope of patent application, further comprising at least one of the following components: a device that transfers the special features of the terminal to the chip card; a device that transfers the special features of the space structure to a chip card A device that uses the terminal and the special keys of the spatial structure and the special characteristics of the terminal and the spatial structure for correctness verification; a device that performs data retrieval or write protection by the digital annotation and / or decoding protection; Device. 79 This paper size applies to China National Standard (CNS) A4 (210 X 297 mm) J "— 一 —-------- ^ --------- ^. Γ% Read the back first Please fill out this page again) 491980 2497pif2 · d〇c / 002 A8 B8 C8 D8 Six employees of the Intellectual Property Bureau of the Ministry of Economic Affairs printed a patent application scope 29. For the terminal described in item 20 of the scope of patent application, more It includes at least one of the following components: selecting a device of the spatial structure (VAS application program); viewing a device of the spatial structure of the terminal; a device viewing the spatial structure of the terminal; a device of viewing the spatial structure of the terminal; Application) Load one chip of the chip card into one device, load the features of the space structure into a device of the chip card; Replace one device of another space structure with a space structure; Transfer a space structure to another chip card A device; a device that translates a spatial structure and retrieves or views stored information based on functions and related service providers. 3 0. — a method of conducting transactions between a cardholder and at least one service provider, contain Using a chip card and a terminal, the procedure includes one of the following steps: providing a data structure stored in the chip card, so that the data of the chip card application that is not part of a service provider can be loaded into the chip card Chip to enable the transaction performance of the cardholder and a service terminal; write or read data from the data structure (VAS application program); supply a transfer storage area (ef_transfer) to store the exchange during the transaction Or display monetary units or grant data on behalf of non-money; and write the data into the transfer storage area for retrieval. 31. The method described in item 30 of the scope of patent application, including at least one of the following steps: 80 degree standard (CNS) A4 Specifications (210 X 297 mm) --------------------- Order --------- ^ w___w. (Please read the precautions on the back before (Fill in this page) 491980 2497pif2.doc / 002 A8 B8 C8 D8 VI. Apply for a patent Use one of the chip cards described in the first patent application scope; Use one of the terminals described in the patent application scope 20; Write or From at least one spatial structure (VAS Retrieve data using the price storage area or internal storage area or information storage area of the program. 32. The method described in item 31 of the scope of patent application, further includes at least the following steps: Use at least one key as the terminal and Authentication of chip card sovereignty; transaction protection using the digital annotation and / or at least one key code. 33. — A method of loading data into a chip card using a terminal, including at least one of the following steps: Loading data The space structure of the chip card (VAS application program); writing data into the defined data set of the chip card, the procedure includes at least one of the following steps: using one of the chip cards described in the first patent application scope; using Apply for one of the terminals described in item 20 of the patent scope. 34. — A system for conducting transactions, with the chip card described in item 1 of the scope of patent application and the terminal described in item 20 of the scope of patent application as its features * ------- ^ ---- ---- Order --------- line (please read the precautions on the back before filling this page) Printed by the Intellectual Property Bureau Staff Consumer Cooperatives of the Ministry of Economic Affairs This paper applies the Chinese National Standard (CNS) A4 specification (210 X 297 mm)