WO1998039743A2 - Verfahren zur durchführung von veränderungen in berechtigungsdatensätzen - Google Patents
Verfahren zur durchführung von veränderungen in berechtigungsdatensätzen Download PDFInfo
- Publication number
- WO1998039743A2 WO1998039743A2 PCT/EP1998/001270 EP9801270W WO9839743A2 WO 1998039743 A2 WO1998039743 A2 WO 1998039743A2 EP 9801270 W EP9801270 W EP 9801270W WO 9839743 A2 WO9839743 A2 WO 9839743A2
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- data
- authorization
- security module
- authorization data
- terminal
- Prior art date
Links
- 238000013475 authorization Methods 0.000 title claims abstract description 45
- 238000000034 method Methods 0.000 title claims abstract description 13
- 238000012986 modification Methods 0.000 title abstract 2
- 230000004048 modification Effects 0.000 title abstract 2
- 239000000969 carrier Substances 0.000 claims abstract description 3
- 238000010586 diagram Methods 0.000 description 1
- 230000000717 retained effect Effects 0.000 description 1
- 230000009182 swimming Effects 0.000 description 1
- 238000010200 validation analysis Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/10—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
- G07F7/1008—Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/341—Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/355—Personalisation of cards for use
- G06Q20/3552—Downloading or loading of personalisation data
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/36—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes
- G06Q20/363—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes with the personal data of a user
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/409—Device specific authentication in transaction processing
- G06Q20/4097—Device specific authentication in transaction processing using mutual authentication between devices and transaction partners
- G06Q20/40975—Device specific authentication in transaction processing using mutual authentication between devices and transaction partners using encryption therefor
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/0866—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means by active credit-cards adapted therefor
Definitions
- the invention relates to a method for carrying out changes in authorization data records which are stored on data carriers, in particular on chip cards, the data carrier being connected to a terminal and a security module for exchanging data.
- Permissions are often acquired in daily life and are documented on paper. Examples of this are the authorization to use means of transport in the form of tickets and season tickets, the use of parking spaces in the form of parking tickets. In this context, tickets for cultural or sporting events, swimming pools, museums and other facilities should also be mentioned. In most cases, such a receipt is only used for control purposes and is discarded by the customer after use. Some of these documents are so small that they can easily be lost. On some occasions, for example when traveling, various receipts are carried so that the search for the correct receipt can be difficult when checking.
- authorization data records are stored within the memory architecture of chip cards in the variable memory area, for example the EEPROM area.
- the memory areas are processed or managed using the chip card operating system.
- Corresponding specifications are part of international standardization (CEN prEN 726-3, ISO 7816-4). In accordance with this standard, a data record that characterizes authorizations would - in the following
- access conditions are set for the entire EF, but not for individual data fields.
- the access conditions regulate the security-related conditions under which the EF can be accessed.
- the operating system of the chip card monitors compliance with the access conditions, i.e. if changes are made to an authorization data record, they can be made at any point in the Authorization data contained EF can be made.
- this possibility is not necessary and, on the other hand, it is questionable in terms of safety. In most cases, an entry in a validation field or a change in a text field is sufficient. A corresponding limitation of the change options is not provided for in the standardization.
- defining different access conditions for individual data fields would require a considerable increase in storage space.
- the invention has for its object to provide a method that allows secure changes to authorizations.
- the known storage space or security architecture should preferably be retained.
- Authorization data record is transmitted to the data carrier in cryptographically secured form and that the changed authorization data record is stored in the data carrier after checking the authenticity.
- the possibility of changing not only can be restricted to one or more data fields within the respective authorization data record, but the type of change can also be restricted.
- FIG. 1 shows the structure of an EF, namely a data field EF_BER provided for the storage of authorizations,
- FIG. 2 shows the structure of an authorization data record within the EF shown in FIG. 1,
- Fig. 3 is a schematic representation of a terminal with a security module and a smart card and
- Fig. 4 is a schematic representation of the processes when changing an authorization record.
- the structure of an EF_BER is shown in table form in FIG. 1.
- the EF_BER initially contains an identifier at 1, which identifies this file as EF_BER.
- the access conditions for reading, writing, deleting, etc. are then stored.
- the actual data content consists of data records which represent authorizations 1 to n.
- a first data record for authorization 1 requires bytes 1-X
- a second data record for authorization 2 requires bytes XY etc.
- FIG. 2 several data fields are provided, of which only four data fields are explained by way of example.
- data fields A and B are created for X bytes each, which are coded in any way (xx) and contain, for example, names for the type of authorization.
- the type of multiple use is stored in binary form in a further data field with a length of one byte.
- a code field with a length of three bytes is also in binary stored information in the data record.
- the block diagram according to FIG. 3 comprises a terminal 31, which contains a processor 32, a security module 33 and a card writing and reading device 34. Furthermore, a keyboard 35 is provided for inputs by a user, if necessary.
- the security module 33 is designed such that data and program changes and reading programs and data are not possible.
- the individual modules of the terminal 31 are connected to one another by data lines 36.
- a chip card 37 can be inserted into the writing and reading device 34.
- FIG. 4 shows the data exchange between the terminal and the security module on the one hand and the chip card on the other. Since it is not necessary to constantly distinguish between the terminal and the security module to explain the invention, these have been summarized in FIG. 4. In the case of processes in which processing of data in the security module is important for the invention, this is pointed out in connection with FIG. 4.
- the commands Select EF_INFO and Read EF_INFO are sent from the terminal to the chip card.
- This turns data out read the chip card, which are stored at 42 in the terminal or in the security module.
- the card-specific key is calculated using the data and the system key stored in the security module. With this key, cryptograms of the chip card are recalculated or checked for authenticity.
- the terminal then sends the commands Select EF_BER and Read EF_BER with the addition secure.
- the authorization data record is then read from the memory in the chip card and transmitted to the terminal in unencrypted form together with a MAC (Message Authentication Code), which is calculated in the chip card via the authorization data record BER.
- the security module then also calculates a MAC at 44 from the transmitted authorization data record and compares this at 45 with the MAC transmitted by the chip card.
- the authorization data record is changed by the terminal via the security module at 46, for example one of several multiple authorizations is deleted.
- the changed authorization data record BER ' is transmitted together with a MAC' formed from BER 'and the card-specific key and with the Write EF_BER secure command to the chip card, whereupon the transmitted changed authorization data record BER' is checked in the chip card at 47 by recalculating the MAC 'and at 48 is saved. Then there is a feedback "O.K.” to the terminal.
Landscapes
- Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Accounting & Taxation (AREA)
- General Business, Economics & Management (AREA)
- Theoretical Computer Science (AREA)
- Strategic Management (AREA)
- Computer Networks & Wireless Communication (AREA)
- Microelectronics & Electronic Packaging (AREA)
- Finance (AREA)
- Computer Security & Cryptography (AREA)
- Storage Device Security (AREA)
- Electrophonic Musical Instruments (AREA)
- Signal Processing For Digital Recording And Reproducing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Priority Applications (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP98914870A EP0970446A2 (de) | 1997-03-06 | 1998-03-05 | Verfahren zur durchführung von veränderungen in berechtigungsdatensätzen |
HU0001506A HUP0001506A3 (en) | 1997-03-06 | 1998-03-05 | Method for carrying out modifications in authorization data sets |
NO19994236A NO326478B1 (no) | 1997-03-06 | 1999-09-01 | Fremgangsmate til gjennomforing av endringer i autorisasjonsdataopptegnelser |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
DE19709275 | 1997-03-06 | ||
DE19709275.6 | 1997-03-06 |
Publications (2)
Publication Number | Publication Date |
---|---|
WO1998039743A2 true WO1998039743A2 (de) | 1998-09-11 |
WO1998039743A3 WO1998039743A3 (de) | 1999-01-21 |
Family
ID=7822498
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/EP1998/001270 WO1998039743A2 (de) | 1997-03-06 | 1998-03-05 | Verfahren zur durchführung von veränderungen in berechtigungsdatensätzen |
Country Status (4)
Country | Link |
---|---|
EP (1) | EP0970446A2 (no) |
HU (1) | HUP0001506A3 (no) |
NO (1) | NO326478B1 (no) |
WO (1) | WO1998039743A2 (no) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2002069290A2 (en) * | 2000-10-23 | 2002-09-06 | Works Operating Company | Dynamic payment cards and related management systems and associated methods |
WO2004079672A1 (fr) * | 2003-03-03 | 2004-09-16 | Nagracard Sa | Procédé de désactivation et de réactivation de modules de sécurité |
US7319986B2 (en) | 1999-09-28 | 2008-01-15 | Bank Of America Corporation | Dynamic payment cards and related management systems and associated methods |
US7895119B2 (en) | 2003-05-13 | 2011-02-22 | Bank Of America Corporation | Method and system for pushing credit payments as buyer initiated transactions |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP2237832B1 (en) | 2008-01-25 | 2017-01-04 | Virender K. Sharma | Implantable stimulator for treating obesity including an anchoring unit |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP0713188A2 (de) | 1994-11-18 | 1996-05-22 | Deutsche Telekom AG | Verfahren und Chipkarte zum Dokumentieren einer erworbenen Berechtigung |
DE19522050A1 (de) | 1995-06-17 | 1996-12-19 | Uestra Hannoversche Verkehrsbe | Speicherkarte |
Family Cites Families (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2698588B2 (ja) * | 1987-11-13 | 1998-01-19 | 株式会社東芝 | 携帯可能電子装置 |
DE4119924C3 (de) * | 1991-06-17 | 1996-06-20 | Siemens Ag | Verfahren zur Sicherung von ladbaren Guthaben in Chipkarten |
GB2267626A (en) * | 1992-05-12 | 1993-12-08 | Westinghouse Cubic Limited | Ticket |
FR2697929B1 (fr) * | 1992-11-10 | 1995-01-13 | Innovatron Sa | Protocole sécurisé d'échange de données entre un dispositif de transfert et un objet portatif. |
FR2704081B1 (fr) * | 1993-04-16 | 1995-05-19 | France Telecom | Procédé de mise à jour d'une carte à mémoire et carte à mémoire pour la mise en Óoeuvre de ce procédé. |
-
1998
- 1998-03-05 HU HU0001506A patent/HUP0001506A3/hu unknown
- 1998-03-05 EP EP98914870A patent/EP0970446A2/de not_active Ceased
- 1998-03-05 WO PCT/EP1998/001270 patent/WO1998039743A2/de active Application Filing
-
1999
- 1999-09-01 NO NO19994236A patent/NO326478B1/no not_active IP Right Cessation
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP0713188A2 (de) | 1994-11-18 | 1996-05-22 | Deutsche Telekom AG | Verfahren und Chipkarte zum Dokumentieren einer erworbenen Berechtigung |
DE19522050A1 (de) | 1995-06-17 | 1996-12-19 | Uestra Hannoversche Verkehrsbe | Speicherkarte |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7319986B2 (en) | 1999-09-28 | 2008-01-15 | Bank Of America Corporation | Dynamic payment cards and related management systems and associated methods |
WO2002069290A2 (en) * | 2000-10-23 | 2002-09-06 | Works Operating Company | Dynamic payment cards and related management systems and associated methods |
WO2002069290A3 (en) * | 2000-10-23 | 2003-02-06 | Works Operating Company | Dynamic payment cards and related management systems and associated methods |
WO2004079672A1 (fr) * | 2003-03-03 | 2004-09-16 | Nagracard Sa | Procédé de désactivation et de réactivation de modules de sécurité |
CN100350799C (zh) * | 2003-03-03 | 2007-11-21 | 纳格拉卡德股份有限公司 | 解除与再激活安全模块的方法 |
US7890770B2 (en) | 2003-03-03 | 2011-02-15 | Nagravision S.A. | Method for deactivating and reactivating security modules |
US7895119B2 (en) | 2003-05-13 | 2011-02-22 | Bank Of America Corporation | Method and system for pushing credit payments as buyer initiated transactions |
Also Published As
Publication number | Publication date |
---|---|
HUP0001506A3 (en) | 2001-01-29 |
EP0970446A2 (de) | 2000-01-12 |
NO994236D0 (no) | 1999-09-01 |
HUP0001506A2 (hu) | 2000-09-28 |
NO326478B1 (no) | 2008-12-15 |
WO1998039743A3 (de) | 1999-01-21 |
NO994236L (no) | 1999-10-29 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
DE3811378C3 (de) | Informationsaufzeichnungssystem | |
EP0355372B1 (de) | Datenträger-gesteuertes Endgerät in einem Datenaustauschsystem | |
DE69320900T3 (de) | IC-Karte mit hierarchischer Dateienstruktur | |
DE69730712T2 (de) | Kommunikationssystem mit gesicherter, unabhängiger verwaltung mehrerer anwendungen pro gebraucherkarte, gebraucherkarte und verwaltungsverfahren dafür | |
DE69823649T2 (de) | Multi-anwendungs ic-kartensystem | |
DE69927643T2 (de) | Informationsverarbeitung und Datenspeicherung | |
EP0805607B1 (de) | Verfahren zum Zugriff auf zumindest einen Teil der Daten einer Mikroprozessorkarte | |
DE19839847A1 (de) | Speichern von Datenobjekten im Speicher einer Chipkarte | |
DE3103514A1 (de) | Verfahren und vorrichtung zum steuern einer gesicherten transaktion | |
WO2000074001A1 (de) | Einrichtungen und verfahren zur biometrischen authentisierung | |
EP0811204B1 (de) | Verarbeitung langer nachrichten in einer chipkarte | |
EP0920684B1 (de) | Chipkarte mit personalisierungsspeicher und verfahren zum ein- und ausgeben von daten | |
DE3636703A1 (de) | Tragbare elektronische vorrichtung | |
WO1998039743A2 (de) | Verfahren zur durchführung von veränderungen in berechtigungsdatensätzen | |
EP1185960A2 (de) | Verfahren und vorrichtung zum abspeichern und wiederauffinden von pin-codes | |
EP0713188A2 (de) | Verfahren und Chipkarte zum Dokumentieren einer erworbenen Berechtigung | |
DE19626339A1 (de) | Sicheres Laden von Anwendungen und Daten auf Chipkarten | |
EP0724343A2 (de) | Vorrichtung zum Nachweis einer Manipulation an übertragenen Daten | |
DE19716015A1 (de) | Einbringen von Information auf einer Chipkarte | |
EP2093720A2 (de) | Terminal für Chipkarten | |
EP0970449B1 (de) | Tragbarer datenträger und verfahren zu dessen kryptographisch gesicherten benutzung mit austauschbaren kryptographischen schlüsseln | |
EP0203543B1 (de) | Verfahren und Anordnung zum Überprüfen von Chipkarten | |
DE69738548T2 (de) | Dynamisches dateninterpretationsverfahren für eine chipkarte | |
DE60213375T2 (de) | Kontaktloses elektronisches Identifizierungssystem | |
EP1008966A2 (de) | Datenaustauschsystem |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A2 Designated state(s): HU NO |
|
AL | Designated countries for regional patents |
Kind code of ref document: A2 Designated state(s): AT BE CH DE DK ES FI FR GB GR IE IT LU MC NL PT SE |
|
DFPE | Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101) | ||
WWE | Wipo information: entry into national phase |
Ref document number: 1998914870 Country of ref document: EP |
|
AK | Designated states |
Kind code of ref document: A3 Designated state(s): HU NO |
|
AL | Designated countries for regional patents |
Kind code of ref document: A3 Designated state(s): AT BE CH DE DK ES FI FR GB GR IE IT LU MC NL PT SE |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
WWP | Wipo information: published in national office |
Ref document number: 1998914870 Country of ref document: EP |