WO2005121973A1 - Data storage method and system - Google Patents
Data storage method and system Download PDFInfo
- Publication number
- WO2005121973A1 WO2005121973A1 PCT/IB2005/051840 IB2005051840W WO2005121973A1 WO 2005121973 A1 WO2005121973 A1 WO 2005121973A1 IB 2005051840 W IB2005051840 W IB 2005051840W WO 2005121973 A1 WO2005121973 A1 WO 2005121973A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- data
- signature
- token
- coupon
- terminal
- Prior art date
Links
- 238000013500 data storage Methods 0.000 title claims abstract description 9
- 238000000034 method Methods 0.000 title claims description 38
- 230000001172 regenerating effect Effects 0.000 claims abstract description 9
- 238000007726 management method Methods 0.000 claims description 7
- 238000013475 authorization Methods 0.000 claims description 5
- 230000008569 process Effects 0.000 description 5
- 238000013478 data encryption standard Methods 0.000 description 3
- 238000009795 derivation Methods 0.000 description 3
- 230000006870 function Effects 0.000 description 3
- 238000004458 analytical method Methods 0.000 description 2
- 230000008520 organization Effects 0.000 description 2
- 238000013459 approach Methods 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 230000001010 compromised effect Effects 0.000 description 1
- 230000003247 decreasing effect Effects 0.000 description 1
- 239000000835 fiber Substances 0.000 description 1
- 239000004973 liquid crystal related substance Substances 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000002093 peripheral effect Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 230000008929 regeneration Effects 0.000 description 1
- 238000011069 regeneration method Methods 0.000 description 1
- 238000009877 rendering Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3825—Use of electronic signatures
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/0866—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means by active credit-cards adapted therefor
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/04—Payment circuits
- G06Q20/045—Payment circuits using payment protocols involving tickets
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q30/00—Commerce
- G06Q30/02—Marketing; Price estimation or determination; Fundraising
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/12—Card verification
Definitions
- the present invention relates generally to a data storage method and system, of particular but by no means exclusive application in a transaction system for managing entitlements, such as reward entitlements in a loyalty or similar system.
- the background art includes transaction systems that employ smart cards (i.e. cards with an IC chip) for storing data in a portable manner.
- Smart cards are advantageous in such transactions systems as they can store data in a secure manner; this makes them suitable for storing monetary value, such as in the form of "electronic coupons” (or “e- coupons”).
- a suitable electronic terminal is used to read, validate and mark (or “clip") the e-coupons when they are redeemed for the benefits associated with them.
- Such a system is typically made secure by employing cryptographic keys stored on the smart card and/or in the terminals. These keys are used by the smart cards and the smart card terminals to authenticate each other; the smart card gives the terminal access to the e-coupon(s) on the smart card only if this authentication is successfully performed.
- the present invention in a first aspect provides, therefore, a data storage system comprising:
- said data terminal includes a first module for generating a digital signature from at least some of said data and for writing said data and said signature to said token, and a second module for reading said data and said signature from said token, for regenerating said signature from at least some of said data in the same manner as said first module, and for comparing said signature read from said token with said regenerated signature to determine whether said signature is authentic.
- the signature is generated from at least some of the data, so - in some of em- bodiments - it may be generated from all the data, in others from a subset of the data, and in still other embodiments from a combination of some or all of the data and other data.
- the data includes token identification data.
- the data terminal is operable to read said token identification data from said token rather than from said data, and to perform said regenerating of said signature on the basis of said token identification data so read.
- the system can detect whether the signature has been generated from the token on which the signature is stored, or - if not - has been generated on some other token and copied to the immediate token.
- the terminal may comprise a terminal housing with token reader, and a processor located remotely from the housing but in electronic communication therewith.
- the first and second modules may be located with the processor.
- the signature may be in the form of a message authentication code, and that code may be generated by means of a cryptographic key.
- the data terminal system is configured to write the data and the signature to the token as a record that can be read by one or more other data terminals without prior authorization of such other data terminals.
- the first and second modules may be provided as a single module (particularly since the signature generation and regeneration are performed in the same manner).
- the data storage system is an entitlement management system, wherein said token is one of a plurality of customer cards (such as smart cards), and said data terminal is one of a plurality of transaction terminals.
- a transaction terminal may be in the form of, for example, a credit card payment terminal, a personal computer, a personal digital assistant, a set-top box, or a mobile handset, where necessary provided with a suitable token reading peripheral device and software.
- the data in such embodiments may be in the form of an electronic coupon.
- the present invention in a second aspect provides a method of storing data comprising:
- the data includes token identification data
- the method includes generating the signature from the data including at least the token identification data.
- the method includes reading the token identification data from the token (rather than from said data), and performing said regenerating of the signature on the basis of the token identification data so read from the token.
- the signature may be generated from any desired subset of the data but - in this embodiment - that subset includes the token identification data.
- the method may include generating said signature in the form of a message authentication code, possibly by means of a cryptographic key.
- the method in one embodiment includes writing the data and the signature to the token as a record that can be read by other data terminals without authorization.
- the method is used to store data in an entitlement management system, wherein said token is one of a plurality of customer cards.
- the data in such embodiments may be in the form of an electronic coupon.
- the data may constitute a data record that is one of a plurality of such data records.
- the user token may then include software for automatically assigning a progressively incremented counter to each of these data records, so that each of the records is associated with a counter number that is assigned by this software.
- the terminal would preferably have no control over the counter value.
- the signature for each data record is a function of the counter. It should be understood that, while the counter is described as "incremented”, this term is meant in the broadest sense and not merely to suggest that the counter's value is increased by one each time. For example, the counter may be increased by some other value each time or, indeed, decreased or otherwise progressiv ely altered each time, provided that a unique value is assigned to each data record so that such duplication can be detected.
- the data storage system of the invention comprises an entitlement management system, or the method of the invention is used to store data in an en- titlement management system, and the data is in the form of an electronic coupon
- a valid coupon may be redeemed and its value offset against the price of immediate purchase. Indeed, in some embodiments the redeemed electronic coupon may have been generated on the basis of that immediate purchase.
- Figure 1 is a schematic view of a transaction system according to an embodiment of the invention.
- Figure 2 is a schematic view of a point-of-sale terminal and a customer card of the system of figure 1 ;
- Figure 3 is a schematic depiction of the Message Authentication Code generation procedure of the system of figure 1.
- a transaction system shown schematically at 100 in figure 1.
- the system 100 includes a transaction server 102 and a plurality of point-of-sale (“POS") transaction terminals 104; the POS terminals communicate with the server by means of a public computer network, in the form of the internet 106.
- POS point-of-sale
- the system 100 also includes user tokens in the form of customer smart cards (not shown in this view); these are issued to respective customers so that those customers can access and therefore use the system 100.
- FIG. 2 is a schematic view 200 of a representative POS terminal 104 and a customer card 202.
- the POS terminal 104 includes a digital processor 204 and, connected thereto, non-volatile memory 206 and random-access memory 208.
- the POS terminal 104 also includes a keypad 210, a receipt printer 212, a display unit in the form of a liquid crystal display 214, and a card acceptor 216.
- the card acceptor 216 is providing for reading from and writing to the customer cards 202, and conform to International Standards 7816 Parts 1 to 3 (such as those found on Electronic Draft Capture terminals used in credit card payment systems conforming to the Europay- Mastercard-Visa or EMV standard specifications).
- Each customer card 202 includes an integrated circuit chip 218 comprising a digital processor 220 and, connected thereto, read-only memory 222 containing software (for performing a number of functions) in the chip 218, random-access memory 224, nonvolatile memory 226 (which can be freely accessed) and an input/output interface 228.
- the input/output interface 228 is configured to communicate with the card acceptor 216 of the POS terminal 104.
- Each customer card 202 includes a file stored in non-volatile memory 226 and referred to as the "coupon file", which can be accessed without initial mutual authentication; this allows any POS terminal 104 to read and modify data in the Coupon File without employing any cryptographic or other key.
- Each customer card 202 also contains a card identifier, being card identification information that - in this embodiment - comprises a card number. This card number is readable by the POS terminals.
- the POS terminals are provided in their non- volatile memory 206 with software (referred to as “issuing” and “redemption” modules) so that the terminals 104 can both write e-coupon records to the coupon files and allow the redemption of such e-coupons.
- the e-coupon includes e-coupon data and a digital signature in the form of such a Message Authentication Code (MAC).
- the e-coupon data comprises a card identifier, a coupon identifier, validity dates (i.e. a date or dates defining the period during which the e-coupon is valid), the value of the e-coupon, the terminal identity number of the terminal that generated the coupon, and the date and time the e-coupon was issued or generated.
- the MAC is generated according to ANSI 9.9 standard specification, using cryptographic key known only to the issuer of the e-coupon.
- the card identifier is that of the card to which the e-coupon was originally issued and thus, in this embodiment, comprises a card number that is unique to that card.
- the coupon identifier comprises data indicative of or information about the marketing campaign under which the coup on was issued (e.g. a campaign identifier), the merchants or service providers to whom the coupon is applicable, a serial number, or any combination of these.
- the e-coupon data is used, together with a cryptographic key, to generate the MAC for the e-coupon.
- the MAC is a signature that is derived from the e-coupon data itself and, because that data includes the original card number, is tied to the particular customer card to which it was originally issued.
- FIG. 3 is a schematic depiction of the MAC generation procedure 300.
- this procedure employs an initial vector IV that is kept as a secret so that the resulting data block to be encrypted in the derivation of the MAC is unknown; this is essential to the security of the algorithm.
- the procedure also uses a cryptographic key (the MAC key).
- the e-coupon data - including the card number - is divided into 8-byte blocks, Data being the first 8-byte block, Data 1-8 the second 8-byte block, and so on. 9-16 J
- the IV may be created by generating a "message digest" of the e-coupon data using commonly used hashing algorithms such as SHA or MD5, and then generating the MAC using the resulting hash as input to the MAC generation procedure described above.
- hashing algorithms such as SHA or MD5
- system 100 is employed by customers either to store e-coupons issued by retailers or other service providers, or to redeem such e-coupons.
- the POS terminal 104 - by means of its issuing software module - generates the e-coupon (including coupon data and MAC), and writes the e-coupon to the coupon file on the customer card 202.
- the MAC is generated as described above and illustrated in figure 3.
- the "value" of the e-coupon may be expressed as, for example, discount entitlement information (e.g. percentage of discount), an absolute monetary value (e.g. $10), or an "electronic ticket” comprising entry permission (such as to a cinema to watch a movie, take a ride on a train or bus, etc.).
- the redemption module of the POS terminal 104 to which the card 202 is presented reads the coupon file, locates an e-coupon valid for the date, place, Coupon Id, etc. of the transaction, and verifies the MAC for the e-coupon by recomputing the MAC using the e-coupon data and the procedure described above. If the redemption module finds that the regenerated MAC is the same as the MAC stored in the coupon file on the customer card 202, the e-coupon is deemed valid and the POS terminal 104 allows the customer to redeem the e-coupon for the benefits encoded in the "value" field of the e- coupon. If the customer does so, the POS terminal 104 removes the redeemed e- coupon from the coupon file.
- the software of the issuing and redemption modules uses the card number of the customer card 202 as recorded in the e-coupon in the derivation of the MAC; this associates the e-coupon with the particular card. Since the card number of each customer card 202 is separately readable from the card by the POS terminal 104, the redemption module can detect when the e-coupon is inconsistent with the card in which it is recorded, that is, has been copied from another card. If this is detected, the redemption module rejects such a copied e-coupon and deletes it from the customer card 202.
- the MAC also allows the receiving POS terminal to check - by determining any such inconsistencies between MAC and regenerated MAC - whether the e-coupons' coupon data has been altered without the proper MAC key; if the MAC is invalid, the POS terminal rejects the e-coupon or e-coupons.
- the issuer of e-coupons need only have a cryptographic key (the MAC key) and the IV -in order to generate MACs, and to provide the MAC key and the IV to merchants and service providers who will ultimately accept the e-coupons for redemption.
- Authentication keys are not required when accessing the coupon files on the customer cards 202, which simplifies the sharing of the customer cards between multiple parties.
- One example of the sharing of cards might be where a large retailer collaborates with a number of banks to issue coupons to holders of the banks' cards; the retailer would subsequently accept the coupons for redemption, either at the same retailer or at other partner retailers. This embodiment would allow the various participants to use customer cards from all the participating banks without first exchanging cryptographic keys for card authentication and access.
- the system 100 can be further enhanced so that coupon records redeemed at the terminal are checked against a list of previously redeemed coupons to prevent cardholders from making copies of the e-coupons and redeeming the coupons multiple times (if the business rules for coupon redemption so prohibit).
- the customer card 202 may also contain further applications, such as a credit card payment application and a loyalty application. Further, the POS terminal 104 is configured to inform the customer or other cardholder of any coupon award being issued in association with a transaction by displaying and/or printing on the receipt printer 212 the relevant messages pertaining to the e-coupon award.
- records of redeemed e-coupons are either deleted from the customer card 202 if they are not required for further analysis or processing, or captured by the POS terminal 104 and transmitted to the server 102 for further analyses and management decision support.
- a customer card 202 is presented at a POS terminal 104 for redemption of an e- coupon typically in connection with the payment for purchase of an item.
- the customer card 202 may, in such circumstances, be a payment card such as a credit card complying with the EMV standard.
- the POS terminal may be programmed to locate, as part of the payment process, an applicable coupon in the nonvolatile memory 226 , mark the coupon as 'redeemed', and then proceed with the payment authorization process based on a nett payment amount that is equal to the sales amount less the value of the redeemed e-coupon.
- the customer card 202 includes software in non-volatile memory 226 for automatically assigning a progressively incremented counter to each of the e-coupons written to the free accessible non-volatile memory 226, so that each of the records is associated with a counter number that is assigned by this software.
- the transaction terminals 104 have no control over the counter value.
- the signature for each e-coupon is a function of the counter. To generate the signature, a transaction terminal 104 first interrogates the non- volatile memory 226 of a customer card 202 to determine the counter number (N) to be associated with the next e-coupon to be written to the non- volatile memory 226, and includes that counter value N in the data used in the derivation of the signature.
- the customer card 202 When the e-coupon is written to the non- volatile memory 226, the customer card 202 automatically assigns N to that record. Thus, if one were to duplicate that e-coupon (having a valid signature) by reading it from and immediately writing it back to the non- volatile memory 226 of a particular customer card 202, the second copy would - when written - be assigned a new counter value N+l. Both would have the same signature, so both would have a signature generated on the basis of the correct card number. However, only the original would have a signature consistent with its counter value. Hence, unless the signature is regenerated using the new counter value N+l before the copy of the e-coupon is written to the non-volatile memory 226, that copy will be rendered invalid.
- each of the terminals 104 may be in the form of a "set- top box", of the type used to access cable and satellite television networks; in this embodiment, the network 106 is in the form of the television network and thus comprises a fibre optic cable network or a satellite network.
- Each of the set-top boxes is equipped with a smart card reader and an issuing module. The issuing module can be installed at the manufacture or sale of the set-top box, or programmed subsequently via the network 106. The set-top box can then be controlled remotely to write e-coupon data and signatures into smart cards. This occurs when a customer, possibly prompted by messages broadcast on the television, inserts his or her smart card into such a set- top box. The smart card loaded with e-coupons and can then be used at merchant outlets equipped with conventional POS terminals that have been loaded with the redemption module for the purpose of redeeming the e-coupons loaded by a set-top box.
Landscapes
- Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Engineering & Computer Science (AREA)
- Accounting & Taxation (AREA)
- Strategic Management (AREA)
- General Business, Economics & Management (AREA)
- Finance (AREA)
- Theoretical Computer Science (AREA)
- Development Economics (AREA)
- Computer Security & Cryptography (AREA)
- Entrepreneurship & Innovation (AREA)
- Game Theory and Decision Science (AREA)
- Economics (AREA)
- Marketing (AREA)
- Cash Registers Or Receiving Machines (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
- Storage Device Security (AREA)
Abstract
A data storage system comprising a user token for storing the data, and a data terminal for reading from and writing to the token. The data terminal includes a first module for generating a digital signature from at least some of the data and for writing the data and the signature to the token, and a second module for reading the data and the signature from the token, for regenerating the signature from at least some of the data in the same manner as the first module, and for comparing the signature read from the token with the regenerated signature to determine whether the signature is authentic.
Description
Description DATA STORAGE METHOD AND SYSTEM
[I] Field of the Present Invention
[2] The present invention relates generally to a data storage method and system, of particular but by no means exclusive application in a transaction system for managing entitlements, such as reward entitlements in a loyalty or similar system.
[3] Background of the Present Invention
[4] The background art includes transaction systems that employ smart cards (i.e. cards with an IC chip) for storing data in a portable manner. Smart cards are advantageous in such transactions systems as they can store data in a secure manner; this makes them suitable for storing monetary value, such as in the form of "electronic coupons" (or "e- coupons"). A suitable electronic terminal is used to read, validate and mark (or "clip") the e-coupons when they are redeemed for the benefits associated with them.
[5] Such a system is typically made secure by employing cryptographic keys stored on the smart card and/or in the terminals. These keys are used by the smart cards and the smart card terminals to authenticate each other; the smart card gives the terminal access to the e-coupon(s) on the smart card only if this authentication is successfully performed.
[6] However, it is cumbersome and costly to manage these cryptographic keys, as in the background art they are stored in each smart card and terminal. This is particularly so when smart cards are shared between organizations, such as where one organization wishes to allow another to access the first organization's smart cards. Sharing of access to the smart cards require sharing of cryptographic secrets and such sharing reduces accountability and increases the risk that the cryptographic secrets will be exposed or otherwise compromised.
[7] Summary of the Invention
[8] The present invention in a first aspect provides, therefore, a data storage system comprising:
[9] a user token for storing said data; and
[10] a data terminal for reading from and writing to said token;
[II] wherein said data terminal includes a first module for generating a digital signature from at least some of said data and for writing said data and said signature to said token, and a second module for reading said data and said signature from said token, for regenerating said signature from at least some of said data in the same manner as said first module, and for comparing said signature read from said token with said regenerated signature to determine whether said signature is authentic.
[12] Thus, the signature is generated from at least some of the data, so - in some of em-
bodiments - it may be generated from all the data, in others from a subset of the data, and in still other embodiments from a combination of some or all of the data and other data.
[13] In one embodiment, the data includes token identification data. In a particular embodiment, the data terminal is operable to read said token identification data from said token rather than from said data, and to perform said regenerating of said signature on the basis of said token identification data so read.
[14] Thus, the system can detect whether the signature has been generated from the token on which the signature is stored, or - if not - has been generated on some other token and copied to the immediate token.
[15] It should be understood that the terminal may comprise a terminal housing with token reader, and a processor located remotely from the housing but in electronic communication therewith. In such embodiments, the first and second modules may be located with the processor.
[16] The signature may be in the form of a message authentication code, and that code may be generated by means of a cryptographic key.
[17] In one embodiment, the data terminal system is configured to write the data and the signature to the token as a record that can be read by one or more other data terminals without prior authorization of such other data terminals.
[18] That is, the record can be read by anyone - the data's integrity is provided, rather, by the use of the digital signature.
[19] The first and second modules may be provided as a single module (particularly since the signature generation and regeneration are performed in the same manner).
[20] In a particular embodiment, the data storage system is an entitlement management system, wherein said token is one of a plurality of customer cards (such as smart cards), and said data terminal is one of a plurality of transaction terminals. A transaction terminal may be in the form of, for example, a credit card payment terminal, a personal computer, a personal digital assistant, a set-top box, or a mobile handset, where necessary provided with a suitable token reading peripheral device and software. Further, the data in such embodiments may be in the form of an electronic coupon.
[21] The present invention in a second aspect provides a method of storing data comprising:
[22] generating a digital signature from at least some of said data;
[23] writing said data and said signature to a user token;
[24] subsequently reading said data and said signature from said token;
[25] regenerating said signature from at least some of said data in the same manner as said generating of said signature; and
[26] comparing said signature read from said token with said regenerated signature to determine whether said signature is authentic.
[27] In one embodiment, the data includes token identification data, and the method includes generating the signature from the data including at least the token identification data. In a particular embodiment, the method includes reading the token identification data from the token (rather than from said data), and performing said regenerating of the signature on the basis of the token identification data so read from the token. By this approach, it is possible to determine whether the data had been altered without a proper signature being generated for the altered data, thus rendering the data invalid.
[28] Thus, the signature may be generated from any desired subset of the data but - in this embodiment - that subset includes the token identification data.
[29] The method may include generating said signature in the form of a message authentication code, possibly by means of a cryptographic key.
[30] The method in one embodiment includes writing the data and the signature to the token as a record that can be read by other data terminals without authorization.
[31] In one embodiment, the method is used to store data in an entitlement management system, wherein said token is one of a plurality of customer cards. The data in such embodiments may be in the form of an electronic coupon.
[32] In the various aspects of the present invention, the data may constitute a data record that is one of a plurality of such data records. The user token may then include software for automatically assigning a progressively incremented counter to each of these data records, so that each of the records is associated with a counter number that is assigned by this software. The terminal would preferably have no control over the counter value. In such embodiments, the signature for each data record is a function of the counter. It should be understood that, while the counter is described as "incremented", this term is meant in the broadest sense and not merely to suggest that the counter's value is increased by one each time. For example, the counter may be increased by some other value each time or, indeed, decreased or otherwise progressiv ely altered each time, provided that a unique value is assigned to each data record so that such duplication can be detected.
[33] Thus, if one copies a data record with a valid signature and adds it back onto the user token as another data record, the copy - although having a signature possibly calculated with the correct card number - would be assigned a new counter value (such as N+l). Hence, unless the signature is regenerated using the new counter value (e.g. N+l) before being written to the user token, the copy will be rendered invalid.
[34] When the data storage system of the invention comprises an entitlement management system, or the method of the invention is used to store data in an en-
titlement management system, and the data is in the form of an electronic coupon, a valid coupon may be redeemed and its value offset against the price of immediate purchase. Indeed, in some embodiments the redeemed electronic coupon may have been generated on the basis of that immediate purchase.
[35] Brief Description of the Drawing
[36] In order that the invention may be more clearly ascertained, an embodiment will now be described, by way of example, with reference to the accompanying drawings, in which:
[37] Figure 1 is a schematic view of a transaction system according to an embodiment of the invention;
[38] Figure 2 is a schematic view of a point-of-sale terminal and a customer card of the system of figure 1 ; and
[39] Figure 3 is a schematic depiction of the Message Authentication Code generation procedure of the system of figure 1.
[40] Detailed Description of Embodiments of the Invention
[41] According to an embodiment of the present invention, there is provided a transaction system, shown schematically at 100 in figure 1. The system 100 includes a transaction server 102 and a plurality of point-of-sale ("POS") transaction terminals 104; the POS terminals communicate with the server by means of a public computer network, in the form of the internet 106.
[42] The system 100 also includes user tokens in the form of customer smart cards (not shown in this view); these are issued to respective customers so that those customers can access and therefore use the system 100.
[43] Figure 2 is a schematic view 200 of a representative POS terminal 104 and a customer card 202. The POS terminal 104 includes a digital processor 204 and, connected thereto, non-volatile memory 206 and random-access memory 208. The POS terminal 104 also includes a keypad 210, a receipt printer 212, a display unit in the form of a liquid crystal display 214, and a card acceptor 216. The card acceptor 216 is providing for reading from and writing to the customer cards 202, and conform to International Standards 7816 Parts 1 to 3 (such as those found on Electronic Draft Capture terminals used in credit card payment systems conforming to the Europay- Mastercard-Visa or EMV standard specifications).
[44] Each customer card 202 includes an integrated circuit chip 218 comprising a digital processor 220 and, connected thereto, read-only memory 222 containing software (for performing a number of functions) in the chip 218, random-access memory 224, nonvolatile memory 226 (which can be freely accessed) and an input/output interface 228. The input/output interface 228 is configured to communicate with the card acceptor 216 of the POS terminal 104.
[45] Each customer card 202 includes a file stored in non-volatile memory 226 and referred to as the "coupon file", which can be accessed without initial mutual authentication; this allows any POS terminal 104 to read and modify data in the Coupon File without employing any cryptographic or other key. Each customer card 202 also contains a card identifier, being card identification information that - in this embodiment - comprises a card number. This card number is readable by the POS terminals. The POS terminals are provided in their non- volatile memory 206 with software (referred to as "issuing" and "redemption" modules) so that the terminals 104 can both write e-coupon records to the coupon files and allow the redemption of such e-coupons.
[46] The e-coupon includes e-coupon data and a digital signature in the form of such a Message Authentication Code (MAC). The e-coupon data comprises a card identifier, a coupon identifier, validity dates (i.e. a date or dates defining the period during which the e-coupon is valid), the value of the e-coupon, the terminal identity number of the terminal that generated the coupon, and the date and time the e-coupon was issued or generated. The MAC is generated according to ANSI 9.9 standard specification, using cryptographic key known only to the issuer of the e-coupon. The card identifier is that of the card to which the e-coupon was originally issued and thus, in this embodiment, comprises a card number that is unique to that card. The coupon identifier comprises data indicative of or information about the marketing campaign under which the coup on was issued (e.g. a campaign identifier), the merchants or service providers to whom the coupon is applicable, a serial number, or any combination of these.
[47] The e-coupon data is used, together with a cryptographic key, to generate the MAC for the e-coupon. Hence, the MAC is a signature that is derived from the e-coupon data itself and, because that data includes the original card number, is tied to the particular customer card to which it was originally issued.
[48] Figure 3 is a schematic depiction of the MAC generation procedure 300. Referring to figure 3, this procedure employs an initial vector IV that is kept as a secret so that the resulting data block to be encrypted in the derivation of the MAC is unknown; this is essential to the security of the algorithm. The procedure also uses a cryptographic key (the MAC key). According to this procedure, the e-coupon data - including the card number - is divided into 8-byte blocks, Data being the first 8-byte block, Data 1-8 the second 8-byte block, and so on. 9-16 J
[49] Thus, an Exclusive OR operation is performed on the initial vector "IV" and Data . The triple DES (Data Encryption Standard) operation is performed on the result 1-8 using the MAC Key. The resulting output vector is the input for a repeat of the Exclusive OR operation and triple DES steps, but this time the next portion of the e- coupon data (Data ) is used, as shown in figure 3.
[50] This process is repeated until all of the 8-byte blocks of e-coupon data have been used. The last output is the MAC.
[51] Alternatively, in this embodiment the IV may be created by generating a "message digest" of the e-coupon data using commonly used hashing algorithms such as SHA or MD5, and then generating the MAC using the resulting hash as input to the MAC generation procedure described above.
[52] In use, system 100 is employed by customers either to store e-coupons issued by retailers or other service providers, or to redeem such e-coupons. When an e-coupon is issued, the POS terminal 104 - by means of its issuing software module - generates the e-coupon (including coupon data and MAC), and writes the e-coupon to the coupon file on the customer card 202. The MAC is generated as described above and illustrated in figure 3.
[53] Depending on the coupon issuing authority and as programmed in the issuing module, the "value" of the e-coupon may be expressed as, for example, discount entitlement information (e.g. percentage of discount), an absolute monetary value (e.g. $10), or an "electronic ticket" comprising entry permission (such as to a cinema to watch a movie, take a ride on a train or bus, etc.).
[54] When a customer wishes to redeem an e-coupon (or in some cases a part thereof), the redemption module of the POS terminal 104 to which the card 202 is presented reads the coupon file, locates an e-coupon valid for the date, place, Coupon Id, etc. of the transaction, and verifies the MAC for the e-coupon by recomputing the MAC using the e-coupon data and the procedure described above. If the redemption module finds that the regenerated MAC is the same as the MAC stored in the coupon file on the customer card 202, the e-coupon is deemed valid and the POS terminal 104 allows the customer to redeem the e-coupon for the benefits encoded in the "value" field of the e- coupon. If the customer does so, the POS terminal 104 removes the redeemed e- coupon from the coupon file.
[55] The software of the issuing and redemption modules uses the card number of the customer card 202 as recorded in the e-coupon in the derivation of the MAC; this associates the e-coupon with the particular card. Since the card number of each customer card 202 is separately readable from the card by the POS terminal 104, the redemption module can detect when the e-coupon is inconsistent with the card in which it is recorded, that is, has been copied from another card. If this is detected, the redemption module rejects such a copied e-coupon and deletes it from the customer card 202.
[56] The MAC also allows the receiving POS terminal to check - by determining any such inconsistencies between MAC and regenerated MAC - whether the e-coupons' coupon data has been altered without the proper MAC key; if the MAC is invalid, the
POS terminal rejects the e-coupon or e-coupons.
[57] Thus, the issuer of e-coupons need only have a cryptographic key (the MAC key) and the IV -in order to generate MACs, and to provide the MAC key and the IV to merchants and service providers who will ultimately accept the e-coupons for redemption. Authentication keys are not required when accessing the coupon files on the customer cards 202, which simplifies the sharing of the customer cards between multiple parties. One example of the sharing of cards might be where a large retailer collaborates with a number of banks to issue coupons to holders of the banks' cards; the retailer would subsequently accept the coupons for redemption, either at the same retailer or at other partner retailers. This embodiment would allow the various participants to use customer cards from all the participating banks without first exchanging cryptographic keys for card authentication and access.
[58] The system 100 can be further enhanced so that coupon records redeemed at the terminal are checked against a list of previously redeemed coupons to prevent cardholders from making copies of the e-coupons and redeeming the coupons multiple times (if the business rules for coupon redemption so prohibit).
[59] The customer card 202 may also contain further applications, such as a credit card payment application and a loyalty application. Further, the POS terminal 104 is configured to inform the customer or other cardholder of any coupon award being issued in association with a transaction by displaying and/or printing on the receipt printer 212 the relevant messages pertaining to the e-coupon award.
[60] In addition, records of redeemed e-coupons are either deleted from the customer card 202 if they are not required for further analysis or processing, or captured by the POS terminal 104 and transmitted to the server 102 for further analyses and management decision support.
[61] A customer card 202 is presented at a POS terminal 104 for redemption of an e- coupon typically in connection with the payment for purchase of an item. The customer card 202 may, in such circumstances, be a payment card such as a credit card complying with the EMV standard. In such cases, the POS terminal may be programmed to locate, as part of the payment process, an applicable coupon in the nonvolatile memory 226 , mark the coupon as 'redeemed', and then proceed with the payment authorization process based on a nett payment amount that is equal to the sales amount less the value of the redeemed e-coupon. By thus linking the redemption of an e-coupon with the payment process, it is possible to minimize the risk that the retailer will fail to process the e-coupon electronically at the POS terminal 104. Such an arrangement is useful to prevent the retailer from under-reporting the number of e- coupons presented for redemption, as retailers may be tempted to under-report when they have to pay a fee to a service provider for each e-coupon presented for
redemption.
[62] In another embodiment, the customer card 202 includes software in non-volatile memory 226 for automatically assigning a progressively incremented counter to each of the e-coupons written to the free accessible non-volatile memory 226, so that each of the records is associated with a counter number that is assigned by this software. The transaction terminals 104 have no control over the counter value. In this embodiment, the signature for each e-coupon is a function of the counter. To generate the signature, a transaction terminal 104 first interrogates the non- volatile memory 226 of a customer card 202 to determine the counter number (N) to be associated with the next e-coupon to be written to the non- volatile memory 226, and includes that counter value N in the data used in the derivation of the signature. When the e-coupon is written to the non- volatile memory 226, the customer card 202 automatically assigns N to that record. Thus, if one were to duplicate that e-coupon (having a valid signature) by reading it from and immediately writing it back to the non- volatile memory 226 of a particular customer card 202, the second copy would - when written - be assigned a new counter value N+l. Both would have the same signature, so both would have a signature generated on the basis of the correct card number. However, only the original would have a signature consistent with its counter value. Hence, unless the signature is regenerated using the new counter value N+l before the copy of the e-coupon is written to the non-volatile memory 226, that copy will be rendered invalid.
[63] In yet another embodiment, each of the terminals 104 may be in the form of a "set- top box", of the type used to access cable and satellite television networks; in this embodiment, the network 106 is in the form of the television network and thus comprises a fibre optic cable network or a satellite network. Each of the set-top boxes is equipped with a smart card reader and an issuing module. The issuing module can be installed at the manufacture or sale of the set-top box, or programmed subsequently via the network 106. The set-top box can then be controlled remotely to write e-coupon data and signatures into smart cards. This occurs when a customer, possibly prompted by messages broadcast on the television, inserts his or her smart card into such a set- top box. The smart card loaded with e-coupons and can then be used at merchant outlets equipped with conventional POS terminals that have been loaded with the redemption module for the purpose of redeeming the e-coupons loaded by a set-top box.
[64] Modifications within the scope of the invention may be readily effected by those skilled in the art. It is to be understood, therefore, that this invention is not limited to the particular embodiments described by way of example hereinabove.
Claims
[1] 1. A data storage system comprising: a user token for transporting said data; and data terminal for reading from and writing to said token; wherein said data terminal includes a first module for generating a digital signature from at least some of said data and for writing said data and said signature to said token, and a second module for reading said data and said signature from said token, for regenerating said signature from at least some of said data in the same manner as said first module, and for comparing said signature read from said token with said regenerated signature to determine whether said signature is authentic.
2. A system as claimed in claim 1, wherein said data includes token identification data.
3. A system as claimed in claim 2, wherein said data terminal is operable to read said token identification data from said token rather than from said data, and to perform said regenerating of said signature on the basis of said token identification data so read.
4. A system as claimed in claim 1, wherein said signature is in the form of a message authentication code.
5. A system as claimed in claim 1, wherein said terminal is operable to generate said signature by means of a cryptographic key.
6. A system as claimed in claim 1, wherein said data terminal system is configured to write said data and said signature to said token as a record that can be read by one or more other data terminals without prior authorization of such other data terminals.
7. A system as claimed in claim 1, wherein said first and said second modules are provided as a single module.
8. A system as claimed in claim 1, wherein said data storage system is an entitlement management system, wherein said token is one of a plurality of customer cards, and said data terminal is one of a plurality of transaction terminals.
9. A system as claimed in claim 8, wherein said data is in the form of an electronic coupon.
10. A system as claimed in claim 9, wherein said data terminal is operable to locate any valid electronic coupons stored on any of said customer cards presented for reading to said data terminal .
11. A system as claimed in claim 10, wherein said data terminal is operable to redeem the value of a valid electronic coupon so located against the price of an immediate purchase.
12. A system as claimed in claim 1, wherein said data constitutes a data record that is one of a plurality of such data records, and said user token includes software for automatically assigning a progressively incremented counter to each of these data records.
13. A system as claimed in claim 12, wherein said signature for each data record is a function of said counter.
14. A method of storing data comprising: generating a digital signature from at least some of said data; writing said data and said signature to a user token; subsequently reading said data and said signature from said token; regenerating said signature from at least some of said data in the same manner as said generating of said signature; and comparing said signature read from said token with said regenerated signature to determine whether said signature is authentic.
15. A method as claimed in claim 14, wherein said data includes token identification data, and the method includes generating the signature from the data including at least the token identification data.
16. A method as claimed in claim 15, wherein said method includes reading said token identification data from said token, and performing said regenerating of said signature on the basis of said token identification data so read from the token.
17. A method as claimed in claim 14, including generating said signature in the form of a message authentication code.
18. A method as claimed in claim 14, including generating said signature by means of a cryptographic key.
19. A method as claimed in claim 14, including writing said data and said signature to said token as a record that can be read by other data terminals without authorization.
20. A method as claimed in claim 14, wherein said method is used to store data in an entitlement management system, and said token is one of a plurality of customer cards.
21. A method as claimed in claim 20, wherein said data is in the form of an electronic coupon.
22. A method as claimed in claim 21, including locating any valid electronic coupons stored on any of said customer cards presented for reading to a data terminal .
23. A method as claimed in claim 22, including redeeming the value of a valid electronic coupon so located against the price of an immediate purchase.
24. A method as claimed in claim 14, wherein said data constitutes a data record that is one of a plurality of such data records, and said method includes automatically assigning a progressively incremented counter to each of these data records.
25. A method as claimed in claim 24, wherein said signature for each data record is a function of said counter.
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| SG200403844-4 | 2004-06-10 | ||
| SG200403844A SG126766A1 (en) | 2004-06-10 | 2004-06-10 | Data storage method and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| WO2005121973A1 true WO2005121973A1 (en) | 2005-12-22 |
Family
ID=34859380
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| PCT/IB2005/051840 WO2005121973A1 (en) | 2004-06-10 | 2005-06-07 | Data storage method and system |
Country Status (6)
| Country | Link |
|---|---|
| GB (1) | GB2415074B8 (en) |
| HK (1) | HK1086906A1 (en) |
| MY (1) | MY138614A (en) |
| SG (1) | SG126766A1 (en) |
| TW (1) | TW200540673A (en) |
| WO (1) | WO2005121973A1 (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112740232A (en) * | 2018-07-23 | 2021-04-30 | 第一资本服务有限责任公司 | System and apparatus for encrypted data collection using RFID cards |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2000074300A1 (en) * | 1999-06-01 | 2000-12-07 | The Regents Of The University Of California | System and method for delivering and examining digital tickets |
| WO2000077746A1 (en) * | 1999-06-10 | 2000-12-21 | International Business Machines Corporation | Storing electronic receipts on a removable storage medium |
| US6192349B1 (en) * | 1998-09-28 | 2001-02-20 | International Business Machines Corporation | Smart card mechanism and method for obtaining electronic tickets for goods services over an open communications link |
Family Cites Families (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| DE2350418A1 (en) * | 1973-10-08 | 1975-04-10 | Gretag Ag | PROCEDURE AND EQUIPMENT FOR CREATING AND EVALUATING FALSE-PROOF MACHINELY READABLE PAYMENT RECEIPTS |
| FR2618002B1 (en) * | 1987-07-10 | 1991-07-05 | Schlumberger Ind Sa | METHOD AND SYSTEM FOR AUTHENTICATING ELECTRONIC MEMORY CARDS |
| FR2653248B1 (en) * | 1989-10-13 | 1991-12-20 | Gemolus Card International | PAYMENT OR INFORMATION TRANSFER SYSTEM BY ELECTRONIC MEMORY CARD. |
| DE555219T1 (en) * | 1990-10-19 | 1996-11-28 | Security Dynamics Techn | METHOD AND DEVICE FOR PERSONAL IDENTIFICATION. |
| JP3701156B2 (en) * | 1999-10-20 | 2005-09-28 | 株式会社ケンウッド | Data backup device |
-
2004
- 2004-06-10 SG SG200403844A patent/SG126766A1/en unknown
-
2005
- 2005-06-06 MY MYPI20052559A patent/MY138614A/en unknown
- 2005-06-07 WO PCT/IB2005/051840 patent/WO2005121973A1/en active Application Filing
- 2005-06-09 GB GB0511758A patent/GB2415074B8/en not_active Expired - Fee Related
- 2005-06-10 TW TW094119362A patent/TW200540673A/en unknown
-
2006
- 2006-06-14 HK HK06106777A patent/HK1086906A1/en not_active IP Right Cessation
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6192349B1 (en) * | 1998-09-28 | 2001-02-20 | International Business Machines Corporation | Smart card mechanism and method for obtaining electronic tickets for goods services over an open communications link |
| WO2000074300A1 (en) * | 1999-06-01 | 2000-12-07 | The Regents Of The University Of California | System and method for delivering and examining digital tickets |
| WO2000077746A1 (en) * | 1999-06-10 | 2000-12-21 | International Business Machines Corporation | Storing electronic receipts on a removable storage medium |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112740232A (en) * | 2018-07-23 | 2021-04-30 | 第一资本服务有限责任公司 | System and apparatus for encrypted data collection using RFID cards |
| US12014234B2 (en) | 2018-07-23 | 2024-06-18 | Capital One Services, Llc | System and apparatus for encrypted data collection using RFID cards |
Also Published As
| Publication number | Publication date |
|---|---|
| GB2415074B8 (en) | 2006-11-22 |
| MY138614A (en) | 2009-07-31 |
| GB2415074B (en) | 2006-09-13 |
| TW200540673A (en) | 2005-12-16 |
| HK1086906A1 (en) | 2006-09-29 |
| SG126766A1 (en) | 2006-11-29 |
| GB2415074A8 (en) | 2006-11-22 |
| GB0511758D0 (en) | 2005-07-20 |
| GB2415074A (en) | 2005-12-14 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US7003501B2 (en) | Method for preventing fraudulent use of credit cards and credit card information, and for preventing unauthorized access to restricted physical and virtual sites | |
| US6012039A (en) | Tokenless biometric electronic rewards system | |
| CA2345391C (en) | Loyalty file structure for smart card | |
| US20060190412A1 (en) | Method and system for preventing fraudulent use of credit cards and credit card information, and for preventing unauthorized access to restricted physical and virtual sites | |
| US8074874B2 (en) | Secure payment system | |
| US20030130955A1 (en) | Secure transaction systems | |
| US20070094512A1 (en) | Storage media issuing method | |
| PT1029311E (en) | CREDIT CARD SYSTEM AND PROCESS | |
| KR20010025234A (en) | A certification method of credit of a financing card based on fingerprint and a certification system thereof | |
| WO1998052158A2 (en) | Integrated circuit card with application history list | |
| US20090012900A1 (en) | Making Secure Data for Customer Loyalty Programs | |
| KR100598573B1 (en) | Creating and authenticating one time card data using smartcard and the system therefor | |
| JP2000508101A (en) | Chip card and usage of chip card | |
| WO2005121973A1 (en) | Data storage method and system | |
| KR100405628B1 (en) | Electronic Commercial Transaction Methodd Using Storage Means | |
| JP2000339366A (en) | System and method for authentication utilizing cd | |
| JP2003507824A (en) | Guarantee system for performing electronic commerce and method used therefor | |
| TWI734471B (en) | Identity data reading system, identity data reading method, identity card system and control method thereof | |
| JP2002304589A (en) | Settlement system | |
| JP4334021B2 (en) | Method for proving accumulation in a reader | |
| KR20050009943A (en) | System and method for electronically paying the using fee of the software, contents or electronic information via a serial number comprising it's identification, and computer-readable recording medium which records the program executing said method | |
| JP2002352172A (en) | Method and device for electronic commercial transaction | |
| JP2004348412A (en) | Card issuing system | |
| JP2001325526A (en) | Property information providing system | |
| JP2006039972A (en) | Management system preventing card name information leakage of credit card |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| AK | Designated states |
Kind code of ref document: A1 Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KM KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NA NG NI NO NZ OM PG PH PL PT RO RU SC SD SE SK SL SM SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW |
|
| AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): BW GH GM KE LS MW MZ NA SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LT LU MC NL PL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG |
|
| 121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
| DPEN | Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed from 20040101) | ||
| NENP | Non-entry into the national phase |
Ref country code: DE |
|
| WWW | Wipo information: withdrawn in national office |
Country of ref document: DE |
|
| 122 | Ep: pct application non-entry in european phase |