WO2007003656A1 - Secured identification system and medium, and method for securing same - Google Patents

Secured identification system and medium, and method for securing same Download PDF

Info

Publication number
WO2007003656A1
WO2007003656A1 PCT/EP2006/063924 EP2006063924W WO2007003656A1 WO 2007003656 A1 WO2007003656 A1 WO 2007003656A1 EP 2006063924 W EP2006063924 W EP 2006063924W WO 2007003656 A1 WO2007003656 A1 WO 2007003656A1
Authority
WO
WIPO (PCT)
Prior art keywords
identification
medium
identification medium
support
operating device
Prior art date
Application number
PCT/EP2006/063924
Other languages
French (fr)
Inventor
Pierre Girard
Christophe Mourtel
Original Assignee
Gemplus
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Gemplus filed Critical Gemplus
Publication of WO2007003656A1 publication Critical patent/WO2007003656A1/en

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/20Individual registration on entry or exit involving the use of a pass
    • G07C9/28Individual registration on entry or exit involving the use of a pass the pass enabling tracking or indicating presence
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00309Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks
    • G07C2009/00555Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks comprising means to detect or avoid relay attacks
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C2209/00Indexing scheme relating to groups G07C9/00 - G07C9/38
    • G07C2209/60Indexing scheme relating to groups G07C9/00174 - G07C9/00944
    • G07C2209/63Comprising locating means for detecting the position of the data carrier, i.e. within the vehicle or within a certain distance from the vehicle

Definitions

  • the invention relates generally to security techniques such as those applied to electronic transactions.
  • the invention relates, according to a first aspect, to an identification system, comprising an identification medium, such as a contactless smart card, a device for operating the medium, such as a reader for contactless smart card, and verification means, the identification medium and the operating device being provided with respective communication means cooperating in operation for exchanging data on presentation of the identification medium by means of electromagnetic waves, and verification means delivering an acceptance or refusal signal according to whether at least one of the two elements constituted by the identification medium and the operating device recognizes the other as authentic or not.
  • an identification medium such as a contactless smart card
  • a device for operating the medium such as a reader for contactless smart card
  • verification means delivering an acceptance or refusal signal according to whether at least one of the two elements constituted by the identification medium and the operating device recognizes the other as authentic or not.
  • Non-contact identification media such as smart cards, work by remote power. These media draw the energy necessary for their operation from an electromagnetic field produced and sent by the card reader with which they must interact. In addition, this electromagnetic field carries the data sent by the reader to the card and also serves as support for map responses to the reader.
  • This electromagnetic field is therefore necessary and sufficient for both the power supply of the smart card and for the establishment of a communication between the reader and the card.
  • the purpose of the present invention is to propose an alternative solution route, which has its own advantages.
  • the system of the invention is essentially characterized in that the identification medium and the operating device are furthermore equipped with means of concertation to establish a concertation whose success is subject to the condition that this identification medium and this operating device are physically separated from each other by a distance at most equal to a predetermined threshold, this system further comprising supervisory means for inhibiting the acceptance signal in the event of failure of the consultation.
  • the consultation means comprise measuring means capable of detecting a context or immediate physical environment specific and common to the identification medium and the operating device, and / or influence means capable of at least partially creating such a specific and common immediate physical context or environment.
  • the measuring means may thus comprise at least a first sensor of a first type that is sensitive to a first physical parameter representative of the specific and common immediate physical context or environment, and that supplies a first measurement signal whose value is verified by the means of measurement. supervision.
  • the first sensor is carried by a first of the elements that constitute the identification medium and the operating device
  • the measuring means further comprise at least a second sensor of the first type carried by a second of the elements that constitute the identification medium and the operating device
  • the second sensor is also responsive to said first physical parameter
  • the second sensor provides a second measurement signal whose value is compared with that of the first signal of measured by the means of supervision.
  • the first physical parameter is advantageously chosen from the set of physical parameters comprising: brightness, temperature, humidity, sound, atmospheric pressure, the chemical composition of the ambient air, the shape of a two-dimensional design or a three-dimensional object, and the relative movement of the identification medium and the operating device.
  • the measuring means may also include sensors of several types fitted to the identification medium and / or the operating device.
  • the measurement signal from each sensor fitted to the identification medium is transmitted to the operating device in a secure manner.
  • the first sensor is carried by a first of the elements that constitute the identification medium and the operating device, that the influence means comprise a shape drawn on a second of the elements that constitute the support of identification and the operating device, and that the first measurement signal provided by the first sensor is a function of this form and the distance between the identification medium and the operating device.
  • the first sensor may be a receiver of a physical field or a physical wave independent of the electromagnetic waves used for the communication, in which case the means of influence then comprise an emitter emitting said field or said physical wave and disposed on a second elements that constitute the identification medium and the operating device, the first measurement signal supplied by the first sensor being a reception signal depending on this field or this physical wave and the distance between the identification medium and the operating device.
  • said field or said physical wave advantageously has, between the transmitter and the receiver, a range limited to said predetermined threshold.
  • the physical wave produced by the transmitter is modulated in time
  • that the first measurement signal delivered by the receiver is returned to the transmitter
  • the success of the consultation is defined by the provided that the transmitted wave and the signal returned to the transmitter have a phase shift at most equal to a phase shift representative of the travel time of the modulated wave from the transmitter to the receiver over a distance at most equal to said predetermined threshold, and the travel time of the signal returned from the receiver to the transmitter at a distance at most equal to said predetermined threshold.
  • the physical wave used is for example a sound wave humanly inaudible.
  • the invention also relates to a contactless identification medium, such as a smart card, comprising communication means, this medium being characterized in that it further comprises at least one sensor sensitive to a physical parameter taking a value specific to the immediate environment to which this medium belongs.
  • the invention also relates to a method for securing a contactless identification operation of an identification medium with a device for exploiting this medium, this method being characterized in that it comprises an operation of verifying that the identification medium and the operating device are separated from one another by a distance at most equal to a predetermined threshold, and to inhibit or cancel the effects of the identification operation in the opposite case.
  • the invention relates to an identification system essentially comprising an identification medium 1, such as a contactless smart card, and a device 2 for using the medium, such as a card reader. contactless chip.
  • the identification medium or card 1 as well as the operating device or reader 2, are provided with respective communication means 31 and 32 which cooperate in operation to ensure, by emitting electromagnetic waves, an exchange of data between the reader 2 and card 1 on presentation of the latter to the reader.
  • This system also includes verification means
  • These verification means 7 have the function of delivering an acceptance signal Sa in the case where the card 1 recognizes the reader 2 as authentic, and / or in the case where the reader 2 recognizes the card 1 as authentic.
  • the verification means 7 deliver a refusal signal Sr.
  • the card 1 and the reader 2 are provided with respective consultation means 41 and 42, the system further comprising supervisory means 8.
  • the means of consultation 41 and 42 have the function of establishing, between the card 1 and the reader 2, a concertation whose success is subject to the condition that this card 1 and this reader 2 are physically separated from one of the other by a distance D at most equal to a predetermined threshold Do.
  • the supervisory means 8 have the function of inhibiting, in case of failure of the consultation, the acceptance signal Sa possibly produced by the verification means.
  • the means of concertation 41 and 42 can take many different forms.
  • consultation means 41 and 42 may comprise measuring means 5 capable of detecting a context or specific immediate physical environment common to the card 1 and the reader 2.
  • these consultation means 41 and 42 may comprise means of influence 6 capable of creating at least partially such a context or immediate physical environment specific and common to the card 1 and the reader 2.
  • These measuring means 5 may thus comprise a sensor 51, installed on the card 1 or on the reader 2, sensitive to a first physical parameter representative of the context or immediate specific and common physical environment, and providing a first measurement signal Sl whose value is verified by the supervisory means 8.
  • These measuring means 5 may also comprise a sensor 52, installed on the card 1 or on the reader 2, also sensitive to the first physical parameter, and providing a second measurement signal S2 whose value is compared with that of the first measurement signal Sl by the supervision means 8.
  • This first physical parameter is for example constituted by brightness, temperature, humidity, sound, atmospheric pressure, the chemical composition of the ambient air, the shape of a two-dimensional design or a three-dimensional object, or still the relative movement of the identification medium and the operating device.
  • the measuring means 5 comprise sensors of several types fitted to the card 1 and / or the reader 2, that is to say sensors sensitive to different parameters, preferably chosen. in the previous list.
  • the measurement signal from each sensor fitted to the card 1 or the reader 2 is transmitted respectively to the reader or to the card 2 in a secure manner so as to avoid its alteration.
  • the influence means 6 may comprise a shape 60 drawn on the card 1 or on the reader 2, the sensor 51 then being respectively carried by the reader 2 or the card 1 and delivering, as measurement signal Sl, a signal depending on this form 60 and the distance D between the card 1 and the reader 2.
  • the influence means 6 may also include a transmitter 61 carried by the card 1 or by the reader 2 and emitting a physical field or a physical wave independent of the electromagnetic waves used for communication between the card and the reader.
  • the sensor 51 which is respectively carried by the reader 2 or by the card 1, is a receiver of this field or this physical wave and delivers, as measurement signal Sl, a reception signal dependent on this field or this physical wave and the distance D separating the card 1 from the reader 2.
  • a simple way to ensure that the dialogue fails in case of f distance too great between the card 1 and the reader 2 may be to ensure that the field or wave has physical connection between the transmitter 61 and receiver 51, a range limited to the value Do of the maximum distance allowed.
  • the physical wave may for example be constituted by a sound wave, preferably emitted at a frequency inaudible to the human ear and for example ultrasonic.
  • the physical wave produced by the transmitter 61 is modulated in time and that the measurement signal Sl delivered by the receiver 51 is returned to the transmitter 61, the transmitter and the receiver thus ensuring a function similar to that of a radar.
  • the success of the concertation can then be defined by the condition that the transmitted wave and the signal returned to the transmitter 61 have a phase shift at most equal to that which must appear when, in the actual operating conditions, the card 1 and the reader 2 are separated from each other by a distance D less than the maximum distance allowed Do.
  • this phase shift is determined by the frequency of the transmitted wave, by the travel time of this wave between the transmitter 61 and the receiver 51 over the distance D, and by the travel time of the signal returned from the receiver 51 to the transmitter 61 over this distance D.
  • the travel time of the returned signal is equal to the travel time of the transmitted wave only if the returned signal takes the same physical form as the transmitted wave and therefore be constituted by a wave transmitted in return symmetrically, and that the card and the reader are not moving relative to each other.
  • the transmitted wave is a sound wave
  • the signal returned to the transmitter is transmitted by radio
  • the travel time of the returned signal may be neglected in front of the travel time of the wave initially transmitted.
  • the invention is based on the observation that a card lawfully used is normally located near the reader with which it must dialogue.
  • This condition of use implies that the reader and the card are in the same environment, and in particular in the same natural environment.
  • this environment can be described by physical parameters such as light, temperature, humidity, etc. It can also be defined by a parameter such as the movement of objects that are in contact with each other.
  • One or more environmental sensors of the same type can thus be provided on the card 1 and the reader 2 to simultaneously measure these parameters.
  • the supervision means 8 verify that the values of the measured parameters are identical on the side of the card and on the reader side.
  • the invention also proposes to adapt the sensors used to the application.
  • an application where the physical maintenance of the card by the wearer is required for greater security may use a light sensor, a temperature sensor, or both in combination.
  • a motion sensor will be more suitable, the reader measuring the movement of the object presented to him and the card measuring his own movement. If the two are opposite each other, then the measurements should give the same value. of the More complex combinations between sensor values are quite possible.
  • a system comprising on the one hand the two elements constituted by the card 1 and the reader 2, and on the other hand a set of sensors, namely temperature sensors 51 and light 53 carried by the card 1, and temperature sensors 52 and light 54 carried by the reader 2.
  • the card 1 and the reader 2 can simply submit to the supervision circuit 8 the signals S1 to S4 coming from their respective sensors 51 to 54, the supervision circuit having the function of verifying that the signals S1 and S2 on the one hand, and S3 and S4 on the other hand, are very close to each other.
  • This embodiment has the advantage of a low cost.
  • the reader 2 can influence its immediate environment and, in this case, the temperature and light in this environment.
  • the transmitter 61 of the reader 2 may be constituted by a thermal element, such as a resistor or a hot or cold air current generator, making it possible to locally vary the temperature in its immediate environment by controlling the speed of variation thereof.
  • a thermal element such as a resistor or a hot or cold air current generator
  • the reader 2 may also include a transmitter 62 constituted by a light source producing a light beam whose intensity varies in power at the rate of a pattern imposed on it.
  • the transaction starts (after implementation of the known waking protocol and selection of the card) by the establishment of a secure communication between the reader 2 and card 1.
  • the sensors 51 to 54 measure the physical parameter to which they are sensitive and produce the measurement signals S1 to S4.
  • the card 1 and the reader 2 must therefore implement an existing procedure and well known in itself to those skilled in the art to have a common time reference.
  • the dynamics of variation of the temperature and the light will have to be adapted to the dynamics of response of the various concerned sensors. If the supervision means 8 are duplicated on the card 1 and on the reader 2, the comparison of the signals S1 to S4 can be carried out crosswise, the signals S1 and S3 produced on the card 1 being sent to the reader 2, and the signals S2 and S4 produced on the reader 2 being sent to the card 1.
  • the evolution of the signal Sl at least will be compared to the temperature modulation imposed by the thermal element 61, and the evolution of the signal S3 at least will be compared to the light intensity modulation imposed on the light source 62.
  • This comparison procedure enables the supervisory means 8 to deliver a signal K whose state indicates whether the card 1 and the reader 2 may or may not be considered as belonging to the same medium.
  • the comparison procedure comprises several elementary comparison operations likely to lead to divergent results
  • a hierarchy and a weighting of these The results may be used to remove any ambiguity in the determination of the state to be given to the K-signal.
  • a transaction between a card and a reader in a system according to the invention can take place according to the following scheme:
  • the invention has many advantages over existing solutions.
  • the variety of sensors that can be developed on silicon is such that the choice of these sensors can be established taking into account the intended application and not the other way around.
  • the safety gain provided by the invention will be devoid of any negative effect on the ergonomics, and this Additional security can easily be provided to any existing application.
  • the range of usable sensors is large enough that it is possible, in each case, to find sensors to prevent the user to manipulate his card to make it operational or to prohibit its use.
  • the invention in combination with an authentication of the carrier, ensures a largely sufficient security, even in the case of a use of a contactless card.

Landscapes

  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Radar Systems Or Details Thereof (AREA)
  • Arrangements For Transmission Of Measured Signals (AREA)

Abstract

The invention concerns an identification system comprising two elements having non-contact mutual communication, for example a smart card (1) and a reader (2). The inventive system further comprises co-operating means (41, 42) for establishing, between the card (1) and the reader (2), a co-operation whereof the successful outcome is subject to the condition that those two element (1, 2) are physically relatively close to each other, supervising means (8) being provided to abort the communication in case of failure of the co-operation.

Description

SYSTEME ET SUPPORT D'IDENTIFICATION SECURISES, ET PROCEDESECURE SYSTEM AND IDENTIFICATION MEDIUM, AND METHOD
POUR LEUR SECURISATION.FOR THEIR SECURITY.
L'invention concerne, de façon générale, les techniques de sécurisation telles que celles qui sont appliquées aux transactions électroniques .The invention relates generally to security techniques such as those applied to electronic transactions.
Plus précisément, l'invention concerne, selon un premier aspect, un système d'identification, comprenant un support d'identification, tel qu'une carte à puce sans contact, un dispositif d'exploitation du support, tel qu'un lecteur de carte à puce sans contact, et des moyens de vérification, le support d'identification et le dispositif d'exploitation étant dotés de moyens de communication respectifs coopérant en fonctionnement pour échanger par ondes électromagnétiques des données sur présentation du support d'identification, et les moyens de vérification délivrant un signal d'acceptation ou de refus selon que l'un au moins des deux éléments que constituent le support d'identification et le dispositif d'exploitation reconnaît l'autre comme authentique ou non.More specifically, the invention relates, according to a first aspect, to an identification system, comprising an identification medium, such as a contactless smart card, a device for operating the medium, such as a reader for contactless smart card, and verification means, the identification medium and the operating device being provided with respective communication means cooperating in operation for exchanging data on presentation of the identification medium by means of electromagnetic waves, and verification means delivering an acceptance or refusal signal according to whether at least one of the two elements constituted by the identification medium and the operating device recognizes the other as authentic or not.
Les supports d'identification sans contact, tels que les cartes à puce, fonctionnent par télé alimentation. Ces supports tirent l'énergie nécessaire à leur fonctionnement d'un champ électromagnétique produit et envoyé par le lecteur de carte avec lequel ils doivent dialoguer. De surcroît, ce champ électromagnétique véhicule les données envoyées par le lecteur à la carte et sert également de support aux réponses de la carte vers le lecteur.Non-contact identification media, such as smart cards, work by remote power. These media draw the energy necessary for their operation from an electromagnetic field produced and sent by the card reader with which they must interact. In addition, this electromagnetic field carries the data sent by the reader to the card and also serves as support for map responses to the reader.
Ce champ électromagnétique est donc nécessaire et suffisant à la fois pour l'alimentation de la carte à puce et pour l'établissement d'une communication entre le lecteur et la carte.This electromagnetic field is therefore necessary and sufficient for both the power supply of the smart card and for the establishment of a communication between the reader and the card.
Par leur conception même, de tels supports d'identification fonctionnent donc sans lien ni contact physique avec le lecteur, la carte et le lecteur pouvant donc ne pas être visibles l'un par l'autre.By their very design, such identification media therefore operate without physical contact or contact with the reader, the card and the reader may therefore not be visible to one another.
La conséquence de cette situation est qu'il est possible d'interroger une carte sans contact sans que son porteur (propriétaire) ne s'en rende compte et/ou ne soit consentant, ce qui ouvre la voie à un nouveau type d'attaque sur les cartes à puces.The consequence of this situation is that it is possible to interrogate a contactless card without its bearer (owner) noticing it and / or being consenting, which opens the way to a new type of attack. on smart cards.
En particulier, il est envisageable d'utiliser une carte à puce à l'insu de son propriétaire en augmentant jusqu'à 50 mètres la distance entre un lecteur et cette carte au moyen de relais formant un pont de communication entre la carte et un lecteur distant.In particular, it is conceivable to use a smart card without the knowledge of its owner by increasing up to 50 meters the distance between a reader and this card by means of relay forming a communication bridge between the card and a reader remote.
Ce problème peut éventuellement être résolu par la mise en œuvre de solutions existantes.This problem can possibly be solved by the implementation of existing solutions.
Par exemple, il a été déjà été proposé de bloquer l'utilisation d'un support d'identification sans contact tant que son utilisateur n'appuie pas sur un bouton poussoir équipant cette carte. II a également été proposé d'empêcher toute utilisation intempestive de la carte en glissant cette dernière dans un étui métallique, le métal ayant la propriété de bloquer les ondes électromagnétiques .For example, it has already been proposed to block the use of a contactless identification medium as long as its user does not press a push button on this card. It has also been proposed to prevent any inadvertent use of the card by sliding the latter into a metal case, the metal having the property of blocking the electromagnetic waves.
Il a encore été proposé d'obliger l'utilisateur d'une carte sans contact à présenter un élément d'identification supplémentaire, tel qu'un code secret, pour valider la transaction entre la carte et un lecteur.It has also been proposed to require the user of a contactless card to present an additional identification element, such as a secret code, to validate the transaction between the card and a reader.
Dans ce contexte, la présente invention a pour but de proposer une voie alternative de solution, présentant des avantages propres .In this context, the purpose of the present invention is to propose an alternative solution route, which has its own advantages.
A cette fin, le système de l'invention, par ailleurs conforme à la définition générique qu'en donne le préambule ci-dessus, est essentiellement caractérisé en ce que le support d'identification et le dispositif d'exploitation sont en outre dotés de moyens de concertation respectifs pour établir une concertation dont le succès est soumis à la condition que ce support d'identification et ce dispositif d'exploitation soient physiquement séparés l'un de l'autre par une distance au plus égale à un seuil prédéterminé, ce système comportant en outre des moyens de supervision pour inhiber le signal d'acceptation en cas d'échec de la concertation.To this end, the system of the invention, moreover in conformity with the generic definition given in the preamble above, is essentially characterized in that the identification medium and the operating device are furthermore equipped with means of concertation to establish a concertation whose success is subject to the condition that this identification medium and this operating device are physically separated from each other by a distance at most equal to a predetermined threshold, this system further comprising supervisory means for inhibiting the acceptance signal in the event of failure of the consultation.
Par exemple, les moyens de concertation comprennent des moyens de mesure propres à détecter un contexte ou environnement physique immédiat spécifique et commun au support d'identification et au dispositif d'exploitation, et / ou des moyens d' influence propres à créer au moins partiellement un tel contexte ou environnement physique immédiat spécifique et commun.For example, the consultation means comprise measuring means capable of detecting a context or immediate physical environment specific and common to the identification medium and the operating device, and / or influence means capable of at least partially creating such a specific and common immediate physical context or environment.
Les moyens de mesure peuvent ainsi comprendre au moins un premier capteur d'un premier type sensible à un premier paramètre physique représentatif du contexte ou environnement physique immédiat spécifique et commun, et fournissant un premier signal de mesure dont la valeur est vérifiée par les moyens de supervision.The measuring means may thus comprise at least a first sensor of a first type that is sensitive to a first physical parameter representative of the specific and common immediate physical context or environment, and that supplies a first measurement signal whose value is verified by the means of measurement. supervision.
Il est notamment possible de prévoir que le premier capteur soit porté par un premier des éléments que constituent le support d'identification et le dispositif d'exploitation, que les moyens de mesure comprennent en outre au moins un deuxième capteur du premier type porté par un second des éléments que constituent le support d'identification et le dispositif d'exploitation, ce deuxième capteur étant également sensible audit premier paramètre physique, et que le deuxième capteur fournisse un deuxième signal de mesure dont la valeur est comparée à celle du premier signal de mesure par les moyens de supervision .It is particularly possible to provide that the first sensor is carried by a first of the elements that constitute the identification medium and the operating device, that the measuring means further comprise at least a second sensor of the first type carried by a second of the elements that constitute the identification medium and the operating device, the second sensor is also responsive to said first physical parameter, and the second sensor provides a second measurement signal whose value is compared with that of the first signal of measured by the means of supervision.
Le premier paramètre physique est avantageusement choisi dans l'ensemble des paramètres physiques comprenant : la luminosité, la température, l'humidité, le son, la pression atmosphérique, la composition chimique de l'air ambiant, la forme d'un dessin bidimensionnel ou d'un objet tridimensionnel, et le mouvement relatif du support d'identification et du dispositif d'exploitation. Les moyens de mesure peuvent aussi comprendre des capteurs de plusieurs types équipant le support d'identification et / ou le dispositif d'exploitation.The first physical parameter is advantageously chosen from the set of physical parameters comprising: brightness, temperature, humidity, sound, atmospheric pressure, the chemical composition of the ambient air, the shape of a two-dimensional design or a three-dimensional object, and the relative movement of the identification medium and the operating device. The measuring means may also include sensors of several types fitted to the identification medium and / or the operating device.
En toute hypothèse, il est préférable que le signal de mesure issu de chaque capteur équipant le support d'identification soit transmis au dispositif d'exploitation de façon sécurisée.In any case, it is preferable that the measurement signal from each sensor fitted to the identification medium is transmitted to the operating device in a secure manner.
II est possible de prévoir que le premier capteur soit porté par un premier des éléments que constituent le support d'identification et le dispositif d'exploitation, que les moyens d'influence comprennent une forme dessinée sur un deuxième des éléments que constituent le support d'identification et le dispositif d'exploitation, et que le premier signal de mesure fourni par le premier capteur soit une fonction de cette forme et de la distance entre le support d'identification et le dispositif d' exploitation .It is possible to provide that the first sensor is carried by a first of the elements that constitute the identification medium and the operating device, that the influence means comprise a shape drawn on a second of the elements that constitute the support of identification and the operating device, and that the first measurement signal provided by the first sensor is a function of this form and the distance between the identification medium and the operating device.
Le premier capteur peut être un récepteur d'un champ physique ou d'une onde physique indépendante des ondes électromagnétiques utilisées pour la communication, auquel cas les moyens d' influence comprennent alors un émetteur émettant ledit champ ou ladite onde physique et disposé sur un deuxième des éléments que constituent le support d'identification et le dispositif d'exploitation, le premier signal de mesure fourni par le premier capteur étant un signal de réception dépendant de ce champ ou de cette onde physique et de la distance entre le support d'identification et le dispositif d'exploitation. Dans ce cas, ledit champ ou ladite onde physique présente avantageusement, entre l'émetteur et le récepteur, une portée limitée audit seuil prédéterminé.The first sensor may be a receiver of a physical field or a physical wave independent of the electromagnetic waves used for the communication, in which case the means of influence then comprise an emitter emitting said field or said physical wave and disposed on a second elements that constitute the identification medium and the operating device, the first measurement signal supplied by the first sensor being a reception signal depending on this field or this physical wave and the distance between the identification medium and the operating device. In this case, said field or said physical wave advantageously has, between the transmitter and the receiver, a range limited to said predetermined threshold.
II est encore possible de prévoir que l'onde physique produite par l'émetteur soit modulée dans le temps, que le premier signal de mesure délivré par le récepteur soit retourné vers l'émetteur, et que le succès de la concertation soit défini par la condition que l'onde émise et le signal retourné vers l'émetteur présentent un déphasage au plus égal à un déphasage représentatif du temps de trajet de l'onde modulée de l'émetteur vers le récepteur sur une distance au plus égale audit seuil prédéterminé, et du temps de trajet du signal retourné du récepteur vers l'émetteur sur une distance au plus égale audit seuil prédéterminé.It is still possible to provide that the physical wave produced by the transmitter is modulated in time, that the first measurement signal delivered by the receiver is returned to the transmitter, and that the success of the consultation is defined by the provided that the transmitted wave and the signal returned to the transmitter have a phase shift at most equal to a phase shift representative of the travel time of the modulated wave from the transmitter to the receiver over a distance at most equal to said predetermined threshold, and the travel time of the signal returned from the receiver to the transmitter at a distance at most equal to said predetermined threshold.
L'onde physique utilisée est par exemple une onde sonore humainement inaudible .The physical wave used is for example a sound wave humanly inaudible.
L'invention concerne également un support d'identification sans contact, tel qu'une carte à puce, comprenant des moyens de communication, ce support étant caractérisé en ce qu'il comprend en outre au moins un capteur sensible à un paramètre physique prenant une valeur spécifique à l'environnement immédiat auquel appartient ce support.The invention also relates to a contactless identification medium, such as a smart card, comprising communication means, this medium being characterized in that it further comprises at least one sensor sensitive to a physical parameter taking a value specific to the immediate environment to which this medium belongs.
L'invention concerne aussi un procédé de sécurisation d'une opération d'identification sans contact d'un support d'identification auprès d'un dispositif d'exploitation de ce support, ce procédé étant caractérisé en ce qu'il comprend une opération consistant à vérifier que le support d'identification et le dispositif d'exploitation sont séparés l'un de l'autre par une distance au plus égale à un seuil prédéterminé, et à inhiber ou annuler les effets de l'opération d'identification dans le cas contraire.The invention also relates to a method for securing a contactless identification operation of an identification medium with a device for exploiting this medium, this method being characterized in that it comprises an operation of verifying that the identification medium and the operating device are separated from one another by a distance at most equal to a predetermined threshold, and to inhibit or cancel the effects of the identification operation in the opposite case.
D'autres caractéristiques et avantages de l'invention ressortiront clairement de la description qui en est faite ci-après, à titre indicatif et nullement limitatif, en référence aux dessins annexés, dans lesquels la figure unique est un schéma d'un système conforme à l'invention.Other features and advantages of the invention will emerge clearly from the description which is given below, by way of indication and in no way limiting, with reference to the accompanying drawings, in which the single figure is a diagram of a system according to the invention.
Comme annoncé précédemment, l'invention concerne un système d'identification comprenant essentiellement un support d'identification 1, tel qu'une carte à puce sans contact, et un dispositif 2 d'exploitation du support, tel qu'un lecteur de carte à puce sans contact.As previously announced, the invention relates to an identification system essentially comprising an identification medium 1, such as a contactless smart card, and a device 2 for using the medium, such as a card reader. contactless chip.
Le support d'identification ou carte 1, ainsi que le dispositif d'exploitation ou lecteur 2, sont dotés de moyens de communication respectifs 31 et 32 qui coopèrent en fonctionnement pour assurer, par émission d'ondes électromagnétiques, un échange de données entre le lecteur 2 et la carte 1 sur présentation de cette dernière au lecteur.The identification medium or card 1, as well as the operating device or reader 2, are provided with respective communication means 31 and 32 which cooperate in operation to ensure, by emitting electromagnetic waves, an exchange of data between the reader 2 and card 1 on presentation of the latter to the reader.
Ce système inclut par ailleurs des moyens de vérificationThis system also includes verification means
7 dont la représentation symbolique en pointillés, à mi- chemin entre la carte 1 et le lecteur 2, a pour finalité de faire comprendre que ces moyens peuvent indifféremment se trouver physiquement sur la carte 1, sur le lecteur 2, ou à la fois sur la carte et sur le lecteur.7 whose dotted symbolic representation, halfway between the card 1 and the reader 2, is intended to make it clear that these means can indifferently physically located on the map 1, on the reader 2, or both on the map and on the reader.
Ces moyens de vérification 7 ont pour fonction de délivrer un signal d'acceptation Sa dans le cas où la carte 1 reconnaît le lecteur 2 comme authentique, et / ou dans le cas où le lecteur 2 reconnaît la carte 1 comme authentique .These verification means 7 have the function of delivering an acceptance signal Sa in the case where the card 1 recognizes the reader 2 as authentic, and / or in the case where the reader 2 recognizes the card 1 as authentic.
Dans les autres cas, les moyens de vérification 7 délivrent un signal de refus Sr.In the other cases, the verification means 7 deliver a refusal signal Sr.
Selon l'invention, la carte 1 et le lecteur 2 sont dotés de moyens de concertation respectifs 41 et 42, le système comportant en outre des moyens de supervision 8.According to the invention, the card 1 and the reader 2 are provided with respective consultation means 41 and 42, the system further comprising supervisory means 8.
Les moyens de concertation 41 et 42 ont pour fonction d'établir, entre la carte 1 et le lecteur 2, une concertation dont le succès est soumis à la condition que cette carte 1 et ce lecteur 2 soient physiquement séparés l'un de l'autre par une distance D au plus égale à un seuil prédéterminé Do.The means of consultation 41 and 42 have the function of establishing, between the card 1 and the reader 2, a concertation whose success is subject to the condition that this card 1 and this reader 2 are physically separated from one of the other by a distance D at most equal to a predetermined threshold Do.
De leur côté, les moyens de supervision 8 ont pour fonction d'inhiber, en cas d'échec de la concertation, le signal d'acceptation Sa éventuellement produit par les moyens de vérification.For their part, the supervisory means 8 have the function of inhibiting, in case of failure of the consultation, the acceptance signal Sa possibly produced by the verification means.
La représentation symbolique des moyens de supervision 8 en pointillés, à mi-chemin entre la carte 1 et le lecteurThe symbolic representation of the dashed supervision means 8, halfway between the card 1 and the reader
2, a pour finalité de faire comprendre que ces moyens, comme les moyens de vérification 7, peuvent indifféremment se trouver physiquement sur la carte 1, sur le lecteur 2, ou à la fois sur la carte et sur le lecteur.2, is intended to make it clear that these means, such as the means of verification 7, may indifferently to be physically on the map 1, on the reader 2, or both on the map and on the reader.
Les moyens de concertation 41 et 42 peuvent revêtir de nombreuses formes différentes.The means of concertation 41 and 42 can take many different forms.
En particulier, les moyens de concertation 41 et 42 peuvent comprendre des moyens de mesure 5 propres à détecter un contexte ou environnement physique immédiat spécifique et commun à la carte 1 et au lecteur 2.In particular, the consultation means 41 and 42 may comprise measuring means 5 capable of detecting a context or specific immediate physical environment common to the card 1 and the reader 2.
De façon alternative ou cumulative, ces moyens de concertation 41 et 42 peuvent comprendre des moyens d' influence 6 propres à créer au moins partiellement un tel contexte ou environnement physique immédiat spécifique et commun à la carte 1 et au lecteur 2.Alternatively or cumulatively, these consultation means 41 and 42 may comprise means of influence 6 capable of creating at least partially such a context or immediate physical environment specific and common to the card 1 and the reader 2.
Ces moyens de mesure 5 peuvent ainsi comprendre un capteur 51, installé sur la carte 1 ou sur le lecteur 2, sensible à un premier paramètre physique représentatif du contexte ou environnement physique immédiat spécifique et commun, et fournissant un premier signal de mesure Sl dont la valeur est vérifiée par les moyens de supervision 8.These measuring means 5 may thus comprise a sensor 51, installed on the card 1 or on the reader 2, sensitive to a first physical parameter representative of the context or immediate specific and common physical environment, and providing a first measurement signal Sl whose value is verified by the supervisory means 8.
Ces moyens de mesure 5 peuvent également comprendre un capteur 52, installé sur la carte 1 ou sur le lecteur 2, également sensible au premier paramètre physique, et fournissant un deuxième signal de mesure S2 dont la valeur est comparée à celle du premier signal de mesure Sl par les moyens de supervision 8. Ce premier paramètre physique est par exemple constitué par la luminosité, la température, l'humidité, le son, la pression atmosphérique, la composition chimique de l'air ambiant, la forme d'un dessin bidimensionnel ou d'un objet tridimensionnel, ou encore le mouvement relatif du support d'identification et du dispositif d'exploitation.These measuring means 5 may also comprise a sensor 52, installed on the card 1 or on the reader 2, also sensitive to the first physical parameter, and providing a second measurement signal S2 whose value is compared with that of the first measurement signal Sl by the supervision means 8. This first physical parameter is for example constituted by brightness, temperature, humidity, sound, atmospheric pressure, the chemical composition of the ambient air, the shape of a two-dimensional design or a three-dimensional object, or still the relative movement of the identification medium and the operating device.
En pratique, il peut être utile de prévoir que les moyens de mesure 5 comprennent des capteurs de plusieurs types équipant la carte 1 et / ou le lecteur 2, c'est-à-dire des capteurs sensibles à des paramètres différents, de préférence choisis dans la liste précédente.In practice, it may be useful to provide that the measuring means 5 comprise sensors of several types fitted to the card 1 and / or the reader 2, that is to say sensors sensitive to different parameters, preferably chosen. in the previous list.
De préférence, le signal de mesure issu de chaque capteur équipant la carte 1 ou le lecteur 2 est transmis respectivement au lecteur ou à la carte 2 de façon sécurisée de manière à éviter son altération.Preferably, the measurement signal from each sensor fitted to the card 1 or the reader 2 is transmitted respectively to the reader or to the card 2 in a secure manner so as to avoid its alteration.
Les moyens d'influence 6 peuvent comprendre une forme 60 dessinée sur la carte 1 ou sur le lecteur 2, le capteur 51 étant alors respectivement porté par le lecteur 2 ou la carte 1 et délivrant, en tant que signal de mesure Sl, un signal dépendant de cette forme 60 et de la distance D séparant la carte 1 du lecteur 2.The influence means 6 may comprise a shape 60 drawn on the card 1 or on the reader 2, the sensor 51 then being respectively carried by the reader 2 or the card 1 and delivering, as measurement signal Sl, a signal depending on this form 60 and the distance D between the card 1 and the reader 2.
Les moyens d'influence 6 peuvent aussi comprendre un émetteur 61 porté par la carte 1 ou par le lecteur 2 et émettant un champ physique ou une onde physique indépendante des ondes électromagnétiques utilisées pour la communication entre la carte et le lecteur. Dans ce cas, le capteur 51, qui est respectivement porté par le lecteur 2 ou par la carte 1, est un récepteur de ce champ ou de cette onde physique et délivre, en tant que signal de mesure Sl, un signal de réception dépendant de ce champ ou de cette onde physique et de la distance D séparant la carte 1 du lecteur 2.The influence means 6 may also include a transmitter 61 carried by the card 1 or by the reader 2 and emitting a physical field or a physical wave independent of the electromagnetic waves used for communication between the card and the reader. In this case, the sensor 51, which is respectively carried by the reader 2 or by the card 1, is a receiver of this field or this physical wave and delivers, as measurement signal Sl, a reception signal dependent on this field or this physical wave and the distance D separating the card 1 from the reader 2.
Un façon simple de faire en sorte que la concertation échoue en cas df éloignement trop important entre la carte 1 et le lecteur 2 peut consister à faire en sorte que le champ ou l'onde physique présente, entre l'émetteur 61 et le récepteur 51, une portée limitée à la valeur Do de la distance maximale autorisée.A simple way to ensure that the dialogue fails in case of f distance too great between the card 1 and the reader 2 may be to ensure that the field or wave has physical connection between the transmitter 61 and receiver 51, a range limited to the value Do of the maximum distance allowed.
L'onde physique peut par exemple être constituée par une onde sonore, de préférence émise à une fréquence inaudible pour l'oreille humaine et par exemple ultrasonore .The physical wave may for example be constituted by a sound wave, preferably emitted at a frequency inaudible to the human ear and for example ultrasonic.
II est possible de prévoir que l'onde physique produite par l'émetteur 61 soit modulée dans le temps et que le signal de mesure Sl délivré par le récepteur 51 soit retourné vers l'émetteur 61, l'émetteur et le récepteur assurant ainsi ensemble une fonction analogue à celle d'un radar.It is possible to provide that the physical wave produced by the transmitter 61 is modulated in time and that the measurement signal Sl delivered by the receiver 51 is returned to the transmitter 61, the transmitter and the receiver thus ensuring a function similar to that of a radar.
Le succès de la concertation peut alors être défini par la condition que l'onde émise et le signal retourné vers l'émetteur 61 présentent un déphasage au plus égal à celui qui doit apparaître lorsque, dans les conditions réelles de fonctionnement, la carte 1 et le lecteur 2 sont séparés l'un de l'autre par une distance D inférieure à la distance maximale autorisée Do.The success of the concertation can then be defined by the condition that the transmitted wave and the signal returned to the transmitter 61 have a phase shift at most equal to that which must appear when, in the actual operating conditions, the card 1 and the reader 2 are separated from each other by a distance D less than the maximum distance allowed Do.
En effet, ce déphasage est déterminé par la fréquence de l'onde émise, par le temps de trajet de cette onde entre l'émetteur 61 et le récepteur 51 sur la distance D, et par le temps de trajet du signal retourné du récepteur 51 vers l'émetteur 61 sur cette distance D.Indeed, this phase shift is determined by the frequency of the transmitted wave, by the travel time of this wave between the transmitter 61 and the receiver 51 over the distance D, and by the travel time of the signal returned from the receiver 51 to the transmitter 61 over this distance D.
Comme le comprendra aisément l'homme du métier, le temps de trajet du signal retourné n'est égal au temps de trajet de l'onde émise qu'à la condition que le signal retourné prenne la même forme physique que l'onde émise et soit donc constitué par une onde émise en retour de façon symétrique, et que la carte et le lecteur ne soient pas en mouvement l'un par rapport à l'autre.As will be readily understood by those skilled in the art, the travel time of the returned signal is equal to the travel time of the transmitted wave only if the returned signal takes the same physical form as the transmitted wave and therefore be constituted by a wave transmitted in return symmetrically, and that the card and the reader are not moving relative to each other.
En revanche, si l'onde émise est une onde sonore, et si le signal retourné vers l'émetteur est transmis par radio, le temps de trajet du signal retourné pourra être négligé devant le temps de trajet de l'onde initialement émise .On the other hand, if the transmitted wave is a sound wave, and if the signal returned to the transmitter is transmitted by radio, the travel time of the returned signal may be neglected in front of the travel time of the wave initially transmitted.
L'invention s'appuie sur l'observation du fait qu'une carte utilisée de manière licite est normalement située à proximité du lecteur avec lequel elle doit dialoguer.The invention is based on the observation that a card lawfully used is normally located near the reader with which it must dialogue.
Cette condition d'utilisation implique que le lecteur et la carte sont dans le même environnement, et notamment dans le même environnement naturel. Or, cet environnement peut être décrit par des paramètres physiques tels que la lumière, la température, l'humidité, etc. Il peut également être défini par un paramètre tel que le mouvement des objets qui sont mis en présence l'un de l'autre.This condition of use implies that the reader and the card are in the same environment, and in particular in the same natural environment. However, this environment can be described by physical parameters such as light, temperature, humidity, etc. It can also be defined by a parameter such as the movement of objects that are in contact with each other.
Un ou plusieurs capteurs d'environnement de même type peuvent ainsi être prévus sur la carte 1 et le lecteur 2 pour mesurer de manière simultanée ces paramètres. Avant tout échange de données sensibles entre la carte et le lecteur, les moyens de supervision 8 vérifient que les valeurs des paramètres mesurés sont identiques du coté de la carte et du côté du lecteur.One or more environmental sensors of the same type can thus be provided on the card 1 and the reader 2 to simultaneously measure these parameters. Before any exchange of sensitive data between the card and the reader, the supervision means 8 verify that the values of the measured parameters are identical on the side of the card and on the reader side.
Afin de ne pas pouvoir être falsifiées, ces valeurs seront échangées et comparées après la mise en place d'un schéma de communication sécurisé.In order not to be falsified, these values will be exchanged and compared after the establishment of a secure communication scheme.
L'invention propose par ailleurs d'adapter les capteurs utilisés à l'application. Par exemple une application où le maintien physique de la carte par le porteur est requis pour plus de sécurité pourra utiliser un capteur de lumière, un capteur de température, ou les deux en combinaison.The invention also proposes to adapt the sensors used to the application. For example an application where the physical maintenance of the card by the wearer is required for greater security may use a light sensor, a temperature sensor, or both in combination.
En revanche si l'application permet que la carte reste dans un portefeuille, alors un capteur de mouvement sera plus adapté, le lecteur mesurant le mouvement de l'objet qui lui est présenté et la carte mesurant son mouvement propre. Si les deux sont en face l'un de l'autre, alors les mesures devraient donner la même valeur. Des combinaisons plus complexes entre les valeurs des capteurs sont tout à fait envisageables.On the other hand, if the application allows the card to remain in a wallet, then a motion sensor will be more suitable, the reader measuring the movement of the object presented to him and the card measuring his own movement. If the two are opposite each other, then the measurements should give the same value. of the More complex combinations between sensor values are quite possible.
Un exemple concret de réalisation de l'invention est donné ci-après .A concrete example of embodiment of the invention is given below.
On considère un système comprenant d'une part les deux éléments que constituent la carte 1 et le lecteur 2, et d'autre part un ensemble de capteurs, à savoir des capteurs de température 51 et de lumière 53 portés par la carte 1, et des capteurs de température 52 et de lumière 54 portés par le lecteur 2.Considering a system comprising on the one hand the two elements constituted by the card 1 and the reader 2, and on the other hand a set of sensors, namely temperature sensors 51 and light 53 carried by the card 1, and temperature sensors 52 and light 54 carried by the reader 2.
Dans un mode de réalisation élémentaire, la carte 1 et le lecteur 2 peuvent tout simplement soumettre au circuit de supervision 8 les signaux Sl à S4 issus de leurs capteurs respectifs 51 à 54, le circuit de supervision ayant pour fonction de vérifier que les signaux Sl et S2 d'une part, et S3 et S4 d'autre part, sont très proches l'un de 1 ' autre .In an elementary embodiment, the card 1 and the reader 2 can simply submit to the supervision circuit 8 the signals S1 to S4 coming from their respective sensors 51 to 54, the supervision circuit having the function of verifying that the signals S1 and S2 on the one hand, and S3 and S4 on the other hand, are very close to each other.
Ce mode de réalisation présente l'avantage d'un faible coût .This embodiment has the advantage of a low cost.
Dans un mode de réalisation plus élaboré, offrant une sécurisation supérieure, on peut prévoir que le lecteur 2 puisse influencer son environnement immédiat et, en l'occurrence, la température et la lumière dans cet environnement .In a more elaborate embodiment, providing greater security, it can be expected that the reader 2 can influence its immediate environment and, in this case, the temperature and light in this environment.
Par exemple, l'émetteur 61 du lecteur 2 peut être constitué par un élément thermique, tel qu'une résistance ou un générateur de courant d'air chaud ou froid, permettant de faire varier localement la température dans son environnement immédiat en contrôlant la vitesse de variation de celle-ci.For example, the transmitter 61 of the reader 2 may be constituted by a thermal element, such as a resistor or a hot or cold air current generator, making it possible to locally vary the temperature in its immediate environment by controlling the speed of variation thereof.
Le lecteur 2 peut aussi comprendre un émetteur 62 constitué par une source lumineuse produisant un faisceau lumineux dont l'intensité varie en puissance au rythme d'un motif qui lui est imposé.The reader 2 may also include a transmitter 62 constituted by a light source producing a light beam whose intensity varies in power at the rate of a pattern imposed on it.
Dans le cas d'une transaction mise en place entre la carte 1 et le lecteur 2, la transaction débute (après mise en œuvre du protocole connu de réveil et sélection de la carte) par la mise en place d'une communication sécurisée entre le lecteur 2 et la carte 1.In the case of a transaction set up between the card 1 and the reader 2, the transaction starts (after implementation of the known waking protocol and selection of the card) by the establishment of a secure communication between the reader 2 and card 1.
Sur demande du lecteur 2, les capteurs 51 à 54 effectuent la mesure du paramètre physique auquel ils sont sensibles et produisent les signaux de mesure Sl à S4.At the request of the reader 2, the sensors 51 to 54 measure the physical parameter to which they are sensitive and produce the measurement signals S1 to S4.
II convient bien sûr que ces mesures soient effectuées de façon synchrone, en particulier dans le cas considéré où le lecteur 2 modifie son environnement immédiat de façon dynamique .Of course, these measurements must be performed synchronously, particularly in the case in which the reader 2 modifies his immediate environment dynamically.
La carte 1 et le lecteur 2 devront donc mettre en œuvre une procédure existante et bien connue en soi de l'homme du métier pour disposer d'une référence de temps commune.The card 1 and the reader 2 must therefore implement an existing procedure and well known in itself to those skilled in the art to have a common time reference.
Bien entendu, la dynamique de variation de la température et de la lumière devra être adaptée à la dynamique de réponse des différents capteurs concernés. Si les moyens de supervision 8 sont dupliqués sur la carte 1 et sur le lecteur 2, la comparaison des signaux Sl à S4 pourra être effectuée de façon croisée, les signaux Sl et S3 produits sur la carte 1 étant envoyés au lecteur 2, et les signaux S2 et S4 produits sur le lecteur 2 étant envoyés à la carte 1.Of course, the dynamics of variation of the temperature and the light will have to be adapted to the dynamics of response of the various concerned sensors. If the supervision means 8 are duplicated on the card 1 and on the reader 2, the comparison of the signals S1 to S4 can be carried out crosswise, the signals S1 and S3 produced on the card 1 being sent to the reader 2, and the signals S2 and S4 produced on the reader 2 being sent to the card 1.
De façon alternative ou cumulative, l'évolution du signal Sl au moins sera comparée à la modulation de température imposée par l'élément thermique 61, et l'évolution du signal S3 au moins sera comparée à la modulation d'intensité lumineuse imposée à la source lumineuse 62.Alternatively or cumulatively, the evolution of the signal Sl at least will be compared to the temperature modulation imposed by the thermal element 61, and the evolution of the signal S3 at least will be compared to the light intensity modulation imposed on the light source 62.
Cette procédure de comparaison permet aux moyens de supervision 8 de délivrer un signal K dont l'état indique si la carte 1 et le lecteur 2 peuvent, ou non, être considérés comme appartenant au même milieu.This comparison procedure enables the supervisory means 8 to deliver a signal K whose state indicates whether the card 1 and the reader 2 may or may not be considered as belonging to the same medium.
Dans le cas où, comme dans l'exemple invoqué, des capteurs de natures différentes sont utilisés, et où par conséquent la procédure de comparaison comprend plusieurs opérations élémentaires de comparaison susceptibles d'aboutir à des résultats divergents, une hiérarchisation et une pondération de ces résultats pourront être mises en œuvre pour lever toute ambiguïté dans la détermination de l'état à donner au signal K.In the case where, as in the example invoked, sensors of different natures are used, and where consequently the comparison procedure comprises several elementary comparison operations likely to lead to divergent results, a hierarchy and a weighting of these The results may be used to remove any ambiguity in the determination of the state to be given to the K-signal.
Par exemple, la préférence pourra être donnée aux signaux produits par les capteurs les plus précis, ces signaux étant donc affectés d'un poids plus important pour leur participation à la prise de décision finale. En résumé, une transaction entre une carte et un lecteur dans un système conforme à l'invention peut se dérouler selon le schéma suivant:For example, preference may be given to the signals produced by the most accurate sensors, these signals are therefore assigned a greater weight for their participation in the final decision-making. In summary, a transaction between a card and a reader in a system according to the invention can take place according to the following scheme:
- Emission d'un champ électromagnétique par le circuit 32 du lecteur 2;- Emitting an electromagnetic field by the circuit 32 of the reader 2;
- Interrogation pour détecter la présence d'une carte;- Query to detect the presence of a card;
- Détection de la présence d'une carte et sélection de la carte;- Detection of the presence of a card and selection of the card;
- Mesure d'un ou plusieurs paramètres physiques par les capteurs de la carte et du lecteur;- Measurement of one or more physical parameters by the sensors of the card and the reader;
- Mise en place d'un canal de communication sécurisé entre le lecteur et la carte; - Echange des signaux de mesure issus des capteurs à travers le canal sécurisé;- Establishment of a secure communication channel between the reader and the card; - Exchange of the measurement signals from the sensors through the secure channel;
- Comparaison des valeurs de ces signaux;- Comparison of the values of these signals;
- Poursuite de la communication entre le lecteur et la carte si la comparaison conduit à conclure que le lecteur et la carte sont dans le même environnement; et- Continuing communication between the reader and the card if the comparison leads to conclude that the reader and the card are in the same environment; and
- Interruption de la communication dans le cas contraire.- Interruption of the communication in the opposite case.
L'invention présente de multiples avantages par rapport aux solutions existantes.The invention has many advantages over existing solutions.
Tout d'abord, la variété des capteurs susceptibles d'être développés sur silicium est telle que le choix de ces capteurs pourra être établi en prenant en compte l'application envisagée et non l'inverse. En d'autres termes, le gain de sécurité apporté par l'invention sera dépourvu de tout effet négatif sur l'ergonomie, et cette sécurité supplémentaire pourra être facilement apportée à toute application existante.First, the variety of sensors that can be developed on silicon is such that the choice of these sensors can be established taking into account the intended application and not the other way around. In other words, the safety gain provided by the invention will be devoid of any negative effect on the ergonomics, and this Additional security can easily be provided to any existing application.
D'autre part, la gamme des capteurs utilisables est suffisamment vaste pour qu'il soit possible, dans chaque cas, de trouver des capteurs permettant d'éviter à l'utilisateur de manipuler sa carte pour la rendre opérationnelle ou pour interdire son utilisation.On the other hand, the range of usable sensors is large enough that it is possible, in each case, to find sensors to prevent the user to manipulate his card to make it operational or to prohibit its use.
D'autre part encore, la mise en place d'un schéma de communication sécurisé avant l'échange des données issues des capteurs empêche toute modification de ces données qui viserait à contourner le système de sécurité.On the other hand, the establishment of a secure communication scheme before the exchange of data from the sensors prevents any modification of these data that would aim to bypass the security system.
Enfin, l'invention, en combinaison avec une authentification du porteur, permet d'assurer une sécurité largement suffisante, même dans le cas d'une utilisation d'une carte sans contact. Finally, the invention, in combination with an authentication of the carrier, ensures a largely sufficient security, even in the case of a use of a contactless card.

Claims

REVENDICATIONS
1. Système d'identification, le système d'identification comprenant un support d'identification1. Identification system, the identification system comprising an identification medium
(1), un dispositif (2) d'exploitation du support, et des moyens de vérification (7), le support d'identification(1), a device (2) for operating the support, and verification means (7), the identification medium
(1) et le dispositif d'exploitation (2) du support étant dotés de moyens de communication respectifs (31, 32) coopérant en fonctionnement pour échanger par ondes électromagnétiques des données sur présentation du support d'identification (1), les moyens de vérification (7) délivrant un signal d'acceptation (Sa) ou de refus (Sr) selon que l'un du support d'identification (1) et du dispositif d'exploitation (2) du support reconnaît l'autre du support d'identification (1) et du dispositif d'exploitation (2) du support comme étant authentique ou non, caractérisé en ce que le support d'identification (1) et le dispositif d'exploitation (2) du support sont dotés de moyens de concertation respectifs (41, 42) pour établir une concertation dont le succès est soumis à la condition que le support d'identification (1) et le dispositif d'exploitation (2) du support sont physiquement séparés l'un de l'autre par une distance (D) au plus égale à un seuil prédéterminé (Do) , et en ce que les moyens de concertation comprennent des moyens d'influence (6) aptes à générer une variation de la valeur d'au moins un paramètre de l'environnement physique immédiat et commun au support d'identification et au dispositif d'exploitation du support, le support d'identification et le dispositif d'exploitation du support comprenant des moyens de mesure (5) aptes à détecter la variation de la valeur dudit au moins un paramètre de l'environnement physique au sein duquel le support d'identification et le dispositif d'exploitation du support se situent, le système d'identification comportant des moyens de supervision (8) pour inhiber et/ou annuler le signal d'acceptation (Sa) en cas d'échec de la concertation.(1) and the operating device (2) of the support being provided with respective communication means (31, 32) cooperating in operation to exchange by electromagnetic waves data on presentation of the identification medium (1), the means of verification (7) delivering an acceptance signal (Sa) or rejection signal (Sr) according to whether one of the identification medium (1) and the operating device (2) of the medium recognizes the other of the medium of identification (1) and the operating device (2) of the support as authentic or not, characterized in that the identification medium (1) and the operating device (2) of the support are provided with means for consultation (41, 42) to establish a concertation whose success is subject to the condition that the identification medium (1) and the operating device (2) of the support are physically separated from each other by a distance (D) at most equal to a predetermined threshold (Do), and in that the consultation means comprise influencing means (6) capable of generating a variation of the value of at least one parameter of the immediate physical environment common to the identification medium and the operating device of the device. support, the identification medium and the operating device of the medium comprising measuring means (5) able to detect the variation of the value of said at least one parameter of the physical environment in which the identification medium and the device for operating the medium are located, the system of identification comprising supervisory means (8) for inhibiting and / or canceling the acceptance signal (Sa) in case of failure of the consultation.
2. Système d'identification selon la revendication2. Identification system according to the claim
1, caractérisé en ce que les moyens de mesure (5) comprennent au moins un premier capteur (51) d'un premier type sensible à un premier paramètre de l' environnement physique immédiat et commun au support d'identification et au dispositif d'exploitation du support, fournissant un premier signal de mesure (Sl) dont la valeur est vérifiée par les moyens de supervision (8), et porté par l'un du support d'identification (1) et du dispositif d'exploitation (2) du support, en ce que les moyens de mesure (5) comprennent au moins un deuxième capteur (52) du premier type porté par l'autre du support d'identification (1) et du dispositif d'exploitation (2) du support, le deuxième capteur (52) étant également sensible audit premier paramètre, et en ce que le deuxième capteur (52) fournit un deuxième signal de mesure (S2) dont la valeur est comparée à celle du premier signal de mesure (Sl) par les moyens de supervision (8) .1, characterized in that the measuring means (5) comprise at least a first sensor (51) of a first type sensitive to a first parameter of the immediate physical environment and common to the identification medium and the device of operating the support, providing a first measurement signal (Sl) whose value is verified by the supervision means (8), and carried by one of the identification medium (1) and the operating device (2) of the support, in that the measuring means (5) comprise at least a second sensor (52) of the first type carried by the other of the identification medium (1) and the device (2) for the support, the second sensor (52) is also responsive to said first parameter, and in that the second sensor (52) provides a second measurement signal (S2) whose value is compared with that of the first measurement signal (Sl) by the means supervision (8).
3. Système d'identification selon la revendication 1 ou 2, caractérisé en ce que ledit au moins un paramètre est choisi dans l'ensemble des paramètres physiques comprenant : la luminosité, la température, l'humidité, le son, la pression atmosphérique, la composition chimique de l'air ambiant, et le mouvement relatif du support d'identification et du dispositif d'exploitation du support .3. Identification system according to claim 1 or 2, characterized in that said at least one parameter is selected from the set of physical parameters including: brightness, temperature, humidity, sound, atmospheric pressure, chemical composition of ambient air, and relative motion the identification medium and the device for exploiting the medium.
4. Système d'identification selon l'une quelconque des revendications 2 et 3, caractérisé en ce que le signal de mesure issu de chaque capteur équipant l'un du support d'identification (1) et du dispositif d'exploitation (2) du support est transmis à l'autre du support d'identification (1) et du dispositif d'exploitation (2) du support de façon sécurisée .4. Identification system according to any one of claims 2 and 3, characterized in that the measurement signal from each sensor equipping one of the identification medium (1) and the operating device (2) of the support is transmitted to the other of the identification medium (1) and the operating device (2) of the support in a secure manner.
5. Système d'identification selon l'une quelconque des revendications précédentes combinée à la revendication 2, caractérisé en ce que le premier capteur (51) est un récepteur d'un champ physique ou d'une onde physique indépendante des ondes électromagnétiques utilisées pour la communication, en ce que les moyens d'influence (6) comprennent un émetteur (61) émettant le champ ou l'onde physique et disposé sur l'un du support d'identification (1) et du dispositif d'exploitation (2) du support, et en ce que le premier signal de mesure (Sl) fourni par le premier capteur (51) est un signal de réception dépendant du champ ou de l'onde physique et de la distance (D) entre le support d'identification (1) et le dispositif d'exploitation (2) du support.5. Identification system according to any one of the preceding claims combined with claim 2, characterized in that the first sensor (51) is a receiver of a physical field or a physical wave independent of electromagnetic waves used for the communication, in that the influencing means (6) comprise a transmitter (61) transmitting the field or the physical wave and arranged on one of the identification medium (1) and the operating device (2). ) of the support, and in that the first measurement signal (Sl) provided by the first sensor (51) is a reception signal depending on the field or the physical wave and on the distance (D) between the identification medium (1) and the operating device (2) of the support.
6. Système d'identification selon la revendication 5, caractérisé en ce que le champ ou l'onde physique présente, entre l'émetteur (61) et le récepteur (51), une portée limitée audit seuil prédéterminé (Do) .6. Identification system according to claim 5, characterized in that the field or the physical wave present, between the transmitter (61) and the receiver (51), a range limited to said predetermined threshold (Do).
7. Système d'identification selon la revendication 5, caractérisé en ce que l'onde physique produite par l'émetteur est modulée dans le temps, en ce que le premier signal de mesure (Sl) délivré par le récepteur (51) est retourné vers l'émetteur (61), et en ce que le succès de la concertation est défini par la condition que l'onde émise et le signal retourné vers l'émetteur (61) présentent un déphasage au plus égal à un déphasage représentatif du temps de trajet de l'onde modulée de l'émetteur (61) vers le récepteur (51) sur une distance (D) au plus égale audit seuil prédéterminé (Do) , et du temps de trajet du signal retourné du récepteur (51) vers l'émetteur (61) sur une distance (D) au plus égale audit seuil prédéterminé (Do) .Identification system according to claim 5, characterized in that the physical wave produced by the transmitter is time-modulated, in that the first measurement signal (Sl) delivered by the receiver (51) is returned to the transmitter (61), and in that the success of the concertation is defined by the condition that the transmitted wave and the signal returned to the transmitter (61) have a phase shift at most equal to a representative phase shift of time the path of the modulated wave from the transmitter (61) to the receiver (51) over a distance (D) at most equal to said predetermined threshold (Do), and the travel time of the signal returned from the receiver (51) to the emitter (61) over a distance (D) at most equal to said predetermined threshold (Do).
8. Dispositif (2) d'exploitation d'un support d'identification, le dispositif (2) d'exploitation du support d'identification comprenant des moyens de communication sans contact, caractérisé en ce que le dispositif (2) d'exploitation du support d'identification comprend des moyens d' influence aptes à générer une variation de la valeur d'au moins un paramètre de l'environnement physique immédiat au sein duquel le dispositif (2) d'exploitation du support d'identification se situe.8. Device (2) for operating an identification medium, the device (2) for operating the identification medium comprising contactless communication means, characterized in that the device (2) for operating of the identification medium comprises influence means capable of generating a variation of the value of at least one parameter of the immediate physical environment in which the device (2) for exploiting the identification medium is located.
9. Support d'identification, le support d'identification comprenant des moyens de communication sans contact, caractérisé en ce que le support d'identification sans contact comprend des moyens de mesure aptes à détecter une variation de la valeur d' au moins un paramètre de l'environnement physique immédiat au sein duquel le support d'identification se situe.9. Identification medium, the identification medium comprising non-contact communication means, characterized in that the contactless identification medium comprises measuring means able to detect a variation of the value of at least one parameter. the immediate physical environment within which the identification medium is located.
10. Procédé de sécurisation d'une opération d'identification sans contact d'un support d'identification (1) auprès d'un dispositif (2) d'exploitation du support, caractérisé en ce que le procédé de sécurisation comprend les opérations consistant : - à générer une variation de la valeur d' au moins un paramètre d'un environnement physique immédiat et commun au support d'identification et au dispositif d'exploitation du support,10. A method for securing a contactless identification operation of an identification medium (1) with a device (2) for using the medium, characterized in that the security method comprises the operations consisting of to generate a variation of the value of at least one parameter of an immediate physical environment common to the identification medium and to the device for operating the medium,
- à mesurer la variation de la valeur dudit au moins un paramètre, d'une part, de l'environnement physique proche du support d'identification, et d'autre part, de l'environnement physique proche du dispositif d'exploitation du support,to measure the variation of the value of said at least one parameter, on the one hand, of the physical environment close to the identification medium, and, on the other hand, of the physical environment close to the device of exploitation of the medium ,
- à vérifier que le support d'identification (1) et le dispositif d'exploitation (2) du support se situent au sein d'un même environnement physique immédiat, et à inhiber et/ou annuler au moins un effet de l'opération d'identification dans le cas où la variation mesurée de la valeur dudit au moins un paramètre de l'environnement physique proche du support d'identification est différente de celle de l'environnement physique proche du dispositif d'exploitation du support. - to verify that the identification medium (1) and the operating device (2) of the support are located within the same immediate physical environment, and to inhibit and / or cancel at least one effect of the identification operation in the case where the measured variation of the value of said at least one parameter of the physical environment near the identification medium is different from that of the physical environment close to the support operating device.
PCT/EP2006/063924 2005-07-05 2006-07-05 Secured identification system and medium, and method for securing same WO2007003656A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
FR0507160 2005-07-05
FR0507160A FR2888364A1 (en) 2005-07-05 2005-07-05 SECURED AUTHENTICATION SYSTEM AND SUPPORT AND METHOD FOR SECURING THE SAME

Publications (1)

Publication Number Publication Date
WO2007003656A1 true WO2007003656A1 (en) 2007-01-11

Family

ID=36095884

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2006/063924 WO2007003656A1 (en) 2005-07-05 2006-07-05 Secured identification system and medium, and method for securing same

Country Status (2)

Country Link
FR (1) FR2888364A1 (en)
WO (1) WO2007003656A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2021035000A1 (en) 2019-08-22 2021-02-25 Thales Dis Cpl Usa, Inc. Method for registering a device to a registration server

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE102013209612A1 (en) * 2013-05-23 2014-11-27 Siemens Aktiengesellschaft A method of performing automatic opening of a vehicle or a payment transaction and associated apparatus
EP2942758A1 (en) * 2014-05-08 2015-11-11 BASICWORX ENGINEERING GmbH Security device and method of operating a security device

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE19850176C1 (en) * 1998-10-30 2000-08-31 Siemens Ag Anti-theft device for motor vehicle with protection against mis-use
WO2004051581A1 (en) * 2002-11-29 2004-06-17 Philips Intellectual Property & Standards Gmbh Electronic communication system and method of detecting a relay attack thereon
US6765473B1 (en) * 1998-07-20 2004-07-20 Robert Bosch Gmbh Access system for vehicles
WO2004114227A1 (en) * 2003-06-25 2004-12-29 Philips Intellectual Property & Standards Gmbh Method and arrangements for increasing the security of transponder systems, particularly for access to automobiles
EP1503349A2 (en) * 2003-08-01 2005-02-02 Fachhochschule Köln ASK (Amplitude Shift Keying) signal analysis
US20050088334A1 (en) * 2003-09-18 2005-04-28 Bjoern Herder Method for measuring distance and measuring device for it

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6765473B1 (en) * 1998-07-20 2004-07-20 Robert Bosch Gmbh Access system for vehicles
DE19850176C1 (en) * 1998-10-30 2000-08-31 Siemens Ag Anti-theft device for motor vehicle with protection against mis-use
WO2004051581A1 (en) * 2002-11-29 2004-06-17 Philips Intellectual Property & Standards Gmbh Electronic communication system and method of detecting a relay attack thereon
WO2004114227A1 (en) * 2003-06-25 2004-12-29 Philips Intellectual Property & Standards Gmbh Method and arrangements for increasing the security of transponder systems, particularly for access to automobiles
EP1503349A2 (en) * 2003-08-01 2005-02-02 Fachhochschule Köln ASK (Amplitude Shift Keying) signal analysis
US20050088334A1 (en) * 2003-09-18 2005-04-28 Bjoern Herder Method for measuring distance and measuring device for it

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2021035000A1 (en) 2019-08-22 2021-02-25 Thales Dis Cpl Usa, Inc. Method for registering a device to a registration server

Also Published As

Publication number Publication date
FR2888364A1 (en) 2007-01-12

Similar Documents

Publication Publication Date Title
FR3025611A1 (en) METHOD OF AUTHENTICATING SIGNALS RECEIVED FROM A CONSTELLATION OF SATELLITES
EP0981808B1 (en) Security procedure for controlling the transfer of value units in a chip card gaming system
EP2517147A1 (en) Method of protection in a contactless radiofrequency communication
WO1998047114A1 (en) Data and value unit transfer system on slot machine network
EP2225697A1 (en) Generation and use of a biometric key
EP3794538A1 (en) Autonomous enrolment system and method for holder of biometric device
EP2652670B1 (en) Method of managing the dialogue between an item of equipment and at least one multi-application object such as a contactless chip card and corresponding object
EP2633507A1 (en) Method of operating a mobile control unit of a home-automation installation
FR3011770A1 (en) METHOD FOR OPERATING A SYSTEM FOR MONITORING THE PRESSURE AND / OR THE TEMPERATURE OF THE TIRES OF A VEHICLE AND DEVICE FOR PERFORMING IT
FR2981027A1 (en) REMOTE CONTROL SYSTEM, ELECTRONIC KEY, AND METHOD FOR AUTOMATICALLY LOCKING AND / OR UNLOCKING AT LEAST ONE OPENING OF A MOTOR VEHICLE AND / OR STARTING AN ENGINE OF A MOTOR VEHICLE USING A CONTROL SYSTEM DISTANCE
FR2889831A1 (en) Passive access authorization system unauthorized access avoiding method for motor vehicle, involves carrying out question-answer dialog with interrogation and response field intensities modified relative to another set of intensities
WO2007003656A1 (en) Secured identification system and medium, and method for securing same
EP2725758A1 (en) Method for mutual authentication between a terminal and a remote server via a third-party portal
WO2020020743A1 (en) Optimisation of wireless communications of a tyre-pressure-monitoring system for a motor vehicle
EP1567978B1 (en) Secure electronic entity integrating life span management of an object
EP3987416A1 (en) Method and device for authenticating a user using the conductivity of the human body
WO2019186041A1 (en) Method and device for authenticating a user
WO2008113898A2 (en) Device and method for wireless short range communication and vehicle including such device
FR3135738A1 (en) Method for activating a vehicle function and associated activation device
WO1993016451A1 (en) Process for transfer of chamber temperature measuring data to a restoring device
EP3507110A1 (en) System for reading sensors for monitoring automotive vehicles
EP1533147A2 (en) System and process for the determination of the position of at least a rotating part by use of a position signal
EP2357493B1 (en) Method and device for authenticating a trajectory calculated according to radiolocation signals
WO2020188058A1 (en) Method for adjusting a periodicity of communication between a wheel unit and an authorized device
FR3061586A1 (en) METHOD FOR CONTROLLING USE HABITS AND ELECTRONIC DEVICE CAPABLE OF IMPLEMENTING SUCH A METHOD

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application
NENP Non-entry into the national phase

Ref country code: DE

WWW Wipo information: withdrawn in national office

Country of ref document: DE

122 Ep: pct application non-entry in european phase

Ref document number: 06764078

Country of ref document: EP

Kind code of ref document: A1