WO2007036648A1 - Secure system for multiple management of data concerning people - Google Patents

Secure system for multiple management of data concerning people Download PDF

Info

Publication number
WO2007036648A1
WO2007036648A1 PCT/FR2006/002216 FR2006002216W WO2007036648A1 WO 2007036648 A1 WO2007036648 A1 WO 2007036648A1 FR 2006002216 W FR2006002216 W FR 2006002216W WO 2007036648 A1 WO2007036648 A1 WO 2007036648A1
Authority
WO
WIPO (PCT)
Prior art keywords
card
data
face
application
owner
Prior art date
Application number
PCT/FR2006/002216
Other languages
French (fr)
Inventor
Franklin Devaux
Patrick Vassort
Original Assignee
Ellen Investments Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ellen Investments Ltd filed Critical Ellen Investments Ltd
Publication of WO2007036648A1 publication Critical patent/WO2007036648A1/en

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1008Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/357Cards having a plurality of specified features
    • G06Q20/3576Multiple memory zones on card
    • G06Q20/35765Access rights to memory zones

Definitions

  • the present invention relates to a secure system for the multiple management of applications relating to a person. It will find its use for the management and the processing of data relating to all the everyday applications of every citizen, such as bank accounts, health, transport, etc., requiring the use of a card. chip containing the application data such as banking data, medical data, travel data, etc.
  • Each application consists of a structure, such as "name:”; “First name:”; “ address : “ ; “ age : “ ; “Sex:”; “Marital status:”; “ account number : “ ; “Telephone number:”; “ professional status : “ ; “ blood group : “ ; etc. ; this structure being viewable on a reading terminal specific to the application in question.
  • This structure is assigned data specific to each citizen such as “Henri”; “DUPONT”; “ 23 years “ ; “Rhesus 0+”; etc. ; these data are recorded on the card and may possibly be updated during use by an administrator, ie for example the doctor, the pharmacist, the banker, etc.
  • Some smart cards may contain several applications; this is the case in France, for example, the bank card that is also used as electronic money card called “MONEO card”, or the health card called “VITALE card” which manages doctors' medical prescriptions and refunds made by the Health Insurance Fund.
  • Each application on the map has its own structure to which data related to the person and related to the application itself.
  • Each administrator can access only the data of the application which concerns him and can not consult the data of the other applications being on the same card.
  • Such a design makes it possible, advantageously, to avoid any disclosure of information on the owner that does not concern the administrator, however it has the major disadvantage of quickly saturating the smart card, which limits the number of applications that can to be stored on the map.
  • the present invention aims to overcome the drawbacks of this nature and aims to design a secure system for the multiple management of applications on a smart card, with the advantage of significantly increasing the number of applications stored on the chip. smart card while ensuring that an administrator for a particular application will only be able to access the data of that application. It also aims to guarantee both the identity of the person in possession of the card and the that of the administrator who is authorized to access the data of the application which concerns him.
  • Another object of the invention is to provide a visual support on the smart card which advantageously allows the user and administrators to have the main data relating to an application when it is updated and is in progress. exploitation.
  • a secure system for the multiple management of data relating to a person which consists of at least one smart card on which are stored the personalized data relating to at least one application, these data being readable and updates on at least one reading terminal by the owner of the card or by at least one administrator managing at least one of the applications on the card.
  • the card collects the personalized data on a single structure common to all the applications on the card, access to the data of an application on the card being granted to the owner of the card and / or to an administrator after validation their identity by means of control on the terminal, said administrator can only access a part of the structure corresponding to the data on the card relating to the application that concerns him.
  • the system is remarkable in that the card comprises at least one face consisting of a material for printing, erasing and updating the information inscribed on said face depending on the application that is being operated. by the owner and / or the administrator.
  • the invention also relates to the method of manufacturing the smart card used in the secure multiple data management system, which implements the following successive steps:
  • the assembly is heated to a polymerization temperature depending on the materials used, making it possible to obtain the two faces constituting the card.
  • FIG. 1 represents an overall schematization of the secure system according to the present invention
  • FIG. 2 represents in partial cross-section and on a larger scale, the card entering the system of FIG.
  • FIG. 3 represents a schematization of the method of manufacturing the smart card implemented in the secure multiplicative management system.
  • the secure system 1, object of the present invention finds its use in an environment 3, within which data relating to at least one application relating to a person are recorded on a smart card 6; these data can be managed, ie read, processed and updated by the owner 7 of the card 6 or by at least one administrator 9 by means of at least one reading terminal 11 located within the environment 3 which may be a private or public place such as a train station, an airport, a shopping center where said reading terminals 11 are installed such as an ATM, a ticket booking terminal or a rental station vehicle, a pharmacy counter, etc. ; we can advantageously extend the environment 3 to a much larger space such as a city, a region, the national territory or even an international area.
  • the reading terminal 11 will be in a preferred mode and not limited to an interactive terminal, a "nomadic" reader or a computer. However, any means of reading and processing the data on the map 6 can be considered.
  • the smart card 6 may contain data relating to several applications 5; these data are personal and specific to an owner 7 also called the owner of the card 6.
  • the latter groups all the data of the applications 5 under a single structure 13, which has the advantage to record only once on the card 6, data that can possibly be exploited under several applications 5, and thus to have a much larger data storage capacity on the card 6, giving the opportunity to exploit a more applications on the same card 6.
  • an administrator 9 relating to an application 5 is authorized to have only the data relating to this application 5; access to other data on the card is strictly prohibited.
  • the single structure 13 on the board 7 is constituted interactive keys 15 which, in comparison to an interactive key 17, an application 5 which is run on at least one terminal of the read 11 by at least one director 9, allows this administrator 9 to read, process and eventually modify the data of the application in question.
  • the interactive keys 15 are assigned to the data recorded under the unique structure 13 of the card 6, each data being possibly accessible under several applications 5, such as for example the surname and first name of the owner 7 of the card 6; an interactive key 17 is associated in parallel with an application 5 accessible on a terminal 11; the card 6 or the terminal 11 then performs the correlation between the key 17 and the keys 15 which, by correspondence, allows access to the data concerning the application 5 and their reading on the terminal 11.
  • the reading terminals 11 of the secure system 1 consist of control means 19 which validate the identity of the owner 7 of the smart card 6 and also that of the administrator 9 who accesses personal data on the owner 7 Access to the data of an application 5 is allowed only when the respective identities of the owner and the administrator are validated.
  • control means 19 consist, in a preferential and nonlimiting manner, in bio-metric reading means which analyze the bio-metric data of the owner 7 and those of the administrator 9 such as the iris, the fingerprint , voiceprint, etc.
  • Other means of control may also be used, preferably in addition to the biometric control, for example a digital code which will be typed for example on a keyboard 21 and / or on a touch screen 23 provided on the reading terminal 11.
  • the smart card 6 consists of an embedded microprocessor 25 which contains all the data of the applications recorded under a single structure, to which the interactive keys 15 are allocated; the onboard microprocessor 25 also includes the bio-metric identity 27 of the owner 7 and possibly a secret digital access code.
  • the reading terminal 11 is equipped with a SAM 29 microprocessor and a SIM 31 microprocessor.
  • the SAM 29 microprocessor manages the structure of at least one application 5 and comprises at least one interactive key 17 which makes it possible to access the data. relating to the application 5 in question.
  • the interactive key 17 is compared with the interactive keys 15 on the onboard microprocessor 25 of the card 6, the correspondence between the keys then making it possible to access the data related to the application in question.
  • the interactive key 17 of the microprocessor SAM 29 must therefore correlate with the interactive keys 15 of the onboard microprocessor 25 to allow the transfer to the terminal 11 of the data relating to the application 5 being used.
  • the microprocessor SIM 31 manages meanwhile the bio-metric identity of the administrator 9 and possibly a secret digital access code.
  • the bio-metric control performed on the terminal is therefore compared to the biometric identity on the SIM 31 microprocessor.
  • the identity match then allows the administrator 9 to access the data of the application 5 to which it is attached.
  • each reading terminal 11 will read a type of application 5 and will therefore be used by administrators 9 in relation to the application in question.
  • the terminal 11 will for example be equipped with several SAM microprocessors 29 and several SIM microprocessors 31 corresponding to each of the applications 5 accessible on the terminal 11, for each of the administrators 9 authorized to access these applications 5.
  • microprocessor SIM 31 controls the bio-metric identity of the administrator 9, then, verify to which application said administrator 9 is authorized to access the terminal 11; the microprocessor SAM 29 then selects the interactive key 17 relative to the application managed by the administrator 9 to compare it to the keys 15 and then access the data specific to this application on the card 6 of the owner 7.
  • the control of the bio-metric identity of the owner 7 of the card 6 is achieved by a remarkable technique that will be called "mirror effect" which consists of measuring the bio-metric imprint on the terminal 11 and injecting it. then superimpose it on the biometric identity 27 recorded on the onboard microprocessor 25 of the smart card 6, the card 6 then performing an identity check. If the marked footprint matches the footprint 27 on the map 6 then the embedded microprocessor 25 validates the biometric control of the owner 7 of the map 6. Otherwise, access to the data on the map 6 is refused.
  • mirror effect consists of measuring the bio-metric imprint on the terminal 11 and injecting it. then superimpose it on the biometric identity 27 recorded on the onboard microprocessor 25 of the smart card 6, the card 6 then performing an identity check. If the marked footprint matches the footprint 27 on the map 6 then the embedded microprocessor 25 validates the biometric control of the owner 7 of the map 6. Otherwise, access to the data on the map 6 is refused.
  • Such a technique has the advantage of keeping the biometric identity 27 of the owner 7 on the onboard microprocessor 25 of the card, which eliminates any risk of disclosure of the bio-metric identity 27, which could occur if this was injected on the terminal 11 to make the comparison with the measured bio-metric footprint. Indeed, a user could hack the bio-metric identity 27 that would be injected on terminal 11 at the time of comparison, and use it fraudulently.
  • the smart card 6 and the reading terminals 11 are equipped with RFID transmission means for reading the data recorded on the card 6 and then updating the processed data on the reading terminal 11.
  • the smart card 6 and the terminals 11 each have a transmitter / receiver device 33 and 35.
  • the transmission system will be in a preferred and nonlimiting mode of low intensity and will require the card 6 to be positioned in the immediate vicinity of the terminal 11. D ' other transmission means by contact between the terminal 11 and the smart card 6 are also possible for the transmission of data.
  • Figure 2 partially shows the smart card 6 implemented in the system 1 object of the invention. It consists of two faces 37 and 39 which optionally have different technical characteristics, between which are arranged the components of the card, namely the embedded microprocessor 25 and the RFID antenna 33.
  • the card 6 includes anti-collision means that eliminate any risk of contact and shock between the components 25 and 33.
  • the first face 37 is made of a material that is remarkable in that it makes it possible to print and then modify the inscriptions on it.
  • the material used for the face 37 has properties that allow firstly to obtain a good adhesion of the ink which is deposited and dries on the material of said face 37, without penetrating inside thereof.
  • the inscriptions are removed from the face 37 by simply heating the material; the ink comes off the material and can then fade away by simply scanning the face 37; it is then possible to print new data on this face 37.
  • the material used for the face 37 will in a preferred embodiment of the polycarbonate which allows to take off and to suppress the adhesion of the ink by heating the surface at a temperature of sixty degrees C (60 0 C); however, any other material having similar technical characteristics to those described in the preceding paragraph may be used.
  • the second face 39 of the card preferably consists of a material enabling the user to enter unalterable data relating to the owner, such as, for example, his name, first name, age, photo, etc., which can be used. for all applications 5. This data is printed during the constitution of the card 6 and they will be kept throughout the life of the product.
  • the material used for the face 39 allows the ink to permeate the material; the ink is then absorbed by the material and the inscriptions can no longer be erased or modified.
  • the material used for the face 39 is polyethylene terephthalate; however, the use of any other material with similar technical characteristics can be conceived.
  • the reading terminal 11 is equipped with printing means 41 which make it possible to modify the inscriptions on the face 37 of the card 6.
  • These printing means 41 heat the face 37 of the card 6 at a temperature of the order of sixty degrees Celsius (60 0 C), then scan said face 37 to erase the data entered, and finally print the new data in relation to the application 5 exploited.
  • the terminal 11 comprises insertion means 43 of the card 6 which first allow positioning the transmitter / receiver antenna 33 of the card 6 near the transmitting / receiving antenna 35 of terminal 11 when operating an application 5. They then advantageously have the printing means 41 inside the insertion means 43, in order to modify and update directly the data listed on the face 37 of the card 6 according to the application 5 which is being processed on the terminal 11.
  • FIG. 3 represents a schematization of the method of manufacturing the smart card 6 used in the secure system 1 object of the present invention.
  • the smart card 6 will be manufactured in a preferred mode on a production line 45 in very large series.
  • the chain 45 is fed by two rollers 47 and 49 in the form of ribbon; the first roller 47 delivers, preferably, a flexible polycarbonate film ribbon, or any other material having identical modifiable printing technical characteristics which constitutes the face 37 of the card 6, and the second roller 49 debits, preferably, a flexible film tape made of polyethylene terephthalate, or any other material having unalterable printing technical characteristics which will make up the face 39 of the card 6.
  • the ribbon rolls 47 and 49 are unwound simultaneously and the ends 51 and 53 of these strips 55 and 57 are arranged opposite each other and penetrate into a cutter 59 which cuts said ends 51 and 53 in the format of the card, preference according to the sizing standards that are applicable.
  • a cutter 59 which cuts said ends 51 and 53 in the format of the card, preference according to the sizing standards that are applicable.
  • two pieces of ribbons 61 and 63 are obtained in the format of a standard smart card, one constituting the face 37 and the other the face 39 of the card 6.
  • the two pieces of ribbon 61 and 63 are then conveyed to the next workstation 65 where they are arranged one above the other while retaining a slight spacing between the inner facing faces 67 and 69 of the two pieces of ribbon 61 and 63, as shown in Figures 2 and 3; is then injected between the internal faces 67 and 69 juxtaposed and facing, a product containing a crosslinking agent 71 which serves as a binder between the two pieces of tape 61 and 63. Then positions all the components of the card 6, the embedded microprocessor 25 and the RFID antenna 33, as well as an anti-collision, in the crosslinking product layer 71.
  • the positioning and orientation of the components will be carried out, in a preferred embodiment, by means of an eye laser and a robot manipulator arm implemented at the station 65.
  • the whole is then routed to the next station 73 where the whole is heated to a temperature to obtain the polymerization of the materials used and the connection between the two pieces of ribbon 61 and 63;
  • the chip card having two faces 37 and 39 having different printability properties between which are arranged the components 25 and 33.
  • a heating temperature of about thirty five degrees Celsius (35 0 C).
  • the secure system 1 object of the present invention thus makes it possible to very advantageously use a single and unique smart card 6 for a large number of applications in a completely secure mode, both from the point of view of the owner and the one of the customer. administrator, guaranteeing everyone's identity and limited access to the application that concerns the administrator.
  • the use of the card is also very easy thanks to the simultaneous updating of the data printed on the face 37 according to the application which is exploited.

Abstract

The invention concerns a secure system (1) for multiple management of data concerning a person consisting of a smart card (6) whereon are recorded personalized data concerning at least one application (5), said data being adapted to be read and updated on a reading terminal (11) by the owner (7) of the card (6) or by an administrator (9) managing at least one of the applications (5) present on the card (6). The invention is characterized in that the card (6) comprises one side (37) made of a material enabling data written on said side (37) to be printed, erased or updated depending on the application (5) currently used by the owner (7) and/or by the administrator (9).

Description

SYSTEME SECURISE POUR LA GESTION MULTIPLE DE DONNEES RELATIVES AUX PERSONNES SECURE SYSTEM FOR MULTIPLE DATA MANAGEMENT RELATING TO PEOPLE
La présente invention concerne un système sécurisé pour la gestion multiple d'applications relatives à une personne. Elle trouvera son utilisation pour la gestion et le traitement des données relatives à toutes les applications de la vie courante de chaque citoyen, comme par exemple les comptes bancaires, la santé, les transports, etc., nécessitant l'utilisation d'une carte à puce contenant les données de l'application comme par exemple les données bancaires, les données médicales, les données d'un voyage, etc.The present invention relates to a secure system for the multiple management of applications relating to a person. It will find its use for the management and the processing of data relating to all the everyday applications of every citizen, such as bank accounts, health, transport, etc., requiring the use of a card. chip containing the application data such as banking data, medical data, travel data, etc.
Chaque application se compose d'une structure, comme par exemple « nom : » ; « prénom : » ; « adresse : » ; « âge : » ; « sexe : » ; « statut marital : » ; « numéro de compte : » ; « numéro de téléphone : » ; « statut professionnel : » ; « groupe sanguin : » ; etc. ; cette structure étant visualisable sur une borne de lecture propre à l'application en question. A cette structure sont attribuées des données propres à chaque citoyen comme par exemple « Henri » ; « DUPONT » ; « 23 ans » ; « rhésus 0+ » ; etc. ; ces données sont enregistrées sur la carte et peuvent éventuellement être mises à jour en cours d'utilisation par un administrateur, à savoir par exemple le médecin, le pharmacien, le banquier, etc.Each application consists of a structure, such as "name:"; "First name:"; " address : " ; " age : " ; "Sex:"; "Marital status:"; " account number : " ; "Telephone number:"; " professional status : " ; " blood group : " ; etc. ; this structure being viewable on a reading terminal specific to the application in question. This structure is assigned data specific to each citizen such as "Henri"; "DUPONT"; " 23 years " ; "Rhesus 0+"; etc. ; these data are recorded on the card and may possibly be updated during use by an administrator, ie for example the doctor, the pharmacist, the banker, etc.
De nombreuses cartes à puce sont utilisées de nos jours pour gérer des données relatives à une application. La quasi majorité des personnes possèdent actuellement au moins une carte bancaire qui permet la gestion du compte courant et le retrait d'argent, et une carte santé qui permet aux médecins de gérer le dossier médical ; des statistiques montrent que chaque citoyen dispose en moyenne de cinq cartes à puce pour la gestion des différents comptes en sa possession, et l'utilisation très efficace de ce produit tend aujourd'hui à se généraliser à tous les domaines de la vie courante comme par exemple l'identité et le statut social, le permis de conduire, et l'ensemble des titres de transport terrestre, nautique et aérien. Cette multiplicité des cartes à puces présente l'inconvénient de devoir transporter chacune d'elles sur soi, dans son sac à main ou son portefeuille, ce qui augmente par conséquent les risques de perte ou de vol de ces cartes et leur utilisation frauduleuse.Many smart cards are used today to manage application data. The majority of people currently have at least one bank card that allows the management of the current account and the withdrawal of money, and a health card that allows doctors to manage the medical file; statistics show that each citizen has on average five smart cards for the management of the various accounts in his possession, and the very effective use of this product tends today to be generalized to all areas of everyday life as per example the identity and social status, driving license, and all land, water and air transport tickets. This multiplicity of smart cards has the disadvantage of having to carry each of them on one's handbag or wallet, which consequently increases the risk of loss or theft of these cards and their fraudulent use.
Certaines cartes à puces sont susceptibles de contenir plusieurs applications ; c'est le cas en France, par exemple, de la carte bancaire qui est également utilisée comme carte de monnaie électronique dite « carte MONEO », ou encore la carte santé dite « carte VITALE » qui gère les prescriptions médicales des médecins et les remboursements pharmaceutiques effectués par la Caisse d'Assurance Maladie. Chaque application sur la carte dispose de sa propre structure à laquelle correspondent des données relatives à la personne et en rapport avec l'application proprement dite. Chaque administrateur peut accéder aux seules données de l'application qui le concernent et ne peut consulter les données des autres applications se trouvant sur la même carte. Une telle conception permet, certes avantageusement, d'éviter toute divulgation d'informations sur le propriétaire qui ne concernent pas l'administrateur, cependant elle a pour inconvénient majeur de saturer rapidement la carte à puce, ce qui limite le nombre d' applications pouvant être stocké sur la carte.Some smart cards may contain several applications; this is the case in France, for example, the bank card that is also used as electronic money card called "MONEO card", or the health card called "VITALE card" which manages doctors' medical prescriptions and refunds made by the Health Insurance Fund. Each application on the map has its own structure to which data related to the person and related to the application itself. Each administrator can access only the data of the application which concerns him and can not consult the data of the other applications being on the same card. Such a design makes it possible, advantageously, to avoid any disclosure of information on the owner that does not concern the administrator, however it has the major disadvantage of quickly saturating the smart card, which limits the number of applications that can to be stored on the map.
La présente invention vise à remédier aux inconvénients de cette nature et a pour but de concevoir un système sécurisé pour la gestion multiple des applications se trouvant sur une carte à puce, présentant l'avantage d' augmenter considérablement le nombre d' applications stocké sur la carte à puce tout en garantissant qu'un administrateur relatif à une application particulière ne pourra accéder qu'aux seules données de cette application. Elle a également pour objectif de garantir à la fois l'identité de la personne en possession de la carte et celle de l'administrateur qui est autorisé à accéder aux données de l'application qui le concerne.The present invention aims to overcome the drawbacks of this nature and aims to design a secure system for the multiple management of applications on a smart card, with the advantage of significantly increasing the number of applications stored on the chip. smart card while ensuring that an administrator for a particular application will only be able to access the data of that application. It also aims to guarantee both the identity of the person in possession of the card and the that of the administrator who is authorized to access the data of the application which concerns him.
Un autre but de l'invention est de procurer un support visuel sur la carte à puce qui permet avantageusement à l'utilisateur et aux administrateurs de disposer des données principales relatives à une application lorsque celle-ci est mise à jour et est en cours d'exploitation.Another object of the invention is to provide a visual support on the smart card which advantageously allows the user and administrators to have the main data relating to an application when it is updated and is in progress. exploitation.
A cet effet, il est proposé un système sécurisé pour la gestion multiple de données relatives à une personne qui se compose d' au moins une carte à puce sur laquelle sont enregistrées les données personnalisées relatives à au moins une application , ces données pouvant être lues et mises à jour sur au moins une borne de lecture par le propriétaire de la carte ou par au moins un administrateur gérant au moins une des applications se trouvant sur la carte. La carte rassemble les données personnalisées sur une seule et unique structure commune à toutes les applications se trouvant sur la carte, l'accès aux données d'une application sur la carte étant accordé au propriétaire de la carte et/ou à un administrateur après validation de leur identité par des moyens de contrôle sur la borne, ledit administrateur ne pouvant accéder qu'à une partie de la structure correspondant aux seules données sur la carte relatives à l'application qui le concerne. Le système est remarquable en ce que la carte comprend au moins une face constituée d'une matière permettant d'imprimer, d'effacer et d'actualiser les informations inscrites sur ladite face en fonction de l'application qui est en cours d'exploitation par le propriétaire et/ou 1' administrateur .For this purpose, it is proposed a secure system for the multiple management of data relating to a person which consists of at least one smart card on which are stored the personalized data relating to at least one application, these data being readable and updates on at least one reading terminal by the owner of the card or by at least one administrator managing at least one of the applications on the card. The card collects the personalized data on a single structure common to all the applications on the card, access to the data of an application on the card being granted to the owner of the card and / or to an administrator after validation their identity by means of control on the terminal, said administrator can only access a part of the structure corresponding to the data on the card relating to the application that concerns him. The system is remarkable in that the card comprises at least one face consisting of a material for printing, erasing and updating the information inscribed on said face depending on the application that is being operated. by the owner and / or the administrator.
L'invention concerne également le procédé de fabrication de la carte à puce utilisée dans le système sécurisé de gestion multiple des données, qui met en oeuvre les étapes successives suivantes :The invention also relates to the method of manufacturing the smart card used in the secure multiple data management system, which implements the following successive steps:
- on déroule simultanément deux rouleaux de matériau sous forme de ruban disposés en vis-à-vis, l'un constituant la première face de la carte à impression modifiable et l'autre constituant la seconde face de la carte à impression inaltérable,two rolls of material in the form of ribbon arranged in opposite relation are simultaneously unwound, one constituting the first face of the modifiable printing card and the other constituting the second face of the unalterable printed card,
- puis on massicote simultanément les deux rubans au format d'une carte, permettant d'obtenir, après découpage, deux morceaux de ruban correspondant aux deux faces de la carte,- Then massicote simultaneously the two ribbons in the format of a card, to obtain, after cutting, two pieces of ribbon corresponding to the two faces of the card,
- puis on injecte une couche de produit contenant un agent réticulant entre les deux faces internes des deux morceaux de ruban disposés l'un au dessus de l'autre,and then a product layer containing a crosslinking agent is injected between the two internal faces of the two pieces of ribbon arranged one above the other,
- puis on positionne les composants de la carte à l'intérieur de la couche de produit réticulant,and then positioning the components of the card inside the crosslinking product layer,
- on chauffe enfin l'ensemble à une température de polymérisation fonction des matériaux utilisées, permettant d'obtenir les deux faces constituant la carte.Finally, the assembly is heated to a polymerization temperature depending on the materials used, making it possible to obtain the two faces constituting the card.
On comprend bien qu'un tel système permet avantageusement de supprimer l'enregistrement sur la carte à puce de données identiques qui pourraient être exploitées dans plusieurs applications, ce qui permet donc d'augmenter la capacité de stockage de données sur la carte, et donc d'augmenter le nombre d'applications qui utilisent une seule et unique structure commune, seule une partie de cette structure étant exploitée par chacune de ces applications. L'exploitation des données de chacune des applications se trouvant sur la carte se faisant dans un mode totalement sécurisé.It is clearly understood that such a system advantageously makes it possible to eliminate the recording on the smart card of identical data that could be exploited in several applications, which therefore makes it possible to increase the data storage capacity on the card, and therefore to increase the number of applications that use a single common structure, only part of this structure being exploited by each of these applications. The exploitation of the data of each of the applications on the card is done in a totally secure mode.
D'autres avantages et caractéristiques de la présente invention ressortiront mieux de la description qui va suivre et qui est donnée à titre d'exemple non limitatif en référence aux dessins, parmi lesquels :Other advantages and features of the present invention will emerge more clearly from the description which follows and which is given by way of non-limiting example with reference to the drawings, among which:
- la figure 1 représente une schématisation d'ensemble du système sécurisé selon la présente invention,FIG. 1 represents an overall schematization of the secure system according to the present invention,
- La figure 2 représente en coupe transversale partielle et à plus grande échelle, la carte entrant dans le système de la figure 1FIG. 2 represents in partial cross-section and on a larger scale, the card entering the system of FIG.
- La figure 3 représente une schématisation du procédé de fabrication de la carte à puce mise en œuvre dans le système sécurisé de gestion multiplicative.FIG. 3 represents a schematization of the method of manufacturing the smart card implemented in the secure multiplicative management system.
Tel que schématisé sur la figure 1, le système 1 sécurisé, objet de la présente invention, trouve son utilisation dans un environnement 3, à l'intérieur duquel des données, concernant au moins une application 5 relative à une personne, sont enregistrées sur une carte à puce 6 ; ces données peuvent être gérées, c'est à dire lues, traitées et mises à jour par le propriétaire 7 de la carte 6 ou par au moins un administrateur 9 au moyen d'au moins une borne de lecture 11 se trouvant au sein de l'environnement 3 qui pourra être un lieu privé ou public tel qu'une gare, un aéroport, un centre commercial où sont installées lesdites bornes de lecture 11 telles qu'un distributeur de billets, une borne de réservation de titres de transport ou de location de véhicule, un guichet de pharmacie, etc. ; on pourra avantageusement étendre l'environnement 3 à un espace beaucoup plus vaste tel qu'une ville, une région, le territoire national ou même une aire internationale.As schematized in FIG. 1, the secure system 1, object of the present invention, finds its use in an environment 3, within which data relating to at least one application relating to a person are recorded on a smart card 6; these data can be managed, ie read, processed and updated by the owner 7 of the card 6 or by at least one administrator 9 by means of at least one reading terminal 11 located within the environment 3 which may be a private or public place such as a train station, an airport, a shopping center where said reading terminals 11 are installed such as an ATM, a ticket booking terminal or a rental station vehicle, a pharmacy counter, etc. ; we can advantageously extend the environment 3 to a much larger space such as a city, a region, the national territory or even an international area.
La borne de lecture 11 sera dans un mode préférentiel et non limitatif une borne interactive, un lecteur « nomade » ou un ordinateur. On pourra cependant envisager tout moyen permettant de lire et de traiter les données sur la carte 6.The reading terminal 11 will be in a preferred mode and not limited to an interactive terminal, a "nomadic" reader or a computer. However, any means of reading and processing the data on the map 6 can be considered.
La carte à puce 6 peut contenir des données relatives à plusieurs applications 5 ; ces données sont personnelles et propres à un propriétaire 7 encore appelé le possesseur de la carte 6. Selon l'invention, celle-ci regroupe l'ensemble des données des applications 5 sous une seule et unique structure 13, ce qui présente l'avantage d'enregistrer une seule fois sur la carte 6, une donnée qui peut éventuellement être exploitée sous plusieurs applications 5, et ainsi de disposer d'une capacité de stockage de données sur la carte 6 beaucoup plus importante, donnant la possibilité d'exploiter un plus grand nombre d'applications sur une même carte 6. Dans le cadre de la présente invention, des essais ont permis d'aboutir à l'enregistrement de données relatives à seize applications sur une même carte 6.The smart card 6 may contain data relating to several applications 5; these data are personal and specific to an owner 7 also called the owner of the card 6. According to the invention, the latter groups all the data of the applications 5 under a single structure 13, which has the advantage to record only once on the card 6, data that can possibly be exploited under several applications 5, and thus to have a much larger data storage capacity on the card 6, giving the opportunity to exploit a more applications on the same card 6. In the context of the present invention, tests led to the recording of data relating to sixteen applications on the same card 6.
Un administrateur 9 relatif à une application 5 est autorisé à disposer uniquement aux données relatives à cette application 5 ; l'accès aux autres données se trouvant sur la carte lui étant strictement interdit. Pour cela, la structure unique 13 sur la carte 7 est constituée de clefs interactives 15 qui, par comparaison à une clef interactive 17 d'une application 5 qui est gérée sur au moins une borne de ' lecture 11 par au moins un administrateur 9, permet à cet administrateur 9 de lire, de traiter puis éventuellement de modifier les données de l'application en question.An administrator 9 relating to an application 5 is authorized to have only the data relating to this application 5; access to other data on the card is strictly prohibited. For this, the single structure 13 on the board 7 is constituted interactive keys 15 which, in comparison to an interactive key 17, an application 5 which is run on at least one terminal of the read 11 by at least one director 9, allows this administrator 9 to read, process and eventually modify the data of the application in question.
Les clefs interactives 15 sont attitrées aux données enregistrées sous la structure unique 13 de la carte 6, chaque donnée étant éventuellement accessible sous plusieurs applications 5, comme par exemple le nom et le prénom du propriétaire 7 de la carte 6 ; on attitré en parallèle une clef interactive 17 à une application 5 accessible sur une borne 11 ; la carte 6 ou la borne 11 effectue alors la corrélation entre la clef 17 et les clefs 15 qui, par correspondance, autorise l'accès aux données qui concernent l'application 5 et leur lecture sur la borne 11.The interactive keys 15 are assigned to the data recorded under the unique structure 13 of the card 6, each data being possibly accessible under several applications 5, such as for example the surname and first name of the owner 7 of the card 6; an interactive key 17 is associated in parallel with an application 5 accessible on a terminal 11; the card 6 or the terminal 11 then performs the correlation between the key 17 and the keys 15 which, by correspondence, allows access to the data concerning the application 5 and their reading on the terminal 11.
Les bornes de lecture 11 du système sécurisé 1 sont constituées de moyens de contrôle 19 qui permettent de valider l'identité du propriétaire 7 de la carte à puce 6 et également celle de l'administrateur 9 qui accède à des données personnelles sur ce propriétaire 7. L'accès aux données d'une application 5 est autorisé uniquement lorsque les identités respectives du propriétaire et de l'administrateur sont validées.The reading terminals 11 of the secure system 1 consist of control means 19 which validate the identity of the owner 7 of the smart card 6 and also that of the administrator 9 who accesses personal data on the owner 7 Access to the data of an application 5 is allowed only when the respective identities of the owner and the administrator are validated.
Ces moyens de contrôle 19 consistent, dans un mode préférentiel et non limitatif, en des moyens de lecture bio-métrique qui analysent les données bio-métriques du propriétaire 7 et celles de l'administrateur 9 telles que l'iris, l'empreinte digitale, l'empreinte vocale, etc. D'autre moyens de contrôle pourront être également utilisés, de préférence en complément du contrôle biométrique, comme par exemple un code numérique qui sera tapé par exemple sur un clavier 21 et/ou sur un écran tactile 23 prévus sur la borne de lecture 11. La carte à puce 6 se compose d'un microprocesseur embarqué 25 qui contient toute les données des applications 5 enregistrées sous une structure unique, auxquelles sont attribuées les clefs interactives 15 ; le microprocesseur embarqué 25 comprend également l'identité bio-métrique 27 du propriétaire 7 et éventuellement un code d'accès numérique secret.These control means 19 consist, in a preferential and nonlimiting manner, in bio-metric reading means which analyze the bio-metric data of the owner 7 and those of the administrator 9 such as the iris, the fingerprint , voiceprint, etc. Other means of control may also be used, preferably in addition to the biometric control, for example a digital code which will be typed for example on a keyboard 21 and / or on a touch screen 23 provided on the reading terminal 11. The smart card 6 consists of an embedded microprocessor 25 which contains all the data of the applications recorded under a single structure, to which the interactive keys 15 are allocated; the onboard microprocessor 25 also includes the bio-metric identity 27 of the owner 7 and possibly a secret digital access code.
La borne de lecture 11 est équipée d'un microprocesseur SAM 29 et d'un microprocesseur SIM 31. Le microprocesseur SAM 29 gère la structure d'au moins une application 5 et comprend au moins une clef interactive 17 qui permet d' accéder aux données relatives à l'application 5 en question. La clef interactive 17 est comparée aux clefs interactives 15 sur le microprocesseur embarqué 25 de la carte 6, la correspondance entre les clefs permettant alors d' accéder aux données qui se rattachent à l'application en question. La clef interactive 17 du microprocesseur SAM 29 doit donc corréler avec les clefs interactives 15 du microprocesseur embarqué 25 pour autoriser le transfert sur la borne 11 des données relatives à l'application 5 en cours d' exploitation.The reading terminal 11 is equipped with a SAM 29 microprocessor and a SIM 31 microprocessor. The SAM 29 microprocessor manages the structure of at least one application 5 and comprises at least one interactive key 17 which makes it possible to access the data. relating to the application 5 in question. The interactive key 17 is compared with the interactive keys 15 on the onboard microprocessor 25 of the card 6, the correspondence between the keys then making it possible to access the data related to the application in question. The interactive key 17 of the microprocessor SAM 29 must therefore correlate with the interactive keys 15 of the onboard microprocessor 25 to allow the transfer to the terminal 11 of the data relating to the application 5 being used.
Le microprocesseur SIM 31 gère quant à lui l' identité bio-métrique de l'administrateur 9 et éventuellement un code d'accès numérique secret. Le contrôle bio-métrique effectué sur la borne est donc comparé à l'identité biométrique se trouvant sur le microprocesseur SIM 31. La correspondance des identités autorise alors l'administrateur 9 à accéder aux données de l'application 5 à laquelle il se rattache.The microprocessor SIM 31 manages meanwhile the bio-metric identity of the administrator 9 and possibly a secret digital access code. The bio-metric control performed on the terminal is therefore compared to the biometric identity on the SIM 31 microprocessor. The identity match then allows the administrator 9 to access the data of the application 5 to which it is attached.
Dans un mode préférentiel et non limitatif, chaque borne de lecture 11 permettra de lire un type d'application 5 et sera donc utilisée par des administrateurs 9 en relation avec l'application en question. Cependant on pourra concevoir des bornes de lecture 11 permettant d'accéder à plusieurs applications 5 sur la carte 6 du propriétaire 7 ; les administrateurs 9 de chacune des applications pourront alors accéder aux données sur la borne pour l'application qui les concerne. Dans ce cas la borne 11 sera par exemple équipée de plusieurs microprocesseurs SAM 29 et de plusieurs microprocesseurs SIM 31 correspondant à chacune des applications 5 accessibles sur la borne 11, pour chacun des administrateurs 9 habilités à accéder à ces applications 5.In a preferred and nonlimiting mode, each reading terminal 11 will read a type of application 5 and will therefore be used by administrators 9 in relation to the application in question. However, it will be possible to design reading terminals 11 making it possible to access several applications 5 on card 6 of the owner 7; the administrators 9 of each of the applications will then be able to access the data on the terminal for the application that concerns them. In this case the terminal 11 will for example be equipped with several SAM microprocessors 29 and several SIM microprocessors 31 corresponding to each of the applications 5 accessible on the terminal 11, for each of the administrators 9 authorized to access these applications 5.
On pourra également concevoir une borne 11 permettant d'accéder à plusieurs applications 5, mais équipée d'un seul microprocesseur SAM 29 et d'un seul microprocesseur SIM 31. Dans ce cas, le microprocesseur SIM 31 contrôle l'identité bio-métrique de l'administrateur 9, puis, vérifie à quelle application 5 ledit administrateur 9 est autorisé à accéder sur la borne 11 ; le microprocesseur SAM 29 sélectionne alors la clef interactive 17 relative à l'application gérée par l'administrateur 9 pour la comparer aux clefs 15 et accéder alors aux données propres à cette application sur la carte 6 du propriétaire 7.We can also design a terminal 11 to access several applications 5, but equipped with a single microprocessor SAM 29 and a single SIM 31 microprocessor. In this case, the microprocessor SIM 31 controls the bio-metric identity of the administrator 9, then, verify to which application said administrator 9 is authorized to access the terminal 11; the microprocessor SAM 29 then selects the interactive key 17 relative to the application managed by the administrator 9 to compare it to the keys 15 and then access the data specific to this application on the card 6 of the owner 7.
Le contrôle de l'identité bio-métrique du propriétaire 7 de la carte 6 est réalisé par une technique remarquable que l'on appellera « effet miroir » qui consiste à mesurer l'empreinte bio-métrique sur la borne 11 et à l'injecter puis la superposer sur l'identité biométrique 27 enregistrée sur le microprocesseur embarqué 25 de la carte à puce 6, la carte 6 effectuant alors un contrôle de l'identité. Si l'empreinte relevée concorde avec l'empreinte 27 figurant sur la carte 6 alors le microprocesseur embarqué 25 valide le contrôle bio-métrique du propriétaire 7 de la carte 6. Dans le cas contraire, l'accès aux données se trouvant sur la carte 6 est refusé. Une telle technique présente l'avantage de conserver l'identité bio-métrique 27 du propriétaire 7 sur le microprocesseur embarqué 25 de la carte, ce qui supprime tout risque de divulgation de l'identité bio-métrique 27, ce qui pourrait se produire si celle-ci était injectée sur la borne 11 pour y effectuer la comparaison avec l'empreinte bio-métrique mesurée. En effet, un utilisateur pourrait pirater l'identité bio-métrique 27 qui serait injectée sur la borne 11 au moment de la comparaison, et l'utiliser frauduleusement.The control of the bio-metric identity of the owner 7 of the card 6 is achieved by a remarkable technique that will be called "mirror effect" which consists of measuring the bio-metric imprint on the terminal 11 and injecting it. then superimpose it on the biometric identity 27 recorded on the onboard microprocessor 25 of the smart card 6, the card 6 then performing an identity check. If the marked footprint matches the footprint 27 on the map 6 then the embedded microprocessor 25 validates the biometric control of the owner 7 of the map 6. Otherwise, access to the data on the map 6 is refused. Such a technique has the advantage of keeping the biometric identity 27 of the owner 7 on the onboard microprocessor 25 of the card, which eliminates any risk of disclosure of the bio-metric identity 27, which could occur if this was injected on the terminal 11 to make the comparison with the measured bio-metric footprint. Indeed, a user could hack the bio-metric identity 27 that would be injected on terminal 11 at the time of comparison, and use it fraudulently.
La carte à puce 6 et les bornes de lecture 11 sont équipées de moyens de transmission R. F. I. D. permettant la lecture des données enregistrées sur la carte 6 puis la mise à jour des données traitées sur la borne de lecture 11. Pour cela la carte à puce 6 et les bornes 11 disposent chacune d'un dispositif émetteur/récepteur 33 et 35. Le système d'émission sera dans un mode préférentiel et non limitatif de faible intensité et nécessitera de positionner la carte 6 à proximité immédiate de la borne 11. D'autres moyens de transmission par contact entre la borne 11 et la carte à puce 6 sont également envisageables pour la transmission des données.The smart card 6 and the reading terminals 11 are equipped with RFID transmission means for reading the data recorded on the card 6 and then updating the processed data on the reading terminal 11. For this the smart card 6 and the terminals 11 each have a transmitter / receiver device 33 and 35. The transmission system will be in a preferred and nonlimiting mode of low intensity and will require the card 6 to be positioned in the immediate vicinity of the terminal 11. D ' other transmission means by contact between the terminal 11 and the smart card 6 are also possible for the transmission of data.
La figure 2 représente partiellement la carte à puce 6 mise en œuvre dans le système 1 objet de l'invention. Elle est constituée de deux faces 37 et 39 qui présentent éventuellement des caractéristiques techniques différentes, entre lesquelles sont disposés les composants de la carte, à savoir le microprocesseur embarqué 25 et l'antenne RFID 33. Dans un mode préférentiel et non limitatif, la carte 6 comprend des moyens anti-collision qui suppriment tout risque de contact et de chocs entre les composants 25 et 33.Figure 2 partially shows the smart card 6 implemented in the system 1 object of the invention. It consists of two faces 37 and 39 which optionally have different technical characteristics, between which are arranged the components of the card, namely the embedded microprocessor 25 and the RFID antenna 33. In a preferred and nonlimiting mode, the card 6 includes anti-collision means that eliminate any risk of contact and shock between the components 25 and 33.
La première face 37 est constituée dans un matériau remarquable en ce qu' il permet d' imprimer puis de modifier les inscriptions sur celle-ci. Ainsi, lorsque le propriétaire 7 utilise sa carte 6 pour une application 5 particulière, les données inscrites sur la face 37 peuvent être modifiées et actualisées pour afficher de nouvelles données en relation avec l'application 5 qui est en cours d'exploitation. Le matériau utilisé pour la face 37 dispose de propriétés qui permettent tout d' abord d' obtenir une bonne adhérence de l'encre qui se dépose et sèche sur la matière de ladite face 37, sans pénétrer à l'intérieure de celle-ci. Les inscriptions se retirent de la face 37 en chauffant tout simplement le matériau ; l'encre se décolle du matériau et peut alors s'effacer par simple balayage de la face 37 ; il est ensuite possible d'imprimer de nouvelles données sur cette face 37.The first face 37 is made of a material that is remarkable in that it makes it possible to print and then modify the inscriptions on it. Thus, when the owner 7 uses his card 6 for a particular application, the data written on the face 37 can be modified and updated to display new data in relation to the application 5 which is being used. The material used for the face 37 has properties that allow firstly to obtain a good adhesion of the ink which is deposited and dries on the material of said face 37, without penetrating inside thereof. The inscriptions are removed from the face 37 by simply heating the material; the ink comes off the material and can then fade away by simply scanning the face 37; it is then possible to print new data on this face 37.
Le matériau utilisé pour la face 37 sera dans un mode préférentiel du polycarbonate qui permet de décoller et de supprimer l'adhérence de l'encre en chauffant la face à une température de soixante degrés Celsius (600C) ; on pourra cependant utiliser tout autre matériaux présentant des caractéristiques techniques semblables à celles décrites au paragraphe précédent .The material used for the face 37 will in a preferred embodiment of the polycarbonate which allows to take off and to suppress the adhesion of the ink by heating the surface at a temperature of sixty degrees C (60 0 C); however, any other material having similar technical characteristics to those described in the preceding paragraph may be used.
La seconde face 39 de la carte est constituée, de préférence, dans un matériaux permettant d'inscrire des données inaltérables relatives au propriétaire, comme par exemple son nom, son prénom, son âge, une photo, etc., susceptibles d' être utilisées pour toutes les applications 5. Ces données sont donc imprimées lors de la constitution de la carte 6 puis elles seront conservées pendant toute la durée de vie du produit. Le matériau utilisé pour la face 39 permet à l'encre de s'imprégner dans la matière ; l'encre est alors absorbée par la matière et les inscriptions ne peuvent plus être effacées, ni modifiées .The second face 39 of the card preferably consists of a material enabling the user to enter unalterable data relating to the owner, such as, for example, his name, first name, age, photo, etc., which can be used. for all applications 5. This data is printed during the constitution of the card 6 and they will be kept throughout the life of the product. The material used for the face 39 allows the ink to permeate the material; the ink is then absorbed by the material and the inscriptions can no longer be erased or modified.
On pourra cependant envisager de concevoir cette face 39 dans un matériau identique à celui utilisé pour la face 37, au cas où il serait nécessaire de modifier également les données inscrites sur celle-ci.However, it will be possible to envisage designing this face 39 in a material identical to that used for face 37, in case it is necessary to also modify the data written on it.
Dans un mode préférentiel et non limitatif, le matériau utilisé pour la face 39 est de polyéthylène téréphtalate ; on pourra cependant concevoir l'utilisation de tout autre matériau présentant des caractéristiques techniques similaires.In a preferred and non-limiting mode, the material used for the face 39 is polyethylene terephthalate; however, the use of any other material with similar technical characteristics can be conceived.
La borne de lecture 11 est équipée de moyens d'impression 41 qui permettent de modifier les inscriptions sur la face 37 de la carte 6. Ces moyens d'impression 41 chauffent la face 37 de la carte 6 à une température de l'ordre de soixante degrés Celsius (600C), puis balayent ladite face 37 pour effacer les données inscrites, et enfin impriment les nouvelles données en rapport avec l'application 5 exploitée. Dans un mode remarquable de conception, la borne 11 comprend des moyens d'insertion 43 de la carte 6 qui permettent tout d'abord de positionner l'antenne émetteur/récepteur 33 de la carte 6 à proximité de l'antenne émetteur/récepteur 35 de la borne 11 lors de l'exploitation d'une application 5. Ils permettent ensuite de disposer avantageusement les moyens d'impression 41 à l'intérieur des moyens d'insertion 43, afin de modifier et d' actualiser directement les données inscrites sur la face 37 de la carte 6 selon l'application 5 qui est en cours de traitement sur la borne 11.The reading terminal 11 is equipped with printing means 41 which make it possible to modify the inscriptions on the face 37 of the card 6. These printing means 41 heat the face 37 of the card 6 at a temperature of the order of sixty degrees Celsius (60 0 C), then scan said face 37 to erase the data entered, and finally print the new data in relation to the application 5 exploited. In a remarkable mode of design, the terminal 11 comprises insertion means 43 of the card 6 which first allow positioning the transmitter / receiver antenna 33 of the card 6 near the transmitting / receiving antenna 35 of terminal 11 when operating an application 5. They then advantageously have the printing means 41 inside the insertion means 43, in order to modify and update directly the data listed on the face 37 of the card 6 according to the application 5 which is being processed on the terminal 11.
La figure 3 représente une schématisation du procédé de fabrication de la carte à puce 6 utilisée dans le système sécurisé 1 objet de la présente invention. La carte à puce 6 sera fabriquée dans un mode préférentiel sur une chaîne de production 45 en très grande série. La chaîne 45 est alimentée par deux rouleaux 47 et 49 en forme de ruban ; le premier rouleau 47 débite, de préférence, un ruban de film souple en polycarbonate, ou tout autre matière présentant des caractéristiques techniques identiques d' impression modifiable qui constitue la face 37 de la carte 6, et le second rouleau 49 débite, de préférence, un ruban de film souple en polyéthylène téréphtalate, ou tout autre matière présentant des caractéristiques techniques d'impression inaltérable qui permettra de constituer la face 39 de la carte 6.FIG. 3 represents a schematization of the method of manufacturing the smart card 6 used in the secure system 1 object of the present invention. The smart card 6 will be manufactured in a preferred mode on a production line 45 in very large series. The chain 45 is fed by two rollers 47 and 49 in the form of ribbon; the first roller 47 delivers, preferably, a flexible polycarbonate film ribbon, or any other material having identical modifiable printing technical characteristics which constitutes the face 37 of the card 6, and the second roller 49 debits, preferably, a flexible film tape made of polyethylene terephthalate, or any other material having unalterable printing technical characteristics which will make up the face 39 of the card 6.
Les rouleaux de ruban 47 et 49 sont déroulés simultanément et les extrémités 51 et 53 de ces rubans 55 et 57 sont disposées en vis-à-vis et pénètrent dans un massicot 59 qui découpe lesdites extrémités 51 et 53 au format de la carte, de préférence selon les normes de dimensionnement qui sont applicables. On obtient donc après découpage deux morceaux de rubans 61 et 63 au format d'une carte à puce standard, l'un constituant la face 37 et l'autre la face 39 de la carte 6.The ribbon rolls 47 and 49 are unwound simultaneously and the ends 51 and 53 of these strips 55 and 57 are arranged opposite each other and penetrate into a cutter 59 which cuts said ends 51 and 53 in the format of the card, preference according to the sizing standards that are applicable. Thus, after cutting, two pieces of ribbons 61 and 63 are obtained in the format of a standard smart card, one constituting the face 37 and the other the face 39 of the card 6.
Les deux morceaux de ruban 61 et 63 sont ensuite acheminés au poste de travail suivant 65 où ils sont disposés l'un au dessus de l'autre en conservant un léger espacement entre les faces internes en regard 67 et 69 des deux morceaux de ruban 61 et 63, tel que représenté sur les figures 2 et 3 ; on injecte alors entre les faces internes 67 et 69 juxtaposées et en regard, un produit contenant un agent réticulant 71 qui sert de liant entre les deux morceaux de ruban 61 et 63. On positionne ensuite l'ensemble des composants de la carte 6, à savoir le microprocesseur embarqué 25 et l'antenne RFID 33, ainsi qu'un anti-collision, dans la couche de produit réticulant 71. Le positionnement et l'orientation des composants seront réalisés, dans un mode préférentiel, au moyen d'un oeil laser et d'un bras robot de manipulation mis en œuvre au poste 65. On achemine alors le tout au poste suivant 73 où l'on chauffe l'ensemble à une température permettant d'obtenir la polymérisation des matériaux utilisés et la liaison entre les deux morceaux de ruban 61 et 63 ; on constitue ainsi la carte à puce munie de deux faces 37 et 39 présentant des propriétés d' imprimabilité différentes entre lesquelles sont disposés les composants 25 et 33. Dans le cas de l'utilisation du polyéthylène téréphtalate et du polycarbonate, on utilise, de préférence, une température de chauffe d'environ trente cinq degrés Celsius (350C).The two pieces of ribbon 61 and 63 are then conveyed to the next workstation 65 where they are arranged one above the other while retaining a slight spacing between the inner facing faces 67 and 69 of the two pieces of ribbon 61 and 63, as shown in Figures 2 and 3; is then injected between the internal faces 67 and 69 juxtaposed and facing, a product containing a crosslinking agent 71 which serves as a binder between the two pieces of tape 61 and 63. Then positions all the components of the card 6, the embedded microprocessor 25 and the RFID antenna 33, as well as an anti-collision, in the crosslinking product layer 71. The positioning and orientation of the components will be carried out, in a preferred embodiment, by means of an eye laser and a robot manipulator arm implemented at the station 65. The whole is then routed to the next station 73 where the whole is heated to a temperature to obtain the polymerization of the materials used and the connection between the two pieces of ribbon 61 and 63; Thus, the chip card having two faces 37 and 39 having different printability properties between which are arranged the components 25 and 33. In the case of the use of polyethylene terephthalate and polycarbonate, it is preferably used , a heating temperature of about thirty five degrees Celsius (35 0 C).
Le système sécurisé 1 objet de la présente invention permet donc d'utiliser très avantageusement une seule et unique carte à puce 6 pour un grand nombre d'applications dans un mode entièrement sécurisé, aussi bien du point de vue du propriétaire que de celui de l'administrateur, en garantissant l'identité de chacun et l'accès limité à l'application qui concerne l'administrateur. L'utilisation de la carte étant de plus très conviviale grâce à la mise à jour simultanée des données imprimées sur la face 37 en fonction de l'application qui est exploitée.The secure system 1 object of the present invention thus makes it possible to very advantageously use a single and unique smart card 6 for a large number of applications in a completely secure mode, both from the point of view of the owner and the one of the customer. administrator, guaranteeing everyone's identity and limited access to the application that concerns the administrator. The use of the card is also very easy thanks to the simultaneous updating of the data printed on the face 37 according to the application which is exploited.
D' autres mises en œuvre pourront être envisagées par l'Homme du Métier sans pour autant sortir du cadre de la présente invention. Other implementations may be envisaged by the skilled person without departing from the scope of the present invention.

Claims

REVENDICATIONS
1 - Système sécurisé (1) pour la gestion multiple de données relatives à une personne qui se compose d'au moins une carte (6) à puce sur laquelle sont enregistrées des données personnalisées relatives à au moins une application (5) , ces données pouvant être lues et mises à jour sur au moins une borne de lecture (11) par le propriétaire (7) de la carte (6) ou par au moins un administrateur (9) gérant au moins une des applications (5) se trouvant sur la carte (6), ladite carte (6) rassemblant les données personnalisées sur une seule et unique structure (13) commune à toutes les applications (5) se trouvant sur la carte (β), l'accès aux données d'une application sur la carte (6) étant accordé au propriétaire (7) de la carte (6) . et/ou à un administrateur (9) après validation de leur identité par des moyens de contrôle (27, 19, 31) sur la borne (11), ledit administrateur (9) ne pouvant accéder qu'à une partie de la structure (13) correspondant aux seules données sur la carte (6) relatives à l'application (5) qui le concerne, caractérisé en ce que la carte (6) comprend au moins une face (37) constituée d'une matière permettant d'imprimer, d'effacer et d'actualiser les informations inscrites sur ladite face (37) en fonction de l'application (5) qui est en cours d'exploitation par le propriétaire (7) et/ou l'administrateur (9).1 - secure system (1) for the multiple management of data relating to a person which consists of at least one smart card (6) on which personalized data relating to at least one application (5) are stored, these data can be read and updated on at least one reading terminal (11) by the owner (7) of the card (6) or by at least one administrator (9) managing at least one of the applications (5) located on the card (6), said card (6) gathering the personalized data on a single structure (13) common to all the applications (5) on the card (β), access to the data of an application on the map (6) being granted to the owner (7) of the map (6). and / or to an administrator (9) after validation of their identity by control means (27, 19, 31) on the terminal (11), said administrator (9) being able to access only part of the structure ( 13) corresponding to the only data on the card (6) relating to the application (5) which concerns it, characterized in that the card (6) comprises at least one face (37) consisting of a material allowing printing , erase and update the information written on said face (37) according to the application (5) which is being used by the owner (7) and / or the administrator (9).
2 - Système sécurisé (1) selon la revendication précédente, caractérisé en ce que la carte (6) est constituée de deux faces (37, 39) réalisées dans des matériaux différents, le matériau de la première face (37) permettant l'impression d'informations modifiables sur la borne de lecture en fonction de l'application (5) exploitée et le matériau de la seconde face (39) permettant l'impression d'informations inaltérables une fois la carte (6) créée. 3 - Système sécurisé (1) selon la revendication précédente, caractérisé en ce que de la face (37) de la carte (6) est chauffée à une température supérieure à soixante degrés Celsius permettant de décoller l'encre puis d'effacer les impressions sur cette face (37), pour enfin imprimer de nouvelles données sur la carte (6) en fonction de l'application (5) exploitée.2 - secure system (1) according to the preceding claim, characterized in that the card (6) consists of two faces (37, 39) made of different materials, the material of the first face (37) for printing modifiable information on the reading terminal according to the application (5) exploited and the material of the second face (39) for printing information unalterable once the card (6) created. 3 - secure system (1) according to the preceding claim, characterized in that the face (37) of the card (6) is heated to a temperature above sixty degrees Celsius to take off the ink and erase the prints on this face (37), to finally print new data on the map (6) according to the application (5) exploited.
4 - Système sécurisé (1) selon la revendication précédente, caractérisé en ce que la première face (37) de la carte (6) est réalisée en polycarbonate et la seconde face (39) de la carte (6) est réalisée en polyéthylène térephtalate.4 - secure system (1) according to the preceding claim, characterized in that the first face (37) of the card (6) is made of polycarbonate and the second face (39) of the card (6) is made of polyethylene terephthalate .
5 - Système sécurisé (1) selon l'une quelconque des revendications précédentes, caractérisé en ce que la carte (6) est équipée d'un microprocesseur embarqué (25) qui comprend les données relatives à chaque application (5), l'identité bio-métrique (27) du propriétaire (7) et des clefs interactives (15) pour chacune des applications (5) , chaque clef interactive (15) devant corréler avec au moins une clef interactive (17) pour chacune des applications (5) accessibles sur la borne (11) pour accéder aux données.5 - secure system (1) according to any one of the preceding claims, characterized in that the card (6) is equipped with an embedded microprocessor (25) which comprises the data relating to each application (5), the identity bio-metric (27) of the owner (7) and interactive keys (15) for each of the applications (5), each interactive key (15) having to correlate with at least one interactive key (17) for each of the applications (5) accessible on the terminal (11) to access the data.
6 - Système sécurisé (1) selon la revendication précédente, caractérisé en ce que la carte (6) effectue un contrôle de l'identité du propriétaire (7) par « effet miroir » en comparant par superposition uncontrôle biométrique (19) qui est réalisé sur la borne (11) avec l'identité bio-métrique (27) se trouvant sur la carte (6), la comparaison se faisant sur la carte (6) .6 - secure system (1) according to the preceding claim, characterized in that the card (6) performs a control of the identity of the owner (7) by "mirror effect" by comparing by superposition biometric control (19) which is realized on the terminal (11) with the bio-metric identity (27) on the map (6), the comparison being made on the map (6).
7 - Système sécurisé (1) selon la revendication précédente, caractérisé en ce que la lecture et la mise à jour des données sur la carte (6) s'effectuent par transmission R. F. I. D. (33, 35) entre la borne (11) et la carte (6) . 8 - Procédé de fabrication de la carte à puce (6) utilisée dans le système de sécurité (1) de gestion multiple des données selon l'une quelconque des revendications précédentes, caractérisé en ce qu'il met en oeuvre les étapes successives suivantes :7 - secure system (1) according to the preceding claim, characterized in that the reading and updating of the data on the card (6) is effected by RFID transmission (33, 35) between the terminal (11) and the map (6). 8 - Process for manufacturing the smart card (6) used in the multiple data management security system (1) according to any one of the preceding claims, characterized in that it implements the following successive steps:
- on déroule simultanément deux rouleaux de matériau (47, 49) sous forme de ruban (55, 57) disposés en vis-à- vis, l'un (55) constituant la première face (37) de la carte (6) à impression modifiable et l'autre (57) constituant la seconde face (39) de la carte (6) à impression inaltérable,two rolls of material (47, 49) in the form of ribbon (55, 57) arranged in opposite relation are simultaneously unwound, one (55) constituting the first face (37) of the card (6) to modifiable printing and the other (57) constituting the second face (39) of the card (6) with unalterable printing,
- puis on massicote simultanément les deux rubans (55, 57) au format d'une carte (6), permettant d'obtenir, après découpage, deux morceaux (61, 63) de ruban correspondant aux deux faces (37, 39) de la carte (6) ,- Then massicote both ribbons (55, 57) in the format of a card (6), to obtain, after cutting, two pieces (61, 63) of ribbon corresponding to the two faces (37, 39) of the map (6),
- puis on injecte une couche de produit contenant un agent de réticulation entre les deux faces internes (67, 69) des deux morceaux (67, 69) de ruban disposés l'un au dessus de l' autre,and then injecting a layer of product containing a crosslinking agent between the two inner faces (67, 69) of the two pieces (67, 69) of ribbon arranged one above the other,
- puis on positionne les composants (25, 33) de la carte (6) à l'intérieur de la couche de produit réticulant,and then positioning the components (25, 33) of the card (6) inside the crosslinking product layer,
- on chauffe enfin l'ensemble à une température de polymérisation fonction des matériaux utilisés, permettant d'obtenir les deux faces (37, 39) constituant la carte (6). and finally heating the assembly to a polymerization temperature depending on the materials used, making it possible to obtain the two faces (37, 39) constituting the card (6).
PCT/FR2006/002216 2005-09-30 2006-10-02 Secure system for multiple management of data concerning people WO2007036648A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
FR0510021 2005-09-30
FR0510021A FR2891640B1 (en) 2005-09-30 2005-09-30 SECURE SYSTEM FOR MULTIPLE DATA MANAGEMENT RELATING TO PEOPLE.

Publications (1)

Publication Number Publication Date
WO2007036648A1 true WO2007036648A1 (en) 2007-04-05

Family

ID=36155918

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/FR2006/002216 WO2007036648A1 (en) 2005-09-30 2006-10-02 Secure system for multiple management of data concerning people

Country Status (2)

Country Link
FR (1) FR2891640B1 (en)
WO (1) WO2007036648A1 (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR2957444B1 (en) 2010-03-15 2012-03-09 Citizengate DATA CARRIER FOR ENTITY CONTROL, DEVICE AND METHOD FOR CONTROLLING ENTITIES
FR2957446B1 (en) 2010-03-15 2012-03-09 Citizengate DEVICE AND METHOD FOR SUPERVISION AND MANAGEMENT OF COMBINED DISPLACEMENTS OF PEOPLE

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1998001820A1 (en) * 1996-07-05 1998-01-15 Dynamic Data Systems Pty. Ltd. Identification storage medium and system and method for providing access to authorised users
US6101477A (en) * 1998-01-23 2000-08-08 American Express Travel Related Services Company, Inc. Methods and apparatus for a travel-related multi-function smartcard
EP1028396A2 (en) * 1999-02-10 2000-08-16 Hitachi, Ltd. Automatic identification equipment and IC cards
FR2800188A1 (en) * 1999-10-26 2001-04-27 Gemplus Card Int Support for compressed digital data and reading and recording device for such a support, where the invention relates particularly to files stored in MP3 format, with the support having an updateable area for contents display
US20030214794A1 (en) * 2002-05-10 2003-11-20 Hideki Takahashi IC card

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH11120300A (en) * 1997-10-09 1999-04-30 Fujitsu Ltd Portable card medium, memory space managing method for portable card medium, issuing method for portable card medium, program data writing method for portable card medium, and medium on which memory space managing program is recorded

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1998001820A1 (en) * 1996-07-05 1998-01-15 Dynamic Data Systems Pty. Ltd. Identification storage medium and system and method for providing access to authorised users
US6101477A (en) * 1998-01-23 2000-08-08 American Express Travel Related Services Company, Inc. Methods and apparatus for a travel-related multi-function smartcard
EP1028396A2 (en) * 1999-02-10 2000-08-16 Hitachi, Ltd. Automatic identification equipment and IC cards
FR2800188A1 (en) * 1999-10-26 2001-04-27 Gemplus Card Int Support for compressed digital data and reading and recording device for such a support, where the invention relates particularly to files stored in MP3 format, with the support having an updateable area for contents display
US20030214794A1 (en) * 2002-05-10 2003-11-20 Hideki Takahashi IC card

Also Published As

Publication number Publication date
FR2891640B1 (en) 2008-06-06
FR2891640A1 (en) 2007-04-06

Similar Documents

Publication Publication Date Title
EP2370936B1 (en) Intelligent portable tool comprising graphic customisation data
EP0706150B1 (en) Method for personalisation of serial cards
WO2007036648A1 (en) Secure system for multiple management of data concerning people
JP2005246658A (en) Secret information medium
FR2816738A1 (en) Electronic smart card customizing machine includes both electrical customizing station and printing heads
EP0986804B1 (en) Complex and device for guaranteeing the tamper-protection and authenticity of a document or goods
WO2010007479A2 (en) Apparatus and method for generating a secure entitlement on the basis of an official entitlement
EP3895108A1 (en) Device and method for securing secure data for a bank payment card
EP2977851A1 (en) Device and method for document authentication
CA2538423A1 (en) Secure paper comprising a fibrous layer and an electronic chip
FR2731815A1 (en) Single data storage for medical data on patients
EP2572313B1 (en) Portable communication equipment, system and method for communicating between a local terminal and a plurality of portable equipment
EP3311341A1 (en) Methods of affiliation, emancipation and verification between a tutor and a tutee
EP3367304B1 (en) Method and device for recognising a person by biometric signature
FR2799561A1 (en) Card shaped data carrier with visible indication of validity for different services marked on rewriteable fields of card surface
WO2004063999A1 (en) Method for the secure personalisation of an object
EP0831434A1 (en) Method for blocking a plurality of services by blacklisting them, and associated blocking server, receiving terminal and portable device
FR2989798A1 (en) SECURITY DEVICE AND IDENTITY DOCUMENT
FR2850812A1 (en) Data transmission network for e.g. medical insurance establishment, has administrative computer that is connected to memory and accessed to identification and data files but not to data identification link code
FR3060168A1 (en) BIOMETRIC IDENTIFICATION METHOD AND SYSTEM
EP3663985A1 (en) Method for manufacturing a device comprising a body in the form of a card and an information area
FR2817985A1 (en) METHOD AND ARRANGEMENT FOR PERFORMING A BANKING TRANSACTION VIA AN AUTHORIZATION CENTER WITH THE USE OF A PORTABLE DATA MEDIUM
WO2010150035A1 (en) Method and device for storing and retrieving data
FR2767406A1 (en) Delivery of personalized card or document based on secret code
EP3311342A1 (en) Method for delegating and verifying rights over a tutee between a tutor and a third party

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application
NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 06808226

Country of ref document: EP

Kind code of ref document: A1