WO2024035375A1 - An identity access device consisting of at least two separate modules associated with each other to provide data communication - Google Patents

An identity access device consisting of at least two separate modules associated with each other to provide data communication Download PDF

Info

Publication number
WO2024035375A1
WO2024035375A1 PCT/TR2023/050800 TR2023050800W WO2024035375A1 WO 2024035375 A1 WO2024035375 A1 WO 2024035375A1 TR 2023050800 W TR2023050800 W TR 2023050800W WO 2024035375 A1 WO2024035375 A1 WO 2024035375A1
Authority
WO
WIPO (PCT)
Prior art keywords
card reader
identity
module
access device
service
Prior art date
Application number
PCT/TR2023/050800
Other languages
French (fr)
Inventor
Yasin KAHRAMANER
Original Assignee
Arksigner Yazilim Ve Donanim Sanayi Ticaret Anonim Sirketi
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Arksigner Yazilim Ve Donanim Sanayi Ticaret Anonim Sirketi filed Critical Arksigner Yazilim Ve Donanim Sanayi Ticaret Anonim Sirketi
Publication of WO2024035375A1 publication Critical patent/WO2024035375A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards

Definitions

  • the invention relates to a card acces s device consi sting of a service provider card reader module comprising at least one identity card reader area and a service receiver card reader module comprising at least one identity card reader area as sociated with each other in a way to provide data exchange .
  • the device bodies that serve with at least 2 identity card readers positioned in two separate modules and that will read the identity of the service area are separated from each other . In this way, the security weaknes ses of the systems operated with more than one card reader on the monolithic body are eliminated .
  • Identity Acces s Device is a special card reader developed by TUBITAK BILGEM for new-generat ion electronic identity cards . Thanks to the SAM ( Secure Acces s Module ) , the device can securely communicate with the identity card and read data areas that cannot be acces sed with standard card readers such as the cardholder ' s personal mes sage and biometric data . IAD verifies with verification methods according to the security policy determined by the external application software or policy server . In the methods included in the ordinary state of the art, Identity Access Devices (IADs) ensure that one or more TR identity cards are verified by the methods described in TSE standards. Issues such as whether the identity card of the person is correct, qualified, issued by the Population and Citizenship Administration (PCA) or whether it belongs to the person are checked. Biometric sensors such as fingerprints can be used to determine the identity of the identity card.
  • PCA Population and Citizenship Administration
  • the conventional IAD device is a one-piece device. On this device, transactions can be made simultaneously with two Vietnamese identity cards, one of which belongs to the service receiver and the other to the service provider (https : / / www . bionay . com . t r/blog- cat egory/bionay dan-news/ ) .
  • the device subject to the patent application consists of the upper cabinet, screen frame, color touch screen, contactless reader, touch screen capacitive connector, touch screen light connector, SAM card slot 1, card reader area with chip for the service provider, fingerprint and finger vein reader frame, USB input of the palm vein reader, fingerprint and finger vein reader module, HDMI connection cable connector, external power supply, Ethernet interface, plastic cover of the SAM card slot, lower cabinet, USB B type, mini USB, security point on the main board 1 security point on the main board 2, connection connector of the fingerprint and finger vein reader device, main board lower security cover, contactless antenna connector, PCB firewall, card reader area with chip for the service area, lock cover of the SAM card slot, main board, keyboard illuminated protective area, functional password/pin keys, LCD connector, button, micro HDMI, battery, SIM card slot 1, SIM card slot 2, charging module and SAM card slot 2.
  • the purpose of the invention is to create a higher security identity card acces s device in which the card reader of the service provider is created in a separate module and the card reader of the service receiver is created in a separate module .
  • the IAD of the invention is formed of at least two part s , not one piece .
  • the first part of IAD is used by the service receiver ( customer ) and the second part is used by the service provider .
  • the structure is divided into two and it is ensured that there are two separate modules on the side of the service receiver and the service provider . In this way, it is aimed to prevent security vulnerabilities .
  • problems such as reducing cost s , providing ease of use , and increasing transaction security (physical security) are solved .
  • each module can be customized to be specific to the user of the module .
  • it will not be neces sary to create biometric sensors on the module side of the service provider .
  • FIG. 1 Front view of the service provider card reader module and the service receiver card reader module connected by cable Description of References in Figures
  • the invention relates to an identity access device with at least 2 identity card reader areas (3) in its structure for the purpose of reading the identity cards of the service provider and the service receiver.
  • Said identity access device consists of a service provider card reader module (1) containing at least one identity card reader area (3) and a service receiver card reader module (2) containing at least one identity card reader area (3) , which are associated with each other in a way to exchange data.
  • the service provider card reader module (1) and the service receiver card reader module (2) are connected to each other with at least one connection cable (4) according to the preferred embodiment of the invention.
  • Figure 2 shows two modules (1,2) connected with the connection cable (4) .
  • Different embodiments of the invention can be operated by connecting the two modules (1, 2) with a wireless connection.
  • One of these developed modules (1, 2) is designed to have a connection cable (4) between the other module (1, 2) and the smart card reader.
  • the service receiver card reader module (2) has a fingerprint sensor (5) in its structure .
  • a service receiver card reader module (2) In order to perform high-level transactions, there is also a service receiver card reader module (2) , a SAM module, a secure access module (SAM) , a command input unit (7) that allows the identification of the service receiver with not only fingerprints but also with a data that the service receiver knows, and a display screen (6) that allows the service receiver to be informed about the transactions (showing the instructions) .
  • SAM secure access module
  • the command input unit (7) is in the form of a button according to the preferred embodiment of the invention.
  • instructions such as "put the index finger of the right hand to verify the fingerprint” can be shown on the aforementioned display screen (6) .
  • the service provider card reader module (1) has a standard and contactless card reader area (3) , while the other module that completes the structure, the service receiver card reader module (2) , has a standard card reader area (3) , fingerprint sensor (5) , and Secure Access Module (SAM) .
  • SAM Secure Access Module
  • the service provider card reader module (1) serving within the different applications of the invention may also include the display screen (6) and the command input unit (7) .

Abstract

The invention relates to a card access device consisting of a service provider card reader module (1) comprising at least one identity card reader area (3) and a service receiver card reader module (2) comprising at least one identity card reader area (3), which are associated with each other to provide data exchange.

Description

AN IDENTITY ACCESS DEVICE CONSISTING OF AT LEAST TWO SEPARATE MODULES ASSOCIATED WITH EACH OTHER TO PROVIDE DATA COMMUNICATION
Technical Field
The invention relates to a card acces s device consi sting of a service provider card reader module comprising at least one identity card reader area and a service receiver card reader module comprising at least one identity card reader area as sociated with each other in a way to provide data exchange .
The device bodies that serve with at least 2 identity card readers positioned in two separate modules and that will read the identity of the service area are separated from each other . In this way, the security weaknes ses of the systems operated with more than one card reader on the monolithic body are eliminated .
State of the Art
Identity Acces s Device ( IAD ) is a special card reader developed by TUBITAK BILGEM for new-generat ion electronic identity cards . Thanks to the SAM ( Secure Acces s Module ) , the device can securely communicate with the identity card and read data areas that cannot be acces sed with standard card readers such as the cardholder ' s personal mes sage and biometric data . IAD verifies with verification methods according to the security policy determined by the external application software or policy server . In the methods included in the ordinary state of the art, Identity Access Devices (IADs) ensure that one or more TR identity cards are verified by the methods described in TSE standards. Issues such as whether the identity card of the person is correct, qualified, issued by the Population and Citizenship Affairs (PCA) or whether it belongs to the person are checked. Biometric sensors such as fingerprints can be used to determine the identity of the identity card.
The conventional IAD device is a one-piece device. On this device, transactions can be made simultaneously with two Turkish identity cards, one of which belongs to the service receiver and the other to the service provider (https : / / www . bionay . com . t r/blog- cat egory/bionay dan-news/ ) .
For example, in subscription agreements, both the operator and the citizen wear the identity card on the same device. As the customer comes, different cards belonging to the people receiving the service are constantly changed and attached to the same device. In IAD, which stands on the side of the citizen, the constant wearing of the operator's T.R. Identity cards causes security vulnerabilities. In this embodiment, since the cards are constantly inserted on the same device, disadvantages such as theft of the cards may be encountered.
During the use of the monolithic IAD of the current art, both cards must be installed in the monolithic body. In such a case, there is a risk that the Turkish identity card of the service provider will be stopped on the customer side. Similarly, standing on the operator's side eliminates ease of use . It is understood that the patent application numbered TR 2015/06503 is related to the identity access device including contact, non-contact, biometric, and all kinds of electronic payment functions.
It is understood that the device subject to the patent application consists of the upper cabinet, screen frame, color touch screen, contactless reader, touch screen capacitive connector, touch screen light connector, SAM card slot 1, card reader area with chip for the service provider, fingerprint and finger vein reader frame, USB input of the palm vein reader, fingerprint and finger vein reader module, HDMI connection cable connector, external power supply, Ethernet interface, plastic cover of the SAM card slot, lower cabinet, USB B type, mini USB, security point on the main board 1 security point on the main board 2, connection connector of the fingerprint and finger vein reader device, main board lower security cover, contactless antenna connector, PCB firewall, card reader area with chip for the service area, lock cover of the SAM card slot, main board, keyboard illuminated protective area, functional password/pin keys, LCD connector, button, micro HDMI, battery, SIM card slot 1, SIM card slot 2, charging module and SAM card slot 2.
From this narrative, it is understood that the device subject to the patent has a monolithic body with 2 separate card readers within the same body.
It is thought that this device, which is operated by placing two different identity cards on the same body, may cause technical problems encountered by known monolithic body card reader systems . Problems to Be Solved by the Invention
The purpose of the invention is to create a higher security identity card acces s device in which the card reader of the service provider is created in a separate module and the card reader of the service receiver is created in a separate module .
In order to prevent the problems caused by the monolithic IADs used within the present art , the IAD of the invention is formed of at least two part s , not one piece . In this method, the first part of IAD is used by the service receiver ( customer ) and the second part is used by the service provider .
With the IAD structuring sub j ect to the invention, the structure is divided into two and it is ensured that there are two separate modules on the side of the service receiver and the service provider . In this way, it is aimed to prevent security vulnerabilities . In addition, with this solution, problems such as reducing cost s , providing ease of use , and increasing transaction security (physical security) are solved .
By dividing the IAD structure into two separate modules , each module can be customized to be specific to the user of the module . For example , with the embodiment of the invention, it will not be neces sary to create biometric sensors on the module side of the service provider .
Customizing each module of the configuration consisting of two separate modules to the party that will use the module ( service receiver/provider ) will make the system simpler for each party and will provide ease of use . Description of the Figures
Figure 1. Side view of the service provider card reader module
Figure 2. Front view of the service provider card reader module and the service receiver card reader module connected by cable Description of References in Figures
1. Service provider card reader module
2. Service receiver card reader module
3. Identity card reader area
4. Connection cable
5. Fingerprint sensor
6. Display screen
7. Command input unit scription of the Invention
The invention relates to an identity access device with at least 2 identity card reader areas (3) in its structure for the purpose of reading the identity cards of the service provider and the service receiver.
Said identity access device consists of a service provider card reader module (1) containing at least one identity card reader area (3) and a service receiver card reader module (2) containing at least one identity card reader area (3) , which are associated with each other in a way to exchange data.
The service provider card reader module (1) and the service receiver card reader module (2) are connected to each other with at least one connection cable (4) according to the preferred embodiment of the invention. Figure 2 shows two modules (1,2) connected with the connection cable (4) .
Different embodiments of the invention can be operated by connecting the two modules (1, 2) with a wireless connection.
One of these developed modules (1, 2) is designed to have a connection cable (4) between the other module (1, 2) and the smart card reader.
Identity verification with fingerprint will be made by the service receiver and the identity to be determined belongs to the service receiver. Therefore, the service receiver card reader module (2) has a fingerprint sensor (5) in its structure .
In order to perform high-level transactions, there is also a service receiver card reader module (2) , a SAM module, a secure access module (SAM) , a command input unit (7) that allows the identification of the service receiver with not only fingerprints but also with a data that the service receiver knows, and a display screen (6) that allows the service receiver to be informed about the transactions (showing the instructions) .
The command input unit (7) is in the form of a button according to the preferred embodiment of the invention.
For example, instructions such as "put the index finger of the right hand to verify the fingerprint" can be shown on the aforementioned display screen (6) .
In this way, two different solutions and two different modules (1,2) are provided to the service receiver and the service provider. The service provider card reader module (1) has a standard and contactless card reader area (3) , while the other module that completes the structure, the service receiver card reader module (2) , has a standard card reader area (3) , fingerprint sensor (5) , and Secure Access Module (SAM) .
In order to operate the system in the most basic state of the invention, it may be sufficient to have only the card reader area (3) in the service provider card reader module (1) . However, the service provider card reader module (1) serving within the different applications of the invention may also include the display screen (6) and the command input unit (7) .

Claims

1. An identity access device that has at least 2 identity card reader areas (3) in its structure for reading the identity cards of the service provider and the service receiver, characterized in that it comprises the service provider card reader module (1) that includes at least one identity card reader area (3) , and the service receiver card reader module
(2) that includes at least one identity card reader area
(3) , which are associated with each other in a way to provide data exchange.
2. An identity access device according to Claim 1, characterized in that it comprises the service provider card reader module (1) and the service receiver card reader module (2) connected with at least one connection cable (4) .
3. An identity access device according to Claim 1, characterized in that it comprises the service receiver card reader module (2) equipped with the fingerprint sensor (5) .
4. An identity access device according to Claim 1 or 3, characterized in that it comprises the service receiver card reader module (2) equipped with the SAM module, the secure access module (SAM) , the command input unit (7) that enables the identification of the service receiver with not only fingerprint but also known data, and a display screen (6) that allows the service receiver to be informed about the transactions they have made/will make.
5. An identity access device according to Claim 4, characterized in that it comprises the command input unit
(7) in the form of a key.
6. An identity access device according to Claim 1, characterized in that it has a service provider card reader module (1) equipped with a standard and contactless card reader area (3) .
7. An identity access device according to Claim 1, characterized in that it comprises the service provider card reader module (1) equipped with the standard and contactless card reader area (3) , the display screen (6) and the command input unit ( 7 ) .
PCT/TR2023/050800 2022-08-11 2023-08-10 An identity access device consisting of at least two separate modules associated with each other to provide data communication WO2024035375A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
TR2022/012714A TR2022012714A2 (en) 2022-08-11 2022-08-11 IDENTITY ACCESS DEVICE CONSISTING OF AT LEAST TWO SEPARATE MODULES, ASSOCIED TO COMMUNICATE DATA WITH EACH OTHER
TR2022/012714 2022-08-11

Publications (1)

Publication Number Publication Date
WO2024035375A1 true WO2024035375A1 (en) 2024-02-15

Family

ID=84101142

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/TR2023/050800 WO2024035375A1 (en) 2022-08-11 2023-08-10 An identity access device consisting of at least two separate modules associated with each other to provide data communication

Country Status (2)

Country Link
TR (1) TR2022012714A2 (en)
WO (1) WO2024035375A1 (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050178698A1 (en) * 2003-12-19 2005-08-18 First Data Corporation Card reading systems and methods
US20180121224A1 (en) * 2016-11-02 2018-05-03 Wyse Technology L.L.C. Isolating a redirected smart card reader to a remote session

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050178698A1 (en) * 2003-12-19 2005-08-18 First Data Corporation Card reading systems and methods
US20180121224A1 (en) * 2016-11-02 2018-05-03 Wyse Technology L.L.C. Isolating a redirected smart card reader to a remote session

Also Published As

Publication number Publication date
TR2022012714A2 (en) 2022-08-22

Similar Documents

Publication Publication Date Title
US9704312B2 (en) Apparatus and methods for identity verification
US7242277B2 (en) Individual authentication device and cellular terminal apparatus
US20170289127A1 (en) Smart data cards that enable the performance of various functions upon activation/authentication by a user's fingerprint, oncard pin number entry, and/or by facial recognition of the user, or by facial recognition of a user alone, including an automated changing security number that is displayed on a screen on a card's surface following an authenticated biometric match
US6257486B1 (en) Smart card pin system, card, and reader
WO2016160816A1 (en) Smart data cards that enable the performance of various functions upon activation/authentication by a user's fingerprint, oncard pin number entry, and/or by facial recognition of the user, or by facial recognition of a user alone, including an automated changing security number that is displayed on a screen on a card's surface following an authenticated biometric match
US20200005273A1 (en) Authentication Device & Related Methods
US20030046228A1 (en) User-wearable functional jewelry with biometrics and smartcard to remotely sign and/or authenticate to e-services
US20140304795A1 (en) Modular authentication device combining biometric and rfid sensors
WO2005109887A1 (en) Smartcard with visual display
US20090177586A1 (en) Authentication device and payment system
KR20140061474A (en) Improved device and method for smart card assisted digital content purchase and storage
CN115715397A (en) Multipurpose intelligent card with user credible link
US11783152B1 (en) Chip card with on/off mechanisms
WO2016190829A1 (en) Id access device enabling any type of electronic payment functions including contact, contactless and biometric
JPH09179952A (en) Identity confirming device
JP3201473U (en) IC card with built-in fingerprint authentication function
US20080006706A1 (en) Card With Input Elements For Entering A Pin Code And Method Of Entering A Pin Code
US11037152B2 (en) Enhanced security credit card system
US20170200163A1 (en) Enhanced security credit card system
WO2024035375A1 (en) An identity access device consisting of at least two separate modules associated with each other to provide data communication
KR100706946B1 (en) Dual interface radio frequency chip and dual interface method thereby
KR20040028104A (en) Layout method of ic-chip-board in contact 2chip card
US20230342566A1 (en) Apparatus for the electronic recognition of a user
CA2970007A1 (en) The bioid nfc smart card
US20230169299A1 (en) Transaction Card Assembly

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 23853165

Country of ref document: EP

Kind code of ref document: A1