AU3336799A - Method for carrying out a secure transaction using a smart card via a telecommunication network - Google Patents

Method for carrying out a secure transaction using a smart card via a telecommunication network Download PDF

Info

Publication number
AU3336799A
AU3336799A AU33367/99A AU3336799A AU3336799A AU 3336799 A AU3336799 A AU 3336799A AU 33367/99 A AU33367/99 A AU 33367/99A AU 3336799 A AU3336799 A AU 3336799A AU 3336799 A AU3336799 A AU 3336799A
Authority
AU
Australia
Prior art keywords
transaction
card
message
server
application
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
AU33367/99A
Inventor
Dominique Dreher
Patrick Imbert
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Gemplus SA
Original Assignee
Gemplus SCA
Gemplus Card International SA
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Gemplus SCA, Gemplus Card International SA filed Critical Gemplus SCA
Publication of AU3336799A publication Critical patent/AU3336799A/en
Abandoned legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1008Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/36Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes
    • G06Q20/363Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes with the personal data of a user
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/409Device specific authentication in transaction processing
    • G06Q20/4093Monitoring of device authentication
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/0866Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means by active credit-cards adapted therefor
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/56Financial cryptography, e.g. electronic payment or e-cash

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Accounting & Taxation (AREA)
  • General Business, Economics & Management (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Strategic Management (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Finance (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Signal Processing (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Control Of Vending Devices And Auxiliary Devices For Vending Devices (AREA)
  • Meter Arrangements (AREA)

Abstract

The invention concerns a method for carrying out a secure transaction using an application loaded in a medium (10) such as a smart card, a transaction server (20) and a terminal connected to the server through a communication network, said transaction comprising loading units of value or of a monetary value or payment parameters in the card. The invention is characterised in that it consists in using a communication protocol containing a first message comprising a transaction request and at least a subsequent message containing a reply to said request wherein the first message includes an authentication information transmitted during a previous transaction and said subsequent message includes an authentication information for the following transaction.

Description

1 A METHOD FOR EFFECTING A PROTECTED TRANSACTION BY MEANS OF A CHIP CARD THROUGH A TELECOMMUNICATION NETWORK The invention relates to a method for effecting a 5 protected transaction by means of an application loaded in a medium of the chip card type, between a transaction server and a terminal liable to be unprotected, of the computer, telecommunication or other type, connected to the server by a communication 10 (or telecommunication) network. Throughout the remainder of the text, for reasons of simplification, use will be made of the term chip card, that is to say integrated circuit card, to designate any portable medium comprising at least one 15 electronic integrated circuit having a non-volatile memory in which at least one application program is loaded (a chip card to ISO standards or cards to the PCMCIA standard, or chip token). It may be a case of a payment application program 20 in a card of the payment card or credit card type, or a 2 telephone application program in a card of the reloadable or multi-application telephone chip card type, or an electronic purse application program in an electronic purse or multi-application chip card. 5 Transaction server means data processing equipment of the computer type managing the transactions relating to an application loaded into the cards which belong to a smart card issuing organisation or which is placed under the control of this organisation. 10 Transaction means the loading of units of value or a monetary value or the loading of payment parameters. Cards having a banking application are issued by the issuing organisation which controls all the transactions performed on these applications. 15 In order to effect a loading or reloading of units of value there are a predetermined number of unavoidable actions to be performed, the two entities (card and server) communicating for this purpose and sending messages including commands which can be 20 interpreted by each of them. The purpose of these messages is notably to implement an authentication mechanism making it possible to ensure all the security necessary for the transaction carried out, on reloading for example. 215 Thus a certain number of exchanges are necessary to afford all the security necessary for a transaction, all the more so if it is a case of a reloading operation on unprotected terminals. In the present invention it has been sought to 30 limit the number of exchanges between a chip card and 3 server during a transaction in order to be able to perform these transactions through telecommunications networks such as the GSM cellular telephone network for example or the Internet, whilst preserving the same 5 degree of security. It is wished in fact to limit the number of exchanges in order to limit the communication time and thus to limit the cost thereof, to limit the time the telephone terminal is occupied, which cannot be used to 10 receive or pass calls during this time, and to limit the risks of interruption liable to arise during this operation. It is wished in particular to limit the number of exchanges between an electronic purse application or a 15 banking application loaded into a card and the organisation issuing this card (the banking server) which is at the end of the chain managing the transaction. In the new developments relating to electronic 20 purses, it is envisaged carrying out loadings or reloadings or any other writing of a monetary data item in the electronic purse cards, through a telecommunication network, a switched telephone network, a cellular network or the Internet. However, 25 the security afforded by the intermediate elements (between the card and server), liable to be used during such a transaction, is uncertain. In order to better understand the remainder of the text, the five messages necessary for effecting a 30 transaction of the reloading type will be stated. The 4 five messages correspond to four actions making it possible both to make the transaction and to ensure all the security required. Throughout the remainder of the text, the term MAC 5 will be used for cryptographic authentication information, that is to say an authentication response which is the result in practice of a cryptographic calculation. Reference can be made to the diagram in Figure 1, 10 which illustrates these exchanges: 1 - message requesting reloading transmitted by the card and sent to the server, 2 - the server receives this request and sends to the card an item of information known to it alone, 15 which is in practice a random number (referred to as a challenge), 3 - the card receives this number and effects a cryptographic calculation by means of a cryptography function (known and forming part of the state of the 20 art) and the secret which it holds, and then the card sends its calculation result MAC1, 4 - the server receives this result MAC1 and checks it; if the check succeeds the server authenticates the card and sends to it a reloading 25 message with another cryptographic calculation result MAC2, this message corresponding to the reloading action proper, 5 - the card checks the cryptographic calculation result MAC2 in order to ensure that the command is 30 properly sent by the server. If the check has 5 succeeded, the card loads the monetary value and, in order to check that everything has happened correctly for the card, the latter sends an acknowledgement message with a cryptographic calculation result MAC3, 5 which is checked by the server. - In practice, the first message makes it possible to transmit the loading request from the application in the card to the issuing organisation. - The second message transmits a "challenge" from 10 the issuing organisation to the application in the card, enabling the card to calculate a cryptographic authentication response of the MAC type. - The third message transmits, from the card to the issuing organisation, the cryptographic response 15 which the issuer will check in order to ensure the authenticity of the application. These two messages provide the first card authentication action. - The fourth message transmits, from the issuer to the card, the command for protected reloading effecting 20 the action of electronic value loading into the card. - The last message effects the acknowledgement, assuring the issuer that the electronic value loading has indeed been effected. This message, because the terminal (which does not appear in the figure) affords 2.5 no security, is necessary to the issuer. All these messages are essential in so far as the terminal which receives the card and through which the reloading is effected is not a protected apparatus or in any event is not under the control of the issuing 30 organisation but under the control of the user. This 6 is the case with a terminal of the PC type, or a mobile telephone terminal. It is not the case with an automatic note dispenser (AND). In the case of an automatic note dispenser the 5 number of exchanges between the card and server could be reduced, some of these messages stopping at the AND and being processed by the latter. In so far as it is wished to use terminals which are liable not to be under the control of the issuing 10 organisation, that is to say terminals for which there is no certainty about the security afforded, it is essential that any transaction be protected. The purpose of the present invention is to limit the number of exchanges useful to a transaction 15 (comprising the loading of a monetary data item or a monetary value or a payment parameter into a chip card) whilst affording the same security as in the state of the art, so as to limit the size of the telecommunication network used during the transaction I ~ flj~n LicU the Qdr 6 is the case with a terminal of the PC type, or a mobile telephone terminal. It is not the case with an automatic note dispenser (AND). In the case of an automatic note dispenser the 5 number of exchanges between the card and server could be reduced, some of these messages stopping at the AND and being processed by the latter. In so far as it is wished to use terminals which are liable not to be under the control of the issuing 10 organisation, that is to say terminals for which there is no certainty about the security afforded, it is essential that any transaction be protected. The purpose of the present invention is to limit the number of exchanges useful to a transaction 15 (comprising the loading of a monetary data item or a monetary value or a payment parameter into a chip card) whilst affording the same security as in the state of the art, so as to limit the size of the telecommunication network used during the transaction 20 and so that the owner of the terminal in which the card is inserted can use his equipment with the least possible trouble. To this end, the invention proposes a method consisting in using a communication protocol comprising 25 a first message including a transaction request and at least one subsequent message including a response to the said request; the said first message including an item of authentication information, sent during a previous transaction, and the subsequent message 7 includes an item of authentication information for the following transaction. This protocol is particularly suited to the short message communication protocol (SMS) of the GSM 5 network, to transmission over the switched telephone network, and to home banking applications by Internet. The object of the present invention is more particularly a method for effecting a current protected transaction by means of an application loaded in a 10 medium of the chip card type, between a transaction server and a terminal connected to the server by a communication network, by means of a communication protocol, comprising a first message including a transaction request and at least one subsequent message 15 including a response to the said request, principally characterised in that the said first message includes an item of authentication information sent during a previous transaction and the said subsequent message includes an item of authentication information for the 20 following transaction. According to the invention a communication protocol with a maximum of two messages or three messages is used. Thus, for a current transaction (n) , the first 25 message includes information relating to the said transaction (n) and to the previous transaction (n-1) and the second message includes information relating to the said current transaction (n) and to the following transaction (n+1); 8 - the information relating to the current transaction (n) of the first message include a transaction request (n) including information authenticating the said current transaction (n); 5 - the information relating to the previous transaction (n-1) includes information acknowledging the said previous information (n-1); - the information relating to the current transaction (n) of the first message can include 10 information acknowledging the current transaction. The card is a chip card including an electronic purse application and the transaction is a reloading of the electronic purse. The telecommunication network used can be a 15 cellular telephone network (GSM) and the terminal is then a mobile telephone terminal provided with access to an application in a chip card. The network used can be the Internet, and the terminal is then a microcomputer of the PC type 20 provided with access to an application in a chip card. Other examples and particularities of the invention will emerge from a reading of the following description which is given by way of non-limitative example and with regard to the drawings, in which: 25 - Figure 1 illustrates exchanges between chip card and server (the issuing organisation) according to the prior art, - Figure 2 depicts the communication protocol with two messages between chip card and server according to 30 the present invention, 9 Figure 3 depicts the different actions performed according to the method in accordance with the invention. In order to better understand the remainder of the 5 text, it is necessary to understand, by current transaction n, the transaction underway during a (telephone) communication n, by previous transaction (n-1), the transaction which took place during the (telephone) communication n-1, and by following 10 transaction (n-1), the transaction which will take place during a following (telephone) communication n+1. The communication protocol according to the invention includes a maximum of two or three messages for effecting a current transaction. 15 A current transaction will also comprise the sending of information acknowledging the previous transaction. A current transaction can also comprise the sending of information acknowledging the current 20 transaction. When the information acknowledging the previous transaction is sent during the first message, the said current transaction takes place with two messages. The first message can also include a result of the 25 previous transaction such as a balance. A transaction can be a loading of units of value or the loading of a monetary value or the loading of payment parameters. According to the example given below, the first 30 message is sent by the card and the second, which 10 includes the response to the first, is sent by the server (issuer). It is of course possible, for telephone applications, to provide for the server to send the first message and for the card to send the 5 second message in response to the first. Reference is now made to an example of an implementation of the method according to the invention illustrated by the diagram in Figure 2: - a first message sent by the card: the card sends 10 a request to load, including already an MAC1 authenticating the application by the issuer. The challenge coming from the issuer necessary for the calculation of the MAC1 was transmitted to the card during the previous transaction. In addition the MAC3 15 allowing the acknowledgement of the previous transaction is associated with this message. The card stores in memory the challenge (n) relating to authentication of the transaction supplied during the previous transaction. And the issuing 20 organisation stores the transaction authentication challenge (n) generated during the previous transaction. - a second message sent by the issuer: the issuer sends to the card the loading (MAC2) to be effected 25 during the current transaction. Associated with this the issuer sends a challenge which the card will use during the following transaction for the authentication. The issuing organisation erases the challenge (n) 30 and generates the challenge (n+1).
The card erases the challenge (n) and stores the challenge (n+1). The invention also considers a method using a protocol with three messages, as stated above. In this 5 case, and as depicted in dotted lines in Figure 1, the third message includes the current transaction acknowledgement information. It is consequently no longer necessary to add the information acknowledging the previous transaction to the first message. 10 Figure 3 illustrates the different actions performed for a loading with a communication protocol with two messages according to the invention. These actions are carried forward over three successive transactions (n-1), n, (n+1). 15 During a telephone communication n-l: - the card has sent the message 1 including the loading request and the transaction authentication response (MAC1)n-1 as well as the acknowledgement of the transaction (MAC3)n-2; 20 - the issuer has sent the message 2, including the loading to be effected for the transaction (MAC2)n-1 as well as the challenge n for authenticating the following transaction n. During a telephone communication n: 25 - the card sends the message 1 which includes a loading request and the current transaction authentication response (MACl)n as well as the acknowledgement of the previous transaction (MAC3)n-1; - the issuer sends the message 2 which includes 30 the loading to be effected for the current transaction 12 (MAC)n as well as the challenge (n+1) for authenticating the following transaction (n+1). During a telephone communication n+1: - the card sends the message 1 which includes a 5 loading request and the transaction authentication response (MAC1)n+1 as well as the acknowledgement of the previous transaction (MAC3)n; - the issuer sends the message 2 which includes the loading of the transaction (MAC2)n+l as well as the 10 challenge n+2 for authenticating the following transaction. The examples given correspond to a communication protocol with two messages.

Claims (10)

1. A method for effecting a current protected transaction by means of an application loaded in a 5 medium of the chip card type, between a transaction server and a terminal connected to the server by a communication network, by means of a communication protocol, comprising a first message including a transaction request and at least one subsequent message 10 including a response to the said request, principally characterised in that the said first message includes an item of authentication information sent during a previous transaction and the said subsequent message includes an item of authentication information for the 15 following transaction.
2. A method according to Claim 1, characterised in that the said current transaction also comprises the sending of information acknowledging the previous transaction. 20
3. A method according to Claim 1, characterised in that the said current transaction also comprises the sending of information acknowledging the current transaction.
4. A method according to Claim 2, characterised 25 in that the said information acknowledging the previous transaction is sent during the first message, the said current transaction taking place with two messages.
5. A method according to one of the preceding claims, characterised in that the first message also 14 includes a result of the previous transaction, such as a balance.
6. A method according to one of the preceding claims, characterised in that the transaction relates 5 to a loading of units of value or a monetary value or payment parameters.
7. A method according to one of the preceding claims, characterised in that the first message is sent by the card. 10
8. A method for effecting a transaction according to any one of the preceding claims, in which the card is a card containing an electronic purse application, characterised in that the transaction is a reloading of the said electronic purse. 15
9. A method according to any one of the preceding claims, characterised in that the telecommunication network used is a cellular telephone network (GSM) and the terminal is a mobile telephone terminal provided with access to an application of the chip card. 20
10. A method according to any one of the preceding claims, characterised in that the network used is the Internet, and the terminal is a microcomputer of the PC type provided with access to an application of the chip card.
AU33367/99A 1998-05-12 1999-04-20 Method for carrying out a secure transaction using a smart card via a telecommunication network Abandoned AU3336799A (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
FR9805973A FR2778806B1 (en) 1998-05-12 1998-05-12 METHOD FOR PERFORMING A SECURE TRANSACTION USING A CHIP CARD THROUGH A TELECOMMUNICATION NETWORK
FR9805973 1998-05-12
PCT/FR1999/000927 WO1999059108A1 (en) 1998-05-12 1999-04-20 Method for carrying out a secure transaction using a smart card via a telecommunication network

Publications (1)

Publication Number Publication Date
AU3336799A true AU3336799A (en) 1999-11-29

Family

ID=9526266

Family Applications (1)

Application Number Title Priority Date Filing Date
AU33367/99A Abandoned AU3336799A (en) 1998-05-12 1999-04-20 Method for carrying out a secure transaction using a smart card via a telecommunication network

Country Status (10)

Country Link
EP (1) EP1076886B1 (en)
JP (1) JP2002514825A (en)
CN (1) CN1300411A (en)
AT (1) ATE228261T1 (en)
AU (1) AU3336799A (en)
CA (1) CA2332436A1 (en)
DE (1) DE69904038T2 (en)
ES (1) ES2188149T3 (en)
FR (1) FR2778806B1 (en)
WO (1) WO1999059108A1 (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR2806185B1 (en) * 2000-03-07 2007-04-20 David Ifergan SECURE PROCESS OF TRANSACTION BETWEEN A BUYER AND A SELLER
TR200000681A3 (en) * 2000-03-08 2001-01-22 Enersis Enerji Sistemleri Muehendislik Hiz.San.Vetic.A.S. Gas sales method over internet or dial up network
GB2380037B (en) * 2001-05-10 2005-03-02 Jump To It Ltd Recognition system
ITRM20030311A1 (en) * 2003-06-23 2004-12-24 Piero Protti METHOD FOR AUTHORIZATION OF PAYMENT DELEGATIONS,

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4630201A (en) * 1984-02-14 1986-12-16 International Security Note & Computer Corporation On-line and off-line transaction security system using a code generated from a transaction parameter and a random number
NL1001659C2 (en) * 1995-11-15 1997-05-21 Nederland Ptt Method for writing down an electronic payment method.
DE19604876C1 (en) * 1996-02-10 1997-09-04 Deutsche Telekom Ag Process for transaction control of electronic wallet systems
DE69626223T2 (en) * 1996-05-24 2003-12-11 Jong Eduard Karel De DEVICE AND METHOD FOR CRYPTOGRAPHICALLY SECURE COMMUNICATION

Also Published As

Publication number Publication date
CA2332436A1 (en) 1999-11-18
ATE228261T1 (en) 2002-12-15
ES2188149T3 (en) 2003-06-16
DE69904038D1 (en) 2003-01-02
EP1076886A1 (en) 2001-02-21
CN1300411A (en) 2001-06-20
WO1999059108A1 (en) 1999-11-18
JP2002514825A (en) 2002-05-21
DE69904038T2 (en) 2003-07-17
EP1076886B1 (en) 2002-11-20
FR2778806A1 (en) 1999-11-19
FR2778806B1 (en) 2000-06-30

Similar Documents

Publication Publication Date Title
US10931712B2 (en) Protection against rerouting a communication channel of a telecommunication device having an NFC circuit and a secure data circuit
US6328217B1 (en) Integrated circuit card with application history list
US11743721B2 (en) Protection of a communication channel between a security module and an NFC circuit
US5721781A (en) Authentication system and method for smart card transactions
US10999737B2 (en) Detection of a rerouting of a communication channel of a telecommunication device connected to an NFC circuit
JPH08212066A (en) Loading method to protection memory area of information processor and apparatus related to it
US9225687B2 (en) Access control mechanism for a secure element coupled to an NFC circuit
US20040083380A1 (en) Security module with volatile memory for storing an algorithm code
CN108012268A (en) A kind of mobile phone terminal SIM card and the method for safe handling App, medium
US6748532B1 (en) Universal smart card access system
US20010041593A1 (en) Mobile communication device and data concealing method
JP2009522685A (en) Method for providing supplementary services based on dual UICC
JP2008502039A (en) Security module components
EP1369829A2 (en) Electronic value data communication method and system between IC cards
US20130059568A1 (en) Protection of a security module in a telecommunication device coupled to an nfc circuit
Li et al. A security-enhanced one-time payment scheme for credit card
US20030098775A1 (en) Method for authenticating a portable object, corresponding portable object, and apparatus therefor
US6931381B1 (en) Methods and apparatus for authenticating the download of information onto a smart card
AU3336799A (en) Method for carrying out a secure transaction using a smart card via a telecommunication network
US7526648B2 (en) Cryptographic method of protecting an electronic chip against fraud
CA2402856C (en) Methods and apparatus for authenticating the download of information onto a smart card
US7181602B1 (en) Method for exchanging at least one secret initial value between a processing station and a chip card
US20030169884A1 (en) Method for making secure a session with data processing means under the control of several entities
WO2020174072A1 (en) Change of reference pin code value of smart card by a mobile device and a distinct telecommunication device
KR102247450B1 (en) Method for Providing Transacting Linked Authentication Code by using Near Field Communication

Legal Events

Date Code Title Description
MK5 Application lapsed section 142(2)(e) - patent request and compl. specification not accepted