EP3314803A1 - Durch eine mikroschaltung implementiertes aufzeichnungsverfahren und zugehörige vorrichtung - Google Patents

Durch eine mikroschaltung implementiertes aufzeichnungsverfahren und zugehörige vorrichtung

Info

Publication number
EP3314803A1
EP3314803A1 EP16741360.8A EP16741360A EP3314803A1 EP 3314803 A1 EP3314803 A1 EP 3314803A1 EP 16741360 A EP16741360 A EP 16741360A EP 3314803 A1 EP3314803 A1 EP 3314803A1
Authority
EP
European Patent Office
Prior art keywords
transaction
microcircuit
data
information
recording
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
EP16741360.8A
Other languages
English (en)
French (fr)
Inventor
Francis Chamberot
Arezki REZZELI
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Idemia France SAS
Original Assignee
Idemia France SAS
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Idemia France SAS filed Critical Idemia France SAS
Publication of EP3314803A1 publication Critical patent/EP3314803A1/de
Ceased legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/002Countermeasures against attacks on cryptographic mechanisms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/56Financial cryptography, e.g. electronic payment or e-cash

Definitions

  • the invention relates to the general field of electronic devices capable of performing operations such as transactions, for example by cooperating with a terminal.
  • the invention finds non-exclusive application in smart cards (or microcircuit cards), compliant for example with the ISO 7816 standard.
  • the invention particularly relates to smart cards according to the EMV standard ("Europay Mastercard Visa"). , in version 4.3) that implement transactions.
  • the EMV standard is used to secure transactions carried out by smart cards, in particular bank payment transactions. Other transactions may also be implemented by these smart cards, for example transfer transactions, consultation, or authentication.
  • the invention aims in particular to overcome these disadvantages, and it is more particularly to improve the control of the operation of a microcircuit implementing transactions.
  • the present invention responds to this need by proposing a recording method implemented by a microcircuit, this method comprising:
  • a record in a second nonvolatile memory of the transaction data chip comprising said at least one transaction information.
  • the second memory includes transaction data for transactions during which an error has occurred.
  • Such an error may have been caused by a failure of the microcircuit or a reader that cooperates with the microcircuit during the transaction.
  • the inventors have observed that an error can also appear during an attack of the microcircuit.
  • the invention thus makes it possible to record information that illustrates the context in which the error has appeared, and this information can indeed be used later for diagnostic purposes.
  • said transaction data are furthermore elaborated from the type of error detected.
  • This particular embodiment makes it possible to record only data that is useful for studying an error and not all the information that may have been received during the transaction. Those skilled in the art will know which data to record according to the application. This limits the amount of data stored in the memory. In other words, the processing of the transaction data can include a sorting of the received transaction information.
  • the transaction is an EMV transaction.
  • said recording of said transaction data comprises a recording of said transaction data in a transaction data register of the second non-volatile memory.
  • This register is preferentially secure.
  • said transaction data comprise at least one temporal datum and one type of error
  • said record includes a replacement by said transaction data obtained during the transaction of transaction data recorded in said transaction data. register having the same type of error and having the oldest time data of all such errors in the register.
  • the register is a cyclical register whose size is controlled since the addition of transaction data is done by replacing transaction data that is older and of the same size (because of the same type).
  • the time data is a transaction application counter ("ATC: application transaction counter").
  • the ATC counter is unique for each transaction and indicates the order in which transactions are performed. This value is generated by the microcircuit during the first stages of a transaction and it can be retrieved to store it in the second memory (that is, in the register).
  • the microcircuit prior to receiving said at least one transaction information, the microcircuit sends a request to a reader cooperating with the microcircuit, the request comprising at least one identifier of said at least one piece of information.
  • the transaction is an EMV transaction and the request includes a PDOL list ("Processing").
  • a PDOL list is sent during an EMV transaction by the microcircuit after the processing of an application selection command issued by a reader.
  • a list contains identifiers (or "tag" in English language) and the reader who receives this list returns the values associated with these identifiers.
  • the received transaction data is that sent by the reader in response to the sending of the PDOL list.
  • the PDOL list is completed by adding a separator in front of said at least one identifier of said at least one piece of information and said at least one piece of information is additional information.
  • this separator can be an identifier that is chosen to be not recognized by a reader but that the card will recognize in the response of the reader (which will be this identifier followed by zeros since the reader does not recognize the identifier).
  • At least one identifier is chosen from the list of identifiers comprising:
  • an error processing is implemented comprising said recording of said transaction data.
  • error processing is generally referred to by those skilled in the art as "error processing".
  • the transaction data furthermore comprise at least one of data generated by the microcircuit during a step of the transaction or data received by the microcircuit during a transaction. step of the transaction.
  • the transaction data is sent.
  • the transaction data is then a security information to send.
  • This sending may comprise the following steps after the detection of the error and said recording:
  • the external terminal is sent, in an AFL (Application File Locator) message, a referencing data enabling the external terminal to read the security information in the secure memory of the microcircuit; and
  • AFL Application File Locator
  • the security information is sent to the external terminal in response to a read command received from the external terminal following the sending of the AFL message.
  • the method comprises sending to the external terminal, in an ATR message, a referencing data enabling it to read the security information in the secure memory of the microcircuit.
  • the security information is sent to the external terminal as non-interpretable data by the external terminal in response to a GENERATE AC message received from the external terminal.
  • processor-readable recording medium on which is recorded a computer program comprising instructions for performing the steps of a recording method as defined above.
  • the computer programs mentioned in this presentation can use any programming language, and be in the form of source code, object code, or intermediate code between source code and object code, such as in a partially compiled form, or in any other desirable form.
  • the recording (or information) media mentioned in this disclosure may be any entity or device capable of storing the program.
  • the medium may comprise storage means, such as a ROM, for example a CD ROM or a microelectronic circuit ROM, or a magnetic recording medium, for example a floppy disk or a disk. hard.
  • the recording media may correspond to a transmissible medium such as an electrical or optical signal, which may be conveyed via an electrical or optical cable, by radio or by other means.
  • the program according to the invention can be downloaded in particular on an Internet type network.
  • this device comprises:
  • a recording module in a second non-volatile memory of the transaction data chip comprising said at least one transaction information.
  • FIG. 1 schematically represents a reader and a microcircuit according to one embodiment of the invention
  • FIG. 2 schematically represents different steps of a method according to one embodiment of the invention.
  • FIG. 3 schematically shows the steps implemented to record transaction data.
  • the invention applies to any device capable of implementing a transaction, including devices other than microcircuit cards and that use the EMV standard, and devices that use other transaction standards. .
  • transaction is understood here in the broad sense and includes, for example, in the banking field, both a payment or transfer transaction and a consultation of a bank account on a bank terminal.
  • the invention is described here in the context of a payment card for carrying out banking transactions. It will be understood that other types of transactions or operations are conceivable within the scope of the invention.
  • FIG. 1 diagrammatically shows a microcircuit card 1 according to the ISO 7816 standard, and a reader 2 configured to cooperate with the microcircuit card 1 to perform a transaction.
  • the cooperation between the microcircuit card 1 and the reader 2 is carried out by a communication protocol PT chosen in particular from a contact communication protocol and a contactless communication protocol. If a contact communication protocol is chosen, the microcircuit card 1 is provided with external contacts and an electrical connection is obtained between the microcircuit of the microcircuit card and the reader.
  • a communication protocol PT chosen in particular from a contact communication protocol and a contactless communication protocol. If a contact communication protocol is chosen, the microcircuit card 1 is provided with external contacts and an electrical connection is obtained between the microcircuit of the microcircuit card and the reader.
  • the microcircuit card 1 comprises a processor 3, a first rewritable volatile memory 4 and a second non-volatile memory 5, for example of the Flash type.
  • the processor 3, the first memory 4 and the second memory 5 are incorporated in the microcircuit of the microcircuit card 1.
  • the second memory 5 constitutes here a recording medium (or information) according to an embodiment of the invention, readable by the microcircuit card 1, and on which is recorded a computer program PG in a mode embodiment of the invention.
  • the PG program includes instructions for performing the steps of a registration process. More precisely, the program PG comprises an instruction II for receiving at least one transaction information, a instruction 12 for recording in the first memory 4, a instruction 13 for detecting a transaction error, and an instruction 14 for detecting a transaction error. registering in a register 6 contained in the second non-volatile memory, transaction data comprising said at least one transaction information.
  • the register 6 is secure, and in particular encrypted by a security mechanism.
  • the transaction TR is an EMV transaction implemented by the microcircuit card 1 and the reader 2.
  • the EMV transaction may comprise additional steps, which have not all been detailed here for reasons for simplicity.
  • an initial step B0 is implemented in which at least one PDOL list is completed by adding additional transaction information identifiers that one wishes to obtain.
  • This step B0 is made in conjunction with the configuration steps of the microcircuit card, that is to say prior to the delivery to a user of the microcircuit card.
  • This step may also include a loading of a preset list in the microcircuit card.
  • a PDOL list is a list of data pairs with an identifier (or "tag") and the size of the information corresponding to the identifier.
  • a PDOL list also includes a header with an identifier that reads "83h” followed by an indication of the total length of the list. Also, a PDOL list is associated with a transaction application and the card may have several of these lists.
  • the PDOL list is completed with identifiers relating to transaction information and lengths selected from the following list, in which the indication in parenthesis is the English identifier as defined in the EMV standard.
  • Amount authorized for a reference currency (“amount reference currency")
  • Dynamic Data Authentication Data Object List (Dynamic Data Authentication Data Object List)
  • terminal identification Identification of the reader
  • terminal type type of reader
  • transaction date Date of the transaction
  • Transaction sequence counter of the reader
  • the reader 2 initiates the communication with the microcircuit card by sending a reset command ("RESET") to the microcircuit card 1 (step A1).
  • REET reset command
  • This command is received in step B1 and the microcircuit card responds (step B2) to this command with a response message known by the acronym "ATR: Answer To Reset".
  • the reader 2 receives the ATR message in step A2 and at this point, the communication is open between the microcircuit card 1 and the reader 2.
  • step A3 the reader sends an application selection command ("SELECT") which is received by the microcircuit card in step A3.
  • SELECT application selection command
  • step B4 the microcircuit card retrieves the list
  • step B0 PDOL developed during step B0 corresponding to the application chosen for this transaction.
  • step B5 the PDOL list is transmitted to the reader who receives it in step A5.
  • the reader collects the requested transaction information from the PDOL list, and this information is transmitted in a step A6 in the form of a command called "GPO: Get Processing Options".
  • the microcircuit card 1 receives the transaction information in step B6 and stores this information in the volatile memory 4.
  • step S7 can comprise an application data reading, an offline data authentication or a dynamic data authentication, an identity verification, a card action analysis, or a generation of data. cryptogram online or offline.
  • step B8 an error is detected. This can be done by a traditionally active error detection module within a microcircuit card during a transaction.
  • step S7 comprising the transaction steps does not comprise, strictly speaking, all the steps of a transaction since an error occurs before all the steps of the transaction are completed.
  • a recording step B9 is implemented if an error has been detected in step B8.
  • transaction data produced from the transaction information received in step B6 (including at least some of this information), and in particular information placed after the separator in the PDOL list which is additional information, and this recording is performed in the second nonvolatile memory 5, and more precisely in the register 6.
  • the transaction data may further include data developed by the microcircuit during the transaction, for example generated cryptograms, or data received by the microcircuit during the transaction such as a PIN.
  • the recording step is related to the detection of an error: this recording can only be triggered with an error detection.
  • the invention also covers alternative solutions in which all the time (that is to say, each transaction) is stored in a non-volatile memory of the information or transaction data but where this information or data is deleted. if no error is detected.
  • step B6 if no error is detected, the transaction information received in step B6 is not retained since it is only stored in nonvolatile memory. This recording is implemented while the card is still powered. In addition, the recording is implemented preferentially before the card responds to the reader to indicate that an error has appeared.
  • a step in the transaction is a sending of an APDU ("Application Protocol Data Unit") by the reader to the card and a response from the card. This makes it possible to improve the security of the recording since this recording is done even before a user wishing to detect an error for fraudulent purposes is warned of the appearance of the error.
  • APDU Application Protocol Data Unit
  • the recording step B9 is described in more detail in FIG. 3. This figure also shows the contents of the register 6.
  • the registration step B9 is implemented during an error processing ("Error processing").
  • the recording step includes a first substep B91 in which the type of error just detected is verified.
  • the register includes transaction data relating to two types of error: type A or type B.
  • the register has an ATC value in the form of an integer (N + 1), the type error and transaction data other than the ATC value.
  • N + 1 the type error
  • transaction data of two errors for each type of error are recorded.
  • Step B92 indicates that the error associated with the ATC value equal to N is the oldest (ATC is the smallest).
  • a step B93 is then implemented in which the transaction data and the ATC value which corresponds to the oldest error determined in step B92 are replaced.
  • a record is obtained with transaction data recorded for the transaction having an ATC value of N + 9 where the transaction data for the oldest type A transaction was recorded.
  • this replacement is implemented taking into account the type of error: only the relevant data with respect to an error of type A are recorded.
  • the register 6 can be encrypted to improve its security.
  • the key making it possible to decrypt the register may be known only to an entity issuing the microcircuit (for example a bank). This key can for example be derived from a conventional transaction key.
  • the transaction data stored in the register 6 can identify a type of failure or undetectable attack without this register. For example by making the transaction data stored in the register 6 go up through a reader, and this feedback can be made up to an issuer entity of the microcircuit (for example a bank).
  • an issuer entity of the microcircuit for example a bank
  • the microcircuit when an error is encountered during a transaction, the microcircuit means this error to the reader which cooperates with the microcircuit.
  • the PDOL list is completed again later, for example by taking into account the type of errors that have been encountered by the microcircuit during past transactions.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)
EP16741360.8A 2015-06-29 2016-06-28 Durch eine mikroschaltung implementiertes aufzeichnungsverfahren und zugehörige vorrichtung Ceased EP3314803A1 (de)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
FR1556073A FR3038174B1 (fr) 2015-06-29 2015-06-29 Procede d'enregistrement mis en oeuvre par un microcircuit, et dispositif correspondant
PCT/FR2016/051596 WO2017001762A1 (fr) 2015-06-29 2016-06-28 Procédé d'enregistrement mis en œuvre par un microcircuit, et dispositif correspondant

Publications (1)

Publication Number Publication Date
EP3314803A1 true EP3314803A1 (de) 2018-05-02

Family

ID=54707867

Family Applications (1)

Application Number Title Priority Date Filing Date
EP16741360.8A Ceased EP3314803A1 (de) 2015-06-29 2016-06-28 Durch eine mikroschaltung implementiertes aufzeichnungsverfahren und zugehörige vorrichtung

Country Status (3)

Country Link
EP (1) EP3314803A1 (de)
FR (1) FR3038174B1 (de)
WO (1) WO2017001762A1 (de)

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE69817543T2 (de) * 1998-06-08 2004-06-24 International Business Machines Corp. Automatische Datenrückgewinnung in Chipkarten
US6976197B2 (en) * 2001-10-25 2005-12-13 International Business Machines Corporation Apparatus and method for error logging on a memory module
JP4616611B2 (ja) * 2004-10-08 2011-01-19 富士通株式会社 生体認証装置

Also Published As

Publication number Publication date
FR3038174A1 (fr) 2016-12-30
WO2017001762A1 (fr) 2017-01-05
FR3038174B1 (fr) 2018-06-22

Similar Documents

Publication Publication Date Title
EP0423035B1 (de) System zum Bezahlen oder Transferieren von Informationen mit einer als Geldbörse dienenden elektronischen Speicherkarte
WO1999003074A1 (fr) Procede de gestion d'un terminal securise
FR3051064A1 (fr) Procede de securisation d'un dispositif electronique, et dispositif electronique correspondant
WO2017203146A1 (fr) Procede de securisation d'un dispositif electronique, et dispositif electronique correspondant
EP3234848B1 (de) Verfahren zum senden eines sicherheitsinformationselements und elektronische vorrichtung zur implementierung solch eines verfahrens
EP3261014B1 (de) Sendeverfahren einer sicherheitsinformation
EP3343487A1 (de) Verfahren zur kontrolle der nutzungsgewohnheiten, und elektronische vorrichtung zur umsetzung eines solchen verfahrens
WO2017001762A1 (fr) Procédé d'enregistrement mis en œuvre par un microcircuit, et dispositif correspondant
EP3542335A1 (de) Verfahren zur verarbeitung von transaktionsdaten, entsprechendes kommunikationsendgerät, kartenleser und programm
WO2020128240A1 (fr) Traitement d'un service de tickets electroniques
FR2927454A1 (fr) Procede de detection de cartes a microprocesseur non authentiques, carte a microprocesseur, terminal lecteur de carte et programmes correspondants
EP3317832B1 (de) Durch eine elektronische vorrichtung während einer transaktion implementiertes überwachungsverfahren und entsprechende vorrichtung
FR3077150A1 (fr) Procede de controle de regles de dependances d'objets mis a jour dans un microcircuit, et dispositif correspondant
EP3291188A1 (de) Verfahren zur steuerung eines elektronischen geräts und korrespondierendes elektronisches gerät
FR3067492B1 (fr) Procede de transmission de donnees vers une tete de lecture magnetique, procede de traitement des donnees recues, terminal de paiement et programme correspondants
EP3502997B1 (de) Speicherung von historischen daten in einer vorrichtung, die zur verarbeitung von transaktionen bestimmt ist
EP3032450B1 (de) Verfahren zur kontrolle der authentizität eines zahlungsterminals, und so gesichertes terminal
FR3091945A1 (fr) Procédé de transaction avec une devise différente, et dispositif correspondant
EP4075358A1 (de) Speicherverwaltung in einer vorrichtung zur transaktionsverarbeitung
WO2016097637A1 (fr) Procede de securisation d'un code pin avec des compteurs d'erreurs dans une carte a puce
FR2749413A1 (fr) Procede de stockage des unites de valeur dans une carte a puce de facon securisee et systeme de transaction monetaire avec de telles cartes
FR2834842A1 (fr) Procede d'authentification d'un objet portable informatise par un terminal, systeme mettant en oeuvre le procede, terminal utilise dans le procede et objet portable utilise dans le procede
WO2013117726A2 (fr) Système de paiement, terminal de paiement de ce système, et procédé de paiement associé
FR2892875A1 (fr) Procede de securisation des paiements par decoupage des montants

Legal Events

Date Code Title Description
STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE INTERNATIONAL PUBLICATION HAS BEEN MADE

PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: REQUEST FOR EXAMINATION WAS MADE

17P Request for examination filed

Effective date: 20180119

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

AX Request for extension of the european patent

Extension state: BA ME

DAV Request for validation of the european patent (deleted)
DAX Request for extension of the european patent (deleted)
STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: EXAMINATION IS IN PROGRESS

17Q First examination report despatched

Effective date: 20200129

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: EXAMINATION IS IN PROGRESS

REG Reference to a national code

Ref country code: DE

Ref legal event code: R003

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION HAS BEEN REFUSED

18R Application refused

Effective date: 20210822