ES2084846T3 - Procedimiento para la autentificacion mutua de una tarjeta de chip y un terminal. - Google Patents

Procedimiento para la autentificacion mutua de una tarjeta de chip y un terminal.

Info

Publication number
ES2084846T3
ES2084846T3 ES92101016T ES92101016T ES2084846T3 ES 2084846 T3 ES2084846 T3 ES 2084846T3 ES 92101016 T ES92101016 T ES 92101016T ES 92101016 T ES92101016 T ES 92101016T ES 2084846 T3 ES2084846 T3 ES 2084846T3
Authority
ES
Spain
Prior art keywords
terminal
chip
mutual authentication
card
procedure
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Lifetime
Application number
ES92101016T
Other languages
English (en)
Inventor
Harald Dipl-Ing Hewel
Stanislaus Dipl-Math Gefrorer
Dietrich Dipl-Ing Kruse
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Wincor Nixdorf International GmbH
Original Assignee
Wincor Nixdorf International GmbH
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Wincor Nixdorf International GmbH filed Critical Wincor Nixdorf International GmbH
Application granted granted Critical
Publication of ES2084846T3 publication Critical patent/ES2084846T3/es
Anticipated expiration legal-status Critical
Expired - Lifetime legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1016Devices or methods for securing the PIN and other transaction-data, e.g. by encryption
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/409Device specific authentication in transaction processing
    • G06Q20/4097Device specific authentication in transaction processing using mutual authentication between devices and transaction partners
    • G06Q20/40975Device specific authentication in transaction processing using mutual authentication between devices and transaction partners using encryption therefor
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1008Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • H04L9/3273Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response for mutual authentication

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Business, Economics & Management (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Accounting & Taxation (AREA)
  • General Business, Economics & Management (AREA)
  • Strategic Management (AREA)
  • Theoretical Computer Science (AREA)
  • Signal Processing (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Finance (AREA)
  • Credit Cards Or The Like (AREA)
  • Storage Device Security (AREA)
  • Collating Specific Patterns (AREA)

Abstract

EL PROCEDIMIENTO CITADO SUPLE AL METODO DE CHALLENGE AND RESPONSE (DEMANDA Y RESPUESTA) PARA LA AUTENTIFICACION RECIPROCA DE UNA TARJETA-CHIP (CHK) Y DE UN TERMINAL (T). CON AYUDA DE MAGNITUDES DE IDENTIFICACION (ID) PARA EL TERMINAL (T), LA APLICACION CONTINUA Y EL MODULO DE SEGURIDAD QUE SE ENCUENTRA EN EL TERMINAL (T), DE UNA FUNCION CODIFICADA (FCY, FTY) Y EL CODIGO ESPECIFICO DE LA TARJETA-CHIP (KC1, KT1), SE DETERMINA ANTES DE LA AUTENTIFICACION DEL TERMINAL (T) UN CODIGO ESPECIFICO DEL TERMINAL (KC2, KT2). LAS MAGNITUDES DE IDENTIFICACION (ID) SON FACILITADAS DESPUES DE LA CONCLUSION POSITIVA DE LA AUTENTIFICACION, OPTICA Y/O ACUSTICAMENTE AL USUARIO DE LA TARJETA-CHIP.
ES92101016T 1992-01-22 1992-01-22 Procedimiento para la autentificacion mutua de una tarjeta de chip y un terminal. Expired - Lifetime ES2084846T3 (es)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
EP92101016A EP0552392B1 (de) 1992-01-22 1992-01-22 Verfahren zur gegenseitigen Authentifikation einer Chipkarte und eines Terminals

Publications (1)

Publication Number Publication Date
ES2084846T3 true ES2084846T3 (es) 1996-05-16

Family

ID=8209259

Family Applications (1)

Application Number Title Priority Date Filing Date
ES92101016T Expired - Lifetime ES2084846T3 (es) 1992-01-22 1992-01-22 Procedimiento para la autentificacion mutua de una tarjeta de chip y un terminal.

Country Status (4)

Country Link
EP (1) EP0552392B1 (es)
AT (1) ATE136139T1 (es)
DE (1) DE59205856D1 (es)
ES (1) ES2084846T3 (es)

Families Citing this family (23)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5544246A (en) * 1993-09-17 1996-08-06 At&T Corp. Smartcard adapted for a plurality of service providers and for remote installation of same
DE69526300T2 (de) * 1994-09-30 2003-01-23 Microchip Tech Inc Schaltkreis und seine Wirkungsweise
DE19527715C2 (de) * 1995-07-31 1997-08-07 Deutsche Telekom Mobil Verfahren zur Nutzeridentifikation und -authentifikation bei Datenfunkverbindungen, zugehörige Chipkarten und Endgeräte
US5799290A (en) * 1995-12-27 1998-08-25 Pitney Bowes Inc. Method and apparatus for securely authorizing performance of a function in a distributed system such as a postage meter
US5923762A (en) * 1995-12-27 1999-07-13 Pitney Bowes Inc. Method and apparatus for ensuring debiting in a postage meter prior to its printing a postal indicia
JPH10222618A (ja) 1997-01-31 1998-08-21 Toshiba Corp Icカード及びicカード処理システム
DE19705620C2 (de) * 1997-02-14 2000-11-09 Esd Information Technology Ent Anordnung und Verfahren zur dezentralen Chipkartenidentifikation
JP4268690B2 (ja) * 1997-03-26 2009-05-27 ソニー株式会社 認証システムおよび方法、並びに認証方法
JP4270475B2 (ja) * 1997-08-13 2009-06-03 パナソニック株式会社 モバイル・エレクトロニックコマース・システム
US6128391A (en) * 1997-09-22 2000-10-03 Visa International Service Association Method and apparatus for asymetric key management in a cryptographic system
DE29804510U1 (de) 1998-03-13 1998-05-28 Deutschmann, Ingo, 06237 Leuna Terminal für Chipkarten
GB9905056D0 (en) 1999-03-05 1999-04-28 Hewlett Packard Co Computing apparatus & methods of operating computer apparatus
DE19935945A1 (de) 1999-07-30 2001-02-22 Giesecke & Devrient Gmbh Verfahren, Datenträger sowie System zur Authentisierung eines Benutzers und eines Endgeräts
US6990586B1 (en) * 2000-06-02 2006-01-24 International Business Machines Corp. Secure data transmission from unsecured input environments
EP1223565A1 (en) * 2001-01-12 2002-07-17 Motorola, Inc. Transaction system, portable device, terminal and methods of transaction
FR2824659B1 (fr) * 2001-05-11 2004-01-02 Ingenico Sa Procede de verification de l'integrite d'un terminal lors d'une transaction avec une carte a memoire
JP4067985B2 (ja) * 2003-02-28 2008-03-26 松下電器産業株式会社 アプリケーション認証システムと装置
DE102004004552A1 (de) * 2004-01-29 2005-08-18 Giesecke & Devrient Gmbh System mit wenigstens einem Computer und wenigstens einem tragbaren Datenträger
EP1600899A1 (de) * 2004-05-25 2005-11-30 Siemens Schweiz AG Verfahren zur Erzeugung eines Zugangscodes
US8621602B2 (en) 2004-06-09 2013-12-31 Nxp B.V. One-time authentication system
CN100337502C (zh) 2004-07-28 2007-09-12 华为技术有限公司 一种在设备中逻辑绑定和验证器件的方法
DE102005033436A1 (de) * 2005-07-27 2007-02-01 Giesecke & Devrient Gmbh System mit wenigstens einer Rechnerplattform und wenigstens einem Benutzertoken
DE102016011878A1 (de) * 2016-10-04 2018-04-05 Giesecke+Devrient Mobile Security Gmbh Dynamisches Bereitstellen einer Prüfnummer

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR2549989B1 (fr) * 1983-07-29 1985-09-13 Philips Ind Commerciale Systeme d'authentification entre un lecteur de carte et une carte de paiement echangeant des informations
GB2227111B (en) * 1989-01-17 1993-05-19 Toshiba Kk Certification system
ATE99096T1 (de) * 1989-03-08 1994-01-15 Siemens Nixdorf Inf Syst Verfahren zur generierung einer zufallszahl fuer die verschluesselte uebertragung von daten.
DE59006559D1 (de) * 1989-05-30 1994-09-01 Siemens Nixdorf Inf Syst Verfahren zur Prüfung eines mit Chipkarten kommunizierenden Terminals.

Also Published As

Publication number Publication date
DE59205856D1 (de) 1996-05-02
ATE136139T1 (de) 1996-04-15
EP0552392B1 (de) 1996-03-27
EP0552392A1 (de) 1993-07-28

Similar Documents

Publication Publication Date Title
ES2084846T3 (es) Procedimiento para la autentificacion mutua de una tarjeta de chip y un terminal.
CA2026739A1 (en) Transaction system security method and apparatus
CA2163365A1 (en) System and method for revaluation of stored tokens in ic cards
ES2154034T3 (es) Procedimiento, sistema y dispositivo para la autentificacion de personas.
FR2742959B1 (fr) Procede de securisation de l'utilisation d'un terminal d'un systeme de radiocommunication cellulaire, terminal et carte utilisateur correspondants
WO2002073877A3 (en) System and method of user and data verification
MY124136A (en) Communication method, and information processing apparatus
FI844428L (fi) Foerfarande och anordning foer verifiering av personidentifieringsnummer och kontroll av inlagd nummerserie i identifieringsmedia.
NO943457D0 (no) "Smartkort" tilpasset flere tjenesteytere og sekundær utnyttelse
WO1996000485A3 (en) User authentication method and apparatus
ATE170300T1 (de) Verfahren zur authentifizierung eines eine datenstation benutzenden anwenders
EP1396824A3 (en) Authentication method, system and apparatus of an electronic value
DK163694C (da) Apparat, som kommunikerer med dataanlaeg, og en fremgangsmaade til kommunikation med dataanlaeg
MX9606515A (es) Aparato ejecutor de programa encriptado.
ATE72348T1 (de) Verfahren und geraet zur ueberpruefung der echtheit von personengebundenen dokumenten und der identitaet ihrer traeger.
SG49828A1 (en) Restricted blind signatures
ATE295588T1 (de) Verfahren zur kontrolle von anwendungen gespeichert in einem teilnehmererkennungsmodul
HUP9902892A2 (hu) Eljárás és berendezés rejtjelkulcs visszafejtésére
BR9811871A (pt) Processo para a comprovação da autencidade de um portador de dados
FI884082A0 (fi) Menetelmä ja järjestelmä käyttövaltuuksien ja tietosuojattujen viestien todentamiseksi ja viestien merkitsemiseksi ja kyseisessä järjestelmässä käytettävä asema, joka toimii erityisesti älykortin asemana
EP0555219A4 (en) Method and apparatus for personal identification
ES2057264T3 (es) Procedimiento para la verificacion de un terminal que se comunica con tarjetas de chips.
EP0805575A3 (en) Transponder
WO2001016899A3 (en) Portable terminal
EP0818762A3 (en) Coding device, decoding device and IC circuit

Legal Events

Date Code Title Description
FG2A Definitive protection

Ref document number: 552392

Country of ref document: ES