ES2084846T3 - Procedimiento para la autentificacion mutua de una tarjeta de chip y un terminal. - Google Patents

Procedimiento para la autentificacion mutua de una tarjeta de chip y un terminal.

Info

Publication number
ES2084846T3
ES2084846T3 ES92101016T ES92101016T ES2084846T3 ES 2084846 T3 ES2084846 T3 ES 2084846T3 ES 92101016 T ES92101016 T ES 92101016T ES 92101016 T ES92101016 T ES 92101016T ES 2084846 T3 ES2084846 T3 ES 2084846T3
Authority
ES
Spain
Prior art keywords
terminal
card
chip
authentication
procedure
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Lifetime
Application number
ES92101016T
Other languages
English (en)
Inventor
Harald Dipl-Ing Hewel
Stanislaus Dipl-Math Gefrorer
Dietrich Dipl-Ing Kruse
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Wincor Nixdorf International GmbH
Original Assignee
Siemens Nixdorf Informationssysteme AG
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Siemens Nixdorf Informationssysteme AG filed Critical Siemens Nixdorf Informationssysteme AG
Application granted granted Critical
Publication of ES2084846T3 publication Critical patent/ES2084846T3/es
Anticipated expiration legal-status Critical
Expired - Lifetime legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1016Devices or methods for securing the PIN and other transaction-data, e.g. by encryption
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/409Device specific authentication in transaction processing
    • G06Q20/4097Device specific authentication in transaction processing using mutual authentication between devices and transaction partners
    • G06Q20/40975Device specific authentication in transaction processing using mutual authentication between devices and transaction partners using encryption therefor
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1008Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • H04L9/3273Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response for mutual authentication

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Business, Economics & Management (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Accounting & Taxation (AREA)
  • Theoretical Computer Science (AREA)
  • Signal Processing (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Finance (AREA)
  • Credit Cards Or The Like (AREA)
  • Storage Device Security (AREA)
  • Collating Specific Patterns (AREA)

Abstract

EL PROCEDIMIENTO CITADO SUPLE AL METODO DE CHALLENGE AND RESPONSE (DEMANDA Y RESPUESTA) PARA LA AUTENTIFICACION RECIPROCA DE UNA TARJETA-CHIP (CHK) Y DE UN TERMINAL (T). CON AYUDA DE MAGNITUDES DE IDENTIFICACION (ID) PARA EL TERMINAL (T), LA APLICACION CONTINUA Y EL MODULO DE SEGURIDAD QUE SE ENCUENTRA EN EL TERMINAL (T), DE UNA FUNCION CODIFICADA (FCY, FTY) Y EL CODIGO ESPECIFICO DE LA TARJETA-CHIP (KC1, KT1), SE DETERMINA ANTES DE LA AUTENTIFICACION DEL TERMINAL (T) UN CODIGO ESPECIFICO DEL TERMINAL (KC2, KT2). LAS MAGNITUDES DE IDENTIFICACION (ID) SON FACILITADAS DESPUES DE LA CONCLUSION POSITIVA DE LA AUTENTIFICACION, OPTICA Y/O ACUSTICAMENTE AL USUARIO DE LA TARJETA-CHIP.
ES92101016T 1992-01-22 1992-01-22 Procedimiento para la autentificacion mutua de una tarjeta de chip y un terminal. Expired - Lifetime ES2084846T3 (es)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
EP92101016A EP0552392B1 (de) 1992-01-22 1992-01-22 Verfahren zur gegenseitigen Authentifikation einer Chipkarte und eines Terminals

Publications (1)

Publication Number Publication Date
ES2084846T3 true ES2084846T3 (es) 1996-05-16

Family

ID=8209259

Family Applications (1)

Application Number Title Priority Date Filing Date
ES92101016T Expired - Lifetime ES2084846T3 (es) 1992-01-22 1992-01-22 Procedimiento para la autentificacion mutua de una tarjeta de chip y un terminal.

Country Status (4)

Country Link
EP (1) EP0552392B1 (es)
AT (1) ATE136139T1 (es)
DE (1) DE59205856D1 (es)
ES (1) ES2084846T3 (es)

Families Citing this family (23)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5544246A (en) * 1993-09-17 1996-08-06 At&T Corp. Smartcard adapted for a plurality of service providers and for remote installation of same
DE69526300T2 (de) * 1994-09-30 2003-01-23 Microchip Technology Inc., Chandler Schaltkreis und seine Wirkungsweise
DE19527715C2 (de) * 1995-07-31 1997-08-07 Deutsche Telekom Mobil Verfahren zur Nutzeridentifikation und -authentifikation bei Datenfunkverbindungen, zugehörige Chipkarten und Endgeräte
US5923762A (en) * 1995-12-27 1999-07-13 Pitney Bowes Inc. Method and apparatus for ensuring debiting in a postage meter prior to its printing a postal indicia
US5799290A (en) * 1995-12-27 1998-08-25 Pitney Bowes Inc. Method and apparatus for securely authorizing performance of a function in a distributed system such as a postage meter
JPH10222618A (ja) * 1997-01-31 1998-08-21 Toshiba Corp Icカード及びicカード処理システム
DE19705620C2 (de) * 1997-02-14 2000-11-09 Esd Information Technology Ent Anordnung und Verfahren zur dezentralen Chipkartenidentifikation
JP4268690B2 (ja) * 1997-03-26 2009-05-27 ソニー株式会社 認証システムおよび方法、並びに認証方法
AU761284B2 (en) * 1997-08-13 2003-05-29 Panasonic Corporation Mobile electronic commerce system
US6128391A (en) * 1997-09-22 2000-10-03 Visa International Service Association Method and apparatus for asymetric key management in a cryptographic system
DE29804510U1 (de) 1998-03-13 1998-05-28 Deutschmann, Ingo, 06237 Leuna Terminal für Chipkarten
GB9905056D0 (en) 1999-03-05 1999-04-28 Hewlett Packard Co Computing apparatus & methods of operating computer apparatus
DE19935945A1 (de) 1999-07-30 2001-02-22 Giesecke & Devrient Gmbh Verfahren, Datenträger sowie System zur Authentisierung eines Benutzers und eines Endgeräts
US6990586B1 (en) * 2000-06-02 2006-01-24 International Business Machines Corp. Secure data transmission from unsecured input environments
EP1223565A1 (en) * 2001-01-12 2002-07-17 Motorola, Inc. Transaction system, portable device, terminal and methods of transaction
FR2824659B1 (fr) * 2001-05-11 2004-01-02 Ingenico Sa Procede de verification de l'integrite d'un terminal lors d'une transaction avec une carte a memoire
JP4067985B2 (ja) * 2003-02-28 2008-03-26 松下電器産業株式会社 アプリケーション認証システムと装置
DE102004004552A1 (de) * 2004-01-29 2005-08-18 Giesecke & Devrient Gmbh System mit wenigstens einem Computer und wenigstens einem tragbaren Datenträger
EP1600899A1 (de) * 2004-05-25 2005-11-30 Siemens Schweiz AG Verfahren zur Erzeugung eines Zugangscodes
US8621602B2 (en) 2004-06-09 2013-12-31 Nxp B.V. One-time authentication system
CN100337502C (zh) * 2004-07-28 2007-09-12 华为技术有限公司 一种在设备中逻辑绑定和验证器件的方法
DE102005033436A1 (de) * 2005-07-27 2007-02-01 Giesecke & Devrient Gmbh System mit wenigstens einer Rechnerplattform und wenigstens einem Benutzertoken
DE102016011878A1 (de) * 2016-10-04 2018-04-05 Giesecke+Devrient Mobile Security Gmbh Dynamisches Bereitstellen einer Prüfnummer

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR2549989B1 (fr) * 1983-07-29 1985-09-13 Philips Ind Commerciale Systeme d'authentification entre un lecteur de carte et une carte de paiement echangeant des informations
GB2227111B (en) * 1989-01-17 1993-05-19 Toshiba Kk Certification system
DE59003920D1 (de) * 1989-03-08 1994-02-03 Siemens Nixdorf Inf Syst Verfahren zur Generierung einer Zufallszahl für die verschlüsselte Übertragung von Daten.
EP0400441B1 (de) * 1989-05-30 1994-07-27 Siemens Nixdorf Informationssysteme Aktiengesellschaft Verfahren zur Prüfung eines mit Chipkarten kommunizierenden Terminals

Also Published As

Publication number Publication date
DE59205856D1 (de) 1996-05-02
EP0552392A1 (de) 1993-07-28
ATE136139T1 (de) 1996-04-15
EP0552392B1 (de) 1996-03-27

Similar Documents

Publication Publication Date Title
ES2084846T3 (es) Procedimiento para la autentificacion mutua de una tarjeta de chip y un terminal.
EP0372692A3 (en) Identification means with encrypted security code
DE59006252D1 (de) Chipkartenleser.
NO892625D0 (no) Innpluggings-kortmodul.
ES2160674T3 (es) Un lector de tarjetas.
DE69423273D1 (de) IC Karte mit hoher Sicherheit
NO863047L (no) Absorpsjonslegeme, saerlig til bruk som engangsartikler saasom bleier, sanitetsbind og bandasjer.
ES2069613T3 (es) Procedimiento y dispositivo para simplificar el uso de un gran numero de tarjetas de credito y similares.
NO944604L (no) Fremgangsmåte ved lesing av data fra et SMART-kort, samt tilhörende leser
BR9407319A (pt) Sistema autenticador para autenticar a identidade de usuário que possui cartão autenticador e sistema e processo para autenticar a identidade de usuário e processo para autenticar a identidade de usuário através da posse de cartão autenticador
ATE79970T1 (de) System zur identifizierung von personen.
ES2149585T3 (es) Procedimiento de comunicacion con caracteristicas de seguridad entre dos dispositivos y aplicacion de este metodo.
ES2183975T3 (es) Lector de tarjeta chip.
ATE316268T1 (de) Gesicherte herstellung von identifizierungskarten
FI884082A7 (fi) Menetelmä ja järjestelmä käyttövaltuuksien ja tietosuojattujen viestien todentamiseksi ja viestien merkitsemiseksi ja kyseisessä järjestelmässä käytettävä asema, joka toimii erityisesti älykortin asemana
DE69419967D1 (de) Chip von IC Karte mit Mitteln zur Begrenzung der Anzahl von Authentifizierungen
DE3783974D1 (de) Optischer buchstabenleser.
DE59006322D1 (de) Chipkartenleser.
GB9517068D0 (en) On-the-fly smart card reader
DE69022533D1 (de) Strichcode-leseverfahren und -vorrichtungen.
NO167860C (no) Styrylaryloksy-etersulfonater, og deres anvendelse ved jordoljeutvinning.
DE3782582D1 (de) Verfahren zum erkennen einer missbraeuchlichen benutzung von chipkarten.
NO882818L (no) Gjenstand som er i stand til aa gjenvinne sine opprinnelige dimensjoner, og anvendelse av denne.
GB8910179D0 (en) Sheet for data code and method of recognizing the code
NO863213L (no) Identitetskort og fremstilling derav.

Legal Events

Date Code Title Description
FG2A Definitive protection

Ref document number: 552392

Country of ref document: ES