US20020017558A1 - Smart card technology - Google Patents

Smart card technology Download PDF

Info

Publication number
US20020017558A1
US20020017558A1 US09/867,496 US86749601A US2002017558A1 US 20020017558 A1 US20020017558 A1 US 20020017558A1 US 86749601 A US86749601 A US 86749601A US 2002017558 A1 US2002017558 A1 US 2002017558A1
Authority
US
United States
Prior art keywords
terminal
card
valid
verification message
memory
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
US09/867,496
Other versions
US6454173B2 (en
Inventor
Marcel Graves
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to US09/867,496 priority Critical patent/US6454173B2/en
Publication of US20020017558A1 publication Critical patent/US20020017558A1/en
Application granted granted Critical
Publication of US6454173B2 publication Critical patent/US6454173B2/en
Anticipated expiration legal-status Critical
Expired - Fee Related legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K7/00Methods or arrangements for sensing record carriers, e.g. for reading patterns
    • G06K7/0004Hybrid readers

Definitions

  • This invention relates generally to a system and method of providing information and services to a population of persons through portable devices which can be used to access any of a number of terminals to make use of the services offered at the said terminals.
  • the system and method in particular provide for security against unauthorized access.
  • the invention has use in the fields of automatic banking, automatic credit and debit transactions, passport and travel visa verification, health and medical records, security access, licensing and any other like field where fraud may pose a problem.
  • British Patent 1504196 to Moreno describes such a prior art system comprised of a portable device and a peripheral device or terminal which is connected to a central computer.
  • Many of the portable devices referred to as prior art in Moreno used magnetic track memories which could easily be modified or the contents read. Also the memory storage capacity was quite low and the memory was susceptible of accidental modification. This left such systems vulnerable to abuse from fraudulent intervention.
  • U.S. Pat. No. 3,702,464 addressed the problem of lack of memory capacity and volatility by disclosing a portable device containing an integrated circuit memory. The device still suffered from the problem that the memory could be read and the contents extracted or changed. Moreno advanced the art by adding inhibiting means to prevent the transfer of data out of or into prohibited areas of the memory of the portable device.
  • the portable device contained its own inhibiting means but the inhibiting means could be contained in the peripheral device.
  • British Patent 1505715 to Moreno there is disclosed a system for interchanging information which is like those described above, but without the error prone direct connections from the peripheral devices connected to the central computer.
  • the peripheral devices contained a write mechanism which could transfer the information from the portable device to the peripheral device which could in turn write the information on a second portable device.
  • These second portable devices would then be collected on some regular basis and taken to the central computer where the information would be transferred to the central computer's memory.
  • Canadian Patent 1207460 to Ugon discloses a method and apparatus for authorizing access to a service offered by an authorizing entity.
  • the system comprises a portable card with memory and a microprocessor, and an authorizing entity system capable of communicating with the card and also performing computer program operations.
  • the card and the system have the same algorithm to be executed and each has secret data upon which the algorithms operate to produce a result which can be compared to ensure that proper access is granted.
  • This system is rather complicated and involves an operator at the authorizing entity end.
  • the systems described above suffer from the problem of complexity or they are susceptible to fraudulent and unauthorized access and tampering with the information in the card or the terminal.
  • the present invention provides an apparatus and method for providing a highly secure and highly fraud proof system for providing access to services of an authorizing entity.
  • the invention provides an improvement over previous systems and methods of authorizing access to services in a card-terminal environment by providing for a system of protection and authorization which makes the system highly fraud-proof.
  • the system is comprised of a portable device such as a card, a peripheral device such as a terminal, and optionally, a remote host computer in the case of large systems, although it can be seen that the host computer is not necessary for an operational system.
  • These components are connected via some communication medium such as electrical connectors or optics or radio transmission.
  • the terminal contains a microprocessor or some such logic device and memory, a card reading device and a finger print scanner.
  • the card contains a microprocessor or some such logic device and memory, which can be connected to the terminal via electronic or some other means such as optics or radio transmission.
  • the card and terminal each have their own data and programs. Upon insertion of the card into the reader a process of verification is carried out by means of the microprocessors or logic units, the programs and data in the memories.
  • the card verifies that the terminal is valid, the terminal verifies that the card is valid and the user is verified by means of a finger print scan and comparison with finger print data previously recorded in the card. This is not to say that some other form of physical characteristic could not be used such as retinal or DNA scan.
  • encoding and decoding is used to further enhance the security of the system.
  • the invention comprises a system for the interchange of information comprising at least one portable electronic device; at least one terminal device;
  • communication means connecting the portable device with the terminal device; the portable device containing verification means to verify that the terminal device is a valid one; the terminal device containing verification means to verify that the portable device is a valid one and further verification means to verify that the user is authorized to use the system;
  • protection means to prevent tampering with a terminal and encryption means to encode and decode data at the interfaces between the portable device and the terminal device.
  • the invention also consists of a method of preventing unauthorized access to a system comprised of a plurality of portable devices, a plurality of terminal devices and a communication link connecting the said terminal devices to a central host computer wherein the said portable device contains information identifying the said portable device as well as the authorized user, when the said terminal is connected to the said portable device and power is supplied to the said portable device the terminal device queries the portable device to determine if it is a valid portable device, if not the portable device is retained or rejected by the terminal, in turn the portable device queries the terminal to determine if the terminal is a valid terminal, if not the portable device erases its memory and becomes harmless, the terminal in turn scans a physical characteristic of the user and compares that information with stored information on the portable device to determine if that user is authorized to use the portable device and the terminal, if the portable device and terminal are valid and the user is authorized access is allowed to the service, if not the card is retained or rejected; when the power to the terminal is interrupted the terminal programs and data are lost and can
  • said electronic card further stores the majority of application algorithms in the e-squared portion of the integrated circuit thereby providing a dynamic set up structure such that said card can be dynamically programmed for each unique application.
  • FIG. 1 is a pictorial representation of the basic system components, including an optional host computer.
  • FIG. 2 is a flow chart depicting the dialogue between the card and the terminal.
  • FIG. 3 is a block diagram illustrating hardware configuration.
  • FIG. 4 is a block diagram of a typical IC structure.
  • the host computer system 1 can be a personal computer, mini-computer, mainframe or any suitable computer configuration depending upon the particular application.
  • the host computer system is connected to terminal 3 by suitable linkages such as a telephone line through a modem. It is also possible to utilize other linkages such as radio transmission, or direct cable or optics.
  • Terminal 3 is described as an intelligent terminal and comprises an output device such as a display 5 , or a voice synthesizer or other means of communication with the user, a card reader 6 for reading or writing information from or to the card 4 . It also contains an input device 8 such as a keyboard or other means of inputting information to the terminal and a finger print scanning device 7 or some other device to obtain physical information about the user.
  • an output device such as a display 5 , or a voice synthesizer or other means of communication with the user
  • a card reader 6 for reading or writing information from or to the card 4 .
  • It also contains an input device 8 such as a keyboard or other means of inputting information to the terminal and a finger print scanning device 7 or some other device to obtain physical information about the user.
  • the system When a user wishes to utilize a card to gain access to a service from a terminal, the system requires a unique verification procedure to be implemented. Upon insertion of the card into the terminal, the terminal itself is verified by the card. The card is then verified by the terminal and then the user's finger print which has been digitized into the card at the time of issue is compared with the finger print which is submitted via the finger print scanning device at the time of use. Additional user identification such as a personal identification number can also be included.
  • FIG. 2 is a detailed flow chart depicting the above sequence of verification.
  • the card is an “intelligent card” with its own microprocessor or logic unit, memory, data and programs.
  • the card will not carry its own power supply but will be connected to the terminal's power supply when the card is inserted. However, it may be preferable in some cases for the card to have its own power supply.
  • the verification process shall start on the terminal side by generating a terminal verification message or question directed to the card.
  • the checkout is accomplished by simply waiting for a certain period of time for the terminal's question. If the question does not arrive, the card will destroy all information in its memory and become useless.
  • the parallel processing of the input question must proceed on both the terminal and card sides.
  • the checking of the card is achieved similarly to the card's check by waiting for the card verification message or answer for a certain period of time. If the answer does not arrive, the terminal can withhold the card or reject it. If the answer does arrive it will process it.
  • the invention can be configured to use different types of cards for different applications. For example:
  • the next stage is the verification process in which identity of the card user is verified. This is done through a process of finger print checkout, in which the terminal transmits a user identification instruction message to the card. The person's finger prints are scanned and compared with the template received from that stored on the card. Again, if any attempt is made to read the data from the card memory before the finger print verification process is completed, the card will destroy its data.
  • the card will only allow access to its memory after confirmation from the terminal that the user is permitted to use it.
  • FIG. 3 shows the hardware configuration of a preferred embodiment of a simple system comprised of only one terminal.
  • the host computer system 1 is remotely located from the terminal 3 .
  • the two are connected by way of a telephone line 2 and modems 10 a and 10 b .
  • the terminal 3 is composed of a PC-type motherboard 9 , which includes a microprocessor or other logic device and memory, an “intelligent card” reader 6 , a finger print scanner 7 , a custom keyboard 8 and a display 5 .
  • the card reader 6 is adapted to receive and communicate with the “intelligent card” 4 .
  • the “intelligent card” typically contains a microprocessor or some other logic device and memory.
  • Intelligent cards are a unique technology utilizing plastic or some other media in which to embed microprocessor or some such logic unit and memory chips. The cards accordingly have both memory and processing capabilities. Essentially they are pocket sized computer systems with a wide range of application possibilities.
  • the terminal could use an IBM PC.TM. motherboard, a Toshiba.TM. FZ 13 18 card reader and an IDENTIX Touchsave.TM. T5-500 finger print scanner.
  • the “intelligent card” could be a Toshiba TOSMART.TM. CZ-3000.
  • an IBM PC.TM. could be used as the host computer but larger more complex systems using many terminals may require a larger computer such as a mainframe.
  • Interconnections other than telephone lines and modems are possible.
  • a security system for a building may have dedicated communication cables connecting the various terminals to the host computer without the use of modems.
  • radio and optical interconnections are possible.
  • an encryption technique could be used to encode data before transmitting between the host computer and the terminal, and decoding upon receipt.
  • encoding and decoding could be used when reading and writing from and to the “intelligent card”.
  • FIG. 4 a schematic diagram of a typical integrated circuit (IC) structure which may be found in an intelligent or smart card. Included with a typical integrated circuit are:
  • CPU 112 CPU 112
  • Random Access Memory namely RAM 116
  • Other elements 120 including random number generator 122 , Oscillator 124 , and input/output components 126 .
  • the problem with Smart Card Technology is that the typical IC structure requires that the ROM masque be re-written every time to accommodate changes or new applications.
  • the current art places the instructions (also known as application algorithms) for a particular application, be it a passport card, credit card, a security access card, license card, or debit card, onto the ROM 114 section of the IC structure.
  • the application instructions are placed into the ROM 114 since this is a more secure location on the IC and it is more difficult for would be hackers to invade the ROM portion of the IC rather than EEPROM or the e-squared 118 section.
  • the problem with placing the application details onto the ROM 114 of the IC structure is that every time the application changes or there is an update or an improvement or errors are found in the application details a total new ROM masque must be created at a very high cost.
  • the current invention solves this problem through what is termed a dynamic set up structure that is soft coded into the e-squared 118 portion of a smart card.
  • a dynamic set up structure that is soft coded into the e-squared 118 portion of a smart card.
  • Another of advantage of placing the instruction set and/or the application algorithms onto the e-squared 118 portion of the IC structure is that if small changes are required in the application rather than having to rewrite the ROM masque completely, one is able to reprogram existing cards. In other words, it is possible to make changes dynamically thereby increasing the longevity and usefulness of a given set of cards and reduce the cost of correcting errors, making changes or adding additional features.

Abstract

The present invention an electronic card for use in a secure data interchange system having a terminal adapted to receive and communicate with said electronic card, said card having means for communicating with said terminal and having a memory for storing program algorithms and data therein including valid terminal verification data and valid user identification request data; said electronic card comprising:
(a) a microprocessor for monitoring for a predetermined period of time, immediately following insertion of said card in said terminal, an output from said terminal for a terminal verification message and being operable to erase said memory when said terminal verification message is not received within said predetermined period of time and being responsive to said terminal verification message received within said predetermined period of time, by comparing said received terminal verification message to said stored valid terminal verification message and being operable to erase said memory when said received terminal verification message is not valid; and means for monitoring, following receipt of a valid terminal verification message, the output from said terminal for a user identification request and being responsive to said user identification request by comparing said received user identification request to said stored valid user identification request and being operable to erase said memory when said user identification request is not valid and being operable to erase said memory when said received request is an attempt to read data from said memory before receipt of said valid user identification request.
(b) said electronic card further storing the majority of application algorithms in the e-squared portion of the integrated circuit thereby providing a dynamic set up structure such that said card can be dynamically programmed for each unique application.

Description

    FIELD OF THE INVENTION
  • This invention relates generally to a system and method of providing information and services to a population of persons through portable devices which can be used to access any of a number of terminals to make use of the services offered at the said terminals. The system and method in particular provide for security against unauthorized access. The invention has use in the fields of automatic banking, automatic credit and debit transactions, passport and travel visa verification, health and medical records, security access, licensing and any other like field where fraud may pose a problem. [0001]
    • BACKGROUND OF THE INVENTION
  • Data transfer systems using portable devices such as cards with some memory capability, for example, a magnetic strip, and terminals to which the portable devices can be connected are well known. Generally they are used to control access to some area or service. Usually the terminals are connected to a central processing unit or computer which controls access and is the ultimate storage facility for the information on the card. [0002]
  • British Patent 1504196 to Moreno describes such a prior art system comprised of a portable device and a peripheral device or terminal which is connected to a central computer. Many of the portable devices referred to as prior art in Moreno used magnetic track memories which could easily be modified or the contents read. Also the memory storage capacity was quite low and the memory was susceptible of accidental modification. This left such systems vulnerable to abuse from fraudulent intervention. [0003]
  • U.S. Pat. No. 3,702,464 addressed the problem of lack of memory capacity and volatility by disclosing a portable device containing an integrated circuit memory. The device still suffered from the problem that the memory could be read and the contents extracted or changed. Moreno advanced the art by adding inhibiting means to prevent the transfer of data out of or into prohibited areas of the memory of the portable device. Preferably the portable device contained its own inhibiting means but the inhibiting means could be contained in the peripheral device. [0004]
  • In British Patent 1505715 to Moreno there is disclosed a system for interchanging information which is like those described above, but without the error prone direct connections from the peripheral devices connected to the central computer. The peripheral devices contained a write mechanism which could transfer the information from the portable device to the peripheral device which could in turn write the information on a second portable device. These second portable devices would then be collected on some regular basis and taken to the central computer where the information would be transferred to the central computer's memory. [0005]
  • Canadian Patent 1207460 to Ugon discloses a method and apparatus for authorizing access to a service offered by an authorizing entity. The system comprises a portable card with memory and a microprocessor, and an authorizing entity system capable of communicating with the card and also performing computer program operations. The card and the system have the same algorithm to be executed and each has secret data upon which the algorithms operate to produce a result which can be compared to ensure that proper access is granted. This system is rather complicated and involves an operator at the authorizing entity end. [0006]
  • It is also known to encode a fingerprint on a portable card to verify the identity of the user. UK Patent Application GB 2185937 A of O'Shea et al discloses a credit or similar card which incorporates a computer generated image of the fingerprint of the authorized user. When a transaction is to be verified the user's finger print is scanned by a finger print reader and the result is compared with the information on the card. The user is authorized to have access if the prints match. Such devices are presently commercially available. [0007]
  • The systems described above suffer from the problem of complexity or they are susceptible to fraudulent and unauthorized access and tampering with the information in the card or the terminal. The present invention provides an apparatus and method for providing a highly secure and highly fraud proof system for providing access to services of an authorizing entity. [0008]
    • SUMMARY OF THE INVENTION
  • The invention provides an improvement over previous systems and methods of authorizing access to services in a card-terminal environment by providing for a system of protection and authorization which makes the system highly fraud-proof. The system is comprised of a portable device such as a card, a peripheral device such as a terminal, and optionally, a remote host computer in the case of large systems, although it can be seen that the host computer is not necessary for an operational system. These components are connected via some communication medium such as electrical connectors or optics or radio transmission. The terminal contains a microprocessor or some such logic device and memory, a card reading device and a finger print scanner. The card contains a microprocessor or some such logic device and memory, which can be connected to the terminal via electronic or some other means such as optics or radio transmission. The card and terminal each have their own data and programs. Upon insertion of the card into the reader a process of verification is carried out by means of the microprocessors or logic units, the programs and data in the memories. The card verifies that the terminal is valid, the terminal verifies that the card is valid and the user is verified by means of a finger print scan and comparison with finger print data previously recorded in the card. This is not to say that some other form of physical characteristic could not be used such as retinal or DNA scan. Where data is being transmitted between components of the system encoding and decoding is used to further enhance the security of the system. [0009]
  • The invention comprises a system for the interchange of information comprising at least one portable electronic device; at least one terminal device; [0010]
  • communication means connecting the portable device with the terminal device; the portable device containing verification means to verify that the terminal device is a valid one; the terminal device containing verification means to verify that the portable device is a valid one and further verification means to verify that the user is authorized to use the system; [0011]
  • protection means to prevent tampering with a terminal and encryption means to encode and decode data at the interfaces between the portable device and the terminal device. [0012]
  • The invention also consists of a method of preventing unauthorized access to a system comprised of a plurality of portable devices, a plurality of terminal devices and a communication link connecting the said terminal devices to a central host computer wherein the said portable device contains information identifying the said portable device as well as the authorized user, when the said terminal is connected to the said portable device and power is supplied to the said portable device the terminal device queries the portable device to determine if it is a valid portable device, if not the portable device is retained or rejected by the terminal, in turn the portable device queries the terminal to determine if the terminal is a valid terminal, if not the portable device erases its memory and becomes harmless, the terminal in turn scans a physical characteristic of the user and compares that information with stored information on the portable device to determine if that user is authorized to use the portable device and the terminal, if the portable device and terminal are valid and the user is authorized access is allowed to the service, if not the card is retained or rejected; when the power to the terminal is interrupted the terminal programs and data are lost and can only be reloaded by authorized personnel with their access portable devices or from the host computer; encryption is used at the portable device and terminal interface as well as at the terminal and host computer interface. [0013]
  • Preferably said electronic card further stores the majority of application algorithms in the e-squared portion of the integrated circuit thereby providing a dynamic set up structure such that said card can be dynamically programmed for each unique application.[0014]
    • BRIEF DESCRIPTION OF THE DRAWINGS
  • The invention will now be described by way of example only, with references to the following drawings in which: [0015]
  • In drawings which illustrate embodiments of the inventions, [0016]
  • FIG. 1 is a pictorial representation of the basic system components, including an optional host computer. [0017]
  • FIG. 2 is a flow chart depicting the dialogue between the card and the terminal. [0018]
  • FIG. 3 is a block diagram illustrating hardware configuration. [0019]
  • FIG. 4 is a block diagram of a typical IC structure.[0020]
    • DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENT
  • It should be apparent to persons skilled in the arts that various modifications and adaptation of this structure described above are possible without departure from the spirit of the invention the scope of which defined in the appended claim. [0021]
  • The combining of the capability of an intelligent card co-operating with an intelligent terminal, a finger print scanning device, and optionally interfacing with a host computer to ensure maximum possible protection for a card user and a card issuer, is very desirable. In FIG. 1 the basic hardware configuration needed to implement such an idea is set out in pictorial form. The host computer system [0022] 1 can be a personal computer, mini-computer, mainframe or any suitable computer configuration depending upon the particular application. The host computer system is connected to terminal 3 by suitable linkages such as a telephone line through a modem. It is also possible to utilize other linkages such as radio transmission, or direct cable or optics. Terminal 3 is described as an intelligent terminal and comprises an output device such as a display 5, or a voice synthesizer or other means of communication with the user, a card reader 6 for reading or writing information from or to the card 4. It also contains an input device 8 such as a keyboard or other means of inputting information to the terminal and a finger print scanning device 7 or some other device to obtain physical information about the user.
  • When a user wishes to utilize a card to gain access to a service from a terminal, the system requires a unique verification procedure to be implemented. Upon insertion of the card into the terminal, the terminal itself is verified by the card. The card is then verified by the terminal and then the user's finger print which has been digitized into the card at the time of issue is compared with the finger print which is submitted via the finger print scanning device at the time of use. Additional user identification such as a personal identification number can also be included. [0023]
  • If the terminal into which the card is inserted is not a valid terminal the card will erase its memory rendering itself useless to any would-be unauthorized user. [0024]
  • An invalid card will be retained by the terminal and retrieved by authorized personnel. If the finger prints don't match the card is retained, otherwise access is granted to the service offered by the terminal. [0025]
  • FIG. 2 is a detailed flow chart depicting the above sequence of verification. In the preferred embodiment the card is an “intelligent card” with its own microprocessor or logic unit, memory, data and programs. In the preferred embodiment it is envisaged that the card will not carry its own power supply but will be connected to the terminal's power supply when the card is inserted. However, it may be preferable in some cases for the card to have its own power supply. [0026]
  • The whole process will start with the card's insertion into the terminal reader. [0027]
  • The verification process, then, shall start on the terminal side by generating a terminal verification message or question directed to the card. On the card side, the checkout is accomplished by simply waiting for a certain period of time for the terminal's question. If the question does not arrive, the card will destroy all information in its memory and become useless. [0028]
  • If one assumes that the card and the terminal are the correct ones, the parallel processing of the input question must proceed on both the terminal and card sides. On the terminal side, the checking of the card is achieved similarly to the card's check by waiting for the card verification message or answer for a certain period of time. If the answer does not arrive, the terminal can withhold the card or reject it. If the answer does arrive it will process it. [0029]
  • The invention can be configured to use different types of cards for different applications. For example: [0030]
  • 1) Passport cards [0031]
  • 2) Credit cards [0032]
  • 3) Security access cards [0033]
  • 4) Licence cards [0034]
  • 5) Debit cards [0035]
  • Different types of cards would produce different answers to the initial question. This would be the way the terminal recognizes the type of card it is dealing with. If the answer from the card arrives on time, the terminal would sort the answer to the proper application and proceed by checking if the answer is correct. In the negative case, it would, again, withhold or reject the card. [0036]
  • The next stage is the verification process in which identity of the card user is verified. This is done through a process of finger print checkout, in which the terminal transmits a user identification instruction message to the card. The person's finger prints are scanned and compared with the template received from that stored on the card. Again, if any attempt is made to read the data from the card memory before the finger print verification process is completed, the card will destroy its data. [0037]
  • The card will only allow access to its memory after confirmation from the terminal that the user is permitted to use it. [0038]
  • It is unlikely that the whole verification process will take any longer than approximately 25 seconds although the timing is not critical. [0039]
  • It is possible that someone could try to gain access to the data or the software itself by tampering with the terminal. To prevent this, all terminal software could be placed on RAM memory only. This way it would be lost immediately if the power to the terminal is disrupted. Only a licensed technician with his own access portable device would be able to down load new software either from his portable device or from the host computer, and bring the terminal up again. [0040]
  • The block diagram of FIG. 3 shows the hardware configuration of a preferred embodiment of a simple system comprised of only one terminal. The host computer system [0041] 1 is remotely located from the terminal 3. The two are connected by way of a telephone line 2 and modems 10 a and 10 b. The terminal 3 is composed of a PC-type motherboard 9, which includes a microprocessor or other logic device and memory, an “intelligent card” reader 6, a finger print scanner 7, a custom keyboard 8 and a display 5. The card reader 6 is adapted to receive and communicate with the “intelligent card” 4. The “intelligent card” typically contains a microprocessor or some other logic device and memory. Appropriate software and data are stored in the terminal 3 and in the “intelligent card” 4 to enable the verification procedures represented by the flow chart of FIG. 2 to be carried out. “Intelligent cards” are a unique technology utilizing plastic or some other media in which to embed microprocessor or some such logic unit and memory chips. The cards accordingly have both memory and processing capabilities. Essentially they are pocket sized computer systems with a wide range of application possibilities.
  • A number of off-the-shelf items can be used in the system. The terminal could use an IBM PC.TM. motherboard, a Toshiba.TM. FZ[0042] 13 18 card reader and an IDENTIX Touchsave.TM. T5-500 finger print scanner. The “intelligent card” could be a Toshiba TOSMART.TM. CZ-3000. Typically an IBM PC.TM. could be used as the host computer but larger more complex systems using many terminals may require a larger computer such as a mainframe.
  • Interconnections other than telephone lines and modems are possible. For example a security system for a building may have dedicated communication cables connecting the various terminals to the host computer without the use of modems. Also radio and optical interconnections are possible. [0043]
  • Finally to further enhance security an encryption technique could be used to encode data before transmitting between the host computer and the terminal, and decoding upon receipt. Similarly encoding and decoding could be used when reading and writing from and to the “intelligent card”. [0044]
  • Presently Preferred Embodiment [0045]
  • Referring now to FIG. 4 a schematic diagram of a typical integrated circuit (IC) structure which may be found in an intelligent or smart card. Included with a typical integrated circuit are: [0046]
  • A Central Processing Unit; [0047] CPU 112
  • Read Only Memory namely ROM [0048] 114
  • Random Access Memory namely RAM [0049] 116
  • Electronically Erasable Programmable Read Only Memory EEPROM namely e-squared [0050] 118
  • [0051] Other elements 120, including random number generator 122, Oscillator 124, and input/output components 126.
  • In the present art the problem with Smart Card Technology is that the typical IC structure requires that the ROM masque be re-written every time to accommodate changes or new applications. The current art places the instructions (also known as application algorithms) for a particular application, be it a passport card, credit card, a security access card, license card, or debit card, onto the ROM [0052] 114 section of the IC structure. The application instructions are placed into the ROM 114 since this is a more secure location on the IC and it is more difficult for would be hackers to invade the ROM portion of the IC rather than EEPROM or the e-squared 118 section. The problem with placing the application details onto the ROM 114 of the IC structure is that every time the application changes or there is an update or an improvement or errors are found in the application details a total new ROM masque must be created at a very high cost.
  • The current invention solves this problem through what is termed a dynamic set up structure that is soft coded into the e-squared [0053] 118 portion of a smart card. By placing the application algorithms into the e-squared 118 portion of the integrated structure, cards can be produced very quickly for a number of applications simply by reprogramming the e-squared 118 section of the integrated circuit rather than having to produce an entirely new ROM masque for each particular application or change that is made to the functioning of the card.
  • Currently placing the application details into the e-squared [0054] 118 section of the integrated circuit is considered a great security risk since this portion of the card is the easiest to invade and copy. Therefore presently the application details are placed into the ROM 114 structure described above.
  • With the advent of self-destruct features described in U.S. Pat. No. 5,239,166 and herein as well, it now becomes possible to utilize the EEPROM or e-squared [0055] 118 section of the IC structure in order to store the application algorithms into a secure fashion onto the integrated circuit.
  • In addition, by utilizing a larger EEPROM or e-squared [0056] 118 section of the integrated circuit, chips can be designed and built with a far smaller ROM 114 allocation. The application algorithms can now be placed in the e-squared 118 section rather than the ROM 114 section, therefore, the ROM 114 section need not be near as large as the current convention. By way of example on power up of a smart card, the card asks if a legitimate terminal is attempting to access its data. If a failed response from the terminal attempting access occurs (usually within a certain time limitation), the card destructs itself by writing zero into all of its registers thereby rendering the card blank. As a result would be copiers cannot duplicate the card because they are unable to determine what needs to be duplicated since it has been erased by the time they attempt to make a duplication.
  • Another of advantage of placing the instruction set and/or the application algorithms onto the e-squared [0057] 118 portion of the IC structure is that if small changes are required in the application rather than having to rewrite the ROM masque completely, one is able to reprogram existing cards. In other words, it is possible to make changes dynamically thereby increasing the longevity and usefulness of a given set of cards and reduce the cost of correcting errors, making changes or adding additional features.
  • Summary [0058]
  • Current Smart Card Technology requires the instruction set as per the application to reside primarily in the ROM [0059] 114. This is usually done in an effort to provide some form of security for the application algorithms. With this invention certain algorithms still reside in the ROM, however the bulk of the application algorithms can now be stored in the e-squared 118 portion of the chip where future alterations to an existing application can be made providing it has been originally developed for the use of the dynamic set up structure as disclosed in this specification. The dynamic set up structure together with the self erase feature creates a smart card which is highly secure. Additionally less ROM is required as heretofore and dynamic programming of smart cards becomes possible without compromising security.

Claims (18)

I claim:
1. An electronic card for use in a secure data interchange system having a terminal adapted to receive and communicate with said electronic card, said card having means for communicating with said terminal and having a memory for storing program algorithms and data therein including valid terminal verification data and valid user identification request data; said electronic card comprising:
(a) means for monitoring, for a predetermined period of time, immediately following insertion of said card in said terminal, an output from said terminal for a terminal verification message and being operable to erase said memory when said terminal verification message is not received within said predetermined period of time and being responsive to said terminal verification message received within said predetermined period of time, by comparing said received terminal verification message to said stored valid terminal verification message and being operable to erase said memory when said received terminal verification message is not valid; and means for monitoring, following receipt of a valid terminal verification message, the output from said terminal for a user identification request and being responsive to said user identification request by comparing said received user identification request to said stored valid user identification request and being operable to erase said memory when said user identification request is not valid and being operable to erase said memory when said received request is an attempt to read data from said memory before receipt of said valid user identification request.
(b) said electronic card further storing the majority of application algorithms in the e-squared portion of the integrated circuit thereby providing a dynamic set up structure such that said card can be dynamically programmed for each unique application.
2. A card as defined in claim 1, wherein each of said means for monitoring is a microprocessor.
3. A card as defined in claim 1 or 2, said memory including pre-stored information indicative of a predetermined user of said card and said means for monitoring, following receipt of a valid terminal verification message being operable to read said predetermined user information from said memory and being operable to transmit to said terminal said predetermined user information, upon receipt of said valid user identification request.
4. An electronic card for use in a secure data interchange system having a terminal adapted to receive and communicate with said electronic card, said card comprising:
(a) means for communicating with said terminal;
memory for storing program algorithms and data therein including valid terminal verification data, valid user identification request data, and information indicative of a predetermined user of said card;
means for monitoring, for a predetermined period of time, immediately following insertion of said card in said terminal, an output from said terminal for a terminal verification message and being operable to erase said memory when said terminal verification message is not received within said predetermined period of time and being responsive to said terminal verification message received within said predetermined period of time, by comparing said received terminal verification message to said stored valid terminal verification message and being operable to erase said memory when said received terminal verification message is not valid;
means for monitoring, following receipt of a valid terminal verification message, the output from said terminal for a user identification request and being responsive to said user identification request by comparing said received user identification request to said stored valid user identification request and being operable to erase said memory when said user identification request is not valid identification instruction message and being operable to erase said memory when said received request is an attempt to read data from said memory before receipt of said valid user identification request;
each of said means for monitoring is a microprocessor; and
said means for monitoring, following receipt of a valid terminal verification message, being operable to read said predetermined user information from said memory and being operable to transmit to said terminal said predetermined user information, upon receipt of said valid user identification request.
(b) said electronic card further storing the majority of application algorithms in the e-squared portion of the integrated circuit thereby providing a dynamic set up structure such that said card can be dynamically programmed for each unique application.
5. A card as defined in claim 4, said microprocessor including a computer program.
6. A card as defined in claim 4, said predetermined user information being indicative of a physical characteristic of an authorized user of the card.
7. A card as defined in claim 6, said physical characteristic is a computer generated image of a finger print pattern of said authorized user of said card.
8. A card as defined in claim 4, 5 6, or 7, including means for receiving power, from said terminal, upon insertion of said card in said terminal.
9. A method for providing a secure electronic card for use in a data interchange system, wherein a terminal is adapted to receive and communicate with the electronic card and wherein said card has means for communicating with said terminal and a memory for storing data and program algorithms therein including valid terminal verification data and valid user identification request data, said method comprising:
monitoring by said card for a predetermined period of time, immediately following insertion of said card in said terminal, an output from said terminal for a terminal verification message;
erasing said memory when said terminal verification message is not received within said predetermined period of time, and comparing said terminal verification message received within said predetermined period of time to said stored valid terminal verification message, and erasing said memory when said terminal verification message is not valid;
monitoring by said card, following receipt of a valid terminal verification message, the output from said terminal for a user identification request from said terminal and comparing said received user identification request to said stored valid user identification request; and
erasing said memory when said user identification request is not valid, and erasing said memory when said request is an attempt to read data from said memory before receipt of a valid user identification request.
storing the majority of application algorithms in the e-squared portion of the integrated circuit thereby providing a dynamic set up structure such that said card can be dynamically programmed for each unique application.
10. A method as defined in claim 9, including transmitting to said terminal a card verification message for verification of said card by said terminal, following receipt, within said predetermined period of time, of said valid terminal identification message.
11. A method as defined in claim 9, said card including information, pre-stored therein, indicative of a predetermined user of said card, said method including:
(a) reading said stored predetermined user information from said memory; and
transmitting said predetermined user information to said terminal, upon receipt of a valid user identification request, for verification by said terminal of said user.
12. A system for the secure interchange of information comprising:
(a) at least one portable electronic card having a memory for storing program algorithms and data therein including valid terminal verification data and valid user identification request data;
at least one terminal device adapted to receive and communicate with said portable electronic card;
said card including:
means for communicating with said terminal;
means for monitoring, for a predetermined period of time, immediately following insertion of said card in said terminal, an output from said terminal for a terminal verification message and being operable to erase said memory when said terminal verification message is not received within said predetermined period of time, and being responsive to said terminal verification message received within said predetermined period of time, by comparing said received terminal verification message to said stored valid terminal verification message and being operable to erase said memory when said received terminal verification message is not valid; and
means for monitoring, following receipt of a valid terminal verification message, the output from said terminal for a user identification request and being responsive to said user identification request by comparing said received user identification request to said stored valid user identification request and being operable to erase said memory when said user identification request is not valid and being operable to erase said memory when said received request is an attempt to read data from said memory before receipt of said valid user identification request.
(b) said electronic card further storing the majority of application algorithms in the e-squared portion of the integrated circuit thereby providing a dynamic set up structure such that said card can be dynamically programmed for each unique application.
13. A system as defined in claim 12, said terminal comprising:
terminal memory having a valid card verification message stored therein;
means for transmitting to said output said terminal verification message, upon insertion of said card in said terminal; means for monitoring, for a second predetermined period of time a card output for receipt of a card verification message and being operable to reject said card when said card verification message is not received within said second predetermined period of time, and being responsive to said card verification message received within said second predetermined period of time by comparing said received card verification message to a stored valid card verification message, and being operable to reject said card when said received card verification message is invalid;
means for reading a user identification from said user following receipt of a valid card verification message; and
means for transmitting to said output a user identification request, and means for monitoring said card output for receipt of said predetermined user information and being responsive to said predetermined user information for comparing said received predetermined user information to said read user identification, and being operable to reject said card when said predetermined user information is invalid.
14. A system as defined in claim 13, said card including means for transmitting to said terminal, following receipt of valid terminal verification message, a card verification message.
15. A system as defined in claim 13, said means for reading is a scanning device for scanning a physical characteristic of said user.
16. A system as defined in claim 15, said physical characteristic is a finger print pattern.
17. A system as defined in claim 12, said card including means for transmitting to said terminal, following receipt of valid terminal verification message, a card verification message.
18. A system as defined in claim 12, 13 or 17, including protection means associated with said terminal to prevent tampering with said terminal and said protection means including a volatile memory which loses its contents when power is interrupted to said memory.
US09/867,496 2000-08-14 2001-05-31 Smart card technology Expired - Fee Related US6454173B2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US09/867,496 US6454173B2 (en) 2000-08-14 2001-05-31 Smart card technology

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US22490400P 2000-08-14 2000-08-14
US09/867,496 US6454173B2 (en) 2000-08-14 2001-05-31 Smart card technology

Publications (2)

Publication Number Publication Date
US20020017558A1 true US20020017558A1 (en) 2002-02-14
US6454173B2 US6454173B2 (en) 2002-09-24

Family

ID=26919110

Family Applications (1)

Application Number Title Priority Date Filing Date
US09/867,496 Expired - Fee Related US6454173B2 (en) 2000-08-14 2001-05-31 Smart card technology

Country Status (1)

Country Link
US (1) US6454173B2 (en)

Cited By (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030026589A1 (en) * 1998-07-30 2003-02-06 Barton James M. Smart card digital video recorder system
US20040013406A1 (en) * 1998-07-30 2004-01-22 Barton James M. Digital video recorder system with an integrated DVD recording device
EP1462988A1 (en) 2003-03-28 2004-09-29 Canon Kabushiki Kaisha Recording media discard device, recording media discard system, and contents administration method
US20040188519A1 (en) * 2003-03-31 2004-09-30 Kepler, Ltd. A Hong Kong Corporation Personal biometric authentication and authorization device
US20050132418A1 (en) * 1998-07-30 2005-06-16 Tivo Inc. Multimedia time warping system
US20070230921A1 (en) * 2001-04-05 2007-10-04 Barton James M Multimedia time warping system
CN100344138C (en) * 2002-11-25 2007-10-17 费舍-柔斯芒特系统股份有限公司 Interactive two-way collaboration in process control plants
JP2009523232A (en) * 2006-01-12 2009-06-18 マイクロラボ ピーティーワイ エルティーディー New instrumentation system and method
US20090269024A1 (en) * 1998-07-30 2009-10-29 Tivo Inc. Multimedia signal processing system
US8484671B1 (en) 2003-10-07 2013-07-09 The Directv Group, Inc. Receiver interface with multiple access cards
US9264686B2 (en) 1998-07-30 2016-02-16 Tivo Inc. Tag-based menus in video streams
US9967534B1 (en) 2004-11-19 2018-05-08 Tivo Solutions Inc. Digital video recorder video editing system
US20190097803A1 (en) * 2017-09-22 2019-03-28 Cubic Corporation Encrypted reverse biometric token validation

Families Citing this family (38)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
AUPQ585100A0 (en) * 2000-02-25 2000-03-16 Canon Kabushiki Kaisha Customisable filter interface
JP2002008070A (en) * 2000-06-26 2002-01-11 Toshiba Corp Passing inspecting system
US20020129251A1 (en) * 2001-03-01 2002-09-12 Yukio Itakura Method and system for individual authentication and digital signature utilizing article having DNA based ID information mark
US7111255B2 (en) * 2001-06-25 2006-09-19 International Business Machines Corporation Time-based evaluation of data verification results
JP2003099752A (en) * 2001-09-26 2003-04-04 Hitachi Electronics Service Co Ltd Passport with id chip for preventing falsification
WO2004008282A2 (en) * 2002-07-12 2004-01-22 Privaris, Inc. Personal authentication software and systems for travel privilege assignation and verification
US9022294B2 (en) * 2003-04-14 2015-05-05 G. Holdings Ltd. Portable electronic device and method for alternate data conveyance operations responsive to an invariable activation command
WO2004090805A1 (en) * 2003-04-14 2004-10-21 G. Holdings Ltd. Portable electronic device capable of alternate data conveyance operations responsive to an invariable activation command
US7084734B2 (en) * 2003-08-07 2006-08-01 Georgia Tech Research Corporation Secure authentication of a user to a system and secure operation thereafter
US7421589B2 (en) * 2004-07-21 2008-09-02 Beachhead Solutions, Inc. System and method for lost data destruction of electronic data stored on a portable electronic device using a security interval
US20060224420A1 (en) * 2005-04-05 2006-10-05 Apsrfid, Llc Healthcare insurance security system
US7907486B2 (en) 2006-06-20 2011-03-15 The Invention Science Fund I, Llc Rotation responsive disk activation and deactivation mechanisms
US8218262B2 (en) 2005-05-09 2012-07-10 The Invention Science Fund I, Llc Method of manufacturing a limited use data storing device including structured data and primary and secondary read-support information
US7519980B2 (en) * 2005-05-09 2009-04-14 Searete Llc Fluid mediated disk activation and deactivation mechanisms
US8121016B2 (en) 2005-05-09 2012-02-21 The Invention Science Fund I, Llc Rotation responsive disk activation and deactivation mechanisms
US7565596B2 (en) 2005-09-09 2009-07-21 Searete Llc Data recovery systems
US7916615B2 (en) 2005-06-09 2011-03-29 The Invention Science Fund I, Llc Method and system for rotational control of data storage devices
US7770028B2 (en) * 2005-09-09 2010-08-03 Invention Science Fund 1, Llc Limited use data storing device
US7668068B2 (en) * 2005-06-09 2010-02-23 Searete Llc Rotation responsive disk activation and deactivation mechanisms
US8220014B2 (en) 2005-05-09 2012-07-10 The Invention Science Fund I, Llc Modifiable memory devices having limited expected lifetime
US7668069B2 (en) * 2005-05-09 2010-02-23 Searete Llc Limited use memory device with associated information
US8159925B2 (en) 2005-08-05 2012-04-17 The Invention Science Fund I, Llc Limited use memory device with associated information
US7916592B2 (en) 2005-05-09 2011-03-29 The Invention Science Fund I, Llc Fluid mediated disk activation and deactivation mechanisms
US8140745B2 (en) 2005-09-09 2012-03-20 The Invention Science Fund I, Llc Data retrieval methods
US9396752B2 (en) 2005-08-05 2016-07-19 Searete Llc Memory device activation and deactivation
US7694316B2 (en) * 2005-05-09 2010-04-06 The Invention Science Fund I, Llc Fluid mediated disk activation and deactivation mechanisms
US7748012B2 (en) * 2005-05-09 2010-06-29 Searete Llc Method of manufacturing a limited use data storing device
US7512959B2 (en) * 2005-05-09 2009-03-31 Searete Llc Rotation responsive disk activation and deactivation mechanisms
US7596073B2 (en) 2005-05-09 2009-09-29 Searete Llc Method and system for fluid mediated disk activation and deactivation
US8099608B2 (en) 2005-05-09 2012-01-17 The Invention Science Fund I, Llc Limited use data storing device
US8462605B2 (en) 2005-05-09 2013-06-11 The Invention Science Fund I, Llc Method of manufacturing a limited use data storing device
US7581700B2 (en) * 2005-06-09 2009-09-01 The Boeing Company Adjustable fittings for attaching support members to fluid conduits, including aircraft fuel conduits, and associated systems and methods
US7472868B2 (en) * 2005-09-01 2009-01-06 The Boeing Company Systems and methods for controlling an aerial refueling device
US8264928B2 (en) 2006-06-19 2012-09-11 The Invention Science Fund I, Llc Method and system for fluid mediated disk activation and deactivation
US8432777B2 (en) * 2006-06-19 2013-04-30 The Invention Science Fund I, Llc Method and system for fluid mediated disk activation and deactivation
US7841539B2 (en) * 2007-02-15 2010-11-30 Alfred Hewton Smart card with random temporary account number generation
US9645757B2 (en) * 2015-03-23 2017-05-09 International Business Machines Corporation Computer memory data security
CN107341534B (en) * 2017-07-18 2020-11-24 南京唯捷豪信息科技有限公司 Electronic card anti-copy method and device and management server

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR2503423A1 (en) * 1981-03-31 1982-10-08 Flonic Sa Electronic memory for telephone prepaid transaction card - uses encoded memory to validate alteration of credit balance in on-card non-volatile memory
JPH0827756B2 (en) * 1987-04-13 1996-03-21 三菱電機株式会社 IC card

Cited By (34)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100226627A1 (en) * 1998-07-30 2010-09-09 Barton James M Multimedia Stream Processing System
US9002173B2 (en) 1998-07-30 2015-04-07 Tivo Inc. Digital security surveillance system
US10021446B2 (en) 1998-07-30 2018-07-10 Tivo Solutions Inc. Multimedia stream processing system
US9854199B2 (en) 1998-07-30 2017-12-26 Tivo Solutions Inc. Multiple outlet digital video recording system
US20030026589A1 (en) * 1998-07-30 2003-02-06 Barton James M. Smart card digital video recorder system
US20050132418A1 (en) * 1998-07-30 2005-06-16 Tivo Inc. Multimedia time warping system
US9800823B2 (en) 1998-07-30 2017-10-24 Tivo Solutions Inc. Digital security surveillance system
US8380041B2 (en) * 1998-07-30 2013-02-19 Tivo Inc. Transportable digital video recorder system
US20070166001A1 (en) * 1998-07-30 2007-07-19 Barton James M Digital security surveillance system
US8457476B2 (en) 1998-07-30 2013-06-04 Tivo Inc. Multimedia signal processing system
US9788049B2 (en) 1998-07-30 2017-10-10 Tivo Solutions Inc. Multimedia signal processing system
US9521356B2 (en) 1998-07-30 2016-12-13 Tivo Inc. Digital security surveillance system
US20090136215A1 (en) * 1998-07-30 2009-05-28 Barton James M Digital video recorder system with an integrated dvd recording device
US9264686B2 (en) 1998-07-30 2016-02-16 Tivo Inc. Tag-based menus in video streams
US20090269024A1 (en) * 1998-07-30 2009-10-29 Tivo Inc. Multimedia signal processing system
US20100142920A1 (en) * 1998-07-30 2010-06-10 Tivo Inc. Multimedia Signal Processing System
US20040013406A1 (en) * 1998-07-30 2004-01-22 Barton James M. Digital video recorder system with an integrated DVD recording device
US8965173B2 (en) 1998-07-30 2015-02-24 Tivo Inc. Multimedia stream processing system
US8824865B2 (en) 1998-07-30 2014-09-02 Tivo Inc. Digital video recorder system with an integrated DVD recording device
US8577205B2 (en) 1998-07-30 2013-11-05 Tivo Inc. Digital video recording system
US8526781B2 (en) 1998-07-30 2013-09-03 Tivo Inc. Multiple output digital video recording system
US8538241B2 (en) 1998-07-30 2013-09-17 Tivo Inc. Multimedia signal processing system
US20070230921A1 (en) * 2001-04-05 2007-10-04 Barton James M Multimedia time warping system
CN100344138C (en) * 2002-11-25 2007-10-17 费舍-柔斯芒特系统股份有限公司 Interactive two-way collaboration in process control plants
US7156291B2 (en) 2003-03-28 2007-01-02 Canon Kabushiki Kaisha Recording media discard device, recording media discard system, and contents administration method
CN100347665C (en) * 2003-03-28 2007-11-07 佳能株式会社 Recording media discard device, recording media discard system, and contents administration method
US20040188512A1 (en) * 2003-03-28 2004-09-30 Canon Kabushiki Kaisha Recording media discard device, recording media discard system, and contents administration method
EP1462988A1 (en) 2003-03-28 2004-09-29 Canon Kabushiki Kaisha Recording media discard device, recording media discard system, and contents administration method
US20040188519A1 (en) * 2003-03-31 2004-09-30 Kepler, Ltd. A Hong Kong Corporation Personal biometric authentication and authorization device
US6983882B2 (en) 2003-03-31 2006-01-10 Kepler, Ltd. Personal biometric authentication and authorization device
US8484671B1 (en) 2003-10-07 2013-07-09 The Directv Group, Inc. Receiver interface with multiple access cards
US9967534B1 (en) 2004-11-19 2018-05-08 Tivo Solutions Inc. Digital video recorder video editing system
JP2009523232A (en) * 2006-01-12 2009-06-18 マイクロラボ ピーティーワイ エルティーディー New instrumentation system and method
US20190097803A1 (en) * 2017-09-22 2019-03-28 Cubic Corporation Encrypted reverse biometric token validation

Also Published As

Publication number Publication date
US6454173B2 (en) 2002-09-24

Similar Documents

Publication Publication Date Title
US6454173B2 (en) Smart card technology
US5239166A (en) Secure data interchange system erasing a card memory upon an invalid response
EP0379333B1 (en) Secure data interchange system
US5379344A (en) Smart card validation device and method
US5267315A (en) Secret identification number checking system
EP0973125B1 (en) Method for managing security for card-type storage medium, and a card-type storage medium and a transaction apparatus therefor
Hendry Smart card security and applications
US4357529A (en) Multilevel security apparatus and method
US5214699A (en) System for decoding and displaying personalized indentification stored on memory storage device
US6957338B1 (en) Individual authentication system performing authentication in multiple steps
US20050086497A1 (en) IC card system
US20060229988A1 (en) Card settlement method using portable electronic device having fingerprint sensor
JPH02170272A (en) Collation system for secret information
JPS6265168A (en) Certification system for integrated card system
KR100654857B1 (en) Authentication smart card system and controlling method thereof using multi - biometric informations
JP2000293643A (en) Ic card and ic card information registering/collating method and its system
JPH0822517A (en) Forgery preventing system for hybrid card
JPH0750665A (en) Identity confirming device and its method
JPH11282983A (en) Individual identification method by fingerprint data
JPH09106456A (en) Personal identification method in card utilization, personal identification system using ic card and ic card used for the system
JP2009205450A (en) Biological authentication system and biological authentication device
JP2006293875A (en) Settlement system cooperating with biological authentication, and settlement terminal for ic card and ic card for use in the same
KR100520498B1 (en) Method and Apparatus of issuing Storage Medium for Authentication, and Authentication Method and Apparatus using the Storage Medium
JPS63248246A (en) Password collation system
AU651584B2 (en) Smart card validation device and method

Legal Events

Date Code Title Description
FPAY Fee payment

Year of fee payment: 4

FPAY Fee payment

Year of fee payment: 8

REMI Maintenance fee reminder mailed
LAPS Lapse for failure to pay maintenance fees
STCH Information on status: patent discontinuation

Free format text: PATENT EXPIRED DUE TO NONPAYMENT OF MAINTENANCE FEES UNDER 37 CFR 1.362

FP Lapsed due to failure to pay maintenance fee

Effective date: 20140924