WO2000019365A1 - Information card and information card system - Google Patents

Information card and information card system Download PDF

Info

Publication number
WO2000019365A1
WO2000019365A1 PCT/US1999/021663 US9921663W WO0019365A1 WO 2000019365 A1 WO2000019365 A1 WO 2000019365A1 US 9921663 W US9921663 W US 9921663W WO 0019365 A1 WO0019365 A1 WO 0019365A1
Authority
WO
WIPO (PCT)
Prior art keywords
data
information
card
information card
inherent
Prior art date
Application number
PCT/US1999/021663
Other languages
French (fr)
Inventor
Eiji Kawaguchi
Richard Eason
Kunihiro Tsuda
Original Assignee
Asa Systems, Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Asa Systems, Inc. filed Critical Asa Systems, Inc.
Priority to DE69917302T priority Critical patent/DE69917302D1/en
Priority to CA002345107A priority patent/CA2345107A1/en
Priority to US09/806,653 priority patent/US6742712B1/en
Priority to AT99948328T priority patent/ATE266886T1/en
Priority to AU61533/99A priority patent/AU6153399A/en
Priority to EP99948328A priority patent/EP1116176B1/en
Publication of WO2000019365A1 publication Critical patent/WO2000019365A1/en

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/20Individual registration on entry or exit involving the use of a pass
    • G07C9/22Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder
    • G07C9/25Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder using biometric data, e.g. fingerprints, iris scans or voice recognition
    • G07C9/253Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder using biometric data, e.g. fingerprints, iris scans or voice recognition visually

Definitions

  • the present invention relates to an information card and an information card system. More particularly, it relates to an information card for use as a credit card, a cash-ven ⁇ ing card, an ID card, etc. which employs Steganography (i.e., image data embedding, digital watermarking, information hiding, or digital picture envelope technology) , and further to an information card system employing such an information card.
  • Steganography i.e., image data embedding, digital watermarking, information hiding, or digital picture envelope technology
  • One known type of the information card is heretofore an IC card for use as, e.g., a credit card and an ID card.
  • the IC card has an IC chip mounted on a plastic plate.
  • the IC chip has either a microprocessor and a memory or a memory only.
  • the IC card with the IC chip having both of the microprocessor and the memory is what is called an IC card, whne the IC card with the IC chip having only the memory is termed as a memory card.
  • the IC card for use as the credit card carries on its plastic plate surface the name of the card owner and the card number.
  • the memory (ROM) in the IC chip stores an authentication program, a password, and so on. In some cases, the authentication program and the password for use by the authentication program are encrypted for protection against unauthorized access.
  • Another object of the present invention is to provide an information card, which can completely be prevented from being illegally used, and an information card system.
  • the present invention as defined in claim 1 provides an information card including a memory that stores information data, the information data including either image data or acoustic data, the improvement wherein the information data contains inherent data that is embedded in the information data according to Steganography.
  • the information card may take a physical form as, e.g., an IC card or an optical card.
  • the present invention as defined in claim 2 provides an information card according to claim 1, wherein the inherent data shows either the legitimacy or card owner of the information card.
  • the present invention as defined in claim 3 provides an information car ⁇ according to claim 1 or 2, wherein the memory stores a password for permitting the information data to De read from tne memory.
  • the present invention as defined m claim 4 provides an information card according to any one of claims 1 to 3, wherein the information card employs a customized key m order to ⁇ ive a permission to extract the inherent data from the information data.
  • the customized key is data to control a flow of either an embedding program (encoder program) or an extracting program (decoder program) .
  • the customized key can be designed to allow only a legitimate card owner and authorized user of the information card to be aware of the customized key.
  • the present invention as defined m claim 5 provides an information card system comprising: an information card including a memory that stores information data, the information data including either image data or acoustic data, the information data containing inherent data that is embedded m tne information data according to Steganography, the memory storing a password for permitting the information data to be read from tne memory; and, a data processing terminal including input means for submitting a password, password checking means for checking the submitted password agaxnst the password stored m the information card to permit the information data to be read from the memory, and output means for outputtmg the read information data.
  • the data processing terminal can exchange data with the information card oy wire or wireless (m a contact or non-contact manner) .
  • the present invention as defined m claim 6 provides an information card system comprising: an information card including a memory that stores information data, the information data including either image data or acoustic data, tne information data containing inherent data that is embedded m the information data according to Steganography; and, a data processing terminal including input means for submitting a customized key, inherent data extracting means for extracting the inherent data with the use of the submitted customized Key, and output means for outputtmg the extracted inherent data.
  • Tne present invention as defined m claim 7 provides an information card system according to claim 6, wherein tne memory stores a password for permitting the information data to be read from tne memory, and wherein the data processing terminal includes input means for submitting a password, password checking means for checking the submitted password against the password stored m the information card to permit the information data to be read from the memory, and output means for outputtmg the read information data.
  • claim 8 provides an information card system according to any one of claims 5 to 7, wherein the extracted inherent data is wholly or partly checked against either inherent data read from a host or inherent data entered from an external source.
  • the present invention as defined in claim 9 provides an information card or an information card system according to any one of claims 1 to 8, wherein the inherent data is embedded according to Steganography by the steps of converting either image data or acoustic data, both formed as information data, to pure binary code data, or converting the pure binary code data to canonical gray code data, decomposing either the pure binary code data or the canonical gray code data into bit planes, segmenting the bit planes into regions according to a complexity measure, and replacing complex region- orming data with the inherent data.
  • the present invention as defined in claim 10 provides an information card or an information card system according to claim 9, wherein the inherent data to be embedded is subject to a conjugation operation.
  • the present invention as defined in claim 11 provides an information card or an information card system according to any one of claims 1 to 10, wherein the memory comprises an IC chip.
  • the present invention as defined in claim 12 provides an information card or an information card system according to any one of claims 1 to 11, wherein the information card carries a photograph on a surface thereof, and either the information data or the inherent data is image data representing tne photograph.
  • the information card contains the information data m the memory.
  • Tne information data includes either image data or the acoustic data.
  • the inherent data is embedded m the information data according to stegnanography .
  • the information data may be of such a size as to allow the inherent data to be embedded therein according to Steganography .
  • the inherent data shows either the legitimacy of the information card or the card owner of the information card.
  • the ⁇ nherent data is referred, it is easy to confirm and verify the legitimacy of the information card (, i.e., to check for card forgery or modification) . In addition, it is possible to hide the presence of such legitimacy data and card owner data.
  • the memory contains the password for allowing the information data to oe read from the memory
  • password checking can allow the information data to be read therefrom. Accordingly, the security of the stored information data can be made high.
  • tne use of the customized key enables the inherent data to be extracted from tne information data.
  • the customized key is not stored m the information card, and hence can be made highly safe because this Key cannot be stolen.
  • the information card contains the information data.
  • the information data has the inherent data embedded therein according to Steganography.
  • the information card further stores a password for permitting the information data to be read from the memory.
  • the data processing terminal checks a submitted password against the password stored m the information card. Wnen tne submitted password identifies with the stored password, then the data processing terminal permits the information data to be read from the information card, and then outputs such retrieved information data. For example, the read information data is displayed on a display unit, outputted as sounds, or transmitted as electronic data through a communication line.
  • the information data stored m the information card is protected against retrieval therefrom by password checking o ⁇ cause no unauthorized persons are allowed to access it.
  • the information card retains the information data and the inherent data.
  • the data processing terminal extracts the inherent data from tne information data oy means of a submitted customized key.
  • the data processing terminal permits the inherent data to be extracted only when the submitted customized key is a legitimate customized key.
  • the information card system provides a high level of security.
  • the information card contains the password other than the information data (the mnerent data) .
  • Tne data processing terminal protects the information data by password, and further protects tne inherent data by customized key. As a result, the mnerent data is protected against extraction by double protection scheme.
  • the inherent data is read from the host and put into the data processing terminal, or is submitted from the external source into the data processing terminal .
  • the read or submitted inherent data is wholly or partly checked against the inherent data that is contained m the information card.
  • the information card is possible to wor as it is programmed. For example, it can function as a credit card.
  • the information card system provides triple security, making it possible to eliminate forgery and illegal use.
  • the inherent data is embedded according to Steganography by the steps of converting the information data to pure binary code data, or converting the pure binary code data to canonical gray code data, decomposing the pure binary code data or the canonical gray code data into bit planes, and segmenting the bit planes into regions according to a complexity measure, and replacing complex region-forming data with the produced inherent data.
  • the memory of the information card stores information data that has the inherent data embedded therein.
  • tne mnerent data is hidden so that the third parties are unaware of tne presence of the inherent data.
  • the memory of the information card includes an IC chip.
  • an information card which serves as, what _s called, either a memory card or an IC card, and a system of such an information card.
  • an inexpensive card reader/writer can be provided as the data processing terminal.
  • the information card carries a photograph on the card surface thereof.
  • the information data or the inherent data represents the photograph.
  • image data is output and displayed, then such data can be checked against the photograph. This makes tne information card highly secure.
  • FIG. 1 is a olock diagram, showing the concept of the system according to the present invention.
  • the information card system includes an information card, a data processing terminal for exchanging data with the information card, and a host computer for exchanging data with the data processing terminal.
  • the information card has a memory for storing data.
  • the memory contains information data and a password.
  • the information data has inherent data embedded therein by a steganographic process.
  • the data processing terminal has input means, output means, password checking means, and inherent data extracting means .
  • the data processing terminal can read the information data by password checking. It can also extract the inherent data using a customized key. As a result, when the information card is used as a credit card, it is possible to completely eliminate the illegal use of the information card by any person other than the legitimate card owner. Further, it is also possible to completely eliminate illegal use of a forged information card. [0030]
  • the BPCS-Steganography (Bit-Plane Complexity Segmentation Steganography) is a process of replacing (embedding) a random pattern of image data with secret data, in view of the complexity (randomness) of a binary pattern on a "bit plane" that is obtained, e.g., by slicing the image data into bits.
  • a hiding capacity of a conventional steganographic process is in the range of 5 to 10%
  • the BPCS-Steganography has a hiding capacity of about 50% or up to some 70 in some cases. Therefore, the BPCS-Steganography is capable of nidmg with a very hign hiding capacity.
  • the BPCS-Steganography is based on the following four basic ideas:
  • Bit-plane decomposition is executed on a pure binary coded (PBC) image data or a “canonical gray coded (CGC) image converted from the PBC image data.
  • PBC binary coded
  • CGC canonical gray coded
  • a bit plane is segmented according to tne "complexity measure" of a binary pattern, and a complex pattern (random pattern) is replaced by the secret data (i.e., the secret data is hidden). The secret data thus hidden is completely unnoticeable for human eyes.
  • Files to be emoedded are subject to a "conjugation operation", so that any types of files can be embedded.
  • the algorithm of BPCS-Steganography (encoder and decoder programs! can be customized differently to different users.
  • the customized BPCS-Steganography algorithm establishes the security of emoedded information with the use of a "customized key” that is different from the password.
  • ⁇ t can hide with a large hiding capacity. This feature is applicable to the following:
  • the information card system employs a steganographic card which has an IC memory mounted on a conventional card (with a photograph of the card owner thereon) .
  • the IC memory has a storage capacity of 8 KB or more.
  • the steganographic card is used as follows :
  • the IC memory stores the data of the photograph of the card owner. In order to read this data, the password for the card must be submitted to a card reader.
  • the data of the photograph of the card owner contains personal data regarding the card owner (e.g., fingerprints, a personal history, data of relatives, data of hobbies, etc.) .
  • the personal data is embedded according to the BPCS-Steganography.
  • the customized key is defined as follows:
  • each security confirmation level is as follows :
  • Level 1 Visual checking of the card user against the photograph on the card ( order to prevent stolen or found cards from being illegally used) .
  • Level 2 Requesting the car ⁇ user to submit the 'password' , and visually cnecking the photograph data displayed on the display unit against the photograph on the card ( order to prevent photographs on cards from being forged) .
  • Level 3 Requesting the car ⁇ user to submit the "private key”, combining the private key with the "company key” that is sent on-line from the card company, and confirming whether tne personal data embedded according to the BPCS- Steganography can be extracted ( m order to prevent cards from being forged as a whole) .
  • hiding and extraction or information according to the BPCS-Steganography will be described below.
  • a noiselike area does not appreciably affect the visual appearance to the viewer even if the data therein is replaced with other noise-like data. This phenomenon allows us to replace noise-like areas in a natural image with secret data. Since a criterion to determine whether the noise-like areas varies depending upon the natural image, it is necessary to establish a suitable threshold value for each natural image data.
  • the area is decided as an area for secret data hiding or embedding.
  • the secret data file may be first divided into small file segments with " x 2 " size (i.e., 2 1 x 2 r pixel size), and then those small file segments may be embedded successively in noise-like areas of the same size in the image.
  • x 2 size
  • the small file segments having less complexity value than the threshold ⁇ TH are converted to more complex segments by a conjugation operation described below.
  • Such a process makes it possible to embed any secret files in images .
  • W is defined as a pattern where all pixels are white.
  • B is taken as a pattern where all pixels are blac.
  • Wc is viewed as a checkerboard pattern where the leftmost pixel the uppermost pixel row is white.
  • Be is taken as a checkerboard pattern where the leftmost pixel m the uppermost pixel row is black.
  • the binary image P is regarded as an image with a foreground area having the pattern B and a background area having the pattern W.
  • the "conjugated image" P* of the image P is defined as follows:
  • a process for producing a conjugated image is referred to as a conjugation operation.
  • the conjugated image P* is characterized as follows:
  • the foreground area is identical n shape to the foreground area of tre image P.
  • Tne foreground area has the checkerboard pattern Be.
  • Tne background area has the checkerboard pattern Wc .
  • Tne image P and the conjugated image P* have one-to-one correspondence.
  • the image P and the conjugated image P* satisfy the following properties:
  • the property (c) indicates that a simple image can pe converted to a complex image or vise versa without losing its shape information. It is also possible to restore the original image from the converted image because of the property (a) .
  • the BPCS-Steganography proposed by the present application includes the following five steps:
  • a natural image of 2 V' x 2 , N bits/pixel is converted to an N-bit gray code image. This conversion step is based on the study by Eij i Kawaguchi etal. of binary images produced by bit-plane decomposition and their complexity.
  • the gray code image generated in Step 1 is segmented into N binary images by bit-plane decomposition.
  • Each of the N binary images is divided into partial images each having a size of 2 1 " x 2 : .
  • the nth bit-plane image can be expressed by:
  • the nth "conjugation map” can be expressed as follows: where each of Q- , Q ', •••, Q t ' y - r ⁇ has a value of "0" or "1.” The value of "1" represents an area where the conjugation operation is applied. The value of "0" represents an area where the conjugation operation is not applied.
  • Embedded data (expressed by E) includes a header, a body, and a pad.
  • the header indicates a data size of the body.
  • the body represents secret data (e.g., a secret image) which is embedded.
  • the pad serves to shape the embedded data into the size of 2 n x 2 P
  • the partial bit series E. is corresponded to a square area of 2 x 2 " ', bit by bit, based on the principle of raster scanning, then a binary image of 2 ' x 2 " can be generated.
  • the generated binary image is represented by makeS(E- j ) .
  • the N-bit gray code image is reconstructed from the N binary images where the secret data is embedded.
  • the secret data embedded an image may be recover by the above algorithm being reversed. In order to recover the secret data from the embedded image, it is necessary to know the threshold ⁇ ⁇ and the conjugation map. [0035]
  • FIG. 2 is a block diagram, showing the concept of the IC card system.
  • FIG. 3 is a block diagram, illustrating a schematic structure of an IC card and an IC card reader/writer m the ID card system.
  • FIG. 4 is a block diagram, illustrating a ⁇ otner structural example of an IC card.
  • FIGS. 5 and 6 are flowcharts, showing programs to be executed m the ID card system .
  • an IC card 100 as an information card is capable of exchanging data with an IC card reader/writer (data processing terminal) 200.
  • the IC card reader/writer 200 can exchange data on-line with, e.g., a host computer 300 at a credit card company.
  • the IC card reader/writer 200 may be equipped with a ⁇ isplay unit 210 (display means) and an input means 220 (such as a mouse and a keyboard) .
  • the IC car ⁇ reader/writer 200 includes a CPU to execute arithmetic operation processing, a data memory for storing data, a program memory for storing programs, a buffer memory, the keyboard for entering data, a display unit for displaying results of the arithmetic operation processing, an interface for controlling data exchange ⁇ with the IC card, and a power supply.
  • the IC card reader/writer 200 is able to read data from ana write data tne IC card 100.
  • the CPU executes encrypting and decrypting processes and an authentication process.
  • the program memory stores application programs.
  • the IC card 100 nas an interface, a CPU, a program memory, and a data memory. Tne power supply of the IC card reader/writer 200 supplies electric power to the IC card 100.
  • the program memories and the data memories are nonvolatile types. These nonvolatile memories include EEPROMs that is electrically erasable, or static RAMs that is backed up by a battery.
  • FIG. 4 snows another structural exampie of an IC card. More specifically, the IC card includes a CPU, a PROM for storing data, and a connector for connection to an external device (an IC card reader/writer) .
  • the CPU includes a control unit, an arithmetic unit, a ROM, and a RAM.
  • the IC card includes an IC chip that is mounted on a plastic plate member.
  • the plastic plate member carries the name of the car ⁇ owner, the card number, and an expiration date, all of which are embossed on a surface thereof.
  • the IC cnip stores, in a memory thereof having a storage capacity of 8 KB or more, password data, digital image data of the card owner's photograph, or digital acoustic data (information data) .
  • the information data contains personal data of the card owner (e.g., fingerprints), a photograph of the card owner, and part of the personal data (digital signature image data), all of which are embedded according to the BPCS-Steganography.
  • the IC card system enables both visual verification of the card user and mechanical authentication of the IC card at one time. People cannot perceive any secret present m the IC card. Even if someone suspects some secrete data as being present the IC car ⁇ , tney cannot extract such an embedded ⁇ ata from the IC card.
  • the IC card may hide digital data or authentication data. The IC card system can properly read out such hidden authentication data from the IC card, and properly can embed the same data therein. [ 0039 ]
  • FIG. 5 shows a process (encoder program) in which data is stored in the IC card according to Steganography.
  • the card owner's photograph data (including indexed photograph data) is produced in order to be written to the IC card memory (8KB or more) .
  • the produced photograph data is saved as a bit map file.
  • the photograph data is set in size to be some 75% of the IC card memory.
  • the above photograph data is produced from the photograph data of the IC card owner.
  • personal authentication data (text data) is produced and then saved in order to be embedded in the photograph data.
  • the text data is set in size to occupy some 10% of the photograph data.
  • Both of the photograph data and the authentication data are selected and displayed.
  • the photograph data for the IC card is converted to pure binary code (PBC) data.
  • PBC binary code
  • the photograph data thus converted to the PBC data is then converted to canonical gray code (CGC) data.
  • CGC canonical gray code
  • the photograph data thus converted to the CGC data is decomposed into bit planes (i.e., into N binary images) .
  • the personal authentication data (text data) is embedded in the bit-plane-decomposed photograph data.
  • the personal authentication data is embedded according to the above algorithm, using a customized key (which consists of, e.g., 24 digits of data).
  • the photograph data having the embedded text data therein is then re-converted to PBC data.
  • the photograph data for use m the IC card is produced and then saved.
  • the IC card is inserted into the IC card reader/writer, and then any one of the photograph data is selected. Then, the selected photograph data is transferred and saved m the IC card memory. In order to protect the saved photograph data, a password is set and saved m the IC card memory.
  • the password consists of, e.g., 4 digits of data.
  • the IC card (for use as, e.g., an identification card) is now completed. Thereafter, a photograph of the card owner is printed out on tne plastic plate surface of the IC card.
  • FIG. 6 shows part of an decoder program.
  • the IC card is inserted into the IC card reader/writer. Then, the IC card reader/writer starts an initializing process m order to execute an authentication flow. Next, a password is s ⁇ omitted from a keyboard into the IC card reader/writer. The IC card reader/writer compares the submitted password with the stored password m the memory on the IC card. When the submitted password identifies with the stored password, then the IC card reader/writer reads the photograph data (information data) stored the IC card memory, and displays it on the display unit. When the displayed photograph data indicates a photograph of the card owner, then the displayed photograph ..s visually checked against the photograph printed on the IC card surface and against the card user himself.
  • a customized key is submitted.
  • the customized key is used to embed the personal authentication data.
  • the customized key is known only to the legitimate card owner.
  • the customized key is not stored the IC card memory.
  • the customized key works as parameters to control over embedding and extracting of the inherent data.
  • the inherent data is extracted from tne information data only when the customized key submtte ⁇ to extract the inherent data identifies with parameters that are used for embedding.
  • the photograph data (information data) read from the IC card memory is converted to pure binary code (PBC) data, and then the photograph data thus converted to the PBC ⁇ ata is converted to canonical gray code (CGC) data.
  • the CGC data of the photograph is decomposed into bit-planes.
  • the personal authentication data is extracted f om the photograph data already decomposed into the bit-planes, using the customized key.
  • the embedde ⁇ personal authentication data (text data) is extracted from the pnotograph data, and is then displayed.
  • the IC card system is designed to execute password checking after visually checking is made as to whether a card user is an authorized card owner, and then to allow the photograph data to be read from the IC card memory and the pnotograph image to be displayed on the basis of the photograph data.
  • the displayed photograph image is compared with the photograph printed on the IC card, thereby checking the legitimacy of the IC card.
  • the personal authentication data is extracted from the photograph data using a customized key.
  • the extracted data is then displayed.
  • the displayed personal data is compared with the card user' s personal data, thereby confirming that the presented IC card is a legitimate card.
  • apparent image data contains other image data, acoustic data, and text data, all of which are present a visually imperceptible manner. These embedded data are checked to confirm that the card user and the card are both legitimate.
  • the inherent data is possible to verify the legitimacy of the information card. It is possible to hide the presence of the legitimacy data and the card owner data.
  • the password enables protection of the information data, with a consequential increase m security of the card.
  • the customized key can protect the inherent data.
  • the information data can be protected against retrieval by password checking [0047]
  • the information card can be prevented from being illegally used by means of the password and customized key.
  • the mnerent data is embedded according to stegnanography, and is thus difficult to decrypt .
  • the inherent data can securely be hidden.
  • an information card which works as a memory card or an IC card, and a system of such an information car ⁇ .
  • an inexpensive card reader/writer can De provided.
  • the image data can pe checked against the photograph.
  • the photograph can be prevented from being forged. 4. BRIEF EXPLANATION OF THE DRAWINGS
  • FIG. 1 is a bloc diagram, illustrating how an information card system according to the present invention functions
  • FIG. 2 is a block diagram, showing an information card system according to an embodiment of the present invention.
  • FIG. 3 is a block diagram, showing how the information card system according to the embodiment is electrically constructed
  • FIG. 4 is a block diagram, illustrating how an information card according to the embodiment is electrically constructed
  • FIG. 5 is a flowchart, showing an embedding process (encoder program) in the information card system according to the embodiment
  • FIG. 6 is a flowchart, showing an authentication process (decoder program) in the information card system according to the embodiment.
  • FIGS. 7(A) to 7(F) are simulative illustrations illustrative of a conjugation operation according to the present invention. [Identification of Reference Numerals]

Abstract

An information card system that eliminates forgery and illegal use of a card is proposed. An information card stores information data in a memory thereof. The information data contains inherent data embedded therein according to Steganography. The information card also stores a password for permitting the information data to be read from the memory. A data processing terminal checks a submitted password against the stored password, and permits the information data to be read from the memory when the passwords identify with each other. A customized key is submitted to extract the inherent data. The inherent data is permitted to be extracted only when submitted customized key is legitimate. The information card system is possible to both hide the presence of the inherent data and prevent unauthorized extraction of the inherent data because any unauthorized person is unaware of the customized key. Thus, the information card system provides a high level of security.

Description

SPECIFICATION 1. TITLE OF THE INVENTION
INFORMATION CARD AND INFORMATION CARD SYSTEM
2. DETAILED DESCRIPTION OF THE INVENTION
[0001] [Technical Field to which the Invention Pertains]
The present invention relates to an information card and an information card system. More particularly, it relates to an information card for use as a credit card, a cash-venαing card, an ID card, etc. which employs Steganography (i.e., image data embedding, digital watermarking, information hiding, or digital picture envelope technology) , and further to an information card system employing such an information card.
[0002] [Prior Art]
One known type of the information card is heretofore an IC card for use as, e.g., a credit card and an ID card.
The IC card has an IC chip mounted on a plastic plate. The IC chip has either a microprocessor and a memory or a memory only. The IC card with the IC chip having both of the microprocessor and the memory is what is called an IC card, whne the IC card with the IC chip having only the memory is termed as a memory card.
The IC card for use as the credit card carries on its plastic plate surface the name of the card owner and the card number. The memory (ROM) in the IC chip stores an authentication program, a password, and so on. In some cases, the authentication program and the password for use by the authentication program are encrypted for protection against unauthorized access.
[0003] [Problems to be Solved by the Invention]
However, such conventional IC cards do not have a sufficient level of security. More specifically, there have been cases wnere someone illegally obtains the password or decodes the encrypted data, and thereby illegally use the IC card. In addition, attempts have been made to forge the IC card as a whole. The use of such a forged IC card cannot be prevented once the password is obtained.
[0004] [Objects of the Invention]
It is therefore an object of the present invention to provide an information card, which can completely be prevented from being forged, and an information card system.
Another object of the present invention is to provide an information card, which can completely be prevented from being illegally used, and an information card system.
[0005] [Means for Solving the Problems]
The present invention as defined in claim 1 provides an information card including a memory that stores information data, the information data including either image data or acoustic data, the improvement wherein the information data contains inherent data that is embedded in the information data according to Steganography. The information card may take a physical form as, e.g., an IC card or an optical card. [0006]
The present invention as defined in claim 2 provides an information card according to claim 1, wherein the inherent data shows either the legitimacy or card owner of the information card. [0007]
The present invention as defined in claim 3 provides an information carα according to claim 1 or 2, wherein the memory stores a password for permitting the information data to De read from tne memory.
[0008]
The present invention as defined m claim 4 provides an information card according to any one of claims 1 to 3, wherein the information card employs a customized key m order to σive a permission to extract the inherent data from the information data. The customized key is data to control a flow of either an embedding program (encoder program) or an extracting program (decoder program) . The customized key can be designed to allow only a legitimate card owner and authorized user of the information card to be aware of the customized key.
[0009]
The present invention as defined m claim 5 provides an information card system comprising: an information card including a memory that stores information data, the information data including either image data or acoustic data, the information data containing inherent data that is embedded m tne information data according to Steganography, the memory storing a password for permitting the information data to be read from tne memory; and, a data processing terminal including input means for submitting a password, password checking means for checking the submitted password agaxnst the password stored m the information card to permit the information data to be read from the memory, and output means for outputtmg the read information data. The data processing terminal can exchange data with the information card oy wire or wireless (m a contact or non-contact manner) .
[0010]
The present invention as defined m claim 6 provides an information card system comprising: an information card including a memory that stores information data, the information data including either image data or acoustic data, tne information data containing inherent data that is embedded m the information data according to Steganography; and, a data processing terminal including input means for submitting a customized key, inherent data extracting means for extracting the inherent data with the use of the submitted customized Key, and output means for outputtmg the extracted inherent data.
[0011]
Tne present invention as defined m claim 7 provides an information card system according to claim 6, wherein tne memory stores a password for permitting the information data to be read from tne memory, and wherein the data processing terminal includes input means for submitting a password, password checking means for checking the submitted password against the password stored m the information card to permit the information data to be read from the memory, and output means for outputtmg the read information data.
[0012]
The present invention as defined m claim 8 provides an information card system according to any one of claims 5 to 7, wherein the extracted inherent data is wholly or partly checked against either inherent data read from a host or inherent data entered from an external source.
[0013]
The present invention as defined in claim 9 provides an information card or an information card system according to any one of claims 1 to 8, wherein the inherent data is embedded according to Steganography by the steps of converting either image data or acoustic data, both formed as information data, to pure binary code data, or converting the pure binary code data to canonical gray code data, decomposing either the pure binary code data or the canonical gray code data into bit planes, segmenting the bit planes into regions according to a complexity measure, and replacing complex region- orming data with the inherent data.
[0014]
The present invention as defined in claim 10 provides an information card or an information card system according to claim 9, wherein the inherent data to be embedded is subject to a conjugation operation.
[0015]
The present invention as defined in claim 11 provides an information card or an information card system according to any one of claims 1 to 10, wherein the memory comprises an IC chip.
[0016]
The present invention as defined in claim 12 provides an information card or an information card system according to any one of claims 1 to 11, wherein the information card carries a photograph on a surface thereof, and either the information data or the inherent data is image data representing tne photograph.
[0017] [Mode of Operation]
In the present invention as defined m claim 1, the information card contains the information data m the memory. Tne information data includes either image data or the acoustic data. The inherent data is embedded m the information data according to stegnanography .
As a result, even if a third party is able to read the information data from the information card, since the inherent data is hidden m the information data according to Steganography, the third party cannot recognize the presence of the inherent data (secret data) . Thus, it is possible to provide the information card witn a hign level of security.
The information data may be of such a size as to allow the inherent data to be embedded therein according to Steganography . [0018]
In the present invention as defined m claim 2, the inherent data shows either the legitimacy of the information card or the card owner of the information card.
Once the ±nherent data is referred, it is easy to confirm and verify the legitimacy of the information card (, i.e., to check for card forgery or modification) . In addition, it is possible to hide the presence of such legitimacy data and card owner data.
[0019]
In the present invention as defined m claim 3, since the memory contains the password for allowing the information data to oe read from the memory, password checking can allow the information data to be read therefrom. Accordingly, the security of the stored information data can be made high.
[0020]
In the present invention as defined m claim 4, tne use of the customized key enables the inherent data to be extracted from tne information data. The customized key is not stored m the information card, and hence can be made highly safe because this Key cannot be stolen.
[0021]
In the present invention as defined m claim 5, the information card contains the information data. The information data has the inherent data embedded therein according to Steganography. The information card further stores a password for permitting the information data to be read from the memory. The data processing terminal checks a submitted password against the password stored m the information card. Wnen tne submitted password identifies with the stored password, then the data processing terminal permits the information data to be read from the information card, and then outputs such retrieved information data. For example, the read information data is displayed on a display unit, outputted as sounds, or transmitted as electronic data through a communication line.
As a consequence, the information data stored m the information card is protected against retrieval therefrom by password checking oεcause no unauthorized persons are allowed to access it. [0022]
In the present invention as defined claim 6, the information card retains the information data and the inherent data.
The data processing terminal extracts the inherent data from tne information data oy means of a submitted customized key. The data processing terminal permits the inherent data to be extracted only when the submitted customized key is a legitimate customized key.
Therefore, even if a third party is aware of the presence of tne embedded mnerent data, the third party can be prevented from extracting the mnerent data because the third party does not know the customized key, and further cannot randomly submit any Key that is identical to the legitimate customized key . Accordingly, the information card system provides a high level of security. [0023]
In the present invention as defined m claim 7, the information card contains the password other than the information data (the mnerent data) . Tne data processing terminal protects the information data by password, and further protects tne inherent data by customized key. As a result, the mnerent data is protected against extraction by double protection scheme.
[0024]
In the invention as defined m claim 8, the inherent data is read from the host and put into the data processing terminal, or is submitted from the external source into the data processing terminal . The read or submitted inherent data is wholly or partly checked against the inherent data that is contained m the information card. When these inherent data identify with one anotner, then the information card is possible to wor as it is programmed. For example, it can function as a credit card.
As a consequence, the information card system provides triple security, making it possible to eliminate forgery and illegal use.
[0025]
In the present invention as defined claim 9, the inherent data is embedded according to Steganography by the steps of converting the information data to pure binary code data, or converting the pure binary code data to canonical gray code data, decomposing the pure binary code data or the canonical gray code data into bit planes, and segmenting the bit planes into regions according to a complexity measure, and replacing complex region-forming data with the produced inherent data. As a result, the memory of the information card stores information data that has the inherent data embedded therein. In addition, tne mnerent data is hidden so that the third parties are unaware of tne presence of the inherent data.
[0026] In tne present invention as defined m claim 10, the inherent data to be embedded is subject to a conjugation operation. As a result, various files can be embedded. [0027]
In the present invention as defined m claim 11, the memory of the information card includes an IC chip. As a consequence, it is possible to build an information card, which serves as, what _s called, either a memory card or an IC card, and a system of such an information card. In this case, an inexpensive card reader/writer can be provided as the data processing terminal. [0028]
In tne present invention as defined m claim 12, the information card carries a photograph on the card surface thereof. The information data or the inherent data represents the photograph. When image data is output and displayed, then such data can be checked against the photograph. This makes tne information card highly secure.
[00029] [Mode for Executing the Invention]
An information card system according to an embodiment of the present invention will now be described.
FIG. 1 is a olock diagram, showing the concept of the system according to the present invention. More specifically, the information card system includes an information card, a data processing terminal for exchanging data with the information card, and a host computer for exchanging data with the data processing terminal. The information card has a memory for storing data. The memory contains information data and a password. The information data has inherent data embedded therein by a steganographic process. The data processing terminal has input means, output means, password checking means, and inherent data extracting means .
According to the information card system, the data processing terminal can read the information data by password checking. It can also extract the inherent data using a customized key. As a result, when the information card is used as a credit card, it is possible to completely eliminate the illegal use of the information card by any person other than the legitimate card owner. Further, it is also possible to completely eliminate illegal use of a forged information card. [0030]
Since the inherent data is embedded in the information data according to Steganography (BPCS- Steganography) , it is possible to eliminate the card forgery and the inherent data extraction oy unauthorized persons.
The BPCS-Steganography (Bit-Plane Complexity Segmentation Steganography) is a process of replacing (embedding) a random pattern of image data with secret data, in view of the complexity (randomness) of a binary pattern on a "bit plane" that is obtained, e.g., by slicing the image data into bits. Whereas a hiding capacity of a conventional steganographic process is in the range of 5 to 10%, the BPCS-Steganography has a hiding capacity of about 50% or up to some 70 in some cases. Therefore, the BPCS-Steganography is capable of nidmg with a very hign hiding capacity.
The BPCS-Steganography is based on the following four basic ideas:
(1) Bit-plane decomposition is executed on a pure binary coded (PBC) image data or a "canonical gray coded (CGC) image converted from the PBC image data. (2) A bit plane is segmented according to tne "complexity measure" of a binary pattern, and a complex pattern (random pattern) is replaced by the secret data (i.e., the secret data is hidden). The secret data thus hidden is completely unnoticeable for human eyes. (3) Files to be emoedded are subject to a "conjugation operation", so that any types of files can be embedded. (4) The algorithm of BPCS-Steganography (encoder and decoder programs! can be customized differently to different users. The customized BPCS-Steganography algorithm establishes the security of emoedded information with the use of a "customized key" that is different from the password.
The most advantageous feature of the BPCS- Steganography is that ±t can hide with a large hiding capacity. This feature is applicable to the following:
(A) Others do not become aware of that some secret data is embedded. It is also impossible to see any difference between a secrete data-embedded image and a non-embedded image. (B) Even if someone suspects that secrete data might be embedded, he is unable to know, without a customized key, where and how the secret data can be extracted. [0031]
The information card system according to the present invention employs a steganographic card which has an IC memory mounted on a conventional card (with a photograph of the card owner thereon) . The IC memory has a storage capacity of 8 KB or more. The steganographic card is used as follows :
(1) The IC memory stores the data of the photograph of the card owner. In order to read this data, the password for the card must be submitted to a card reader.
(2) The data of the photograph of the card owner contains personal data regarding the card owner (e.g., fingerprints, a personal history, data of relatives, data of hobbies, etc.) . The personal data is embedded according to the BPCS-Steganography.
(3) In order to extract the embedded information and display the extracted information on a display unit, it is necessary to submit a correct customized key. The customized key is defined as follows:
(a) Only the card owner knows a portion of the customized key (a private key) .
(b) The remaining portion of the customized key (a company key) is strictly and confidentially managed only by the card company. Only when the card company receives an on-line request for the company key from a facility (shop) where the card is used, the card company encrypts the company key and sends the encrypted company key to the facility. In order to recover the embedded information, the private and company keys must be combined together.
(c) The card owner is unaware of the company key, whι_e the card company is unaware of the private key.
In the information card system according to the present invention, there are four levels of security confirmation as to both a legitimate card owner and a legitimate card. Each security confirmation level is as follows :
(Level 1) Visual checking of the card user against the photograph on the card ( order to prevent stolen or found cards from being illegally used) .
(Level 2) Requesting the carα user to submit the 'password' , and visually cnecking the photograph data displayed on the display unit against the photograph on the card ( order to prevent photographs on cards from being forged) .
(Level 3) Requesting the carα user to submit the "private key", combining the private key with the "company key" that is sent on-line from the card company, and confirming whether tne personal data embedded according to the BPCS- Steganography can be extracted ( m order to prevent cards from being forged as a whole) .
(Level 4^ Checking of the card user against the legitimate card owner based on the embedded personal data (e.g., fingerprints) (in order to prevent the legitimate card owner from renting the card to others) . [0033] hiding and extraction or information according to the BPCS-Steganography will be described below. On the bit planes of a natural image, a noiselike area does not appreciably affect the visual appearance to the viewer even if the data therein is replaced with other noise-like data. This phenomenon allows us to replace noise-like areas in a natural image with secret data. Since a criterion to determine whether the noise-like areas varies depending upon the natural image, it is necessary to establish a suitable threshold value for each natural image data.
When a binary image is analyzed by the local area of 2r' x 2"1 (normally m = 3), and some area has a complexity measure value α which satisfies:
CCTH < oc (where αTπ represents a threshold) , then the area is decided as an area for secret data hiding or embedding.
In order to embed a secret data file in a natural image, the secret data file may be first divided into small file segments with " x 2" size (i.e., 21 x 2r pixel size), and then those small file segments may be embedded successively in noise-like areas of the same size in the image. However, not all small file segments have a complexity value greater than αTh. The small file segments having less complexity value than the threshold αTH are converted to more complex segments by a conjugation operation described below. Such a process makes it possible to embed any secret files in images . However, in order to recover all parts of the embedded secret files, it is necessary to save the "conjugation map" which indicates the conjugated segment areas.
Now, assume that a white pixel has a value of 0, but a black pixel has a value of 1. Pis assumed as an arbitrary binary image having white background. W is defined as a pattern where all pixels are white. B is taken as a pattern where all pixels are blac. Wc is viewed as a checkerboard pattern where the leftmost pixel the uppermost pixel row is white. Be is taken as a checkerboard pattern where the leftmost pixel m the uppermost pixel row is black. (See FIG. 7.) The binary image P is regarded as an image with a foreground area having the pattern B and a background area having the pattern W. On the basis of the above assumption, the "conjugated image" P* of the image P is defined as follows:
P = PθWc where θ represents an exciUsive-OR operation on each pixel.
A process for producing a conjugated image is referred to as a conjugation operation. The conjugated image P* is characterized as follows:
(1) The foreground area is identical n shape to the foreground area of tre image P.
(2) Tne foreground area has the checkerboard pattern Be.
(3) Tne background area has the checkerboard pattern Wc .
Tne image P and the conjugated image P* have one-to-one correspondence. The image P and the conjugated image P* satisfy the following properties:
(a) (P*) * = p
(b) P* ≠ P
(c) α(P*) = 1 - α(P) where "α(P)" represents complexity of the image P.
The most important of the properties (a) through (c) is the property (c) . The property (c) indicates that a simple image can pe converted to a complex image or vise versa without losing its shape information. It is also possible to restore the original image from the converted image because of the property (a) .
The BPCS-Steganography proposed by the present application includes the following five steps:
Step 1
A natural image of 2V' x 2 , N bits/pixel is converted to an N-bit gray code image. This conversion step is based on the study by Eij i Kawaguchi etal. of binary images produced by bit-plane decomposition and their complexity.
Step 2
The gray code image generated in Step 1 is segmented into N binary images by bit-plane decomposition.
Step 3
Each of the N binary images is divided into partial images each having a size of 21" x 2: . The partial images are represented by P ; i = 1, 2, •••, 4X~ . The nth bit-plane image can be expressed by:
I; = I P] , P.' , '"/ P<S M-!r J
Similarly, the nth "conjugation map" can be expressed as follows:
Figure imgf000020_0001
where each of Q- , Q ', •••, Qt' y- has a value of "0" or "1." The value of "1" represents an area where the conjugation operation is applied. The value of "0" represents an area where the conjugation operation is not applied.
Embedded data (expressed by E) includes a header, a body, and a pad. The header indicates a data size of the body. The body represents secret data (e.g., a secret image) which is embedded. The pad serves to shape the embedded data into the size of 2n x 2P|. E: ( j = 1, 2, •••, J) represents a partial bit series of the embedded data E whose size is of 2πι x 2m bits. When the partial bit series E. is corresponded to a square area of 2 x 2"', bit by bit, based on the principle of raster scanning, then a binary image of 2' x 2" can be generated. The generated binary image is represented by makeS(E-j) .
With the threshold αTH used, an embedding algorithm can be expressed below. Each Q in the nth conjugation map Cn is initialized to "0". for (n=N, j=l;n>l&&j<J;n--) { for (i=l;i≤4 ~r&&j<J;i++) { if (α(P1 n)>ατ,) { if (α (makeS (E-,) )≥αTf-)
P. '' = makeS (E:) else {
P = makeS (En) * Q ,' - "1"
1
j++; } } } Since low-order bits are less significant on the image, the embedding process ±s carried out on bits successively from the least significant bit. When the binary image makeS (E ) in an area is simple, i.e., when the complexity of the area is smaller than the threshold, then the conjugation operation is effected on the binary image makeS (E ) . In this case, Q-, in the conjugation map is set to "1."
Step 4
The N-bit gray code image is reconstructed from the N binary images where the secret data is embedded.
Step 5
After the N bit pure binary code is recovered from the N-bit gray code image in Step 4, the image data file having the secret data embedded therein s obtained. [0034]
The secret data embedded an image may be recover by the above algorithm being reversed. In order to recover the secret data from the embedded image, it is necessary to know the threshold ατ and the conjugation map. [0035]
Next, an IC carα system according to an embodiment of the present invention will be described with reference to FIGS. 2 to 6. FIG. 2 is a block diagram, showing the concept of the IC card system. FIG. 3 is a block diagram, illustrating a schematic structure of an IC card and an IC card reader/writer m the ID card system. FIG. 4 is a block diagram, illustrating aπotner structural example of an IC card. FIGS. 5 and 6 are flowcharts, showing programs to be executed m the ID card system .
As shown m the above Figures, an IC card 100 as an information card according to the present invention is capable of exchanging data with an IC card reader/writer (data processing terminal) 200. The IC card reader/writer 200 can exchange data on-line with, e.g., a host computer 300 at a credit card company. The IC card reader/writer 200 may be equipped with a αisplay unit 210 (display means) and an input means 220 (such as a mouse and a keyboard) . [0036]
As shown m FIG. 3, the IC carα reader/writer 200 includes a CPU to execute arithmetic operation processing, a data memory for storing data, a program memory for storing programs, a buffer memory, the keyboard for entering data, a display unit for displaying results of the arithmetic operation processing, an interface for controlling data exchangeα with the IC card, and a power supply.
The IC card reader/writer 200 is able to read data from ana write data tne IC card 100. The CPU executes encrypting and decrypting processes and an authentication process. The program memory stores application programs.
The IC card 100 nas an interface, a CPU, a program memory, and a data memory. Tne power supply of the IC card reader/writer 200 supplies electric power to the IC card 100.
The program memories and the data memories are nonvolatile types. These nonvolatile memories include EEPROMs that is electrically erasable, or static RAMs that is backed up by a battery. FIG. 4 snows another structural exampie of an IC card. More specifically, the IC card includes a CPU, a PROM for storing data, and a connector for connection to an external device (an IC card reader/writer) . The CPU includes a control unit, an arithmetic unit, a ROM, and a RAM. [0037]
The IC card includes an IC chip that is mounted on a plastic plate member. The plastic plate member carries the name of the carα owner, the card number, and an expiration date, all of which are embossed on a surface thereof.
The IC cnip stores, in a memory thereof having a storage capacity of 8 KB or more, password data, digital image data of the card owner's photograph, or digital acoustic data (information data) . The information data contains personal data of the card owner (e.g., fingerprints), a photograph of the card owner, and part of the personal data (digital signature image data), all of which are embedded according to the BPCS-Steganography. [0038]
The IC card system enables both visual verification of the card user and mechanical authentication of the IC card at one time. People cannot perceive any secret present m the IC card. Even if someone suspects some secrete data as being present the IC carα, tney cannot extract such an embedded αata from the IC card. The IC card may hide digital data or authentication data. The IC card system can properly read out such hidden authentication data from the IC card, and properly can embed the same data therein. [ 0039 ]
FIG. 5 shows a process (encoder program) in which data is stored in the IC card according to Steganography.
Initially, the card owner's photograph data (including indexed photograph data) is produced in order to be written to the IC card memory (8KB or more) . The produced photograph data is saved as a bit map file. In this case, the photograph data is set in size to be some 75% of the IC card memory. In addition, the above photograph data is produced from the photograph data of the IC card owner.
Then, personal authentication data (text data) is produced and then saved in order to be embedded in the photograph data. The text data is set in size to occupy some 10% of the photograph data.
Both of the photograph data and the authentication data are selected and displayed.
Then, the photograph data for the IC card is converted to pure binary code (PBC) data.
The photograph data thus converted to the PBC data is then converted to canonical gray code (CGC) data.
Next, the photograph data thus converted to the CGC data is decomposed into bit planes (i.e., into N binary images) . The personal authentication data (text data) is embedded in the bit-plane-decomposed photograph data. In this case, the personal authentication data is embedded according to the above algorithm, using a customized key (which consists of, e.g., 24 digits of data).
The photograph data having the embedded text data therein is then re-converted to PBC data.
Farther, the photograph data for use m the IC card is produced and then saved.
Now, the IC card is inserted into the IC card reader/writer, and then any one of the photograph data is selected. Then, the selected photograph data is transferred and saved m the IC card memory. In order to protect the saved photograph data, a password is set and saved m the IC card memory. The password consists of, e.g., 4 digits of data.
The IC card (for use as, e.g., an identification card) is now completed. Thereafter, a photograph of the card owner is printed out on tne plastic plate surface of the IC card.
[0040]
Next, the authentication of the IC card will be described with reference to FIG. 6. FIG. 6 shows part of an decoder program.
Initially, the IC card is inserted into the IC card reader/writer. Then, the IC card reader/writer starts an initializing process m order to execute an authentication flow. Next, a password is sαomitted from a keyboard into the IC card reader/writer. The IC card reader/writer compares the submitted password with the stored password m the memory on the IC card. When the submitted password identifies with the stored password, then the IC card reader/writer reads the photograph data (information data) stored the IC card memory, and displays it on the display unit. When the displayed photograph data indicates a photograph of the card owner, then the displayed photograph ..s visually checked against the photograph printed on the IC card surface and against the card user himself.
Then, a customized key is submitted. The customized key is used to embed the personal authentication data. The customized key is known only to the legitimate card owner. The customized key is not stored the IC card memory.
The customized key works as parameters to control over embedding and extracting of the inherent data. The inherent data is extracted from tne information data only when the customized key submtteα to extract the inherent data identifies with parameters that are used for embedding.
More specifically, the photograph data (information data) read from the IC card memory is converted to pure binary code (PBC) data, and then the photograph data thus converted to the PBC αata is converted to canonical gray code (CGC) data. The CGC data of the photograph is decomposed into bit-planes. At this time, the personal authentication data is extracted f om the photograph data already decomposed into the bit-planes, using the customized key. In this manner, the embeddeα personal authentication data (text data) is extracted from the pnotograph data, and is then displayed.
When the submitted password does not identify with the password m the IC card memory, then no photograph data can be read from the IC card memory. Further, when the submitted customized key does not identify with the card owner' s customized key, then the personal authentication data cannot be extracted from the photograph data. In case such a password or customized key is incorrect, then the IC card is rejected or confiscated by the IC card reader/writer as being forged or illegally used.
[0041]
In conclusion, the IC card system is designed to execute password checking after visually checking is made as to whether a card user is an authorized card owner, and then to allow the photograph data to be read from the IC card memory and the pnotograph image to be displayed on the basis of the photograph data. The displayed photograph image is compared with the photograph printed on the IC card, thereby checking the legitimacy of the IC card. Then, the personal authentication data is extracted from the photograph data using a customized key. The extracted data is then displayed. The displayed personal data is compared with the card user' s personal data, thereby confirming that the presented IC card is a legitimate card.
As evidenced by the above, apparent image data contains other image data, acoustic data, and text data, all of which are present a visually imperceptible manner. These embedded data are checked to confirm that the card user and the card are both legitimate.
[0042] [Effect of the Invention]
Pursuant to the present invention as defined m claim 1, since the third party cannot recognize the presence of the inherent data, or rather the secret data, the information card witn a high level of security is achievable. [ 0043 ]
According to the present invention as defined m claim 2, the inherent data is possible to verify the legitimacy of the information card. It is possible to hide the presence of the legitimacy data and the card owner data. [0044]
According to the present invention as defined m claim 3, the password enables protection of the information data, with a consequential increase m security of the card. [0045]
According to the present invention as defined m claim 4, the customized key can protect the inherent data. [0046]
According to the present invention as defined m claim 5, the information data can be protected against retrieval by password checking [0047]
According to tne present invention as defined m claim 6, unauthorized persons can be prevented from extracting the inherent data, thereby providing a high level of security. [0048]
Pursuant to the present invention as defined m claim 7, the information card can be prevented from being illegally used by means of the password and customized key. [0049]
Pursuanc to the present invention as defined m claim 8, it is possible to provide triple security, and thus to eliminate forgery and illegal use of the information card. [ 0050 ]
According to the present invention as defined m claim 9, the mnerent data is embedded according to stegnanography, and is thus difficult to decrypt . As a result, the inherent data can securely be hidden. [0051]
According to the present invention as defined m claim 10, various files can pe embedded the inherent data. [0052]
According to tne present invention as defined m claim 11, it is possible to construct an information card, which works as a memory card or an IC card, and a system of such an information carα. In addition, an inexpensive card reader/writer can De provided. [0053]
Pursuant to the present invention as defined claim 12 , the image data can pe checked against the photograph.
The photograph can be prevented from being forged. 4. BRIEF EXPLANATION OF THE DRAWINGS
FIG. 1 is a bloc diagram, illustrating how an information card system according to the present invention functions;
FIG. 2 is a block diagram, showing an information card system according to an embodiment of the present invention;
FIG. 3 is a block diagram, showing how the information card system according to the embodiment is electrically constructed; FIG. 4 is a block diagram, illustrating how an information card according to the embodiment is electrically constructed;
FIG. 5 is a flowchart, showing an embedding process (encoder program) in the information card system according to the embodiment;
FIG. 6 is a flowchart, showing an authentication process (decoder program) in the information card system according to the embodiment; and,
FIGS. 7(A) to 7(F) are simulative illustrations illustrative of a conjugation operation according to the present invention. [Identification of Reference Numerals]
100 IC card (information card) ; 200 IC card reader/writer (data processing terminal) ; and, 300 host computer

Claims

3. SCOPE OF CLAIM FOR PATENT
1. In an information card including a memory that stores information data, the information data including one of image data and acoustic data, the improvement wherein the information data contains inherent data that is embedded in the information data according to Steganography.
2. An information card according to claim 1, wherein the inherent data shows one of legitimacy of the information card and a card owner of the information card.
3. An information card according to claim 1 or 2, wherein the memory stores a password for permitting the information data to be read from the memory.
4. An information card according to any one of claims 1 to 3, wherein the information card employs a customized key in order to give a permission to extract the inherent data from the information data.
5. An information card system comprising: an information card including a memory that stores information data, the information data including one of image data and acoustic data, the information data containing' inherent data that is embedded in the information data according to Steganography, the memory storing a password for permitting the information data to be read from the memory; and, a data processing terminal including input means for submitting a password, password checking means for checking the submitted password against the password stored in the information card to permit the information data to be read from the memory, and output means for outputting the read information data.
6. An information card system comprising: an information card including a memory that stores information data, the information data including one of image data and acoustic data, the information data containing inherent data that is embedded in the information data according to Steganography; and, a data processing terminal including input means for submitting a customized key, inherent data extracting means for extracting the inherent data with the use of the submitted customized key, and output means for outputting the extracted inherent data.
7. An information card system according to claim 6, wherein the memory stores a password for permitting the information data to be read from the memory, and wherein the data processing terminal includes input means for submitting a password, password checking means for checking the submitted password against the password stored in the information card to permit the information data to be read from the memory, and output means for outputting the read information data.
8. An information card system according to any one of claims 5 to 7, wherein the extracted inherent data is wholly or partly checked against one of inherent data read from a host and inherent data entered from an external source.
9. An information card or an information card system according to any one of claims 1 to 8, wherein the inherent data is embedded according to Steganography by the steps of converting one of image data and acoustic data, both formed as information data, to pure binary code data, or converting the pure binary code data to canonical gray code data, decomposing one of the pure binary code data and the canonical gray code data into bit planes, segmenting the bit planes into regions according to a complexity measure, and replacing complex region-forming data with the inherent data.
10. An information card or an information card system according to claim 9, wherein the inherent data to be embedded is subject to a conjugation operation.
11. An information card or an information card system according to any one of claims 1 to 10, wherein the memory comprises an IC chip.
12. An information card or an information card system according to any one of claims 1 to 11, wherein the information card carries a photograph on a surface thereof, and one of the information data and the inherent data is image data representing the photograph.
PCT/US1999/021663 1998-09-29 1999-09-17 Information card and information card system WO2000019365A1 (en)

Priority Applications (6)

Application Number Priority Date Filing Date Title
DE69917302T DE69917302D1 (en) 1998-09-29 1999-09-17 INFORMATION CARD
CA002345107A CA2345107A1 (en) 1998-09-29 1999-09-17 Information card and information card system
US09/806,653 US6742712B1 (en) 1998-09-29 1999-09-17 Information card and information card system
AT99948328T ATE266886T1 (en) 1998-09-29 1999-09-17 INFORMATION CARD
AU61533/99A AU6153399A (en) 1998-09-29 1999-09-17 Information card and information card system
EP99948328A EP1116176B1 (en) 1998-09-29 1999-09-17 Information card

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP27551398A JP3636898B2 (en) 1998-09-29 1998-09-29 Information card and information card system
JP10/275513 1998-09-29

Publications (1)

Publication Number Publication Date
WO2000019365A1 true WO2000019365A1 (en) 2000-04-06

Family

ID=17556530

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US1999/021663 WO2000019365A1 (en) 1998-09-29 1999-09-17 Information card and information card system

Country Status (7)

Country Link
EP (1) EP1116176B1 (en)
JP (1) JP3636898B2 (en)
AT (1) ATE266886T1 (en)
AU (1) AU6153399A (en)
CA (1) CA2345107A1 (en)
DE (1) DE69917302D1 (en)
WO (1) WO2000019365A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7031693B2 (en) 2001-09-13 2006-04-18 Seamless Distribution Ab Method and system for refilling mobile telephone prepaid phone cards via electronic distribution of refill codes
US11829499B2 (en) * 2020-03-26 2023-11-28 Bank Of America Corporation Securing PIN information using obfuscation by applying extra security layer

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP4700782B2 (en) * 2000-04-25 2011-06-15 日立オートモティブシステムズ株式会社 Personal authentication system
JP2010204829A (en) * 2009-03-02 2010-09-16 Nec Corp Authentication device, authentication method, and user authentication system
CN101989237B (en) * 2009-08-03 2014-12-17 成都宇飞信息工程有限责任公司 U disk information safety system based on information hiding and digital watermarking technology

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0334616A2 (en) * 1988-03-21 1989-09-27 Leighton, Frank T. Method and system for personal identification
EP0638880A1 (en) * 1993-08-10 1995-02-15 Audio DigitalImaging, Inc. A method of verifying fake-proof video identification data
US5636292A (en) * 1995-05-08 1997-06-03 Digimarc Corporation Steganography methods employing embedded calibration data
US5689587A (en) * 1996-02-09 1997-11-18 Massachusetts Institute Of Technology Method and apparatus for data hiding in images

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE19536206A1 (en) * 1994-09-30 1996-04-04 Samsung Electronics Co Ltd Smart card with data protection processor

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0334616A2 (en) * 1988-03-21 1989-09-27 Leighton, Frank T. Method and system for personal identification
EP0638880A1 (en) * 1993-08-10 1995-02-15 Audio DigitalImaging, Inc. A method of verifying fake-proof video identification data
US5636292A (en) * 1995-05-08 1997-06-03 Digimarc Corporation Steganography methods employing embedded calibration data
US5636292C1 (en) * 1995-05-08 2002-06-18 Digimarc Corp Steganography methods employing embedded calibration data
US5689587A (en) * 1996-02-09 1997-11-18 Massachusetts Institute Of Technology Method and apparatus for data hiding in images

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7031693B2 (en) 2001-09-13 2006-04-18 Seamless Distribution Ab Method and system for refilling mobile telephone prepaid phone cards via electronic distribution of refill codes
US11829499B2 (en) * 2020-03-26 2023-11-28 Bank Of America Corporation Securing PIN information using obfuscation by applying extra security layer

Also Published As

Publication number Publication date
EP1116176B1 (en) 2004-05-12
EP1116176A1 (en) 2001-07-18
CA2345107A1 (en) 2000-04-06
AU6153399A (en) 2000-04-17
ATE266886T1 (en) 2004-05-15
JP3636898B2 (en) 2005-04-06
JP2000105812A (en) 2000-04-11
DE69917302D1 (en) 2004-06-17

Similar Documents

Publication Publication Date Title
US6742712B1 (en) Information card and information card system
US8058972B2 (en) Methods and devices for enrollment and verification of biometric information in identification documents
Ratha et al. Enhancing security and privacy in biometrics-based authentication systems
Jain et al. Hiding biometric data
US6978035B2 (en) Information hiding system, method, and printed matter into which information is hidden
KR100335308B1 (en) Secured signal modification and verification with privacy control
JP3768249B2 (en) For identifying objects and other entities and apparatus for producing identification cards
US20050036651A1 (en) Digital anti&amp;minus forging method
KR20200005639A (en) Data check
CA2374196A1 (en) Legitimacy protection of electronic document and a printed copy thereof
KR20060074912A (en) Cryptographically secure person identification
US20100260372A1 (en) Method and apparatus to mark a document using a combination between guilloches and watermarking, method and apparatus to read previous combination
US20200344059A1 (en) Methods for registering data from an individual&#39;s identity document and for authenticating an identity document
Uludag Secure biometric systems
Komninos et al. Protecting biometric templates with image watermarking techniques
KR101509877B1 (en) Watermarking Method and Apparatus for Inserting Watermark Created from an image into another image
JP2001126046A (en) Ic card, ic card authentication system and its authentication method
EP1116176B1 (en) Information card
JP2005293490A (en) Biometrics system
US11279164B1 (en) Length-modulated screening lines and line codes
Yadav et al. Biometric template security using invisible watermarking with minimum degradation in quality of template
EP2350913B1 (en) Method and device for electronically capturing a handwritten signature using embedding technique
US20030048924A1 (en) Method for inserting binary messages in a digital image
Khan Transmission of Secure Biometric Data for Network-based User Authentication
Busch et al. 3D Face Recognition for Unattended Border Control.

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AL AM AT AU AZ BA BB BG BR BY CA CH CN CR CU CZ DE DK DM EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT UA UG US UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GH GM KE LS MW SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
ENP Entry into the national phase

Ref document number: 2345107

Country of ref document: CA

Ref country code: CA

Ref document number: 2345107

Kind code of ref document: A

Format of ref document f/p: F

WWE Wipo information: entry into national phase

Ref document number: 1999948328

Country of ref document: EP

WWP Wipo information: published in national office

Ref document number: 1999948328

Country of ref document: EP

WWE Wipo information: entry into national phase

Ref document number: 09806653

Country of ref document: US

REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

WWG Wipo information: grant in national office

Ref document number: 1999948328

Country of ref document: EP

NENP Non-entry into the national phase

Ref country code: JP

WWW Wipo information: withdrawn in national office

Country of ref document: JP