« PrécédentContinuer »
(12) United States Patent
(io) Patent No.: (45) Date of Patent:
US 7,043,642 Bl May 9, 2006
(54) PROCESS TO MANAGE DATA IN A CHIP CARD
(75) Inventor: Gilles Lisimaque, Potomac, MD (US)
(73) Assignee: Gemplus, Gemenos Cedex (FR)
( * ) Notice: Subject to any disclaimer, the term of this patent is extended or adjusted under 35 U.S.C. 154(b) by 0 days.
(21) Appl. No.: 09/576,412
(22) Filed: May 22, 2000
(51) Int. CI.
H04K 9/32 (2006.01)
H04L 9/00 (2006.01)
(52) U.S. CI 713/189; 713/192; 713/193;
380/277; 380/44; 726/9
(58) Field of Classification Search 713/193,
713/184, 182, 202, 201, 200, 189, 192, 183; 705/52; 235/380,382,382.5; 395/187; 380/279, 23, 44, 277; 726/5, 9, 18, 20 See application file for complete search history.
(56) References Cited
U.S. PATENT DOCUMENTS
5,060,263 A * 10/1991 Bosen et al 713/184
5,162,638 A * 11/1992 Diehl et al 235/380
5,204,512 A * 4/1993 Ieki et al 235/382
5,298,724 A * 3/1994 Wratil 235/380
5,602,915 A * 2/1997 Campana et al 380/277
5,694,471 A * 12/1997 Chen et al 705/76
5,856,659 A * 1/1999 Drapsteen et al 235/380
6,073,238 A * 6/2000 Drapsteen 713/200
FOREIGN PATENT DOCUMENTS
EP 0224147 A2 6/1987
EP 0402301 Al * 12/1990
EP 0426541 Al 5/1991
EP 0671712 Al 9/1995
WO W094/16415 7/1994
Peyret et al, Smart Cards Provide Very High Secuirty and Flexibility in Subscribers Management, Aug. 1990, IEEE, vol. 36 No. 3, pp. 744-752.*
* cited by examiner
Primary Examiner—Hosuk Song
Assistant Examiner—Beemnet W Dada
(74) Attorney, Agent, or Firm—Buchanan Ingersoll PC
The invention concerns a method for duplicating data contained a smart card memory in the memory of another smart card, which consists in producing for said other card another management code, another secret code. Said other management code is produced on the basis of identification data particular to the first card and also particular to the second card. For the system to operate, identification data concerning the first card are also recorded in the second card.
17 Claims, 2 Drawing Sheets
PROCESS TO MANAGE DATA IN A CHIP
This disclosure is based upon, and claims priority from, French Application No. 97/14802, filed Nov. 25, 1997 and International Application No. PCT/FR98/02510, filed Nov. 24, 1998, the contents of which are incorporated herein by reference.
FIELD OF THE INVENTION
The aim of this invention is a process to manage data stored in a chip card. The invention concerns the transfer of data from one card to another, particularly in the case where the original card is on the point of expiry and has to be replaced by a card with extended duration and also having similar system options, the same data recorded in the electronic circuit.
BACKGROUND OF THE INVENTION
Thus for example electronic purses are already known in the field of chip cards, or more generally portable equipment with a computer chip. In such uses monetary units stored in the memory of a chip card are transferred to another and withdrawn from the first. There is on the face of it no limit to validity. Also in the banking sector chip cards, the card body of which is clearly embossed with the expiry date of the card, are known. This precaution of limiting the validity of the card has two objectives. On the one hand it allows the age of the electronic circuits to be taken into account and to facilitate its replacement. On the other hand it gives rise to the return of the cards in circulation to the supervisory body in such a way that this body can totally control the means which it makes available to carry out transactions.
With the exponential development of applications controlled by uses of the chip card, expired chip cards may no longer need to be replaced by a supervisory body: it ought to be possible to do this on site, if necessary with common chip card readers/recorders.
The principles of using chip cards include the requirement to compose a secret code or personal identity number (PIN) and comparison of this code with a code stored in the memory of the chip. If this comparison is successful, the application i.e. in practical terms goods or services corresponding to the transaction can be obtained, or even a payment can be effected with the card. If not the case a reject situation is indicated to the carrier. This comparison is implemented in a fail-safe manner.
The problem which occurs when the requirement is to transfer data from one card to another is a problem of managing these secret codes or, more generally, management codes which allow management under the control of data stored in the memory of the cards. In fact these codes stored in one form or another in the memory of the chip card are produced by the supervisory body according to data capable of identifying the card and particular to this body. As a result it is impossible to arrange the automatic extension of the validity of the cards by replacing expired cards with cards with longer memory without the intervention of this body. Indeed such an operation would amount to disclosing all the secrets concerning the formulation of the secret codes and particular to this body to all the other organizations or even all the readers capable of arranging this extension.
However the aim of the invention is to remedy this future problem by instituting a recording procedure for the management codes. The procedure takes into account the pre
vious management codes or at least data relating to the old cards from which the data are to be recorded into the new originates.
5 SUMMARY OF THE INVENTION
According to the invention a cryptographic algorithm is used to produce a new management code which on the one hand takes into account identification data of the new card
10 and on the other hand information relating to the old card. In a particular case the data relating to the old card will be the identification data of the old card. In another case the management code of the old card itself will be used. Any other data relating to the old card can be used.
15 At the moment of use the user can be asked to compose a secret code which corresponds to the management code of the second card. In certain cases of special verification he can also be asked to compose, in a second stage or first stage, a secret code corresponding to the management code of the
20 first card in order to check the coherence of the formulation of the second management code.
Therefore the aim of the invention is a process to manage data stored in a first memory of a first chip of a first chip card in which:
25 A first management code is produced with a first cryptographic algorithm based on a mother key and a first set of identification data of the first chip card. This first management code is recorded in the first memory,
30 The first card is inserted into a chip card reader, and
Editing of the data stored in the first memory is authorized if a code presented to the reader is compatible with the first management code recorded. The invention is characterized in that
35 A second management code is produced with a second cryptographic algorithm based on data relating to the first card and a second set of identification data of a second chip card, This data relating to the first card and this second man
40 agement code is recorded in a second memory of a second chip of the second chip card, and Editing of the data stored in the second memory is authorized if a secret code presented to the reader is compatible with the second management code
BRIEF DESCRIPTION OF THE DRAWINGS
The invention will be better understood after reading the 50 description below and after examining the figures which accompany it. The latter are only given as a guide and in no way limit the invention. The figures are detailed as follows: FIG. 1: a diagrammatic illustration of a device which can be used to implement the process of the invention; 55 FIG. 2: essential stages for implementing the process of the invention;
FIG. 3: preferred method to check the legality of the holding of a chip card by a carrier; and
FIG. 4: diagrammatic illustration of a symmetric-type 60 algorithm enabling a management code to be found from a previous management code.
65 FIG. 1 shows a device which can be used to implement the process of managing data according to the invention. This figure shows a reader 1 to read portable equipment 2 with a