Registers – Records – Conductive
Reexamination Certificate
1998-05-13
2001-12-11
Tremblay, Mark (Department: 2876)
Registers
Records
Conductive
C235S380000
Reexamination Certificate
active
06328217
ABSTRACT:
BACKGROUND OF INVENTION
Integrated circuit (IC) cards are becoming increasingly used for many different purposes in the world today, principally because they are ideal tools for the delivery of distributed, secure information processing at a low cost. An IC card, also called a “smart card,” is a card typically the size of a conventional credit card, but which contains a computer chip on the card. The computer chip on the IC card typically includes a microprocessor, read-only-memory (ROM), electrically erasable programmable read-only-memory (EEPROM), a random access memory (RAM), an input/output (I/O) mechanism, and other circuitry to support the microprocessor in its operations. The computer chip can execute one or more applications stored on the card. Examples of applications that IC cards are being used to store and execute include credit/debit, electronic money/purse, telephone calling card, and loyalty reward applications.
When an application is initially loaded onto an IC card, the application may include data that is associated with the application. Such data may include, for example, data that identifies the cardholder, such as the cardholder's name and account number. Additionally, the associated data may also include a promotional or bonus value provided by the application provider to the cardholder for loading the application. For example, with a telephone calling card application, an application provider may provide a certain amount of free calling time. As another example, with an electronic purse application, an application provider may provide bonus electronic cash. As yet another example, with a frequent flyer loyalty application, an application provider may provide free miles.
The use of application data to provide promotional or bonus value creates a potential problem for the IC card manufacturer and the application provider regarding the integrity of loading applications. A solution is needed to prevent a cardholder from intentionally or unintentionally copying an application when it is first loaded, and reloading the application thereafter to reload the value in the data associated with the application. By repeated reloading of an application, a cardholder may potentially obtain an unlimited amount of promotional or bonus value to which he or she is not entitled. At the same time, however, cardholders may be required to reload an application for legitimate reasons, such as for updating an application.
Accordingly, a need exists for a method of loading an application onto an IC card such that a cardholder is prevented from illegitimately reloading an application once it has been loaded onto the IC card.
SUMMARY OF THE INVENTION
In accordance with a preferred embodiment of the present invention, there is provided a method of loading an application copy onto an integrated circuit card, wherein the application copy is one of a plurality of copies of an application. The application copy has an associated application identifier that uniquely identifies the application from other applications and an application copy number that is unique for each copy of the application. The integrated circuit card includes a microprocessor and a memory coupled to the microprocessor. The memory includes an application history list area for storing application identifiers and application copy numbers of applications that have been previously loaded onto the integrated circuit card. The method includes receiving by the integrated circuit card the application copy, the application identifier, and the application copy number; determining by the integrated circuit card whether the application identifier and the application copy number are contained in the application history list area; and failing to load the application copy by the integrated circuit card if the application identifier and the application copy number are contained in the application history list area.
As it is used in this specification and the amended claims, the term “unique” to refer to application copy numbers refers to two types of numbers: (1) non-random numbers that are actually determined to be unique, and (2) random numbers that are determined to be probabilistically unique for a given cardholder.
The method of the present invention may further include the steps of allocating a predetermined portion of the memory for the application history list area; determining by the integrated circuit card whether the application history list area is fall; and failing to load the application copy if the application history list is full.
The method of the present invention may further include the step of adding the application identifier and the application copy number to the application history list area if the application identifier and the application copy number are not contained in the application history list area. Thus, once a copy of an application is loaded onto the integrated circuit card, the application identifier and the application copy number associated with the copy of the application are stored in the application history list area for future checking.
The method of the present invention may also provide a mechanism by which application providers not concerned with repeated loading of applications may circumvent storage of the application identifier and the application copy number in the application history list area. For example, an application copy number of zero can be used to signify that an application may be reloaded as often as desired. Accordingly, the method of the present invention may further include the step of adding the application identifier and the application copy number to the application history list area if the application identifier and the application copy number are not contained in the application history list area and the application copy number is not zero.
The application copy may include both application code and application data. The application identifier and the application copy number may be contained in the application data.
Preferably, the application copy, the application identifier, and the application copy number are transmitted to the integrated circuit card by an application provider. Preferably, before transmitting the application copy to the integrated circuit card, the application provider encrypts at least a portion of the application copy. It is also preferred that an application provider transmit a key transformation unit, which includes information relating to the encryption of the encrypted portion of the application copy. It is further preferred that the integrated circuit card has a first public key pair and that the application provider encrypts the key transformation unit with the public key of the first public key pair before transmitting the key transformation unit to the integrated circuit card.
When the application provider encrypts the key transformation unit with the public key of the first public key pair, the integrated circuit card may decrypt the encrypted key transformation unit with the secret key of the first public key pair. Once the key transformation unit is decrypted, the integrated circuit card may decrypt the application copy using the information contained in the decrypted key transformation unit.
It is also preferred that the application provider has a second public key pair and that the application provider form a signed application copy by encrypting the application copy with the secret key of the second public key pair. The application provider may then transmit both the application copy and the signed application copy to the integrated circuit card.
It is further preferred that the application provider register the public key of the second public key pair with a certification authority, which has a third public key pair. The certification authority may then provide a certificate to the application provider by encrypting the public key of the second public key pair with the secret key of the third public key pair. The application provider may transmit the certificate to the integrated circuit card.
When a certificate is transmitt
Everett David Barrington
Miller Stuart James
Peacham Anthony David
Richards Timothy Philip
Simmons Ian Stephen
Baker & Botts L.L.P.
Mondex International Limited
Tremblay Mark
LandOfFree
Integrated circuit card with application history list does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Integrated circuit card with application history list, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Integrated circuit card with application history list will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2556599