Registers – Records – Conductive
Reexamination Certificate
1998-05-06
2001-03-13
Tremblay, Mark (Department: 2876)
Registers
Records
Conductive
C705S066000
Reexamination Certificate
active
06199762
ABSTRACT:
TECHNICAL FIELD
The present invention relates, generally, to the use of integrated circuit cards (“smartcards”) for commercial transactions and, more particularly, to techniques for dynamically synchronizing and personalizing smartcard information in the context of a distributed transaction system.
BACKGROUND ART AND TECHNICAL PROBLEMS
Recent advances in Internet commerce, electronic data-processing, and semiconductor device technology have lead to an increased interest in smartcard technology. Generally speaking, smartcards are wallet-sized (or smaller) cards incorporating a microprocessor or microcontroller to store and manage data within the card. More complex than magnetic-stripe and stored-value cards, smartcards are characterized by sophisticated memory management and security features. Multi-function cards, for example, are often configured to support credit, debit, stored value, loyalty, and a number of other applications all within a single card. A typical multi-function smartcard includes a microcontroller embedded within the card plastic which is electrically connected to an array of external contacts provided on the card exterior. The smartcard microcontroller generally includes an electrically-erasable and programmable read only memory (EEPROM) for storing user data, random access memory (RAM) for scratch storage, and read only memory (ROM) for storing the card operating system. Relatively simple microcontrollers are adequate to control these functions. Thus, it is not unusual for smartcards to utilize 8-bit, 5 MHZ microcontrollers with about 8K of EEPROM memory (for example, the Motorola 6805 or Intel 8051 microcontrollers).
A number of standards have been developed to address various aspects of integrated circuit cards, e.g.:
ISO
7816-1,
Part
1:
Physical characteristics
(1987);
ISO
7816-2,
Part
2:
Dimensions and location of the contacts
(1988);
ISO
7816-3,
Part
3:
Electronic signals and transmission protocols
(1989, Amd.1 1992, Amd. 2 1994);
ISO
7816-4,
Part
4:
Inter
-
industry commands for interchange
(1995);
ISO
7816-5,
Part
5:
Numbering system and registration procedure for application identifiers
(1994, Amd. 1 1995);
ISO/IEC DIS
7816-6,
Inter
-
industry data elements
(1995);
ISO/IEC WD
7816-7,
Part
7:
Enhanced inter
-
industry commands
(1995); and
ISO/IEC WD
7816-8,
Part
8:
Inter
-
industry security architecture
(1995). These standards are hereby incorporated by reference. Furthermore, general information regarding magnetic stripe cards and chip cards can be found in a number of standard texts, e.g., Zoreda & Oton,
SMART CARDS
(1994), and Rankl & Effing,
SMART CARD HANDBOOK
(1997), the contents of which are hereby incorporated by reference.
It is desirable to maintain, for each smartcard held by a consumer, a substantially accurate history of transaction information and applications associated with the smartcard. Presently known systems are typically inadequate in this regard in that they do not provide efficient and reliable methods for ensuring synchronization between information stored on the smartcard and corresponding information stored on one or more external databases. As a result, present systems fail to ensure that lost or stolen cards may be reissued or replaced with up-to-date information.
Moreover, present systems are inadequate in that the systems often do not allow an enterprise, such as a smartcard corporate partner (for example, Hertz, Hilton and the like) to dynamically add to or otherwise modify the smartcard application structure itself. That is, in the context of multi-function cards, it is often infeasible to alter or augment the card's file structure without engaging in the time-consuming and costly process of re-issuing the card.
Furthermore, known methods of issuing and re-issuing smartcards in a multi-application, multi-enterprise environment are typically inadequate. More particularly, a smartcard often contains a number of different applications associated with a wide range of enterprise organizations. For security purposes, the writing, updating, and reading of these files is advantageously restricted to particular parties in accordance with a set of access condition rules. These access conditions are suitably implemented using cryptographic keys which are known only to the appropriate parties, such as the enterprise. Thus, a card issuing party such as American Express will typically not have access to the keys necessary to perform its function. Known systems have attempted to solve this problem by accumulating key data in a central repository used in the issuance process. This method is unsatisfactory in a number of respects. Most notably, a security breach in the central repository of key information would have disastrous consequences.
Techniques are therefore needed to overcome these and other limitations of the prior art. More specifically, systems are needed to provide secure and efficient personalization and dynamic synchronization of multi-function smartcards.
SUMMARY OF THE INVENTION
The present invention overcomes the limitations of the prior art by providing methods and apparatus for personalizing and synchronizing smartcard data in the context of a distributed transaction system.
In accordance with one aspect of the present invention, a dynamic smartcard synchronization system comprises access points configured to initiate a transaction in conjunction with a smartcard, an enterprise data collection unit, and a card object database update system. An exemplary dynamic synchronization system (DSS) preferably comprises various smartcard access points, a secure support client server, a card object database update system (CODUS), one or more enterprise data synchronization interfaces (EDSI), an update logic system, one or more enterprise data collection units (EDCUs), and one or more smartcard access points configured to interoperably accept and interface with smartcards. In an exemplary embodiment, DSS comprises a personalization system and an account maintenance system configured to communicate with CODUS.
In accordance with a further aspect of the present invention, personalization of multi-function smartcards is accomplished using a security server configured to generate and/or retrieve cryptographic key information from multiple enterprise key systems during the final phase of the smartcard issuance process.
REFERENCES:
patent: 4928001 (1990-05-01), Masada
patent: 5276311 (1994-01-01), Hennige
patent: 5473690 (1995-12-01), Grimonprez et al.
patent: 5530232 (1996-06-01), Taylor
patent: 5729717 (1998-03-01), Tamada et al.
patent: 5844292 (1999-03-01), Baker et al.
patent: 5889941 (1999-03-01), Tushie et al.
patent: 5912453 (1999-06-01), Gungl et al.
American Express Travel Related Services Co., Inc.
Snell & Wilmer L.L.P.
Tremblay Mark
LandOfFree
Methods and apparatus for dynamic smartcard synchronization... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Methods and apparatus for dynamic smartcard synchronization..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Methods and apparatus for dynamic smartcard synchronization... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2484886