Registers – Systems controlled by data bearing records – Credit or identification card systems
Patent
1995-06-20
1997-10-28
Hajec, Donald T.
Registers
Systems controlled by data bearing records
Credit or identification card systems
235382, 235492, 902 26, G06K 500
Patent
active
056820275
DESCRIPTION:
BRIEF SUMMARY
BACKGROUND OF THE INVENTION
This invention relates to a host and user transaction system and has particular, although not exclusive, utility in performing commercial transactions involving a plurality of service providers and a plurality of service users.
In this specification, the term "transaction" is defined to mean any type of interchange involving data or information, which may or may not be specific to the performance of a commercial transaction. In addition, the term "service provider" and "service user" are similarly not limited to the provision and use of services of only a commercial nature and relate to the identity of any two entities involved in an interchange of any nature, for which the invention may have utility.
The invention has application in the use of a self-contained portable intelligent devices which include a microprocessor for performing data processing. Such devices are presently being embodied in the form of integrated circuit cards (IC cards). These card in their basic form have the appearance of a standard credit card but incorporate within them various forms of integrated circuits to allow for on-board storage and processing of data via an input-output port.
The development of these IC cards to date has been limited, whereby these cards function more as a means of storing data as opposed to running "application" programs as such. Thus, these cards act under the control of an external device, being physical half duplex devices which basically receive commands and respond to requests.
IC cards are basically divided into synchronous and asynchronous type cards. Synchronous cards are essentially a serial memory device which do not have commands as such. Most do not have read/write control attributes, and only some have access control. Hardware driver routines are needed to do the bit by bit accessing of these types of IC cards.
Asynchronous cards are more sophisticated, in the main comprising a single chip microcomputer which is entirely self-contained on the card. The microcomputer comprises a central processing unit, volatile and nonvolatile memory, and an IO port. The main program of the microcomputer is generally specific to partitioning, storing and retrieving data in the nonvolatile memory, usually with some kind of read/write control attributes that are optional and reasonably flexible. The main program comprises an operating system which is provided with a command executor that acts on commands to create files, to read and write to files and handle passwords. Hence most of these cards have security features that control access to the card and/or specific data areas, and which allow for changing of passwords.
An important consideration with respect to the use of portable self-contained for performing transactions between a service user and a service provide is the ability to secure data storage within these devices as well as the ability to secure the transmission of this data to and from these devices.
Previously, secure data storage has been achieved by two basic methods. One has been to store the data in an encrypted form in the memory of the portable intelligent device, and the other has been to store the data as clear data in the device but introduce security measures to restrict access to this data, such as password type access restriction mechanisms.
The first method implies the need for a security module that contains cipher keys which are kept secret by the security features of the security module employed for both the portable device and the host system. Accordingly, data for storage would be encrypted by the security module using a specific cipher key (eg, the one related to the memory area that the data is to be stored in) and then passed over for storage in either the portable device or the host system, as applicable.
The second method requires that the data be stored inside a secure module, whereby access to the module is restricted.
The security of the second method, in particular, can be enhanced further by the use of a single chip microcomputer having no e
REFERENCES:
patent: 3971916 (1976-07-01), Moreno
patent: 4007355 (1977-02-01), Moreno
patent: 4277837 (1981-07-01), Stuckert
patent: 4341951 (1982-07-01), Benton
patent: 4453074 (1984-06-01), Weinstein
patent: 4634845 (1987-01-01), Hale et al.
patent: 4831242 (1989-05-01), Englehardt et al.
patent: 4882474 (1989-11-01), Anderl et al.
patent: 4926480 (1990-05-01), Chaum
patent: 5120939 (1992-06-01), Claus et al.
patent: 5200600 (1993-04-01), Shinawawa
patent: 5212373 (1993-05-01), Fujioka et al.
patent: 5225664 (1993-07-01), Iijima
patent: 5227612 (1993-07-01), Le Roux
patent: 5231569 (1993-07-01), Myatt et al.
patent: 5252812 (1993-10-01), Nakamura
patent: 5286962 (1994-02-01), Fujioka et al.
patent: 5351296 (1994-09-01), Sullivan
patent: 5379344 (1995-01-01), Larsson et al.
DATAPRO Handheld Password Generators: An Overview Information Services Group, Mar. 1993, McGraw Hill NB: Published Mar. 1993 (9 pages).
Toshiba System Catalogue of Semi-Conductors for IC Cards (9 pages) author, month, year missing.
International Standard ISO 7816-1:1987 (E) Identification cards--integrated circuits(s) cards with contacts:--Part 1: Physical characteristics; Part 2: Dimensions and location of contacts; Part 3: Electronic signals and transmission protocols author, month, year for each parts 1, 2, 3 are missing.
Slumberger Industries M 16 E Smart Card Application Mask E 2 Users Manual Release 2-1 (36 pages) author, month, year missing.
Bertina Johannes Marinus George
Oliver Quentin Rees
Hajec Donald T.
Intellect Australia Pty Ltd.
Lee Michael G.
LandOfFree
System and method for performing transactions and a portable int does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with System and method for performing transactions and a portable int, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and System and method for performing transactions and a portable int will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-1027823