CA2384498A1 - Method for the initialisation of mobile data carriers - Google Patents
Method for the initialisation of mobile data carriers Download PDFInfo
- Publication number
- CA2384498A1 CA2384498A1 CA002384498A CA2384498A CA2384498A1 CA 2384498 A1 CA2384498 A1 CA 2384498A1 CA 002384498 A CA002384498 A CA 002384498A CA 2384498 A CA2384498 A CA 2384498A CA 2384498 A1 CA2384498 A1 CA 2384498A1
- Authority
- CA
- Canada
- Prior art keywords
- authorisation
- read
- data
- initialisation
- network
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract 29
- 239000000969 carrier Substances 0.000 title claims abstract 14
- 238000013475 authorization Methods 0.000 claims abstract 40
- 238000004891 communication Methods 0.000 claims abstract 3
- 238000009434 installation Methods 0.000 claims 1
Classifications
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/10—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
- G07F7/1008—Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/355—Personalisation of cards for use
- G06Q20/3552—Downloading or loading of personalisation data
Abstract
With the method, mobile data carriers (IM) are initialised at assigned decentralised read and write stations (WR) within the framework of an authorisation system (A). At an authorisation authority (HA) in a secure environment (g) initialisation data (DI, A-I, I-I) are generated by authorisation means (AM) and transmitted to a decentralised authorised read and write station (A-WR) through a network (N) in a secure communication and with security rules in correspondence with the authorisation system (A), where the mobile data carriers (IM) are initialised with the initialisation data (DI), and/or wherein the initialisation data are transmitted to a decentralised read and write station (WR) through the network, by means of which the read and write station is initialised.
This initialisation method makes possible new possibilities for the application and exploitation of systems of this kind.
This initialisation method makes possible new possibilities for the application and exploitation of systems of this kind.
Claims (28)
1. Method for the initialisation of mobile data carriers (IM) with assigned decentralised read and write stations (WR) and/or of decentralised read and write stations (WR) within the framework of an authorisation system (A), characterised in that by an authorisation with authorisation means (AM) at an authorisation authority (HA) in a secure environment (g) initialisation data (DI, A-I, I-I) are generated and transmitted through a network (N) in a secure communication and with security rules corresponding to the authorisation system to a decentralised authorised read and write station (A-WR) and wherein the mobile data carriers (IM) are correspondingly initialised (IMj) with the initialisation data (DI) at the read and write station (A-WR) and/or that the initialisation data (DI) are transmitted through the network (N) to a decentralised read and write station (WR), by means of which the read and write station is initialised (WRk).
2. Method in accordance with claim 1, characterised in that the authorisation authority (HA) is formed by a host computer (H) or by a remote authorisation read and write station (R-A-WR).
3. Method according to claim 1 or 2, characterised in that the authorisation means (AM) are formed by special authorisation identification media (AM-IM) or by authorisation data (AM-I).
4. Method in accordance with one of the preceding claims, characterised in that a (non-authorised) decentralised read and write station (WR) is first of all transformed into an authorised read and write station (A-WR) by means of function authorisation data (A-I-FA) contained in the initialisation data (DI), which subsequently is capable of initialising mobile data carriers (IM) in correspondence with the initialisation data.
5. Method according to one of the preceding claims, characterised in that within the framework of the authorisation system (A) several authorisation authorities (HAi) with the same and/or with differing authorisation levels (OLi) are provided.
6. Method in accordance with one of the preceding claims, characterised in that several authorisation means (AMi) with the same and/or with differing authorisation levels (OLi) are provided.
7. Method according to one of the preceding claims, characterised in that initialisation data (DI, A-I, I-I) are transmitted to the authorised read and write stations (A-WR), resp., to the decentralised read and write stations (WR) through more than one network level (N1, N2) and/or through more than one authorisation authority (HA1,HA2).
8. Method in accordance with one of the preceding claims, characterised in that the initialisation data (DI) are transmitted through a secure private network (Np).
9. Method according to one of the preceding claims, characterised in the initialisation data are transmitted through an open public network (No) with an encryption and security gates on both sides (G1, G2).
10. Method in accordance with one of the preceding claims, characterised in that with the initialisation data (DI2.2) application extensions (App2.2) are initialised.
11. Method according to one of the preceding claims, characterised in that with the initialisation data (DI3) new independent applications (App3) are initialised.
12. Method in accordance with one of the preceding claims, characterised in that in a blank mobile data carrier prepared with a system data field (CDF) applications (App) are newly initialised with the initialisation data (DI).
13. Method according to one of the preceding claims, characterised in that through the network (N) a permanent connection between the authorisation authority (HA) and the decentralised read and write station (A-WR, WR) is in existence.
14. Method in accordance with one of the preceding claims, characterised in that the connection between the authorisation authority (HA) and the decentralised read and write stations (A-WR, WR) through the network (N) is only in existence occasionally and that when it is an exchange of data takes place.
15. Method according to one of the preceding claims, characterised in that for the initialisation a user authorisation (aw) is effected by the read and write station (A-WR, WR), resp., by its owner (12) and/or that an identification authorisation means (ID-AM) is necessary.
16. Method in accordance with one of the preceding claims, characterised in that for an initialisation a user authorisation (ai) through the data carrier, resp., the owner (13) of the data carrier takes place.
17. Method according to one of the preceding claims, characterised in that for the authorisation of initialisations through the network (N), as well as for the execution of applications at the read and write station (A-WR, WR), resp., at the data carrier (IM) personal data (aw) of the owner of the read and write station, resp., personal data (ai) of the owner of the data carrier, such as a PIN
code or biometric data, are made use of as authorisation means.
code or biometric data, are made use of as authorisation means.
18. Method accordance with one of the preceding claims, characterised in that the mobile data carriers (IM) comprise an application micro-processor (AppuP) for the processing of applications program data (I-ICod).
19. Method according to one of the preceding claims, characterised in that the data carriers (IM) are designed as contact-less, active or passive identification media.
20. Method in accordance with one of the preceding claims, characterised in that the mobile data carriers (IM), the authorisation identification media (AM-IM) and the identification authorisation media (ID-AM) are formed by the same mobile data carriers.
21. Method according to one of the preceding claims, characterised in that status information (S-I) concerning events at the authorised, resp., at the decentralised read and write stations (A-WR- WR) and/or at the mobile data carriers (IM) is annunciated to a corresponding authorisation authority (HA) through the network (N).
22. Method in accordance with claim 21, characterised in that the status information (S-I) is utilized for usage or licence fee debiting.
23. Method according to one of the preceding claims, characterised in that every new initialisation of a data carrier (IM) for the purpose of debiting a usage or licence fee is annunciated to the authorisation authority (HA) through the network (N).
24. Method in accordance with one of the preceding claims, characterised in that every usage of an application at a read and write station (WR) for the purpose of debiting a usage or licence fee is annunciated to the authorisation authority (HA) through the network (N).
25. Method according to one of the preceding claims, characterised in that a multi-level initialisation of the data carriers (IM) through networks (N) is provided, which is effected in hierarchically graduated steps within the framework of the authorisation system (A).
26. Mobile data carrier (IMj) with an application (App) initialised in accordance with claim 1 through authorisation through a network (N).
27. Read and write station (WRk) with an application initialised (k) according to the method of claim 1 by authorisation through a network (N).
28. Installation for the initialisation of mobile data carriers (IM) with assigned decentralised read and write stations (WR) and/or of decentralised read and write stations (WR) within the framework of an authorisation system (A), characterised in that initialisation data (DI, A-I, I-I) are generated by authorisation means (AM) at an authorisation authority (HA) in a secure environment (g) and are transmitted through a network (N) in a secure communication and with security rules in correspondence with the authorisation system to a decentralised authorised read and write station (A-WR) and that the mobile data carriers (IM) at the read and write station (A-WR) are correspondingly initialised (IMj) with the initialisation data (DI) and/or that the initialisation data (DI) are transmitted to a decentralised read and write station (WR) through the network (N), by means of which the read and write station (WR) is initialised (WRk).
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CH1365/00 | 2000-07-11 | ||
CH13652000 | 2000-07-11 | ||
PCT/CH2001/000433 WO2002005225A1 (en) | 2000-07-11 | 2001-07-10 | Method for the initialisation of mobile data supports |
Publications (2)
Publication Number | Publication Date |
---|---|
CA2384498A1 true CA2384498A1 (en) | 2002-01-17 |
CA2384498C CA2384498C (en) | 2012-02-14 |
Family
ID=4565418
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CA2384498A Expired - Lifetime CA2384498C (en) | 2000-07-11 | 2001-07-10 | Method for the initialisation of mobile data carriers |
Country Status (10)
Country | Link |
---|---|
US (1) | US7631187B2 (en) |
EP (1) | EP1218862A1 (en) |
JP (1) | JP2004503031A (en) |
CN (1) | CN1193321C (en) |
AU (1) | AU6725601A (en) |
BR (1) | BR0106966A (en) |
CA (1) | CA2384498C (en) |
MX (1) | MXPA02002602A (en) |
WO (1) | WO2002005225A1 (en) |
ZA (1) | ZA200201905B (en) |
Families Citing this family (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP1338996A1 (en) * | 2002-02-22 | 2003-08-27 | BetaResearch Gesellschaft für Entwicklung und Vermarktung digitaler Infrastrukturen mbH | Apparatus and method for personalisation of chip cards |
EP1642184A1 (en) * | 2003-07-04 | 2006-04-05 | Nokia Corporation | Key storage administration |
FR2879867A1 (en) * | 2004-12-22 | 2006-06-23 | Gemplus Sa | CHIP CARD ALLOCATION SYSTEM TO A NETWORK OPERATOR |
DE102006027200A1 (en) * | 2006-06-12 | 2007-12-27 | Giesecke & Devrient Gmbh | Data carrier and method for contactless communication between the data carrier and a reading device |
EP2154623A1 (en) | 2008-08-15 | 2010-02-17 | Legic Identsystems AG | Authorization system with wireless authorization storage device |
CA2918373A1 (en) | 2013-07-19 | 2015-01-22 | Fluid Management Operations Llc | Tri-chamber nutating pump |
Family Cites Families (28)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US582876A (en) * | 1897-05-18 | Berger | ||
FR2536928B1 (en) | 1982-11-30 | 1989-10-06 | France Etat | SYSTEM FOR ENCRYPTING AND DECIPHERING INFORMATION, OF THE TYPE USING A PUBLIC KEY DECRYPTION SYSTEM |
DE3736258A1 (en) * | 1987-10-27 | 1989-05-11 | Mannesmann Kienzle Gmbh | DATA CARD ARRANGEMENT |
US5623547A (en) | 1990-04-12 | 1997-04-22 | Jonhig Limited | Value transfer system |
WO1993010509A1 (en) * | 1991-11-12 | 1993-05-27 | Security Domain Pty. Ltd. | Method and system for secure, decentralised personalisation of smart cards |
US5276735A (en) * | 1992-04-17 | 1994-01-04 | Secure Computing Corporation | Data enclave and trusted path system |
US5396558A (en) * | 1992-09-18 | 1995-03-07 | Nippon Telegraph And Telephone Corporation | Method and apparatus for settlement of accounts by IC cards |
DE4317380C1 (en) * | 1993-05-25 | 1994-08-18 | Siemens Ag | Method for authentication between two electronic devices |
FR2725537B1 (en) | 1994-10-11 | 1996-11-22 | Bull Cp8 | METHOD FOR LOADING A PROTECTED MEMORY AREA OF AN INFORMATION PROCESSING DEVICE AND ASSOCIATED DEVICE |
DE19517818C2 (en) * | 1995-05-18 | 1997-12-18 | Angewandte Digital Elektronik | Method for issuing individual chip cards to a plurality of individual chip card users using a neutral chip card dispensing station |
CA2186415A1 (en) * | 1995-10-10 | 1997-04-11 | David Michael Claus | Secure money transfer techniques using smart cards |
NL1001761C2 (en) * | 1995-11-28 | 1997-05-30 | Ronald Barend Van Santbrink | System for contactless data exchange between a reading and writing unit and one or more information carriers. |
CN1133959C (en) | 1996-03-11 | 2004-01-07 | 卡巴闭锁系统公开股份有限公司 | Identification medium with passive electronic data carrier |
US5889941A (en) * | 1996-04-15 | 1999-03-30 | Ubiq Inc. | System and apparatus for smart card personalization |
US5923884A (en) * | 1996-08-30 | 1999-07-13 | Gemplus S.C.A. | System and method for loading applications onto a smart card |
US6317832B1 (en) * | 1997-02-21 | 2001-11-13 | Mondex International Limited | Secure multiple application card system and process |
DE19708189C2 (en) * | 1997-02-28 | 2000-02-17 | Deutsche Telekom Mobil | Cordless non-public communication system compatible with a public mobile communication system |
DE19710249C2 (en) * | 1997-03-12 | 2002-03-28 | Siemens Nixdorf Inf Syst | Network-supported chip card transaction method and arrangement for processing transactions |
CA2288824A1 (en) | 1997-03-24 | 1998-10-01 | Marc B. Kekicheff | A system and method for a multi-application smart card which can facilitate a post-issuance download of an application onto the smart card |
US6230267B1 (en) * | 1997-05-15 | 2001-05-08 | Mondex International Limited | IC card transportation key set |
DE19720431A1 (en) | 1997-05-15 | 1998-11-19 | Beta Research Ges Fuer Entwick | Device and method for personalizing chip cards |
US6488211B1 (en) * | 1997-05-15 | 2002-12-03 | Mondex International Limited | System and method for flexibly loading in IC card |
SG92632A1 (en) * | 1998-03-30 | 2002-11-19 | Citicorp Dev Ct Inc | Method and system for managing applications for a multi-function smartcard |
US6092202A (en) * | 1998-05-22 | 2000-07-18 | N*Able Technologies, Inc. | Method and system for secure transactions in a computer system |
US6871278B1 (en) * | 2000-07-06 | 2005-03-22 | Lasercard Corporation | Secure transactions with passive storage media |
JP2002070375A (en) * | 2000-09-05 | 2002-03-08 | Fujitsu Ltd | Electronic key and electronic key system |
DE10259384B3 (en) * | 2002-12-18 | 2004-05-13 | Siemens Ag | Battery charge level detection device for mobile data carrier e.g. for use in identification system, using measurement of charging time of auxiliary capacitor |
DE102006008248A1 (en) * | 2006-02-22 | 2007-08-23 | Giesecke & Devrient Gmbh | Mobile data carrier e.g. chip card, operating method, involves controlling and/or monitoring operation of mobile data carrier by central control unit such that application e.g. service, is allotted according to scheduling mechanism resource |
-
2001
- 2001-07-10 CN CNB018027369A patent/CN1193321C/en not_active Expired - Fee Related
- 2001-07-10 JP JP2002508755A patent/JP2004503031A/en active Pending
- 2001-07-10 CA CA2384498A patent/CA2384498C/en not_active Expired - Lifetime
- 2001-07-10 EP EP01944863A patent/EP1218862A1/en not_active Ceased
- 2001-07-10 WO PCT/CH2001/000433 patent/WO2002005225A1/en active Application Filing
- 2001-07-10 BR BR0106966-7A patent/BR0106966A/en not_active Application Discontinuation
- 2001-07-10 MX MXPA02002602A patent/MXPA02002602A/en unknown
- 2001-07-10 AU AU67256/01A patent/AU6725601A/en not_active Abandoned
- 2001-07-10 US US10/070,786 patent/US7631187B2/en not_active Expired - Fee Related
-
2002
- 2002-03-07 ZA ZA200201905A patent/ZA200201905B/en unknown
Also Published As
Publication number | Publication date |
---|---|
US20030033527A1 (en) | 2003-02-13 |
AU6725601A (en) | 2002-01-21 |
ZA200201905B (en) | 2003-03-07 |
US7631187B2 (en) | 2009-12-08 |
BR0106966A (en) | 2002-05-14 |
JP2004503031A (en) | 2004-01-29 |
WO2002005225A1 (en) | 2002-01-17 |
CN1193321C (en) | 2005-03-16 |
EP1218862A1 (en) | 2002-07-03 |
MXPA02002602A (en) | 2003-06-30 |
CN1393006A (en) | 2003-01-22 |
CA2384498C (en) | 2012-02-14 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN100449508C (en) | Data communicating apparatus and method for managing memory of data communicating apparatus | |
US8590013B2 (en) | Method of managing and communicating data pertaining to software applications for processor-based devices comprising wireless communication circuitry | |
US9286481B2 (en) | System and method for secure and distributed physical access control using smart cards | |
JP4850073B2 (en) | System, method, and computer-readable storage medium using configurable firewall | |
US7730126B2 (en) | Systems and methods for controlling access within a system of networked and non-networked processor-based systems | |
US7464858B2 (en) | Systems and methods for controlling access within a system of networked and non-networked processor-based systems | |
JPH10154130A (en) | Illegal access prevention processor | |
US20120284519A1 (en) | Implementing method, system of universal card system and smart card | |
TW200513922A (en) | Smart card data transaction system and methods for providing high levels of storage and transmission security | |
CN112055002A (en) | Cross-link network supervision method based on public governance link | |
CN103593687B (en) | Internet of Things intelligent management control cabinet system | |
CN101729503A (en) | Method and system for distributing key | |
CA2384498A1 (en) | Method for the initialisation of mobile data carriers | |
CN1639667A (en) | Controlling an application provided on a portable object | |
CN103701785A (en) | Ownership transfer and key array-based RFID (radio frequency identification) security authentication method | |
GB2310523A (en) | Data storage system for a vehicle | |
US20070157290A1 (en) | Systems and methods of communicating access log information within a system of networked and non-networked processor-based systems | |
CN106408673A (en) | Vehicle-mounted unit applied to path identification system and safe method of vehicle-mounted unit | |
US20070038589A1 (en) | Granting access to a computer-based object | |
JPH09179828A (en) | Device for assigning user in computer network | |
CN202615481U (en) | Intelligent all-purpose card system for movable access control and consumption recharging machine | |
CN202372966U (en) | Security middleware for automatic fare collection system of rail transit | |
CN1186742C (en) | Golden card and secrety card incapable of being decrypted | |
WO2002069598A3 (en) | Method and communication system for providing a program element | |
Lee et al. | Enterprise application framework for constructing secure RFID application |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
EEER | Examination request | ||
MKEX | Expiry |
Effective date: 20210712 |