WO1998036386A1 - Method of securely storing and retrieving monetary data - Google Patents
Method of securely storing and retrieving monetary data Download PDFInfo
- Publication number
- WO1998036386A1 WO1998036386A1 PCT/EP1997/000688 EP9700688W WO9836386A1 WO 1998036386 A1 WO1998036386 A1 WO 1998036386A1 EP 9700688 W EP9700688 W EP 9700688W WO 9836386 A1 WO9836386 A1 WO 9836386A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- data
- recipient
- storage
- issuer
- value
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/10—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
- G07F7/1008—Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/341—Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/0806—Details of the card
- G07F7/0813—Specific details related to card security
- G07F7/082—Features insuring the integrity of the data on or in the card
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/0873—Details of the card reader
- G07F7/088—Details of the card reader the card reader being part of the point of sale [POS] terminal or electronic cash register [ECR] itself
- G07F7/0886—Details of the card reader the card reader being part of the point of sale [POS] terminal or electronic cash register [ECR] itself the card reader being portable for interacting with a POS or ECR in realizing a payment transaction
Definitions
- the present invention relates to the storing and retrieving of monetary data. More specifically, the present invention relates to the storing of monetary data, such as data identifying electronic cheques and electronic coins, in a storage medium, and to the later retrieval of the stored data by a means for electronic financial transactions, such as a so-called smart card.
- monetary data such as data identifying electronic cheques and electronic coins
- smart card a means for electronic financial transactions
- Electronic cheques and coins necessarily take up a fair amount of memory space, as they comprise various authentication data, such as a signature from a bank (issuer) .
- various authentication data such as a signature from a bank (issuer) .
- issuer bank
- an on-line protocol with the issuer each time data are loaded from storage. This is however time-consuming and often involves communications costs.
- the present invention provides a method of securely storing and retrieving data, the method comprising a first phase comprising an interaction between an issuer and a recipient, data comprising authentication values being stored in the recipient and in a storage, and a second phase comprising an interaction between the storage and the recipient, data being retrieved from the storage and being verified by means of the authentication values and at least one authentication value stored in the recipient.
- a secure protocol may be achieved.
- the secure protocol effectively eliminates the possibility of loading incorrect monetary data, such as used or forged electronic cheques, into the recipient.
- a first authentication value comprises a commitment produced by the issuer.
- a commitment for example comprising an electronic signature, allows valid electronic money to be used.
- the storage verifies the authentication value received from the recipient.
- the method of the present invention thus allows the validity of (monetary) data to be derived from an interactive protocol between an issuer and a recipient, but does not require an interaction with the issuer while retrieving stored data.
- Fig. 1 shows schematically an IC card and an electronic wallet for interacting with the IC card.
- Fig. 2 shows schematically a system for electronic paymen s, as well as the exchange of data according to a first phase of the method of the present invention.
- Fig. 3 shows schematically a system for electronic payments, as well as the exchange of data according to a second phase of the method of the present invention.
- Fig. 4 shows schematically a first phase of the method according to the present invention.
- Fig. 5 shows schematically a second phase of the method according to the present invention.
- the so-called electronic wallet 2 shown in Fig. 1 is a device for interacting with an IC card 1.
- the wallet has a keyboard 5, a slot 4 for inserting the card 1, means for communicating with the inserted card via the card contacts 3 , and means for communicating with an external terminal, such as a cash register (not shown).
- an external terminal such as a cash register (not shown).
- Such a terminal may comprise a card reader and/or an infra-red card interface for communicating with the card, preferably via the wallet.
- the terminal may further comprise means for establishing an on-line connection with a money issuing institution, such as a bank, and/or a secure module for securely storing monetary values or the like.
- the wallet 2 allows a user to interact with the card 1 via a keyboard 5 and a display 6.
- the wallet 2 allows the user to e.g. check balances, transfer balances between accounts, authorize payments, and the like.
- the wallet also provides a storage for storing electronic cheques, coins and the like, and thus acts as a storage extension for the card.
- the card 1 is provided with an integrated circuit (IC) arranged under the contacts 3.
- the integrated circuit may comprise a processor, a memory and I/O (input/output) means.
- I/O input/output
- the system shown schematically and by way of example in Fig. 2 comprises a recipient 10, a storage 20 and an issuer 30.
- the recipient 10 and the storage 20 may correspond with the card 1 and the wallet 2 of Fig. 1 respectively.
- the issuer 30, which may be a bank or another monetary data providing institution, comprises a terminal suitable for interaction with the storage (wallet) 20.
- the issuer e.g. bank terminal
- the recipient e.g. smart card
- the storage (wallet) 20 is used both as an intermediary between the issuer 30 and the recipient 10 and as a storage proper for electronic money not stored on the card.
- money in this text is meant to comprise various representations of monetary and other values, and specifically comprises electronic cheques and coins.
- the terms "monetary data” or just “data” will be used to indicate data related to "money” , and especially data representing electronic cheques and coins.
- the method of the present invention may also be applied to other data, such as confidential data.
- the issuer 30 and the recipient 10 exchange messages as indicated in Fig. 2.
- the recipient generates an identification value, performs an interactive protocol with the issuer while storing the relevant data in the storage, and discards most of the data while keeping sufficient data to regenerate the identification value.
- the identification value is regenerated, the interactive protocol is performed with the storage 20 rather than with the issuer 30 as indicated in Fig. 3, and the relevant data are stored in the recipient 10.
- the identification value and the initial value (seed) for regenerating the identification value may then be discarded. It will be understood that instead of a value for regenerating the identification value , the identification value itself may be temporarily stored.
- Fig. 4 in conjunction with Fig. 3. It is noted that in Figs. 4 and 5 the recipient, storage and issuer are denoted by R, S and I respectively.
- the generation of monetary data is initiated in step 100, for instance by the recipient 10 sending a relevant request to the issuer 30.
- the issuer (I) generates a commitment A associated with one or more groups of monetary data (electronic cheques and/or coins).
- F 1 discrete exponentiation modulo p with generator g of the order q, where q divides p-1 and where p and q are predetermined (prime) numbers:
- the random value W may be predetermined or may be produced in step 101 using a random number generator .
- the commitment A by means of which the issuer commits himself to the monetary data, is sent to the recipient (R) , in the present example via the storage (S) which stores the commitment A.
- the commitment A may be (temporarily) stored in the recipient as well.
- the recipient upon receiving the commitment A, the recipient generates an identification value C.
- the seed X is the result of combining a (fixed) base seed X 0 and an index Y.
- the index Y which may have a considerably shorter length than the seed X, may e.g. indicate an entry in a table of seeds.
- the index Y indicates how many times the function F 2 is to be applied, starting from the base seed X 0 , to obtain the desired seed X.
- the seed X is stored in the recipient (R) . If a base seed X 0 is used, this base seed is preferably permanently stored in the recipient, while the index Y may be stored in the recipient (R) or the storage (S) .
- C will comprise more bits than Y and will thus require more storage space, making the storing of Y more economical .
- the relevant value (C, X or X n ) is stored in such a way so as to be directly linkable to a value A. That is, the storage may comprise a plurality of values A (e.g. each corresponding with a cheque), a relevant value (C, X or X 0 ) being stored for each value A.
- the recipient (R) generates a "fingerprint" E of the identification value C using a third function F 3 : E - F 3 (C) .
- the value B thus derived is stored in the storage (S) .
- the value B which is the authenticating value of monetary data, may optionally be sent to the recipient (R) , e.g. for verification purposes, but this is not essential.
- the above scheme serves to produce data (e.g. cheques) to which both the issuer and the recipient have contributed.
- the final value B is derived by the issuer from the value E, which is in turn derived by the recipient from the value A.
- the values concerned are mutually linked.
- the value B is not passed on to the recipient (R) but stored in the storage (S) for later retrieval.
- the value B is not only stored in the storage (S) , but also sent to the recipient (R) for verification purposes.
- an additional step 104 (not shown in Fig. 4) is carried out in which additional data D may be derived from the values A, B, C and the public key K p associated with the secret key K g .
- additional data D may be derived from the values A, B, C and the public key K p associated with the secret key K g .
- These data D which are associated with the value B, provide additional information with respect to the monetary values concerned.
- the data D may further be verified using the same values , for example by verifying whether
- the reconstruction phase of the method of the present invention is initiated by the recipient (R) in step 110.
- the commitment A is retrieved from the storage S . If an index Y was used in step 102 to determine the seed X, this index Y is also retrieved. It should be noted that the storage should not contain both Y and X 0 , or X, as that would allow the storage to produce monetary data without the involvement of the recipient.
- the identification value C is regenerated on the basis of the seed X.
- step 113 the stored value B is retrieved.
- step 114 the retrieved value B is used to regenerate the data D from A, B, C and the public key K p of the issuer I.
- data e.g. D
- the method thus offers the possibility of regenerating data (D) without the need to involve the issuer.
- the issuer only "signs" the data (in a challenge-signed response exchange involving E and B) in the first phase.
- the method uses a controlled replay of the first phase to regenerate data in the second phase, where the recipient verifies the data.
- K s and K p With the aid of the keys K s and K p , a further protection of the data is achieved.
- the first (generation) phase may be considered to constitute an interrupted withdrawal of (e.g. monetary) data, which withdrawal is substantially repeated by the recipient in the second (reconstruction) phase, the recipient is capable of using identical protocols in both phases. As a result, there is no need for storing in the recipient additional code (software) for the second phase, thus effectively saving memory space .
- an electronic wallet has been shown as an example of an external storage .
- the invention may also be used with other types of storage, such as another card or other terminal. It will be understood by those skilled in the art that the embodiments described above are given by way of example only and that many modifications and additions are possible without departing from the scope of the present invention.
Abstract
Description
Claims
Priority Applications (5)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/EP1997/000688 WO1998036386A1 (en) | 1997-02-13 | 1997-02-13 | Method of securely storing and retrieving monetary data |
CA002279248A CA2279248A1 (en) | 1997-02-13 | 1997-02-13 | Method of securely storing and retrieving monetary data |
EP97905023A EP0961998A1 (en) | 1997-02-13 | 1997-02-13 | Method of securely storing and retrieving monetary data |
AU18733/97A AU722824B2 (en) | 1997-02-13 | 1997-02-13 | Method of securely storing and retrieving monetary data |
NO993877A NO993877L (en) | 1997-02-13 | 1999-08-11 | Procedure for secure storage and retrieval of financial data |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/EP1997/000688 WO1998036386A1 (en) | 1997-02-13 | 1997-02-13 | Method of securely storing and retrieving monetary data |
Publications (1)
Publication Number | Publication Date |
---|---|
WO1998036386A1 true WO1998036386A1 (en) | 1998-08-20 |
Family
ID=8166519
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/EP1997/000688 WO1998036386A1 (en) | 1997-02-13 | 1997-02-13 | Method of securely storing and retrieving monetary data |
Country Status (4)
Country | Link |
---|---|
EP (1) | EP0961998A1 (en) |
AU (1) | AU722824B2 (en) |
CA (1) | CA2279248A1 (en) |
WO (1) | WO1998036386A1 (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP2074570A1 (en) * | 2006-09-11 | 2009-07-01 | Consumer Cube Pte Ltd | A method and system for managing purchase transactions between a customer and a merchant |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP0138219A2 (en) * | 1983-10-17 | 1985-04-24 | Kabushiki Kaisha Toshiba | Method of storing encrypted data on a card |
WO1991010214A1 (en) * | 1989-12-22 | 1991-07-11 | Mikromax Industriteknik Ab | Paying system with ic-cards |
WO1991013411A1 (en) * | 1990-02-21 | 1991-09-05 | Matti Villikari | Method for handling cash or other confidential information electronically |
EP0546584A1 (en) * | 1991-12-13 | 1993-06-16 | Matsushita Electric Industrial Co., Ltd. | Data transfer method |
EP0623903A2 (en) * | 1993-05-06 | 1994-11-09 | Pitney Bowes Inc. | System for smart card funds refill |
-
1997
- 1997-02-13 WO PCT/EP1997/000688 patent/WO1998036386A1/en not_active Application Discontinuation
- 1997-02-13 EP EP97905023A patent/EP0961998A1/en not_active Withdrawn
- 1997-02-13 AU AU18733/97A patent/AU722824B2/en not_active Ceased
- 1997-02-13 CA CA002279248A patent/CA2279248A1/en not_active Abandoned
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP0138219A2 (en) * | 1983-10-17 | 1985-04-24 | Kabushiki Kaisha Toshiba | Method of storing encrypted data on a card |
WO1991010214A1 (en) * | 1989-12-22 | 1991-07-11 | Mikromax Industriteknik Ab | Paying system with ic-cards |
WO1991013411A1 (en) * | 1990-02-21 | 1991-09-05 | Matti Villikari | Method for handling cash or other confidential information electronically |
EP0546584A1 (en) * | 1991-12-13 | 1993-06-16 | Matsushita Electric Industrial Co., Ltd. | Data transfer method |
EP0623903A2 (en) * | 1993-05-06 | 1994-11-09 | Pitney Bowes Inc. | System for smart card funds refill |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP2074570A1 (en) * | 2006-09-11 | 2009-07-01 | Consumer Cube Pte Ltd | A method and system for managing purchase transactions between a customer and a merchant |
EP2074570A4 (en) * | 2006-09-11 | 2011-04-06 | Qb Pte Ltd | A method and system for managing purchase transactions between a customer and a merchant |
Also Published As
Publication number | Publication date |
---|---|
CA2279248A1 (en) | 1998-08-20 |
AU722824B2 (en) | 2000-08-10 |
AU1873397A (en) | 1998-09-08 |
EP0961998A1 (en) | 1999-12-08 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US6003764A (en) | Method of securely storing and retrieving monetary data | |
EP0439847B1 (en) | Optionally moderated transaction systems | |
US7328338B1 (en) | Transaction verification protocol for smart cards | |
AU756902B2 (en) | System and method for fast smart card transactions | |
US6434238B1 (en) | Multi-purpose transaction card system | |
US7505944B2 (en) | Method and system of payment by electronic cheque | |
US8191772B2 (en) | Method for generating customer one-time unique purchase order numbers | |
US5625695A (en) | Process for generating DSA signatures with low-cost portable apparatuses | |
US8511547B2 (en) | Methods and systems for two-factor authentication using contactless chip cards or devices and mobile devices or dedicated personal readers | |
US7175073B2 (en) | Secure cell phone for ATM transactions | |
JPH0514298B2 (en) | ||
EA000730B1 (en) | Method for protectedly debuting an electronic payment means | |
GB2146814A (en) | Electronic fund transfer systems | |
EA000857B1 (en) | Method of debiting an electronic payment means | |
JP2001515621A (en) | Network-aided chip card transaction processing method | |
AU722824B2 (en) | Method of securely storing and retrieving monetary data | |
JP2001524724A (en) | Data management method for chip card | |
WO2000008610A1 (en) | Offline verification of integrated circuit card using hashed revocation list | |
CA2543094C (en) | Transaction verification protocol for smart cards | |
Guillou | Some critical remarks on “dynamic data authentication” as specified in EMV'96 | |
Pircalab | Security of Internet Payments | |
JP2001519943A (en) | How to prove the accumulation in a reader | |
CA2218178A1 (en) | Multi-purpose transaction card system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A1 Designated state(s): AU CA CN CZ EE HU IL JP KR LT LV MX NO NZ PL SG |
|
AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): AM AZ BY KG KZ MD RU TJ TM AT BE CH DE DK ES FI FR GB GR IE IT LU MC NL PT SE |
|
NENP | Non-entry into the national phase |
Ref country code: CA |
|
DFPE | Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101) | ||
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
WWE | Wipo information: entry into national phase |
Ref document number: 1997905023 Country of ref document: EP |
|
ENP | Entry into the national phase |
Ref document number: 2279248 Country of ref document: CA Ref country code: CA Ref document number: 2279248 Kind code of ref document: A Format of ref document f/p: F |
|
WWP | Wipo information: published in national office |
Ref document number: 1997905023 Country of ref document: EP |
|
NENP | Non-entry into the national phase |
Ref country code: JP Ref document number: 1998535256 Format of ref document f/p: F |
|
WWW | Wipo information: withdrawn in national office |
Ref document number: 1997905023 Country of ref document: EP |