IPC분류정보
국가/구분 |
United States(US) Patent
등록
|
국제특허분류(IPC7판) |
|
출원번호 |
US-0255612
(1994-06-09)
|
발명자
/ 주소 |
- Davis Terry L. (Scottsdale AZ) Hart James A. (Radnor PA) Imperia Vincent A. (Tempe AZ) Love Michael (Wilmington DE) O\Malley Michael F. (Glenside PA) Russell James F. (Hockessin DE) Sears John W. (Pe
|
출원인 / 주소 |
- Electronic Payment Services, Inc. (Wilmington DE 02)
|
인용정보 |
피인용 횟수 :
241 인용 특허 :
59 |
초록
▼
A transaction system and method of conducting a transaction between in integrated circuit (IC) card and a transaction terminal which includes a security module comprises establishing communication between the terminal and the IC card. Separate session keys are generated in the IC card using data sto
A transaction system and method of conducting a transaction between in integrated circuit (IC) card and a transaction terminal which includes a security module comprises establishing communication between the terminal and the IC card. Separate session keys are generated in the IC card using data stored in the IC card and a code associated with the particular IC card and the security module using data stored in the security module, and the code associated with the particular IC card. The session key generated by the IC card is used to encrypt data using an encryption algorithm to obtain a first result and the session key generated by the security module is used to encrypt the same data using the same encryption algorithm to obtain a second result. The first and second results are compared to enable the terminal to conduct the transaction only if the comparison establishes that the first result and the second result are identical. In one embodiment, the invention further comprises generating a transaction signature by the IC card using transaction data and data stored in the IC card, generating a transaction signature by the security module using transaction data and data stored in the security module and storing the transaction signatures generated by the IC card and the security module for creating an audit trail for the transaction.
대표청구항
▼
In a transaction system which includes at least one integrated circuit (IC) card for cooperating with a transaction terminal to perform transactions, the IC card including a processor, memory, data stored in the memory and a program stored in the memory, and the terminal including an IC card reader/
In a transaction system which includes at least one integrated circuit (IC) card for cooperating with a transaction terminal to perform transactions, the IC card including a processor, memory, data stored in the memory and a program stored in the memory, and the terminal including an IC card reader/writer device having a processor, memory and a program stored in the memory, and a security module communicating with the reader/writer device, the security module including a processor, memory, data stored in the memory and a program stored in the memory, a method of verifying the validity of the IC card and the terminal at the initiation of and under the control of the terminal for establishing a secure session between the IC card and the terminal to enable the performance of a transaction, the method comprising: (a) inserting the IC card into the terminal to establish communication between the reader/writer device and the IC card; (b) reading, by the reader/writer device from the IC card, an IC card identification number and sending the identification number to the security module; (c) generating, by the security module, a derived verification key by encrypting the identification number of the IC card with a verification control key stored in the memory of the security module using an encryption algorithm; (d) generating, by the IC card, a transaction number; (e) reading, by the reader/writer device from the IC card, the transaction number and sending the transaction number to the security module; (f) generating, by the IC card, a session key by encrypting the IC card transaction number with a derived verification key stored in the memory of the IC card using the encryption algorithm; (g) generating, by the IC card, a response certificate by encrypting a random number with the session key generated by the IC card using the encryption algorithm; (h) reading, by the reader/writer device, the response certificate generated by the IC card and sending the IC card response certificate to the security module; (i) generating, by the security module, a session key by encrypting the IC card transaction number with the derived verification key using the encryption algorithm; (j) generating, by the security module, a response certificate by encrypting the random number with the session key generated by the security module using the encryption algorithm; (k) comparing, by the security module, the received IC card response certificate with the response certificate generated by the security module and verifying that (1) the session keys are identical and (2) that the IC card is valid, if the response certificates are identical; (l) generating, by the security module, a derived password by encrypting the serial number of the IC card with a password key stored in the memory of the security module utilizing the encryption algorithm; (m) generating, by the security module, a password cryptogram by encrypting the derived password with the session key using the encryption algorithm; (n) reading, by the reader/writer device, the password cryptogram from the security module and sending the password cryptogram to the IC card; (o) generating, by the IC card, a password by decrypting the password cryptogram with the session key using the encryption algorithm; and (p) comparing, by the IC card, the generated password with a derived password stored in the memory of the IC card and verifying (1) the validity of the security module and the terminal and (2) the establishment of a secure session between the IC card, the security module, and the terminal, if the generated password and the retrieved derived password are identical.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.