1. Field of the Invention
The present invention generally relates to security module terminal systems, like e.g. in the field of credit cards, debit cards, value cards and money cards. In particular, the present invention relates to an improvement of the security against the use of lost or stolen cards by unauthorized persons.
2. Description of Prior Art
In currently used security module terminal systems the authorized users of the system are represented by a security module which functions as a cryptographic unit or a cryptounit, respectively, and is typically a chip card. A cryptounit is usually suitable to store cryptographic keys securely against unallowed access and to perform cryptographic algorithms using this key. The algorithms are generally used for data which are provided by the security module terminal system, for example, for authenticating the cryptounit within the scope of a challenge/response method or for generating a digital signature.
A particular problem with these systems is to exclude the use of the cryptounits or the security modules without the explicit will of the authorized user of the system and therefore the improper use or the use of the same by unauthorized persons, respectively. In the past, for this a preceding identification of the owner at the terminal was required to be able to differentiate the authorized user from an unauthorized user. FIG. 10 shows the typical components which are usually used in connection with such chip card systems. In particular, FIG. 10 schematically shows a terminal 900 and a security module 902 which is inserted into a contacting unit 904 of the terminal 900. Apart from the contacting unit 904, the terminal 900 comprises an output unit 906, an input unit 908 and an interface 910 for a connection via a network 912 for example to a central computer of the system, like e.g. of a bank.
In FIG. 11 the method of a terminal transaction between the components of FIG. 10 is illustrated schematically, as it usually took place to determine the identification of the current card owner. In FIG. 11 the individual steps during a transaction process are illustrated in blocks, which are arranged in chronological order from top to bottom. In addition, FIG. 11 is arranged in three columns, wherein each of the same, as it is indicated at the top of each column, is associated with the terminal, the IC card or the user, respectively. Each block is arranged horizontally in the column or the columns, respectively, which is either associated with the terminal, the IC card or the user, respectively, depending on the fact who is actively participating in the respective step.
After the user has inserted the cryptounit 902, of which it is assumed in the following that it is an IC card, into the interface 904 of the terminal 900 provided therefore in step 920, as it is illustrated in FIG. 10, in step 922 first of all an authentication between the terminal 900 of the system on the one hand and the IC card 902 of the user on the other hand is performed which only serves for the fact that the terminal 900 and the IC card 902 mutually identify themselves as approved communication partners. In order to determine the identification of the current owner of the IC card 902, the terminal 900 prompts the user of the IC card 902 via the output unit 906 in step 924 to enter an identification parameter, like e.g. a PIN or a personal identification number, respectively. In step 926 the owner enters the PIN which is secret and usually only known to the authorized user via the input unit 908 of the terminal 900. Within the terminal 900 the input PIN is passed to the IC card 902 via the interface 904 in step 928. In a following step 930 the IC card 902 checks whether the PIN was entered correctly. Depending on the correctness of the input either a canceling of the transaction at the terminal 900 is performed in step 932 or the IC card 902 confirms the correct input of the PIN to the terminal 900, whereupon the user is given the opportunity in step 934 via the input unit 908 to determine the transaction to be performed more precisely. In step 936 the terminal finally performs the transaction.
Although the misuse of the IC card 902 by an unauthorized user seems to be banned, as the knowledge of the PIN required for performing a transaction lies solely with the authorized user, different problems results with the above-illustrated proceedings. First of all, the authorized user needs to memorize the PIN apart from a plurality of other secret numbers, passwords and similar things, which is troublesome and brings the danger that the user forgets the PIN or notes the PIN somewhere to avoid this, where it may be discovered by a criminal person. In order to address this problem, in the past the use of biometric features of the authorized user as identification parameters was proposed, like e.g. of a fingerprint or a face detection or similar things.
Although the problem of the having-to-memorize of the card user is overcome by biometric features, the necessity for the user further remains, to perform an input which may be more or less troublesome, depending on the identification parameter or the biometric feature, respectively. The input is, however, urgently required, as otherwise the identification of the current card owner may not be performed or it may not be determined whether the current card owner is the authorized card owner. With applications in which the desire for a comfortable handling overweighs the protection from unauthorized use, no PIN entries from the user-side are required, like for example with telephone cards.
A security system for a protection from criminal misuse of security modules is missing, which is tailored to applications which on the one hand require more security than it is possible without an identification check of the card owner, and for which on the other hand the effort for the user should be low, like for example with monthly or yearly tickets for checking the authentication to drive in local traffic. It is therefore a disadvantage of the traditional approach for avoiding the unallowed use of security modules by a third party using a PIN, that the increase of the security needs to be paid for by the fact that the paying process is elongated substantially by the integrated user authentication or the input of the PIN, respectively.
One main problem with the above-described method for avoiding the criminal misuse of IC cards is, that independent of the used identification parameters, i.e. also with the use of biometric features, that the card owner is forced to input the personal identification parameter which is only known to him in a strange environment and to confide it to the “system”. In the insecure environment the card owner may not be able to enter his PIN without being exposed to the observation by third parties, like e.g. by supervisory cameras or similar things, through which third parties may get to know the PIN. In addition, with the above-described proceedings (step 926 of FIG. 11), the card owner inevitably has to reveal his identification parameter at the terminal 900 and therefore to the system. With highly trusted terminal means, like e.g. automated teller machines (bancomat), the revealing of the identification parameter seems to be no concern, however, although in the past also here automated teller machine dummies have been used to put on a seemingly real terminal for card owners to obtain the PIN of the card owner. The card owner should however feel more unease to present the identification parameter to a criminal third party in the area of cashless payments, like e.g. at POS terminals (point of sales terminals) for payment applications. The card owner inevitably has to trust the confidential handling of his identification parameter input in the POS-terminals.
It is noted hereby that as soon as a criminal third party gets to know the identification parameter of the authorized user the same may perform any performable transactions with the IC card of the authorized user as soon as he gets hold of the IC card, that is in the name of the authorized user. As these two components finally identify the authorized user of the system with all his rights in the system, therefore a very high protection demand against the above-described misuse of the security module arises.
To meet this deficit of a possible misuse of the identification parameters, in the past a cost- and time-consuming technology was used to verify the misuse via costly evaluations. To achieve an acceptance of their systems, the manufacturers of the security module terminal systems need to guarantee, that the used terminals are protected from attacks and that in the case of a PIN being an identification parameter the input unit 908, the output unit 906 and the contacting unit 906 are secured against spying out and manipulation, which again causes high costs.
Examples of security module terminal systems of the above kind with or without the input of an identification parameter at the respective terminal position are disclosed in the following documents.
JP10240368 describes a computer system which uses a contactless portable card in order to test whether a user is authorized by the computer system receiving the identification information from the card via a communication circuit provided within the peripherals.
A similar system is disclosed in DE4015482, which relates to an authentication system for a data processing terminal, which queries an identification plate ported by a user, like e.g. at a bracelet.
A system with biometric identification parameters is described in JP10021469, which relates to a cash desk device for a contactless IC card for the use in a supermarket. The cash desk device receives information via a communication unit from a memory on the IC card via the eye of the user and compares the same with a registration of the card owner.
JP11015936 describes an information processing system for the public telephone which is based on a data transaction between a contactless prepaid IC card and an IC card reader.
WO200051008-A1 describes a hybrid IC chip and a method for an authentication of another participant at which a data conversion from physical features into identification-based data is performed.
JP2000259786 refers to an authentication device for a contactless enter/leave room administration system in buildings, wherein an ID code in a data carrier is compared to a pre-stored code and to read out codes for judging the authentication.
DE19909916-A1 relates to a method and a device for raising park fees. Each parking space is provided with a communication device comprising an input device, a control device, an output device and an interface for identification cards, which may be plugged into the communication device. The communication devices serve as terminals for an automatic transfer of all required information for raising parking fees to a control device.
DE19719275-C2 relates to a system with a portable terminal, comprising two receptables for producing an operative connection to a data carrier inserted into the same and controls, indicators and a control circuit. In the system uniquely associated data carriers exist, wherein some functions which may be performed by the terminal may only be performed when the data carriers currently inserted into the terminal are associated with each other. Checking this state is performed in microprocessors of the two data carriers via a mutual communication connection via the two receptables of the terminal.