The present invention generally relates to PCMCIA cards and, more particularly, to a PCMCIA card including a smart card reader and a security feature to control the information transferred between the smart card and a PCMCIA interface in a computer.
Personal computers (PCs) are fitted with I/O slots for exchanging electrical signals indicative of information according to standard transmission protocols, and particularly laptop or notebook type computers, are provided with input slots that accept memory cards for exchanging data in accordance with the Personal Computer Memory Card Interface Association (PCMCIA) standard interface arrangement. Smart cards and similar instruments are known for use in storing data in connection with identification and commercial transactions. The memory or PCMCIA cards can be provided with readers that will transfer data between the smart cards and a PCMCIA interface for processing in a computer. With a PCMCIA card having this capability, a user may transact a home shopping type purchase by phone or the Internet, or otherwise, by transferring the pertinent smart card data through the PCMCIA memory card to the computer and on to a phone or Internet transmission. One caution in this regard is the problem of securing the content of the data when transferred to the interface, since beyond the interface it can become vulnerable to being accessed by unauthorized sources in many ways. At present no system exists for achieving adequate security in exchanging data between a smart card or other such instrument and computer connected facilities, such as the Internet, using a memory card as the intermediary.
It is therefore an object of the present invention to provide a security system to protect the integrity of data transferred between a smart card or like identification instrument and computer accessible systems, such as the Internet.
In accordance with the present invention, a method and means are provided for incorporating a security feature in a memory card or like instrument for protecting information contained in electrical signals being exchanged through the memory card between a source card containing the information and a computer in which the information is used. In a preferred embodiment the memory card is a PCMCIA card through which electrical signals, indicative of information and/or data, are transferred between a personal computer (PC), through a PCMCIA interface, and a smart IC card or other source of identification and/or commercial data, such as a credit card. PCMCIA cards are adapted to be accomodated in a special input slot in a personal computer, and particularly of the laptop or notebook type, which slot has an I/O interface arrangement that cooperates with a similar interface arrangement on an edge of the card. The interface design for transferring signals to and from the computer includes a PCMCIA chip in the card, which card may also be provided with a card reader having an I/O contact portion on another edge for mating with the edge of a smart card or like device to transfer signals therebetween and to and from the interface to the laptop or notebook. The invention embodies a card reader designed to include a safety or security processor, coupled to the PCMCIA chip, for encrypting and decrypting information and data transferred through the PCMCIA card between the card reader and the interface to the PC. The security processor has an associated memory for storing information and programming therein and the combination operates to protect the information or data in the PCMCIA card memory or the smart card from undesired access through the computer from any network to which the computer may be connected. Thus, the invention adds a security system to the PCMCIA card for this purpose.