1. Field of the Invention
The present invention relates to a system for permitting access to a data field area in an integrated circuit card (IC card) for multiple services.
2. Description of the Related Art
In general, in the use of an IC card for multiple services, a card issuer, a service supplier, a card acceptor, and a card holder are involved. An IC card has a plurality of data fields for the multiple services, and for each of the data fields, the access right, access qualification, of card issuer, service supplier, card acceptor, and card holder should be predetermined. Namely, although a person has access right to a predetermined data field of an IC card, that person should not be authorized to have access to a data field of the IC card other than the predetermined data field.
It is desired that access is permitted only within the limit of the access right to a predetermined data field of a card holder, and access outside such limitation is not permitted, so that the data fields cannot be used in an unauthorized manner.
In the prior art, only a personal identification number (PIN) and an authentication code (AC code) for the whole of an IC card are provided for an IC card for multiple services, and therefore, once a coincident result is obtained as the result of an authentication of the personal identification number and the authentication code, access to all data fields in the IC card becomes possible.
As a result, it is possible for a person, for example, a card acceptor, who is not authorized to have access to the data field in question, will be able to obtain access to the data field in question. This constitute an unfair use of the IC card and a violation of the principle of secrecy of the IC card. Therefore, these problems of the prior art must be solved.