The invention relates to an authentication system for PC cards, especially according to the PCMCIA standard, comprised of a housing shaped like a plug-in card for receiving electronic components such as a chip card reader, a memory expansion, a drive, or a modem wherein the housing is provided at one end thereof with a plug connector for electrically connecting the PC card to a computer.
Because of increased mobility in the area of computer technology, PC cards are used more often since they provide variability and transportability. These PC cards are card-shaped support elements for electronic components which are, in general, standardized according to the PCMCIA standard and, depending on the application, are embodied e.g. as memory expansions, drives, modems, or chip card readers. The connection to a computer, such as a notebook or an electronic organizer, is realized via a plug connector in strip form which provides an electrical connection via a PCMCIA port of the computer by mechanical and electrical contacting.
Especially the use of PC cards as readers for chip cards has become more and more common. This is so because the chip cards as so-called smart cards are used increasingly for identity checks. These applications relate especially to the area of on-line banking, such as Internet banking according to the HBCI standard, pay TV, or access control to data networks. The identification and authorization for authorized users can be initiated in connection with a code number such as a PIN to be input by the user.
A relatively high safety can be achieved when the smart card not only serves as an identification for the user but at the same time encodes data to be transmitted, for example, via the Internet. Depending on the encoding method, for example, with a 56 bit or 128 bit key, a relatively great data protection is provided against unauthorized access and recording of the data transmission for the purpose of gaining access to information such as PIN, credit card numbers, etc.
With the increasing use of transportable computers, for example, notebooks or electronic personal organizers, there is a technical need to improve the authentication of PC cards. Even though, as mentioned above, password methods and methods with smart cards can be used in connection with an encryption system, which methods provide a relatively high safety when transmitting data, the check of user authenticity still needs to be improved. This is so especially in connection with mobile applications which are especially susceptible to the risks of theft or unauthorized recording of a PIN.
It is therefore an object of the present invention to provide an authentication system for PC cards which provides ease of use while reliably preventing access of unauthorized persons.
This object is inventively solved with an authentication system of the aforementioned kind in that a sensor for detecting biometric data is provided with which the authenticity of a person or groups of persons can be detected.
The inventive authentication system ensures a simple handling which takes into consideration especially the requirements of mobile application of PC cards. This is so because a unique and substantially fraud-proof identification of the user can be provided simply and rapidly by a sensory detection of biometric data such as a fingerprint or the human retina. Access by unauthorized persons is thus prevented because of the individual features of the biometric data even in the case of theft.
In a preferred design of the invention the PC card housing has a bottom plate and a cover plate which is at least in the transverse direction congruent to the bottom plate, wherein between the two plates an insertion channel for receiving a chip card is defined which opens at an end of the housing opposite the plug connector. A printed circuit board extending parallel to the insertion channel within the housing is electrically connected to the plug connector and provided at its surface with a contact element for contacting the chip card. A PC card of this configuration serves as a chip card reader and, when using smart cards, allows the encoding of data, for example, with a key based on the detected biometric data.
According to another advantageous embodiment of the invention, the sensor is arranged on a slide which can be reciprocated in and out of the housing and which is positioned preferably at the end of the housing opposite the plug connector. This has the advantage that the sensor is accessible only when needed for an authenticity check and, when not in use, is positioned and protected within the PC card housing. This configuration takes into consideration the mobile use as well as the desired controlled identification function in that, for example, the sensor is extended from the housing only when a chip card has been inserted. It is furthermore advantageous to provide the slide with a preferably electrically driven linear guide in order to realize precise guiding and automatic control of the slide.
Expediently, the top side of the chip card inserted into the insertion channel has a guide path for the slide so that, when the slide is extended from the housing, the chip card provides a mechanical support. This is especially beneficial in connection with the robust embodiment of a PC card for mobile applications. It is furthermore expedient to connect the sensor electrically to the circuit board in order to provide in a simple and reliable manner data exchange with the computer connected via the plug connector to the PC card. The electrical connection to the circuit board can be realized in a manner known to a person skilled in the art by a cable or a conductive connecting foil.
According to a further advantageous embodiment of the invention, the sensor is arranged on the printed circuit board and is exposed within a cutout provided at the housing. This design is especially advantageous since it provides a simple and inexpensive manufacture. The cutout is ergonomic and constructively simple when it is embodied as a recessed end face edge of the cover plate of the housing so that the printed circuit board arranged underneath is exposed.
In an alternative embodiment of the invention, the sensor is arranged on the chip card so that conventional PC cards can be used in connection with the inventive concept. A simple electric connection of the sensor to the printed circuit board or the computer connected thereto can be achieved in that the sensor is electrically connected to a contact element provided on the chip card. Upon insertion of the chip card into the insertion channel, the contact element provides contact to the printed circuit board with or without physical contact. The contact element in this context may be a contact element that is already present on chip cards or an additional contact element. The connection of the sensor to the contact element is preferably realized by a conductive foil which is arranged in the interior of the chip card, for example, by potting. The contacting of the contact element of the chip card with the printed circuit board can be realized in a manner known to a person skilled in the art, for example, by spring contacts or in a contact-free manner, for example, by radio-technological or opto-electronic coupling. According to an alternative further development of the invention, the sensor is electrically connected to the contact element arranged on the chip card. The contact element is coupled with a sending and receiving unit by opto-electrical and/or radio-technological coupling, wherein the sending and receiving unit is provided at the end of the housing unit opposite the plug connector. In this manner, the sensor can be operated even when the chip card has not yet been inserted, for example, in that an infrared connection (according to IRDA standard) is provided between the sending and receiving unit at the end of the housing and the sensor positioned on the chip card.
In a further embodiment of the invention the sensor and/or the slide can be activated or deactivated by a certain position of the chip card in the insertion channel, by electrical contact of the PC card with the computer, and/or by electrical signals of the computer. In this manner it is, for example, possible to move the slide completely out of the housing only when the chip card is completely inserted into the insertion channel of the housing and to retract the slide automatically into the housing upon removal of the chip card. The position of the chip card can be determined by limit switches or movement switches. It is also possible to control the sensor by signals of the connected computer so that a controlled detection of biometric data can be achieved.
In order to provide an autonomous energy supply, as is especially needed for mobile use, according to a further feature of the invention the sensor and/or the slide are supplied with electrical energy by a battery or a storage capacitor arranged in the housing. Finally, it is suggested to connect the sensors to a cryptographic processor for encoding and decoding detected data. The processor is preferably arranged on the printed circuit board or the chip card. The use of a processor for encoding/decoding data allows the use of complex cryptographic systems and thus provides increased safety and protection.