Recent advances in Internet commerce, electronic data-processing, and semiconductor device technology have lead to an increased interest in smartcard technology. Generally speaking, smartcards are wallet-sized (or smaller) cards incorporating a microprocessor or microcontroller to store and manage data within the card. More complex than magnetic-stripe and stored-value cards, smartcards are characterized by sophisticated memory management and security features. Multi-function cards, for example, are often configured to support credit, debit, stored value, loyalty, and a number of other applications all within a single card. A typical multi-function smartcard includes a microcontroller embedded within the card plastic which is electrically connected to an array of external contacts provided on the card exterior. The smartcard microcontroller generally includes an electrically-erasable and programmable read only memory (EEPROM) for storing user data, random access memory (RAM) for scratch storage, and read only memory (ROM) for storing the card operating system. Relatively simple microcontrollers are adequate to control these functions. Thus, it is not unusual for smartcards to utilize 8-bit, 5 MHZ microcontrollers with about 8K of EEPROM memory (for example, the Motorola 6805 or Intel 8051 microcontrollers).
A number of standards have been developed to address various aspects of integrated circuit cards, e.g.: ISO 7816-1, Part 1: Physical characteristics (1987); ISO 7816-2, Part 2: Dimensions and location of the contacts (1988); ISO 7816-3, Part 3: Electronic signals and transmission protocols (1989, Amd.1 1992, Amd. 2 1994); ISO 7816-4, Part 4: Inter-industry commands for interchange (1995); ISO 7816-5, Part 5: Numbering system and registration procedure for application identifiers (1994, Amd. 1 1995); ISO/IEC DIS 7816-6, Inter-industry data elements (1995); ISO/IEC WD 7816-7, Part 7: Enhanced inter-industry commands (1995); and ISO/IEC WD 7816-8, Part 8: Inter-industry security architecture (1995). These standards are hereby incorporated by reference. Furthermore, general information regarding magnetic stripe cards and chip cards can be found in a number of standard texts, e.g., Zoreda & Oton, SMART CARDS (1994), and Rankl & Effing, SMART CARD HANDBOOK (1997), the contents of which are hereby incorporated by reference.
It is desirable to maintain, for each smartcard held by a consumer, a substantially accurate history of transaction information and applications associated with the smartcard. Presently known systems are typically inadequate in this regard in that they do not provide efficient and reliable methods for ensuring synchronization between information stored on the smartcard and corresponding information stored on one or more external databases. As a result, present systems fail to ensure that lost or stolen cards may be reissued or replaced with up-to-date information.
Moreover, present systems are inadequate in that the systems often do not allow an enterprise, such as a smartcard corporate partner (for example, Hertz, Hilton and the like) to dynamically add to or otherwise modify the smartcard application structure itself. That is, in the context of multi-function cards, it is often infeasible to alter or augment the card's file structure without engaging in the time-consuming and costly process of re-issuing the card.
Furthermore, known methods of issuing and re-issuing smartcards in a multi-application, multi-enterprise environment are typically inadequate. More particularly, a smartcard often contains a number of different applications associated with a wide range of enterprise organizations. For security purposes, the writing, updating, and reading of these files is advantageously restricted to particular parties in accordance with a set of access condition rules. These access conditions are suitably implemented using cryptographic keys which are known only to the appropriate parties, such as the enterprise. Thus, a card issuing party such as American Express will typically not have access to the keys necessary to perform its function. Known systems have attempted to solve this problem by accumulating key data in a central repository used in the issuance process. This method is unsatisfactory in a number of respects. Most notably, a security breach in the central repository of key information would have disastrous consequences.
Techniques are therefore needed to overcome these and other limitations of the prior art. More specifically, systems are needed to provide secure and efficient personalization and dynamic synchronization of multi-function smartcards.