The present invention relates to electronic shopping, electronic check books, credit cards and the like, and particularly to an IC card which is adapted to preventing data alteration, forgery and the like among the traders.
The IC card which consists of a plastic card in which an IC (integrated circuit) is embedded has functions for identifying the individual person and for making forgery difficult, and has a large memory capacity. Such a card finds application in electronic settlement, personal information files, security control and the like.
When a person goes shopping in supermarkets and department stores using an IC card, it is desirable from the standpoint of privacy that a list of purchases made in one store not be readable in other stores in which the person makes another purchase. For this purpose, the IC card should be provided with transaction areas that are different depending upon the store, so that one store is not allowed to make reference to the transactions of other stores.
A first problem in the conventional art is that, there had been proposed neither a method of protecting a plurality of transaction areas in the same IC card by different encipher keys nor a key control method suited for this purpose.
Among the public key cipher systems, on the other hand, a master key exists in the RSA method and in the Rabin method. Using the master key, the above-mentioned key control can be effectively carried out.
A second problem in the conventional art is that consideration has not been given in regard to forgery of the IC card, and alteration or forgery of data in the card.
A third problem is that the conventional IC card has been fabricated based on a prerequisite that it be used by an individual person (see Nikkei Computer, "Will the Age of IC Card Come?", July 8, 1985). Health management data, property management data and like data may be input to the IC card to utilize them. In addition to the situation where the user himself keys in the personal identification number to obtain the desired data, however, it may often happen that a medical doctor or a bank employee keys in another personal identification number to take out all or part of the desired data, such as in an emergency.