1. Field of the Invention
The present invention relates to a contact-type IC card without built-in batteries, and more particularly to an IC card to counter erroneous input by a legitimate user and illegal use by a third party, and also relates to a method and program for preventing illegal use of an IC card.
2. Description of the Related Art
In general, an IC card is used to record important data such as personal information. Therefore, it is necessary to prevent illegal use of the card by a third party if it is lost. To this end, before a general IC card can be used, identification is performed using a personal identification number (PIN) (hereinafter referred to as “PIN identification”), to identify the legitimate owner (hereinafter referred to simply as the “owner”) of the card. PIN information is generally stored in the IC card, and the owner of the card inputs their PIN through a terminal into which the IC card has been inserted. After the inserted PIN has been compared with the PIN stored in the IC card, the comparison result is sent to the terminal (see, for example, Jpn. Pat. Appln. KOKAI Publication No. 2000-76402).
In the PIN scheme, a card cracker who has acquired another person's IC card may guess and input the PIN of the owner of the card in order to impersonate the legitimate owner of the card. To thwart such PIN guessing, the process of locking an IC card when an incorrect PIN is input a predetermined number of times is now employed (this is called “PIN locking”). In a PIN-locked IC card, no further PIN input is possible, so the card cannot be used any more. PIN locking can be done on the system side (including the above-mentioned terminal, a server connected to the terminal, etc.) or on the IC card side.
PIN locking is performed to thwart card crackers. However, the owner of an IC card may well input their PIN incorrectly, resulting in PIN locking. If this happens, it is necessary to access, for example, the system manager to release the locked state. However, this is troublesome and so reduces the convenience of the IC card.
If the PIN locking of an IC card is limited to a certain length of time, a legitimate user can reuse the card sooner or later without the trouble of accessing, for example, the system manager. However, an illegitimate user is still prevented from continuously attempting to guess the PIN. So, there is a demand for setting a locking period.
However, if PIN locking is performed on the system side, it is necessary to centrally manage locking management information used for managing PIN locking, utilizing a server that handles a great many system-side terminals, and to access the locking management information each time PIN identification is performed. This increases the load on the system.
In light of the above, there is a need for a scheme in which PIN locking is performed on the IC card side. However, IC cards alone cannot provide their own power and so cannot time a PIN locking period. And if IC cards with built-in batteries are made, they lose the advantage of being usable without batteries.