An appendix containing a source code listing of control files of a pre-production data preparation (P3) and card personalization application program written in C program language for providing in-line pre-production data preparation and personalization solutions for transaction cards such as smart cards according to an embodiment of the present invention. The appendix contains subject matter that is copyrighted. A limited license is granted to anyone who requires a copy of the program disclosed therein for purposes of understanding or analyzing the present invention, but no license is granted to make a copy for any other purposes.
The present invention generally relates to data storage devices, and more specifically, relates to a method and system providing in-line pre-production data preparation and personalization solutions for transaction cards.
Transaction cards have been widely used for cardholders to gain access to a particular application service provided by card issuers such as banks and organizations which maintain databases of cardholder records. The service provided by card issuers may be the use of a credit or debit account, access to health care services, or a monetary value stored on the card to be used to purchase services, just to name a few.
Traditional transaction cards are standard magnetic strip based credit or debit cards which usually contain information pertaining to the cardholders, such as names and account numbers, printed and/or embossed on the surface of the cards. These transaction cards also contain a magnetic strip on the back of the cards which is encoded with data pertaining to the cardholders.
Recently developed transaction cards are integrated circuit (IC) cards, known as smart cards, which also contain one or more embedded computer chips capable of storing various types of information in electronic form supporting multiple applications with sophisticated security mechanisms. The computer chips can either be micro-controller chips with internal memory or memory chips with non-programmable logic. The smart cards may be available as either contact smart cards which require insertion into a smart card reader with a direct connection to a conductive micro-module on the surface of the smart cards, or contact-less smart cards which require only close proximity to a smart card reader and use respective antenna for radio frequency transmission through the surface of the smart cards. These cards can interface with a point-of-sale terminal, an automatic teller machine (ATM), or a card reader integrated into a telephone, a computer, a vending machine, or any other appliance for a wide variety of applications. Example smart card applications include, but are not limited to: (1) banking and finance market for credit/debit cards, electronic purse (stored value cards) and electronic commerce; (2) network based transaction processing such as mobile phones (GSM cards), pay-TV (subscriber and pay-per-view cards), communication highways (Internet access and transaction processing); (3) transportation and ticketing market (access control cards for mass transit ticketing, urban parking and electronic toll collection); (4) government cards (ID cards and driver licenses); (5) healthcare market (health insurance cards and medical file access cards).
The micro-controller chip embedded in each smart card allows the card to undertake a range of computational operations, protected storage, encryption and decision making. Such a micro-controller chip typically includes a microprocessor, memory, and other functional hardware elements, and may be programmed with various types of functionality, including applications such as stored-value; credit/debit; loyalty programs, etc.
FIG. 1 illustrates one example of a smart card implemented as a processor card. As shown in FIG. 1, such a smart card 10 has an embedded micro-controller chip 12 that includes a microprocessor 14, a random access memory (RAM) 16, a read-only memory (ROM) 18, a non-volatile memory 20, a cryptographic module 22, and a card reader interface 24. Other features of the micro-controller may be present but are not shown, such as a clock, a random number generator, an interrupt control, a control logic, a charge pump, power connections, and interface contacts that allow the card to communicate with the outside world.
Microprocessor 14 may be any suitable central processing unit (CPU) for executing commands and controlling the device. RAM 16 may serve as storage for calculated results and as stack memory. ROM 18 may store the operating system, fixed data, standard routines, and look up tables. Non-volatile memory 20, such as EPROM or EEPROM, may serve to store information that must not be lost when the card is disconnected from a power source but that must also be alterable to accommodate data specific to individual cards or any changes possible over the card lifetime. This information may include a card identification number, a personal identification number, authorization levels, cash balances, credit limits, etc. Cryptographic module 22 may be an optional hardware module used for performing a variety of cryptographic algorithms. Card reader interface 24 may include the software and hardware necessary for communication with the outside world. A wide variety of interfaces are possible. By way of example, interface 24 may provide a contact interface, a close-coupled interface, a remote-coupled interface, or a variety of other interfaces. With a contact interface, signals from the micro-controller chip 12 are routed to a number of metal contacts on the outside of the card which come in physical contact with similar contacts of a card reader. Various mechanical and electrical characteristics of smart card 10 and aspects of its interaction with a card reader are defined by the following specifications, all of which are herein incorporated by reference. Visa Integrated Circuit Card Specification, (Visa International Service Association 1996). EMV Integrated Circuit Card Specification for Payment Systems, (Visa International Service Association 1996). EMV Integrated Circuit Card Terminal Specification for Payment Systems, (Visa International Service Association 1996). EMV Integrated Circuit Card Application Specification for Payment Systems, (Visa International Service Association 1996). International Standard, Identification Cardsxe2x80x94Integrated Circuit(s) Cards with Contacts, Parts 1-6 (International Standards Organization 1987-1995).
Prior to issuance of a smart card to a cardholder, smart cards that have applications that use information about an individual cardholder or an account must go through card personalization. Generally, those smart cards must be initialized and/or personalized typically at the same time with data that is specific to a card application and an individual cardholder. xe2x80x9cInitializationxe2x80x9d may refer to the process of programming the micro-controller chip with data that is common to a large number of cards while also including a minimal amount of card unique terms (e.g., card serial number and personalization keys). For example, during initialization or pre-personalization, the smart card may be loaded with at least one application, such as credit or stored cash value, a file structure initialized with default values, and some initial cryptographic keys for transport security. xe2x80x9cPersonalizationxe2x80x9d may refer to the process of printing or embossing data on the surface of the card (such as printed characters with metallic or colour tipping, color and black/white photographs, graphics and bar codes), encoding the magnetic strip on the card, and programming data into micro-controller chip of the card. Once a card is initialized, the smart card may be loaded with data which uniquely identifies the card during personalization. For example, personalization data may include a maximum value of the card, a personal identification number (PIN), the currency in which the card is valid, the expiration date of the card, and cryptographic keys for the card.
Before the smart card can be initialized and/or personalized, however, a cardholder data file obtained from cardholder databases must first be prepared, typically in-house (sometimes by out-source) by the card issuer, and then often passed to an external card personalization bureau in a composite personalization file format ready for card personalization. The data file obtained from the cardholder database may contain information such as, embossing data, magnetic strip data, a printed carrier for card delivery purposes, and possibly photographic data. For smart card applications, such data file is typically prepared by a separate, especial pre-personalization data preparation process commonly known in the industry as P3 (personalization preparation process) process. The P3 process involves three main stagesxe2x80x94establishing cryptographic keys, generating Issuer Certificates using secret and public key pairs via Certification Authority, and preparing cardholder data to produce a P3 output file of cardholder data that can be processed by a separate card personalization system.
FIGS. 2A-2C provide an overview of a smart card issuance process as described using separate pre-production data preparation (P3) processing and smart card personalization systems to issue a smart card to a cardholder. In particular, FIGS. 2A-2B illustrates an example smart card issuance process for performing pre-production data preparation (P3) process and card personalization process. FIG. 2C illustrates a corresponding smart card issuance arrangement using a P3 processing system and a separate card personalization system to perform P3 process and card personalization process.
As shown in FIGS. 2A-2B, the smart card issuance process requires obtaining a data file of cardholder data at block 210, performing pre-production data preparation (P3) process (such as establishing cryptographic keys, generating Issuer Certificates using secret and public key pairs via Certification Authority, and preparing cardholder data) at block 220, and generating a personalization file of cardholder data for card personalization at block 230. Once the personalization file is generated, via pre-production data preparation (P3) process, usually sometimes in advance of card personalization, such personalization file is then obtained by an external personalization bureau at block 240. The smart card issuance process then requires performing card personalization process (such as printing or embossing data on the surface of the card, encoding the magnetic strip on the card, and programming cardholder data into micro-controller chip of the card) at block 250, and finally issuing a personalized smart card at block 260.
As shown in FIG. 2C, the smart card issuance arrangement 100 used to perform the smart card issuance process shown in FIGS. 2A-2B includes a card issuer system 110, a P3 processing system 120, and a card personalization system 130. The card issuer system 110 may be arranged in-house of a card issuer to generate a data file of cardholder data as shown in FIG. 2A, step 210. The P3 processing system 120 may be arranged (typically in-house of a card issuer) to receive the data file generated from an existing application and add the appropriate data for the smart card applications, via pre-production data preparation (P3) process, to generate a personalization file in a format ready for card personalization as shown in FIG. 2A, steps 220-230. The card personalization system 130 may be arranged at an external personalization bureau at a remote location from the card issuer to obtain and then process the data file for personalizing a smart card 10 (including chip data, magnetic strip, embossing, printing, and any scheme specific requirements), and finally issue a personalized card 10 as shown in FIG. 2B, steps 240-260. The smart card 10 as inserted into such card personalization system 130 may be available in batches and all may have previously been initialized or pre-personalized by a card supplier (not shown).
The card issuer system 110 may include a PC 112 or an industry-standard workstation which maintain databases of cardholder records and a host security module (HSM) 114. The P3 processing system 120 may include a PC 122 or an industry-standard workstation which uses a Window NT platform and a host security module (HSM) 124. The P3 processing system 120 includes support from the Certification Authorities (not shown) operated by bankers and organizations which maintain databases of cardholder records such as VISA, MasterCard and Europay International. The card personalization system 130 may include a PC 132 which uses a Window NT platform, a host security module (HSM) 134 and one or more personalization equipments 136 which personalize a batch of smart cards 10. HSMs 114, 124 and 134 are used to provide security for the card issuer system 110, the P3 processing system 120 and the card personalization system 130. These HSMs 114, 124 and 134 are stand alone, tamper resistant dedicated hardware security devices for allowing cryptographic keys to be stored securely without risk of exposure to operators of the system or to any external organizations.
However, current techniques for card personalization and card issuance as shown in FIGS. 2A-2C tend to be time consuming, cumbersome and expensive. Typically, the cardholder data must be xe2x80x9cpreparedxe2x80x9d via P3 processing system 120 in advance (usually overnight), and then xe2x80x9cpersonalizedxe2x80x9d via high volume personalization equipment via card personalization system 130 the following morning. Initial capital expenditures for hardware and software for card personalization can be very expensive. Moreover, separate sets of skilled labor (software development staff) are necessarily required for data preparation, via pre-production data preparation (P3) process, including handling sensitive cryptographic keys and cardholder data usually in-house at a card issuer location, and separately for card personalization at an external personalization bureau. Furthermore, there are many limitations and problems associated with current card personalization systems.
For example, one major limitation of current card personalization systems is that most card personalization systems rely heavily on one brand of hardware security module (HSM) which requires custom firmware every time a new smart card application becomes available.
Another major limitation of current card personalization systems is that multiple hardware security modules (HSMs) are necessarily employed for different functions. For instance, a VISA card issuer which issues a VISA smart cash card will need to use at least two (2) separate HSMs, one HSM 124 for pre-production data preparation (P3) processing and another HSM 134 for card personalization as shown in FIGS. 2A-2C. This is because both HSMs are running different firmware despite both HSMs may share the same model and the same manufacturer. Such firmware requirement contributes to the high cost of card personalization.
Yet another major limitation of current card personalization systems is also that many card personalization systems do not permit a more inclusive, generalized card personalization process that accepts any card operating system and/or work with any personalization equipment.
Therefore, there is a need for a more flexible, low cost, low maintenance card personalization system for card personalization and card issuance.
Accordingly, various embodiments of the present invention are directed an integrated card personalization system using an xe2x80x9cin-linexe2x80x9d approach for seamless card personalization directly from cardholder data files to avoid duplication of hardware and eliminate the need for an overnight batch process to prepare cardholder data for card personalization. Such integrated card personalization system allows for the personalization of transaction cards such as smart cards on more flexible, low cost, low maintenance and smaller personalization systems so as to save the personalization bureau time and money, particularly on small volume production runs, and eliminate the need to hire and maintain internal software development staff with high attendant cost.
In accordance with one aspect of the present invention, a host card personalization system is provided with an operating system; and a smart card issuance application module executed by the operating system to receive a data file of cardholder data, to perform a pre-production data preparation process of cardholder data for generating a personalization file of cardholder data, and to enable card personalization of a transaction card using the personalization file for issuing a personalized card. A security card is provided within the host card personalization system for cryptographic functions needed to implement data security on the system. The smart card issuance application module contains smart card issuance application programs which are dynamic link libraries (DLLs) including executable control files compiled to perform in-line pre-production data preparation (P3) and card personalization, and a smart card application programming interface (API) which provide API commands to a personalization equipment for card personalization, via a smart card coupler installed therein. The personalization equipment corresponds to any one of proprietary Image Master(trademark), Advantage(trademark), Impression(trademark), and Horizon(trademark) systems for printing or embossing data on the surface of the card, encoding the magnetic strip on the card, and programming cardholder data into micro-controller chip of the card during card personalization.
In accordance with another aspect of the present invention, a method is provided for in-line pre-production data preparation and card personalization in a single card production system comprising: obtaining a data file of cardholder data; performing a pre-production data preparation process of cardholder data to produce a personalization file of cardholder data; and performing a card personalization process of a transaction card using personalization file to issue a personalized card.
The present invention is more specifically described in the following paragraphs by reference to the drawings attached only by way of example.