Embodiments of the present invention relate to a method of controlling a contactless communication interface in an integrated circuit that may also include a contact communication interface. Embodiments of the present invention notably, but not exclusively relate to integrated circuits for chip cards, and in particular to integrated circuits for bankcards.
A bankcard issued by a bank may be sent to the card holder in an envelope by way of a postal carrier. If the card is equipped with a contactless communication interface, a terminal may communicate with the card through the envelope by a contactless communication link. An ill-intentioned person may therefore, without the knowledge of the card holder, perform a transaction with the card. During such a transaction, the card may be offline or online; that is to say linked to a network such as a banking network, by the intermediary of the terminal to which it is connected. If the transaction is performed online, the card may in particular request an authorization from a transaction server with identity verification of the card holder by the entry of a Personal Identification Number (PIN) code. The conduction of a transaction may change the initial state of an application installed in the integrated circuit of the card. Indeed, whether or not the transaction is authorized, a transaction counter may have been modified, with the result that the card is no longer in an initial state. An ill-intentioned person may also recuperate and possibly modify information stored in the integrated circuit, such as identification information of the card holder, an expiration date, a card number (Personal Account Number PAN), and authentication certificates of the card.
Certain applications, in particular payment applications, are configured to detect whether the card has already performed a first transaction. If a transaction performed with the card is the first transaction performed by the card, the application requires that the transaction be done online in order to be authorized beforehand by a transaction server. If the transaction is authorized by the transaction server, the application then authorizes the card to perform transactions offline. This functionality, called “New Card”, prevents a successful performance of transactions as long as the card has not been activated online. However, this functionality does not prevent the performance of a first transaction online, even if it fails, nor the performance of a transaction offline if no identity verification of the card holder is requested or if only a visual verification of a signature by an authorized person is required. The “New Card” functionality therefore only offers a partial security, and requires that the holder perform a first transaction online. This functionality thus does not allow for the issuance of cards that can be immediately used with offline terminals. Moreover, certain types of card are incompatible with this functionality. Additionally, this functionality does not prevent the recover and, failing that, the modification of information stored by the card.
Thus, the presence of a contactless interface in an integrated circuit card raises various problems relating to the protection of privacy (mail interference), to the protection of identification data stored by the card against identity theft and their commercial use, to the protection of card transactions data, and to the protection of the card against fraudulent use (online or offline). If the card has the “New Card” functionality, this requires the user to connect, the first time, the card to an online terminal. If the card has a payment application and a counter incremented at each transaction no matter whether it is accepted or refused, the card holder may receive a used card. If the transaction server detects several unsuccessful transaction attempts with a card, this may cause the issuance of a notification to the card holder, and a possible blocking of the card, before the holder has even received the card. Consequently, the presence of a contactless interface in an integrated circuit card may cause the users to have negative opinions thereof.
It is therefore desirable to reinforce the security of integrated circuit cards having a contactless interface, without limiting the possible applications, nor complicating their use.