This invention relates generally to the transfer of data between integrated circuit smart card read/write terminals and a remote central computer, and more particularly to such smart card terminals which are stand alone terminals, i.e. which are not connected to the remote central computer during each transaction.
Integrated circuit cards, or smart cards, have a significant advantage over other types of cards, e.g. magnetic stripe cards, in their inherent security. It is very difficult for a thief or a person wishing to use the card fraudulently or, to successfully tamper with the card. This inherent security permits the smart cards to be used in transactions which take place at terminals which do not check or verify each transaction with a central computer or central authority. Thus, some transactions with smart cards, may be done at terminals which are "off line".
With an off line transaction, the exchange between the smart card and the smart card reader/writer generates transaction data which is stored in the memory of the smart card reader/writer. This transaction data for example may be a cryptographic signature generated by the smart card, a token left by the smart card, the card holder's name, or simply the smart card serial number. In a banking application, the token's cryptographic signatures, or IDs of the card are used to reconcile the accounts. This transaction data must be collected by the system operator periodically to perform account settlement, inventory management, fraud detection, and other functions. Additionally, an operator may want to down load new software applications to these smart card readers/writers or add "black" lists of stolen/bad smart cards.
Presently, many point of sale terminals which have a modem can up load these transactions, or down load applications at the end of the day in an on line batch mode. For other remote devices, such as vending machines or parking meters, where a phone line is impractical, an off line data transfer device is used.