The invention relates to a monolithically integrable circuit configuration including a memory with non-volatile, electrically writable and erasable storage cells, an addressing circuit for reading out, writing and erasing partial regions of the memory, and a control unit, which causes access to part of the memory addresses through the addressing circuit to be dependent on an input operation with data comparison between stored reference data and code data entered from outside.
Data-controlled payment systems are known for the cashless payment for merchandise or for the accounting of services and the like Such systems are described, for instance, in the journal "Betriebspraxis", B.BL.2/1982, Page 48, by Dr. R. Nowak and W. Roder under the title "Die Chip-Karte - nachste Generation der Automatenkarte" (The Chip Card--Next Generation of the Automation Card). The cards used in such a case carry an essential element which is a non-volatile electric data memory that can be accessed through electric contacts on the surface of the card. During each use, an arithmetic unit accesses the memory content which is optionally changed in the process, through a card reader.
Such cards are used in security and access systems, in accounting or recording systems and in debit or credit systems. In order to assure a wide distribution and frequent use of the cards, operators of such systems issue a large number of cards and offer an extensive network of readers and computer systems. In order to preclude misuse of the data, the card systems must meet stringent security requirements. It is especially important to protect the carrier cards against use by unauthorized persons, since the distribution thereof is not always controllable.
This can be achieved by a release or validation operation, wherein a comparison of data takes place between a code word which is entered by an operator or is encoded by a computer, and a stored reference word, and the access is released or prevented, depending on the result of the comparison.
In this connection, however, the danger exists that an unauthorized person might procure the secret information required for the release or validation by systematic trial or by listening to the data traffic during the release operation.
The main differences between the known control measures are in the execution of the release operation and in the wiring or the means required therefor.
French Patent FR-PS No. 23 11 360 discloses a manner of providing a certain number of code entries by an operator and of storing all non-permissible attempts in a memory provided for this purpose, so often that the entire memory space is occupied, in order to determine an access authorization. The unit to be protected is thus taken out of operation. In this connection, French Patent FR-PS No. 24 01 459 further describes a data memory which is subdivided by different access conditions, into a secret, externally non-accessible memory region and into two further memory regions which can only be written or read externally.
A further control unit is disclosed in Published PCT International Application No. WO 81/02480. The control unit operates in such a way that the actual address of the memory to be protected is formed by a linkage of the memory address to be entered externally with data words from an internal auxiliary memory in a feedback arrangement.
Finally, a circuit with a memory and a control unit is known from French Patent FR-PS No. 24 71 004, in which the connection between the addressing unit and the address decoder of the memory is interrupted, in case of a non-permissible access.
It is accordingly an object of the invention to provide a circuit with a memory and an access control unit, which overcomes the here-inafore-mentioned disadvantages of the heretofore-known devices of this general type with which a release operation can be carried out, that increases the difficulty of unauthorized decoding of the secret data required therefor.