The present invention relates to a method for effecting a transaction between at least one first plug-in data carrier incorporating a microcircuit, said carrier being of the type commonly referred to as an IC memory card or a microprocessor card, and at least one second data carrier, comprising at least the steps of setting up a relation between said carriers, reading said first data carrier, identifying the compatibility of said first data carrier with the second carrier and transferring data from one of said carriers to the other during a transaction between said first and second carriers via an interfacing circuit. More in particular, the invention relates to transactions in the field of intelligent cards, commonly called chip cards or smart cards, also referred to as microcircuit cards. The invention also relates to devices and accessories for carrying out the method according to the invention. It also relates to a plug-in data carrier incorporating a microcircuit enabling said method to be carried out.
Since the filing of the first patents in the nineteen seventies, the smart card has experienced considerable success and has come into widespread use, accompanied by a parallel growth in its technical capabilities and potential applications.
In this specification we shall use the term "microcircuit card" in preference to the terms "IC memory card", "smart card", or "microprocessor card" commonly employed to describe the same object. A microcircuit card can be defined, in the most general way, as a portable device for acquiring and storing information and/or data which is endowed with its own intelligence and includes provisions for identification and protection. The cards we are dealing with here are defined, at least as regards their physical format, by the ISO 7810 standard that specifies the physical structure of a type of card, generally referred to as a credit card. Another ISO standard, number 7811, defines, among other things, the position of the magnetic tracks currently employed for cards of a hybrid nature, particularly those intended for banking applications. Pursuant to the recommendations of the French Standardizing Association, AFNOR, ISO issued a "Draft International Standard"--DIS 7016 which not only defines the physical characteristics of the card such as those found in the ISO 7810 standard, but also defines the surface profile of the microcircuit contacts, along with numerous other parameters essentially relating to reliability and physical strength of the microcircuit. This provisional standard also determines the majority of the microcircuit's electrical parameters, notably the signals and protocols used in its dealings with the outside world, initialisation functions, transmission formats and standards, whereas a definitive choice between synchronous and asynchronous transmission has not yet been made.
While still on the matter of standards, three possible physical locations of the microcircuit on the carrier are currently accepted, a position at the top left hand corner which was initially chosen by the AFNOR, a position at the bottom left which should become the standard in France as from 1990 and a left hand middle position preferred by the ISO.
It is appropriate to make a distinction between passive cards which constitute the type of card in current use and which one could categorise as being a sort of portable information or data carrier, a read/write terminal being necessary in order to be able to read the data contained therein, and a new generation of cards which can be categorized as being active, incorporating their own power source, and their own display and keyboard; the extremely thin battery, rendered necessary in order to conform to ISO standards, currently preventing such cards becoming available. Although this invention is oriented towards the "passive" cards currently available, the means employed in the present invention are perfectly capable of handling both types of cards, whether they be active or passive.
In its use as a data carrier, the microprocessor card has experienced an almost explosive multiplication of its applications, starting out from the traditional fields of electronic money, and above all banking applications, followed by its use as a phone card, to then go on to applications as varied as tickets for public transport or cinemas, carriers for storing personal medical files, means for vehicle identification, portable parking meters, just to mention a few of the current applications of the microcircuit card.
In parallel with this, and in line with general developments in the memory and integrated circuit fields, the storage capacity of microcircuit card memories have undergone an almost exponential growth, starting out from the original 2 Kbytes progressing 64 Kbytes a few years ago to reach, with the addition of mass storage under the microcircuit, present day capacities of more than 100 Kbytes and up to 800 Kbytes with certain memory techniques currently capable of being implemented. The technology employed has followed a parallel evolution, going on from EPROMs (erasable programmable read only memories) to EEPROMs (electrical erasable programmable read only memories) in combination with the widespread use of current CMOS or even HCMOS technology.
Finally, the question of the security of the data stored in the card and during transmission thereof over a telecommunications network is a major preoccupation of suppliers of such cards. This preoccupation has resulted in efforts which now offer a quite remarkable security of the data, when compared to other means of storage. Thus, separating the memory, generally, into at least three zones, an open zone, a confidential zone and at least one secret zone, along with numerous other techniques such as coded customization of the memory areas, the possibility of selectively accessing specific information through the implementation of different levels of recognition, the use of multiple recognition codes, cyclic or inter-zonal movement of the information, along with secure or encrypted transport of the information during transmission thereof over a telecommunications network have led to results, and to possibilities, which are absolutely remarkable. It should nevertheless be noted that the dominant position of banking groups in their role of current distributors of the microcircuit card, and their preference for a product the security of which is irreproachable, nevertheless accompanied by somewhat limited functionality, is currently hindering the development of potential applications of the microcircuit card.
Full use of the possibilities of the microcircuit card is also being hindered by the type of hardware with which it is currently used, manufacturers offering either hardware that is complex and extremely expensive such as automatic teller machines and their associated servers, or small-size relatively simple equipment for use, for example, as a point of sale terminal. This latter equipment is customized for a specific applications and is completely incapable of following the evolution of the currently available possibilities of the microcircuit card, and even more so future evolutions which are likely to follow an exponential development curve, at least over the next ten years. In brief, the microcircuit card, in its function as a portable data carrier in combination with an excellent level of protection and employed in combination with servers of enormous complexity and high microcircuit card and its inherent intelligence, this cost, operating in relatively unadaptable configurations, does not make use of the present possibilities of the under-utilisation being likely to become even more pronounced over the next few years.
WO-A-8303018 (notably page 5 line 12 to page 11 line 6); EP-A-0 049 650 (notably page 33 line 15 to page 39 line 6 and claims 9 to 13) and JP-A-61 48086 are constitutive of the state of the art in the field. They relate to systems comprising different means including data processing means, dialog means, information processing means, means for setting-up an operation and a data carrier.
WO-A-8303018 relates to a device providing improved security in financial transactions between, for example, a retailer and a customer in a conventional point-of-sale system, in which the system interrogates the user on a selected identification feature which, preferably, is chosen in a random fashion.
EP-A-0 049 650 describes a system for distributing objects, such as an automatic teller machine, with means enabling the security of transaction to be improved, through, notably, the simultaneous use of a first portable card means which dialogs with information processing means, and a second portable card means, the latter including enabling functions vis-a-vis the first portable card.
JP-A-61 48086 does in fact describe a connector enabling data to be transferred between a master card and a slave card, the connector including means suitable for determining which of the two cards is the master card.
In this present description and in the claims which result therefrom, the term "data" essentially means digital data, it however being understood that the term should not be limited to this aspect and that the term also covers analog applications and hence analog data.
Moreover, data should be taken to cover information able to transferred or acquired along with information able to be copied.