The invention designates a terminal for chip cards, which are configured as microprocessor cards, primarily for the input of the identification number using an integrated keyboard into a micro controller located in this microprocessor card for the authentication of the user of this microprocessor card.
Several control devices are known from the IPC (international patent classification) G07. In connection with financial transactions, coded identity cards are correspondingly grouped under G07F 7/08. Chip cards are being used to a continuously greater degree in the consumer area, for example, as so-called xe2x80x9celectronic walletsxe2x80x9d or for the electronic signing of contracts. For this, the chip cards are inserted into suitable chip card read/write units. The required control logic for this is classified in the class G06F17/60. For example, the block printing, EP0668579A2, describes the usage of chip cards (smart cards) for the transfer of money.
Chip cards can be equipped, among other things, with authentication. This requires that the person, who wants to use certain chip card functions, for example, the loading of an amount of money for money cards or signing for signature cards, must identify himself or herself to the chip card by means of a personal identification number (PIN). The checking of the authorization of the user using digital information is grouped under H04L 9/32. This identification must insure that only the person authorized, meaning the authenticated user, can use this chip card. This is normally done by the entry of identification by the user, that is by the input of a PIN using a keyboard. The block printing of EP0552392A1 describes, for example, a procedure for the mutual authentication of a chip card and of a terminal. This is to insure, in particular, that the identification entered can be securely transferred to the chip card.
This PIN is, however, due to security reasons not to be entered using a computer system connected with the chip card terminal, normally a PC or another CPU, but with a keyboard integrated in the chip card terminal. The block printing of DE4406602A1 identifies, for example, security equipment, which is meant for the identification and authentication of communications partners, with a keyboard for entering a PIN, which equipment exchanges data with chip cards.
The physical appearance and the number and arrangement of the contacts of the chip cards, which are widely available, are standardized, see ISO/IEC 7816-1,2. In addition, the electronic signals and transfers protocols are standardized, ISO/IEC 7816-3. Also, the commands for data exchange with chip cards, ISO/IEC 7816-4, in particular the input of a PIN for the authentication of a user to the chip card are partially standardized. The block printing EP 347894 describes a typical chip card terminal. It consists of a keyboard, a microprocessor, a chip card read/write unit, a display and a printer. The purpose of the microprocessor in this case is, among other things, to allow the input of the PIN using the chip card terminal keyboard, to process this input and to pass it on to the chip card and the execution of the chip card protocol according to ISO/IEC 7816-3.
Since the prices for the chip cards are minimal, the biggest hindrance to the greater use is due to the manufacturing costs of the chip card terminals. This exists due to the fact that expensive components, in particular microprocessors, are used to produce the conventional chip card terminals. As shown in relevant technical periodicals (CT 12/94) chip card terminals can also be built without microprocessors by using the parallel port of a personal computer. Similar suggestions for the serial port are also known, Markus Kuhn 1996. In addition to the control of the chip card protocol by the computer system, a significant difference compared to the current chip terminal with a microprocessor, is in the treatment of the PIN, which is input into the computer system, personal computer. This is associated with the disadvantage that this can be read or modified without authorization there and therefore is no longer sufficiently secure.
In order to reduce the above named costs of a conventional chip card terminal and still insure a secure input of the PIN using a keyboard integrated in a chip card terminal, it is the task of the invention to develop a chip card terminal, which requests the PIN without the use of a microprocessor and passes this directly to the chip card, which allows this to be protected against modification and data interrogation.
The essence of the invention lies in the use of a gate circuit inside of a simple chip card terminal, which is emplaced between the interface to the computer system and the I/O contact of the chip card and is controlled by the computer system, which inserts the identification information, entered using the integrated keyboard, into the chip card protocol.
The advantages of the invention are in the simple logic, which is due to the gate circuit, required for the sufficiently secure insertion of the identification information in the chip card. This allows the construction of the chip card terminal to be significantly simplified and, due in particular to the ability to do without a microprocessor, cheaper components can be used. Since the chip card protocol is generated in the computer system, a high degree of flexibility is attained in this respect.
Further developments of the invention result in further simplifications of the logic through specific adjustments to the serial and parallel ports of the PC. The extensive integration of all necessary components of a chip card terminal in a logic building block, allows a very inexpensive production of these, which will significantly support the use of the chip card. The integration of this building block into the keyboard of the computer system is also an advantage.