1. Field of the Invention
The invention pertains to reciprocal authentication and data exchange system, comprising a first set of readers and a second set of cards which can be freely connected to each reader, each card and each reader comprising processing and storage means which serve, in the connected state, to store, process and generate data in the card and data in the reader, to modify the data, to transfer the data to the reader and the card, respectively, and to verify the data received after the transfer, said system also comprising detection means for testing the correspondence of the signals generated after said verification and, as the case may be, for permitting further data exchanges between the interconnected card and reader whose connection is thus authenticated.
2. Description of the Prior Art
A system of this kind is known from U.S. Pat. No. 3,806,874; such a system serves to authenticate a connection, for example between a bank credit card and a credit card reader before proceeding with the exchange of data or services which are accessible only after a mutual verification: is the card a "genuine" card for the reader?; is the reader a "genuine" reader for the card? This verification serves to prevent a defrauder from making a genuine card "talk" by means of a nongenuine card, which would enable him to forge cards of adequate quality.
This system utilizes electronic processing means such as used in the data processing industry; its application is not limited to bank transactions: any exchange between data processing means can be tested by means of such an authentication system.
One of the versions of the authentication system disclosed in said Patent utilizes a random number generator (51) which is accommodated in the reader; matters are thus complicated for a prospective defrauder who observes the authentication exchanges on the lines 37 and 45 of the known system; however, subsequent data exchanges are not protected so that after authentication of a genuine card, a defrauder could replace it by another card, thus defrauding the system; moreover, a protection mode disclosed in said Patent (FIG. 12) implies a comparatively small size of the secret circuits of the card; thus represents a restriction which is not compatible with the extension of the meaning of the term "card" for data processing systems as described above in a general sense.
It is the object of the invention to eliminate these drawbacks.