The invention relates to a method of checking a smart card having an integrated circuit with a memory for value units and a test code circuit. A terminal station whereto the smart card is electrically connected transmits a test word to the smart card and the test code circuit generates, from the test word, reply data in conformity with a secret algorithm. The reply data is transmitted to the station in which it is compared with reply data generated from the test word in conformity with the same algorithm.
The invention also relates to a circuit arrangement for checking a smart card having an integrated circuit with a memory for value units, a test code circuit, and means for connecting the integrated circuit to a terminal station. The test code circuit generates reply data from a test word received from the station, in conformity with a secret algorithm stored in the test code circuit. The reply data is applied to the station. The invention also relates to a smart card and a terminal station arranged for use in such circuit arrangement and/or in such method.
Smart cards of this kind are already being used in a variety of applications in order to acquire services or goods, an appropriate number of value units in the memory being marked as having been consumed by the station before the service is rendered. A known application in this respect is a telephone card in which, during a call, value units are continuously marked as having been consumed along with the duration of the call.
A smart card, usually purchased from the firm offering the service represents a given value. Therefore, frauds are tempted to make counterfeit or falsified smart cards for which the fraud does not pay the firm offering the service. In order to preclude or at least substantially impede such fraud, the integrated circuit including the memory also includes a test code circuit which generates, in conformity with a secret algorithm, reply data from a test word transmitted by the station and applies this reply data to the station. Because this algorithm is hidden in the integrated circuit, either by wiring or by way of stored data or both, it is practically impossible to discover and simulate this algorithm. The test word is preferably a random number, so that in the case of repeated use of a valid smart card each time different reply data is returned; when the secret algorithm is chosen to be sufficiently complex, it will be impossible or virtually impossible to deduce it from evaluation of different test words and associated reply data for the purpose of fraud.
However, it is possible to use a valid smart card and to connect a multiplexer between the means for connection to the station, for example between the contact pads in the case of a conductive connection and the memory with the test code circuit. The multiplexer establishes the connection with the valid smart card during the checking of the smart card by means of the test word but switches over to a counterfeit memory for value units during the marking of value units. The counterfeit memory can be manipulated, notably erased, from the outside so that in this manner an "eternal" smart card is obtained whereby arbitrary services can be obtained without payment.