In the past, a magnetic card has been used as a bank card or credit card. In a magnetic card system, a personal identification data for identifying an owner of the magnetic card, which is known as a password, is stored in the magnetic card, and coincidence between the password electromagnetically read from the magnetic card loaded to a card reader and a password manually entered by the card owner is checked to determine whether the user of the card is a valid card owner. However, the following problems reside in the magnetic card.
Firstly, the password recorded on the magnetic card can be read by simple hardware and thus the use by an unauthorized person can be easily achieved.
Secondly, the password should be known only to the owner. However, the hardware for writing the password is necessary and a person who prepares the card is aware of the password.
Thirdly, security protection for an ATM or a credit card reader is not perfect and the prevention from leakage of the password is not perfect. Nevertheless, the password cannot be changed by the owner and the card is used even after another person has become acquainted with the password.
To overcome the above problems, U.S. Pat. No. 4,758,718, entitled “High Security IC Card with an Updateable Password” to Fujisaki et al., discloses an IC card having a microprocessor and a memory. In FIG. 1, numeral 10 denotes an IC card used as an identification medium for identifying a person, numeral 11 denotes a microprocessor for controlling registration and updating of a password data, numeral 12 denotes a communication interface for connection with a terminal device, numeral 13 denotes a keyboard for entering the password data, numeral 14 denotes a display device such as an LCD for displaying the password data, numeral 15 denotes a memory having areas for storing data necessary for registration and updating of the password, numeral 16 denotes a password memory area in the memory 15, the password area having 16 bits, numeral 17 denotes an area for storing the number of times of non-coincidence of the password in the memory 15, numeral 18 denotes an area for storing data representing a type and attributes of the IC card 10, and numeral 19 denotes a battery. The memory 15 has a password registration area in which the password is to be registered and a password update area in which updating data to update the password registered in the registration area is stored. The password is entered by a keying operation and the microprocessor controls the registration of the password and registers the password entered in the password registration area. When the registered password is to be changed, the number of times of input error for the password registered in the microprocessor is checked based on data preset in the password update area. If the number of times of error is smaller than a predetermined number, the registration area as well as the password update area is cleared and a newly entered password is permitted to be registered in the registration area.
Nowadays, IC cards or so-called “smart card” are used in numerous applications such as payment at a point of sale (known as “bank cards”), public telephones, payment for parking, payment for roll tolls, mobile telephones (e.g., SIM cards), health services, public transportation, or electronic purse. Each of these applications is associated with a specific card: a bank card, a phone card, a parking card, a SIM card for GSM telephony, and so on.
One of the problems encountered in daily use of such a variety of cards lies in that one of the cards might not be available when it is to be used, no matter whether it is left at home, its credit has been run out, or it has expired. In addition, administration and carry of various cards is inconvenient. Therefore, there is a strong need for the so-called “multi-application cards”.
For example, U.S. Pat. No. 6,325,293, entitled “Method and System for Using a Microcircuit Card in a Plurality of Applications” to Moreno, discloses a microcircuit card including device activating a default application to be executed, device activating a target application to be executed, and switch device activating the card to be configured on command either as a default application card or as a target application card. FIG. 2 shows the organization and the general operating sequence of the method thereof.
As shown in FIG. 2, the subscription taken out by a client 20 from the radio telephone operator 21 operating the user's radio telephone 22 includes not only general radio telephone service, but also a special service, e.g. payment for parking, where the amount will be included as a specific item in the monthly listing of telephone consumption received from the operator 21 (billing represented by 23).
After parking a car close to an electronic “pay-and-display” parking meter machine 24 programmed to accept payment from prepaid cards issued by the city 25, the driver might find that no usable parking card is available or that the card is exhausted or invalid. To perform the payment required by the machine, the user then engages a “parking” command on the radio-telephone, e.g. by pressing on a button 26 or by selecting an option in a menu giving the optional services offered by the telephone operator. This command causes the SIM card 27 of the radio telephone to be “reconfigured” as a parking card. The user then extracts the card 27 from the radio telephone and inserts it (arrow 28) into the machine 24, which perceives the card as being a parking card, and the card is then operated and debited as such. The user then reinserts the card 27 (arrow 29) into the radio telephone 22 where it is read by the radio telephone which automatically reconfigures it for the GSM function.
Although such multi-application cards are technically feasible, in practice they are very difficult to implement, as demonstrated by numerous pioneering attempts ever since the invention of the IC card itself.
With the wide-spread usage of smart cards in mobile industry such as SIM for GSM, USIM for WCDMA, RUIM for CDMA2000 and PIM for PHS network, a large variety of applications have been developed by utilizing Smart cards resided in the mobile phone (SIM/USIM/RUIM/PIM, hereafter referred as UICC, Universal Integrated Circuit Card) to provide security services. Mobile operators ensure the security of the use of mobile service by authenticating the keys stored in the Smart cards that mobile operators issued to the subscribers. In addition, mobile operators provide also premium services like mobile banking, mobile stock trading service by storing keys provided by the banks or other service providers in the SIM cards. The keys are manipulated through an application interface developed by SIM Tool Kit (STK) which is also resided in the SIM card itself. When WAP (Wireless Application Protocol) phones were available, WIM (Wireless Identity Module) was also developed by the SIM card vendors to secure WAP security by storing certificate and PKI algorithm in the SIM itself (SWIM card) or another standalone WIM card which can be inserted into another card slot in the mobile phone.
The keypad and display screen of the mobile phone facilitate the inserted smart card with great user interface and the mobile nature of remote access to service providers further accomplishes the goal of service mobility. In order to achieve the service mobility, service providers like banks, credit card issuers, transportation card issuers, certificate issuers and stock brokers are eagerly to cooperate with the mobile operator to issue enhanced SIM cards so as to provide services which fall into their professions. However, the provisioning and management of the SIM capability and functionalities are in control of the mobile operators therefore it forms a closed system where only agreed parties are allowed to participate. Furthermore, the relationship between service providers and mobile operators are one of mutual distrust and both have similar agendas over control of security and payment methods. This becomes the main obstacle to the development of mobile security services.
In mobile telecommunication world, another emerging demand based on smart card is so-called “multiple SIM ownership” which indicates the trend of a single mobile phone user holding more than one SIM cards which may be issued by different mobile operators. The trend arises because of following reasons:                to have separate accounts for personal and business use        to have separate SIMs of mobile operators of different countries when traveling to save roaming fee charge        to keep separate SIMs for different service plans, such as daytime and off-peak calling        to keep separate SIMs for different promotion tariff packages to save cost        
A special mobile phone with dual chip or dual slot capability used to be introduced to resolve the above issues, by providing an additional chip slot on the mobile phone in order for the service provider or another mobile operator to issue its own smart card or SIM storing its own secret keys. However, the special phones are normally costly and not well-accepted by the user, thus forming a fragmented market place where service providers can play with.
Therefore, it needs to provide a smart card that can rectify those drawbacks of the prior art and solve the above problems.