System and method for personalization of smart cards

US 20020117542A1
Filed: 12/12/2001
Published: 08/29/2002
Est. Priority Date: 12/19/2000
Status: Active Grant

First Claim

Patent Images

1. Method for personalization of smart cards characterized by the steps of:

providing a virtual smart card (VSC) at the personalization side having a data processing system for receiving and/or storing said virtual smart card and a reader for establishing communication with a real smart card to be personalized and a personalization program, wherein said virtual smart card having a defined logical file structure being identical with the logical file structure of said real smart card to be personalized and data objects placed in the respective areas of said virtual smart card (14) establishing communication of said real smart card to be personalized with said personalization program (18) electronically transferring said data objects contained in said virtual smart card into the assigned areas of said real smart card by said personalization program (20,22,24).

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention discloses a system and method for personalization of smart cards by using virtual smart cards (VSC) containing all data objects (card holder specific data objects) required to personalize real smart cards. The VSC is a software implemented version of a real smart card providing the equivalent functionality of a real smart card. The VSC is generated and used by a VSC control program handling the generation, the security and the read/write process of the VSC.

VSCs being generated by the VSC control program having a logical file structure comprising a public area, a private area, a secure key area, password area, and an unique identifier area. The data objects contained in the public area having no access restrictions, data objects placed into the private area are encrypted and can be accessed by using a password, and the data objects placed into secret key area are encrypted and only accessible by the VSC control program. Each VSC may be addressed by unique identifier (ID). Card holder specific data objects being preferably stored in the same format on a storage media, e.g. database, are transferred into the assigned area of the defined file structure of the VSC by using the VSC control program (personalized VSC). Thus, the personalized VSC as well as their assigned ID and passwords are accessible by the personalization side considering that the access of the IDs and the password is accomplished via a secure channel. At the personalization side, already pre-initialized real smart cards having the same defined logical file structure as their assigned VSCs are personalized by a personalization program reading the data objects of the VSCs and using smart card specific commands for writing the data objects into the EEPROM of the real smart card. An main advantage of the present invention is that the personalization data contained in the VSC may be tested in the application environment before a personalized real smart card is already available. Changes to the data objects set can be done without amending the personalization program.

28 Citations

View as Search Results

15 Claims

1. Method for personalization of smart cards characterized by the steps of:
- providing a virtual smart card (VSC) at the personalization side having a data processing system for receiving and/or storing said virtual smart card and a reader for establishing communication with a real smart card to be personalized and a personalization program, wherein said virtual smart card having a defined logical file structure being identical with the logical file structure of said real smart card to be personalized and data objects placed in the respective areas of said virtual smart card (14) establishing communication of said real smart card to be personalized with said personalization program (18) electronically transferring said data objects contained in said virtual smart card into the assigned areas of said real smart card by said personalization program (20,22,24).
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 15)
- - 2. Method according to claim 1, wherein creation of said virtual smart card comprises the following steps:
    - automatically creating a defined file structure having defined areas for placing data objects by a virtual smart card control program (2) automatically assigning a password and an unique identifier to each defined file structure created and storing both in the respective area of said defined file structure by said virtual smart card control program (4,6,8) electronically accessing data objects to be placed into the assigned areas of said defined file structure and transferring them into said assigned areas by said virtual smart card control program (10) electronically storing said defined file structure including said data objects on a storage media (virtual smart card-12).
  - 3. Method according to claim 1, wherein said defined file structure of said virtual smart card is defined by the following areas:
    - a public area in which public data objects having no access conditions are placed a private area in which private data objects being encrypted are placed a secret key area in which key data objects being encrypted are placed a password area in which a password being encrypted is placed an unique identifier area in which an unique identifier for identifying the VSC is placed.
  - 4. Method according to claim 3, wherein said defined file structure of said virtual smart card is a dedicated file structure containing elementary files for defining the areas in which said data objects are to be placed.
  - 5. Method according to claim 1, includes the further step:
    - generating an individual password for said real smart card and replacing said existing password placed in said real mart card by said individual password providing said individual password to the smart card holder via a secure channel (26).
  - 6. Method according to claim 1, wherein creation of said virtual smart card and their assigned unique identifier (2,4,6) is accomplished at smart card issuer side by said virtual smart control program and said virtual smart card including their assigned password and unique identifier are accessible by said data processing system of said personalization side via network (14), wherein access to said password and said unique identifier is secured against unauthorized access.
  - 7. Method according to claim 1, wherein said transfer of data objects from the virtual smart card into the assigned areas of said real smart card comprising the following steps:
    - accessing password and unique identifier for assigned virtual smart card by said personalization program (16) loading virtual smart card into the memory of data processing system at the personalization side by using said password via said personalization program (20,22) reading all data objects placed in said virtual smart card by said personalization program and writing them by means of smart card specific commands into the EEPROM of said real smart card (20,24).
  - 8. Method according to claim 7, wherein said loading and reading steps are accomplished by said personalization program using a respective functionality provided by the virtual smart card control program.
  - 15. A computer program product stored on a computer usable medium comprising computer readable program means for causing a computer to perform the method of anyone of the claims 1 to 8 when said program product is executed on said computer.

9. System for personalization of real smart cards using a method according 1 to 8 comprising:
- a data processing system for accessing and/or storing virtual smart cards located at the personalization side (2) a component (8) for personalization of real smart cards installed on said data processing system located at the personalization side (2) providing an interface to a file containing unique identifier and password assigned to a certain virtual smart card (4), an interface to a read functionality for reading data objects in a virtual smart card and an interface to smart card specific commands to write data objects into said real smart card (6) a reader for establishing communication between real smart card and personalization program located at the personalization side.
- View Dependent Claims (10, 11, 13, 14)
- - 10. System according to claim 9, wherein said read functionality is part of virtual smart control program (10) and said write functionality is part of the card agent(12) providing write commands for said real smart card to said personalization program (8).
  - 11. System according to claim 9, wherein said personalization program (8), said virtual smart control program (10) and said card agent (12) forms an integral program installed at the personalization side (2).
  - 13. System according to claim 12, wherein said virtual smart control program, said data base and said collection program are located at the smart card issuer side and said personalization program and said reader are located at the personalization side, wherein said smart card issuer side and said personalization side are connected via a network.
  - 14. System according to claim 12, wherein a further virtual control program (10) is located at the personalization side (2) for providing the read functionality of the virtual smart card to the personalization program when reading the objects of the virtual smart cards.

12. System for personalization of real smart cards comprising:
- a virtual smart control component for creating virtual smart cards having a defined logical file structure identical with the file structure of the real smart card to be personalized a data base storing information to be used for personalization a collecting program for collecting information to be placed into the respective area of the virtual smart card a personalization program (8) for accessing said virtual smart card (4) and their assigned unique identifier and password and transferring the data objects contained in said virtual smart card by means of said password and card specific commands into the storage area of said real smart card (6) a reader for establishing communication between said real smart card and said personalization program.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
PayPal, Inc. (PayPal Holdings, Inc.)
Original Assignee
International Business Machines Corporation
Inventors
Klaffke, Klemens, Sulzmann, Robert, Hamann, Ernst-Michael

Granted Patent

US 6,729,549 B2
Time in Patent Office

Days
Field of Search
US Class Current

235/380
CPC Class Codes

G06K 17/00   Methods or arrangements for...

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/355   Personalisation of cards fo...

G07F 7/1008   Active credit-cards provide...

System and method for personalization of smart cards

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

28 Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for personalization of smart cards

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

28 Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links