Smart card data transaction system and methods for providing high levels of storage and transmission security
First Claim
1. An apparatus for secure transmission of a post issuance data from a distribution server to a smart card comprising:
- a smart card inserted in a card reader;
a chip embedded in the smart card and electronically connected to the card reader;
a computer connected to the card reader and to the distribution server by a network;
a chip relay module in a browser in the memory of the computer;
wherein the chip relay module establishes a secure session with the distribution server; and
wherein the post issuance data is transmitted in an XML message that has been provided with a code derived from an issuer'"'"'s master key.
2 Assignments
0 Petitions
Accused Products
Abstract
A smart card system is disclosed for secure transmission of post issuance data to a embedded chip using a chip relay module, a plurality of hardware security modules, a first communication system having two security layers and a second communication system having four security layers.
The first communication system may be considered a server side system and comprises a chip management system, a security server having a first hardware security module, a distribution server having a second hardware security module and a computer system connected by a network The first communication system has a first security layer and a second security layer. The first security layer comprises mutual authentication that makes each component of the first communication system a trusted node to the others through client mutual authentication. The second security layer comprises system keys for secure communication between the hardware security modules.
The second communication system may be considered a client side system and comprises the computer system connected to the distribution server by a network, a PC/SC card reader driver, a Web browser application, and a chip relay module and is for secure communication between the distribution server and the chip of a smart card inserted in the card reader/writer. The second communication system has a third, fourth, fifth and sixth security layer.
-
Citations
53 Claims
-
1. An apparatus for secure transmission of a post issuance data from a distribution server to a smart card comprising:
-
a smart card inserted in a card reader;
a chip embedded in the smart card and electronically connected to the card reader;
a computer connected to the card reader and to the distribution server by a network;
a chip relay module in a browser in the memory of the computer;
wherein the chip relay module establishes a secure session with the distribution server; and
wherein the post issuance data is transmitted in an XML message that has been provided with a code derived from an issuer'"'"'s master key. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 42, 43, 44, 45, 46, 47, 48)
-
-
27. A method for secure transmission of a post issuance data between a distribution server and a chip comprising:
-
inserting a smart card having a chip into a card reader connected to a computer and a network; and
responsive to authentication of the chip at the distribution server, using a chip relay module to establish a secure communication between the chip and the distribution server. - View Dependent Claims (28)
-
-
29. A method for secure transmission of a post issuance data between a distribution server and a chip comprising:
-
configuring a first communication system having a distribution server, a security server, a chip management system and a first security layer;
configuring a second communication system having the distribution server and a client card system having a chip relay module;
using the chip relay module to establish a third security layer in the second communication system;
using a CIN to obtain the post issuance data from the chip management system;
using a card key to encrypt the post issuance data for transmission from the distribution server to the chip; and
wherein the card key is generated from an issuer'"'"'s master key obtained from the security server. - View Dependent Claims (30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40)
-
-
41. An apparatus for secure transmission of a post issuance data from a distribution server to a smart card comprising:
-
a first communication system connecting a security server, a distribution server and a chip management system;
a second communication system connecting the distribution server and a client card system having a card reader;
a chip embedded in the smart card and electronically connected to the card reader;
wherein the post issuance data is transmitted from the chip management system to the distribution server encrypted by a system key; and
wherein the post issuance data is transmitted from the distribution server to the chip encrypted by a card key. - View Dependent Claims (49, 50, 51, 52, 53)
-
Specification