Transaction security system using time variant parameter
First Claim
1. An electronic funds transfer (EFT) system in which EFT terminals are connected through a local data processing center to a public switch system, a plurality of card-issuing agencies'"'"' data processing centers are also connected to the public switch system and each user of the EFT system has a personal secure intelligent bank card on which is stored a personal account number (PAN) and a personal key (KP), the system including:
- first local data processing center means at each local data processing center to generate session keys (KS) for each of its locally attached terminals, and to transmit an associated session key to a respective terminal;
at each terminal means to store the session key;
first card means to generate and store a transaction variable for each transaction initiated at the terminal and to transfer the transaction variable to the terminal;
first terminal means to encipher sensitive data under the session key whenever a transaction request message is generated;
second terminal means to generate a transaction variable for each transaction initiated at the terminal and to combine the transaction variable generated at the terminal with the transaction variable received from the card to form a composite transaction variable;
third terminal means to transfer the transaction variable generated at the terminal and a message request including the terminal-generated composite transaction variable enciphered under KS to the user'"'"'s card and means on the card to generate a composite transaction variable from the transaction variable generated and stored on the card and the transaction variable received from the terminal and means on the card to generate a message authentication code (MAC) using a time variant key based upon the user'"'"'s PAN, KP and the card-generated composite transaction variable;
second card means to return the message request and the MAC to the terminal and subsequently transmit it to local processing center;
second local data processing center means at each local data processing center to encipher the appropriate session key under a cross-domain key whenever a transaction request message is received and to add the enciphered key to the message;
first node means at each processing node of the public switch system to translate the enciphered session key from encipherment under a received cross-domain key to a transmission cross-domain key;
first card-issuing agency'"'"'s data processing center means at the card-issuing agency'"'"'s data processing center to decipher the enciphered session key and to use the key to decipher any sensitive data contained in the request message; and
second card-issuing agency'"'"'s data processing center means to regenerate the message authentication code using the time variant key which is generated from parameters based upon the PAN and KP and the received composite transaction variable for comparison with the message authentication code included in the received message.
0 Assignments
0 Petitions
Accused Products
Abstract
An electronic funds transfer system (EFT) is described in which retail terminals located in stores are connected through a public switched telecommunication system to card issuing agencies data processing centers. Users of the system are issued with intelligent secure bank cards, which include a microprocessor, ROS and RAM stores. The ROS includes a personal key (KP) and an account number (PAN) stored on the card when the issuer issues it to the user. Users also have a personal identity numbe (PIN) which is stored or remembered separately.
A transaction is initiated at a retail terminal when a card is inserted in an EPT module connected to the terminal. A request message including the PAN and a session key (KS) is transmitted to the issuers data processing center. The issuer generates an authentication parameter (TAP) based upon its stored version of KP and PIN and a time variant parameter received from the terminal. The TAP is then returned to the terminal in a response message, and based upon an inputed PIN, partial processing of the input PIN and KP on the card a derived TAP is compared with the received TAP in the terminal. A correct comparison indicating that the entered PIN is valid.
The request message includes the PAN encoded under the KS and KS encoded under a cross-domain key. Message authentication codes (MAC) are attached to each message and the correct reception and regeneration of a MAC on a message including a term encoded under KS indicates that the received KS is valid and that the message originated at a valid terminal or card.
220 Citations
1 Claim
-
1. An electronic funds transfer (EFT) system in which EFT terminals are connected through a local data processing center to a public switch system, a plurality of card-issuing agencies'"'"' data processing centers are also connected to the public switch system and each user of the EFT system has a personal secure intelligent bank card on which is stored a personal account number (PAN) and a personal key (KP), the system including:
-
first local data processing center means at each local data processing center to generate session keys (KS) for each of its locally attached terminals, and to transmit an associated session key to a respective terminal; at each terminal means to store the session key; first card means to generate and store a transaction variable for each transaction initiated at the terminal and to transfer the transaction variable to the terminal; first terminal means to encipher sensitive data under the session key whenever a transaction request message is generated; second terminal means to generate a transaction variable for each transaction initiated at the terminal and to combine the transaction variable generated at the terminal with the transaction variable received from the card to form a composite transaction variable; third terminal means to transfer the transaction variable generated at the terminal and a message request including the terminal-generated composite transaction variable enciphered under KS to the user'"'"'s card and means on the card to generate a composite transaction variable from the transaction variable generated and stored on the card and the transaction variable received from the terminal and means on the card to generate a message authentication code (MAC) using a time variant key based upon the user'"'"'s PAN, KP and the card-generated composite transaction variable; second card means to return the message request and the MAC to the terminal and subsequently transmit it to local processing center; second local data processing center means at each local data processing center to encipher the appropriate session key under a cross-domain key whenever a transaction request message is received and to add the enciphered key to the message; first node means at each processing node of the public switch system to translate the enciphered session key from encipherment under a received cross-domain key to a transmission cross-domain key; first card-issuing agency'"'"'s data processing center means at the card-issuing agency'"'"'s data processing center to decipher the enciphered session key and to use the key to decipher any sensitive data contained in the request message; and second card-issuing agency'"'"'s data processing center means to regenerate the message authentication code using the time variant key which is generated from parameters based upon the PAN and KP and the received composite transaction variable for comparison with the message authentication code included in the received message.
-
Specification
-
- Resources
-
Current AssigneeInternational Business Machines Corporation
-
Original AssigneeInternational Business Machines Corporation
-
InventorsHolloway, Christopher J., Lennon, Richard E., Meyer, Carl H., Brachtl, Bruno, Matyas, Stephen M., Oseas, Jonathan
-
Primary Examiner(s)Atkinson, Charles E.
-
Assistant Examiner(s)Jablon, Clark A.
-
Application NumberUS07/091,310Time in Patent Office270 DaysField of Search364/406, 364/408, 364/717, 364/200 MS File, 364/900 MS File, 235/375, 235/379, 235/380, 235/382, 340/825.34, 380/24, 380/45, 380/47US Class Current705/78CPC Class CodesG06Q 20/0855 involving a third partyG06Q 20/20 Point-of-sale [POS] network...G06Q 20/341 Active cards, i.e. cards in...G06Q 20/3829 involving key managementG06Q 20/40 Authorisation, e.g. identif...G06Q 20/4097 using mutual authentication...G07F 7/1008 Active credit-cards provide...G07F 7/1016 Devices or methods for secu...
