Apparatus for communicating with data systems and a method of communicating with data systems
First Claim
1. A financial transaction terminal for use with a data carrying card, comprising:
- communication means for communication with first and second mutually exclusive data systems;
card data input means for receiving data originating from said data carrying card and for receiving a card identification signal positively identifying said card as a card belonging to said first data system or, alternatively, as a card belonging to said second data system;
pesonal code input means for input of a personal authentication code;
first storage means for storing an encryption algorithm and a transmission protocol corresponding to said first data system;
encryption means, connected to said card data input means, said personal code input means, said first storage means and said communication means, for encrypting said data and said code by employing said encryption algorithm stored in said first storage means, provided said card is positively identified as a card belonging to said first data system by employing said card identification signal, and for outputting said data and said code in encrypted form through said communication means to said first data system controlled by said transmission protocol stored in said first storage means for on-line verification of said data relative to said code by said first data system;
second storage means for storing a verification algorithm corresponding to said second data system; and
comparator means, connected to said card data input means, said personal code input means, said second storage means and said communication means, for comparing said data and said code by employing said verification algorithm stored in said second storage means, for off-line verification of the authenticity of a person in possession of said card relative to said second data system, provided said card is positively identified as a card belonging to said second data system by employing said card identification signal, and for outputting an authenticity code through said communication means to said second data system in case said data are verified relative to said code by employing said verification algorithm stored in said second storage means, such that said data and said code are not disclosed to said second data system.
1 Assignment
0 Petitions
Accused Products
Abstract
An apparatus communicating with data systems, and a method of communicating with data systems. In an apparatus (10, 49) communicating with a high secrecy and high security on-line verification data system (40) and an off-line verification data system (18) of a lower secrecy and security level, a person in possession of a card (21, 22, 12, 24) inputs the card into the apparatus (10, 49). The data are read from the card and input to a security module (50) of the apparatus. On the basis of the data read from the card, the apparatus (10, 49) identifies the card as a card belonging to the on-line data system or the off-line data system. Within the security module (50) of the apparatus (10, 49), a keyboard (46) is arranged, which is adapted to be activated by the person in possession of the card for inputting a personal authentication code (actually a PIN-code) into the security module. Provided the card has been identified as a card belonging to the on-line data system (40), the data read from the card (21) and the code input by means of the keyboard (46) are encrypted by employed an encryption algorithm which is stored in a first storage means of the security module (50) and are output to the on-line data system (40), within which the authenticity of the person in possession of the card is verified. Provided the card has been identified as a card belonging to the data system of lower secrecy and security level (18), the data read from the card (22, 23, 24) are compared to the code input by means of the keyboard (46) by employing a verification algorithm, which is stored in a second storage means of the security module (50), in a comparator of the security module (50). As a result of the comparison within the comparator an authenticity code or, alternatively, a non-authenticity code is output to the off-line data system, exclusively. A coherent set of data and code is under no circumstances output from the apparatus to the data system of lower secrecy and security level. Consequently, the problem of eliminating transparency from the lower level secrecy and security data system to the high secrecy and high security data system is solved.
73 Citations
12 Claims
-
1. A financial transaction terminal for use with a data carrying card, comprising:
-
communication means for communication with first and second mutually exclusive data systems; card data input means for receiving data originating from said data carrying card and for receiving a card identification signal positively identifying said card as a card belonging to said first data system or, alternatively, as a card belonging to said second data system; pesonal code input means for input of a personal authentication code; first storage means for storing an encryption algorithm and a transmission protocol corresponding to said first data system; encryption means, connected to said card data input means, said personal code input means, said first storage means and said communication means, for encrypting said data and said code by employing said encryption algorithm stored in said first storage means, provided said card is positively identified as a card belonging to said first data system by employing said card identification signal, and for outputting said data and said code in encrypted form through said communication means to said first data system controlled by said transmission protocol stored in said first storage means for on-line verification of said data relative to said code by said first data system; second storage means for storing a verification algorithm corresponding to said second data system; and comparator means, connected to said card data input means, said personal code input means, said second storage means and said communication means, for comparing said data and said code by employing said verification algorithm stored in said second storage means, for off-line verification of the authenticity of a person in possession of said card relative to said second data system, provided said card is positively identified as a card belonging to said second data system by employing said card identification signal, and for outputting an authenticity code through said communication means to said second data system in case said data are verified relative to said code by employing said verification algorithm stored in said second storage means, such that said data and said code are not disclosed to said second data system. - View Dependent Claims (2)
-
-
3. A financial transaction terminal for use with a data carrying card, comprising:
-
card data input means for receiving data originating from said data carrying card and for receiving a card identification signal positively identifying said card as a card belonging to said first data system or, alternatively, as a card belonging to said second data system; personal code input means for input of a personal authentication code; first storage means for storing an encryption algorithm and a transmission protocol corresponding to said first data system; first communication means for communication with a first data system; encryption means, connected to said card data input means, said personal code input means, said first storage means and said first communication means, for encrypting said data and said code by employing said encryption algorithm stored in said first storage means, provided said card is positively identified as a card belonging to said first data system by employing said card identification signal, and for outputting said data and said code in encrypted form through said first communication means to said first data system controlled by said transmission protocol stored in said first storage means for on-line verification of said data relative to said code by said first data system; second storage means for storing a verification algorithm corresponding to said second data system; second communication means for communication with a second data system, said first and second data systems being mutually exclusive; and comparator means, connected to said card data input means, said personal code input means, said second storage means and said second communication means, for comparing said data and said code by employing said verification algorithm stored in said second storage means, for off-line verification of the authenticity of a person in possession of said card relative to said second data system, provided said card is positively identified as a card belonging to said second data system by employing said card identification signal, and for outputting an authenticity code through said second communication means to said second data system in case said data are verified relative to said code by employing said verification algorithm stored in said second storage means or, alternatively, for outputting a non-authenticity code through said second communication means to said second data system in case said data are not verified relative to said code by employing said verification algorithm stored in said second storage means, such that said data and said code are not disclosed to said second data system.
-
-
4. A financial transaction terminal for use with a data carrying card, comprising:
-
communication means for communication with first and second mutually exclusive data systems; card data input means for receiving data originating from said data carrying card and for receiving a card identification signal positively identifying said card as a card belonging to said first data system or, alternatively, as a card belonging to said second data system; personal code input means for input of a personal authentication code; first storage means for storing an encryption algorithm and a transmission protocol corresponding to said first data system; encryption means, connected to said card data input means, said personal code input means, said first storage means and said communication means, for encrypting said data and said code by employing said encryption algorithm stored in said first storage means, provided said card is positively identified as a card belonging to said first data system by employing said card identification signal, and for outputting said data and said code in encrypted form through said communication means to said first data system controlled by said transmission protocol stored in said first storage means for on-line verification of said data relative to said code by said first data system; second storage means for storing a verification algorithm corresponding to said second data system; and comparator means, connected to said card data input means, said personal code means, said second storage means and said communication means, for comparing said data and said code by employing said verification algorithm stored in said second storage means, for off-line verification of the authenticity of a person in possession of said card relative to said second data system, provided said card is positively identified as a card belonging to said second data system by employing said card identification signal, and for outputting an authenticity code through said communication means to said second data system in case said data are verified relative to said code by employing said verification algorithm stored in said second storage means or, alternatively, for outputting a non-authenticity code through said communication means to said second data system in case said data are not verified relative to said code by employing said verification algorithm stored in said second storage means, said authenticity code and said non-authenticity code being of structures not including said data and said code such that said data and said code are not disclosed to said second data system.
-
-
5. A financial transaction terminal for use with a data carrying card, comprising:
-
communication means for communication with first and second mutually exclusive data systems; card data input means for receiving data originating from said data carrying card and for receiving a card identification signal positively identifying said card as a card belonging to said first data system or, alternatively, as a card belonging to said second data system; personal code input means for input of a personal authentication code; first storage means for storing a first encryption algorithm and a transmission protocol corresponding to said first data system; first encryption means, connected to said card data input means, said personal code input means, said first storage means and said communication means, for encrypting said data and said code by employing said first encryption algorithm stored in said first storage means, provided said card is positively identified as a card belonging to said first data system by employing said card identification signal, and for outputting said data and said code in encrypted form through said communication means to said first data system controlled by said transmission protocol stored in said first storage means for on-line verification of said data relative to said code by said first data system; second storage means for storing a second encryption algorithm and a verification algorithm corresponding to said second data system; second encryption means connected to said card data input means, said personal code input means, said second storage means and said communication means, for encrypting said data and said code by employing said second encryption algorithm stored in said second storage means, provided said card is positively identified as a card belonging to said second data system by employing said card identification signal; and comparator means, connected to said second encryption means, said second storage means and said communication means, for comparing said data and said code in encrypted form supplied from said second encryption means by employing said verification algorithm stored in said second storage means, for off-line verification of the authenticity of a person in possession of said card relative to said second data system, provided said card is positively identified as a card belonging to said second data system by employing said card identification signal, and for outputting an authenticity code through said communication means to said second data system in case said data are verified relative to said code by employing said verification algorithm stored in said second storage means or, alternatively, for outputting a non-authenticity code through said communication means to said second data system in case said data are not verified relative to said code by employing said verification algorithm stored in said second storage means, such that said data and said code are not disclosed to said second data system. - View Dependent Claims (6)
-
-
7. A financial transaction terminal for use with a data carrying card, comprising:
-
communication means for communication with first and second mutually exclusive data systems; card data input means for receiving data originating from said data carrying card and for generating a card identification signal positively identifying said card as a card belonging to said first data system, as a card belonging to said second data system or as a card belonging to neither of said data systems; personal code input means for input of a personal authentication code; first storage means for storing an encryption algorithm and a transmission protocol corresponding to said first data system; encryption means, connected to said card data input means, said personal code input means, said first storage means and said communication means, for encrypting said data and said code by employing said encryption algorithm stored in said first storage means, provided said card is positively identified as a card belonging to said first data system by employing said card identification signal, and for outputting said data and said code in encrypted form through said communication means to said first data system controlled by said transmission protocol stored in said first storage means for on-line verification of said data relative to said code by said first data system; second storage means for storing a verification algorithm corresponding to said second data system; and comparator means, connected to said card data input means, said personal code means, said second storage means and said communication means, for comparing said data and said code by employing said verification algorithm stored in said second storage means, for off-line verification of the authenticity of a person in possession of said card relative to said second data system, provided said card is positively identified as a card belonging to said second data system by employing said card identification signal, and for outputting an authenticity code through said communication means to said second data system in case said data are verified relative to said code by employing said verification algorithm stored in said second storage means, such that said data and said code are not disclosed to said second data system. - View Dependent Claims (8)
-
-
9. A financial transaction terminal for use with a data carrying card, comprising:
-
communication means for communication with first and second mutually exclusive data systems; card reading means for reading data from said data carrying card; card data input means for receiving said data from said card reading means and for generating a card identification signal positively identifying said card as a card belonging to said first data system, as a card belonging to said second data system or as a card belonging to neither of said data systems; personal code input means for input of a personal authentication code; temporary storage means for temporarily storing said data and said code; first storage means for storing an encryption algorithm and a transmission protocol corresponding to said first data system; encryption means, connected to said card data input means, said temporary storage means, said first storage means and said communication means, for encrypting said data and said code stored in said temporary storage means by employing said encryption algorithm stored in said first storage means, provided said card is positively identified as a card belonging to said first data system by employing said card identification signal, and for outputting said data and said code in encrypted form through said communication means to said first data system controlled by said transmission protocol stored in said first storage means for on-line verification of said data relative to said code by said first data system; data receiving means connected to said first data system through said communication means, for receiving a verification code or, alternatively, a non-verification code from said first data system as a result of said on-line verification, second storage means for storing a verification algorithm corresponding to said second data system; and comparator means, connected to said card data input means, said temporary storage means, said second storage means and said communication means, for comparing said data and said code by employing said verification algorithm stored in said second storage means, for off-line verification of the authenticity of a person in possession of said card relative to said second data system, provided said card is positively identified as a card belonging to said second data system by employing said card identification signal, and for outputting an authenticity code through said communication means to said second data system in case said data are verified relative to said code by employing said verification algorithm stored in said second storage means or, alternatively, for outputting a non-authenticity code through said communication means to said second data system in case said data are not verified relative to said code by employing said verification algorithm stored in said second storage means, such that said data and said code are not disclosed to said second data system.
-
-
10. A financial transaction terminal for use with a data carrying card, comprising:
-
communication means for communication with first and second mutually exclusive data systems; card reading means for reading data from said data carrying card; card data input means for receiving said data from said card reading means and for generating a card identification signal positively identifying said card as a card belonging to said first data system, as a card belonging to said second data system or as a card belonging to neither of said data systems; personal code input means for input of a personal authentication code; random number generating means for generating a random number, temporary storage means for temporarily storing said data, said code and said random number generated by said random number generating means; first storage means for storing an encryption algorithm and a transmission protocol corresponding to said first data system; encryption means, connected to said card data input means, said temporary storage means, said first storage means and said communication means, for encrypting said data, said code and said random number stored in said temporary storage means by employing said encryption algorithm stored in said first storage means, provided said card is positively identified as a card belonging to said first data system by employing said card identification signal, and for outputting said data, said code and said random number in encrypted form through said communication means to said first data system controlled by said transmission protocol stored in said first storage means for on-line verification of said data relative to said code by said first data system; data receiving means connected to said first data system through said communication means, for receiving a result code from said first data system representing a result of said on-line verification; first comparator means for comparing said result code and said random number stored in said temporary storage means for identifying said person in possession of said card as an authenticity verified person relative to said first data system when said result code and said random number are identical to one another or, alternatively, as a non-authenticity verified person relative to said first data system when said result code and said random number are different from one another; second storage means for storing a verification algorithm corresponding to said second data system; and second comparator means, connected to said card data input means, said personal code means, said second storage means and said communication means, for comparing said data and said code by employing said verification algorithm stored in said second storage means, for off-line verification of the authenticity of a person in possession of said card relative to said second data system, provided said card is positively identified as a card belonging to said second data system by employing said card identification signal, and for outputting an authenticity code through said communication means to said second data system in case said data are verified relative to said code by employing said verification algorithm stored in said second storage means or, alternatively, for outputting a non-authenticity code through said communication means to said second data system in case said data are not verified relative to said code by employing said verification algorithm stored in said second storage means, such that said data and said code are not disclosed to said second data system.
-
-
11. A financial transaction terminal for use with a data carrying card, comprising:
-
communication means for communication with first and second mutually exclusive data systems; card data input means for receiving data originating from said data carrying card and for receiving a card identification signal positively identifying said card as a card belonging to said first data system or, alternatively, as a card belonging to said second data system; personal code input means for input of a personal authentication code; first storage means for storing an encryption algorithm and a transmission protocol corresponding to said first data system; encryption means, connected to said card data input means, said personal code input means, said first storage means and said communication means, for encrypting said data and said code by employing said encryption algorithm stored in said first storage means, provided said card is positively identified as a card belonging to said first data system by employing said card identification signal, and for outputting said data and said code in encrypted form through said communication means to said first data system controlled by said transmission protocol stored in said first storage means for on-line verification of said data relative to said code by said first data system; second storage means for storing a verification algorithm corresponding to said second data system; comparator means, connected to said card data input means, said personal code means, said second storage means and said communication means, for comparing said data and said code by employing said verification algorithm stored in said second storage means, for off-line verification of the authenticity of a person in possession of said card relative to said second data system, provided said card is positively identified as a card belonging to said second data system by employing said card identification signal, and for outputting an authenticity code through said communication means to said second data system in case said data are verified relative to said code by employing said verification algorithm stored in said second storage means or, alternatively, for outputting a non-authenticity code through said communication means to said second data system in case said data are not verified relative to said code by employing said verification algorithm stored in said second storage means, such that said data and said code are not disclosed to said second data system; and a radiopaque, tamper- and tapping-proof housing enclosing at least said card data input means, said personal code input means, said first and second storage means, said encryption means, and said comparator means.
-
-
12. A method of communicating with at least two mutually exclusive data systems for use with a data carrying card, comprising the steps of:
-
(a) receiving data originating from the data carrying card; (b) inputting a personal authentication code; (c) identifying the card on the basis of said data received from the card, as a card belonging only to a first data system, as a card belonging only to a second data system, or as a card belonging to neither of said data systems; (d) encrypting said data and said code if the card is identified as a card belonging to said first data system; (e) outputting said encrypted data and said encrypted code to said first data system controlled by a transmission protocol if the card is identified as a card belonging to said first data system; (f) comparing said data and said code if the card is identified as a card belonging to said second data system; (g) producing an authenticity code if said data is verified relative to said code by employing a verification algorithm; (h) outputting said authenticity code if the card is identified as a card belonging to said second data system such that said data and code are not disclosed to said second data system.
-
Specification