Method and apparatus for authenticating a data carrier intended to enable a transaction or access to a service or a location, and corresponding carrier

1. A method for authenticating a data carrier held by a user as being genuinely issued by an authorized organization, before allowing said user to perform transactions or to have access to a service or a location on the premises of an affiliated distributor of said organization, the organization having a file defining current rights attaching to said carrier, the method comprising:

• assigning to said carrier a specific number (Ns) enabling said carrier to be distinguished from among a set of carriers produced by said organization,entering said specific number in the carrier,initializing said carrier at the organization by assigning to said carrier information (I) that is a function of the contents of said file and defines current rights attaching to said carrier, and by calculating, from said specific number (Ns) and said information (I), a current authentication value (VA) using an asymmetrical algorithm (F) and a secret key (Ks), and entering said current authentication value in said carrier;
  
  upon each use of said carrier, performing an authentication thereof by said affiliated distributor in a mode not coupled to the authorized organization, by performing a calculation, by applying an algorithm (G) correlated with said asymmetrical algorithm (F) to a public key (Kp) associated with said secret key (Ks) and to the current authentication value (VA) read from the carrier, to verify that the authentication value (VA) corresponds to the specific number (Ns) and the information (I) assigned to said carrier, and that the transaction or service requested is compatible with the information (I);
  
  based on a predetermined condition defining when an authentication of the data carrier must be made in a mode in which the terminal is coupled to the authorized organization, selectively performing an authentication of the data carrier in said mode coupled to the authorized organization by performing first an authentication of the carrier by the distributor or the authorized organization, which verifies that the current authentication value (VA) read from the carrier corresponds to the specific number (Ns) and the information (I) assigned to said carrier, and if the authentication is positive, making confirmation by the authorized organization that the carrier still possesses the rights as a function of the current status of said file, and then if the confirmation is affirmative and if a change of the information (I) is necessary in order to translate the current state of the rights, calculating from the specific number (Ns) and from an updated information (I) an updated authentication value (VA'"'"'), by means of the asymmetrical algorithm (F) and the secret key (Ks), and entering this updated value in the carrier.