System for testing, verifying legitimacy of smart card in-situ and for storing data therein
First Claim
1. A smart card authenticating device, comprising:
- a hand-held sized housing;
a slot for inserting a to-be-interrogated smart card;
a storage medium stored with clock or power glitching timing information provided by a smart card issuer; and
means for glitching clock or power in the smart card based upon said timing information, independent of any collaborating or communicating with any external computer system or equipment, to bypass authentication by a processor of the smart card via generating malfunction or confusion in the processor of the smart card to provide additional access thereinto;
means for interrogating the glitched smart card to compare a response from the glitched smart card to interrogation so as to determine whether the smart card is issued by the issuer, wherein said device operates in a hand-held, in-situ, and free-standing manner.
8 Assignments
0 Petitions
Accused Products
Abstract
A hand-held battery-operated device for interrogating and/or programming ISO7816 smart cards by means of an ISO7816 compliant card slot, in conjunction with a display, a keypad and barcode reader for data entry, a battery backup RAM for temporary storage of collected data, flash memory for storage of proprietary information provided by a smart card issuer, a RS232 port and RF link for communication with a host computer, in-system programming port for updating the flash program, all connected operatively to an internal microprocessor which perform clock or power glitching to access internal information of a smart card to determine whether the card has been tampered, compromised, and functionality.
51 Citations
20 Claims
-
1. A smart card authenticating device, comprising:
-
a hand-held sized housing;
a slot for inserting a to-be-interrogated smart card;
a storage medium stored with clock or power glitching timing information provided by a smart card issuer; and
means for glitching clock or power in the smart card based upon said timing information, independent of any collaborating or communicating with any external computer system or equipment, to bypass authentication by a processor of the smart card via generating malfunction or confusion in the processor of the smart card to provide additional access thereinto;
means for interrogating the glitched smart card to compare a response from the glitched smart card to interrogation so as to determine whether the smart card is issued by the issuer, wherein said device operates in a hand-held, in-situ, and free-standing manner. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A method for conducting smart card authentication in a hand-held, in-situ, and free-standing manner, comprising:
-
providing a hand-held smart card authenticating device with a hand-held sized housing, a storage medium and a smart card receiving slot;
storing current or power glitching timing information provided by a smart card issuer in the storage medium;
inserting the smart cart into the smart card receiving slot;
executing clock or power glitching on the smart card via the device based upon said timing information, independent of any collaborating or communicating with any external computer system or equipment, to bypass authentication by a processor of the smart card via generating malfunction or confusion in the processor of the smart card to provide additional access thereinto; and
interrogating the glitched smart card to compare a response from the glitched smart card to interrogation so as to determine whether the smart card is issued by the issuer or whether the smart card has been tampered with. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
-
Specification