Method and apparatus for establishing a secure smart card communication link through a communication network

US 7,437,560 B1
Filed: 07/23/1999
Issued: 10/14/2008
Est. Priority Date: 07/23/1999
Status: Expired due to Fees

First Claim

Patent Images

1. A method of establishing a secure communication link between a smart card and a central computer system through a communication network, the method comprising the steps of:

receiving at a smart card communication device an outgoing secure radio frequency signal transmitted from the smart card, the secure radio frequency signal including secured data formatted by the smart card to allow the central computer system to detect a modification to the secured data occurring during transmission beginning at the smart card and extending to the central computer system;

demodulating the outgoing secure radio frequency signal using the smart card communication device to produce an outgoing secure data signal, wherein the demodulating of the outgoing secure radio frequency signal is without deciphering the secured data;

formatting the outgoing secure data signal in accordance with a communication network protocol to produce an outgoing formatted secure signal;

transmitting the outgoing formatted secure signal to the central computer system, wherein the central computer system is remote from the smart card communication device;

decoding, using a security device coupled to the central computer system, data from the outgoing formatted secure signal to detect the modification to the secured data occurring during transmission beginning at the smart card and extending to the central computer system;

processing, with the central computer system, a transaction for the smart card using the secured data included in the outgoing formatted secure signal; and

encoding central computer system information using the security device to produce an incoming secure data signal comprising an incoming set of secured data, the incoming set formatted to allow the smart card to detect a modification to the incoming set occurring during transmission beginning at the central computer system and extending to the smart card.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A secure communication link is established between a smart card and a remote central computer system through a network by using security functions at the smart card and the central computer system. A smart card communication device facilitates the exchange of data between the smart card and a local processor by modulating data signals sent from the local processor and demodulating signal transmitted from the smart card. The local processor couples the data signals to the network while maintaining the secure data in its secure state. The secure link can be used to perform a smart card transaction.

46 Citations

View as Search Results

32 Claims

1. A method of establishing a secure communication link between a smart card and a central computer system through a communication network, the method comprising the steps of:
- receiving at a smart card communication device an outgoing secure radio frequency signal transmitted from the smart card, the secure radio frequency signal including secured data formatted by the smart card to allow the central computer system to detect a modification to the secured data occurring during transmission beginning at the smart card and extending to the central computer system;
  
  demodulating the outgoing secure radio frequency signal using the smart card communication device to produce an outgoing secure data signal, wherein the demodulating of the outgoing secure radio frequency signal is without deciphering the secured data;
  
  formatting the outgoing secure data signal in accordance with a communication network protocol to produce an outgoing formatted secure signal;
  
  transmitting the outgoing formatted secure signal to the central computer system, wherein the central computer system is remote from the smart card communication device;
  
  decoding, using a security device coupled to the central computer system, data from the outgoing formatted secure signal to detect the modification to the secured data occurring during transmission beginning at the smart card and extending to the central computer system;
  
  processing, with the central computer system, a transaction for the smart card using the secured data included in the outgoing formatted secure signal; and
  
  encoding central computer system information using the security device to produce an incoming secure data signal comprising an incoming set of secured data, the incoming set formatted to allow the smart card to detect a modification to the incoming set occurring during transmission beginning at the central computer system and extending to the smart card.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. A method in accordance with claim 1 further comprising the step of subjecting outgoing secure data contained within the outgoing secure radio frequency signal to a security function only at the smart card and at the central computer system.
  - 3. A method in accordance with claim 1 further comprising the step of reformatting, at the central computer system, the outgoing formatted secure signal to produce the outgoing secure data signal, the outgoing secure data signal comprising the secured data, wherein the step of decoding further comprises decoding the outgoing secure data signal to receive smart card information included within the outgoing secure data signal.
  - 4. A method in accordance with claim 3 further comprising the steps of:
    - receiving an incoming secure formatted signal from the central computer system at the smart card communication device through the communication network, the incoming secure formatted signal formatted in accordance with the communication network protocol;
      
      reformatting the incoming secure formatted signal using the smart card communication device to produce an incoming secure data signal; and
      
      transmitting an incoming secure radio frequency signal from the smart card communication device to the smart card, wherein the incoming secure radio frequency signal is modulated in accordance with the incoming secure data signal.
  - 5. A method in accordance with claim 4 further comprising the steps of:
    - demodulating the incoming secure radio frequency signal within the smart card to produce the incoming secure data signal; and
      
      decoding the incoming secure data signal to receive central computer information included within the incoming secure data signal.
  - 6. A method in accordance with claim 5 wherein the step of decoding the outgoing secure data signal comprises the step of implementing a security function using a security device remote from the smart card communication device and coupled to the central computer system to decode the outgoing secure data signal.
  - 7. A method in accordance with claim 6 further comprising the step of encoding outgoing data within the smart card using a security function to produce the outgoing secure data signal.
  - 8. A method in accordance with claim 6 wherein the step of encoding further comprises the steps of:
    - generating a message authentication code at the smart card; and
      
      appending the message authentication code to the outgoing data.
  - 9. A method in accordance with claim 8, wherein the step of decoding comprises the step of observing a characteristic of the outgoing data in accordance with the message authentication code.
  - 10. A method in accordance with claim 9, wherein the step of observing comprises the step of:
    - generating the message authentication code at the central computer system; and
      
      comparing the secure outgoing data signal to the message authentication code to detect the modification to the secured data.
  - 11. A method in accordance with claim 9 wherein the step of decoding the incoming secure data signal comprises the step of decoding the incoming secure data signal within the smart card using a security function.
  - 12. A method in accordance with claim 11 wherein the step of encoding further comprises the steps of:
    - generating a message authentication code at the central computer system; and
      
      appending the message authentication code to the incoming data.
  - 13. A method in accordance with claim 12, wherein the step of decoding the incoming secure data signal comprises the step of observing a characteristic of the incoming secure data signal in accordance with the message authentication code.
  - 14. A method in accordance with claim 13, wherein the step of observing comprises the step of:
    - generating the message authentication code at the smart card; and
      
      comparing the secure incoming data signal to the message authentication code to detect an unauthorized modification of the incoming data.
  - 15. A method in accordance with claim 1 wherein the secured data is formatted to allow the central computer system to authenticate identity of the sender.

16. A method of establishing a secure communication link between a smart card and a central computer system through a communication network, the method comprising the steps of:
- encoding, using the smart card, information within the smart card using a security function to produce an outgoing secure data signal comprising a first set of secured data, the first set formatted to allow the central computer system to detect a modification to the first set occurring during transmission beginning at the smart card and extending to the central computer system;
  
  transmitting an outgoing secure radio frequency signal including the outgoing secure data signal to a smart card communication device;
  
  demodulating an outgoing secure radio frequency signal at the smart card communication device to produce the outgoing secure data signal;
  
  formatting the outgoing secure data signal in accordance with a communication network protocol to produce an outgoing formatted secure signal;
  
  transmitting the outgoing formatted secure signal to the central computer system through a communication network, the central computer system located remotely from the smart card communication device;
  
  reformatting the outgoing formatted secure signal to produce the outgoing secure data signal; and
  
  decoding, using a security device coupled to the central computer system, the outgoing secure data signal to receive the smart card information and to detect whether the modification to the first set occurred during transmission beginning at the smart card and extending to the central computer system;
  
  processing, using the central computer system, a transaction for the smart card using the decoded smart card information;
  
  encoding central computer system information using the security device to produce an incoming secure data signal comprising a second set of secured data, the second set formatted to allow the smart card to detect a modification to the second set occurring during transmission beginning at the central computer system and extending to the smart card;
  
  formatting the incoming secure data signal to produce an incoming secure formatted signal;
  
  receiving the incoming secure formatted signal from the central computer system through the communication network, the incoming secure formatted signal formatted in accordance with the communication network protocol;
  
  reformatting the incoming secure formatted signal to produce the incoming secure data signal; and
  
  transmitting an incoming secure radio frequency signal to the smart card, wherein the incoming secure radio frequency signal is modulated in accordance with the incoming secure data signal;
  
  demodulating the incoming secure radio frequency signal within the smart card to produce the incoming secure data signal; and
  
  decoding the incoming secure data signal using a security function within the smart card to receive the central computer information at the smart card and to detect whether the modification to the second set occurred during transmission beginning at the central computer system and extending to the smart card.

17. A method of establishing a secure communication link between a smart card and a central computer system remotely located from the smart card, the method comprising the steps of:
- exchanging secure data through a radio frequency communication channel from a smart card communication device to the smart card;
  
  exchanging the secure data through a communication network from the central computer system to the smart card communication device;
  
  performing a security function at the smart card on a first set of the secure data received from and encoded by a security device at the central computer system for transmission to the smart card, the security function at the smart card performed to detect whether a modification to the first set of the secure data occurred during transmission beginning at the central computer system and extending to the smart card;
  
  performing the security function on the secure data using the security device at the central computer system to encode the first set of the secure data to allow the smart card to detect a modification to the first set of the secure data occurring during transmission beginning at the central computer system and extending to the smart card;
  
  decoding, using the security device, data transmitted from the smart card to detect a modification to a second set of the secure data occurring during transmission beginning at the smart card and extending to the central computer system; and
  
  processing, using the central computer system, a transaction for the smart card using the secure data.
- View Dependent Claims (18)
- - 18. A method in accordance with claim 17 wherein the step of exchanging the secure data through the communication network comprises the steps of:
    - formatting secure data in accordance with a communication network protocol;
      
      transmitting the secure data through the communication network;
      
      and reformatting the secure data.

19. A method of establishing a secure communication link between a smart card and a central computer system remotely located from the smart card, the method comprising the steps of:
- downloading communication link interface software to a processor local to a smart card communication device from a HTTP server in a remote computer system;
  
  exchanging secure data between the smart card and the smart card communication device through a radio frequency communication channel;
  
  exchanging the secure data between the smart card communication device and the central computer system through the processor running the downloaded communication link interface software, wherein the processor is coupled to the central computer system through a communication network and the processor is located remotely from the central computer system;
  
  decoding, using a security device coupled to the central computer system, a first set of the secure data received through the communication network to detect whether modification to the first set occurred during transmission beginning at the smart card and extending to the central computer system;
  
  processing, using the central computer system, a transaction for the smart card using the secure data; and
  
  encoding central computer system information using the security device to produce a second set of the secure data, the second set formatted to allow the smart card to detect a modification to the incoming set occurring during transmission beginning at the central computer system and extending to the smart card.

20. A method of establishing a secure communication link between a smart card and a central computer system remotely located from the smart card communication device, the method comprising the steps of:
- exchanging secure data with a smart card communication device through a baseband data channel, wherein the secure data comprises data exchanged between the smart card communication device and the smart card through a radio frequency channel;
  
  formatting the secure data at the smart card communication device in accordance with a communication network protocol;
  
  exchanging the secure data between the smart card communication device and the central computer system through a communication network, wherein a first set of the secure data is formatted by the smart card to allow the central computer system to detect a modification to the secure data occurring during transmission beginning at the smart card and extending to the central computer system;
  
  decoding, using a security device coupled to the central computer system, a first set of the secure data received through the communication network to detect whether modification to the first set occurred during transmission beginning at the smart card and extending to the central computer system,processing, using the central computer system, a transaction for the smart card using the secure data; and
  
  encoding central computer system information using the security device to produce a second set of secured data, the second set formatted to allow the smart card to detect a modification to the second set occurring during transmission beginning at the central computer system and extending to the smart card.
- View Dependent Claims (21, 22)
- - 21. A method in accordance with claim 20 wherein the secure data is not deciphered within the communication link.
  - 22. A method in accordance with claim 20 further comprising the step of subjecting the secure data to a security function only at the smart card and at the central computer system.

23. A smart card communication system for establishing a secure communication link between a smart card and a central computer system, the smart card communication system comprising:
- a smart card communication device comprising a radio frequency transceiver adapted to exchange secure data with the smart card through a radio frequency communication channel and a data communication interface;
  
  a processor coupled to the smart card communication device, the processor adapted to exchange the secure data with the data communication interface through a baseband data channel;
  
  a communication network coupled to the processor and adapted to exchange the secure data in accordance with a communication network protocol between the processor and the central computer system located remotely from the processor;
  
  a security device coupled to the central computer system and configured to;
  
  decode a first subset of the secure data received through the communication network to detect whether modification to the first set occurred during transmission beginning at the smart card and extending to the central computer system; and
  
  encode central computer system information to produce a second set of the secure data, the second set of the secure data formatted to allow the smart card to detect a modification to the secure data occurring during transmission beginning at the central computer system and extending to the smart card, the security device located remotely from the processor; and
  
  a smart card adapted to receive the second set of the secure data and detect whether a modification to the secure data occurred during transmission beginning at the central computer system and extending to the smart card.
- View Dependent Claims (24, 25)
- - 24. A system in accordance with claim 23 wherein the communication network is an Internet network and the communication network protocol is an Internet protocol.
  - 25. A system in accordance with claim 23 further comprising a smart card adapted to subject outgoing data to a security function to produce a secure outgoing data signal.

26. A smart card communication system including a smart card communication device having a local processor coupled to a remotely located central computer system through a communication network, the system comprising:
- a smart card communication device comprising;
  
  a radio frequency transceiver adapted to exchange secure data with a smart card through a radio frequency communication channel; and
  
  a data communication interface adapted to exchange the secure data with the processor through a baseband data communication channel without deciphering the secure data; and
  
  the central computer system coupled to a security device configured to;
  
  decode a first set of the secure data received through the communication network to detect whether modification to the first set occurred during transmission beginning at the smart card and extending to the central computer system; and
  
  encode central computer system information to produce a second set of the secure data, the second set of the secure data formatted to allow the smart card to detect a modification to the secure data occurring during transmission beginning at the central computer system and extending to the smart card, the security device located remotely from the processor.
- View Dependent Claims (27, 28, 29, 30, 31, 32)
- - 27. A system in accordance with claim 26 wherein the transceiver comprises:
    - a receiver adapted to receiving a secure outgoing radio frequency signal from a smart card to produce a secure outgoing data signal, the data communication interface adapted to send the outgoing data signal including the first set through the baseband data channel in a secure state.
  - 28. A system in accordance with claim 27 wherein the receiver comprises a demodulator adapted to demodulate the secure outgoing radio frequency signal to produce the secure outgoing data signal, the secure outgoing data signal comprising a plurality of logic highs and a plurality of logic lows corresponding to an intelligible message only when subjected to a security function.
  - 29. A system in accordance with claim 27 wherein the receiver comprises a demodulator adapted to demodulate the secure outgoing radio frequency signal to produce the secure outgoing data signal, the secure outgoing data signal comprising a plurality of logic highs and a plurality of logic lows corresponding to a verifiable authentic message only when subjected to a security function.
  - 30. A system in accordance with claim 26 wherein the transceiver comprises a transmitter adapted to transmit a secure incoming radio frequency signal to the smart card, the secure incoming radio frequency signal based on a secure incoming data signal including the second set received by the data communication interface.
  - 31. A system in accordance with claim 30, wherein the transmitter comprises a modulator adapted to modulate the secure incoming data signal to produce the secure incoming radio frequency signal, the secure incoming data signal comprising a plurality of logic highs and plurality of logic lows corresponding to an intelligible message when subjected to a security function.
  - 32. A system in accordance with claim 30, wherein the transmitter comprises a modulator adapted to modulate the secure incoming data signal to produce the secure incoming radio frequency signal, the secure incoming data signal comprising a plurality of logic highs and plurality of logic lows corresponding to a verifiable authentic message only when subjected to a security function.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cubic Corporation
Original Assignee
Cubic Corporation
Inventors
Kelly, Guy M., Ravenis, Joseph V J II, Plum, Don P., Carta, David R., Page, Kevin J.
Primary Examiner(s)
Parthasarathy; Pramila

Application Number

US09/360,068
Time in Patent Office

3,371 Days
Field of Search

713/153, 713192-194, 713/172, 235/380, 235/382, 235/382.5, 235/492, 235/379, 705/44, 705/73, 705/76
US Class Current

713/176
CPC Class Codes

G06Q 20/3415   Cards acting autonomously a...

G06Q 20/363   with the personal data of a...

G07F 7/0866   by active credit-cards adap...

G07F 7/1008   Active credit-cards provide...

Method and apparatus for establishing a secure smart card communication link through a communication network

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

46 Citations

32 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for establishing a secure smart card communication link through a communication network

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

46 Citations

32 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links