Portable pin card
First Claim
1. A security apparatus comprising:
- at least one chip card with a machine readable account number, chip encryption parameters and chip algorithm stored in protected RAM;
means for entering a cardholder'"'"'s PIN code into protected storage;
a central computer which stores, for each of said chip cards, a reference PIN code, reference encryption parameters and a reference algorithm, wherein said reference encryption parameters and said reference algorithm are identical to said chip encryption parameters and said chip algorithm, respectively, stored in said chip cards;
said central computer including pseudo-random number generating means which generates a pseudo-random number having a plurality of digits;
a terminal which receives said chip card, scans encoded account number and communicates said account number to said central computer;
wherein said central computer uses said communicated account number to access and retrieve said reference PIN code and said reference encryption parameters, retrieves a pseudo-random number from said pseudo-random number generating means, transmits said pseudo-random number to said PIN Card, uses said reference encryption parameters and said reference algorithm to encrypt a function of said PIN code and said pseudo-random number to derive a first CGIPIN;
wherein said chip card uses said chip encryption parameters and said chip algorithm to encrypt a function of said pseudo-random number and said cardholder'"'"'s PIN in said protected storage in order to derive a second CGIPIN;
comparing means for comparing said first CGIPIN to said second CGIPIN, including means for alerting a user whether or not said first CGIPIN and said second CGIPIN match, thereby authorizing an access andwherein said chip and reference encryption parameters define a multidimensional matrix employed by said chip and reference algorithms wherein at least on digit of said pseudo-random number serves as an offset into the matrix.
1 Assignment
0 Petitions
Accused Products
Abstract
A portable Personal Identification Card allows a cardholder to enter a PIN code into his card at a location remote from an authorization terminal. In an alternate embodiment, a PIN code may be enterd at the authorization terminal. The authorization terminal reads the cardholder'"'"'s account number from the PIN card. The account number is transmitted to a central computer which uses this number to index into memory to find a personal identification number and encryption parameters. The centerl computer transmits a pseudo-random number to the PIN Card. Both the PIN Card and the central computer perform an encryption of a function of the corresponding personal indentification number and pseudo-random number to derive a CGIPIN (Computer Generated Image of the PIN). If the CGIPIN transmitted from the PIN card matches the CGIPIN of the central computer, access is authorized.
170 Citations
3 Claims
-
1. A security apparatus comprising:
-
at least one chip card with a machine readable account number, chip encryption parameters and chip algorithm stored in protected RAM; means for entering a cardholder'"'"'s PIN code into protected storage; a central computer which stores, for each of said chip cards, a reference PIN code, reference encryption parameters and a reference algorithm, wherein said reference encryption parameters and said reference algorithm are identical to said chip encryption parameters and said chip algorithm, respectively, stored in said chip cards; said central computer including pseudo-random number generating means which generates a pseudo-random number having a plurality of digits; a terminal which receives said chip card, scans encoded account number and communicates said account number to said central computer; wherein said central computer uses said communicated account number to access and retrieve said reference PIN code and said reference encryption parameters, retrieves a pseudo-random number from said pseudo-random number generating means, transmits said pseudo-random number to said PIN Card, uses said reference encryption parameters and said reference algorithm to encrypt a function of said PIN code and said pseudo-random number to derive a first CGIPIN; wherein said chip card uses said chip encryption parameters and said chip algorithm to encrypt a function of said pseudo-random number and said cardholder'"'"'s PIN in said protected storage in order to derive a second CGIPIN; comparing means for comparing said first CGIPIN to said second CGIPIN, including means for alerting a user whether or not said first CGIPIN and said second CGIPIN match, thereby authorizing an access and wherein said chip and reference encryption parameters define a multidimensional matrix employed by said chip and reference algorithms wherein at least on digit of said pseudo-random number serves as an offset into the matrix.
-
-
2. A security apparatus comprising:
-
at least one chip card with a machine readable account number, chip encryption parameters and chip algorithm stored in protected RAM; means for entering a cardholder'"'"'s PIN code into protected storage; a central computer which stores, for each of said chip cards, a reference PIN code, reference encryption parameters and a reference algorithm, wherein said reference encryption parameters and said reference algorithm are identical to said chip encryption parameters and said chip algorithm, respectively, stored in said chip cards; said central computer including pseudo-random number generating means which generates a pseudo-random number having a plurality of digits; a terminal which receives said chip card, scans encoded account number and communicates said account number of said central computer; wherein said central computer uses said communicated account number to access and retrieve said reference PIN code and said reference encryption parameters, retrieves a pseudo-random number from said pseudo-random number generating means, transmits said pseudo-random number to said PIN Card, uses said reference encryption parameters and said reference algorithm to encrypt a function of said PIN code and said pseudo-random number to derive a first CGIPIN; wherein said chip card uses said chip encryption parameters and said chip algorithm to encrypt a function of said pseudo-random number and said cardholder'"'"'s PIN in said protected storage in order to derive a second CGIPIN; comparing means for comparing said first CGIPIN to said second CGIPIN, including means for alerting a user whether or not said first CGIPIN and said second CGIPIN match, thereby authorizing an access and wherein said chip and reference encryption parameters define a matrix employed by said chip and reference algorithms; wherein the matrix comprises columns of 20 numbers 0-9 in arbitrary order which is repeated after the first ten digits; wherein one and only one incident of each digit 0-9 is used per half column; at least one digit of said pseudo-random number serves as an offset into the matrix, while remaining digits serve to name the columns used to calculate said CGIPIN.
-
-
3. A security apparatus comprising:
-
at least one chip card, without an encoded number therein, chip encryption parameters and chip algorithm stored in protected RAM; means for entering a machine readable account number in said chip card; means for entering a cardholder'"'"'s PIN code into protected storage; a central computer which stores, for each of said chip cards, a reference PIN code, reference encryption parameters and a reference algorithm, wherein said reference encryption parameters and said reference algorithm are identical to said chip encryption parameters and said chip algorithm, respectively, stored in said chip cards; said central computer including pseudo-random number generating means which generates a pseudo-random number having a plurality of digits; a terminal which receives said chip card, scans said encoded account number and communicates said account number to said central computer; wherein said central computer uses said communicated account number to access and retrieve said reference PIN code and said reference encryption parameters, retrieves a pseudo-random number from said pseudo-random number generating means, transmits said pseudo-random number to said PIN Card, uses said reference encryption parameters and said reference algorithm to encrypt a function of said PIN code and said pseudo-random number to derive a first CGIPIN; wherein said chip card uses said chip encryption parameters and said chip algorithm to encrypt a function of said pseudo-random number and said cardholder'"'"'s PIN in said protected storage in order to derive a second CGIPIN; comparing means for comparing said first CGIPIN to said second CGIPIN, including means for alerting a user whether or not said first CGIPIN and said second CGIPIN match, thereby authorizing an access and wherein said chip and reference encryption parameters define a matrix employed by said chip and reference algorithms wherein at least one digit of said pseudo-random number serves as an offset into said matrix.
-
Specification