JP2004215293A - Method for operating ic card processing system, ic card processing system and ic card - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide an IC card and an IC card processing system capable preventing injustice such as falsification or forgery. <P>SOLUTION: In the IC card processing system comprising the IC card and the IC card processing device giving various processings to the IC card, the IC card comprises a substraction processing means for performing a substraction processing to numerical value data stored in a storage means according to a first key data from the IC card processing device, a summation processing means for performing a summation processing to the numerical value data stored in the storage means according to a second key data from the IC card processing device. By giving necessary key data to the IC card processing device, a IC card processing function with the IC card processing device can be limited. <P>COPYRIGHT: (C)2004,JPO&NCIPI

Description

  The present invention relates to an IC card incorporating an IC (Integrated Circuit) chip having a control element such as a nonvolatile data memory and a CPU (Central Processing Unit), and an IC card processing system for processing the IC card.

  In recent years, IC cards having a built-in IC chip having a control element such as a non-volatile data memory and a CPU have been developed and used as personal information storage media such as credit cards and medical cards. In addition, there is a movement to use this kind of IC card as a prepaid card.

  Here, the flow of card processing when an IC card is used as a prepaid card will be described with reference to the flowchart of FIG.

  First, the validity of both the IC card and the terminal device is confirmed by the IC card and the terminal device performing the IC card processing (ST10). The validity is determined by a method of mutual authentication using a random number, a secret key, and the like, which will be described later. When the validity of both is confirmed, the expiration date is read (ST12), and it is checked whether the card is within the expiration date. When it is determined that the expiration date has passed (ST14, YES), the balance recorded on the card is read (ST16). Only when there is a balance (ST18, YES), the usage amount is subtracted from the balance and a new balance is calculated (ST20). At this time, on condition that the new balance is 0 or more (new balance ≧ 0) (ST22, YES), the card new balance is written (ST24).

  The individual processes in the flow of the card process described above will be described in detail below.

(1) Amount rewriting command When a $ C card is used as a prepaid card, the amount is written as a numerical value as amount information in the card. For this reason, the procedure for rewriting the amount in the card by the card terminal device that processes the IC card is "reading the current balance in the card → subtracting in the terminal device → writing the subtraction result as a new balance to the card". For this reason, even in a terminal device (= subtraction machine) such as a vending machine or a card phone that requires only a simple "subtraction" function, the internal processing is performed by a "rewrite command" having the same numerical value as that for increasing the balance in the card. Writing for reduction is performed.

(2) Submission Permit Condition A subtraction machine that performs writing for a reduction by a “rewrite command” having the same numerical value as that for increasing the balance in the card, like the “amount rewrite command”, is sufficient to increase the amount. Have access rights.

(3) Random Number The random number output by the card for authentication of the card itself and the terminal device is a one-to-one value with respect to externally provided information for generating a certain random number. FIG. 2 shows the procedure of mutual authentication as an example of how to use random numbers. The mutual authentication will be described with reference to FIG.

  * 0. The terminal device generates a random number R1.

  * 1. A random number R1 is transmitted from the terminal device to the card together with the terminal device-side designated secret key number M (1 to 5).

  * 2. On the card side, a random number R2 is generated from the value (card unique number or the like) stored in the random number area and the random number R1.

  * 3. The random number R2 is transmitted from the card to the terminal device together with the card designation secret number key N (1 to 5).

  * 4. On the terminal device side, the random number R2 is encrypted with the card-side designated secret key NNNN to generate C2.

  * 5. C2 is transmitted from the terminal device to the card.

  * 6. On the card side, the random number R2 is encrypted with the card-side designated secret key NNNN to generate C2X.

  * 7. On the card side, C2 received from the terminal device and C2X generated in * 6 are compared. If C2 and C2X match, the card confirms the validity of the terminal device.

  * 8. On the card side, the random number R1 is encrypted with the terminal device-side designated secret key MMMM to generate C1.

  * 9. The comparison result of C2 and C2X and the generated C1 are transmitted from the card to the terminal device.

  * 10. On the terminal device side, the random number R1 is encrypted with the terminal device-side designated secret key MMMM to generate C1X.

  * 11. On the terminal device side, C1 received from the card is compared with C1X generated in * 10. If C1 and C1X match, the terminal device confirms the validity of the card.

  Mutual authentication is performed as described above, and the validity of the card and the terminal device is confirmed.

(4) Private key The private key used for mutual authentication between the card itself and the terminal device and for generating the validity confirmation information described later, etc., is one type of fixed value or if the card and the terminal device have more than one, Specified from outside (= terminal device side).

(5) Required information output function To read out a plurality of pieces of information, such as the expiration date and balance of the card, which are both necessary for the prepaid transaction but are not appropriate to be stored in the same area, to the device side, use the “read command”. Is used multiple times to access each area individually. FIG. 14 showing this outline will be described.

  First, the terminal device requests the card side to select an issue date storage area. In response to the request, the card selects an area, and the card returns a response to the terminal device. Next, the terminal device requests the card to verify the issue date storage area access key. In response to the request, the card performs key collation, and the card returns a response to the terminal device. Next, the terminal device requests the card to read the issue date (expiration date). In response to the request, the card reads the issue date, and the card sends the issue date to the terminal device. Next, the terminal device requests the card side to select a balance storage area. In response to the request, the card selects an area, and the card returns a response to the terminal device. Next, the terminal device requests the card to verify the access key in the balance storage area. In response to the request, the card performs key collation, and the card returns a response to the terminal device. Next, the terminal device requests the card to read the balance. The card reads the balance in response to the request, and the card sends the balance to the terminal device. Next, the terminal device requests the card to verify the access key of the secret key number. In response to the request, the card performs key collation, and the card returns a response to the terminal device. Next, the terminal device requests the card to read the secret key number. In response to this request, the card reads the secret key number, and the card returns the secret key number to the terminal device. Hereinafter, the processing is continued in this manner.

(6) Confirmation of message validity Each message of command (request) and response (status) exchanged between the card and the terminal device has an error such as parity in character unit as communication control and BCC (block check code) in message unit. If there is no general transmission error, such as that there is no error message, that the message format is mutually specified, and if there is no deficiency in application data such as the value of keys and random numbers in authentication-related commands, all messages are interchangeable. Is processed.

  However, the above-described (1) to (6) have problems, respectively, and the problems are described below in association with (1) to (6).

(1) Amount Rewriting Command Even in a subtraction machine such as a vending machine, a writing process for reducing the amount is performed by a “rewriting command” having the same numerical value as that for increasing the balance in the card as an internal process. Therefore, "addition = increase" can be performed instead of "subtraction" by improperly designing such a subtracter. Usually, the "card depositing machine" that writes to increase the amount of money in the card is strictly controlled from its function and measures are taken to prevent unauthorized use, but vending machines and cards where "subtraction" is the main function is originally A subtraction machine such as a telephone is easily available for the purpose of tampering with a deposit machine, and is a good tool for those who intend to modify the card. Also, rewriting the amount of money requires two accesses to the card, once reading the current value and writing the value subtracted on the device side as a new value, except for the access by the key collation command. The procedure of this processing will be described with reference to FIG.

  First, a key is transmitted together with a key collation command from the terminal device (subtractor) to the card. On the card side, the key transmitted from the terminal device side is received and collated. Next, the key collation result is sent from the card side to the terminal device. At this time, if the transmitted key collation result is NG, the processing is interrupted. Next, a read command is transmitted from the terminal device to the card. When the card receives the read command transmitted from the terminal device, the current value (balance) recorded on the card is transmitted to the terminal device. In the terminal device, the usage amount is subtracted from the read current value. At this time, if the balance becomes minus (the balance <0), an error is returned from the card side and the processing is interrupted. On condition that the balance is 0 or more (the balance ≧ 0), a new value, which is the balance, is transmitted from the terminal device side to the card side together with the write command. When a write command and a new value are received on the card side, the received new value is written. Then, a new value writing result is transmitted from the card side to the terminal device side, and the writing result is confirmed on the terminal device side.

(2) Conditions for permitting subtraction A subtraction machine that has sufficient access rights to increase the amount of money, as in the example of “(1) Amount rewriting command”, illegally modifies this command instead of “subtraction”. "Addition = increase" is possible, making it a good tool for those who plan to modify cards.

(3) Random Numbers By giving various values to the card from the outside and analyzing the values of the random numbers output each time, the encryption key value and the encryption logic in the card can be analyzed, which is a clue for card forgery.

(4) Secret key When encrypting data with a card, the key value in the card is analyzed by giving fixed data to be encrypted to the card from the outside and analyzing the encrypted value output each time. , Is a clue to card forgery. If there are multiple keys, they are analyzed in the same way by specifying a number from outside.

(5) Required information output function The information required for the prepaid transaction includes the card issue date (use start date) or expiration date, the prepaid balance in the card, the previous use date, the secret key number for generating the message validity confirmation information, and the random number and so on. If these access rights are different, they are stored in separate areas for each access right. Therefore, when the device accesses the card and executes a prepaid transaction, it must be read out separately, which requires extra processing time.

(6) Confirmation of validity of message If the conditions for rewriting the amount of money are satisfied, the recorded amount in the valid card can be rewritten (increased) by the command message of rewriting the amount of money from a forged terminal device. Further, in response to an amount subtraction command from a legitimate terminal such as a vending machine, it is possible to purchase an article by an unauthorized card having a function of returning a response obtained by subtracting the amount in the card normally.

  SUMMARY OF THE INVENTION An object of the present invention is to provide an IC card and an IC card processing system capable of preventing improper operations such as falsification or forgery.

The present invention has been made based on the above problems,
The present invention provides an IC comprising: a transmitting / receiving means for transmitting / receiving data to / from an external device; a storing means for storing data; and a processing means for executing a corresponding process based on the data received by the transmitting / receiving means. In the card, the processing means includes subtraction processing means for performing subtraction processing on the numerical data stored in the storage means; and addition processing means for performing addition processing on the numerical data stored in the storage means.

  The present invention provides an IC comprising: a transmitting / receiving means for transmitting / receiving data to / from an external device; a storing means for storing data; and a processing means for executing a corresponding process based on the data received by the transmitting / receiving means. In the card, the processing means subtracts the numerical data stored in the storage means according to the first key data from the external device; and a second key data from the external device. An addition processing command for performing an addition processing on the numerical data stored in the storage means in accordance with the following; in the subtraction processing by the subtraction processing command, when the numerical data takes a negative value, the subtraction processing is stopped and the external device is notified. And negative value handling means for sending an error to the user.

  The present invention relates to an IC card processing system including an IC card and an IC card processing device for performing various processes on the IC card, wherein the IC card is configured to store first key data from the IC card processing device. Subtraction processing means for performing subtraction processing on the numerical data stored in the storage means in accordance with the following; and adding processing of the numerical data stored in the storage means in accordance with the second key data from the IC card processing device By providing necessary key data to the IC card processing device, the IC card processing function of the IC card processing device can be limited.

  The present invention relates to an IC card processing system including an IC card and an IC card processing device for performing various processes on the IC card, wherein the IC card is configured to store first key data from the IC card processing device. A subtraction processing command for performing a subtraction processing on the numerical data stored in the storage means in accordance with the following; and an addition processing of the numerical data stored in the storage means in accordance with the second key data from the IC card processing device And providing one of the first and second key data to the IC card processing device, thereby allowing the IC card processing function of the IC card processing device to perform subtraction processing and addition processing. It can be limited to either one of them.

  The present invention provides an IC comprising: a transmitting / receiving means for transmitting / receiving data to / from an external device; a storing means for storing data; and a processing means for executing a corresponding process based on the data received by the transmitting / receiving means. In the card, the storage means has bit data composed of bits in one of a first state and a second state, and accesses the bit data from the bit in the first state. Either the conversion to the bit in the second state or the conversion from the bit in the second state to the bit in the first state.

  The present invention provides an IC comprising: a transmitting / receiving means for transmitting / receiving data to / from an external device; a storing means for storing data; and a processing means for executing a corresponding process based on the data received by the transmitting / receiving means. In the card, the storage means has a plurality of sets of bit data indicating bits of one of a first state and a second state and indicating numerical data, and the storage means for changing the numerical data. The access to the bit data is performed by only one of the conversion from the bit in the first state to the bit in the second state and the conversion from the bit in the second state to the bit in the first state. By doing so, the change of the numerical data is limited to either increase or decrease.

  The present invention provides an IC comprising: a transmitting / receiving means for transmitting / receiving data to / from an external device; a storing means for storing data; and a processing means for executing a corresponding process based on the data received by the transmitting / receiving means. In the card, the storage means has bit data which is constituted by bits in one of a first state and a second state and indicates bit data, and the storage means stores the bit data for changing the bit data. The access is one of conversion from the bit in the first state to the bit in the second state and conversion from the bit in the second state to the bit in the first state. The order of state conversion is scrambled according to a certain rule.

  The present invention provides an IC comprising: a transmitting / receiving means for transmitting / receiving data to / from an external device; a storing means for storing data; and a processing means for executing a corresponding process based on the data received by the transmitting / receiving means. In the card, the storage means has a writable area for a predetermined number of records, and restricts access to the area to additional writing of the record.

  The present invention provides an IC comprising: a transmitting / receiving means for transmitting / receiving data to / from an external device; a storing means for storing data; and a processing means for executing a corresponding process based on the data received by the transmitting / receiving means. In the card, the storage means has a writable area for a predetermined number of records, the remaining numerical data is indicated by an unrecorded area in the area, and access to the area for changing the numerical data is performed by the record. , The change of the numerical data is limited to a decrease.

  The present invention provides an IC comprising: a transmitting / receiving means for transmitting / receiving data to / from an external device; a storing means for storing data; and a processing means for executing a corresponding process based on the data received by the transmitting / receiving means. In the card, the storage means has a writable area for a predetermined number of records, the remaining numerical data is indicated by an unrecorded area in the area, and access to the area for changing the numerical data is performed by the record. , The change of the numerical data is limited to increase only.

  The present invention provides an IC comprising: a transmitting / receiving means for transmitting / receiving data to / from an external device; a storing means for storing data; and a processing means for executing a corresponding process based on the data received by the transmitting / receiving means. In the card, the storage means has a plurality of areas in which a predetermined number of records can be written, and the remaining numerical data is indicated by an unrecorded area in each of the plurality of areas, The access to the area is only one of the additional writing and erasing of the record for each area, and by setting different access rights to these additional writing and erasing, the change of the numerical data in each of the plurality of areas can be performed. Restrict to either increase or decrease.

  The present invention provides an IC comprising: a transmitting / receiving means for transmitting / receiving data to / from an external device; a storing means for storing data; and a processing means for executing a corresponding process based on the data received by the transmitting / receiving means. In the card, the storage means has a writable area for a predetermined number of records, the remaining numerical data is indicated by an unrecorded area in the area, and access to the area for changing the numerical data is performed by the record. In addition to the above-described additional writing, by writing predetermined data in the record, the change of the numerical data is restricted only in a decreasing direction, and the content of the record is confirmed when the record is read.

  The present invention provides an IC comprising: a transmitting / receiving means for transmitting / receiving data to / from an external device; a storing means for storing data; and a processing means for executing a corresponding process based on the data received by the transmitting / receiving means. In the card, when changing the bit data stored in the storage means, only the bit data which is the logical sum of the previously written bit data and the newly written bit data can be changed.

  The present invention relates to an IC card processing system comprising an IC card and an IC card processing device for performing various processes on the IC card, wherein a numerical value stored in the IC card among the IC card processing devices is provided. The subtraction processing key data is given to the one that performs the subtraction processing on the data; when the numerical data stored in the IC card is rewritten, the original numerical data previously written and the IC card processing device Comparing the new numerical data to be sent with the newly written new numerical data; if the result of the comparison is that the new numerical data is smaller than the original numerical data, the subtraction processing key data of the IC card processing device which is the transmission source of the new numerical data; Is written, and the new numerical data is written.

  The present invention relates to an IC card processing system comprising an IC card and an IC card processing device for performing various processes on the IC card, wherein a numerical value stored in the IC card among the IC card processing devices is provided. A key that performs addition processing on data is provided with addition processing key data; when the numerical data stored in the IC card is rewritten, the original numerical data previously written and the IC card processing device Comparing the new numerical data to be sent with the newly written new numerical data; if the result of the comparison is that the new numerical data is larger than the original numerical data, the addition processing key data of the IC card processing device which is the transmission source of the new numerical data; Is written, and the new numerical data is written.

  The present invention relates to an IC card processing system comprising an IC card and an IC card processing device for performing various processes on the IC card, wherein a numerical value stored in the IC card among the IC card processing devices is provided. A key that performs subtraction processing on data is provided with key data for subtraction processing; an addition processing is performed on those IC card processing apparatuses that perform addition processing on numerical data stored in the IC card. Providing key data; comparing the numerical data stored in the IC card with the previously written original numerical data and newly written new numerical data sent from the IC card processing device; If the result of the comparison is that the new numerical data is smaller than the original numerical data, the IC card that is the source of the new numerical data The new numerical data is written after confirming the subtraction processing key data of the processing device; if the result of the comparison is that the new numerical data is larger than the original numerical data, the IC as the transmission source of the new numerical data After confirming the addition processing key data of the card processing device, the new numerical data is written; when the new numerical data is equal to the original numerical data as a result of the comparison, the writing of the new numerical data is stopped. .

  The present invention provides an IC comprising: a transmitting / receiving means for transmitting / receiving data to / from an external device; a storing means for storing data; and a processing means for executing a corresponding process based on the data received by the transmitting / receiving means. Each time the card stores a random number generated to authenticate the IC card itself and the IC card processing device that processes the IC card, the next random number is generated based on the stored random number. I do.

  The present invention relates to an IC card processing system including an IC card and an IC card processing device for performing various processes on the IC card. The IC card and the IC card processing device each determine which secret key of the plurality of secret keys is to be used according to the characteristics of data provided from the outside.

  The present invention relates to an IC card processing system including an IC card and an IC card processing device for performing various processes on the IC card. The IC card and the IC card processing device each determine which secret key of the plurality of secret keys to use according to the characteristics of the random number generated in the IC card. I do.

  The present invention relates to an IC card processing system including an IC card and an IC card processing device for performing various processes on the IC card. The IC card and the IC card processing device each determine which secret key of the plurality of secret keys to use, according to the characteristics of the date and time data at which the predetermined process is executed. I do.

  The present invention relates to an IC card processing system including an IC card and an IC card processing device for performing various processes on the IC card. The IC card and the IC card processing device each store the secret key of the plurality of secret keys in accordance with the feature of the random number generated in the IC card and the feature of the date and time data on which the predetermined process is executed. Decide which private key to use.

  The present invention provides an IC comprising: a transmitting / receiving means for transmitting / receiving data to / from an external device; a storing means for storing data; and a processing means for executing a corresponding process based on the data received by the transmitting / receiving means. The card reads out various data necessary for the transaction of the IC card distributed and stored in the storage means; and outputs the read data in a smaller number of electronic messages than the distributed number.

  The present invention provides an IC comprising: a transmitting / receiving means for transmitting / receiving data to / from an external device; a storing means for storing data; and a processing means for executing a corresponding process based on the data received by the transmitting / receiving means. The card reads out various data necessary for the transaction of the IC card, which are distributed and stored in the storage means; and outputs the read data in one electronic message.

  The present invention provides an IC comprising: a transmitting / receiving means for transmitting / receiving data to / from an external device; a storing means for storing data; and a processing means for executing a corresponding process based on the data received by the transmitting / receiving means. The card reads out various data necessary for the transaction of the IC card, which are distributed and stored in the storage means; and outputs the read data on the initial response of the IC card.

  The present invention relates to an IC card processing system including an IC card and an IC card processing device for performing various processes on the IC card. When transmitting a message from the IC card to the IC card processing device, or when transmitting a message from the IC card processing device to the IC card, On the transmitting side, the predetermined data is encrypted with a specific secret key of the plurality of secret keys, and the encrypted predetermined data is transmitted to the other party as a part of a telegram; The sender confirms the validity of the message sender by decrypting the encrypted predetermined data included in the received message, and confirms that the validity has been confirmed. Only performs the operations indicated received message to.

  The present invention relates to an IC card processing system including an IC card and an IC card processing device for performing various processes on the IC card. Transmitting the first data held by the IC card from the IC card to the IC card processing device; and transmitting the transmitted first data to the IC card processing device. Receiving, encrypting the received first data with a specific secret key among the plurality of secret keys held by the IC card processing device to obtain second data; A message including the second data is transmitted to the IC card; the IC card receives the transmitted message, and transmits the second message included in the message. By decrypting the data with a specific secret key among the plurality of secret keys held by the IC card and comparing the decrypted third data with the first data, the message transmission source Of the IC card processing device described above, and executes the operation indicated by the received message only when the validity is confirmed.

  The present invention relates to an IC card processing system including an IC card and an IC card processing device for performing various processes on the IC card. Transmitting the first data held by the IC card processing device from the IC card processing device to the IC card; and storing the transmitted first data in the IC card. Receiving and encrypting the received first data with a specific secret key among the plurality of secret keys held by the IC card to form second data; Transmitting an electronic message including the second data; receiving the transmitted electronic message in the IC card processing device, and transmitting the second electronic data included in the electronic message; By combining the data with a specific secret key among the plurality of secret keys held by the IC card processing device, and comparing the decrypted third data with the first data, The validity of the transmission source IC card is confirmed, and the operation indicated by the received message is executed only when the validity is confirmed.

  According to the present invention, the following IC card and IC card processing system can be provided.

(1) The subtraction command and the addition command are distinguished in the IC card, and the access rights to the respective commands are different, and the subtraction machine is given the access right for the subtraction command and the addition machine is given the access right for the addition command. This can prevent the addition process (or the subtraction process using the adder) from being performed using the subtractor. That is, fraud by an IC card processing device such as a subtractor or an adder can be prevented.

(2) Since the random number generated in the IC card is stored every time the random number is generated, and the next random number is generated based on the stored random number, the analysis of the encryption theory in the IC card can be prevented. In addition, alteration or forgery of the IC card can be prevented.

(3) When selecting a specific secret key from a plurality of secret keys held in the IC card and the IC card processing device, the secret key is selected by selecting the secret key according to the characteristics of externally provided data. The key becomes indefinite each time, so that alteration or forgery of the IC card can be prevented.

(4) By outputting information necessary for the IC card transaction dispersedly stored in the IC card in one electronic message or in a smaller number of electronic messages than the distributed number, rapid card processing can be performed. Further, by outputting information necessary for IC card transaction on the initial response of the card, quick card processing can be performed.

(5) A plurality of secret keys are held by both the IC card and the card processing device, and some data shared with each other is encrypted with a secret key specified by a secret key number for generating validity confirmation information output by the card. Is included as part of the message as validity confirmation information, and both the IC card and the IC card processing device confirm that the message has been sent from a valid party by the contents of the validity confirmation information. In addition, transactions by an unauthorized IC card or an unauthorized IC card processing device can be prevented.

  Hereinafter, embodiments of the present invention will be described with reference to the drawings.

  FIG. 18 is a diagram schematically showing a structure of an IC chip incorporated in an IC card according to one embodiment of the present invention.

  As shown in FIG. 18, the IC card includes a control unit 10 including a CPU for performing various processing of data, a data memory 12 for storing data such as money amount information necessary for the transaction of the IC card, and a storage content that is rewritten. It is composed of an impossible program memory 14 and a transmission / reception unit 16 for transmitting / receiving data to / from a terminal device handling the IC card. The control unit 10 performs an addition process or a subtraction process on the numerical data stored in the data memory 12 as necessary. Further, when the numerical data takes a negative value in the subtraction processing, control for stopping the subtraction processing is also performed.

  FIG. 19 is a diagram schematically showing a configuration of an IC card processing device that handles the above-described IC card, that is, a terminal device.

  As shown in FIG. 19, the terminal device includes a control unit 20 including a CPU for performing various processes of data, a storage unit 22 for storing various data, an operation unit 24 for receiving various operations from an operator, The CRT display 26 includes a CRT display 26 for displaying read data and the like, and a transmission / reception unit 28 for transmitting / receiving data to / from an IC card.

  Hereinafter, embodiments will be described in correspondence with problems (1) to (6).

(1) Amount rewriting command a. Dedicated card 1 (addition / subtraction-separate command)
As a dedicated card having a command to "add" and a command to "subtract" as different commands, the subtracter is equipped with only a subtraction command. The amount information on the card memory is represented by a numerical value indicating the amount. Also, if the above-described subtraction command is used, it is possible to send a value to be subtracted to the card without reading the current value at the time of the subtraction, and to perform a subtraction process in the card to respond.

  An example of this procedure will be described with reference to FIG.

  First, a key is transmitted together with a key collation command from the terminal device (subtractor) to the card. On the card side, the key transmitted from the terminal device side is received and collated. Next, the key collation result is sent from the card side to the terminal device. If the key verification result sent at this time is NG, the processing is interrupted. Next, the usage amount is transmitted from the terminal device to the card together with the subtraction command. When the card receives the subtraction command and the usage amount transmitted from the terminal device, the usage amount is subtracted from the current value (balance) recorded on the card (subtraction processing by the subtraction command).

  At this time, if the balance becomes minus (the balance <0), an error is returned from the card side to the terminal device side, and the processing is interrupted. A new value, which is the balance, is written to the card on condition that the balance is 0 or more (the balance ≧ 0). Then, a new value writing result (subtraction) is transmitted from the card side to the terminal device side, and the writing result is confirmed on the terminal device side.

  In the above-described card processing, the data in the card is treated as the money amount information, and the processing is interrupted when the balance becomes negative. However, a minus value may be handled.

  In this way, by setting the subtraction command and the addition command as different commands, only the subtraction command is set in the subtractor. Therefore, it is difficult to make the subtraction machine into a depositing machine by illegally modifying the subtracting machine, so that various misconducts can be prevented. In addition, as can be understood from the description of FIG. 4, at the time of rewriting the amount, only one access by the subtraction command is required except for the access by the key collation command.

b. Dedicated card part 2 (only reduction from maximum amount is possible)
Functionally, the command to change the amount is only "reduction". In other words, numerical data (money information) is indicated by bit data of bits consisting of the first state (0) or the second state (1). Then, the access related to the change of the numerical data by the bit data is performed based on whether the bit in the first state is the bit in the second state or the bit in the second state is the bit in the first state. Only.

  That is, the money amount information is represented by how many bits of the data bits are set, and the access related to the change of the money amount information in the card has only a function of defeating (decreasing, dropping, and zeroing) these bits. In the initial valuation, a predetermined number of bits of the bit information indicating the maximum amount prepared in advance are validated (reduced from the maximum number of bits to the initial valuation set amount). In this case, it is premised that one card is given an initial value, passed to the user's hand, and discarded after the amount becomes zero. The outline of this process is shown in FIGS.

  First, FIG. 5 will be described.

  When a card is manufactured by a manufacturer, the card manufacturing date is written on the card. At this point, the amount writing date has not been written (blank). As the amount data, a bit indicating the maximum amount (for example, 10,000 yen) is set. Here, one bit indicates 500 yen.

  An initial amount (balance) of the card manufactured in this manner is set and issued as follows. For example, when the initial amount of the card is set at 5,000 yen and issued, 10 bits are converted to 0 (10 bits are validated). At this time, by writing the amount writing date, the initial amount of 5000 yen is made valid.

  The balance written on the card thus issued is deducted as follows. For example, when deducting 1000 yen from the balance of the card, 2 bits are set to 0 and the date of writing the amount is updated. In this way, the card is discarded when it is used up and the balance is exhausted.

  Next, FIG. 6 will be described.

  When a card is manufactured by a manufacturer, the card manufacturing date is written on the card. At this point, the amount writing date has not been written (blank). As the amount data, a bit indicating the maximum amount (for example, 10,000 yen) is set. Here, one bit indicates 500 yen.

  The card manufactured as described above is issued with the initial amount set as follows. For example, when the card is issued with the initial amount set at 10,000 yen, all bits are activated. At this time, the amount writing date is recorded, and the initial amount of 10,000 yen is made valid.

  The balance written on the card thus issued is deducted as follows. For example, when deducting 1000 yen from the balance of the card, 2 bits are set to 0 and the date of writing the amount is updated. In this way, the card is discarded when it is used up and the balance is exhausted.

  In addition, the following cards can be used repeatedly a certain number of times. It has multiple sets of "money information expressed by how many bits are standing", and after all the bits in one set are all 0, it is collected by the issuer with the authority of valuation and under strict management, A new value is assigned by reducing the bit information indicating the maximum amount of the next set to the set amount (validating the bits corresponding to the set amount). In other words, the card can be repeatedly used by the number of sets of money amount information prepared in advance in the card. FIG. 7 shows an outline of this processing.

  Here, FIG. 7 will be described.

  When a card is manufactured by a maker, a plurality of sets of price information are provided on the card, and a card manufacturing date is written on the card. At this point, the amount writing date has not been written (blank). As the amount data, a bit indicating the maximum amount (for example, 10,000 yen) is set for all sets. Here, one bit indicates 500 yen.

  The card manufactured as described above is issued with the initial amount set as follows. For example, when the card is issued with the initial amount of money set at 5000 yen, 10 bits of the first 20 bits are set to 0 (10 bits are validated). At this time, an amount writing date for the first set is written, and the initial amount of 10,000 yen is made valid. Incidentally, the amount writing date is not written in the other sets (blank).

  The balance written on the card thus issued is deducted as follows. For example, to deduct 1500 yen from the balance of the card, three bits of the first set of 10 bits are converted to 0, and the amount writing date is updated. Further, when deducting 3500 yen from the balance of the card, all the remaining 7 bits of the first set are set to 0 (balance 0), and the amount writing date is updated.

  In this way, even if the used balance is exhausted, the first set amount can be set and used in the second set of columns by an issuer having an appropriate valuation authority. For example, when the initial amount is set to 10,000 yen and issued, all the 20 bits of the second set are validated. At this time, the date of writing the amount of money for the second set is written, and the initial amount of 10,000 yen is made valid. Incidentally, the amount writing date is not written in the other sets (blank).

  Next, a modified example of the processing described in FIGS. 5, 6, and 7 will be described.

  The position order of the “bits that are dropped when reducing” is shown as an order from the left side in FIGS. 5, 6, and 7, but as a method of checking the validity of the card, this order is scrambled and subtracted. Alternatively, the terminal device may check the state. FIG. 8 shows an example of scrambling the bit erasing order. FIG. 8 shows an example in which the N-th bit erasure (zeroing) is performed for the next 1 bit that exceeds N 1s to the right from the bit that was set to 0 immediately before.

  As described above, the amount information can be changed only by dropping a preset bit, thereby preventing the amount information from being illegally increased.

c. In case of diversion of the current card No. 1 (Amount data can be rewritten only by AND)
When the current card, that is, the IC card currently used, is used, the amount information is logically treated according to how many bits of the data bits are set as in “b. In the machine, only the AND (logical product) rewrite command and its access right (key) are provided to prevent an increase in the value beyond the previously written value. The deposit machine has a complete overwrite command and its access right, and allows deposit (increase). 9 and 10 show examples of AND rewriting of money amount data.

  In FIG. 9, a bit indicating the maximum amount, for example, 10,000 yen is set at the time of card production. Here, one bit indicates 500 yen. When such a card is issued with the initial amount set to 5000 yen, an AND (000000000011111111111) between the card manufacturing amount (11111111111111111111) and the initial amount (00000000001111111111) is written. In FIG. 10, for example, in the case where 1000 minutes are deducted from the card set to the initial amount of 5000 yen in FIG. 9, AND (00000000000011111111) of the initial amount (00000000001111111111) and the usage amount (00000000000011111111) is written.

  By using the AND write in this way, it is possible to prevent an increase in the amount of money from being written above the previously written value.

d. In case of diverting the current card, part 2 (1 record = 1 (spent) amount (unit) and only appending is possible)
The “1 bit information” of “money information expressed by how many bits are standing” shown in “b. In case of dedicated card No. 2” is changed to “a certain character, a certain character string, or a relationship based on a certain condition. A single record in which a series of data is written is written, and access to the area is allowed only by the postscript system, so that the number of characters read (= number of records) = used amount, and the amount change is reduced. ”Direction.

  In this case, writing (setting) the amount of money is the creation of an area, and when repeatedly used, new areas are created one after another in the card. At this time, the maximum value of the number of records that can be additionally written defined by the area size set when the area is created is the prepaid amount indicated by the area itself. Further, the recorded contents of each record are recorded in accordance with some regularity, encryption logic, or the like, and can be used for judging the validity of the amount information by judging when reading. The outline of this processing is shown in FIG.

  Here, FIG. 11 will be described.

  For example, when manufacturing a card that can be valued up to 10,000 yen, an area of 20 records is created with one record being 500 yen. When the card manufactured in this way is issued with the initial amount (deposit amount) of, for example, 5000 yen (10 records), 10 records are written in the generated area. As a result, the amount is reduced by 10 records, and the remaining 10 records become the balance. When deducting 1000 yen (2 records) from the issued card, two records are written for the remaining 10 records. As a result, the amount is reduced by two records, and the remaining eight records become the balance. Further, by making the scramble data or the like corresponding to each numerical position in FIG. 8 a record, the amount information can be made more secure.

  In this way, by providing a predetermined area and making access to this area only a write-once system, the data that has been previously written is not erased. Therefore, it is possible to prevent the previously written usage amount from being reduced.

(2) Submission permission conditions a. Dedicated card 1 (addition / subtraction-different access right command)
As in “(1) Amount rewriting command”, “a. In case of dedicated card, 1”, a card having different commands for addition and subtraction is set, and the executable condition (key simply) of each command is set. The difference is that only the access right of the subtraction command (the key that enables the execution of the subtraction command) is mounted on the subtraction machine. The amount information on the card memory is represented by a numerical value indicating the amount.

b. Dedicated card part 2 (numeric comparison function before and after rewriting + addition / subtraction access rights)
Instead of dividing the amount rewriting command into addition and subtraction in particular, it has a function to compare the newly written value and the previously written value, and set different access rights (different key values for addition and subtraction) Then, only the access right for subtraction (a key for enabling subtraction) is mounted on the subtractor. FIG. 12 shows an outline of this processing.

  Here, FIG. 12 will be described.

  In the in-card processing, when a rewrite command and a new value are received from a terminal device (an adder or a subtracter) (ST30), the received new value is compared with the current value (ST32). At this time, if the new value is equal to the current location, a response not requiring a current value change is made (ST34).

  As a result of the comparison, when the new value is larger than the current value, that is, at the time of addition processing, the adder key is collated (ST36). When the comparison of the adder key is OK, that is, when the adder is confirmed, a new value is written (ST40). When the comparison of the adder key is NG, that is, when the adder cannot be confirmed, an error response is made without writing a new value (ST42).

  As a result of the comparison, when the new value is smaller than the current value, that is, at the time of the subtraction processing, collation of the subtracter key is performed (ST38). When the comparison of the subtraction machine key is OK, that is, when the subtraction machine is confirmed, a new value is written (ST40). When the comparison of the subtracter key is NG, that is, when the subtractor cannot be confirmed, an error response is made without writing a new value (ST44).

  The amount information on the card memory is represented by a numerical value indicating the amount. In addition, a general-purpose card that does not particularly limit the data content represented by numerical data to “money” can be assumed. That is, when an area is created in the memory in the card, data writing to the area can be defined as an area for comparing values before and after rewriting and determining whether or not execution is possible according to the access right. Applications other than monetary data recording include, for example, recording the number of times a facility is used when entering a building, and recording the number of errors and operational errors in games and equipment that cannot be operated without inserting the card. Some kind of accumulated data can be accumulated. In this case, contrary to the amount information, the access right for subtraction is set to be stricter than the access right for addition. It is also possible to set a plurality of areas as described above on one card, and record a plurality of amount data and a plurality of other accumulated data on the same card.

b. In the case of diverting the current card (1 record = 1 amount (unit), additional access / deletion is set individually)
In the same manner as in “(1) Amount rewriting command” of “when diverting the current card”, “1 bit information” of “amount information represented by how many bits are standing” is changed to “1 bit in which one character is written”. After setting "Record", access to the area is possible only for appending type (money data etc.) and erasing type (cumulative data etc.) and different access rights are set for each, and only one of the access rights for the subtraction machine Set.

  In this method, it is determined whether the number of read characters (= the number of records) indicates the used amount or the unused amount, depending on whether the subtraction machine is set to the appending system or the erasing system. . That is, when the postscript machine is set in the subtraction machine, the number of characters read (= the number of records) = used money amount, as in the case of “(1) Amount rewriting command”, “when using the current card”. When the elimination system is set in the subtractor, the number of characters read (the number of records) = unused amount. In this case, the command that is not set in the subtraction machine is set in a deposit machine or the like that adds value to the card under stricter confidentiality management. This process is a development of FIG.

(3) Random number Each time a random number is generated and output, the output value is recorded in the card and used for the next random number generation, so that even if the same value is externally given, the random number output by the card is output. A different value is used each time. FIG. 13 shows a process of preparing a random number area in the card and generating / outputting a random number while updating the contents of this area each time.

  Here, FIG. 13 will be described.

  At the time of card production, a value different for each card, for example, a card production number is written in the random number area as an initial value.

  Upon receiving a value from the outside, an initial random number is generated from the value from the outside and the value of the random number area (ST50), and the generated random number is output. At this time, the random number generated in ST50 is written as a new value in the random number area.

  Next, when an external value is received, a random number is generated based on the external value and the value previously written in the random number area (ST50) (ST52), and the generated random number is output. At this time, the random number generated in ST52 is written as a new value in the random number area.

  Next, when a value from the outside is received, a random number is generated from the value from the outside and the value previously written in the random number area (ST52) (ST54), and the generated random number is output. At this time, the random number generated in ST54 is written as a new value in the random number area.

  Next, when a value from the outside is received, a random number is generated from the value from the outside and the value previously written in the random number area (ST54) (ST56), and the generated random number is output. At this time, the random number generated in ST56 is written as a new value in the random number area.

  In this way, by generating and outputting a random number while updating the contents of the random number area, it is possible to prevent the analysis of the encryption key value in the card and the encryption theory using the output random number value as a clue.

(4) Private key Basically, a plurality of private keys are shared between the card and the device, and a method is used in which it is uncertain which private key to use as described below.

a. Automatic selection of secret key number based on characteristics of data to be encrypted Select any key according to the characteristics of data to be encrypted given from outside and use it for encryption. The device also has a secret key set and key selection logic that cannot be read from the outside, and selects the same key independently. By making the feature classification method of data to be encrypted secret, analysis of the secret key can be made difficult.

  The features of the data to be encrypted include, for example, a remainder when divided by a certain number (in this case, a certain number = the number of built-in random numbers + 1), an EX-OR (exclusive OR) value of all digits, an even number This is the last digit of the number.

b. Automatic selection of secret key number based on features of random number data Either random number data stored on the card as in "(3) Random number" or, if the card has output any random number first, depending on the feature of the random number data Select the key and use it for encryption. The device also has a secret key set and key selection logic that cannot be read from the outside, and selects the same key independently.

  The features of the random number data include, for example, a remainder when divided by a certain number (in this case, a certain number = the number of built-in random numbers + 1), an EX-OR value of all digits, a lower one digit of an even number, and the like. .

  Also, if you use the random number stored on the card without outputting it to the outside, there is no way to know the value outside, so the card does not notify the value or the secret key number used to the outside in any way However, it is inappropriate to output the stored random number value or the secret key number itself in view of the method of use, and the value itself needs to be encrypted.

c. Automatic selection of secret key number based on date / time data One of the keys is selected and used for encryption according to the characteristics of date / time data given to the card from the outside at the moment when the processing is performed. The device also has a secret key set and key selection logic that cannot be read from the outside, and selects the same key independently.

  The characteristics of date / time data are, for example, the remainder when date / time data is arranged, converted to simple minutes, converted to seconds, etc., and divided by a numerical value (in this case, a certain number = the number of built-in random numbers + 1) , EX-OR values of all digits, the last digit of an even number, and the like.

d. Automatic selection of secret key number based on data to be encrypted, random number data, and date / time data The above-mentioned various data are associated with each other to select features, and any one of the keys is selected and used for encryption. The device also has a secret key set and key selection logic that cannot be read from the outside, and selects the same key independently. It is also conceivable to associate them as data for selecting individual card values such as a “card number” and a “card issue date” assigned to each card.

  The association may be, for example, addition as a numerical value, multiplication as a numerical value, arranging all digits as a series of data, or performing a binary operation to perform a logical operation. In addition, a procedure may be considered in which features are individually picked up and associated in this manner.

  The characteristics of the data picked up here include, for example, the remainder when divided by a certain number (in this case, the certain number = the number of built-in random numbers + 1), the EX-0R value of all digits, the last digit of the even number, and the like. Conceivable.

(5) Required Information Output Function The card selects and extracts various information necessary for the prepaid transaction, which is distributed and stored in the card, and outputs the information collectively (in one message). The information to be selected may be a method of notifying each time from the outside, a method of setting a notification from the outside in advance, a method of preparing a card after pre-specified for prepaid use, and the like. FIG. 15 shows an outline.

  Here, FIG. 15 will be described. First, the terminal device requests the card to verify the access key of the prepaid information. In response to the request, the card performs key collation, and the card returns a response to the terminal device. Next, the terminal device requests the card to read the prepaid related information. In response to the request, the card reads necessary information from each area, and the card reads out the necessary information read from the card to the terminal device, that is, information such as an issue date, a balance, and a key number.

  The information may be added to the initial response (answer-to-reset) of the card and output. FIG. 16 shows an example in which this initial response is used. Here, FIG. 16 will be described. First, activation of the IC card is performed. That is, power and various signals are sent from the terminal device side to the card side. The card receives these signals and returns an initial response. Information necessary for the above-mentioned prepaid transaction is added to this initial response. Then, the actual prepaid transaction is performed.

  By doing as described above, the prepaid transaction processing can be performed at high speed.

(6) Confirmation of message validity The secret key is held between the card and the terminal device, some data shared by each other is encrypted with this secret key, and the encrypted data is included as validity confirmation information as part of the message. Both the card and the terminal device confirm that the message has been sent from a valid partner with the contents of the validity confirmation information.

  The confirmation of the terminal device on the card side based on the message sent from the terminal device mainly prevents writing (additional increase) of the amount of money on the legitimate card by the forged terminal device. Confirmation of the card on the terminal device side based on the message sent from the card mainly prevents shopping (purchase) with a legitimate device using a forged card. Further, when the terminal device determines that the card is illegal, the card can be held as it is and an alarm can be issued, or the card can be collected inside the terminal device.

  The following is an example of the validity confirmation procedure for both the card and the device. FIG. 17 shows an example of an exchange in which these are combined to confirm the validity of each message. As a method of using this processing, the validity confirmation of the command message from the device on the card side aims at the effect of preventing the purchase of the product or the like by the counterfeit card, and therefore, as shown in FIG. There are few cases where gender confirmation is performed. That is, neither payment of cash to a counterfeit card with a regular payment machine nor counterfeiting of a subtraction machine used for selling goods does not generate (illegal) profits. It is effective to collect fraudulent cards and to find the source when they do not know that they are counterfeit cards.

  In addition, before the use of the money amount rewriting command, an operation of executing “mutual authentication” for confirming that the card and the terminal device are mutually valid parties is also conceivable, and can be used together with the present invention.

a. Validity Check on Card Side In the following procedure (see FIG. 17), the validity of the money amount rewriting command itself from the terminal device is confirmed, and the card performs the money amount rewriting only when it is determined to be valid.

  * 20. Prior to rewriting the amount, the terminal device requests the card to output a random number, and the card outputs a random number in response to the request.

  * 21. The terminal device encrypts the acquired random number, the processing time to be written from now on, the amount of money to be written, and the like with a secret key. The random number encrypted with the secret key becomes the validity confirmation information.

  * 22. The data generated in * 21 is transmitted from the terminal device to the card as a part of the money amount rewriting command message.

  * 23. The card that has received the amount rewriting command message encrypts the previously transmitted random number with a secret key and generates validity confirmation information. The validity of the message from the device is confirmed by comparing the generated validity confirmation information with the validity confirmation information in the received message. Only when the validity is confirmed, the card executes the amount rewriting.

b. Validity check on the terminal device side In * 23 of the validity check on the card side, when the card determines that the message is valid and the amount is rewritten, the card is transferred to the terminal device regardless of the processing result. The execution result notification response message is returned in response to this.In this case, the following procedure is used to check whether the result notification message itself from the card is legitimate, and is determined to be legitimate. Only when indicated, the terminal device executes the processing by the card.

  * 24. The card on which the amount rewriting has been executed encrypts the processing time, the written amount, and the like received from the device as a part of the amount rewriting command message using a secret key. This encrypted data becomes validity confirmation information.

  * 25. The data generated in * 24 from the card to the terminal device is transmitted as a part of the execution result notification (response) message of the write command message.

  * 26 The terminal device that has received the execution result notification (response) message similarly generates the validity confirmation information internally and compares it with the validity confirmation information in the received message to check the validity of the message from the card. Only when the verification is OK, the device executes the final stage of the desired operation using the card, for example, the delivery of the product at the time of purchasing the product by the prepaid vending machine.

  In this manner, the terminal device and the card can mutually confirm validity, and it is possible to prevent a transaction by an unauthorized terminal device or a card.

9 is a flowchart for explaining a conventional example of IC card processing used as a prepaid card. The figure explaining the example of the prior art of a mutual authentication procedure. The figure explaining the conventional example of the card processing at the time of using the amount rewriting command. The figure explaining an example of the card processing at the time of using a subtraction command. FIG. 1 is a diagram illustrating an example of an outline of a process of enabling only a deduction from a maximum amount. The figure 2 which shows an example of the outline | summary of the process of enabling only reduction from the maximum amount. The figure which shows an example of the outline | summary when the process which enables only a deduction from the maximum amount of money is enabled several times. FIG. 4 is a diagram illustrating an example of scrambling of a bit erase order. Diagram 1 showing an example of AND rewriting of money amount data FIG. 2 illustrates an example of AND rewriting of money amount data. The figure which shows an example of the processing outline | summary when only one additional record is made possible by setting one record of the recording content according to some regularity or encryption theory as one spent amount (unit). 9 is a flowchart illustrating an example of data comparison processing before and after rewriting. The figure showing the image of the processing which generates and outputs a random number while updating the contents of the random number area. The figure explaining the reading method of the required information from the IC card in the conventional prepaid processing. The figure explaining the method of reading information required for prepaid processing collectively from an IC card. FIG. 4 is a view for explaining a method of reading information necessary for prepaid processing from an IC card with an initial response of the IC card. FIG. 6 is a diagram for explaining an example of a process of performing a message validity check on both the IC card and the terminal device. The figure which shows schematically the structure of the IC chip built into the IC card which concerns on one Embodiment of this invention. The figure which shows schematically the structure of the IC card processing apparatus (terminal apparatus) which handles an IC card.

Explanation of reference numerals

10. Control part (processing means)
12 Data memory (storage means)
14 Program memory (processing means)
16. Transmitter / receiver (transmitter / receiver)
20: control unit (processing means)
22 ... storage unit (storage means)
24 operation unit 26 CRT display 28 transmission / reception unit (transmission / reception means)

Claims (3)

In an IC card processing system including an IC card and an IC card processing device that performs various processes on the IC card,
A plurality of common secret keys are stored for each of the IC card and the IC card processing device,
The IC card and the IC card processing device use any one of the plurality of secret keys, Decide what to do,
A method for operating an IC card processing system, comprising: An IC card processing system comprising an IC card and an IC card processing device for performing various processes on the IC card,
Means for storing a plurality of common secret keys for each of the IC card and the IC card processing device;
The IC card and the IC card processing device use any one of the plurality of secret keys, Means to determine
An IC card processing system comprising: An IC card applied to an IC card processing system including an IC card processing device that performs various processes on the IC card,
Means for storing a plurality of secret keys common to the IC card processing device;
Means for generating a random number;
Means for determining which secret key of the plurality of secret keys to use, according to the characteristics of the random number and the characteristics of the date and time data at which the predetermined process is performed;
An IC card comprising:

Images