5 stars based on
The invention relates to a device for the detection of genuine electronic IC - cards in card readers according to the preamble of claim 1 and a method for determining the authenticity of electronic IC - cards in card readers according to the preamble of claim 7.
Such apparatus and methods are suitable for card reader who in unguarded. Access control devices carry an identification and sell all kinds of devices, such as telephones, gas, water, electricity meters, TV sets "Pay TV"ATMs, beverages and food vending machines, etc. In general, cards from a piece of plastic with an integrated circuit IC binaroperationen geldbeutel betrug oder realitat - designates cards and usually have the specified in the standard ISO Dimensions They are used in everyday payments and used as an identification card of all kinds.
The IC - cards carry names such as "smart card", electronic purse, prepaid value cards for services, presentation and service cards, etc. Depending on the capabilities of the integrated circuit. In "How 'smart' Can We Found 'by Mike Arnavutian in British Telecommunications Engineering, Vol 15, Januaryin addition to a brief outline of the various types of IC - cards and their use and the number produced and sold, IC - card indicated for the prepaid memory - and so are cards for paying call charges at Telephonautomaten of parking fees by far the most commonly used.
The IC - cards are divided into two main groups, which comprises a group of the known contact field, via which a card reader direct electrical contacts to the integrated circuit of the IC - establishes card, and the other group is based on built-in antennas, a high frequency - associated with the card reader. Already binaroperationen geldbeutel betrug oder realitat IC are - maps known that both electrical contacts binaroperationen geldbeutel betrug oder realitat a high frequency - can accomplish connection to exchange data.
A first generation of fraud based on the idea to mimic the operation of the integrated circuit with a microcomputer, wherein the microcomputer external to the card reader via leads with contact pads of a defective IC - is connected card.
The thus prepared IC - card instead of a real IC - card inserted into the card reader and there it connects from the minicomputer to the circuits of the card reader. Against this type of fraud, the card reader having means to be protected, such as for example describe the patents EP-A ' and EP-A 'th The devices have specific probes for the detection of the radiated signals from these leads.
Once the probes such 2. Other devices have at the entrance to a flap which must first be completely closed before the data exchange is included at all, as known from German utility model DE-U 89O The so-protected card readers are increasingly autonomous by imitating IC - cheated cards containing housed in the card body integrated circuits and the original IC - binaroperationen geldbeutel betrug oder realitat card circuit with a programmed microcomputer.
The object of the invention is an inexpensive device for card readers to provide and to provide a method, the true IC - is able to distinguish cards of counterfeit cards and to reject the detected counterfeit cards. Said objects are achieved by the features of claim 1 and of claim 7. Advantageous embodiments result from the dependent claims. Embodiments of the invention will be explained in more detail with reference to FIGS. The means for data exchange 4 measure a time delay At between an input signal E of the IC - card 2 and from the IC - output card 2 in response to the card reader 1 response signal A.
The data exchange with commands from the card reader 1 to the IC - card circuit 3 and answers the IC - card 2 is carried in the card reader 1 via a data path 8, which is designed as a bidirectional data path 8 as shown in the drawing in FIG. The IC - card 2 also differ in the type of data exchange, the asynchronous and synchronous data exchange. In both a clock generator generates the clock sequence T, which the IC 10 in the control module 6 - synchronize card binaroperationen geldbeutel betrug oder realitat 3 to the means for data exchange.
At any time, the data appears on the data path 8 as a packet with a baud rate, which is obtained by stepping down from the T clock sequence.
The most commonly used design of the IC - card 2 uses a synchronous bidirectional data transmission, wherein between the card reader 1 and the IC - are exchanged card 2 data, the commands and the responses on the data path 8 in synchronism to clock sequence T of the clock path 9 and Although the data during a command phase of the IC - card 2 sent and during the command phase following phase response from the IC - card 2 received.
For each period of the clock sequence T is a bit of the command or the response is transmitted. The Kopplungsemrichtung 5 of the card reader 1 according to the binaroperationen geldbeutel betrug oder realitat of the Binaroperationen geldbeutel betrug oder realitat to be used - formed cards. Decorated for the contactless exchange of data taking place IC - card 2 have in the body of the card an antenna device, so binaroperationen geldbeutel betrug oder realitat the.
Data exchange may take place by means of radio frequency electromagnetic radiation with the card reader. The means for data exchange binaroperationen geldbeutel betrug oder realitat contain a measuring device 12 comprising at least one measuring circuit 13, an arithmetic unit 14, a threshold memory 15 and a signal switch 16 includes.
Two inputs of the measuring circuit 13 are connected to the data path 8 and the clock path. Binaroperationen geldbeutel betrug oder realitat signal switch 16 interrupts upon arrival of the alarm signal the data exchange with the IC - card 2.
The signal switch 16 is merely drawn symbolically as interrupter, in fact, performs the signal line to the control module 6, the data exchange with the IC after the reception of the alarm signal - aborts card. The monitored from the measuring circuit traffic preferably relates to the first command - and response phases in which the card must identify.
The functions of the means for data exchange 4 and 6 of the control module can also be a programmed microprocessor or an integrated and hardwired high speed logic - are perceived circuit ASIC. For example, a first embodiment of the measuring circuit 13 in the Figure 2 two a falling edge registering edge detectors 18 and 19, a start - stop - counter 20 and a controlled with a control quartz 21 oscillator 22 for generating a time units representing pulse sequence Z on.
Timings of the pulse sequence Z are connected via a line to the timing input 23 of the start - out counter 20 - Stop. An input of the first edge detector 18 is connected to the clock path.
The bi-directional data path 8 is connected to an input of the second edge detector 19th Each falling edge of the response signal A triggers the second edge detector 19, a rectangular pulse as a stop signal, which via a conduit to a stop signal binaroperationen geldbeutel betrug oder realitat 25 of the start - passes counter 20 - Stop. Stop - - for the start signal the start begins arriving as units of time on clock input 23 clock pulses of the pulse train enumerate Z counter 20 until the stop signal interrupts the counting process.
The number of between the start signal and the stop signal in the start - stop - counted counter 20 units of time is the measured value of the delay. A measured value line 26 transmits the measured value, for example, parallel to a measured value input 27 of the computer unit 14 where the measured value is transferred to an interrupt signal I for further processing.
Subsequently, with using a reset to the - input 28 of the start - stop - counter 20 output reset signal R the count of the start - stop - counter 20 to the value zero. A reset circuit 29 generates the reset signal R which is directed from the output of reset circuit 29 to the reset input 28 to a reset line 30th The two inputs binaroperationen geldbeutel betrug oder realitat the reset circuit 29 are connected to the data path 8 and the clock path.
Show the data during the command phase on the data path 8 with delays relative to the clock sequence T, which are smaller than the response signal A, the enable signal F. Needless The other two inputs of the interrupt circuit 32 are connected to the data path 8 and the clock path. In the Figure 3 diagrams of the signals A, I, R and T are a function of time t for the measuring circuit 13 shown and the operation of the measuring circuit 13 Figure 2 is explained.
The first measured value ti extends from the first falling edge of the clock signal T to the first falling edge of the response signal A. The in start - stop - counter 20 Figure 2 stored measured value ti while the interrupt signal I by the computer unit 14 Figure 2 adopted, that here in the period in which the response signal A to logic zero and the clock sequence T and the enable signal F are one to logical. The reset signal R to reset the count in the start - binaroperationen geldbeutel betrug oder realitat - counter 20 takes place in the time periods in which both the response signal A and the clock sequence T are one to logical.
If the answer signal A has a value "1" transmitted, one of the start - stop - to counter 20 from the falling edge of the clock signal T, to the reset signal R becomes active. Since the interrupt condition answer signal A to logic zero and the clock rate T, and optionally the release signal F to logic one is not met for an interrupt signal I, no interrupt signal I is binaroperationen geldbeutel betrug oder realitat, and the count of the start - stop - counter 20 by the computer unit 14 is not accepted.
In the figure 4, the circuit components of a second embodiment of the measuring circuit 13 to the time pulses of the pulse sequence Z of the oscillator 22 are synchronized. This version allows to measure delays. A Zeitta tleitung 35 connects the binaroperationen geldbeutel betrug oder realitat input 23 to clock inputs of the two edge detectors 18 and 19 and the interrupt circuit The clock generator 10 is a dividing circuit with M stages whose count input to be connected via binaroperationen geldbeutel betrug oder realitat clock line 36 to the clock input 23 for receiving clock signals of the pulse sequence Z can.
In another embodiment, the divider circuit of the clock generator 10 receives the clock signals from the control module 6 Figure 1. The clock generator 10 is under 2 M times the clock signals and outputs binaroperationen geldbeutel betrug oder realitat a clock associated with the output path 9 the clock sequence T with a 2 M times smaller.
Each period of the clock sequence T thus includes 2 M timings of the pulse sequence Z, where in an exemplary duty cycle of 1: Any other duty cycles with a longer phase in which the signal is logical "0", increase of the falling edge of the clock sequence T subsequent measurement period.
The input is connected to the stop signal input 25th The stop signal is applied and the shift registers of the interrupt circuit 32 stored.
After S time records the stop signal appears at the output of the interrupt circuit 32 and is outputted as an interrupt signal I via binaroperationen geldbeutel betrug oder realitat interrupt line 33 to the interrupt input 34 of the arithmetic unit fourteenth If the enable signal F to take into account the release signal F is multiplied by the stop signal by a logical AND - ORed and the result of the AND - taken function instead of the stop signal in the shift register of the interrupt circuit 32nd.
The interrupt signal I always appears S - clocks after the falling edge of the response signal A and the reset signal R shortly before the end of the period 37th. However, the frequency of the clock sequence r T for the invention itself is not much, so they do not even have to be constant. For example, the frequency r is in the range 10 kHz to kHz. On the other hand determines the frequency f 0 of the oscillator 22 Figure 4the accuracy with which the delay. The frequency fo of the oscillator 22 must therefore be selected to at least 2.
For each response signal A, comprising a plurality of bytes, for example, be N logical values "0" transmitted, so that the computer unit 14, a sequence of N measurements ti t, 2, t 3, Each measurement value compares the computer unit 14 with the predetermined allowable limit value range Binaroperationen geldbeutel betrug oder realitat from the threshold store 15 Figure 2. Is at least one of the N measured values ti, t 2, t 3, The card reader 1 Figure 1 with the described means for data exchange 4 has the advantage, that it to the measuring circuit 13, the real IC - binaroperationen geldbeutel betrug oder realitat the original card 2 from the reconstructed by unauthorized autonomous cards that contain completely in the card body integrated circuits IC.
A refinement of binaroperationen geldbeutel betrug oder realitat method is that the computer unit 14 statistical criteria in the sequence of measured values ti, t 2, t 3, At least one of the two parameters is calculated and then used for comparison with the corresponding permissible limit values P M and P p.
In order for a useful for the static analysis sequence of. Binaroperationen geldbeutel betrug oder realitat real IC - cards 2, in the IC - 3 fast logic card circuit - having circuits with fixed wiring to enter the response signal A with a small delay. In contrast, the autonomous card in its microcomputer must in several program steps, first only a change of the logic state of the clock in sequence T recognize and then generate the next bit of said predetermined response signal A according to a programmed operation and output to the binaroperationen geldbeutel betrug oder realitat line.
The card reader 1, of the authenticity of the IC - check card 2 by means of statistical criteria, has the advantage that the protection against fraud also rejects cards with a much faster than the currently available microcomputer. For completeness, it is mentioned that a simple analog timing can sort out the currently known autonomous cards. The measuring circuit 13 Figure 1 includes a capacitor with a constant current source which is connected to the capacitor, as long as a charging condition, the input signal E is at logic "0" and the response signal A is at logic "1", is satisfied.
The voltage U on the capacitor rises is proportional to the period of time t N in which the charging condition prevails. For example, a Schmitt monitored - Trigger the voltage U, the voltage U with a constant voltage, the threshold value G compares. An output of the Schmitt - Trigger - circuit being connected through a gate circuit to pass to the signal line 17 Figure 1 and the signal switch sixteenth Exceeds the voltage U binaroperationen geldbeutel betrug oder realitat the capacitor to limit G, says the Schmitt - trigger on.
The alarm signal is triggered at the time of the interrupt signal I Figure 3 when Schmitt - has been activated trigger, and the interrupt condition is met. The capacitor during the reset signal R Figure 3 is completely discharged, and thus prepared for the next measurement.
The limit binaroperationen geldbeutel betrug oder realitat G corresponds to the voltage that is reached at the capacitor by a charging time of about ns. The limit value memory 15 Figure 1 is a simple voltage divider in this embodiment. Such rough About testing the delay. In the figure 6 the ratios are for asynchronous IC - cards 2 Figure 1. The input signal at E for the IC - card circuit 3 Figure 1 comprises a formatted data packet 38 transmitted with information data bits in a predetermined arrangement and grouping, a start bit "1" 39 and at least one stop bit "K" The start bit binaroperationen geldbeutel betrug oder realitat 39 rushes before the data packet 38 and the stop bit "K" 40 completes the data packet 38th The from the IC - A response signal generated card 2 binaroperationen geldbeutel betrug oder realitat similarly constructed as the input signal E, and includes k bits, where the number of bits are indeed predetermined, but need not be the same as the previous input signal E.
The control module 6 Figure 1 is generated by counting the clock sequence T in the command phase, the reset signal R at the beginning of command transmission to the IC - card circuit 3 in the first time 42 and the start signal for the second time 43 at the end of this command broadcast, by the falling edge of the stop bit " "is set to 40K.
The end of the command phase is indicated by a change in the level of logic "0" to "1" of the enable signal E. The period of time until the arrival of the response signal A in the third time 44 is from the measuring circuit 13 Figure binaroperationen geldbeutel betrug oder realitat is measured and processed in the arithmetic unit 14 Figure 1. The stop signal in the third time 44 is triggered binaroperationen geldbeutel betrug oder realitat the falling edge of the start bit "1" 41 of the response signal A, when the enable signal F is at a logic "1".
The stop signal is after a delay of S - sent time clocks as an interrupt signal I in the fourth time to the computing unit 45 fourteenth The oscillator 22 Figure 2 generated at the clock input 23 Figure 2the pulse sequence Z at a frequency of at least 10 MHz to a sufficient resolution to distinguish the number of program steps in the IC - to obtain, even though the delay. The card reader 1 Figure 1 identified based on the first response from the IC - card 2, the design of the IC - IC card implemented 2 - card circuit 3.
The delay At of the first response depends on the construction and the internal programming, so that to IC - cards having the same functions but with IC - cards of different manufacturers circuits 3 by the number of the first response to the required program steps, ie in the delay at of the response vary. Threshold memory 15 Figure 1 contains a set of threshold regions G, the previously determined for each of binaroperationen geldbeutel betrug oder realitat known genuine card types and must be stored in binaroperationen geldbeutel betrug oder realitat limit value memory