Nothing Special   »   [go: up one dir, main page]

WO2002054195A2 - Procede de controle d'acces a un fichier de donnees contenu dans une carte a puce - Google Patents

Procede de controle d'acces a un fichier de donnees contenu dans une carte a puce Download PDF

Info

Publication number
WO2002054195A2
WO2002054195A2 PCT/EP2001/014861 EP0114861W WO02054195A2 WO 2002054195 A2 WO2002054195 A2 WO 2002054195A2 EP 0114861 W EP0114861 W EP 0114861W WO 02054195 A2 WO02054195 A2 WO 02054195A2
Authority
WO
WIPO (PCT)
Prior art keywords
access
file
data
allowed
smart card
Prior art date
Application number
PCT/EP2001/014861
Other languages
English (en)
Other versions
WO2002054195A3 (fr
Inventor
Peter Vestergaard
Rune Lindholm
Original Assignee
Nokia Corporation
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nokia Corporation filed Critical Nokia Corporation
Publication of WO2002054195A2 publication Critical patent/WO2002054195A2/fr
Publication of WO2002054195A3 publication Critical patent/WO2002054195A3/fr

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1008Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/357Cards having a plurality of specified features
    • G06Q20/3576Multiple memory zones on card
    • G06Q20/35765Access rights to memory zones
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M1/00Substation equipment, e.g. for use by subscribers
    • H04M1/72Mobile telephones; Cordless telephones, i.e. devices for establishing wireless links to base stations without route selection
    • H04M1/724User interfaces specially adapted for cordless or mobile telephones
    • H04M1/72403User interfaces specially adapted for cordless or mobile telephones with means for local support of applications that increase the functionality
    • H04M1/72409User interfaces specially adapted for cordless or mobile telephones with means for local support of applications that increase the functionality by interfacing with external accessories
    • H04M1/72412User interfaces specially adapted for cordless or mobile telephones with means for local support of applications that increase the functionality by interfacing with external accessories using two-way short-range wireless interfaces
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M1/00Substation equipment, e.g. for use by subscribers
    • H04M1/72Mobile telephones; Cordless telephones, i.e. devices for establishing wireless links to base stations without route selection
    • H04M1/724User interfaces specially adapted for cordless or mobile telephones
    • H04M1/72403User interfaces specially adapted for cordless or mobile telephones with means for local support of applications that increase the functionality
    • H04M1/72445User interfaces specially adapted for cordless or mobile telephones with means for local support of applications that increase the functionality for supporting Internet browser applications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M1/00Substation equipment, e.g. for use by subscribers
    • H04M1/72Mobile telephones; Cordless telephones, i.e. devices for establishing wireless links to base stations without route selection
    • H04M1/724User interfaces specially adapted for cordless or mobile telephones
    • H04M1/72403User interfaces specially adapted for cordless or mobile telephones with means for local support of applications that increase the functionality
    • H04M1/72406User interfaces specially adapted for cordless or mobile telephones with means for local support of applications that increase the functionality by software upgrading or downloading
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M2250/00Details of telephonic subscriber devices
    • H04M2250/02Details of telephonic subscriber devices including a Bluetooth interface
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M2250/00Details of telephonic subscriber devices
    • H04M2250/14Details of telephonic subscriber devices including a card reading device

Definitions

  • mobile telephones are increasingly capable of exchanging data and accessing the internet. Therefore, the opportunity arises of using the mobile telephone handset to make and pay for purchases over the internet. It is preferable that data available to different applications should be delimited in some way.
  • the present invention seeks to help allow open access to a smart card used by different applications.
  • a method of controlling access to a data file held by a smart card comprising providing an access table including an indication whether access to said file is allowed, receiving a request for access identifying said data file, deciding whether access to said data file is allowed in dependence upon said indication and, if access is allowed, providing access to said file.
  • the receiving said request may include receiving an instruction to execute a command in respect of said file.
  • the method may further include receiving an instruction to execute a command in espect of said file.
  • the providing access may comprise transmitting said instruction to execute the command in respect of said file to said smart card.
  • the method may further comprise receiving information in relation to execution of said command from said smart card.
  • the receiving of the information may comprise receiving confirmation that the command has been executed or data from said file.
  • the providing access to said file may include reading or writing to said file.
  • a method in a controller, of controlling access to a data file held by a smart card, the method comprising receiving a request for access identifying said data file, deciding whether access to said file is allowed and, if access is allowed, providing access to said file.
  • a method of programming a controller which controls access to a data file held by a smart card comprising providing access data including an indication whether access to said file is allowed
  • a computer program to be loaded on data processing apparatus to control access to a data file held by a smart card, such that the data processing means provides an access table including an indication whether access to said file is allowed, receives a request for access identifying said data file, decides whether access to said data file is allowed in dependence upon said indication and, if access is allowed, provides access to said file.
  • a device to control access to a data file held by a smart card comprising means for providing an access table including an indication whether access to said file is allowed, means for receiving a request for access identifying said data file, means for deciding whether access to said data file is allowed in dependence upon said indication and means for providing access to said file.
  • FIG. 1 is an exploded view of a mobile telephone according to a first embodiment of the present invention
  • Figure 2 is a schematic representation of telephone circuits of the mobile telephone shown in Figure 1;
  • Figure 3 is a plan view of a universal integrated circuit card; - 4 -
  • Figure 4 is a schematic representation of the circuits of the universal integrated circuit card shown in Figure 3;
  • Figure 5 is schematic diagram of the memory structure held by the universal integrated circuit card shown in Figure 3;
  • Figure 6 shows a laptop personal computer with an infra red port exchanging information with the mobile telephone shown in Figure 1;
  • Figure 7 is schematic diagram of information exchange between the personal computer and the mobile telephone
  • FIGS 8a and 8b are sequence diagrams of the interaction between the personal computer and the mobile telephone
  • Figure 9 is a schematic representation of a request message from the personal computer
  • Figure 10 is a schematic representation of a response message from the mobile telephone
  • Figure 11 is a process flow diagram of the response of the mobile telephone
  • Figure 12 is a schematic representation of telephone circuits of the mobile telephone according to a second embodiment
  • Figure 13 shows a laptop personal computer with Bluetooth unit exchanging information with a mobile telephone also having a Bluetooth unit
  • Figure 14 is a schematic block diagram illustrating the mobile telephone communicating through a PLMN with a WAP server and
  • Figure 15 is process flow diagram of making a purchase on with the mobile telephone.
  • a mobile telephone 1 comprises a housing 2, a liquid crystal display 3, a keypad 4, a microphone 5, an ear-piece 6, battery 7, an infrared port 8, antenna 9, a universal integrated circuit card (UICC) 10, a UICC card reader 11 and mobile telephone circuitry 12.
  • the mobile telephone circuitry 12 includes radio interface circuitry 13, codec circuitry 14, controller 15 and memory 16.
  • the UICC card 10 comprises a plastics card body 17 and a module 18, which comprises an integrated circuit 19 and contacts 20.
  • the integrated circuit 19 comprises input/output circuits 21, a processor 22 and nonvolatile memory 23.
  • the UICC card 10 conforms to International Standards Organisation/International Electrotechnical Commission (ISO/IEC) 7816. A copy of the ISO/IEC standards may be obtained from ISO at Case Postale 56, 1211 Geneva 20, Switzerland.
  • the UICC card 10 may also conform to other standards, for example Europay- Mastercard-Nisa (EMN) set of specifications which relate to standards for international debit and credit cards. A copy of the EMN standards may be obtained from Europay at 198A Chausee de Tervuren, B-1410 Waterloo, Belgium.
  • EPN Europay- Mastercard-Nisa
  • files stored in memory 23 are organised according to a hierarchical structure 24 and are grouped according to application 25.
  • the structure 24 comprises a master file (MF) 26, dedicated files (DF) 27, application dedicated files (ADFs) 28 and elementary files (EFs) 29.
  • An ADF 28 is a particular type of DF 27 and serves as a point of entry to EFs 29 of a particular application.
  • a directory file 30 attached to the MF 26 is used to access ADFs 28.
  • an external device wishes access to the contents of EFs 29.
  • the mobile terminal 1 may exchange information with an external device, for example a laptop personal computer (PC) 31 having an infrared (IR) port 32, through an IR link 33.
  • an external device for example a laptop personal computer (PC) 31 having an infrared (IR) port 32, through an IR link 33.
  • PC personal computer
  • IR infrared
  • FIG. 7 a functional representation of the interface between the mobile terminal 1 and the PC 31 is shown.
  • Access to DFs 27, ADFs 28 and EFs 29 stored in the memory 23 of the UICC 10 is controlled by an external interface gateway 34.
  • the gateway 34 is the implemented in software by the controller 15.
  • the gateway 34 prevents PC 31 from having direct access to DFs 27, ADFs 28 and EFs 29.
  • the gateway 34 has available to it the location of a file, such as a first EF 29 l5 within the hierarchical structure 24 and whether the PC 31 is allowed access to it.
  • "access" is understood to include reading and writing to the file, - 6 -
  • the gateway 34 performs any command received from the PC 31 on its behalf. Furthermore, the gateway 34 provides a standard interface between the PC 31 and the UICC 10.
  • FIG 8a a sequence diagram of the exchange of signals within the application layer between the PC 31 and the mobile telephone handset 1 is shown in which the PC 31 successfully retrieves the first EF 29, from the UICC 10.
  • a description of the signal exchanges within the physical, data link and terminal transport layers may be found in the ISO/IEC 7816 and EMN standards
  • the PC 31 sends an interrogation signal I ⁇ RG over the IR link 33, requesting a list of applications LIST held by the card (step SI).
  • the list of applications is held by the directory file 30.
  • the exchange 34 retrieves the application list LIST from the directory 30 and sends it to the PC 31 over the IR link 33 (steps S2, S3 & S4).
  • the PC 31 sends a request REQ to read the contents of a particular file, in this example the first EF 29. which holds a credit card number.
  • the first EF 29, is attached to a first application AID1 25., which in this example is a banking application such as EMN, and is entered through a first ADF 28. (step S5).
  • the form and content of the request REQ will be described in more detail below.
  • the gateway 34 checks whether the PC 31 is allowed access to the first EF 29 t by referring to a look-up table (not shown) (step S6).
  • the look-up table is held in memory 16. The form and content of the table will be described in more detail later. If the PC 31 is allowed access to the first EF 29., then the gateway 34 performs a command COMMAND contained in the request REQ, in this example to read the contents of the first file EF 29 (step S7). The contents of the first EF 29 is retrieved and a response RES sent to the PC 31 containing the contents of the first EF 29, (steps S8, S9 & S10).
  • FIG. 8b a sequence diagram of the interaction between the PC 31 and the mobile telephone 1 is shown in which the PC 31 is unsuccessful in its attempt to retrieve a second EF 29 2 from the UICC 10. - 7 -
  • the PC 31 sends an interrogation signal INRG over the IR link 33, requesting a list of applications held by the card (step Sl l).
  • the exchange 34 retrieves the application list LIST from the directory 30 and sends it to the PC 31 over the IR link 33 (steps S12, S13 & S14).
  • the PC 31 sends a request REQ to read the contents of a particular file, in this example the second EF 29 2 which holds a ciphering key used in mobile telecommunications.
  • the second EF 29 2 is attached to a second application AID2 25 2 , which in this example is a telecommunication application, such as a universal subscriber identification module (USIM) and is accessed through a second ADF 28 2 (step SI 5).
  • a second application AID2 25 2 which in this example is a telecommunication application, such as a universal subscriber identification module (USIM) and is accessed through a second ADF 28 2 (step SI 5).
  • the gateway 34 checks whether the PC 31 is allowed access to the second EF 29 2 by referring to a look-up table (not shown) (step SI 6). If the PC 31 is not allowed access to the second EF 29 2 then the gateway 34 sends a response RES to the PC 31 containing an error message indicating that the PC 31 is not allowed access (step S17). Similarly, if the PC 31 requests the contents of a file which does not exit, when the gateway 34 checks the look-up table and does not find the file, it returns an error message indicating that the file has not been found. It will be appreciated that instead of retrieving the application list LIST every time a command is sent, it may be retrieved once per card session during which many access requests are made.
  • the request 35 comprises an application identifier (AID) field 36, which identifies the application the PC 31 wishes to access.
  • the AID 36 comprises a registered application provider identifier (RID) and a proprietary application identifier extension (PIX).
  • the request 35 further comprises a file label field 37, which identifies the file to be accessed.
  • the request 35 also includes a length of data string 38 and a class (CLA) byte 39, which identifies the instruction to be performed on the file.
  • CLA class
  • the request 35 further comprises an instruction byte (INS) 40, which identifies the type of instruction the application should perform, such as read or write and first and second parameter (P) bytes 41,, 41 2 , which further subdivide the operations described in the instruction byte 40.
  • the request 35 further includes a length of command data field 42, which indicates the number of bytes that the card 10 should expect.
  • the request 35 also comprises a data field 43, which could for example contain data to be stored in a selected file or a path to a file to be read.
  • the request 35 also comprises a length of expected data field 44, which indicates the number of bytes the PC 31 expects to receive from the mobile terminal 1.
  • the class, instruction and parameter bytes 39, 40, 41 together with the length of command, data and expected data fields 42, 43, 44 are a C-APDU string 45 which is defined in accordance with ISO 7816. It will be appreciated that these fields are conditional.
  • the response 46 comprises application identifier 47, file label 48 and command type fields 49 fields as described above.
  • the response 46 further includes length of received data and data fields 50, 51 and it will be appreciated that these fields 50, 51 are conditional.
  • the response 46 also comprises first and second status words (SWs) 52,, 52 2 , which indicate the status of the response.
  • SWs first and second status words
  • the data field 52 and the status words 52,, 52 2 are a response- application protocol data unit (R-APDU) string 53 which is defined in accordance with ISO 7816.
  • R-APDU response- application protocol data unit
  • the look-up table comprises a list of EFs 29 together with flags indicating whether access by the PC 31 is allowed.
  • a flag set to "1" indicates that access is allowed, while a flag set to "0" indicates that access is not permitted.
  • the look-up table holds different types of information.
  • the DF TELECOM file 27 is point of entry for general telecommunications information such as an abbreviated dialling numbers EF. Further examples of EFs in the DF TELECOM file 27 are found in 3GPP Technical Specification 31.102.
  • the ADFs 28 provide points of access to data related to other applications.
  • the first ADF 28 is point of access to credit card information such as card number, issue number, expiry date, card holder's name and card issuer.
  • credit card information such as card number, issue number, expiry date, card holder's name and card issuer.
  • Each credit card, debit card and electronic cash card may be represented by a separate application 25.
  • the second ADF 28 2 contains USIM data, such as ciphering keys, subscription identity and memory for short message service (SMS).
  • SMS short message service
  • the gateway 34 receives the request 35 and extracts the application and file identifiers 36, 37 which identify an ADF 28 and an EF 29 respectively (steps SI 8 & S19)
  • the gateway 34 searches for the EF 29 (steps S20 & S21). If it does not find the EF 29, then it sets the first and second status word 52 administrat 52 2 to "6A82" indicating that the file has not been found (step S22). If it does find the EF 29, then retrieves the access status (step S23).
  • the gateway 34 checks the access status (step S24). If access is denied, then it sets the first and second status word 52,, 52 2 to "6982" indicating that access is denied (step S25). If access is permitted, then the gateway 24 sends a command, for example read contents of EF 29, to the UICC 10 (step 26).
  • the gateway 34 receives the contents of the EF 29 and sets the first and - 10 -
  • the gateway 34 sends the data to UICC 10. Once the data has been written, the UICC 10 confirms writing of the data. The gateway 34 sets the first and second status word 52 administrat 52 2 to "9000" indicating that writing is successful.
  • gateway 34 and the UICC 10 communicate using C- APDU and R-APDUs.
  • the mobile telephone handset 1 of the first embodiment of the present invention is modified to include a Bluetooth unit 54.
  • This allows the mobile telephone handset 1 to communicate with the PC 31, which has also been modified to include a Bluetooth unit (not shown) over a short-range radio hnk.
  • a Bluetooth specification version l.OB
  • a system overview may be found on the world-wide web at www.bluetooth.com or ordered from Bluetooth SIG, c/o Daniel Edlund, Facsimile No.: +46 70 615 9049.
  • the exchange of information between the mobile telephone 1 and the PC 31 is similar to the that described in the first embodiment with reference to Figures 3, 4, 5, 7, 8a, 8b, 9a, 9b, 10 and 11.
  • the gateway 34 is implemented in software by the controller 15. Alternatively, the gateway 34 may be implemented independently of the controller 15 by the Bluetooth unit 54 itself.
  • the mobile telephone 1 according to the first embodiment of the invention is modified so as to support wireless application protocol (WAP).
  • WAP wireless application protocol
  • the mobile telephone 1 may used not only to search for an item, such a television set, on the internet but also to pay for it using a credit card application on the USIM 10.
  • the mobile telephone 1 is in radio communication with a public land mobile network (PLMN) 55 through which it may exchange content with a WAP server 56 via a WAP gateway 57.
  • PLMN public land mobile network
  • the mobile telephone 1 is configured to execute browser software with which a user can access and view content provided by the server 56.
  • a supplier of electrical goods maintains the server 56 and it is possible to browse an on-line catalogue and select and pay for a purchase.
  • a flow diagram of a purchase selection and payment process is shown.
  • the server 56 is accessed by dialling an individual telephone number associated with the WAP gateway 57.
  • a connection to the PLMN 55 is established, involving authentication of the user using Ki and encryption of transmission signals using Kc (steps S30).
  • This process involves the mobile telephone 1 accessing values of Ki and Kc held by the UICC 10.
  • Security management is described in "The GSM System for Mobile Communications" ibid., pp 477 to 492.
  • the user selects a link to the server (step S31).
  • the user searches the on-line catalogue for the television set of his choice (step 32).
  • step S33 The server 56 obtains delivery and payment information from the UICC 10 according to the procedure outlined in Figures 8a and 8b (step S34). For example, the server 56 sends a request for the contents of the first EF 29, which contains the user's credit card number. The server 56 goes on further to request name and address of the user. If at any point the gateway 34 decides that the server 56 is not allowed to access the UICC 10, then the server 56 may request the user to enter the information on the keypad 4 (step S35 & S36). Otherwise, if the sequence of requests is successful (step S37), then the server 56 sends a message to the mobile telephone 1 that the transaction is complete (step S38).
  • gateway 34 has the advantage that it is possible to delimit access to different applications. In particular, even though an external agent may have access - 12 -
  • the gateway 34 provides a means to prevent fraudulent attempts to obtain such keys and so defraud the telephone billing system. Thus, even though an external device may have successfully accessed some data on the UICC 10, it does not mean that it will have complete freedom to access all data on the UICC 10, such as files of another application.
  • connection between the mobile telephone and the PC need not be wireless.
  • the exchange may be located in the smart card.
  • a dedicated smart card reader may be used instead of a PC.
  • the smart card may be of the contactless type.
  • the request message may include the identity of the external device.
  • the look-up table may list different sets of flags for different external devices. Access to the data file may be dependent upon the type of external device seeking access. Encryption may also be used, particularly encryption of a type used in SIM cards.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Accounting & Taxation (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Strategic Management (AREA)
  • Signal Processing (AREA)
  • General Business, Economics & Management (AREA)
  • Human Computer Interaction (AREA)
  • Theoretical Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Storage Device Security (AREA)

Abstract

Les cartes à puces (10) peuvent contenir des données destinées à un certain nombre d'applications différentes. L'invention concerne une passerelle (34) à travers laquelle l'accès à la carte à puce au moyen de dispositifs externes (31) est contrôlé. Même si le dispositif externe peut accéder à certaines données d'application, telles que des détails de cartes de crédit, il ne peut pas accéder à des informations sensibles, telles qu'aux clés d'authentification et aux clés de chiffrement.
PCT/EP2001/014861 2000-12-29 2001-12-14 Procede de controle d'acces a un fichier de donnees contenu dans une carte a puce WO2002054195A2 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
GB0031837.8 2000-12-29
GB0031837A GB2370659A (en) 2000-12-29 2000-12-29 Method of controlling access to a data file held by a smart card

Publications (2)

Publication Number Publication Date
WO2002054195A2 true WO2002054195A2 (fr) 2002-07-11
WO2002054195A3 WO2002054195A3 (fr) 2002-11-14

Family

ID=9906031

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2001/014861 WO2002054195A2 (fr) 2000-12-29 2001-12-14 Procede de controle d'acces a un fichier de donnees contenu dans une carte a puce

Country Status (2)

Country Link
GB (1) GB2370659A (fr)
WO (1) WO2002054195A2 (fr)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6963740B1 (en) 2001-07-31 2005-11-08 Mobile-Mind, Inc. Secure enterprise communication system utilizing enterprise-specific security/trust token-enabled wireless communication devices
US7043493B2 (en) 2001-09-17 2006-05-09 Fujitsu Limited Hierarchical file system and anti-tearing algorithm for a limited-resource computer such as a smart card
US7097107B1 (en) 2003-04-09 2006-08-29 Mobile-Mind, Inc. Pseudo-random number sequence file for an integrated circuit card
US20100274712A1 (en) * 2009-04-28 2010-10-28 Mastercard International Incorporated Apparatus, method, and computer program product for providing a quality control mechanism for the contactless interface of a dual-interface card
US20120172016A1 (en) * 2010-12-30 2012-07-05 STMicroelectronics NV, Country of Incorporation: Italy Method and system for controlling communication between an uicc and an external application
US8321481B2 (en) 2010-05-13 2012-11-27 Assa Abloy Ab Method for incremental anti-tear garbage collection
US8370258B2 (en) 2009-04-28 2013-02-05 Mastercard International Incorporated Apparatus, method, and computer program product for recovering torn smart payment device transactions

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2370659A (en) * 2000-12-29 2002-07-03 Nokia Mobile Phones Ltd Method of controlling access to a data file held by a smart card
FR2857207B1 (fr) * 2003-07-04 2005-10-14 Orange France Procede permettant a un point d'acces de communiquer avec une application situee sur une carte sim
US8095179B2 (en) 2004-10-14 2012-01-10 Nokia Corporation Proxy smart card applications
WO2022043967A1 (fr) * 2020-08-31 2022-03-03 Jio Platforms Limited Système et procédé pour activer une carte sim en tant que micro-plateforme

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2346239A (en) * 1999-01-26 2000-08-02 Ibm Card security and Web sites
EP1085395A2 (fr) * 1999-09-13 2001-03-21 Phone.Com Inc. Système de commande d'accès des fichiers d'une carte à mémoire
EP1089156A2 (fr) * 1999-09-30 2001-04-04 M-Systems Flash Disk Pioneers Ltd. Dispositif, système et procédé de commande d'accès de données
US6216014B1 (en) * 1996-05-17 2001-04-10 Gemplus Communication system for managing safely and independently a plurality of applications by each user card and corresponding user card and management method
GB2370659A (en) * 2000-12-29 2002-07-03 Nokia Mobile Phones Ltd Method of controlling access to a data file held by a smart card

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPS63106888A (ja) * 1986-10-24 1988-05-11 Hitachi Ltd Cpuカ−ドアクセス管理方式
GB2331821A (en) * 1997-11-27 1999-06-02 Northern Telecom Ltd Electronic sealed envelope
DE19816541C2 (de) * 1998-04-15 2001-05-10 Orga Kartensysteme Gmbh Datenaustauschsystem
US6823520B1 (en) * 1999-01-22 2004-11-23 Sun Microsystems, Inc. Techniques for implementing security on a small footprint device using a context barrier

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6216014B1 (en) * 1996-05-17 2001-04-10 Gemplus Communication system for managing safely and independently a plurality of applications by each user card and corresponding user card and management method
GB2346239A (en) * 1999-01-26 2000-08-02 Ibm Card security and Web sites
EP1085395A2 (fr) * 1999-09-13 2001-03-21 Phone.Com Inc. Système de commande d'accès des fichiers d'une carte à mémoire
EP1089156A2 (fr) * 1999-09-30 2001-04-04 M-Systems Flash Disk Pioneers Ltd. Dispositif, système et procédé de commande d'accès de données
GB2370659A (en) * 2000-12-29 2002-07-03 Nokia Mobile Phones Ltd Method of controlling access to a data file held by a smart card

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
ISO: "7816 part 4: Interindustry command for interchange" [Online] 28 November 1998 (1998-11-28) XP002169265 Retrieved from the Internet: <URL: www.ttfn.net/techno/smartcards/iso7816_4.h tml> [retrieved on 2002-09-18] paragraph [05.1] - paragraph [05.4] *

Cited By (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6963740B1 (en) 2001-07-31 2005-11-08 Mobile-Mind, Inc. Secure enterprise communication system utilizing enterprise-specific security/trust token-enabled wireless communication devices
US7043493B2 (en) 2001-09-17 2006-05-09 Fujitsu Limited Hierarchical file system and anti-tearing algorithm for a limited-resource computer such as a smart card
US7097107B1 (en) 2003-04-09 2006-08-29 Mobile-Mind, Inc. Pseudo-random number sequence file for an integrated circuit card
US8583561B2 (en) 2009-04-28 2013-11-12 Mastercard International Incorporated Apparatus, method, and computer program product for providing a quality control mechanism for the contactless interface of a dual-interface card
WO2010127012A1 (fr) * 2009-04-28 2010-11-04 Mastercard International Incorporated Appareil, procédé et produit programme d'ordinateur pour fournir un mécanisme de contrôle de qualité pour l'interface sans contact d'une carte à double interface
US8370258B2 (en) 2009-04-28 2013-02-05 Mastercard International Incorporated Apparatus, method, and computer program product for recovering torn smart payment device transactions
US8401964B2 (en) 2009-04-28 2013-03-19 Mastercard International Incorporated Apparatus, method, and computer program product for encoding enhanced issuer information in a card
US20100274712A1 (en) * 2009-04-28 2010-10-28 Mastercard International Incorporated Apparatus, method, and computer program product for providing a quality control mechanism for the contactless interface of a dual-interface card
US20140067685A1 (en) * 2009-04-28 2014-03-06 Mastercard International Incorporated Apparatus, method, and computer program product for providing a quality control mechanism for the contactless interface of a dual-interface card
US10181121B2 (en) 2009-04-28 2019-01-15 Mastercard International Incorporated Apparatus, method, and computer program product for recovering torn smart payment device transactions
US11120441B2 (en) 2009-04-28 2021-09-14 Mastercard International Incorporated Apparatus, method, and computer program product for providing a quality control mechanism for the contactless interface of a dual-interface card
US8321481B2 (en) 2010-05-13 2012-11-27 Assa Abloy Ab Method for incremental anti-tear garbage collection
US20120172016A1 (en) * 2010-12-30 2012-07-05 STMicroelectronics NV, Country of Incorporation: Italy Method and system for controlling communication between an uicc and an external application
US9143922B2 (en) * 2010-12-30 2015-09-22 Stmicroelectronics International N.V. Method and system for controlling communication between an UICC and an external application

Also Published As

Publication number Publication date
GB2370659A (en) 2002-07-03
GB0031837D0 (en) 2001-02-14
WO2002054195A3 (fr) 2002-11-14

Similar Documents

Publication Publication Date Title
JP6035443B2 (ja) 記憶媒体
KR100587882B1 (ko) 스마트 카드 웰잇
RU2242795C2 (ru) Способ осуществления безналичных расчетов и система для осуществления способа
TW378308B (en) Smartcard, wireless telephone, system and method for accessing and communication with the internet
US8381999B2 (en) Selectively switching antennas of transaction cards
US7191234B2 (en) Deployment of smart card based applications via mobile terminals
EP2626823A1 (fr) Sélection basée sur l&#39;emplacement dans des portefeuilles mobiles
KR20010078739A (ko) 개선된 통신 방법 및 장치
KR20080113072A (ko) 이동 단말기에서 근접 통신 모듈에 대한 액세스를 안전하게하는 방법
KR100842556B1 (ko) 이동 통신 단말을 이용한 서비스 승인 방법
WO2002054195A2 (fr) Procede de controle d&#39;acces a un fichier de donnees contenu dans une carte a puce
WO2004068819A1 (fr) Communication entre une carte a puce et un serveur
EP1860605A1 (fr) Système d&#39;argent électronique, support de stockage d&#39; informations et dispositif terminal mobile
EP1705605A1 (fr) Dispositif de stockage d&#39;informations personnelles et terminal mobile
KR100432838B1 (ko) 전자 화폐 처리 방법, 프로그램을 기록한 기록 매체 및 전자 화폐 카드의 처리 방법
KR100712314B1 (ko) 멀티미디어 데이터의 판매 방법 및 상기 판매 방법이채용된 관리 서버
EP1724689A1 (fr) Système de fourniture d&#39;un site portail et serveur, procédé et programme utilisés pour celui-ci
US20080272187A1 (en) Electronic Money System, Information Storage Medium, and Mobile Terminal Device
US20090094685A1 (en) Method and arrangement for accessing call number portability data
KR20050075494A (ko) 무선통신단말기에서의 무선응용프로토콜 프로파일 설정 방법
JP2001275165A (ja) データ送受信システムとこのシステムに用いられるマスタ端末とスレーブ端末
KR20020013944A (ko) 개인 휴대용 통신 단말기를 이용한 신용카드 보안 시스템및 그 방법

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): CN JP KR US

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR

AK Designated states

Kind code of ref document: A3

Designated state(s): CN JP KR US

AL Designated countries for regional patents

Kind code of ref document: A3

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP

WWW Wipo information: withdrawn in national office

Country of ref document: JP