WO2019234346A1

WO2019234346A1 - Chip card personalisable in a secure manner and method for secure personalisation

Info

Publication number: WO2019234346A1
Application number: PCT/FR2019/051324
Authority: WO
Inventors: Aissa WAKNIOUN; Marco DE OLIVEIRA; Ludovic Martin-Martinasso
Original assignee: Idemia France
Priority date: 2018-06-05
Filing date: 2019-06-04
Publication date: 2019-12-12
Also published as: FR3082030A1; FR3082030B1

Abstract

The invention concerns a personalisable chip card (20) comprising: a secure element (211) the configuration of which can be modified via an interface (28) for communicating with an external device, a microcontroller (221) the configuration of which can be modified; the chip card (20) being characterised in that the secure element (211) is configured for configuring the microcontroller (221).

Description

CARD WITH SECURELY CUSTOMIZABLE CHIP AND METHOD OF

SECURE CUSTOMIZATION

FIELD OF THE INVENTION

The invention is in the field of security devices of the smart card type comprising a secure element and a customizable microcontroller. It relates, in particular, a customizable smart card and a method of personalizing such a smart card.

BACKGROUND OF THE INVENTION

The present invention relates to a security device such as a smart card, for example of the banking type or identity document.

To do this, the smart card typically comprises a secure element dedicated to secure payment and / or storage of sensitive data, for example identity data.

The secure element can communicate with a card reader via a communication interface, for example compliant with ISO 7816 (contact communication) or IS014443 or NFC / ISO 15693 (contactless communication). Conventionally, the configuration of the secure element is done via this communication interface. It is thus possible to modify the applications or applets of the secure element in order to personalize it and to evolve, among other things, the security policy of the smart card.

The present invention is in the case where the smart card also includes one or more microcontroller (s) customizable (s) of the type Bluetooth microcontroller (Bluetooth is a trademark) or biometric data extractor (for example fingerprint). Other types of microcontrollers may be envisaged, in particular an interface control component such as a display, a light-emitting diode (LED) or a buzzer.

Such customizable microcontrollers allow to offer performance and features tailored to users of this type of card. The customization of these microcontrollers can be done at different times: either during the production of the microcontroller, that is to say before it is installed on the smart card, or during the life of the card.

From an industrial point of view, it is particularly expensive and constraining to consider the differentiated production of such microcontrollers. In addition, in this case, the configuration is usually frozen once the microcontroller is installed on the card. In addition, the customization of the microcontroller during the life of the smart card requires an adaptation of existing personalization equipment. Indeed, the known smart card personalization equipment are adapted to communication with the secure element but require adaptations to communicate with the microcontroller also present on the card. In addition, the communications with the secure element and the microcontroller must then be implemented sequentially to execute their respective personalization, so that the personalization time increases significantly.

There is thus a need to improve the personalization of smart cards comprising a microcontroller in addition to the secure element.

SUMMARY OF THE INVENTION

The present invention thus aims to overcome at least one of these disadvantages.

In this context, a first aspect of the invention relates to a customizable smart card comprising:

a secure element whose configuration can be modified via a communication interface with an external device,

a microcontroller whose configuration can be modified;

the smart card being characterized in that the secure element is configured to configure the microcontroller.

Thus, the secure element is configured to apply a configuration to the microcontroller and / or modify the current / current configuration of the microcontroller.

In general, the invention makes it possible to modify the functionalities of the smart card without requiring modification of the personalization equipment to do this.

Advantageously, it allows in particular to control and evolve the security policy of the smart card as a whole, including that of the microcontroller installed therein, without requiring modification of the personalization equipment to do this.

The security of such a smart card is thus enhanced by the control of the microcontroller exerted by the secure element.

The configuration of the microcontroller can consist of parameters, data, and / or all or part of the microcontroller software.

The configuration of the microcontroller notably makes it possible to adapt its behavior and / or that of the software executed by it, in particular with respect to the element secure and / or external device. The configuration of the microcontroller also makes it possible to adapt the behavior of communication interfaces between this and the secure element, a button, a sensor or other. Finally, the configuration of the microcontroller makes it possible to adapt its internal behavior.

Correlatively, a second aspect of the invention relates to a method of personalizing a smart card comprising:

a secure element whose configuration can be modified via a communication interface with an external device;

a microcontroller whose configuration can be modified;

the method being characterized in that it comprises the configuration, by the secure element, of the microcontroller.

Other features of the smart card according to particular embodiments are described in the dependent claims.

In a particular embodiment of the invention, the secure element is configured to verify the configuration of the microcontroller.

Thus, in embodiments, the microcontroller is authorized to access services and / or data of the secure element after checking the configuration of the microcontroller, including its integrity by the secure element.

In these embodiments, the secure element could also check the entire microcontroller software.

In a particular embodiment of the invention, the microcontroller is a wireless communication manager.

In embodiments, the smart card includes a biometric sensor, and the microcontroller is configured to extract biometric data from the biometric sensor.

In a particular embodiment of the invention, the configuration of the microcontroller defines a wireless communication service.

Such a service can be generally defined as a structure / collection of messages / data associated with a behavior to perform a particular function. This structure / collection is possibly associated with an identifier and can be hierarchical.

In a particular embodiment of the invention, the configuration of the microcontroller defines rules relating to the routing of the data by the microcontroller.

For example, in the case of a card having several displays, the routing could consist of identifying the display on which the microcontroller must display the data received for each application of the secure element. In a particular embodiment of the invention, the configuration of the microcontroller indicates a datum or type of data or a service that the microcontroller is authorized to obtain from the secure element or from an external device.

For example, such a configuration may include an electronic certificate containing indicators relating to the data that the microcontroller can receive. In particular, the certificate may be signed by a trusted third party recognized by the secure element and / or the external device that sends the data.

In a particular embodiment of the invention, the configuration of the microcontroller specifies a period of validity of the data or the type of data, at the end of which the data can no longer be used by the microcontroller or a period of validity of the service. , at the end of which the service can no longer be used by the microcontroller.

Equivalently, an expiry date could be defined instead of a period of validity.

This makes it possible to activate a cache mechanism on the microcontroller side for data for a given period of time and makes it possible to limit the solicitation of the secure element and therefore the energy consumption of the battery, thus prolonging the lifetime of the battery. .

It is important to note that the secure element controls the security policy of the entire card, even in this energy-saving mode, since it dictates the configuration to be applied. Thus, even in the case where the secure element is the slave in a master-slave configuration with the microcontroller, the secure element dictates the security policy to be applied for all the data of the card.

At the end of the validity period, the service can be erased from the memory by the microcontroller.

In a particular embodiment of the invention, the configuration of the microcontroller specifies the write mode to be used by the microcontroller to store the data or the service. The write mode can be synchronous or asynchronous.

In a particular embodiment of the invention, the configuration defines rules for the implementation of security countermeasures by the microcontroller in response to the detection of an attack.

Such a countermeasure comprises for example the writing of a blocking data (or lock) in a rewritable non-volatile memory of the microcontroller. The presence of blocking data in memory will prevent any subsequent operation of the microcontroller.

Such a countermeasure may also consist, for example, in the deletion of data or services the use of which has been previously authorized by the secure element, although the validity period has not expired and / or the inhibition of the mechanism allowing the microcontroller to store such data.

The detected attack is for example a non-invasive attack during which the card is not modified / altered, a semi-invasive attack during which the card is physically damaged, or an invasive attack during which the card is damaged. physical integrity of the secure element and / or the microcontroller is impaired.

Examples of events that can be considered as attacks are: the reception of a signal from a sensor of the secure element / microcontroller indicating an abnormal temperature, a loss of integrity of the protective layer, a predetermined number of successive erroneous PIN code tests;

- attacks by injection of faults.

In a particular embodiment of the invention, the secure element is configured to authenticate the microcontroller, the configuration of the microcontroller can not be modified after authentication of the microcontroller by the secure element.

Conversely, the configuration of the microcontroller can be conditioned by the authentication of the secure element by the microcontroller.

In a particular embodiment of the invention, the microcontroller is configured to apply a configuration modified by the secure element to detection of a predefined event.

In embodiments, the microcontroller is configured to solicit (near the secure element) the modification of its configuration. Typically, this request can take place with detection of a predefined event.

In a particular embodiment of the invention, the secure element is configured to configure the microcontroller to detect a predefined event.

In embodiments, this event may be the reception of information from the secure element, for example following the detection of an attack by the secure element or following the successful verification of a PIN code by the security element. secure element.

In other embodiments, this predefined event may be the reception of information by the microcontroller. For example, receiving data via Bluetooth if the microcontroller is a Bluetooth controller, detecting a finger if the microcontroller controls a fingerprint sensor, or pressing a button if the microcontroller controls a button.

According to other embodiments, the event may be the expiration of a delay / a timeout. For example, this timer is managed by the microcontroller and starts for example from the moment the card is powered (power-on).

In a particular embodiment of the invention, the secure element is configured to configure the microcontroller at the first power on of the smart card. following the end of an initial configuration of the secure element via the communication interface or following the end of the configuration of the secure element via the communication interface.

In embodiments, changing the configuration of the secure element includes adding a new application or updating the setting associated with an application or group of applications of the secure element.

The secure element may refuse to provide a service and / or data to the microcontroller until the microcontroller has requested and / or saved and / or applied the modified configuration.

In a particular embodiment of the invention, the communication interface is a contact communication interface according to the ISO 7816 standard or a contactless communication interface according to the ISO 14443 and / or ISO 15693 standard.

In a variant, the communication interface may comprise a serial link of the SPI or I2C type.

The advantages, aims and special characteristics of the microcontroller and the secure element are similar to those of the aforementioned methods that they implement.

In a particular embodiment, the various steps of the aforementioned methods are determined by instructions of computer programs.

Accordingly, the invention also relates to computer programs on information carriers, these programs being capable of being implemented by microprocessors, and comprising instructions adapted to the implementation of the steps of the processes such as mentioned above.

These programs can use any programming language, and be in the form of source code, object code, or intermediate code between source code and object code, such as in a partially compiled form, or in any other form desirable shape.

The invention is also directed to microprocessor-readable information carriers, and including computer program instructions as mentioned above.

The information carriers may be any entity or device capable of storing the programs. For example, the media may comprise a storage means, such as a ROM, for example a microcircuit ROM, or a magnetic recording means, for example a hard disk, or a flash memory.

On the other hand, the information carriers may be transmissible media such as electrical or optical signals, which may be conveyed via an electrical or optical cable, by radio or by other means. The programs according to the invention can in particular be downloaded on a storage platform of an Internet type network. Alternatively, the information carriers may be integrated circuits in which the programs are incorporated, the circuits being adapted to execute or to be used in the execution of the processes in question.

The aforementioned information carriers and computer programs have characteristics and advantages similar to the processes they implement.

BRIEF DESCRIPTION OF THE FIGURES

Other features and advantages of the invention will become apparent in the description below, illustrated by the accompanying figures which illustrate embodiments having no limiting character. In the figures:

FIG. 1 comprises FIGS. 1a and 1b which illustrate, in a simplified manner, examples of smart cards in accordance with embodiments of the present invention;

- Figure 2 shows schematically an example of possible architecture for a smart card according to embodiments of the invention;

- Figure 3 shows, in the form of a timing diagram, steps of personalization of the secure element of the smart card;

FIG. 4 represents, in chronogram form, steps of a smart card personalization method according to a first embodiment of the invention;

FIG. 5 represents, in chronogram form, steps of a chip card personalization method according to a second embodiment of the invention;

FIG. 6 represents, in the form of a timing diagram, the steps implemented for the verification of the configuration;

FIG. 7 represents, in the form of a timing diagram, the steps implemented for the verification of the configuration by the secure element according to a variant of FIG. 6;

- Figure 8 shows, in the form of a timing diagram, steps of a routing between the secure element and an external device, implemented by the microcontroller;

FIG. 9 illustrates, in the form of a timing diagram, the steps implemented to obtain data or access to a service of the secure element by the microcontroller;

FIG. 10 illustrates, in the form of a timing diagram, steps implemented by the microcontroller for obtaining data or accessing a service of an external device; FIG. 11 illustrates, in the form of a timing diagram, the steps implemented for the use of data associated with a period of validity by an external device according to a first example;

FIG. 12 illustrates, in the form of a timing diagram, the steps implemented for the use of data associated with a period of validity by an external device according to a second example;

FIG. 13 comprises FIGS. 13a and 13b which respectively illustrate, in the form of timing diagrams, synchronous writing and asynchronous writing according to embodiments.

DETAILED DESCRIPTION OF THE INVENTION

In general, the invention relates to a smart card comprising a secure element and a microcontroller, such as a Bluetooth microcontroller (Bluetooth is a brand).

The invention is not limited to this particular embodiment. In particular, it could apply to a smart card without a Bluetooth microcontroller, for example with a biometric analyzer. Other types of microcontrollers can of course be considered. The secure element of the card can be customized, that is to say that its configuration can be changed via a communication interface with an external device, for example a smart card reader, typically a payment terminal.

According to the present invention, it is the secure element that will customize the microcontroller, that is to say modify its configuration.

According to a particular embodiment, the secure element will also verify the configuration of the microcontroller to ensure that its security policy is respected / applied.

Various applications of the invention are envisaged, for example the routing of data of the secure element via the Bluetooth interface of the microcontroller, or the authentication of data or services or external devices.

A service can be generally defined as a structure / collection of messages / data associated with a behavior to perform a particular function. This structure / collection is possibly associated with an identifier and can be hierarchical.

In the following description, the terms "configuration" and "customization" refer to the configuration of a component during the production of the card as well as to the configuration of the component during the use of the card. The terms "change configuration" are synonymous with "configure". Thus, it may be a configuration involved during the manufacture of the smart card as well as a configuration occurring during the life of the card.

Figure 1 includes Figures 1a and 1b which illustrate, in a simplified manner, examples of smart cards in accordance with embodiments of the present invention.

In a first example illustrated in FIG. 1a, the smart card 1 comprises a secure element 10 which communicates with a terminal 12 via a contact communication interface 1 1 in accordance with the ISO 7816 standard. The terminal 12 is for example a reader of FIG. Smartcard. The invention is not limited to this type of communication interface. Alternatively, it could be an I2C or SPI serial link, or a non-contact interface compliant with IS014443 or NFC / ISO 15693 standards.

The smart card 1 also includes a microcontroller 14 configured to control a biometric sensor 16. The biometric sensor 16 is for example a fingerprint sensor.

Thus, in this first example, the microcontroller communicates with the external terminal via the ISO link 7816 between the secure element 10 and the terminal 12.

In a second example illustrated in FIG. 1b, the smart card 1 'differs from that of the example of FIG. 1a in that it comprises a microcontroller 14' configured to control a wireless communication interface 16 ' , here complies with the Bluetooth standard (Bluetooth is a trademark).

Thus, in this second example, the microcontroller can communicate with the external terminal either via the ISO link 7816 between the secure element 10 and the terminal 12 or via the wireless communication interface 16 '.

Figure 2 shows schematically an example of possible architecture for a smart card 20 according to embodiments of the invention. This architecture can for example apply to the card 1, 1 'shown in Figures 1a and 1b.

This smart card 20 comprises a secure element 21 1 and a microcontroller 221. The secure element 21 1 comprises a processing unit 22 (or microprocessor) connected by a bus to a random (or volatile) memory 24 and a non-volatile memory rewritable 26. The secure element may also include a non-volatile memory non-rewritable (ROM type for example).

The RAM 24 is for example a RAM (for Random Access Memory) comprising registers adapted to the recording of the variables and parameters created and modified during the execution of a computer program comprising instructions for the implementation of a method according to embodiments of the invention, in the practice of the invention. The instruction codes of the program stored in memory nonvolatile 26 are loaded into RAM memory for execution by the processing unit 22.

The non-volatile rewritable memory 26 is for example an EEPROM (for electrically erasable read only memory) or a flash memory and can constitute a medium within the meaning of the invention, that is to say it can understand a computer program comprising instructions for carrying out a method according to embodiments of the invention. Correspondingly, if the secure element comprises a non-volatile memory non-rewritable, it may constitute a medium within the meaning of the invention.

Similarly, the microcontroller 221 comprises a processing unit 212 (or microprocessor) connected by a bus to a random access memory 214 (for example of the same type as the memory 24) and a rewritable non-volatile memory 216 (for example of the same type as memory 26).

The secure element 21 1 is connected to a communication interface 28 with a smart card reader. For example, the communication interface 28 complies with ISO 7816 (contact communication) or IS014443 or NFC / ISO 15693 (contactless communication). The secure element 21 1 is connected to the microcontroller 221 by a communication interface 250. For example, the communication interface 250 complies with ISO 7816, I2C or SPI. In embodiments, the interfaces 28 and 250 are one and the same interface.

In this example, the microcontroller 221 is further connected to an annex interface 231, for example a Bluetooth wireless communication interface or an interface such as fingerprint sensor, button, light sensor, buzzer or display.

According to embodiments of the present invention, the secure element is configured to configure the microcontroller and / or modify the current / current configuration of the microcontroller.

In some embodiments, such a configuration defines a wireless communication service, possibly associated with at least one application of the secure element.

For example, the configuration of the microcontroller can define rules relating to the routing of data by the microcontroller, as described with reference to FIG. 8.

In embodiments, the configuration defines a service-type service "battery" defined in the Bluetooth standard. In practice, this service only concerns microcontrollers mounted in a battery-powered card and allows the microcontroller to send the percentage of charge from the internal battery of the card to the external device. The microcontroller can deduce this charge value via the electronic card without requiring interrogation of the secure element (and / or one of its application). In another example, the configuration defines a service "RSSI" (Received Signal Strength Indication).

In embodiments, the configuration of the microcontroller can indicate data or type (s) of data that the microcontroller is allowed to obtain from the secure element or an external device and / or a service that the microcontroller is allowed to use.

For example, such a configuration may include an electronic certificate containing indicators relating to the data that the microcontroller can receive. In particular, the certificate may be signed by a trusted third party recognized by the secure element and / or the external device that sends said data.

The configuration of the microcontroller can in particular specify a period of validity of the data or the type of data, at the end of which the data can no longer be used by the microcontroller or a duration of validity of the service, at the end of which it does not can no longer be used by the microcontroller.

The configuration of the microcontroller can also specify the writing mode (for example synchronous or asynchronous) to be used by the microcontroller to store data or a service.

The configuration may define rules for implementing secure countermeasures by the microcontroller in response to detecting an attack. Examples of events that can be considered as attacks are the reception of a signal from a sensor of the secure element / microcontroller indicating an abnormal temperature, loss of integrity of the protective layer, or a predetermined number of times. successive erroneous PIN code tests. The defined rules are for example the erasure of the data stored in the microcontroller (even if they are valid with respect to their validity) or the writing of a blocking data in a dedicated memory area or not.

Figure 3 shows, in the form of a timing diagram, steps of personalization of the secure element of the smart card. These steps are implemented prior to the method according to the invention, examples of whose embodiments will be described with reference to the next figures.

During a first step E300, the smart card is on (Power On). In practice, an external device, typically a smart card reader, can power the smart card. In a variant, the smart card includes an internal battery that powers its components.

During a step E310, the external device and the secure element establish a communication for exchanging data via the interface 28 shown in FIG.

During a step E320, the secure element authenticates the external device. For example, this step includes generating a challenge CH 1 by the secure element and then its transmission to the external device and the receipt of a response to the challenge, for example in the form of a signature S1. The secure element then verifies the validity of this signature.

Alternatively, step E320 could include mutual authentication.

During a step E330, the external device transmits a configuration to the secure element. It can be an initial configuration or a new configuration that modifies / replaces the existing configuration.

During a step E340, the secure element records / loads the configuration received in step E330. In practice, during a step E350, the secure element modifies an indicator indicating that the configuration has been modified / loaded.

In step E360, the smart card turns off (Power OFF). In embodiments, additional steps, for example certain steps described with reference to FIGS. 4, 5, 6, 7, are carried out before this step E360. In other words, there is not necessarily a restart of the card between the implementation of these steps.

FIG. 4 represents, in the form of a timing diagram, steps of a chip card personalization method according to a first embodiment of the invention.

In this example, the secure element and the microcontroller are in a master-slave configuration in which the secure element plays the role of slave and the microcontroller that of master.

During a step E400, the secure element and the microcontroller mutually authenticate. This authentication is here at the initiative of the microcontroller because it plays the role of the master and the secure element that of the slave. Alternatively, only the microcontroller or only the secure element could authenticate.

Upon detection of an event (step E410), the microcontroller interrogates the secure element in order to know if its configuration needs to be modified.

In embodiments, this predefined event may be the reception of information by the microcontroller. For example, receiving data via Bluetooth if the microcontroller is a Bluetooth controller, detecting a finger if the microcontroller is connected to a fingerprint sensor, or pressing a button if the microcontroller is connected at a button.

According to other embodiments, the event may be the expiration of a delay / a timeout. For example, this delay is managed by the microcontroller and starts for example from the moment when the card is powered (power ON).

Alternatively, the authentication step E400 can be implemented after the detection of the event (step E410).

During a step E420, the secure element checks whether the configuration of the microcontroller must be modified and returns the response to the microcontroller. This can be for example, by checking the state of the indicator mentioned in step E350 of FIG. 3.

During a step E430, if its configuration must be modified, the microcontroller asks the secure element that it sends the modified configuration.

During a step E440, the secure element sends the modified configuration to the microcontroller.

During a step E450, the received configuration is recorded and applied by the microcontroller.

During a step E460, the microcontroller informs the secure element of the smooth running of the configuration (status ok).

During a step E470, the secure element acknowledges receipt of this information.

As a variant, the application of the configuration received from the secure element in step E440 may be delayed, for example until the microcontroller detects a particular event. The particular event may be for example the next ignition (Power ON) of the card. Alternatively, this event may be the receipt of information indicating the start of a bank transaction in a cash dispenser. This would for example ensure that the card will not be removed from the power supply before the end of the registration of the modified configuration by the microcontroller, thus preventing the corruption of the modified configuration.

This variant has the advantage of avoiding in particular a problem of consistency and data corruption that may occur during the use of the smart card if the configuration of the microcontroller is changed too long after switching on the card. This could for example be the case if the transmission of the configuration by the secure element in step E440 and / or its recording by the microcontroller (step E450) are long. Indeed, in such a case there is a risk that the power supply of the card is interrupted, thus interrupting the current configuration of the microcontroller by the secure element.

FIG. 5 represents, in chronogram form, steps of a chip card personalization method according to a second embodiment of the invention.

In this example, the secure element and the microcontroller are in a master-slave configuration in which the secure element plays the role of master and the microcontroller that of slave.

During a step E500, the secure element and the microcontroller mutually authenticate each other. This authentication is here at the initiative of the secure element because it plays the role of the master and the microcontroller that of the slave. Alternatively, only the microcontroller or only the secure element could authenticate. During a step E520 similar to step E420, the secure element checks whether the configuration of the microcontroller must be modified and then returns the response to the microcontroller.

Step E520 can be implemented regularly or to detect a predefined event. For example, this predefined event may be the reception of a particular status of the microcontroller by the secure element. For example, this status may indicate the receipt of data via Bluetooth if the microcontroller is a Bluetooth controller, the detection of a finger if the microcontroller is associated with a fingerprint sensor, or the pressing of a button if the microcontroller is connected to a button.

According to other embodiments, the event may be the expiration of a delay / a timeout. For example, this timer is managed by the secure element and starts for example from the moment when the card is powered (power ON).

During a step E540 similar to step E440, if the configuration is to be modified, the secure element sends the modified configuration to the microcontroller.

During a step E550 similar to step E450, the received configuration is recorded and applied by the microcontroller.

During a step E560 similar to step E460, the microcontroller informs the secure element of the smooth running of the configuration (status ok).

Figure 6 shows, in the form of a timing diagram, steps implemented for the verification of the configuration of the microcontroller by the secure element. These steps are for example following the installation of a new configuration of the microcontroller under the control of the secure element. In a variant, they can be implemented when the card is turned on (power ON). Indeed, access to the data and services of the secure element from an external device and / or from the microcontroller can be conditioned to the proper conduct of these steps.

During a step E600 similar to step E400, the secure element and the microcontroller mutually authenticate each other. This authentication is here at the initiative of the microcontroller because it plays the role of the master and the secure element that of the slave. Alternatively, only the microcontroller or only the secure element could authenticate.

During a step E610, the microcontroller interrogates the secure element. This step is necessary insofar as the secure element acts as a slave. In this example, this query takes the form of a request for access to a service or data to the secure element. However, the invention is not limited to this type of interrogation. For example, the step E610 could consist of sending a datum or a challenge by the microcontroller to the secure element. Alternatively, step E610 could include sending a dedicated command to trigger the verification process.

During a step E620, the secure element informs the microcontroller that a verification of its configuration is necessary, here to determine whether the requested access is granted or not. To do this, he asks the microcontroller to send him his current configuration or any other data allowing him to verify its integrity. This is for example a hash or a signature of the configuration that may include the response to a challenge previously received from the secure element.

In response, the microcontroller transmits its current configuration or the requested data (step E630) to the secure element that checks (step E640) if the microcontroller has the correct configuration.

The verification may be a comparison of the configuration received in step E630 with that stored in the memory of the secure element. The result of the comparison is then a status indicating whether the received configuration is identical to that stored in the secure element. According to an alternative implementation mode this verification can consist in comparing the hash or signature received in step E630 with a hash or a reference signature stored in the secure element or calculated by the secure element from the stored configuration. in this one (and possibly the challenge he sent to the microcontroller).

In this example, if the microcontroller actually has the correct configuration, the secure element can determine if according to the configuration, it is allowed to obtain the required data or to access the requested service.

For this purpose, the configuration received in step E630 may indicate data or type (s) of data that the microcontroller is allowed to obtain from the secure element and the services that the microcontroller is authorized to use.

For example, such a configuration may include an electronic certificate containing indicators relating to the data that the microcontroller can receive. In particular, the certificate may be signed by a trusted third party recognized by the secure element.

Optionally, a challenge may be submitted to the microcontroller in step E620 which responds to step E630. Alternatively or in combination, the microcontroller can also send a signature of the configuration.

During a step E650, the secure element returns its response to the microcontroller according to the result of the verification of step E640. This answer consists in saying if the configuration of the microcontroller is up to date and / or integrates, or not. It may also allow access to the requested service or data at step E610, or ban. In the case where the configuration is not current and / or intact, the secure element may decide to update it.

According to an alternative embodiment, the step E610 is replaced by a challenge request to the secure element and the E620 step further comprises sending this challenge to the microcontroller. Step E630 then includes sending a response to the challenge to the secure element with the configuration.

FIG. 7 represents, in the form of a timing diagram, the steps implemented for the verification of the configuration by the secure element according to a variant of FIG. 6. These steps, for example, follow the installation of a new configuration of FIG. microcontroller under the control of the secure element. In a variant, they can be implemented when the card is turned on (power ON). Indeed, access to the data and services of the secure element from an external device and / or from the microcontroller can be conditioned to the proper conduct of these steps.

During an E700 step similar to step E500, the secure element and the microcontroller mutually authenticate each other. This authentication is here at the initiative of the secure element because it plays the role of the master and the microcontroller that of the slave. Alternatively, only the microcontroller or only the secure element could authenticate.

During a step E720 similar to step E620, the secure element asks the microcontroller to send it its current configuration or any other data enabling it to check its integrity. This is for example a hash or a signature of the configuration that can include the response to a challenge previously received from the secure element, to verify it.

In response, the microcontroller transmits its current configuration or other data (step E730) to the secure element that verifies it (step E740).

The verification may be a comparison of the configuration received in step E730 with that stored in the memory of the secure element. The result of the comparison is then a status indicating whether the received configuration is identical to that stored in the secure element. According to an alternative implementation mode this verification can consist in comparing the hash or signature received in step E730 with a hash or a reference signature stored in the secure element or calculated by the secure element from the stored configuration. in this one (and possibly the challenge he sent to the microcontroller).

During a step E750, the secure element sends the result of the verification to the microcontroller according to the step E740. This answer consists of saying whether the microcontroller configuration is up to date and / or integrates, or not. In the case where the configuration is not current and / or intact, the secure element may decide to update it.

During a step E760, the microcontroller acknowledges receipt of this information and / or requests access to a service or data item of the secure element.

Figure 8 shows, in the form of a timing diagram, steps of a routing between the secure element and an external device, implemented by the microcontroller.

In this example, the configuration consists of a routing table that establishes a correspondence between applications of the secure element (App1, App2) and the services (Service 1, Service 2, Service 3) proposed and / or supported by the microcontroller on the appendix 231.

As an illustration, the routing table can be for example figured as follows:

The "input" and "output" indicators allow the microcontroller to know the transit direction associated with each application / service pair. Thus when the microcontroller receives data from the external device via a service, it can search the application associated with the service among the application / service pairs associated with the "Enter" indicator. When the microcontroller receives data from the secure element, it can search the service to be used to transmit the data to the external device among the application / service pairs associated with the "Output" indicator.

During an E800 step, the external device sends a "Service 3" service, that is to say a particular data structure "Service 3", comprising for example a PIN code, to the microcontroller of the card. This may be a result of a user entering the PIN code on the external device. The reception can be done by Bluetooth on the interface 231.

During a step E805, the microcontroller performs a routing.

In practice, during this step, the service received at step E800 is identified, then the microcontroller searches the application of the secure element that is associated with this service in its routing table (ie its configuration), c. that is to say the application to which the microcontroller must forward all or part of the data contained in the service. In the present case, the microcontroller concludes at step E805 that it must send the data received via the service 3 (the PIN) to the application "App 1" of the secure element. During a step E810, the microcontroller sends a selection command of an application App1 of the secure element. For example, this application allows you to check a PIN.

During a step E815, the secure element selects its application App1 and informs the microcontroller during a step E820.

During a step E825, the microcontroller sends the PIN code received in step E800 to the secure element.

During an E830 step, the secure element processes the PIN code using the App1 application.

During a step E835, the secure element returns a challenge to the microcontroller to make an additional check.

During a step E840, the microcontroller implements a routing operation. In practice, during this step, the microcontroller searches for the service to be used to forward the data received in step E835 to the external device in its routing table (i.e. its configuration). In the present case, the microcontroller concludes in step E840 that it must send the data received in step E835 (the challenge) via the "Service 1" to the external device.

During a step E845, the microcontroller sends the challenge to the external device via the service "Service 1", that is to say using a data structure with possibly an associated identifier, identified during the step of E840 routing.

In the present example, the challenge is sent to the external device via the service 1 ..

During an E850 step, the external device responds to the challenge with the microcontroller via the "Service 2" service.

During a step E855, the microcontroller implements a routing operation. In practice, during this step, the microcontroller identifies the service received in step E850, then looks for the application of the secure element that is associated with this service in the routing table (ie its configuration), that is that is to say the application to which the microcontroller must forward all or part of the data contained in the service. In this case, the microcontroller concludes in step E855 that it must send the data received via "Service 2" (the response to the challenge) to the App2 of the secure element.

During a step E860, the microcontroller sends a selection command of an application App2 of the secure element. For example, this application is used to check the response to the challenge.

During a step E865, the secure element selects its application App2 and informs the microcontroller during a step E870. During a step E875, the microcontroller sends the challenge response received in step E850 to the secure element.

During a step E880, the secure element processes this response using the App2 application.

During a step E885, the secure element returns the result to the microcontroller.

Figure 9 illustrates, in the form of a timing diagram, steps implemented to obtain data or access to a service of the secure element by the microcontroller. These steps may follow the installation of a new configuration of the microcontroller under the control of the secure element.

In this example, the configuration of the microcontroller takes the form of an electronic certificate. This certificate includes a list of data and services that the microcontroller is authorized to access to the secure element. In addition, the certificate includes a signature generated from this list and a private key PRK_AUT issued by a trusted authority. The secure element has the public key PUK_AUT associated with the private key PRK_AUT. This public key may have been installed in its memory at the time of its personalization (see Figure 3).

During an E900 step, the microcontroller sends its certificate to the secure element.

During a step E910, the secure element verifies the signature of the certificate using its public key PUK_AUT associated with the private key PRK_AUT.

During a step E920, the secure element sends the result of the verification to the microcontroller. It is assumed for the next steps that the signature has been authenticated.

During a step E930, the microcontroller requests access to a service or data element of the secure element.

This request may follow a request for this data or this service by the device external to the microcontroller.

During an E940 step, the secure element traverses the list of data / services whose access is authorized by the certificate received in step E900.

During a step E950, if the requested service or data item is authorized in the list, and provided that the signature has been authenticated in step E910, the secure element gives access to the service or data requested.

Figure 10 illustrates, in the form of a timing diagram, steps implemented by the microcontroller for obtaining data or access to a service of an external device. These steps may follow the installation of a new configuration of the microcontroller under the control of the secure element. In this example, the configuration of the microcontroller also takes the form of an electronic certificate. This certificate includes a list of data and services that the microcontroller is allowed to access from the external device. In addition, the certificate includes a signature generated from this list and a private key PRK_AUT issued by a trusted authority. The external device has the public key PUK_AUT associated with the private key PRK_AUT.

During a step E1000, the microcontroller sends its certificate to the external device, for example via the interface 231. It is recalled that this interface is for example a Bluetooth wireless communication interface.

During a step E1010, the external device verifies the signature of the certificate using its public key PUK_AUT associated with the private key PRK_AUT.

During a step E1020, the external device sends the result of the verification to the microcontroller. It is assumed for the next steps that the signature has been authenticated.

During a step E1030, the microcontroller requests access to a service or data from the external device.

This request may follow a request for this data or this service by the secure element to the microcontroller.

During a step E1040, the external device traverses the list of data / services whose access is authorized by the certificate received in step E1000.

During a step E1050, if the requested service or data item is authorized in the list, and provided that the signature has been authenticated in step E1010, the external device gives access to the service or the requested data.

Figure 11 illustrates, in the form of a timing diagram, steps implemented for the use of data associated with a period of validity by an external device according to a first example.

In this example, the configuration of the microcontroller specifies the validity period of the data / type (s) of data or access to a service, at the end of which the data / service can no longer be accessed by the microcontroller.

The time reference can come from an internal clock of the smart card. It may for example be internal to the secure element or the microcontroller. Alternatively, it can be received from an external device, for example via the communication interface 28 with the smart card or via the interface 231.

Alternatively, the time reference may be a counter of one or more predetermined events, for example: number of button presses, number of power ON's, number of successful bank transactions, or number of uses of a service. During a step E1 100, the external device sends a data D to the microcontroller which stores it in its memory during a step E1120.

During a step E1 130, the microcontroller informs the external device of the good reception and the recording of the data D.

During a step E1 140, which may occur later, for example after a re-ignition of the smart card, the microcontroller requests access to a service to the secure element.

During a step E1150, the secure element requires the sending of the data D to verify whether access to the service can be granted.

During a step E1160, the microcontroller checks its configuration to determine if the data D is still valid. If so, it sends it to the secure element during a step E1170. It is assumed here that this is the case. Otherwise, the data D is not sent to the secure element and access to the requested service is not granted.

Note that the action performed by the microcontroller, when the data is no longer valid, may depend on the configuration of the microcontroller. Thus said configuration may include one or more indicators for this purpose.

Examples of possible actions are:

- (illustrated case) data D is not sent to the secure element and access to the requested service is not granted;

the microcontroller removes the data D from its non-volatile memory;

the microcontroller requests from the external device a new datum D.

During a step E1180, the secure element authorizes access to the service because it has received the data D which is still valid.

Figure 12 illustrates, in the form of a timing diagram, steps implemented for the use of data associated with a period of validity by an external device according to a second example.

During a step E1200, the external device requests a data E to the microcontroller which checks whether it has it in its memory during a step E1210.

If it is not the case, the microcontroller requests the data E to the secure element during a step E1230.

During a step E1240, the secure element returns the data E to the microcontroller.

During a step E1250, the microcontroller verifies that its configuration allows it to memorize the data E and if so, it stores it.

During a step E1260, the microcontroller sends the requested data item E to the external device. During a step E1270, which can take place later, for example after a re-ignition of the smart card, the external device again requests the data E to the microcontroller.

During a step E1280, the microcontroller checks whether the data E in memory is still valid and if so, it sends it back to the external device in step E1290. Otherwise it erases the data E from its memory in step E1295 and steps E1230, E1240, E1250 and E1260 are implemented.

Fig. 13 includes Figs. 13a and 13b which respectively illustrate, in timing form, synchronous writing and asynchronous writing according to embodiments.

In embodiments, the configuration of the microcontroller specifies the write mode (for example synchronous or asynchronous) to be used to store a data item or a service.

Figure 13a illustrates the principle of synchronous writing.

During a step E1300, the external device requests the microcontroller to write the data A to what it does in steps E1310 and E1320 under the control of the secure element. The microcontroller then responds to the external device (step E1330).

Thus, the writing is synchronous because the microcontroller only responds once it is done.

Figure 13b illustrates the principle of asynchronous writing.

In this case, the microcontroller responds to the external device (step E1305) before the writing is actually performed. It may, optionally, also send a message to the external device after writing is complete (optional step E1330).

The foregoing examples are only embodiments of the invention which is not limited thereto.

Claims

A customizable smart card (1, 1 ', 20) comprising:

a secure element (10, 211) whose configuration can be modified via a communication interface (1 1, 28) with an external device,

a microcontroller (14, 14 ', 221) whose configuration can be modified;

the smart card (1, 1 ', 20) being characterized in that the secure element (10, 21) is configured to configure the microcontroller (14, 14', 221).

2. Smart card according to claim 1, wherein the secure element is configured to verify the configuration of the microcontroller.

3. Smart card according to claim 1 or 2, wherein the microcontroller is a wireless communication manager.

The smart card of claim 3, wherein the configuration of the microcontroller defines a wireless communication service.

5. Smart card according to any one of the preceding claims, wherein the configuration of the microcontroller defines rules relating to the routing of data by the microcontroller.

A smart card according to any one of the preceding claims, wherein the configuration of the microcontroller indicates a datum or type of data or a service that the microcontroller is allowed to obtain from the secure element or from an external device.

7. Smart card according to claim 6, wherein the configuration of the microcontroller specifies a period of validity of said datum or type of data, after which the data can no longer be used by the microcontroller or a period of validity of said microcontroller service, at the end of which said service can no longer be used by the microcontroller.

The smart card of claim 6 or 7, wherein the configuration of the microcontroller specifies the write mode to be used by the microcontroller to store said data or said service.

A smart card according to any one of the preceding claims, wherein the configuration defines rules for implementing secure countermeasures by the microcontroller in response to detecting an attack.

10. Smart card according to any one of the preceding claims, wherein the secure element is configured to authenticate the microcontroller, the configuration of said microcontroller can not be changed after authentication of the microcontroller by the secure element.

11. Smart card according to any one of the preceding claims, wherein the microcontroller is configured to apply a modified configuration by the secure element to detection of a predefined event.

12. Smart card according to any one of the preceding claims, wherein the secure element is configured to configure the microcontroller to detect a predefined event.

A smart card according to any one of the preceding claims, wherein the secure element is configured to configure the microcontroller at the first power up of the smart card following the end of an initial configuration of the secure element. via the communication interface or following the end of the configuration of the secure element via the communication interface.

A smart card according to any one of the preceding claims, wherein the communication interface is a contact communication interface according to ISO 7816 or a contactless communication interface according to ISO 14443 and / or ISO 15693.

15. A method of personalizing a smart card comprising:

a microcontroller whose configuration can be modified;