TWI435274B - A composite chip card with a security interface and a method for controlling the same - Google Patents

Description

Composite wafer card with security protection interface and control method

The invention discloses a composite wafer card and a control method with a security protection interface, in particular to a composite wafer card combined with an induction coil, a wafer module and a security protection interface and a control method thereof.

With the full advancement and high level of competition in the world economy, plastic money has become an indispensable tool for people in all advanced regions and developing countries to use widely in consumption, payment and various commercial transactions. Its importance has long been comparable to real money.

In recent years, due to the continuous evolution and miniaturization of integrated circuits, plastic money has also benefited. In order to increase the function and applicability of plastic money, the combination of late-night and micro-integrated circuits has produced wafer cards; With the needs of consumers, and continuous improvement, from contact cards, such as credit cards, ATM cards and health insurance cards, to non-contact cards, such as leisure cards, sensory access cards, etc., now more complex Cards come out, such as Visa Wave cards issued by VISA, smart ID cards and e-wallets.

The technical principle of this type of contactless card is Radio Frequency Identification (RFID). The operation principle of RFID is as shown in the first figure. The system consists mainly of at least one label A10 and one. The reader A20 and the host A30, the label A10 is used to store various information of the user, and the reader A20 is a tool for reading information from the label A10 or storing the information into the label A10, the reader A20 The read data is transmitted to the host A30, and different applications are used to interpret the information to assist the user in making quick and correct decisions. The tag A10 further includes a radio frequency module A11, a microprocessor A12, and an electronically readable and writable read-only memory (hereinafter referred to as EEPROM) A13. When the radio wave emitted by the reader A20 generates an "alternating magnetic field", the radio frequency module A11 of the tag A10 and the microprocessor A12 are activated, and the EEPROM A13 information in the tag is transmitted back to the reader. A20, the reader A20 transmits the data to the host A30 through the line or the network.

The label A10 can be divided into active and passive. The active label A10 contains a battery, and can transmit information to the reader A20 at any time. It has a long communication distance and can store large memory, but the price is high. The power of the passive tag A10 comes from the electric wave emitted by the reader A20 to generate the induced micro-current to the tag A10 to supply its power, and then the information is transmitted back to the reader A20 by the electric wave, so the communication distance is short. The advantage of the passive label A10 is that it does not require an external battery, and can achieve the advantages of small size, low price, long life and digital information portability. The passive tag A10 antenna is built-in to sense and generate radio frequency radio waves to send and receive data.

The reader A20 also includes a radio frequency module A21 and a microprocessor A22. The function of the host A30 and the application program is to control the data transceiving, identification and management of the reader A20.

Currently, the ISO standards commonly used in the RFID industry include the ISO 14443 "Proximity Coupling Smart Cards" standard and the ISO 15693 "Vicinity Coupling Smart Cards" standard. ISO 14443 defines the distance within 10cm to read the smart card operating standard in a contactless manner. Generally, the mass transit fare card is this type; ISO 15693 specifies the operating standard for reading distances up to 1 meter. The access card is the product of this type. The above two standard specification application areas are mostly used on smart cards, and Table 1 compares the characteristics of the two specifications.

In addition, ISO 18000 Series Item Management is the first international standard for logistics system wireless communication technology. In view of the importance of Supply Chain Management, ISO has specially planned a series of 18000 standards by ISO/IEC group. Specifies the RFID Air interface guidelines for Item Management. At present, the ISO 18000 series contains the following important standards as shown in Table 2. The most important one is the 18000-6 specification. The frequency of the specification is 860~930MHZ, which is the best choice for Logistic Management. It has become the international Supply Chain RFID application. An important standard for technology.

Next, the VISA WAVE trading specification is mentioned. The Visa Wave transaction amount is “free of signature” under NT$3,000, which speeds up the convenience of cardholders in small-scale access. Secondly, Visa Wave issuing bank can decide whether the processing procedure of Visa Wave transaction is a general "connection transaction" or a fast "offline transaction" according to the risk control requirements. The security of offline transactions and connected transactions is the same, because each Visa Wave card has the function of “accounting for risk amount”. After the total accumulated amount of transactions exceeds a certain amount, the system will be transferred to the company when the transaction is executed. Line transactions, through the terminal and the issuing bank to confirm the procedures to strengthen the payment security of the cardholder.

The connection transaction is currently the main transaction mode. Each transaction needs to be sent back to the issuing bank through the terminal, and the transaction can be completed and confirmed by the bank; therefore, the transaction speed is about 30 seconds. Offline trading is a trading model designed for small transactions or merchants that need to check out quickly. When the cardholder makes an offline transaction, the transaction does not need to be sent back to the issuing bank to be authorized to complete the transaction, so the transaction speed is faster. It is about 2 to 5 seconds.

Although the current composite chip card has established a number of advanced encryption mechanisms in the chip card, and uses Dynamic Data Authentication (DDA) function, it improves the security during transaction and data transmission, and effectively prevents transaction data. The possibility of being stolen and recorded, but the average consumer usually carries the card with him for the convenience of use, and because the composite chip card can also use wireless signal sensing, it has caused the unscrupulous to wirelessly transmit. It is difficult to prevent the use of the information from the sensor, and it is difficult to prevent it. How to prevent the data of the composite wafer card from being stolen and caused it to be stolen is a serious and urgent issue.

The present invention addresses a need for a simple and effective security protection interface device and method, thereby reducing the risk of consumer data being stolen and the chip card being stolen, thereby improving the carrying and use of the composite wafer card. Time security.

Therefore, in view of the foregoing problems and needs, the inventors have accumulated years of experience, and exerted imagination and creativity. After continuous trial and modification, the present invention has a composite wafer card and control method with a security protection interface. .

A first object of the present invention is to provide a composite wafer card having a security protection interface, the composite wafer card comprising at least one induction coil, at least one wafer module and at least one security protection interface, the security protection interface further comprising an induction The safety protection module and a control unit, the inductive safety protection module can initiate a security protection mechanism to conduct transactions, so as to improve the security of the use of the composite wafer card.

A second object of the present invention is to provide a composite wafer card having a security protection interface, the composite wafer card comprising at least one induction coil, at least one wafer module and at least one security protection interface, the security protection interface further comprising a mechanical Safety protection module and a control unit, the mechanical safety protection module can control the transaction by changing the mechanical structure to improve the safety of the composite wafer card.

A third object of the present invention is to provide a method for controlling a composite wafer card having a security protection interface. When the composite wafer card having the security protection interface is used for transaction, the security protection interface of the composite wafer card must be activated first. The transaction is carried out to improve the security of the use of the composite wafer card.

The present invention discloses a device for a composite wafer card having a secure interface, comprising a carrier, at least one inductive coil having an electrical wave transceiving function, at least one wafer module, and at least one security protection interface.

The induction coil is disposed on the carrier; the wafer module is also disposed on the carrier and electrically connected to the induction coil.

The security protection interface is also disposed on the carrier, and the security protection interface further comprises a security protection module connected to the chip module and a control unit connected to the security protection module, wherein the security protection module can be an inductive Safety protection module or a mechanical safety protection structure.

The present invention further discloses a method for using a composite wafer card having a security protection interface. When applied to a contactless transaction, the method firstly causes a user to contact a composite wafer card to issue a related system to enable the composite. The chip card further includes the steps of authenticating the user-related information and setting the dynamic data authentication function of the composite wafer card; secondly, launching a security protection interface of the composite wafer card, including setting and storing the security protection interface actuation condition and The step of opening its function; then performing a contactless payment transaction with a for-profit unit of a contactless payment system by means of a composite wafer card, including suspending the security interface and utilizing one of the contactless payment systems to sense, receive and The information of the user and the transaction is authenticated, a transaction authentication is further generated to complete the transaction, and finally the security protection interface of the composite chip card is restarted.

Therefore, the composite wafer card and the control method with the security protection interface of the invention reduce the possibility that the composite wafer card can be prevented from being recorded or stolen during carrying and use, thereby improving the safety of use thereof.

The invention will be further understood by the following detailed description of the invention and the appended claims.

The details and techniques of the present invention are described below in conjunction with the drawings:

In order to achieve the above purpose and effect, the inventor combines the security protection interface with the conventional inductive chip card, and conceives various security protection mechanisms and improves the degree of security protection, and initially obtains a composite with the security protection interface of the present invention. Chip card and control method. A composite wafer card having a security protection interface according to a first preferred embodiment of the present invention, a composite wafer card having a security protection interface according to a second preferred embodiment, and a composite having a security protection interface Chip card control method for the present invention The system structure and control methods are described in detail. The preferred embodiments of the present invention are described in detail below with reference to the drawings.

Please refer to FIG. 2A and FIG. 2B respectively, which are schematic diagrams of the first preferred embodiment of the composite wafer card with security protection interface of the present invention, and a block diagram of the components. As shown in the figure, the composite wafer card 10 having a security protection interface includes a carrier 100. The carrier 100 is provided with an induction coil 110, a wafer module 120 and a security protection interface 130.

The induction coil 110 has a radio wave transmitting and receiving function; the chip module 120 is electrically connected to the induction coil 110; the security protection interface 130 includes an inductive security protection module 132 and a control unit 134; the inductive security protection module The control module 134 is coupled to the inductive security protection module 132 for controlling the actuation of the inductive security protection module 132. The sensing unit 134 is coupled to the inductive security protection module 132 for controlling the activation and operation of the inductive security protection module 132. The security protection module 132 can be selected as a light-sensing, heat-sensitive, human body resistance sensing mode or a fingerprint-sensing security protection module 132. The setting and storage activation conditions of the control unit 134 are enabled and opened by the control unit 134. Or turn off the security feature.

In the first preferred embodiment, the inductive security protection module 132 can be selected as a light-sensing, heat-sensitive, human body resistance sensing mode or a fingerprint-sensing security protection module 132. And the implementation of the introduction.

The first is the light-sensitive security protection module. The commonly used light sensing methods are visible light sensing and infrared light sensing. In the visible light sensing mode, since the visible light is a natural emission source, as long as the visible light inductive safety protection module is exposed to visible light, the safety protection mechanism can be opened for trading. The advantage of using the visible light inductive safety protection module is that when the wafer card 10 is normally stored in a wallet or a pocket, since the light source is blocked, the light-sensitive security protection module cannot be traded without contact with visible light, and the wafer must be processed. The card 10 is taken out of the wallet or pocket and is exposed to visible light for trading purposes, so the likelihood that the wafer card 10 will be side-recorded or cracked will be greatly reduced.

In addition, in the infrared light-sensitive safety protection module, since the infrared light has a linear directivity and also has the invisibility of invisible light, the infrared light has excellent anti-noise as long as it is properly modulated. interference. The advantage of using the infrared light-sensing security protection module is that the wafer card 10 is exposed to visible light, and as long as there is no infrared light, the security protection module will not open the transaction, so the infrared light-sensitive security protection The module is more secure than the visible-light security module.

Followed by the thermal inductive safety protection module, since the body temperature of the general human body is 35 ° C ~ 38 ° C, as long as the body temperature under normal conditions of the user is set and stored via the control unit 134, when the user touches the skin through the skin, the heat-sensitive safety protection In the case of the module, if the detected body temperature meets the information stored by the control unit 134, the security protection module will open the transaction, increase the security of use, and prevent the wafer card 10 from being recorded or cracked.

In addition, the human body resistance-inductive safety protection module has a resistance value of 10,000 to one million ohms in normal human skin. Similarly, as long as the skin resistance of the user under normal conditions is set and stored via the control unit 134, the user When the body resistance inductive safety protection module is touched through the skin, if the detected resistance meets the information stored by the control unit 134, the security protection module will open the transaction, increase the security of use, and avoid the wafer card 10 Was recorded or stolen.

Finally, for the fingerprint-sensing security protection module, the user's fingerprint is set and stored via the control unit 134. When the user touches the fingerprint-sensing security protection module via the finger, if the detected fingerprint meets the storage of the control unit 134 Information, the security protection module will open the transaction, increase the security of use, to prevent the chip card 10 from being recorded or cracked.

Please refer to FIG. 3A and FIG. 3B respectively, which are schematic diagrams of the second preferred embodiment of the composite wafer card with security protection interface according to the present invention. As shown in the figure, the composite wafer card 20 having a security protection interface includes a carrier 200. The carrier 200 is provided with an induction coil 210, a wafer module 220 and a security protection interface 230.

Similarly, the induction coil 210 has a radio wave transceiving function; the chip module 220 is electrically connected to the induction coil 210; the security protection interface 230 includes a mechanical security protection module 232 and a control unit 234; The protection module 232 is connected to the chip module 220 to control the opening and actuation of the chip module 220. The control unit 234 is connected or covered on the mechanical safety protection module 232 for controlling the mechanical safety protection module. The mechanical safety protection module 232 can be selected as a push-type and pressure-measuring safety protection module 232, and can be turned on or off or controlled by the control unit 234.

In the second preferred embodiment, the mechanical safety protection module 232 can be selected as a push type safety protection module 232' and a pressure measurement safety protection module 232'. The following are the principles of these mechanical action modes and The implementation is introduced.

Firstly, the push-type safety protection module 232', as shown in the fourth figure, the control unit 234' is overlaid on the push-type safety protection module 232', usually in the case of no transaction, push-type safety protection The module 232' is not connected to the chip module 220', and when the external force is applied to the control unit 234', the push-type safety protection module 232' will mechanically change the position due to the external force. The wafer module 220' generates circuit connections whereby the security protection mechanism is enabled for transactions.

Next, the pressure measurement type safety protection module 232'`, please refer to the fifth figure, the control unit 234`` is over the pressure measurement type safety protection module 232'`, and the pressure measurement type safety The protection module 232'` further includes a pressure measuring unit 233, and when an external force is applied to the control unit 234', the pressure measuring unit 233 of the pressure measuring safety protection module 232'' will receive External pressure, when the pressure value exceeds the preset value of the pressure measurement safety protection module 232'`, the pressure measurement safety protection module 232'' will be connected with the wafer module 220'. It is possible to open a security protection mechanism to conduct transactions.

In addition, since the composite wafer card 20 is usually placed in the wallet and the wallet is placed in the user's pocket, the user may accidentally touch the machine when moving or hand strapping. The security protection module 232 opens the security protection mechanism, and the chance of the composite wafer card 20 being stolen or recorded is greatly increased. To avoid this, the wafer module 220 can be coupled to an inductive security module (such as 132 in the second A and second B). The control unit 234 is connected to the inductive security protection module for controlling the operation of the inductive security protection module. The inductive security protection module can be selected as a light-sensing, thermal-sensing, human body resistance sensing mode or fingerprint-sensing security protection module, via the setting and storage enabling conditions of the control unit 234, and using the control unit 234 Turn security protection on or off.

In this way, under the mechanism with two safety protections, although the mechanical safety protection module 232 is accidentally touched to open the safety protection mechanism, the inductive safety protection module still prohibits the opening of the safety protection mechanism, effectively reducing the composite type. The wafer card 20 is stolen or sidetracked.

Corresponding to the above-mentioned device for a composite wafer card with a security protection interface, the present invention also discloses a composite wafer card control method with a security protection interface. Please refer to the sixth figure, and the main steps for the preferred implementation of the method are detailed. Said.

As shown in the figure, when the device of the composite wafer card is applied to the contactless transaction, as shown in step 301, first, a user of a composite wafer card contacts a composite wafer card to issue a related system, and applies to enable the composite. The wafer card includes the following steps: authenticating the relevant data of the user; and setting a dynamic data authentication function of the composite wafer card as shown in step 303.

Then, as shown in step 401, a mechanical security protection interface on the composite wafer card is activated. The method includes the step 402: first setting the operating condition of the mechanical security interface on the composite wafer card (for example, for mechanical The safety protection interface is pressed once or a certain pressure is applied, etc.; then, as shown in step 403, the mechanical safety protection interface actuation condition is stored; thereafter, as shown in step 404, the mechanical safety protection interface function is turned on.

In addition, after step 403, the method further includes the step of initiating an inductive security interface on the composite wafer card, the step comprising first setting an operating condition of the inductive security interface on the composite wafer card (eg, an environment) Light source sensing, ambient temperature sensing, human body resistance sensing and fingerprint detection, etc., and the function of the inductive safety protection interface is activated after storing the inductive safety protection interface.

Then, as shown in step 500, a contactless payment transaction is performed by a companion unit associated with a contactless payment system by the composite wafer card; as shown in step 501, the security protection interface of the composite chip card is first suspended; As shown in step 502, the terminal device of the contactless payment system senses and receives information about the composite chip card, including personal related information of the user and related information of the contactless payment transaction; Step 503, the above information is authenticated by the contactless payment system; as shown in step 504, the correctness of each personal related information of the user and the related information of the contactless payment transaction is determined; When the information is completely correct, the relevant information value is accepted, and the next step 505 is performed; when any of the related information is incorrect, the final step is directly performed.

As shown in step 505, the dynamic data authentication function is used to generate a transaction authentication for the contactless payment transaction, the transaction authentication is a single independent transaction authentication, and the transaction authentication can be selected by the terminal device of the contactless system to display or directly print; Then, as shown in step 506, the contactless payment transaction is completed; finally, as shown in step 507, the security protection interface of the composite wafer card is restarted.

In summary, when the invention of the case has been industrially utilized, novel and progressive, it meets the requirements of the invention patent. The above is only the preferred embodiment of the invention, and is not intended to limit the scope of the invention. And the equivalent variations and modifications made by the scope of the invention are covered by the scope of the invention.

The inventor has been continually conceived and modified to finally obtain the design of the present invention, and possesses the above-mentioned many advantages. It is an excellent invention, and should conform to the requirements of the invention patent, and the application is made, and the review committee can give the invention early. Patents to protect the rights of inventors.

10, 20. . . Composite wafer card

100, 200, 200`, 200``. . . Carrier

110, 210, 210`, 210``. . . Induction coil

120, 220, 220`, 220``. . . Chip module

130, 230. . . Security interface

132. . . Inductive safety protection module

134, 234, 234`, 234``. . . control unit

232. . . Mechanical safety protection module

232`. . . Push-type safety protection module

232``. . . Pressure measurement safety protection module

233. . . Pressure measuring unit

301 ~ 303, 401 ~ 404, 500 ~ 507. . . Implementation steps of a method for using a security protection interface for a composite wafer card

The first diagram is a conventional RFID operation principle; the second diagram is a schematic diagram of a first preferred embodiment of a composite wafer card having a security protection interface; and the second diagram B is a A block diagram of the first preferred embodiment of the composite chip card of the security protection interface; and a third diagram of the second preferred embodiment of the composite wafer card having the security protection interface of the present invention The third diagram is a block diagram of the component of the second preferred embodiment of the composite wafer card having the security protection interface of the present invention; and the fourth diagram is a schematic diagram of the structure of a push-type security protection module; The fifth figure is a structural schematic diagram of a pressure measurement type safety protection module; and the sixth figure is a flow chart of a composite wafer card control method with a safety protection interface according to the present invention.

301 ~ 303, 401 ~ 404, 500 ~ 507. . . Composite wafer card control step with security protection interface of the present invention

Claims (10)

A composite wafer card having a security protection interface includes: a carrier; at least one induction coil having a function of transmitting and receiving waves, disposed on the carrier; at least one chip module disposed on the carrier, and the chip module Electrically connected to the induction coil having a radio wave transmitting function; at least one security protection interface is disposed on the carrier, the security protection interface includes: a mechanical security protection module coupled to the chip module for controlling Opening and operating of the chip module; a control unit connected to the mechanical security module to control the operation of the mechanical security module; and an inductive security module coupled to the chip module The control module is connected to the control unit, and the control unit controls the actuation of the inductive safety protection module. A composite wafer card having a security protection interface according to claim 1, wherein the mechanical security protection module is selectively a pressure-type security protection module and a pressure measurement security protection Module. A composite wafer card having a security protection interface as described in claim 1, wherein the inductive security protection module is selectively The utility model relates to a light-sensing safety protection module, a heat-sensing safety protection module, a human body resistance safety protection sensor module and a fingerprint safety protection module. A method for controlling a composite wafer card with a security protection interface, when applied to contactless transactions, the steps include: (A) one of the composite wafer cards contacts a one of the composite wafer cards to issue a related system, enabling The composite wafer card; (B) starting a mechanical security protection interface on the composite wafer card and an inductive security protection interface, comprising: (Ba) setting the mechanical security interface on the composite wafer card And operating conditions of the inductive safety protection interface; (Bb) storing the mechanical safety protection interface and the inductive safety protection interface actuation condition; and (Bc) opening the mechanical safety protection interface and the inductive safety protection interface; And (C) performing a contactless payment transaction with the for-profit unit associated with a contactless payment system by the composite wafer card. The method for controlling a composite wafer card having a security protection interface according to the fourth aspect of the invention, wherein the operating condition of the inductive security protection interface is selectively for ambient light source sensing, ambient temperature sensing, and human body Resistance sensing and fingerprint detection. As described in claim 4, a security protection interface is provided. The method for controlling a composite wafer card, wherein the step of enabling the composite wafer card further comprises: (Aa) authenticating the relevant information of the user; and (Ab) setting a dynamic data authentication function of the composite wafer card. The method for controlling a composite wafer card having a security protection interface according to claim 4, wherein the step (C) further comprises the step of: (Ca) suspending the security protection interface of the composite wafer card; (Cb) Using a terminal device of the contactless payment system to sense and receive information about the composite chip card, including personal related information of the user and related information of the contactless payment transaction; (Cc) by using the The contact payment system authenticates the above information; (Cd) uses the dynamic data authentication function to generate a transaction authentication for the contactless payment transaction; (Ce) completes the contactless payment transaction; and (Cf) restarts the composite wafer card Security interface. The method for controlling a composite wafer card with a security protection interface according to claim 7, wherein the step (Cc) further comprises determining the personal related information of the user and the related information of the contactless payment transaction. The correctness of the information, when the relevant information is completely correct, accept the relevant information value, and perform step (Cd). When any of the related information is incorrect, the step (Cf) is directly performed. A composite wafer card control method with a security protection interface as described in claim 7, wherein the transaction authentication of the step (Cd) is a single independent transaction authentication. A composite wafer card control method with a security protection interface according to claim 7, wherein the transaction authentication of the step (Cd) selectively utilizes the terminal device display and the printer of the contactless system. .