1. Patent Search
  2. Details

SMARTCARD AND METHOD FOR CONTROLLING A SMARTCARD

20170323166 · 2017-11-09

    Inventors

    Cpc classification

    International classification

    Abstract

    A smart card 102 may include a processor for controlling operation of the smartcard, a biometric sensor for identification of an authorised user, and an accelerometer for sensing movements of the smartcard. The processor may be arranged to permit access to one or more secure feature(s) of the smartcard based on the movements sensed by the accelerometer and authentication of the user's identity via the biometric sensor.

    Claims

    1. A smartcard comprising: a processor for controlling operation of the smartcard; a biometric sensor for identification of an authorised user; and an accelerometer for sensing movements of the smartcard; wherein the processor is arranged to permit access to one or more secure feature(s) of the smartcard based on the movements sensed by the accelerometer and authentication of the user's identity via the biometric sensor.

    2. A smartcard as claimed in claim 1, wherein the smartcard is arranged so that the user can enroll a movement pattern for later use in authentication of the user's identity as a part of the activation process for the secure feature(s).

    3. A smartcard as claimed in claim 2, wherein the processor requires a combination of biometric authorisation and matching of a movement pattern to an enrolled movement pattern before access to the secure feature(s) of the card is permitted.

    4. A smartcard as claimed in claim 3, wherein the processor is arranged to receive and record a movement pattern that is to be enrolled to the card by receiving and recording data output from the accelerometer.

    5. A smartcard as claimed in claim 3, wherein the processor is arranged to transmit the accelerometer output data produced by the movement pattern from the card during enrolment so that it can be recorded in an external database.

    6. A smartcard as claimed in claim 5, comprising at least one added mass/stiffness element intended to provide the smartcard with differing vibration characteristics compared to other smartcards with different mass/stiffness elements so that each individual smartcard has a unique vibration pattern.

    7. A smartcard as claimed in claim 1, wherein the smartcard is arranged to allow the user to set their own movements and or combinations of movements and to associate them with particular changes to the operating mode of the smartcard.

    8. A smartcard as claimed in claim 7, comprising an added mass/stiffness element intended to provide the smartcard with differing vibration characteristics compared to other smartcards with different mass/stiffness elements so that each individual smartcard has a unique vibration pattern.

    9. A smartcard as claimed in claim 1, wherein the accelerometer is a micro-machined accelerometer.

    10. A smartcard as claimed in claim 1, wherein the accelerometer is a piezoelectric device.

    11. A smartcard as claimed in claim 1 wherein the smartcard is arranged to enable the authorised user to initially enroll their fingerprint onto the smartcard via a fingerprint sensor as the biometric sensor, and to thereafter require an enrolled finger or thumb to be placed on the fingerprint sensor in order to allow the processor to identify the authorised user.

    12. A smartcard as claimed in claim 1, wherein in the event of a failure of biometric authorisation or failure to enroll a user via the biometric sensor then the smartcard is arranged to accept a pre-set movement pattern detected via the accelerometer as a back-up for biometric authorisation.

    13. A smartcard as claimed in claim 10, wherein in the event of a failure of biometric authorisation or failure to enroll a user via the biometric sensor then the smartcard is arranged to accept a pre-set movement pattern detected via the accelerometer as a back-up for biometric authorisation.

    14. A method for controlling a smartcard, the smartcard comprising: a processor for controlling operation of the smartcard; a biometric sensor for identification of an authorised user; and an accelerometer for sensing movements of the smartcard, wherein the method comprises: detecting movements of the smartcard using the accelerometer and the processor, identifying an authorised user of the smartcard via the biometric sensor, and permitting access to one or more secure feature(s) of the smartcard based on the movements sensed by the accelerometer and authentication of the user's identity via the biometric sensor.

    15. A method as claimed in claim 14, wherein the movements sensed by the accelerometer are affected by the location of the accelerometer and by the presence of added components acting as mass/stiffness elements so that each individual smartcard has a unique vibration pattern.

    16. A method as claimed in claim 14, including using an enrolment mode of the processor and recording biometric data and/or movement pattern data during the enrolment mode, with the recorded data being used for later matching with data provided by the biometric sensor and/or the accelerometer during authentication of the user.

    17. A method as claimed in claim 14, wherein the processor requires a combination of biometric authorisation and matching of a movement pattern to an enrolled movement pattern before access to the secure feature(s) of the card is permitted.

    18. A method of manufacturing one or more smartcard(s) comprising: providing the or each smartcard with a processor for controlling operation of the smartcard; providing the or each smartcard with a biometric sensor for identification of an authorised user; and providing the or each smartcard with an accelerometer for sensing movements of the smartcard; wherein the processor is arranged to permit access to one or more secure feature(s) of the smartcard based on the movements sensed by the accelerometer and authentication of the user's identity via the biometric sensor.

    19. A method of manufacturing one or more smartcard(s) as claimed in claim 18, comprising manufacturing multiple smartcards using the same process whilst varying the location of the accelerometer and/or adding mass/stiffness elements with differing characteristics and/or at differing locations to the smartcards so that each individual smartcard has a unique vibration pattern.

    20. A computer programme product comprising instructions that, when executed on a processor in a smartcard as claimed in claim 1, will cause the processor to detect movements of the smartcard using the accelerometer, identify an authorised user of the smartcard via the biometric sensor, and permit access to one or more secure feature(s) of the smartcard based on the movements sensed by the accelerometer and authentication of the user's identity via the biometric sensor.

    Description

    BRIEF DESCRIPTION OF THE DRAWINGS

    [0040] Certain preferred embodiments of the present invention will now be described in greater detail, by way of example only and with reference to the accompanying drawings, in which:

    [0041] FIG. 1 a circuit for a smartcard incorporating an accelerometer along with a biometric sensor in the form of a fingerprint scanner;

    [0042] FIG. 2 illustrates a smartcard with an external housing; and

    [0043] FIG. 3 shows an example laminated type smartcard.

    DETAILED DESCRIPTION

    [0044] By way of example the invention is described in the context of a card that uses contactless technology and, in the illustrated embodiment, uses power harvested from the reader. These features are envisaged to be advantageous features of the proposed movement sensitive smartcards, but are not seen as essential features. The smartcard may hence alternatively use a physical contact and/or include a battery providing internal power, for example.

    [0045] FIG. 1 shows the architecture of a smartcard 102 with the proposed accelerometer 16. A powered card reader 104 transmits a signal via an antenna 106. The signal is typically 13.56 MHz for MIFARE® and DESFire® systems, manufactured by NXP Semiconductors, but may be 125 kHz for lower frequency PROX® products, manufactured by HID Global Corp. This signal is received by an antenna 108 of the smartcard 102, comprising a tuned coil and capacitor, and then passed to a communication chip 110. The received signal is rectified by a bridge rectifier 112, and the DC output of the rectifier 112 is provided to processor 114 that controls the messaging from the communication chip 110.

    [0046] A control signal output from the processor 114 controls a field effect transistor 116 that is connected across the antenna 108. By switching on and off the transistor 116, a signal can be transmitted by the smartcard 102 and decoded by suitable control circuits 118 in the reader 104. This type of signalling is known as backscatter modulation and is characterised by the fact that the reader 104 is used to power the return message to itself.

    [0047] The accelerometer 16 is connected in an appropriate way to the processor 114. The accelerometer 16 can be a Tri-axis Digital Accelerometer as provided by Kionix, Inc. of Ithaca, N.Y., USA and in this example it is the Kionix KXCJB-1041 accelerometer. The accelerometer senses movements of the card and provides an output signal to the processor 114, which is arranged to detect and identify movements that are associated with required operating modes on the card as discussed below. This includes activating secure features of the card, which can be done based on a movement or sequence of movements and optionally is done in conjunction with biometric authorisation. The accelerometer 16 may be used only when power is being harvested from the powered card reader 104, or alternatively the smartcard 102 may be additionally provided with a battery (not shown in the Figures) allowing for the accelerometer 16, and also the related functionalities of the processor 114 and other features of the device to be used at any time.

    [0048] A fingerprint authentication engine 120 is connected to the processor 114 in order to allow for biometric authentication of the user based on a finger or thumb print. The fingerprint authentication engine 120, can be powered by the antenna 108 so that the card is a fully passive smartcard 102. In that case the fingerprint identification of an authorised user is only possible whilst power is being harvested from the card reader 104. In an alternative arrangement the smartcard 102 may be additionally provided with a battery (not shown in the Figures) allowing for the fingerprint authentication engine 120, and also the related functionalities of the processor 114 to be used at any time.

    [0049] As used herein, the term “passive smartcard” should be understood to mean a smartcard 102 in which the communication chip 110 is powered only by energy harvested from an excitation field, for example generated by the card reader 118. That is to say, a passive smartcard 102 relies on the reader 118 to supply its power for broadcasting. A passive smartcard 102 would not normally include a battery, although a battery may be included to power auxiliary components of the circuit (but not to broadcast); such devices are often referred to as “emi-passive devices”.

    [0050] Similarly, the term “passive fingerprint/biometric authentication engine” should be understood to mean a fingerprint/biometric authentication engine that is powered only by energy harvested from an excitation field, for example the RF excitation field generated by the card reader 118.

    [0051] It should be noted that in alternative embodiments battery powered and hence non-passive smartcards may be provided and may have the same features in relation to the accelerometer, fingerprint sensor and so on. With these alternatives the smartcard can have the same features aside from that the use of harvested power is replaced by the power from a battery that is contained within the card body. The card body can be a card housing 134 as shown in FIG. 2 or a laminated card body 140 as shown in FIG. 3.

    [0052] The antenna 108 comprises a tuned circuit including an induction coil and a capacitor, which are tuned to receive an RF signal from the card reader 104. When exposed to the excitation field generated by the reader 104, a voltage is induced across the antenna 108.

    [0053] The antenna 108 has first and second end output lines 122, 124, one at each end of the antenna 108. The output lines of the antenna 108 are connected to the fingerprint authentication engine 120 to provide power to the fingerprint authentication engine 120. In this arrangement, a rectifier 126 is provided to rectify the AC voltage received by the antenna 108. The rectified DC voltage is smoothed using a smoothing capacitor and supplied to the fingerprint authentication engine 120.

    [0054] The fingerprint authentication engine 120 includes a fingerprint processor 128 and a fingerprint reader 130, which can be an area fingerprint reader 130 mounted on a card housing 134 as shown in FIG. 2 or fitted so as to be exposed from a laminated card body 140 as shown in FIG. 3. The card housing 134 or the laminated body 140 encases all of the components of FIG. 1, and is sized similarly to conventional smartcards. The fingerprint authentication engine 120 can be passive and hence powered only by the voltage output from the antenna 108, or there may be battery power as mentioned above. The fingerprint processor 128 comprises a microprocessor that is chosen to be of very low power and very high speed, so as to be able to perform biometric matching in a reasonable time.

    [0055] The fingerprint authentication engine 120 is arranged to scan a finger or thumb presented to the fingerprint reader 130 and to compare the scanned fingerprint of the finger or thumb to pre-stored fingerprint data using the fingerprint processor 128. A determination is then made as to whether the scanned fingerprint matches the pre-stored fingerprint data. In a preferred embodiment, the time required for capturing a fingerprint image and authenticating the bearer of the card 102 is less than one second.

    [0056] If a biometric match is determined and/or if appropriate movements are detected via the accelerometer 16, then the processor 114 takes appropriate action depending on its programming. In this example a fingerprint authorisation process and optionally a further authentication via the accelerometer 16 is required to enable use of the smartcard 104 with the contactless card reader 104. Thus, the communication chip 110 is only authorised to transmit a signal to the card reader 104 when a fingerprint match is made and, in some cases, this authorisation may also require an added layer of authentication from accelerations detected by the accelerometer 16. Thus the processor 114 may only authorise the communication chip 110 to transmit if there is both a biometric match and a match between a movement pattern detected by the accelerometer 16 with a movement pattern enrolled on the card 102. The communication chip 110 transmits the signal by backscatter modulation.

    [0057] The processor 114 receives the output from the accelerometer 16 and this allows the processor 114 to determine what movements of the smartcard 102 have been made. The processor 114 identifies pre-set movements that are linked with required changes to the operating mode of the smartcard 102. As discussed above, the movements may include any type of or combination of rotation, translation, acceleration, jerk, impulse and other movements detectable by the accelerometer 16.

    [0058] The movements detected by the accelerometer 16 are further influenced by the construction and geometry of the smartcard 102. For example, a smartcard 102 with a housing 134 as in FIG. 2 will behave differently to a smartcard 102 with a laminated body 140 as in FIG. 3 in terms of their natural frequency and their dynamic reaction to a given movement. The same will apply to differently manufactured cards of the same basic type, so that laminated cards produced by different manufacturers and or by different processes will react differently.

    [0059] This means that the use of an extra layer of authentication requiring movements detected by the accelerometer 16 to match movements enrolled by the accelerometer 16 is very powerful. If a “fake” card is produced fraudulently and the fraudster has managed to copy data concerning the user's movement patterns, with this data being “injected” into the microprocessor of the “fake” card, the resonance of the new card is different from the original card, so therefore it cannot be hacked and if the fraud involves switching a genuine card for a fake of similar appearance but different construction (for example, this might be common in the case of access or ID cards) then the fake will be found out since the authorised user will find that their own card is inoperable and notify the issuing authority by requesting a new card. If another user tries to use the original card by following the owner's tap sequence, the manner in which the fraudulent user holds the card (after successfully creating a false biometric acceptance), and his/her tapping mannerisms ultimately create a different resonance. Even if the same sequence of movements is made, the accelerometer 16 will detect movements with different characteristics if the card or the manner of holding the card is different in any way. Thus, movement patterns enrolled via the accelerometer 16 will be unique to both the user and to the individual smartcard 102.

    [0060] The movement patterns enrolled via the accelerometer 16 may be stored in a memory at the card 102 (for example as a part of the processor 114) and/or in an external database. Since the accelerometer output signal for the movement patterns can be unique to each card then it unlike biometric data the risk to security from permitting the data to be stored off the card is less, and an additional check on the authenticity of the card itself can be performed by checking the accelerometer data in an external database with accelerometer data on the card.

    [0061] The operating modes that the processor 114 activates or switches to in response to an identified movement associated with the required change in operating mode may include any mode of operation as discussed above, including turning the card on or off, activating secure aspects of the card 102 such as contactless payment and/or communications with the card reader 104, or changing the basic functionality of the card 102 for example by switching between operating as an access card, a payment card, a transportation smartcard, switching between different accounts of the same type (e.g. two bank accounts), switching between communications protocols (such as blue tooth, Wifi, NFC) and/or activating a communication protocol, activating a display such as an LCD or LED display, obtaining an output from the smartcard 102, such as a one-time-password or the like, or prompting the card 102 to automatically perform a standard operation of the smartcard 102. It will be appreciated that the smartcard 102 can readily be programmed with any required characteristics in terms of the action taken in reaction to events detected by the accelerometer 16.

    [0062] The processor 114 has a learn mode to allow for the user to specify which movements (including combinations of movements) should activate particular operating modes. In the learn mode the processor 114 prompts the user to make the desired sequence of movements, and to repeat the movements for a predetermined set of times. These movements are then allocated to the required operating mode. The processor 114 can implement a dropped card mode and/or a biometric failure back up mode as discussed above.

    [0063] In some circumstances, the owner of the biometric smartcard 102 may suffer an injury resulting in damage to the finger that has been enrolled on the card 102. This damage might, for example, be a scar on the part of the finger that is being evaluated. Such damage can mean that the owner will not be authorised by the card 102 since a fingerprint match is not made. In this event the processor 114 may prompt the user for a back-up identification/authorisation check via a sequence of movements. The user can hence have a “password” entered using movements of the card to be used in the event that the biometric authorisation fails.

    [0064] After such a back-up authorisation the card 102 could be arranged to be used as normal, or it could be provided with a degraded mode in which fewer operating modes or fewer features of the cards 102 are enabled. For example, if the smartcard 102 can act as a bank card then the back-up authorisation might allow for transactions with a maximum spending limit lower than the usual maximum limit for the card.

    [0065] It should be apparent that the foregoing relates only to certain embodiments of the present application and the resultant patent. Numerous changes and modifications may be made herein by one of ordinary skill in the art without departing from the general spirit and scope of the invention as defined by the following claims and the equivalents thereof.