Contactless Smart-card Reader with Security and Hybrid Multi-core Parallel Verifying Process

Abstract

A contactless smart-card reader with security and hybrid multi-core parallel verifying process is provided. The reader obtains a card number via an antenna and a card-recognizing unit. The reader has multiple issuer-SAM controllers and a maincontroller to synchronously compute authentication codes under a multiplexing-mode. The maincontroller verifies the contactless smart-card by the authentication codes one-by-one to obtain a correct authentication code authorized by the contactless smart-card. When the correct authentication code is generated by any one of the issuer-SAM controllers, said issuer-SAM controller performs the compounded-security-access-software program. When the correct authentication code is generated by the maincontroller, the maincontroller performs the dedicated-security-access-software program.

Claims

1. A contactless smart-card reader with security and hybrid multi-core parallel verifying process, comprising: an antenna adapted to sense a contactless smart-card; a card-recognizing unit connected to the antenna to read a card number of the contactless smart-card; multiple SAMs (Security Access Modules) respectively corresponding to different electronic payment service providers or ticketing network operators; multiple issuer-SAM (Security Access Module) controllers, wherein each one of the issuer-SAM controllers is connected to at least two SAMs of the multiple SAMs, stores a compounded-security-access-software program corresponding to the at least two SAMs connected to each one of the multiple issuer-SAM controllers, and generates multiple first authentication codes according to the card number and the at least two SAMs; and a maincontroller having multiple I/O (input/output) pins respectively connected to the card-recognizing unit, the multiple issuer-SAM controllers, and at least one SAM of the multiple SAMs directly and storing a dedicated-security-access-software program corresponding to the at least one SAM connected to the maincontroller; wherein the at least one SAM connected to the maincontroller is distinct from the at least two SAMs connected to each one of the multiple issuer-SAM controllers; wherein the maincontroller generates at least one second authentication code according to the card number and the at least one SAM connected to the maincontroller; wherein the maincontroller simultaneously transmits the card number to the multiple issuer-SAM controllers under a multiplexing-mode and obtains the multiple first authentication codes from the multiple issuer-SAM controllers; wherein the multiple issuer-SAM controllers and the maincontroller synchronously compute the first authentication codes and the at least one second authentication code under the multiplexing-mode; wherein the maincontroller verifies the contactless smart-card by the first authentication codes and the at least one second authentication code one-by-one to obtain a correct authentication code authorized by the contactless smart-card; wherein the correct authentication code is generated by any one of the multiple issuer-SAM controllers or the maincontroller; wherein when the correct authentication code is generated by any one of the issuer-SAM controllers, said issuer-SAM controller performs the compounded-security-access-software program; wherein when the correct authentication code is generated by the maincontroller, the maincontroller performs the dedicated-security-access-software program; wherein the at least one SAM connected to the maincontroller is a single SAM, and the dedicated-security-access-software program is an exclusive-security-access-software program.

2. The contactless smart-card reader as claimed in claim 1, wherein each one of the SAMs comprises a socket for a security-access card to be inserted into the socket and electrically connected to the SAM.

3. The contactless smart-card reader as claimed in claim 1, wherein each one of the SAMs stores security verification data.

4. A contactless smart-card reader with security and hybrid multi-core parallel verifying process, comprising: an antenna adapted to sense a contactless smart-card; a card-recognizing unit connected to the antenna to read a card number of the contactless smart-card; multiple SAMs (Security Access Modules) respectively corresponding to different electronic payment service providers or ticketing network operators; multiple issuer-SAM (Security Access Module) controllers, wherein each one of the issuer-SAM controllers is connected to at least two SAMs of the multiple SAMs, stores a compounded-security-access-software program corresponding to the at least two SAMs connected to each one of the multiple issuer-SAM controllers, and generates multiple first authentication codes according to the card number and the at least two SAMs; and a maincontroller having multiple I/O (input/output) pins respectively connected to the card-recognizing unit, the multiple issuer-SAM controllers, and at least one SAM of the multiple SAMs directly and storing a dedicated-security-access-software program corresponding to the at least one SAM connected to the maincontroller; wherein the at least one SAM connected to the maincontroller is distinct from the at least two SAMs connected to each one of the multiple issuer-SAM controllers; wherein the maincontroller generates at least one second authentication code according to the card number and the at least one SAM connected to the maincontroller; wherein the maincontroller simultaneously transmits the card number to the multiple issuer-SAM controllers under a multiplexing-mode and obtains the multiple first authentication codes from the multiple issuer-SAM controllers; wherein the multiple issuer-SAM controllers and the maincontroller synchronously compute the first authentication codes and the at least one second authentication code under the multiplexing-mode; wherein the maincontroller verifies the contactless smart-card by the first authentication codes and the at least one second authentication code one-by-one to obtain a correct authentication code authorized by the contactless smart-card; wherein the correct authentication code is generated by any one of the multiple issuer-SAM controllers or the maincontroller; wherein when the correct authentication code is generated by any one of the issuer-SAM controllers, said issuer-SAM controller performs the compounded-security-access-software program; wherein when the correct authentication code is generated by the maincontroller, the maincontroller performs the dedicated-security-access-software program; wherein the at least one SAM connected to the maincontroller comprises multiple SAMs, and the dedicated-security-access-software program is a compounded-security-access-software program.

5. The contactless smart-card reader as claimed in claim 4, wherein each one of the SAMs comprises a socket for a security-access card to be inserted into the socket and electrically connected to the SAM.

6. The contactless smart-card reader as claimed in claim 4, wherein each one of the SAMs stores security verification data.

Description

BRIEF DESCRIPTION OF THE DRAWINGS

[0022] FIG. 1 is a block diagram of an embodiment of the contactless smart-card reader of the present invention.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENT

[0023] FIG. 1 discloses a block diagram of an embodiment of the contactless smart-card reader of the present invention. The contactless smart-card reader comprises multiple SAMs (Security Access Modules) 101-120, multiple issuer-SAM (Security Access Module) controllers 21-23, an antenna 31, a card-recognizing unit 32, and a maincontroller 40.

[0024] The multiple SAMs 101-120 may respectively correspond to different electronic payment service providers (hereinafter referred to as providers) or ticketing network operators (hereinafter referred to as operators). Each SAM 101-120 is electrically connected to a security-access card 100a provided by a provider or a operator. The security-access card 100a stores security verification data provided by the provider or the operator. In an embodiment, each SAM 101-120 may comprise a socket 100b. The security-access card 100a is adapted to be inserted into the socket 100b and electrically connected to the SAM. In another embodiment, the security verification data may be written to each SAM 101-120, such that each SAM 101-120 may store the security verification data. Different providers or different operators may have different security verification data.

[0025] Each issuer-SAM controller 21-23 is connected to at least two SAMs of the multiple SAMs 101-120 to form a one-to-many (“one issuer-SAM controller” to “multiple SAMs”) configuration. Different issuer-SAM controllers are electrically connected to different SAMs. In other words, any one of the SAMs is electrically connected to only one of the issuer-SAM controllers, rather than more than one of the issuer-SAM controllers. Each issuer-SAM controller stores a compounded-security-access-software program 210, 220, 230. The compounded-security-access-software program is programmable. The compounded-security-access-software program is compounded by multiple exclusive-security-access-software programs provided by the providers or the operators that correspond to the at least two SAMs connected to the corresponding issuer-SAM controller. In other words, each provider or the operator has its own exclusive-security-access-software program that is distinct from other exclusive-security-access-software programs. Each provider or the operators has its own exclusive-security-access-software program. The present invention has the exclusive-security-access-software program to exchange data, access data, exchange keys (such as authentication code), or perform other verifying mechanisms with a contactless smart-card 50, such as a chip-card, that belongs to such provider or operator. Since the compounded-security-access-software program 210, 220, 230 is compounded from multiple different exclusive-security-access-software programs, the contactless smart-card reader of the present invention may exchange data, access data, exchange keys, or perform other verifying mechanisms with the contactless smart-card 50 that belongs to different providers or operators.

[0026] The antenna 31 is adapted to generate or sense electromagnetic waves and has a wireless detecting range. The card-recognizing unit 32 is electrically connected to the antenna 31. In an embodiment, the card-recognizing unit 32 may be a radio-frequency control chip for card accessing.

[0027] The maincontroller 40 has multiple I/O (input/output) pins respectively connected to the card-recognizing unit 32 and the issuer-SAM controllers 21-23. The maincontroller 40 may be connected to at least one SAM of the SAMs 101-120 directly. The at least one SAM connected to the maincontroller 40 is distinct from the SAMs connected to the issuer-SAM controllers 21-23. The maincontroller 40 and the issuer-SAM controllers 21-23 are not connected to a same SAM. The maincontroller 40 stores a dedicated-security-access-software program 41 corresponding to the at least one SAM connected to the maincontroller 40. Besides, for the issuer-SAM controllers 21-23, the maincontroller 40 operates as an arbiter for performing intermediate arbitration and resource allocation. When the at least one SAM connected to the maincontroller 40 is a single SAM, the dedicated-security-access-software program 41 is an exclusive-security-access-software program. When the at least one SAM connected to the maincontroller 40 comprises multiple SAMs, the dedicated-security-access-software program 41 is a compounded-security-access-software program that is compounded by different exclusive-security-access-software programs.

[0028] For further applications, the maincontroller 40 may have a communication interface for data transmission with external electronic payment systems or ticketing operators.

[0029] As shown in FIG. 1, the embodiment comprises twenty SAMs 101-120 including sequentially a first SAM 101, a second SAM 102, a third SAM 103, . . . , and a twentieth SAM 120. The embodiment has three issuer-SAM controllers 21-23 including a first issuer-SAM controller 21, a second issuer-SAM controller 22, and a third issuer-SAM controller 23. The first issuer-SAM controller 21 is electrically connected to the first to the sixth SAMs 101-106. The second issuer-SAM controller 22 is electrically connected to the seventh to the twelfth SAMs 107-112. The third issuer-SAM controller 23 is electrically connected to the thirteenth to the eighteenth SAMs 113-118. The maincontroller 40 is directly connected to the nineteenth SAM 119 and the twentieth SAM 120.

[0030] In general, a contactless smart-card 50 comprises a chip 51 and an antenna 52. When the contactless smart-card 50 enters the wireless detecting range of the antenna 31, the contactless smart-card 50 communicates with the contactless smart-card reader of the present invention via the antenna 52 and the antenna 31, such that the card-recognizing unit 32 may read a card number of the contactless smart-card 50. When the card-recognizing unit 32 obtains the card number of the contactless smart-card 50, the card-recognizing unit 32 transmits the card number to the maincontroller 40. When the maincontroller 40 obtains the card number, the maincontroller 40 simultaneously transmits the card number to the multiple issuer-SAM controllers 21-23 under the multiplexing-mode. Besides, the maincontroller 40 receives the security verification data from the nineteenth SAM 119 and the twentieth SAM 120.

[0031] When the issuer-SAM controllers 21-23 receive the card number, the issuer-SAM controllers 21-23 synchronously operate. The first issuer-SAM controller 21 generates six first authentication codes according to the card number and the security verification data stored in the first to the sixth SAMs 101-106 respectively. Similarly, the second issuer-SAM controller 22 generates another six first authentication codes according to the card number and the security verification data stored in the seventh to the twelfth SAMs 107-112 respectively. The third issuer-SAM controller 23 generates another six first authentication codes according to the card number and the security verification data stored in the thirteenth to the eighteenth SAMs 113-118 respectively. Meanwhile, the maincontroller 40 generates two second authentication codes according to the card number and the security verification data stored in the nineteenth to the twentieth SAMs 119-120 respectively. Therefore, the multiple issuer-SAM controllers 21-23 and the maincontroller 40 synchronously compute the first authentication codes and the at least one second authentication code under the multiplexing-mode.

[0032] As a result, the maincontroller 40 obtains twenty authentication codes including the eighteen first authentication codes and the two second authentication codes. The maincontroller 40 verifies the contactless smart-card 50 by the twenty authentication codes. In detail, the maincontroller 40 transmits the twenty authentication codes one-by-one to the contactless smart-card 50 via the antenna 31. Accordingly, the chip 51 of the contactless smart-card 50 examines the validity of the authentication codes one-by-one and transmits a verifying result to the maincontroller 40. When any one of the authentication codes is authorized as a correct authentication code, the maincontroller 40 may obtain the verifying result indicating the correct authentication code. The correct authentication code is generated by any one of the multiple issuer-SAM controllers 21-23 or the maincontroller 40. When the correct authentication code is generated by any one of the issuer-SAM controllers, said issuer-SAM controller performs the compounded-security-access-software program. When the correct authentication code is generated by the maincontroller 40, the maincontroller 40 performs the dedicated-security-access-software program 41.

[0033] Afterwards, the maincontroller 40 may confirm that the correct authentication code corresponds to any one of the providers and the operators. The correct authentication code is regarded as a unique security key to access the contactless smart-card 50. The unique security key stands for an access authorization of the contactless smart-card 50.

[0034] For example, when the correct authentication code is generated by any one of the issuer-SAM controllers 21-23, such as the second issuer-SAM controller 22, the second issuer-SAM controller 22 performs its compounded-security-access-software program to exchange data, access data, exchange keys, or perform other verifying mechanisms with the contactless smart-card 50 via the maincontroller 40 to complete a transaction. On the other hand, when the correct authentication code is generated by the maincontroller 40, the maincontroller 40 performs its dedicated-security-access-software program to directly exchange data, access data, exchange keys, or perform other verifying mechanisms with the contactless smart-card 50 to complete a transaction.

[0035] In conclusion, the present invention has an advantage of rapid processing to obtain the authentication codes of the SAMs 101-120 in the shortest time. The maincontroller 40 verifies the contactless smart-card 50 by the authentication codes one-by-one to obtain a correct authentication code. Based on the correct authentication code, the contactless smart-card reader of the present invention may exchange data, access data, exchange keys, or perform other verifying mechanisms with the contactless smart-card 50. In addition, one issuer-SAM controller corresponds to multiple SAMs. The present invention may obtain the authentication codes from the SAMs 101-120 under a condition that the number of the issuer-SAM controllers 21-23 and the maincontroller 40 is less than the number of the SAMs 101-120, such that the cost for the issuer-SAM controllers 21-23 may be economized.

[0036] The compounded-security-access-software programs stored in the issuer-SAM controllers and the dedicated-security-access-software program 41 stored in the maincontroller 40 are dedicated and distinct from each other. For example, a change to the compounded-security-access-software program 210 stored in the first issuer-SAM controllers 21 does not affect the compounded-security-access-software program 220, 230 stored in the second issuer-SAM controllers 22 and the third issuer-SAM controllers 22 and the dedicated-security-access-software program 41 stored in the maincontroller 40.

[0037] If some providers or operators belong to a same parent company or have cooperative relationships (i.e. having business contracts, joining in a group, or joining in a league), any one of the providers or operators may be entrusted to make the compounded-security-access-software program. Such compounded-security-access-software program would be stored in any one of the issuer-SAM controllers 21-23. In an embodiment, the compounded-security-access-software program is stored in the third issuer-SAM controllers 23 as an example. When any one of the providers or operators corresponding to the thirteenth to the eighteenth SAMs 113-118 would update its exclusive-security-access-software program, the compounded-security-access-software program may be directly amended to update that exclusive-security-access-software program. Based on the cooperative relationships, other providers or operators corresponding to the thirteenth to the eighteenth SAMs 113-118 would not be worried about security issues that the verifying mechanism may be leaked. Hence, the contactless smart-card reader of the present invention has features of independence and security.

Contactless Smart-card Reader with Security and Hybrid Multi-core Parallel Verifying Process

Inventors

Cpc classification

Classification Explorer

G06K7/0013

PHYSICS

Classification Explorer

G07F7/0893

PHYSICS

Classification Explorer

G06K7/0004

PHYSICS

Classification Explorer

H04L63/0853

ELECTRICITY

Classification Explorer

G06K19/0723

PHYSICS

Classification Explorer

G06Q20/341

PHYSICS

Classification Explorer

G06Q20/352

PHYSICS

Classification Explorer

G06K7/10009

PHYSICS

Classification Explorer

G07F7/0813

PHYSICS

International classification

Classification Explorer

G06Q20/34

PHYSICS

Classification Explorer

H04L29/06

ELECTRICITY

Classification Explorer

G06K7/00

PHYSICS

Classification Explorer

G07F7/08

PHYSICS

Classification Explorer

G06K19/07

PHYSICS

Abstract

Claims

Description