United States Patent [19] [in Patent Number: 4,882,779
Rahtgen [45] Date of Patent: Nov. 21,1989
Related U.S. Application Data
[63j Continuation of Ser. No. 827,930, filed as PCTi DK85/00032 on Apr. 9, 1985, published asj WO85/04742 on Oct. 24, 1985, abandoned. |
[30] Foreign Application Priority Data
Apr. 12, 1984 [DK] Denmark 1907/84
[51] Int. CL* H04L 9/02
[52] U.S. CI 380/24; 380/25
[58] Field of Search 380/23-25
[56] References Cited
U.S. PATENT DOCUMENTS
3,941,977 3/1976 Voss et al 235/379
3,956,615 3/1976 Anderson et al 235/381;
4,193,131 3/1980 Lennon et al 380/23
4,219,151 8/1980 Haruki 235/379
4,304,990 12/1981 Atalla 380/24
4,438,824 3/1984 Mueller-Schloer 380/25
4,500,750 2/1985 Elanderetai 178/22.14
4,523,087 6/1985 Benton 235/379
4,593,384 6/1986 Kleijne 307/202.1
4,713,753 12/1987 Boebert 380/25
FOREIGN PATENT DOCUMENTS
0003756 9/1979 European Pat. Off. .
0033833 6/1981 European Pat. Off. .
410129 9/1979 Sweden .
412130 2/1980 Sweden .
426886 2/1983 Sweden .
2131586 6/1984 United Kingdom .
Primary Examiner—Salvatore Cangialosi
Attorney, Agent, or Firm—Merchant, Gould, Smith,
Edell, Welter & Schmidt
An apparatus communicating with data systems, and a method of communicating with data systems. In an apparatus (10, 49) communicating with a high secrecy and high security on-line verification data system (40) and an off-line verification data system (18) of a lower secrecy and security level, a person in possession of a card (21, 22,12, 24) inputs the card into the apparatus (10,49). The data are read from the card and input to a security module (50) of the apparatus. On the basis of the data read from the card, the apparatus (10,49) identifies the card as a card belonging to the on-line data system or the off-line data system. Within the security module (50) of the apparatus (10,49), a keyboard (46) is arranged, which is adapted to be activated by the person in possession of the card for inputting a personal authentication code (actually a PIN-code) into the security module. Provided the card has been identified as a card belonging to the on-line data system (40), the data read from the card (21) and the code input by means of the keyboard (46) are encrypted by employed an encryption algorithm which is stored in a first storage means of the security module (50) and are output to the on-line data system (40), within which the authenticity of the person in possession of the card is verified. Provided the card has been identified as a card belonging to the data system of lower secrecy and security level (18), the data read from the card (22,23,24) are compared to the code input by means of the keyboard (46) by employing a verification algorithm, which is stored in a second storage means of the security module (50), in a comparator of the security module (50). As a result of the comparison within the comparator an authenticity code or, alternatively, a non-authenticity code is output to the off-line data system, exclusively. A coherent set of data and code is under no circumstances output from the apparatus to the data system of lower secrecy and security level. Consequently, the problem of eliminating transparency from the lower level secrecy and security data system to the high secrecy and high security data system is solved.
