[go: up one dir, main page]

HK1026287B - Method for preventing or detecting fraud in an identification system - Google Patents

Method for preventing or detecting fraud in an identification system Download PDF

Info

Publication number
HK1026287B
HK1026287B HK00105382.5A HK00105382A HK1026287B HK 1026287 B HK1026287 B HK 1026287B HK 00105382 A HK00105382 A HK 00105382A HK 1026287 B HK1026287 B HK 1026287B
Authority
HK
Hong Kong
Prior art keywords
code
transponder
information
serial number
additional information
Prior art date
Application number
HK00105382.5A
Other languages
German (de)
French (fr)
Chinese (zh)
Other versions
HK1026287A1 (en
Inventor
A. Stegmaier Peter
Original Assignee
Datamars Sa
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from EP98810845A external-priority patent/EP0982687A1/en
Application filed by Datamars Sa filed Critical Datamars Sa
Publication of HK1026287A1 publication Critical patent/HK1026287A1/en
Publication of HK1026287B publication Critical patent/HK1026287B/en

Links

Description

This invention relates to a method according to the preamble of claim 1. Identification systems of this type are known, for instance from US-patent 5 028 918. The objects to be identified by such systems may be of any kind, but they often are animals. The additional information transmitted by the transponder is not specified in detail, and it usually comprises data received by the transponder from a data module. No specific means are disclosed in the patent specifications mentioned above for preventing or at least detecting fraud by copying transponders wherein the identification code of some valuable object such as an animal is stored.
The transponders usually make use of integrated circuits (chips) as active elements. Of these chips mainly three versions exist:
  • the laser programmed on wafer level. These chips can be looked at as invariant.
  • the OTP versions (one time programmable). These chips are programmed sometimes before being put into the object to be identified and their memory content cannot be changed afterwards. This also applies to a type of transponder disclosed in US-Patent No. 5 166 676, where information to be transmitted by the transponder is programmed in a fusible link diode matrix.
  • the read/write (R/W) versions. These chips can, at least partially, be reprogrammed at any time.
Fraud by copying the code of a specific transponder into an OTP or R/W transponder in order to obtain two identical transponders can occur and needs to be made impossible. One well known approach is to use a secret key and some cryptographic algorithm (symmetric or asymmetric) to generate a cyphrate out of a random number sent to the transponder as challenge. The cryphrate is sent back from the transponders to the reader. Often the code of the transponder is also used as input to the cryptographic algorithm. Knowing algorithm and secret key (or public key in asymmetric systems) the reader can authenticate the transponder at any time. This method, however needs to make use of at least one secret key which needs to reside within the transponder memory and therefore requires sophisticated key handling.
EP-A-0 689 150 discloses a somewhat less sophisticated system, wherein a radio time signal received at reading time as well by the transponder as by the interrogating station. This time signal is combined with the identification code and retransmitted from the transponder to the interrogating station where the information retransmitted is analysed for reading the code. However, transponders are often passive elements without power source, the power for retransmission of the information being provided by the interrogating signal received by the transponder. It is impossible under these circumstances to continuously run a time clock in the transponder, and it is hardly possible to receive a radio time signal without power source in the transponder. Further, without cryptographic treatment of the time signal and code it would be possible for foreigners to determine the addition of a time signal and the code from the response signal of the transponder and thus to copy the transponder.
This invention aims in providing security against copying without reaching the level of cryptography and without increased power requirement. This security is obtained by the characterising features of claim 1. The advantage of this method is that it is not requiring complicated and error prone key handling and requires almost no computing power. The latter in contrast to cryptographic methods. Preferably, the method makes use of a chip serial number that makes the combination of the code and the chip serial number almost unique as long as the respective chip manufacturer never produces two identical serial numbers. By registering code and serial number in a database or a certificate that holds the data of the object to be identified and is kept separate from the object a simple copy operation into readily available OTP transponders becomes impossible.
However, to make sure that attempting fraud using chips with programmable serial numbers is recognised, a database can be used at identification set-up time when the code/serial number pair is stored into the database. At this moment, the database can be searched for double serial numbers and/or codes.
To make the serial number even more specific, a chip manufacturer identification (ID) may also be associated to the chip and made part of the serial number using the above method.
To avoid the need for reading long serial numbers a checksum type information (e.g. CRC) can be generated from the serial number and used for the above mechanism instead of the serial number. This however may reduce security. If the checksum type number is calculated over code, serial number etc. or over portions of the memory or over the whole memory, it permits consistency checking of the respective information as long as the algorithm for the checksum type number is kept secret.
This identification of the manufacturer or the user of the chip may be a trademark such as the registered trademark RID of applicant.
With every code read a geographic information etc. can be stored into the database along with time and date of the read operation to facilitate plausibility checks. Other and additional information may be stored in the memory of the transponder. A possible method is described below, whereby additional information mentioned therein may be omitted or replaced by other specific information.
Detailed description of the Method based on the example of ISO 11 784/85 transponders:
At die production time a unique die serial number and a die manufacturer identification (ID) are attributed to every die.
At code programming time the code, the die serial number, and the die manufacturer-ID are combined into a consistency check number using a specific method, e.g. a CRC scheme. The resulting number is programmed into the memory of the transponder, e.g. in the trailer bits and needs to be stored in the respective database or marked down in the animals passport, etc. for subsequent consistency check.
At code read time the code, the die serial number, the die manufacturer-ID, and the consistency check number are read and the same method is applied to check consistency of all respective numbers. Then comparing the consistency check number (i.e. the number stored in the trailer bits) with the respective number in the database, in the animals passport, etc. the tag (transponder) can be authenticated.
This method can prevent from copying transponders as long as no OTP dies are available that allow the programming of die serial number and die manufacturer-ID at code programming time.
By storing of the respective information into a database with access limited to authorised personnel the copying of serial numbers can often be detected.
Of course, any combination of the solutions mentioned above is feasible. A number of additional or alternative measures are possible, for instance as set out hereinafter.
Preferably the previous registration at identification set-up time may be compared to the information retrieved from the transponder at code-read time to discover fraud by modification of said information or fraud by copying the transponder using blank chips and copying the code leading to different serial numbers. This allows explicit authentification at any time.
Further, a checksum type information may additionally be stored in a database not accessible by fraudulent personnel.
The method for generation of a checksum type information may be a hashing function calculated from any portion of the transponder memory. The method for the generation of the checksum type information may also be a cryptographic function calculated from any portion of the transponder memory and making use of symmetric or asymmetric keys and where only the results of the respective calculations are stored in the memory of the transponder but not said keys. Hereby, it is of importance that no key has to be stored in the transponder.
Another possibility is to store any additional information in the memory of the transponder in such a way that the boundaries of the individual numbers of the stored additional information are not distinguishable to the not knowing. In this way the boundary between the checksum type information and the remaining information shall be obliterated in order to protect the checksum type information from fraudulent analysis.

Claims (18)

  1. A method for preventing or detecting fraud in an identification system wherein a transponder having a memory comprising an identifying code is associated with an object to be identified, this transponder being activated by an interrogating signal for transmission of said code, the so received code being used through registration of the code along with object information for identification of said object and additional information is transmitted together with said code,    characterised in that at least a part of said additional information useful for the determination of the uniqueness of the transponder and differing for each transponder is invariably stored in said memory,    authentication of identification of said object being based onto the combination of said code and said additional information and comprising a comparison of said code and additional information with corresponding data stored in a secret data base.
  2. The method of claim 1, wherein said additional information is registered together with said code, authentication comprising comparison of said stored code and additional information with said registered code and additional information.
  3. The method of claim 1, wherein said additional information is stored during manufacturing of the transponder chip as a unique chip serial number which cannot be altered by the programmer of the transponder code.
  4. The method of claim 3, comprising searching the data base, where the code and serial number are registered, for double serial numbers at identification set-up time to discover fraud by using chips which allow or enable programmable serial numbers.
  5. The method of claim 1 or 4, comprising comparing the previous registration at identification set-up time to the information retrieved from the transponder at code-read time to discover fraud by modification of said information or fraud by copying the transponder using blank chips and copying the code leading to different serial numbers.
  6. A method according to claim 3 or 4, comprising integrating a die manufacturer identification (ID) into the serial number to avoid double serial numbers from different manufacturers.
  7. A method according to claim 3, comprising using a checksum type information made out of the serial number, e.g. to gain time in reading the shorter checksum instead of the serial number.
  8. A method according to claim 7, comprising using a checksum type information made out of the serial number and a manufacturer identification (ID), e.g. to gain time in reading the shorter checksum instead of the serial number and manufacturer ID.
  9. A method according to claim 8, wherein the checksum type number is made out of the serial number, the manufacturer identification (ID), and the code in order to permit a consistency check over code, serial number, ID and checksum type of information.
  10. Method according to claim 1, wherein a checksum type number is calculated over any portion or the whole memory of the transponder in order to enable a consistency check.
  11. A method according to claim 8, 9 or 10, comprising storing the checksum type information also into the transponder so that multiple different information are obtained: code, serial number, manufacturer identification (ID), and checksum, and reading all multiple information as well as the checksum type information at authentication time for allowing to check consistency.
  12. A method according to claim 1 or 3, comprising storing code and serial number in a database not accessible to fraudulent personnel.
  13. A method according to claim 12, comprising additionally storing a manufacturer identification (ID) in a database not accessible to fraudulent personnel.
  14. A method according to claim 7, 8, 9, 10 or 11, comprising additionally storing the checksum type information in a database not accessible to fraudulent personnel.
  15. A method according to any one of the claims 1 to 14, wherein said code and said additional information are registered in a database or in a certificate which are not accessible to non-authorized persons or in a computer database with write access only to authorized persons, in order to permit the search for double information or inconsistent information to detect fraudulent action at any time using said database or certificate.
  16. A method according to any one of claims 1 to 15, wherein the method for the generation of the checksum type information is a hashing function calculated from any portion of the transponder memory.
  17. A method according to any one of claims 1 to 16, where the method for the generation of the checksum type information is a cryptographic function making use of symmetric or asymmetric keys and where only the results of the respective calculations are stored in the memory of the transponder but not said keys.
  18. A method according to any one of claims 1 to 17, where any additional information stored in the memory of the transponder is stored in such a way that the boundaries of the individual numbers of the stored additional information are not distinguishable to the not knowing.
HK00105382.5A 1998-08-26 2000-08-29 Method for preventing or detecting fraud in an identification system HK1026287B (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
EP98810845 1998-08-26
EP98810845A EP0982687A1 (en) 1998-08-26 1998-08-26 Method for preventing or detecting fraud in an identification system

Publications (2)

Publication Number Publication Date
HK1026287A1 HK1026287A1 (en) 2000-12-08
HK1026287B true HK1026287B (en) 2002-11-15

Family

ID=

Similar Documents

Publication Publication Date Title
AU2006203515B2 (en) Protection of Non-Promiscuous Data in an RFID Transponder
AU2006203517B2 (en) Using Promiscuous and Non-Promiscuous Data to Verify Card and Reader Identity
EP2002382B1 (en) Method and device for obtaining item information using rfid tags
US6957338B1 (en) Individual authentication system performing authentication in multiple steps
EP2100263B1 (en) Controlling data access to and from an rfid device
US7761347B2 (en) Method and system for identifying and managing radio frequency identification (RF-ID) attached objects
US7541929B2 (en) Read authentication method and system for securing data stored on RFID tags
US20070194879A1 (en) Method and device for detecting an invalid RFID tag and method for manufacturing an RFID tag
US20020017558A1 (en) Smart card technology
US20090267747A1 (en) Security and Data Collision Systems and Related Techniques for Use With Radio Frequency Identification Systems
EP0982688B1 (en) Method for preventing or detecting fraud in an identification system
US20080214312A1 (en) Security System For Authenticating Gaming Chips
US9495570B2 (en) Method for authenticating an RFID tag
US20090040023A1 (en) RF Transponder for Off-Line Authentication of a Source of a Product Carrying the Transponder
JP2006268859A (en) Device and method for ownership verification
HK1026287B (en) Method for preventing or detecting fraud in an identification system
JP2008233975A (en) Information communication device, information central management device, and information processing system
WO2004086290A1 (en) Authentication of radio frequency transponders
US20080186144A1 (en) Method for the at least temporary activation of bidirectional communication and transponder
WO2007036901A1 (en) Method and device for privacy protection of rfid tags
US20120223809A1 (en) Transponder, method and reader for monitoring access to application data in the transponder
JP3965920B2 (en) IC card
CN118153126B (en) RFID smart card information interaction method, device and system with privacy protection
AU2022314153A1 (en) Method for authenticating and/or validating the identity of an object
JPH01233687A (en) Ic card device