Patent Grant
12147523
This application is a national stage application under 35 U.S.C. § 371 of PCT Appl. No. PCT/EP2021/087202, titled “Reader Device and Method of Configuring the Same,” filed Dec. 22, 2021, which claims priority to EP patent application Ser. No. 20/217,596.4, filed Dec. 29, 2020, each of which is incorporated by reference herein in its entirety.
The present disclosure generally relates to reader devices for reading and writing data stored on a token, for example, a smart card, and in particular to a method of configuring such reader devices.
Generally, readers such as smart card readers are used for a wide variety of applications. For example, such readers can be used to read data from a security token to allow access to resources such as a physical facility, a computer, or a network. Other well-known applications are the use for online-banking applications, the use as credit card terminals, and the like. As one specific example, HID Global's OMNIKEY® readers are readers for desktop applications, mobile computers, multifunctional devices such as printers, or the like. Such readers may be configured as an easy-to-install USB device suited for all contact or contactless smart card operations such as the above-mentioned access to resources, online-banking or digital signature applications.
The above-mentioned readers can be standalone devices, or can be integrated into, for example, a desktop computer. Further, such readers generally support all major operating systems, and allow for high-speed data transmission between the reader and the host device connected to the same.
In some applications, a plurality of readers may be provided at different locations, for example, within an organization or a building, and may be connected to a central administration device managing different aspects of the plurality of readers.
U.S. Pat. No. 7,971,238 B2 discloses an information handling system including a processor, system memory, and a remote access resource that includes a virtual card reader enabled to establish a communication channel between the remote access resource and a remote card reader to communicate smart card reader access requests and responses between them.
The present disclosure is directed, at least in part, to improving or overcoming one or more aspects of prior systems.
According to one aspect of the present disclosure, a reader device comprises a memory storing configuration data configuring the reader device. The reader device further comprises a first interface configured to connect the reader device to a host device, a second interface configured to connect a physical token to the reader device, and a controller configured to access the memory to read and write data to/from the same, communicate with the host device via the first interface, and communicate with the physical token via the second interface. In addition, the controller is configured to, in response to a detection that no physical token is connected to the reader device, emulate a virtual token and transmit a first message indicating that the virtual token is connected to the reader device to the host device. In response to receiving at least one command addressing the virtual token from the host device, the controller is further configured to modify the configuration data stored in the memory in accordance with the at least one command.
In another aspect, the present disclosure relates to a system for managing a plurality of reader devices. The system comprises a central administration device, a plurality of host devices, and a plurality of reader devices in accordance with the above aspect respectively connected to the plurality of host devices. The administration device is configured to receive the first message indicating that the virtual token is connected from an associated host device, and transmit the at least one command to the associated host device to configure the reader device connected to the same.
In yet another aspect, the present disclosure relates to a method of configuring a reader device, the reader device including a memory storing configuration data, a first interface configured to connect the reader device to a host device, a second interface configured to connect a physical token to the reader device, and a controller configured to communicate with the host device via the first interface, and access the memory to read and write data to/from the same. The method comprises, in response to detecting that no physical token is connected to the reader device, emulating a virtual token and transmitting a first message indicating that the virtual token is connected to the reader device to the host device. Further, the method comprises receiving at least one command addressing the virtual token from the host device, and modifying the configuration data stored in the memory in accordance with the at least one command.
In a further aspect, the present disclosure relates to a computer program comprising computer-executable instructions, which, when executed by a controller of a reader device, cause the controller to perform the following steps: in response to a detection that no physical token is connected to the reader device, emulating a virtual token and transmitting a first message indicating that the virtual token is connected to the reader device to a host device connected to the reader device; and, in response to receiving at least one command addressing the virtual token from the host device, modifying configuration data stored in a memory of the reader device in accordance with the at least one command.
In yet another aspect, the present disclosure relates to a computer program product storing the computer program of the above aspect.
Other features and aspects of the present disclosure will be apparent from the following description and the accompanying drawings.
The following is a detailed description of exemplary embodiments of the present disclosure. The exemplary embodiments described herein are intended to teach the principles of the present disclosure, enabling those of ordinary skill in the art to implement and use the present disclosure in many different environments and for many different applications. Therefore, the exemplary embodiments are not intended to be, and should not be considered as, a limiting description of the scope of protection. Rather, the scope of protection shall be defined by the appended claims.
The present disclosure is based at least in part on the realization that, in many currently used systems, for example, a networked system including a plurality of reader devices connected to a central administration device, reader configuration management requires different non-standard settings in the supporting operating systems, or even user interaction to connect to a reader. This may prevent the remote or centralized management of a smart card reader population. For example, when a reader device is connected to a host device including an operating system (which may also be a local administration device), a management application may try to access the reader device using special commands, which do not correspond to standard settings of the protocol that is used for communication with the token (for example, a smart card) connected to the reader. In particular, when no token is connected to the reader, any kind of access may simply be refused. Therefore, it may be necessary to first connect a token to the reader in order to configure the same. In addition, it may be necessary to change the standard settings (for example, settings of the operating system and/or the reader) to be able to send the appropriate configuration commands which cause the reader to update its configuration.
Moreover, especially in the case where a central administration device manages a plurality of readers connected to different host devices, the remote connections between the central administration device and the respective host devices must support any special commands which are necessary to remotely configure the respective readers. However, in many applications, this is not assured, even in cases where a local administration device is used. Therefore, administration, in particular, configuration of the reader devices may not be possible in the known systems.
According to the present disclosure, it has been realized that the above-outlined disadvantages can be overcome by configuring the readers such that they emulate a token (virtual token). In particular, this emulation may take place when no physical token is present at a reader. Based on such an emulated token, all token-specific security mechanisms can be used and allow for a secure (remote) configuration management of the reader. No user interaction is required, and a centralized configuration can be executed without performing any special settings to the token subsystem or even on an operating system level of the host device to which the reader is connected.
When the reader emulates such a virtual token, this virtual token (for example, a virtual smart card) can be addressed by commands and methods of the standard that is commonly used to communicate with such tokens. For example, this may allow a communication between the central administration device and each reader using the PC/SC standard without any special configurations or settings. In other words, the (central) administration device communicates with the reader in the same manner it communicates with a physical smart card. Therefore, the reader configuration can be accessed as part of any card command or memory structure using any of the security mechanisms introduced for, for example, smart cards (e.g., secure communication, man-in-the-middle attack detection, etc.).
In addition, it has been realized that the emulated card can also present reader specific information such as a reader serial number or a firmware version of the same to the central administration device to ease the configuration or management processes. This may be done in addition to presenting standard required values like ATR response and the like. In this manner, a management application on the administration device can also distinguish between a physical token and the virtual token, and appropriately address the latter to configure the reader emulating said virtual token. In some embodiments, the reader specific information may be requested by the local or central administration device by sending an appropriate command to the reader, and the controller of the reader may then be configured to read the configuration data, or other data including the reader specific information, in accordance with the request and forward the same to the administration device.
It has also been realized that it is advantageous when the reader enters the token emulation mode whenever a physical token is not present (for example, upon a detection that a physical token has been removed). In this manner, whenever a reader is not currently in use, a remote configuration of the same is possible. In this respect, it has also been recognized that it is advantageous to signal to the administration device that a physical token has been presented to the reader, and terminate the emulation of the virtual token. In this manner, an administrator can recognize that the configuration of the reader is not possible at present. Moreover, it has been recognized that it may be advantageous when the emulation of the virtual token can be switched on and off by customers or installations. In this manner, customers or installations which do not require or do not wish to use the approach described herein may prevent the remote configuration of the respective readers.
As also shown in
Reader device 10 further comprises a controller 22 configured to communicate with host device 12 via first interface 16. Controller may be any type of processor or hardware configured to execute instructions, access memory 14, etc., for example, a microcontroller or the like. Further, controller 22 may be operatively coupled to first interface 16 to transmit and receive messages (including one or more commands) to/from reader device 12. In some embodiments, a dedicated communication unit may be connected to first interface 16 and forward the messages between first interface 16 and controller 22. In other embodiments, such a communication unit or circuitry may be integrated with controller 22.
In addition, reader device 10 includes a second interface 18 configured to connect a physical token 20, for example, a contact smart card, to reader device 10. Controller 22 is configured to communicate with physical token 20 via second interface 18. For example, reader device 10 may be a smart card reader for use with any compatible contact smart card. As such, reader device 10 may comprise a receptacle for physical token 20 (e.g., a smart card), and may be electrically connected to the same in a known manner via second interface 18. Also in this respect, it is noted that, in other applications, second interface 18 may be a contactless interface, and physical token 20 may be, for example, an RFID smart card or the like, which is wirelessly connected to reader device 10 in a known manner.
Controller 22 is configured to enable communications between physical token 20 and host device 12 in accordance with a communication protocol such as the PC/SC standard, for example, by receiving data from physical token 20 and forwarding the same to host device 12, and by receiving commands from host device 12, which commands may, for example, be read/write commands forwarded to physical token 20 by reader device 10. Details of such an operation are known to the skilled person and will not be described herein.
As shown in
As previously mentioned, host device 12 may be a computer running a general-purpose, multi-program operating system such as Microsoft® Windows®, Linux®, or Apple® MacOS X®. Further, it will be appreciated that reader device 10, although referred to as a reader device, is capable of not only reading data from, for example, physical token 20, but also writing data to the same.
In some instances, it may be necessary or desired to update the configuration of reader device 10, in particular, the configuration data stored in memory 14. In order to do so, an administrator may start a corresponding management application on administration device 30 (or, in case of purely local configuration, host device 12), and forward corresponding configuration commands to reader device 10 via host device 12. However, depending on the application, it may be necessary to forward the configuration commands using non-standard settings of the standard which is used to communicate with reader device 10 and/or physical token 20. In one example, in case the known PC/SC standard is used, a special set of PC/SC commands has to be used to directly address reader device 10, instead of addressing physical token 20. However, in case no physical token 20 is connected to reader device 10, and/or the connection between administration device 30 and host device 12 (and/or the connection between host device 12 and reader device 10) does not support such non-standard settings, configuration of reader device 10 is not possible. Therefore, the administrator would either need to access local host device 12 in order to change operation system settings to perform the configuration, or have to insert a physical smart card or the like into reader device 10. In order to overcome this disadvantage, according to the present disclosure, controller 22 is configured to emulate a virtual token 26 and transmit a first message indicating that virtual token 26 is connected to reader device 10 to host device 12 when it is detected that no physical token 20 is connected to reader device 10. For example, controller 22 or a dedicated detection unit connected to the same may be configured to detect that physical token 20 has been removed (in case of a physical connection) and/or disconnected from reader device 10. It will be readily appreciated that there is a wide variety of possibilities for detecting the disconnection of physical token 20 (a mechanical switch, a timeout for a response from a wirelessly connected token 20, a specific message received from token 20, etc.). In any case, after it has been detected that no physical token is connected to reader device 10, controller 22 starts the emulation of virtual token 26. This is shown in
In the example shown in
Administration device 30 may now transmit one or more configuration commands for reader device 10 as at least one command addressing virtual token 26. Optionally, administration device can, for example, transmit an initial command requesting reader information, for example, specifying the current configuration of reader device 10. Based on this, a further command for updating the configuration may then be sent to reader device 10. Said at least one command is forwarded by host device 12 to reader device 10 via first interface 16. In response to receiving said at least one command, controller 22 of reader device 10 can then read or modify the configuration data stored in memory 14 in accordance with the at least one command. For example, the at least one command may address a virtual memory 28 of virtual token 26, which virtual memory 28 may include at least a portion of memory 14 storing configuration data. In this manner, standard commands, which are normally used for writing data to a physical token 20, can be used to instead write data into virtual memory 28 of virtual token 26, which virtual memory 28 corresponds to the portion (or, in some embodiments, all) of memory 14 storing the configuration data.
In order to facilitate configuring reader device 10, the first message, which indicates that virtual token 26 is connected to reader device 10, may include reader information indicating at least one property of reader device 10, for example, a serial number of the reader device, a firmware version of a firmware installed on the same, and the like. In addition, the first message may also include information with respect to a memory structure of memory 14 of reader device 10 (and/or virtual memory 28), and this information may be used by administration device 30 to appropriately address virtual memory 28 of virtual token 26. For example, the first message may include information specifying the memory address or memory region into which the configuration data (for example, updated cryptographic keys, a new firmware revision, and the like) is to be written. In some embodiments, the first message may be sent by reader device 10 upon receiving a corresponding request from host device 12. It should be appreciated that the term “emulation” as used herein should be interpreted broadly. In the above-described example, it refers to the reader device 10 (the controller 22 of the same) identifying itself as a token to host device 12 and administration device 30. In this case, it may be necessary to include information in the first message forwarded to administration device 30 specifying the type of token, i.e., informing the administration device 30 that virtual token 26 allowing for the above-described configuration of reader device 10 is connected instead of a physical token 20, which generally would not be addressed in the same manner as virtual token 26. However, it may also be possible that controller 22 emulates virtual token 26 by essentially simulating a token being connected to reader device 10, despite the fact that no physical token 20 is connected. For example, controller 22 could perform a mapping between virtual memory 28 of such a virtual token 26 and the portion of memory 14 storing the configuration settings. Administration device 30 may then forward appropriate write commands for writing data into virtual memory 28 of virtual token 26, which data is then written into the appropriate portion of memory 14 using the mapping.
It may be advantageous that controller 22 is further configured to, in response to a detection that a physical token 20 is connected to reader device 10 while virtual token 26 is emulated, transmit a second message indicating that virtual token 26 is no longer connected to reader device 10 to host device 12. This message can then be forwarded to administration device 30, and an administrator will be informed that currently no configuration of reader device 10 is possible. In this case, the administrator may initiate corresponding measures allowing for a configuration of reader device 10 in case that this is necessary (for example, informing an on-site operator or user that physical token 20 should be removed), or plan accordingly to update reader device 10 at a later time in case the update is not absolutely necessary.
In some applications, it may also be desired by an end user or an institution to selectively activate or deactivate the possibility for remote configuration of reader device 10. For example, an appropriate input or interface may be provided, which allows for selective activation or deactivation based on the user selection. This could be, for example, a physical button, or a software configuration setting which can be used on host device 12 to deactivate emulation of virtual token 26 by reader device 10. In some embodiments, the configuration data stored in memory 14 may include data indicating such a user selection. It will be appreciated that, in case the emulation has been deactivated, and the corresponding configuration data is stored in memory 14, a local reconfiguration will be necessary in order to again activate the possibility of emulation and remote configuration.
As mentioned above, in some applications, for example, smart card applications, controller 22 may be configured to receive a first set of commands in accordance with a first standard (for example, PC/SC) via first interface 16, and forward the first set of commands to physical token 20 when physical token 20 is connected via second interface 18, and the at least one command sent to the virtual token may conform to this first standard and may be executed by controller 22 emulating virtual token 26. In other words, the standard commands used to address a smart card can be used to address reader device 10 instead, and can be executed by controller 22 instead of being passed on to a physical smart card connected to reader device 10. In this example, controller 22 may also be configured to receive a second set of commands outside of the first standard via first interface 16, and execute the second set of commands to modify the configuration data stored in the memory 14 when the physical token 20 is connected via second interface 18. For example, the second set of commands may correspond to the extended commands of the PC/SC standard which can be used to directly address reader device 10.
As previously mentioned, the above-described reader device 10 in accordance with the present disclosure can be advantageously used in connection with a centralized management of a plurality of reader devices using a central administration device 30, as shown in
As shown in
In some embodiments, administration device 30 may further be configured to receive a third message indicating that a physical token 20 is connected to an associated host device 12, as shown in
With the above-described reader device and system for managing a plurality of such reader devices, an efficient and reliable, in particular remote administration of reader devices becomes possible.
An exemplary method of configuring a reader device in accordance with the present disclosure will be described in the following. In a first step, it is detected (for example, by controller 22) that no physical token 20 is connected to a reader device 10. In response to this, a virtual token 26 is emulated, and a first message indicating that virtual token 26 is connected to reader device 10 is transmitted to host device 12. Here, it will be appreciated that the steps of detecting that no physical token is connected, and emulating a virtual token and transmitting the first message are performed by reader device 10, in particular, controller 22 of the same.
In a subsequent step, reader device 10 also receives at least one command addressing virtual token 26 from host device 12. Said at least one command is generated, for example, by central administration device 30 in the manner described above. Further, the method includes modifying the configuration data stored in memory 14 of reader device 10 in accordance with the at least one command. As described above, the step of modifying is performed by controller 22 of reader device 10, by writing the configuration data into memory 14 in the appropriate manner.
While the above-identified steps are performed by reader device 10, it will be readily appreciated that any number of additional steps will be performed by host device 12 and administration device 30, where appropriate or necessary. For example, it will be readily appreciated that the method includes forwarding the first message received from reader device 10 to administration device 30 via host device 12. Likewise, the method includes the step of generating the at least one command by administration device 30, in particular, management application 32 running on the same. This may be done based on reader information received from reader device 10 together with the first message. Then, the generated at least one command will be forwarded from administration device 30 via host device 12 to reader device 10, which emulates virtual token 26. Of course, it will be readily appreciated that any number of additional steps can be included, in accordance with the previously described further aspects of the reader device and the system in accordance with the present disclosure.
It will also be appreciated that a computer program comprising computer-executable instructions which, when executed by a controller of a reader device 10, cause the controller to perform at least some of the steps of the above-described method is also an advantageous embodiment of the present disclosure. For example, such a computer program could be configured as a firmware update for existing reader devices 10. In other words, an administrator could perform a first update of a configuration of reader device 10 with the firmware update, for example, locally, to thereby allow the updated reader device 10 to perform the emulation described above. Subsequently, any updated reader device may then be configured remotely. In this respect, it will also be appreciated that a computer program product storing the computer program may be distributed to owners or operators of existing systems in order to allow the above-mentioned update and/or configuration.
It will be appreciated that the foregoing description provides examples of the disclosed systems and methods. However, it is contemplated that other implementations of the disclosure may differ in detail from the foregoing examples. All references to the disclosure or examples thereof are intended to reference the particular example being discussed at that point and are not intended to imply any limitation as to the general disclosure.
Recitation of ranges of values herein are merely intended to serve as a shorthand method for referring individually to each separate value falling within the range, unless otherwise indicated herein, and each separate value is incorporated into the specification as if it were individually recited herein. All method steps described herein can be performed in any suitable order, unless otherwise indicated or clearly contradicted by the context.
Although the preferred embodiments of the present disclosure have been described herein, improvements and modifications may be incorporated without departing from the scope of the following claims.
| Number | Date | Country | Kind |
|---|---|---|---|
| 20217596 | Dec 2020 | EP | regional |
| Filing Document | Filing Date | Country | Kind |
|---|---|---|---|
| PCT/EP2021/087202 | 12/22/2021 | WO |
| Publishing Document | Publishing Date | Country | Kind |
|---|---|---|---|
| WO2022/144261 | 7/7/2022 | WO | A |
| Number | Name | Date | Kind |
|---|---|---|---|
| 5679945 | Renner et al. | Oct 1997 | A |
| 6516357 | Hamann et al. | Feb 2003 | B1 |
| 6941285 | Sarcanin | Sep 2005 | B2 |
| 7369982 | Leaming | May 2008 | B2 |
| 7748636 | Finn | Jul 2010 | B2 |
| 7900253 | Wendling et al. | Mar 2011 | B2 |
| 7900830 | Tran | Mar 2011 | B2 |
| 7908216 | Davis et al. | Mar 2011 | B1 |
| 7924825 | Dowling et al. | Apr 2011 | B2 |
| 7971238 | Pan et al. | Jun 2011 | B2 |
| 8700827 | Capomaggio | Apr 2014 | B2 |
| 8745754 | Bhaskar et al. | Jun 2014 | B2 |
| 9439220 | Levy et al. | Sep 2016 | B2 |
| 9483417 | Plüss et al. | Nov 2016 | B2 |
| 9710804 | Zhou et al. | Jul 2017 | B2 |
| 10147086 | Teuwen et al. | Dec 2018 | B2 |
| 10169754 | Charrat et al. | Jan 2019 | B2 |
| 10402216 | Bell | Sep 2019 | B1 |
| 10462647 | Chen et al. | Oct 2019 | B2 |
| 10475026 | Friedlander et al. | Nov 2019 | B2 |
| 10664941 | Osborn | May 2020 | B1 |
| 20110283002 | King | Nov 2011 | A1 |
| 20120178366 | Levy et al. | Jul 2012 | A1 |
| 20130200999 | Spodak et al. | Aug 2013 | A1 |
| 20130281055 | Patefield-Smith | Oct 2013 | A1 |
| 20150134540 | Law et al. | May 2015 | A1 |
| 20150288684 | Schneider | Oct 2015 | A1 |
| 20180007059 | Innes et al. | Jan 2018 | A1 |
| 20190034912 | Wilson | Jan 2019 | A1 |
| Number | Date | Country |
|---|---|---|
| 101821715 | Jul 2014 | CN |
| 115280310 | Nov 2022 | CN |
| 1330770 | Jul 2003 | EP |
| 3132404 | Feb 2019 | EP |
| 4024242 | Aug 2023 | EP |
| 2555401 | May 2018 | GB |
| 2000194660 | Jul 2000 | JP |
| 2001500999 | Jan 2001 | JP |
| 2011238138 | Nov 2011 | JP |
| 2017054350 | Mar 2017 | JP |
| 6625105 | Dec 2019 | JP |
| 2023520842 | May 2023 | JP |
| 7420961 | Jan 2024 | JP |
| WO-0193212 | Dec 2001 | WO |
| WO-0196990 | Dec 2001 | WO |
| WO-0239369 | May 2002 | WO |
| WO-2010061068 | Jun 2010 | WO |
| WO-2020052753 | Mar 2020 | WO |
| 2022144261 | Jul 2022 | WO |
| Entry |
|---|
| “German Application Serial No. 20217596.4, Office Action mailed Aug. 14, 2023”, with English translation, 3 pages. |
| “Japanese Application Serial No. 2022-554460, Notification of Reasons for Refusal mailed Sep. 19, 2023”, with English translation, 6 pages. |
| “Canadian Application Serial No. 3,171,057, Office Action mailed Oct. 30, 2023”, 5 pgs. |
| “Australian Application Serial No. 2021412311, Response filed Nov. 23, 2023 to First Examination Report mailed May 4, 2023”, No Amendments to Claims, 59 pgs. |
| “Japanese Application Serial No. 2022-554460, Response filed Dec. 13, 2023 to Notification of Reasons for Refusal mailed Sep. 19, 2023”, with English claims, 7 pages. |
| “Canadian Application Serial No. 3,171,057, Voluntary Amendment Filed Sep. 8, 2022.”, 8 pgs. |
| “Mexican Application Serial No. MX a 2022 011293, Office Action mailed Sep. 19, 2022”, with machine English translation, 7 pages. |
| “Korean Application Serial No. 10-2022-7031400, Voluntary Amendment Filed Sep. 8, 2022”, with English claims, 41 pages. |
| “Japanese Application Serial No. 2022-554460, Voluntary Amendment Filed Oct. 17, 2022”, with English claims, 10 pages. |
| “Australian Application Serial No. 2021412311, Voluntary Amendment Filed Oct. 18, 2022”, 10 pages. |
| “Australian Application Serial No. 2021412311, First Examination Report mailed May 4, 2023”, 3 pgs. |
| “International Application Serial No. PCT EP2021 087202, International Preliminary Report on Patentability mailed Jul. 13, 2023”, 7 pgs. |
| “European Application Serial No. 20217596.4, Extended European Search Report mailed May 27, 2021”, 5 pgs. |
| “International Application Serial No. PCT/EP2021/087202, International Search Report mailed Mar. 23, 2022”, 4 pgs. |
| “International Application Serial No. PCT/EP2021/087202, Written Opinion mailed Mar. 23, 2022”, 5 pgs. |
| “Module 1: Smart Card Fundamentals”, Smart Card Alliance Certified Smart Card Industry Professional (CSCIP) Accreditation Program, (Oct. 8, 2010), 66 pgs. |
| “Smartcards and contactless smartcards—Integrator's and Implementer's Guide”, Springcard SAS, (2018), 128 pgs. |
| Chamara, P.M.I., et al., “Contactless Enabled Payment Solution”, Final Year Project Report, Project Group 8, U. of Moratuwa, Sri Lanka, (May 15, 2015), 58 pgs. |
| Number | Date | Country | |
|---|---|---|---|
| 20230039085 A1 | Feb 2023 | US |
