Home > Licensing > Applications Patents
ISO 14443 B Patents
Application Patents
Masked Components



Application Patents

The application patents is a family of two patents:

Session Patent (Secure and indivisible Session)

The secure session performs simultaneously:
• the authentication of the card,
• the authentication of the terminal,
• the authentication of all the data exchanged during the session,
• the proof that the card modifications have been correctly done.

These operations are done with a Triple DES based algorithm ensuring a very fast transaction. This is particularly important when using the card with a contactless reader.

All the data modification commands given during the session are automatically cancelled if the final authentication fails, or is not done.
Thus, the session mechanism ensures that either the modifications made during the session are all completely and correctly done, or that none are done. If the session is not successfully closed (because of a bad signature, a card error, an unexpected shut down, etc.), then all the modifications done during the session are cancelled.

The secure session is used in the Calypso standard as well as in the DESFire and Cipurse products.

Furthermore, in the Calypso standard, a special feature, named the “ratification”, allows the ground validator to handle gracefully a possible communication link problem.

Ratification Patent (Interrupted transaction management)

During any communication, it may happen that the link be broken unexpectedly. This is particularly true in contactless communication, where the card may be taken out of the validator radio field during normal use, and before the transaction completion.

The secure session is a very efficient mean to solve this problem, as an interruption before the session closing will cancel all the modifications done to the card, leaving it in the same state as it was before the session. For example, if a counter must be decreased and a network entrance event must be recorded at the same time in the card, the session mechanism will ensure that either both are completed or that none is done.

However, after the end of the session, and the validation of the changes by the card, the acknowledge (including the card signature) must still reach the validator. If the communication link is broken between the session closing, and the good reception of its acknowledge, the validator has no proof that the card is legitimate and that the transaction succeeded. In this case, the user might have paid, or have its transport rights decreased, and not be allowed entrance in the network.

The usual solution to this problem involves a complex mechanism in the validator, which must remember the cards that might fall in this case, and handle them properly if they are presented again soon after. The problem is even more complex in transport networks, where many validators may control the same network gate, and where the user might be tempted to try another validator if the previous one failed to open the gate.

To allow the user to enter the network without paying twice, while avoiding this very complex management in the validators of a network entrance or exit, the ratification mechanism was invented.


Patent Summary

App. Number

App. Date


Expiry date

Modifications indivisibles

Writing all the new data without erasing the previous data, and validation of all the new data at the end of the session



FR 98 04453



Registering in the memory of the portable object a ratification bit according to whether or not the transaction has been completed after debit with the delivery of the counterpart service and, at the next transaction, delivery of the counterpart service with or without debit according to the state of the ratification bit



FR 98 12770



[ Back to Top ]




The Calypso Card Specification

Calypso Functional Specifications