Browse Prior Art Database

Terminal User Program Validation

IP.com Disclosure Number: IPCOM000034672D
Original Publication Date: 1989-Apr-01
Included in the Prior Art Database: 2005-Jan-27
Document File: 1 page(s) / 11K

Publishing Venue

IBM

Related People

Baumhauer, V: AUTHOR [+3]

Abstract

In terminals with a loadable application program, it is frequently necessary to test the authenticity of the loaded program. In other words, it is essential for some applications, such as EFT/POS (electronic fund transfer at point of sale) or electronic banking, that only authorized application programs be stored and executed by the safety relevant terminal. For loading the application program into the terminal, a modification detection code (MDC) is used. This code is generated when the application program is released or tested. The MDC is also used to verify the application program in the terminal. For that purpose, the MDC is loaded into the terminal prior to the application program. Loading of the MDC necessitates knowledge of a cryptographic code or password which is essential for the terminal functions.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 100% of the total text.

Page 1 of 1

Terminal User Program Validation

In terminals with a loadable application program, it is frequently necessary to test the authenticity of the loaded program. In other words, it is essential for some applications, such as EFT/POS (electronic fund transfer at point of sale) or electronic banking, that only authorized application programs be stored and executed by the safety relevant terminal. For loading the application program into the terminal, a modification detection code (MDC) is used. This code is generated when the application program is released or tested. The MDC is also used to verify the application program in the terminal. For that purpose, the MDC is loaded into the terminal prior to the application program. Loading of the MDC necessitates knowledge of a cryptographic code or password which is essential for the terminal functions. In addition, entry of the cryptographic code or password may require a key for a safety lock, which signifies that the user of the key is its legitimate owner. The data terminal has a function for displaying the MDC on the built-in screen and for testing which application program is currently loaded. The MDC is a 16-byte, non-secret value which is based on a cryptographic algorithm known as DES (Data Encryption Standard). The proposed method warrants the integrity and legitimacy of application programs loaded into a terminal.

1