FR2638002A1 - Personalising method for microcomputer cards and system for implementing it - Google Patents

Abstract

The personalising method for a user card 1 with incorporated microcomputer, allowing the user of each of the said cards to have access to a set of services, consists in combining personalising data supplied by acquisition means with predetermined data contained in one or more acreditation cards 2 with a microcomputer incorporated, in order to obtain personalising codes and to transfer them into the said user cards 1 after processing by control and processing means 4. Use for the personalising of multi-service cards with incorporated microcomputer and especially for access control.

Description

 The present invention relates to a personalization method for a set of user cards with an integrated microcomputer, allowing the user of each of these cards to access a set of services.

 The invention also relates to the system implementing the method.

 Many industrial and administrative sites must be subject to particularly rigorous security and protection measures because of their strategic nature or the confidential nature of the cases dealt with there. In addition, the geographic extent of these sites, the diversity of people and functions make the control of physical access to these sites complex and its management difficult.

 In addition, the development of numerous services within companies and administrations for the benefit of their employees, such as flexible hours, catering, social and cultural services is creating increasing needs for means of control. 'access to these services and management. These means must be both flexible and easy to use while ensuring a very high level of security, particularly with regard to the physical access control service.

 To perform these functions, cards are already known comprising magnetic strips fixed on a plastic support of rectangular shape. These tapes store information specific to the service concerned, which are read and written by inserting said cards into magnetic read / write devices.

 This type of card has several significant drawbacks: experience has shown that magnetic cards are falsifiable, the information contained in the magnetic medium can be read by means that are now well known.

 In addition1 they are very often associated with only one service, for example the access control service or the catering service.

 Even if, in general, a personal code must be provided by the holder of a magnetic card to obtain the execution of the service, the fact that it is possible to falsify the card considerably reduces the effective level of security and protection and obliges to strengthen additional controls, in the case of access control. In addition, taking into account distinct levels of protection such as the selection of geographic zones and time zones is difficult to achieve, in a 11multiservice context "with the technology of the magnetic card which is presented with respect to the various devices of control (read / write) as an essentially passive element, certainly storing information but unable to interpret and control information from outside.

 A fundamental advance towards the achievement of the aforementioned objectives is the development of cards with an integrated microcomputer, produced from the teaching of French patents 2 266 222, 2 311 365 and 2 311 360.

The integrated microcomputer card has the major advantage over the magnetic card of being programmable both during its manufacture (using a mask, such as the mask IV developed by the company BULL) and during its use. For this, a self-programmable monolithic microcomputer has been developed which, when powered, can modify its own program without the need for external intervention. This microcomputer combines a microprocessor and a memory which in fact divides into three physically distinct memories.
- a volatile memory which is used temporarily during the operations involving the card,
- a permanent memory for information collected during the life of the card, divided into zones whose write and read access is selectively protected.

 The structure and operating mode of the cards with built-in microcomputer make them particularly suitable for use in a multiservice context with personalized access control.

Indeed, the permanent memory of the microcomputer incorporated in each card can accommodate as many memory zones as there are services to be managed, within the limit of its capacity. The ability of the microcomputer to be able to modify its own content of permanent memory is accompanied by the impossibility for an external device to intervene in this programming, any repeated attempt at violation resulting in a blocking of the card. This characteristic allows a very high level of security.

In addition, the presence of the microcomputer and its computing capacity "rebalances" the exchange relationships between the card and the external control devices (read / write). Part of the information is held by the card which also has a very strong encryption game.

 However, a direct application of this type of card in a multiservice management system comes up against the problem of the initial allocation of information, sometimes with a high level of confidentiality, to a set of cards which is then distributed to the set carriers. Indeed, a weak link in the security of an embedded microcomputer card device lies in the first phase of the "life" of these cards during which the information necessary for their use and the creation of the various services is entered into the memory of the microcomputer. This phase corresponds to the personalization of each card in a batch of "blank" cards initially containing only the program produced by mask. The manager of a microcomputer card system must therefore avoid at all costs that a batch of cards blanks could be fraudulently programmed (format, creation of services). This would have the consequence of putting into service cards that are strictly compatible and conform to the multiservice management system but held by unauthorized holders and would destroy any effort to find security for the services.

 Another pitfall lies in the absolute need to "partition" services within the same card.

Thus, an inadvertent modification of the parameters of the physical access control service, during an elementary operation of management of the catering service, could for example have serious consequences, by inadvertently and accidentally authorizing access to reserved areas or vice versa by prohibiting any access to the site. The creation and management of the various services cohabiting within the same card must be carried out in a context of strict separation of the skills and attributions of the service providers brought to manage the information contained in said card.

 The aim of the present invention is to solve these difficulties in the context of a personalization process for a user card with an integrated microcomputer, allowing an operator to associate with such a user card, the selective use of a set of services and in particular an access control service.

 According to the invention, this method is characterized in that it consists in combining personalization data supplied by input means with predetermined data contained in one or more authorization cards with incorporated microcomputer to obtain, after processing by control and processing means, personalization codes and transfer them to said user card.

Thus, the fact of having to combine data transmitted by an operator, from the keyboard of a microcomputer for example, with predetermined data contained in at least one authorization card makes the personalization of user cards subordinate to possession of these authorization cards which are generally protected in reading, and thus guarantees a high level of security. According to an advantageous version of the invention, the personalization process comprises the following steps
a step of formatting each of said user cards, to structure the memory space of each incorporated microcomputer, followed by a step of creating in each user card, a set of services accessible by said user card, according to a predetermined choice made from said set of services, each of said steps consisting in combining personalization data supplied by input means with predetermined data contained in one or more authorization cards with incorporated microcomputer, for obtain, after processing by control and processing means, personalization codes and transfer them to the microcomputer of said user card to be personalized.

 Thus, the four stages of the personalization method according to the invention make it possible, from a batch of cards containing, after manufacture, only a basic program produced by mask, to obtain a set of personalized cards, the Permanent storage memory contains identification information and data specific to each service. This process is carried out with maximum security since it requires at each of its stages the possession of an authorization card specific to an application, to a site, to a customer, thus ensuring a diversification of the stages of personalization.

According to another aspect of the invention, the security system by personalization for user card with incorporated microcomputer, implementing the method according to the invention, comprises
- a set of authorization cards each incorporating a microcomputer containing specific and distinct predetermined data,
reading and writing means for a card with an integrated microcomputer,
- control and processing means, such as a microcomputer, connected to said reading and writing means, to ensure the entry of personalization data and their processing by the successive combination, in a predetermined order, of said control means and processing with each of said microcomputers incorporated in said authorization cards.

 Thus, the personalization of all the cards has the characteristic of being in a way decentralized and diversified insofar as it is no longer a single control and processing unit which ensures the programming of the cards to be personalized but in fact a set of preprogrammed microcomputers incorporated in accreditation cards, each containing part of the data necessary for personalization.

These are linked successively with the control and processing unit, for example a microcomputer, and cooperate with the latter for the processing of data supplied by the operator and the personalization of each of the cards in the set. cards to personalize.

 This decentralization of the processing functions and of the data necessary for these processing operations, which are thus distributed between several independent preprogrammed microcomputers, allows a high level of security in the personalization operations with the system according to the invention. An operator must have all the authorization cards to be able to carry out the different personalization operations, knowing that each of the authorization cards contains a piece of the "puzzle" that the personalization function can represent when it must provide a high level of security.

Other features and advantages of the invention will become apparent in the description below. In the accompanying drawings, given by way of nonlimiting examples
- Figure 1 is a block diagram of the personalization system according to the invention
FIG. 2 shows the structure of the memory space of the microcomputer incorporated in each card, at the end of the personalization,
FIG. 3 illustrates the essential aspects of the diversification induced by the personalization system: diversification of sites and services,
FIG. 4 is the simplified flow diagram of the personalization method according to the invention,
FIG. 5 illustrates the division into sub-steps of the formatting step,
FIG. 6 is the flow diagram of a step for creating a service,
- Figure 7 illustrates a practical embodiment of the steps of formatting and service creation of the method according to the invention.

 The security system by personalization S represented in FIG. 1 comprises a set of authorization cards 2, with incorporated microcomputer, control and processing means 4 preferably consisting of a microcomputer, reading and writing means 3 of cards with built-in microcomputer, printing means 11, means for storing 12 of specific data of the different personalization operations, means for stamping 10 and means for embossing 13 of the cards. Digital links 14, 15, 16 provide the respective connections of the printing means 11, reading and writing 3, and stamping 10 or embossing 13, with the control and processing means 4.

 The personalization system S is intended to process a set of user cards 1, with incorporated microcomputer from the same batch. This set of cards was subjected, during its manufacture, to a pre-personalization operation which has the essential role of creating a manufacturing key and giving a unique serial number to each card. An effective realization concerns the personalization of cards branded "CLEMATIC CP8" equipped with a microcomputer containing the mask program 4 of BULL CP8. In this embodiment, control and processing are provided by a PC type microcomputer. The writing and reading of cards are carried out by means of readers 3, preferably two in number.

 The set of enabling cards 2 includes a format setting card 2a intended for carrying out the first stage of personalization of the set of cards 1 (which consists in structuring the memory space of each of the incorporated microcomputers in said cards), a batch of service creation cards 7,1, ... 7.N, a batch of service exploitation cards 8.1, ... 8.N and a maintenance card 9 which in a preferred version of the invention is common to all of the services created.

The first step in the personalization process consists in structuring the memory space of the microcomputer 6 of each user card belonging to the set of use cards 1. FIG. 2 illustrates the different zones Z, A, C , T, TC, L,
F thus created.

 A secret zone Z includes the manufacturing key supplied during the initial "prepersonalization" operation, an "emitter" key and a first "carrier" key, as well as a secret game. At the end of the format step, the write and read access to this secret zone Z is prohibited and made impossible by construction of the microcomputer incorporated in each card. It is however possible to write a second "carrier" key later.

 The access memory area A is used to store the protected accesses authorized by the card. Any access to a protected zone of the card destroys one or more bits of the access memory A. The state of this zone makes it possible to block the card after presentation of either a false transmitter key or a predetermined number of keys successive erroneous carrier. The access memory area A therefore fills up as the card is used. At the end of the format step, access to this area is prohibited in writing and protected in reading.

 Confidential zone C allows the service provider to enter confidential data specific to a service. Access is prohibited in writing and protected in reading at the end of the format step.

 The work area T is intended to receive as many blocks of services T1, ..., TN as of services SI, ..., SN created during the initial stage or subsequent stages of creation of services. A field TC belonging to the work area T groups together the information common to all of the services, such as the identity of the client and the identification of the card holder.

 The free zone L is intended to receive codes specific to the secret game contained in the secret zone S.

Access to these codes is prohibited in writing but free in reading.

 The manufacturing zone F, of structure inherent in the type of manufacturing of the microcomputer card considered (in the example described, the mask 4 of BUhL CP8) includes all the data making it possible to locate within the space of the card . Its access is free in reading and prohibited in writing.

 The role of the personalization security system according to the invention is to provide user cards with an integrated microcomputer providing several services on the same support. The diversifications brought by this personalization system are carried out on several levels. First of all, each client (for example a company, an administration) C1, C2, ... C1, with reference to FIG. 3, will have a set of personalized cards.

 Then, within the C1 company or industrial site, several local Sil.1 S1.P sites will be distinguished and identified. This represents one of the essential services targeted by the invention, namely, the access control service. One or more authorized access sites are associated with each of the cards of the set of user cards 1 during the initial or subsequent personalization process. To this geographical selection is also added a temporal selection which will be described later.

Finally within an industrial or administrative entity Cl1 ..., CN, a set of services Sl.1
S1N; S2.1, ... S2.N; SP.1, ... SP.N; will be selectively available to the holders of user cards 1 which will have been previously processed by the personalization system according to the invention.

 It is therefore easy to see the level of flexibility and protection provided by the concept of "multiservice" cards made possible by this personalization system.

The personalization process implemented in the system according to the invention comprises several stages, the articulation of which is illustrated by the flowchart in FIG. 4. The first stage is the stage of formatting
EF during which the memory space 6 of the microcomputer of the card to be personalized is structured, as has been described with reference to FIG. 2. It includes, with reference to FIG. 5, a step of definition EF1 of the size of the zones memories Z, A, C, L, T of memory space 6 of the start address of each of these zones,
a step of allocation EF2 of the protection mode of the working area T,
a step of creation EF2 of the secret data of the card in zone Z of the memory space 6, by diversified reading of the authorization card 2a,
- And a step of registration EF3 of data in the confidential zone C and in the free zone L.

During this registration step EF4, the operator defines the data which will subsequently be entered by the control and processing means 4 for all or part of the batch of cards to be personalized. Confidential data, optional, as well as general data, mandatory, are written in the secret Z, confidential C and free zones.
L.

 Next comes a creation step EC during which each service provider S1, ..., SN uses the system according to the invention directly or indirectly to create a service block T1, ..., TN in the work area T of the memory space 6 of the microcomputer of the card to be personalized, during the respective sub-steps ECl, ... ECN. This stage can of course have a very variable duration and lead to the creation of a variable number of services, according to the needs of the customer holding the batch of user cards 1. In addition, it is not necessary to prejudge the number and nature of the services that will be created during the life of each user card.

The step EC itself comprises, see FIG. 6, a succession of steps for creating services EC1, ... ECN, associated with a set of services S1, ..., SN with reference to FIG. 6. completion of each of these stages is conditioned by the possession of an authorization card 7.1, ..., 7.N which, combined with the control and processing means 4 and with the reading and writing means, authorizes the following substeps:
- the registration SEI1 ... SEIN of an identification number of the service block T1 ... TN,
- creation of SEC1 ... SECN of said service block
T1 ... TN within the working area T of the memory space 6,
- writing data to the TC memory area which groups the information common to the services.

 At the end of the creation step EC, begins the operating phase of the services S1, ... SN, called the operating step EE.

This step does not present a sequential sequence unlike the previous steps. There is indeed a possible relocation of the operation of the different services, in space and in time. Each service provider can have personalization means equivalent to the personalization system
S according to the invention, and of the authorization card 8.1, 8.N specific to the Ground service, ... SN considered.

There are thus as many stages of operation of services EE1, ... EEN as of distinct services S1,
SN and these stages take place globally in any order and in diverse sites. Within each of the operating stages, the following sub-stages are distinguished
El: a step of writing the identification of the card holder, in the common information area
TC,
E2: a step of writing information specific to the service S1, ... SN considered in the memory block T1 ... TN,
E3: a step of extending said service S1,
SN by chaining of a new block T1, ... TN,
E4: a step of reading the data of said service S1, ... SN and the common information respectively in the service blocks T1, .. TN and in the common information area TC,
E5: an optional reading step1, of data associated with audits service S1, ... SN in confidential area C.

 The substeps E1, E2, E3, E4 and E5 can be carried out in any order and according to the requirements of the service S1,..., SN considered.

 An advantageous version of the security system by personalization consists in defining a set of single authorization cards CE1, ..., CEN ensuring 9 both the authorization of the operations of creation and exploitation of the services S1, ... SN , and thus corresponding to the "fusion" of the batch of creation cards 7.1, 7N and the batch of exploitation cards 8.1, ... 8N.

 The personalization security system according to the invention ensures the maintenance of the batch of user cards 1 during the operating period of the services S1,... SN.

 A built-in microcomputer card generally includes a memory access area A, as described above with reference to FIG. 2.

 This zone records the number of protected operations, legal or illegal.

 The number of operations allowed is generally limited to a predetermined number during manufacture. In addition, it may be necessary to read the data from a card during operation.

 The maintenance operations are grouped together in a maintenance stage EM, the execution of which is conditioned by the possession of a maintenance card 9 belonging to the batch of authorization cards 2.

 In an advantageous version of the invention, this card provides maintenance for all of the services S1, ..., SN, in combination with the control and processing means 4 and the read and write means 3.

The operations that can be performed on a card subjected to maintenance during the EL maintenance stage are
the reading of the data in confidential area C of the memory space 6 of said card,
- reading of data in free zone L,
- the identification of the services S1, ... SN present on said card,
- reading of common information SI,
SN, in the known information block TC,
- writing, if necessary, the identification code of the holder of said card.

The maintenance step further comprises operations on the state of the microcomputer incorporated in the card subjected to maintenance, such as
the determination of the rate of use of the access memory A of said card, when the latter is of the memory type with limited number of accesses,
- recycling the card after blocking,
- its invalidation.

An advantageous version of the method according to the invention includes, in the maintenance step described above, the possibility of substituting for the first "carrier" key, a second "carrier" key in the secret zone Z of the memory space 6. Another embodiment of the system according to the invention consists in distributing as many maintenance cards 9.1, ... 9.N as there are services S1,
SN. Each service provider then has a card which, in combination with the control and processing means 4 and the reading and writing means 3, enables them to perform the maintenance functions specific to the service in question and the functions maintenance concerning the state of the card (blocking, invalidation, for example).

 Computer personalization of the batch of user cards 1 which has just been described is generally associated with physical personalization of each of the cards 1, comprising the printing of a logotype on the plastic support of the card, in general at at the time of its manufacture, and the inscription of alphanumeric characters identifying the card and the carrier which can be produced either by stamping or by embossing.

To this end, a preferred version of the security system by customization according to the invention comprises a card stamping machine, directly connected to the control and processing means 4. It is just as possible to use a machine for embossing cards, also linked to the means of control and processing. In an effective embodiment of a personalization system in accordance with the invention, these machines are connected by serial link of RS 232 type to the microcomputer of PC type which embodies the aforementioned control and processing means 4.

 We will now explain, with reference to FIG. 7, the operation of the system 5 when it is implemented in a preferred version of the invention, such as that described in FIG. 1.

 In this preferred version, the control and processing means 4 comprise a microcomputer of the PC compatible type provided with a floppy disk drive and a hard disk with a minimum capacity of 10 megabytes.

 The microcomputer 4 is connected to a printer 11 by a parallel link 16 and to two readers adapted to the card format used in this version, namely the CLEMATIC CP8 format <by a serial link 14. A stamping machine 10, linked by link series, complete the personalization system S.

 The entire personalization process according to the invention is materialized by personalization software. This software, initially stored on floppy disks but which can be permanently transferred to the hard disk associated with the microcomputer 4, is designed to be used in interactive mode in combination with the batch of authorization cards 2 and the batch card 1a. A succession of "menus" is therefore displayed on the screen, each of the menus corresponding in a way to a proposal for customization steps and options offered to the operator.

When the microcomputer 4 and its peripherals 11, 3, 10 are switched on and after the personalization software has been loaded, a main menu is displayed on the microcomputer screen, offering the functions, formatting, creation, operation, maintenance, which are the IT realization of the four main stages
EF, EC, EE and EM of the personalization process according to the invention.

 The operator's choice of the "format" function results in a request for successive insertions of the batch card 1a, of the layout card 2a, and of each of the cards to be personalized belonging to the batch of user cards 1 in the readers 3, with reference to FIG. 7.

 The insertion order is specified by the interactive software which also indicates to the operator the data to be entered on the keyboard of the microorator 4. This involves, in the format step, the definition of the existence of data, whether or not they are common to the set of user cards 1, as described above.

 At the end of this step, it is possible to edit the characteristic data of the format (identification of the card and of the bearer, personal code) by the printing means 11. The document thus obtained has a confidential nature .

 A service particularly targeted by the present invention is the physical access control service S1 for which access zones and time zones are defined, determining the access rights of the card holder.

 The creation of an access control service on one or more cards of a batch of user cards 1 requires choosing the "creation" option from the main menu.

 After inserting, into one of the readers 3, the creation card for the access control service 7.1 belonging to the batch of authorization cards 2, the operator is then led to define, following the instructions issued by the software interactive installed in the control and processing means 4, the existence of data to be entered on the set of user cards 1 and in particular the common nature of this data on all or part of the set of user cards user 1.

The operator then provides the identity of the customer, the identification of the bearer, the validity dates and the access rights which are determined by combining information gathered beforehand concerning the access areas, and authorized time. At the end of this step of creating the service, it is possible to perform an edition of the data characteristic of the creation of the service by the printing means 12, and to carry out the stamping of the personalized cards, by the means of stamping 10.

 The creation of the physical access control service If on one or more user cards can be followed by the creation of other services S2, ..., SN, on all or part of said cards.

 The cards thus personalized (format and creation of services) are then given to the holders designated as holders of said cards.

 They then use the services created in their respective cards.

 For example, within an industrial site, an employee may hold a personalized card offering physical access control services and flexible hours, while another employee will have a card which also offers catering and telecommunication service. In addition, for a given service, two cardholders may be offered different services; thus, in the case of the physical access control service, when the service block is created, different access rights (access zones, time zones) can be defined. Each service provider is required, during the operating phase of a service, to perform management operations on the cards of the users of said service. Thus, the person responsible for the physical access control service to an administrative site or industrial can perform five service management functions, using the personalization system according to the invention, in combination with the creation card 7.1.

A "service management" menu offers the operator
the visualization of the physical access control service block within the memory 6 of the microcomputer of the personalized card subjected to the management or exploitation operation,
- entering new access rights,
- cancellation of access rights,
- entering validity dates,
- entering the identities of the bearer and the client.

 The provider of the physical access control service can thus update the rights of each card holder at any time, which allows great flexibility for this service.

 An essential function in any high-tech system with a complex structure is the maintenance of the batch of personalized cards.

 These two functions are provided by the system according to the invention.

 We can cite many situations justifying these functions, including the defect of a card (inability to access a service), for example, blocking after several unsuccessful attempts, loss of personal code, decision to change him.

These maintenance and expertise functions can be performed centrally and cover all of the services. This is called multiservice maintenance. The operator responsible for maintaining the personalized cards inserts the multiservice maintenance card 9 belonging to the batch of authorization cards 2 into one of the two readers 3, and the card submitted for maintenance into the other reader. He chooses, on the main menu displayed on the screen of the microcomputer, the "maintenance" function. A specific menu then offers him a series of expertise operations and maintenance operations, among which,
- for 11 expert reports, the diagnosis of the computer status of the card tested, the search for the number of personal code presentations that the wearer can still carry out on his card (which corresponds to the state of the access memory area A, with reference to FIG. 2), the identification of the services present on the card tested and the reading of the general data stored in zone L of the memory of the microcomputer of said card,
- for maintenance, unlocking of the card, invalidation to make a card permanently unusable, searching for the personal code, changing it and entering new common data.

 At the end of the maintenance stage, the personalized card can then be returned to its holder for use in the various services selected or be withdrawn from the circuit when expertise has revealed the need.

 These expertise and maintenance functions can also be "decentralized" and entrusted to each service provider who then has a specific maintenance card and must be equipped with a device equivalent to that used in the personalization system S, as described in figure 1.

 Of course, the invention is not limited to the examples described and shown and numerous modifications can be made to these examples without departing from the scope of the invention.

 Thus, the personalization method according to the invention can easily be adapted to ensure the personalization of devices with an integrated microcomputer carrying information, of material support other than that of a card, but which can have any other geometric shape provided that reading and writing means adapted to such devices can be achievable.

Claims (30)

 1. Personalization method for a set of user cards (1) with incorporated microcomputer, allowing the user of each of said cards to access a set of services (S1, ..., SN), characterized in that that this method consists in combining personalization data supplied by input means with predetermined data contained in one or more authorization cards (2) with incorporated microcomputer to obtain, after processing by control and processing means (4 ), personalization codes and transfer them to said user cards.  2. Personalization method according to claim 1, characterized in that it comprises the following steps  a step of formatting (EF) of each of said user cards (1), to structure the memory space of each incorporated microcomputer, followed by a creation step (EC) in each user card of a set of services (S1, ..., SN) accessible by said user card, according to a predetermined choice made from said set of services (SI, ..., SNX, each of said steps consisting in combining personalization data supplied by input means with predetermined data contained in one or more authorization cards (2) with incorporated microcomputer, to obtain, after processing by control and processing means (4), personalization codes and transfer them to said user card (I) to be personalized  3. Personalization method according to claim 2, characterized in that it further comprises, at the end of said formatting (EF) and creation (EC) steps, for one or more of said user cards (1),  - an operating step (EE) of said services (Si,. SN) created in the previous step, in which personalization data can be modified and supplemented, resulting in the transfer to said user cards (1) of new personalization codes associated with said services (S1, ... SN)  - And a maintenance step (EM) of said services (S1, ... SN).  4. Personalization method in accordance with one of claims 2 or 3, characterized in that the formatting step (EF) comprises the following steps:  a step of defining (EF1) memory zones (Z, A, C, L, T, TC) of the set (1) of user cards and of the start address of each of said zones,  a step of allocation (EF2) of the mode of protection of the working area (T) of each of said cards (1),  a step of creation (EF3) of secret data in secret zone (Z) of each of said user cards by diversified reading of the authorization card (2a) belonging to the set of authorization cards (2),  a step of writing (EF4) of data in the confidential (C) and free (T) areas of each of said cards, the completion of said formatting step (EF) being conditioned by the combination of the card authorization (2a) belonging to the set of authorization cards (2), with the reading and writing means (3) and the control and processing means (4).  5. Personalization method according to claim 4, characterized in that during the data recording step (EF4) data to be entered by the control and processing means (4), are defined for all or part of the cards of the set of user cards (1), and in that confidential data, of an optional nature and of general data of a mandatory nature are written in appropriate memory areas of each of the cards of said set of user cards (1).  6. Personalization method according to one of claims 2 to 5, characterized in that the creation step (EC) comprises a succession of steps (EC1, .... ECN) for creating services (SI, ..., SN), the completion of each of said stages being conditioned by the possession of a respective authorization card belonging to the set of authorization cards (7.1, 7. N) which, combined with the reading and writing means (3) and the control and processing means (4), authorizes the sub-steps within each of said steps (EC1, -..., ECN) following  - the registration (SEI1, ... SEIN) of an identification number of the service block (T1, .e., TN) associated with said service (S1, ... SN),  the creation of said service block (T1, ... TN) within the work area (T) of the memory of the microcomputer of each card of the set of cards (1) concerned,  - writing (SEE1, ... SEEN) of data in the memory area (TC), said common information field of the microcomputer of each card of said set of user cards (1).  7. Personalization method according to claim 6, characterized in that said creation steps (EC1, ..., ECN) are carried out in any order and at any time by the provider of said service (S1, ..., SN).  8. Personalization method according to claim 7, characterized in that the substep of creating a service block (SEC) comprises the following operations  - writing a block determinant, consisting of the juxtaposition of a service identification code (S1, .., SN) and the length in words of the block,  - writing information specific to the application of the service (S1, ... SN),  - reservation of a block chaining word.  9. Personalization method according to one of claims 2 to 8, characterized in that the operating step (EE1, ... EEN) of each of said services (S1, .. SN) is carried out independently by the various service providers (P1, ... PN) for said services (S1, .., SN), each service provider (P1, ... PN) holding an operating card (8.1, .., 8.N), belonging to the set of authorization cards (2) and includes the following substeps  El: writing, if necessary, of the identification of the bearer of each of the cards of the plurality of cards (1), in the memory area (L) of each of said cards (1),  E2: writing of specific information, to the service (S1, ..., SN) in the memory block (T1, ... TN) of each of said cards (1),  E3: extension of said service (S1, ... SN) by chaining of a new block (T1, ... TN),  E4: read data from said service (S1, SN) and information common to all of said services in the service blocks (T1, ... TN) and in the memory area (TC),  E5: optional reading of data associated with said service (S1, .. SN) in confidential memory area (C).  10. Personalization method according to one of claims 7 to 9, characterized in that information specific to said services (S1, ... SN) is written during the creation sub-steps (SEC1, ... SECN) and during the operating stages (EE1, ... EEN).  11. Personalization method according to claim 10, characterized in that said substeps (E1, E2, E3, E4, E5) of the operating step (EE1, ... EEN) associated with each service (S1, ... SN) are performed in any order and at any time by the provider of the said service (SI, ... SN).  12. Personalization method according to one of claims 7 or 9, characterized in that all of the operating cards (8.1, ... 8.N) and all of the creation cards (7.1,. .. 8.N) of the set of services (S1, ..., SN) forming a single set of cards (CE1, CEN) of the service package (S1, ..., SN).  13. Personalization method according to one of claims 2 to 12, characterized in that the maintenance step (EM) of said services (S1, ... SN) on a card belonging to the set of cards user (lr and having previously been formatted and provided with at least one service block (T1, ... TN) is common to all of said services (S1, ... SN) and includes at least l one of the following  - reading of data in confidential area (C) of the memory space (6) of the microcomputer of the card subjected to maintenance,  - reading of data in free area (L) of said memory space (6),  - identification of the services present on said card subject to maintenance,  - reading of information common to services (51, ... SM),  - writing, if necessary, of the identification of the bearer of said card subject to maintenance, the execution of said maintenance being conditioned by the combination of an authorization card (9), called multiservice maintenance, belonging to the set of authorization cards (2), with reading and writing means (3) and control and processing means (4).  14. Personalization method according to claim 13, characterized in that the maintenance step (EM) further comprises maintenance operations on the state of the microcomputer integrated in the card subjected to maintenance and belonging to the assembly. cards (1) having previously undergone the format (EF), creation (EC) and operation (EE) steps, comprising  - visualization of the state of said card subject to maintenance,  the determination of the rate of use of the access memory A of said card, when the latter is of the memory type & limited number of accesses,  - recycling of said card after blocking,  - the invalidation of said card.  15. Personalization method according to claim 14, characterized in that the maintenance step (EM) further comprises reading, in secret zone Z of the personal code associated with said user card (1), optionally followed by modification of said personal code.  16. Personalization method according to one of claims 13 to 15, characterized in that each service (S1, ... SN) is associated with a specific maintenance card (9.1, ... 9.N), and that maintenance operations for the batch of user cards (1) for a given service (S1, ... SN) are carried out by combining said specific maintenance card (9.1, ... 9.N) with said reading and writing means (3) and said control and processing means (4).  17. Personalization method according to one of claims 2 to 16, characterized in that it further comprises a physical personalization step (EP) of said cards belonging to the batch of user cards (1) comprising  - the printing of a logotype on the support of each of said cards (1),  - the inscription of alphanumeric identification characters on each of said cards (1).  18. Personalized security system (S) for a set of user cards (1) each comprising an incorporated microcomputer, allowing an operator to associate with each of said user cards, the selective use of a set services (S1, ... SM) and in particular an access control service, characterized in that it comprises  - a set of authorization cards (2) each incorporating a microcomputer containing specific and distinct predetermined data,  - reading and writing means (3) for a card with an integrated microcomputer,  - control and processing means (4), such as a microcomputer, connected to said reading and writing means (3), to ensure the entry of personalization data and their processing by a successive combination, in an order predetermined, said control and processing means (4) with each of said microcomputers incorporated in said enabling cards (2).  19. Personalization system according to claim 18, characterized in that & each of the user cards (1) with microcomputer and belonging to the same production batch (5), is associated a digital code constituting a manufacturing key and in that the manufacturing batch audit (5) corresponds to a microcomputer batch card (la), which contains in the memory of its microcomputer the data necessary to recalculate said manufacturing key.  20. Personalization system according to claim 19, characterized in that the reading and processing by the reading and writing means (3) and the control and processing means (4) of data contained in the memory of the microcomputers batch cards (la) and one of the enabling cards (2), called format layout card (2a), performs a structuring of the memory space (6) of the microcomputer integrated in each card belonging to the '' set of user cards (1), in different memory areas (S, A, C, T, TC, L, F) separate.  21. Personalization system according to claim 20, characterized in that each of said services (S1, S2, ... SN) is associated with a service creation card (7.1, 7.2, ... 7.N) belonging to all the authorization cards (2), and in that a service block (T1, T2, ... TN) within the memory area (T) of the microcomputer of each user card (1) is created by reading said service creation card (7.1, 7.2, ... 7.N) by the reading and writing means (3) combined with input of data specific to said service (S1, S2, ... SN) by the control and processing means (4).  22. Personalization system according to claim 21, characterized in that each of said services (S1, 52, ..., SN) is associated with a service exploitation card (8.1, 8.2, ..., 8 .N) belonging to the set of authorization cards (2), and in that all or part of the service block (T1, T2, ..., TN) associated with said service (S1, S2, ... SN) within the memory space (6) of the microcomputer of each card of the set of user cards (1) is read, modified and completed by reading said service exploitation card (8.1, 8.2, ...,  8.N) by the reading and writing means (3) combined with the data entry specific to said service fus1, S2, ..., SN) by the control and processing means (4).  23. Personalization system according to claim 21, characterized in that the respective service block (T1, T2, ... TN) within the memory space (6) of each of the user cards (1) is read, modified and completed by the reading and writing means (3) and the control and processing means (4) in combination with the service creation card (7.1, 7.2, ..., 7.N ) respective.  24. Personalization system according to one of claims 22 or 23, characterized in that the set of cards (1) belonging to the same manufacturing batch (5) and each provided with one or more blocks of service (T1, T2 ..., TN), is; associated with a maintenance card (9), and in that the maintenance functions of said user cards (1), in particular the visualization of their state, their invalidation or their recycling are carried out by the reading and writing means ( 3) and the control and processing means (4) in combination with said maintenance card (9).  25. Personalization system according to one of claims 22 or 23, characterized in that the set of user cards (1), belonging to the same manufacturing batch (5) and each provided with one or several service blocks (T1, T2, ..., TN), there is associated a maintenance card (9.1, 9.2, ... 9.nu, for each respective service (S1, S2, ..., SN) and in that the maintenance functions of said user cards (1), in particular the visualization of their state, their invalidation or their recycling are carried out by the reading and writing means (3) and the control and processing means (4) in combination with said maintenance card (9.1, 9. 2, ..., 9.N).  26. Personalization system according to one of claims 18 to 25, characterized in that it further comprises means (10) for stamping said user cards (1).  27. Personalization system according to one of claims 18 to 26, characterized in that the control and processing means (4) comprise a microcomputer.  28. Personalization system according to one of claims 18 to 27, characterized in that it further comprises printing means (11) connected to the control and processing means (4).  29. Personalization system according to claims 18 to 28, characterized in that the control and processing means (4) deliver personalization information which is stored in storage means (12).