Académique Documents
Professionnel Documents
Culture Documents
INTRODUCTION
Smart cards are similar in size and shape to the familiar magnetic stripe cards used
for credit and debit transactions, but smart cards contain an embedded integrated
circuit(chip) that interfaces with terminals (which activate the chip’s power).The chip
contains microprocessor and storage or memory. The memory contains a chip
operating system (COS) for the microprocessor, communications software, and can
contain encryption algorithms, applications software and data. When used with the
appropriate applications, smart cards can provide enhanced security and the ability
to record, store and update data. When implemented properly they can provide
interoperability across services, and allow multiple application or uses, via one card
Applications can access data directly form the chip, and smart cards can contain
Portable, personal and secure databases. Applications using smart cards as a data
Storage medium can save time and expense since access to a central database
each time a transaction occurs is not necessary. Smart cards can not replace central
records storage, such as a medical records file or bank account. Rather, they can be
viewed as” keys” to different databases and can contain an extract of critical data
contained in those databases. Unlike magnetic stripe cards – which carry limited
information, can be easily duplicated, and are limited to use as a key to on-line
functions – smart cards can provide diverse off-line and on-line functionality and
read-write capability.
HISTORY
1968
German inventor Jorgen Dethloff along with Helmet Grotrupp filed a patent for
using plastic as a carrier for microchips.
1970
Dr. Kunitaka Arimura of Japan filed the first and only patent on the smart card
concept
1974
Roland Moreno of France files the original patent for the IC card, later dubbed
the “smart card.”
1977
Three commercial manufacturers, Bull CP8, SGS Thomson, and Schlumberger
began developing the IC card product.
1979
Motorola developed first single chip Microcontroller for French Banking
1982
World's first major IC card testing
1992
Nationwide prepaid card project started in Denmark
1999
Federal Government began Federal employee smart card identification
INSIGHT
Smart cards are defined according to the type of chip implanted in the card
and its capabilities. There is a wide range of options to choose from
when designing your system
Memory Cards
These cards just store data and have no data processing capabilities.
These cards are the lowest cost per bit for user memory. They should be
regarded as floppy disks of varying sizes without the lock mechanism.
These cards cannot identify themselves to the reader, so your host system
has to know what type of card is being inserted into a reader.
These cards have built-in logic to control the access to the memory of the
card. Sometimes referred to as Intelligent Memory cards these devices can
be set to write protect some or the entire memory array. Some of these
cards can be configured to restrict access to both reading and writing. This
is usually done through a password or system key. Segmented memory
cards can be divided into logical sections for planned multi-functionality
These cards are designed for the specific purpose of storing value or
tokens. The cards are either disposable or rechargeable. Most cards of this
type incorporate permanent security measures at the point of manufacture.
These measures can include password keys and logic that are hard-coded
into the chip by the manufacturer. The memory arrays on these devices are
set-up as decrements or counters. There is little or no memory left for any
other function. For simple applications such as a telephone card the chip
has 60 or 12 memory cells, one for each telephone unit. A memory cell is
cleared each time a telephone unit is used. Once all the memory units are
used, the card becomes useless and is thrown away. This process can be
reversed in the case of rechargeable cards.
• An 8K to 64K byte (or more) CPU, Read Only Memory (ROM) that contains the
Chip’s operating system;
• Random Access Memory (RAM) that serves as a temporary register for data;
and
• Electrically Erasable Programmable Read Only Memory (EEPROM) that is
used for the storage of user data.
EEPROM can contain between 1K byte and 64K bytes or more of memory. To
highlight the functions of a smart card it is helpful to divide (conceptually) the
chip’s memory functions into three areas
Contact less smart card systems are closely related to contact smart
card systems. Like contact smart card a system, information is
stored on a chip embedded within the contact less smart card.
However, unlike the contact smart card, the power supplied to the
card as well as the data exchanged between the card and the
reader are achieved without the use of contacts, using Magnetic or
electromagnetic fields to both powers the card as well as to
exchange data with the reader.
The contact less smart card contains an antenna embedded within
the plastic body of the card (or within a key fob, watch or other
document). When the card is brought into the electromagnetic field
of the reader, the chip in the card is powered on. Once the chip is
powered on, a wireless communication protocol is initiated and
established between the card and the reader for data
Transfer. The following four functions describe at a high level the
sequence of events that happen when a contact less smart card is
brought near a card reader:
Applications using contact less smart cards can protect stored data
in a number of ways. First, in order to access the data from a
contact less smart card, the application may require knowledge of
specific secret keys. In general, without knowledge of these secret
keys, the card’s microcontroller and circuitry will block any attempts
to access the data on the chip. Second, information stored on cards
or documents using contact less smart card technology can be
encrypted. In addition, communications between the contact less
Contact less smart cards may also support separate keys for
reading and for writing. Thus, being able to read data from a smart
card does not enable you to write or update the data, unless the
application provider planned it to be so.
Contact less smart cards can also support a variety of encryption
algorithms for increased security. This is essential for highly
demanding applications such as banking, transport, and secure ID
because it provides the highest security level possible. RFID tags do
not support encryption.
Contact less smart card by their nature protects the information that
resides in their memory.Contactless smart card chips have built-in
tamper-resistance, with both hardware and software capabilities
Information (data) can only be written into the contact less smart
card memory if authority to do so is provided. Authority is given by
the card issuer or application provider who is the only entity that
knows the secret keys and that knows how to write data to the card.
Plus, the card would need to be within close proximity (4 inches or
10 centimeters for ISO/IEC 14443-compliant cards) of a specific
contact less reader. It is important to note that the write protection
of the data on the new U.S. electronic passport is very strong and no
Contacts less smart card are passive cards (they do not carry any
source of energy) and they do not have any radiation of any kind.
Only the RF reader emits energy in the reading process, but it is a
tiny fraction of what a cellular phone emits and poses no health risk.
No. Contact less smart card has no capabilities to provide physical
location information. They have an extremely limited range of
response and do not support any capabilities to identify Physical
location (unlike the cellular phone system and global positioning
system (GPS) technology).
Contact less smart card is a secure means of storing and carrying
information. In general, contacts less smart cards are more secure
and more reliable, have higher data storage capacity, and have a
longer expected life than most of the other available options (e.g.,
magnetic stripe cards or tickets, paper documents). For example,
because of the high security, reliability and Convenience of fast
transactions, all smart card applications in mass transportation are
implemented using contact less smart card technology.
Contact less smart card technology only works when a low power
radio frequency signal of 13.56 MHz is applied within a few inches
(centimeters) of the passport. The passport chip, having no
batteries or power source of its own, relies on getting its power from
the reader’s RF signal to operate. Contact less smartcard technology
uses very complex microcontroller-based technology that has a
sophisticated operating system and many security techniques at its
disposal for ensuring the integrity, confidentiality and privacy of
information stored and transmitted. The contact less smart card
technology in the new passport uses ISO/IEC standards (ISO/IEC
7816-1,-2,-3,-4 and ISO/IEC14443) to securely communicate
Cards that contain two distinct places for data storage (with at least one of these
a chip) and each storage area with its own type of interface access are called
Hybrid cards.
Thus hybrid cards can contain both a magnetic stripe and a chip. These Cards are
likely to continue using the magnetic stripe for routine banking and POS Transactions
while also is having the capability of introducing chip applications such as stored
In the transportation industry, the term “hybrid card” has a different meaning than in
the Payment sector. A transportation hybrid card contains both contact and contact
less Capability. They have two independent chips and systems on one card. The
contact and contact less chips cannot communicate with in the card.
Finally, a hybrid card can contain a contact chip and a laser strip. Laser strips use the
same technology as a CD-ROM and have a high memory capacity at a reasonable
cost. However, the read/write devices that support laser strip technology are
expensive and cards have a limited use, primarily for storage of personal medical
records.
Contact less communications can interface with the same memory within the
card; hence a single processor supports multiple interfaces. The combi-card chip
is conceptualized in the following figure:
STANDARDS
SECURITY
• Here the smart card locks the box with public key
• Recipient unlocks the box using private key
• It is widely used in e-commerce applications
Commercial Applications
• Financial Applications
• Employee Identification
• Ticketing
• Parking and toll collection
• Universities use smart cards for ID purposes and at the
library, vending machines, copy machines, and other
services on campus.
Mobile Telecommunications
• SIM cards used on cell phones
• Over 300,000,000 GSM phones with smart cards
• Contains mobile phone security, subscription
information, and phone number on the network, billing
information, and frequently called numbers.
Information Technology
• Secure logon and authentication of users to PCs and
networks
• Encryption of sensitive data
Other Applications
• Over 4 million small dish TV satellite receivers in the US
use a smart card as its removable security element and
subscription information.
• Pre-paid, reload able telephone cards
• Health Care, stores the history of a patient
Axalto
CardLogix
Gem plus
IBM
ID TECH
I'M Technologies
Sharp
Siemens
Telesec
PRISM
TechCard
• chip is tamper-resistant
- information stored on the card can be PIN code and/or read-
write protected
- capable of performing encryption
- each smart card has its own, unique serial number
• capable of processing, not just storing information
- Smart cards can communicate with computing devices
Disadvantages
Conclusion
INFORMAON
Access
ASSURANCE
Comfort confidentiality
Convenience Integrity
Customization Accountability
Independence Availability
Privacy Restoration
References