SlideShare a Scribd company logo

Smart Card Security

Reben Dalshad
Reben Dalshad

In this presentation, I presented the history of smart cards, how smart card works, smartcard security and advantage and disadvantage of smartcards.

Technology
1 of 24
PRESENTED BY: REBEN DALSHAD IBRAHIM SMART CARD SECURITY
introduction Smart card is a small plastic that is embedded with either a microprocessor or a memory chip. provides cryptographic services (e.g. authentication, confidentiality, integrity) is small and personal is a secure device
History of Smart Cards • In the early 1950s Diners club produced the first all-plastic card to be used for payment applications. • Smart card has its origin in 1970s by inventors from Germany, Japan and France. • First mass use was for payment in french payphones. • The manufacturer of Smart Cards are Gemplus, IBM, Siemens, Telesec and many more.
What is ‘Smart’ about the Smart Cards..?? • Smart Cards are capable of not just storing data but also have processing power. • The data stored can be protected against unauthorized access and tempering. • They are appropriate for secure and convenient data storage. • Smart cards have the property of multifunctionality.
Smart card application area’s • Government • E-commerce • E-banking • Education • Office • Communication • Entertainment • Retail • Transportation • Health care
What’s inside a smart card ? microprocessor Microprocesor: heart of the chip
What’s inside a smart card ? security logic security logic: detecting abnormal conditions, e.g. low voltage microprocessor
What’s inside a smart card ? microprocessor serial i/o interface security logic serial i/o interface: contact to the outside world
What’s inside a smart card ? test logic serial i/o interface security logic test logic: self-test proceduresmicroprocessor
What’s inside a smart card ? test logic ROM serial i/o interface security logic ROM: – card operating system – self-test procedures – typically 16 kbytes – future 32/64 kbytes microprocessor
What’s inside a smart card ? RAM test logic ROM serial i/o interface security logic RAM: ‘scratch pad’ of the processor typically 512 bytes future 1 kbyte microprocessor
What’s inside a smart card ? RAM test logic ROM EEPROM serial i/o interface security logic EEPROM: –cryptographic keys –PIN code –biometric template –balance –application code –typically 8 kbytes –future 32 kbytes microprocessor
What’s inside a smart card ? RAM test logic ROM EEPROM serial i/o interface security logic databus databus: connection between elements of the chip. 8 or 16 bits wide microprocessor
Basic smart card security features Hardware • closed package • memory encapsulation • security logic (sensors) • cryptographic coprocessors and random generator Software • decoupling applications and operating system • restricted file access • life cycle control • various cryptographic algorithms and protocols
Cryptographic algorithms  Smart cards and intelligent token uses different types of encryption systems.  SHA-1, RSA, DES • DES was published by the National Bureau of Standards. It is a secret Key cryptographic algorithm .
Smart card attacks Internal Attacks Side Channel Attacks Logical Attacks
Internal attack • Alarm (sensors) – light – active grid • Hide – feature size – multi-layer • Confuse – glue logic – redundant logic
Logical attacks Communication Command scan File system scan Invalid / inopportune requests Crypt-analysis and protocol abuse
Side channel attack • Signal analysis – reduce processor signal by balancing or equalising the power and/or shielding the emission – variable ordering of processes – retry counters • Signal insertion – use sensors for supply voltage, light and temperature – double implementation path (for verification) – check for runtime parameter validity
Advantages • A chip is tamper resistant. • Information stored on the card can be PIN protected and read write protected. • Capable of performing data encryption. • Capable of processing information.
Disadvantages • The accuracy of information is small. • It gives liability issues if stolen or lost. • It is potential for too much data on one card if lost or stolen. • It is a potential area for computer hacker and computer viruses. • Lack of technology to support user.
Conclusions • Smart card is an excellent technology to secure storage and authentication • Smart card technology is emerging, applications are everywhere • Smart cards enhance service and security • Perfect security does not exist, even not for smart cards • A smart world is the future
References • http://www.smartcardbasics.com / • https://www.riscure.com/ • History of Smart Cards http://www.ehow.com/about_5468404_history_smart_cards.ht ml
THANK YOU

Recommended

Smart card
Smart cardSmart card
Smart card
Saumya Ranjan Behura
 
Smart card
Smart cardSmart card
Smart card
Santosh Khadsare
 
Smart card system ppt
Smart card system ppt Smart card system ppt
Smart card system ppt
Dewanshu Haswani
 
Abstract Smart Card Technology
Abstract Smart Card TechnologyAbstract Smart Card Technology
Abstract Smart Card Technology
vishnu murthy
 
Smart card technology
Smart card technologySmart card technology
Smart card technology
Lav Pratap
 
Smart card
Smart cardSmart card
Smart card
ram212213
 
Smart card
Smart cardSmart card
Smart card
Ritika Golash
 
Smart cards
Smart cardsSmart cards
Smart cards
jaswinderkaur144
 

Recommended

Smart card
Smart cardSmart card
Smart card
Saumya Ranjan Behura
 
Smart card
Smart cardSmart card
Smart card
Santosh Khadsare
 
Smart card system ppt
Smart card system ppt Smart card system ppt
Smart card system ppt
Dewanshu Haswani
 
Abstract Smart Card Technology
Abstract Smart Card TechnologyAbstract Smart Card Technology
Abstract Smart Card Technology
vishnu murthy
 
Smart card technology
Smart card technologySmart card technology
Smart card technology
Lav Pratap
 
Smart card
Smart cardSmart card
Smart card
ram212213
 
Smart card
Smart cardSmart card
Smart card
Ritika Golash
 
Smart cards
Smart cardsSmart cards
Smart cards
jaswinderkaur144
 
Smart Card Technology
Smart Card TechnologySmart Card Technology
Smart Card Technology
thinkahead.net
 
Smart cards
Smart cardsSmart cards
Smart cards
Mir Majid
 
Smart card technology
Smart card technologySmart card technology
Smart card technology
Deepak Raj
 
Smart card technologya
Smart card technologyaSmart card technologya
Smart card technologya
puneet bhatia
 
Smart cards
Smart cards Smart cards
Smart cards
Punjab College Of Technical Education
 
SMART CARDS
SMART CARDSSMART CARDS
SMART CARDS
salman khan
 
Smart card technology
Smart card technologySmart card technology
Smart card technology
Pushkar Dutt
 
Smart card technology
Smart card technologySmart card technology
Smart card technology
Shashank Karamballi
 
Smart Card Presentation
Smart Card Presentation Smart Card Presentation
Smart Card Presentation
ppriteshs
 
Smart card
Smart cardSmart card
Smart card
Vaibhaw Mishra
 
Smart Card Technology
Smart Card TechnologySmart Card Technology
Smart Card Technology
Amit Gaur
 
Smart card
Smart cardSmart card
Smart card
Rahul Srivastava
 
SMART CARD
SMART CARDSMART CARD
SMART CARD
Kapil Dev Ghante
 
Smart card ppt
Smart card pptSmart card ppt
Smart card ppt
kondalarao7
 
SMART DUST
SMART DUSTSMART DUST
SMART DUST
Khyravdhy Tannaya
 
Smatcard documentation
Smatcard documentationSmatcard documentation
Smatcard documentation
Bhadra Gowdra
 
Mobile jammer
Mobile jammerMobile jammer
Mobile jammer
Avay Minni
 
finger door lock.ppt g.m.r.pptx
finger door lock.ppt g.m.r.pptxfinger door lock.ppt g.m.r.pptx
finger door lock.ppt g.m.r.pptx
KSanthosh14
 
Sensors in IOT
Sensors in IOTSensors in IOT
Sensors in IOT
ATS SBGI MIRAJ
 
Brain chips ppt
Brain chips pptBrain chips ppt
Brain chips ppt
Mohammed Rizwan S
 
Smart cards & RFID-Anant Patel
Smart cards & RFID-Anant PatelSmart cards & RFID-Anant Patel
Smart cards & RFID-Anant Patel
Anant Patel
 
Smart id's
Smart id'sSmart id's
Smart id's
Chetanya Bansal
 

More Related Content

What's hot

Smart card technology
Smart card technologySmart card technology
Smart card technology
Pushkar Dutt
 
Smatcard documentation
Smatcard documentationSmatcard documentation
Smatcard documentation
Bhadra Gowdra
 

What's hot (20)

Smart Card Technology
Smart Card TechnologySmart Card Technology
Smart Card Technology
 
Smart cards
Smart cardsSmart cards
Smart cards
 
Smart card technology
Smart card technologySmart card technology
Smart card technology
 
Smart card technologya
Smart card technologyaSmart card technologya
Smart card technologya
 
Smart cards
Smart cards Smart cards
Smart cards
 
SMART CARDS
SMART CARDSSMART CARDS
SMART CARDS
 
Smart card technology
Smart card technologySmart card technology
Smart card technology
 
Smart card technology
Smart card technologySmart card technology
Smart card technology
 
Smart Card Presentation
Smart Card Presentation Smart Card Presentation
Smart Card Presentation
 
Smart card
Smart cardSmart card
Smart card
 
Smart Card Technology
Smart Card TechnologySmart Card Technology
Smart Card Technology
 
Smart card
Smart cardSmart card
Smart card
 
SMART CARD
SMART CARDSMART CARD
SMART CARD
 
Smart card ppt
Smart card pptSmart card ppt
Smart card ppt
 
SMART DUST
SMART DUSTSMART DUST
SMART DUST
 
Smatcard documentation
Smatcard documentationSmatcard documentation
Smatcard documentation
 
Mobile jammer
Mobile jammerMobile jammer
Mobile jammer
 
finger door lock.ppt g.m.r.pptx
finger door lock.ppt g.m.r.pptxfinger door lock.ppt g.m.r.pptx
finger door lock.ppt g.m.r.pptx
 
Sensors in IOT
Sensors in IOTSensors in IOT
Sensors in IOT
 
Brain chips ppt
Brain chips pptBrain chips ppt
Brain chips ppt
 

Similar to Smart Card Security

smartcardtech-140126024149-phpapp01.pdf
smartcardtech-140126024149-phpapp01.pdfsmartcardtech-140126024149-phpapp01.pdf
smartcardtech-140126024149-phpapp01.pdf
ssuser5b47c8
 
Vanderhoof smartcard-roadmap
Vanderhoof smartcard-roadmapVanderhoof smartcard-roadmap
Vanderhoof smartcard-roadmap
Hai Nguyen
 

Similar to Smart Card Security (20)

Smart cards & RFID-Anant Patel
Smart cards & RFID-Anant PatelSmart cards & RFID-Anant Patel
Smart cards & RFID-Anant Patel
 
Smart id's
Smart id'sSmart id's
Smart id's
 
Access controls
Access controlsAccess controls
Access controls
 
Hacking Smartcards & RFID
Hacking Smartcards & RFIDHacking Smartcards & RFID
Hacking Smartcards & RFID
 
Smart cards system
Smart cards systemSmart cards system
Smart cards system
 
smartcardtech-140126024149-phpapp01.pdf
smartcardtech-140126024149-phpapp01.pdfsmartcardtech-140126024149-phpapp01.pdf
smartcardtech-140126024149-phpapp01.pdf
 
Smart Card based Robust Security System
Smart Card based Robust Security SystemSmart Card based Robust Security System
Smart Card based Robust Security System
 
Ppt Smart Card
Ppt Smart CardPpt Smart Card
Ppt Smart Card
 
Smartcards 111228091849-phpapp01
Smartcards 111228091849-phpapp01Smartcards 111228091849-phpapp01
Smartcards 111228091849-phpapp01
 
Vanderhoof smartcard-roadmap
Vanderhoof smartcard-roadmapVanderhoof smartcard-roadmap
Vanderhoof smartcard-roadmap
 
Presentation cyber forensics & ethical hacking
Presentation cyber forensics & ethical hackingPresentation cyber forensics & ethical hacking
Presentation cyber forensics & ethical hacking
 
Encryption techniques
Encryption techniquesEncryption techniques
Encryption techniques
 
Smartcards and Authentication Tokens
Smartcards and Authentication TokensSmartcards and Authentication Tokens
Smartcards and Authentication Tokens
 
Smart Card
Smart CardSmart Card
Smart Card
 
smartcard-120830090352-phpapp02.pdf
smartcard-120830090352-phpapp02.pdfsmartcard-120830090352-phpapp02.pdf
smartcard-120830090352-phpapp02.pdf
 
SmartWorld- What we Do!
SmartWorld- What we Do!SmartWorld- What we Do!
SmartWorld- What we Do!
 
Smart card Technology
Smart card TechnologySmart card Technology
Smart card Technology
 
Cryptology - The practice and study of hiding information
Cryptology - The practice and study of hiding informationCryptology - The practice and study of hiding information
Cryptology - The practice and study of hiding information
 
mobile forensic.pptx
mobile forensic.pptxmobile forensic.pptx
mobile forensic.pptx
 
Access control basics-3
Access control basics-3Access control basics-3
Access control basics-3
 

Recently uploaded

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 

Recently uploaded (20)

ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot ModelNavi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 

Smart Card Security

  • 1. PRESENTED BY: REBEN DALSHAD IBRAHIM SMART CARD SECURITY
  • 2. introduction Smart card is a small plastic that is embedded with either a microprocessor or a memory chip. provides cryptographic services (e.g. authentication, confidentiality, integrity) is small and personal is a secure device
  • 3. History of Smart Cards • In the early 1950s Diners club produced the first all-plastic card to be used for payment applications. • Smart card has its origin in 1970s by inventors from Germany, Japan and France. • First mass use was for payment in french payphones. • The manufacturer of Smart Cards are Gemplus, IBM, Siemens, Telesec and many more.
  • 4. What is ‘Smart’ about the Smart Cards..?? • Smart Cards are capable of not just storing data but also have processing power. • The data stored can be protected against unauthorized access and tempering. • They are appropriate for secure and convenient data storage. • Smart cards have the property of multifunctionality.
  • 5. Smart card application area’s • Government • E-commerce • E-banking • Education • Office • Communication • Entertainment • Retail • Transportation • Health care
  • 6. What’s inside a smart card ? microprocessor Microprocesor: heart of the chip
  • 7. What’s inside a smart card ? security logic security logic: detecting abnormal conditions, e.g. low voltage microprocessor
  • 8. What’s inside a smart card ? microprocessor serial i/o interface security logic serial i/o interface: contact to the outside world
  • 9. What’s inside a smart card ? test logic serial i/o interface security logic test logic: self-test proceduresmicroprocessor
  • 10. What’s inside a smart card ? test logic ROM serial i/o interface security logic ROM: – card operating system – self-test procedures – typically 16 kbytes – future 32/64 kbytes microprocessor
  • 11. What’s inside a smart card ? RAM test logic ROM serial i/o interface security logic RAM: ‘scratch pad’ of the processor typically 512 bytes future 1 kbyte microprocessor
  • 12. What’s inside a smart card ? RAM test logic ROM EEPROM serial i/o interface security logic EEPROM: –cryptographic keys –PIN code –biometric template –balance –application code –typically 8 kbytes –future 32 kbytes microprocessor
  • 13. What’s inside a smart card ? RAM test logic ROM EEPROM serial i/o interface security logic databus databus: connection between elements of the chip. 8 or 16 bits wide microprocessor
  • 14. Basic smart card security features Hardware • closed package • memory encapsulation • security logic (sensors) • cryptographic coprocessors and random generator Software • decoupling applications and operating system • restricted file access • life cycle control • various cryptographic algorithms and protocols
  • 15. Cryptographic algorithms  Smart cards and intelligent token uses different types of encryption systems.  SHA-1, RSA, DES • DES was published by the National Bureau of Standards. It is a secret Key cryptographic algorithm .
  • 17. Internal attack • Alarm (sensors) – light – active grid • Hide – feature size – multi-layer • Confuse – glue logic – redundant logic
  • 18. Logical attacks Communication Command scan File system scan Invalid / inopportune requests Crypt-analysis and protocol abuse
  • 19. Side channel attack • Signal analysis – reduce processor signal by balancing or equalising the power and/or shielding the emission – variable ordering of processes – retry counters • Signal insertion – use sensors for supply voltage, light and temperature – double implementation path (for verification) – check for runtime parameter validity
  • 20. Advantages • A chip is tamper resistant. • Information stored on the card can be PIN protected and read write protected. • Capable of performing data encryption. • Capable of processing information.
  • 21. Disadvantages • The accuracy of information is small. • It gives liability issues if stolen or lost. • It is potential for too much data on one card if lost or stolen. • It is a potential area for computer hacker and computer viruses. • Lack of technology to support user.
  • 22. Conclusions • Smart card is an excellent technology to secure storage and authentication • Smart card technology is emerging, applications are everywhere • Smart cards enhance service and security • Perfect security does not exist, even not for smart cards • A smart world is the future
  • 23. References • http://www.smartcardbasics.com / • https://www.riscure.com/ • History of Smart Cards http://www.ehow.com/about_5468404_history_smart_cards.ht ml