2. ļ¶The smart card is one of the latest additions to
The smart card is one of the latest additions to
the world of information technology.
the world of information technology.
ļ¶Similar in size to today's plastic payment card,
Similar in size to today's plastic payment card,
the smart card has a microprocessor or memory
the smart card has a microprocessor or memory
chip embedded in it that, when coupled with a
chip embedded in it that, when coupled with a
reader, has the processing power to serve many
reader, has the processing power to serve many
different applications.
different applications.
ļ¶As an access-control device, smart cards make
As an access-control device, smart cards make
personal and business data available only to the
personal and business data available only to the
appropriate users.
appropriate users.
ļ¶Another application provides users with the
Another application provides users with the
ability to make a purchase or exchange value.
ability to make a purchase or exchange value.
3. Smart cards provide data portability, security and
Smart cards provide data portability, security and
convenience. Smart cards come in two varieties:
convenience. Smart cards come in two varieties:
memory and microprocessor.
memory and microprocessor.
Memory cards simply store data and can be viewed as
Memory cards simply store data and can be viewed as
a small floppy disk with optional security.
a small floppy disk with optional security.
A microprocessor card, on the other hand, can add,
A microprocessor card, on the other hand, can add,
delete and manipulate information in its memory on
delete and manipulate information in its memory on
the card. Similar to a miniature computer, a
the card. Similar to a miniature computer, a
microprocessor card has an input/output port
microprocessor card has an input/output port
operating system and hard disk with built-in security
operating system and hard disk with built-in security
features.
features.
On a fundamental level, microprocessor cards are
On a fundamental level, microprocessor cards are
similar to desktop computers. They have operating
similar to desktop computers. They have operating
systems, they store data and applications, they
systems, they store data and applications, they
compute and process information and they can be
compute and process information and they can be
protected with sophisticated security tools.
protected with sophisticated security tools.
4. The smart card is an electronic recording
The smart card is an electronic recording
device. Information in the microchip can
device. Information in the microchip can
instantaneously verify the cardholder's identity
instantaneously verify the cardholder's identity
and any privileges to which the cardholder may
and any privileges to which the cardholder may
be entitled.
be entitled.
Information such as withdrawals, sales, and
Information such as withdrawals, sales, and
bills can be processed immediately and if/when
bills can be processed immediately and if/when
necessary; those records can be transmitted to
necessary; those records can be transmitted to
a central computer for file updating.
a central computer for file updating.
5.
6. What is a smart card?
What is a smart card?
A smart card resembles a
A smart card resembles a credit card
credit card in size
in size
and shape, but inside it is completely different.
and shape, but inside it is completely different.
First of all, it
First of all, it has
has an inside -- a normal credit
an inside -- a normal credit
card is a simple piece of plastic. The inside of a
card is a simple piece of plastic. The inside of a
smart card usually contains an
smart card usually contains an embedded
embedded
microprocessor
microprocessor.
.
The
The microprocessor
microprocessor is under a gold contact pad
is under a gold contact pad
on one side of the card.
on one side of the card.
Smart cards are defined by the
Smart cards are defined by the ISO 7816
ISO 7816
standards.
standards.
7. Smarts cards may have up to 8
Smarts cards may have up to 8 kilobytes
kilobytes of
of
RAM, 346 kilobytes of
RAM, 346 kilobytes of ROM
ROM, 256 kilobytes of
, 256 kilobytes of
programmable ROM, and a 16-bit
programmable ROM, and a 16-bit
microprocessor. The smart card uses a serial
microprocessor. The smart card uses a serial
interface and receives its power from external
interface and receives its power from external
sources like a card reader. The processor uses
sources like a card reader. The processor uses
a limited instruction set for applications such as
a limited instruction set for applications such as
cryptography
cryptography
8. How does a smart card works?
How does a smart card works?
Smart Card Readers are also known as card
Smart Card Readers are also known as card
programmers (because they can write to a card), card
programmers (because they can write to a card), card
terminals, card acceptance device (CAD) or an interface
terminals, card acceptance device (CAD) or an interface
device (IFD).
device (IFD).
Smart cards are portable data cards that must
Smart cards are portable data cards that must
communicate with another device to gain access to a
communicate with another device to gain access to a
display device or a network. Cards can be plugged into a
display device or a network. Cards can be plugged into a
reader, commonly referred to as a card terminal, or they
reader, commonly referred to as a card terminal, or they
can operate using radio frequencies (RF).
can operate using radio frequencies (RF).
9. When the smart card and the card reader
When the smart card and the card reader
come into contact, each identifies itself to
come into contact, each identifies itself to
the other by sending and receiving
the other by sending and receiving
information. If the messages exchanged do
information. If the messages exchanged do
not match, no further processing takes
not match, no further processing takes
place.
place.
So, unlike ordinary bank cards, smart cards
So, unlike ordinary bank cards, smart cards
can defend themselves against
can defend themselves against
unauthorized users and uses in innovative
unauthorized users and uses in innovative
security measures.
security measures.
10. SMART CARD READERS
SMART CARD READERS
Dedicated terminals
Usually with a small screen, keypad, printer, often also
have biometric devices such as thumb print scanner.
Computer based readers
Connect through USB or COM (Serial)
ports
11. Communicating with a Smart
Communicating with a Smart
Card Reader
Card Reader
The reader provides a path for your application to send and receive
The reader provides a path for your application to send and receive
commands from the card. There are many types of readers
commands from the card. There are many types of readers
available, such as serial, PCCard, and standard keyboard models.
available, such as serial, PCCard, and standard keyboard models.
Unfortunately, the ISO group was unable to provide a standard for
Unfortunately, the ISO group was unable to provide a standard for
communicating with the readers so there is no one-size-fits-all
communicating with the readers so there is no one-size-fits-all
approach to smart card communication.
approach to smart card communication.
Each manufacturer provides a different protocol for communication
Each manufacturer provides a different protocol for communication
with the reader.
with the reader.
First you have to communicate with the reader.
First you have to communicate with the reader.
Second, the reader communicates with the card, acting as the
Second, the reader communicates with the card, acting as the
intermediary before sending the data to the card.
intermediary before sending the data to the card.
Third, the card will process the data and return it to the reader,
Third, the card will process the data and return it to the reader,
which will then return the data to its originating source.
which will then return the data to its originating source.
12. What is a smart card operating
What is a smart card operating
system?
system?
A
A smart card
smart card contains an integrated circuit (IC) chip containing
contains an integrated circuit (IC) chip containing
a central processing unit (CPU), random access memory (
a central processing unit (CPU), random access memory (RAM
RAM
) and non-volatile data storage. Data stored in the smart card's
) and non-volatile data storage. Data stored in the smart card's
microchip can be accessed only through the chip operating
microchip can be accessed only through the chip operating
system (COS). Smart cards provide a secure, portable platform
system (COS). Smart cards provide a secure, portable platform
for "any time, anywhere" computing that can contain and
for "any time, anywhere" computing that can contain and
manipulate substantial amounts of data, especially an
manipulate substantial amounts of data, especially an
individual's personal digital identity.
individual's personal digital identity.
Smart cards are a type of mini computer with an operating
Smart cards are a type of mini computer with an operating
system capable of running a variety of applications. JavaCard is
system capable of running a variety of applications. JavaCard is
a multi-application smart card operating system which provides
a multi-application smart card operating system which provides
an API with a set of standard classes through which common
an API with a set of standard classes through which common
java applets can be loaded and executed on the smart card.
java applets can be loaded and executed on the smart card.
13. Java's
Java's portability allows smart cards to become a
portability allows smart cards to become a
general-purpose computing platform while creating
general-purpose computing platform while creating
a potentially huge market for application software
a potentially huge market for application software
and development.
and development.
Due to the increasing demand for smart card
Due to the increasing demand for smart card
applications, businesses and service providers are
applications, businesses and service providers are
constantly looking for innovations and applications
constantly looking for innovations and applications
for available services that could utilize smart card
for available services that could utilize smart card
technology.
technology.
14. Types of Smart Cards
Types of Smart Cards
Contact Cards and Contactless Cards
Contact Cards and Contactless Cards
Contact Cards require insertion into a smart
Contact Cards require insertion into a smart
card reader with a direct connection to a
card reader with a direct connection to a
conductive micro-module on the surface of the
conductive micro-module on the surface of the
card.
card.
Contactless Cards require only close proximity
Contactless Cards require only close proximity
(a few inches) of a reader
(a few inches) of a reader
15. Categories of Smart Cards
Categories of Smart Cards
Integrated Circuit (IC) Microprocessor Cards: Allow
Integrated Circuit (IC) Microprocessor Cards: Allow
for adding, deleting, or manipulating information in
for adding, deleting, or manipulating information in
memory, allowing for a variety of applications and
memory, allowing for a variety of applications and
dynamic read/write capabilities. Most Smart Cards in
dynamic read/write capabilities. Most Smart Cards in
use for mobile applications are of this type.
use for mobile applications are of this type.
IC Memory Cards: Can store data, but do not have a
IC Memory Cards: Can store data, but do not have a
processor on the card.
processor on the card.
Optical Memory Cards: Can only store data, but
Optical Memory Cards: Can only store data, but
have a larger memory capacity than IC memory
have a larger memory capacity than IC memory
cards.
cards.
16. Security Mechanisms
Security Mechanisms
Password
Password
ļ®
Card holderās protection
Card holderās protection
Cryptographic challenge Response
Cryptographic challenge Response
ļ®
Entity authentication
Entity authentication
Biometric information
Biometric information
ļ®
Personās identification
Personās identification
A combination of one or more
A combination of one or more
17. CONCLUSION
CONCLUSION
The self-containment of smart card makes
The self-containment of smart card makes
it resistant to attack as it does not need to
it resistant to attack as it does not need to
depend upon potentially vulnerable
depend upon potentially vulnerable
external resources.
external resources.
Because of this characteristic, smart cards
Because of this characteristic, smart cards
are often used in different applications,
are often used in different applications,
which require strong security protection
which require strong security protection
and authentication.
and authentication.
s
m
a
r
t
c
a
r
d
f
o
r
h
e
a
l
t
h
i
n
s
u
r
a
n
c
e
.
E
v
e
n
t
h
o
u
g
h