Smart card

1,890 views

Published on

Published in: Technology, Business
0 Comments
3 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,890
On SlideShare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
124
Comments
0
Likes
3
Embeds 0
No embeds

No notes for slide

Smart card

  1. 1. Smart card technology
  2. 2. What is a Smart Card? • A smart card, chip card, or integrated circuit card (ICC) is any pocket-sized card with embedded integrated circuits. • Smart cards can provide identification, authentication, data storage and application processing. • Smart cards may also provide strong security authentication for single sign-on (SSO) within large organizations. • Smarts cards may have up to 8 kilobytes of RAM, 346 kilobytes of ROM, 256 kilobytes of programmable ROM, and a 16-bit microprocessor.
  3. 3. It’s Generic Characteristics: Dimensions similar to those of a credit card. ID-1 of the ISO/IEC 7810 standard defines cards as nominally 85.60 by 53.98 millimeters (3.370 in × 2.125 in). Contains a tamper-resistant security system (for example a secure crypto processor and a secure file system) and provides security services (e.g., protects in-memory information). Managed by an administration system which securely interchanges information and configuration settings with the card, controlling card blacklisting and application-data updates. Communicates with external services via card-reading devices, such as ticket readers, ATMs, etc.
  4. 4. Card Construction • Mostly all chip cards are built from layers of differing materials, or substrates, that when brought together properly gives the card a specific life and functionality. • The typical card today is made from PVC, Polyester or Polycarbonate. • The card layers are printed first and then laminated in a large press. • The next step in construction is the blanking or die cutting. • This is followed by embedding a chip and then adding data to the card. In all, there may be up to 30 steps in constructing a card. • The total components, including software and plastics, may be as many as 12 separate items; all this in a unified package that appears to the user as a simple device.
  5. 5. Contact Smart card • These are the most common type of smart card. • Electrical contacts located on the outside of the card connect to a card reader when the card is inserted. • This connector is bonded to the encapsulated chip in the card.
  6. 6. CHIP: CONNECTOR: • The use of contact smart cards as physical access control is limited mostly to parking applications when payment data is stored in card memory, and when the speed of transactions is not as important.
  7. 7. Contactless Smart card • A contactless smart card is a card in which the chip communicates with the card reader through an induction technology similar to that of an RFID (Radio Frequency Identification) (at data rates of 106 to 848 Kbit/s). • These cards require only close proximity to an antenna to complete a transaction. • They are often used when transactions must be processed quickly or hands-free, such as on mass transit systems, where a smart card can be used without even removing it from a wallet.
  8. 8. Proximity Smart Card • A proximity card or prox. card is a smart card which can be "read" without inserting it into a reader device, as required by earlier magnetic stripe cards such as credit cards. • To use, the proximity card is held near an electronic reader unit for a moment. • The reader usually produces a "beep" or other sound to indicate the card has been read. • Proximity cards typically have a range of around 5 cm (2 inches) for reading, so the user often leaves the card inside his or her wallet or purse, and simply holds the wallet or purse near the reader. • The term "proximity card" can refer to the older 125 kHz devices or the newer 13.56 MHz contactless smartcards. • Proximity cards can hold more data than a magnetic stripe card, for example an electronic funds balance, and so can be used for contactless payment systems. Many major banks are offering such cards.
  9. 9. Smart Card Reader • A card reader is a data input device that reads data from a card-shaped storage medium. • Modern card readers are electronic devices that can read plastic cards embedded with either a barcode, magnetic strip, computer chip or another storage medium. • A memory card reader is a device used for communication with a smart card or a memory card.
  10. 10. Contact Smart Card Reader • • • • This type of reader requires a physical connection to the cards, made by inserting the card into the reader. This is the most common reader type for applications such as ID and Stored Value. The card-to-reader communications is often ISO 7816 T=0 only. This communication has the advantage of direct coupling to the reader and is considered more secure. The other advantage is speed. The typical PTS Protocol Type Selection (ISO7816-3) negotiated speed can be up to 115 kilo baud. This interface enables larger data transport without the overhead of anti-collision and wireless breakdown issues that are a result from the card moving in and out of the reader antenna range.
  11. 11. Contactless Smart Card Reader • This type of reader works with a radio frequency that communicates when the card comes close to the reader. • Many contactless readers are designed specifically for Payment, Physical Access Control and Transportation applications. • The dominant protocol under the ISO 14443 is MIFARE, followed by the EMV standards.
  12. 12. • The contactless smart card contains an antenna embedded within the plastic body of the card. • When the card is brought into the electromagnetic field of the reader, the chip in the card is powered on. • Once the chip is powered on, a wireless communication protocol is initiated and established between the card and the reader for data transfer. • The following four functions describe at a high level the sequence of events that happen when a contactless smart card is brought near a card reader: • Energy transfer to the card for powering the integrated circuit (chip) • Clock signal transfer • Data transfer to the contactless smart card • Data transfer from the contactless smart card • Hence, once the card is brought within range of an electromagnetic field of the required frequency (13.56 MHz), the card will be powered up, ready to communicate with the reader.
  13. 13. Communicating with a Smart Card Reader The reader provides a path for an application to send and receive commands from the card. There are many types of readers available, such as serial, PC-Card, and standard keyboard models. Unfortunately, the ISO group was unable to provide a standard for communicating with the readers so there is no “one size fits all” approach to smart card communication. Each manufacturer provides a different protocol for communication with the reader. • First, users have to communicate with the reader. • Second, the reader communicates with the card, acting as the intermediary before sending the data to the card. • Third, communication with a smart card is based on the APDU format. The card will process the data and return it to the reader, which will then return the data to its originating source.
  14. 14. Smart Card Security • Smartcard readers have been targeted successfully by criminals in what is termed a supply chain attack, in which the readers are tampered with during manufacture or in the supply chain before delivery. • The rogue devices capture customers' card details before transmitting them to criminals. • The microprocessor on the smart card is there for security. • The host computer and card reader actually "talk" to the microprocessor. • The microprocessor enforces access to the data on the card. • If the host computer read and wrote the smart card's random access memory (RAM), it would be no different than a diskette.
  15. 15. Smart cards offer a number of features that can be used to provide or enhance privacy protection in systems. The following is a brief description of some of these features and how they can be used to protect privacy. • Authentication • Secure data storage • Encryption • Strong device security • Secure communications • Biometrics • Personal device • Certifications

×