SlideShare a Scribd company logo

Security of smart cards

Download as PPTX, PDF
B
Bansi Mehta

How smart cards work. their types and the security provided by them.

Education
1 of 16
SECURITY OF SMART CARDS Prepared By: Bansi Mehta (15IT050) IT-306.02 | Sem-6 | Department of Information Technology | CSPIT Department of Information Technology Chandubhai S. Patel Institute of Technology
OUTLINE • Technology used in cards. • Magnetic cards. • Microprocessor cards. • Types of microprocessor cards. • Inside a microprocessor card. • Smartness of microprocessor card. • 2 Factor verification. • Online Transactions. • Security provided by the cards. • Security of the cards. IT-306.02 | Sem-6 | Department of Information Technology | CSPIT
SMART + CARDS: IT-306.02 | Sem-6 | Department of Information Technology | CSPIT
TECHNOLOGY USED IN CARDS: • Optical. • Memory unit. • Magnetic. • Microprocessor. IT-306.02 | Sem-6 | Department of Information Technology | CSPIT Major evolution while changing from magnetic strip to microprocessor.
MAGNETIC CARD • Reason Behind decreasing use of magnetic cards – Security. • If the card reader is tampered with and a card is swapped in it then information can be easily retrieved from the magnetic strip. • That information can be easily copied to other cards to generate a duplicate. • All this could be done without the knowledge of the user. • This introduced the concept of “Microprocessor Cards” IT-306.02 | Sem-6 | Department of Information Technology | CSPIT
SHIFT TO MICROPROCESSOR CARDS • Enclosed in plastic casing. • Has a microprocessor chip embedded inside. • Which receives an input processes and generates output. • Has a memory unit. • Also posses the magnetic strip technology. IT-306.02 | Sem-6 | Department of Information Technology | CSPIT
TYPES: • Contact – Card needed to be inserted. • Contactless – Card needed to be brought in proximity. • In contactless radio frequencies are user. The card stay in passive mode and the reader in active. When ever the card comes in the field of the reader it becomes active and then the transmission of information takes place with the help of radio frequency. IT-306.02 | Sem-6 | Department of Information Technology | CSPIT
WHAT’S INSIDE A MICROPROCESSOR CARD? • CPU: Heart of the chip. • SECURITY LOGIC: Detecting abnormal conditions. • SERIAL INTERFACE: Communication. • TEST LOGIC: Self test procedures. • ROM: Operating system. • RAM: Temporary memory unit during operations. • EEPROM: Permanent data. IT-306.02 | Sem-6 | Department of Information Technology | CSPIT
WHAT MAKES THIS CARD SMART? • Unlike magnetic card, the information of this card cannot be easily obtained. • Smartness of this card depends on the working mechanism. • To authorize any user: o Certificate + pin. o Certificate + biometrics. IT-306.02 | Sem-6 | Department of Information Technology | CSPIT
2 FACTOR VERIFICATION: • Each card has a pair of public and private key. • When the card is inserted/ brought near to the card reader, it generates a random number. • This random number is unique for each transaction. • The card encrypts that random number with its private key and sends it to reader. The reader sends it to server along with the public key of the card. • Server decrypts the encrypted random number with cards’ public key and sends it back. Reader matches both the generated random number and the decrypted number to see if they are same. IT-306.02 | Sem-6 | Department of Information Technology | CSPIT
CONTD. • When the user enters the pin in the terminal, it is encrypted using the public key of the card and send to the card. • The card decrypts it with its private key and matches it with the one stored in it. IT-306.02 | Sem-6 | Department of Information Technology | CSPIT
ONLINE TRANSACTION • Card details are tokenized and send during communication with third party gateway. • What is tokenizing? • Keeping card number or any other details as it is and inserting some numbers which may seem random in between. • The dedicated organizations have mechanisms to interpret this random seeming number. IT-306.02 | Sem-6 | Department of Information Technology | CSPIT
HOW SECURE ARE SMART CARDS? • The Security Provided by the Card 1) Symmetric key algorithm: DES, Triple DES. 2) Asymmetric key algorithm: RSA IT-306.02 | Sem-6 | Department of Information Technology | CSPIT
CONTD. • The Security of the Card: 1) Physical invasive attack- Read the data of the buses and probes. But they require special chemical and acid to remove plastic coting and very sophisticated equipment to read the data. Often ends up damaging the card. 2) Side channel attacks- Measuring minute fluctuations in the time required to perform a cryptographic operation or measuring fluctuations in the power consumed by the smart card. IT-306.02 | Sem-6 | Department of Information Technology | CSPIT
CONCLUSION • Although microprocessor based card may still lack in security mechanisms. • But security is an evolving field. • Hackers would find increasingly sophisticated attacks against smart cards while smart card manufacturers will find increasingly sophisticated countermeasures. IT-306.02 | Sem-6 | Department of Information Technology | CSPIT
THANK YOU IT-306.02 | Sem-6 | Department of Information Technology | CSPIT

Recommended

Access control basics-2
Access control basics-2Access control basics-2
Access control basics-2grantlerc
 
finger print sensor
finger print sensor finger print sensor
finger print sensor AnuragKumarJha4
 
Bank locker system
Bank locker systemBank locker system
Bank locker systemRahul Wagh
 
Embedded system
Embedded systemEmbedded system
Embedded systemamitkumarjoshi11
 
Access control basics-3
Access control basics-3Access control basics-3
Access control basics-3grantlerc
 
Fingerprint base security system
Fingerprint base security systemFingerprint base security system
Fingerprint base security systempraful borad
 
Fingerprint Attendance System
Fingerprint Attendance SystemFingerprint Attendance System
Fingerprint Attendance Systemsandeep pawar
 
Finger print recognized atm system
Finger print recognized atm systemFinger print recognized atm system
Finger print recognized atm systemPvrtechnologies Nellore
 

Recommended

Access control basics-2
Access control basics-2Access control basics-2
Access control basics-2grantlerc
 
finger print sensor
finger print sensor finger print sensor
finger print sensor AnuragKumarJha4
 
Bank locker system
Bank locker systemBank locker system
Bank locker systemRahul Wagh
 
Embedded system
Embedded systemEmbedded system
Embedded systemamitkumarjoshi11
 
Access control basics-3
Access control basics-3Access control basics-3
Access control basics-3grantlerc
 
Fingerprint base security system
Fingerprint base security systemFingerprint base security system
Fingerprint base security systempraful borad
 
Fingerprint Attendance System
Fingerprint Attendance SystemFingerprint Attendance System
Fingerprint Attendance Systemsandeep pawar
 
Finger print recognized atm system
Finger print recognized atm systemFinger print recognized atm system
Finger print recognized atm systemPvrtechnologies Nellore
 
IRJET- Design and Implementation of Fingerprint based Bank Locker System usin...
IRJET- Design and Implementation of Fingerprint based Bank Locker System usin...IRJET- Design and Implementation of Fingerprint based Bank Locker System usin...
IRJET- Design and Implementation of Fingerprint based Bank Locker System usin...IRJET Journal
 
Smart Cards Evolution
Smart Cards EvolutionSmart Cards Evolution
Smart Cards EvolutionHometrack Australia
 
Boimetric using 8051
Boimetric using 8051 Boimetric using 8051
Boimetric using 8051 Shilpa Nayak
 
Technical seminar project stalin babu m 116_f1a0471
Technical seminar project stalin babu m 116_f1a0471Technical seminar project stalin babu m 116_f1a0471
Technical seminar project stalin babu m 116_f1a0471STALIN BABU
 
Technical seminar project stalin babu m 116_f1a0471
Technical seminar project stalin babu m 116_f1a0471Technical seminar project stalin babu m 116_f1a0471
Technical seminar project stalin babu m 116_f1a0471STALIN BABU
 
ATM USER ACCOUNT SECURE BY USING GSM TECHNOLOGY
ATM USER ACCOUNT SECURE BY USING GSM TECHNOLOGYATM USER ACCOUNT SECURE BY USING GSM TECHNOLOGY
ATM USER ACCOUNT SECURE BY USING GSM TECHNOLOGYJOLLUSUDARSHANREDDY
 
ES components
ES componentsES components
ES componentsVijayKumar5738
 
smart card
smart cardsmart card
smart cardSumit Kumar
 
Seminar
SeminarSeminar
SeminarHina Saxena
 
IRJET- A Survey on: Smart Attendance Management System using RFID
IRJET- A Survey on: Smart Attendance Management System using RFIDIRJET- A Survey on: Smart Attendance Management System using RFID
IRJET- A Survey on: Smart Attendance Management System using RFIDIRJET Journal
 
Smart Card
Smart CardSmart Card
Smart Carditsvineeth209
 
Fingerprintattendancesystem 131016052949-phpapp01
Fingerprintattendancesystem 131016052949-phpapp01Fingerprintattendancesystem 131016052949-phpapp01
Fingerprintattendancesystem 131016052949-phpapp01Muhammad Tahir Mehmood
 
BIOMATRICS
BIOMATRICSBIOMATRICS
BIOMATRICSDinesh199329
 
FINGERPRINT BASED ATM SYSTEM
FINGERPRINT BASED ATM SYSTEMFINGERPRINT BASED ATM SYSTEM
FINGERPRINT BASED ATM SYSTEMJournal For Research
 
Smart cards & RFID-Anant Patel
Smart cards & RFID-Anant PatelSmart cards & RFID-Anant Patel
Smart cards & RFID-Anant PatelAnant Patel
 
Finger print based EVM by saurabh
Finger print based EVM by saurabhFinger print based EVM by saurabh
Finger print based EVM by saurabhSaurabh Kumar
 
Smartcard
SmartcardSmartcard
Smartcardaashish2cool4u
 
Read&Go_E-document readers
Read&Go_E-document readersRead&Go_E-document readers
Read&Go_E-document readersGerrit Littouw
 
Document Verification through C-One E-Id - Copy
Document Verification through C-One E-Id - CopyDocument Verification through C-One E-Id - Copy
Document Verification through C-One E-Id - CopyRima Hajou
 
What is smart card on tam
What is smart card on tamWhat is smart card on tam
What is smart card on tam崇倍 洪
 
Smart Card Presentation
Smart Card Presentation Smart Card Presentation
Smart Card Presentation ppriteshs
 
i-Secure - 3FA Smart Lock
i-Secure - 3FA Smart Locki-Secure - 3FA Smart Lock
i-Secure - 3FA Smart LockTezpur University
 

More Related Content

What's hot

IRJET- Design and Implementation of Fingerprint based Bank Locker System usin...
IRJET- Design and Implementation of Fingerprint based Bank Locker System usin...IRJET- Design and Implementation of Fingerprint based Bank Locker System usin...
IRJET- Design and Implementation of Fingerprint based Bank Locker System usin...IRJET Journal
 
Boimetric using 8051
Boimetric using 8051 Boimetric using 8051
Boimetric using 8051 Shilpa Nayak
 
Technical seminar project stalin babu m 116_f1a0471
Technical seminar project stalin babu m 116_f1a0471Technical seminar project stalin babu m 116_f1a0471
Technical seminar project stalin babu m 116_f1a0471STALIN BABU
 
Technical seminar project stalin babu m 116_f1a0471
Technical seminar project stalin babu m 116_f1a0471Technical seminar project stalin babu m 116_f1a0471
Technical seminar project stalin babu m 116_f1a0471STALIN BABU
 
ATM USER ACCOUNT SECURE BY USING GSM TECHNOLOGY
ATM USER ACCOUNT SECURE BY USING GSM TECHNOLOGYATM USER ACCOUNT SECURE BY USING GSM TECHNOLOGY
ATM USER ACCOUNT SECURE BY USING GSM TECHNOLOGYJOLLUSUDARSHANREDDY
 
IRJET- A Survey on: Smart Attendance Management System using RFID
IRJET- A Survey on: Smart Attendance Management System using RFIDIRJET- A Survey on: Smart Attendance Management System using RFID
IRJET- A Survey on: Smart Attendance Management System using RFIDIRJET Journal
 
Fingerprintattendancesystem 131016052949-phpapp01
Fingerprintattendancesystem 131016052949-phpapp01Fingerprintattendancesystem 131016052949-phpapp01
Fingerprintattendancesystem 131016052949-phpapp01Muhammad Tahir Mehmood
 
Smart cards & RFID-Anant Patel
Smart cards & RFID-Anant PatelSmart cards & RFID-Anant Patel
Smart cards & RFID-Anant PatelAnant Patel
 
Finger print based EVM by saurabh
Finger print based EVM by saurabhFinger print based EVM by saurabh
Finger print based EVM by saurabhSaurabh Kumar
 
Read&Go_E-document readers
Read&Go_E-document readersRead&Go_E-document readers
Read&Go_E-document readersGerrit Littouw
 
Document Verification through C-One E-Id - Copy
Document Verification through C-One E-Id - CopyDocument Verification through C-One E-Id - Copy
Document Verification through C-One E-Id - CopyRima Hajou
 
What is smart card on tam
What is smart card on tamWhat is smart card on tam
What is smart card on tam崇倍 洪
 

What's hot (20)

IRJET- Design and Implementation of Fingerprint based Bank Locker System usin...
IRJET- Design and Implementation of Fingerprint based Bank Locker System usin...IRJET- Design and Implementation of Fingerprint based Bank Locker System usin...
IRJET- Design and Implementation of Fingerprint based Bank Locker System usin...
 
Smart Cards Evolution
Smart Cards EvolutionSmart Cards Evolution
Smart Cards Evolution
 
Boimetric using 8051
Boimetric using 8051 Boimetric using 8051
Boimetric using 8051
 
Technical seminar project stalin babu m 116_f1a0471
Technical seminar project stalin babu m 116_f1a0471Technical seminar project stalin babu m 116_f1a0471
Technical seminar project stalin babu m 116_f1a0471
 
Technical seminar project stalin babu m 116_f1a0471
Technical seminar project stalin babu m 116_f1a0471Technical seminar project stalin babu m 116_f1a0471
Technical seminar project stalin babu m 116_f1a0471
 
ATM USER ACCOUNT SECURE BY USING GSM TECHNOLOGY
ATM USER ACCOUNT SECURE BY USING GSM TECHNOLOGYATM USER ACCOUNT SECURE BY USING GSM TECHNOLOGY
ATM USER ACCOUNT SECURE BY USING GSM TECHNOLOGY
 
ES components
ES componentsES components
ES components
 
smart card
smart cardsmart card
smart card
 
Seminar
SeminarSeminar
Seminar
 
IRJET- A Survey on: Smart Attendance Management System using RFID
IRJET- A Survey on: Smart Attendance Management System using RFIDIRJET- A Survey on: Smart Attendance Management System using RFID
IRJET- A Survey on: Smart Attendance Management System using RFID
 
Smart Card
Smart CardSmart Card
Smart Card
 
Fingerprintattendancesystem 131016052949-phpapp01
Fingerprintattendancesystem 131016052949-phpapp01Fingerprintattendancesystem 131016052949-phpapp01
Fingerprintattendancesystem 131016052949-phpapp01
 
BIOMATRICS
BIOMATRICSBIOMATRICS
BIOMATRICS
 
FINGERPRINT BASED ATM SYSTEM
FINGERPRINT BASED ATM SYSTEMFINGERPRINT BASED ATM SYSTEM
FINGERPRINT BASED ATM SYSTEM
 
Smart cards & RFID-Anant Patel
Smart cards & RFID-Anant PatelSmart cards & RFID-Anant Patel
Smart cards & RFID-Anant Patel
 
Finger print based EVM by saurabh
Finger print based EVM by saurabhFinger print based EVM by saurabh
Finger print based EVM by saurabh
 
Smartcard
SmartcardSmartcard
Smartcard
 
Read&Go_E-document readers
Read&Go_E-document readersRead&Go_E-document readers
Read&Go_E-document readers
 
Document Verification through C-One E-Id - Copy
Document Verification through C-One E-Id - CopyDocument Verification through C-One E-Id - Copy
Document Verification through C-One E-Id - Copy
 
What is smart card on tam
What is smart card on tamWhat is smart card on tam
What is smart card on tam
 

Similar to Security of smart cards

Smart Card Presentation
Smart Card Presentation Smart Card Presentation
Smart Card Presentation ppriteshs
 
IRJET - Precocious ATM System using Iris Scanner
IRJET - Precocious ATM System using Iris ScannerIRJET - Precocious ATM System using Iris Scanner
IRJET - Precocious ATM System using Iris ScannerIRJET Journal
 
Embedded system in Smart Cards
Embedded system in Smart CardsEmbedded system in Smart Cards
Embedded system in Smart CardsRebecca D'souza
 
smartcard-121018150432-phpapp01.pdf
smartcard-121018150432-phpapp01.pdfsmartcard-121018150432-phpapp01.pdf
smartcard-121018150432-phpapp01.pdfssuser5b47c8
 
Machine Readable Travel Documents (MRTD) - Biometric Passport
Machine Readable Travel Documents (MRTD) - Biometric PassportMachine Readable Travel Documents (MRTD) - Biometric Passport
Machine Readable Travel Documents (MRTD) - Biometric PassportTariq Tauheed
 
Embedded System Security: Learning from Banking and Payment Industry
Embedded System Security: Learning from Banking and Payment IndustryEmbedded System Security: Learning from Banking and Payment Industry
Embedded System Security: Learning from Banking and Payment IndustryNarudom Roongsiriwong, CISSP
 
IRJET - Smartcard based Grocerydispensing Sytem
IRJET - Smartcard based Grocerydispensing SytemIRJET - Smartcard based Grocerydispensing Sytem
IRJET - Smartcard based Grocerydispensing SytemIRJET Journal
 
Wireless e-passport using smart card technology
Wireless e-passport using smart card technologyWireless e-passport using smart card technology
Wireless e-passport using smart card technologyIRJET Journal
 
Smartcards and Authentication Tokens
Smartcards and Authentication TokensSmartcards and Authentication Tokens
Smartcards and Authentication Tokenssaniacorreya
 
IRJET- Implementation of Secured ATM by Wireless Password Transfer and Keypad...
IRJET- Implementation of Secured ATM by Wireless Password Transfer and Keypad...IRJET- Implementation of Secured ATM by Wireless Password Transfer and Keypad...
IRJET- Implementation of Secured ATM by Wireless Password Transfer and Keypad...IRJET Journal
 
Case study on smart card (embeded system) based on IOT
Case study on smart card (embeded system) based on IOTCase study on smart card (embeded system) based on IOT
Case study on smart card (embeded system) based on IOTdivyawani2
 

Similar to Security of smart cards (20)

Smart Card Presentation
Smart Card Presentation Smart Card Presentation
Smart Card Presentation
 
i-Secure - 3FA Smart Lock
i-Secure - 3FA Smart Locki-Secure - 3FA Smart Lock
i-Secure - 3FA Smart Lock
 
Smart card
Smart cardSmart card
Smart card
 
IRJET - Precocious ATM System using Iris Scanner
IRJET - Precocious ATM System using Iris ScannerIRJET - Precocious ATM System using Iris Scanner
IRJET - Precocious ATM System using Iris Scanner
 
Embedded system in Smart Cards
Embedded system in Smart CardsEmbedded system in Smart Cards
Embedded system in Smart Cards
 
Smart cards
Smart cardsSmart cards
Smart cards
 
Smart card technology
Smart card technologySmart card technology
Smart card technology
 
smartcard-121018150432-phpapp01.pdf
smartcard-121018150432-phpapp01.pdfsmartcard-121018150432-phpapp01.pdf
smartcard-121018150432-phpapp01.pdf
 
Machine Readable Travel Documents (MRTD) - Biometric Passport
Machine Readable Travel Documents (MRTD) - Biometric PassportMachine Readable Travel Documents (MRTD) - Biometric Passport
Machine Readable Travel Documents (MRTD) - Biometric Passport
 
Embedded System Security: Learning from Banking and Payment Industry
Embedded System Security: Learning from Banking and Payment IndustryEmbedded System Security: Learning from Banking and Payment Industry
Embedded System Security: Learning from Banking and Payment Industry
 
IRJET - Smartcard based Grocerydispensing Sytem
IRJET - Smartcard based Grocerydispensing SytemIRJET - Smartcard based Grocerydispensing Sytem
IRJET - Smartcard based Grocerydispensing Sytem
 
Wireless e-passport using smart card technology
Wireless e-passport using smart card technologyWireless e-passport using smart card technology
Wireless e-passport using smart card technology
 
Smart Card based Robust Security System
Smart Card based Robust Security SystemSmart Card based Robust Security System
Smart Card based Robust Security System
 
Smart card
Smart cardSmart card
Smart card
 
Smartcards 111228091849-phpapp01
Smartcards 111228091849-phpapp01Smartcards 111228091849-phpapp01
Smartcards 111228091849-phpapp01
 
Smartcards and Authentication Tokens
Smartcards and Authentication TokensSmartcards and Authentication Tokens
Smartcards and Authentication Tokens
 
IRJET- Implementation of Secured ATM by Wireless Password Transfer and Keypad...
IRJET- Implementation of Secured ATM by Wireless Password Transfer and Keypad...IRJET- Implementation of Secured ATM by Wireless Password Transfer and Keypad...
IRJET- Implementation of Secured ATM by Wireless Password Transfer and Keypad...
 
Case study on smart card (embeded system) based on IOT
Case study on smart card (embeded system) based on IOTCase study on smart card (embeded system) based on IOT
Case study on smart card (embeded system) based on IOT
 
Gao
GaoGao
Gao
 
Smart card
Smart cardSmart card
Smart card
 

Recently uploaded

_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting DataJhengPantaleon
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)eniolaolutunde
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxiammrhaywood
 
internship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developerinternship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developerunnathinaik
 
Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Celine George
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon AUnboundStockton
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityGeoBlogs
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Krashi Coaching
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxGaneshChakor2
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionSafetyChain Software
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxpboyjonauth
 
ENGLISH5 QUARTER4 MODULE1 WEEK1-3 How Visual and Multimedia Elements.pptx
ENGLISH5 QUARTER4 MODULE1 WEEK1-3 How Visual and Multimedia Elements.pptxENGLISH5 QUARTER4 MODULE1 WEEK1-3 How Visual and Multimedia Elements.pptx
ENGLISH5 QUARTER4 MODULE1 WEEK1-3 How Visual and Multimedia Elements.pptxAnaBeatriceAblay2
 
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxEPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxRaymartEstabillo3
 
Blooming Together_ Growing a Community Garden Worksheet.docx
Blooming Together_ Growing a Community Garden Worksheet.docxBlooming Together_ Growing a Community Garden Worksheet.docx
Blooming Together_ Growing a Community Garden Worksheet.docxUnboundStockton
 
Class 11 Legal Studies Ch-1 Concept of State .pdf
Class 11 Legal Studies Ch-1 Concept of State .pdfClass 11 Legal Studies Ch-1 Concept of State .pdf
Class 11 Legal Studies Ch-1 Concept of State .pdfakmcokerachita
 
Painted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaPainted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaVirag Sontakke
 

Recently uploaded (20)

_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
 
internship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developerinternship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developer
 
Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17
 
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon A
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptx
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory Inspection
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptx
 
ENGLISH5 QUARTER4 MODULE1 WEEK1-3 How Visual and Multimedia Elements.pptx
ENGLISH5 QUARTER4 MODULE1 WEEK1-3 How Visual and Multimedia Elements.pptxENGLISH5 QUARTER4 MODULE1 WEEK1-3 How Visual and Multimedia Elements.pptx
ENGLISH5 QUARTER4 MODULE1 WEEK1-3 How Visual and Multimedia Elements.pptx
 
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxEPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
 
Staff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSDStaff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSD
 
Blooming Together_ Growing a Community Garden Worksheet.docx
Blooming Together_ Growing a Community Garden Worksheet.docxBlooming Together_ Growing a Community Garden Worksheet.docx
Blooming Together_ Growing a Community Garden Worksheet.docx
 
Class 11 Legal Studies Ch-1 Concept of State .pdf
Class 11 Legal Studies Ch-1 Concept of State .pdfClass 11 Legal Studies Ch-1 Concept of State .pdf
Class 11 Legal Studies Ch-1 Concept of State .pdf
 
9953330565 Low Rate Call Girls In Rohini Delhi NCR
9953330565 Low Rate Call Girls In Rohini Delhi NCR9953330565 Low Rate Call Girls In Rohini Delhi NCR
9953330565 Low Rate Call Girls In Rohini Delhi NCR
 
Painted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaPainted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of India
 

Security of smart cards

  • 1. SECURITY OF SMART CARDS Prepared By: Bansi Mehta (15IT050) IT-306.02 | Sem-6 | Department of Information Technology | CSPIT Department of Information Technology Chandubhai S. Patel Institute of Technology
  • 2. OUTLINE • Technology used in cards. • Magnetic cards. • Microprocessor cards. • Types of microprocessor cards. • Inside a microprocessor card. • Smartness of microprocessor card. • 2 Factor verification. • Online Transactions. • Security provided by the cards. • Security of the cards. IT-306.02 | Sem-6 | Department of Information Technology | CSPIT
  • 3. SMART + CARDS: IT-306.02 | Sem-6 | Department of Information Technology | CSPIT
  • 4. TECHNOLOGY USED IN CARDS: • Optical. • Memory unit. • Magnetic. • Microprocessor. IT-306.02 | Sem-6 | Department of Information Technology | CSPIT Major evolution while changing from magnetic strip to microprocessor.
  • 5. MAGNETIC CARD • Reason Behind decreasing use of magnetic cards – Security. • If the card reader is tampered with and a card is swapped in it then information can be easily retrieved from the magnetic strip. • That information can be easily copied to other cards to generate a duplicate. • All this could be done without the knowledge of the user. • This introduced the concept of “Microprocessor Cards” IT-306.02 | Sem-6 | Department of Information Technology | CSPIT
  • 6. SHIFT TO MICROPROCESSOR CARDS • Enclosed in plastic casing. • Has a microprocessor chip embedded inside. • Which receives an input processes and generates output. • Has a memory unit. • Also posses the magnetic strip technology. IT-306.02 | Sem-6 | Department of Information Technology | CSPIT
  • 7. TYPES: • Contact – Card needed to be inserted. • Contactless – Card needed to be brought in proximity. • In contactless radio frequencies are user. The card stay in passive mode and the reader in active. When ever the card comes in the field of the reader it becomes active and then the transmission of information takes place with the help of radio frequency. IT-306.02 | Sem-6 | Department of Information Technology | CSPIT
  • 8. WHAT’S INSIDE A MICROPROCESSOR CARD? • CPU: Heart of the chip. • SECURITY LOGIC: Detecting abnormal conditions. • SERIAL INTERFACE: Communication. • TEST LOGIC: Self test procedures. • ROM: Operating system. • RAM: Temporary memory unit during operations. • EEPROM: Permanent data. IT-306.02 | Sem-6 | Department of Information Technology | CSPIT
  • 9. WHAT MAKES THIS CARD SMART? • Unlike magnetic card, the information of this card cannot be easily obtained. • Smartness of this card depends on the working mechanism. • To authorize any user: o Certificate + pin. o Certificate + biometrics. IT-306.02 | Sem-6 | Department of Information Technology | CSPIT
  • 10. 2 FACTOR VERIFICATION: • Each card has a pair of public and private key. • When the card is inserted/ brought near to the card reader, it generates a random number. • This random number is unique for each transaction. • The card encrypts that random number with its private key and sends it to reader. The reader sends it to server along with the public key of the card. • Server decrypts the encrypted random number with cards’ public key and sends it back. Reader matches both the generated random number and the decrypted number to see if they are same. IT-306.02 | Sem-6 | Department of Information Technology | CSPIT
  • 11. CONTD. • When the user enters the pin in the terminal, it is encrypted using the public key of the card and send to the card. • The card decrypts it with its private key and matches it with the one stored in it. IT-306.02 | Sem-6 | Department of Information Technology | CSPIT
  • 12. ONLINE TRANSACTION • Card details are tokenized and send during communication with third party gateway. • What is tokenizing? • Keeping card number or any other details as it is and inserting some numbers which may seem random in between. • The dedicated organizations have mechanisms to interpret this random seeming number. IT-306.02 | Sem-6 | Department of Information Technology | CSPIT
  • 13. HOW SECURE ARE SMART CARDS? • The Security Provided by the Card 1) Symmetric key algorithm: DES, Triple DES. 2) Asymmetric key algorithm: RSA IT-306.02 | Sem-6 | Department of Information Technology | CSPIT
  • 14. CONTD. • The Security of the Card: 1) Physical invasive attack- Read the data of the buses and probes. But they require special chemical and acid to remove plastic coting and very sophisticated equipment to read the data. Often ends up damaging the card. 2) Side channel attacks- Measuring minute fluctuations in the time required to perform a cryptographic operation or measuring fluctuations in the power consumed by the smart card. IT-306.02 | Sem-6 | Department of Information Technology | CSPIT
  • 15. CONCLUSION • Although microprocessor based card may still lack in security mechanisms. • But security is an evolving field. • Hackers would find increasingly sophisticated attacks against smart cards while smart card manufacturers will find increasingly sophisticated countermeasures. IT-306.02 | Sem-6 | Department of Information Technology | CSPIT
  • 16. THANK YOU IT-306.02 | Sem-6 | Department of Information Technology | CSPIT