4. Regular Smart Card Readers
Ordinary smart card readers, read data from card and send data to PC
sensitive information can be vulnerable to security attacks
Sensitive card information
Sniffers Phishers Hackers
4
5. Regular Smart Card Readers
Data has to be passed to the PC because the reader has no user interface, i.e.
keyboard, monitor, where user can see and input data.
Sniffers Phishers Hackers
5
6. So how to fight off these malicious attacks?
To have a device that has a:
ā¢ Smart card reader
ā¢ Keyboard /PIN-pad where users could input simple passwords
ā¢ Monitor / LCD where the user could see the information
ā¢ Secure PIN Entry
ā¢ On-device authentication
Sniffers Phishers Hackers
6
14. Corporate Security
Windows Logon
Online Gaming
eCommerce
Home Banking
Loyalty System
14
15. Sample Scenario: Grocery Payment Scheme
The reader prompts PIN entered by
the customer to customer will be
enter his/her verified against PIN
password. stored in card Ma tch
In the cashier/checkout No Ma tch
counter, the cus tomer
inserts his/her ca rd to
the reader for pa yment Customer pays checkout
amount using the debit card.
Transaction
receipt generated.
Ba nk rejects
transa ction
Checkout
amount is Information is sent to bankās
Ba nk a ccepts database for approval.
debited from
customers transa ction
account.
15