2. DEFINITION
A Smart card is a portable devices that
contains some non-volatile memory and a
microprocessor.
This card contains some kind of an
encrypted key that is compared to a secret
key contained on the user’s processor.
3. History of SMART CARD
In 1968 German rocket scientist Helmut
Grottrup and his colleague Jurgen
Dethloff invented the automated chip
card, receiving a patent only in 1982.
The first mass use of the cards was as a
Telecarte for payment in French pay
phones, starting in 1983.
4. Types of SMART CARD
Contactless smart cards ( e.g. Highway toll
Tags )
Contact smart card
(SIM Card, Driving license, Electronic purses
like debit card etc. )
5. Contactless SMART CARD
These smart cards do not require any physical
contact between the card and the reader and
becoming popular for payment and ticketing
applications such as highway tolls.
They communicates with the reader and gets
powered through R-f induction technology (at data
rate of 106-848 Kbits/sec.)
Most commonly used contactless smart cards are:
Montreal’s OPUS card, Hongkong’s OCTOPUS card,
Songhai's public transportation card.
6. Contact SMART CARD
Contact smart cards have a contact area
of about 1sq. Cm (.16 sq. inch)
comprising of several gold plated
contact pads.
These pads provides electrical
connectivity when inserted in to a reader
7. Plastic Cards
Visual identity application
Plain plastic card is enough
Magnetic strip (e.g. credit cards)
Visual data also available in machine
readable form
No security of data
Electronic memory cards
Machine readable data
8. SMART CARDS
Processor cards (and therefore memory
too)
Credit card size
With or without contacts
Cards have an operating system too.
The OS provides
A standard way of interchanging information
An interpretation of the commands and data.
Cards must interface to a computer or
terminal through a standard card reader.
9. What’s in a Card?
CL RST
K Vcc
RFU
GND
RFU
Vpp
I/O
10. Terminologies
VCC : Power supply input
RST : Reset signal, used to reset the
card's communications.
CLK : Provides the card with a clock
signal , from which data communications
timing is derived.
GND : Ground(reference voltage).
11. VPP : Programming voltage input -
originally an input for a higher voltage to
program persistent memory e.g.
EEPROM.
I/O : Serial input and output .
RFU : Reserved for future use.
12. Typical Configurations
256 bytes to 4KB RAM.
8KB to 32KB ROM.
1KB to 32KB EEPROM.
8-bit to 16-bit CPU. 8051 based designs
are common.
13. Smart Card Readers
Computer based readers
Connect through USB or
COM (Serial) ports
Dedicated terminals
Usually with a small screen,
keypad, printer, often also
have biometric devices such
as thumb print scanner.
14. Communication mechanisms
Communication between smart card and reader
is standardized
ISO 7816 standard
Commands are initiated by the terminal
Interpreted by the card OS
Card state is updated
Response is given by the card.
15. Why SMART CARD
Improve the convenience and security of
any transaction.
Provide tamper-proof storage of user
account and identity.
Provide vital components of system
security.
Protect against a full range of security
threats
17. Password Verification
Terminal asks the user to provide a
password.
Password is sent to Card for verification.
Scheme can be used to permit user
authentication.
18. Cryptographic verification
Terminal verify card
Terminal sends a random number to card to be
hashed or encrypted using a key.
Card provides the hash or hypertext.
Terminal can know that the card is authentic.
19. Biometric techniques
Finger print identification.
Features of finger prints can be kept on the
card (even verified on the card)
Photograph pattern .
Such information is to be verified by a
person. The information can be stored in the
card securely.
20. Access & control of the files
Applications may specify the access
controls
A password (PIN) on the MF selection
(For example SIM password in mobiles)
Multiple passwords can be used and levels
of security access may be given
Applications may also use cryptographic
authentication
21. How does it all work?
Card is inserted in the terminal
Card gets power. OS boots up.
Sends ATR (Answer to reset)
ATR negotiations take place to
set up data transfer speeds,
capability negotiations etc.
Terminal sends first command to Card responds with an error
select MF (because MF selection is only on
password presentation)
Terminal prompts the user to
provide password
Terminal sends password for Card verifies P2. Stores a status
verification “P2 Verified”. Responds “OK”
Terminal sends command to Card responds “OK”
select MF again Card supplies personal data and
responds “OK”
Terminal sends command to read
22. Applications
Payphones
Mobile Communications
Banking & Retail
Electronic Purse
Health Care
ID Verification and Access Control
Transport purpose