1. What is a Smart Card
• A smart card, typically a type of chip card, is a plastic
card that contains an embedded computer chip–
either a memory or microprocessor type–that stores
and transacts data.This data is usually associated
with either value, information or both .
• In the tasks of very reliable authentication,
electronic signature generation, and
cryptograph, smart cards are superior to
traditional magnetic stripe technologies

2. History
 A patent for an identification card with an integrated circuit was filed, and the smart
card was born (1968).
 An important characteristic of a smart card is that the information on it cannot be copied.
 Smart cards are recognized as the next generation financial transaction cards.
 Today every mobile phone that complies with the GSM standard contains a smart
card that identifies the phone and authenticates the owner to the telephone system

3. Some developers
• Hardware-Vendors: ATMEL, Philips, Renesas
(former Hitachi), Infineon (former Siemens),
Samsung, ST microelectronics
• Smart-Card-Vendors: Oberthur, Gemplus,
AXALTO (former Schlumberger), IBM, Sony, ORGA
Card Systems, T-Systems (Telesec), ASK, Gieseke
& Devrient, Austria Card, Siemens
• Other software/application issuers are mainly
related to the banking/payment field: Soc.
T.Europienne de Monnaie Electronique (a French
electronic purse society), Mondex, other banks
and credit card companies

4. Fields of Smart Card Usage (1)
• Health Applications
 For example in Germany health insurance companies will
issue an electronic health card
 cards for the health professionals
• electronic passport (ePass, ICAO-specifications)
 No need to say that BSI is active in this field…
• eGovernment / eCard
 Goal: to fit as many applications as possible onto one card
in order to avoid multiple cards for every citizen
 BSI is very active to promote this concept in Germany
 Social insurance also related to this

5. Fields of Smart Card Usage (2)
• Digital Signatures
 As you know CC evaluation is required here
by law in Germany and other countries
• Digital Tachographs
 Smart cards will be used in trucks in Europe
instead of paper disks in order to store driving
times and similar data
• Access Control in companies and
organizations
• Public Transport

6. Smart Card Classification

7. 3.1.2 Smart Card Hardware
3.1.2.1 Contact and Contactless Cards
 Communication can take place either through the contacts on the card or via wireless
(“contactless”) transmission.
3.1.2.2 The Computer on the Smart Card
 The chip of a smart card consists of a microprocessor, ROM, EEPROM, and RAM.
ROM (16 kb)
- Operating System
- Communication EEPROM (16 kb)
- Security (DES, RSA) - File system
- Program files
- Keys
- Passwords
CPU - Applications
- 8 bit
RAM
- 5 MHz, 5V
- 4 kb
- Optional: crypto-
coprocessor

8. 3.1.2.3 Hardware Security
The objective of smart card chip design is to provide high physical security for the
data stored in the card.
The Processor and the memory are combined in the same chip which makes it
difficult to tap the signals exchange between them.
3.1.2.4 Card Acceptance Devices
Many pervasive devices like set-top boxes, cellular phones, or handhelds are
equipped with smart card readers.

9. Smart Card Software
A smart card application consists of following
two parts :-
• Off card application
• On card application

10. • The off-card part of the application is the part
that resides on the host computer or terminal
connected to the smart card through a smart
reader device
example: open card frame work

11. • The on-card application is a program stored in
the memory of the smart card chip. If the on-
card application has executable code, this code
is executed by the smart card operating system
and can use operating system services, such as
encrypting or decrypting data

12. File-system Cards
 The majority of current cards have a file
system integrated into the operating system.
 ISO 7816 File System
MIF  A file system consists of directory (DF) and
files (EF). The root directory is referred as
MF.
DF
 MF (Master File)
EF
DF(Dedicated File)
DF
EF(Elementary File)
DF
EF

13. Communication Between the On-Card
and Off-Card Parts
The protocol stack of the communication
between the smart card and host has several
layers.
1. Application Layer :- Communication takes
place between the off card part of an
application and its corresponding on card
part.

14. Application Protocol Data Unit (APDU)
 Application Protocol Data Units are used to
exchange data between the host and the smart
card.
 ISO 7816-4 defines two types of APDUs:
Command APDUs, which are sent from the off-
card application to the smart card, and Response
APDUs, which are sent back from the smart card
to reply to commands.
CLA INS P1 P2 Lc Optional Data Le

15. Command APDU
CLA INS P1 P2 Lc Optional Data Le
Response APDU
Optional Data SW1 SW2
2. Protocol Layer
The protocol with T=0, each character is transmitted
separately, while with T=1, blocks of characters are
transmitted.

16. Smart Labels
 Bar codes
 Advantages
 They can be printed on labels, they are very inexpensive, and they can be reliably
scanned.
 Disadvantages
 Since bar code are scanned optically, they must be visible on the outside of the object.
 Scanning takes place at a short range – a few centimeters.

17. Smart labels contain control logic with non-volatile read/write memory for data
storage. Data capacity ranges from 64 bits to about 2K bits

18. Example Applications
 Shipping industry
 The smart label contains identification and destination information.
 Inventory control

19. Smart Tokens
 The need for robustness can be fulfilled by
encapsulating the chips in plastic or metal.
 Examples – tollbooth, gas station, security
system
Smart Token Examples
Key fob from Gemplus
The chip contains 1024 bytes of EEPROM memory chip and associated antenna.

20. iButton
 iButtons can contain microprocessor chips or memory chips.
 A cryptographic chip implementing the JavaCard 2.0 Standard is also available