Unit 4_Part 1 CSE2001 Exception Handling and Function Template and Class Temp...
Doccccc
1. P.Jagadeeswara Rao
193J1A04C5
ECE-B
SMART CARD
ABSTRACT :
Smart Cards are one of the latest applications of Information Technology whose
use is growing with each passing day. Like computers today, it is presumed that smart
cards, which in fact contain tiny computers, will be used extensively in future for a
variety of purposes. In Europe, US and many developed countries smart cards are
being extensively used by commercial organizations as well as the Government. In
future they are expected to replace every thing that a person carries in a purse, like
cash, credit cards, driving license cards, identification documents etc. Smart cards can
be used for a wide variety of applications in many areas ranging from personal
identification to e-commerce transactions. One of the important purposes for which
smart card technology was developed is for dealing with card fraud in e-commerce.
This article covers the history and origin of cards, weaknesses of the traditional plastic
cards,development of smart cards, their design, different types, how they work, their
applications in e-commerce and other areas, advantages and disadvantages. This
article also examines how this technology can be used as a potent weapon in the fight
against cyber crime.
Smart card technology not only enables secure access to logical and physical
applications but also provides inherent value in the areas of security, authentication
and multi-application capabilities for a variety of industries in the areas of
transportation, banking, telecommunications and public sector. The impact of society
on the use of security systems and technology enabled with smart card technology is
rapidly accelerating since the events of September 11th. This presentation will provide
an overview of smart card technology for understanding where the technology is
migrating, and offer four smart card case studies (domestic and international) in the
areas of IT Network Security, public-sector healthcare, financial services and cashless
gaming. The presentation will also examine and compare similarities provided to end
users in each case study pointing out 'value' characteristics that encourage adoption
of smart card technology and applications enabled using smart cards. Finally the
presentation will discuss how to begin evaluating a smart card project and elements
for consideration toward successful development,implementation Communation and
deployment.
2. The physical and logical structure of the smart card and the corresponding security
access control.
Keywords:
Mobile Devices, Authentication, Smart Cards,smart cards, chip card,or integrated
circuit card (ICC).
What is Smart Card:
A smart card is a physical card that has an embedded integrated chip that acts
as a security token.
A smart card is a physical card that has an embedded integrated chip that acts as a
security token. Smart cards are typically the same size as a driver's license or credit
card and can be made out of metal or plastic. They connect to a reader either by direct
physical contact (also known as chip and dip) or through a short-range wireless
connectivity standard such as radio-frequency identification (RFID) or near-field
communication (NFC).
The chip on a smart card can be either a microcontroller or an embedded memory
chip. Smart cards are designed to be tamper-resistant and use encryption to provide
protection for in-memory information. Those cards with microcontroller chips can
perform on-card processing functions and can manipulate information in the chip's
memory.
Smart cards are used for a variety of applications, though most commonly are used
for credit cards and other payment cards. Distribution of smart cards in recent years
has been driven by the payment card industry's move to support smart cards for the
EMV payment card standard. Smart cards capable of short-range wireless connectivity
can also be used for contactless payment systems; they can also be used as tokens
for multifactor authentication.
International standards and specifications cover smart card technology, with some
focused on industry-specific applications. In the United States, smart card technology
conforms to international standards (ISO/IEC 7816 and ISO/IEC 14443) championed
by the Smartcard Alliance.
The first mass use of smart cards was the Télécarte, a telephone card for payment in
French pay phones which launched in 1983. Smart cards are now ubiquitous and have
largely replaced magnetic stripe (also known as "mag stripe") card technology, which
only has a capacity of 300 bytes of non-rewriteable memory and no processing
capability.
3. History of Smart Card:
The basis for the smart card is the silicon integrated circuit (IC) chip.It was invented
by Robert Noyce at Fairchild Semiconductor in 1959, and was made possible by
Mohamed M. Atalla's silicon surface passivation process (1957) and Jean Hoerni's
planar process (1959).The invention of the silicon integrated circuit led to the idea of
incorporating it onto a plastic card in the late 1960s.Smart cards have since used MOS
integrated circuit chips, along with MOS memory technologies such as flash memory
and EEPROM (electrically erasable programmable read-only memory).
The idea of incorporating an integrated circuit chip onto a plastic card was first
introduced by two German engineers in the late 1960s, Helmut Gröttrup and Jürgen
Dethloff.[4] In February 1967, Gröttrup filed the patent DE1574074 in West Germany
for a tamper-proof identification switch based on a semiconductor device. Its primary
use was intended to provide individual copy-protected keys for releasing the tapping
process at unmanned gas stations. In September 1968, Helmut Gröttrup, together with
Dethloff as an investor, filed further patents for this identification switch, first in
Austria[10] and in 1969 as subsequent applications in the United States,Great Britain,
West Germany and other countries.
Diners Club was the first to introduce all plastic cards for payment applications. Till
1950 the cards in use were paper based cards and during early 1950 Diners Club
introduced PVC based cards for longer life. The card became very popular as one
could pay with it at select restaurants. What really appealed to the customers is
convenience, there was no need to carry the money and it also identified them with an
elite group in the society. VISA and MasterCard entered the market. These cards were
prone to fraud, tampering. Soon the realization came that the solution to these
problems may lie in development of machine readable cards. That led to the
introduction of Magnetic stripe card, which permitted storage of data on it in a machine
readable format.Magnetic stripe card is a major weakness and that is anyone with
access to appropriate device l could read, re-write and delete data. Thus, magnetic
card was not secure enough for sensitive data and also needed complex back end
infrastructure for verification, The necessary back end information was available in US
but not in Europe. So Europe solved this problem by transferring some of the back end
work to an Integrated Circuit Card (ICC) on the client side of client/server architecture.
First ICC patent was registered by German inventors Jurgen Dethoff and Helmet
Gotrupp during 1968. Japan developed its card in 1970 and France 1974.Initial
commercial applications of this card were as telephone cards. With developments in
cryptography, France introduced the first chip incorporated banking card in 1984.
Germans followed suit in 1997 and they also issued 70 million Smart cards with
insurance information. Magnetic stripe cards could store 1000 bits of data, whereas
Integrated Circuit Cards came to be known as Smart Cards could store up to 20 Kilo
Bytes of data, cards fall into the last category, where the transactions are carried out
4. with the understanding that the payment would be made sometime in the future. The
credit cards account for one third of all sales in US,Europe and Australia.
How smart cards work:
Smart card microprocessors or memory chips exchange data with card readers and
other systems over a serial interface. The smart card itself is powered by an external
source, usually the smart card reader. A smart card communicates with readers either
via direct physical contact or using a short-range wireless connectivity standard such
as RFID or NFC. The card reader then passes data from the smart card to its intended
destination, usually a payment or authentication system connected to the smart card
reader over a network connection.
Uses of smart cards:
Smart cards are generally used in applications that must deliver fast, secure
transactions and protect personal information such as credit cards and other types of
payment cards, corporate and government identification cards and transit fare
payment cards. Smart cards are also sometimes used to function as documents such
as electronic passports and visas.
Smart cards are often designed to be used with a PIN, for example, when they are
used as debit or ATM cards. Organizations also use smart cards for security purposes;
in addition to their use as multifactor authentication tokens, the cards can also be used
for authenticating single sign-on users.
BENEFITS:
The benefits of smart cards are directly related to the volume of information and
applications that are programmed for use on a card. A single contact/contactless smart
card can be programmed with multiple banking credentials, medical entitlement,
driver's license/public transport entitlement, loyalty programs and club memberships
to name just a few. Multi-factor and proximity authentication can and has been
embedded into smart cards to increase the security of all services on the card. For
example, a smart card can be programmed to only allow a contactless transaction if it
is also within range of another device like a uniquely paired mobile phone. This can
significantly increase the security of the smart card.
Governments and regional authorities save money because of improved security,
better data and reduced processing costs. These savings help reduce public budgets
or enhance public services. There are many examples in the UK, many using a
common open LASSeO specification.
Individuals have better security and more convenience with using smart cards that
perform multiple services. For example, they only need to replace one card if their
5. wallet is lost or stolen. The data storage on a card can reduce duplication, and even
provide emergency medical information.
Types of smart cards:
Smart cards can be categorized on different criteria including by how the card reads
and writes data, by the type of chip implanted in the card and by the capabilities of that
chip. Some of the different of types of smart cards include:
● Contact smart cards are the most common type of smart card. Contact
smart cards are inserted into a smart card reader that has a direct connection
to a conductive contact plate on the surface of the card. Commands, data and
card status are transmitted over these physical contact points.
● Contactless smartcards require only close proximity to a card reader to
be read; no direct contact is necessary for the card to function. The card and
the reader are both equipped with antennae and communicate using radio
frequencies over the contactless link. A contactless smart card functions by
being put near the reader to be read.
● Dual-interface cards are equipped with both contactless and contact
interfaces. This type of card enables secure access to the smart card's chip
with either the contactless or contact smart card interfaces.
● Hybrid smart cards contain more than one smart card technology. For
example, a hybrid smart card might have one embedded processor chip that is
accessed through a contact reader as well as an RFID-enabled chip used for
proximity connection. The two different chips may be used for different
applications linked to a single smart card, as when the proximity chip is used
for physical access to restricted areas while the contact smart card chip is used
for single sign-on authentication.
● Memory smartcards contain memory chips only and can only store, read
and write data to the chip; the data on memory smart cards can be over-written
or modified, but the card itself is not programmable so data can't be processed
or modified programmatically. Memory smart cards can be read-only and used
to store data such as a PIN, password or public key; they can also be read-
write and used to write or update user data. Memory smart cards can be
configured to be rechargeable or disposable, in which case they contain data
that can only be used once or for a limited time before being updated or
discarded.
● Microprocessor smart cards have a micropr.ocessor embedded onto
the chip in addition to memory blocks. A microprocessor card may also
incorporate specific sections of files where each file is associated with a specific
function. The data in the files and the memory allocation are managed with a
smart card operating system. This type of card can be used for more than one
6. function and is usually designed to enable adding, deleting and otherwise
manipulating data in memory.
Smart cards can also be categorized by their application, such as credit card, debit
card, entitlement or other payment card, authentication token and so on.
Advantages of smart cards:
Smart cards can provide a higher level of security than magnetic stripe cards as they
can contain microprocessors capable of processing data directly without remote
connections; even memory-only smart cards can be more secure because they can
securely store more authentication and account data than traditional mag stripe cards.
Smart EMV credit card Smart credit cards became common as banks embraced the
EMV standard.
Another advantage of smart cards is that once information is stored on a smart card,
it can't easily be deleted, erased or altered. As such, smart cards are good for storing
valuable data that can't bebor shouldn't be easily reproduced.
Smart card technology is generally safe against electronic interference and magnetic
fields, unlike magnetic stripe cards. In addition, applications and data on a card can
be updated through secure channels so issuers do not necessarily have to issue new
cards when an update is necessary. Multiservice smart card systems can enable users
to access more than one different service with just one smart card.
1. Making of fake licenses has become almost impossible
2. If we lost our card and we suddenly inform this news to the authorized persons then
they will cancel that card by giving us a new one. So no need for tension.
3. If we have a smart card then no need for keeping a bulk amount of money with Us
because truncation of money though cards is now possible at any place
Disadvantages of smart cards:
While smart cards have many advantages, the cards themselves as well as the smart
card readers can be expensive.
Another disadvantage of smart cards is that not all smart card readers are compatible
with all types of smart cards. With multiple types of smart cards available, some use
nonstandard protocols for data storage and card interface; some smart cards and
readers also use proprietary software that is incompatible with other readers.
7. While smartcan be more secure for many applications they are still vulnerable to
certain types of attack. Attacks that can recover information from the chip are possible
against smart card technology. Differential power analysis can be used to deduce the
on-chip private key used by public key algorithms such as RSA. Some
implementations of symmetric ciphers can be vulnerable to timing attacks or
differential power analysis as well. Smart cards may also be physically disassembled
in order to gain access to the on-board microchip.It should be handle with a great care
no folding is possible
Examples of smart cards:
Smart card applications include:-
● Payment cards, including debit or credit cards issued by commercial credit card
companies and banks.
● Electronic benefits transfer (EBT) cards, which are used for distribution of
government benefits such as the U.S. Supplemental Nutrition Assistance
Program.
● Transit cards can be used by local and regional transit systems to process
payments as well as give riders points on their purchases.
● Smart cards are used as ID cards issued by schools, corporations and
government entities to control access to physical locations.
● Medical institutions use smart cards to securely store patient medical records.
Conclusions:
While mobile devices provide productivity benefits, they also pose new risks. This
paper demonstrates how Smart card authentication can be implemented to reduce
them. The approach provides users a simpler and less
cumbersome way to interface smart card functionality that with condevices provide
productivity benefits, they also pose new risks. This paper demonstrates how smart
card authentication can be implemented to reduce them. The approach provides users
a simpler and less cumber some way to interface smart card functionality that with
conventional types of smart cards.
Smart card technology is the latest of IT technologies and addresses the security
issues concerning a wide spectrum of areas. Smart cards are not only useful for
customers and business organizations but also for the national governments. Smart
cards are very popular and latest surveys indicate that there are more than 30 million
smart cards in use in US alone and the number is growing. The number of applications
smart cards can support is also growing. With this technology identity theft and credit
8. card fraud can be controlled to a great extent. Further it will give a fillip to the Internet
commerce. It will be no exaggeration to predict that the future belongs to contact less
smart card supporting multiple applications.
_ _ _