|
A smartcard or smart card is a tiny secure cryptoprocessor embedded within a credit
card-sized or smaller (like the GSM SIM) card.
Smart cards were invented and patented in France by Roland Moreno in the 1970s. Their first mass usage was payment in the French payphones starting from 1983 (Télécarte). The second one was the
integration of a microchip into all French debit cards (Carte Bleue).
The ISO/IEC 7816 series of standards define:
- the physical shape of the smart card
- the positions and shapes of its electrical connectors
- the communications protocols and power voltages
to be applied to those connectors
- the functionality
- the format of the commands sent to the card and the response returned by the card
The cards do not contain a battery; power is
supplied by the card reader.
In a contact-type smart card, the chip can be recognised by an area of gold-plated contacts about 1 cm2 close to the
short side of the card. Normally the contact communication is relatively slow (9.6-115.2 kbit/s). There is currently a trend
towards implementing USB 1 on these contacts (up to 10
Mbit/s), but there is not yet a final standard.
A second type is the non-contact type called '[['contactless]] smart card, where the chip communicates with the
card reader through wireless self-powered induction technology (106-424kbits/s). The standard for the contactless protocol for smart cards is ISO/IEC 14443 (parts 1-4) from the year 2001. An
example of a widely used contactless smartcard is Hong Kong's Octopus card, which predates the ISO/IEC 14443 standard. For use on public transportation, Paris introduced the Calypso card in
October 2001, and London introduced the Oyster card
in January 2004.
Dual-interface (or more) cards do implement contactless and contact
interfaces or multiple contactless or contact interfaces, e.g. USB and normal serial protocol.
The applications of smartcards include their use as credit or ATM cards, SIMs for mobile phones, authorization cards for pay television, high security
identification and access control cards, public transport tickets,
etc.
Smart cards may also be used as electronic wallets. The smart card chip can be loaded with electronic money, which can be used to pay
parking meters, vending machines, and merchants. Cryptographic protocols protect the exchange of money between the smart card and the accepting
machine. Examples for this are Proton, GeldKarte, Moneo and Quick.
Smartcards have been advertised as suitable for these tasks, because they are engineered to be tamper resistant. The embedded chip of a smart card normally implements
some cryptographic algorithm. Information about the inner workings of this
algorithm can be obtained if the precise time and electrical
current required for certain encryption or decryption operations is measured. A number of research projects have now
demonstrated the feasibility of this line of attack. Counter measures have been proposed.
Another problem of smart cards may be the failure rate. The plastic card in which the chip is embedded is fairly flexible, and
first time users are insufficiently careful with their card. Smart cards are often carried in wallets or pockets, which is a
fairly harsh environment for a chip. However, for large banking systems, the failure managenent cost is more than compensated by
the fraud cost reduction.
See also: Electronic money
See also
External links
A smartcard or smart card is a tiny secure cryptoprocessor embedded within a credit
card-sized or smaller (like the GSM SIM) card.
Smart cards were invented and patented in France by Roland Moreno in the 1970s. Their first mass usage was payment in the French payphones starting from 1983 (Télécarte). The second one was the
integration of a microchip into all French debit cards (Carte Bleue).
The ISO/IEC 7816 series of standards define:
- the physical shape of the smart card
- the positions and shapes of its electrical connectors
- the communications protocols and power voltages
to be applied to those connectors
- the functionality
- the format of the commands sent to the card and the response returned by the card
The cards do not contain a battery; power is
supplied by the card reader.
In a contact-type smart card, the chip can be recognised by an area of gold-plated contacts about 1 cm2 close to the
short side of the card. Normally the contact communication is relatively slow (9.6-115.2 kbit/s). There is currently a trend
towards implementing USB 1 on these contacts (up to 10
Mbit/s), but there is not yet a final standard.
A second type is the non-contact type called contactless smart card, where the chip communicates with the
card reader through wireless self-powered induction technology (106-424kbits/s). The standard for the contactless protocol for
smart cards is ISO/IEC 14443 (parts 1-4) from the year 2001. An example of a widely used contactless smartcard
is Hong Kong's Octopus card, which predates the ISO/IEC 14443 standard. For
use on public transportation, Paris introduced the Calypso card in
October 2001, and London introduced the Oyster card
in January 2004.
Dual-interface (or more) cards do implement contactless and contact interfaces or multiple contactless or contact interfaces,
e.g. USB and normal serial protocol.
The applications of smartcards include their use as credit or ATM cards, SIMs for mobile phones, authorization cards for pay television, high security
identification and access control cards, public transport tickets,
etc.
Smart cards may also be used as electronic wallets. The smart card chip can be loaded with electronic money, which can be used to pay
parking meters, vending machines, and merchants. Cryptographic protocols protect the exchange of money between the smart card and the accepting
machine. Examples for this are Proton, GeldKarte, Moneo and Quick.
Smartcards have been advertised as suitable for these tasks, because they are engineered to be tamper resistant. The embedded chip of a smart card normally implements
some cryptographic algorithm. Information about the inner workings of this
algorithm can be obtained if the precise time and electrical
current required for certain encryption or decryption operations is measured. A number of research projects have now
demonstrated the feasibility of this line of attack. Counter measures have been proposed.
Another problem of smart cards may be the failure rate. The plastic card in which the chip is embedded is fairly flexible, and
first time users are insufficiently careful with their card. Smart cards are often carried in wallets or pockets, which is a
fairly harsh environment for a chip. However, for large banking systems, the failure managenent cost is more than compensated by
the fraud cost reduction.
See also: Electronic money
See also
External links
More information, research, and news on smart cards
Smart card manufacturers
Smart card chip manufacturers
|