Professional Documents
Culture Documents
Smart Card: Cloud Computing 2020-21
Smart Card: Cloud Computing 2020-21
DEFINITION
SMART CARD
A smart card is a physical card that has an embedded integrated chip that
acts as a security token. Smart cards are typically the same size as a driver's
license or credit card and can be made out of metal or plastic. They connect to
a reader either by direct physical contact (also known as chip and dip) or
through a short-range wireless connectivity standard such as radio-frequency
identification (RFID) or near-field communication (NFC).
The first mass use of smart cards was the “Telecarte”, a telephone card for
payment in French pay phones which launched in 1983. Smart cards are now
ubiquitous and have largely replaced magnetic stripe (also known as "mag
stripe") card technology, which only has a capacity of 300 bytes of non-
rewriteable memory and no processing capability.
The term "smart card" has been used as a label for a wide variety of hand-held
plastic devices containing mechanisms for storing and/or processing
information. There is much debate over exactly what capabilities and
characteristics a device must have in order to be considered a smart card. One
source states that a smart card is implemented "in a piece of plastic the size of a
credit card" and that "each smart card contains its own central processing unit
[which is] essentially a small computer." [MCIV 85, p. 152] Another source,
with a broader definition, suggests that a smart card "consists of an integrated
circuit chip or chips packaged in a convenient form to be carried on one's
person." [SVGL85, p. l] With the latter definition, the category of smart cards
includes integrated circuit data storage cards and key-shaped devices, which
may not have any computational powers. Magnetic stripe and optical laser
storage cards have also sometimes been referred to as smart cards, because they
have data storage capacity.
ISO has not defined or produced standards for any devices specifically labelled
as "smart cards.
In 1970 a Japanese inventor, Kunitaka Arimura, filed the first patent for what
we would now call a SMART CARD. His patent was restricted to Japan and to
the technical aspects of the invention. Japanese cards manufactured under an
Arimura license.
1970---Dr. Kunitaka Arimura of Japan filed the first and only patent on the smart card
concept.
1974---Roland Moreno of France filed the original patent for the IC card, later dubbed
the “smart card”.
1977---Three commercial manufacturers, Bull CP8, SGS Thomson, and
Schlumberger began developing the IC card.
1979---Motorola developed the first secure single chip microcontroller for use in
French banking.
1982---Field testing of serial memory phone cards took place in France – the world’s
first major IC card test.
1984---Field trials of ATM bank cards with chips were successfully conducted.
1986---14,000 cards equipped with the Bull CP8 were distributed to clients of the
Bank of Virginia and the Maryland
1987---First large-scale smart card application implemented in the United States with
the U.S. Department of Agriculture’s nationwide Peanut Marketing Card.
1991---First Electronic Benefits Transfer (EBT) smart card project launched for the
Wyoming Special Supplemental Nutrition Program for Women, Infants, and Children
(WIC).
1992---A nationwide prepaid (electronic purse) card project (DANMONT) was
started in Denmark.
1993---Field test of multi-function smart card applications in Rennes, France, where
the Telecarte function (for public phones) was enabled in a Smart Bank Card.
1994---Europay, MasterCard, and Visa (EMV) published joint specifications for
global microchip-based bank cards (smart cards).
1995---Over 3 million digital mobile phone subscribers worldwide begin initiating
and billing calls with smart cards.
1996---Over 1.5 million VISACash stored value cards were issued at the Atlanta
Olympics.
1998---Microsoft announced its new Windows smart card operating system. France
began piloting a smart health card for its 50 million citizens.
1999---The Smart Access Common ID Card program established a contract vehicle
for use by all Federal agencies.
When the smart card and the card reader come into contact, each identifies itself
to the other by sending and receiving information. If the messages exchanged do not
match, no further processing takes place.
So, unlike ordinary bank cards, smart cards can defend themselves against
unauthorized users and uses in innovative security measures.
Current Applications:
Payphones
Mobile Communications
Banking & Retail
Electronic Purse
Health Care
ID Verification and Access Control
**************************************************
**************************************************
**************************************************
Smart cards are often designed to be used with a PIN, for example, when
they are used as debit or ATM cards. Organizations also use smart cards for
security purposes; in addition to their use as multifactor authentication tokens,
the cards can also be used for authenticating single sign-on users.
Contact smart cards are the most common type of smart card. Contact
smart cards are inserted into a smart card reader that has a direct
connection to a conductive contact plate on the surface of the card.
Commands, data and card status are transmitted over these physical
contact points.
Memory smart cards contain memory chips only and can only store,
read and write data to the chip; the data on memory smart cards can be
over-written or modified, but the card itself is not programmable so data
can't be processed or modified programmatically. Memory smart cards
can be read-only and used to store data such as a PIN, password or public
key; they can also be read-write and used to write or update user data.
Memory smart cards can be configured to be rechargeable or disposable,
in which case they contain data that can only be used once or for a limited
time before being updated or discarded.
There are advantages and disadvantages to both the muliple-chip and the
single-chip smart card. A multiple-chip smart card may be less expensive to
produce, since it can incorporate several easily-attainable, low-cost IC chips. A
single-chip smart card, on the other hand, requires a more complex, specialized
chip, carefully designed to accommodate all the required circuitry for the
microprocessor, memory and I/O. [MCIV 85, p.155] In addition, a multiple-
chip smart card may be able to perform more functions and store more
information than a single-chip smart card. However, including more than one
chip in a smart card presents some difficult problems.
Although it has some limitations, a single-chip smart card can perform all the
functions of a microcomputer. The following sections describe the components
of a microcomputer microprocessor, memory, and input/output —as they may
be implemented in a single smart card IC chip.
The ALU provides the basic logic and arithmetic functions for the
microcomputer.It also contains small storage spaces, called registers,
which are needed for performing computations, such as addition or
multiplication. The ALU interacts with the memory and the input/output
in order to coordinate the operations of the microcomputer.
The control unit assures that the timing of events in the various parts of
the micro-computer are coordinated.
The bus provides a link between different parts of the smart card
microcomputer.
There are many possible configurations for the bus, which may be comprised of
several segments.
For example, one segment of the bus may link two registers in the ALU
together, another may link the input/output interface to the microprocessor, and
still another may link the microprocessor to the main memory of the smart card.
In general, smart cards are designed such that the bus does not directly connect
the input/output to the main memory. The microprocessor may be linked
between the input/output and the main memory in order to "stand guard" over
information entering and leaving the memory..
More secure:-Smart cards offer more security and confidentiality than
any other financial or transaction card on the market.They use encryption
and authentication technology which is more secure than previous
methods associated with payment cards.
Safe to transport:-Another advantage to having a smart card is their
use the banking industry.These cards give the holder the freedom to carry
large sums of money stolen.They are also safe because the cards can be
easily replaced, and the person would have to know the pin number to
access its store value.
Offer a variety of benefits:- Smart cards Offer a variety of benefits
to merchants, financial institutions, and other card issuers such as faster
transaction, increased sales, reduced costs, easier book-keeping, and
fewer losses.
Time-saving:- Making a payment with a smart card saves a lot of time
because its chip contains details about the owner in a non-encrypted form
and the user doesn’t have to explicitly provide details for verification.
~While smart cards have many advantages, the cards themselves -- as well as
the smart card readers -- can be expensive
Easily Lost:-Smart cards are small, lightweight and can be easily lost if
the person is irresponsible. Since smart cards have multiple uses, the loss
may be much more inconvenient.If you lose a card that doubles as a debit
card, bus pass and key to the office, you would be severely
inconvenienced for a number of days.
Security:- Another drawback of using smart cards is their level of
security. They are more secure than swipe cards. However, they are not
as secure as some in the general public would believe. This creates a false
sense of security and someone might not be as diligent as protecting their
card and the details it holds.
Slow Adoption:- If used as a payment card, not every store or
restaurant will have the hardware necessary to use these cards. One of the
reasons for this is since technology is more secure, it is also more
expensive to produce and use.Therefore, some stores may charge a basic
minimum fee for using smart cards for payment, rather than cash.
Possible Risk of Identify Theft:- Smart cards are vulnerable to
hardware hacking, which means that data stored in the card can be altered
or corrupted.For criminals seeking a new identity, they are like gold,
based on the amount of information it can contain on an individual.
~Another disadvantage of smart cards is that not all smart card readers are
compatible with all types of smart cards. With multiple types of smart cards
available, some use nonstandard protocols for data storage and card interface;
some smart cards and readers also use proprietary software that is incompatible
with other readers.
~While smart cards can be more secure for many applications, they are still
vulnerable to certain types of attack. Attacks that can recover information from
the chip are possible against smart card technology. Differential power analysis
can be used to deduce the on-chip private key used by public key algorithms
such as RSA. Some implementations of symmetric ciphers can be vulnerable to
timing attacks or differential power analysis as well. Smart cards may also be
physically disassembled in order to gain access to the on-board microchip.
Conclusion:
The self-containment of smart card makes it resistant
to attack as it does not need to depend upon potentially vulnerable external
resources.
Because of this characteristic, smart cards are often used in different
applications, which require strong security protection and authentication. Smart
card technology is emerging, applications are everywhere.
*Smart cards enhance service and security
*Perfect security does not exist, even not for smart cards
*Risk analysis is essential
*Smart card applications inccludes
*Payment cards, including debit or credit cards issued by commercial credit
card companies and banks.
*Electronic benefits transfer (EBT) cards, which are used for distribution of
government benefits such as the U.S. Supplemental Nutrition Assistance
Program.
*Transit cards can be used by local and regional transit systems to process
payments as well as give riders points on their purchases.
*Smart cards are used as ID cards issued by schools, corporations and
government entities to control access to physical locations.
*Medical institutions use smart cards to securely store patient medical records.