Seminar on

Smart Card Technology

by
ARUN.K
(1RV04EE008)

Dept of E&E
RVCE
 Overview
 Introduction
 History
 Insight
 Standards
 Security
 Applications
 Advantages & Disadvantages
 Conclusion
 What is a smart card?
 A smart card, chip card, or
integrated circuit(s) card (ICC), is
defined as any pocket-sized card with
embedded integrated circuits that
stores & transacts data between users.
 Data is associated with either value or
information or both & is stored &
processed within the card's chip.
 History
 1968
German inventor Jurgen Dethloff along with Helmet Grotrupp filed
a patent for using plastic as a carrier for microchips.

 1970
Dr. Kunitaka Arimura of Japan filed the first and only patent on
the smart card concept

 1974
Roland Moreno of France files the original patent for the IC card,
later dubbed the “smart card.”

 1977
Three commercial manufacturers, Bull CP8, SGS Thomson, and
Schlumberger began developing the IC card product.
 History
 1979
Motorola developed first single chip Microcontroller for French
Banking

 1982
World's first major IC card testing

 1992
Nationwide prepaid card project started in Denmark

 1999
Federal Government began a Federal employee smart card
identification
 Insight
Smart cards are defined according to

 The type of chip implanted in the

card and its capabilities.

 How the card data is read & written.

 Memory Cards
 Memory cards have no sophisticated
processing power and cannot manage
files dynamically.
 There are three primary types memory
cards: 1. Straight Memory Cards 2.
Protected / Segmented Memory
Cards 3. Stored Value Memory Cards
 Straight Memory Cards
 These cards just store data and have
no data processing capabilities

 These cards cannot identify

themselves to the reader, so your
host system has to know what type
of card is being inserted into a
reader
Protected / Segmented Memory
Cards
 These cards have built-in logic to
control the access to the memory of
the card.

 These devices can be set to write

protect some or all of the memory
array .
 Stored Value Memory Cards
 These cards are designed for the specific
purpose of storing value or tokens. `
 The memory arrays on these devices are
set-up as decrements or counters.
 There is little or no memory left for any
other function.
 Microprocessor Chip
 Has the ability to:
• Store information
• Carry out local
processing
• Perform Complex
Calculations
 ROM. Read-Only Memory containing the
chip’s operating system. The operating system
or command set controls all communication
between the chip and the outside
 RAM. Random Access Memory, which is
volatile, is used as a temporary storage register
by the chip’s microprocessor.
 EEPROM. Electronically Erasable Programmable
Read-Only Memory is the read/write memory for
the storage of data.
 Most of the EEPROM memory is used to store user

data such as a biometric, purse balance, demographic

information, and transaction records.
 Can be rewritten to approximately 10,000 times.
Contactless Smart Card
 Microprocessor Cards
Combi / Hybrid Cards
 Hybrid Card
• Has two chips: contact and contactless
interface.
• The two chips are not connected.

 Combi Card
• Has a single chip with a contact and
contactless interface.
• Can access the same chip via a contact or
contactless interface, with a very high level of
security.
Microprocessor Cards
Combi / Hybrid Cards
 Operating system
 Fixed file structure
 Treats the card as a secure computing &
storage devices
 Files & permissions are set in advance by
issuer
 Dynamic application system
 Includes MULTOS & JAVA card varieties
 Updates can be made easily & repeatedly
Smart Card Reader\Terminals
 STANDARDS
 ISO - International Standards Organization

 ISO 7816-1 to ISO 7816-11

 FIPS (Federal Information Processing Standar
Standa

 FIPS 140 (1-3)

 FIPS 201
 CEN (Comite' Europe'en de
Normalisation)
 Security
 Data Security Mechanisms and their
Respective Algorithms
Where are Smart Cards Used?
 Commercial Applications
• Financial Applications
• Employee Identification
• Ticketing
• Parking and toll collection
• Universities use smart
cards for ID purposes and
at the the library, vending
machines, copy machines,
and other services on
campus.
Where are Smart Cards Used?
 Mobile Telecommunications
• SIM cards used on cell
phones
• Over 300,000,000 GSM
phones with smart cards
• Contains mobile phone security, subscription
information, phone number on the network, billing
information, and frequently called numbers.
Where are Smart Cards Used?
 Information Technology
• Secure logon and authentication of users to PCs and
networks
• Encryption of sensitive data

 Other Applications
• Over 4 million small dish TV satellite receivers in the US
use a smart card as its removable security element and
subscription information.
• Pre-paid, reloadable telephone cards
• Health Care, stores the history of a patient
• Fast ticketing in public transport, parking, and road
tolling in many countries
 Manufacturers of smart cards
 Advanced Card Systems Ltd (ACS)
 Axalto
 CardLogix
 Gemplus
 IBM
 ID TECH
 I'M Technologies
 Sharp
 Siemens
 Telesec
 PRISM
 TechCard ……..
 What is smart about smart
cards
In comparison to it’s predecessor, the magnetic strip card,
smart
cards have many advantages including:

• Life of a smart card is longer

• A single smart card can house multiple applications. Just one card
can be used as your license, passport, credit card, ATM card, ID Card,
etc.
• Smart cards cannot be easily replicated and are, as a general rule
much more secure than magnetic stripe cards
• Data on a smart card can be protected against unauthorized viewing.
As a result of this confidential data, PINs and passwords can be stored
on a smart card. This means, merchants do not have to go online
every time to authenticate a transaction.
 What is smart about smart
cards
• chip is tamper-resistant
- information stored on the card can be PIN code and/or
read-write protected
- capable of performing encryption
- each smart card has its own, unique serial number
• capable of processing, not just storing information
- Smart cards can communicate with computing devices
through a smart card reader
- information and applications on a card can be updated
without having to issue new cards
• A smart card carries more information than can be
accommodated on a magnetic stripe card. It can make a
decision, as it has relatively powerful processing
capabilities that allow it to do more than a magnetic
stripe card (e.g., data encryption).
 Disadvantages
+ NOT tamper proof
+ Can be lost/stolen
+ Lack of user mobility – only possible if user has smart
card reader everywhere he goes
+ Has to use the same reader technology
+ Can be expensive
+ Working from PC – software based token will be better
+ No benefits to using a token on multiple PCs to using a
smart card
+ Still working on bugs
 Conclusion

Information
Access Assurance

Comfort Confidentiality
Convenience Integrity
Customization Accountability
Independence Availability
Privacy Restoration
 References
International Standards Organization,
http://www.iso.org
CardLogix Corporation - Smart Toolz Development Kit Handbook
http://www.cardlogix.com
National Institute of Standards and Technology
http://www.nist.gov
Trends-Loyalty Programs 12/03 CIO Insight by Margaret L Young
and Marcia Stepanek
http://www.cioinsight.com
Smart card
From Wikipedia, the free encyclopedia
http://www.wikipedia.com