Embed Size (px)
DESCRIPTION
Lecture #5 Smart Card
Citation preview
LECTURE #5LECTURE #5
Presented ByPresented ByMrs.Vasanthi Mrs.Vasanthi MuniasamyMuniasamy
INFORMATION INFORMATION SECURITYSECURITY
TOPICTOPIC
SMART CARDSMART CARD
Smart CardsSmart CardsFuture Life………Future Life………
Plastic CardsPlastic Cards
Visual identity applicationVisual identity application Plain plastic card is enoughPlain plastic card is enough
Magnetic strip (e.g. credit cards)Magnetic strip (e.g. credit cards) Visual data also available in machine Visual data also available in machine
readable formreadable form No security of dataNo security of data
Electronic memory cardsElectronic memory cards Machine readable dataMachine readable data Some security (vendor specific)Some security (vendor specific)
What is a Smart What is a Smart Card? Card? A Smart card is a plastic
card about the size of a
credit card, with an
embedded microchip that
can be loaded with data,
used for telephone calling,
cash payments , and other
applications, and then
periodically refreshed for
additional use.
What is a smart card?What is a smart card?
HistoryHistory
70’s70’s
Smart Card First Patent in Smart Card First Patent in GermanyGermany and and later in later in FranceFrance and and JapanJapan..
80’s 80’s
Mass usage in Pay Phones and Debit Cards.Mass usage in Pay Phones and Debit Cards.
90’s90’s
Smart Card based Mobiles Chips & Sim Smart Card based Mobiles Chips & Sim Cards.Cards.
HistoryHistory
2000’s2000’s
Payment and Ticketing Applications Payment and Ticketing Applications
Credit cards, Mass transit (Smartrip)Credit cards, Mass transit (Smartrip)
Healthcare and Identification Healthcare and Identification
Insurance information, Drivers licenseInsurance information, Drivers license
Dimensions of smart Dimensions of smart card.card.
85.6mm x 53.98mm x 0.76mm(defined by ISO 7816)
Card ElementsCard ElementsMagnetic Stripe
Chip
Embossing (Card Number / Name / Validity)
Logo
Hologram
Smart Cards devicesSmart Cards devices
VCC
Reset
Clock
GND
VPP
I/O
Reserved
Electrical Signals DescriptionElectrical Signals Description
: Clocking or timing signal (optional use by the
card).
GND : Ground (reference voltage).
VPP : Programming voltage input (deprecated / optional use by the card).
I/O : Input or Output for serial data to the integrated circuit inside the card.AUX1(C4): Auxilliary contact; USB devices: D+AUX2(C8) : Auxilliary contact; USB devices: D-
VCC : Power supply input
: Either used itself (reset signal supplied from the interface device) or in
combination with an internal reset control circuit (optional use by the card) .
Fig : A smart card pin out
RST
CLK
CARD STRUCTURECARD STRUCTURE
Out of the eight contacts only six are
used. Vcc is the supply voltage, Vss is
the ground reference voltage against
which the Vcc potential is measured,
Vpp connector is used for the high
voltage signal,chip receives
commands & interchanges data.
Typical ConfigurationsTypical Configurations
256 bytes to 4KB RAM.256 bytes to 4KB RAM. 8KB to 32KB ROM.8KB to 32KB ROM. 1KB to 32KB EEPROM.1KB to 32KB EEPROM. 8-bit to 16-bit CPU. 8051 based 8-bit to 16-bit CPU. 8051 based
designs are common.designs are common.
Smart Card ReadersSmart Card Readers
Computer based readersConnect through USB or COM (Serial) ports
Dedicated terminalsUsually with a small screen, keypad, printer, often also have biometric devices such as thumb print scanner.
Terminal/PC Card Terminal/PC Card InteractionInteraction
The terminal/PC sends commands to The terminal/PC sends commands to the card (through the serial line).the card (through the serial line).
The card executes the command and The card executes the command and sends back the reply.sends back the reply.
The terminal/PC cannot directly The terminal/PC cannot directly access memory of the card so data in access memory of the card so data in the card is protected from the card is protected from unauthorized access. This is what unauthorized access. This is what makes the card makes the card smart.smart.
Why Smart Cards?Why Smart Cards?
Security: Data and codes on the card are
encrypted by the chip maker. The Smart
Card’s circuit chip almost impossible to forge.
Trust: Minimal human interaction.
Portability.
Less Paper work: Eco-Friendly
Two Types of ChipsTwo Types of Chips
Memory chipMemory chip Acts as a small Acts as a small
floppy disk with floppy disk with optional securityoptional security
Are inexpensiveAre inexpensive Offer little security Offer little security
features features
Microprocessor Microprocessor Can add, delete, and Can add, delete, and
manipulate its manipulate its memory. memory.
Acts as a miniature Acts as a miniature computer that computer that includes an operating includes an operating system, hard disk, and system, hard disk, and input/output ports. input/output ports.
Provides more security Provides more security and memory and can and memory and can even download even download applications. applications.
From 1 billion to 4 billion From 1 billion to 4 billion units in 10 years…units in 10 years…
Worldwide smart card shipments
925 960
26553325
0
500
1000
1500
2000
2500
3000
3500
4000
4500
Mil
lio
ns
of
un
its
Microprocessor cards
Memory cards
4285
3580
1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009
925 960
Smart Cards in Smart Cards in everyday life…everyday life…
Ticketing
Payment
Loyalty
Transport
Smart Poster
Health card
Communication
Contact Smart CardsContact Smart Cards
Requires insertion Requires insertion into a smart card into a smart card reader with a direct reader with a direct connection connection
This physical contact This physical contact allows for allows for transmission of transmission of commands, data, and commands, data, and card status to take card status to take place place
Contactless smart Contactless smart card:-card:-
Contactless Smart Contactless Smart Cards Cards
Require only close Require only close proximity to a readerproximity to a reader
Both the reader and card Both the reader and card have antennas through have antennas through which the two which the two communicate communicate
Ideal for applications Ideal for applications that require very fast that require very fast card interfaces card interfaces
ISOISO 14443. 14443.
International standard.International standard. Deals – only contactless smart cards.Deals – only contactless smart cards. Defines:-Defines:-
a.a. Interface.Interface.
b.b. Radio frequency interface.Radio frequency interface.
c.c. Electrical interface.Electrical interface.
d.d. Operating distance.Operating distance.
Etc…..Etc…..
Dual interface smart Dual interface smart cards.cards.
Also called Also called Combi cardCombi card..
Has a single chip over it.Has a single chip over it.
Has both contact as well as Has both contact as well as contactless interfaces.contactless interfaces.
We can use the same chip using either We can use the same chip using either contact or contactless interface with a contact or contactless interface with a high level of security.high level of security.
DualDual interface smart interface smart cardcard..
Hybrid smart card.Hybrid smart card.
Two chips.Two chips. One with contact interface.One with contact interface. Other with contactless Other with contactless
interface.interface. No connection between the No connection between the
two chips.two chips.
Hybrid smart cards.Hybrid smart cards.
Categories of Smart Categories of Smart CardsCards
Based on the type of IC chip embedded on the Smart Card. They are categorized into three types :-
IC Micro Processor Cards IC Memory Cards Optical Memory Cards
Key AttributesKey Attributes
Securityto make the Digital Life safe and enjoyable
Ease of Useto enable all of us to access to the Digital World
Privacyto respect each individual’s freedom and intimacy
SAFE
So many Smart Cards with So many Smart Cards with us at all times…..us at all times…..
In our GSM phone (the SIM card)In our GSM phone (the SIM card) Inside our WalletsInside our Wallets
Credit/Debit cardsCredit/Debit cards HealthCare cardsHealthCare cards Loyalty cardsLoyalty cards
Our corporate badgeOur corporate badge Our PassportOur Passport Our e-Banking OTPOur e-Banking OTP
… … and the list keeps growingand the list keeps growing
Our Industries Is rapidly Our Industries Is rapidly changingchanging
eTicketing
Interactive billboards Transports
Retail
New solutions leveraging New solutions leveraging on mobile contactless on mobile contactless
servicesservices
Smart Card ApplicationsSmart Card Applications
Government programsGovernment programs Banking & FinanceBanking & Finance Mobile CommunicationMobile Communication Pay Phone CardsPay Phone Cards TransportationTransportation Electronic TollsElectronic Tolls PassportsPassports Electronic CashElectronic Cash Retailer Loyalty Retailer Loyalty
ProgramsPrograms Information securityInformation security
Banking and financeBanking and finance
Electronic purse to replace coins for small purchases in
vending machines .
Credit and debit cards
Securing payments across the internet
Smart card Pay phones Smart card Pay phones
Outside of the United States there is a Outside of the United States there is a
widespread use of payphones widespread use of payphones phone company does not have to collect coinsphone company does not have to collect coins the users do not have to have coins or the users do not have to have coins or
remember long access numbers and PIN remember long access numbers and PIN codescodes
The risk of vandalism is very low since these The risk of vandalism is very low since these payphones are smart card-based. “Generally, payphones are smart card-based. “Generally, a phone is attacked if there is some money a phone is attacked if there is some money inside it, as in the case of coin-based inside it, as in the case of coin-based payphonepayphone
TransportationTransportation
Driver’s licenseDriver’s license
Mass transit fare collection Mass transit fare collection
systemsystem
Electronic toll collection systemElectronic toll collection system
It’s no longer only «Cards»It’s no longer only «Cards»e-Passport: the first Smart Secure e-Passport: the first Smart Secure
DeviceDevice
45 Millions e-Passport in 2009
Student id cardStudent id card
All-purpose student ID card All-purpose student ID card containing a variety of applications containing a variety of applications such as electronic purse (for such as electronic purse (for vending machines, laundry vending machines, laundry machines, library card, and meal machines, library card, and meal card).card).
By 2020 …By 2020 …
20 Billion Smart Secure Devices
>4 Billion Mobile Appliances users
>4 Billion e-ID documents in use
