Smart Cards

What is a Smart Card?

A smart card is a plastic card embedded with a computer chip that stores and logs data transactions. This data can either be a value, information or both. It is stored and processed within the card’s chip. The chip can either be used just for memory or can be used as a microprocessor to perform calculations and other functions. The card data is transacted via a card reader. Smart cards are in use today throughout several applications, including healthcare, banking, entertainment and transportation.

First introduced in Europe, smart cards were used to store a currency or time for use with pay phones to help reduce theft. In time, new uses were found for smart cards, from using them as a sophisticated credit card to a replacement for paper in record keeping.

Smart cards have not been as readily accepted in the U.S. But they are now gaining popularity for everything from financial transactions to checking out books at the library to attending movies. Several states governments, as well as the federal government and the armed forces, have chip card programs. These programs generally use the card as a value store. Some industries have exploited more of the range of features available with smart cards in products such as digital cell phones and TV-satellite decoders.

According to Dataquest, the worldwide smart card market will grow to 4.7 Billion units and $6.8 Billion by 2002.

Types of Smart Cards

Although all smart cards contain a computer chip, not all smart cards can perform calculations. Smart cards can be classified as two basic types: memory cards and microprocessor cards.

Memory cards have no sophisticated processing power. They communicate to readers using synchronous protocols. Memory cards can be further subdivided into three separate categories: straight memory cards, stored value memory cards, and protected/segmented memory cards.

Straight Memory Cards. These cards just store data and have no data processing capabilities. They are the lowest cost-per-bit for user memory. They are really nothing more than a floppy disk on a credit card size piece of plastic. These cards cannot identify themselves to the reader, so the host system has to know the type of card is being inserted into a reader. An example of this type of smart card is the membership card at the YMCA that is used to be able to enter the locker room area. The card has a stored ID number on it. The YMCA’s system reads the ID number and compares it to a database. If the ID number is on the database, the door unlocks. There is no provision to change this ID number.

Stored Value Memory Cards. These cards are designed for the specific purpose of storing value or tokens. The cards are either disposable or rechargeable. Most cards of this type have permanent security measures implemented at the time of manufacture. These measures can include password keys and logic that is hard-coded into the chip by the manufacturer. The memory arrays on these devices are set-up as decrements or counters. There is little or no memory left for any other function. For simple applications such as a telephone card, the chip has one memory cell for each telephone unit. A memory cell is cleared each time a telephone unit is used. Once all the memory units are used, the card becomes useless and is thrown away. Some cards can be recharged, which would involve reloading the memory cells.

Protected/Segmented Memory Cards. These cards have built-in logic to control the access to the memory of the card. Sometimes referred to as Intelligent Memory cards, these devices can be set to write protect some or all of the memory array. Some of these cards can be configured to restrict access to both reading and writing. This is usually done through a password or system key. Segmented memory cards can be divided into logical sections for planned multi-functionality

The other type of smart card is the CPU/MPU Microprocessor Multifunction Card. Microprocessor cards contain a microprocessor, an operating system, and read/write memory that can be updated many times. The microprocessor card is like a miniature PC that can be carried in a wallet. All it needs is power, a display, and a terminal. The microprocessor card is the version normally referred to as a smart card.

These cards have on-card data processing capabilities. Multifunction smart cards allocate card memory into independent sections, with each assigned to a specific task. Within the card is a microprocessor chip that manages the memory allocation and file access. It has the ability to manage and access data in organized file structures by using one of several card operating system. The operating systems software also controls access to the on-card memory, which allows multiple functions and/or different applications to reside on the same card.

Multifunction cards allow the same card to be used for multiple purposes, reducing the number of cards or tokens that need to be carried. The information in each independent section can be updated, or replaced, without having to replace all the cards in use. For example, a new feature available to smart card users can be installed on new cards produced. The existing cards will still function (just without the new feature) and the card readers will not need to be changed.

Today’s smart card market offers a range of serial memory, protected memory and microprocessor cards; however, the bulk of this report will address microprocessor cards. Because of their limited storage capacity and low level of security, protected memory cards are not suitable as multi-application or multi-purpose cards. Appendix A shows a comparison of some memory and microprocessor smart cards.

What’s a Chip Card?

Often the terms “chip card,” “integrated circuit card” and “smart card” are used interchangeably, but they can mean different things. A chip card can refer to a memory-only card, a serial-protected memory card, or a microprocessor card. The memory-only and serial-protected memory cards do not contain logic or perform calculations. They only store data. The serial-protected memory card has a security feature not found in the memory-only card. It’s memory that cannot be overwritten. Many of these cards have advanced authentication schemes built into the chip.

The microprocessor chip card, on the other hand, executes program code and perform calculations, as well as stores data. The microprocessor card is truly a “smart card”, unlike the memory-only and serial-protected memory cards, which are sometimes referred to as “dumb cards”.

However, both the memory and microprocessor cards can protect the information being stored from being damaged, lost, or stolen. For this reason, smart cards are much more secure than magnetic stripe cards, which carry information on the outside of the card and can be easily copied.

According to Microsoft:

Smart cards can store over a hundred times more information than magnetic-stripe card
Smart cards are more reliable and harder to tamper with than a magnetic-stripe card
Smart card readers can perform multiple functions in a wide range of industries
Smart cards are compatible with portable electronic devices such as phones, PDA, and PCs.
Smart cards can store very sensitive data such as signing or encryption keys in a very secure manner
Smart cards are capable of performing certain sensitive operations using signing or encryption keys in a secure fashion

Smart cards can verify, authenticate, and protect the cardholder’s information. The ability to communicate with other systems gives the smart card the capacity to be used as an ID card, payment card, SIM card for mobile phones, credit card, and retail loyalty program card. (Smart Shows Largest Growth)

A retail loyalty program card is used to reward repeat customers. The customer earns points for every dollar spent at a particular merchant. The points are accumulated and stored on the smart card. When some preset limit is reached, the customer can redeem points for cash or merchandise. Using the smart card eliminates the need for a large database to accumulate the points from all transactions. A stored value memory card would be appropriate for these loyalty program cards.

The graph to the left shows the trade-off of price versus card capacity for the different categories of smart cards.

As can be seen, Straight Memory cards have capacity at a low price, which makes them very appealing for many different uses.

The Microprocessor card has similar capacity, but because of the sophistication and abilities of the integrated microprocessor chip, these cards have a much higher cost.

However, these microprocessor cards also offer the most functionality for the capacity and cost.

Methods of Reading a Smart Card

There are two different methods of accessing the information on the smart card. Some cards need physical contact with a card reader in order to be used. Others only need to be within a pre-determined proximity of the reader.

Contact Smart Card. Contact smart cards must be inserted into a smart card reader. They have a small gold plate about ½" in diameter on the front of the card. When the card is inserted into a smart card reader, the reader makes contact with electrical connectors, allowing the transfer of data to and from the chip.

Contactless Smart Cards. Contactless smart cards, on the other hand, only need to be passed within ten centimeters of the reader to perform a transaction. Like the contact cards, they have a microchip in the cards, but the also have an antenna embedded inside. These components allow the card to communicate with an antenna/coupler unit without a physical contact.
Contactless cards are very useful when transactions must be processed very quickly, as in mass-transit or toll collection activities.

The contactless card usually communicates with a reader via radio frequencies and using a specific protocol. Several cards can be present in the activation fields of the reader at the same time. An anti-collision procedure, which uses a specific ID to identify and address each card, is used to help the reader distinguish which card is being read.

The system is not without faults and issues:

Card tracking is not as straightforward as in a contact environment since there is no mechanical interaction between the card and the reader.
The reader detects the presence of a new card using a polling mechanism. Card removal is only detected when the card no longer answers a request.
A cold reset can be done within the field by switching the radio frequency on and off. Unfortunately only a subset of the supported contactless cards have the functionality to be reset individually.

Neither the contact nor the contactless smart cards have an internal power source. The card reader provides the power needed by the internal microprocessor chip. The contact smart card receives the power via the physical contact with the reader. The contactless smart card contains a magnetic coil, which is activated by the reader, supplying power for the microprocessor chip. The only time the microprocessor chip is active is when it is in proximity to the card reader.

Recently, card manufacturers have developed "combi" and “hybrid” cards, which offer multiple ways to access the information of the card.

Hybrid cards versus Combi-cards.

Today’s credit card infrastructure is built around the magnetic stripe card. The feeling in the industry is there may be a 10-year period where both magnetic stripe cards and chip cards will need to be used before the system will fully be converted for the smart card. During that period, many cards will carry both a chip and a magnetic stripe. The America Express Blue card is an example. A hybrid infrastructure will be needed to allow for this transaction. New readers will need to be able to read the magnetic stripe, the chip, or both, while the older readers will read only the magnetic stripe.

Hybrid cards that contain two distinct places for data storage, the magnetic stripe and the chip, each with its own interface access. Like the American Express Blue card, these cards are likely to continue using the magnetic stripe for routine banking and point-of-sale transactions while also having the capability of introducing chip applications such as stored value, secure database access or information storage. Other applications can be added as they become available.

In the future, these hybrid cards can be used to combine different technologies that are used for different purposes. For example, the chip can be used for data storage, the magnetic stripe can be used for physical access control, and a bar code can be used for property asset management.

Combi-cards, sometimes known as a dual-interface card, allows for both contact and contactless reader capability. Contact and contactless communications can interface with the same memory within the card, so a single processor supports multiple interfaces. The combi-card chip is shown in the figure to the left.

Components of a Card Platform

The configuration of the smart card platform may vary substantially from project to project, depending upon the card management approach, card personalization, card issuance procedures, card capabilities, card applications, and technical environment selected for the project. However, the typical platform will include the following:

Cards. The smart cards will be integrated circuit chip cards that may utilize multiple technologies and have varying capabilities.
Central Card Management System. A Central Card Management system should function as the core of the smart card system. It would house the central cardholder database that supports the capture, storage, retrieval, retention, integrity, and management of data necessary for the issuance, status, replacement, renewal and audit of cards.
Card Issuance Equipment. The Card Issuance Equipment includes the computers and peripherals needed to capture the information used to enroll a cardholder, personalize the card, load the card with any necessary certificates, and issue the card to the cardholder.
Certificate/Attribute Authority System. The Certificate and/or Attribute Authority System is a trusted computer system that receives certificate from the entity acting as a Registration Authority, and in turn, signs and issues certificates that are returned to the Registration Authority for loading onto cards. The Certificate/Attribute Authorities typically will maintain their own repositories (i.e., Lightweight Directory Access Protocol (LDAP) servers) that are used to publish certificates.
Card Acceptance Device. A Card Acceptance Device is used to communicate with the smart card during a transaction. It is the interface between the card and the application using the card. Card acceptance devices provide power and timing to the smart card chip and can operate with either contact or contactless interfaces.
Applications. The card provides the access to physical and logical access control applications, as well as to other applications that are a component of the card system. Depending on the card management approach, these applications may communicate with the central card management platform to upload back-up transactions and/or to download hot lists.
Interfaces to Legacy Databases. Many agencies will choose to include from existing legacy systems. Thus, important components of the platform architecture are the interfaces from legacy systems to the central cardholder database or to the card issuance workstation.

Infrastructure Costs

The total system cost includes ID cards design, issuance and management costs, card reader cost, biometric reader cost, and other supporting infrastructure costs. These costs also include the redesign of identity verification processes, personnel retraining and staffing. For security systems, smart cards provide a proven, cost effective solution balancing initial cost with the highest security architecture and flexibility to more easily modify and upgrade the system over time (Smart Card Alliance)

When designing a system, a planner should look at the total cost of ownership that would include the following:

Analysis
Installation and Deployment
Delegated Services
Training
Management
Audits and Upgrades
Infrastructure Costs (Software and Hardware)

Smart Card Dimensions and Specifications

Smart card standards governing the physical properties and communication characteristics of the embedded chip and are covered through the ISO 7816-1,2,3

ISO Standards

ISO 7816 is the international standard for integrated-circuit cards that use electrical contacts. It has six parts:

Part 1: Physical Characteristics (ISO 7816-1:1987) defines the physical dimensions of contact smart cards and their resistance to static electricity, electromagnetic radiation and mechanical stress. It also describes the physical location of an IC card’s magnetic stripe and embossing area.

Part 2: Dimensions and Location of Contacts (ISO7816-2:1988) defines the location, purpose and electrical characteristics of the card’s metallic contacts (see illustration to right).

Part 3: Electronic Signals and Transmission Protocols (ISO 7816-3:1989) defines the voltage and current requirements for the electrical contacts as defined in Part 2 and asynchronous half-duplex character transmission protocol (T=0). Amendment 1:1992 Protocol type T=1, asynchronous half duplex block transmission protocol. Smart cards that use a proprietary transmission protocol carry the designation, T=14. Amendment 2:1994 Revision of protocol type selection.

Part 4: Inter-industry Commands for Interchange (ISO 7816-4) establishes a set of commands for CPU cards across all industries to provide access, security and transmission of card data. Within this basic kernel, for example, are commands to read, write, and update records.

Part 5: Numbering System and Registration Procedure for Application Identifiers (ISO 7816-5:1994) establishes standards for Application Identifiers (AIDs). An AID has two parts. The first is a Registered Application Provider Identifier (RID) of five bytes that is unique to the vendor. The second part is a variable length field of up to 11 bytes that RIDs can use to identify specific applications.

Part 6: Inter-industry Data Elements (ISO 7816-6) details the physical transportation of device and transaction data, answer to reset and transmission protocols. The specifications permit two transmission protocols: character protocol (T=0) or block protocol (T=1). A card may support either but not both. Some card manufacturers adhere to neither of these protocols. The transmission protocols for such cards are described as T=14.

In general, a microprocessor chip has an 8K to 64K Read Only Memory (ROM) that contains the chip’s operating system. The ROM is written during production by the semiconductor manufacturer and, once written, cannot be altered. (Smart Card Alliance)

Random Access Memory (RAM) serves as a temporary register for data. RAM is volatile, and only will keep its contents while the chip is in communications with the reader.

Electrically Erasable Programmable Read Only Memory (EEPROM) is the read/write memory for the storage of data. Access to the EEPROM memory is controlled by the chip’s operating system, and may contain data such as a PIN that can only be accessed by the operating system. Other data, for example, a card’s serial number, can be written to EEPROM during card manufacture. Most of the EEPROM memory is used to store user data such as a biometric, purse balance, demographic information, and transaction records. EEPROM can be rewritten to approximately 10,000 times.

Figure 2 shows the memory required for a variety of biometric templates. The smart card, with its larger memory sizes, is attractive for biometrics-based systems.

Operating Systems

There are two leading and generally accepted types of card operating systems. The Classic approach of card operating system is the most cost-efficient because the cost is dependent on the size and functions that are needed. Each card is treated as a secure computing and storage device. The files, and the permissions to the files, are all set by the card issuer during manufacture. The only access to the cards is through the operating system. There are no back doors, no reconfiguration of file structures on the card. Data is read or written to the card only by those who are authorized by the issuers. The operating system performs a set of “applications” such as authentication and encryption as requested through commands sent to the card. Multos is an example of this card operating system.

The second methodology is the Disk Drive approach to card operating systems. The card is treated as a computing device with an active memory manager which allows specific “applications” and files to be loaded onto the card in the field. This card operating system allows for active file allocation and management. It is designed for card programs that have a long expected user life (4+ years). Java Cards and the Microsoft Windows Card OS are examples of this approach. These cards have a much higher risk of tampering due to the ability of someone to introduce active applets and or viruses to the card. A file, or purse, with a low value could conceivably be replaced with a new purse that has the same name with a higher value.

Initial issuance of these cards is costly, due to the sophistication of the OS. The advantage of this approach is that card replacement costs can possibly go down through the use of in-field upgrades. This card architecture needs a larger memory for future unplanned upgrades and a larger program memory to upload applets. This larger memory translates to larger capacity chips, which would have a higher cost. There is also a licensing burden that would ultimately be paid by the card issuer. And the security infrastructure costs are much higher to manage due to the multiple points of entry to the card system functions.

While the Citibank card carries the credit card brand of MasterCard, it does not use the Multos operating system that MasterCard owns. Instead Citibank uses Java Card and the Global Platform technology for adding and deleting applications. Many software developers are writing for the Java platform and GlobalPlatform allows an issuer to manage its own applications. (