| Brief
History
Advantages of Smart Cards
Components of a Smart Card
Smart Card Manufacturing Process
Smart Card Transaction Process
Smart Cards Used for Logical Access
Brief History
A smart card is a plastic card in which an integrated circuit,
or chip, is embedded. Systems using smart cards have multiple
point-of-service terminals, or readers, which communicate
with the card and with a central host computer system. The
development of smart cards dates back to the 1970s, when patents
were filed in France, Germany, and Japan.
The first mass rollout of smart cards took place in 1992,
when the cards were adopted by all French banks. More than
10 million cards were issued that year. MCU smart card shipments
have grown dramatically, with 727 million shipped in 2002,
and over 1 billion expected to ship annually within the next
2 to 3 years. This rapid growth is due to the increasing use
of smart cards for many financial, telecommunications, transit,
health care and secure identification applications.
What
started as an electronic device to store bank account information
securely has evolved into a sophisticated computing device
capable of supporting many different applications on a single
card or token. These applications include bank cards, mobile
phone subscriber identity modules (SIM), health cards, government
and enterprise ID cards, benefits and social welfare cards,
driver’s licenses, physical and logical access cards,
mass transit (ticketing) cards, and even cards that combine
multiple applications on a single card.
Back
to Top
Advantages of Smart Cards:
- Robust
security
- Increased
storage capacity
- Flexibility
and intelligence in transaction processing
- Support
for multiple applications and multiple functions
Back
to Top
Components of a Smart Card:
- A
CPU for managing data, executing cryptographic algorithms
and enforcing application rules.
- ROM
for storing operating system (OS) software. Some vendors
offer flash EEPROM15 as an option to ROM.
- RAM
for temporary storage of data.
- Electrically
erasable programmable read-only memory (EEPROM) for storing
variable data, such as cardholder information, passwords,
and transaction details.
- Card
OS software for controlling one or more applications.
- Application
software, dedicated to one application or supporting multiple
applications.
- Dedicated
hardware security features that prevent access to software
and data stored in memory from physical or logical attacks.
- Optional
additional processors for rapid encryption functions.
- Data
transmission over a bidirectional, serial terminal interface.
- Execution
control and instruction processing.
- Protection
of access to data.
- Memory
management.
- File
management.
- Management
and execution of cryptographic algorithms.
Back
to Top
Smart Card Manufacturing Process:
Back
to Top
Smart Card Transaction Process:
- The
user inserts the smart card into the smart card reader connected
to a laptop or other computer.
- The
user typically “unlocks” the card with a PIN
or password. The system (either the laptop or the host system
depending on the system design) authenticates that the inserted
card is a valid card and reads authentication information
from the card (as described above).
- The
authentication information is securely communicated via
the network to the networked enterprise system. Either an
authentication server or an application receives the data,
determines the user’s privileges and provides access
only to those resources that the cardholder is authorized
to access. For example, the smart card used by a doctor
can provide full read/write access to information, while
a smart card used by a nurse could provide more limited
access.
Back
to Top
Smart Cards used for Logical Access:
Back
to Top
|
