Smart Cards

Our Inevitable Future

PRESENTED BY:
SANTOSH KUMAR KUSHWAHA
B.TECH THIRD YEAR
ELECTRONICS AND COMMUNICATION
WHAT IS A SMART
CARD?
A Smart Card (Chip Card) or Integrated
ChipCard (ICC), is a plastic card with a
smallcomputer chip embedded in it

§Smart Card is a small plastic

intelligenttoken embedded with
an IC chip thatmakes it ‘SMART’.
§Smart Cards provide
computational
capability along with memory
capacity.
§Smart Cards can be used with a
SmartCard Reader attachment to
a personalcomputer to
authenticate a user .
What is SMART abouttheSmart Card ??
1 Smart Cards are capable of not just storing
data but also
have processing power.
2 They have larger storage capacity when
compared to
magnetic swipe cards.
3 The data stored can be protected against
unauthorized
access and tampering.
4 They are appropriate for secure and
convenient data
storage.
5 Smart cards have the property of
multifunctionality.
 Types of the smart cards

Based on the way the smart card

interacts with the Reader, smart
cards
are of two types
Contact Smart Cards:
These require insertion into the
Card reader.
Contact less Smart
Cards: These require close
proximity of the user

Categories of Smart Cards

Based on the type of IC chip embedded on the Smart Card,
they are categorized into three types
§ IC Micro Processor Cards
§ IC Memory Cards
§ Optical Memory Cards
Types of smart cards

§ the contact smart card consists of

small
contact plate on the face, which is ½’’
in § This card consists of an IC Chip
Diameter. and
§The transmission of data takes place an antenna coil embedded into it.
when §These cards are mainly used when
this contact plate comes in contact transactions must be processed
with the quickly.
connector of the reader
 SIM
card

USB
token
Crypto card

Memory card Java card

 Smart Cards today in our everyday lives

Loyalty
Transport

Ticketing

Payment
Health card
Smart Poster
Smart card architecture

GND
VCC
VPP
Reset
I/O
Clock
Reserved
What’s inside a smart card ?
databus 1.Central Processing
test logic
CPU Unit:
ROM
security heart of the chip
logic RAM
serial i/o
interface EEPROM 2.security logic:
detecting abnormal conditions,
e.g. low voltage
3.serial i/o interface:
contact to the outside world
4.test logic:
self-test procedures
5.ROM:
– card operating
system
– self-test procedures
– typically 16 kbytes
– future 32/64 kbytes
6.RAM:
‘scratch pad’ of the processor
typically 512 bytes
future 1 kbyte
7.EEPROM:
–cryptographic keys
–PIN code
–biometric template
–balance
–application code
–typically 8 kbytes
–future 32 kbytes
 Smart Card Readers
 Computer based readers
Connect through USB or COM
(Serial) ports

 Dedicated terminals
Usually with a small screen,
keypad, printer, often also
have biometric devices such as
thumb print scanner.
Terminal/PC Card
Interaction
The terminal/PC sends commands to the card
(through the serial line).
The card executes the command and sends
back the reply.
The terminal/PC cannot directly access
memory of the card
data in the card is protected from
unauthorized access. This is what makes the
card smart.
Commands are initiated by the
terminal
Interpreted by the card OS
Card state is updated
Response is given by the card
 Security Mechanisms

Password
Card holder’s protection
Cryptographic challenge Response
Entity authentication
Biometric information
Person’s identification
A combination of one or more

Password Verification
Terminal asks the user to provide a password.
Password is sent to Card for verification.
Scheme can be used to permit user
authentication.
Not a person identification scheme

Biometric techniques
Finger print identification.
Features of finger prints can be kept on the
card (even verified on the card)
Photograph/IRIS pattern etc.
Such information is to be verified by a person.
The information can be stored in the card
securely.
Cryptographic verification
Terminal verify card (INTERNAL AUTH)
Terminal sends a random number to card to be
hashed or encrypted using a key.
Card provides the hash or cyphertext.
Terminal can know that the card is authentic.
Card needs to verify (EXTERNAL AUTH)
Terminal asks for a challenge and sends the
response to card to verify
Card thus know that terminal is authentic.
Primarily for the “Entity Authentication”
 Smart card applications
Retail Communication
 Sale of goods  GSM
using Electronic Purses, Credit /  Payphones
Debit
Healthcare
 Vending machines Transportation
 Loyalty programs  Insurance data
 Public Traffic
 Tags & smart labels  Personal data
 Parking
 Personal file
 Road Regulation (ERP)
• Entertainment  Car Protection
– Pay-TV
– Public event accessGovernment E-banking
control  Identification
access to accounts
 Passport to do transactions
 Driving license shares
 Conclusions
Smart card technology is emerging, applications are
everywhere
Smart cards enhance service and security
Perfect security does not exist, even not for smart
cards
Risk analysis is essential
Acknowledgements
references:
Smart Card Handbook
ISO7816 standards
www.parivahan.nic.in
1.http://www.ewh.ieee.org/r10/bombay/news5/SmartCards.
htm
2.http://www.smartcardbasics.com/overview.html
3.http://www.smartcardsupply.com/Content/Cards/7816stan
dard.htm
4.http://www.mobilein.com/smart_cards.htm
5.http://www.cardwerk.com/smartcards/smartcard_technol
ogy.aspx
6.Data sheet of SLE4442 chip
7.http://www.smartcardindia.org
8.Smart Card Hand book
9.www.hitachi.co.jp/.../ service/2004034_12381.html
10.www.itsdocs.fhwa.dot.gov/.../ REPTS_TE/13769.html
THANK YOU !