Professional Documents
Culture Documents
PRESENTED BY:
SANTOSH KUMAR KUSHWAHA
B.TECH THIRD YEAR
ELECTRONICS AND COMMUNICATION
WHAT IS A SMART
CARD?
A Smart Card (Chip Card) or Integrated
ChipCard (ICC), is a plastic card with a
smallcomputer chip embedded in it
USB
token
Crypto card
Loyalty
Transport
Ticketing
Payment
Health card
Smart Poster
Smart card architecture
GND
VCC
VPP
Reset
I/O
Clock
Reserved
What’s inside a smart card ?
databus 1.Central Processing
test logic
CPU Unit:
ROM
security heart of the chip
logic RAM
serial i/o
interface EEPROM 2.security logic:
detecting abnormal conditions,
e.g. low voltage
3.serial i/o interface: 6.RAM:
contact to the outside world
‘scratch pad’ of the processor
Dedicated terminals
Usually with a small screen,
keypad, printer, often also
have biometric devices such as
thumb print scanner.
Terminal/PC Card
Interaction
The terminal/PC sends commands to the card
(through the serial line).
The card executes the command and sends
back the reply.
The terminal/PC cannot directly access
memory of the card
data in the card is protected from
unauthorized access. This is what makes the
card smart.
Commands are initiated by the
terminal
Interpreted by the card OS
Card state is updated
Response is given by the card
Security Mechanisms
Password
Card holder’s protection
Cryptographic challenge Response
Entity authentication
Biometric information
Person’s identification
A combination of one or more
Password Verification
Terminal asks the user to provide a password.
Password is sent to Card for verification.
Scheme can be used to permit user
authentication.
Not a person identification scheme
Biometric techniques
Finger print identification.
Features of finger prints can be kept on the
card (even verified on the card)
Photograph/IRIS pattern etc.
Such information is to be verified by a person.
The information can be stored in the card
securely.
Cryptographic verification
Terminal verify card (INTERNAL AUTH)
Terminal sends a random number to card to be
hashed or encrypted using a key.
Card provides the hash or cyphertext.
Terminal can know that the card is authentic.
Card needs to verify (EXTERNAL AUTH)
Terminal asks for a challenge and sends the
response to card to verify
Card thus know that terminal is authentic.
Primarily for the “Entity Authentication”
Smart card applications
Retail Communication
Sale of goods GSM
using Electronic Purses, Credit / Payphones
Debit
Healthcare
Vending machines Transportation
Loyalty programs Insurance data
Public Traffic
Tags & smart labels Personal data
Parking
Personal file
Road Regulation (ERP)
• Entertainment Car Protection
– Pay-TV
– Public event accessGovernment E-banking
control Identification
access to accounts
Passport to do transactions
Driving license shares
Conclusions
Smart card technology is emerging, applications are
everywhere
Smart cards enhance service and security
Perfect security does not exist, even not for smart
cards
Risk analysis is essential
Acknowledgements
references:
Smart Card Handbook
ISO7816 standards
www.parivahan.nic.in
1.http://www.ewh.ieee.org/r10/bombay/news5/SmartCards.
htm
2.http://www.smartcardbasics.com/overview.html
3.http://www.smartcardsupply.com/Content/Cards/7816stan
dard.htm
4.http://www.mobilein.com/smart_cards.htm
5.http://www.cardwerk.com/smartcards/smartcard_technol
ogy.aspx
6.Data sheet of SLE4442 chip
7.http://www.smartcardindia.org
8.Smart Card Hand book
9.www.hitachi.co.jp/.../ service/2004034_12381.html
10.www.itsdocs.fhwa.dot.gov/.../ REPTS_TE/13769.html
THANK YOU !