Basic Overview of Smart Card Technology
Total Page:16
File Type:pdf, Size:1020Kb
Basic Overview of Smart Card Technology What is a Smart Card? heading toward contactless technology, contact smart cards are still the standard for Smart cards are typically credit card sized, logical (computer) access and some other plastic credentials containing a applications, such as payment systems in microprocessor chip that serves the dual Europe. functions of communication and extensive data storage. Although it is packaged in the Contactless Smart Cards form of a card, a smart card operates much like a personal computer in that it can store Contactless cards should not be confused data, manipulate data, and perform functions with their predecessor – the proximity card. like mathematical equations. Smart cards Although both technologies transmit data normally contain application fields/sectors via radio frequency (and the visible secured by special, application-specific operation of each appears the same to a security keys (much like keys that unlock user), a contactless card provides much various rooms in a building). These sectors greater security and contains approximately can contain information for various 100 times the data storage of a traditional applications – such as access control, proximity card. Most new applications of cashless vending, mass transit, and payment smart cards, such as payments systems, are systems – securely separated from one other currently running pilots in anticipation of by security keys. Smart cards can come in transitioning to contactless technology. two forms: contact and contactless. Contact smart cards operate much like magnetic ISO Standards Governing Smart stripe cards (credit cards, etc.), requiring Cards insertion into or direct contact with a reader. Contactless cards are read when presented The International Standards Organization near or in “proximity” to a reader. (ISO) is a network of 148 countries’ institutes of standards that provides Contact Smart Cards consensus for decisions governing standards for various products worldwide. Members Most cards originally introduced in the include one representative per nation, market were contact smart cards. This including both government and private technology contains approximately 800 sector individuals. Decisions made by the times the storage capacity of its predecessor, ISO affect both business and government the magnetic stripe card. Although most new standards. applications of smart cards appear to be XceedID(TM), XACTT(TM) and ISO-X(TM) are trademarks of XceedID Corporation. GE®, CASI® and ProxLite® are registered trademarks of General Electric Corporation. MIFARE®, I-Code® and DESFire® are registered trademarks of Philips Electronics, Inc. HID® and iCLASS® are registered trademarks of HID Corporation. my-d® and Infineon® are registered trademarks of Infineon. Other product names mentioned herein may be trademarks and / or registered trademarks of other companies. XceedID Corporation * 112 N. Rubey Dr., Suite 100 * Golden, CO 80403 Phone: (303) 273-9930 * Fax: (303) 273-9937 * www.XceedID.com ISO 7816 is the ISO standard governing and readers be purchased from the same contact smart cards. The standard covers vendor. physical characteristics, dimensions and contact locations, transmission protocols, Unique Identifier (UID): All ISO-compliant commands for interchange, application smart cards are provided with a UID number identifier systems and data elements. (akin to a VIN number on a vehicle). For interoperability purposes, a card’s UID is ISO 14443 is a four-part contactless standard open and available to be read by all consisting of physical card characteristics, compliant readers. Since this unique number radio frequency power and signal is not secured by keys, reading the UID of a interference, initialization and anti-collision smart card is comparable to reading a and transmission protocols. The operating proximity card, mag stripe card or other frequency defined in this standard is 13.56 technology that utilizes open, unsecured MHz, providing a read range up to 4 inches numbers. (10 cm). There are two “flavors” of ISO 14443: Type A and Type B. Although Advantages of Contactless Smart originally meant to serve different functions, Cards both Type A and Type B are now microprocessor standards similar in There are a number of advantages to function. However, ISO 14443A is the more consider when comparing contactless commonly used technology, while Type B is technology to contact smart cards and 125 used primarily in banking applications. Due kHz proximity cards: to faster data speeds, 14443 technology is recommended for applications in which 1. Convenience: Given the choice, extensive amounts of data, such as large users will virtually always choose biometric templates, need to be transmitted. contactless over contact technology. Anticipating an increase in data-intensive Contactless smart card users do not applications requiring high data rates, the have to worry about where to insert U.S. government recently selected ISO the card, how to insert the card, or 14443 as its official standard. how fast to slide the card. ISO 15693 is a 13.56 MHz technology 2. Less Maintenance/Warranty: referred to as vicinity because it provides Contactless smart cards require very greater operational read ranges, making it little wear and tear maintenance the preferred choice for many high-traffic because they contain no moving locations like access control. parts and require no points of contact. As a result, most contactless Proximity can refer to ISO14443 or to the smart cards come with lifetime older 125 kHz technology traditionally used warranties covering defects and in access control. 125 kHz proximity is not workmanship. “smart” technology and is not governed by ISO standards. 125 kHz proximity is 3. Higher Security: Contactless typically proprietary, requiring that cards products are uniquely capable of Page 2 of 4 XceedID(TM), XACTT(TM) and ISO-X(TM) are trademarks of XceedID Corporation. GE®, CASI® and ProxLite® are registered trademarks of General Electric Corporation. MIFARE®, I-Code® and DESFire® are registered trademarks of Philips Electronics, Inc. HID® and iCLASS® are registered trademarks of HID Corporation. my-d® and Infineon® are registered trademarks of Infineon. Other product names mentioned herein may be trademarks and / or registered trademarks of other companies. XceedID Corporation * 112 N. Rubey Dr., Suite 100 * Golden, CO 80403 Phone: (303) 273-9930 * Fax: (303) 273-9937 * www.XceedID.com providing optimal transmission can be added to a contactless smart security with optional encryption and card as user needs evolve. mutual authentication features. Mutual authentication is a three-way 8. Future Protection: Contactless smart communication process between a technology will no doubt soon card and reader using hashed, replace mag strip and proximity encrypted messages to authenticate technologies. Choosing contactless each other without broadcasting a products now will avoid the use of shared secret key. obsolete and outdated systems while providing the best avenue for system 4. Large Memory: Contactless cards expandability. have a data storage capacity approximately 100 times greater than Card Technology Overview that of a proximity card. Contactless smart cards can also process MIFARE® is a 13.56 MHz contactless information, calculate mathematical technology family of microprocessors formulas and perform other developed by Philips. MIFARE is the most computing functions. common contactless chipset on the market and is used in most applications around the 5. Enhanced Privacy: Even large globe. It is an ISO 14443 product that biometric templates can be stored ensures compatibility with future products. and verified using a single Cards can be purchased that contain memory contactless smart card, allowing up to 32k bits, a capacity robust enough to private information to stay in the process the largest biometric templates possession of the card holder instead while still incorporating other applications. of being stored in a data base. DESFire® is a high-end chipset in the 6. Versatile Form Factors: Unlike its MIFARE family that is the first chip contact counterparts, contactless compliant with the Government Smart Card smart communication can utilize a Interoperability Specification (GSC-IS). variety of credential technologies. The GSC-IS standard was created to ensure Keychain fobs, watches and even the interoperability of contactless and stickers can be used as contactless contact smart cards throughout the federal credentials. government. 7. Multiple Applications: Carrying a DES Encryption is a strong cryptographic contactless smart card is like algorithm protecting classified information. carrying many cards in one. A single It is a public algorithm determined by the contactless smart card can manage National Institute of Standards and multiple applications such as access Technology (NIST) to be open, inexpensive, control, payment systems, cashless widely available and – most of all – very vending, paring, mass transit, etc. secure. Additional features and applications Page 3 of 4 XceedID(TM), XACTT(TM) and ISO-X(TM) are trademarks of XceedID Corporation. GE®, CASI® and ProxLite® are registered trademarks of General Electric Corporation. MIFARE®, I-Code® and DESFire® are registered trademarks of Philips Electronics, Inc. HID® and iCLASS® are registered trademarks of HID Corporation. my-d® and Infineon® are registered trademarks of Infineon. Other product names mentioned herein may be trademarks and /