SMART CARDS
A smart card, chip card, or integrated circuit card (ICC), is any pocket-sized card with embedded integrated circuits. There are two broad categories of ICCs. Memory cards contain only non-volatile memory storage components, and perhaps dedicated security logic. Microprocessor cards contain volatile memory and microprocessor components. The card is made of plastic, generally polyvinyl chloride, but sometimes acrylonitrile butadiene styrene or polycarbonate. The card may embed a hologram to prevent counterfeiting. Smart cards may also provide strong security authentication for single sign-on within large organizations.
Overview:
Smart card used for health insurance in France
A smart card may have the following generic characteristics:
* Dimensions normally analogous to those of a credit card. ID-1 of the ISO/IEC 7810 standard defines smart cards as nominally 85.60 by 53.98 millimetres (3.370 × 2.125 in). Another popular size is ID-000 which is nominally 25 by 15 millimetres (0.984 × 0.591 in) (commonly used in SIM cards). Both are 0.76 millimetres (0.030 in) thick.
* Contains a tamper-resistant security system (for example a secure cryptoprocessor and a secure file system) and provides security services (e.g. protects in-memory information).
* Communicates with external services via card-reading devices, such as ticket readers, ATMs, etc.
Benefits:
Smart cards can provide identification, authentication, data storage and application processing.
Contact smart card:
Contact smart cards have a contact area of approximately 1 square centimetre (0.16 sq in), comprising several gold-plated contact pads. These pad provide electrical connectivity when inserted into a reader.
The ISO/IEC 7810 and ISO/IEC 7816 series of standards define:
* physical shape and characteristics
* electrical connector positions and shapes
* electrical characteristics
* communications protocols, including commands sent to and responses from the card
* basic functionality
Cards do not contain batteries; energy is supplied by the card reader.
Signals:
A smart card pinout
VCC
Power supply input.
RST
Reset signal, used to reset the card's communications.
CLK
Provides the card with a clock signal, from which data communications timing is derived.
GND
Ground (reference voltage).
VPP
Programming voltage input - originally an input for a higher voltage to program persistent memory (e.g. EEPROM, but now deprecated.
I/O
Serial input and output (half-duplex).
C4, C8
The two remaining contacts are AUX1 and AUX2 respectively, and used for USB interfaces and other uses
Applications:
Computer security:
The Mozilla Firefox web browser can use smart cards to store certificates for use in secure web browsing.
Some disk encryption systems, such as FreeOTFE, TrueCrypt and Microsoft Windows 7 BitLocker, can use smart cards to securely hold encryption keys, and also to add another layer of encryption to critical parts of the secured disk.
Smart cards are also used for single sign-on to log on to computers.
Smart cards support functionality has been added to Windows Live Passports
.
Financial:
Smart cards serve as credit or ATM cards, fuel cards, mobile phone SIMs, authorization cards for pay television, household utility pre-payment cards, high-security identification and access-control cards, and public transport and public phone payment cards.
Health care (medical):
Smart health cards can improve the security and privacy of patient information, provide a secure carrier for portable medical records, reduce health care fraud, support new processes for portable medical records, provide secure access to emergency medical information, enable compliance with government initiatives and mandates, and provide the platform to implement other applications as needed by the health care organization.
Security:
Smart cards have been advertised as suitable for personal identification tasks, because they are engineered to be tamper resistant. The chip usually implements some cryptographic algorithm. There are, however, several methods for recovering some of the algorithm's internal state.
No comments:
Post a Comment