Smart card
A smartcard or smart card is a tiny secure cryptoprocessor embedded within a credit card-sized or smaller (like the GSM SIM) card.
History
Smart cards were invented and patented in France by Roland Moreno in the 1970s. Their first mass usage was payment in the French payphones starting from 1983 (Télécarte). The second one was the integration of a microchip into all French debit cards (communications protocols and power voltages to be applied to those connectors
- the functionality
- the format of the commands sent to the card and the response returned by the card
The cards do not contain a battery; power is supplied by the card reader.
In a contact-type smart card, the chip can be recognised by an area of gold-plated contacts about 1 cm2 close to the short side of the card. Normally the contact communication is relatively slow (9.6-115.2 kbit/s). There is currently a trend towards implementing USB 1 on these contacts (up to 10 Mbit/s), but there is not yet a final standard.
Contactless smartcard
A second type is the non-contact type called contactless smart card, where the chip communicates with the card reader through wireless self-powered induction technology (106-424kbits/s).
The standards for the contactless protocol for smart cards are ISO/IEC 14443 (type A and B) from the year 2001. There have been proposals for ISO 14443 type C, D, E and F that have yet to be accepted by the ISO standards committee. An alternative standard for contactless smartcard is ISO 15693.
An example of a widely used contactless smartcard is Hong Kong's Octopus card, which predates the ISO/IEC 14443 standard. For use on public transportation, Malaysia introduced the Touch 'n Go smartcard in 1997, Paris introduced the in October 2001, and London introduced the in January 2004.
A related contactless technology is RFID (radio frequency identification) that in certain cases can be used for similar applications to contactless smartcard such as for electronic toll collection. RFID generally do not include writeable memory or microcontroller processing capability as contactless smartcard do.
There are dual-interface cards that implement contactless and contact interfaces on a single card with some shared storage and processing. An example is Malaysia's multi application smartcard identification called MyKad that uses both contact Proton and contactless Mifare (ISO 14443A) chips.
Applications
The applications of smartcards include their use as credit or ATM cards, SIMs for mobile phones, authorization cards for pay television, high
security identification and access control cards, public transport tickets, etc.
Smart cards may also be used as electronic wallets. The smart card chip can be loaded with electronic money, which can be used to pay parking meters, vending machines, and merchants. Cryptographic protocols protect the exchange of money between the smart card and the accepting machine. Examples for this are Proton, GeldKarte, Moneo and Quick.
Smartcards have been advertised as suitable for these tasks, because they are engineered to be tamper resistant.
The embedded chip of a smart card normally implements some cryptographic algorithm. Information about the inner workings of this algorithm can be obtained if the precise time and electrical current required for certain encryption or decryption operations is measured. A number of research projects have now demonstrated the feasibility of this line of attack. Counter measures have been proposed.
Another problem of smart cards may be the failure rate. The plastic card in which the chip is embedded is fairly flexible, and first time users are insufficiently careful with their card. Smart cards are often carried in wallets or pockets, which is a fairly harsh environment for a chip. However, for large banking systems, the failure managenent cost is more than compensated by the fraud cost reduction.
See also
