|
|
|
HOT TOPICS: SMARTCARDS
What's in your pocket?
ICA has had a long involvement with smartcards.
Smartcards were first deployed in the early 1980s but it was not until the early 1990's that they were deployed in large numbers.
During the noughties the number of smartcards in circulation has grown exponentially. They are now in widespread use in
credit card, ticketing, mobile phone and electronic Id applications.
Overview
The plastic smart-card form factor is strictly controlled via the ISO standard 7816. This standard defines the size and shape of the
card and the placement of the metal contacts. It also defines the electrical interface. It does not, however, define the usage of the
card.
Types and sizes
Smart-cards can be broadly categorised as follows:
| |
• File-structure cards with an EPROM to store data; they have a set
of contacts on them through which a card-reader can read and write data to the
card. A dumb variant of these type of cards have ROM only and are used for pre-paid
applications. As the stored value only
decrements and when it is depleted the card "fuses" and can be used no more. |
| |
• Processor cards with a small microprocessor on them, they look exactly the same as memory cards and have identical contacts; the benefit
is they can run small programs. Typically most vendors provide their own proprietary operating system but there are initiatives seeking
to standardise on a common operating system such as smartcard Java. |
Card Communications
Cards can be contact or contact-less, or a hybrid containing both types of interface.
Contactless cards have a coil in them for use with contact-less readers; when
they are brought close to a reader a current is induced in the coil which powers
the card for a specific
application. Most hybrid cards have a separate processor for the contacts and
contact-less portions of the card but recent developments have seen the convergence
of the two interface types to operate in a common processor environment. The
choice of communications mechanism should be guided by the application:
Contact cards are best used for applications in which the card can reasonably be expected to be under the contacts for a length or time.
Communication speeds are not high as large amounts of data will not be written to the card post-issuance.
Contact-less card are best used for applications that require only a momentary period of time for communication i.e. transaction-based
applications such as ticketing. Card transmission speeds are higher for contact-less cards but the period of communication is short
(measured in milliseconds).
Card Operating Systems
Smartcards use an operating system that provides access to the card capabilities via standard or proprietary commands. Software,
provided by the card vendor, binds the card operating system to the system hosting the card reader via a PC/SC- compliant driver.
Multi-application Operating Systems
There are two main operating system for smartcards in use today.
| |
• MULTOS, a purpose-built,
very tight, very
secure o/s designed for financial applications. As it is optimised for smart-cards,
it is quite fast. Mondex applications typically operate on MULTOS. |
• Java Card, a version of Java optimised for smartcards. Sun has
promoted the open nature of the card development environment in the Open Card forum which has developed into the Global Platform for
smartcards initiative. |
Global Platform is an aliiance of smarcard producers and users, it provides an architecture
for working with smartcards.
Of late a new international standard ISO 24727 holds much promise for promoting the
interoperability of smartcard applications and providing a level of abstraction between the applciation and the card
infrastructure.
Functionality
Transaction Systems
These cards are used in applications such as epurse or loyalty systems. The smartcard stores value that is incremented or decremented
when the card is presented for use. Cards used for these applications can be contact or contactless cards. Loyalty systems typically
use contact cards, loyalty applications typically use proximity cards.
Identification Systems
In these applications the card is used to store detail on the cardholder. If
the card is being used for identification the card will typically contain a digital
certificate. Cards of this type are sometimes used for digitally signing a document
or for encrypting a
file for transmission over unsecured facilities. Contact cards are typically
used for these applications
Conclusion
Smartcards have come of age - they're a viable choice for the storage of data that is easy to transport and accepted by the public.
Managers must choose the right card type that best suits the application. ICA consultants can assist in making the right choice that
represents the best value for money.
|
| |
|
|
|
 
|
|
