Inquiries and comments should be forwarded to <firstname.lastname@example.org>.
2 What are smartcards?
The term ‘smartcard’ means an entire class of credit-card-sized devices fitted with a micro-chip to deliver one or more ‘intelligent’ capabilities. The classic examples of smartcards include stored-value cards or ‘electronic purses’ used to convey electronic cash, personal electronic health cards which might carry compact summary records of personal medical data, and smart credit/debit cards which replace insecure magnetic stripe storage of cardholder details with access-controlled chip-based storage that is resistant to copying.
Importantly, examples of smartcard technology encompass a far broader range of applications. A more complete but not exhaustive list of applications for smartcard technologies includes:
A great deal turns on the sophistication of the chip. Some simple smartcard applications require no more than a memory chip in which off-card applications can store user-specific data (such as the number of remaining public transport rides or the value of remaining telephone calls). Other applications require the equivalent of an entire micro-computer to be embedded within the smartcard: a micro-controller, various types of memory and an operating system. Multi-application smartcards today have approximately the same capabilities and logical powers as the first commercial micro-computers in the mid 1970s. The typical major elements of a multi-application smartcard are:
• Central processing unit (CPU) or simply the ‘processor’, which is the core of the micro-controller.
• Read only memory (ROM) for carrying operating system and built-in programs loaded at the time the card chip is manufactured.
• Electrically Erasable Programming Read Only Memory (EEPROM) non volatile memory normally used for storing data and card applications.
• Writable memory (RAM) is volatile and hence is only used for temporary storage (not used for permanent storage). Data and applications are generally stored in EEPROM, however, to save personalisation time card applications are sometimes stored in the ROM.
• Card Operating System for controlling execution of application software, loading of new application program files, reading and writing of data to memory, and general low-level functions, such as power on and power off. It is especially crucial when a card carries more than one program. In other words, the card operating system is used for accessing the CPU, EEPROM, RAM and ROM (typically referred to as the ROM-mask).
• File system (which may be part of the card operating system) manages how data is stored and how programs on the card (as well as external devices like card readers) can read and write to the EEPROM. Sophisticated smartcard file systems feature memory protection to safeguard against application bugs and deliberate hacking, and access controls, which can discriminate between different users and programs in terms of their rights to read from or write to certain areas of memory. A file system can be implemented as an application on a multi-programmable smartcard.
• Communications interfaces are the means by which a smartcard can interact with the outside world by exchanging electrical signals with a card reader. Broadly, there are two types of interface:
- contactless, in which signals are carried by a radio frequency link involving an ‘antenna’ (more commonly called a coil in which electrical current is induced) built into the plastic of the card. Critical to the performance of a contactless card is the integrity of the card reader.
• Application software (implement business rules) runs on the smartcard’s CPU, and is what produces the major functional differences between different smartcard deployments. Smartcard applications run in much the same way as regular personal computer (PC) software, except that, by PC standards, smartcards have tiny memory capacity and limited input/output capabilities.
• Special-purpose hardware is built into many sophisticated smartcards to deliver certain functions more securely and/or more efficiently. In particular, cryptographic co-processors are increasingly commonplace, providing asymmetric encryption, authentication and key generation services to the software running on the card.
Smartcards thus embody an ordered technology ‘stack’, comprising relatively discrete layers, each of which mainly interacts only with immediately neighbouring layers via formal and standardised interfaces (see Figure 1).
Figure 1: Indicative Smartcard technology ‘stack’ (file system architecture)
3 What are the advantages of smartcards?
3.1 Fundamental properties
While smartcards are plastic cards with an embedded chip, they have several truly unique fundamental properties that underpin their business benefits. The fundamental properties are as follows:
• For all practical purposes, it is not possible to copy or counterfeit a smartcard. Smartcards can be configured to divulge their data only to specially qualified and authenticated terminal equipment. Magnetic stripe cards, on the other hand, store everything in a passive magnetic stripe, and anyone with a reader can skim off the data and replicate it at will onto counterfeit cards. Furthermore, smartcards carry buried cryptographic codes, written onto the silicon chip or into firmware at the time of manufacture. Even if an attacker obtains a smartcard and the related personal identification number (PIN), they will not be able to clone the card or use it to spawn counterfeits.
For detailed qualifications to the claim that smartcards, for all practical purposes, cannot be copied see Section 8 ‘Smartcard security’ below.
• Smart ‘chips’ are ‘smart’ 1. This allows a smartcard to exhibit a far more intelligent and therefore richer set of functions than a magnetic stripe card (or most other authentication tokens excluding ‘fobs’ which can have as many features as a contactless card). In addition, smartcards can act independently from a back-end system or offline, allowing security rules to be enforced offline.
• The chip allows intelligent access control around the contents and functions of the smartcard. Multi-application smartcards provide global PIN functionality. Smartcards allow a rich suite of access control rules that can be associated with different data containers. Smartcard data can therefore be protected so an attacker cannot freely read it, as is the case with magnetic stripe cards.
• Smartcards are capable of mutual authentication in online transactions. The chip and/or tamper-resistant memory allow the client side of a transaction to actively verify the identity of the server before the server identifies the client. This property assists in countering man-in-the-middle attack2.