Department of Finance and Deregulation Australian Government Information Management Office

Download 213.66 Kb.
Size213.66 Kb.
  1   2   3   4   5   6

Department of Finance and Deregulation

Australian Government Information Management Office

National Smartcard Framework

December 2008

Smartcard Handbook


This document has been prepared by the Department of Finance and Deregulation (Finance) to provide information to government bodies in relation to the use of smartcards for government transactions.

While every effort has been made to ensure that the document is accurate, no warranty, guarantee or undertaking is
given regarding the accuracy, completeness or currency of the document. This document should not be relied upon
as legal advice. Users are encouraged to seek independent advice relevant to their own circumstances.

Links to other websites are inserted for convenience only and do not constitute endorsement of material at those sites,

or any associated organisation, product or service.
Department of Finance and Deregulation

Australian Government Information Management Office

© Commonwealth of Australia 2008
This work is copyright. Apart from any use as permitted under the Copyright Act 1968, no part
may be reproduced by any process without prior written permission from the Commonwealth.
Requests and inquiries concerning reproduction and rights should be addressed to the
Commonwealth Copyright Administration, Attorney-General’s Department, Robert Garran
Offices, National Circuit, Barton ACT 2600 or posted at

1 Introduction 5

1.1 Audience 5

1.2 Document structure 5

1.3 Acronyms 5

1.4 Contact details 6

2 What are smartcards? 7

3 What are the advantages of smartcards? 10

3.1 Fundamental properties 10
3.2 Applied benefits 10

4 Smartcard systems and deployments 12

5 Types of smartcard 14

5.1 Memory chips (including serial protected memory chips) 14

5.2 ROM-mask cards 14

5.3 Micro-controller cards 14

6 Smartcard interfaces: contact and contactless 14

7 Smartcard readers 16

8 Smartcard security 18

8.1 Special security features of smartcards 18

8.2 Potential security vulnerabilities 19

9 Operating systems 20

10 Typical smartcard applications 21

10.1 Where are smartcards used? 21

10.2 Financial applications 21

10.3 Communications applications 21

10.4 Government programs 22

10.5 Information security 22

10.6 Physical access 22

10.7 Transportation 22

10.8 Retail and loyalty 22

10.9 Health card 22

10.10 Campus cards 23

11 Developing the business case for smartcard deployments 24

11.1 What is a business case? 24

12 When should agencies consider implementing smartcards? 25

12.1 Specific capability required 25

12.2 Portability 25

12.3 Identity authentication/information security 25

12.4 Automatic forms population 25

12.5 Multi-application enabler 25

12.6 Updatable applications 26

12.7 Hybridising card technologies 26

12.8 Cost Sharing 26

1 Introduction

The Australian Government Information Management Office (AGIMO), within the Department of Finance and Deregulation (Finance), fosters the efficient and effective use of information and communications technology (ICT) by Australian Government departments and agencies. AGIMO provides leadership in defining and driving government-wide ICT strategy, standards and technical architecture.

The National Smartcard Framework (the Framework) is one of a number of frameworks and strategies developed to support interoperable whole-of-government business applications. The Framework should be read in conjunction with other Australian Government frameworks, including the Attorney-General’s Department’s National Identity Security Strategy, AGIMO’s Australian Government Technical Interoperability Framework, the National e-Authentication Framework, the Better Practice Guide to Authorisation and Access Management, and the Gatekeeper Framework (for use where public key technologies are implemented with smartcards).

To complement the Framework, a suite of online supporting materials are available to assist agencies in planning and implementing smartcard deployments. The suite includes:

• Smartcard Handbook (this document)

• Implementation Models and Checklists

• Smartcard Project Design Guide

• Case Studies; and

• Framework Implementation Specifications (FIS)

It is expected that case studies will be provided by Communities of Practice (CoP) as smartcard deployments occur. These supporting documents will be available at

1.1 Audience

The Framework is aimed at government agencies deploying smartcards, and third-party service providers delivering smartcard solutions on behalf of a government agency. This Smartcard Handbook should be read by technically adept newcomers seeking a comprehensive introduction to the field as well as reference material on certain government issues, such as security and privacy.

1.2 Document structure

This Smartcard Handbook comprises an overview of smartcard technology (including its fundamental properties and benefits), smartcard systems and schemes, types of smartcard, security and privacy and typical smartcard applications. It includes an overview of how to make the business case for smartcard deployments and outlines a preferred model for smartcard content.

1.3 Acronyms

AGIMO Australian Government Information Management Office

AS Australian Standard

ATM automated teller machine

CPU central processing unit

EEPROM electrically erasable programmable read only memory

EFT electronic funds transfer

EFTPOS electronic funds transfer at point of sale

EMV Europay-MasterCard-Visa

FIPS Federal Information Processing Standards [United States]

GSM global system for mobile communications

ICC integrated circuit card

ICT information and communications technology

ID identity

IEC International Electrotechnical Commission

IMAGE Identity Management for Australian Government Employees Framework

ISO International Standards Organization

MultOS A programming language developed by Mondex for systems using MAOS (multi-application operating systems) for smartcards

NeAF National e-Authentication Framework

NIST National Institute of Standards and Technology [United States]

PC personal computer

PC/SC personal computer/smartcard (interface standards) [international]

PIN personal identification number

PIV personal identity verification [scheme of the United States]

PKI public key infrastructure

RAM random access memory

ROM read only memory

RSA Rivest Shamir & Adelman [a cryptographic algorithm]

SAM security access module

SIM subscriber identification module

Directory: sites -> default -> files
files -> The United States and Post-Castro Cuba
files -> 9. 5 Political Powers and Achievements Tom Burns- beacon High School
files -> Indiana Academic Standards Resource Guide World History and Civilization Standards Approved March 2014
files -> Women in Slavery and the Fight for Social Freedoms
files -> How to Place Slavery into British Identity
files -> Title Publishing Format / Length
files -> Oh Freedom! Teaching African American Civil Rights Through American Art at the Smithsonian
files -> Eastern State Penitentiary Historic Site’s interpretation of Al Capone’s cell, c. 2013. Al Capone Approved Source for Tour Content Developed by Annie Anderson May 2013 Draft 2 For Web Guiding questions
files -> Dr amanda wise & dr jan ali commonwealth of Australia 2008

Share with your friends:
  1   2   3   4   5   6

The database is protected by copyright © 2020
send message

    Main page