As a consequence of the above fundamental properties, today’s sophisticated smartcards offer certain advantages in certain settings, including:
• Multi-applications. A single smartcard can perform multiple independent tasks. For example, a bank-issued smart credit card might also furnish an electronic purse, public transport ticket, telephone calling card, loyalty functions, personalised access to government services and multiple individual digital certificates.
• Sophisticated fraud detection and response is possible, for example, in environments where connection to backend systems cannot be relied upon. For instance, the card alone can enforce security rules relating to daily transaction caps, maximum PIN retries or purchasing patterns.
• Containers for multiple digital credentials. The writable memory, access control and encryption capabilities of modern smartcards allow them to carry multiple independent identifiers, or digital certificates. A card scheme operator may chose to use a third party’s digital certificate rather than their own which requires the certification authority to collaborate with the card issuer in the printing of the cards.
• Online security can be greatly enhanced using smartcards thanks to their mutual authentication capabilities. In particular, smartcards can help protect against website fraud, phishing and ‘pharming’ (where large numbers of unwitting users are directed to a fake or spoofed website, and subsequently led to divulge sensitive information or to initiate inappropriate transactions).
• Two-factor authentication requires two out of ‘something you know’, ‘something you have’ or ‘something you are’. A common example of two-factor authentication is a bank card (credit card, debit card); the card itself is the physical item, and the PIN is the data that goes with it. Smartcards also constitute two-factor authentication being physical tokens like the common bank card.
• Field upgrades are possible for functional enhancements, bug fixes or to load entirely new applications. The built-in security capabilities make it possible in many cases to upgrade smartcards remotely, avoiding the need to recall and re-distribute fresh cards.
In Section 10 ‘Typical smartcard applications’ the various sectors and business applications where smartcards are being canvassed in detail, and a number of case studies are presented.
4 Smartcard systems and deployments
Smartcards require readers in order to communicate with computer applications (these are discussed further in Section 7 ‘Smartcard readers’). Before going into detail, it is important to characterise the minimum combination of smartcard plus reader plus computer because it is the ‘edges’ of these sub-systems (that is, the interfaces between them) that most fundamentally determine interoperability. Standardisation of the edges is a necessary, but unfortunately not sufficient, condition for application-level interoperability. Figure 2 illustrates the interactions between the three main parts of a smartcard system.
Figure 2: Smartcard system schematic
If a number of parties – including agencies across jurisdictions – can agree to share a card and/or the associated infrastructure, then the system cost to each party may be reduced and the number of locations where the card can be used increased. The use of credit and EFTPOS cards is an example of this. Such deployments require careful and detailed consideration of the legal, management, technical, cultural, security and other issues involved from the outset. Agencies need to be aware that it takes time to satisfactorily resolve these issues.
To fully describe and manage smartcard implementations, a further layer of abstraction is needed on top of cards and systems – the deployment. For the purposes of this Framework, a smartcard deployment is referred to as an ensemble of:
• smartcard systems (that is, cards plus readers plus computers)
• business rules (including the business objectives, agreed technical standards, usage agreements, terms and conditions applying to all parties, liability arrangements, dispute resolution and so on)
• applications that use the card systems
• processes for getting cards to users and for supporting the infrastructure
• for a ‘full blown’ deployment, accreditation processes for determining the compliance of all parts of the implementation to the agreed standards; and
• consumer health card schemes in, for example, Austria and Taiwan; and
• any one of a number of commercial public transport ticketing projects.
When considering interoperability, it is important to examine interoperability at each of the following levels:
• technical -across the edges between cards, readers and computers
• information - where, for instance, one bank’s ATM network might be able to use data from another bank’s card
• business - where, for instance, much work has been done to join road tolling schemes, and how smartcard driver licences might be usefully and safely joined to commercial business offerings, or used to control access to government services.
5 Types of smartcard
Smartcards are distinguished by the design type of the chip they contain, and by the type of interface used to communicate with the reader. There are three different types of chip.