Smart cards are microprocessor integrated systems with own operational system, operational memory, file structure and possibility for internal data processing. They are widely used in digital certificates, electronic signature, decentralized systems for loyal customers and bonus points, prepaid services, network security, software protection and others. Due to the built-in encrypting algorithms and mechanisms they are considered extremely reliable.
Smart cards are defined according to
Mostly all chip cards are built from layers of differing materials, or substrates, that when brought together properly gives the card a specific life and functionality. The typical card today is made from PVC, Polyester or Polycarbonate. The card layers are printed first and then laminated in a large press. The next step in construction is the blanking or die cutting. This is followed by embedding a chip and then adding data to the card. In all, there may be up to 30 steps in constructing a card. The total components, including software and plastics, may be as many as 12 separate items; all this in a unified package that appears to the user as a simple device.
These are the most common type of smart card. Electrical contacts located on the outside of the card connect to a card reader when the card is inserted. This connector is bonded to the encapsulated chip in the card.
Increased levels of processing power, flexibility and memory will add cost. Single function cards are usually the most cost-effective solution. Choose the right type of smart card for your application by determining your required level of security and evaluating cost versus functionality in relation to the cost of the other hardware elements found in a typical workflow. All of these variables should be weighted against the expected lifecycle of the card. On average the cards typically comprise only 10 to 15 percent of the total system cost with the infrastructure, issuance, software, readers, training and advertising making up the other 85 percent. The following chart demonstrates some general rules of thumb:
Memory cards cannot manage files and have no processing power for data management. All memory cards communicate to readers through synchronous protocols. In all memory cards you read and write to a fixed address on the card. There are three primary types of memory cards: Straight, Protected, and Stored Value. Before designing in these cards into a proposed system the issuer should check to see if the readers and/or terminals support the communication protocols of the chip. Most contactless cards are variants on the protected memory/segmented memory card idiom.
Straight Memory Cards
These cards just store data and have no data processing capabilities. Often made with I2C or serial flash semiconductors, these cards were traditionally the lowest cost per bit for user memory. This has now changed with the larger quantities of processors being built for the GSM market. This has dramatically cut into the advantage of these types of devices. They should be regarded as floppy disks of varying sizes without the lock mechanism. These cards cannot identify themselves to the reader, so your host system has to know what type of card is being inserted into a reader. These cards are easily duplicated and cannot be tracked by on-card identifiers.
Protected / Segmented Memory Cards
These cards have built-in logic to control the access to the memory of the card. Sometimes referred to as Intelligent Memory cards, these devices can be set to write- protect some or the entire memory array. Some of these cards can be configured to restrict access to both reading and writing. This is usually done through a password or system key. Segmented memory cards can be divided into logical sections for planned multi-functionality. These cards are not easily duplicated but can possibly be impersonated by hackers. They typically can be tracked by an on-card identifier.
Stored Value Memory Cards
These cards are designed for the specific purpose of storing value or tokens. The cards are either disposable or rechargeable. Most cards of this type incorporate permanent security measures at the point of manufacture. These measures can include password keys and logic that are hard-coded into the chip by the manufacturer. The memory arrays on these devices are set-up as decrements or counters. There is little or no memory left for any other function. For simple applications such as a telephone card, the chip has 60 or 12 memory cells, one for each telephone unit. A memory cell is cleared each time a telephone unit is used. Once all the memory units are used, the card becomes useless and is thrown away. This process can be reversed in the case of rechargeable cards.
These cards have on-card dynamic data processing capabilities. Multifunction smart cards allocate card memory into independent sections or files assigned to a specific function or application. Within the card is a microprocessor or microcontroller chip that manages this memory allocation and file access. This type of chip is similar to those found inside all personal computers and when implanted in a smart card, manages data in organized file structures, via a card operating system (COS). Unlike other operating systems, this software controls access to the on-card user memory. This capability permits different and multiple functions and/or different applications to reside on the card, allowing businesses to issue and maintain a diversity of ‘products’ through the card. One example of this is a debit card that also enables building access on a college campus. Multifunction cards benefit issuers by enabling them to market their products and services via state-of-the-art transaction and encryption technology. Specifically, the technology enables secure identification of users and permits information updates without replacement of the installed base of cards, simplifying program changes and reducing costs. For the card user, multifunction means greater convenience and security, and ultimately, consolidation of multiple cards down to a select few that serve many purposes.
There are many configurations of chips in this category, including chips that support cryptographic Public Key Infrastructure (PKI) functions with on-board math co-processors or JavaCard® with virtual machine hardware blocks. As a rule of thumb - the more functions, the higher the cost.
These are smart cards that employ a radio frequency (RFID) between card and reader without physical insertion of the card. Instead, the card is passed along the exterior of the reader and read. Types include proximity cards which are implemented as a read-only technology for building access. These cards function with a very limited memory and communicate at 125 MHz. Another type of limited card is the Gen 2 UHF Card that operates at 860 MHz to 960 MHz.
True read and write contactless cards were first used in transportation applications for quick decrementing and reloading of fare values where their lower security was not an issue. They communicate at 13.56 MHz and conform to the ISO 14443 standard. These cards are often protected memory types. They are also gaining popularity in retail stored value since they can speed up transactions without lowering transaction processing revenues (i.e. Visa and MasterCard), unlike traditional smart cards.
Variations of the ISO14443 specification include A, B, and C, which specify chips from either specific or various manufacturers. A=NXP-(Philips) B=Everybody else and C=Sony only chips. Contactless card drawbacks include the limits of cryptographic functions and user memory, versus microprocessor cards and the limited distance between card and reader required for operation.
Multi-mode Communication Cards
These cards have multiple methods of communications, including ISO7816, ISO14443 and UHF gen 2. How the card is made determines if it is a Hybrid or dual interface card. The term can also include cards that have a magnetic-stripe and or bar-code as well.
Hybrid cards have multiple chips in the same card. These are typically attached to each interface separately, such as a MIFARE chip and antenna with a contact 7816 chip in the same card.
These cards have one chip controlling the communication interfaces. The chip may be attached to the embedded antenna through a hard connection, inductive method or with a flexible bump mechanism.
These types of cards are for a specific market solution. For example, there are cards where the fingerprint sensor is built on the card. Or one company has built a card that generates a one-time password and displays the data for use with an online banking application. Vault cards have rewriteable magnetic stripes. Each of these technologies is specific to a particular vendor and is typically patented.
The expected shape for cards is often referred to as CR80. Banking and ID cards are governed by the ISO 7810 specification. But this shape is not the only form factor that cards are deployed in. Specialty shaped cutouts of cards with modules and/or antennas are being used around the world. The most common shapes are SIM. SD and MicroSD cards can now be deployed with the strength of smart card chips. USB flash drive tokens are also available that leverage the same technology of a card in a different form factor.
The two primary types of smart card operating systems are (1) fixed file structure and (2) dynamic application system. As with all smartcard types, the selection of a card operating system depends on the application that the card is intended for. The other defining difference lies in the encryption capabilities of the operating system and the chip. The types of encryption are Symmetric Key and Asymmetric Key (Public Key).