A acute card, dent card, or chip ambit agenda (ICC), is any pocket-sized agenda with anchored chip circuits. A acute agenda or chip cards accommodate airy anamnesis and chip components. The agenda is fabricated of plastic, about polyvinyl chloride, but sometimes acrylonitrile butadiene styrene or polycarbonate. Acute cards may aswell accommodate able aegis affidavit for individual sign-on (SSO) aural ample organizations.
Monday, February 27, 2012
Overview
Dimensions agnate to those of a acclaim card. ID-1 of the ISO/IEC 7810 accustomed defines cards as nominally 85.60 by 53.98 millimetres (3.370 × 2.125 in). Addition accustomed admeasurement is ID-000 which is nominally 25 by 15 millimetres (0.984 × 0.591 in) (commonly acclimated in SIM cards). Both are 0.76 millimetres (0.030 in) thick.
Contains a tamper-resistant aegis arrangement (for archetype a defended cryptoprocessor and a defended book system) and provides aegis casework (e.g., protects in-memory information).
Managed by an administering arrangement which deeply interchanges advice and agreement settings with the card, authoritative agenda blacklisting and application-data updates.
Communicates with alien casework via card-reading devices, such as admission readers, ATMs, etc.
edit Benefits
Smart cards can accommodate identification, authentication, abstracts accumulator and appliance processing.1
The allowances of acute cards are anon accompanying to the aggregate of advice and applications that are programmed for use on a card. A individual contact/contactless acute agenda can be programmed with assorted cyberbanking credentials, medical entitlement, driver’s license/public carriage entitlement, adherence programs and club memberships to name just a few. Multi-factor and adjacency affidavit can and has been anchored into acute cards to admission the aegis of all casework on the card. For example, a acute agenda can be programmed to alone acquiesce a contactless transaction if it is aswell aural ambit of addition accessory like a abnormally commutual adaptable phone. This can decidedly admission the aegis of the acute card.
Governments accretion a cogent accessory to the accouterment of about adjourned casework through the added aegis offered by acute cards. These accumulation are anesthetized assimilate affiliation through a abridgement in the all-important allotment or added accessible services.
Individuals accretion added aegis and accessibility if application acute cards advised for interoperability amid services. For example, consumers alone charge to alter one agenda if their wallet is absent or stolen. Additionally, the abstracts accumulator accessible on a agenda could accommodate medical advice that is analytical in an emergency should the agenda holder acquiesce admission to this.
edit History
A acute card, accumulation acclaim agenda and debit agenda properties. The 3 by 5 mm aegis dent anchored in the agenda is apparent continued in the inset. The acquaintance pads on the agenda enables cyberbanking admission to the chip.
edit Invention
In 1968 German electrical architect Helmut Gröttrup and his aide Jürgen Dethloff invented the automatic dent card, accepting a apparent alone in 1982, while alive for German aggregation Giesecke & Devrient.citation needed The aboriginal accumulation use of the cards was as a Télécarte for transaction in French pay phones, starting in 1983.
French artist Roland Moreno2 patented the anamnesis agenda concept3 in 1974. In 1977, Michel Ugon from Honeywell Bull invented the aboriginal dent acute card. In 1978, Bull patented the SPOM (self programmable one-chip microcomputer) that defines the all-important architectonics to affairs the chip. Three years later, Motorola acclimated this apparent in its "CP8". At that time, Bull had 1,200 patents accompanying to acute cards. In 2001, Bull awash its CP8 analysis calm with its patents to Schlumberger, who after accumulated its own centralized acute agenda administration and CP8 to actualize Axalto. In 2006, Axalto and Gemplus, at the time the world's top two acute agenda manufacturers, alloyed and became Gemalto. In 2008 Dexa Systems spun off from Schlumberger and acquired Enterprise Aegis Casework business, which included the acute agenda solutions analysis amenable for deploying the aboriginal ample calibration accessible key basement (PKI) based acute agenda administration systems.
edit Carte Bleue
The additional use dent microchips into all French Carte Bleue debit cards in 1992. Customers amid the agenda into the merchant's POS terminal, again typed the PIN, afore the transaction was accepted. Alone actual bound affairs (such as paying baby artery tolls) are candy after a PIN.
Smart-card-based "electronic purse" systems abundance funds on the agenda so that readers do not charge arrangement connectivity and entered account throughout Europe in the mid-1990s, a lot of conspicuously in Germany (Geldkarte), Austria (Quick Wertkarte), Belgium (Proton), France (Mon€o4), the Netherlands (Chipknip and Chipper), Switzerland ("Cash"), Norway ("Mondex"), Sweden ("Cash", decommissioned in 2004), Finland ("Avant"), UK ("Mondex"), Denmark ("Danmønt") and Portugal ("Porta-moedas Multibanco").
The above bang in acute agenda use came in the 1990s, with the addition of smart-card-based SIMs acclimated in GSM adaptable buzz accessories in Europe. With the beyond of adaptable phones in Europe, acute cards accept become actual common.
edit EMV
The all-embracing transaction brands MasterCard, Visa, and Europay agreed in 1993 to plan calm to advance the blueprint for acute cards as either a debit or a acclaim card. The aboriginal adaptation of the EMV arrangement was appear in 1994. In 1998 a abiding absolution of the blueprint became available. EMVco, the aggregation amenable for the abiding aliment of the system, upgraded the blueprint in 2000 and in 2004.5 EMVco's purpose is to assure the assorted banking institutions and retailers that the blueprint absorb astern affinity with the 1998 version.
With the barring of a few countries such as the United States EMV-compliant cards and accessories are widespread. Typically, a country's civic transaction association, in allocation with MasterCard International, Visa International, American Express and JCB, accordingly plan and apparatus EMV systems.
edit Contactless
Contactless acute cards that do not crave concrete acquaintance amid agenda and clairvoyant are acceptable added accustomed for transaction and ticketing applications such as accumulation alteration and artery tolls. Visa and MasterCard accept agreed to an easy-to-implement adaptation that was deployed in 2004–2006 in the USA. A lot of contactless book accumulating implementations are custom and incompatible, admitting the MIFARE Accustomed agenda from Philips has a ample bazaar allotment in the US and Europe.
Smart cards are aswell getting alien in claimed identification and alms schemes at regional, national, and all-embracing levels. Citizen cards, drivers’ licenses, and accommodating agenda schemes are appearing. In Malaysia, the compulsatory civic ID arrangement MyKad includes eight altered applications and has 18 actor users. Contactless acute cards are allotment of ICAO biometric passports to enhance aegis for all-embracing travel.
edit Contact
Illustration of acute agenda anatomy and packaging
Contact acute cards accept a acquaintance breadth of about 1 aboveboard centimetre (0.16 sq in), absolute several gold-plated acquaintance pads. These pads accommodate electrical connectivity if amid into a reader.6
The ISO/IEC 7810 and ISO/IEC 7816 alternation of standards define:
concrete appearance and characteristics
electrical adapter positions and shapes
electrical characteristics
communications protocols, including commands beatific to and responses from the card
basal functionality
Cards do not accommodate batteries; ability is supplied by the agenda reader.
edit Communication protocols
Communication protocols Name Description
T=0 Character-level manual protocol, authentic in ISO/IEC 7816-3
T=1 Block-level manual protocol, authentic in ISO/IEC 7816-3
edit Signals
A acute agenda pinout
VCC
Ability supply.
RST
Displace signal, acclimated to displace the card's communications.
CLK
Provides the agenda with a alarm signal, from which abstracts communications timing is derived.
GND
Ground (reference voltage).
VPP
ISO/IEC 7816-3:1997 appointed this as a programming voltage - an ascribe for a college voltage to affairs assiduous anamnesis (e.g., EEPROM).
ISO/IEC 7816-3:2006 designates it SPU, for either accustomed or proprietary use, as ascribe and/or output.
I/O
Serial ascribe and achievement (half-duplex).
C4, C8
The two actual contacts are AUX1 and AUX2 respectively, and acclimated for USB interfaces and added uses.7
edit Reader
Smartcard Clairvoyant on a Laptop
Contact acute agenda readers are acclimated as a communications average amid the acute agenda and a host (e.g., a computer, a point of auction terminal) or a adaptable telephone.
Because the chips in banking cards are the aforementioned as those acclimated in subscriber character modules (SIMs) in adaptable phones, programmed abnormally and anchored in a altered section of PVC, dent manufacturers are architecture to the added ambitious GSM/3G standards. So, for example, although the EMV accustomed allows a dent agenda to draw 50 mA from its terminal, cards are commonly able-bodied beneath the blast industry's 6 mA limit. This allows abate and cheaper banking agenda terminals.
Contains a tamper-resistant aegis arrangement (for archetype a defended cryptoprocessor and a defended book system) and provides aegis casework (e.g., protects in-memory information).
Managed by an administering arrangement which deeply interchanges advice and agreement settings with the card, authoritative agenda blacklisting and application-data updates.
Communicates with alien casework via card-reading devices, such as admission readers, ATMs, etc.
edit Benefits
Smart cards can accommodate identification, authentication, abstracts accumulator and appliance processing.1
The allowances of acute cards are anon accompanying to the aggregate of advice and applications that are programmed for use on a card. A individual contact/contactless acute agenda can be programmed with assorted cyberbanking credentials, medical entitlement, driver’s license/public carriage entitlement, adherence programs and club memberships to name just a few. Multi-factor and adjacency affidavit can and has been anchored into acute cards to admission the aegis of all casework on the card. For example, a acute agenda can be programmed to alone acquiesce a contactless transaction if it is aswell aural ambit of addition accessory like a abnormally commutual adaptable phone. This can decidedly admission the aegis of the acute card.
Governments accretion a cogent accessory to the accouterment of about adjourned casework through the added aegis offered by acute cards. These accumulation are anesthetized assimilate affiliation through a abridgement in the all-important allotment or added accessible services.
Individuals accretion added aegis and accessibility if application acute cards advised for interoperability amid services. For example, consumers alone charge to alter one agenda if their wallet is absent or stolen. Additionally, the abstracts accumulator accessible on a agenda could accommodate medical advice that is analytical in an emergency should the agenda holder acquiesce admission to this.
edit History
A acute card, accumulation acclaim agenda and debit agenda properties. The 3 by 5 mm aegis dent anchored in the agenda is apparent continued in the inset. The acquaintance pads on the agenda enables cyberbanking admission to the chip.
edit Invention
In 1968 German electrical architect Helmut Gröttrup and his aide Jürgen Dethloff invented the automatic dent card, accepting a apparent alone in 1982, while alive for German aggregation Giesecke & Devrient.citation needed The aboriginal accumulation use of the cards was as a Télécarte for transaction in French pay phones, starting in 1983.
French artist Roland Moreno2 patented the anamnesis agenda concept3 in 1974. In 1977, Michel Ugon from Honeywell Bull invented the aboriginal dent acute card. In 1978, Bull patented the SPOM (self programmable one-chip microcomputer) that defines the all-important architectonics to affairs the chip. Three years later, Motorola acclimated this apparent in its "CP8". At that time, Bull had 1,200 patents accompanying to acute cards. In 2001, Bull awash its CP8 analysis calm with its patents to Schlumberger, who after accumulated its own centralized acute agenda administration and CP8 to actualize Axalto. In 2006, Axalto and Gemplus, at the time the world's top two acute agenda manufacturers, alloyed and became Gemalto. In 2008 Dexa Systems spun off from Schlumberger and acquired Enterprise Aegis Casework business, which included the acute agenda solutions analysis amenable for deploying the aboriginal ample calibration accessible key basement (PKI) based acute agenda administration systems.
edit Carte Bleue
The additional use dent microchips into all French Carte Bleue debit cards in 1992. Customers amid the agenda into the merchant's POS terminal, again typed the PIN, afore the transaction was accepted. Alone actual bound affairs (such as paying baby artery tolls) are candy after a PIN.
Smart-card-based "electronic purse" systems abundance funds on the agenda so that readers do not charge arrangement connectivity and entered account throughout Europe in the mid-1990s, a lot of conspicuously in Germany (Geldkarte), Austria (Quick Wertkarte), Belgium (Proton), France (Mon€o4), the Netherlands (Chipknip and Chipper), Switzerland ("Cash"), Norway ("Mondex"), Sweden ("Cash", decommissioned in 2004), Finland ("Avant"), UK ("Mondex"), Denmark ("Danmønt") and Portugal ("Porta-moedas Multibanco").
The above bang in acute agenda use came in the 1990s, with the addition of smart-card-based SIMs acclimated in GSM adaptable buzz accessories in Europe. With the beyond of adaptable phones in Europe, acute cards accept become actual common.
edit EMV
The all-embracing transaction brands MasterCard, Visa, and Europay agreed in 1993 to plan calm to advance the blueprint for acute cards as either a debit or a acclaim card. The aboriginal adaptation of the EMV arrangement was appear in 1994. In 1998 a abiding absolution of the blueprint became available. EMVco, the aggregation amenable for the abiding aliment of the system, upgraded the blueprint in 2000 and in 2004.5 EMVco's purpose is to assure the assorted banking institutions and retailers that the blueprint absorb astern affinity with the 1998 version.
With the barring of a few countries such as the United States EMV-compliant cards and accessories are widespread. Typically, a country's civic transaction association, in allocation with MasterCard International, Visa International, American Express and JCB, accordingly plan and apparatus EMV systems.
edit Contactless
Contactless acute cards that do not crave concrete acquaintance amid agenda and clairvoyant are acceptable added accustomed for transaction and ticketing applications such as accumulation alteration and artery tolls. Visa and MasterCard accept agreed to an easy-to-implement adaptation that was deployed in 2004–2006 in the USA. A lot of contactless book accumulating implementations are custom and incompatible, admitting the MIFARE Accustomed agenda from Philips has a ample bazaar allotment in the US and Europe.
Smart cards are aswell getting alien in claimed identification and alms schemes at regional, national, and all-embracing levels. Citizen cards, drivers’ licenses, and accommodating agenda schemes are appearing. In Malaysia, the compulsatory civic ID arrangement MyKad includes eight altered applications and has 18 actor users. Contactless acute cards are allotment of ICAO biometric passports to enhance aegis for all-embracing travel.
edit Contact
Illustration of acute agenda anatomy and packaging
Contact acute cards accept a acquaintance breadth of about 1 aboveboard centimetre (0.16 sq in), absolute several gold-plated acquaintance pads. These pads accommodate electrical connectivity if amid into a reader.6
The ISO/IEC 7810 and ISO/IEC 7816 alternation of standards define:
concrete appearance and characteristics
electrical adapter positions and shapes
electrical characteristics
communications protocols, including commands beatific to and responses from the card
basal functionality
Cards do not accommodate batteries; ability is supplied by the agenda reader.
edit Communication protocols
Communication protocols Name Description
T=0 Character-level manual protocol, authentic in ISO/IEC 7816-3
T=1 Block-level manual protocol, authentic in ISO/IEC 7816-3
edit Signals
A acute agenda pinout
VCC
Ability supply.
RST
Displace signal, acclimated to displace the card's communications.
CLK
Provides the agenda with a alarm signal, from which abstracts communications timing is derived.
GND
Ground (reference voltage).
VPP
ISO/IEC 7816-3:1997 appointed this as a programming voltage - an ascribe for a college voltage to affairs assiduous anamnesis (e.g., EEPROM).
ISO/IEC 7816-3:2006 designates it SPU, for either accustomed or proprietary use, as ascribe and/or output.
I/O
Serial ascribe and achievement (half-duplex).
C4, C8
The two actual contacts are AUX1 and AUX2 respectively, and acclimated for USB interfaces and added uses.7
edit Reader
Smartcard Clairvoyant on a Laptop
Contact acute agenda readers are acclimated as a communications average amid the acute agenda and a host (e.g., a computer, a point of auction terminal) or a adaptable telephone.
Because the chips in banking cards are the aforementioned as those acclimated in subscriber character modules (SIMs) in adaptable phones, programmed abnormally and anchored in a altered section of PVC, dent manufacturers are architecture to the added ambitious GSM/3G standards. So, for example, although the EMV accustomed allows a dent agenda to draw 50 mA from its terminal, cards are commonly able-bodied beneath the blast industry's 6 mA limit. This allows abate and cheaper banking agenda terminals.
Contactless
Contact acute cards accept a acquaintance breadth of about 1 aboveboard centimetre (0.16 sq in), absolute several gold-plated acquaintance pads. These pads accommodate electrical connectivity if amid into a reader.6
The ISO/IEC 7810 and ISO/IEC 7816 alternation of standards define:
concrete appearance and characteristics
electrical adapter positions and shapes
electrical characteristics
communications protocols, including commands beatific to and responses from the card
basal functionality
Cards do not accommodate batteries; ability is supplied by the agenda reader.
edit Communication protocols
Communication protocols Name Description
T=0 Character-level manual protocol, authentic in ISO/IEC 7816-3
T=1 Block-level manual protocol, authentic in ISO/IEC 7816-3
edit Signals
A acute agenda pinout
VCC
Ability supply.
RST
Displace signal, acclimated to displace the card's communications.
CLK
Provides the agenda with a alarm signal, from which abstracts communications timing is derived.
GND
Ground (reference voltage).
VPP
ISO/IEC 7816-3:1997 appointed this as a programming voltage - an ascribe for a college voltage to affairs assiduous anamnesis (e.g., EEPROM).
ISO/IEC 7816-3:2006 designates it SPU, for either accepted or proprietary use, as ascribe and/or output.
I/O
Serial ascribe and achievement (half-duplex).
C4, C8
The two actual contacts are AUX1 and AUX2 respectively, and acclimated for USB interfaces and added uses.7
edit Reader
Smartcard Clairvoyant on a Laptop
Contact acute agenda readers are acclimated as a communications average amid the acute agenda and a host (e.g., a computer, a point of auction terminal) or a adaptable telephone.
Because the chips in banking cards are the aforementioned as those acclimated in subscriber character modules (SIMs) in adaptable phones, programmed abnormally and anchored in a altered section of PVC, dent manufacturers are architecture to the added ambitious GSM/3G standards. So, for example, although the EMV accepted allows a dent agenda to draw 50 mA from its terminal, cards are commonly able-bodied beneath the blast industry's 6 mA limit. This allows abate and cheaper banking agenda terminals.
edit Agreement analysis
Hardware and software accoutrement are accessible to adviser and assay communications amid acute cards and readers.8910
The ISO/IEC 7810 and ISO/IEC 7816 alternation of standards define:
concrete appearance and characteristics
electrical adapter positions and shapes
electrical characteristics
communications protocols, including commands beatific to and responses from the card
basal functionality
Cards do not accommodate batteries; ability is supplied by the agenda reader.
edit Communication protocols
Communication protocols Name Description
T=0 Character-level manual protocol, authentic in ISO/IEC 7816-3
T=1 Block-level manual protocol, authentic in ISO/IEC 7816-3
edit Signals
A acute agenda pinout
VCC
Ability supply.
RST
Displace signal, acclimated to displace the card's communications.
CLK
Provides the agenda with a alarm signal, from which abstracts communications timing is derived.
GND
Ground (reference voltage).
VPP
ISO/IEC 7816-3:1997 appointed this as a programming voltage - an ascribe for a college voltage to affairs assiduous anamnesis (e.g., EEPROM).
ISO/IEC 7816-3:2006 designates it SPU, for either accepted or proprietary use, as ascribe and/or output.
I/O
Serial ascribe and achievement (half-duplex).
C4, C8
The two actual contacts are AUX1 and AUX2 respectively, and acclimated for USB interfaces and added uses.7
edit Reader
Smartcard Clairvoyant on a Laptop
Contact acute agenda readers are acclimated as a communications average amid the acute agenda and a host (e.g., a computer, a point of auction terminal) or a adaptable telephone.
Because the chips in banking cards are the aforementioned as those acclimated in subscriber character modules (SIMs) in adaptable phones, programmed abnormally and anchored in a altered section of PVC, dent manufacturers are architecture to the added ambitious GSM/3G standards. So, for example, although the EMV accepted allows a dent agenda to draw 50 mA from its terminal, cards are commonly able-bodied beneath the blast industry's 6 mA limit. This allows abate and cheaper banking agenda terminals.
edit Agreement analysis
Hardware and software accoutrement are accessible to adviser and assay communications amid acute cards and readers.8910
Hybrids
Dual-interface cards apparatus contactless and acquaintance interfaces on a individual agenda with some aggregate accumulator and processing. An archetype is Porto's multi-application carriage card, alleged Andante, which uses a dent with both acquaintance and contactless (ISO/IEC 14443 Type B) interfaces.
Applications
Computer security
The Mozilla Firefox web browser can use acute cards to abundance certificates for use in defended web browsing.11
Some deejay encryption systems, such as FreeOTFE, TrueCrypt and Microsoft Windows 7 BitLocker, can use acute cards to deeply authority encryption keys, and aswell to add addition band of encryption to analytical locations of the anchored disk.12
Smart cards are aswell acclimated for individual sign-on to log on to computers.
Smart agenda abutment functionality has been added to Windows Live passports.
edit Acclaim cards
Main articles: Contactless acute agenda and Acclaim card
These are the best accepted transaction cards (classic artificial card):
Visa: Visa Contactless, Quick VSDC—"qVSDC", Visa Wave, MSD, payWave
MasterCard: PayPass Magstripe, PayPass MChip
American Express: ExpressPay
Discover: Zip
Roll-outs started in 2005 in USA. Asia and Europe followed in 2006. Contactless (non PIN) affairs awning a transaction ambit of ~$5–50. There is an ISO/IEC 14443 PayPass implementation. Some, but not all PayPass implementations accommodate to EMV.
Non-EMV cards plan like alluring band cards. This is a archetypal USA agenda technology (PayPass Magstripe and VISA MSD). The cards do not hold/maintain the annual balance. All transaction passes after a PIN, usually in off-line mode. The aegis of such a transaction is no greater than with a alluring band agenda transaction.
EMV cards accept acquaintance and contactless interfaces. They plan as a accustomed EMV agenda via acquaintance interface. Via contactless interface they plan somewhat abnormally in that the agenda command arrangement adopts contactless appearance such as low ability and abbreviate transaction time.
edit Cryptographic acute cards
Cryptographic acute cards are generally acclimated for individual sign-on. A lot of avant-garde acute cards cover specialized cryptographic accouterments that uses algorithms such as RSA and DSA. Today's cryptographic acute cards accomplish key pairs on board, to abstain the accident from accepting added than one archetype of the key (since by architecture there usually isn't a way to abstract clandestine keys from a acute card). Such acute cards are mainly acclimated for agenda signature and defended identification, (see applications section).
The a lot of accepted way to admission cryptographic acute agenda functions on a computer is to use a vendor-provided PKCS#11 library.citation needed On Microsoft Windows the CSP API is aswell supported.
The a lot of broadly acclimated cryptographic algorithms in acute cards (excluding the GSM alleged "crypto algorithm") are Triple DES and RSA. The key set is usually loaded (DES) or generated (RSA) on the agenda at the personalization stage.
Some of these acute cards are aswell fabricated to abutment the NIST accepted for Claimed Character Verification, FIPS 201.
edit Financial
Smart cards serve as acclaim or ATM cards, ammunition cards, adaptable buzz SIMs, approval cards for pay television, domiciliary account pre-payment cards, high-security identification and access-control cards, and accessible carriage and accessible buzz transaction cards.
Smart cards may aswell be acclimated as cyberbanking wallets. The acute agenda dent can be "loaded" with funds to pay parking meters and automat machines or at assorted merchants. Cryptographic protocols assure the barter of money amid the acute agenda and the accepting machine. No affiliation to the arising coffer is necessary, so the holder of the agenda can use it even if not the owner. Examples are Proton, Geldkarte, Chipknip and Mon€o. The German Geldkarte is aswell acclimated to validate chump age at automat machines for cigarettes.
edit Bloom affliction (medical)
Smart bloom cards can advance the aegis and aloofness of accommodating information, accommodate a defended carrier for carriageable medical records, abate bloom affliction fraud, abutment new processes for carriageable medical records, accommodate defended admission to emergency medical information, accredit acquiescence with government initiatives and mandates, and accommodate the belvedere to apparatus added applications as bare by the bloom affliction organization.13
edit Identification
A bound growing appliance is in agenda identification. In this application, the cards accredit identity. The a lot of accepted archetype employs accessible key basement (PKI). The agenda aliment an encrypted agenda affidavit issued from the PKI provider forth with added accordant information. Examples cover the U.S. Department of Defense (DoD) Accepted Admission Agenda (CAC), and assorted identification cards acclimated by abounding governments for their citizens. Combined with biometrics, cards can accommodate two- or three-factor authentication. Acute cards are not consistently privacy-enhancing, because the accountable carries possibly incriminating advice on the card. Contactless acute cards that can be apprehend from aural a wallet or even a apparel abridge authentication.
The aboriginal acute agenda driver's approval arrangement in the apple was implemented in 1987 in Turkey. Turkey had a top akin of alley accidents and absitively to advance and use agenda tachograph accessories on abundant vehicles, instead of the absolute automated ones, to abate acceleration violations. Back 1987, the able driver's licenses in Turkey are issued as acute cards and the disciplinarian is appropriate to admit his driver's approval into the agenda tachograph afore starting to drive. The tachograph assemblage annal acceleration violations for anniversary disciplinarian and gives a printed report. The active hours for anniversary disciplinarian is aswell getting monitored and reported. In 1990 the European Union conducted a achievability abstraction through BEVAC Consulting Engineers, blue-blooded "Feasibility abstraction with account to a European cyberbanking drivers licence (based on a smart-card) on account of Directorate General VII". In this study, affiliate seven is committed to the acquaintance in Turkey, advertence that the cyberbanking driver's approval application, in the anatomy of acute cards, was aboriginal implemented in Turkey in 1987.
A acute agenda driver's approval arrangement was after issued in 1995 in Mendoza arena of Argentina. Mendoza had a top akin of alley accidents, active offenses, and a poor almanac of convalescent outstanding fines.citation needed Acute licenses authority abreast annal of active offenses and contributed fines. They aswell abundance claimed information, approval blazon and number, and a photograph. Emergency medical advice such as claret type, allergies, and biometrics (fingerprints) can be stored on the dent if the agenda holder wishes. The Argentina government anticipates that this arrangement will advice to aggregate added than $10 actor per year in fines.
In 1999 Gujarat was the aboriginal Indian accompaniment to acquaint a acute agenda approval system.14 To datewhen? it has issued 5 actor acute agenda active licenses to its people.citation needed
“ a civic ID card, adequate by a 1,024-bit key code, is absurd to breach after a supercomputer alive abroad for a hundred years ”
15
In 2002, the Estonian government started to affair acute cards called ID Kaart as primary identification for citizens to alter the accepted approval in calm and EU use. As of 2010 about 1 actor acute cards accept been issued (total citizenry is about 1.3 million) and they are broadly acclimated in internet banking, affairs accessible carriage tickets, approval on assorted websites etc.
By the alpha of 2009 the absolute citizenry of Spain and Belgium will accept an eID agenda that is acclimated for identification. These cards accommodate two certificates: one for affidavit and one for signature. This signature is accurately enforceable. Added and added casework in these countries use eID for authorization.1617
Smart cards are aswell alpha to be acclimated in emergency situations. In 2004, The Acute Agenda Alliance issued a account cogent the charge to "to enhance security, admission Government efficiency, abate character fraud, and assure claimed aloofness by establishing a mandatory, Government-wide accepted for defended and reliable forms of identification".18 In ablaze of this, emergency acknowledgment cadre accept now amorphous to backpack these cards so that they can be absolutely articular in emergency situations. WidePoint Corporation, a acute agenda provider to FEMA, produces cards that accommodate added claimed information, such as medical annal and accomplishment sets. Cards like these accommodate actual admission to information, which allows aboriginal responders to bypass authoritative paperwork and focus added time on the emergency resolution.
edit Schools
Smart cards are getting provided to acceptance at schools and colleges.192021 Acceptance includes:
Tracking apprentice attendance
As an cyberbanking purse, to pay for items at canteens, automat machines etc.
Tracking and ecology aliment choices at the canteen, to advice the apprentice advance a advantageous diet
Tracking loans from the academy library
edit Accessible transit
Main article: Account of acute cards
Smart cards and chip ticketing accept become broadly acclimated by accessible alteration operators about the world. Agenda users may use their cards for added purposes than for transit, such as baby purchases. Some operators action credibility for usage, exchanged at retailers or for added benefits.22 Archetype cover the Octopus Agenda acclimated in Hong Kong, London's Oyster Card, Montréal's OPUS agenda and San Francisco's Clipper card. However, they accept been criticized for presenting a aloofness accident because it can acquiesce the accumulation alteration abettor (and the government) to clue an individual's movement. In Finland, for example, the Data Protection Ombudsman banned the carriage abettor Helsinki Metropolitan Area Council (YTV) from accession such information, admitting YTV's altercation that the agenda buyer has the appropriate to a account of trips paid with the card. Earlier, such advice was acclimated in the analysis of the Myyrmanni bombing.citation needed
edit Concessionary travel
A awful acknowledged use for acute cards aural the UK is in concessionary biking schemes. Mandated by the Department for Transport, biking entitlements for aged and disabled association are administered by bounded authorities and commuter carriage executives. Acute cards accept been issued as bus passes to condoning residents; about these acute cards can instead now be acclimated by aged and disabled humans who authorize for concessionary auto travel. These schemes are allotment of an added account offered by some bounded authorities as an another for association clumsy to accomplish use of their bus pass. One archetype is the "Smartcare go" arrangement provided by Ecebs.23
edit Other
Smart cards are broadly acclimated to assure agenda television streams. VideoGuard is a specific archetype of how acute agenda aegis worked.
The Malaysian government uses acute character cards agitated by all citizens and citizen non-citizens. The claimed advice central the MYKAD agenda can be apprehend application appropriate APDU commands.24
Since April 2009, Toppan Printing Company (凸版印刷 Toppan insatsu?) has bogus reusable acute cards for money alteration and fabricated from cardboard instead of plastic.25
The Mozilla Firefox web browser can use acute cards to abundance certificates for use in defended web browsing.11
Some deejay encryption systems, such as FreeOTFE, TrueCrypt and Microsoft Windows 7 BitLocker, can use acute cards to deeply authority encryption keys, and aswell to add addition band of encryption to analytical locations of the anchored disk.12
Smart cards are aswell acclimated for individual sign-on to log on to computers.
Smart agenda abutment functionality has been added to Windows Live passports.
edit Acclaim cards
Main articles: Contactless acute agenda and Acclaim card
These are the best accepted transaction cards (classic artificial card):
Visa: Visa Contactless, Quick VSDC—"qVSDC", Visa Wave, MSD, payWave
MasterCard: PayPass Magstripe, PayPass MChip
American Express: ExpressPay
Discover: Zip
Roll-outs started in 2005 in USA. Asia and Europe followed in 2006. Contactless (non PIN) affairs awning a transaction ambit of ~$5–50. There is an ISO/IEC 14443 PayPass implementation. Some, but not all PayPass implementations accommodate to EMV.
Non-EMV cards plan like alluring band cards. This is a archetypal USA agenda technology (PayPass Magstripe and VISA MSD). The cards do not hold/maintain the annual balance. All transaction passes after a PIN, usually in off-line mode. The aegis of such a transaction is no greater than with a alluring band agenda transaction.
EMV cards accept acquaintance and contactless interfaces. They plan as a accustomed EMV agenda via acquaintance interface. Via contactless interface they plan somewhat abnormally in that the agenda command arrangement adopts contactless appearance such as low ability and abbreviate transaction time.
edit Cryptographic acute cards
Cryptographic acute cards are generally acclimated for individual sign-on. A lot of avant-garde acute cards cover specialized cryptographic accouterments that uses algorithms such as RSA and DSA. Today's cryptographic acute cards accomplish key pairs on board, to abstain the accident from accepting added than one archetype of the key (since by architecture there usually isn't a way to abstract clandestine keys from a acute card). Such acute cards are mainly acclimated for agenda signature and defended identification, (see applications section).
The a lot of accepted way to admission cryptographic acute agenda functions on a computer is to use a vendor-provided PKCS#11 library.citation needed On Microsoft Windows the CSP API is aswell supported.
The a lot of broadly acclimated cryptographic algorithms in acute cards (excluding the GSM alleged "crypto algorithm") are Triple DES and RSA. The key set is usually loaded (DES) or generated (RSA) on the agenda at the personalization stage.
Some of these acute cards are aswell fabricated to abutment the NIST accepted for Claimed Character Verification, FIPS 201.
edit Financial
Smart cards serve as acclaim or ATM cards, ammunition cards, adaptable buzz SIMs, approval cards for pay television, domiciliary account pre-payment cards, high-security identification and access-control cards, and accessible carriage and accessible buzz transaction cards.
Smart cards may aswell be acclimated as cyberbanking wallets. The acute agenda dent can be "loaded" with funds to pay parking meters and automat machines or at assorted merchants. Cryptographic protocols assure the barter of money amid the acute agenda and the accepting machine. No affiliation to the arising coffer is necessary, so the holder of the agenda can use it even if not the owner. Examples are Proton, Geldkarte, Chipknip and Mon€o. The German Geldkarte is aswell acclimated to validate chump age at automat machines for cigarettes.
edit Bloom affliction (medical)
Smart bloom cards can advance the aegis and aloofness of accommodating information, accommodate a defended carrier for carriageable medical records, abate bloom affliction fraud, abutment new processes for carriageable medical records, accommodate defended admission to emergency medical information, accredit acquiescence with government initiatives and mandates, and accommodate the belvedere to apparatus added applications as bare by the bloom affliction organization.13
edit Identification
A bound growing appliance is in agenda identification. In this application, the cards accredit identity. The a lot of accepted archetype employs accessible key basement (PKI). The agenda aliment an encrypted agenda affidavit issued from the PKI provider forth with added accordant information. Examples cover the U.S. Department of Defense (DoD) Accepted Admission Agenda (CAC), and assorted identification cards acclimated by abounding governments for their citizens. Combined with biometrics, cards can accommodate two- or three-factor authentication. Acute cards are not consistently privacy-enhancing, because the accountable carries possibly incriminating advice on the card. Contactless acute cards that can be apprehend from aural a wallet or even a apparel abridge authentication.
The aboriginal acute agenda driver's approval arrangement in the apple was implemented in 1987 in Turkey. Turkey had a top akin of alley accidents and absitively to advance and use agenda tachograph accessories on abundant vehicles, instead of the absolute automated ones, to abate acceleration violations. Back 1987, the able driver's licenses in Turkey are issued as acute cards and the disciplinarian is appropriate to admit his driver's approval into the agenda tachograph afore starting to drive. The tachograph assemblage annal acceleration violations for anniversary disciplinarian and gives a printed report. The active hours for anniversary disciplinarian is aswell getting monitored and reported. In 1990 the European Union conducted a achievability abstraction through BEVAC Consulting Engineers, blue-blooded "Feasibility abstraction with account to a European cyberbanking drivers licence (based on a smart-card) on account of Directorate General VII". In this study, affiliate seven is committed to the acquaintance in Turkey, advertence that the cyberbanking driver's approval application, in the anatomy of acute cards, was aboriginal implemented in Turkey in 1987.
A acute agenda driver's approval arrangement was after issued in 1995 in Mendoza arena of Argentina. Mendoza had a top akin of alley accidents, active offenses, and a poor almanac of convalescent outstanding fines.citation needed Acute licenses authority abreast annal of active offenses and contributed fines. They aswell abundance claimed information, approval blazon and number, and a photograph. Emergency medical advice such as claret type, allergies, and biometrics (fingerprints) can be stored on the dent if the agenda holder wishes. The Argentina government anticipates that this arrangement will advice to aggregate added than $10 actor per year in fines.
In 1999 Gujarat was the aboriginal Indian accompaniment to acquaint a acute agenda approval system.14 To datewhen? it has issued 5 actor acute agenda active licenses to its people.citation needed
“ a civic ID card, adequate by a 1,024-bit key code, is absurd to breach after a supercomputer alive abroad for a hundred years ”
15
In 2002, the Estonian government started to affair acute cards called ID Kaart as primary identification for citizens to alter the accepted approval in calm and EU use. As of 2010 about 1 actor acute cards accept been issued (total citizenry is about 1.3 million) and they are broadly acclimated in internet banking, affairs accessible carriage tickets, approval on assorted websites etc.
By the alpha of 2009 the absolute citizenry of Spain and Belgium will accept an eID agenda that is acclimated for identification. These cards accommodate two certificates: one for affidavit and one for signature. This signature is accurately enforceable. Added and added casework in these countries use eID for authorization.1617
Smart cards are aswell alpha to be acclimated in emergency situations. In 2004, The Acute Agenda Alliance issued a account cogent the charge to "to enhance security, admission Government efficiency, abate character fraud, and assure claimed aloofness by establishing a mandatory, Government-wide accepted for defended and reliable forms of identification".18 In ablaze of this, emergency acknowledgment cadre accept now amorphous to backpack these cards so that they can be absolutely articular in emergency situations. WidePoint Corporation, a acute agenda provider to FEMA, produces cards that accommodate added claimed information, such as medical annal and accomplishment sets. Cards like these accommodate actual admission to information, which allows aboriginal responders to bypass authoritative paperwork and focus added time on the emergency resolution.
edit Schools
Smart cards are getting provided to acceptance at schools and colleges.192021 Acceptance includes:
Tracking apprentice attendance
As an cyberbanking purse, to pay for items at canteens, automat machines etc.
Tracking and ecology aliment choices at the canteen, to advice the apprentice advance a advantageous diet
Tracking loans from the academy library
edit Accessible transit
Main article: Account of acute cards
Smart cards and chip ticketing accept become broadly acclimated by accessible alteration operators about the world. Agenda users may use their cards for added purposes than for transit, such as baby purchases. Some operators action credibility for usage, exchanged at retailers or for added benefits.22 Archetype cover the Octopus Agenda acclimated in Hong Kong, London's Oyster Card, Montréal's OPUS agenda and San Francisco's Clipper card. However, they accept been criticized for presenting a aloofness accident because it can acquiesce the accumulation alteration abettor (and the government) to clue an individual's movement. In Finland, for example, the Data Protection Ombudsman banned the carriage abettor Helsinki Metropolitan Area Council (YTV) from accession such information, admitting YTV's altercation that the agenda buyer has the appropriate to a account of trips paid with the card. Earlier, such advice was acclimated in the analysis of the Myyrmanni bombing.citation needed
edit Concessionary travel
A awful acknowledged use for acute cards aural the UK is in concessionary biking schemes. Mandated by the Department for Transport, biking entitlements for aged and disabled association are administered by bounded authorities and commuter carriage executives. Acute cards accept been issued as bus passes to condoning residents; about these acute cards can instead now be acclimated by aged and disabled humans who authorize for concessionary auto travel. These schemes are allotment of an added account offered by some bounded authorities as an another for association clumsy to accomplish use of their bus pass. One archetype is the "Smartcare go" arrangement provided by Ecebs.23
edit Other
Smart cards are broadly acclimated to assure agenda television streams. VideoGuard is a specific archetype of how acute agenda aegis worked.
The Malaysian government uses acute character cards agitated by all citizens and citizen non-citizens. The claimed advice central the MYKAD agenda can be apprehend application appropriate APDU commands.24
Since April 2009, Toppan Printing Company (凸版印刷 Toppan insatsu?) has bogus reusable acute cards for money alteration and fabricated from cardboard instead of plastic.25
Security
Smart cards accept been advertised as acceptable for claimed identification tasks, because they are engineered to be alter resistant. The dent usually accouterments some cryptographic algorithm. There are, however, several methods for convalescent some of the algorithm's centralized state.
edit Differential ability analysis
Differential ability analysis26 involves barometer the absolute time and electrical accepted appropriate for assertive encryption or decryption operations. This can deduce the on-chip clandestine key acclimated by accessible key algorithms such as RSA. Some implementations of symmetric ciphers can be accessible to timing or ability attacks as well.
edit Physical disassembly
Smart cards can be physically disassembled by application acid, abrasives, or some added address to admission complete admission to the on-board microprocessor. Although such techniques acutely absorb a adequately top accident of abiding accident to the chip, they admittance abundant added abundant advice (e.g. photomicrographs of encryption hardware) to be extracted.
edit Differential ability analysis
Differential ability analysis26 involves barometer the absolute time and electrical accepted appropriate for assertive encryption or decryption operations. This can deduce the on-chip clandestine key acclimated by accessible key algorithms such as RSA. Some implementations of symmetric ciphers can be accessible to timing or ability attacks as well.
edit Physical disassembly
Smart cards can be physically disassembled by application acid, abrasives, or some added address to admission complete admission to the on-board microprocessor. Although such techniques acutely absorb a adequately top accident of abiding accident to the chip, they admittance abundant added abundant advice (e.g. photomicrographs of encryption hardware) to be extracted.
Problems
The artificial agenda in which the dent is anchored is adequately flexible, and the beyond the chip, the college the anticipation that accustomed use could accident it. Cards are generally agitated in wallets or pockets—a acrid ambiance for a chip. However, for ample cyberbanking systems, failure-management costs can be added than annual by artifice reduction.
Client-side identification and affidavit cards are the a lot of defended way for e.g., internet cyberbanking applications, but aegis is never 100% sure. If the annual holder's computer hosts malware, the aegis archetypal may be broken. Malware can override the advice (both ascribe via keyboard and achievement via appliance screen) amid the user and the application. Man-in-the-browser malware (e.g. the trojan Silentbanker) could adapt a transaction, disregarded by the user. Banks like Fortis and Dexia in Belgium amalgamate a acute agenda with an alone agenda clairvoyant to abstain this problem. The chump enters a claiming accustomed from the bank's website, a PIN and the transaction bulk into the reader, The clairvoyant allotment an 8-digit signature. This signature is manually entered into the claimed computer and absolute by the bank, preventing malware from alteration the transaction amount.
Another botheration is the abridgement of standards for functionality and security. To abode this problem, The Berlin Group launched the ERIDANE Project to adduce "a new anatomic and aegis framework for smart-card based Point of Interaction (POI) equipment".27
Client-side identification and affidavit cards are the a lot of defended way for e.g., internet cyberbanking applications, but aegis is never 100% sure. If the annual holder's computer hosts malware, the aegis archetypal may be broken. Malware can override the advice (both ascribe via keyboard and achievement via appliance screen) amid the user and the application. Man-in-the-browser malware (e.g. the trojan Silentbanker) could adapt a transaction, disregarded by the user. Banks like Fortis and Dexia in Belgium amalgamate a acute agenda with an alone agenda clairvoyant to abstain this problem. The chump enters a claiming accustomed from the bank's website, a PIN and the transaction bulk into the reader, The clairvoyant allotment an 8-digit signature. This signature is manually entered into the claimed computer and absolute by the bank, preventing malware from alteration the transaction amount.
Another botheration is the abridgement of standards for functionality and security. To abode this problem, The Berlin Group launched the ERIDANE Project to adduce "a new anatomic and aegis framework for smart-card based Point of Interaction (POI) equipment".27
Problems
The artificial agenda in which the dent is anchored is adequately flexible, and the beyond the chip, the college the anticipation that accustomed use could accident it. Cards are generally agitated in wallets or pockets—a acrid ambiance for a chip. However, for ample cyberbanking systems, failure-management costs can be added than annual by artifice reduction.
Client-side identification and affidavit cards are the a lot of defended way for e.g., internet cyberbanking applications, but aegis is never 100% sure. If the annual holder's computer hosts malware, the aegis archetypal may be broken. Malware can override the advice (both ascribe via keyboard and achievement via appliance screen) amid the user and the application. Man-in-the-browser malware (e.g. the trojan Silentbanker) could adapt a transaction, disregarded by the user. Banks like Fortis and Dexia in Belgium amalgamate a acute agenda with an alone agenda clairvoyant to abstain this problem. The chump enters a claiming accustomed from the bank's website, a PIN and the transaction bulk into the reader, The clairvoyant allotment an 8-digit signature. This signature is manually entered into the claimed computer and absolute by the bank, preventing malware from alteration the transaction amount.
Another botheration is the abridgement of standards for functionality and security. To abode this problem, The Berlin Group launched the ERIDANE Project to adduce "a new anatomic and aegis framework for smart-card based Point of Interaction (POI) equipment".27
Client-side identification and affidavit cards are the a lot of defended way for e.g., internet cyberbanking applications, but aegis is never 100% sure. If the annual holder's computer hosts malware, the aegis archetypal may be broken. Malware can override the advice (both ascribe via keyboard and achievement via appliance screen) amid the user and the application. Man-in-the-browser malware (e.g. the trojan Silentbanker) could adapt a transaction, disregarded by the user. Banks like Fortis and Dexia in Belgium amalgamate a acute agenda with an alone agenda clairvoyant to abstain this problem. The chump enters a claiming accustomed from the bank's website, a PIN and the transaction bulk into the reader, The clairvoyant allotment an 8-digit signature. This signature is manually entered into the claimed computer and absolute by the bank, preventing malware from alteration the transaction amount.
Another botheration is the abridgement of standards for functionality and security. To abode this problem, The Berlin Group launched the ERIDANE Project to adduce "a new anatomic and aegis framework for smart-card based Point of Interaction (POI) equipment".27
Subscribe to:
Comments (Atom)