A smart
card is a card that is embedded with either a microprocessor and
a memory chip (IC card like ACS
AC0S1) or only a memory chip with non-programmable logic
(memory card like SLE smart cards).
The IC card can add, delete, and otherwise manipulate
information on the card, while a memory-chip card (for example,
pre-paid phone cards) can only undertake a pre-defined
operation.
|
A smart card
resembles a credit card in size and shape, but inside it is
completely different. First of all it HAS an inside -- a normal
credit card is a simple piece of plastic. The inside of a smart
card usually contains an embedded 8-bit microprocessor.
The microprocessor is under a gold contact pad on one side of
the card. Think of the microprocessor as replacing the
usual magnetic stripe on a credit card or debit card.
Smart cards are much more popular in
Europe than in the U.S. In Europe the health insurance and
banking industries use smart cards extensively. Every
German citizen has a smart card for health insurance. Even
though smart cards have been around in their modern form for at
least a decade, they are just starting to take off in the U.S.
Magnetic stripe technology remains in wide
use in the U.S. However, the data on the stripe can easily be
read, written, deleted or changed with off-the-shelf equipment.
Therefore, the stripe is really not the best place to store
sensitive information. To protect the consumer, businesses in
the U.S. have invested in extensive online mainframe-based
computer networks for verification and processing. In Europe,
such an infrastructure did not develop and instead the card
carries the intelligence. There are advantages and disadvantages
to both systems.
The microprocessor on the smart card is
there for security. The host computer and card reader actually
"talk" to the microprocessor. The microprocessor enforces access
to the data on the card. If the host computer read and wrote the
smart card's random access memory (RAM), it would be no
different than a diskette.
Smarts cards may have up to 1 Kbytes of
RAM, 16 Kbytes of programmable read only memory, 24 Kbytes of
read only memory (ROM), with an 8-bit microprocessor running at
5 MHz. The smart card uses a serial interface and receives its
power from external sources like a card reader. The processor
uses a limited instruction set for applications such as
cryptography.
The most common smart card applications
are:
- Credit cards
- Electronic cash
- Computer security systems
- Wireless communication
- Loyalty systems, like frequent flyer
points
- Banking
- Satellite TV
- Government identification
Smart cards can be used with a smart card
reader attachment to a personal computer to authenticate a user.
Web browsers too, can use smart card technology to supplement
Secure Sockets Layer (SSL) for improved security of Internet
transactions. The recent American Express Online Wallet shows
how online purchases work using a smart card and a PC equipped
with a smart card reader. Smart card readers can also be found
in mobile phones and vending machines.
Smart
cards, unlike magnetic stripe cards, can carry all necessary
functions and information on the card. Therefore, they do not
require access to remote databases at the time of the
transaction.
Today, there are three categories of smart
cards, all of which are evolving rapidly into new markets and
applications:
- Integrated Circuit (IC)
Microprocessor Cards. Microprocessor cards (also generally
referred to by the industry as "chip cards" or "IC cards")
offer greater memory storage and security of data than a
traditional mag stripe card. Smart cards that are chip cards
or IC cards also can process data on the card. The current
generation of chip cards has an eight-bit processor, 16KB
read-only memory, and 512 bytes of random-access memory. This
gives them the equivalent processing power of the original
IBM-XT computer, albeit with slightly less memory capacity.
These smart cards are used for a variety
applications, especially those that have cryptography built
in, which requires manipulation of large numbers. Thus, chip
cards have been the main platform for cards that hold a secure
digital identity. Some examples of these cards are:
- Cards that hold money ("stored value
cards")
- Card that hold money equivalents (for
example, "affinity cards)
- Cards that provide secure access to a
network
- Cards that secure cellular phones
from fraud
- Cards that allow set-top boxes on
televisions to remain secure from piracy
- Integrated Circuit (IC) Memory
Cards. IC memory cards can hold up to 1-64 KB of data, but
have no processor on the card with which to manipulate that
data. Thus, they are dependent on the smart card reader (also
known as the card-accepting device) for their processing and
are suitable for uses where the card performs a fixed
operation.
Memory
cards represent the bulk of the 600 million smart cards sold
last year, primarily for pre-paid, disposable-card
applications like pre-paid phone cards. Memory cards are
popular high-security alternatives to mag stripe cards.
- Optical Memory Cards. Optical
memory cards look like a card with a piece of a CD glued on
top - which is basically what they are. Optical memory cards
can store up to 4 MB of data. But once written, the data can
not be changed or removed. Thus, this type of card is ideal
for record keeping - for example medical files, driving
records, or travel histories. Today, these cards have no
processor in them (although this is coming in the near
future). While the cards are comparable in price to chip
cards, the card readers use non-standard protocols and are
expensive.
The first
smart card was developed in 1974, by independent inventor Roland
Moreno. Smart card use in Europe and Asia is outpacing North
America, but smart card growth is expected to continue at a
brisk pace.
By way of comparison, there are over 900
million credit cards in circulation today. Major uses will
include providing enhanced financial services, increasing the
security and flexibility of cellular phones, and securing
satellite and cable transmissions in TV set-top boxes. |