The most comprehensive book on state-of-the-art smart card technology available Updated with new international standards and specifications, this essential fourth edition now covers all aspects of smart card in a completely revised structure. Its enlarged coverage now includes smart cards for passports and ID cards, health care cards, smart cards for public transport, and Java Card 3.0. New sub-chapters cover near field communication (NFC), single wire protocol (SWP), and multi megabyte smart cards (microcontroller with NAND-Flash). There are also extensive revisions to chapters on smart card production, the security of smart cards (including coverage of new attacks and protection methods), and contactless card data transmission (ISO/IEC 10536, ISO/IEC 14443, ISO/IEC 15693). This edition also features: additional views to the future development of smart cards, such as USB, MMU, SWP, HCI, Flash memory and their usage; new internet technologies for smart cards; smart card web server, HTTP-Protocol, TCP/IP, SSL/TSL; integration of the new flash-based microcontrollers for smart cards (until now the usual ROM-based microcontrollers), and; a completely revised glossary with explanations of all important smart card subjects (600 glossary terms). Smart Card Handbook is firmly established as the definitive reference to every aspect of smart card technology, proving an invaluable resource for security systems development engineers. Professionals and microchip designers working in the smart card industry will continue to benefit from this essential guide. This book is also ideal for newcomers to the field. The Fraunhofer Smart Card Award was presented to the authors for the Smart Card Handbook, Third Edition in 2008.

На нашем сайте можно скачать книгу "Smart Card Handbook" в формате fb2, rtf, epub, pdf, txt или читать онлайн. Здесь так же можно перед прочтением обратиться к отзывам читателей, уже знакомых с книгой, и узнать их мнение. В интернет-магазине нашего партнера вы можете купить и прочитать книгу в бумажном варианте.

You can write a book review and share your experiences. Other readers will always be interested in your opinion of the books you"ve read. Whether you"ve loved the book or not, if you give your honest and detailed thoughts then people will find new books that are right for them.

Smart Card Handbook Third Edition Wolfgang Rankl and Wolfgang Effing Giesecke & Devrient GmbH, Munich, Germany Translated by Kenneth Cox Kenneth Cox Technical Translations, Wassenaar, The Netherlands Smart Card Handbook Third Edition Smart Card Handbook Third Edition Wolfgang Rankl and Wolfgang Effing Giesecke & Devrient GmbH, Munich, Germany Translated by Kenneth Cox Kenneth Cox Technical Translations, Wassenaar, The Netherlands First published under the title Handbuch der Chipkarten by Carl Hanser Verlag C Carl Hanser Verlag, Munich/FRG, 2002 All rights reserved. Authorized translation from the 4th edition in the original German language published by Carl Hanser Verlag, Munich/FRG. C 2003 Copyright John Wiley & Sons Ltd, Baffins Lane, Chichester West Sussex, PO19 1UD, England National 01243 779777 International (+44) 1243 779777 Email (for orders and customer service enquiries): [email protected] Visit our Home Page on www.wileyeurope.com or www.wiley.com All Rights Reserved. No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except under the terms of the Copyright, Designs and Patents Act 1988 or under the terms of a licence issued by the Copyright Licensing Agency Ltd, 90 Tottenham Court Road, London W1T 4LP, UK, without the permission in writing of the Publisher. Requests to the Publisher should be addressed to the Permissions Department, John Wiley & Sons Ltd, The Atrium, Southern Gate, Chichester, West Sussex PO19 8SQ, England, or emailed to [email protected], or faxed to (+44) 1243 770571. This publication is designed to provide accurate and authoritative information in regard to the subject matter covered. It is sold on the understanding that the Publisher is not engaged in rendering professional services. If professional advice or other expert assistance is required, the services of a competent professional should be sought. Other Wiley Editorial Offices John Wiley & Sons Inc., 111 River Street, Hoboken, NJ 07030, USA Jossey-Bass, 989 Market Street, San Francisco, CA 94103-1741, USA Wiley-VCH Verlag GmbH, Boschstr. 12, D-69469 Weinheim, Germany John Wiley & Sons Australia Ltd, 33 Park Road, Milton, Queensland 4064, Australia John Wiley & Sons (Asia) Pte Ltd, 2 Clementi Loop #02-01, Jin Xing Distripark, Singapore 129809 John Wiley & Sons Canada Ltd, 22 Worcester Road, Etobicoke, Ontario, Canada M9W 1L1 Wiley also publishes its books in a variety of electronic formats. Some content that appears in print may not be available in electronic books. Library of Congress Cataloging-in-Publication Data Rankl, W. (Wolfgang) Smart card handbook / Wolfgang Rankl and Wolfgang Effing. – 3rd ed. p. cm. Includes bibliographical references and index. ISBN 0-470-85668-8 (alk. paper) 1. Smart cards–Handbooks, manuals, etc. I. Effing, W. (Wolfgang) II. Title. TK7895.S62R3613 2003 006 – dc22 2003062750 British Library Cataloguing in Publication Data A catalogue record for this book is available from the British Library ISBN 0-470-85668-8 Typeset in 10/12pt Times by TechBooks, New Delhi, India Printed and bound in Great Britain by Antony Rowe Ltd, Chippenham Wiltshire This book is printed on acid-free paper responsibly manufactured from sustainable forestry in which at least two trees are planted for each one used for paper production. Contents Preface to the Third Edition Symbols and Notation Program Code Conventions Abbreviations 1 Introduction 1.1 The History of Smart Cards 1.2 Application Areas 1.2.1 Memory cards 1.2.2 Microprocessor cards 1.2.3 Contactless cards 1.3 Standardization xiii xv xvii xix 1 2 5 6 6 8 9 2 Types of Cards 2.1 Embossed Cards 2.2 Magnetic-stripe Cards 2.3 Smart Cards 2.3.1 Memory cards 2.3.2 Microprocessor cards 2.3.3 Contactless smart cards 2.4 Optical Memory Cards 15 15 16 18 19 20 21 23 3 Physical and Electrical Properties 3.1 Physical Properties 3.1.1 Card formats 3.1.2 Card components and security features 3.2 The Card Body 3.2.1 Card materials 3.2.2 Chip modules 3.3 Electrical Properties 3.3.1 Electrical connections 3.3.2 Supply voltage 27 27 28 31 38 40 42 52 53 55 vi Contents 3.3.3 Supply current 3.3.4 External clock 3.3.5 Data transmission 3.3.6 Activation and deactivation sequences 3.4 Smart Card Microcontrollers 3.4.1 Processor types 3.4.2 Memory types 3.4.3 Supplementary hardware 3.5 Contact-type Cards 3.6 Contactless Cards 3.6.1 Close-coupling cards: ISO/IEC 10536 3.6.2 Remote-coupling cards 3.6.3 Proximity integrated circuit(s) cards: ISO/IEC 14 443 3.6.4 Vicinity integrated circuits cards (ISO/IEC 15 693) 3.6.5 Test methods for contactless smart cards 4 Informatic Foundations 4.1 Structuring Data 4.2 Coding Alphanumeric Data 4.2.1 7-bit code 4.2.2 8-bit code 4.2.3 16-bit code (Unicode) 4.2.4 32-bit code (UCS) 4.3 SDL Notation 4.4 State Machines 4.4.1 Basic theory of state machines 4.4.2 Practical applications 4.5 Error Detection and Correction Codes 4.5.1 XOR checksums 4.5.2 CRC checksums 4.5.3 Reed–Solomon codes 4.5.4 Error correction 4.6 Data Compression 4.7 Cryptology 4.7.1 Symmetric cryptographic algorithms 4.7.2 Asymmetric cryptographic algorithms 4.7.3 Padding 4.7.4 Message authentication code and cryptographic checksum 4.8 Key Management 4.8.1 Derived keys 4.8.2 Key diversification 4.8.3 Key versions 4.8.4 Dynamic keys 4.8.5 Key parameters 4.8.6 Key management example 4.9 Hash Functions 58 60 60 61 62 66 70 80 91 93 101 107 108 153 153 155 156 161 161 161 163 163 164 165 166 166 169 171 172 174 174 176 177 182 189 199 201 202 202 203 203 203 204 206 208 Contents 4.10 Random Numbers 4.10.1 Generating random numbers 4.10.2 Testing random numbers 4.11 Authentication 4.11.1 Symmetric unilateral authentication 4.11.2 Symmetric mutual authentication 4.11.3 Static asymmetric authentication 4.11.4 Dynamic asymmetric authentication 4.12 Digital Signatures 4.13 Certificates vii 210 211 213 216 218 219 222 223 225 229 5 Smart Card Operating Systems 5.1 Historical Evolution of Smart Card Operating Systems 5.2 Fundamentals 5.3 Design and Implementation Principles 5.4 Completion 5.5 Memory Organization 5.6 Smart Card Files 5.6.1 File types 5.6.2 File names 5.6.3 File selection 5.6.4 EF file structures 5.6.5 File access conditions 5.6.6 File attributes 5.7 File Management 5.8 Sequential Control 5.9 Access to Resources in Accordance with ISO/IEC 7816-9 5.10 Atomic Operations 5.11 Open Platform 5.12 Downloadable Program Code 5.13 Executable Native Code 5.14 Open Platforms 5.14.1 Java Card 5.14.2 Multos 5.14.3 Basic Card 5.14.4 Windows for Smart Cards 5.14.5 Linux 5.15 The Small-OS Smart Card Operating System 233 280 288 290 293 296 302 303 322 323 323 324 326 6 Smart Card Data Transmission 6.1 The Physical Transmission Layer 6.2 Answer to Reset (ATR) 6.2.1 ATR characters 6.2.2 Practical examples of ATRs 371 373 377 379 389 234 237 242 245 249 252 254 257 261 263 267 270 271 279 viii Contents 6.3 Protocol Parameter Selection (PPS) 6.4 Data Transmission Protocols 6.4.1 Synchronous data transmission 6.4.2 The T = 0 transmission protocol 6.4.3 The T = 1 transmission protocol 6.4.4 The T = 14 transmission protocol (Germany) 6.4.5 The USB transmission protocol 6.4.6 Comparison of asynchronous transmission protocols 6.5 Message Structure: APDUs 6.5.1 Structure of the command APDU 6.5.2 Structure of the response APDU 6.6 Securing Data Transmissions 6.6.1 The authentic mode procedure 6.6.2 The combined mode procedure 6.6.3 Send sequence counter 6.7 Logical Channels 392 396 397 403 409 419 420 421 421 422 424 425 429 430 432 434 7 Smart Card Commands 7.1 File Selection Commands 7.2 Read and Write Commands 7.3 Search Commands 7.4 File Manipulation Commands 7.5 Identification Commands 7.6 Authentication Commands 7.7 Commands for Cryptographic Algorithms 7.8 File Management Commands 7.9 Commands for Managing Applets 7.10 Commands for Completing the Operating System 7.11 Commands for Hardware Testing 7.12 Commands for Data Transmission Protocols 7.13 Database Commands: SCQL 7.14 Commands for Electronic Purses 7.15 Commands for Credit and Debit Cards 7.16 Application-Specific Commands 435 439 442 450 452 453 457 462 468 474 474 477 481 482 486 489 490 8 Security Techniques 8.1 User Identification 8.1.1 Testing a secret number 8.1.2 Biometric methods 8.2 Smart Card Security 8.2.1 A classification of attacks and attackers 8.2.2 Attacks and defensive measures during development 8.2.3 Attacks and defensive measures during production 8.2.4 Attacks and defense measures while the card is in use 491 491 493 498 510 511 517 520 521 9 Quality Assurance and Testing 9.1 Card Body Tests 565 566 Contents 9.2 Microcontroller Hardware Tests 9.3 Evaluating and Testing Software 9.3.1 Evaluation 9.3.2 Test methods for software 9.3.3 Dynamic testing of operating systems and applications ix 573 574 575 581 589 10 The Smart Card Life Cycle 10.1 The Five Phases of the Smart Card Life Cycle 10.2 Phase 1 of the Life Cycle in Detail 10.2.1 Generating the operating system and producing the chip 10.2.2 Producing card bodies without integrated coils 10.2.3 Producing card bodies containing integrated coils 10.2.4 Combining the card body and the chip 10.3 Phase 2 of the Life Cycle in Detail 10.4 Phase 3 of the Life Cycle in Detail 10.5 Phase 4 of the Life Cycle in Detail 10.6 Phase 5 of the Life Cycle in Detail 597 598 600 600 612 621 628 630 638 650 652 11 Smart Card Terminals 11.1 Mechanical Properties 11.2 Electrical Properties 11.3 Security Technology 11.4 Connecting Terminals to Higher-Level Systems 11.4.1 PC/SC 11.4.2 OCF 11.4.3 MKT 11.4.4 MUSCLE 655 660 663 665 667 667 671 672 672 12 Smart Cards in Payment Systems 12.1 Payment Transactions using Cards 12.1.1 Electronic payments with smart cards 12.1.2 Electronic money 12.1.3 Basic system architecture options 12.2 Prepaid Memory Cards 12.3 Electronic Purses 12.3.1 The CEN EN 1546 standard 12.3.2 Common Electronic Purse Specifications (CEPS) 12.3.3 Proton 12.3.4 The Mondex system 12.4 The EMV Application 12.5 The Eurocheque System in Germany 673 674 674 679 681 684 685 685 701 702 703 708 714 13 Smart Cards in Telecommunications 13.1 Survey of Mobile Telecommunication Systems 13.1.1 Multiple-access methods 13.1.2 Cellular technology 723 727 727 730 x Contents 13.1.3 Cell types 13.1.4 Bearer services 13.2 The GSM System 13.2.1 Specifications 13.2.2 System architecture and components 13.2.3 Important data elements 13.2.4 The subscriber identity module (SIM) 13.2.5 General Packet Radio System (GPRS) 13.2.6 Future developments 13.3 The UMTS System 13.4 Microbrowsers 13.5 The Wireless Identification Module (WIM) 13.6 Public Card Phones in Germany 732 733 735 737 740 741 745 786 787 789 794 802 804 14 Sample Applications 14.1 Contactless Memory Cards for Air Travel 14.2 Health Insurance Cards 14.3 Electronic Toll Systems 14.4 Digital Signatures 14.5 The PKCS #15 Signature Application 14.6 The FINEID Personal Identification Card 14.7 Tachosmart 811 811 814 819 822 833 840 840 15 Application Design 15.1 General Information and Characteristic Data 15.1.1 Microcontrollers 15.1.2 Applications 15.1.3 System considerations 15.1.4 Compliance with standards 15.2 Formulas for Estimating Processing Times 15.3 Timing Formulas for Typical Smart Card Commands 15.4 Typical Command Processing Times 15.5 Application Development Tools 15.6 Analyzing an Unknown Smart Card 15.7 Life-Cycle Models and Process Maturity 15.7.1 Life-cycle models 15.7.2 Process maturity 15.8 The Course of a Smart Card Project 15.9 Design Examples for Smart Card Applications 15.9.1 An electronic purse system for arcade games 15.9.2 Access control system 15.9.3 Testing the genuineness of a terminal 843 843 843 846 848 850 850 858 860 864 868 870 874 882 885 886 888 890 894 16 Appendix 16.1 Glossary 16.2 Related Reading 897 897 985 Contents xi 16.3 Literature 16.4 Annotated Directory of Standards and Specifications 16.5 Coding of Data Objects 16.5.1 Data objects compliant with ISO/IEC 7816-4 16.5.2 Data objects compliant with ISO/IEC 7816-6 16.5.3 Data objects for chip manufacturers as specified by ISO/IEC 7816-6 16.6 Registration Authorities for RIDs 16.7 Selected RIDs 16.8 Trade Fairs, Conferences and Conventions 16.9 World Wide Web Addresses 16.10 Characteristic Data and Tables 16.10.1 ATR interval 16.10.2 ATR parameter conversion tables 16.10.3 Determining the data transmission rate 16.10.4 Sampling times for serial data 16.10.5 The most important smart card commands 16.10.6 Summary of utilized instruction bytes 16.10.7 Smart card command coding 16.10.8 Smart card return codes 16.10.9 Selected chips for memory cards 16.10.10 Selected microcontrollers for smart cards 985 994 1030 1030 1031 1032 1032 1032 1033 1034 1044 1044 1044 1046 1046 1047 1051 1053 1056 1058 1060 Index 1067 Preface to the Third Edition The English version of the Smart Card Handbook has now reached its third edition. In comparison with the previous edition, it has been considerably expanded and thoroughly updated to represent the current state of the technology. In this book, we attempt to cover all aspects of smart card technology, with the term ‘technology’ intentionally being understood in a very broad sense. As in previous editions, we have remained true to our motto, ‘better one sentence too many than one word too few’. We have described this ever-expanding subject in as much detail as possible. Even more examples, drawings and photographs have been added to make it easier to understand complicated relationships. The glossary has been enlarged to include many new terms covering all essential concepts related to smart cards, and it has been enhanced with cross-references. In many cases, it can provide a quick introduction to a particular subject. Altogether, these additions, extensions and improvements have resulted in a book that is more than three times as large as the first edition. Here we can make a small comparison. Modern smart card operating systems currently comprise 120,000 lines of source code, which roughly corresponds to two books the size of the present edition. Even if you are not familiar with programming, you can readily appreciate how sophisticated these operating systems have become. These small, colorful plastic cards with their semiconductor chips continue to spread from their original countries, Germany and France, throughout the world. In the coming years, this technology can be expected to outstrip all others, especially since it is still in its infancy and there is no end or consolidation in sight. Smart card technology progresses in leaps and bounds, and we attempt to keep pace by publishing a new edition of the Smart Card Handbook every two to three years. The Smart Card Handbook represents the present state of technical knowledge, and in areas that are presently undergoing rapid change, we indicate possible paths of evolution. If certain things come to be seen differently at a later date, we can only remark that no one knows what the future will bring. Despite this, or perhaps just because of this, we welcome all comments, suggestions and proposed improvements, so that this book can continue to cover the subject of smart cards as completely as possible. Here we would like to explicitly thank the many attentive and interested readers who have pointed out unclear or ambiguous passages and errors. Once again, an errata list for this edition will be made available at www.wiley.co.uk/commstech/. We would also like to thank our many friends and colleagues who have repeatedly offered valuable (and occasionally somewhat uncomfortable) suggestions for making this book better xiv Preface and more complete. We would particularly like to thank Hermann Altschäfl, Peter van Elst, Klaus Finkenzeller, Thomas Graßl, Michael Schnellinger, Harald Vater and Dieter Weiß, as well as Kathryn Sharples at Wiley for her helpful support and Kenneth Cox for the translation. Munich, June 2002 Wolfgang Rankl , Wolfgang Effing Symbols and Notation General r In accordance with ISO standards, the least-significant bit is always designated 1, rather than 0. r In accordance with common usage, the term ‘byte’ refers to a sequence of eight bits and is equivalent to the term ‘octet’, which is often used in international standards. r Length specifications for data, objects and all countable quantities are shown in decimal form, in agreement with the usual practice in smart card standards. All other values are usually shown as hexadecimal numbers and identified as such. r The prefixes ‘kilo’ and ‘mega’ have the values of 1024 (210) and 1,048,576 (220), respectively, as is customary in the field of information technology. r Depending on the context, binary values may not be explicitly identified as such. r Commands used with smart cards are printed in upper-case characters (for example: SELECT FILE). Representation of characters and numbers 42 "00" ◦ ◦ ◦ ◦ 0 , 1 ""ABC"" Bn bn Dn decimal value hexadecimal value binary values ASCII value byte number n (for example: B1) bit number n (for example: b2) digit number n (for example: D3) Logical functions || ⊕ concatenation (of data elements or objects) logical XOR operation xvi Symbols and Notation ∧ ∨ a∈M a∈ /M {a, b, c} logical AND operation logical OR operation a is an element of the set M a is not an element of the set M the set of elements a, b, c Cryptographic functions enc Xn (K; D) dec Xn (K; D) S:= sign Xn R:= verify (K; D) Xn (K; S) Result = OK/NOK encryption using the algorithm X and an n-bit key, with the key K and the data D decryption using the algorithm X and an n-bit key, with the key K and the data D generating the signature S using the algorithm X and an n -bit key, with the key K and the data D verifying the signature S using the algorithm X and an n-bit key, with the key K References See: ‘. . . ’ See also: ‘. . . ’ [. . . ] This is a cross-reference to another location in the book. This is a cross-reference to another location in the book where more information on the subject can be found. This is a reference to a World Wide Web site listed in the Appendix. This is a cross-reference to additional literature or standards listed in the Appendix. The format is: X ∈ {surname of the first-named author} Y ∈ {last two digits of the year of publication} Program Code Conventions The syntax and semantics of the program code used in this book are based on the standard dialects of Basic. However, the use of explanations in natural language within a program listing is allowed, in order to promote the understandability of the code. Naturally, although this makes it easier for the reader to understand the code, it means that it is not possible to automatically convert the code into machine code. This compromise is justified by the significant improvement in readability that it provides. := ::= =, !=, <, <=, >, => +, −, ×, / NOT AND OR || // . . . assignment operator definition operator comparison operators arithmetic operators logical not logical and logical or concatenation operator (e.g., coupling two byte strings) end-of-line marker for multiline instructions comment IO Buffer Label: GOTO . . . CALL . . . RETURN variable (printed in italics) jump or call location (printed in bold) jump function call (subroutine call) return from a function (subroutine) IF . . . THEN . . . IF . . . THEN . . . ELSE . . . decision, type 1 decision, type 2 SEARCH (. . .) STATUS search in a list; search string in parentheses query the result of a previously executed function call STOP LENGTH (. . .) EXIST terminate a process calculate the length test for presence (for example: an object or data element) WITH . . . END WITH starts the definition of a variable or object as a reference ends the definition of a variable or object as a reference Abbreviations 3DES 3GPP 3GPP2 triple DES (see glossary) Third Generation Partnership Project (see glossary) Third Generation Partnership Project 2 (see glossary) A3, A5, A8 AAM ABA ABS AC ACD ACK ACM ADF ADN AES AFI AFNOR AGE AGE AID AM Amd. AMPS AND ANSI AoC AODF APACS APDU A-PET API AR ARM GSM algorithm 3, 5, 8 (see glossary) application abstract machine American Bankers’ Association acrylonitrile butadiene styrene access conditions (see glossary) access control descriptor acknowledge accumulated call meter application dedicated file abbreviated dialing number Advanced Encryption Standard (see glossary) application family identifier Association Française de Normalisation (see glossary) Autobahngebührenerfassung automatische Gebührenerfassung application identifier (see glossary) access mode Amendment Advanced Mobile Phone Service (see glossary) logical AND operation American National Standards Institute (see glossary) Advice of Charge authentication object directory file Association for Payment Clearing Services application protocol data unit (see glossary) amorphous polyethylene terephthalate application programming interface (see glossary) access rules advanced RISC machine xx Abbreviations ARR ASC ASCII ASIC ASK ASN.1 AT ATM ATQA ATQB ATR ATS ATTRIB AUX access rule reference application-specific command American Standard Code for Information Interchange application-specific integrated circuit amplitude shift keying (see glossary) Abstract Syntax Notation 1 (see glossary) attention automated teller machine answer to request, type A answer to request, type B answer to reset (see glossary) answer to select PICC selection command, type B auxiliary B2A B2B B2C Basic BCD Bellcore BER BER-TLV BEZ business-to-administration (see glossary) business-to-business (see glossary) business-to-consumer (see glossary) Beginners All Purpose Symbolic Instruction Code binary-coded digit Bell Communications Research Laboratories Basic Encoding Rules (see glossary) Basic Encoding Rules – tag, length, value Börsenevidenzzentrale block guard time bank identification number binary digit basic processor functions binary phase-shift keying (see glossary) base station block waiting time BGT BIN bit BPF BPSK BS BWT CA CAD CAFE CAMEL CAP C-APDU CAPI CASCADE certification authority (see glossary) chip accepting device (see glossary) Conditional Access for Europe (EU project) Customized Applications for Mobile Enhanced Logic card application (see glossary) command APDU (see glossary) crypto API (application programming interface) Chip Architecture for Smart Card and Portable Intelligent Devices CASE CAT CAVE CBC computer-aided software engineering card application toolkit Cellular Authentication, Voice Privacy and Encryption cipher block chaining Abbreviations CC CCD CCD CCITT CCR CCS CD CDF CDM CDMA CEN CENELEC CEPS CEPT CFB CGI CHV CICC CID CISC CLA CLK CLn CMM CMOS CMS COS COT CRC CRCF CRT CRT Cryptoki CSD C-SET CT CT CT CT CT-API CTDE CTI xxi Common Criteria (see glossary) card-coupling device charge-coupled device Comité Consultatif International Télégraphique et Téléphonique (now ITU) (see glossary) chip-card reader cryptographic checksum (see glossary) committee draft certificate directory file card-dispensing machine code division multiple access (see glossary) Comité Européen de Normalisation (see glossary) Comité Européen de Normalisation Eléctrotechnique Common Electronic Purse Specifications, (previously: Common European Purse System) (see glossary) Conférence Européenne des Postes et Télécommunications (see glossary) cipher feedback common gateway interface cardholder verification contactless integrated circuit card card identifier complex instruction set computer class clock cascade level n, type A capability maturity model (see glossary) complementary metal-oxide semiconductor card management system chip operating system (see glossary) chip-on-tape (see glossary) cyclic redundancy check (see glossary) clock rate conversion factor Chinese remainder theorem control reference template cryptographic token interface circuit-switched data Chip-SET (secure electronic transaction) chipcard terminal card terminal cascade tag, type A cordless telephone chipcard terminal (CT) API (see glossary) cryptographic token data element cryptographic token information xxii Abbreviations CTIO CVM CWT cryptographic token information object cardholder verification method character waiting time D DAD DAM DAM D-AMPS DAP DB DBF DBMS DC/SC DCODF DCS DEA DECT divisor destination address DECT authentication module (see glossary) draft amendment Digital Advanced Mobile Phone Service (see glossary) data authentication pattern database database file database management system Digital Certificates on Smart Cards data container object directory file digital cellular system data encryption algorithm (see glossary) Digital Enhanced Cordless Telecommunications (previously: Digital European Cordless Telecommunications) (see glossary) Distinguished Encoding rules (see glossary) Data Encryption Standard (see glossary) dedicated file (also often: directory file) (see glossary) differential fault analysis (see glossary) Datenfernübertragung dual in-line Deutsche Industrienorm draft international standard dynamic link library direct memory access data object US Department of Defense document object model data over voice differential power analysis (see glossary) dots per inch divisor receive (PCD to PICC) dynamic random-access memory (see glossary) divisor receive integer (PCD to PICC) divisor send (PICC to PCD) digital signature algorithm divisor send integer (PICC to PCD) Datenträgeraustausch document type definition dual-tone multiple-frequency digital versatile disc Dateiverwaltungssystem [file management system] DER DES DF DFA DFÜ DIL DIN DIS DLL DMA DO DoD DOM DOV DPA dpi DR DRAM DRI DS DSA DSI DTAUS DTD DTMF DVD DVS Abbreviations E EBCDIC EC ec ECB ECBS ECC ECC ECDSA ECML ECTEL EDC EDGE EDI EDIFACT EEPROM, E2 PROM EF EFF EFI EFTPOS EFW EGT EMV EOF EPROM ESD ESPRIT ETS ETSI etu f FAR FAT FBZ fC FCB FCC FCFS FCI FCOS xxiii end of communication, type A extended binary-coded decimal interchange code elliptic curve Eurocheque electronic codebook European Committee for Banking Standards (see glossary) elliptic curve cryptosystems (see glossary) error correction code (see glossary) elliptic curve DSA Electronic Commerce Modeling Language European Telecom Equipment and Systems Industry error detection code (see glossary) Enhanced Data Rates for GSM and TDMA Evolution (see glossary) electronic data interchange electronic data interchange for administration, commerce and transport electrically erasable programmable read-only memory (see glossary) elementary file (see glossary) Electronic Frontier Foundation EF internal electronic fund transfer at point of sale EF working extra guard time, type B Europay, MasterCard, Visa (see glossary) end of frame, type B erasable programmable read-only memory (see glossary) electrostatic discharge European Strategic Programme of Research and Development in Information Technology (EU project) European Telecommunication Standard (see glossary) European Telecommunications Standards Institute (see glossary) elementary time unit (see glossary) following page false acceptance rate file allocation table (see glossary) Fehlbedienungszähler (see glossary) frequency of operating field (carrier frequency) file control block Federal Communications Commission first-come, first-serve file control information flip chip on substrate xxiv FCP FD/CDMA FDMA FDN FDT FEAL FET ff FID FIFO FINEID FIPS FMD FO FPGA FPLMTS FRAM FRR FS fS FSC FSCI FSD FSDI FSK FTAM FWI FWT FWTTEMP gcd GF GGSN GND GP GPL GPRS GPS GSM Abbreviations file control parameters frequency division / code division multiple access (see glossary) frequency division multiple access (see glossary) fixed dialing number frame delay time, type A fast data encipherment algorithm field-effect transistor following pages file identifier (see glossary) first in, first out Finnish Electronic Identification Card Federal Information Processing Standard (see glossary) file management data frame option field-programmable gate array (see glossary) Future Public Land Mobile Telecommunication Service (see glossary) ferroelectric random-access memory (see glossary) false rejection rate file system frequency of subcarrier modulation frame size for proximity card frame size for proximity card integer frame size for coupling device frame size for coupling device integer frequency-shift keying file transfer, access and management frame waiting time integer frame waiting time temporary frame waiting time GTS GUI greatest common denominator Galois fields gateway GPRS support node ground Global Platform (see glossary) GNU public license General Packet Radio System (see glossary) Global Positioning System Global System for Mobile Communications (previously: Groupe Spécial Mobile) (see glossary) GSM Technical Specification graphical user interface HAL HBCI HiCo hardware abstraction layer (see glossary) Home Banking Computer Interface (see glossary) high coercivity Abbreviations xxv HLTA HLTB HSCSD HSM HSM HSM HTML HTTP HV HW Halt command, type A Halt command, type B high-speed circuit switched data hardware security module high-security module host security module hypertext markup language hypertext transfer protocol Vickers hardness hardware I/O I2 C IATA IBAN I-block ICC ID IDEA IEC IEEE IEP IFD IFS IFSC IFSD IIC IMEI IMSI IMT-2000 IN INF INS INTAMIC IP IPES IrDA ISDN ISF ISIM ISO IT ITSEC input/output inter-integrated circuit International Air Transport Association international bank account number information block integrated-circuit card (see glossary) identifier international data encryption algorithm International Electrotechnical Commission (see glossary) Institute of Electrical and Electronics Engineers intersector electronic purse interface device (see glossary) information field size information field size for the card information field size for the interface device institution identification codes international mobile equipment identity international mobile subscriber identity International Mobile Telecommunication 2000 (see glossary) intelligent network information field instruction International Association of Microcircuit Cards Internet protocol Improved Proposed Encryption Standard Infrared Data Association Integrated Services Digital Network (see glossary) internal secret file IP security identity module International Organization for Standardization (see glossary) information technology Information Technology Security Evaluation Criteria (see glossary) International Telecommunications Union (see glossary) Informations- und Kommunikations-Gesetz ITU IuKDG xxvi Abbreviations IV IVU initialization vector in-vehicle unit J2ME JCF JCRE JCVM JDK JECF JIT JTC1 JVM Java 2 Micro Edition Java Card Forum (see glossary) Java Card runtime environment (see glossary) Java Card virtual machine (see glossary) Java development kit (see glossary) Java Electronic Commerce Framework just in time Joint Technical Committee One Java virtual machine K Kc KD KFPC Ki KID KM KS KVK key ciphering key derived key key fault presentation counter individual key identifier key master key session key Krankenversichertenkarte LA LAN Lc LCSI Le LEN LFSR LIFO LND LOC LoCo LRC LSAM lsb LSB location area local-area network command length life cycle status indicator expected length length linear-feedback shift register last in, first out last number dialed lines of code low coercivity longitudinal redundancy check load secure application module least significant bit least significant byte M MAC MAOS MBL MBLI MCT ME MEL MExE month message authentication code / data security code (see glossary) multi-application operating system maximum buffer length maximum buffer length index multifunctional card terminal (see glossary) mobile equipment Multos Executable Language mobile station execution environment (see glossary) Abbreviations xxvii MF MFC MIME MIPS MLI MM MMI MMS MMU MOC MOO MOSAIC MOSFET MoU MS msb MSB MSE MTBF MUSCLE master file (see glossary) multi-function card, multifunctional smart card Multipurpose Internet Mail Extensions million instructions per second multiple laser image moduliertes Merkmal man–machine interface multimedia messaging service memory-management unit matching-on-chip mode of operation Microchip On-Surface and In-Card metal-oxide semiconductor field-effect transistor Memorandum of Understanding (see glossary) mobile station most significant bit most significant byte MANAGE SECURITY ENVIRONMENT mean time between failures Movement for the Use of Smart Cards in a Linux Environment NAD NAK NBS NCSC NDA NIST nok NPU NRZ NSA NU NVB node address negative acknowledgement US National Bureau of Standards (see glossary) National Computer Security Center (see glossary) nondisclosure agreement US National Institute of Standards and Technology (see glossary) not OK numeric processing unit (see glossary) non-return to zero US National Security Agency (see glossary) not used number of valid bits OBU ODF OFB OID OOK OP OR OS OSI OTA OTA OTASS OTP onboard unit object directory file output feedback object identifier on/off keying Open Platform (see glossary) logical OR operation operating system Open Systems Interconnections Open Terminal Architecture over-the-air (see glossary) over-the-air SIM services one-time password xxviii Abbreviations OTP OTP OVI one-time programmable Open Trading Protocol optically variable ink P1, P2, P3 PA PB PC PC PC/SC PCB PCD PCMCIA PCN PCS PDA PES PET PETP PGP PICC PIN PIX PKCS PKI PLL PLMN PM POS POZ PP PPM PPC PPS prEN prETS PrKDF PRNG PROM PSAM PSK PSO PSTN PTS PTT Pub parameter 1, 2, 3 power analysis procedure byte personal computer polycarbonate personal computer / smart card (see glossary) protocol control byte proximity coupling device (see glossary) Personal Computer Memory Card International Association personal communication networks personal communication system personal digital assistant proposed encryption standard polyethylene terephthalate partially crystalline polyethylene terephthalate Pretty Good Privacy proximity ICC (see glossary) personal identification number proprietary application identifier extension public-key cryptography standards (see glossary) public-key infrastructure (see glossary) phase-locked loop public land mobile network (see glossary) person–month point of sale (see glossary) POS ohne Zahlungsgarantie protection profile (see glossary) pulse position modulation production planning and control protocol parameter selection pre Norme Européenne pre European Telecommunication Standard private key directory file pseudorandom number generator (see glossary) programmable read-only memory purchase secure application module phase shift keying PERFORM SECURITY OPERATION public switched telephone network (see glossary) protocol type selection Postes Télégraphes et Téléphones publication Abbreviations xxix PUK PuKDF PUPI PVC PWM personal unblocking key (see glossary) public key directory file pseudo-unique PICC identifier polyvinyl chloride pulse width modulation RAM R-APDU RATS REJ REQA REQB RES RF RFC RFID RFU RID RID RIPE RIPE-MD RISC RND RNG ROM RS RSA RTE R-UIM random-access memory (see glossary) response APDU (see glossary) request to answer to select reject request command, type A request command, type B resynchronization radio frequency request for comment radio frequency identification reserved for future use record identifier registered application provider identifier RACE (EU project) integrity primitives evaluation RACE integrity primitives evaluation message digest reduced instruction set computer random number random number generator read-only memory (see glossary) Reed–Solomon Rivest, Shamir and Adleman cryptographic algorithm runtime environment removable user identity module (see glossary) S S@T S@T S@TML SA SA SAD SAGE SAK SAM SAT SC SC SCC SCMS SCOPE SCP start of communication SIM Alliance Toolbox SIM Alliance Toolkit SIM Alliance Toolbox Markup Language security attributes service area source address Security Algorithm Group of Experts select acknowledge secure application module (see glossary) SIM Application Toolkit (see glossary) security conditions smart card smart card controller smart card management system Smart Card Open Platform Environment (see glossary) Smart Card Platform xxx SCQL SCSUG SDL SDMA SE SECCOS SEIS SEL SELECT SEMPER SEPP SET SFGI SFGT SFI SGSN S-HTTP SigG SigV SIM SIMEG SKDF SM SM SMD SMG9 SMIME SMS SMSC SMS-PP SOF SPA SQL SQUID SRAM SRES SS SSC SSL SSO STARCOS STC STK STT SVC Abbreviations structured card query language Smart Card Security Users Group specification and description language space division multiple access (see glossary) security environment (see glossary) Secure Chip Card Operating System (see glossary) Secured Electronic Information in Society select code select command Secure Electronic Marketplace for Europe (EU project) secure electronic payment protocol secure electronic transaction (see glossary) start-up frame guard time integer start-up frame guard time short file identifier (see glossary) serving GPRS support node secure hypertext transfer protocol Signaturgesetz (see glossary) Signaturverordnung (see glossary) subscriber identity module (see glossary) Subscriber Identity Module Expert Group (see glossary) secret key directory file secure messaging security mechanism surface mounted device (see glossary) Special Mobile Group 9 (see glossary) Secure Multipurpose Internet Mail Extensions short message service (see glossary) short message service center short message service point to point start of frame simple power analysis (see glossary) structured query language superconducting quantum interference device static random-access memory (see glossary) signed response supplementary service send sequence counter secure socket layer single sign-on (see glossary) Smart Card Chip Operating System (product of G+D) sub technical committee SIM Application Toolkit (see glossary) secure transaction technology stored value card (product of Visa International) Abbreviations xxxi SW SW1, SW2 SWIFT software status word 1, 2 Society for Worldwide Interbank Financial Telecommunications T TAB TACS TAL TAN TAR tbd TC TC TC TCOS TCP TCP/IP TCSEC TD/CDMA TDES TDMA TETRA TLS TLV TMSI TOE TPDU TRNG TS TTCN TTL TTL TTP tag tape-automated bonding Total Access Communication System terminal application layer transaction number (see glossary) toolkit application reference to be defined trust center (see glossary) technical committee thermochrome Telesec Card Operating System transport control protocol Transmission Control Protocol / Internet Protocol Trusted Computer System Evaluation Criteria (see glossary) time division / code division multiple access (see glossary) triple DES (see glossary) time division multiple access (see glossary) Trans-European Trunked Radio (see glossary) transport layer security tag, length & value (see glossary) temporary mobile subscriber identity target of evaluation (see glossary) transmission protocol data unit (see glossary) true random number generator (see glossary) technical specification tree-and-tabular combined notation terminal transport layer transistor-transistor logic trusted third party (see glossary) UART UATK UCS UI UICC UID UIM UML UMTS URL USAT USB USIM universal asynchronous receiver/transmitter (see glossary) UIM Application Toolkit Universal Character Set (see glossary) user interface universal integrated circuit card (see glossary) unique identifier user identity module (see glossary) unified modeling language (see glossary) Universal Mobile Telecommunication System (see glossary) uniform resource locator (see glossary) USIM application toolkit (see glossary) universal serial bus universal subscriber identity module (see glossary) xxxii Abbreviations USSD UTF UTRAN unstructured supplementary services data UCS transformation format UMTS radio access network VAS Vcc VCD VEE VKNR VLSI VM VOP Vpp VSI value-added services (see glossary) supply voltage vicinity coupling device Visa Easy Entry (see glossary) Versichertenkartennummer very large scale integration virtual machine (see glossary) Visa Open Platform (see glossary) programming voltage vertical system integration W3C WAE WAN WAP WCDMA WDP WfSC WG WIG WIM WML WORM WSC WSP WSP WTAI WTLS WTP WTX WTXM WUPA WUPB WWW World Wide Web Consortium wireless application environment wide-area network wireless application protocol (see glossary) wideband code division multiple access (see glossary) wireless datagram protocol Windows for Smart Cards working group wireless Internet gateway wireless identification module (see glossary) wireless markup language (see glossary) write once, read multiple Windows for Smart Cards wafer-scale package wireless session protocol wireless telephony application interface wireless transport layer security wireless transport protocol waiting time extension waiting time extension multiplier wakeup command, type A wakeup command, type B World Wide Web (see glossary) XML XOR extensible markup language (see glossary) logical exclusive-OR operation Y year ZKA Zentraler Kreditausschuss (see glossary) 1 Introduction This book has been written for students, engineers and technically minded persons who want to learn more about smart cards. It attempts to cover this broad topic as completely as possible, in order to provide the reader with a general understanding of the fundamentals and the current state of the technology. We have put great emphasis on a practical approach. The wealth of pictures, tables and references to real applications is intended to help the reader become familiar with the subject rather more quickly than would be possible with a strictly technical presentation. This book is thus intended to be useful in practice, rather than technically complete. For this reason, descriptions have been kept as concrete as possible. In places where we were faced with a choice between technical accuracy and ease of understanding, we have tried to strike a happy medium. Whenever this proved to be impossible, we have always given preference to ease of understanding. The book has been written so that it can be read in the usual way, from front to back. We have tried to avoid forward references as much as possible. The designs of the individual chapters, in terms of structure and content, allow them to be read individually without any loss of understanding. The comprehensive index and the glossary allow this book to be used as a reference work. If you want to know more about a specific topic, the references in the text and the annotated directory of standards will help you find the relevant documents. Unfortunately, a large number of abbreviations have become established in smart card technology, as in so many other areas of technology and everyday life. This makes it particularly difficult for newcomers to become familiar with the subject. We have tried to minimize the use of these cryptic and frequently illogical abbreviations. Nevertheless, we have often had to choose a middle way between internationally accepted smart card terminology used by specialists and common terms more easily understood by laypersons. If we have not always succeeded, the extensive list of abbreviations at the front of the book should at least help overcome any barriers to understanding, which we hope will be short-lived. An extensive glossary in the final chapter of the book explains the most important technical concepts and supplements the list of abbreviations. An important feature of smart cards is that their properties are strongly based on international standards. This is fundamentally important with regard to the usually compulsory need for interoperability. Unfortunately, these standards are often difficult to understand, and in Smart Card Handbook, Third Edition. W. Rankl and W. Effing C 2004 John Wiley & Sons, Ltd ISBN: 0-470-85668-8 2 Introduction some critical places they require outright interpretation. Sometimes only the members of the associated standardization group can explain the intention of certain sections. In such cases, the Smart Card Handbook attempts to present the understanding that is generally accepted in the smart card industry. Nevertheless, the relevant standards are still the ultimate authority, and in such cases they should always be consulted. 1.1 THE HISTORY OF SMART CARDS The proliferation of plastic cards started in the USA in the early 1950s. The low price of the synthetic material PVC made it possible to produce robust, durable plastic cards that were much more suitable for everyday use than the paper and cardboard cards previously used, which could not adequately withstand mechanical stresses and climatic effects. The first all-plastic payment card for general use was issued by the Diners Club in 1950. It was intended for an exclusive class of individual, and thus also served as a status symbol, allowing the holder to pay with his or her ‘good name’ instead of cash. Initially, only the more select restaurants and hotels accepted these cards, so this type of card came to be known as a ‘travel and entertainment’ card. The entry of Visa and MasterCard into the field led to a very rapid proliferation of ‘plastic money’ in the form of credit cards. This occurred first in the USA, with Europe and the rest of the world following a few years later. Today, credit cards allow travelers to shop without cash everywhere in the world. A cardholder is never at a loss for means of payment, yet he or she avoids exposure to the risk of loss due to theft or other unpredictable hazards, particularly while traveling. Using a credit card also eliminates the tedious task of exchanging currency when traveling abroad. These unique advantages helped credit cards become rapidly established throughout the world. Many hundreds of millions of cards are produced and issued annually. At first, the functions of these cards were quite simple. They served as data storage media that were secure against forgery and tampering. General information, such as the card issuer’s name, was printed on the surface, while personal data elements, such as the cardholder’s name and the card number, were embossed. Many cards also had a signature panel where the cardholder could sign his or her name for reference. In these first-generation cards, protection against forgery was provided by visual features, such as security printing and the signature panel. Consequently, the system’s security depended quite fundamentally on the quality and conscientiousness of the persons responsible for accepting the cards. However, this did not represent an overwhelming problem, due to the card’s initial exclusivity. With the increasing proliferation of card use, these rather rudimentary features no longer proved sufficient, particularly since threats from organized criminals were growing apace. Increasing handling costs for merchants and banks made a machine-readable card necessary, while at the same time, losses suffered by card issuers as the result of customer insolvency and fraud grew from year to year. It became apparent that the security features for protection against fraud and manipulation, as well as the basic functions of the card, had to be expanded and improved. The first improvement consisted of a magnetic stripe on the back of the card, which allowed digital data to be stored on the card in machine-readable form as a supplement to the visual information. This made it possible to minimize the use of paper receipts, which were previously essential, although the customer’s signature on a paper receipt was still required in traditional credit card applications as a form of personal identification. However, new approaches that did 1.1 The History of Smart Cards 3 not require paper receipts could also be devised. This made it possible to finally achieve the long-standing objective of replacing paper-based transactions by electronic data processing. This required a different method to be used for user identification, which previously employed the user’s signature. The method that has come into widespread general use involves a secret personal identification number (PIN) that is compared with a reference number. The reader is surely familiar with this method from using bank machines (automated teller machines). Embossed cards with magnetic stripes are still the most commonly used types of cards for financial transactions. However, magnetic-stripe technology has a crucial weakness, which is that the data stored on the stripe can be read, deleted and rewritten at will by anyone with access to the necessary equipment. It is thus unsuitable for storing confidential data. Additional techniques must be used to ensure confidentiality of the data and prevent manipulation of the data. For example, the reference value for the PIN could be stored in the terminal or host system in a secure environment, instead of on the magnetic stripe. Most systems that employ magnetic-stripe cards thus use online connections to the system’s host computer for reasons of security, even though this generates significant costs for the necessary data transmissions. In order to reduce costs, it is necessary to find solutions that allow card transactions to be executed offline without endangering the security of the system. The development of the smart card, combined with the expansion of electronic dataprocessing systems, has created completely new possibilities for devising such solutions. Enormous progress in microelectronics in the 1970s made it possible to integrate data storage and processing logic on a single silicon chip measuring a few square millimetres. The idea of incorporating such an integrated circuit into an identification card was contained in a patent application filed by the German inventors Jürgen Dethloff and Helmut Grötrupp as early as 1968. This was followed in 1970 by a similar patent application by Kunitaka Arimura in Japan. However, the first real progress in the development of smart cards came when Roland Moreno registered his smart card patents in France in 1974. It was only then that the semiconductor industry was able to supply the necessary integrated circuits at acceptable prices. Nevertheless, many technical problems still had to be solved before the first prototypes, some of which contained several integrated circuit chips, could be transformed into reliable products that could be manufactured in large numbers with adequate quality at a reasonable cost. Since the basic inventions in smart card technology originated in Germany and France, it is not surprising that these countries played the leading roles in the development and marketing of smart cards. The great breakthrough was achieved in 1984, when the French PTT (postal and telecommunications services agency) successfully carried out a field trial with telephone cards. In this field trial, smart cards immediately proved to meet all expectations with regard to high reliability and protection against manipulation. Significantly, this breakthrough for smart cards did not come in an area where traditional cards were already used, but in a new application. Introducing a new technology in a new application has the great advantage that compatibility with existing systems does not have to be taken into account, so the capabilities of the new technology can be fully exploited. A pilot project was conducted in Germany in 1984–85, using telephone cards based on several technologies. Magnetic-stripe cards, optical-storage (holographic) cards and smart cards were used in comparative tests. Smart cards proved to be the winners in this pilot study. In addition to a high degree of reliability and security against manipulation, smart card technology promised the greatest degree of flexibility for future applications. Although the older but less expensive EPROM technology was used in the French telephone card chips, 4 Introduction more recent EEPROM chips were used from the start in the German telephone cards. The latter type of chip does not need an external programming voltage. An unfortunate consequence is that the French and German telephone cards are mutually incompatible. It appears that even after the introduction of the euro, French and German telephone cards will remain unusable in each other’s country of origin for at least a while. Further developments followed the successful trials of telephone cards, first in France and then in Germany, with breathtaking speed. By 1986, several million ‘smart’ telephone cards were in circulation in France alone. The total rose to nearly 60 million in 1990, and to several hundred million worldwide in 1997. Germany experienced similar progress, with a time lag of about three years. These systems were marketed throughout the world after the successful introduction of the smart card public telephone in France and Germany. Telephone cards incorporating chips are currently used in more than 50 countries. The integrated circuits used in telephone cards are relatively small, simple and inexpensive memory chips with specific security logic that allows the card balance to be reduced while protecting it against manipulation. Microprocessor chips, which are significantly larger and more complex, were first used in large numbers in telecommunications applications, specifically for mobile telecommunications. In 1988, the German Post Office acted as a pioneer in this area by introducing a modern microprocessor card using EEPROM technology as an authorization card for the analog mobile telephone network (C-Netz). The reason for introducing such cards was an increasing incidence of fraud with the magnetic-stripe cards used up to that time. For technical reasons, the analog mobile telephone network was limited to a relatively small number of subscribers (around one million), so it was not a true mass market for microprocessor cards. However, the positive experience gained from using smart cards in the analog mobile telephone system was decisive for the introduction of smart cards into the digital GSM network. This network was put into service in 1991 in various European countries and has presently expanded over the entire world, with over 600 million subscribers in more than 170 countries. Progress was significantly slower in the field of bank cards, in part due to their greater complexity compared with telephone cards. These differences are described in detail in the following chapters. Here we would just like to remark that the development of modern cryptography has been just as crucial for the proliferation of bank cards as developments in semiconductor technology. With the general expansion of electronic data processing in the 1960s, the discipline of cryptography experienced a sort of quantum leap. Modern hardware and software made it possible to implement complex, sophisticated mathematical algorithms that allowed previously unparalleled levels of security to be achieved. Moreover, this new technology was available to everyone, in contrast to the previous situation in which cryptography was a covert science in the private reserve of the military and secret services. With these modern cryptographic procedures, the strength of the security mechanisms in electronic data-processing systems could be mathematically calculated. It was no longer necessary to rely on a highly subjective assessment of conventional techniques, whose security essentially rests on the secrecy of the procedures used. The smart card proved to be an ideal medium. It made a high level of security (based on cryptography) available to everyone, since it could safely store secret keys and execute cryptographic algorithms. In addition, smart cards are so small and easy to handle that they can be carried and used everywhere by everybody in everyday life. It was a natural idea to attempt to use these new security features for bank cards, in order to come to grips with the security risks arising from the increasing use of magnetic-stripe cards. 1.2 Application Areas 5 The French banks were the first to introduce this fascinating technology in 1984, following a trial with 60,000 cards in 1982–83. It took another 10 years before all French bank cards incorporated chips. In Germany, the first field trials took place in 1984–85, using a multifunctional payment card incorporating a chip. However, the Zentrale Kreditausschuss (ZKA), which is the coordinating committee of the leading German banks, did not manage to issue a specification for multifunctional Eurocheque cards incorporating chips until 1996. In 1997, all German savings associations and many banks issued the new smart cards. In the previous year, multifunctional smart cards with POS functions, an electronic purse and optional value-added services were issued in all of Austria. This made Austria the first country in the world to have a nationwide electronic purse system. An important milestone for the future worldwide use of smart cards for making payments was the completion of the EMV specification, which was a product of the joint efforts of Europay, MasterCard and Visa. The first version of this specification was published in 1994. It contained detailed descriptions of credit cards incorporating microprocessor chips, and it guaranteed the mutual compatibility of the future smart cards of the three largest credit card organizations. Electronic purse systems have proven to be another major factor in promoting the international use of smart cards for financial transactions. The first such system, called Danmønt, was put into operation in Denmark in 1992. There are currently more than 20 national systems in use in Europe alone, many of which are based on the European EN 1546 standard. The use of such systems is also increasing outside of Europe. In the USA, where smart-card systems have had a hard time becoming established, Visa experimented with a smart-card purse during the 1996 Olympic Summer Games in Atlanta. Payments via the Internet offer a new and promising application area for electronic purses. However, the problems associated with making small payments securely but anonymously throughout the world via the public Internet have not yet been solved in a satisfactory manner. Smart cards could play a decisive role in providing an answer to these problems. Besides this, smart cards could plan an important role in introducing electronic signatures. Several European countries have initiated the introduction of electronic signature systems after a legal basis for the use of electronic signatures was provided by approval of a European directive regarding electronic signatures in 1999. As the result of another application, almost every German citizen now possesses a smart card. When health insurance cards incorporating chips were introduced, more than 70 million smart cards were issued to all persons enrolled in the national health insurance plan. Presently, smart cards are being used in the health-care sector in many countries. The smart card’s high degree of functional flexibility, which even allows programs for new applications to be added to a card already in use, has opened up completely new application areas extending beyond the boundaries of traditional card uses. Smart cards are also being used as ‘electronic tickets’ for local public transport in many cities throughout the world. Contactless smart cards are usually used for such applications, since they are particularly convenient and user friendly. 1.2 APPLICATION AREAS As can be seen from the historical summary, the potential applications for smart cards are extremely diverse. With the steadily increasing storage and processing capacities of available integrated circuits, the range of potential applications is constantly being expanded. Since it is 6 Introduction impossible to describe all of these applications in detail within the confines of this book, a few typical examples must serve to illustrate the basic properties of smart cards. This introductory chapter is only meant to provide an initial overview of the functional versatility of these cards. Several typical applications are described in detail in Chapters 12, 13 and 14. To make this overview easier to follow, it is helpful to divide smart cards into two categories: memory cards and microprocessor cards. 1.2.1 Memory cards The first smart cards used in large quantities were memory cards for telephone applications. These cards are prepaid, with the value stored electronically in the chip being decreased by the amount of the call charge each time the card is used. Naturally, it is necessary to prevent the user from subsequently increasing the stored value, which could easily be done with a magnetic-stripe card. With such a card, all the user would have to do is record the data stored at the time of purchase and rewrite them to the magnetic stripe after using the card. The card would then have its original value and could be reused. This type of manipulation, known as ‘buffering’, is prevented in smart phone cards by security logic in the chip that makes it impossible to erase a memory cell once it has been written. The reduction of the card balance by the number of charge units used is thus irreversible. This type of smart card can naturally be used not only for telephone calls, but also whenever goods or services are to be sold against prior payment without the use of cash. Examples of possible uses include local public transport, vending machines of all types, cafeterias, swimming pools, car parks and so on. The advantage of this type of card lies in its simple technology (the surface area of the chip is typically only a few square millimeters), and hence its low cost. The disadvantage is that the card cannot be reused once it is empty, but must be discarded as waste – unless it ends up in a card collection. Another typical application of memory cards is the German health insurance card, which has been issued since 1994 to all persons enrolled in the national health insurance plan. The information previously written on the patient’s card is now stored in the chip and printed or laser-engraved on the card. Using a chip for data storage makes the cards machine-readable using simple equipment. In summary, memory-type smart cards have limited functionality. Their integrated security logic makes it possible to protect stored data against manipulation. They are suitable for use as prepaid cards or identification cards in systems where low cost is a primary consideration. 1.2.2 Microprocessor cards As already noted, microprocessor cards were first used in the form of bank cards in France. Their ability to securely store private keys and execute modern cryptographic algorithms made it possible to implement highly secure offline payment systems. Since the microprocessor built into the card is freely programmable, the functionality of microprocessor cards is restricted only by the available storage space and the capacity of the processor. The only limits to the designer’s imagination when implementing smart card systems are thus technological, and they are extended enormously with each new generation of integrated circuits. 1.2 Application Areas 7 Following a drastic reduction in the cost of smart cards in the early 1990s due to mass production, new applications have been introduced year after year. The use of smart cards with mobile telephones has been especially important for their international proliferation. After being successfully tested in the German national C-Netz (analog mobile telephone network) for use in mobile telephones, smart cards were prescribed as the access medium for the European digital mobile telephone system (GSM). In part, this was because smart cards allowed a high degree of security to be achieved for accessing the mobile telephone network. At the same time, they provided new possibilities and thus major advantages in marketing mobile telephones, since they made it possible for network operators and service providers to sell telephones and services separately. Without the smart card, mobile telephones would certainly not have spread so quickly across Europe or developed into a worldwide industry standard. memory capacity (bytes) 100 000 000 patient data storage secure Internet e-commerce 10 000 000 1 000 000 100 000 mobile telephones (GSM, UMTS) electronic payment systems (electronic purses, credit and debit cards) 10 000 health cards personal identity cards flextime logging 1 000 data encryption digital signatures public card phones medical insurance cards 100 Figure 1.1 Typical smart card application areas, showing the required storage capacity and arithmetic processing capacity Possible applications for microprocessor cards include identification, access control systems for restricted areas and computers, secure data storage, electronic signatures and electronic purses, as well as multifunctional cards incorporating several applications in a single 8 Introduction card. Modern smart-card operating systems also allow new applications to be loaded into a card after it has already been issued to the user, without compromising the security of the various applications. This new flexibility opens up completely new application areas. For example, personal security modules are indispensable if Internet commerce and payments are to be made trustworthy. Such security modules could securely store personal keys and execute high-performance cryptographic algorithms. These tasks can be performed in an elegant manner by a microprocessor with a cryptographic coprocessor. Specifications for secure Internet applications using smart cards are currently being developed throughout the world. Within a few years, we can expect to see every PC equipped with a smart-card interface. In summary, the essential advantages of microprocessor cards are large storage capacity, the ability to securely store confidential data and the ability to execute cryptographic algorithms. These advantages make a wide range of new applications possible, in addition to the traditional bank card application. The potential of smart cards is by no means yet exhausted, and furthermore, it is constantly being expanded by progress in semiconductor technology. 1.2.3 Contactless cards Contactless cards, in which energy and data are transferred without any electrical contact between the card and the terminal, have achieved the status of commercial products in the last few years. Presently, both memory cards and microprocessor cards are available as contactless cards. Although contactless microprocessor cards can usually work at a distance of only a few centimeters from the terminal, contactless memory cards can be used up to a meter away from the terminal. This means that such cards do not necessarily have to be held in the user’s hand during use, but can remain in the user’s purse or wallet. Contactless cards are thus particularly suitable for applications in which persons or objects should be quickly identified. Sample applications are: r access control, r local public transportation, r ski passes, r airline tickets, r baggage identification. However, there are also applications where operation over a long distance could cause problems and should thus be prevented. A typical example is an electronic purse. A declaration of intent on the part of the cardholder is normally required to complete a financial transaction. This confirms the amount of the payment and the cardholder’s agreement to pay. With a contactless card, this declaration takes the form of inserting the card in the terminal and confirming the indicated amount using the keypad. If contactless payments over relatively long distances were possible, a ‘con artist’ could remove money from the electronic purse without the knowledge of the cardholder. Dual-interface cards (sometimes called ‘combicards’) offer a possible solution to this problem. These cards combine contact and contactless interfaces in a single card. Such 1.3 Standardization 9 a card can communicate with the terminal via either its contact interface or its contactless interface, according to what is desired. There is great interest in contactless cards in the field of local public transportation. If the smart cards presently used in payment systems, which are generally contact-type cards, can have their functionality extended to include acting as electronic tickets with contactless interfaces, transportation operators could use the existing infrastructure and cards of the credit card industry. 1.3 STANDARDIZATION The prerequisite for the worldwide penetration of smart cards into everyday life, such as their current use in Germany in the form of telephone cards, health insurance cards and bank cards, has been the creation of national and international standards. Due to the special significance of such standards, in this book we repeatedly refer to currently applicable standards and those that are in preparation. Why are standards so important for expanding the use of smart cards? A smart card is normally one component of a complex system. This means that the interfaces between the card and the rest of the system must be precisely specified and matched to teach other. Of course, this could be done for each system on a case-by-case basis, without regard to other systems. However, this would mean that a different type of smart card would be needed for each system. Users would thus have to carry a separate card for each application. In order to avoid this, an attempt has been made to generate application-independent standards that allow multifunctional cards to be developed. Since the smart card is usually the only component of the system that the user holds in his or her hand, it is enormously important with regard to the recognition and acceptance of the entire system. Nonetheless, from a technical and organizational perspective, the smart card is usually only the tip of the iceberg, since complex systems (which are usually networked) are quite often hidden behind the card terminal, and it is these systems that make the services possible in the first place. Let us take telephone cards as an example. In technical terms, they are fairly simple objects. By themselves, they are almost worthless, except perhaps as collector’s items. Their true function, which is to allow public telephones to be used without coins, can be realized only after umpteen thousand card phones have been installed throughout a region and connected to a network. The large investments required for this can only be justified if the long-term viability of the system is ensured by appropriate standards and specifications. Standards are also an indispensable prerequisite for multifunctional smart cards used for several applications, such as telephony, electronic purses, electronic tickets and so on. What are standards This question is not as trivial as it may appear at first glance, since the terms ‘standard’ and ‘specification’ are often used fairly indiscriminately. To make things clear, let us consider the ISO/IEC definition: Standard: a document that is produced by consensus and adopted by a recognized organization, and which, for general and recurring applications, defines rules, guidelines or features for 10 Introduction activities or their results, with the objective of achieving an optimum degree of regulation in a given context. Note: standards should be based on the established results of science, technology and experience, and their objective should be the promotion of optimized benefits for society. International standards should thus help make life easier and increase the reliability and usefulness of products and services. In order to avoid confusion, ISO/IEC have also defined the term ‘consensus’ as follows: Consensus: general agreement, characterized by the absence of continuing objections to essential elements on the part of any significant portion of the interested parties, and achieved by a procedure that attempts to consider the views of all relevant parties and address all counterarguments. Note: consensus does not necessarily mean unanimity. Although unanimity is not required for consensus, the democratic process naturally takes time. This is in particular due to the fact that it is necessary to consider not only the views of the technical specialists, but also the views of all relevant parties, since the objective of a standard is the promotion of optimum benefits for the whole of society. Hence, the preparation of an ISO or CEN standard usually takes several years. A frequent consequence of the slowness of this process is that a small group of interested parties, such as commercial firms, generates its own specification (‘industry standard’) in order to hasten the development of new systems. This is particularly true in the field of information technology, which is characterized by especially fast development and correspondingly short innovation cycles. Although industry standards and specifications have the advantage that they can be developed significantly faster than ‘true’ standards, they carry the risk of ignoring the interests of the parties that are not involved in their development. For this reason, ISO attempts to create possibilities for retroactively incorporating significant publicly accessible specifications into international standards. What does ISO/IEC mean? The ISO/IEC standards are especially significant for smart cards, since they define the basic properties of smart cards. What lies behind the abbreviations ‘ISO’ and ‘IEC’? ‘ISO’ stands for the International Organization for Standardization, while ‘IEC’ stands for the International Electrotechnical Commission. The International Organization for Standardization (ISO) is a worldwide association of around 100 national standards agencies, with one per country. ISO was founded in 1948 and is a non-national organization. Its task is to promote the development of standards throughout the world, with the objective of simplifying the international exchange of goods and services and developing cooperation in the fields of science, technology and economy. The results of the activities of ISO are agreements that are published as ISO standards. Incidentally, ‘ISO’ is not an abbreviation (the abbreviation of the official name would of course be ‘IOS’). The name ‘ISO’ is derived from the Greek word isos, which means ‘equal’ or ‘the same’. The prefix iso-, derived from the Greek isos, is commonly used in 1.3 Standardization 11 the three official languages of ISO (English, French and Russian), as well as in many other languages. As already noted, the members of ISO are the national standards bodies of the individual countries, and only one such body per country is allowed to be a member. The member organizations have four basic tasks, as follows: r to inform potentially interested parties in their own countries about relevant activities and possibilities of international standardization, r to form national opinions on a democratic basis and represent these opinions in international negotiations, r to set up a secretariat for ISO committees in which the country has a particular interest, r to pay the country’s financial contribution in support of the central ISO organization. The IEC is a standardization organization whose scope of activity covers the areas of electrical technology and electronics. The first card standards were published by the IEC. After the introduction of smart cards, a difference of focus arose between the ISO and the IEC. In order to avoid duplication of effort, standards are developed in joint technical committees and published as ISO/IEC standards. How is an ISO standard generated? The need for a standard is usually reported to a national standards organization by an industrial sector. The national organization then proposes this to ISO as a new working theme. If the proposal is accepted by the responsible working group, which consists of technical experts from countries that are interested in the theme, the first thing that is done is to define the objective of the future standard. After agreement has been reached with regard to the technical aspects to be considered in the standard, the detailed specifications of the standard are discussed and negotiated among the various countries. This is the second phase in the development of the standard. The objective of this phase is to arrive at a consensus of all participating countries, if possible. The outcome of this phase is a ‘Draft International Standard’ (DIS). The final phase consists of a formal vote on the proposed standard. Acceptance of a standard requires the approval of two-thirds of the ISO members that actively participated in drafting the standard, as well as three-quarters of all members participating in the vote. Once the text has been accepted, it is published as an ISO standard. To prevent standards from becoming outdated as the result of ongoing development, ISO rules state that standards should be reviewed, and if necessary revised, after an interval of at most five years. Cooperation with the IEC and the CEN ISO is not the only international standards organization. In order to avoid duplication of effort, ISO cooperates closely with the IEC (International Electrotechnical Commission). The areas 12 Introduction of responsibility are defined as follows: the IEC covers the fields of electrical technology and electronics, while ISO covers all other fields. Combined working groups are formed to deal with themes of common interest, and these groups produce combined ISO/IEC standards. Most standards for smart cards belong to this category. ISO and the European standardization committee CEN (Comité Européen de Normalisation) also agree on rules for the development of standards that are recognized as both European and international standards. This leads to time and cost savings. International standardization of smart cards International standards for smart cards are developed under the auspices of ISO/IEC, and on the European level by the CEN. The major industrial countries are represented in all relevant committees, and they generally also maintain ‘mirror’ committees in the form of national working groups and voting committees. In Germany, this responsibility is borne by the DIN. Figure 1.2 shows an overview of the structure of the relevant ISO and IEC working groups and the standards for which they are responsible. ISO IEC TC 68 Banks JTC1 Information Technology SC 6 Transaction cards SC17 IC Cards & related devices WG5 messages & data contents WG7 security architecture ISO 10 202 ISO 11 568 WG1 physical properties & test methods ISO/IEC 7810 ISO/IEC 7811 ISO/IEC 7813 ISO/IEC 10 373 WG4 ICC with contacts ISO/IEC 7816 WG5 registration ISO/IEC 7812 WG8 contactless ICC ISO/IEC 10 536 ISO/IEC 14 443 ISO/IEC 15 693 WG9 optical cards and equipment ISO/IEC 11 694 Figure 1.2 Overview and organization of the working groups for international smart card standards As can be seen, there are two technical committees that are concerned with the standardization of smart cards. The first is ISO TC68/SC6, which is responsible for the standardization of cards used in the financial transaction area, while the second is ISO/IEC JTC1/SC17, which is responsible for general applications. This division has historical roots, since the first international applications were for identification cards used for financial transactions. The number of applications has naturally increased enormously since then, so the general standards, which are 1.3 Standardization 13 looked after by the SC17 committee, have taken on greater significance. The standards specifically related to financial transactions can thus be regarded as a subset of the general standards. Brief descriptions of the standards listed in Figure 1.2, including their current status, can be found in Chapter 16, ‘Appendix’. Within CEN, the general subject of smart cards is dealt with by the TC224 committee (‘Machine-readable Cards, Related Device Interfaces and Procedures’). The activities of CEN complement those of ISO. ISO standards are adopted as CEN standards where possible, which means they must be translated into the three official CEN languages (English, French and German). They may also be enlarged or reduced as necessary to comply with specific European conditions. The CEN working groups also produce application-specific standards, which would not be possible as such within ISO. An additional European standardization body, the European Telecommunications Standards Institute (ETSI), has made a significant contribution to the widespread international use of smart cards. ETSI is the standardization body of the European telecommunications companies and telecommunication industry. The GSM 11.11 family of standards specifies the interface between the smart card (referred to as the ‘subscriber identity module’ (SIM) in the GSM system) and the mobile telephone. This family of standards is based on the ISO/IEC standards. With the international proliferation of GSM systems beyond the boundaries of Europe, the ETSI standards have become highly important for the smart card industry. After more than 20 years of standardization effort, the most important basic ISO standards for smart cards are now complete. They form the basis for further, application-specific standards, which are currently being prepared by ISO and CEN. These standards are based on prior ISO standards in the 7810, 7811, 7812 and 7813 families, which define the properties of identification cards in the ID-1 format. These standards include embossed cards and cards with magnetic stripes, which we all know in the form of credit cards. Compatibility with these existing standards was a criterion from the very beginning in the development of standards for smart cards (which are called ‘integrated circuit(s) cards’, or ‘ICC’, in the ISO standards), in order to provide a smooth transition from embossed cards and magnetic-stripe cards to smart cards. Such a transition is possible because all functional components, such as embossing, magnetic stripes, contacts and interface components for contactless interfaces, can be integrated into a single card. Of course, a consequence of this is that the integrated circuits, which are sensitive electronic components, are exposed to high stresses during the embossing process and recurrent impact stresses when the embossed characters are printed onto paper. This makes heavy demands on the packaging of the integrated circuits and the manner in which they are embedded in the card. A summary of the currently available standards, with brief descriptions of their contents, can be found in the Appendix.1 In the last few years, an increasing number of specifications have been prepared and published by industrial organizations and other non-public groups, with no attempt being made to incorporate them into the standardization activities of ISO. The argument most commonly offered for this manner of working is that the way ISO operates is too slow to keep pace with the short innovation cycles of the informatics and telecommunication industries. Since 1 See Section 16.4, ‘Annotated Directory of Standards and Specifications’ 14 Introduction frequently only a few companies are involved in drafting these ‘industry standards’, there is a large risk that the interests of smaller companies, and especially the interests of the general public, will be ignored in the process. It is a major challenge to the future of ISO to devise a working method that can safeguard general interests without hampering the pace of innovation. 2 Types of Cards As already mentioned in the Introduction, smart cards are the youngest member of the family of identification cards using the ID-1 format defined in ISO standard 7810, ‘Identification Cards – Physical Characteristics’. This standard specifies the physical properties of identification cards, such as flexibility and temperature resistance, as well as the dimensions of three different card formats: ID-1, ID-2 and ID-3. The smart card standards (ISO 7816-1 ff) are based on ID-1 cards, millions of which are used nowadays for financial transactions. This chapter provides an overview of various types of cards in the ID-1 format, since a combination of various functions is of particular interest for many applications, especially when the cards currently used in an existing system (such as magnetic-stripe cards) are to be replaced by smart cards. In such cases, it is usually not possible to replace the existing infrastructure (such as magnetic-stripe card terminals) by a new technology overnight. The solution to this problem generally consists of issuing cards with both magnetic stripes and chips, for use during a transition period. Such cards can be used with both types of terminals (old and new). Naturally, new functions that are only possible with a chip cannot be used with a terminal that only supports magnetic-stripe cards. 2.1 EMBOSSED CARDS Embossing is the oldest technique for adding machine-readable features to identification cards. The embossed characters on the card can be transferred to paper using simple, inexpensive devices, and they can also be easily read visually (by humans). The nature and location of the embossing are specified in the ISO 7811 standard (‘Identification Cards – Recording Technique’). This standard, which is divided into five parts, deals with magnetic stripes as well as embossing. ISO 7811 Part 1 specifies the requirements for embossed characters, including their form, size and embossing height. Part 3 defines the precise positioning of the characters on the card and defines two separate regions, as shown in Figure 2.1. Region 1 is reserved for the card’s identification number, which identifies the card issuer as well as cardholder. Region 2 is reserved for additional data relating to the cardholder, such as his or her name and address. Smart Card Handbook, Third Edition. W. Rankl and W. Effing C 2004 John Wiley & Sons, Ltd ISBN: 0-470-85668-8 16 Types of Cards At first glance, transferring information by printing from embossed characters may appear quite primitive. However, the simplicity of this technique has made worldwide proliferation of credit cards possible, even in developing countries. The exploitation of this technology requires neither electrical energy nor a connection to a telephone network. B region 1 region 2 A D E F Figure 2.1 Embossing locations according to ISO 7811-3. Region 1 is reserved for the ID number (19 characters), and region 2 is reserved for the cardholder’s name and address (4 × 27 characters). A = 21.42 ± 0.12 mm, B = 10.18 ± 0.25 mm, D = 14.53 mm, E = 2.41−3.30 mm, F = 7.65 ± 0.25 mm 2.2 MAGNETIC-STRIPE CARDS The fundamental disadvantage of embossed cards is that their use creates a flood of paper receipts, which are expensive to process. One remedy for this problem is to digitally encode the card data on a magnetic stripe located on the back of the card. The magnetic stripe is read by pulling it across a read head, either manually or automatically, with the data being read and stored electronically. No paper is required to process the data. Parts 2, 4 and 5 of ISO standard 7811 specify the properties of the magnetic stripe, the coding technique and the locations of the magnetic tracks. The magnetic stripe may contain up to three tracks. Tracks 1 and 2 are specified to be read-only tracks, while track 3 may also be written to. Although the storage capacity of the magnetic stripe is only about 1000 bits, which is not very much, it is nevertheless more than sufficient for storing the information contained in the embossing. Additional data can be read and written on track 3, such as the most recent transaction data in the case of a credit card. The main drawback of magnetic-stripe technology is that the stored data can be altered very easily. Manipulating embossed characters requires at least a certain amount of manual dexterity, and such manipulations be easily detected by a trained eye. By contrast, the data recorded on the magnetic stripe can be altered relatively easily using a standard read/write device, and it is difficult to afterwards prove that the data have been altered. Furthermore, 2.2 Magnetic-stripe Cards 17 magnetic-stripe cards are often used in automated equipment in which visual inspection is not possible, such as cash dispensers. A potential criminal, having obtained valid card data, can easily use duplicated cards in such unattended machines without having to forge the visual security features of the cards. 82.55 mm 2.92 mm track 1 track 3 15.82 mm track 2 5.54 mm Figure 2.2 Location of the magnetic stripe on an ID-1 card. The data region of the magnetic stripe is intentionally not extended to the edges of the card, since the use of hand-operated card readers causes rapid wear at the ends of the stripe 5.66 8.46 track 1 8,97 upper edge of card 8.97 11.76 12.52 track 2 track 3 region for magnetic material Figure 2.3 Locations of the individual tracks on an ID-1 card (all dimensions in mm) Manufacturers of magnetic-stripe cards have developed various means to protect the data recorded on the magnetic stripe against forgery and duplication. For example, German Eurocheque cards contain an invisible, unalterable code in the body of the card, which effectively makes it impossible to alter or duplicate the data on the magnetic stripe. However, such techniques require a special sensor in the card terminal, which considerably increases the cost of the terminal. For this reason, none of these techniques has so far succeeded in becoming internationally established. 18 Types of Cards Table 2.1 Standard features of the three tracks on a magnetic-stripe card, as specified in ISO 7811 Feature Track 1 Track 2 Track 3 Amount of data Data coding Data density Writing 79 characters max 6-bit alphanumeric 210 bpi (8.3 bit/mm) not allowed 40 characters max 4-bit BCD 75 bpi (3 bit/mm) not allowed 107 characters max 4-bit BCD 210 bpi (8.3 bit/mm) allowed 2.3 SMART CARDS The smart card is the youngest and cleverest member of the family of identification cards in the ID-1 format. Its characteristic feature is an integrated circuit embedded in the card, which has components for transmitting, storing and processing data. The data can be transmitted using either contacts on the surface of the card or electromagnetic fields, without any contacts. Smart cards offer several advantages compared with magnetic-stripe cards. For instance, the maximum storage capacity of a smart card is many times greater than that of a magnetic-stripe card. Chips with more than 256 kB of memory are currently available, and this figure will multiply with each new chip generation. Only optical memory cards, which are described in the next section, have greater capacities. However, one of the most important advantages of smart cards is that their stored data can be protected against unauthorized access and manipulation. Since the data can only be accessed via a serial interface that is controlled by an operating system and security logic, confidential data can be written to the card and stored in a manner that prevents them from ever being read from outside the card. Such confidential data can be processed only internally by the chip’s Smart cards (cards with chips) chip type data transmission method memory chip with contacts contactless without security logic dual interface with security logic micocontroller chip without coprocessor with coprocessor Figure 2.4 Classification chart for cards containing chips according to the type of chip used and the method used for data transmission 2.3 Smart Cards 19 processing unit. In principle, both hardware and software mechanisms can be used to restrict the use of the storage functions of writing, erasing and reading data and tie them to specific conditions. This makes it possible to construct a variety of security mechanisms, which can also be tailored to the specific requirements of a particular application. In combination with the ability to compute cryptographic algorithms, this allows smart cards to be used to implement convenient security modules that can be carried by users at all times, for example in a purse or wallet. Some additional advantages of smart cards are their high level of reliability and long life compared with magnetic-stripe cards, whose useful life is generally limited to one or two years. The fundamental characteristics and functions of smart cards are specified in the ISO 7816 family of standards, which are described in detail in the following chapters. Smart cards can be divided into two groups, which differ in both functionality and price: memory cards and microprocessor cards. 2.3.1 Memory cards Figures 2.5 and 2.6 show architectural block diagrams of memory cards. I/O clock control Vcc GND access logic application data address and security logic EEPROM ROM identification data Figure 2.5 Typical architecture of a contact-type memory card with security logic. The figure shows only basic energy and data flows and is not a detailed schematic diagram The data needed by the application are stored in the memory, which is usually EEPROM. Access to the memory is controlled by the security logic, which in the simplest case consists only of write protection or erase protection for the memory or certain memory regions. However, there are also memory chips with more complex security logic that can also perform simple encryption. Data are transferred to and from the card via the I/O port. Part 3 of the ISO 7816 standard defines a special synchronous transfer protocol that allows the chip implementation to be particularly simple and inexpensive. However, some smart cards use the I2 C bus, which is commonly used for serial-access memories. The functionality of memory cards is usually optimized for a particular application. Although this severely restricts the flexibility of the cards, it makes them quite inexpensive. Memory cards are typically used for prepaid telephone cards and health insurance cards. 20 Types of Cards modulator + demodulator + anti-collision mechanism clock generator I/O clock control access logic application data address & security logic EEPROM Vcc GND aerial ROM voltage regulator + reset generator identification data RF interface memory chip Figure 2.6 Typical architecture of a memory card with security logic and a contactless interface. The figure shows only basic energy and data flows and is not a detailed schematic diagram 2.3.2 Microprocessor cards The heart of the chip in a microprocessor card, as the name suggests, is a processor, which is usually surrounded by four additional functional blocks: mask ROM, EEPROM, RAM and an I/O port. Figure 2.7 shows the architecture of a typical device of this type. I/O CLK RST Vcc GND coprocessor + processor working memory NPU RAM CPU EEPROM ROM data memory and operating system routines operating system Figure 2.7 Typical architecture of a contact-type microprocessor card with a coprocessor. The figure shows only basic energy and data flows and is not a detailed schematic diagram 2.3 Smart Cards 21 The mask ROM contains the chip’s operating system, which is ‘burned in’ when the chip is manufactured. The content of the ROM is thus identical for all the chips of a production run, and it cannot be changed during the chip’s lifetime. The EEPROM is the chip’s non-volatile memory. Data and program code can be written to and read from the EEPROM under the control of the operating system. The RAM is the processor’s working memory. This memory is volatile, so all the data stored in it are lost when the chip’s power is switched off. The serial I/O interface usually consists only of a single register, via which data are transferred bit by bit. Microprocessor cards are very flexible in use. In the simplest case, they contain a program optimized for a single application, so they can only be used for this particular application. However, modern smart card operating systems allow several different applications to be integrated into a single card. In this case, the ROM contains only the basic components of the operating system, with the application-specific part of the operating system being loaded into the EEPROM only after the card has been manufactured. Recent developments even allow application programs to be loaded into a card after it has already been personalized and issued to the cardholder. Special hardware and software measures are used to prevent the security conditions of the individual applications from being violated by this capability. Special microprocessor chips with high processing capacities and large memory capacities, which are optimized for such use, are now available. 2.3.3 Contactless smart cards Electrical connections with contact-type smart cards are made via the eight contacts specified in the ISO 7816 Part 1 standard. The reliability of contact-type smart cards has been steadily improved over the past years as the result of experience accumulated in manufacturing such cards. The failure rate of telephone cards within their one-year service life, for instance, is currently significantly less than one in a thousand. Nevertheless, contacts are one of the most frequent sources of failure in electromechanical systems. Disturbances can be caused by factors such as contamination and contact wear. In mobile equipment, vibrations can cause brief intermittent contacts. Since the contacts on the surface of the card are directly connected to the inputs of the integrated circuit chip embedded in card, there is a risk that the chip may be damaged or destroyed by electrostatic discharge. Static charges of several thousand volts are by no means rare. These technical problems are elegantly avoided by contactless smart cards. In addition to its technical advantages, contactless-card technology offers card issuers and cardholders a range of new and attractive potential applications. For instance, contactless cards do not necessarily have to be inserted into a card reader, since there are systems available that work at a range of up to one meter. This is a great advantage in access-control systems where a door or turnstile has to be opened, since the access authorization of a person can be checked without requiring the card to be removed from a purse or pocket and inserted into a reader. One major application area for this technology is local public transport, which requires a large number of people to be identified in the shortest possible time. However, contactless technology is also advantageous in systems that do require deliberate insertion of the card into a reader, since it does not matter how the card is inserted in the reader. This contrasts with magnetic cards or cards with contacts, which work only with a specific card 22 Types of Cards modulator + demodulator + anti-collision mechanism clock generator I/O CLK RST Vcc GND aerial voltage regulator + reset generator RF interface coprocessor + processor working memory NPU RAM CPU EEPROM ROM data memory + operating system routines operating system microcontroller Figure 2.8 Typical architecture of a microprocessor card with a coprocessor and a contactless interface. The figure shows only basic energy and data flows and is not a detailed schematic diagram orientation. Freedom from orientation restrictions simplifies use and thus increases customer acceptance. A further interesting variation on using contactless cards involves a ‘surface terminal’. In this case, the card is not inserted into a slot, but simply placed on a marked location on the surface of the card reader. In addition to simplicity of use, this solution is attractive because it significantly reduces the risk of vandalism (for example, forcing chewing gum or superglue into the card slot). For card marketing, contactless technology offers the advantage that no technical components are visible on the card surface, so visual design is not constrained by magnetic stripes or contacts. However, this advantage comes at the price of more complex terminals with correspondingly higher prices. Another disadvantage is that several different systems for contactless smart cards have been standardized and marketed, further increasing the complexity of terminals that must be compatible with all standardized cards. Manufacturing technology for the mass production of contactless cards has matured to the point that high-quality products are available at prices that do not significantly differ from those of comparable contact-type cards. Up to now, contactless cards have predominantly been used in local public transportation systems, in which they serve as electronic tickets in modern electronic-fare systems. Most of the systems presently in use employ single-function cards containing inexpensive chips with hard-wired security logic. However, there is a growing demand for incorporating value-added services in electronic tickets. Multifunction cards with integ

The most comprehensive book on state-of-the-art smart card technology availableUpdated with new international standards and specifications, this essential fourth edition now covers all aspects of smart card in a completely revised structure. Its enlarged coverage now includes smart cards for passports and ID cards, health care cards, smart cards for public transport, and Java Card 3.0.New sub-chapters cover near field communication (NFC), single wire protocol (SWP), and multi megabyte smart cards (microcontroller with NAND-Flash). There are also extensive revisions to chapters on smart card production, the security of smart cards (including coverage of new attacks and protection methods), and contactless card data transmission (ISO/IEC 10536, ISO/IEC 14443, ISO/IEC 15693).This edition also features:additional views to the future development of smart cards, such as USB, MMU, SWP, HCI, Flash memory and their usage; new internet technologies for smart cards; smart card web server, HTTP-Protocol, TCP/IP, SSL/TSL; integration of the new flash-based microcontrollers for smart cards (until now the usual ROM-based microcontrollers), and; acompletely revised glossary with explanations of all important smart card subjects (600 glossary terms). Smart Card Handbook is firmly established as the definitive reference to every aspect of smart card technology, proving an invaluable resource for security systems development engineers. Professionals and microchip designers working in the smart card industry will continue to benefit from this essential guide. This book is also ideal for newcomers to the field.The Fraunhofer Smart Card Award was presented to the authors for the Smart Card Handbook, Third Edition in 2008.

Related Books:

RFID Handbook

Fundamentals and Applications in Contactless Smart Cards, Radio Frequency Identification and Near-Field Communication

This is the third revised edition of the established and trusted RFID Handbook; the most comprehensive introduction to radio frequency identification (RFID) available.This essential new edition contains information on electronic product code (EPC) and the EPC global network, and explains near-field communication (NFC) in depth. It includes revisions on chapters devoted to the physical principles of RFID systems and microprocessors, and supplies up-to-date details on relevant standards and regulations.Taking into account critical modern concerns, this handbook provides the latest information on:the use of RFID in ticketing and electronic passports; the ...

SD Card Projects Using the PIC Microcontroller

PIC Microcontrollers are a favorite in industry and with hobbyists. These microcontrollers are versatile, simple, and low cost making them perfect for many different applications. The 8-bit PIC is widely used in consumer electronic goods, office automation, and personal projects. Author, Dogan Ibrahim, author of several PIC books has now written a book using the PIC18 family of microcontrollers to create projects with SD cards. This book is ideal for those practicing engineers, advanced students, and PIC enthusiasts that want to incorporate SD Cards into their devices. SD cards are cheap, fast, and small, used in many MP3 players, digital and video cameras, and perfect for microcontroller applications. Complete with Microchip"s C18 student compiler a...