Secure and reliable Smart Card has played a key role in improving multifaceted digital security. A smart card is capable of storing and processing the data securely in a network of computers. The scope of smart cards is increasing day by day in diverse applications like banking, telephone services, and medical records systems etc. In this article we will try to understand what is a Smart Card, how Smart Cards work, its specifications, types, applications, advantages and disadvantages of Smart Cards.
What is a Smart Card
Smart-Card is a secure portable storage device which is used in various applications requiring controlled access to sensitive information. It is in the size of a credit/ debit card, incorporated with one or more integrated circuit chips.
It functions as a microprocessor, memory and provides an input-output interface. The International Organization for Standardization (ISO) specifies certain voluntary international standards in many scientific and technological fields. However, till to date, ISO has not defined any standards for the devices termed as “Smart Cards.”
Fig. 1- Introduction to Smart Card
Though it needs mention that ISO has set certain standards for what ISO calls an Integrated Circuit Card (ICC). Some of the fundamental characteristics of an ISO ICC (ISO 7816) are:
- The ICC may contain one or more integrated circuits.
- The length, width and the thickness of a card must be 3.370 inches, 2.125 inches, and 0.030 inches respectively which are the dimensions of a standard credit card.
- The ICC provides spaces on the card for magnetic stripe and embossed data storage.
A Smart-Card is similar to Integrated Circuit Cards except that it may not necessarily have magnetic stripe. The other Smart-Card related standards include ISO 14443 and ISO 15693 where the range of operation is defined. Smart Cards operate at 13.56 MHz and the distance ranges between 10 centimeters (3.94 inches) to 1 meter respectively.
Fig. 2 – Physical Components of a Contact less Smart Card
Image Courtesy : embeddedsecuritynews
How a Smart Card Works
The Smart Cards which are issued to a user are programmed with unique information, such as a Personal Identification Number (PIN). The microcomputer of smart-card performs a secret one-way transformation on the PIN, which is a mathematical function (f) and the result (R) of this function R= f (D), where the input to the function D is impossible to determine.
Hence, the transformed unique PIN is stored in the smart card’s memory which is unreadable. The user’s PIN is never written onto the working memory of the host computer, which might be modified or monitored by an adversary.
Fig. 3 – Generalized Smart Card System
To access the computer system, a user must insert his/ her Smart-Card into a Smart-Card Reader and enter his unique PIN by means of a card reader’s keypad. When the contact pad on the smart-card comes in contact with the electrical connectors of the reader, the smart card’s microcomputer chip performs the one-way transformation on the entered PIN and compares it with the stored PIN.
If the two PINs match, then the information is exchanged between the smart-card and the host computer, which determines the user’s identity and the information which the user is entitled to access.
Smart Card Architecture
A Smart Card’s architecture basically consists of three elements. They are:
- I/O System
- Central Processing Unit (CPU)
Fig. 4 – Smart Card Architecture
I/O (Input/ Output) System
Smart Cards must have certain components to perform Input/output (I/O) functions. It has internal logic circuitry which works in conjunction with the microprocessor that controls the timing and flow of data transferred into and out of the smart card’s memories. It has a physical structure through which it can interface to a smart-card reader device, which is connected to host computers for the exchange of data.
The categories of physical interfaces depends on the type of smart cards i.e. the contact type and the contactless type. Interface of a Contact Smart-Card is a contact pad beneath which lies a chip module and the interface of a contactless type card includes a chip module and an antenna to communicate using radio waves.
Fig. 5 – Chip Module on Smart Card
Central Processing Unit (CPU)
The CPU or the microprocessor is the component which distinguishes the smart cards from other cards which are designed to simply store data. The microprocessor in association with the operating system enables the smart-card to “make its own decisions” concerning where the data is stored in its memories and under what circumstances it should transfer information through its input/output interface.
The microprocessor consists of three major components: the arithmetic logic unit (ALU), the control unit, and the bus.
Memory (ROM, RAM, EEPROM)
The memories used in Smart Card’s microcomputers are manufactured from semiconductor materials. Semiconductor memories consist of matrices of cells formed by transistors to store information.
Types of Memory
The three types of semiconductor memory used in Smart cards are:
- Read Only Memory (ROM)
- Random Access Memory (RAM)
- Electrically Erasable Programmable Read Only Memory (EEPROM)
ROM (Read Only Memory)
Smart Card’s ROM is a semiconductor memory where the information stored is retained indefinitely without a continuous power supply to the memory. In this programming process, the ROM is often masked in such a way that it cannot be read or altered by the user.
Semiconductor ROM is typically used for storing the Smart Card’s general operating system programs such as the program needed to start the Smart-Card when its power is turned on.
RAM (Random Access Memory)
Any information stored in RAM can be accessed only in a fixed amount of time i.e. the stored information in a smart card’s RAM is lost immediately if power to the memory is removed. RAM is the fastest type of memory, used only for temporary storage. The information in RAM is accessed in the range of tens to hundreds of nanoseconds (billionths of a second).
EEPROM (Electrically Erasable Programmable Read Only Memory)
Smart card’s EEPROM is a non-volatile memory which can be electrically erased and reprogrammed. EEPROM can be used for storing programs and data that needs modification periodically. Since EEPROM can be erased, a smart card containing EEPROM will not “expire” as its memory is filled up.
Types of Smart Card
Smart Cards can be classified in two types. They are:
- Contact Smart Card
- Contact less Smart Card
Fig. 6 – Types of Smart Card
Contact Smart Card
In a Smart-Card with contact-type interface, the pins of the card reader’s connector must physically touch the contact pad on the Smart-Card during data transfer.
Contactless Smart Card
A Smart-Card with a non-contact type interface does not require a physical connection for data transfer. This type of interface may be implemented using capacitive plates placed inside or on the surface of the card and the communication occurs via radio frequency signals.
Applications of Smart Card
The field areas for applications of Smart Cards include:
- Medical Health cards
- Satellite TV
- Access control systems
- Electronic cash
- Wireless (mobile) communications
- Government identification
- Ticketless travel systems
Advantages of Smart Card
- Security: Smart cards are more secure as they are programmed with encryption and the user’s personal information and the transactions are safe.
- Convenience: Smart cards are small in size and hence convenient to carry.
- Economy friendly: Smart cards help in our economy by reducing transaction costs by eliminating paper.
- Multifunctional: smart cards can be used for multi functions like paying bills, booking tickets, paying for food etc.
- Reliable: Smart cards are more reliable than magnetic stripe cards.
Disadvantages of Smart Card
- It is prone to damage easily.
- Smart cards are expensive to manufacture.
- Availability of Smart-Card reader is necessary.