Smart cards CSE 691 – Internet Security principles Final Project Presentation Poorvi Parikh: email@example.com Rahul Toprani: firstname.lastname@example.org Introduction
Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.
CSE 691 – Internet Security principles
Final Project Presentation
Poorvi Parikh: email@example.com
Rahul Toprani: firstname.lastname@example.org
What Are smart cards?
A smart card is a credit-card sized plastic card embedded with an integrated circuit chip that makes it "smart". This marriage between a convenient plastic card and a microprocessor allows an immense amount of information to be stored, accessed and processed either online or offline. The information or application stored in the IC chip is transferred through an electronic module that interconnects with a terminal or a card reader.
Smart Card Structure:
What Are smart cards?(contd..)
Support Equipment Required
For host based operations, only a simple Card Acceptance Device (CAD) is required. Which usually costs $100 - $250, the cost decreasing with higher volumes. The costly CAD’s are handheld battery operated terminals.
Cards claiming to meet International Standards Organization (ISO) specifications must achieve set test results covering drop, flexing, abrasion, concentrated load, temperature, humidity, static electricity, chemical attack, ultra-violet, X-ray, and magnetic field tests.
8K – 128K bit EEPROM. For Smart Cards, 1000 bits will normally store 128 characters. With modern data compression techniques the amount of data stored on a smart card can be significantly expanded.
Typical costs range from $2.00 - $10.00. The per card cost increases with chips providing higher capacity and more complex capabilities; The per card cost decreases as higher volume of cards are ordered.
Smart Cards are highly secure. Information stored on the card is difficult to duplicate or disrupt, unlike the outside storage used on magnetic stripe cards that can be easily copied.
Ease of Use
Smart cards are user-friendly for easy interface with intended application; handled like the familiar magnetic stripe bank card.
Susceptible to chip damage from physical abuse, but more difficult to disrupt or damage than the magnetic stripe card.
Mostly a 5V dc power source
Smart (Card) Attacks
Smart (Card) Attacks
Smart (Card) Attacks
Smart cards provide secure user authentication, secure roaming, and a platform for value-added services in wireless communications. Presently, smart cards are used mainly in the Global System for Mobile Communications (GSM) standard in the form of a SIM card.
Initially, the SIM was specified as a part of the GSM standard to secure access to the mobile network and store basic network information. As the years have passed, the role of the SIM card has become increasingly important in the wireless service chain. Today, SIM cards can be used to customize mobile phones regardless of the standard (for eg:GSM, personal communications service [PCS], satellite, digital cellular system [DCS])
SIM is the major component of the wireless market, paving the way to value-added services.
SIM cards have several features that enhance security for wireless communications networks.
SIM cards provide a secure authentication key transport container from the carrier’s authentication center to the end-user’s terminal. Their superior fraud protection is enabled by hosting the cryptographic authentication algorithm and data on the card’s microprocessor chip. SIM cards can be personal identification number (PIN) protected and include additional protection against logical attacks.
With added PIN code security, SIM cards offer the same level of security used by banks for securing off-line payments.
The SIM card’s chip can be programmed to carry multiple applications.
The activation of new applications can be downloaded to the card over the air, in real time, thereby reducing the time (and cost) to market. One of the most compelling benefits of smart cards is the potential for packaging and bundling various complementary services around basic mobile telephony services. These services can greatly reduce churn and increase usage and brand recognition.
Banking and Finance
A variety of means have been implemented whereby people can load value onto a card, and use it to make payments at appropriately equipped, unattended devices. These include multiple-use tickets for public transport, and telephone cards. Since the mid-1980s, a variety of chip-based stored-value card (SVC) technologies have been developed and trialed.
SVCs are attractive to merchants because they reduce cash-handling and change-counting tasks, as well as cash-holdings and the attendant risks of error, cashier theft and robbery. For consumers, the benefits include reduced 'wallet-bulge', less cash-handling and change-counting, and the scope for multiple functions within a single, convenient and familiar card.
Some banks may choose to leave SVC operation to third parties, and merely handle the deposits received from merchants via scheme operators.
Banking and Finance
Credit-cards are appropriate however expensive and debit cards are relatively highly secure. Unlike 'pay-later' credit-cards and 'pay-now' debit-cards, SVCs are a 'pay-before' mechanism. Their great advantages are relative security, and simple, off-line operation. Together, these translate into low transaction costs.
Many financial institutions have already perceived the scope for chip-based cards to support multiple functions rather than just one. As a result, there is a strong motivation for issuing multi-purpose payment cards, that support whatever combination of debit, credit and SVC functions the customer seeks.
Smart Cards act as a portable store of information. They have a special role in addressing some of the more difficult problems facing the health sector. Especially important is the support they can provide for the move towards a focus on the client, and on the totality of their healthcare events, preventative and curative, in community care and in hospital care.
They can play an important role in, identifying individuals,carrying confidential healthcare information between care encounters, authenticating transactions, authorizing data access and file movements across a network, creating a unique electronic signature,managing personal privacy, customizing personal workstations.
Healthcare user data cards are designed to carry personal data securely and to provide the holder's assent (in electronic form) to actions taken by providers (eg: billing, accessing records).
Benefits for the health care user are:
Definitive, quick and easy identification - there is no possibility of confusion with anyone else, or of being linked to the wrong set(s) of medical records.
Records that travel with the patient (where they are most useful), thereby assuring continuity and integrity of care, without restricting the freedom of the patient to choose when and where to go to healthcare providers (including overseas)
Minimum risk of damage from, for example, drug interactions, unnecessary intervention.
Empowerment and control, placing it within the power of the patient to determine who can see what parts of their personal health information.
Benefits for the health professional are:
Better access to up-to-date information, enabling quicker and better standards of clinical decision-making and care, and reducing the risk of avoidable error.
Reduced frustration associated with trying to find past records for the patient, and a reduction in the need to repeat work-up and tests.
Security of communications, guaranteeing that transactions cannot be intercepted by third parties, and guaranteeing that messages received have not been altered and can only have come from the person purporting to have sent them.
Less wasted time, and more time available to care for patients.
Thus, we see that the smart card is an intrinsically secure device. It is a safe place to store valuable information such as private keys, account numbers, and valuable personal data such as biometrics information. The smart card can be an element of solution to a security problem in the modern world.
It is estimated that there are approximately 2.8 billion smart cards in use around the world as of today.
The electronic persona in the digital world will be indeed in the form of a smart card and no enterprise solutions should ignore its potential impacts on business.
An Overview of Smart Card Security:
Smart Cards Online:
Smart Card Security Information Page:
Gem Plus Applications:
Smart Card Basics:
White Paper on Smart Cards:
EGOV, Government Solutions:
Smart card 2000: the future of IC cards
Edited by: d. chaum and i. Schaumüller - bichl