View
219
Download
0
Category
Tags:
Preview:
Citation preview
PIN-on-Card
New contact-less smart card with integrated PIN pad for secure user verification at unparalleled cost effectiveness
Balancing securtiy, cost and convenience
Security• Advanced
encryption • Copying• PIN eaves-
dropping
XX = target position
Cost• Card• Reader• System
integration
Convenience• Easy to use• Contact-less• Mobility
PIN security over the Internet
• A typical PC is not secure
• PIN/Passwords entered from the computer's keyboard are easily intercepted by Trojans
• Information stored as files on a computer’s hard disc is easily copied by Trojans
• Keys must be stored outside the computer
• PINs must be entered on a device outside the computer
• Cryptographic operations must be performed outside the computer
Today - security, cost or convenience
• Smart Cards– Security: Need advanced external keypad
reader to secure PIN over the Internet– Cost: Expensive keypad readers – Convenience: Sensitive, not for outdoor use
• RFID/prox cards – Security: Information can be read out remotely
and needs advanced external keypad reader to secure PIN over the Internet.
– Cost: Expensive readers – Convenience: Robust, contact-less and
convenient
Combining security, cost and convenience
+ Smart Card– Intelligent and high security, can
not be read out remotely– Large data storage
+ RFID Card– Contact-less
+ Keypad reader– Prevents PIN interception
PIN-on-Card
• Highest level of security– Security resides on the card, not reader or system
– 128-bit AES ( RSA, 3DES )
– PIN never leaves the card
– Secure data storage (32 kBytes)
• Low cost – Robust cards and readers, no slot, no moving parts
– Low cost for readers
• High convenience– One card - multiple systems/functionality
– Contact-less
– High level of automation
Introducing PIN-on-Card
• PIN-on-Card (POC)• POC readers
– Desktop reader connects to computer’s USB port
– Wall mounted reader
– OEM components
• POC Client API
• POC controller (for physical security) – Control unit for access, control and alarm for
buildings and machinery
The PIN-on-Card system components
Cards and readers
• Cards– Integrated PIN pad– Standard ISO card size– Customized graphic design
• Readers – Multiple form factors– Reader range up to 5 mm– OEM component from 1 US– Easily integrated into non-metallic flat surfaces;
keyboard, mouse mat, Smart Phone etc.
SC Client Driver and API
• Extends functionality of the card to third-party applications
• Easy integration with event-driven COM/ActiveX interface
• Minimal coding effort required• Automatic Web-browser activation and
navigation to URL stored in card
User scenario - Internet service
1. The card is placed on a card reader connected to computer
2. Card navigates automatically to preprogrammed Internet site
3. User is verified by entering PIN on card
4. User is accepted by service
Basic challenge response
1. PIN entry2. Encrypt challenge and X with secret key Decrypt
response with secret key to determine if X is authentic
Generates longrandom numberas challenge
Card on reader
User Service
User claims to be X
User sends response
Service challenges user
Service accepted or rejected
Recommended