Part 2_Smart Card Intro.PDF

7/29/2019 Part 2_Smart Card Intro.PDF

1/54

Introduction to Smart Cards Nicolas SMAYRABull & Innovatron Patents August 2001 - 1

Introduction toIntroduction toSmart cardsSmart cards


2/54


Smart card basicsSmart card basics


3/54


Introduction OutlineIntroduction Outline

Role of smart cards Types of Smart cards

Contact Smart cards Memory Cards Microprocessor Cards

Contactless Smart cards

What is an application How to communicate with a smart card


4/54


Smart Cards Are Used in Daily LifeSmart Cards Are Used in Daily Life

Which smart cards do you have inWhich smart cards do you have in your pocket? your pocket?


5/54


Application FieldApplication Field

PortableFile

Identity

Loyalty

Service Payment

VendingMachine

Access

Control

Computer Security

OPENSESAME

GSM

Payphone

BankingHealthcare


6/54


What is a Smart Card?What is a Smart Card?

ChipChip


7/54


Smart Card FeaturesSmart Card Features

n Basic features Size of an ID card Unique and permanent serial number Protected data memory Electronic component on board Memory and processor on one chip

n Optional features Password protection in the card Cryptographic capabilities Programming capabilities


8/54


Access ControlAccess Control

n Some information in smart cards cannotbe accessed by anyone, these internal

secrets can be used by the card itself for ciphering and authentication purposes

n Some information is freely accessible


9/54



n Access to information can be limitedto the card holder by the use of a PIN(Personal Identification Number)

n A PIN is a specific sort of passwordn A smart card can control many

passwords, allowing different peoplecustomized access to information

n A password may be concealed inanother card or in software

3rd

OpenSesame


10/54



n Information held in different areas or

file in smart cards can be used indifferent ways

Read Only Add Information Only Erase and Update


11/54


Several types of Smart Cards...Several types of Smart Cards...

n The smart card stores data and programs Protection by advanced security features

n Several types of smart cards Contact

Memory Microprocessor

Contactless


12/54


Contact Smart CardsContact Smart Cards

Card Body Size: 85 * 54 * 0.76 mm - defined by ISO7816-1

(PVC, ABS, PET)

EEPROM(1 to 10 mm 2)

P CORE(1 to 2 mm 2)

RAM(0.3 to

1mm 2)

ROM(1 to 3mm 2)


13/54


Memory CardsMemory Cards

The first generation ofsmart cards


14/54


What are Memory Cards ?What are Memory Cards ?n Memory cards simply store data and can be viewed as a small

floppy disk with optional security.

n What for ?

Data storage

Counter managementn EPROM or EEPROM components

n NO microprocessor

n What type of application ?

phone cards others...


15/54


Why Memory Cards ?Why Memory Cards ?

n An Economic (no processor) solution to Replace coinsReplace coins

no vandalism, lower running

costs, advertising... ReplaceReplace MagStripeMagStripe cardscards

higher security, cheaper readers globally cheaper solution

4 Allows off-line transactions

SAVINGS


16/54


Memory ChipsMemory Chips

n Memory chips are dedicated to data storage: Phonecards and Multi-service smart cards

n The chip design will use either EPROM or

EEPROM technologies: Reserved area to store users datan Memory chips have no microprocessor insiden A single silicon wafer is used to produce many

chips From 6,000 to 8,000 chips per wafer Memory chips are very small

~ 2 mm


17/54


MemoryMemory cardscards -- Pros & ConsPros & Cons

nn ProsPros:

low cost built-in counter management

higher productionthroughput

nn ConsCons: small data storage

capacity no real "intelligence" ! lower security no possible post-

customization


18/54


Memory Card ApplicationsMemory Card Applications

nn PhonecardsPhonecardsnn Private electronicPrivate electronic

pursepursenn LoyaltyLoyaltynn VendingVendingnn IdentityIdentitynn

......

PortableFile

Payphone

Vending machineService Payment

Loyalty


19/54


ISO Standard for Memory Card...ISO Standard for Memory Card...

n Standards: Memory (& Microprocessor) cards ISO 7816-1 : Physical characteristics ISO 7816-2 : Dimensions and location of contacts

1- Vcc

2- RST

3-CLK

4-RFU RFU-8

I/O-7

Gnd-5

Vpp-6


20/54


Memory Card CommunicationMemory Card Communication

n Each Card has a specific Protocol

n Readers need drivers developing for each card

Card ProtocolCommandsDrivers

Gemplus Readers include Drivers for eachMemory Card


21/54


How Data Access may be ProtectedHow Data Access may be Protected

nSecret code

n Fusen Key (Authentication)n Applicative mechanisms

Read / Update may be protected by Manufacturer or Issuer Different memory areas may have different protection


22/54


Memory Card RangeMemory Card Range

GFM2kGFM4k

GFM32k

GFM Range

GPM271GPM276

GPM2kGPM8k

GPM Range GemClub- Memo

GAM326GAM275

GAM Range

Gemplus Memory Cards

GFM : Gemplus Free-Access MemoryGPM : Gemplus Protected MemoryGAM : Gemplus Authent ica ted MemoryGemClub- Memo : New generation of memory cards


23/54


Mrs. PATIENT

80 435 123451620369149124 09

PortableFile

GFM Main ApplicationsGFM Main ApplicationsGFM Main ApplicationsGFM Main Applications

n Any application where the security isnot crucial

u Non protected portable fileu German Healthcare card

n Can be used to replace amagstripe application


24/54


GPM ApplicationsGPM Applications

n These cards were originally designed as payphonecards

n They are now used as disposable prepaid cards for: Parking applications Gift cards...

Card counter is decremented as units areused until empty


25/54


GAM ApplicationsGAM Applications

n Prepaid cards: Payphone Parking Photocopier Vending...

VendingMachine Parking

Payphone


26/54


Example of Phonecard ApplicationExample of Phonecard Application

n Payphone knows cardscontents

n Payphone Authenticatescard

n Payphone uses up unitsn Card is useable until it runs

out of units

Payphone

Phonecard

CSN Max.Nb. of Units

Identificationcode :

Units Balance

Key


27/54


Gemplus Memory CardGemplus Memory Card MarketsMarkets

Smart Oi l Com pany Smar t Oi l Co mp an y

Grandes Grandes Galleries Galleries

"A ro u n d Co rn er" sh o p "A ro u n d Co rn er" sh o p

" " Al lUneed Al lUneed " Hy p e rmark e t " Hy p e rmark e t

Smart Dreamland Resort Smart Dreamland Resort

Min is t ry Of Smart IDs Minis t ry Of Smart IDs

Petrol Industry

Large Scale Distribution

Department Stores

Small Retailers

Travel & Entertainment

National ID...


28/54


Main CompetitorsMain Competitors

n Several competitors using off-the-shelf chips

Schlumberger

G&D

Oberthur

Bull

Orga

Incard...


29/54


Microprocessor Microprocessor

Cards BasicsCards Basics


30/54


Microprocessor Microprocessor cardscards

A microprocessor card can:add / deletemanipulate information in its memory on the card.

Similar to a miniature computer witha microprocessoran input/output portoperating systemhard diskbuilt-in security features.


31/54


Microprocessor Microprocessor cardscards

n What for ? Advanced data storage Data processing (Intelligent card) High security needs

n Chip organisation: ROMRAM

CPU EEPRO

MSECURITY

COS

n What type of application ? Any !


32/54


Microprocessor ChipsMicroprocessor Chips

n Microprocessor chips are dedicated to dataprocessing:

Electronic purse, Banking, GSM, Loyalty andElectronic commerce applications

For advance data storage and security needs


33/54


Main Features of MicroprocessorsMain Features of Microprocessors

n Microprocessors implement EEPROM, ROM andRAM technologies

Reserved area to store user data and an OperatingSystem

n All microprocessors have a special processingunit ( CPU : Central P rocessing Unit)n A single silicon wafer is used to produce many

chips From 500 to 1,500 chips per wafer Microprocessor chips are larger than memory

chips From 6 to 20 mm


34/54


Microprocessor Microprocessor cardscards -- Pros & ConsPros & Cons

nn ProsPros: high processing power programmable and

customizable large data storage

capacity high security

nn Cons:Cons: price ! long manufacturing cycle


35/54


An Operating SystemAn Operating SystemInside the Chip !Inside the Chip !

nn What is an OS?What is an OS? A software specific to each

smart card manufacturer Loaded and protected in the

chip ROM by the chipmanufacturer

a MASK is created

ROM RAM

CPU EEPROMSECURITY

OS

Chip Organization

EPROM

Designed by Gemplus Loaded by chip manufacturers


36/54


OS RoleOS Role

n The role of the Chip Operating System is to Enable an easy Memory access Give the Card a pre-defined behavior

Contains the set of commands Manage Security

Contains the cryptographic algorithms Checks the access conditions


37/54


OS, Gemplus KnowOS, Gemplus Know --HowHow

n An OS is ALWAYS proprietary to the smart cardmanufacturer

BUT ... There are ISO standards to provide

interoperability between card manufacturers ALL Gemplus Microprocessor cards follow

international standards


38/54


ContactlessContactless Smart CardsSmart Cards

Communication over the airCommunication over the air


39/54


Some benefits...Some benefits...

n allow the card to communicate with an antenna / coupler unit without an physical contact.

n Contactless cards are the ideal solution whentransactions must be processed very quickly,as in mass-transit or toll collection activities.


40/54


41/54


ContactlessContactless Card StructureCard Structure

Transparent PVC

White PVC

Cardbody

ISO

dimensions

Micromodule

Bondingwires Antenna


42/54


Transportation & Smart CardTransportation & Smart Card

And any application on the move...

S mar t A ir Mr.Smith

12394983-00

Public Transport Parking

Electronic Toll

Collection

Airline TicketingVehicle Card


43/54


A Smart Card isA Smart Card ispart of anpart of an


44/54


What is the point of using a cardWhat is the point of using a cardin an application?in an application?

n Security

n Easy to use

n Capability to support more than one applicationn Portable information

n Marketing tool


45/54


HOSTHOST READERSREADERS CARDSCARDS

Application PlayersApplication Players


46/54


How to communicateHow to communicatewith a smart card ?with a smart card ?


47/54


Application SoftwareApplication Software

n Application software developed for customers needs

Design to communicate with users card

Application

software


48/54


Reader Reader

n Link between: the host the cards


49/54


Role of the Reader Role of the Reader

ApplicationSoftware

Reader Card

n The reader is the interface between the card andthe application

It serves as a translator It accepts the messages

from the card and from the application software


50/54


Role of aRole of a TransparentTransparent Reader Reader

n Reader = interface between the card and the application

Host

Reader Host drives the cardthrough the reader

ApplicationSoftware

Reader transmits

to/from card

Card

Terminal


51/54


Role of a standRole of a stand --Alone Reader Alone Reader

n Application downloaded onto the reader n Reader = Application Manager and Card Interface

Host

Reader or

Terminal

Reader drives the card

Reader communicates with

card Card


52/54


MessagesMessages

n The card communicates with the reader byexchanging messages

n A message is either a Command : From the reader to the card a Response : From the card to the reader

CommandCommand

ResponseResponse


53/54


ExampleExample

Read NameRead Name

GemplusGemplusId: GemplusId: Gemplus


54/54


ThankThank

youyou

Bull CP8 Patents

Q & AQ & A

Documents

Part 2_Smart Card Intro.PDF