540 likes | 989 Views
Smart Cards and E-BUSINESS. What is a Smart card? A smart card is the size of a conventional credit card, with an electronic microchip embedded in it. The chip stores electronic data and programs that are protected by advanced security features. Smart Cards Standards.
E N D
Smart Cards and E-BUSINESS • What is a Smart card? • A smart card is the size of a conventional credit card, with an electronic microchip embedded in it. • The chip stores electronic data and programs that are protected by advanced security features
Smart Cards Standards • ISO 7816 defines the physical dimensions of smart cards and their electric characteristics • ISO 7816 establishes commands to read, write and update records • ISO 7816 specifies transmission protocols
How many kinds of smart cards exist? • -Contact smart card inserted into card reader
- Contactless Smart cards: should be passed near an antenna to carry out transaction
How many Kinds of Smart Cards with respect to Architecture • Memory Cards: EEPROM +security logic optimized for certain application • Microprocessor Cards: consist of CPU+EEPROM,ROM, RAM & I/O • Allows several applications to be on one card
Why are smart cards important? • To reduce fraud in finance and payments: up to 0.2% of turnover in major credit and debit card systems around world-nearly $1 billion a year-is fraudulent • Many smart cards are used in sensitive areas such as personal identification and health • If security is compromised, the resulting publicity could affect public confidence
Why are smart cards secure? • Smart cards protect information stored on them from damage or theft by using strong encryption techniques • Algorithms such as RSA, DES, or triple DES can be used with very long keys up to 1024 bits • Hence they are much more secure than magnetic strip cards which can be copied easily
Smart Cards Advantages • Security • Convenience(compatible with portable electronic devices like:phones, PDAs & PCs • Economic Benefits • Customization • Multifunctionality
Faster • More reliable than magnetic cards • Can store 100 times more than magnetic cards
Can Smart Cards Support Multi-Applications? • Capability to download independent Applets, securely Isolated • Example: A card may contain Individual’s driver’s license, multiple credit card & bank accounts, stored value for company cafeteria, & health records • A police officer’s card reader can read driver’s license info, but not bank account
Where is Smart Card used? • Electronic Purse( digital Cash) • E-Business over the Internet • Telecommunication • Access control & personal identification • Credit & debit ( Visa Master card) • Transport( ticketless airline,bus,taxi) • Pay TV & loyalty
How smart is a smart card? • Some smart cards are smarter than others • Simplest cards like payphone cards, vending machine cards ( containing only memory +simple protection logic) offer no protection if stolen • The smarter smart cards ( CPU cards) might have several passwords restricting use for only one person ( card holder)
For added security ( especially in financial applications and in access control) • Authentication & encryption techniques are widely used to verify true identity of the card holder • Some smart cards used in sensitive areas where security cannot be compromised ,use security processors embedded in the card like cryptoprocessors with RSA or DES on it
What is electronic purse? • The electronic purse carries value on a smart card in place of notes and coins • The purse is designed to replace cash for small transactions • One of the greatest potential benefits is multifunctionality where other applications such as public telephone payment, parking and road toll payment as well as credit & debit could be added
How does E-Purse Work? • E-purses are usually issued by banks to their customers • Money is loaded into the e-purse by transfer from cardholder’s bank account using: ATM, or public payphone, or a home smart phone, a mobile phone or through internet • Once cardholder has chosen goods, he inserts card into POS and money is debited
Examples Of E-Purse • Mondex • Visa Cash • Digi Cash • Cyber Coin
E-purse benefits • No need to carry loose change to buy newspaper or use vending machine • more convenient than checks and debit cards for small transactions • Offer user more privacy and freedom from recording expenditures in check book • Attractive to merchants: Saves time
What Is a Digital Signature ? • Used To Establish Authenticity of Electronically Transmitted messages • Only one Smart Card Can Sign a Document • Every One Can Verify The Signature • RSA algorithm is usually used to form a cryptographic checksum which is appended to the message
Providing Value Added services • GSM Cellnet and Barclaycard developped wireless finantial service smart card • SIM activates user’s Cellnet GSM phone • Provides a Barclay services menu
Swedish Bank Utility Bill Payment • SIM card allows users to access service by menu navigation • Users can pay their utility bills away from home by keying information such as origin and destination bank account numbers
Press releases • Cyberflex Access is the first commercial smart card to combine java programmability and strong cryptography • The card uses authentication, in addition to RSA, DES and triple DES algorithms. • Programmers can develop secure applications by calling in their Java programs cryptographic services available in the card API
With 16K EEPROm, you can store applets as well as cryptographic keys and digital certificates • Hong Kong July 29,1999: Hong Kong mobile network company has upgraded 250,000 subscribers for programmable multi-service Simera32 Java compatible SIMS.
The company is the first in ASIA to allow its subscribers to download services over air • Master card has developed the complete Chip solution to migrate their 600 million master card credit and debit cards to chip platform
The latest edition of ST19 , is the smart card IC from Stmicroelectronics is aimed at high end telecom, java cards and similar multi application cards • This new smart card complies with Javacard api 2, allows downloading huge applets to EEprom
RACAl Security and payments has introduced the DATACryptor 2000 a public key managed, triple des link encryptor to protect valuable network data. • It uses triple DES ( 168 bits) it transmits encrypted data at speeds of up to 512 K bits/sec
What Are contactless Smart Cards • Energy and data transferred without electrical contact between card and terminal • Distance: few centimeters -1 meter • Commonly used frequencies: 125KHz & 13.5 MHz • Power from terminal over carrier frequency
Main Applications • Access Control • Vehicle identification • Electronic driver license • Ski Passes • Airline tickets • Transportation: buses, taxis & underground • Baggage Identification
Advantages Of Contactless Cards • No need to remove from purse or pocket • Can Collect & analyze customer utilization data • Freedom of orientation of card(Increases customer acceptance) • Less maintenance needed than contact cards • Longer life cycle
Provides high passenger throughput • Less queuing • Delivering speed • Reliability • Security
MIFARE developped Combi card for public transportation(dual interface) • Frequency:13.5MHz, data rate >100KB/s • Fast Anti collision algorithm • Range:10 Cms • Up to 16 independent applications on card • Access to card protected by encryption
Provides highest level of security by using 3 DES Encryption Algorithm & Cryptoprocessor • Mifare Prox(High speed 3-DES coprocessor) • Contains true Random number generator • Used in Taxi, Buses, subways, electronic payment in shops. • 85% of contactless cards are Mifare
SMART CARD MARKET BY THE YEAR 2 0 0 1 Total Smart Cards in the Market =
WORLD WIDE MARKET PROSPECTS OF THE STORED-VALUE CARD 1,950 Billion dollars International Potential Market