In this article I’m going to present you with a quick overview of the Smart Cards and then move on to exploring the ways they can be integrated to existing services in order to provide value added services or a new range of secure application.
In the last two decades a number of Smartcard standards and specifications have been defined to cohesion between cards, IFDs and card applications by different vendors. The most significant ones are:
ISO 7816 standards: ISO 7816 "Identification cards—Integrated circuit cards with contacts," published by the International Organization for Standardization (ISO), is the most important standard defining the characteristics of chip cards that have electrical contacts. ISO 7816 covers various aspects of smart cards:
Part 1—physical characteristics
Part 2—dimensions and location of the contacts
Part 3—electronic signals and transmission protocols
Part 4—inter-industry commands for interchange
Part 5—application identifiers
Part 6—inter-industry data elements
Part 7—inter-industry commands for SCQL
GSM: The European Telecommunications Standards Institute (ETSI) has published a set of standards that cover smart cards for use in public and cellular telephone systems. The Global System for Mobile Communications (GSM) defined by ETSI is a specification for an international terrestrial mobile telephone system. Originally intended to cover a few countries in central Europe, it is increasingly developing into an international standard for mobile telephones. There are several GSM standards, in particular:
Specification of the SIM-mobile equipment interface.
Specification of the SIM application toolkit for the SIM-mobile equipment interface.
security mechanisms for the SIM application toolkit
SIM API (Application Programming Interface) for the Java Card platform. This standard, based on GSM 11.11 and GSM 11.14, defines Java API for developing GSM applications that run on the Java Card platform. The API is an extension to the Java Card 2.1 API.
EMV: The EMV specification, defined by Euro pay, MasterCard, and Visa, is based on the ISO 7816 series of standards with additional proprietary features to meet the specific needs of the financial industry. The latest version of the specifications, EMV 96 version 3.1.1, was published in May 1998 and comes in three parts:
OCF: The OpenCard Framework (OCF) was initially produced by IBM and is currently owned and developed by the OpenCard consortium, which includes major players in the smart card industry. OCF is the host-side application framework providing a standard interface for interacting with card readers and applications in the card. The architecture of OCF is a structured model that divides functions among card terminal vendors, card operating system providers, and card issuers. The goal is to reduce dependence on each of these parties as well as dependence on the platform providers.
OCF is designed with the use of a smart card in a network computer in mind, and thus is implemented in the Java programming language.
PC/SC: PC/SC specifications (Interoperability Specification for ICCs and Personal Computer Systems) are owned and defined by the PC/SC Workgroup, an industry consortium with major players in the smart card industry. PC/SC defines a general-purpose architecture for using smart cards on personal computer systems.
In the PC/SC architecture, host-side smart card applications are built on top of one or more service providers and a resource manager. A service provider encapsulates functionality exposed by a specific smart card and makes it accessible through high-level programming interfaces. A resource manager manages the smart card-relevant resources within the system for accessing to card acceptance devices and, through them, individual smart cards.
PC/SC and OCF have many similar concepts. When running on a Windows platform, OCF can access card acceptance devices through the installed PC/SC resource manager.
In this article we have seen a brief overview of the technology of Smart cards. We have looked at the basic components and constructs that make up the Smart Card and have explored the elements of the chip which are at the centre of this technology.
The introduction of Smart cards has been so slow because of the lack of standards but now we have them in place and true interoperability between cards, vendors and applications is becoming a truth. We have also enumerated the various Smart card related standards.