Introduction
The term ‘smartcard’ means an entire class of credit-card-sized devices fitted with a micro-chip
to deliver one or more ‘intelligent’ capabilities. The classic examples of smartcards include storedvalue
cards or ‘electronic purses’ used to convey electronic cash, personal electronic health cards
which might carry compact summary records of personal medical data, and smart credit/debit
cards which replace insecure magnetic stripe storage of cardholder details with access-controlled
chip-based storage that is resistant to copying.
Importantly, examples of smartcard technology encompass a far broader range of applications.
A
more complete but not exhaustive list of applications for smartcard technologies includes:
• health and services cards
• ATM and EFTPOS cards
• telephone (calling) cards
• identification (including government identity (ID) cards, employee ID badges and
membership cards)
• mobile phone subscriber identification and administration (SIM)
• transport ticketing and tolling
• electronic passports; and
• healthcare (which can include portable record keeping as well as ‘identification’).
The physical form of smartcards extends beyond the plastic card. Smart ‘chip’ technology is
available in various packaging and communication interfaces, including:
• mobile phone SIMs (typically punched out from a larger plastic card)
• ‘fobs’ that are usually carried on a conventional key ring or a lanyard
• USB keys
• radio frequency road toll tags
• electronic passports; and
• credit card-sized plastic cards.
While smartcards are plastic cards with an embedded chip, they have several truly unique fundamental properties that underpin their business benefits. The fundamental properties are as follows:
• For all practical purposes, it is not possible to copy or counterfeit a smartcard. Smartcards can be configured to divulge their data only to specially qualified and authenticated terminal equipment. Magnetic stripe cards, on the other hand, store everything in a passive magnetic stripe, and anyone with a reader can skim off the data and replicate it at will onto counterfeitcards. Furthermore, smartcards carry buried cryptographic codes, written onto the silicon chip or into firmware at the time of manufacture. Even if an attacker obtains a smartcard and the related personal identification number (PIN), they will not be able to clone the card or use it to spawn counterfeits.
For detailed qualifications to the claim that smartcards, for all practical purposes, cannot be copied see Section 8 ‘Smartcard security’ below.
• Smart ‘chips’ are ‘smart’ . This allows a smartcard to exhibit a far more intelligent and therefore richer set of functions than a magnetic stripe card (or most other authentication tokens excluding ‘fobs’ which can have as many features as a contactless card). In addition, smartcards can act independently from a back-end system or offline, allowing security rules to be enforced offline.
• The chip allows intelligent access control around the contents and functions of the smartcard. Multi-application smartcards provide global PIN functionality. Smartcards allow a rich suite of access control rules that can be associated with different data containers. Smartcard data can therefore be protected so an attacker cannot freely read it, as is the case with magnetic stripe cards.
• Smartcards are capable of mutual authentication in online transactions. The chip and/or tamper-resistant memory allow the client side of a transaction to actively verify the identity of the server before the server identifies the client. This property assists in countering man-in-the-middle attack.
Applied benefits
As a consequence of the above fundamental properties, today’s sophisticated smartcards offer certain advantages in certain settings, including:
• Multi-applications. A single smartcard can perform multiple independent tasks. For example, a bank-issued smart credit card might also furnish an electronic purse, public transport ticket, telephone calling card, loyalty functions, personalised access to government services and multiple individual digital certificates.
• Sophisticated fraud detection and response is possible, for example, in environments where connection to backend systems cannot be relied upon. For instance, the card alone can enforce security rules relating to daily transaction caps, maximum PIN retries or purchasing patterns.
• Containers for multiple digital credentials. The writable memory, access control and encryption capabilities of modern smartcards allow them to carry multiple independent identifiers, or digital certificates. A card scheme operator may chose to use a third party’s digital certificate rather than their own which requires the certification authority to collaborate with the card issuer in the printing of the cards.
• Online security can be greatly enhanced using smartcards thanks to their mutual authentication capabilities. In particular, smartcards can help protect against website fraud, phishing and ‘pharming’ (where large numbers of unwitting users are directed to a fake or spoofed website, and subsequently led to divulge sensitive information or to initiate inappropriate transactions).
• Two-factor authentication requires two out of ‘something you know’, ‘something you have’ or ‘something you are’. A common example of two-factor authentication is a bank card (credit card, debit card); the card itself is the physical item, and the PIN is the data that goes with it. Smartcards also constitute two-factor authentication being physical tokens like the common bank card.
• Field upgrades are possible for functional enhancements, bug fixes or to load entirely new applications. The built-in security capabilities make it possible in many cases to upgrade smartcards remotely, avoiding the need to recall and re-distribute fresh cards.
When should agencies consider smartcard deployment
The salient characteristics of a smartcard deployment that can help evaluate the practicality and
potential business benefits of this new technology for agencies are discussed below.
1. Specific capability required
Smartcards have specific unique capabilities that other technologies do not provide, including
security features that help to thwart identity theft and card fraud.
2. Portability
One of the most fundamental smartcard characteristics is its data portability. By adopting
smartcards, an agency can maintain data in a form that can be transported to any physical location.
The smartcard portability allows data to move with the client between providers. Data on the card
can be accessed wherever and whenever it is needed. Privacy can be an important consideration;
privacy can be enhanced in some cases when smartcards are used to convey sensitive data,
removing it from exposure from back-end systems.
Having said that, a major constraint is imposed by the limited EEPROM capacity of smartcards
today. While the EEPROM capacity is continually improving, it comes at a significant price premium.
This memory needs to be shared amongst card applications and application data. Furthermore,
some important card applications which might not be apparent to the end user (or even the card
issuer) can be required to meet underlying technical requirements of standards such as ISO/IEC
24727-3 and FIPS 201, or FIPS 140 Level 3 where applicable. Digital certificates, too, typically require 2 KB or more each. The net result is that the memory remaining available for use by user
applications can turn out to be only a very few kilobytes.
Smartcards can provide various levels of security to ensure data integrity. When considering the
portability of data, also consider how the data is going to be protected from illicit interception,
modification or substitution. Smartcards are designed to address all these concerns.
3.Identity authentication/information security
It is becoming increasingly important to verify the identity of the transaction originator and
receiver in today’s environment of increased agency use of electronic commerce and/or electronic
service delivery, growing use of web-based applications, and the ongoing problem of identify theft.
By providing a mechanism for secure identity authentication (through a variety of means, including
symmetric cryptography, digital certificate and/or biometric), the smartcard provides a means for
cardholders to identify themselves in cyberspace
Applications
The properties and benefits of smartcard technology lend themselves to applications with the following features:
• ‘Offline’ electronic transaction environments where business rules can be enforced by the card without connection to back-end systems, for example, daily transaction limits with credit cards, entitlements with social security cards. This eases the burden on the back-end and on the network, and improves flexibility, for example, in retail environments. Note too that PIN match-on-card improves systemic security by reducing the extraneous personal information sent over the network.
• Where identity theft is a significant risk. Well-designed and manufactured smartcards for all intents and purposes cannot be skimmed, cloned from intercepted transaction data or counterfeited (hence the EMV scheme).
• Online transactions with relatively high-risk profiles where active mutual authentication is important to prevent website fraud through man-in-the-middle attack (refer, for example, to authentication Levels 3 and 4 in the National e-Authentication Framework published by AGIMO and Levels 3 and 4 in the United States National Institute of Standards and Technology (NIST) SP800-63: Electronic Authentication Guideline).
• Public key infrastructure (PKI). Smartcards with on-chip key generation and digital signature functions are the ideal key storage medium in a wide range of emerging PKI applications, especially e-health and the professions, e.g. legal , medical, engineering.
• Biometric systems, especially with one-to-one verification and match-on-card.
• Multi-application settings, where it is useful to offer multiple functions through the one card or to upgrade cards over time. The financial sector has, to date, offered most examples in this category, where sophisticated banking products have been launched which can roll together electronic purse and public transport ticketing with debit/credit offerings.
• Smartcards can serve as credit, debit or stored-value payment and/or payment token instruments, and can provide improved online authentication to underpin access to financial accounts, funds transfers, payment instructions and so on.
• Information storage and management tools. Depending on the memory size of the integrated circuit card, smartcards can store and manage data to assist with various applications; for example, summarised medical information stored on a smartcard could, in principle, be made accessible by an authorised medical official in the event of an emergency or on a routine medical visit, subject, of course, to careful privacy design and appropriate consent mechanisms being
in place.
2 Financial applications
• Credit and/or debit accounts, replicating what is currently on the magnetic stripe bank card, but with greater protection against counterfeiting and skimming; and
• Securing payment across the Internet as part of electronic commerce to potentially reduce fraud in remote transactions.
• Electronic purse/stored-value cards to replace coins for small purchases in vending machines and over-the‑counter transactions or even prepaid telephone cards (electronic purses have proven most practicable so far in tightly closed and temporary populations, such as holiday resorts and cruise ships).
3 Communications applications
• Mobile telephony – global system for mobile (GSM) communications SIMs are smartcards that identify the subscriber to the telephone system, for billing purposes, to control global roaming, and to manage keys for voice and data encryption. They can also store personal information such as frequently called numbers. SIM cards may be moved from telephone to telephone.
• Subscriber activation of programming on pay television; and
• Cards that allow set-top boxes on televisions to remain secure from piracy.
Government programs
• Electronic benefits transfer using smartcards.
• Cards may be used for a range of specific public sector applications, such as library cards or learning cards.
• Official documents may be issued in the form of smartcards, as a secure alternative to paper documents, for example, drivers licences, electronic passports.
• Digital credentials or business licences can be carried by smartcard.
• Identification cards may be used to identify either government employees or members of the public and provide access to buildings or computer systems.
For example, the city of Pusan, Republic of Korea has implemented a multi-application e-currency biometrics smartcard that is used as an e-government ID card, a payment card for mass transportation, as well as for banking transactions, point-of-sale transactions, Internet activity and other financial dealings. Other examples include the Smartcities initiative in the United Kingdom, ConneXions and electronic IDs (eIDs) as implemented on the Belgian eID card.
5 Information security
• Employee access card with secured passwords and the potential to employ biometrics to protect access to computer systems.
• An individual or an organisation may use cards to digitally sign electronic messages, thereby providing proof of authenticity and integrity (digital certificate included on chip).
6 Physical access
• Employee access card with secured ID and the potential to employ biometrics to protect physical access to facilities
.7 Transportation
• Drivers licences
• Mass transit fare collection systems
• Electronic toll collection systems
8 Retail and loyalty
• Consumer reward/redemption tracking on a smart loyalty card that is marketed to specific consumer profiles and linked to one or more specific retailers serving that profile set.
9 Health card
The limited memory capacity of even the most sophisticated smartcards means they are not able to store a great deal of healthcare related information. In any case, the dynamic and decentralised nature of longitudinal personal health information means most shared electronic health record architectures today do not envisage using smartcards as more than security keys to access data.
• Consumer health card containing insurance eligibility and other entitlements.
• A patient’s smartcard can act as a key which healthcare professionals can use to access electronic health records, with the patient’s consent.
• Emergency medical data (medic alerts, allergies, drug reactions).
• Electronic prescriptions may be issued by doctors to a patient’s smartcard (though probably in summary form rather than in their entirety) and thus conveyed to dispensaries.
0 comments:
Post a Comment