next up previous
Next: 3.5.3 How can your Up: 3.5 What a Smart Previous: 3.5.1 Smart card applications


3.5.2 What is a smart card?


A smart card is a credit card sized plastic card with a special type of integrated circuit embedded in it. The integrated circuit holds information in electronic form and controls who uses this information and how.

The type of information held, and the way this information is controlled, gives rise to the infinite variety of smart card uses. The plastic card has words and pictures printed on it which can be understood by the card holder and people he meets. The integrated circuit holds information in electronic form that can be easily, securely and accurately accessed by all sorts of electronic data processing equipment. This unique combination means that the smart card is a bridge between man and machine.

The plastic card

The size of the card is determined by an international standard (ISO 7816). This standard also defines the physical characteristics of the plastic, such as temperature tolerance and flexibility, the position of the electrical contacts and their functions, and how the integrated circuit talks to the outside world.

There are several types of plastic used for smart cards. The main types are PVC and ABS. PVC can be embossed but is not recyclable. ABS cannot be embossed but is recyclable. Within 5 years there are likely to be 1 billion smart cards used per year. So recycling cards will be important.

Access control to the information

Smart cards are smart because they control access to the information they hold. Nobody can add units to a telephone card (not even the telephone company). Only a doctor equipped with the correct card can read a patient's medical record.

The basic mechanisms of access control are described below, and illustrated using the examples mentioned in the first part of this document.

There are two types of access control:

* Who can access the information?

Everybody, the card holder or a specific third party?

* How information can be accessed?

Can it be read, added to or even modified or erased?

* Who can access the information?


Some smart cards will only allow access to information if they are given the correct password. If you possess the password you can have access to the information. A password may be a number that the card holder has to remember, it may be hidden in another smart card that only authorized people possess, or it may just be inside the specific telephone or sales terminal used with the smart card. Most sophisticated smart cards have the ability to recognize several passwords.

This means that in the case of a health card, the patient, the doctor, the hospital administration, and the health insurance organization could each have their own password giving them different access rights to sections of information held in a patient's health card.

In some cases no password is used. So everybody can access the information. For example, in the health card, emergency medical information such as blood group and the patient's name are not protected by a password.

Card Holder Only
The most common form of password for card holders is a PIN (Personal Identification Number), a 4 or 5 digit number to be typed in at a key pad. The meaning of typing in a PIN is ``This card is mine, I give my permission to debit my account or access my medical file.'' In theory, if a smart card is lost or stolen and it is protected by a PIN, it cannot be used. If somebody tries to guess the PIN, most smart cards will just lock-up after 3 wrong attempts. PINs have two disadvantages, people can forget them, and it is possible to `steal ` a PIN by watching carefully when a card holder uses it. In the next few years better passwords for card holders which do not have these disadvantages are likely to appear.

Third Party Only
For example, when a doctor needs to consult a patient's health card, he needs a password, this password is hidden in his doctor's card. As only correctly trained doctors are issued with these cards, only they are able to consult patients' cards.

* How can the information be accessed?

Read only
Some information in the smart card can only be read. The information is fixed like a book, where information cannot be added, modified or erased. Some of the information in a prepaid telephone card is like this. This information contains a unique number for each card, the number of units in the new card, and an indication of who manufactured it. This information can be easily read, but cannot be modified in any way.

Add only
Some information in the smart card can only be added to but no erased, like engraving information in a stone. Information cannot be modified or erased, and information can only be added while there is room. If information can be added it can also be read. Units are used in a telephone card by adding information, like ticking off boxes. When all the boxes are ticked, no more units are left. Ticks can only be added and never erased, so nobody can refill the card.

Modify or erase
Information in the smart cards can be modified or erased like writing on a blackboard. This also implies that information can be added while there is room.

No access
Some information in a smart card can never be accessed. While this might appear rather useless, it is necessary for smart cards to be able to carry secrets the can never be revealed. The use of these secrets will be explained in ``When passwords are not enough.'' With a careful use of passwords, it is possible to avoid incorrect use of information, either by error or by intent. It is possible to summarize the information in a smart card, and the access control of this information (who and how) in a table. Take the example of a medical card in the table above. Information can be freely distributed in a smart card, and yet only accessed by the people who are authorized.

* When passwords are not enough

A smart card can restrict the use of information to an authorized person with a password. However if this information is then transmitted by radio or telephone additional protection is necessary.

One form of protection is ciphering, which is like translating the information into some unknown foreign language. Imagine two Martians talking loudly in a London bar, everyone can hear, but only the Martians can understand and use the information.

Some smart cards are capable of ciphering and deciphering (translating back to a form that can be easily understood), so that the information stored in them can be transmitted without compromising confidentiality.

The ciphering scheme usually used is actually far more complex than the situation of our two Martian friends in London. Smart cards can cipher into billions and billions of ``foreign languages'', and choose a different language at random every time they start a conversation. This makes eaves-dropping virtually impossible.

When a smart card and a computer system need to exchange confidential information over the telephone, they start by playing a complicated number game. The rules for this game are only known to genuine cards and genuine computers. It is impossible to play the game if the rules are not known, so any attempts to break into the system are easily detected and eliminated.

If the game is correctly played, the genuine card knows that it is talking to a genuine computer and visa versa. This is known as authentication and some serious information exchange can now take place.

During a successful authentication game one of the billions of possible ``foreign languages'' is selected, and only the players can know what it is. Information can then be transmitted in a language which is unknown to anyone else, even if they listened to the whole game.

The ability of smart cards to enable totally secure communication is used in the GSM radio phone network. Even when the network covers the whole of Europe, only radio phones with a valid subscription card will be able to use it.

* How smart is a smart card?

Some smart cards are smarter than others. The simplest cards, like the payphone cards, are smart enough to be virtually impossible to copy or falsify, but offer no protection in case of loss. If you lose your payphone card, anyone can use it. Other smart cards have one password to restrict its use to one person or machine, and the most sophisticated cards manage several passwords and can use authentication and ciphering techniques to combine total freedom with total security.

The simplest smart cards can cost less than $1 in large quantities, whereas the most sophisticated can cost in the range of $6-10 according to how much information they can hold.

next up previous
Next: 3.5.3 How can your Up: 3.5 What a Smart Previous: 3.5.1 Smart card applications
Denis Arnaud