Contact Cards
The most common type of smart card. Electrical contacts located on the outside of the card connect to a card reader when the card is inserted.
The most common type of smart card. Electrical contacts located on the outside of the card connect to a card reader when the card is inserted.
Increased levels of processing power, flexibility and memory add cost. Single function cards are often the most cost-effective solution. Choose the right type of smart card for your application by evaluating cost versus functionality and determine your required level of security. All of these variables should be weighted against the expected lifecycle of the card. On average the cards typically comprise only 10 to 15 percent of the total system cost with the infrastructure, issuance, training and advertising making up the other 85 percent. The following chart demonstrates some general rules of thumb;
Card Function Trade-Offs
Memory cards have no sophisticated processing power and cannot manage files dynamically. All memory cards communicate to readers through synchronous protocols. In all memory cards you read and write to a fixed address on the card. There are three primary types of memory cards: 1). Straight, 2). Protected, and 3). Stored Value.
1. Straight Memory Cards
These cards just store data and have no data processing capabilities. These cards are the lowest cost per bit for user memory. They should be regarded as floppy disks of varying sizes without the lock mechanism. These cards cannot identify themselves to the reader, so your host system has to know what type of card is being inserted into a reader. These cards are easily duplicated and cannot be tracked by on-card identifiers.
2. Protected / Segmented Memory Cards
These cards have built-in logic to control the access to the memory of the card. Sometimes referred to as Intelligent Memory cards, these devices can be set to write protect some or all of the memory array. Some of these cards can be configured to restrict access to both reading and writing. This is usually done through a password or system key. Segmented memory cards can be divided into logical sections for planned multi-functionality. These cards are not easily duplicated but can possibly be impersonated by hackers. They typically can be tracked by an on-card identifier.
3. Stored Value Memory Cards
These cards are designed for the specific purpose of storing value or tokens. The cards are either disposable or rechargeable. Most cards of this type incorporate permanent security measures at the point of manufacture. These measures can include password keys and logic that are hard-coded into the chip by the manufacturer. The memory arrays on these devices are set-up as decrements or counters. There is little or no memory left for any other function. For simple applications such as a telephone card the chip has 60 or 12 memory cells, one for each telephone unit. A memory cell is cleared each time a telephone unit is used. Once all the memory units are used, the card becomes useless and is thrown away. This process can be reversed in the case of rechargeable cards.
CPU/MPU Microprocessor Multifunction Cards
These cards have on-card dynamic data processing capabilities. Multifunction smart cards allocate card memory into independent sections or files assigned to a specific function or application. Within the card is a microprocessor or microcontroller chip that manages this memory allocation and file access. This type of chip is similar to those found inside all personal computers and when implanted in a smart card, manages data in organized file structures, via a card operating system (COS). Unlike other operating systems, this software controls access to the on-card user memory. This capability permits different and multiple functions and/or different applications to reside on the card, allowing businesses to issue and maintain a diversity of ‘products’ through the card. One example of this is a debit card that also enables building access on a college campus. Multifunction cards benefit issuers by enabling them to market their products and services via state-of-the-art transaction and encryption technology. Specifically, the technology enables secure identification of users and permits information updates without replacement of the installed base of cards, simplifying program changes and reducing costs. For the card user, multifunction means greater convenience and security, and ultimately, consolidation of multiple cards down to a select few that serve many purposes.
There are many configurations of chips in this category including chips that support cryptographic PKI functions with on board math co-processors or Java virtual machine hardware blocks. As a rule of thumb - the more functions the higher the cost.
Contactless Cards
These are smart cards that employ a radio frequency (RFID) between card and reader without physical insertion of the card. Instead the card is passed along the exterior of the reader and read. Types include proximity cards which are implemented as a read-only technology for building access. These cards function with a limited memory and communicate at 125 MHz. True read & write contactless cards were first used in transportation for quick decrementing and re-loading of fare values where their lower security was not an issue. They communicate at 13.56 MHz, and conform to the ISO14443 standard. These cards are often straight memory types. They are also gaining popularity in retail stored value, since they can speed-up transactions and not lower transaction processing revenues (i.e. VISA and Mastercard), like traditional smart cards.
Variations of the ISO14443 specification include A, B, and C, which specify chips from either specific or various manufacturers. A=Philips B=Everybody else and C=Sony chips. Contactless card drawbacks include the limits of cryptographic functions and user memory versus microprocessor cards and the limited distance between card and reader required for operation.
Combination Cards
These are hybrids that employ both contact and contactless technology in one card. Combi-cards can also contain two different types of chips in contrast to a Dual-Interface card where a single chip manages both functions.
Operating Systems
The two primary types of smart card operating systems 1). Fixed File Structure and 2). Dynamic Application System. As with card types, selection of a card OS depends on the application the card is developed for. The other defining difference is in the Encryption Capabilities of the OS and the Chip. These are typically distinguished by Symmetric Key and Public Key. See the security section of this site for more information.
1). Fixed File Structure
This type treats the card as a secure computing and storage device. Files and permissions are set in advance by the issuer. These specific parameters are ideal and economical for a fixed type of card structure and functions that will not change in the near future. An example of this kind of card is a low-cost employee multi-function badge.
2). Dynamic Application System
This type of operating system, which includes the MULTOS and JAVA card varieties, enables developers to build, test, and deploy different applications securely. Because the OS and applications are more separate, updates can easily and repeatedly be made. See our software page for more information. An example card is a SIM card for mobile GSM where updates and security are downloaded to the phone and dynamically changed.
Source : http://www.smartcardbasics.com/cardtypes.html
Tidak ada komentar:
Posting Komentar