Smart Cards in Access Control - Overview
A smart card is a typical plastic card that contains an embedded computer chip which is either a memory or a microprocessor type. The data that the chip is responsible for storing and transmitting pertains to either value, information or a combination of both. This data is both stored and processed within the card’s chip. The card data is transmitted via a reader, which is the outward facing component of the smart card security computing system. Several systems across a wide range of commercial sectors, like banking, healthcare, finance, entertainment, and media nowadays use smart card security systems in their applications. Applications using smart cards benefit from the several security features that these chip cards provide. The efficiency of the systems is elevated to a large extent due to the smart cards.
Smart Card Security Technology
Necessity and Application of Smart Card Security
The need for convenience and security of any transaction has made the deployment of smart cards highly relevant. One of the primary uses of smartcards is to provide safe storage of confidential information of users like account identity. In general, smart cards are preferred to other machine readable cards as they incur a much lower cost of maintenance. Also, unlike other card security systems like magnetic stripe cards, smart card security systems put all the necessary information and functions on the card itself. Magnetic stripe cards divide the information and function load between themselves and the reader or the central server. Thanks to this, the user does not need access to obscure databases during transaction processes.
Smart cards also facilitate the secure transaction of data through any type of virtual network. Unlike the magnetic stripes which store negligible amounts of read-only data, smart cards are fitted with microprocessors which enable the cards to receive, store, update, and make decisions about data. This means that if you’ve been issued a smart card, but your information gets updated, you don’t need a new card, but rather can update the information straight on your existing card. This greatly reduces the risk of losing your card or misplacing the old one and compromising your security.
Also in terms of security, smart cards protect against a wide array of security threats starting from careless storage of user passwords to intricate system hackings. In a fully online system, you’ll need some method of storing and remembering all your passwords, but users are often careless and misplace or share their passwords, meaning that they have to change them often or risk getting hacked. Resetting password is a highly expensive task for an organization. Thus smart card security systems offer a highly cost-effective solution for this issue. The most relevant and prominent applications of smartcard can be categorized in the following way:
- SIM Cards and telecommunication: Subscriber identity module, which is required by all phone systems under the global system for mobile communication, is the most commonly used application of smartcards. The smart cards are consumed to enable the unique identifier, which is stored in the SIM card, to protect the rights and privileges of each mobile subscriber.
- Loyalty and stored value: Smart cards are used as a tool of stored value, particularly, in loyalty programs across various sectors like transportation, parking, retail that track data and offer incentives to hold onto their customer bases.
- Securing digital content and physical assets: In addition to providing information security, smartcards are also used to safeguard services and equipment by restricting access only to permitted users. Delivery of digital information and entertainment services is encrypted and decrypted via the smart card per of each subscriber base. Smart cards have also proved to be useful tools for machine and equipment settings in sensitive laboratories.
- Ecommerce: Smart cards facilitate the process of e-commerce transaction by enabling consumers to securely store relevant information about purchases. For instance, the smart card stores details of personal account like credit balance as well preferences and purchasing trends of consumers. The smart cards can be used for micro-payments as well as for management of expenses.
Types of Smart Cards
Smart cards can be divided broadly into three categories, depending on the technology of the security chip they contain (the rest of the card is just a piece of plastic!)
- Integrated circuit Microprocessor cards: Also known as chip cards, microprocessor cards offer far greater memory storage and data security than traditional magnetic cards. The current generation of these cards operates on an eight-bit processor, 16 kb ROM, and 512 bytes of RAM. These cards have built-in data processors, all included in the smart chip. As a result, these smart cards are primarily used for security digital identities (identification cards) and are implemented in applications that require manipulation of large quantities of data. That means that if you need to store and update real-time a large amount of data on a card, like all the particular identification data of an employee, this is an appropriate smart card security system. This particular card can add, delete and alter information on the card. Some of the examples of this card are store value cards or cards that safeguard cell phones against fraud.
- Integrated circuit memory cards: These cards can hold up to 1 to 4 kb of data, but have no data-manipulating processors on them. Thus these cards rely on an accessory card-reading device for the purpose of processing data. The memory card can be used only in the case of a pre-established task. Prepaid phone cards are the most common example of this type of smartcard, as their sole purpose is to add a fixed amount of value to a phone with a fixed hardware inside of it. It doesn’t need to be updated or have its data changed. As a corollary of this feature (or lack thereof), these smart cards are not often used for security systems.
- Optical memory cards: Optical memory cards look store up to a 4 mb of data, or several orders of magnitude more than integrated circuit cards. However, once the data is written it cannot be deleted or replaced. This makes them optimal for storing large amount of data that you want to access in the future, but that you will not need to modify in any way. Optical memory cards are ideal for applications that entail recordkeeping like medical files.
Structure of the Chip of a Smart Card
The chips of the smart cards are manufactured from silicon wafers, attached with aluminum contact areas, coated in an epoxy resin and embedded inside the plastic cards. The efficiency of the smart card depends on the proper functioning of the chip.
Internal Structure of a Smartcard
Smart cards operate on the power supplied from an electrical connector inside a card reader or indirectly from the radio frequency transmission of contactless readers. A smart card consists of the following functional components:
- Central processing unit: It interprets and delivers on the instructions delivered by the operating system.
- Read-only memory: This type of memory stores data that once written cannot be changed or deleted. Hence manufacturers of the card’s chips fit the card’s OS along with various diagnostic functions on the ROM component.
- Random Access memory: The RAM is capable of storing and modifying data and can be accessed as long as it power is being supplied.
- Application memory: Electrically programmable read-only memory (EEPROM) enables in the storing and modification of data well.
Security Technology of a Smart Card
Technology and security are closely associated. The ability of smart cards to self contain data makes them immune from external attacks. There are 3 different types of the smart card security:
- Communication with the outside world, such as interaction with a reader, access controller, or server
- Hardware security — these smart cards (or rather their chips) are installed on sensitive equipment and monitor the environment for risks
- Operating system — these are the smart cards that contain authentication information, and that you can use for multi-factor authentication in a smart card security system
Markets that have been traditionally using machine readable card technologies like barcode and magnetic stripe, are increasingly adopting the use of smart cards. This conversion is done after the return on investment is accounted by each card user year after year. Smart cards are most often being used in application which strictly needs security and substantiation.