1. All Resources
  2. Technologies

Smart Card Technology in Access Control: An Overview

Smart Card in Access Control - Overview

A smartcard is a typical plastic chip card that contains an embedded computer chip which is either a memory or a microprocessor type. The data that the chip is responsible for storing and transacting pertains to either value, information or a combination of both. This data is stored and processed both within the card’s chip. The card data is transacted via a reader which is a component of the computing system. Several systems across a wide range of commercial sectors, like banking, healthcare, finance, entertainment, and media nowadays use smartcards in their applications. Applications using smartcard benefit from the several security features that these chip cards provide. The efficiency of the systems is elevated to a large extent due to the smartcards.

Smart Card Technology

Necessity and Application of Smartcards

The need for convenience and security of any transaction has made the deployment of smartcards highly relevant. One of the primary uses of smartcards is to provide safe storage of confidential information of users like account identity. Smartcards are preferred to other machine readable cards as the former requires a much lower cost of maintenance.  Moreover, unlike magnetic stripe cards, smart card contains all the necessary information and functions on the card itself. Hence the user does not need access to obscure databases during transaction processes. Smart cards also facilitate the secure transaction of data through any type of virtual network. Unlike the magnetic stripes which store negligible amounts of read-only data, smart cards are fitted with micro processors which not only  enable the cards to receive, store and update and make decisions about data.  Smart cards protect against a wide array of security threats starting from careless storage of user passwords to intricate system hackings. Resetting password is a highly expensive task for an organization. Thus smartcards offer a highly cost-effective solution for this issue. The most relevant and prominent applications of smartcard can be categorized in the following way:

  1. SIM Cards and telecommunication: Subscriber identity module, which is required by all phone systems under the global system for mobile communication, is the most commonly used application of smartcards. The smart cards are consumed to enable the unique identifier, which is stored in the SIM card, to protect the rights and privileges of each mobile subscriber.
  2. Loyalty and stored value: Smart cards are used as a tool of stored value, particularly, in loyalty programs across various sectors like transportation, parking, retail that track data and offer incentives to hold onto their customer bases.
  3. Securing digital content and physical assets: In addition to providing information security, smartcards are also used to safeguard services and equipment by restricting access only to permitted users. Delivery of digital information and entertainment services is encrypted and decrypted via the smart card per of each subscriber base.  Smart cards have also proved to be useful tools for machine and equipment settings in sensitive laboratories.
  4. Ecommerce: Smart cards facilitate the process of e-commerce transaction by enabling consumers to securely store relevant information about purchases. For instance, the smart card stores details of personal account like credit balance as well preferences and purchasing trends of consumers. The smart cards can be used for micro-payments as well as for management of expenses.
Kisi Products
Regain Full Control the Easy Way

Discover what makes Kisi the most advanced cloud access control solution.

Types of Smart Cards

There are essentially three broad categories that smart cards can be divided in:

  1. Integrated circuit Microprocessor cards: Also known as the chip cards, Microprocessor cards offer far greater memory storage and data security than traditional magnetic cards. The current generation of these cards operates on an eight-bit processor, 16 kb ROM, and 512 bytes of RAM. These cards are have inbuilt data processors. Thus these are   primarily used for security of digital identity and are implemented in applications that require manipulation of large quantities of data. This particular card can add, delete and alter information on the card. Some of the examples of this card are store value cards or cards that safeguard cell phones against fraud.
  2. Integrated circuit memory cards: These cards can hold up to 1 to 4 kb of data, but have no data-manipulating processors on them. Thus these cards rely on an accessory card-reading device for the purpose of processing data. The memory card can be used only in the case of a pre-defined task.  Pre-paid phone cards are the most common example of this type of smartcard, making memory cards most largely sold.
  3. Optical memory cards: Optical memory cards look store up to a 4 mb of data. However, once the data is written it cannot be deleted or replaced. Hence memory cards are ideal for applications that entail recordkeeping like medical files. 

Structure of the chip of a Smartcard

The chips of the smartcards are manufactured from silicon wafers, attached with aluminum contact areas, coated in an epoxy resin and embedded inside the plastic cards. The efficiency of the smart card depends on the proper functioning of the chip. 

Internal Structure of a Smartcard
Internal Structure of a Smartcard

Smart cards operate on the power supplied from an electrical connector inside a card reader or indirectly from the radio frequency transmission of contactless readers. A smartcard consists of the following functional components:

  • Central processing unit: It interprets and delivers on the instructions delivered by the operating system.
  • Read-only memory: This type of memory stores data that once written cannot be changed or deleted. Hence manufacturers of the card’s chips fit the card’s OS along with various diagnostic functions on the ROM component.
  • Random Access memory: The RAM is capable of storing and modifying data and can be accessed as long as it power is being supplied.
  • Application memory: Electrically programmable read-only memory (EEPROM) enables in the storing and modification of data well.

Security Technology of a Smartcard

Technology and security are closely associated. The ability of smart cards to self contain data makes them immune from external attacks. There are 4 different types of the smart card security:

  1. Communication with the outside world
  2. Hardware security
  3. Operating system
  4. Software 

Markets that have been traditionally using machine readable card technologies like barcode and magnetic stripe, are increasingly adopting the use of smart cards. This conversion is done after the return on investment is accounted by each card user year after year. Smart cards are most often being used in application which strictly needs security and substantiation.

SOURCES:

https://www.phil.frb.org/-/media/consumer-finance-institute/payment-cards-center/publications/discussion-papers/2002/SmartCard_042002.pdf

http://www.smartcardbasics.com/smart-card-overview.html

http://www.oracle.com/technetwork/java/javacard/documentation/smartcards-136372.html

http://people.cs.uchicago.edu/~dinoj/smartcard/security.html

Just starting?
Download our Access Control guide

Get this full guide in PDF format, plus other great security content from Kisi. We're offering this guide as a free download and you will also be signed up to get content from the Kisi blog.

Download Guide
Kisi Download Guide