fbpx
Wikipedia

Smart card

It has been suggested that this article be split into a new article titled Complex smart card. (Discuss)(January 2021)
This article's lead section may be too short to adequately summarize the key points. Please consider expanding the lead to provide an accessible overview of all important aspects of the article.(June 2012)

A smart card, chip card, or integrated circuit card (ICC or IC card) is a physical electronic authorization device, used to control access to a resource. It is typically a plastic credit card-sized card with an embedded integrated circuit (IC) chip. Many smart cards include a pattern of metal contacts to electrically connect to the internal chip. Others are contactless, and some are both. Smart cards can provide personal identification, authentication, data storage, and application processing. Applications include identification, financial, mobile phones (SIM), public transit, computer security, schools, and healthcare. Smart cards may provide strong security authentication for single sign-on (SSO) within organizations. Numerous nations have deployed smart cards throughout their populations.

The universal integrated circuit card, or SIM card, is also a type of smart card. As of 2015[update], 10.5billion smart card IC chips are manufactured annually, including 5.44billion SIM card IC chips.

Contents

See also: Payment card

The basis for the smart card is the silicon integrated circuit (IC) chip. It was invented by Robert Noyce at Fairchild Semiconductor in 1959, and was made possible by Mohamed M. Atalla's silicon surface passivation process (1957) and Jean Hoerni's planar process (1959). The invention of the silicon integrated circuit led to the idea of incorporating it onto a plastic card in the late 1960s. Smart cards have since used MOS integrated circuit chips, along with MOS memory technologies such as flash memory and EEPROM (electrically erasable programmable read-only memory).

Invention

One of the first smart card prototypes, created by its inventor Roland Moreno around 1975. The chip has not yet been miniaturized. On this prototype, one can see how each pin of the microchip (center) is connected to the exterior world by a copper connector.
First smart card manufactured by Giesecke & Devrient in 1979, already with the finally standardized dimension (ID-1) and a contact area with eight pads (initially on the upper left corner)

The idea of incorporating an integrated circuit chip onto a plastic card was first introduced by two German engineers in the late 1960s, Helmut Gröttrup and Jürgen Dethloff. In February 1967, Gröttrup filed the patent DE1574074 in West Germany for a tamper-proof identification switch based on a semiconductor device. Its primary use was intended to provide individual copy-protected keys for releasing the tapping process at unmanned gas stations. In September 1968, Helmut Gröttrup, together with Dethloff as an investor, filed further patents for this identification switch, first in Austria and in 1969 as subsequent applications in the United States, Great Britain, West Germany and other countries.

Independently, Kunitaka Arimura of the Arimura Technology Institute in Japan developed a similar idea of incorporating an integrated circuit onto a plastic card, and filed a smart card patent in March 1970. The following year, Paul Castrucci of IBM filed an American patent titled "Information Card" in May 1971.

In 1974 Roland Moreno patented a secured memory card later dubbed the "smart card". In 1976, Jürgen Dethloff introduced the known element (called "the secret") to identify gate user as of USP 4105156.

In 1977, Michel Ugon from Honeywell Bull invented the first microprocessor smart card with two chips: one microprocessor and one memory, and in 1978, he patented the self-programmable one-chip microcomputer (SPOM) that defines the necessary architecture to program the chip. Three years later, Motorola used this patent in its "CP8". At that time, Bull had 1,200 patents related to smart cards. In 2001, Bull sold its CP8 division together with its patents to Schlumberger, who subsequently combined its own internal smart card department and CP8 to create Axalto. In 2006, Axalto and Gemplus, at the time the world's top two smart-card manufacturers, merged and became Gemalto. In 2008, Dexa Systems spun off from Schlumberger and acquired Enterprise Security Services business, which included the smart-card solutions division responsible for deploying the first large-scale smart-card management systems based on public key infrastructure (PKI).

The first mass use of the cards was as a telephone card for payment in French payphones, starting in 1983.[citation needed]

Carte bleue

After the Télécarte, microchips were integrated into all French Carte Bleue debit cards in 1992. Customers inserted the card into the merchant's point-of-sale (POS) terminal, then typed the personal identification number (PIN), before the transaction was accepted. Only very limited transactions (such as paying small highway tolls) are processed without a PIN.

Smart-card-based "electronic purse" systems store funds on the card, so that readers do not need network connectivity. They entered European service in the mid-1990s. They have been common in Germany (Geldkarte), Austria (Quick Wertkarte), Belgium (Proton), France (Moneo), the Netherlands (Chipknip Chipper (decommissioned in 2015)), Switzerland ("Cash"), Norway ("Mondex"), Spain ("Monedero 4B"), Sweden ("Cash", decommissioned in 2004), Finland ("Avant"), UK ("Mondex"), Denmark ("Danmønt") and Portugal ("Porta-moedas Multibanco"). Private electronic purse systems have also been deployed such as the Marines corps (USMC) at Parris Island allowing small amount payments at the cafeteria.

Since the 1990s, smart cards have been the subscriber identity modules (SIMs) used in GSM mobile-phone equipment. Mobile phones are widely used across the world, so smart cards have become very common.

EMV

Further information: EMV

Europay MasterCard Visa (EMV)-compliant cards and equipment are widespread with the deployment led by European countries. The United States started later deploying the EMV technology in 2014, with the deployment still in progress in 2019. Typically, a country's national payment association, in coordination with MasterCard International, Visa International, American Express and Japan Credit Bureau (JCB), jointly plan and implement EMV systems.

Historically, in 1993 several international payment companies agreed to develop smart-card specifications for debit and credit cards. The original brands were MasterCard, Visa, and Europay. The first version of the EMV system was released in 1994. In 1998 the specifications became stable.

EMVCo maintains these specifications. EMVco's purpose is to assure the various financial institutions and retailers that the specifications retain backward compatibility with the 1998 version. EMVco upgraded the specifications in 2000 and 2004.

EMV compliant cards were first accepted into Malaysia in 2005 and later into United States in 2014. MasterCard was the first company that was allowed to use the technology in the United States. The United States has felt pushed to use the technology because of the increase in identity theft. The credit card information stolen from Target in late 2013 was one of the largest indicators that American credit card information is not safe. Target made the decision on April 30, 2014 that it would try to implement the smart chip technology in order to protect itself from future credit card identity theft.

Before 2014, the consensus in America was that there were enough security measures to avoid credit card theft and that the smart chip was not necessary. The cost of the smart chip technology was significant, which was why most of the corporations did not want to pay for it in the United States. The debate finally ended when Target sent out a notice stating unauthorized access to magnetic strips costing Target over 300 million dollars along with the increasing cost of online credit theft was enough for the United States to invest in the technology. The adaptation of EMV's increased significantly in 2015 when the liability shifts occurred in October by the credit card companies.

Development of contactless systems

Contactless smart cards do not require physical contact between a card and reader. They are becoming more popular for payment and ticketing. Typical uses include mass transit and motorway tolls. Visa and MasterCard implemented a version deployed in 2004–2006 in the U.S., with Visa's current offering called Visa Contactless. Most contactless fare collection systems are incompatible, though the MIFARE Standard card from NXP Semiconductors has a considerable market share in the US and Europe.

Use of "Contactless" smart cards in transport has also grown through the use of low cost chips NXP Mifare Ultralight and paper/card/PET rather than PVC. This has reduced media cost so it can be used for low cost tickets and short term transport passes (up to 1 year typically). The cost is typically 10% that of a PVC smart card with larger memory. They are distributed through vending machines, ticket offices and agents. Use of paper/PET is less harmful to the environment than traditional PVC cards . See also transport/transit/ID applications.

Smart cards are also being introduced for identification and entitlement by regional, national, and international organizations. These uses include citizen cards, drivers’ licenses, and patient cards. In Malaysia, the compulsory national ID MyKad enables eight applications and has 18 million users. Contactless smart cards are part of ICAO biometric passports to enhance security for international travel.

Complex smart cards

Complex Cards are smart cards that conform to the ISO/IEC 7810 standard and include components in addition to those found in traditional single chip smart cards. Complex Cards were invented by Cyril Lalo and Philippe Guillaud in 1999 when they designed a chip smart card with additional components, building upon the initial concept consisting of using audio frequencies to transmit data patented by Alain Bernard. The first Complex Card prototype was developed collaboratively by Cyril Lalo and Philippe Guillaud , who were working at AudioSmartCard at the time, and Henri Boccia and Philippe Patrice, who were working at Gemplus. It was ISO 7810-compliant and included a battery, a piezoelectric buzzer, a button, and delivered audio functions, all within a 0.84mm thickness card.

The Complex Card pilot, developed by AudioSmartCard, was launched in 2002 by Crédit Lyonnais, a French financial institution. This pilot featured acoustic tones as a means of authentication. Although Complex Cards were developed since the inception of the smart card industry, they only reached maturity after 2010.

Complex Cards can accommodate various peripherals including:

  • One or more buttons,
  • A digital keyboard,
  • An alphabetic keyboard,
  • A touch keyboard,
  • A small display, for a dynamic Card Security Code (CSC) for instance,
  • A larger digital display, for OTP or balance, QR code
  • An alphanumeric display,
  • A fingerprint sensor,
  • A LED,
  • A buzzer or speaker.

While first generation Complex Cards were battery powered, the second generation is battery-free and receives power through the usual card connector and/or induction .

Sound, generated by a buzzer, was the preferred means of communication for the first projects involving Complex Cards. Later, with the progress of displays, visual communication is now present in almost all Complex Cards.

Functionalities

Complex Cards support all communication protocols present on regular smart cards: contact, thanks to a contact pad as defined ISO/IEC 7816 standard, contactless following the ISO/IEC 14443 standard, and magstripe.

Developers of Complex Cards target several needs when developing them:

  • One Time Password,
  • Provide account information,
  • Provide computation capabilities,
  • Provide a means of transaction security,
  • Provide a means of user authentication.
One time password

A Complex Card can be used to compute a cryptographic value, such as a One-time password. The One-Time Password is generated by a cryptoprocessor encapsulated in the card. In order to implement this function, the cryptoprocessor must be initialized with a seed value, which enables the identification of the OTPs respective of each card. The hash of seed value has to be stored securely within the card to prevent unauthorized prediction of the generated OTPs.

One-Time Passwords generation is based either on incremental values (event based) or on a real time clock (time based). Using clock-based One-Time Password generation requires the Complex Card to be equipped with a Real-time clock and a quartz.

Complex Cards used to generate One Time Password have been developed for:

  • Standard Chartered, Singapore,
  • Bank of America, USA,
  • Erste Bank, Croatia,
  • Verisign, USA,
  • RSA Security.
Account information

A Complex Card with buttons can display the balance of one or multiple account(s) linked to the card. Typically, either one button is used to display the balance in the case of a single account card or, in the case of a card linked to multiple accounts, a combination of buttons is used to select a specific account's balance.

For additional security, features such as requiring the user to enter an identification or a security value such as a PIN can be added to a Complex Card.

Complex Cards used to provide account information have been developed for:

  • Getin Bank, Poland,
  • TEB, Turkey.

The latest generation of battery free, button free, Complex Cards can display a balance or other kind of information without requiring any input from the card holder. The information is updated during the use of the card. For instance, in a transit card, key information such as the monetary value balance, the number of remaining trips or the expiry date of a transit pass can be displayed.

Transaction security

A Complex Card being deployed as a payment card can be equipped with capability to provide transaction security. Typically, online payments are made secure thanks to the Card Security Code (CSC), also known as card verification code (CVC2), or card verification value (CVV2). The card security code (CSC) is a 3 or 4 digits number printed on a credit or debit card, used as a security feature for card-not-present (CNP) payment card transactions to reduce the incidence of fraud.

The Card Security Code (CSC) is to be given to the merchant by the cardholder in order to complete a card-not-present transaction. The CSC is transmitted along with other transaction data and verified by the card issuer. The Payment Card Industry Data Security Standard (PCI DSS) prohibits the storage of the CSC by the merchant or any stakeholder in the payment chain. Although designed to be a security feature, the static CSC is susceptible to fraud as it can easily be memorized by a shop attendant, who could then use it for fraudulent online transactions or sale on the dark web.

This vulnerability has led the industry to develop a Dynamic Card Security Code (DCSC) that can be changed at certain time intervals, or after each contact or contactless EMV transaction. This Dynamic CSC brings significantly better security than a static CSC.

The first generation of Dynamic CSC cards, developed by NagraID Security required a battery, a quartz and Real Time Clock (RTC) embedded within the card to power the computation of a new Dynamic CSC, after expiration of the programmed period.

The second generation of Dynamic CSC cards, developed by Ellipse World, Inc. , does not require any battery, quartz, or RTC to compute and display the new dynamic code. Instead, the card obtains its power either through the usual card connector or by induction during every EMV transaction from the Point of Sales (POS) terminal or Automated Teller Machine (ATM) to compute a new DCSC.

The Dynamic CSC, also called dynamic cryptogram, is marketed by several companies, under different brand names:

  • MotionCode, first developed by NagraID Security, a company later acquired by Idemia,
  • DCV, the solution offered by Thales,
  • EVC (Ellipse Verification Code) by Ellipse, a Los Angeles, USA based company.

The advantage of the Dynamic Card Security Code (DCSC) is that new information is transmitted with the payment transactions, thus making it useless for a potential fraudster to memorize or store it. A transaction with a Dynamic Card Security Code is carried out exactly the same way, with the same processes and use of parameters as a transaction with a static code in a card-not-present transaction. Upgrading to a DCSC allows cardholders and merchants to continue their payment habits and processes undisturbed.

User authentication

Complex Cards can be equipped with biometric sensors allowing for stronger user authentication. In the typical use case, fingerprint sensors are integrated into a payment card to bring a higher level of user authentication than a PIN.

In order to implement user authentication using a fingerprint enabled smart card, the user has to authenticate himself/herself to the card by means of the fingerprint before starting a payment transaction.

Several companies offer cards with fingerprint sensors:

Components

Complex Cards can incorporate a wide variety of components. The choice of components drives functionality, influences cost, power supply needs, and manufacturing complexity.

Buttons

Depending on Complex Card types, buttons have been added to allow an easy interaction between the user and the card. Typically, these buttons are used to:

  • Select one action, such as which account to obtain the balance, or the unit (e.g. currency or number of trips) in which the information is displayed,
  • Enter numeric data via the addition of a digital keypad,
  • Enter text data via the addition of an alphanumeric keyboard.

While separate keys have been used on prototypes in the early days, capacitive keyboards are the most popular solution now, thanks to technology developments by AudioSmartCard International SA.

The interaction with a capacitive keyboard requires constant power, therefore a battery and a mechanical button are required to activate the card.

Buzzer

The first Complex Cards were equipped with a buzzer that made it possible to broadcast sound. This feature was generally used over the phone to send identification data such as an identifier and One-Time Passwords (OTPs). Technologies used for sound transmission include DTMF (Dual-tone multi-frequency signaling) or FSK (Frequency-shift keying).

Companies that offered cards with buzzers include:

  • AudioSmartCard,
  • nCryptone,
  • Prosodie,
  • Société d'exploitation du jeton sécurisé – SEJS.
Display

Displaying data is an essential part of Complex Card functionalities. Depending on the information that needs to be shown, displays can be digital or alphanumeric and of varying lengths. Displays can be located either on the front or back of the card. A front display is the most common solution for showing information such as a One-Time Password or an electronic purse balance. A rear display is more often used for showing a Dynamic Card Security Code (DCSC).

Displays can be made using two technologies:

  • Liquid-crystal display (LCD) : LCDs are easily available from a wide variety of suppliers, and they are able to display either digits or alphabetical data. However, to be fitted in a complex smart card, LCDs need to have a certain degree of flexibility. Also, LCDs need to be powered to keep information displayed.
  • Bistable displays, also known as Ferroelectric liquid crystal displays, are increasingly used as they only require power to refresh the displayed information. The displayed data remains visible, without the need for of any power supply. Bistable displays are also available in a variety of specifications, displaying digits or pixels. Bistable displays are available from E Ink Corporation among others.
Cryptoprocessor

If a Complex smart Card is dedicated to making cryptographic computations such as generating a One-Time Password, it may require a secure cryptoprocessor.

Power supply

As Complex Cards contain more components than traditional smart cards, their power consumption must be carefully monitored.

First generation Complex Cards require a power supply even in standby mode. As such, product designers generally included a battery in their design. Incorporating a battery creates an additional burden in terms of complexity, cost, space and flexibility in an already dense design. Including a battery in a Complex Card increases the complexity of the manufacturing process as a battery cannot be hot laminated.

Second generation Complex Cards feature a battery-free design. These cards harvest the necessary power from external sources; for example when the card interacts in a contact or contactless fashion with a payment system or an NFC-enabled smartphone. The use of a bistable display in the card design ensures that the screen remains legible even when the Complex Card is unconnected to the power source.

Manufacturing

Complex Card manufacturing methods are inherited from the smart card industry and from the electronics mounting industry. As Complex Cards incorporate several components while having to remain within 0.8 mm thickness and be flexible, and to comply with the ISO/IEC 7810, ISO/IEC 7811 and ISO/IEC 7816 standards, renders their manufacture more complex than standard smart cards.

One of the most popular manufacturing processes in the smart card industry is lamination. This process involves laminating an inlay between two card faces. The inlay contains the needed electronic components with an antenna printed on an inert support.

Typically battery-powered Complex Cards require a cold lamination manufacturing process. This process impacts the manufacturing lead time and the whole cost of such a Complex Card.

Second generation, battery-free Complex Cards can be manufactured by existing hot lamination process. This automated process, inherited from traditional smart card manufacturing, enables the production of Complex Cards in large quantities while keeping costs under control, a necessity for the evolution from a niche to a mass market.

Card life cycle

As with standard smart cards, Complex Cards go through a lifecycle comprising the following steps:

  • Manufacturing,
  • Personalization,
  • User enrollment, if needed by the application,
  • Provisioning,
  • Active life,
  • Cancellation,
  • Recycling / destruction.

As Complex Cards bring more functionalities than standard smart cards and, due to their complexity, their personalization can take longer or require more inputs. Having Complex Cards that can be personalized by the same machines and the same processes as regular smart cards allows them to be integrated more easily in existing manufacturing chains and applications.

First generation, battery-operated Complex Cards require specific recycling processes, mandated by different regulatory bodies. Additionally, keeping battery-operated Complex Cards in inventory for extended periods of time may reduce their performance due to battery ageing.

Second-generation battery-free technology ensures operation during the entire lifetime of the card and eliminates self-discharge, providing extended shelf life, and is more eco-friendly.

History and major players

Since the inception of smart cards, innovators have been trying to add extra features. As technologies have matured and have been industrialized, several smart card industry players have been involved in Complex Cards.

The Complex Card concept began in 1999 when Cyril Lalo and Philippe Guillaud, its inventors, first designed a smart card with additional components. The first prototype was developed collaboratively by Cyril Lalo, who was the CEO of AudioSmartCard at the time, and Henri Boccia and Philippe Patrice, from Gemplus. The prototype included a button and audio functions on a 0.84mm thick ISO 7810-compliant card .

Since then, Complex Cards have been mass-deployed primarily by NagraID Security.

AudioSmartCard

AudioSmartCard International SA was instrumental in developing the first Complex Card that included a battery, a piezoelectric buzzer, a button, and audio functions all on a 0.84mm thick, ISO 7810-compatible card.

AudioSmartCard was founded in 1993 and specialized in the development and marketing of acoustic tokens incorporating security features. These acoustic tokens exchanged data in the form of sounds transmitted over a phone line. In 1999, AudioSmartCard transitioned to a new leadership under Cyril Lalo and Philippe Guillaud, who also became major shareholders. They made AudioSmartCard evolve towards the smart card world. In 2003 Prosodie, a subsidiary of Capgemini, joined the shareholders of AudioSmartCard.

AudioSmartCard was renamed nCryptone, in 2004.

CardLab Innovation

CardLab Innovation, incorporated in 2006 in Herlev, Denmark, specializes in Complex Cards that include a switch, a biometric reader, an RFID jammer, and one or more magstripes. The company works with manufacturing partners in China and Thailand and owns a card lamination factory in Thailand.

Coin

Coin was a US-based startup founded in 2012 by Kanishk Parashar. It developed a Complex Card capable of storing the data of several credit and debit cards. The card prototype was equipped with a display[full citation needed] and a button that enabled the user to switch between different cards. In 2015, the original Coin card concept evolved into Coin 2.0 adding contactless communication to its original magstripe emulation.

Coin was acquired by Fitbit in May 2016 and all Coin activities were discontinued in February 2017.

Ellipse World, Inc.

Ellipse World, Inc. was founded in 2017 by Cyril Lalo and Sébastien Pochic, both recognized experts in Complex Card technology. Ellipse World, Inc. specializes in battery-free Complex Card technology.

The Ellipse patented technologies enable smart card manufacturers to use their existing dual interface payment card manufacturing process and supply chain to build battery-free, second generation Complex Cards with display capabilities. Thanks to this ease of integration, smart card vendors are able to address banking, transit and prepaid cards markets.

EMue Technologies

EMue Technologies, headquartered in Melbourne, Australia, designed and developed authentication solutions for the financial services industry from 2009 to 2015. The company’s flagship product, developed in collaboration with Cyril Lalo and Philippe Guillaud , was the eMue Card, a Visa CodeSure credit card with an embedded keypad, a display and a microprocessor.

Feitian Technologies

Feitian Technologies, a China-based company created in 1998, provides cyber security products and solutions. The company offers security solutions based on smart cards as well as other authentication devices. These include Complex Cards, that incorporate a display, a keypad or a fingerprint sensor.

Fingerprint Cards

Fingerprint Cards AB (or Fingerprints) is a Swedish company specializing in biometric solutions. The company sells biometric sensors and has recently introduced payment cards incorporating a fingerprint sensor such as the Zwipe card, a biometric dual-interface payment card using an integrated sensor from Fingerprints.

Giesecke+Devrient

Giesecke & Devrient, also known as G+D, is a German company headquartered in Munich that provides banknotes, security printing, smart cards and cash handling systems. Its smart card portfolio includes display cards, OTP cards, as well as cards displaying a Dynamic CSC.

Gemalto

Gemalto, a division of Thales Group, is a major player in the secure transaction industry. The company’s Complex Card portfolio includes cards with a display or a fingerprint sensor. These cards may display an OTP or a Dynamic CSC.

Idemia

Idemia is the product of the 2017 merger of Oberthur Technologies and Morpho. The combined company has positioned itself as a global provider of financial cards, SIM cards, biometric devices as well as public and private identity solutions. Due to Oberthur’s acquisition of NagraID Security in 2014, Idemia’s Complex Card offerings include the F.CODE biometric payment card that includes a fingerprint sensor, and its battery-powered Motion Code card that displays a Dynamic CSC.

Idex

Idex Biometrics ASA, incorporated in Norway, specializes in fingerprint identification technologies for personal authentication. The company offers fingerprint sensors and modules that are ready to be embedded into cards.

Innovative Card Technologies

Founded in 2002, by Alan Finkelstein, Innovative Card Technologies developed and commercialized enhancements for the smart card market. The company acquired the display card assets of nCryptone in 2006. Innovative Card Technologies has ceased its activities.

NagraID

Nagra ID, now known as NID, was a wholly-owned subsidiary of the Kudelski Group until 2014. NID can trace its history with Complex Cards back to 2003 when it collaborated on development with nCryptone. Nagra ID was instrumental in developing the cold lamination process for Complex Cards manufacturing.

Nagra ID manufactures Complex Cards that can include a battery, buttons, displays or other electronic components.

NagraID Security

Nagra ID Security began in 2008 as a spinoff of Nagra ID to focus on Complex Card development and manufacturing. The company was owned by Kudelski Group (50%), Cyril Lalo (25%) and Philippe Guillaud (25%).

NagraID Security quickly became a leading player in the adoption of Complex Cards due, in large part, to its development of MotionCode cards that featured a small display to enable a Card Security Code (CVV2).

NagraID Security was the first Complex Cards manufacturer to develop a mass market for payment display cards. Their customers included:

  • ABSA, South Africa,
  • Banco Bicentenario, Venezuela,
  • Banco MontePaschi, Belgium,
  • Erste Bank, Croatia,
  • Getin Bank, Poland,
  • Standard Chartered Bank, Singapore.

NagraID Security also delivered One-Time Password cards to companies including:

  • Bank of America,
  • HID Security,
  • Paypal,
  • RSA Security,
  • Verisign.

In 2014, NagraID Security was sold to Oberthur Technologies (now Idemia).

nCryptone

nCryptone emerged in 2004 from the renaming of AudioSmartCard. nCryptone was headed by Cyril Lalo and Philippe Guillaud and developed technologies around authentication servers and devices.

nCryptone display card assets were acquired by Innovative Card Technologies in 2006.

Oberthur Technologies, now Idemia

Oberthur Technologies, now Idemia, is one of the major players in the secure transactions industry. It acquired the business of NagraID Security in 2014. Oberthur then merged with Morpho and the combined entity was renamed Idemia in 2017.

Major references in the Complex Cards business include:

  • BPCE Group, France,
  • Orange Bank, France,
  • Société Générale, France.

Plastc

Set up in 2009, Plastc announced a single card that could digitally hold the data of up to 20 credit or debit cards. The company succeeded in raising US$9 million through preorders but failed to deliver any product. Plastc was then acquired in 2017 by Edge Mobile Payments, a Santa Cruz-based Fintech company. The Plastc project continues as the Edge card, a dynamic payment card that consolidates several payment cards in one device. The card is equipped with a battery and an ePaper screen and can store data from up to 50 credit, debit, loyalty and gift cards.

Stratos

Stratos was created in 2012 in Ann Arbor, Michigan, USA. In 2015, Stratos developed the Stratos Bluetooth Connected Card, which was designed to integrate up to three credit and debit card in a single card format and featured a smartphone app used to manage the card. Due to its Lithium ion thin film battery, the Stratos card was equipped with LEDs and communicated in contactless mode and in Bluetooth low Energy.

In 2017 Stratos was acquired by CardLab Innovation, a company headquartered in Herlev, Denmark.

Swyp

SWYP was the brand name of a card developed by Qvivr, a company incorporated in 2014 in Fremont, California. SWYP was introduced in 2015 and dubbed the world’s first smart wallet. SWYP was a metal card with the ability to combine over 25 credit, debit, gift and loyalty cards. The card worked in conjunction with a smartphone app used to manage the cards. The Swyp card included a battery, a button and a matrix display that showed which card was in use. The company registered users in its beta testing program, but the product never shipped on a commercial scale.

Qvivr raised US$5 million in January 2017 and went out of business in November 2017.

Businesses

Complex Cards have been adopted by numerous financial institutions worldwide. They may include different functionalities such as payment cards (credit, debit, prepaid), One-Time Password, mass-transit, and dynamic Card Security Code (CVV2).

Complex Card technology is used by numerous financial institutions including:

  • ABSA, South Africa,
  • Banca MontePaschi Belgio,
  • Bank of America, USA,
  • BPCE Group, France,
  • Carpatica Bank, Romania,
  • Credit Europe Bank, Romania,
  • Erste&Steiermärkische Ban, Croatia
  • Getin Bank, Poland,
  • Newcastle Banking Society, UK,
  • Orange Bank, France,
  • Paypal, USA,
  • Sinopac, Taiwan,
  • Société Générale, France,
  • Standard Chartered Bank, Singapore,
  • Symantec,
  • TEB, Turkey.

A smart card may have the following generic characteristics:

Since April 2009, a Japanese company has manufactured reusable financial smart cards made from paper.

Internal structure

Data structures

As mentioned above, data on a smart card may be stored in a file system (FS). In smart card file systems, the root directory is called the "master file" ("MF"), subdirectories are called "dedicated files" ("DF"), and ordinary files are called "elementary files" ("EF").

Logical layout

The file system mentioned above is stored on an EEPROM (storage or memory) within the smartcard. In addition to the EEPROM, other components may be present, depending upon the kind of smartcard. Most smartcards have one of three logical layouts:

  • EEPROM only.
  • EEPROM, ROM, RAM, and microprocessor.
  • EEPROM, ROM, RAM, microprocessor, and crypto-module.

In cards with microprocessors, the microprocessor sits inline between the reader and the other components. The operating system that runs on the microprocessor mediates the reader's access to those components in order to prevent unauthorized access.

Physical interfaces

Contact smart cards

Illustration of smart-card structure and packaging
4 by 4 mm silicon chip in a SIM card, which was peeled open. Note the thin gold bonding wires and the regular, rectangular digital-memory areas.
Smart-card reader on a laptop
A smart-card pinout. VCC: Power supply. RST: Reset signal, used to reset the card's communications. CLK: Provides the card with a clock signal, from which data communications timing is derived. GND: Ground (reference voltage). VPP: ISO/IEC 7816-3:1997 designated this as a programming voltage: an input for a higher voltage to program persistent memory (e.g., EEPROM). ISO/IEC 7816-3:2006 designates it SPU, for either standard or proprietary use, as input and/or output. I/O: Serial input and output (half-duplex). C4, C8: The two remaining contacts are AUX1 and AUX2 respectively and are used for USB interfaces and other uses. However, the usage defined in ISO/IEC 7816-2:1999/Amd 1:2004 may have been superseded by ISO/IEC 7816-2:2007.
Contact-type smart cards may have many different contact pad layouts, such as these SIMs.

Contact smart cards have a contact area of approximately 1 square centimetre (0.16 sq in), comprising several gold-plated contact pads. These pads provide electrical connectivity when inserted into a reader, which is used as a communications medium between the smart card and a host (e.g., a computer, a point of sale terminal) or a mobile telephone. Cards do not contain batteries; power is supplied by the card reader.

The ISO/IEC 7810 and ISO/IEC 7816 series of standards define:

  • physical shape and characteristics,
  • electrical connector positions and shapes,
  • electrical characteristics,
  • communications protocols, including commands sent to and responses from the card,
  • basic functionality.

Because the chips in financial cards are the same as those used in subscriber identity modules (SIMs) in mobile phones, programmed differently and embedded in a different piece of PVC, chip manufacturers are building to the more demanding GSM/3G standards. So, for example, although the EMV standard allows a chip card to draw 50 mA from its terminal, cards are normally well below the telephone industry's 6 mA limit. This allows smaller and cheaper financial card terminals.

Communication protocols for contact smart cards include T=0 (character-level transmission protocol, defined in ISO/IEC 7816-3) and T=1 (block-level transmission protocol, defined in ISO/IEC 7816-3).

Contactless smart cards

Contactless smart cards communicate with readers under protocols defined in the ISO/IEC 14443 standard. They support data rates of 106–848 kbit/s. These cards require only proximity to an antenna to communicate. Like smart cards with contacts, contactless cards do not have an internal power source. Instead, they use a loop antenna coil to capture some of the incident radio-frequency interrogation signal, rectify it, and use it to power the card's electronics. Contactless smart media can be made with PVC, paper/card and PET finish to meet different performance, cost and durability requirements.

APDU transmission by a contactless interface is defined in ISO/IEC 14443-4.

Hybrids

A hybrid smart card, which clearly shows the antenna connected to the main chip

Hybrid cards implement contactless and contact interfaces on a single card with unconnected chips including dedicated modules/storage and processing.

Dual-interface

Dual-interface cards implement contactless and contact interfaces on a single chip with some shared storage and processing. An example is Porto's multi-application transport card, called Andante, which uses a chip with both contact and contactless (ISO/IEC 14443 Type B) interfaces. Numerous payment cards worldwide are based on hybrid card technology allowing them to communicate in contactless as wall as contact modes.

USB

The CCID (Chip Card Interface Device) is a USB protocol that allows a smart card to be interfaced to a computer using a card reader which has a standard USB interface. This allows the smart card to be used as a security token for authentication and data encryption such as Bitlocker. A typical CCID is a USB dongle and may contain a SIM.

Logical interfaces

Reader side

Different smart cards implement one or more reader-side protocols. Common protocols here include CT-API and PC/SC.

Application side

Smartcard operating systems may provide application programming interfaces (APIs) so that developers can write programs ("applications") to run on the smartcard. Some such APIs, such as Java Card, allow programs to be uploaded to the card without replacing the card's entire operating system.

Financial

Smart cards serve as credit or ATM cards, fuel cards, mobile phone SIMs, authorization cards for pay television, household utility pre-payment cards, high-security identification and access badges, and public transport and public phone payment cards.

Smart cards may also be used as electronic wallets. The smart card chip can be "loaded" with funds to pay parking meters, vending machines or merchants. Cryptographic protocols protect the exchange of money between the smart card and the machine. No connection to a bank is needed. The holder of the card may use it even if not the owner. Examples are Proton, Geldkarte, Chipknip and Moneo. The German Geldkarte is also used to validate customer age at vending machines for cigarettes.

These are the best known payment cards (classic plastic card):

  • Visa: Visa Contactless, Quick VSDC, "qVSDC", Visa Wave, MSD, payWave
  • Mastercard: PayPass Magstripe, PayPass MChip
  • American Express: ExpressPay
  • Discover: Zip
  • Unionpay: QuickPass

Roll-outs started in 2005 in the U.S. Asia and Europe followed in 2006. Contactless (non-PIN) transactions cover a payment range of ~$5–50. There is an ISO/IEC 14443 PayPass implementation. Some, but not all, PayPass implementations conform to EMV.

Non-EMV cards work like magnetic stripe cards. This is common in the U.S. (PayPass Magstripe and Visa MSD). The cards do not hold or maintain the account balance. All payment passes without a PIN, usually in off-line mode. The security of such a transaction is no greater than with a magnetic stripe card transaction.[citation needed]

EMV cards can have either contact or contactless interfaces. They work as if they were a normal EMV card with a contact interface. Via the contactless interface they work somewhat differently, in that the card commands enabled improved features such as lower power and shorter transaction times. EMV standards include provisions for contact and contactless communications. Typically modern payment cards are based on hybrid card technology and support both contact and contactless communication modes.

SIM

The subscriber identity modules used in mobile-phone systems are reduced-size smart cards, using otherwise identical technologies.

Identification

Smart-cards can authenticate identity. Sometimes they employ a public key infrastructure (PKI). The card stores an encrypted digital certificate issued from the PKI provider along with other relevant information. Examples include the U.S. Department of Defense (DoD) Common Access Card (CAC), and other cards used by other governments for their citizens. If they include biometric identification data, cards can provide superior two- or three-factor authentication.

Smart cards are not always privacy-enhancing, because the subject may carry incriminating information on the card. Contactless smart cards that can be read from within a wallet or even a garment simplify authentication; however, criminals may access data from these cards.

Cryptographic smart cards are often used for single sign-on. Most advanced smart cards include specialized cryptographic hardware that uses algorithms such as RSA and Digital Signature Algorithm (DSA). Today's cryptographic smart cards generate key pairs on board, to avoid the risk from having more than one copy of the key (since by design there usually isn't a way to extract private keys from a smart card). Such smart cards are mainly used for digital signatures and secure identification.

The most common way to access cryptographic smart card functions on a computer is to use a vendor-provided PKCS#11 library.[citation needed] On Microsoft Windows the Cryptographic Service Provider (CSP) API is also supported.

The most widely used cryptographic algorithms in smart cards (excluding the GSM so-called "crypto algorithm") are Triple DES and RSA. The key set is usually loaded (DES) or generated (RSA) on the card at the personalization stage.

Some of these smart cards are also made to support the National Institute of Standards and Technology (NIST) standard for Personal Identity Verification, FIPS 201.

Turkey implemented the first smart card driver's license system in 1987. Turkey had a high level of road accidents and decided to develop and use digital tachograph devices on heavy vehicles, instead of the existing mechanical ones, to reduce speed violations. Since 1987, the professional driver's licenses in Turkey have been issued as smart cards. A professional driver is required to insert his driver's license into a digital tachograph before starting to drive. The tachograph unit records speed violations for each driver and gives a printed report. The driving hours for each driver are also being monitored and reported. In 1990 the European Union conducted a feasibility study through BEVAC Consulting Engineers, titled "Feasibility study with respect to a European electronic drivers license (based on a smart-card) on behalf of Directorate General VII". In this study, chapter seven describes Turkey's experience.

Argentina's Mendoza province began using smart card driver's licenses in 1995. Mendoza also had a high level of road accidents, driving offenses, and a poor record of recovering fines.[citation needed] Smart licenses hold up-to-date records of driving offenses and unpaid fines. They also store personal information, license type and number, and a photograph. Emergency medical information such as blood type, allergies, and biometrics (fingerprints) can be stored on the chip if the card holder wishes. The Argentina government anticipates that this system will help to collect more than $10 million per year in fines.

In 1999 Gujarat was the first Indian state to introduce a smart card license system. As of 2005, it has issued 5 million smart card driving licenses to its people.

In 2002, the Estonian government started to issue smart cards named ID Kaart as primary identification for citizens to replace the usual passport in domestic and EU use. As of 2010 about 1 million smart cards have been issued (total population is about 1.3 million) and they are widely used in internet banking, buying public transport tickets, authorization on various websites etc.

By the start of 2009, the entire population of Belgium was issued eID cards that are used for identification. These cards contain two certificates: one for authentication and one for signature. This signature is legally enforceable. More and more services in Belgium use eID for authorization.

Spain started issuing national ID cards (DNI) in the form of smart cards in 2006 and gradually replaced all the older ones with smart cards. The idea was that many or most bureaucratic acts could be done online but it was a failure because the Administration did not adapt and still mostly requires paper documents and personal presence.

On August 14, 2012, the ID cards in Pakistan were replaced. The Smart Card is a third generation chip-based identity document that is produced according to international standards and requirements. The card has over 36 physical security features and has the latest[clarification needed] encryption codes. This smart card replaced the NICOP (the ID card for overseas Pakistani).

Smart cards may identify emergency responders and their skills. Cards like these allow first responders to bypass organizational paperwork and focus more time on the emergency resolution. In 2004, The Smart Card Alliance expressed the needs: "to enhance security, increase government efficiency, reduce identity fraud, and protect personal privacy by establishing a mandatory, Government-wide standard for secure and reliable forms of identification". emergency response personnel can carry these cards to be positively identified in emergency situations. WidePoint Corporation, a smart card provider to FEMA, produces cards that contain additional personal information, such as medical records and skill sets.

In 2007, the Open Mobile Alliance (OMA) proposed a new standard defining V1.0 of the Smart Card Web Server (SCWS), an HTTP server embedded in a SIM card intended for a smartphone user. The non-profit trade association SIMalliance has been promoting the development and adoption of SCWS. SIMalliance states that SCWS offers end-users a familiar, OS-independent, browser-based interface to secure, personal SIM data. As of mid-2010, SIMalliance had not reported widespread industry acceptance of SCWS. The OMA has been maintaining the standard, approving V1.1 of the standard in May 2009, and V1.2 was expected to be approved in October 2012.

Smart cards are also used to identify user accounts on arcade machines.

Public transit

Main article: List of smart cards
SmartRider smart card (Transperth)

Smart cards, used as transit passes, and integrated ticketing are used by many public transit operators. Card users may also make small purchases using the cards. Some operators offer points for usage, exchanged at retailers or for other benefits. Examples include Singapore's CEPAS, Malaysia's Touch n Go, Ontario's Presto card, Hong Kong's Octopus card, London's Oyster card, Ireland's Leap card, Brussels' MoBIB, Québec's OPUS card, San Francisco's Clipper card, Auckland's AT Hop, Brisbane's go card, Perth's SmartRider, Sydney's Opal card and Victoria's myki. However, these present a privacy risk because they allow the mass transit operator (and the government) to track an individual's movement. In Finland, for example, the Data Protection Ombudsman prohibited the transport operator Helsinki Metropolitan Area Council (YTV) from collecting such information, despite YTV's argument that the card owner has the right to a list of trips paid with the card. Earlier, such information was used in the investigation of the Myyrmanni bombing.[citation needed]

The UK's Department for Transport mandated smart cards to administer travel entitlements for elderly and disabled residents. These schemes let residents use the cards for more than just bus passes. They can also be used for taxi and other concessionary transport. One example is the "Smartcare go" scheme provided by Ecebs. The UK systems use the ITSO Ltd specification. Other schemes in the UK include period travel passes, carnets of tickets or day passes and stored value which can be used to pay for journeys. Other concessions for school pupils, students and job seekers are also supported. These are mostly based on the ITSO Ltd specification.

Many smart transport schemes include the use of low cost smart tickets for simple journeys, day passes and visitor passes. Examples include Glasgow SPT subway. These smart tickets are made of paper or PET which is thinner than a PVC smart card e.g. Confidex smart media. The smart tickets can be supplied pre-printed and over-printed or printed on demand.

In Sweden, as of 2018-2019, smart cards have started to be phased out and replaced by smart phone apps. The phone apps have less cost, at least for the transit operators who don't need any electronic equipment (the riders provide that). The riders are able buy tickets anywhere and don't need to load money onto smart cards. The smart cards are still in use for foreseeable future (as of 2019).

Video games

In Japanese amusement arcades, contactless smart cards (usually referred to as "IC cards") are used by game manufacturers as a method for players to access in-game features (both online like Konami E-Amusement and Sega ALL.Net and offline) and as a memory support to save game progress. Depending on a case by case scenario, the machines can utilize a game-specific card or a "universal" one usable on multiple machines from the same manufacturer/publisher. Amongst the most widely used there are Banapassport by Bandai Namco, E-Amusement by Konami, Aime by Sega and Nesica by Taito.

In 2018, in an effort to make arcade game IC cards more user friendly, Konami, Bandai Namco and Sega have agreed on a unified system of cards named Amusement IC. Thanks this agreement, the three companies are now using a unified card reader in their arcade cabinets, so that players are able to use their card, no matter if a Banapassport, an e-Amusement Pass or an Aime, with hardware and ID services of all three manufacturers. A common logo for Amusement IC cards has been created, and this is now displayed on compatible cards from all three companies. In January 2019, Taito announced that his Nesica card was also joining the Amusement IC agreement with the other three companies.

Computer security

Smart cards can be used as a security token.

Mozilla's Firefox web browser can use smart cards to store certificates for use in secure web browsing.

Some disk encryption systems, such as VeraCrypt and Microsoft's BitLocker, can use smart cards to securely hold encryption keys, and also to add another layer of encryption to critical parts of the secured disk.

GnuPG, the well known encryption suite, also supports storing keys in a smart card.

Smart cards are also used for single sign-on to log on to computers.

Schools

Smart cards are being provided to students at some schools and colleges. Uses include:

  • Tracking student attendance
  • As an electronic purse, to pay for items at canteens, vending machines, laundry facilities, etc.
  • Tracking and monitoring food choices at the canteen, to help the student maintain a healthy diet
  • Tracking loans from the school library
  • Access control for admittance to restricted buildings, dormitories, and other facilities. This requirement may be enforced at all times (such as for a laboratory containing valuable equipment), or just during after-hours periods (such as for an academic building that is open during class times, but restricted to authorized personnel at night), depending on security needs.
  • Access to transportation services

Healthcare

Smart health cards can improve the security and privacy of patient information, provide a secure carrier for portable medical records, reduce health care fraud, support new processes for portable medical records, provide secure access to emergency medical information, enable compliance with government initiatives (e.g., organ donation) and mandates, and provide the platform to implement other applications as needed by the health care organization.

Other uses

Smart cards are widely used to encrypt digital television streams. VideoGuard is a specific example of how smart card security worked.

Multiple-use systems

The Malaysian government promotes MyKad as a single system for all smart-card applications. MyKad started as identity cards carried by all citizens and resident non-citizens. Available applications now include identity, travel documents, drivers license, health information, an electronic wallet, ATM bank-card, public toll-road and transit payments, and public key encryption infrastructure. The personal information inside the MYKAD card can be read using special APDU commands.

This section needs additional citations for verification. Please help improve this article by . Unsourced material may be challenged and removed.(February 2016) ()

Smart cards have been advertised as suitable for personal identification tasks, because they are engineered to be tamper resistant. The chip usually implements some cryptographic algorithm. There are, however, several methods for recovering some of the algorithm's internal state.

Differential power analysis involves measuring the precise time and electric current required for certain encryption or decryption operations. This can deduce the on-chip private key used by public key algorithms such as RSA. Some implementations of symmetric ciphers can be vulnerable to timing or power attacks as well.

Smart cards can be physically disassembled by using acid, abrasives, solvents, or some other technique to obtain unrestricted access to the on-board microprocessor. Although such techniques may involve a risk of permanent damage to the chip, they permit much more detailed information (e.g., photomicrographs of encryption hardware) to be extracted.

The benefits of smart cards are directly related to the volume of information and applications that are programmed for use on a card. A single contact/contactless smart card can be programmed with multiple banking credentials, medical entitlement, driver's license/public transport entitlement, loyalty programs and club memberships to name just a few. Multi-factor and proximity authentication can and has been embedded into smart cards to increase the security of all services on the card. For example, a smart card can be programmed to only allow a contactless transaction if it is also within range of another device like a uniquely paired mobile phone. This can significantly increase the security of the smart card.

Governments and regional authorities save money because of improved security, better data and reduced processing costs. These savings help reduce public budgets or enhance public services. There are many examples in the UK, many using a common open LASSeO specification.

Individuals have better security and more convenience with using smart cards that perform multiple services. For example, they only need to replace one card if their wallet is lost or stolen. The data storage on a card can reduce duplication, and even provide emergency medical information.

The first main advantage of smart cards is their flexibility. Smart cards have multiple functions which simultaneously can be an ID, a credit card, a stored-value cash card, and a repository of personal information such as telephone numbers or medical history. The card can be easily replaced if lost, and, the requirement for a PIN (or other form of security) provides additional security from unauthorised access to information by others. At the first attempt to use it illegally, the card would be deactivated by the card reader itself.

The second main advantage is security. Smart cards can be electronic key rings, giving the bearer ability to access information and physical places without need for online connections. They are encryption devices, so that the user can encrypt and decrypt information without relying on unknown, and therefore potentially untrustworthy, appliances such as ATMs. Smart cards are very flexible in providing authentication at different level of the bearer and the counterpart. Finally, with the information about the user that smart cards can provide to the other parties, they are useful devices for customizing products and services.

Other general benefits of smart cards are:

  • Portability
  • Increasing data storage capacity
  • Reliability that is virtually unaffected by electrical and magnetic fields.

Smart cards can be used in electronic commerce, over the Internet, though the business model used in current electronic commerce applications still cannot use the full karthngnof the electronic medium. An advantage of smart cards for electronic commerce is their use customize services. For example, in order for the service supplier to deliver the customized service, the user may need to provide each supplier with their profile, a boring and time-consuming activity. A smart card can contain a non-encrypted profile of the bearer, so that the user can get customized services even without previous contacts with the supplier.

A false smart card, with two 8-bit CMOS microcontrollers, used in the 1990s to decode the signals of Sky Television.

The plastic or paper card in which the chip is embedded is fairly flexible. The larger the chip, the higher the probability that normal use could damage it. Cards are often carried in wallets or pockets, a harsh environment for a chip and antenna in contactless cards. PVC cards can crack or break if bent/flexed excessively. However, for large banking systems, failure-management costs can be more than offset by fraud reduction.[citation needed]

The production, use and disposal of PVC plastic is known to be more harmful to the environment than other plastics. Alternative materials including chlorine free plastics and paper are available for some smart applications.

If the account holder's computer hosts malware, the smart card security model may be broken. Malware can override the communication (both input via keyboard and output via application screen) between the user and the application. Man-in-the-browser malware (e.g., the Trojan Silentbanker) could modify a transaction, unnoticed by the user. Banks like Fortis and Belfius in Belgium and Rabobank ("random reader") in the Netherlands combine a smart card with an unconnected card reader to avoid this problem. The customer enters a challenge received from the bank's website, a PIN and the transaction amount into the reader. The reader returns an 8-digit signature. This signature is manually entered into the personal computer and verified by the bank, preventing point-of-sale-malware from changing the transaction amount.

Smart cards have also been the targets of security attacks. These attacks range from physical invasion of the card's electronics, to non-invasive attacks that exploit weaknesses in the card's software or hardware. The usual goal is to expose private encryption keys and then read and manipulate secure data such as funds. Once an attacker develops a non-invasive attack for a particular smart card model, he or she is typically able to perform the attack on other cards of that model in seconds, often using equipment that can be disguised as a normal smart card reader. While manufacturers may develop new card models with additional information security, it may be costly or inconvenient for users to upgrade vulnerable systems. Tamper-evident and audit features in a smart card system help manage the risks of compromised cards.

Another problem is the lack of standards for functionality and security. To address this problem, the Berlin Group launched the ERIDANE Project to propose "a new functional and security framework for smart-card based Point of Interaction (POI) equipment".

  1. "ISO/IEC 7816-2:2007 – Assignment of contacts C4 and C8". www.iso.org. Retrieved2015-08-20.
  2. Multi-application Smart Cards. Cambridge University Press.
  3. Tait, Don (August 25, 2016). "Smart card IC shipments to reach 12.8 billion units in 2020". IHS Technology. IHS Markit. Retrieved24 October 2019.
  4. Chen, Zhiqun (2000).Java Card Technology for Smart Cards: Architecture and Programmer's Guide. Addison-Wesley Professional. pp. 3-4. ISBN 9780201703290.
  5. Lojek, Bo (2007). History of Semiconductor Engineering. Springer Science & Business Media. pp. 120 & 321–323. ISBN 9783540342588.
  6. Bassett, Ross Knox (2007). To the Digital Age: Research Labs, Start-up Companies, and the Rise of MOS Technology. Johns Hopkins University Press. p. 46. ISBN 9780801886393.
  7. Sah, Chih-Tang (October 1988). "Evolution of the MOS transistor-from conception to VLSI"(PDF). Proceedings of the IEEE. 76 (10): 1280–1326 (1290). Bibcode:1988IEEEP..76.1280S. doi:10.1109/5.16328. ISSN 0018-9219. Those of us active in silicon material and device research during 1956–1960 considered this successful effort by the Bell Labs group led by Atalla to stabilize the silicon surface the most important and significant technology advance, which blazed the trail that led to silicon integrated circuit technology developments in the second phase and volume production in the third phase.
  8. Veendrick, Harry J. M. (2017). Nanometer CMOS ICs: From Basics to ASICs. Springer. p. 315. ISBN 9783319475974.
  9. DE application 1574074, Gröttrup, Helmut, "Nachahmungssicherer Identifikationsschalter", published 1971-11-25
  10. AT patent 287366, Dethloff, Jürgen & Gröttrup, Helmut, "Identifizierungsschalter", issued 1971-01-21, assigned to Intelectron Patentverwaltung
  11. US patent 3641316, Dethloff, Jürgen & Gröttrup, Helmut, "Identification System", issued 1972-02-08
  12. US patent 3678250, Dethloff, Jürgen & Gröttrup, Helmut, "Identification Switch", issued 1972-07-18
  13. Böttge, Horst; Mahl, Tobias; Kamp, Michael (2013). Giesecke+Devrient (ed.). From Eurocheque Card to Mobile Security 1968-2012. Battenberg Gietl Verlag. ISBN 978-3866465497.
  14. Jurgensen, Timothy M.; Guthery, Scott B. (2002). Smart Cards: The Developer's Toolkit. Prentice Hall Professional. pp. 2–3. ISBN 9780130937308.
  15. "Monticello Memoirs Program". Computerworld honors. Archived from the original on 3 March 2016. Retrieved13 February 2012.
  16. "history of smartcard invention". Retrieved29 July 2016.
  17. "Espacenet – Original document". Worldwide.espacenet.com. 1978-08-08. Retrieved2014-02-13.
  18. Moneo's website (in French).
  19. EMVco
  20. "US learns from Malaysia, 10 years later". The Rakyat Post.
  21. https://corporate.target.com/article/2013/12/important-notice-unauthorized-access-to-payment-ca
  22. https://www.npr.org/sections/alltechconsidered/2014/01/23/264910138/target-hack-a-tipping-point-in-moving-away-from-magnetic-stripes
  23. https://www.thesslstore.com/blog/2013-target-data-breach-settled/
  24. Bernard, Alain. "Electronic telephone device". Google Patents. RetrievedApril 29, 2021.
  25. "AudioSmartCard". Infogreffe. French Commercial Court. Retrieved29 April 2021.
  26. Liau, Yun Qing (November 8, 2012). "MasterCard launching banking card with OTP capability". ZDNet. Retrieved12 May 2021.
  27. GamerStuff (24 January 2012). "CES 2012: Interview Cyril Lalo NagraID Security". YouTube. Retrieved12 May 2021.
  28. "Mastercard, Symantec and NagraID Security team up to provide further payment card security features". www.nagra.com. 14 February 2011. Retrieved12 May 2021.
  29. "RSA SecurID SD200 - hardware token Series Specs". CNet. Retrieved12 May 2021.
  30. Getin Bank (7 June 2013). "Getin Bank - poznaj nową Kartę Display do konta bankowego" (in Polish). YouTube. Retrieved21 May 2021.
  31. D'Albore, Antonio (5–6 October 2017). "The rise of biometric cards"(PDF). International Card Manufacturers Association. Embedded Security News. Retrieved2021-10-26.CS1 maint: date format (link)
  32. "Infogreffe - AudioSmartCard International SA". Infogreffe. French corporate register. Retrieved12 June 2021.
  33. "Bloomberg - nCryptone". Bloomberg. Bloomberg. Retrieved12 June 2021.
  34. "E Ink". E Ink. E Ink. Retrieved12 June 2021.
  35. "Company Information AudioSmartCard International SA". Infogreffe. French Registries at Commercial Courts. Retrieved16 July 2021.
  36. "Information about Prosodie Corporation". Infogreffe. French commercial court registries. Retrieved16 July 2021.
  37. "nCryptone Corporate Profile". Bloomberg. Bloomberg. Retrieved16 July 2021.
  38. "CardLab Innovation". CardLab Innovation. CardLab Innovation. Retrieved16 July 2021.
  39. Cipriani, Jason. "Coin adds NFC capabilities to its new all-in-one card". Fortune. Fortune. Retrieved16 July 2021.
  40. "LinkedIn: Kanishk Parashar". LinkedIn. LinkedIn.
  41. Statt, Nick. [Inside Coin's techie vision for the all-in-one credit card "Inside Coin's techie vision for the all-in-one credit card"] Check |url= value (). CNet. CNet. Retrieved16 July 2021.
  42. Statt, Nick. "Coin adds NFC capabilities to its new all-in-one card". CNet. CNet. Retrieved16 July 2021.
  43. Cooper, Daniel. "Fitbit buys Coin to help with mobile payments". Engadget. Engadget.
  44. Heater, Brian. "Coin will shut down its product services at the end of February". TechCrunch. TechCrunch. Retrieved16 July 2021.
  45. "Ellipse World Inc". Ellipse World Inc. Ellipse World Inc. Retrieved16 July 2021.
  46. "Emue Technologies". Emue Technologies. Emue Technologies. Retrieved16 July 2021.
  47. "LinkedIn: Emue Technologies". LinkedIn. LinkedIn. Retrieved16 July 2021.
  48. "Visa CodeSure gets commercial green light". Finextra. Finextra. Retrieved16 July 2021.
  49. "OTP Display Card". Feitian technologies. Feitian technologies. Retrieved16 July 2021.
  50. "Chip Embedded Card". Feitian Technologies. Feitian Technologies. Retrieved16 July 2021.
  51. "OTP Display Card". Feitian Technologies. Feitian Technologies. Retrieved16 July 2021.
  52. "Fingerprint Cards". Fingerprint Cards. Fingerprint Cards. Retrieved16 July 2021.
  53. "Biometrics: The missing piece of the contactless card puzzle"(PDF). Fingerprint Cards. Fingerprint Cards. Retrieved16 July 2021.
  54. "Zwipe Payment Card the World's Leading Biometric Payment Card". Fingerprint Cards. Fingerprint Cards. Retrieved16 July 2021.
  55. "Giesecke+Devrient". Giesecke+Devrient. Giesecke+Devrient. Retrieved16 July 2021.
  56. "Payments". Thales Group - Gemalto. Thales Group - Gemalto. Retrieved16 July 2021.
  57. "EMV Biometric Card". Thales Group - Gemalto. Thales Group - Gemalto. Retrieved16 July 2021.
  58. "SafeNet OTP Display Card". Thales Group - SafeNet. Thales Group - SafeNet. Retrieved16 July 2021.
  59. "Dynamic Code Verification". Thales Group - Gemalto. Thales Group - Gemalto. Retrieved16 July 2021.
  60. "Oberthur Technologies –Morpho becomes IDEMIA, the global leader in trusted identities". Idemia. Idemia. Retrieved16 July 2021.
  61. "Biometric payment card". Idemia. Idemia. Retrieved16 July 2021.
  62. "Motion Code". Idemia. Idemia. Retrieved16 July 2021.
  63. "Fingerprint sensor manufacturer". Idex Biometrics. Idex Biometrics. Retrieved16 July 2021.
  64. "What is a fingerprint sensor module?". Idex Biometrics. Idex Biometrics. Retrieved16 July 2021.
  65. "XH Smart Tech showcasing dual-interface biometric card with IDEX sensor at Mobile World Congress in Barcelona". Idex Biometrics. Idex Biometrics. Retrieved16 July 2021.
  66. "nCryptone monte au capital d'Innovative Card Technologies" (in French). JDN. 30 June 2006. Retrieved16 July 2021.
  67. "NID". NID. NID. Retrieved16 July 2021.
  68. "Complex Cards". NID. NID. Retrieved16 July 2021.
  69. "MasterCard and Absa Introduce Next Generation Payment Card, a First for APMEA". MasterCard. MasterCard. Retrieved16 July 2021.
  70. "Philippe Guillaud". Epita. Epita. Retrieved16 July 2021.
  71. "nCryptone acquiert IC Tech" (in French). Les Echos Investir. June 30, 2006. Retrieved16 July 2021.
  72. "BPCE Group and Oberthur Technologies launch a world-exclusive innovation: the first dynamic cryptogram payment card". BPCE. BPCE. Retrieved16 July 2021.
  73. "Orange Bank : une carte Visa Premium avec cryptogramme dynamique et Apple Pay" (in French). iGen. March 7, 2019. Retrieved16 July 2021.
  74. "1 million MOTION CODE online transactions with Société Générale". Idemia. Idemia. Retrieved16 July 2021.
  75. Hales, Brett (May 12, 2017). "R.I.P Plastc and Coin. Death of the 'smartcard' industry". Hackernoon.
  76. Schubarth, Cromwell (April 21, 2017). "Palo Alto 'smart' credit card startup shutters after taking $9M in pre-orders". Biz Journals. Retrieved16 July 2021.
  77. "Edge Mobile Payments Acquires Plastc Assets". Edge. Edge. Retrieved16 July 2021.
  78. "Edge Mobile Payments". Edge Mobile Payments. Retrieved16 July 2021.
  79. "EDGE Mobile Payments Announces Development of the EDGE Card". EDGE Mobile Payments. EDGE Mobile Payments. Retrieved16 July 2021.
  80. "Stratos". Stratos. Stratos. Retrieved16 July 2021.
  81. Cipriani, Jason (May 13, 2015). "One card to rule them all? Stratos smart card replaces the need for a wallet". Fortune. Retrieved16 July 2021.
  82. "Stratos Connected Card Platform Acquired by CardLab Innovations". Stratos. Stratos. Retrieved16 July 2021.
  83. "Swyp". Swyp. Swyp. Retrieved16 July 2021.
  84. Magistretti, Bérénice (January 31, 2017). "Mobile payment startup Qvivr raises $5 million led by Khosla Ventures". VentureBeat. Retrieved16 July 2021.
  85. "MasterCard and Absa Introduce Next Generation Payment Card, a First for APMEA". MasterCard. MasterCard. November 28, 2012. Retrieved17 July 2021.
  86. "World first for Belgium: Banca Monte Paschi Belgio and MasterCard launch the first payment card combining debit, credit, display screen and contactless payment facilities". MasterCard. MasterCard. 23 October 2012. Retrieved17 July 2021.
  87. "Bank of America unveils SafePass card". Finextra. Finextra. 24 November 2008. Retrieved17 July 2021.
  88. Verdict Staff (May 21, 2015). "BPCE, Oberthur to pilot first dynamic cryptogram payment card". Cards International. Retrieved17 July 2021.
  89. "Carpatica Bank launches display card in Romania". Business Review, Romania. 6 December 2011. Retrieved17 July 2021.
  90. "MasterCard Drives Growth in Its Display Card Programme with Bank Launches in Romania". MasterCard. MasterCard. 15 November 2011. Retrieved17 July 2021.
  91. "Erste Maestro PayPass Display Card"(PDF). Erste Bank. Erste Bank. Retrieved17 July 2021.
  92. Getin Bank (June 7, 2013). "Getin Bank - poznaj nową Kartę Display do konta bankowego"(Video). YouTube (in Polish). YouTube. Retrieved17 July 2021.
  93. Grant, Ian (14 Jun 2010). "Newcastle Banking Society debuts smart display cards". Computer Weekly. Retrieved17 July 2021.
  94. Smith, Josh (August 4, 2010). "PayPal security key card - is it worth it?". AOL. Retrieved17 July 2021.
  95. "Taiwan's Bank SinoPac issues credit cards with digital display". Finextra. 14 October 2010. Retrieved17 July 2021.
  96. "1 Million MOTION CODE? Online Transactions With Société Générale". El Economista. 17 October 2017.
  97. Liau, Yun Qing (November 8, 2012). "MasterCard launching banking card with OTP capability". ZDNet. ZDNet.
  98. Parrish, Kevin (November 8, 2012). "MasterCard Electronic Display Cards Finally Go Mainstream". Tom's Guide. Retrieved17 July 2021.
  99. "MasterCard, Symantec and NagraID Security team on display card". Finextra. Finextra. 15 February 2011.
  100. "Türk Ekonomi Bankası (TEB) has launched a new digital banking service". CardFlash. 27 April 2015. Retrieved17 July 2021.
  101. "development of the "KAMICARD" IC card made from recyclable and biodegradable paper". Toppan Printing Company. Archived from the original on 2009-02-27. Retrieved2009-03-27.
  102. Kiliçli, Tolga (2001-09-19). "Smart Card HOWTO". Archived from the original on 2009-06-15. Retrieved2020-11-28.
  103. ISO/IEC 7816-2:1999/Amd 1:2004 Assignment of contacts C4 and C8.
  104. ISO/IEC 7816-2:2007. Identification cards – Integrated circuit cards – Part 2: Cards with contacts – Dimensions and location of the contacts.
  105. "About Smart Cards: Introduction: Primer". Secure Technology Alliance. Retrieved7 August 2017.
  106. Smart Card License System
  107. "Smart Card Driving License System in Gujarat"
  108. "Taalkeuze/Choix de langue fedict.belgium.be". Eid.belgium.be. Retrieved2014-02-13.
  109. http://www.eldiario.es/turing/dni-electronico-dnie_0_179182675.html.Missing or empty |title= ()
  110. http://www.ticbeat.com/tecnologias/reportaje-dni-electronico/.Missing or empty |title= ()
  111. "FRACASO DEL DNI ELECTRONICO". A las pruebas me remito (in Spanish). 2015-05-04. Retrieved2018-06-06. FAILURE OF THE ELECTRONIC ID
  112. "El DNI electrónico ha muerto: ¡larga vida al DNI 3.0!" (in Spanish). The electronic DNI has died: long live the DNI 3.0!
  113. "Emergency Response Official Credentials: An Approach to Attain Trust in Credentials across Multiple Jurisdictions for Disaster Response and Recovery". January 3, 2011.
  114. "OMA Newsletter 2007 Volume 2". RetrievedMarch 20, 2012.
  115. Martin, Christophe (30 June 2010). "Update from SIMalliance on SCWS". RetrievedMarch 20, 2012.
  116. "OMA Smart Card Web Server (SCWS)". Archived from the original on November 1, 2012. RetrievedJune 10, 2021.
  117. "What is "Aime"?". RetrievedAugust 6, 2017.
  118. Octopus Card Benefits
  119. "Smartcare go". Retrieved24 September 2012.
  120. "Smart Tickets". Retrieved24 April 2018.
  121. "Konami Amusement, Sega Interactive, and Bandai Namco Entertainment Agree on Unified System for Arcade Game IC Cards". Retrieved10 June 2020.
  122. "タイトー、「アミューズメントICカード」規格に参入決定。タイトー対応タイトル第1弾は「ストV タイプアーケード」". Retrieved10 June 2020.
  123. Mozilla certificate store
  124. smartcard howto for GNUPG
  125. Varghese, Sam (2004-12-06). "Qld schools benefit from smart cards". The Age.
  126. CreditCards.com (2009-10-27). "Cashless lunches come to Australian schools". Australia.creditcards.com. Archived from the original on 2010-11-29. Retrieved2014-02-13.
  127. "News Release - Smart card technology to monitor smart food choices in schools". Ifr.ac.uk. 2005-07-14. Archived from the original on 2005-11-20. Retrieved2014-02-13.
  128. Smartcardalliance.org
  129. Fernández-Alemán, José Luis; Señor, Inmaculada Carrión; Lozoya, Pedro Ángel Oliver; Toval, Ambrosio (2013). "Security and privacy in electronic health records: A systematic literature review". Journal of Biomedical Informatics. Elsevier BV. 46 (3): 541–562. doi:10.1016/j.jbi.2012.12.003. ISSN 1532-0464. PMID 23305810. Recent years have witnessed the design of standards and the promulgation of directives concerning security and privacy in EHR systems. However, more work should be done to adopt these regulations and to deploy secure EHR systems.
  130. MYKAD SDK
  131. "PVC free". Greepeace. Retrieved24 April 2018.
  132. Bar-El, Hagai. "Known Attacks Against Smartcards"(PDF). Discretix Technologies Ltd. RetrievedFebruary 20, 2013.
  133. "Related Initiatives". Home web for The Berlin Group. The Berlin Group. 2005-08-01. Archived from the original on 2006-05-07. Retrieved2007-12-20.
Wikimedia Commons has media related toSmart cards.

Smart card
Smart card Language Watch Edit 160 160 Redirected from Smartcard It has been suggested that this article be split into a new article titled Complex smart card Discuss January 2021 This article s lead section may be too short to adequately summarize the key points Please consider expanding the lead to provide an accessible overview of all important aspects of the article June 2012 A smart card chip card or integrated circuit card ICC or IC card is a physical electronic authorization device used to control access to a resource It is typically a plastic credit card sized card with an embedded integrated circuit IC chip 1 Many smart cards include a pattern of metal contacts to electrically connect to the internal chip Others are contactless and some are both Smart cards can provide personal identification authentication data storage and application processing 2 Applications include identification financial mobile phones SIM public transit computer security schools and healthcare Smart cards may provide strong security authentication for single sign on SSO within organizations Numerous nations have deployed smart cards throughout their populations Finnish national identity card The universal integrated circuit card or SIM card is also a type of smart card As of 2015 update 10 5 billion smart card IC chips are manufactured annually including 5 44 billion SIM card IC chips 3 Contents 1 History 1 1 Invention 1 2 Carte bleue 1 3 EMV 1 4 Development of contactless systems 1 5 Complex smart cards 1 5 1 Functionalities 1 5 1 1 One time password 1 5 1 2 Account information 1 5 1 3 Transaction security 1 5 1 4 User authentication 1 5 2 Components 1 5 2 1 Buttons 1 5 2 2 Buzzer 1 5 2 3 Display 1 5 2 4 Cryptoprocessor 1 5 2 5 Power supply 1 5 3 Manufacturing 1 5 4 Card life cycle 1 6 History and major players 1 6 1 AudioSmartCard 1 6 2 CardLab Innovation 1 6 3 Coin 1 6 4 Ellipse World Inc 1 6 5 EMue Technologies 1 6 6 Feitian Technologies 1 6 7 Fingerprint Cards 1 6 8 Giesecke Devrient 1 6 9 Gemalto 1 6 10 Idemia 1 6 11 Idex 1 6 12 Innovative Card Technologies 1 6 13 NagraID 1 6 14 NagraID Security 1 6 15 nCryptone 1 6 16 Oberthur Technologies now Idemia 1 6 17 Plastc 1 6 18 Stratos 1 6 19 Swyp 1 7 Businesses 2 Design 2 1 Internal structure 2 1 1 Data structures 2 1 2 Logical layout 2 2 Physical interfaces 2 2 1 Contact smart cards 2 2 2 Contactless smart cards 2 2 3 Hybrids 2 2 4 USB 2 3 Logical interfaces 2 3 1 Reader side 2 3 2 Application side 3 Applications 3 1 Financial 3 2 SIM 3 3 Identification 3 4 Public transit 3 5 Video games 3 6 Computer security 3 7 Schools 3 8 Healthcare 3 9 Other uses 3 10 Multiple use systems 4 Security 5 Benefits 6 Advantages 7 Smart cards and electronic commerce 8 Disadvantages 9 See also 10 References 11 Further reading 12 External linksHistory EditSee also Payment card The basis for the smart card is the silicon integrated circuit IC chip 4 It was invented by Robert Noyce at Fairchild Semiconductor in 1959 and was made possible by Mohamed M Atalla s silicon surface passivation process 1957 and Jean Hoerni s planar process 1959 5 6 7 The invention of the silicon integrated circuit led to the idea of incorporating it onto a plastic card in the late 1960s 4 Smart cards have since used MOS integrated circuit chips along with MOS memory technologies such as flash memory and EEPROM electrically erasable programmable read only memory 8 Invention Edit One of the first smart card prototypes created by its inventor Roland Moreno around 1975 The chip has not yet been miniaturized On this prototype one can see how each pin of the microchip center is connected to the exterior world by a copper connector First smart card manufactured by Giesecke amp Devrient in 1979 already with the finally standardized dimension ID 1 and a contact area with eight pads initially on the upper left corner The idea of incorporating an integrated circuit chip onto a plastic card was first introduced by two German engineers in the late 1960s Helmut Grottrup and Jurgen Dethloff 4 In February 1967 Grottrup filed the patent DE1574074 9 in West Germany for a tamper proof identification switch based on a semiconductor device Its primary use was intended to provide individual copy protected keys for releasing the tapping process at unmanned gas stations In September 1968 Helmut Grottrup together with Dethloff as an investor filed further patents for this identification switch first in Austria 10 and in 1969 as subsequent applications in the United States 11 12 Great Britain West Germany and other countries 13 Independently Kunitaka Arimura of the Arimura Technology Institute in Japan developed a similar idea of incorporating an integrated circuit onto a plastic card and filed a smart card patent in March 1970 4 14 The following year Paul Castrucci of IBM filed an American patent titled Information Card in May 1971 14 In 1974 Roland Moreno patented a secured memory card later dubbed the smart card 15 16 In 1976 Jurgen Dethloff introduced the known element called the secret to identify gate user as of USP 4105156 17 In 1977 Michel Ugon from Honeywell Bull invented the first microprocessor smart card with two chips one microprocessor and one memory and in 1978 he patented the self programmable one chip microcomputer SPOM that defines the necessary architecture to program the chip Three years later Motorola used this patent in its CP8 At that time Bull had 1 200 patents related to smart cards In 2001 Bull sold its CP8 division together with its patents to Schlumberger who subsequently combined its own internal smart card department and CP8 to create Axalto In 2006 Axalto and Gemplus at the time the world s top two smart card manufacturers merged and became Gemalto In 2008 Dexa Systems spun off from Schlumberger and acquired Enterprise Security Services business which included the smart card solutions division responsible for deploying the first large scale smart card management systems based on public key infrastructure PKI The first mass use of the cards was as a telephone card for payment in French payphones starting in 1983 citation needed Carte bleue Edit After the Telecarte microchips were integrated into all French Carte Bleue debit cards in 1992 Customers inserted the card into the merchant s point of sale POS terminal then typed the personal identification number PIN before the transaction was accepted Only very limited transactions such as paying small highway tolls are processed without a PIN Smart card based electronic purse systems store funds on the card so that readers do not need network connectivity They entered European service in the mid 1990s They have been common in Germany Geldkarte Austria Quick Wertkarte Belgium Proton France Moneo 18 the Netherlands Chipknip Chipper decommissioned in 2015 Switzerland Cash Norway Mondex Spain Monedero 4B Sweden Cash decommissioned in 2004 Finland Avant UK Mondex Denmark Danmont and Portugal Porta moedas Multibanco Private electronic purse systems have also been deployed such as the Marines corps USMC at Parris Island allowing small amount payments at the cafeteria Since the 1990s smart cards have been the subscriber identity modules SIMs used in GSM mobile phone equipment Mobile phones are widely used across the world so smart cards have become very common EMV Edit Further information EMV Europay MasterCard Visa EMV compliant cards and equipment are widespread with the deployment led by European countries The United States started later deploying the EMV technology in 2014 with the deployment still in progress in 2019 Typically a country s national payment association in coordination with MasterCard International Visa International American Express and Japan Credit Bureau JCB jointly plan and implement EMV systems Historically in 1993 several international payment companies agreed to develop smart card specifications for debit and credit cards The original brands were MasterCard Visa and Europay The first version of the EMV system was released in 1994 In 1998 the specifications became stable EMVCo maintains these specifications EMVco s purpose is to assure the various financial institutions and retailers that the specifications retain backward compatibility with the 1998 version EMVco upgraded the specifications in 2000 and 2004 19 EMV compliant cards were first accepted into Malaysia in 2005 20 and later into United States in 2014 MasterCard was the first company that was allowed to use the technology in the United States The United States has felt pushed to use the technology because of the increase in identity theft The credit card information stolen from Target in late 2013 was one of the largest indicators that American credit card information is not safe Target made the decision on April 30 2014 that it would try to implement the smart chip technology in order to protect itself from future credit card identity theft Before 2014 the consensus in America was that there were enough security measures to avoid credit card theft and that the smart chip was not necessary The cost of the smart chip technology was significant which was why most of the corporations did not want to pay for it in the United States The debate finally ended when Target sent out a notice 21 stating unauthorized access to magnetic strips 22 costing Target over 300 million dollars 23 along with the increasing cost of online credit theft was enough for the United States to invest in the technology The adaptation of EMV s increased significantly in 2015 when the liability shifts occurred in October by the credit card companies Development of contactless systems Edit See also Contactless payment Contactless smart cards do not require physical contact between a card and reader They are becoming more popular for payment and ticketing Typical uses include mass transit and motorway tolls Visa and MasterCard implemented a version deployed in 2004 2006 in the U S with Visa s current offering called Visa Contactless Most contactless fare collection systems are incompatible though the MIFARE Standard card from NXP Semiconductors has a considerable market share in the US and Europe Use of Contactless smart cards in transport has also grown through the use of low cost chips NXP Mifare Ultralight and paper card PET rather than PVC This has reduced media cost so it can be used for low cost tickets and short term transport passes up to 1 year typically The cost is typically 10 that of a PVC smart card with larger memory They are distributed through vending machines ticket offices and agents Use of paper PET is less harmful to the environment than traditional PVC cards See also transport transit ID applications Smart cards are also being introduced for identification and entitlement by regional national and international organizations These uses include citizen cards drivers licenses and patient cards In Malaysia the compulsory national ID MyKad enables eight applications and has 18 million users Contactless smart cards are part of ICAO biometric passports to enhance security for international travel Complex smart cards Edit Complex Cards are smart cards that conform to the ISO IEC 7810 standard and include components in addition to those found in traditional single chip smart cards Complex Cards were invented by Cyril Lalo and Philippe Guillaud in 1999 when they designed a chip smart card with additional components building upon the initial concept consisting of using audio frequencies to transmit data patented by Alain Bernard 24 The first Complex Card prototype was developed collaboratively by Cyril Lalo and Philippe Guillaud who were working at AudioSmartCard 25 at the time and Henri Boccia and Philippe Patrice who were working at Gemplus It was ISO 7810 compliant and included a battery a piezoelectric buzzer a button and delivered audio functions all within a 0 84mm thickness card The Complex Card pilot developed by AudioSmartCard was launched in 2002 by Credit Lyonnais a French financial institution This pilot featured acoustic tones as a means of authentication Although Complex Cards were developed since the inception of the smart card industry they only reached maturity after 2010 Complex Cards can accommodate various peripherals including One or more buttons A digital keyboard An alphabetic keyboard A touch keyboard A small display for a dynamic Card Security Code CSC for instance A larger digital display for OTP or balance QR code An alphanumeric display A fingerprint sensor A LED A buzzer or speaker While first generation Complex Cards were battery powered the second generation is battery free and receives power through the usual card connector and or induction Sound generated by a buzzer was the preferred means of communication for the first projects involving Complex Cards Later with the progress of displays visual communication is now present in almost all Complex Cards Functionalities Edit Complex Cards support all communication protocols present on regular smart cards contact thanks to a contact pad as defined ISO IEC 7816 standard contactless following the ISO IEC 14443 standard and magstripe Developers of Complex Cards target several needs when developing them One Time Password Provide account information Provide computation capabilities Provide a means of transaction security Provide a means of user authentication One time password Edit A Complex Card can be used to compute a cryptographic value such as a One time password The One Time Password is generated by a cryptoprocessor encapsulated in the card In order to implement this function the cryptoprocessor must be initialized with a seed value which enables the identification of the OTPs respective of each card The hash of seed value has to be stored securely within the card to prevent unauthorized prediction of the generated OTPs One Time Passwords generation is based either on incremental values event based or on a real time clock time based Using clock based One Time Password generation requires the Complex Card to be equipped with a Real time clock and a quartz Complex Cards used to generate One Time Password have been developed for Standard Chartered 26 Singapore Bank of America 27 USA Erste Bank Croatia Verisign 28 USA RSA Security 29 Account information Edit A Complex Card with buttons can display the balance of one or multiple account s linked to the card Typically either one button is used to display the balance in the case of a single account card or in the case of a card linked to multiple accounts a combination of buttons is used to select a specific account s balance For additional security features such as requiring the user to enter an identification or a security value such as a PIN can be added to a Complex Card Complex Cards used to provide account information have been developed for Getin Bank Poland 30 TEB Turkey The latest generation of battery free button free Complex Cards can display a balance or other kind of information without requiring any input from the card holder The information is updated during the use of the card For instance in a transit card key information such as the monetary value balance the number of remaining trips or the expiry date of a transit pass can be displayed Transaction security Edit A Complex Card being deployed as a payment card can be equipped with capability to provide transaction security Typically online payments are made secure thanks to the Card Security Code CSC also known as card verification code CVC2 or card verification value CVV2 The card security code CSC is a 3 or 4 digits number printed on a credit or debit card used as a security feature for card not present CNP payment card transactions to reduce the incidence of fraud The Card Security Code CSC is to be given to the merchant by the cardholder in order to complete a card not present transaction The CSC is transmitted along with other transaction data and verified by the card issuer The Payment Card Industry Data Security Standard PCI DSS prohibits the storage of the CSC by the merchant or any stakeholder in the payment chain Although designed to be a security feature the static CSC is susceptible to fraud as it can easily be memorized by a shop attendant who could then use it for fraudulent online transactions or sale on the dark web This vulnerability has led the industry to develop a Dynamic Card Security Code DCSC that can be changed at certain time intervals or after each contact or contactless EMV transaction This Dynamic CSC brings significantly better security than a static CSC The first generation of Dynamic CSC cards developed by NagraID Security required a battery a quartz and Real Time Clock RTC embedded within the card to power the computation of a new Dynamic CSC after expiration of the programmed period The second generation of Dynamic CSC cards developed by Ellipse World Inc does not require any battery quartz or RTC to compute and display the new dynamic code Instead the card obtains its power either through the usual card connector or by induction during every EMV transaction from the Point of Sales POS terminal or Automated Teller Machine ATM to compute a new DCSC The Dynamic CSC also called dynamic cryptogram is marketed by several companies under different brand names MotionCode first developed by NagraID Security a company later acquired by Idemia DCV the solution offered by Thales EVC Ellipse Verification Code by Ellipse a Los Angeles USA based company The advantage of the Dynamic Card Security Code DCSC is that new information is transmitted with the payment transactions thus making it useless for a potential fraudster to memorize or store it A transaction with a Dynamic Card Security Code is carried out exactly the same way with the same processes and use of parameters as a transaction with a static code in a card not present transaction Upgrading to a DCSC allows cardholders and merchants to continue their payment habits and processes undisturbed User authentication Edit Complex Cards can be equipped with biometric sensors allowing for stronger user authentication In the typical use case fingerprint sensors are integrated into a payment card to bring a higher level of user authentication than a PIN In order to implement user authentication using a fingerprint enabled smart card the user has to authenticate himself herself to the card by means of the fingerprint before starting a payment transaction Several companies 31 offer cards with fingerprint sensors Thales Biometric card Idemia F Code originally developed by NagraID Security Idex Biometrics NXP Semiconductors Components Edit Complex Cards can incorporate a wide variety of components The choice of components drives functionality influences cost power supply needs and manufacturing complexity Buttons Edit Depending on Complex Card types buttons have been added to allow an easy interaction between the user and the card Typically these buttons are used to Select one action such as which account to obtain the balance or the unit e g currency or number of trips in which the information is displayed Enter numeric data via the addition of a digital keypad Enter text data via the addition of an alphanumeric keyboard While separate keys have been used on prototypes in the early days capacitive keyboards are the most popular solution now thanks to technology developments by AudioSmartCard International SA 32 The interaction with a capacitive keyboard requires constant power therefore a battery and a mechanical button are required to activate the card Buzzer Edit The first Complex Cards were equipped with a buzzer that made it possible to broadcast sound This feature was generally used over the phone to send identification data such as an identifier and One Time Passwords OTPs Technologies used for sound transmission include DTMF Dual tone multi frequency signaling or FSK Frequency shift keying Companies that offered cards with buzzers include AudioSmartCard nCryptone 33 Prosodie Societe d exploitation du jeton securise SEJS Display Edit Displaying data is an essential part of Complex Card functionalities Depending on the information that needs to be shown displays can be digital or alphanumeric and of varying lengths Displays can be located either on the front or back of the card A front display is the most common solution for showing information such as a One Time Password or an electronic purse balance A rear display is more often used for showing a Dynamic Card Security Code DCSC Displays can be made using two technologies Liquid crystal display LCD LCDs are easily available from a wide variety of suppliers and they are able to display either digits or alphabetical data However to be fitted in a complex smart card LCDs need to have a certain degree of flexibility Also LCDs need to be powered to keep information displayed Bistable displays also known as Ferroelectric liquid crystal displays are increasingly used as they only require power to refresh the displayed information The displayed data remains visible without the need for of any power supply Bistable displays are also available in a variety of specifications displaying digits or pixels Bistable displays are available from E Ink Corporation 34 among others Cryptoprocessor Edit If a Complex smart Card is dedicated to making cryptographic computations such as generating a One Time Password it may require a secure cryptoprocessor Power supply Edit As Complex Cards contain more components than traditional smart cards their power consumption must be carefully monitored First generation Complex Cards require a power supply even in standby mode As such product designers generally included a battery in their design Incorporating a battery creates an additional burden in terms of complexity cost space and flexibility in an already dense design Including a battery in a Complex Card increases the complexity of the manufacturing process as a battery cannot be hot laminated Second generation Complex Cards feature a battery free design These cards harvest the necessary power from external sources for example when the card interacts in a contact or contactless fashion with a payment system or an NFC enabled smartphone The use of a bistable display in the card design ensures that the screen remains legible even when the Complex Card is unconnected to the power source Manufacturing Edit Complex Card manufacturing methods are inherited from the smart card industry and from the electronics mounting industry As Complex Cards incorporate several components while having to remain within 0 8 mm thickness and be flexible and to comply with the ISO IEC 7810 ISO IEC 7811 and ISO IEC 7816 standards renders their manufacture more complex than standard smart cards One of the most popular manufacturing processes in the smart card industry is lamination This process involves laminating an inlay between two card faces The inlay contains the needed electronic components with an antenna printed on an inert support Typically battery powered Complex Cards require a cold lamination manufacturing process This process impacts the manufacturing lead time and the whole cost of such a Complex Card Second generation battery free Complex Cards can be manufactured by existing hot lamination process This automated process inherited from traditional smart card manufacturing enables the production of Complex Cards in large quantities while keeping costs under control a necessity for the evolution from a niche to a mass market Card life cycle Edit As with standard smart cards Complex Cards go through a lifecycle comprising the following steps Manufacturing Personalization User enrollment if needed by the application Provisioning Active life Cancellation Recycling destruction As Complex Cards bring more functionalities than standard smart cards and due to their complexity their personalization can take longer or require more inputs Having Complex Cards that can be personalized by the same machines and the same processes as regular smart cards allows them to be integrated more easily in existing manufacturing chains and applications First generation battery operated Complex Cards require specific recycling processes mandated by different regulatory bodies Additionally keeping battery operated Complex Cards in inventory for extended periods of time may reduce their performance due to battery ageing Second generation battery free technology ensures operation during the entire lifetime of the card and eliminates self discharge providing extended shelf life and is more eco friendly History and major players Edit Since the inception of smart cards innovators have been trying to add extra features As technologies have matured and have been industrialized several smart card industry players have been involved in Complex Cards The Complex Card concept began in 1999 when Cyril Lalo and Philippe Guillaud its inventors first designed a smart card with additional components The first prototype was developed collaboratively by Cyril Lalo who was the CEO of AudioSmartCard at the time and Henri Boccia and Philippe Patrice from Gemplus The prototype included a button and audio functions on a 0 84mm thick ISO 7810 compliant card Since then Complex Cards have been mass deployed primarily by NagraID Security AudioSmartCard Edit AudioSmartCard International SA 35 was instrumental in developing the first Complex Card that included a battery a piezoelectric buzzer a button and audio functions all on a 0 84mm thick ISO 7810 compatible card AudioSmartCard was founded in 1993 and specialized in the development and marketing of acoustic tokens incorporating security features These acoustic tokens exchanged data in the form of sounds transmitted over a phone line In 1999 AudioSmartCard transitioned to a new leadership under Cyril Lalo and Philippe Guillaud who also became major shareholders They made AudioSmartCard evolve towards the smart card world In 2003 Prosodie 36 a subsidiary of Capgemini joined the shareholders of AudioSmartCard AudioSmartCard was renamed nCryptone 37 in 2004 CardLab Innovation Edit CardLab Innovation 38 incorporated in 2006 in Herlev Denmark specializes in Complex Cards that include a switch a biometric reader an RFID jammer and one or more magstripes The company works with manufacturing partners in China and Thailand and owns a card lamination factory in Thailand Coin Edit Coin was a US based startup 39 founded in 2012 by Kanishk Parashar 40 It developed a Complex Card capable of storing the data of several credit and debit cards The card prototype was equipped with a display 41 full citation needed and a button that enabled the user to switch between different cards In 2015 the original Coin card concept evolved into Coin 2 0 adding contactless communication to its original magstripe emulation 42 Coin was acquired by Fitbit in May 2016 43 and all Coin activities were discontinued in February 2017 44 Ellipse World Inc Edit Ellipse World Inc 45 was founded in 2017 by Cyril Lalo and Sebastien Pochic both recognized experts in Complex Card technology Ellipse World Inc specializes in battery free Complex Card technology The Ellipse patented technologies enable smart card manufacturers to use their existing dual interface payment card manufacturing process and supply chain to build battery free second generation Complex Cards with display capabilities Thanks to this ease of integration smart card vendors are able to address banking transit and prepaid cards markets EMue Technologies Edit EMue 46 Technologies headquartered in Melbourne Australia designed and developed authentication solutions for the financial services industry from 2009 to 2015 47 The company s flagship product developed in collaboration with Cyril Lalo and Philippe Guillaud was the eMue Card a Visa CodeSure 48 credit card with an embedded keypad a display and a microprocessor Feitian Technologies Edit Feitian Technologies a China based company created in 1998 provides cyber security products and solutions The company offers security solutions based on smart cards as well as other authentication devices These include Complex Cards that incorporate a display 49 a keypad 50 or a fingerprint sensor 51 Fingerprint Cards Edit Fingerprint Cards AB or Fingerprints 52 is a Swedish company specializing in biometric solutions The company sells biometric sensors and has recently introduced payment cards incorporating a fingerprint sensor 53 such as the Zwipe card 54 a biometric dual interface payment card using an integrated sensor from Fingerprints Giesecke Devrient Edit Giesecke amp Devrient also known as G D 55 is a German company headquartered in Munich that provides banknotes security printing smart cards and cash handling systems Its smart card portfolio includes display cards OTP cards as well as cards displaying a Dynamic CSC Gemalto Edit Gemalto a division of Thales Group is a major player in the secure transaction industry The company s Complex Card portfolio includes cards with a display 56 or a fingerprint sensor 57 These cards may display an OTP 58 or a Dynamic CSC 59 Idemia Edit Idemia is the product of the 2017 60 merger of Oberthur Technologies and Morpho The combined company has positioned itself as a global provider of financial cards SIM cards biometric devices as well as public and private identity solutions Due to Oberthur s acquisition of NagraID Security in 2014 Idemia s Complex Card offerings include the F CODE 61 biometric payment card that includes a fingerprint sensor and its battery powered Motion Code 62 card that displays a Dynamic CSC Idex Edit Idex Biometrics ASA incorporated in Norway specializes in fingerprint identification technologies for personal authentication The company offers fingerprint sensors 63 and modules 64 that are ready to be embedded into cards 65 Innovative Card Technologies Edit Founded in 2002 by Alan Finkelstein Innovative Card Technologies developed and commercialized enhancements for the smart card market The company acquired the display card assets of nCryptone 66 in 2006 Innovative Card Technologies has ceased its activities NagraID Edit Nagra ID now known as NID 67 was a wholly owned subsidiary of the Kudelski Group until 2014 NID can trace its history with Complex Cards back to 2003 when it collaborated on development with nCryptone Nagra ID was instrumental in developing the cold lamination process for Complex Cards manufacturing Nagra ID manufactures Complex Cards 68 that can include a battery buttons displays or other electronic components NagraID Security Edit Nagra ID Security began in 2008 as a spinoff of Nagra ID to focus on Complex Card development and manufacturing The company was owned by Kudelski Group 50 Cyril Lalo 25 and Philippe Guillaud 25 NagraID Security quickly became a leading player in the adoption of Complex Cards due in large part to its development of MotionCode cards that featured a small display to enable a Card Security Code CVV2 NagraID Security was the first Complex Cards manufacturer to develop a mass market for payment display cards Their customers included ABSA 69 South Africa Banco Bicentenario Venezuela Banco MontePaschi Belgium Erste Bank Croatia Getin Bank Poland Standard Chartered Bank Singapore NagraID Security also delivered One Time Password cards to companies including Bank of America HID Security Paypal RSA Security Verisign In 2014 NagraID Security was sold to Oberthur Technologies now Idemia nCryptone Edit nCryptone emerged in 2004 from the renaming of AudioSmartCard nCryptone was headed by Cyril Lalo and Philippe Guillaud 70 and developed technologies around authentication servers and devices nCryptone display card assets were acquired by Innovative Card Technologies in 2006 71 Oberthur Technologies now Idemia Edit Oberthur Technologies now Idemia is one of the major players in the secure transactions industry It acquired the business of NagraID Security in 2014 Oberthur then merged with Morpho and the combined entity was renamed Idemia in 2017 Major references in the Complex Cards business include BPCE Group 72 France Orange Bank 73 France Societe Generale 74 France Plastc Edit Set up in 2009 Plastc announced a single card that could digitally hold the data of up to 20 credit or debit cards The company succeeded in raising US 9 million through preorders but failed to deliver any product 75 76 Plastc was then acquired 77 in 2017 by Edge Mobile Payments 78 a Santa Cruz based Fintech company The Plastc project continues as the Edge card 79 a dynamic payment card that consolidates several payment cards in one device The card is equipped with a battery and an ePaper screen and can store data from up to 50 credit debit loyalty and gift cards Stratos Edit Stratos 80 was created in 2012 in Ann Arbor Michigan USA In 2015 Stratos developed the Stratos Bluetooth Connected Card 81 which was designed to integrate up to three credit and debit card in a single card format and featured a smartphone app used to manage the card Due to its Lithium ion thin film battery the Stratos card was equipped with LEDs and communicated in contactless mode and in Bluetooth low Energy In 2017 Stratos was acquired 82 by CardLab Innovation a company headquartered in Herlev Denmark Swyp Edit SWYP 83 was the brand name of a card developed by Qvivr a company incorporated in 2014 in Fremont California SWYP was introduced in 2015 and dubbed the world s first smart wallet SWYP was a metal card with the ability to combine over 25 credit debit gift and loyalty cards The card worked in conjunction with a smartphone app used to manage the cards The Swyp card included a battery a button and a matrix display that showed which card was in use The company registered users in its beta testing program but the product never shipped on a commercial scale Qvivr raised US 5 million in January 2017 84 and went out of business in November 2017 Businesses Edit Complex Cards have been adopted by numerous financial institutions worldwide They may include different functionalities such as payment cards credit debit prepaid One Time Password mass transit and dynamic Card Security Code CVV2 Complex Card technology is used by numerous financial institutions including ABSA 85 South Africa Banca MontePaschi Belgio 86 Bank of America 87 USA BPCE Group 88 France Carpatica Bank 89 Romania Credit Europe Bank 90 Romania Erste amp Steiermarkische Ban 91 Croatia Getin Bank 92 Poland Newcastle Banking Society 93 UK Orange Bank France Paypal 94 USA Sinopac 95 Taiwan Societe Generale 96 France Standard Chartered Bank 97 98 Singapore Symantec 99 TEB 100 Turkey Design EditA smart card may have the following generic characteristics Dimensions similar to those of a credit card ID 1 of the ISO IEC 7810 standard defines cards as nominally 85 60 by 53 98 millimetres 3 37 in 2 13 in Another popular size is ID 000 which is nominally 25 by 15 millimetres 0 98 in 0 59 in commonly used in SIM cards Both are 0 76 millimetres 0 030 in thick Contains a tamper resistant security system for example a secure cryptoprocessor and a secure file system and provides security services e g protects in memory information Managed by an administration system which securely interchanges information and configuration settings with the card controlling card blacklisting and application data updates Communicates with external services through card reading devices such as ticket readers ATMs DIP reader etc Smart cards are typically made of plastic generally polyvinyl chloride but sometimes polyethylene terephthalate based polyesters acrylonitrile butadiene styrene or polycarbonate Since April 2009 a Japanese company has manufactured reusable financial smart cards made from paper 101 Internal structure Edit Data structures Edit As mentioned above data on a smart card may be stored in a file system FS In smart card file systems the root directory is called the master file MF subdirectories are called dedicated files DF and ordinary files are called elementary files EF 102 Logical layout Edit The file system mentioned above is stored on an EEPROM storage or memory within the smartcard 102 In addition to the EEPROM other components may be present depending upon the kind of smartcard Most smartcards have one of three logical layouts EEPROM only EEPROM ROM RAM and microprocessor EEPROM ROM RAM microprocessor and crypto module 102 In cards with microprocessors the microprocessor sits inline between the reader and the other components The operating system that runs on the microprocessor mediates the reader s access to those components in order to prevent unauthorized access 102 Physical interfaces Edit Contact smart cards Edit Illustration of smart card structure and packaging 4 by 4 mm silicon chip in a SIM card which was peeled open Note the thin gold bonding wires and the regular rectangular digital memory areas Smart card reader on a laptop A smart card pinout VCC Power supply RST Reset signal used to reset the card s communications CLK Provides the card with a clock signal from which data communications timing is derived GND Ground reference voltage VPP ISO IEC 7816 3 1997 designated this as a programming voltage an input for a higher voltage to program persistent memory e g EEPROM ISO IEC 7816 3 2006 designates it SPU for either standard or proprietary use as input and or output I O Serial input and output half duplex C4 C8 The two remaining contacts are AUX1 and AUX2 respectively and are used for USB interfaces and other uses 103 However the usage defined in ISO IEC 7816 2 1999 Amd 1 2004 may have been superseded by ISO IEC 7816 2 2007 104 Contact type smart cards may have many different contact pad layouts such as these SIMs Contact smart cards have a contact area of approximately 1 square centimetre 0 16 sq in comprising several gold plated contact pads These pads provide electrical connectivity when inserted into a reader 105 which is used as a communications medium between the smart card and a host e g a computer a point of sale terminal or a mobile telephone Cards do not contain batteries power is supplied by the card reader The ISO IEC 7810 and ISO IEC 7816 series of standards define physical shape and characteristics electrical connector positions and shapes electrical characteristics communications protocols including commands sent to and responses from the card basic functionality Because the chips in financial cards are the same as those used in subscriber identity modules SIMs in mobile phones programmed differently and embedded in a different piece of PVC chip manufacturers are building to the more demanding GSM 3G standards So for example although the EMV standard allows a chip card to draw 50 mA from its terminal cards are normally well below the telephone industry s 6 mA limit This allows smaller and cheaper financial card terminals Communication protocols for contact smart cards include T 0 character level transmission protocol defined in ISO IEC 7816 3 and T 1 block level transmission protocol defined in ISO IEC 7816 3 Contactless smart cards Edit Main article Contactless smart card Contactless smart cards communicate with readers under protocols defined in the ISO IEC 14443 standard They support data rates of 106 848 kbit s These cards require only proximity to an antenna to communicate Like smart cards with contacts contactless cards do not have an internal power source Instead they use a loop antenna coil to capture some of the incident radio frequency interrogation signal rectify it and use it to power the card s electronics Contactless smart media can be made with PVC paper card and PET finish to meet different performance cost and durability requirements APDU transmission by a contactless interface is defined in ISO IEC 14443 4 Hybrids Edit A hybrid smart card which clearly shows the antenna connected to the main chip Hybrid cards implement contactless and contact interfaces on a single card with unconnected chips including dedicated modules storage and processing Dual interface Dual interface cards implement contactless and contact interfaces on a single chip with some shared storage and processing An example is Porto s multi application transport card called Andante which uses a chip with both contact and contactless ISO IEC 14443 Type B interfaces Numerous payment cards worldwide are based on hybrid card technology allowing them to communicate in contactless as wall as contact modes USB Edit The CCID Chip Card Interface Device is a USB protocol that allows a smart card to be interfaced to a computer using a card reader which has a standard USB interface This allows the smart card to be used as a security token for authentication and data encryption such as Bitlocker A typical CCID is a USB dongle and may contain a SIM Logical interfaces Edit Reader side Edit Different smart cards implement one or more reader side protocols Common protocols here include CT API and PC SC 102 Application side Edit Smartcard operating systems may provide application programming interfaces APIs so that developers can write programs applications to run on the smartcard Some such APIs such as Java Card allow programs to be uploaded to the card without replacing the card s entire operating system 102 Applications EditFinancial Edit Smart cards serve as credit or ATM cards fuel cards mobile phone SIMs authorization cards for pay television household utility pre payment cards high security identification and access badges and public transport and public phone payment cards Smart cards may also be used as electronic wallets The smart card chip can be loaded with funds to pay parking meters vending machines or merchants Cryptographic protocols protect the exchange of money between the smart card and the machine No connection to a bank is needed The holder of the card may use it even if not the owner Examples are Proton Geldkarte Chipknip and Moneo The German Geldkarte is also used to validate customer age at vending machines for cigarettes Main articles Contactless smart card and Credit card These are the best known payment cards classic plastic card Visa Visa Contactless Quick VSDC qVSDC Visa Wave MSD payWave Mastercard PayPass Magstripe PayPass MChip American Express ExpressPay Discover Zip Unionpay QuickPass Roll outs started in 2005 in the U S Asia and Europe followed in 2006 Contactless non PIN transactions cover a payment range of 5 50 There is an ISO IEC 14443 PayPass implementation Some but not all PayPass implementations conform to EMV Non EMV cards work like magnetic stripe cards This is common in the U S PayPass Magstripe and Visa MSD The cards do not hold or maintain the account balance All payment passes without a PIN usually in off line mode The security of such a transaction is no greater than with a magnetic stripe card transaction citation needed EMV cards can have either contact or contactless interfaces They work as if they were a normal EMV card with a contact interface Via the contactless interface they work somewhat differently in that the card commands enabled improved features such as lower power and shorter transaction times EMV standards include provisions for contact and contactless communications Typically modern payment cards are based on hybrid card technology and support both contact and contactless communication modes SIM Edit The subscriber identity modules used in mobile phone systems are reduced size smart cards using otherwise identical technologies Identification Edit Smart cards can authenticate identity Sometimes they employ a public key infrastructure PKI The card stores an encrypted digital certificate issued from the PKI provider along with other relevant information Examples include the U S Department of Defense DoD Common Access Card CAC and other cards used by other governments for their citizens If they include biometric identification data cards can provide superior two or three factor authentication Smart cards are not always privacy enhancing because the subject may carry incriminating information on the card Contactless smart cards that can be read from within a wallet or even a garment simplify authentication however criminals may access data from these cards Cryptographic smart cards are often used for single sign on Most advanced smart cards include specialized cryptographic hardware that uses algorithms such as RSA and Digital Signature Algorithm DSA Today s cryptographic smart cards generate key pairs on board to avoid the risk from having more than one copy of the key since by design there usually isn t a way to extract private keys from a smart card Such smart cards are mainly used for digital signatures and secure identification The most common way to access cryptographic smart card functions on a computer is to use a vendor provided PKCS 11 library citation needed On Microsoft Windows the Cryptographic Service Provider CSP API is also supported The most widely used cryptographic algorithms in smart cards excluding the GSM so called crypto algorithm are Triple DES and RSA The key set is usually loaded DES or generated RSA on the card at the personalization stage Some of these smart cards are also made to support the National Institute of Standards and Technology NIST standard for Personal Identity Verification FIPS 201 Turkey implemented the first smart card driver s license system in 1987 Turkey had a high level of road accidents and decided to develop and use digital tachograph devices on heavy vehicles instead of the existing mechanical ones to reduce speed violations Since 1987 the professional driver s licenses in Turkey have been issued as smart cards A professional driver is required to insert his driver s license into a digital tachograph before starting to drive The tachograph unit records speed violations for each driver and gives a printed report The driving hours for each driver are also being monitored and reported In 1990 the European Union conducted a feasibility study through BEVAC Consulting Engineers titled Feasibility study with respect to a European electronic drivers license based on a smart card on behalf of Directorate General VII In this study chapter seven describes Turkey s experience Argentina s Mendoza province began using smart card driver s licenses in 1995 Mendoza also had a high level of road accidents driving offenses and a poor record of recovering fines citation needed Smart licenses hold up to date records of driving offenses and unpaid fines They also store personal information license type and number and a photograph Emergency medical information such as blood type allergies and biometrics fingerprints can be stored on the chip if the card holder wishes The Argentina government anticipates that this system will help to collect more than 10 million per year in fines In 1999 Gujarat was the first Indian state to introduce a smart card license system 106 As of 2005 it has issued 5 million smart card driving licenses to its people 107 In 2002 the Estonian government started to issue smart cards named ID Kaart as primary identification for citizens to replace the usual passport in domestic and EU use As of 2010 about 1 million smart cards have been issued total population is about 1 3 million and they are widely used in internet banking buying public transport tickets authorization on various websites etc By the start of 2009 the entire population of Belgium was issued eID cards that are used for identification These cards contain two certificates one for authentication and one for signature This signature is legally enforceable More and more services in Belgium use eID for authorization 108 Spain started issuing national ID cards DNI in the form of smart cards in 2006 and gradually replaced all the older ones with smart cards The idea was that many or most bureaucratic acts could be done online but it was a failure because the Administration did not adapt and still mostly requires paper documents and personal presence 109 110 111 112 On August 14 2012 the ID cards in Pakistan were replaced The Smart Card is a third generation chip based identity document that is produced according to international standards and requirements The card has over 36 physical security features and has the latest clarification needed encryption codes This smart card replaced the NICOP the ID card for overseas Pakistani Smart cards may identify emergency responders and their skills Cards like these allow first responders to bypass organizational paperwork and focus more time on the emergency resolution In 2004 The Smart Card Alliance expressed the needs to enhance security increase government efficiency reduce identity fraud and protect personal privacy by establishing a mandatory Government wide standard for secure and reliable forms of identification 113 emergency response personnel can carry these cards to be positively identified in emergency situations WidePoint Corporation a smart card provider to FEMA produces cards that contain additional personal information such as medical records and skill sets In 2007 the Open Mobile Alliance OMA proposed a new standard defining V1 0 of the Smart Card Web Server SCWS an HTTP server embedded in a SIM card intended for a smartphone user 114 The non profit trade association SIMalliance has been promoting the development and adoption of SCWS SIMalliance states that SCWS offers end users a familiar OS independent browser based interface to secure personal SIM data As of mid 2010 SIMalliance had not reported widespread industry acceptance of SCWS 115 The OMA has been maintaining the standard approving V1 1 of the standard in May 2009 and V1 2 was expected to be approved in October 2012 116 Smart cards are also used to identify user accounts on arcade machines 117 Public transit Edit Main article List of smart cards SmartRider smart card Transperth Smart cards used as transit passes and integrated ticketing are used by many public transit operators Card users may also make small purchases using the cards Some operators offer points for usage exchanged at retailers or for other benefits 118 Examples include Singapore s CEPAS Malaysia s Touch n Go Ontario s Presto card Hong Kong s Octopus card London s Oyster card Ireland s Leap card Brussels MoBIB Quebec s OPUS card San Francisco s Clipper card Auckland s AT Hop Brisbane s go card Perth s SmartRider Sydney s Opal card and Victoria s myki However these present a privacy risk because they allow the mass transit operator and the government to track an individual s movement In Finland for example the Data Protection Ombudsman prohibited the transport operator Helsinki Metropolitan Area Council YTV from collecting such information despite YTV s argument that the card owner has the right to a list of trips paid with the card Earlier such information was used in the investigation of the Myyrmanni bombing citation needed The UK s Department for Transport mandated smart cards to administer travel entitlements for elderly and disabled residents These schemes let residents use the cards for more than just bus passes They can also be used for taxi and other concessionary transport One example is the Smartcare go scheme provided by Ecebs 119 The UK systems use the ITSO Ltd specification Other schemes in the UK include period travel passes carnets of tickets or day passes and stored value which can be used to pay for journeys Other concessions for school pupils students and job seekers are also supported These are mostly based on the ITSO Ltd specification Many smart transport schemes include the use of low cost smart tickets for simple journeys day passes and visitor passes Examples include Glasgow SPT subway These smart tickets are made of paper or PET which is thinner than a PVC smart card e g Confidex smart media 120 The smart tickets can be supplied pre printed and over printed or printed on demand In Sweden as of 2018 2019 smart cards have started to be phased out and replaced by smart phone apps The phone apps have less cost at least for the transit operators who don t need any electronic equipment the riders provide that The riders are able buy tickets anywhere and don t need to load money onto smart cards The smart cards are still in use for foreseeable future as of 2019 Video games Edit In Japanese amusement arcades contactless smart cards usually referred to as IC cards are used by game manufacturers as a method for players to access in game features both online like Konami E Amusement and Sega ALL Net and offline and as a memory support to save game progress Depending on a case by case scenario the machines can utilize a game specific card or a universal one usable on multiple machines from the same manufacturer publisher Amongst the most widely used there are Banapassport by Bandai Namco E Amusement by Konami Aime by Sega and Nesica by Taito In 2018 in an effort to make arcade game IC cards more user friendly 121 Konami Bandai Namco and Sega have agreed on a unified system of cards named Amusement IC Thanks this agreement the three companies are now using a unified card reader in their arcade cabinets so that players are able to use their card no matter if a Banapassport an e Amusement Pass or an Aime with hardware and ID services of all three manufacturers A common logo for Amusement IC cards has been created and this is now displayed on compatible cards from all three companies In January 2019 Taito announced 122 that his Nesica card was also joining the Amusement IC agreement with the other three companies Computer security Edit Smart cards can be used as a security token Mozilla s Firefox web browser can use smart cards to store certificates for use in secure web browsing 123 Some disk encryption systems such as VeraCrypt and Microsoft s BitLocker can use smart cards to securely hold encryption keys and also to add another layer of encryption to critical parts of the secured disk GnuPG the well known encryption suite also supports storing keys in a smart card 124 Smart cards are also used for single sign on to log on to computers Schools Edit Smart cards are being provided to students at some schools and colleges 125 126 127 Uses include Tracking student attendance As an electronic purse to pay for items at canteens vending machines laundry facilities etc Tracking and monitoring food choices at the canteen to help the student maintain a healthy diet Tracking loans from the school library Access control for admittance to restricted buildings dormitories and other facilities This requirement may be enforced at all times such as for a laboratory containing valuable equipment or just during after hours periods such as for an academic building that is open during class times but restricted to authorized personnel at night depending on security needs Access to transportation servicesHealthcare Edit Further information eHealth health informatics and electronic health record Smart health cards can improve the security and privacy of patient information provide a secure carrier for portable medical records reduce health care fraud support new processes for portable medical records provide secure access to emergency medical information enable compliance with government initiatives e g organ donation and mandates and provide the platform to implement other applications as needed by the health care organization 128 129 Other uses Edit Smart cards are widely used to encrypt digital television streams VideoGuard is a specific example of how smart card security worked Multiple use systems Edit The Malaysian government promotes MyKad as a single system for all smart card applications MyKad started as identity cards carried by all citizens and resident non citizens Available applications now include identity travel documents drivers license health information an electronic wallet ATM bank card public toll road and transit payments and public key encryption infrastructure The personal information inside the MYKAD card can be read using special APDU commands 130 Security EditThis section needs additional citations for verification Please help improve this article by adding citations to reliable sources Unsourced material may be challenged and removed February 2016 Learn how and when to remove this template message Smart cards have been advertised as suitable for personal identification tasks because they are engineered to be tamper resistant The chip usually implements some cryptographic algorithm There are however several methods for recovering some of the algorithm s internal state Differential power analysis involves measuring the precise time and electric current required for certain encryption or decryption operations This can deduce the on chip private key used by public key algorithms such as RSA Some implementations of symmetric ciphers can be vulnerable to timing or power attacks as well Smart cards can be physically disassembled by using acid abrasives solvents or some other technique to obtain unrestricted access to the on board microprocessor Although such techniques may involve a risk of permanent damage to the chip they permit much more detailed information e g photomicrographs of encryption hardware to be extracted Benefits EditThe benefits of smart cards are directly related to the volume of information and applications that are programmed for use on a card A single contact contactless smart card can be programmed with multiple banking credentials medical entitlement driver s license public transport entitlement loyalty programs and club memberships to name just a few Multi factor and proximity authentication can and has been embedded into smart cards to increase the security of all services on the card For example a smart card can be programmed to only allow a contactless transaction if it is also within range of another device like a uniquely paired mobile phone This can significantly increase the security of the smart card Governments and regional authorities save money because of improved security better data and reduced processing costs These savings help reduce public budgets or enhance public services There are many examples in the UK many using a common open LASSeO specification Individuals have better security and more convenience with using smart cards that perform multiple services For example they only need to replace one card if their wallet is lost or stolen The data storage on a card can reduce duplication and even provide emergency medical information Advantages EditThe first main advantage of smart cards is their flexibility Smart cards have multiple functions which simultaneously can be an ID a credit card a stored value cash card and a repository of personal information such as telephone numbers or medical history The card can be easily replaced if lost and the requirement for a PIN or other form of security provides additional security from unauthorised access to information by others At the first attempt to use it illegally the card would be deactivated by the card reader itself The second main advantage is security Smart cards can be electronic key rings giving the bearer ability to access information and physical places without need for online connections They are encryption devices so that the user can encrypt and decrypt information without relying on unknown and therefore potentially untrustworthy appliances such as ATMs Smart cards are very flexible in providing authentication at different level of the bearer and the counterpart Finally with the information about the user that smart cards can provide to the other parties they are useful devices for customizing products and services Other general benefits of smart cards are Portability Increasing data storage capacity Reliability that is virtually unaffected by electrical and magnetic fields Smart cards and electronic commerce EditSmart cards can be used in electronic commerce over the Internet though the business model used in current electronic commerce applications still cannot use the full karthngnof the electronic medium An advantage of smart cards for electronic commerce is their use customize services For example in order for the service supplier to deliver the customized service the user may need to provide each supplier with their profile a boring and time consuming activity A smart card can contain a non encrypted profile of the bearer so that the user can get customized services even without previous contacts with the supplier Disadvantages Edit A false smart card with two 8 bit CMOS microcontrollers used in the 1990s to decode the signals of Sky Television The plastic or paper card in which the chip is embedded is fairly flexible The larger the chip the higher the probability that normal use could damage it Cards are often carried in wallets or pockets a harsh environment for a chip and antenna in contactless cards PVC cards can crack or break if bent flexed excessively However for large banking systems failure management costs can be more than offset by fraud reduction citation needed The production use and disposal of PVC plastic is known to be more harmful to the environment than other plastics 131 Alternative materials including chlorine free plastics and paper are available for some smart applications If the account holder s computer hosts malware the smart card security model may be broken Malware can override the communication both input via keyboard and output via application screen between the user and the application Man in the browser malware e g the Trojan Silentbanker could modify a transaction unnoticed by the user Banks like Fortis and Belfius in Belgium and Rabobank random reader in the Netherlands combine a smart card with an unconnected card reader to avoid this problem The customer enters a challenge received from the bank s website a PIN and the transaction amount into the reader The reader returns an 8 digit signature This signature is manually entered into the personal computer and verified by the bank preventing point of sale malware from changing the transaction amount Smart cards have also been the targets of security attacks These attacks range from physical invasion of the card s electronics to non invasive attacks that exploit weaknesses in the card s software or hardware The usual goal is to expose private encryption keys and then read and manipulate secure data such as funds Once an attacker develops a non invasive attack for a particular smart card model he or she is typically able to perform the attack on other cards of that model in seconds often using equipment that can be disguised as a normal smart card reader 132 While manufacturers may develop new card models with additional information security it may be costly or inconvenient for users to upgrade vulnerable systems Tamper evident and audit features in a smart card system help manage the risks of compromised cards Another problem is the lack of standards for functionality and security To address this problem the Berlin Group launched the ERIDANE Project to propose a new functional and security framework for smart card based Point of Interaction POI equipment 133 See also EditJava Card Keycard lock List of smart cards MULTOS Open Smart Card Development Platform Payment Card Industry Data Security Standard Proximity card Radio frequency identification SNAPI Smart card application protocol data unit APDU Smart card management systemReferences Edit ISO IEC 7816 2 2007 Assignment of contacts C4 and C8 www iso org Retrieved 2015 08 20 Multi application Smart Cards Cambridge University Press Tait Don August 25 2016 Smart card IC shipments to reach 12 8 billion units in 2020 IHS Technology IHS Markit Retrieved 24 October 2019 a b c d Chen Zhiqun 2000 Java Card Technology for Smart Cards Architecture and Programmer s Guide Addison Wesley Professional pp 3 4 ISBN 9780201703290 Lojek Bo 2007 History of Semiconductor Engineering Springer Science amp Business Media pp 120 amp 321 323 ISBN 9783540342588 Bassett Ross Knox 2007 To the Digital Age Research Labs Start up Companies and the Rise of MOS Technology Johns Hopkins University Press p 46 ISBN 9780801886393 Sah Chih Tang October 1988 Evolution of the MOS transistor from conception to VLSI PDF Proceedings of the IEEE 76 10 1280 1326 1290 Bibcode 1988IEEEP 76 1280S doi 10 1109 5 16328 ISSN 0018 9219 Those of us active in silicon material and device research during 1956 1960 considered this successful effort by the Bell Labs group led by Atalla to stabilize the silicon surface the most important and significant technology advance which blazed the trail that led to silicon integrated circuit technology developments in the second phase and volume production in the third phase Veendrick Harry J M 2017 Nanometer CMOS ICs From Basics to ASICs Springer p 315 ISBN 9783319475974 DE application 1574074 Grottrup Helmut Nachahmungssicherer Identifikationsschalter published 1971 11 25 AT patent 287366 Dethloff Jurgen amp Grottrup Helmut Identifizierungsschalter issued 1971 01 21 assigned to Intelectron Patentverwaltung US patent 3641316 Dethloff Jurgen amp Grottrup Helmut Identification System issued 1972 02 08 US patent 3678250 Dethloff Jurgen amp Grottrup Helmut Identification Switch issued 1972 07 18 Bottge Horst Mahl Tobias Kamp Michael 2013 Giesecke Devrient ed From Eurocheque Card to Mobile Security 1968 2012 Battenberg Gietl Verlag ISBN 978 3866465497 a b Jurgensen Timothy M Guthery Scott B 2002 Smart Cards The Developer s Toolkit Prentice Hall Professional pp 2 3 ISBN 9780130937308 Monticello Memoirs Program Computerworld honors Archived from the original on 3 March 2016 Retrieved 13 February 2012 history of smartcard invention Retrieved 29 July 2016 Espacenet Original document Worldwide espacenet com 1978 08 08 Retrieved 2014 02 13 Moneo s website in French EMVco US learns from Malaysia 10 years later The Rakyat Post https corporate target com article 2013 12 important notice unauthorized access to payment ca https www npr org sections alltechconsidered 2014 01 23 264910138 target hack a tipping point in moving away from magnetic stripes https www thesslstore com blog 2013 target data breach settled Bernard Alain Electronic telephone device Google Patents Retrieved April 29 2021 AudioSmartCard Infogreffe French Commercial Court Retrieved 29 April 2021 Liau Yun Qing November 8 2012 MasterCard launching banking card with OTP capability ZDNet Retrieved 12 May 2021 GamerStuff 24 January 2012 CES 2012 Interview Cyril Lalo NagraID Security YouTube Retrieved 12 May 2021 Mastercard Symantec and NagraID Security team up to provide further payment card security features www nagra com 14 February 2011 Retrieved 12 May 2021 RSA SecurID SD200 hardware token Series Specs CNet Retrieved 12 May 2021 Getin Bank 7 June 2013 Getin Bank poznaj nowa Karte Display do konta bankowego in Polish YouTube Retrieved 21 May 2021 D Albore Antonio 5 6 October 2017 The rise of biometric cards PDF International Card Manufacturers Association Embedded Security News Retrieved 2021 10 26 CS1 maint date format link Infogreffe AudioSmartCard International SA Infogreffe French corporate register Retrieved 12 June 2021 Bloomberg nCryptone Bloomberg Bloomberg Retrieved 12 June 2021 E Ink E Ink E Ink Retrieved 12 June 2021 Company Information AudioSmartCard International SA Infogreffe French Registries at Commercial Courts Retrieved 16 July 2021 Information about Prosodie Corporation Infogreffe French commercial court registries Retrieved 16 July 2021 nCryptone Corporate Profile Bloomberg Bloomberg Retrieved 16 July 2021 CardLab Innovation CardLab Innovation CardLab Innovation Retrieved 16 July 2021 Cipriani Jason Coin adds NFC capabilities to its new all in one card Fortune Fortune Retrieved 16 July 2021 LinkedIn Kanishk Parashar LinkedIn LinkedIn Statt Nick Inside Coin s techie vision for the all in one credit card Inside Coin s techie vision for the all in one credit card Check url value help CNet CNet Retrieved 16 July 2021 Statt Nick Coin adds NFC capabilities to its new all in one card CNet CNet Retrieved 16 July 2021 Cooper Daniel Fitbit buys Coin to help with mobile payments Engadget Engadget Heater Brian Coin will shut down its product services at the end of February TechCrunch TechCrunch Retrieved 16 July 2021 Ellipse World Inc Ellipse World Inc Ellipse World Inc Retrieved 16 July 2021 Emue Technologies Emue Technologies Emue Technologies Retrieved 16 July 2021 LinkedIn Emue Technologies LinkedIn LinkedIn Retrieved 16 July 2021 Visa CodeSure gets commercial green light Finextra Finextra Retrieved 16 July 2021 OTP Display Card Feitian technologies Feitian technologies Retrieved 16 July 2021 Chip Embedded Card Feitian Technologies Feitian Technologies Retrieved 16 July 2021 OTP Display Card Feitian Technologies Feitian Technologies Retrieved 16 July 2021 Fingerprint Cards Fingerprint Cards Fingerprint Cards Retrieved 16 July 2021 Biometrics The missing piece of the contactless card puzzle PDF Fingerprint Cards Fingerprint Cards Retrieved 16 July 2021 Zwipe Payment Card the World s Leading Biometric Payment Card Fingerprint Cards Fingerprint Cards Retrieved 16 July 2021 Giesecke Devrient Giesecke Devrient Giesecke Devrient Retrieved 16 July 2021 Payments Thales Group Gemalto Thales Group Gemalto Retrieved 16 July 2021 EMV Biometric Card Thales Group Gemalto Thales Group Gemalto Retrieved 16 July 2021 SafeNet OTP Display Card Thales Group SafeNet Thales Group SafeNet Retrieved 16 July 2021 Dynamic Code Verification Thales Group Gemalto Thales Group Gemalto Retrieved 16 July 2021 Oberthur Technologies Morpho becomes IDEMIA the global leader in trusted identities Idemia Idemia Retrieved 16 July 2021 Biometric payment card Idemia Idemia Retrieved 16 July 2021 Motion Code Idemia Idemia Retrieved 16 July 2021 Fingerprint sensor manufacturer Idex Biometrics Idex Biometrics Retrieved 16 July 2021 What is a fingerprint sensor module Idex Biometrics Idex Biometrics Retrieved 16 July 2021 XH Smart Tech showcasing dual interface biometric card with IDEX sensor at Mobile World Congress in Barcelona Idex Biometrics Idex Biometrics Retrieved 16 July 2021 nCryptone monte au capital d Innovative Card Technologies in French JDN 30 June 2006 Retrieved 16 July 2021 NID NID NID Retrieved 16 July 2021 Complex Cards NID NID Retrieved 16 July 2021 MasterCard and Absa Introduce Next Generation Payment Card a First for APMEA MasterCard MasterCard Retrieved 16 July 2021 Philippe Guillaud Epita Epita Retrieved 16 July 2021 nCryptone acquiert IC Tech in French Les Echos Investir June 30 2006 Retrieved 16 July 2021 BPCE Group and Oberthur Technologies launch a world exclusive innovation the first dynamic cryptogram payment card BPCE BPCE Retrieved 16 July 2021 Orange Bank une carte Visa Premium avec cryptogramme dynamique et Apple Pay in French iGen March 7 2019 Retrieved 16 July 2021 1 million MOTION CODE online transactions with Societe Generale Idemia Idemia Retrieved 16 July 2021 Hales Brett May 12 2017 R I P Plastc and Coin Death of the smartcard industry Hackernoon Schubarth Cromwell April 21 2017 Palo Alto smart credit card startup shutters after taking 9M in pre orders Biz Journals Retrieved 16 July 2021 Edge Mobile Payments Acquires Plastc Assets Edge Edge Retrieved 16 July 2021 Edge Mobile Payments Edge Mobile Payments Retrieved 16 July 2021 EDGE Mobile Payments Announces Development of the EDGE Card EDGE Mobile Payments EDGE Mobile Payments Retrieved 16 July 2021 Stratos Stratos Stratos Retrieved 16 July 2021 Cipriani Jason May 13 2015 One card to rule them all Stratos smart card replaces the need for a wallet Fortune Retrieved 16 July 2021 Stratos Connected Card Platform Acquired by CardLab Innovations Stratos Stratos Retrieved 16 July 2021 Swyp Swyp Swyp Retrieved 16 July 2021 Magistretti Berenice January 31 2017 Mobile payment startup Qvivr raises 5 million led by Khosla Ventures VentureBeat Retrieved 16 July 2021 MasterCard and Absa Introduce Next Generation Payment Card a First for APMEA MasterCard MasterCard November 28 2012 Retrieved 17 July 2021 World first for Belgium Banca Monte Paschi Belgio and MasterCard launch the first payment card combining debit credit display screen and contactless payment facilities MasterCard MasterCard 23 October 2012 Retrieved 17 July 2021 Bank of America unveils SafePass card Finextra Finextra 24 November 2008 Retrieved 17 July 2021 Verdict Staff May 21 2015 BPCE Oberthur to pilot first dynamic cryptogram payment card Cards International Retrieved 17 July 2021 Carpatica Bank launches display card in Romania Business Review Romania 6 December 2011 Retrieved 17 July 2021 MasterCard Drives Growth in Its Display Card Programme with Bank Launches in Romania MasterCard MasterCard 15 November 2011 Retrieved 17 July 2021 Erste Maestro PayPass Display Card PDF Erste Bank Erste Bank Retrieved 17 July 2021 Getin Bank June 7 2013 Getin Bank poznaj nowa Karte Display do konta bankowego Video YouTube in Polish YouTube Retrieved 17 July 2021 Grant Ian 14 Jun 2010 Newcastle Banking Society debuts smart display cards Computer Weekly Retrieved 17 July 2021 Smith Josh August 4 2010 PayPal security key card is it worth it AOL Retrieved 17 July 2021 Taiwan s Bank SinoPac issues credit cards with digital display Finextra 14 October 2010 Retrieved 17 July 2021 1 Million MOTION CODE Online Transactions With Societe Generale El Economista 17 October 2017 Liau Yun Qing November 8 2012 MasterCard launching banking card with OTP capability ZDNet ZDNet Parrish Kevin November 8 2012 MasterCard Electronic Display Cards Finally Go Mainstream Tom s Guide Retrieved 17 July 2021 MasterCard Symantec and NagraID Security team on display card Finextra Finextra 15 February 2011 Turk Ekonomi Bankasi TEB has launched a new digital banking service CardFlash 27 April 2015 Retrieved 17 July 2021 development of the KAMICARD IC card made from recyclable and biodegradable paper Toppan Printing Company Archived from the original on 2009 02 27 Retrieved 2009 03 27 a b c d e f Kilicli Tolga 2001 09 19 Smart Card HOWTO Archived from the original on 2009 06 15 Retrieved 2020 11 28 ISO IEC 7816 2 1999 Amd 1 2004 Assignment of contacts C4 and C8 ISO IEC 7816 2 2007 Identification cards Integrated circuit cards Part 2 Cards with contacts Dimensions and location of the contacts About Smart Cards Introduction Primer Secure Technology Alliance Retrieved 7 August 2017 Smart Card License System Smart Card Driving License System in Gujarat Taalkeuze Choix de langue fedict belgium be Eid belgium be Retrieved 2014 02 13 http www eldiario es turing dni electronico dnie 0 179182675 html Missing or empty title help http www ticbeat com tecnologias reportaje dni electronico Missing or empty title help FRACASO DEL DNI ELECTRONICO A las pruebas me remito in Spanish 2015 05 04 Retrieved 2018 06 06 FAILURE OF THE ELECTRONIC ID El DNI electronico ha muerto larga vida al DNI 3 0 in Spanish The electronic DNI has died long live the DNI 3 0 Emergency Response Official Credentials An Approach to Attain Trust in Credentials across Multiple Jurisdictions for Disaster Response and Recovery January 3 2011 OMA Newsletter 2007 Volume 2 Retrieved March 20 2012 Martin Christophe 30 June 2010 Update from SIMalliance on SCWS Retrieved March 20 2012 OMA Smart Card Web Server SCWS Archived from the original on November 1 2012 Retrieved June 10 2021 What is Aime Retrieved August 6 2017 Octopus Card Benefits Smartcare go Retrieved 24 September 2012 Smart Tickets Retrieved 24 April 2018 Konami Amusement Sega Interactive and Bandai Namco Entertainment Agree on Unified System for Arcade Game IC Cards Retrieved 10 June 2020 タイトー アミューズメントICカード 規格に参入決定 タイトー対応タイトル第1弾は ストV タイプアーケード Retrieved 10 June 2020 Mozilla certificate store smartcard howto for GNUPG Varghese Sam 2004 12 06 Qld schools benefit from smart cards The Age CreditCards com 2009 10 27 Cashless lunches come to Australian schools Australia creditcards com Archived from the original on 2010 11 29 Retrieved 2014 02 13 News Release Smart card technology to monitor smart food choices in schools Ifr ac uk 2005 07 14 Archived from the original on 2005 11 20 Retrieved 2014 02 13 Smartcardalliance org Fernandez Aleman Jose Luis Senor Inmaculada Carrion Lozoya Pedro Angel Oliver Toval Ambrosio 2013 Security and privacy in electronic health records A systematic literature review Journal of Biomedical Informatics Elsevier BV 46 3 541 562 doi 10 1016 j jbi 2012 12 003 ISSN 1532 0464 PMID 23305810 Recent years have witnessed the design of standards and the promulgation of directives concerning security and privacy in EHR systems However more work should be done to adopt these regulations and to deploy secure EHR systems MYKAD SDK PVC free Greepeace Retrieved 24 April 2018 Bar El Hagai Known Attacks Against Smartcards PDF Discretix Technologies Ltd Retrieved February 20 2013 Related Initiatives Home web for The Berlin Group The Berlin Group 2005 08 01 Archived from the original on 2006 05 07 Retrieved 2007 12 20 Further reading EditRankl W W Effing 1997 Smart Card Handbook John Wiley amp Sons ISBN 0 471 96720 3 Guthery Scott B Timothy M Jurgensen 1998 SmartCard Developer s Kit Macmillan Technical Publishing ISBN 1 57870 027 2 External links EditWikimedia Commons has media related to Smart cards Smart card at Curlie Retrieved from https en wikipedia org w index php title Smart card amp oldid 1053119843, wikipedia, wiki, book,

books

, library,

article

, read, download, free, free download, mp3, video, mp4, 3gp, jpg, jpeg, gif, png, picture, music, song, movie, book, game, games.