Smart Cards From Scratch

Printer Friendly Version

A smart card is a plastic card with an integrated circuit embedded in it - it is not a credit card with holographic safety sticker on it. The integrated circuit can be active or passive. An active integrated circuit has processing power, and can execute transactions. A passive integrated circuit is simply a memory device - its purpose being to store information. Some smart cards, the best ones, offer both processing power and storage capabilities. An active integrated circuit smart card is often referred to as a microprocessor card. The microprocessor smart cards typically cost 3-6 times as much as a smart card that only has storage capabilities.

In the United States, cell phone vendors represent probably the biggest customer base of smart card circuitry. The integrated circuits that are used for smart cards are the same type of circuits used in cell phones. Typically, the smart circuit in your cell phone holds your phone number and the memory bank of stored phone numbers. The nice thing about this type of smart circuit architecture is that you can open the cell phone, remove the circuit, place it into a different cell phone (perhaps a model that you like better) and be ready to go with your same phone number and stored phone numbers.

Smart cards used for identity management can be more complex than those used in cell phones and can have numerous features. For this reason there is a long list of standards that savvy smart card buyers should be aware of. To complicate things further, in addition to the smart circuitry, smart cards can also have a magnetic stripe on them (similar to your standard credit card) bar codes, biometrics, an antennae, and pictures.

If your organization is considering purchasing a smart card solution, the main feature types you'll want to research on the various smart card products that exist are:

· Applications Supported
· Storage Capabilities
· Standards Supported
· Access Controls
· Processor Support
· Programming Capabilities
· Algorithms Supported

Applications Supported
For those considering a smart card implementation, the first thing that must be carefully considered is what you want to use your smart card for. Implementing a smart card solution across a large intranet is no small task. A recommendation is to select two to three key applications to start with, and then add on other applications after your smart card program is robustly established. If you plan to add on subsequent applications after your initial rollout, you'll want to make sure the cards you purchase are scalable and have the extra storage and processing power that more applications will require. Typically smart cards are used for proximity access, network OS logins, VPN logins, biometrics, e-purse usage (holding electronic money), health records, holding encryption keys, electronic signing, and inventory management.

If you want to use your card for contactless verification (where you pass the card in front of a reader but don't actually touch the reader), you'll need a card that has an embedded antennae. You won't be able to see the antennae -- it is very thin and sandwiched inside the plastic.

Storage Capabilities Smart cards can typically store from less than 8K of storage on up to 32K. 32K cards cost more than 8K cards, though obviously you can fit more on them. Anything that goes on a smart card takes up some of the storage space -- the applications, the smart card operating system, user information, and any programming capabilities. When vendors tell you how much storage space their card holds, be sure and ask them if they mean total storage, or the storage space available for user data. Different smart card vendors calculate their storage space differently so get them to be specific about whether they mean space that is left for you to use, or total space.

Go to page: 1  2  3