The applications of smartcards include their use as credit or ATM cards, SIMs for mobile phones, authorization cards for pay television, high security identification and access control cards, public transport tickets, etc.
Smart cards may also be used as electronic wallets. The smart card chip can be loaded with electronic money, which can be used to pay parking meters, vending machines, and merchants. Cryptographic protocols protect the exchange of money between the smart card and the accepting machine. Examples for this are Proton, GeldKarte, Moneo and Quick.
A large growing application is smart ID cards. In this application the cards are used for authentication of identity. Examples include the US Department of Defense Common Access Card (CAC), and their use by many governments as ID cards for their citizens. When combined with biometrics smartcards can provide two or three factor authentication. Smart cards are a privacy enhancing technology and when used in conjunction with appropriate security and privacy policies can form a highly effective identity authentication technology.
Smartcards have been advertised as suitable for these tasks, because they are engineered to be tamper resistant. The embedded chip of a smart card normally implements some cryptographic algorithm. Information about the inner workings of this algorithm can be obtained if the precise time and electrical current required for certain encryption or decryption operations is measured. A number of research projects have now demonstrated the feasibility of this line of attack. Counter measures have been proposed.
Another problem of smart cards may be the failure rate. The plastic card in which the chip is embedded is fairly flexible, and first time users are insufficiently careful with their card. Smart cards are often carried in wallets or pockets, which is a fairly harsh environment for a chip. However, for large banking systems, the failure management cost is more than compensated by the fraud cost reduction.
via [ SimplePass ]
Comments