Smart card used for health insurance in France.

A smart card, chip card, or integrated circuit card (ICC), is defined as any pocket-sized card with embedded integrated circuits which can process information. Microchipsjpg|right|thumb|200px|Microchips ( EPROM memory with a transparent window showing the integrated circuit inside This implies that it can receive input which is processed - by way of the ICC applications - and delivered as an output. There are two broad categories of ICCs. Memory cards contain only non-volatile memory storage components, and perhaps some specific security logic. A memory card or flash memory card is a solid-state electronic Flash memory Data storage device used with Digital Microprocessor cards contain volatile memory and microprocessor components. The card is made of plastic, generally PVC, but sometimes ABS. Acrylonitrile butadiene styrene or ABS, ( Chemical formula (C8H8· C4H6·C3H3Nn is The card may embed a hologram to avoid counterfeiting. Holography (from the Greek, ὅλος - hólos whole + γραφή - grafē writing drawing is a technique that allows the A counterfeit is an imitation that is made usually with the intent to deceptively represent its content or origins

Overview

A "smart card" is also characterized as follows:

• Dimensions are normally credit card size. A credit card is part of a system of Payments named after the small Plastic card issued to users of the system The ID-1 of ISO/IEC 7810 standard defines them as 85. ISO/IEC 78102003 is an International standard that defines four formats for identity or Identification cards ID-1 ID-2 ID-3 and ID-000 60 × 53. 98 mm. The Millimetre ( American spelling: millimeter, symbol mm) is a unit of Length in the Metric system, equal to Another popular size is ID-000 which is 25 x 15 mm. Both are . 76 mm thick.
• Contains a security system - tamper-resistant properties (e. Tamper resistance is resistance to tampering by either the normal users of a product package or system or others with physical access to it g. a secure cryptoprocessor, secure file system, human-readable features) and is capable of providing security services (e. A secure cryptoprocessor is a dedicated Computer or Microprocessor for carrying out Cryptographic operations embedded in a packaging with multiple g. confidentiality of information in the memory).
• Asset managed by way of a central administration system which interchanges information and configuration settings with the card through the security system. The latter includes card hotlisting, updates for application data.
• Card data is transferred to the central administration system through card reading devices, such as ticket readers, ATMs etc.

Benefits

Smart cards provide a means of effecting business transactions in a flexible, secure, standard way with minimal human intervention.

History

The automated chip card was invented by German rocket scientist Helmut Gröttrup and his colleague Jürgen Dethloff in 1968; the patent was finally approved in 1982. Germany, officially the Federal Republic of Germany ( ˈbʊndəsʁepuˌbliːk ˈdɔʏtʃlant is a Country in Central Europe. Helmut Gröttrup (1916 – 1981 was a German electrical engineer and assistant of Wernher von Braun in the V-2 rocket -project Year 1968 ( MCMLXVIII) was a Leap year starting on Monday (link will display full calendar of the Gregorian calendar. Year 1982 ( MCMLXXXII) was a Common year starting on Friday (link displays the 1982 Gregorian calendar) The first mass use of the cards was for payment in French pay phones, starting in 1983 (Télécarte). A payphone or pay phone is a public Telephone, with payment made by inserting money (usually coins or a Debit card (a special Telephone card Year 1983 ( MCMLXXXIII) was a Common year starting on Saturday (link displays the 1983 Gregorian calendar) A telephone card, calling card or phone card for short is a small card usually resembling a Credit card, used to pay for Telephone services

Roland Moreno actually patented his first concept of the memory card in 1974. Year 1974 ( MCMLXXIV) was a Common year starting on Tuesday (link will display full calendar of the 1974 Gregorian calendar. In 1977, Michel Ugon from Honeywell Bull invented the first microprocessor smart card. Also 1977 (album by Ash. Year 1977 ( MCMLXXVII) was a Common year starting on Saturday (link displays Groupe Bull (also known as Bull Information Systems or simply Bull) is a French owned Computer company headquartered in Les Clayes-sous-Bois In 1978, Bull patented the SPOM (Self Programmable One-chip Microcomputer) that defines the necessary architecture to auto-program the chip. Year 1978 ( MCMLXXVIII) was a Common year starting on Sunday (link displays the 1978 Gregorian calendar) Three years later, the very first "CP8" based on this patent was produced by Motorola. Today, Bull has 1200 patents related to smart cards.

A smart card, combining credit card and debit card properties. A credit card is part of a system of Payments named after the small Plastic card issued to users of the system A debit card (also known as a bank card) is a plastic card which provides an alternative payment method to Cash when making purchases The 3 by 5 mm security chip embedded in the card is shown enlarged in the inset. The contact pads on the card enables electronic access to the chip.

The second use was with the integration of microchips into all French debit cards (Carte Bleue) completed in 1992. A debit card (also known as a bank card) is a plastic card which provides an alternative payment method to Cash when making purchases Carte Bleue ("Blue Card" is a major Debit card payment scheme operating in France. Year 1992 ( MCMXCII) was a Leap year starting on Wednesday (link will display full 1992 Gregorian calendar) When paying in France with a Carte Bleue, one inserts the card into the merchant's terminal, then types the PIN, before the transaction is accepted. Only very limited transactions (such as paying small autoroute tolls) are accepted without PIN. Autoroute is the French word for a major high-speed road restricted to motor vehicles without crossings and having limited access

Smart-card-based electronic purse systems (in which value is stored on the card chip, not in an externally recorded account, so that machines accepting the card need no network connectivity) were tried throughout Europe from the mid-1990s, most notably in Germany (Geldkarte), Austria (Quick), Belgium (Proton), France (Moneo), the Netherlands (Chipknip and Chipper), Switzerland ("Cash"), Sweden ("Cash"), Finland ("Avant"), UK ("Mondex"), Denmark ("Danmønt") and Portugal ("Porta-moedas Multibanco"). The 1990s collectively refers to the years between and including 1990 and 1999

The major boom in smart card use came in the 1990s, with the introduction of the smart-card-based SIM used in GSM mobile phone equipment in Europe. With the ubiquity of mobile phones in Europe, smart cards have become very common.

The international payment brands MasterCard, Visa, and Europay agreed in 1993 to work together to develop the specifications for the use of smart cards in payment cards used as either a debit or a credit card. The first version of the EMV system was released in 1994. EMV is a standard for interoperation of IC cards ("Chip cards" and IC capable POS terminals and ATM 's for authenticating credit In 1998 a stable release of the specifications was available. EMVco, the company responsible for the long-term maintenance of the system, upgraded the specification in 2000 and most recently in 2004. The goal of EMVco is to assure the various financial institutions and retailers that the specifications retain backward compatibility with the 1998 version.

With the exception of countries such as the United States of America there has been significant progress in the deployment of EMV-compliant point of sale equipment and the issuance of debit and or credit cards adhering the EMV specifications. Typically, a country's national payment association, in coordination with MasterCard International, Visa International, American Express and JCB, develop detailed implementation plans assuring a coordinated effort by the various stakeholders involved. MasterCard Worldwide ( is a multinational corporation based in Purchase, New York, USA. American Express ( sometimes known as " AmEx " or " Amex " is a diversified global Financial services company headquartered in Japan Credit Bureau, usually abbreviated as JCB, is a Credit card company based in Tokyo, Japan.

The backers of EMV claim it is a paradigm shift in the way one looks at payment systems. In countries where banks do not currently offer a single card capable of supporting multiple account types, there may be merit to this statement. Though some banks in these countries are considering issuing one card that will serve as both a debit card and as a credit card, the business justification for this is still quite elusive. Within EMV a concept called Application Selection defines how the consumer selects which means of payment to employ for that purchase at the point of sale.

For the banks interested in introducing smart cards the only quantifiable benefit is the ability to forecast a significant reduction in fraud, in particular counterfeit, lost and stolen. The current level of fraud a country is experiencing, coupled with whether that country's laws assign the risk of fraud to the consumer or the bank, determines if there is a business case for the financial institutions. Some critics claim that the savings are far less than the cost of implementing EMV, and thus many believe that the USA payments industry will opt to wait out the current EMV life cycle in order to implement new, contactless technology.

Smart cards with contactless interfaces are becoming increasingly popular for payment and ticketing applications such as mass transit. Visa and MasterCard have agreed to an easy-to-implement version currently being deployed (2004-2006) in the USA. Across the globe, contactless fare collection systems are being implemented to drive efficiencies in public transit. The various standards emerging are local in focus and are not compatible, though the MIFARE Standard card from Philips has a considerable market share in the US and Europe.

Smart cards are also being introduced in personal identification and entitlement schemes at regional, national, and international levels. Citizen cards, drivers’ licenses, and patient card schemes are becoming more prevalent; For example in Malaysia, the compulsory national ID scheme MyKad inlcudes 8 different applications and is rolled out for 18 million users. MyKad, or Government Multipurpose Card, (GMPC is the official compulsory Identity card of Malaysia. Contactless smart cards are being integrated into ICAO biometric passports to enhance security for international travel. The International Civil Aviation Organization ( ICAO) an agency of the United Nations, codifies the principles and techniques of international air navigation See also Passport A biometric passport is a combined paper and electronic identity document that uses Biometrics to authenticate the identity of travelers

Contact smart card

Contact smart cards have a contact area, comprised of several gold-plated contact pads, that is about 1cm square. When inserted into a reader, the chip makes contact with electrical connectors that can read information from the chip and write information back. A memory card reader is a device used for communication with a Smart card or a flash Memory card.

The ISO/IEC 7816 and ISO/IEC 7810 series of standards define:

• the physical shape
• the positions and shapes of the electrical connectors
• the electrical characteristics
• the communications protocols, that includes the format of the commands sent to the card and the responses returned by the card. ISO/IEC 7816 is an International standard related to electronic identification cards, especially Smart cards managed jointly by the International Organization ISO/IEC 78102003 is an International standard that defines four formats for identity or Identification cards ID-1 ID-2 ID-3 and ID-000 In the field of Telecommunications, a communications protocol is the set of standard rules for data representation signaling authentication and error detection required to
• robustness of the card
• the functionality

The cards do not contain batteries; energy is supplied by the card reader. In electronics a battery is a combination of two or more Electrochemical cells which store chemical Energy which can be converted into electrical energy

Reader

Contact smart card readers are used as a communications medium between the smart card and a host, e. g. a computer, a point of sale terminal, or a mobile telephone.

Since the chips in the financial cards are the same as those used for mobile phone Subscriber Identity Module(SIM) cards, just programmed differently and embedded in a different shaped piece of PVC, the chip manufacturers are building to the more demanding GSM/3G standards. So, for instance, although EMV allows a chip card to draw 50mA from its terminal, cards are normally well inside the telephone industry's 6mA limit. This is allowing financial card terminals to become smaller and cheaper, and moves are afoot to equip every home PC with a card reader and software to make internet shopping more secure.

Contactless smart card

See also: List of smart cards

A second type is the contactless smart card, in which the chip communicates with the card reader through RFID induction technology (at data rates of 106 to 848 kbit/s). Example of widely used contactless Smart cards are Hong Kong's Octopus card, Paris' Calypso_%28RFID%29 / Navigo and Lisbon ' LisboaViva card Proximity card (or Prox Card) is a generic name for contactless integrated circuit devices used for security access or payment systems Radio-frequency identification ( RFID) is an automatic identification method relying on storing and remotely retrieving data using devices called RFID tags or These cards require only close proximity to an antenna to complete transaction. They are often used when transactions must be processed quickly or hands-free, such as on mass transit systems, where smart cards can be used without even removing them from a wallet. A wallet, or billfold, is a small flat case used to carry personal items such as Cash, Credit cards and identification documents such as a Driver's

The standard for contactless smart card communications is ISO/IEC 14443, dated 2001. ISO/IEC 14443 defines a Proximity card used for Identification that usually uses the standard Credit card Form factor defined by ISO/IEC It defines two types of contactless cards ("A" and "B"), allows for communications at distances up to 10 cm. There had been proposals for ISO 14443 types C, D, E and F that have been rejected by the International Organization for Standardization. ISO/IEC 14443 defines a Proximity card used for Identification that usually uses the standard Credit card Form factor defined by ISO/IEC An alternative standard for contactless smart cards is ISO 15693, which allows communications at distances up to 50 cm. ISO 15693 is an ISO standard for " Vicinity Cards quot ie

Example of widely used contactless smart cards are Hong Kong's Octopus card, and Japan Rail's Suica Card; which predate the ISO/IEC 14443 standard. The Octopus card is a rechargeable contactless stored value Smart card used to transfer electronic payments in online or offline systems in Hong is a rechargeable contactless Smart card used as a fare card on train lines in Japan The following tables list smart cards used for public transportation and other electronic purse applications. Electronic money (also known as e-money, electronic cash, electronic currency, digital money, digital cash or digital currency

Singapore Metro EZlink

Novosibirsk (Russia). Transport farecollection terminal CFT

Smartcard used for paying for public transportation in the Helsinki area; the card is read remotely. Helsinki (in Finnish;) or Helsingfors (in Swedish;) is the Capital and largest city of Finland.

Obverse side of a standard adult Octopus card, a contactless smart card. The Octopus card is a rechargeable contactless stored value Smart card used to transfer electronic payments in online or offline systems in Hong

A related contactless technology is RFID (radio frequency identification). Radio-frequency identification ( RFID) is an automatic identification method relying on storing and remotely retrieving data using devices called RFID tags or In certain cases, it can be used for applications similar to those of contactless smart cards, such as for electronic toll collection. Electronic toll collection (ETC, an adaptation of military " Identification friend or foe " technology aims to eliminate the delay on Toll roads It is a RFID devices usually do not include writeable memory or microcontroller processing capability as contactless smart cards often do.

There are dual-interface cards that implement contactless and contact interfaces on a single card with some shared storage and processing. An example is Porto's multi-application transport card, called Andante, that uses a chip in contact and contactless (ISO 14443B). Andante is a Public transport ticketing system used in and around Porto, Portugal.

Like smart cards with contacts, contactless cards do not have a battery. Instead, they use a built-in inductor to capture some of the incident radio-frequency interrogation signal, rectify it, and use it to power the card's electronics. An inductor is a passive electrical component designed to provide Inductance in a circuit A rectifier is an electrical device that converts Alternating current (AC to Direct current (DC a process known as rectification.

Communication protocols

Credit card contactless technology

These are the best known payment cards (classical plastic card):

• Visa: Visa Contactless, Quick VSDC - "qVSDC", Visa Wave, MSD, payWave
• MasterCard: PayPass Magstripe, PayPass MChip
• American Express: Express Pay
• Chase: Blink (credit and debit cards)

Roll-outs started in 2005 in USA (Asia and Europe - 2006). ISO/IEC 7816 is an International standard related to electronic identification cards, especially Smart cards managed jointly by the International Organization ISO/IEC 7816 is an International standard related to electronic identification cards, especially Smart cards managed jointly by the International Organization ISO/IEC 14443 defines a Proximity card used for Identification that usually uses the standard Credit card Form factor defined by ISO/IEC Contactless (non PIN) transactions cover a payment range of ~$5-50. There is an ISO 14443 PayPass implementation. ISO/IEC 14443 defines a Proximity card used for Identification that usually uses the standard Credit card Form factor defined by ISO/IEC All PayPass implementations may be separated on EMV and non EMV.

Non-EMV cards work like magnetic stripe cards. This is a typical card technology in the USA (PayPass Magstripe and VISA MSD). The cards do not control amount remaining. All payment passes without a PIN and usually in off-line mode. The security level of such a transaction is no greater than with classical magnetic stripe card transaction.

EMV cards have two interfaces (contact and contactless) and they work as a normal EMV card via contact interface. Via contactless interface they work almost like an EMV (card command sequence adopted on contactless features as low power and short transaction time).

Cryptographic smart cards

Most advanced smart cards are equipped with specialized cryptographic hardware that let you use algorithms such as RSA and DSA on board. In Cryptography, RSA is an Algorithm for Public-key cryptography. The Digital Signature Algorithm (DSA is a United States Federal Government standard or FIPS for Digital signatures It was proposed by the Today's cryptographic smart cards are also able to generate key pairs on board, to avoid the risk of having more than one copy of the key (since by design there usually isn't a way to extract private keys from a smart card).

Such smart cards are mainly used for digital signature and secure identification (see applications section). A digital signature or digital signature scheme is a type of asymmetric cryptography used to simulate the security properties of a handwritten Signature

The most common way to access cryptographic smart card functions on a computer is to use a PKCS#11 library provided by the vendor. In Cryptography, PKCS#11 is one of the family of standards called Public-Key Cryptography Standards (PKCS, published by RSA Laboratories. On Microsoft Windows platforms the CSP API is also adopted. Microsoft Windows is a series of Software Operating systems and Graphical user interfaces produced by Microsoft. In Microsoft Windows, a Cryptographic Service Provider (CSP is a software library that implements the Cryptographic Application Programming Interface (CAPI

The most widely used cryptographics in smart cards (excluding the GSM so-called "crypto algorithm") are 3DES (Triple DES) and RSA. The key set is usually loaded (DES) or generated (RSA) on the card at the personalization stage.

Applications

Financial

The applications of smart cards include their use as credit or ATM cards, in a fuel card, SIMs for mobile phones, authorization cards for pay television, pre-pay utilities in household, high-security identification and access-control cards, and public transport and public phone payment cards. A fuel card is a payment card for Petrol (gasoline Diesel and other fuels at Filling stations Account balances are cleared in full when due and payment

Smart cards may also be used as electronic wallets. An online wallet is a program or web service that allows users to store and control their online shopping information like logins, Passwords shipping The smart card chip can be loaded with funds which can be spent in parking meters and vending machines or at various merchants. Cryptographic protocols protect the exchange of money between the smart card and the accepting machine. A security protocol ( cryptographic protocol or encryption protocol) is an abstract or concrete protocol that performs a security -related function There is no connection to the issuing bank necessary, so the holder of the card can use it regardless of him being the owner. Examples are Proton, Geldkarte, Chipknip and Mon€o. Chipknip is the Electronic cash system used in the Netherlands. Moneo, branded as mon€o, is an Electronic purse system available on French bank cards to allow small purchases to be made without cash The german Geldkarte is also used to validate the customers age at vending machines for cigarettes. A vending machine is a machine that provides various snacks beverages and other products to consumers

Identification

A quickly growing application is in digital identification cards. In this application, the cards are used for authentication of identity. Authentication (from Greek αυθεντικός real or genuine from authentes author is the act of establishing or confirming something (or someone as The most common example is in conjunction with a PKI. In Cryptography, a public key infrastructure ( PKI) is an arrangement that binds Public keys with respective user identities by means of a Certificate The smart card will store an encrypted digital certificate issued from the PKI along with any other relevant or needed information about the card holder. Examples include the U.S. Department of Defense (DoD) Common Access Card (CAC), and the use of various smart cards by many governments as identification cards for their citizens. The United States Department of Defense ( DOD or DoD) is the federal department charged with coordinating and supervising all agencies and functions of the government The Common Access Card (CAC is a United States Department of Defense (DoD Smartcard issued as standard identification for active duty military personnel reserve When combined with biometrics, smart cards can provide two- or three-factor authentication. Smart cards are not always a privacy-enhancing technology, for the subject carries possibly incriminating information about him all the time. By employing contactless smart cards, that can be read without having to remove the card from the wallet or even the garment it is in, one can add even more authentication value to the human carrier of the cards.

The first smart card driver's license system in the world was issued in 1995 in Mendoza, a province of Argentina. For a topic outline on this subject see List of basic Argentina topics. Mendoza has a high level of road accidents, driving offenses, and a poor record of recovering outstanding fines. The smart licenses keep an up-to-date record of driving offenses and unpaid fines. They also store personal information, license type and number, and a photograph of the holder. Emergency medical information like blood type, allergies, and biometrics (fingerprints) can be stored on the chip if the cardholder wishes. The Argentina government anticipates that this new system will help to recover more than $10 million per year in fines.

Gujarat was the first state in India to introduce the smart card license system in 1999. Gujarat (ગુજરાત Gujǎrāt, pronounced) is a state in western India. To date the Gujarat Government has issued 5 million smart card driving licenses to its people. This card is basically a plastic card having ISO/IEC 7810 certification and integrated circuit, capable of storing and verifying information according to its programming. ISO/IEC 78102003 is an International standard that defines four formats for identity or Identification cards ID-1 ID-2 ID-3 and ID-000

Smart cards have been advertised as suitable for personal identification tasks, because they are engineered to be tamper resistant. Tamper resistance is resistance to tampering by either the normal users of a product package or system or others with physical access to it The embedded chip of a smart card usually implements some cryptographic algorithm. Cryptography (or cryptology; from Greek grc κρυπτός kryptos, "hidden secret" and grc γράφω gráphō, "I write" Information about the inner workings of this algorithm can be obtained if the precise time and electrical current required for certain encryption or decryption operations is measured. Electric current is the flow (movement of Electric charge. The SI unit of electric current is the Ampere. A number of research projects have now demonstrated the feasibility of this line of attack. Countermeasures have been proposed.

By the start of 2009 the entire population of Spain and Belgium will have an eID card, that is issued by the Spanish and Belgian Governments and that is used to identify an individual. Spain () or the Kingdom of Spain (Reino de España is a country located mostly in southwestern Europe on the Iberian Peninsula. The Kingdom of Belgium is a Country in northwest Europe. It is a founding member of the European Union and hosts its headquarters as well as those These cards contain 2 certificates: one for authentication and one for signature. This signature is legally adopted. More and more services in these countries are using the eID card as an authorisation token. More information on [1]and [2]

Other

Smart cards are widely used to protect digital television streams. See television encryption for an overview, and VideoGuard for a specific example of how smartcard security worked (and was cracked). Television encryption, often referred to as " scrambling " is Encryption used to control access to pay television services usually cable or VideoGuard (sometimes referred to simply as NDS) produced by NDS, is a digital Encryption system for use with Conditional access television

The Malaysian government uses smart card technology in identity cards carried by all Malaysian citizens and resident non-citizens. The personal information inside the smart card (called mykad) can be read using special APDU commands. MYKAD SDK

Problems

Another problem of smart cards may be the failure rate. The plastic card in which the chip is embedded is fairly flexible, and the larger the chip, the higher the probability of breaking. Smart cards are often carried in wallets or pockets — a fairly harsh environment for a chip. However, for large banking systems, the failure-management cost can be more than offset by the fraud reduction. A card enclosure might be a good idea. A card enclosure is a container for Smart cards Credit cards Debit cards Telephone cards Visiting cards Business cards

Using a smart card for mass transit presents a risk for privacy, because such a system enables the mass transit operator (and the authorities) to track the movement of individuals. Privacy is the ability of an individual or group to seclude themselves or information about themselves and thereby reveal themselves selectively In Finland, the Data Protection Ombudsman prohibited the transport operator YTV from collecting such information, in spite of YTV's argument that the owner of the card has the right to get a list of journeys paid with the card. Privacy is the ability of an individual or group to seclude themselves or information about themselves and thereby reveal themselves selectively An ombudsman ( English plural conventionally ombudsmen) is an official usually (but not always appointed by the government or by parliament who is charged with The Helsinki Metropolitan Area Council ( Pääkaupunkiseudun yhteistyövaltuuskunta, or YTV, in Finnish Huvudstadsregionens samarbetsdelegation in Swedish Prior to this, such information was used in the investigation of the Myyrmanni bombing. The Myyrmanni bombing took place on October 11, 2002 in the town of Vantaa, Finland, in Greater Helsinki, in the local Myyrmanni

Smart cards used for client-side identification and authentication are the most secure way for eg. internet banking applications, but the security is never 100% sure. In the example of internet banking, if the PC is infected with any kind of malware, the security model is broken. A malware can override the communication (both input via keyboard and output via application screen) between the user and the internet banking application (eg. browser). This would result in modifying transactions by the malware and unnoticed by the user. There are malwares in the wild with this capability (eg. Trojan. Silentbanker). Banks like Fortis and Dexia in Belgium combine a Smart card with an unconnected card reader to avoid this problem. Dexia (,) is a Belgian - French Financial institution, also referred to as the Dexia Group specializing in Public finance. The customer enters a challenge received from the bank's website, his PIN and the transaction amount into the card reader, the card reader returns an 8 digits signature. This signature is manually copied to the PC and verified by the bank. This method prevents a malware to change the transaction amount.

In addition to technical hurdles is the lack of standards for smart card functionality and security. To address this problem, the ERIDANE Project was launched by The Berlin Group to develop a proposal for "a new functional and security framework for smart-card based Point of Interaction (POI) equipment", equipment that would be used, for instance, in retail environments. ^[1]

See also

• Access badge
• Access control
• BasicCard
• Biometrics
• Common Access Card
• Credential
• Electronic money
• Electronic passport
• EMV credit cards
• GlobalPlatform standard
• ID Card
• Java Card
• Keycard
• Magnetic stripe card
• MULTOS
• Photo identification
• Physical Security
• Proximity card
• RFID
• Security
• Security engineering
• Snapi
• SIM
• Swipe card
• Telephone card

Terminology

ATR

Answer to Reset

BCD

Binary-coded decimal

CHV

Card Holder Verification

COS

Card operating system

DF

Dedicated File

IC

Integrated circuit

PC/SC

Personal computer / smart card

MF

Master File

PPS

Protocol and Parameter Select

RFU

Reserved for Future Use

References

Books

• W. Rankl & W. Effing, Smart Card Handbook, John Wiley & Sons, 1997, ISBN 0-471-96720-3
• Scott B. Guthery & Timothy M. Jurgensen, SmartCard Developer's Kit, Macmillan Technical Publishing, 1998, ISBN 1-57870-027-2, http://www.scdk.com

External links

• Smart card at the Open Directory Project
• Smart Card Alliance
• OpenSC (open source smart card framework)
• The Open Card Consortium
• Malaysia MYKAD SDK