(Page 1 of 3)
A smartcard is a small device, about the size of a credit card, which contains electronic memory and possibly an embedded integrated circuit (IC), which allows them to do a small amount of processing. Smartcards containing an IC (a.k.a. microprocessor) can cost 3-6 times more than non-IC cards, and are sometimes called Integrated Circuit Cards (ICCs).317 Much like flash memory, to access the data on a smartcard, you insert the card into a device known as a smart card reader.
Smartcards can be used for a variety of purposes, including storage of personal data like medical records, newer cell phone configuration information, management of passwords and digital certificate data, electronic cash (school dining credits, department store gift cards, etc), access control (the widely used card key) and generating network authentication information (using a one-time password instead of a fixed password every time you login).
It is estimated that as of the end of 1999, more than 1.5 billion smartcards were in use worldwide. They are managed by smartcard life cycle management software, which is generally obtained from a different source than the smart cards themselves, such as Bellid318 or Litronic319. Because the capabilities of smartcards differ so substantially, you need to look at a variety of areas when evaluating smart cards, including security features, supported applications, storage capacity, and standards supported, data access controls, processor support, programming methods and algorithms supported.
Security features on smartcards, in addition to the embedded memory and possible IC, may include pictures, biometric data storage, bar codes, a magnetic stripe (as in credit cards) and even a very small antenna (for wireless communication that doesnt require the card surface actually contact the reader).
Additionally, the chip, by virtue of being embedded in the card, is tamper-resistant. Typically each card has its own serial number320.
317. Smart Card, http://www.webopedia.com
320. Smart Card Basics, http://www.gemplus.com/basics/index.html
Home - Table Of Contents - Contact Us
CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004
Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version © Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.