SMARTCARDS. What we’ll cover: How does the Smart Card work (layout and operating system)? Security issues for the card holder The present and future of.

Slides:

Advertisements

Similar presentations

Operating-System Structures

Advertisements

Smart Card Security Xufen Gao CS 265 Spring, 2004 San Jose State University.

Learning Objectives Understand the shifts that are occurring with regard to online payments. Discuss the players and processes involved in using credit.

Smart Card Syed Jabbar Computer Science Course:

Smart Card Authentication. Outline for Today Introduction of Smart Card Authentication Different Authentication Techniques Explain Authentication Techniques.

Trusted Symbol of the Digital Economy 1 Bill Holmes – VP Marketing ID Platform - Smart Cards.

PRESENTED BY: FATIMA ALSALEH Credit Cards Fraud - skimmers -

Secure Electronic Health Records: The German Experience By Michael Deighan.

Smart Card Reader. Quick Start Training Agenda Smart Card Introduction ISO 7816 Standard Smart Card Operation CoolRunner-II Smart Card Reader CoolRunner-II.

SecurePak Electronic tamper detection for packaging developed by Cypak and Swedish Postal Service.

ICT at Work Banking and Finance.

Electronic payment Methods: Defined: It is alternative payment mechanism for electronic transactions instead of traditional payment methods like cheque,cash,

JAIPUR 16 DEC 08 TECHNOLOGY FOR FINANCIAL INCLUSION Indian Institute of Banking & Finance N D RAO.

Direct Attacks on Computational Devices

Checking Account & Debit Card Simulation Understanding Checking Accounts and Debit Card Transactions.

VM: Chapter 5 Guiding Principles for Software Security.

Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.

Submitted by: Rahul Rastogi, CS Department.  Introduction  What is a smart card?  Better than magnetic stripe card.  Technology What’s in a card?

FIT3105 Smart card based authentication and identity management Lecture 4.

Chapter 12 Electronic Payment Systems. Electronic CommercePrentice Hall © The Payment Revolution A number of factors impact whether a particular.

Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment ELC 200 Day 24.

ELECTRONIC PAYMENT SYSTEMS FALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS eCommerce Technology Lecture 9 Micropayments I.

Operating Systems.

By : Injeong Lee 9CC. 1. Creator of this Presentation   2. What is Digital Security?   3. Why is Digital Security important?   4. How does Digital.

By: Piyumi Peiris 11 EDO. Swipe cards are a common type of security device used by many people. They are usually a business-card-sized plastic card with.

Electronic Payment Systems

Smart Cards By Simon Siu and Russell Doyle Overview Size of a credit card Small embedded computer chip – Memory cards – Processor cards – Electronic.

Secure Electronic Transaction (SET)

Account Authority Digital Signature AADS Lynn Wheeler First Data Corporation

Mr.PRABHAT KUMAR MOHAPATRA

Component 4: Introduction to Information and Computer Science Unit 8: Security Lecture 2 This material was developed by Oregon Health & Science University,

E-PAYMENT METHODS 1. FACT OR FICTION ??? VISA processed 15,200 credit card transactions per minute. The first ATM machine was developed in 1939?. Luther.

Smart Card 李開振, 許家碩 Department of Computer Science National Chiao Tung University.

The Present and Future of Electronic Payment Systems Vivek Reddy Information Assurance 5/19/04.

PIN-on-Card New contact-less smart card with integrated PIN pad for secure user verification at unparalleled cost effectiveness.

ECE Lecture 1 Security Services.

Smart card security Nora Dabbous Security Technologies Department.

Smart Card Technology & Features

Computer Hardware Sources: Discovering Computers Information & Software technology.

1 Introduction to Microsoft Windows 2000 Windows 2000 Overview Windows 2000 Architecture Overview Windows 2000 Directory Services Overview Logging On to.

1 7 th CACR Information Workshop Vulnerabilities of Multi- Application Systems April 25, 2001 MAXIMUS.

A smart card is a credit-card sized plastic card embedded with an integrated circuit chip that makes it "smart". This marriage between a convenient plastic.

Systems Software Operating Systems. What is software? Software is the term that we use for all the programs and data that we use with a computer system.

Computers in Banking and Retail CEL : C O M P U T E R S I N E V E R Y D A Y L I F E CEL 2 Part 3: Cashless Society [Sec 2-4] Name: _____________________.

SMART CARDS Presented By Jishnu Sasikumar Reg No : 09 PG 142.

1 UNIT 19 Data Security 2. Introduction 2 AGENDA Hardware and Software protect ion Network protect ion Some authentication technologies :smart card Storage.

Introduction Architecture Hardware Software Application Security Logical Attack Physical Attack Side channel Attack.

Checking & Savings Accounts Economics What is a Checking Account?  Common financial service used by many consumers (a place to keep money)  Funds.

LEARNING AREA 1 : INFORMATION AND COMMUNICATION TECHNOLOGY PRIVACY AUTHENTICATION VERIFICATION.

Vijay V Vijayakumar.  Implementations  Server Side Security  Transmission Security  Client Side Security  ATM’s.

e-Wallet – THE FUTURE OF CARDS

Information Systems Design and Development Security Precautions Computing Science.

What is a Smart Card? Standard credit card-sized with microchip embedded on it Two types –Memory-only chips –Microprocessor chips.

SMART CARDS SMART CARDS Sumesh Kumar K. What is a Smart Card? Plastic Card. Microchip loaded with data. Uses - telephone calling, electronic card payment.

Information Security and Privacy By: Mike Battestilli.

A smart card is a credit card sized plastic card embedded with an integrated circuit chip that makes it "smart". This made between a convenient plastic.

Sravanthi chalasani University of North Carolina at Charlotte ECGR-6185 ADVANCED EMBEDDED SYSTEMS Sravanthi Chalasani SMART CARDS.

TECHNOLOGY FOR FINANCIAL INCLUSION

AGENDA Introduction Kind of information smart card contain

EMBEDDED SYSTEMS.

Introduction to Depository Institutions

Electronic Payment Systems

Technology Literacy Hardware.

UNIT 19 Data Security 2.

Smart Card Technology Why is a Smart Card So Smart?

Electronic Commerce Payment Systems

Introduction to Depository Institutions

Introduction to Depository Institutions

Electronic Commerce Payment Systems

Presentation transcript:

SMARTCARDS

What we’ll cover: How does the Smart Card work (layout and operating system)? Security issues for the card holder The present and future of Smart Card technology

Smart Card Hardware Layout Chip surrounded by epoxy in a pit on the card Chip surface area usually under 25 mm 2 Components are: –Microprocessor (8 bit, Motorola or Intel) –ROM - Contains OS information –RAM - For short term processing –EEPROM- For long term storage

Smart Card Operating System First generation was very simple and specific Nothing like DOS or UNIX, they were merely a collection of commands Were required by ISO to have a hierarchical file structure as they were mostly for data storage

Smart Card OS (cont) In order to support transaction processing, smart cards needed to have a new OS design. Second generation OS handles multiple applications at the same time More complex programs are written

Other features of the “new” card Object oriented design –Safer –“Packet” data transferring Kernel for application management Execution security for multiple applications –Kernel execution privileges –User execution privileges

Other features (cont) Application programming interface (API) –Used for custom software development –Basis for the Java Card The Java card is a stripped down version of Java Allows for programs to be created easily by a Java programmer API creates a need for increased security

Security for the Card Holder Why do we need security? 1.Must protect valuable personal or financial data stored on card 2.To use Smart Card for authenticating card holders

Attacks on the Card Physical Attack –Rare due to the amount of time required and the tools necessary to perform –Passive Attacker “watches” and tries to break encryption from glommed data –Active Attacker will attempt to tamper with data transfer or microcontroller

Physical Attack Prevention Resin coating on chip must be removed prior to visual inspection or tampering –Temperature sensors detect resin removal and delete data on card Chip can be viewed under microscope –Light sensors detect light under microscope and delete data PROBLEM!! – these sensors require a power source to function

Physical Attack Prevention (cont) Dummy Structures – Extra Semiconductors installed on chip Build with all busses built internally in the chip Build ROM internally into chip to prevent reading bit by bit

User Authentication Smart Cards can hold Super-PINS, PIN numbers that are longer than 4 digits The Smart Card can be programmed to disallow certain PINS –Birthdate –“1234” Can store Biometric data – used with additional hardware

Future Security Features Parasitic Authentication –Smart Card must be in close proximity to another device in possession of cardholder –Uses Radio Frequency Identification (RFID) Pressure Sequencing –Piezo-electric pad installed on card –Unique signatures for length, strength, and duration between each press

Applications Financial Telecommunications Health Transportation User Identification

Financial Applications Bank Cards Credit / Debit Cards Electronic Purses Online Transactions

Telecommunications Prepaid Phone Cards Television Decryption Computer Networks The Internet

Health Care Insurance Medical Records Prescriptions Patient Monitoring

Transportation Local Public Transportation Trains Taxies Air Travel Parking

User Identification Government Agencies Corporate World Schools Identification Document

Looking Forward Uniformity and Universality Design issues with advances Beyond Smart Cards Questions??