How can the SMART card help in new channels? To Managing Finances Securely and Conveniently Entertainment on Demand To store personal data for covenience on-line Earning and redeeming rewards with Virtual Merchants To Secure Virtual World Shopping with Credit (Chip SecureCode) or e-Cash Virtual Health, Govt or other Services
KILLER Applications
MULTOS The only OS obtaining ITSEC(E6) Very secure Multi-application support Requires Coprocessor for RSA makes it expensive
MULTOS: The OPEN STANDARD smart card operating system MULTOS defines a standard CHIP HARDWARE INDEPENDENT Smart Card Operating System: Portable: Develop applications ONCE and run on ANY MULTOS chip. Open: Develop in C or Java and Compile. API FREELY available. MEL Editor C Compiler Java Compiler / Translator EMV EMV Highest Hardware and OS Security Assurance: ITSEC E6 High evaluated MULTOS SCHEME facilitates management of multiple applications Advanced Asymmetric Cryptographic mechanism PKI Application A PKI Application A E2PROM E2PROM MULTOS API MULTOS API MULTOS VM MULTOS VM ROM ROM Infineon Silicon Renesas Silicon
Proprietary Smart Card Operating Systems Proprietary Chip OS developed in “native” code - specific to underlying silicon - to access chip functions. OS often dedicated to performing a single specific function – e.g. EMV Data Data Data Data E2 E2 Native EMV Code Native Loyalty Code Native EMV Code Native EMV Code Native Loyalty Code ROM ROM Proprietary OS A Proprietary OS B OS code is fixed in the ROM of the chip, and cannot be changed after the chip is made. Chip Hardware A Chip Hardware B Limited number of programmers able to make adaptations to proprietary OS – impact on time to market if changes / new functions required. In order to multi-source silicon, native code must be redeveloped from scratch for new chip. Chip Hardware A Chip Hardware B
ALC( Application Load Certificate) Third party not able load applications without prior permission card issuer The ALC is the digital certificate accompanying software to be loaded Generated by Trusted third party called: Multos Key Management Authority: KMA Card will only load or delete application if ALC is valid
The KMA generates the keys that guarantee confidentiality of the application loading process It securely produces MULTOS card Unique issuer ID It securely generates unique public/private key pair
What Is a Digital Signature ? Used To Establish Authenticity of Electronically Transmitted messages Only one Smart Card Can Sign a Document Every One Can Verify The Signature RSA algorithm is usually used to form a cryptographic checksum which is appended to the message
