Application layer protocol

The IS0/IEC 7816-4 standard defines the functions used by smart card and terminal applications when performing a transaction. It describes two classes of functions.
First, the commands available to the terminal program for working with information stored in the card file system are defined.
Second, security features are defined that can be used to restrict access to card applications and files, as well as to ensure secure data exchange. These functions include authentication of the card and an external program that works with the card, ensuring the integrity and confidentiality of information transmitted in the command sent to the card, and verifying the PIN code of the cardholder.

As previously mentioned, card and terminal applications use APDU (Application Protocol Data Unit) blocks for data exchange. The structure of the APDU block is defined by the ISO 7816-4 standard. APDU blocks are exchanged using t=0 or T=1 channel layer protocols using TPDU data blocks. The card application interprets APDU blocks and performs the operations defined by them. The architecture of the data exchange system between the card and terminal applications is shown in Fig. 2.9.
Manufacturing of microprocessor-based cards
Production of IPC involves a large number of different processes, culminating in the embedding of a chip in a plastic card. The process begins with forming the requirements that the card application or applications make for the chip. These requirements include:
a list of applications that are supported on the card;
need to download new apps after the card is released;
conditions for completing a transaction (in particular, the conditions for accepting the card, the time limit for performing the operation, the specifics of the card acceptance equipment used, etc.);
security requirements for transaction execution.
Based on these requirements, the requirements for the chip, operating system, and application software implementation are determined. There are several chip parameters that must be derived from the requirements of the card applications. These parameters include:
type of microcontroller (operating clock frequency, bit rate, set of supported instructions, support for multi-core Java Card/Global Platform or MULTI0S operating systems, speed of execution of various commands);
ROM memory size;
memory size RAM;
the size of the nonvolatile memory EEPR0M;
bit depth of the address bus and data bus;
the presence of internal oscillator clock frequency;
electrical parameters (supply voltage and maximum current);
communication parameters (asynchronous / synchronous, byte/block Protocol);
mechanism for initial card installation (Reset);
availability of a cryptographic coprocessor to speed up the execution of the RSA algorithm;
availability of a cryptographic coprocessor to speed up the execution of the 3DES algorithm;
availability of a random number generator;
the presence of special sensors and filters to combat various types of attacks on the chip;
compliance with ISO standards and especially ISO 7816-3 (Electronic signals and transmission protocol);
the need to support the “sleep” mode (hot standby mode with a low current level in the chip), etc.
In practice, chip manufacturers have at their disposal a set of products for which these parameters have already been defined. Therefore, the task is to select the right chip that meets the requirements of a particular application in terms of its functionality, standardness, and security.
The mask specification defines the software that is loaded into ROM memory. It consists of operating system software and possibly some static applications.
The card operating system supports a hierarchical file system and a set of commands defined in ISO 7816-4. The operating system also supports cryptographic functions used in card and Issuer authentication procedures, secure data transfer between the card and the Issuer, the card and the terminal, and to ensure the integrity of data exchange between the card and the terminal, the card and the Issuer.
The card application is loaded either in ROM memory, where it is usually “intertwined” (a single executable code) with the card operating system, or in EEPR0M memory. in the second case, you can change the application without changing the card mask. This significantly reduces the cost of implementing a new product applications, at the same time, requiring the allocation of additional EEPR0M resources for storing the application. In this case, you can also download new apps/app data after the card is released.

After the chip is manufactured, it is delivered to the manufacturer of MPC blanks, which provides the process of embedding the chip in the plastic card, as well as the pre-personalization procedure of the card, during which some software and data are loaded onto the chip. This process is called the card production process.

The card production process consists of several stages
The initial stage is that a silicon wafer with a thickness of 100-500 microns (the typical value is 180-250 microns) and a diameter of 10-15 centimeters, containing 300-800 chip blanks, is cut into individual crystals. This is done either by marking the contours of the crystal, performed using a special pointer with a diamond tip and then squeezing out the outlined chips when rolling a silicon plate under pressure, or using a diamond saw. Note that a thin plastic film is glued to the silicon wafer from the very beginning, which remains after cutting the wafer into separate chips.
Silicon crystals are the most commonly used material for chip blanks. At the same time, gallium arsenide (GaAs) and silicon crystals on sapphire are also used for the production of blanks.
After that, the chip is glued to a special epoxy pad (the side with which the plastic plate is glued to it), on which the gold-plated copper contacts were previously placed (today, usually 5-6 contacts). These contacts are connected using gold, aluminum, or copper wires to the corresponding chip contacts using a combination of ultrasonic or thermal welding and pressure. Connecting the wires using thermal compression requires the substrate to be able to withstand temperatures of 1500-2000 degrees Celsius. To mitigate the requirements for the substrate material, a combined method of ultrasonic and thermal welding is used.
In the microprocessor card industry, other methods of attaching the chip to the substrate contacts are also used. For example, reverse Assembly technologies with an inverted chip and tape technology are widely used. In both technologies, gold bumps are placed on the chip, which are then soldered to the contacts of the substrate.
Then the substrate with the chip is placed in an inert filler, which is often an epoxy resin.
The chip module is glued to the blank plastic card (card case) in the place where a special recess is made for it. This process is also called embedding the chip into the card.
Then the card manufacturer performs the pre-authorization process. This process may consist of loading card applications (applets) into EEPR0M memory, as well as some data related to initializing the card file structure and entering card keys. The card keys are obtained from the Issuer’s key, which was passed to the card manufacturer in a secure manner.
According to international standards, the smart card case must consist of polyvinyl chloride (PVC) or “equivalent material”. The operating environment imposes very strict physical requirements on the card case. A smart card is often carried in a wallet or wallet and is subject to a large number of bends. The material from which the card is made must have significant elasticity, so that after bending the card remains almost flat. This flat shape is necessary for stable electrical contact when entering the card into the reader or passing it through a magnetic stripe reader.
The material of the card case must also resist the effects of infrared or ultraviolet radiation, sometimes used for fixing in the printing operation. A constant problem is the brittleness introduced during the printing process, which causes the cards to crack during normal operation. Sometimes the cracks become so large that the embedded chip modules can be removed from the card.
Modern card designs use a layered structure made of dissimilar materials. This structure increases the mechanical resistance of the card to bending. In addition, it reduces the spread of any damage caused by the printing operation deep into the plastic. Finally, the process of creating a layered structure allows you to attach special printing components (such as a hologram) to the card during its production, which makes it very difficult to fake cards.