EMV Software for Smart Cards

Smart card software is useful to divide by purpose into application and system programs. Application programs use the computing capabilities and memory capacity of smart cards in the same way as any other computer, and do not protect smart card data. System programs, on the contrary, are used directly to improve the properties of the smart card to save data and ensure their protection.

Host computer applications use the smart card to perform the same functions alternatively (for example, when an encryption key or medical record is preferred to be stored on the smart card rather than in a local computer hard disk file or in a database somewhere on the server).
The host computer software uses the unique and unique capabilities of this smart card to process and store information, sending data and commands to the card and receiving data and calculation results from it.

Card applications are typically used to configure an existing serial smart card for a specific application and information being processed, and to transfer applications from the host computer to the smart card. This can be done in the interests of performance to speed up the interaction between the host computer and the smart card, or in the interests of security to protect the internal part of the system. Thus, as part of the contract work, our company has designed and put into operation an access control system for the office building of the BMK Group company, which offers snowmobiles and all-terrain vehicles of various configurations, the distinctive feature of the implemented system is the use of individual smart cards for employees and temporary cards for company visitors.

Smart card system programs are written in the low-level machine language of a particular smart card chip and are used to extend or replace the basic functions of smart cards. The host computer software is usually written in one of the high-level programming languages available on PCs and workstations (for example, C, C++, Java), and communicates with commercially available libraries and device drivers to organize access to smart card readers and the cards themselves inserted into them. Map software is usually written in a programming language such as Java, or in a lower-level language such as assembly language.

Before you start working with a smart card, the host computer program must perform two tasks::

  1. First, it needs to make sure that the smart card it is working with is genuine;
  2. Second, it must convince the smart card of its authenticity. Until mutual trust is established, the smart card should not execute any commands from the host computer.

It should be noted that the execution of the application for which the smart card was created (storing electronic money or creating a digital signature) usually accounts for only a small part of the entire interaction between the smart card operating system and the host computer program in the command language.

Elements and structure of smart card software

Currently, there are two types of smart cards in wide circulation:

  1. Smart cards with a fixed command set based on the ISO 7816-4 standard command set;
  2. Smart cards with the possibility of post-emission programming.

Smart cards of the first type are created for use in a specific area. The instruction set, which complies with the recommendations of the ISO 7816-4 standard, is designed to provide the internal file system of the card with storage and transmission functions and data, as well as a security model in which application elements inside and outside the card can authenticate each other. The security model also allows the cardholder to authenticate themselves to the card and confirm that the card is acting on behalf of the original owner.

Elements and structure of smart card software

Smart cards of the second type allow you to design command sets specifically for the application that will be loaded into the card. By adding more and more such applications, the same smart card can be used for a wide range of tasks. Smart card software can be divided by location into two interrelated parts:

  1. software of the main (host) computer associated with the smart card;
  2. the” internal ” software of the smart card itself.

The host computer software makes up the largest part of the smart card software. This software is sometimes referred to as” external ” (in relation to the smart card) software. It is written for personal computers and workstations that work with existing smart cards, provides access to these cards and combines these cards into larger systems. As an example, we have implemented a project of a smart card-based time tracking system for our Belarusian partner, TM-stroyplast, which offers expanded polystyrene in a wide range, and this system has been integrated into the company’s existing ACS. The host computer software includes:

  1. the application program;
  2. system-level programs that support connecting smart card readers to the host platform;
  3. system-level programs that ensure the use of a specific smart card that needs application support.

In addition, the host computer software contains the applications and utilities needed to support smart card infrastructure management. The software of the smart card itself, often referred to as internal software, includes programs that run on the smart card itself. Depending on the scale of the application problem being solved, this software is the smart card operating system, utility, or application.

Serial smart cards supplied by manufacturers and smart cards created by their main issuers, such as banking associations, telecommunications companies and national governments, have become widely used. The operating systems of such common smart cards implement a characteristic set of commands (usually 20 or 30) that the smart card responds to. The host computer software sends commands to the smart card operating system, which executes them on its processor and returns the results.

For many applications, it is enough to use a general type of smart card with their generally accepted internal software, while the card does not need special programs. Where software is required specifically for a given application, it is usually written either in assembler, depending on the architecture of the microprocessor chip hosted on the smart card, or in a higher-level language, then interpreted directly on the card or compiled into the card’s assembler and loaded into it.