Encoding data method for EMV Software

The ANSI/ISO/IEC 7811 standard is a specification for encoding information on an identification card using stamping or magnetic stripe techniques. This specification consists of five parts:

  1. relief embossing (writing method);
  2. magnetic stripe (recording method);
  3. the location of the characters when embossed on the ID-1 card;
  4. location of read-only magnetic tracks (tracks 1 and 2);
  5. the location of the tracks available for reading/writing (track 3).
EMV Software
EMV Software

Relief embossing allows you to form symbols raised above the plane of the card body. The stamped characters form a font surface that can be used to print these characters on another surface using a primitive printing press.

The ANSI/ISO/IEC 7811-1 standard specifies the permissible characteristics of the embossing itself, including the height of the relief of the embossed characters (from 0.46 to 0.48 mm), the interval between the embossed characters (from 2.54 to 3.63 mm) and the size of the characters (4.32 mm). The additional ISO specifications specify character and font sizes for embossed characters suitable for optical recognition devices, and the test procedures used to determine that a particular identification card meets these specifications.

The ANSI/ISO/IEC 7811-2 standard defines the writing methods used to encode characters on a magnetic strip attached to an ID-1 card. The conditions are determined for three types of recording information designated as “track 1, track 2 and track 3”:

  1. Track 1 can hold up to 79 alphanumeric characters encoded with the recording density of 8.27 bits per mm (210 bits per inch); this track can contain both alphabetic and numeric information.
  2. Track 2 can contain up to 40 characters of digital information encoded at a write density of 2.95 bits / mm (75 bits per inch). Both track 1 and track 2 are intended to create single-write and multiple-read channels; essentially, once the card is released into circulation, they become read-only channels.
  3. Track 3 is a reusable write and read facility, i.e. a read/write track. It can hold up to 107 characters encoded at a density of 8.27 bits / mm (210 bits per inch).

The encoding for each of these information tracks includes a longitudinal redundancy check symbol that the card reader can use to detect any error in the information being read when comparing it to what was originally written to the card. We used this opportunity when designing the ACS for SibKapital, which offers gasoline lawnmowers and various construction equipment, and each reader of the implemented system constantly monitors the symbols of the longitudinal redundancy of smart cards.

The ANSI/ISO/IEC 7811-3 standard defines the location of the characters when stamped on the ID-1 card, and Part 4 defines the location of the magnetic strips. The specifications specify that the magnetic stripe and the embossing should not overlap. Two types of magnetic strips can be placed on ID-1 identification cards; their shape and size are defined by the ANSI/ISO/IEC 7811-4 standard (for read-only tracks) and its Part 5 (for read-and write-only tracks). One of the options provides for the dimensions of 6.35 mm in height, 79.76 mm in width and the location of the strip at a distance of no more than 5.54 mm from the top edge of the card on the reverse side. This magnetic stripe supports two write tracks, each of which is subsequently read-only.

The ANSl/ISO/IEC 7812 standard defines the card identification number, represented by embossed characters on the front surface of the ID-1 card. The card identification number is up to 19 characters long and is divided into three parts:

  1. the issuer’s identification number is a 6-digit part that includes the following:
  • main industry identifier – a single digit indicating the industry affiliation of the card issuer;
  • issuer ID – a five-digit number associated with a specific issuing organization;
  1. personal account identification number – a variable-length part up to a maximum of 12 digits;
  2. check digit – the cross-check number calculated from all the previous digits of the identification number according to the Luen algorithm.

The ISO/IEC 7813 standard defines the composition of two read-only tracks on the magnetic stripe of a smart card, complementing the ISO 4909 standard that regulates the composition of read-only and write-only tracks.

Main applications of smart cards

Currently, the main areas of application of smart cards are:

  1. finance – various banking operations, payment for goods and services, credit and debit cards, e-wallets, cards for calculating salaries, scholarships, pensions, etc.;
  2. security – access control systems for premises, computer systems, user identification and authentication, etc.;
  3. social programs-loyalty programs (accrual of discounts, bonuses, etc.), city social cards, etc.;
  4. transport-cards for travel on public transport, in the subway, etc.;
  5. application of digital signature-smart cards of digital signature;
  6. e-passports-create and use e-passports based on smart cards.

Smart cards have a number of remarkable properties:

  1. Large information capacity: the smart card contains memory, so it can carry a large amount of information needed for operation;
  2. high degree of data protection: smart cards have a reliable built-in protection system against reading information and its forgery. This feature of the smart card protects its owner from cases of any illegal copying (cloning) of the card and unauthorized use. The exchange of information with the smart card is encrypted, so it is simply impossible to intercept or change the information;
  3. Versatility: Smart cards provide secure storage of records, personal information, e-wallet status, financial transactions, crypto keys, access passwords, and authentication data. For example, we used smart cards as identification cards for company employees ecnspb.ru “Unified Real Estate Center”, which provides various services in the field of rental of office and industrial premises, while smart cards are used both for access to the company’s office building and in the system of accounting for working hours of the Customer’s employees;
  4. autonomy: in the case of smart cards with payment systems, account data is stored directly in the card’s memory and no connection to the bank is required, in addition, the size of the memory allows you to store data on several accounts at once along with the client’s personal data. This feature of the smart card allows you to save on special communication channels and expensive computer equipment;
  5. Durability: The smart card is not affected by electromagnetic radiation and is less affected by water and dirt. The service life of smart cards from different manufacturers, depending on the conditions of use, is up to 10 years.

The use of smart cards allows you to significantly speed up business processes, increase security and reduce the cost of doing business. The fact is that due to the significant simplification and improvement of working with customers and customers, the business process is accelerated, the number of customers increases, and the efficiency of the organization or enterprise as a whole increases. For smart cards, you can find applications in almost any field of activity.

Authentication services for Smart Card applications

One-way authentication, which is well known for its use for magnetic stripe cards, is a terminal verification of the authenticity of the card. A card with a magnetic stripe, due to its passive nature, cannot verify the authenticity of the terminal. The creation of smart cards has fundamentally changed this situation. Thanks to the ability of the smart card and the terminal to perform mutual authentication, new important opportunities arise.

The smart card can now check whether it is inserted into a genuine terminal or linked to a genuine underlying system. This is of great importance for application security, since the smart card is given the opportunity to take active measures against unauthorized access attempts.
The smart card must reject any further access attempts until the terminal can properly authenticate itself. This does not allow you to conduct any analysis of the smart card operating system and reveal at least the composition of existing teams.

In many cases, when authenticating a user with an external system, the best thing to do is to use a smart card. Smart cards were used by us when designing a comprehensive security system for our partners, the company “K2”, which produces ring cutters for metal with a special coating, and the system used mechanisms that are much more resistant to compromise than methods based on passwords entered by users. A simple protocol for authenticating a smart card user with a remote object is based on a shared secret. This protocol can be used in situations where the remote object (server) authenticating the user knows a secret value (similar to a password), which is also stored securely on the smart card.

It should be noted that using a smart card offers significant benefits, because the user no longer needs to remember and enter the secret. Therefore, an arbitrary binary sequence can be used as a secret value, which is difficult to guess or attack using the usual dictionary methods.

In accordance with the recommendations of the specifications for the interaction of smart cards and personal computers PC/SC, smart cards should implement such algorithms and protocols that allow you to support the following features:

  1. user authentication with a smart card;
  2. authentication of the user (cardholder) by a remote object, usually a server;
  3. authentication of the PC-based application with a smart card;
  4. Smart card authentication by the app.