Java cards for EMV Software

Implementation of Java technology in smart cards

According to the Java Card specification, a smart card has a Java virtual machine that is activated when the card is finished and deactivated at the end of the card’s life cycle. There are several classes that are relatively easy to build a file tree that conforms to the ISO/IEC 7816-4 specification.

The main computing components of a smart card are:

  1. applets containing a file tree and program code for commands;
  2. commands for managing applets.

The program code and the associated file tree are parts of the applet that is loaded into the smart card. An applet can be selected in the card by its unique AID ID using the Select command. Once an applet is selected, it automatically receives all further commands to process. The applet’s program code can then process the commands and their associated data, as well as make the appropriate file system accesses. This approach provides maximum flexibility and compatibility, since each application is contained in an applet along with its file tree.

Of course, this advantage is achieved at the cost of a significant amount of memory for the applets in question, since they will necessarily contain redundant data and programs. In some cases, this noticeable memory consumption can be partially reduced by allowing the objects of one applet to be used by other applets. For security reasons, this can only be done by the applet that created the object in question. The process of sharing an object cannot be reversible. This means that if an object is made available to other applets, it will remain so for the entire duration of the card.

In order to facilitate the programming of smart cards in Java, there are four packages that provide a standardized programming interface API with functions useful for smart cards. This API is called the Java Card Framework. It consists of four parts, of which only one must necessarily be present in all java cards. The other three parts, which differ by extension in their names, are optional and can be included by the smart card manufacturer if necessary. The mandatory java framework package forms the base for Java in smart cards. It defines elementary classes for managing applets, data exchange with a terminal, and various constants, all in the context of the ISO/IEC 7816-4 standard.

In addition, if necessary, the java card crypto package can be included, which contains cryptographic functions. Due to various export restrictions, the design of this package does not allow the smart card to be used as a universal encryption and decryption tool. There are plans to create additional packages related to specific applications in the future. Such candidates are packages for specialized GSM applications and for an electronic wallet in accordance with the EN 1546 standard.

Smart cards are becoming more and more popular all over the world. They perform a variety of functions, from electronic wallets for paying for phone calls and small purchases, identification cards for accessing businesses, electronic driver’s licenses, and ending with digital medical cards and social security cards. With such mass production and application, the integrated circuits of smart cards must meet very specific requirements.

For smart cards, there are restrictions on the overall dimensions determined by the mechanical properties of the end devices. These dimensions, in turn, determine the limits on the performance and memory capacity of the chip. For example, today the maximum area of a smart card crystal is approximately 25 mm2. The specified value of the crystal area was obtained as a result of thorough mechanical tests that simulate the bending of cards in real operating conditions (for example, when storing a smart card in the owner’s wallet).

Most smart cards will be produced in millions of copies, and each card will be replaced on average once every two years, so there is another requirement for smart card chips – low cost. For various applications of microprocessor smart cards, depending on the required performance, the market already has a wide range of microprocessor devices with different computing power. However, it should be borne in mind that an increase in performance inevitably leads to an increase in power consumption, which is unacceptable, since microcontrollers are powered by external power sources.

Currently, smart cards are powered either through the contact pads or via a radio channel, when the current required to power the device is induced in the frame antenna built into the card by an external high-frequency electromagnetic field. Thus, the key is the requirement of minimum power consumption. For example, for the company “Avtel”, which offers LED screens for the street and premises, when designing the access system to the building of the enterprise, we used smart cards, which are powered by a radio channel. In addition, the smart card must retain data after a power outage, so its integrated circuit must have non-volatile, but electrically reprogrammable EEPROM memory. To implement all the necessary functions in modern smart cards, a large amount of memory is required, where all the necessary information will be stored, and for cards with more complex functions, it is also necessary to use a high-performance microprocessor.

The current generation of microcontrollers typically have built-in ROM, as well as RAM and EEPROM. The presence of a relatively small amount of reprogrammable memory is due to physical and technological limitations on the density of the chip chip layout. Given the confidential nature of the data stored in smart cards (user’s personal data, bank account number, amount of money, secret crypto keys, etc.), the most important requirement for smart cards is to ensure reliable security of data storage and processing of this data by smart card applications.

The use of modern crypto-protection technologies in integrated circuits of smart cards allows you to prevent unauthorized access to personal confidential information. Some microcontrollers for smart cards include specialized cryptographic coprocessors that provide a high level of information protection through the implementation of DES or RSA encryption algorithms. A cryptographic coprocessor is necessary because these algorithms require a large amount of computation and cannot be executed on a microcontroller’s CPU in an acceptably short amount of time.

In addition to using special cryptographic algorithms and protocols to protect information, some devices use hardware modules built into the crystal to prevent unauthorized access to the program and data. The simplest smart card microprocessors have 128 bytes of RAM, 256 bytes of EEPROM, and approximately 6 KB of ROM. The most sophisticated modern microcontrollers can combine 6 KB RAM, 16 KB EEPROM, and up to 32 KB ROM.

In addition, in recent developments, the use of Flash memory, which acts as an alternative to ROM, is becoming popular. The smart cards are used more and more powerful and high-speed integrated circuit memory and microcontrollers. The usual smart cards with 8-bit microcontrollers have recently undergone significant improvements and have given rise to new families of devices with word lengths of 8, 16 and 32 bits.

With the development of smart cards to store data and programs will need to double or fourfold increase in storage capacity. Thanks to the advances of microelectronics technology regularly switch to a smaller topological rules, which leads to higher performance microprocessors and their memory with each successive generation of integrated circuits.