Link layer protocols for smart cards

For data exchange between the reader and the card, the ISO 7816-3 standard defines two link layer protocols:

  1. Protocol T = 0;
  2. Protocol T = 1.

The T = 0 protocol is an asynchronous one-command-response protocol. When the card receives a command from the reader, it performs the requested operations and sends back to the reader the response corresponding to this command. After that, the reader can send the next command to the card at any time it needs. In this protocol, there is no strict time binding between the commands sent sequentially by the reader.

The T = 1 protocol is an asynchronous multi-command-response protocol used for block transfers. One transmitted block (from the reader to the card) contains from one to several commands. The card responds to this command (s) by telling the reader when it can send the next command or block of commands.

When analyzing communication protocols, they usually use the terms of the Open Systems Interconnection Reference Model (OSI). The OSI reference model describes the communication interaction between two objects, introducing the concept of seven different layers of protocols that are placed on top of each other, which provides a complete mechanism by which two applications on different platforms can effectively exchange information. The OSI reference model assumes a strict separation of levels.

This means that a given layer communicates only with the layer directly adjacent to it from above or below via a well-defined interface, and each layer provides a specific set of services to the entire protocol stack. In the case of the T = 0 and T = 1 protocols for smart cards, the T = 1 protocol directly corresponds to the OSI reference model as a data link layer protocol, and the T = 0 protocol connects elements of several different layers defined by the OSI reference model.

The speed of data exchange in the reader-card interface, although relatively low (nominally 9600 bps), is sufficient for the smooth operation of any smart card-based systems. For example, this month we implemented an access control system in the office building of the company “Alur-II”, which provides customers with customs brokerage services and a full range of related services, and here the use of smart cards proved to be the best side. For the maximum convenience of the Customer, it is desirable that the speed of processing data from smart cards is as fast as possible. Therefore, in the T = 0 protocol, error handling and application layer protocol support are optimized in such a way as to minimize the amount of information passing through the reader-card interface, and thereby reduce transaction time. However, as a result of this optimization, the T = 0 protocol provides a weak separation of the channel and application protocol layers.

Error detection in the T = 0 protocol is performed by viewing the parity bit in each byte passing through the reader-card interface. The parity bit is reset or set to make the total number of single bits (in the transmitted character) even. On the receiving side of the channel, you can view the values of the bits transmitted before the parity bit and determine what state the parity bit should be in. If the transmitted parity bit does not match the expected value, then it can be assumed that an error occurred in the data byte just transmitted and that some recovery procedure needs to be performed.

The recovery procedure used in the T = 0 protocol is started by the receiving side, which, when a parity error is detected, signals the transmitting side that it is waiting for the byte (received with an error) to be retransmitted. This signal is transmitted to the transmitting side by maintaining a low voltage level in the 1/0 line. In the normal state, the 1/0 line is in the high-voltage position immediately before sending the byte, so that the low level is used as a feedback signal to the transmitter when an error occurs. Having detected a low level, the transmitting side of the channel waits at least for the time required to transmit two characters, and then sends again the byte received earlier with an error.

Naturally, such a mechanism for detecting and correcting errors cannot be considered effective. Once the T = 0 or T = 1 protocols are established between the reader and the smart card, these protocols are applied to support application layer protocols in the channel between the card-side software and the reader-side software.

Electronic signals and smart card message transmission protocols

Starting with the ISO 7816-3 standard, an in-depth description of the “intelligent” aspects of the operation of a smart card is given. The ISO 7816-3 standard describes the interaction between a smart card and a reader as between a “slave” (smart card) and a “master” (reader). Communication is established when the reader transmits a signal to the smart card through its contacts and continues when the smart card issues a response signal. The communication channel is single-threaded: as soon as the reader sends a command to the smart card, it is blocked until a response signal arrives.

When the card is inserted into the reader, no power supply voltage is applied to the contacts. The smart card chip can be seriously damaged if the power supply voltage is applied to the wrong contact, which can happen when the input card moves over the contacts with the voltage. The contacts remain voltage-free until the reader edge sensor determines that the card is correctly aligned with the reader contacts. When the reader detects that the card is inserted correctly, power is applied to it, and the data from the smart cards is read by the reader. Then this information can be processed for the required tasks. For example, in the control system of the Customer and 1C Integrated automation company to create a shared data array signals from readers smart card system of accounting of working time, we pass the enterprise.

The ISO/IEC 7816-3 standard specifies that the ATR response consists of 33 or fewer characters, including the following elements:

  1. TS-required initial character;
  2. TO – required format character;
  3. TA, TV, TS, TD-optional interface symbols;
  4. T1, T2, TC-optional symbols of the background;
  5. TSK-control symbol, depending on the verification method.

The initial character TS is used to establish an agreement between the reader and the card about the correspondence of the signal levels to the information content of the bits and about determining their seniority in the byte.

The TO symbol is used to signal the presence or absence of subsequent interface or backstory characters.

The interface symbols are used to configure the characteristics of the I/O channel, including the choice of the protocol used by the card and the reader for the subsequent exchange of commands (from the reader to the card) and responses (from the card to the reader).

The backstory symbols, if present, are used to convey information about the type, model, and application of a given card, and therefore the system can automatically determine how to process the entered card and call the appropriate operations or software.

The TSK control character provides a mechanism by which to determine the integrity of the ATR, i.e. whether an error occurred when transferring characters from the card to the reader.