News
Smart card interaction with EMV Software
The global concept of smart technology development is based on multi-functionality, which implies that several independent applications can be stored on a smart card: personal information (similar to a passport), driver’s license, etc., financial, identification, transport and other applications. With the growing role of the Internet in the global economy, the attention of leading technology and financial organizations to the standardization of smart cards and personal computers, as well as the procedures for their interaction, is...
read moreSmart Card Terminal authentication
The authenticity of the smart card user is verified by entering the PIN code. However, the user may also want to verify the authenticity of the terminal. Consider the potential threats of an attacker using a false terminal. An attacker could use such a machine to collect card PIN values entered by uninformed users. If the attacker who installed the terminal then stole these cards, he could use the PIN codes requested by the false terminal to perform any operations with the smart cards. There is a procedure that can be used to protect against...
read moreSecurity issues and organization of smart card protection
Smart cards are a rapidly developing field of information technology, which has its own security problems. Let’s first look at the security issues that are common to both contact and contactless smart cards. With regard to smart card technologies, there are currently three main areas for which you can specify typical attacks and appropriate counter-measures: The main component of a smart card is a silicon chip, which is an embedded piece of hardware. Accordingly, when evaluating the security of a smart card, a deliberate or...
read moreSecurity issues and organization of smart card protection
Smart cards are a rapidly developing field of information technology, which has its own security problems. Let’s first look at the security issues that are common to both contact and contactless smart cards. With regard to smart card technologies, there are currently three main areas for which you can specify typical attacks and appropriate counter-measures: The main component of a smart card is a silicon chip, which is an embedded piece of hardware. Accordingly, when evaluating the security of a smart card, a deliberate or...
read moreAccess to smart card EMV data
Access to smart card data at the operating system level Obviously, all efforts to ensure the physical protection of the smart card will be in vain if the OS access control system is vulnerable. Access control is performed at the level of data structures, which are regulated by the international standard ISO 4. The main unit of information storage is a file. The file can be a structureless array of data or consist of records. Records can be of fixed or variable length. Depending on the organization of access to records, linear and cyclic files...
read moreSmart Card Key Exchange operations for EMV Software
The distribution of keys is the most important process in the management of the keys. When using a symmetric cryptosystem, the two parties entering into an information exchange must first agree on a secret session key, that is, a key for encrypting all messages transmitted during the exchange. This key must be known to everyone else and periodically updated at the same time, both the sender and the recipient. The process of agreeing on a session key is also called key exchange, or key distribution. The PC/SC compatibility specification...
read moreCrypto Interface for EMV Software
The main purpose of using smart cards in general-purpose computer systems is to provide cryptographic services to support common security infrastructures. In particular, the smart card is the best place to store the private key (from the public/private key pair), which is used for authentication in the public key infrastructure. A smart card is also a secure computing platform and the best place to perform a digital signature operation using a private key. Currently, there are two main cryptographic modules that provide application-level...
read moreSmart card support architectures
The main goal of the architecture and specification of the interaction of smart cards with chips and personal computer systems PC/SC (Interoperability Specification for ICC and Personal Computer Systems) is to enable independent product development by reader manufacturers and smart card manufacturers, while ensuring that the results of their efforts will work together seamlessly. The PC/SC specification has developed a number of requirements for the compatibility of microprocessor cards and smart card readers: Cards and readers must comply...
read moreTypes of smart cards for EMV Software
Philips Seminiconductor Mifare Contactless Smart Cards An important place among the manufacturers of integrated circuits and smart cards is occupied by Philips Semiconductor. This company has developed a technology under the brand name Mifare, designed to create industry-standard contactless smart cards. Contactless cards are characterized by the absence of electromechanical contact with the device that receives and processes information from the card. Contactless smart cards belong to the group of passive cards that do not have batteries,...
read morePayFlex, MicroPayFlex, and MultiFlex smart cards
PayFlex smart cards, MicroPayFlex are designed for applications based on electronic transactions in a highly secure environment. They can be used in applications such as: regional or national e-wallet system – banks, pension funds, etc.;municipal e-wallet system – administration, company, city;trading system of electronic wallet – supermarkets, petrol filling stations;loyalty programs through the use of a bonus wallet. Payflex and MicroPayFlex smart cards have been designed to meet the following requirements: ensuring high...
read more