What Are Contact Smart Cards?

Complex cards have the ability to compute a cryptographic value, like a one-time password (OTP). They do this using a cryptoprocessor encapsulated in the card.

These cards are inserted into readers that make direct contact with conductive pads on the card’s surface. This transfers electrical contacts to power the chip.

Authentication

Using a smart card to log in can help eliminate the frustration of having to keep re-entering a username and password, or having your credentials timed out due to inactivity. Smart cards contain microprocessors, so they’re able to process information independently, and they can’t be copied or duplicated. The information stored on a smart card can be updated remotely, so it’s hard for malicious individuals to breach security.

Contact smart cards have electrical contacts on their surface that connect to a reader’s electrical contact plate, which transmits commands and data between the card and reader. These cards can be inserted into a reader using a standard contact pad or a USB-based card reader. The type of reader required depends on the card’s specifications and what information is required.

Contactless smart cards do not need to make direct contact with the reader; they only need to be within proximity, which is usually less than 10 cm (3.9 in). The card and the reader both have antennae that communicate using radio frequencies over a contactless link, which also provides power for the chip. Some contactless smart cards have dual-interfaces, enabling them to work with both the contact and contactless interfaces. This allows a single card to have multiple applications, reducing the number of cards that a person must carry.

Data Storage

Many smart cards contain microprocessors that can process and update the data stored on them. They also come with tamper-resistant security systems to protect the card’s in-memory information from unauthorized access. They can be used to verify a person’s identity, control the use of services and provide authentication for transactions.

In order to read the data and perform the card’s function, the smart chip needs a physical connection with a contact pad or reader that conforms to international standards like ISO/IEC 7816 or ISO/IEC 14443. Alternatively, they can be used with contactless interfaces that don’t require direct contact but communicate through radio frequencies or near field communication.

These contactless chips are found in prepaid travel cards, utility prepaid cards and membership cards. mifare desfire They are used to pay for goods and services in shops, restaurants and bars and can be used as a form of ID in workplaces, schools and hospitals.

Smart contactless cards can be categorized into two categories – memory only, or a microprocessor-enabled chip. The former is similar to a floppy disk, and is used for non-confidential storage applications and low security applications, such as vending, electronic coupons, subscriber’s cards and protected portable data files. The latter contains a state-of-the-art controller that can securely add, delete and update the information on the card. The microprocessor can also be programmed to compute a cryptographic value, such as a One-time Password.

Data Transfer

The microprocessor embedded in a contact smart card can dynamically process data, adding to or subtracting from the information stored on the chip. This allows the card to function like a personal firewall that releases only the information the user approves. This security feature makes contact smart cards good guardians of individual privacy.

The chips embedded in a contact smart card can support an array of security protocols to provide strong data protection for applications such as access control, financial transactions, electronic medical records, loyalty programs, enterprise or single-user network sign on and more. Unlike barcode ID or magnetic stripe cards that use simple data transfer mechanisms, contact smart cards can use sophisticated encryption and cryptographic techniques to protect sensitive information from prying eyes.

A contact smart card requires a physical connection to an interface to work, either through direct contact or via radio frequencies to establish a wireless link with the reader. The contact area on the smart card has several pads that come into contact with contact pads on the card reader to transfer data between the devices.

A contactless smart card works without any physical contact with the card reader and uses radio frequencies to communicate with a reader, usually over a short distance that varies by device. Contactless smart cards are popular in many applications including prepaid travel cards, credit and debit cards and the subscriber identity modules (SIMs) used in GSM mobile phones.

Security

Smart cards have a microprocessor that can process data. They can either have a contact interface or a contactless radio frequency interface that communicates at a distance. These smart cards have tamper-evident features that can help detect any attempt to compromise them. These features also provide audit trails and multi-factor authentication to prevent unauthorized access to sensitive information.

The most common type of smart card has a contact interface. This requires the card to be inserted contact smart card into a reader that has electrical contacts. The card can then transmit commands and data over the contact points. Contact smart cards are used for non-confidential storage and low security applications, vending, transport, prepaid, membership and identification cards.

A contactless smart card has a chip with an antenna. To communicate with the reader, the card must be within range of the antenna. These smart cards can be read from up to 10 cm away. They are used in building access, electronic cash, telecommunications and mobile payment applications.

The most advanced smart cards have a cryptoprocessor that can compute a one-time password or a hash value based on a seed value encapsulated within the card. This type of smart card is used to authenticate users for two-factor authentication and for enabling passwordless access in organizations with strict regulatory environments. Increasingly, smartphones are being used to emulate smart cards for secure authentication. This approach is cheaper and simpler than using hardware card readers in a secure work setting.