SECURITY TECHNOLOGY
Terminals may contain a very large variety of security mechanisms. The spectrum ranges from mechanically protected enclosures to security modules and sensors for the various card features. In pure online terminals, whose only function is to convert the electrical signals that pass between the background computer system and the smart card, there is normally no need for additional built-in security technology. In such cases, security is handled entirely by the computer that controls the terminal. However, as soon as data must be entered into the terminal or the terminal must operate independently of the higher-level system, it is necessary to incorporate suitable mechanisms to provide additional system security. The possibilities are almost unlimited, but they depend very strongly on the smart card in question and its security features. With a typical smart card, whose body is very simple and only serves as a carrier for the microcontroller, there are usually no security features on the card body. There is thus no need for the terminal to check such features. In contrast, smart cards for financial transactions are usually hybrid cards, which means that they have a magnetic stripe in addition to a chip, in order to maintain compatibility with older systems. However, hybrid cards also possess the usual features that enable the terminal to check their genuineness independently of the chip. Suitable sensors must therefore be present in the terminal. Terminals that work offline, either completely or occasionally, must contain master keys for the cryptographic algorithms that are used, since card-specific keys cannot be derived without these keys. These master keys are very sensitive with regard to security, since the entire security of the system is based on them. In order to guarantee their security and confidentiality at all times, they are not stored in the normal electronic circuitry of the terminal, but in a separate security module within the terminal that has special mechanical and electrical protection. This security module can for example be a single-board computer encapsulated in epoxy resin, which can exchange data with the actual terminal computer only via an interface. The secret master keys are never allowed to leave the security module, but are used only internally to perform computations. In a typical application example, the security module receives an individual card number or chip number from the smart card via the terminal computer, and it uses this number to derive a card-specific key. This key is then used within the security module to compute a signature or perform authentication.

Modern versions of this module, which is normally the size of a matchbox, contain extensive sensor systems for detecting attacks. They are also largely self-contained electrically, so they can actively resist attacks, even if denied an external source of power. If an attack is detected, the usual defense is to erase all keys, so that an attacker is left with only a circuit board circuit encased in epoxy resin inside a metal case, with no data worth analyzing. Due to the high cost of good security modules, the trend in recent years is to use smart cards instead. Although this leads to certain restrictions in terms of memory size, sensors and self-reliance, the level of security is generally adequate, even for electronic payment applications. Cards in the IC-000 format (plug-in) are used to limit the physical size. Since security modules in smart-card format are not permanently built into terminals, but can be exchanged, they are ideally suited to extending terminal hardware, as illustrated by the following example. Static unilateral RSA authentication will become increasingly important in the next few years, partly because it is prescribed in the international EMV specification for credit cards with chips. Since RSA authentication is so computer-intensive that it cannot be performed by the processors normally used in terminals within an acceptable length of time, permanent built-in security modules represent a problem. However, if a plug-in smart card is used as a security module in the terminal, it can easily be exchanged. Relatively expensive smart cards containing supplementary arithmetic coprocessors can then be used for the security modules, which can perform RSA computations at high speed once the terminal software has been suitably modified. In the future, a variety of card issuers will market debit and credit cards containing chips. All of these cards will use different keys and different methods for key derivation and authentication. Furthermore, it is unlikely that all card issuers will be willing to reveal secret data and methods to manufacturers of security modules. In all probability, the approach that will be taken is for a card issuer or group of card issuers to issue a common ‘terminal card’ that can perform all of the processes relevant to the security of their collective systems and can execute these processes within the terminal. This card will be accessed using one of the two standard transmission protocols (T = 0 or T = 1), and it will largely behave just like a standard smart card. The only difference will be that the terminal card will contain functions related to secret master keys, key derivation procedures and collecting security-related data (such as sales balances). The terminal will only look after the user interface and uploading or downloading data to or from the background system. All security-related functions will be handled by the terminal card. This means that the terminal must be able to work with several different terminal cards, rather than only one. A particular card will be automatically selected according to the card issuer and the selected function. The demand for several independent terminal cards has been taken into account in the latest terminals. Some of them have up to four contact units for plug-in cards. They can thus use terminal cards from several different card issuers in parallel, without mutual interference.

One of the commonly used security measures, besides providing mechanical protection for the terminal by using a robust housing that can only be opened using special tools and incorporating a security module in the terminal, is to provide mechanical protection against unauthorized tapping of data transmissions to and from the smart card. This consists of a sort of guillotine arrangement that cuts through any wires that may run from the card to the exterior of the card reader after the card has been inserted. The purpose of this device, which is called a shutter, is to prevent tapping or manipulation of the messages sent between the card and the terminal. It can be actuated either electrically or simply by inserting the card. If the wires cannot be cut, due to their thickness or composition, the shutter will not close completely. This is detected by the terminal electronics, and no power is applied to the card, so no communication takes place. Communication between the terminal and the smart card must fundamentally be designed such that tapping or manipulation cannot impair the security of the system. Shutters should thus not actually be necessary. Nevertheless, security can certainly be increased somewhat if things are made more difficult for a would-be attacker. It makes a big difference whether an attacker can readily tap the data exchange or first has to overcome a few hurdles. However, shutters make terminals bigger and more expensive, and very few of them still close precisely after several thousand operating cycles. The system design should therefore not rely entirely on this sort of mechanical protection.