Types of Cards
As already mentioned in the Introduction, smart cards are the youngest member of the family of identification cards using the ID-1 format defined in ISO standard 7810, ‘Identification Cards –Physical Characteristics’. This standard specifies the physical properties of identification cards, such as flexibility and temperature resistance, as well as the dimensions of three different card formats: ID-1, ID-2 and ID-3. The smart card standards (ISO 7816-1 ff) are based on ID-1 cards, millions of which are used nowadays for financial transactions.

This chapter provides an overview of various types of cards in the ID-1 format, since a combination of various functions is of particular interest for many applications, especially
when the cards currently used in an existing system (such as magnetic-stripe cards) are to be replaced by smart cards. In such cases, it is usually not possible to replace the existing infrastructure (such as magnetic-stripe card terminals) by a new technology overnight. The solution to this problem generally consists of issuing cards with both magnetic stripes and chips, for use during a transition period. Such cards can be used with both types of terminals (old and new). Naturally, new functions that are only possible with a chip cannot be used with a terminal that only supports magnetic-stripe cards.

 

Mifare DESFire EV1 8K Cards Exporter,we produce NXP MF3ICD81 Cards,ISO Mifare DESFire EV1 8K Card,Mifare DESFire 8K Smart Cards For Access Control systems,

Figure 2.1 Embossing locations according to ISO 7811-3. Region 1 is reserved for the ID number (19 characters), and region 2 is reserved for the cardholder’s name and address (4 × 27 characters). A = 21.42 ± 0.12 mm, B = 10.18 ± 0.25 mm, D = 14.53 mm, E = 2.41−3.30 mm, F = 7.65 ± 0.25 mm

MAGNETIC-STRIPE CARDS
The fundamental disadvantage of embossed cards is that their use creates a flood of paper receipts, which are expensive to process. One remedy for this problem is to digitally encode the card data on a magnetic stripe located on the back of the card. The magnetic stripe is read by pulling it across a read head, either manually or automatically, with the data being read and stored electronically. No paper is required to process the data.

Parts 2, 4 and 5 of ISO standard 7811 specify the properties of the magnetic stripe, the coding technique and the locations of the magnetic tracks. The magnetic stripe may contain up to three tracks. Tracks 1 and 2 are specified to be read-only tracks, while track 3 may also be written to. Although the storage capacity of the magnetic stripe is only about 1000 bits, which is not very much, it is nevertheless more than sufficient for storing the information contained in the embossing. Additional data can be read and written on track 3, such as the most recent transaction data in the case of a credit card.

The main drawback of magnetic-stripe technology is that the stored data can be altered very easily. Manipulating embossed characters requires at least a certain amount of manual
dexterity, and such manipulations be easily detected by a trained eye. By contrast, the data recorded on the magnetic stripe can be altered relatively easily using a standard read/write device, and it is difficult to afterwards prove that the data have been altered. Furthermore, magnetic-stripe cards are often used in automated equipment in which visual inspection is not possible, such as cash dispensers. A potential criminal, having obtained valid card data, can easily use duplicated cards in such unattended machines without having to forge the visual security features of the cards.

Mifare DESFire 8K Full Colour Printing Cards,ISO MIFARE DESFire EV1 8K Cards with Magnetic Stripe,Mifare DESFire EV1 8K Offset Printing Cards

Figure 2.2 Location of the magnetic stripe on an ID-1 card. The data region of the magnetic stripe is intentionally not extended to the edges of the card, since the use of hand-operated card readers causes rapid wear at the ends of the stripe

Mifare DESFire EV1 8K Contactless Cards,ISO 14443 A Mifare DESFire EV1 8K Cards,Clamshell MIFARE DESFire EV1 8K Card,

Manufacturers of magnetic-stripe cards have developed various means to protect the data recorded on the magnetic stripe against forgery and duplication. For example, German Eurocheque cards contain an invisible, unalterable code in the body of the card, which effectively makes it impossible to alter or duplicate the data on the magnetic stripe. However, such techniques require a special sensor in the card terminal, which considerably increases the cost of the terminal. For this reason, none of these techniques has so far succeeded in becoming internationally established.

Table 2.1 Standard features of the three tracks on a magnetic-stripe card, as specified in ISO 7811

Feature

Track 1

Track 2

Track 3

Amount of data

Data coding

Data density

Writing

79 characters max

6-bit alphanumeric

210 bpi (8.3 bit/mm)

not allowed

40 characters max

4-bit alphanumeric

75 bpi (3 bit/mm)

not allowed

107 characters max

4-bit alphanumeric

210 bpi (8.3 bit/mm)

allowed

SMART CARDS
The smart card is the youngest and cleverest member of the family of identification cards in the ID-1 format. Its characteristic feature is an integrated circuit embedded in the card, which has components for transmitting, storing and processing data. The data can be transmitted using either contacts on the surface of the card or electromagnetic fields, without any contacts. Smart cards offer several advantages compared with magnetic-stripe cards. For instance, the maximum storage capacity of a smart card is many times greater than that of a magnetic-stripe card. Chips with more than 256 kB of memory are currently available, and this figure will multiply with each new chip generation. Only optical memory cards, which are described in the next section, have greater capacities.

However, one of the most important advantages of smart cards is that their stored data can be protected against unauthorized access and manipulation. Since the data can only be accessed via a serial interface that is controlled by an operating system and security logic, confidential data can be written to the card and stored in a manner that prevents them from ever being read from outside the card. Such confidential data can be processed only internally by the chip’s processing unit. In principle, both hardware and software mechanisms can be used to restrict the use of the storage functions of writing, erasing and reading data and tie them to specific conditions. This makes it possible to construct a variety of security mechanisms, which can also be tailored to the specific requirements of a particular application. In combination with the ability to compute cryptographic algorithms, this allows smart cards to be used to implement convenient security modules that can be carried by users at all times, for example in a purse or wallet. Some additional advantages of smart cards are their high level of reliability and long life compared with magnetic-stripe cards, whose useful life is generally limited to one or two years. The fundamental characteristics and functions of smart cards are specified in the ISO 7816 family of standards, which are described in detail in the following chapters.
Smart cards can be divided into two groups, which differ in both functionality and price: memory cards and microprocessor cards.

Mifare DESFire EV1 8K Proximity Cards,Mifare DESFire EV1 8K Proximity Smart Cards,Mifare DESFire EV1 8K Contactless Cards

Figure 2.4 Classification chart for cards containing chips according to the type of chip used and the method used for data transmission

Memory cards
Figures 2.5 and 2.6 show architectural block diagrams of memory cards.

HF 13.56MHz Mifare DESFire 8K Contactless Cards,Mifare DESFire 8K Card,Mifare DESFire 8K Full Colour Printing Cards,

Figure 2.5 Typical architecture of a contact-type memory card with security logic. The figure shows only basic energy and data flows and is not a detailed schematic diagram

The data needed by the application are stored in the memory, which is usually EEPROM. Access to the memory is controlled by the security logic, which in the simplest case consists only of write protection or erase protection for the memory or certain memory regions. However, there are also memory chips with more complex security logic that can also perform simple encryption. Data are transferred to and from the card via the I/O port. Part 3 of the ISO 7816 standard defines a special synchronous transfer protocol that allows the chip implementation to be particularly simple and inexpensive. However, some smart cards use the I2C bus, which is commonly used for serial-access memories.

The functionality of memory cards is usually optimized for a particular application. Although this severely restricts the flexibility of the cards, it makes them quite inexpensive. Memory cards are typically used for prepaid telephone cards and health insurance cards.

HF 13.56MHz DESFire EV1 8K Cards,Mifare DESFire EV1 8K Clamshell Proximity Card,Mifare DESFire EV1 8K Contactless Cards,

Figure 2.6 Typical architecture of a memory card with security logic and a contactless interface. The figure shows only basic energy and data flows and is not a detailed schematic diagram

Microprocessor cards
The heart of the chip in a microprocessor card, as the name suggests, is a processor, which is usually surrounded by four additional functional blocks: mask ROM, EEPROM, RAM and an I/O port. Figure 2.7 shows the architecture of a typical device of this type.

HF 13.56MHz DESFire 8K Proximity Cards,Mifare DESFire EV1 8K Smart Card,Mifare DESFire 8K Full Colour Printing Cards,

Figure 2.7 Typical architecture of a contact-type microprocessor card with a coprocessor. The figure shows only basic energy and data flows and is not a detailed schematic diagram

The mask ROM contains the chip’s operating system, which is ‘burned in’ when the chip is manufactured. The content of the ROM is thus identical for all the chips of a production run, and it cannot be changed during the chip’s lifetime. The EEPROM is the chip’s non-volatile memory. Data and program code can be written to and read from the EEPROM under the control of the operating system. The RAM is the processor’s working memory. This memory is volatile, so all the data stored in it are lost when the chip’s power is switched off. The serial I/O interface usually consists only of a single register, via which data are transferred bit by bit.

Microprocessor cards are very flexible in use. In the simplest case, they contain a program optimized for a single application, so they can only be used for this particular application. However, modern smart card operating systems allow several different applications to be integrated into a single card. In this case, the ROM contains only the basic components of the operating system, with the application-specific part of the operating system being loaded into the EEPROM only after the card has been manufactured. Recent developments even allow application programs to be loaded into a card after it has already been personalized and issued to the cardholder. Special hardware and software measures are used to prevent the security conditions of the individual applications from being violated by this capability. Special microprocessor chips with high processing capacities and large memory capacities, which are optimized for such use, are now available.

Contactless smart cards
Electrical connections with contact-type smart cards are made via the eight contacts specified in the ISO 7816 Part 1 standard. The reliability of contact-type smart cards has been steadily improved over the past years as the result of experience accumulated in manufacturing such cards. The failure rate of telephone cards within their one-year service life, for instance, is currently significantly less than one in a thousand. Nevertheless, contacts are one of the most frequent sources of failure in electromechanical systems. Disturbances can be caused by factors such as contamination and contact wear. In mobile equipment, vibrations can cause brief intermittent contacts. Since the contacts on the surface of the card are directly connected to the inputs of the integrated circuit chip embedded in card, there is a risk that the chip may be damaged or destroyed by electrostatic discharge. Static charges of several thousand volts are by no means rare.

These technical problems are elegantly avoided by contactless smart cards. In addition to its technical advantages, contactless-card technology offers card issuers and cardholders a range of new and attractive potential applications. For instance, contactless cards do not necessarily have to be inserted into a card reader, since there are systems available that work at a range of up to one meter. This is a great advantage in access-control systems where a door or turnstile has to be opened, since the access authorization of a person can be checked without requiring the card to be removed from a purse or pocket and inserted into a reader. One major application area for this technology is local public transport, which requires a large number of people to be identified in the shortest possible time.

However, contactless technology is also advantageous in systems that do require deliberate insertion of the card into a reader, since it does not matter how the card is inserted in the reader. This contrasts with magnetic cards or cards with contacts, which work only with a specific card orientation. Freedom from orientation restrictions simplifies use and thus increases customer acceptance.

A further interesting variation on using contactless cards involves a ‘surface terminal’. In this case, the card is not inserted into a slot, but simply placed on a marked location on the surface of the card reader. In addition to simplicity of use, this solution is attractive because it significantly reduces the risk of vandalism (for example, forcing chewing gum or superglue into the card slot).

For card marketing, contactless technology offers the advantage that no technical components are visible on the card surface, so visual design is not constrained by magnetic stripes or contacts. However, this advantage comes at the price of more complex terminals with correspondingly higher prices. Another disadvantage is that several different systems for contactless smart cards have been standardized and marketed, further increasing the complexity of terminals that must be compatible with all standardized cards.

Manufacturing technology for the mass production of contactless cards has matured to the point that high-quality products are available at prices that do not significantly differ from those of comparable contact-type cards. Up to now, contactless cards have predominantly been used in local public transportation systems, in which they serve as electronic tickets in modern electronic-fare systems. Most of the systems presently in use employ single-function cards containing inexpensive chips with hard-wired security logic. However, there is a growing demand for incorporating value-added services in electronic tickets. Multifunction cards with integrated microprocessors are thus being used increasingly often, with the payment function most commonly being implemented using the conventional contact-based technique in order to utilize existing infrastructures, such as electronic purse systems. These new multifunction cards have both contact and contactless coupling elements and are called ‘dual-interface cards’ or ‘combicards’.
The technology and operating principles of contactless smart cards are described in detail in Section 3.6, ‘Contactless Smart Cards’.

Mifare DESFire EV1 8K Proximity Contactless Cards,NXP Mifare DESFire EV1 8K Smart Card,HF 13.56MHz DESFire 8K Proximity Cards,

Figure 2.8 Typical architecture of a microprocessor card with a coprocessor and a contactless interface. The figure shows only basic energy and data flows and is not a detailed schematic diagram

Mifare DESFire 8K RFID Cards,Mifare DESFire EV1 8K Card,Mifare DESFire EV1 8K Printing Cards,Mifare DESFire EV1 8K Smart Card,

Figure 2.9 Typical architecture of a microprocessor card with a coprocessor and both contactless and contact interfaces. The figure shows only basic energy and data flows and is not a detailed schematic diagram

OPTICAL MEMORY CARDS
For applications where the storage capacity of smart cards is insufficient, optical cards that can store several megabytes of data are available. However, with current technology these cards can be written only once and cannot be erased. The ISO/IEC 11 693 and 11 694 standards define the physical characteristics of optical memory cards and the linear data-recording technique used with such cards. Combining the large storage capacity of optical memory cards with the intelligence of smart cards leads to interesting new possibilities. For example, data can be written in encrypted form to the optical memory, with the key being securely stored in the private memory of the chip. This protects the optically stored data against unauthorized access.
Figure 2.11 shows the typical layout of an optical smart card with contacts, a magnetic stripe and an optical storage region. It can be seen that the area available for optical storage is limited by the contacts for the chip, which naturally reduces the total storage capacity. The magnetic stripe is located on the rear of the card. Up to now, use of optical memory cards has been severely limited by the high cost of equipment for reading and writing this type of card. One application for optical memory cards is recording patient data in the medical sector, since their large storage capacity allows even X-ray images to be stored on a card.

Mifare DESFire EV1 8K Contactless Smart Cards,RFID Mifare DESFire EV1 8K Printing Cards,Mifare DESFire EV1 8K Plain White Cards,

Figure 2.10 Typical architecture of a dual-interface card, which is a combination of a contactless memory card and a contact-type microprocessor card. The figure shows only basic energy and data flows and is not a detailed schematic diagram

Mifare DESFire EV1 8K Proximity Smart Cards,Mifare DESFire EV1 8K Card,NXP Mifare DESFire EV1 8K Smart Card,NXP MF3ICD81 Cards,

Figure 2.11 Location of the optical storage area on an ID-1 card according to ISO/IEC 11 694-2. C = 9.5−49.2 mm, D = 5.8 ± 0.7 mm, X = 3 mm max with PWM or 1 mm max with PPM, Y = 1 mm min with PWM (Y

Mifare DESFire EV1 8K Plain White Cards,ISO 14443 A Mifare DESFire EV1 8K Cards,NXP Mifare DESFire D81 ISO Card,

Figure 2.12 A typical optical memory card with a net storage capacity (with error correction) of approximately 4 MB. The raw capacity (without error correction) is approximately 6 MB

Mifare DESFire EV1 8K Blank White Cards,Mifare DESFire 8K Pre-printed Cards,Clamshell MIFARE DESFire EV1 8K Card,

Figure 2.13 An optical memory card with a storage capacity of approximately 32 MB that can be read by a CD-ROM drive

 
EMBOSSED CARDS
Embossing is the oldest technique for adding machine-readable features to identification cards. The embossed characters on the card can be transferred to paper using simple, inexpensive devices, and they can also be easily read visually (by humans). The nature and location of the embossing are specified in the ISO 7811 standard (‘Identification Cards – Recording Technique’). This standard, which is divided into five parts, deals with magnetic stripes as well as embossing.

ISO 7811 Part 1 specifies the requirements for embossed characters, including their form, size and embossing height. Part 3 defines the precise positioning of the characters on the
card and defines two separate regions, as shown in Figure 2.1. Region 1 is reserved for the card’s identification number, which identifies the card issuer as well as cardholder. Region 2 is reserved for additional data relating to the cardholder, such as his or her name and address.

At first glance, transferring information by printing from embossed characters may appear quite primitive. However, the simplicity of this technique has made worldwide proliferation of credit cards possible, even in developing countries. The exploitation of this technology requires neither electrical energy nor a connection to a telephone network.