Smart Card ID
Published on Sep 03, 2020
Abstract—In today’s world carrying a number of plastic smart cards to establish our identity has become an integral segment of our routine lives. Identity establishment necessitates a pre stored readily available data about self and to the administrator to authenticate it with claimer’s personal information. There is a distinct requirement of a technological solution for nationwide multipurpose identity for any citizen across the board. Number of options has been exercised by various countries and every option has its own pros and cons. However, it has been observed that in most of the cases Smart Card solution has been preferred by a user and administrator both. The use of Smart cards are so prevalent that be it any profession, without incorporating its application, identity of any individual is hardly considered complete.
In this paper, the principle aim is to discuss the viability of Smart Card technology as an identity solution and its ability to perform various functions with strong access control that increases the reliability of Smart Cards over other technologies. It outlines the overview of smart card technology along with its key applications. Security concerns of smart card have been discussed through an algorithm with the help of a division integer proposition. Possibilities of upgrading it with evolving technology offer it as a universal acceptability of identification. Capability of storing desired amount of information by an administrator to compute multiple operations to authenticate a citizen dictates its widening acceptability and an endeavor has been made in this paper to explain it through a proposed system flow chart.
One takes today a burden of carrying a wallet with full of cards to establish his/her identity like official ID card, canteen cards, library cards, driving license, etc. Smart card ID has a potential to replace all these cards by a single smart ID cards to serve the desired purpose. Varieties of smart cards are available as on date with progressive technologies where developers use different data structures and standards for programming. In this paper, we will discuss about viability of smart cards as a solution to requirement of nationwide multipurpose smart ID for each and every citizen with continuous evolving technology. Our aim is to propose a viable technological solution for a single multipurpose smart ID card to do away with carrying multiple cards by an individual. It will assist governments across the globe in better administration with cost effective solution for multiple application single smart ID cards. It will also need management of a large database with processing and scalable computing to home on desired ID. Data centers handling these big data are contributing in reducing the delay and costs in data processing and improving the quality of service to include certain discrete services using internet based services.
A smart card is an electronic device with micro-processor based system containing embedded integrated circuits which can process and store a large chunk of data and applications . A smart card reader is used to access the stored information and it is also called smart called terminal when a card is plugged into this reader. Apart from the card reader, radio frequencies are also used to operate a smart card. Different protocols are being used for different types of card readers to communicate between card and the reader. The standard of security adopted in the smart cards defines the degree of protection about sensitivity and confidentiality of data against the breaches. The issue with smart cards is its data storage capacity and processing capability. If we choose to associate any new application with smart card then the security mechanism would require consume more space which in turn necessitates use of lightweight security algorithm. In this paper a hypothetical case of a division integer algorithm is taken and then a viable system has been proposed to ensure appropriate security measures and to combat epidemics of cyber-crimes. In this respect, all the states need stringent legislations with effective law enforcement to prevent any frauds . The objective of this paper is to touch upon smart card technology and its viability as single ID alternative with desired identity standards by various states and to study its viability with feasible applications
SMART CARD: AN OVERVIEW
A smart card is known as a portable device which can compute, store and carry the data in an embedded processor chip for verification of personal identity in a secure repository. A smart card can also store a data in relation to any individual in the form of a barcode which are extracted through an optical scanner. Barcode is a representation of data displayed in a stripe of alternate black and white lines which is machine readable optically illustration of an object that carries it. Barcodes are depicted in a smart card by parallel lines with varied spacing‘s and widths. The initial smart cards were contact based while the contactless smart cards came in the early 90s. Later, smart card with contactless ICs completely revolutionized the smart card applications and its utility. The contactless smart cards offer a high order of comfort to a user whereas it can be read without any physical contacts with bar code readers. It also extends an advantage over contact smart cards in terms of costs, durability and reliability . An easy carriage of such smart cards in a wallet offers a good convenience to the users. A dedicated and secure transmission protocol is employed in a contactless smart card which offers it an excellent security. A magnetic tape is attached in the form of a stripe in the magnetic stripe smart cards. Memory smart cards are having a peculiar feature of storing and carry information which may be personal financial or any other specific information. An embedded circuitry of IC on a card is referred as microprocessor smart cards which can process and store the subject data.
A sideway structural view of a plastic smart card is illustrated in Fig. 1 above. In order to protect the smart card chip from bends, it is generally placed on one of the edges of the smart cards. An Epoxy layer on this magnetic stripe is also visible when we take a view of its internal structure. Various applications, communication protocols and manufacturing specifications are defined by International Standardization Organization (ISO). Currently, there are following ISO standards for smart cards:
A. Physical Characteristics:
Initial ISO standard (ISO 7816-1) in 1987 defined the card size of a smart card as 0.76 mm thick, 53.98 mm height and 85.6 mm wide. It has again been revised in 1998
B. Electronic Contacts:
ISO standard (ISO 7816-2) defined the size and location of the electronic contacts in smart cards. This too has been revised in 1998.
C. Electrical Signals:
ISO standard (ISO 7816-3) defined transmission protocol along with the nature of electrical signals in smart cards. It has been thrice in 1992, 1994 and 1998.
D. Communication Protocols:
ISO standard (ISO 7816-4) defined the communication protocols in different types of applications and file structure to be stored in these applications in smart cards. It has been revised twice in 1995 and 1998.
ISO standard (ISO 7816-7) defined the commands of query language used in smart cards. This has been revised again in 1998. The use of internet technology has changed the whole perception of security systems. Smart card technology too is not an exception. Identification of an individual is to do more with secure authentication rather secure identification. Individual credentials are required to be stored in a secured manner for which a portable smart card provides a good platform. The transactions made through the magnetic stripe of smart cards are processed by an electronic connection between the smart card and the service provider. Processor and memory chip in a smart card allows storing of required data which are processed by a smart card reader when connected through a centralized database . Unlike the contact smart cards in which they have electrical contacts with a card reader, contactless smart cards operate through a transmission frequency and an internal antenna coil. It can be picked up and read through the external aerial.
The two most common materials utilized for manufacturing of smart cards are Acrylonitrile Butadiene Styrene (ABS) and Polyvinyl Chloride (PVC). There are two main categorizations of smart cards, namely, as processor enabled and memory smart cards. A relative comparison based on the various features between the two is shown above in Table I. Out of these two, memory smart cards are considered as basic smart cards with limited data storage capability with a nonvolatile memory features. These cards are transmitting data in only one direction and also termed as asynchronous smart cards and they are used offline only. On the other hand, processor enabled cards are using semiconductor technology and being a sophisticated cards they are also called as ‗true smart cards‘. These cards have smart chip which operates cryptographic functions and encryption technology to process secure data transmission .
In general, biometric technology is used to establish the identity of the user. These cards have bi-directional data transmission, possess significant memory and they are also termed as ‗synchronous smart cards‘ and difficult to be duplicated. Data storage in such smart cards is nonvolatile and stored in EEPROM. An electronic module of a smart card apart from an input/output component consists of different types of memories which include Read Only Memory (ROM), A (Random Access Memory), an electronically erasable Memory (EEPROM) and a non-volatile memory (NVM) as illustrated in Fig. 2 above. It is placed in the second layer of embedded processor chip of smart card as illustrated in the Fig. 1. These memory chips are incorporated in such electronic modules based on the projected requirement and at the same time presence of all memory chips is not sacrosanct. Bringing all these memories in a single integrated chip together not only reduces the size significantly, combining it with cryptography technology it also increases the security of smart card
SMART CARD APPLICATIONS
The major advantage of a smart card over a normal ID card is its capacity to store larger amount of information and its programmability for various applications. Its feature of having a possibility through contactless readers gives it an edge over similar technologies in pursuits of finding a nationwide single ID for multiple usages. The term ‗smart, relates with a particular type of application like memory/magnetic stripe/optical/microprocessor cards. The larger application of smart cards is its utility in financial transactions with faster processing of revenues or payments . Its capability to carry the related information of an individual and to deliver it at desired destination distinguishes it from other such applications in identifying the veracity of the individual. Smart card applications include its use as GSM mobile phone for the identity requirements. It‘s wider use as a banking card in the form of debit/credit cards or being a tamper-proof/counterfeit device increase its popularity. Electronic coupons and credit programs are other attractive applications of smart cards . The inherent security and flexibility of smart cards increases its utility. With improved data storage and security supplemented with provisioning of encryption and decryption by a user offers high rate of convenience to users. Some notable applications of smart cards are as:
A. ID Validation:
The basic premise of storing the individual information is to verify him/her for any further uses in smart cards. Currently. A large number of organizations and institutions including government and private both are using smart card to extend access control to their members/employees only after due verification of their ID based on their personal information stored in their smart ID cards. It‘s viability as an option for secure ID credential verification makes it a lucrative tool to be adopted by every potential organization.
B. Data Authentication:
Information with respect to the user is authenticated by the data already stored in the smart card or a token system also known as knowledge arrangement based may be exercised for the purpose . Token systems are generally employed in applications like passport verifications; credit cards, driving license, etc. whereas knowledge based authentications are exercised in applications with tokens system like PIN numbers.
C. Financial Transactions:
Smart cards are very handy as a tool for financial transactions both in traditional and web based applications. A cash value can be stored in smart cards to use it as credit cards. It‘s potential to support both consumers and business against lower rate of transactions widens its applicability in marketing targeted programs in financial services.
D. Telecom Sector:
Provisioning of secure cellular communication is assisted by smart cards. New apps and functions are providing real time download capabilities by smart cards , . A SIM card given by cellular operators to their subscribers and its use of multimedia applications like pay TV cards are making a very productive tool amongst normal public.
E. Loyalty Marketing Programs:
A huge number of loyalty programs are being run by smart cards based applications by various business houses in services like retail shopping, telecommunications, air travel, etc. in which customers are being offered very attractive discounts. Such applications not only make business market very competitive, it also helps to normal public to receive benefits at relatively lower rates.
F. Secure Computer Networks:
A secure access for networks can be assured through digital signatures of a user. They are utilized in granting only specified people to have the access to a particular computer network. This mechanism is very handy and vital for the security related organizations. Encryption technology is making today computer networks more secure than the erstwhile networks.
Professionals from healthcare services are using smart card based applications to gain access for continuous updating of their data and its processing. A colossal amount of information is being shared in the form of drug prescription, physician details, dosage, etc. by these professionals. Patients use smart cards to provide their pre stored medical history with doctors and in making payments of their medical treatments as well.
H. Other Smart Card Applications:
Its flexibility and potential to have repository of information supports it in vast number of applications. With secured online transactions in many commercial activities augurs well for both the service provider and subscribers. A wide range of services which are exploiting the smart card based applications include agricultural products, Life Insurance sector, vending machines, libraries, restaurants, laundry services, set top box facilities, software based games for kids, electronic toll collection, information technology, mass transit, parking facilities, e-passports etc. are just the few names to be counted . Utility services like payment transaction, call counters, memory storage etc. employ smart card based applications.
The emphasis on correct identification of every citizen is the basic proposition of all the sovereign governments across the globe. Perceived security threats to existing identification technologies are compelling factors to pursuit for evolving smart card technology. Security mechanism incorporating the complex encryption technology in place by this technology makes it more attractive compared to similar other available applications. This is a tool which offers to store and use the minimum desired data against a set of people or entity . A suitable authentication scheme and security algorithm for faster and protected processing of data is always a challenge for any such technology. The above proposed study illustrates that user acceptance for constant evolving smart card technology will be the most prominent factor for the expected outcome. Further studies on the smart card system are likely to bring better dividends on issues as discussed in the subjects to be dealt with in above mentioned future scope.
Paper Published by Praveen Kumar Singh, Research Scholar
 Munizaga, Marcela A and Carolina Palma, ―Estimation of a disaggregate multimodal public transport origin-destination matrix from passive smartcard data from Santiago to Chile" in Transportation Research Part C: Emerging Technologies 2012, vol. 24 pp. 11-17.
 Sven Vowe, Ulrich Waldmann, Andreas Poller and Sven Türpe, "Electronic Identity Cards for User Authentication Promise and Practice", IEEE Security & Privacy January/February 2012, vol.10, No. 1, pp. 48-53.
 Y. Wang and X. Ma, "Development of a data-driven platform for transit performance measures using smart card and GPS data" J. Transp. Eng 2014, vol. 140 no. 12 pp. 4026-4053.
 M. Batty, C. Zhong, J. Wang, E. Manley, F. Chen, Z. Wang and G. Schmitt, "Variability in regularity: Mining temporal mobility patterns in London Singapore and Beijing using smart-card data" PLoS ONE 2016, vol. 11 no. 2 pp. 1-15.
 M. Mesbah, A.A. Alsger and L. Ferreira, "Use of smart card fare data to estimate public transport origin–destination matrix" Transp. Res. Rec. J. Transp. Res. Board 2015, vol. 2535, pp.89-94.