Smartcards have been around for over 20 years, but recent improvements in technology and falling production costs have created new uses for them. Smartcards now support applications in a number of industries, including banking, telecoms and healthcare, and offer an effective means of controlling access to computer networks.
A smartcard is essentially just a silicon chip embedded into a plastic card, typically the same size and shape as a credit card. Data such as digital signatures and certificates can be stored on the chip along with basic applications. However, the complexity of the chip's components can vary, making different types of card appropriate for different purposes.
Types of smartcard
One of the most significant divisions lies between memory- and processor-equipped cards. Memory cards are more limited in scope, and are generally used only for storing information such as phone call units or supermarket loyalty scheme data. Although some memory cards can be reloaded, the basic card functionality cannot be altered once the card has been issued. This makes these cards suitable for well-defined tasks, but limits their flexibility. Although memory cards are the cheapest form of smartcard, the need to issue new cards each time an application changes may reduce the price benefits.
In contrast, processor cards offer the ability to process data as well as store it. The chip in these cards is typically a microcontroller, integrating a processor plus some memory, effectively making it a tiny self-contained computer. These are generally based on common 8bit or 16bit processors, although 32bit types are also being developed by manufacturers such as Motorola and Philips. The memory is made up of three types; ROM, RAM, and EEPROM (electrically erasable programmable read-only memory).
The contents of the card's ROM are set at the time of its manufacture and include the card's operating system and some core applications. This information cannot be altered, and is referred to as mask programming. EEPROM provides a more flexible form of application storage. Like Flash memory, this form of silicon storage can be overwritten, enabling upgrades or the addition of new applications at a later date. Finally, RAM contains data that is stored only for the time that the card is powered, generally when it is connected to a reader. Families of cards based on the same processor can provide varying amounts of ROM, RAM and EEPROM, and may even include a numeric co-processor to speed up encryption tasks.
Smartcards can also be divided up into contactless cards and those with electrical contacts on the surface. Those with contacts slot into a card reader, which makes a physical connection with the chip to exchange information. This type of technology is useful for network access, and has also begun to gain popularity with credit card companies as a means of providing extra security for online shopping and banking. Contact smartcards also provide the easiest method of managing application updates in EEPROM, as new content can be downloaded to the card from the reader.
Contactless smartcards contain a small antenna that can pick up power and communications signals, so that the card does not need to be inserted into a reader to transfer data. In general, the card needs to be within 5cm to 10cm of the reader in order to make a connection, although ranges are improving. Contactless cards are useful for managing building security.
Both types of card use a simple serial protocol to communicate with the host system, which is not unlike the asynchronous RS232 protocol of PC serial ports. Because of the relatively small amounts of data traffic involved, a bit rate of 9.6kbit/s is sufficient, with the card responding to commands from the host in a half-duplex mode.
The use of smartcards to provide secure access to IT resources is one important application for this type of technology. However, the smartcard itself is only a part of this system. Digital certificates and signatures stored on the card are typically used to authenticate users logging onto a system forming part of a public key infrastructure (PKI).
Within a PKI, each user who wants to access a system is issued with a digital certificate, stored on the smartcard. The organisation that owns the resources and issues the certificates is known as the certification authority (CA) Â within an enterprise this is typically the IT department. When a user requests access to the network, his or her digital certificate is sent to the system's servers in an encrypted form for verification. In the case of a smartcard, this is usually performed via a card reader attached to the PC itself.
In order to interpret the encrypted identification information, pairs of digital keys are used to lock and unlock the encrypted data. Each pair is made up of a public key and a private key  one can unlock messages locked with the other.
Got and aletter from DSS stating that because they raided a Canada hacker shop and got PayPal log of people who bought a Smart card reader/Prog
that there is a class action suit that they are stealing Satillte signals.
They state that this techongoly is illegal.
go to infositeonline.com