|
These are the most common type of smart card. Electrical contacts located on the outside of the card connect to a card reader when the card is inserted. This connector is bonded to the encapsulated chip in the card.
Increased levels of processing power, flexibility and memory will add cost. Single function cards are usually the most cost-effective solution. Choose the right type of smart card for your application by determining your required level of security and evaluating cost versus functionality in relation to the cost of the other hardware elements found in a typical workflow. All of these variables should be weighted against the expected lifecycle of the card. On average the cards typically comprise only 10 to 15 percent of the total system cost with the infrastructure, issuance, software, readers, training and advertising making up the other 85 percent. The following chart demonstrates some general rules of thumb:
Card Function Trade-Offs
Memory Cards
Memory cards cannot manage files and have no processing power for data management. All memory cards communicate to readers through synchronous protocols. In all memory cards you read and write to a fixed address on the card. There are three primary types of memory cards: Straight, Protected, and Stored Value. Before designing in these cards into a proposed system the issuer should check to see if the readers and/or terminals support the communication protocols of the chip. Most contactless cards are variants on the protected memory/segmented memory card idiom.
Straight Memory Cards
These cards just store data and have no data processing capabilities. Often made with I2C or serial flash semiconductors, these cards were traditionally the lowest cost per bit for user memory. This has now changed with the larger quantities of processors being built for the GSM market. This has dramatically cut into the advantage of these types of devices. They should be regarded as floppy disks of varying sizes without the lock mechanism. These cards cannot identify themselves to the reader, so your host system has to know what type of card is being inserted into a reader. These cards are easily duplicated and cannot be tracked by on-card identifiers.
Protected / Segmented Memory Cards
These cards have built-in logic to control the access to the memory of the card. Sometimes referred to as Intelligent Memory cards, these devices can be set to write- protect some or the entire memory array. Some of these cards can be configured to restrict access to both reading and writing. This is usually done through a password or system key. Segmented memory cards can be divided into logical sections for planned multi-functionality. These cards are not easily duplicated but can possibly be impersonated by hackers. They typically can be tracked by an on-card identifier.
Stored Value Memory Cards
These cards are designed for the specific purpose of storing value or tokens. The cards are either disposable or rechargeable. Most cards of this type incorporate permanent security measures at the point of manufacture. These measures can include password keys and logic that are hard-coded into the chip by the manufacturer. The memory arrays on these devices are set-up as decrements or counters. There is little or no memory left for any other function. For simple applications such as a telephone card, the chip has 60 or 12 memory cells, one for each telephone unit. A memory cell is cleared each time a telephone unit is used. Once all the memory units are used, the card becomes useless and is thrown away. This process can be reversed in the case of rechargeable cards.
CPU/MPU Microprocessor Multifunction Cards
These cards have on-card dynamic data processing capabilities. Multifunction smart cards allocate card memory into independent sections or files assigned to a specific function or application. Within the card is a microprocessor or microcontroller chip that manages this memory allocation and file access. This type of chip is similar to those found inside all personal computers and when implanted in a smart card, manages data in organized file structures, via a card operating system (COS). Unlike other operating systems, this software controls access to the on-card user memory. This capability permits different and multiple functions and/or different applications to reside on the card, allowing businesses to issue and maintain a diversity of ‘products’ through the card. One example of this is a debit card that also enables building access on a college campus. Multifunction cards benefit issuers by enabling them to market their products and services via state-of-the-art transaction and encryption technology. Specifically, the technology enables secure identification of users and permits information updates without replacement of the installed base of cards, simplifying program changes and reducing costs. For the card user, multifunction means greater convenience and security, and ultimately, consolidation of multiple cards down to a select few that serve many purposes.
There are many configurations of chips in this category, including chips that support cryptographic Public Key Infrastructure (PKI) functions with on-board math co-processors or JavaCard® with virtual machine hardware blocks. As a rule of thumb - the more functions, the higher the cost.
|
