The most comprehensive book on state-of-the-art smart card technology available
Updated with new international standards and specifications, this essential fourth edition now covers all aspects of smart card in a completely revised structure. Its enlarged coverage now includes smart cards for passports and ID cards, health care cards, smart cards for public transport, and Java Card 3.0.
New sub-chapters cover near field communication (NFC), single wire protocol (SWP), and multi megabyte smart cards (microcontroller with NAND-Flash). There are also extensive revisions to chapters on smart card production, the security of smart cards (including coverage of new attacks and protection methods), and contactless card data transmission (ISO/IEC 10536, ISO/IEC 14443, ISO/IEC 15693).
This edition also features:
additional views to the future development of smart cards, such as USB, MMU, SWP, HCI, Flash memory and their usage;new internet technologies for smart cards; smart card web server, HTTP-Protocol, TCP/IP, SSL/TSL;integration of the new flash-based microcontrollers for smart cards (until now the usual ROM-based microcontrollers), and;a completely revised glossary with explanations of all important smart card subjects (600 glossary terms).
Smart Card Handbook is firmly established as the definitive reference to every aspect of smart card technology, proving an invaluable resource for security systems development engineers. Professionals and microchip designers working in the smart card industry will continue to benefit from this essential guide. This book is also ideal for newcomers to the field.
The Fraunhofer Smart Card Award was presented to the authors for the Smart Card Handbook, Third Edition in 2008.
Wolfgang Rankl, Munich, Germany Wolfgang Rankl is currently Head of Telecom and Research and Development at Giesecke & Devrient (G&D) Germany. He is an experienced author, having written three editions of the book Smart Card Handbook for Wiley (3rd Edition published 2003), and the 4th German edition of this book for Hanser Chipkarten Anwendungen: Entwurfsmuster f r Einsatz und Programmierung con Chipkarten which was published in March 2008. He has been dedicated to the development and research of smart card systems since 1990.
Preface to the Fourth Edition . Symbols and Notation. Abbreviations. 1 Introduction. 1.1 The history of smart cards. 1.2 Card types and applications. 1.3 Standardization. 2 Card Types. 2.1 Embossed cards. 2.2 Magnetic-stripe cards. 2.3 Smart cards. 2.4 Optical memory cards. 3 Physical Properties. 3.1 Card formats. 3.2 Contact field. 3.3 Card body. 3.4 Card materials. 3.5 Card components and security features. 3.6 Chip modules. 4 Electrical Properties. 4.1 Electrical connections. 4.2 Supply voltage. 4.3 Supply current. 4.4 Clock supply. 4.5 Data transmission with T = 0 or T =1. 4.6 Activation and deactivation sequences. 5 Smart Card Microcontrollers. 5.1 Semiconductor technology. 5.2 Processor types. 5.3 Memory types. 5.4 Supplementary hardware. 5.5 Extended temperature range. 6 Information Technology Foundations. 6.1 Data structures. 6.2 Encoding alphanumeric data. 6.3 SDL notation. 6.4 State machines. 6.5 Error detection and correction codes. 6.6 Data compression. 7 Security Foundations. 7.1 Cryptology. 7.2 Hash functions. 7.3 Random numbers. 7.4 Authentication. 7.5 Digital signatures. 7.6 Certificates. 7.7 Key management. 7.8 Identification of persons. 8 Communication with Smart Cards. 8.1 Answer to reset (ATR). 8.2 Protocol Parameter Selection (PPS). 8.3 Message structure: APDUS. 8.4 Secure Data Transmission. 8.5 Logical channels. 8.6 Logical protocols. 8.7 Connecting terminals to higher-level systems. 9 Data Transmission with Contact Cards. 9.1 Physical transmission layer. 9.2 Memory card protocols. 9.3 ISO transmission protocols. 9.4 USB transmission protocol. 9.5 MMC transmission protocol. 9.6 Single-wire protocol (SWP). 10 Contactless Data Transmission. 10.1 Inductive coupling. 10.2 Power transmission. 10.3 Data transmission. 10.4 Capacitive coupling. 10.5 Collision avoidance. 10.6 State of standardization. 10.7 Close-coupling cards (ISO/IEC 10536). 10.8 Remote coupling cards. 10.9 Proximity cards (ISO/IEC 14443). 10.10 Vicinity integrated circuit cards (ISO/IEC 15693). 10.11 Near field communication (NFC). 10.12 FeliCa. 10.13 Mifare. 11 Smart Card Commands. 11.1 File selection commands. 11.2 Read and write commands. 11.3 Search commands. 11.4 File operation commands. 11.5 Commands for authenticating persons. 11.6 Commands for authenticating devices. 11.7 Commands for cryptographic algorithms. 11.8 File management commands. 11.9 Application management commands. 11.10 Completion commands. 11.11 Commands for hardware testing. 11.12 Commands for data transmission. 11.13 Database commands (SCQL). 11.14 Commands for electronic purses. 11.15 Commands for credit and debit cards. 11.16 Application-specific commands. 11.17 Command processing times. 12 Smart Card File Management. 12.1 File structure. 12.2 The life cycle of files. 12.3 File types. 12.4 Application files. 12.5 File names. 12.6 File selection. 12.7 EF file structures. 12.8 File access conditions. 12.9 File attributes. 13 Smart Card Operating Systems. 13.1 Evolution of smart card operating systems. 13.2 Fundamental aspects and tasks. 13.3 Command processing. 13.4 Design and implementation principles. 13.5 Operating system completion. 13.6 Memory organization and memory management. 13.7 File management. 13.8 Sequence control. 13.9 ISO/IEC 7816-9 resource access. 13.10 Atomic operations. 13.11 Multitasking. 13.12 Performance. 13.13 Application management with global platform. 13.14 Downloadable program code. 13.15 Executable native code. 13.16 Open platforms. 13.17 The small-OS smart card operating system. 14 Smart Card Production. 14.1 Tasks and roles in the production process. 14.2 The smart card life cycle. 14.3 Chip and module production. 14.4 Card Body production. 14.5 Combining the card body and the chip. 14.6 Electrical testing of modules. 14.7 Loading static data. 14.8 Loading individual data. 14.9 Envelope stuffing and dispatching. 14.10 Special types of production. 14.11 Termination of card usage. 15 Quality Assurance. 15.1 Card body tests. 15.2 Microcontroller hardware tests. 15.3 Test methods for contactless smart cards. 15.5 Evaluation of hardware and software. 16 Smart Card Security. 16.1 Classification of attacks and attackers. 16.2 A history of attacks. 16.3 Attacks and defense measures during development. 16.4 Attacks and defense measures during production. 16.5 Attacks and defense measures during card usage. 17 Smart Card Terminals. 17.1 Mechanical properties. 17.2 Electrical properties. 17.3 User interface. 17.4 Application interface. 17.5 Security. 18 Smart Cards in Payment Systems. 18.1 Payment transactions with cards. 18.2 Prepaid memory cards. 18.3 Electronic purses. 18.4 EMV Application. 18.5 PayPass and payWave. 18.6 The Eurocheque System in Germany. 19 Smart Cards in Telecommunication Systems. 19.1 Public card phones in Germany. 19.2 Telecommunication. 19.3 Overview of mobile telecommunication systems. 19.4 The GSM system. 19.5 The UMTS system. 19.6 The wireless identification module (WIM). 19.7 Microbrowsers. 20 Smart Cards in Health Care Systems. 20.1 Health insurance cards in Germany. 20.2 Electronic health care cards in Germany. 21 Smart Cards in Transportation Systems. 21.1 Electronic tickets. 21.2 Ski Passes. 21.3 Tachosmart. 21.4 Electronic toll systems. 22 Smart Cards for Identification and Passports. 22.1 FINEID personal ID card. 22.2 ICAO-compliant passports. 23 Smart Cards for IT Security. 23.1 Digital signatures. 23.2 Signature applications compliant with PKCS #15. 23.3 Smart Card Web Server (SCWS). 24 Application Design. 24.1 General information and characteristic data. 24.2 Application generation tools. 24.3 Analyzing an unknown smart card. 25 Appendix. 25.1 Glossary. 25.2 Related reading. 25.3 Bibliography. 25.4 Directory of standards and specifications. 25.5 Web addresses. Index.