Teacher
Professional
- Messages
- 2,670
- Reaction score
- 791
- Points
- 113
Security of microprocessor cards
There is an undeniable interest in microprocessor cards, despite the unequal level of their penetration into the markets of different countries. It provides an overview
of the security features for smart cards and provides an assessment of the security level.
Describes multipurpose cards (containing more than one application) and how
to manage those applications. It ends with an overview of the main standards
for multipurpose cards and the EMV specification (according to the first letters of the names of the
specification developers: Europay, MasterCard, Visa).
1. Classification and fields of use of microprocessor
cards
For the first time cards with integrated circuits (IC) were patented in the 70s in the USA,
Japan and France, and their full-scale commercial development began in Japan
in the 70s, in France in the 80s. There is now a trend of
widespread replacement of magnetic stripe cards with microprocessor cards, but in
e-commerce applications that are demanding in terms of memory, computing
performance and security.
Cards are of the following types:
Cards with bar codes.
Magnetic strip cards. These cards have
limited memory and cannot be programmed; as a consequence, they
cannot be used in applications where decision-making is necessary and there are
increased security requirements.
Integrated circuit cards:
- memory cards. They use a low-performance chip that allows you to store data and even provide
minimal protection. The performance of such cards is focused on
making prepaid payments (for example, telephone cards);
- hard logic cards (wired-logic cards). Such cards are used in applications
where minimal control of access to encrypted TV channels is required.
The cost of such cards is about US $ 1;
- microprocessor cards or smart cards. They are
programmable devices capable of performing complex calculations. Despite
thin (0.76 mm), the card contains a miniature computer, including an
operating system, memory and microprocessor. Such cards can support
advanced encryption techniques to authenticate parties, guarantee
data integrity and confidentiality. Unlike cards with a magnetic stripe,
payment authorization can be done offline.
IC cards can be used in three categories of commercial relationships:
B2B, B2C and face-to-face. The technical development of such cards is the result of the
merger of several technologies - microelectronics, software for transactions and
cryptographic methods. The price of microprocessor cards remains relatively high
and ranges from $ 5 to $ 20; there are
several compatible operating systems and programming languages on the market .
The first area of application of microprocessor cards is closed systems,
proprietary developments of firms. An example is calling cards that are only recognizable by the network of
one operator; cards for vending machines (parking machines,
public transport turnstiles , etc.). Today, smart cards can be
classified according to the following criteria:
Card usage time (there are disposable or “rechargeable” cards),
Intellect cards, which range from simple memory to gesture usage.
coy logic and programmable microprocessors.
The need for direct contact of the reader and the method of providing energy
(there are contact and contactless cards). Contact cards can transfer data at
speeds up to 9.6 Kb / s, contactless - up to 106 Kb / s.
Electromagnetic induction can be used as a power source for contactless cards , which makes them attractive for rail and trucking companies to pay tolls.
Characteristics of the card application. Distinguish between cards with one application and cards
with multiple applications - multipurpose cards.
Calling cards are usually disposable contact cards with one application,
their cost is about $ 0.50. The total number of telephone units
corresponds to the number of memory locations. When used, the cells are sequentially cleaned
. The amount of memory varies from 8 to 256 KB, but can reach hundreds of megabits.
Multipurpose cards can offer personalized services such as
badges, IDs, medical records, grade books, e-
wallets, and so on. Having multiple applications on a single card requires isolating the
memory areas used by each application. If access to the card depends on a PIN, communication
with each application can be controlled using a second set of secret
keys held by the application provider and customer.
Today microprocessor cards can be:
Bank cards.
Prepaid cards. If the values stored in the card are
fiduciary money, the card is an electronic wallet. A ***** operator
can only provide electronic tokens for any special service.
and Cards containing portable electronic documents (medical
records, grade books, etc.). Such maps are used by some European
universities. Examples of the use of such cards:
- SmameVitale in France and Versicherten-Karte in Germany - a way of
accessing an information system for collecting and storing administrative information;
- Hemacard in Belgium for people at risk - pregnant
women with cancer and other serious illnesses.
Access control of the cardholder to anywhere or to something can be carried out
physically (access to businesses, hotels, etc.) or logically (access to
software, secret databases, etc.). In this case, the card acts as a portable
calculator that uses dynamic passwords to authorize
user access. This type of application is more typical for security systems
than for electronic payments.
Adaptation of IC cards for use in computers. Several
attempts to make a microprocessor card standard equipment of a personal
computer. The main initiatives in this area are the creation of the OpenCard
Framework (OCF), PC SC and Java Card specifications . An experimental
UNIX file system for smart cards has also been created .
OCF is a product of the OpenCard consortium and is a common
programming interface for smart card readers and card applications. It is based on
Java technology and is incompatible with C and C ++ languages. OCF supports multi-
slot readers to access more than one card at a time; this feature is useful in
financial and medical applications where the presence of a master card is required (master
- cards) to allow access to a second card, which may belong to the customer
or patient.
PC / SC is an abbreviated version of the"
Interoperability Specification for Integrated Circuit Cards and Personal Computer Systems", created by a working group of
representatives of leading manufacturers of microprocessor cards and personal
computers: Bull CP8, GemPlus, Schlumberger, Hewlett-Packard, IBM, Sun and Microsoft.
The specification is written for Windows and supports many
programming languages . Microsoft has developed its own cryptographic library -
CryptoAPI used by Windows to access cryptographic functions and
certificates stored in smart cards. CryptoAPI also enables
secure messaging and certificate management. This library is
subject to US export restrictions on cryptographic software.
The Java Card specification defines a subset of the Java language for
use in microprocessor cards. Using Java allows developers to
create smart card applications that are independent of the microprocessor and
operating system. Application portability is achieved by using a
Java virtual machine on top of an operating system.
1.1. Contact pad cards
In cards with a contact pad (integrated circuit cards with contacts), the clock
frequency varies from 3.5 to 5 MHz, the supply voltage is from 3 to 5 V. In the
previous generation chips, the programmable memory worked from a power supply of 5 - 15 V and
even 21 V. Progress microelectronics made an additional power
supply unnecessary, which increased resistance to attacks through changes in supply voltage. Moreover, it became possible to use the released contact for two-way
(duplex) data transmission.
The IC card has 8 contacts, resistant to mechanical damage, corrosion,
contamination and damage by chemical reagents. Contact arrangement
is determined by the standard, however, manufacturers may define the
purpose of the contacts in different ways.
Readers are usually equipped with a mechanism for automatically capturing the card
when it is inserted into the slot. This increases the reliability of reading and "vandal resistance"
(albeit at the expense of increasing the complexity of the device and the cost of operation).
Contacts of the card with IC
Microprocessor cards have two types of memory:
• read-only memory (ROM);
• random access memory (RAM).
The ROM contains a mask of a card with a length of several kilobits, which contains the
operating system. RAM stores intermediate calculation results and
variables. Static RAM, unlike DRAM, does not require
periodic content refresh to prevent data loss.
The contents of the ROM are independent of the power supply. ROM can be of the following types:
• programmable read-only memory (PROM);
• erasable programmable read only memory (EPROM).
The contents of the EPROM can only be erased by exposure to ultraviolet radiation.
This type of memory is commonly used in disposable cards. EPROM is used in
programmable cards to store encryption keys and other variable values. To write a
value to an EPROM cell, two clock cycles are required: the first is to erase the information, the second is to
records. The use of new types of memory, such as flash memory or ferrite memory
(FeRAM), can reduce write time and power consumption.
Currently, the cards use 8-bit processors, 16KB ROM. RAM
256 or 512 bytes and PISA 3-8 Kbytes. From a functional point of view, the memory of the microprocessor
card is organized according to the hierarchy of zones:
o The production area is the part of the memory recorded before personalization.
Contains the batch number of the chip backing, the name of the backing manufacturer and its serial
number, the serial number of the card and the ID of the card supplier.
o Secret area. It contains confidential information of the cardholder
-PIN-code, secret cryptographic keys and personal data files.
o A transactional or work area that stores temporary
confidential information about a transaction (for example, the amount of a transaction). This
storage area is available for all multipurpose card applications.
o Access control area, in which the microprocessor keeps a log of attempts to
access a secret or transactional area (if this area is protected). Using such a zone allows you to block the card after several unsuccessful access attempts
(usually no more than three).
o Free zone, which contains non-confidential information
such as the names of the cardholder and issuer, as well as the expiration date of the card. This zone has
access all multipurpose card applications.
The operating system currently used depends on the card manufacturer. One of the most commonly used masks in single app maps is the
M4 mask. Among the makers of masks for multipurpose cards, there are two main
competitors - the Maosco consortium, led by Mastercard and including Hitachi,
Gemplus and Siemens. They offer the Multos operating system developed by
Mondex International. Visa International is spearheading the JavaSoft consortium backed by Sun
Microsystems, Schlumberger, Motorola and Gemplus to offer its
Java technology-based card specification.
2. Security of microprocessor cards
The microprocessor card protects sensitive data stored in the memory of
the card, as well as secure access to services. The purpose of the security process
is to:
• protect against counterfeiting at all stages of production,
• protect against theft of applications and ROM-based security software,
• protect the information stored in the card,
• detect and prevent attempts to unlawful use of the card.
Each phase of the card's life cycle implies the implementation of a sufficient level of
security to move to the next level.
There are seven stages in the issuance, personalization and distribution of microprocessor
cards.
1. Development of the chip.
2. Development of embedded software (firmware).
3. Creation of silicon substrates.
4. Placement of the chip and firmware on the substrate, packaging of the chip and final
testing.
5. Pre-personalization with the addition of programs depending on the purpose of the
card and testing them.
6. Personalization of the chip by placing in the memory of the card the names of the issuer and the
owner and application applications.
7. Issue of a smart card in the form of a plastic card with embossed printing, logo printing; card distribution.
The following participants are required for the production of the card:
• an integrated circuit (IC) and embedded software developer;
• IS manufacturer and security software developer;
• certification center;
• application developer;
• manufacturer of the actual carrier of the chip - a plastic card (design, relief printing, logo printing, etc.);
• card issuer - the organization responsible for the content of the card and
delivery to the end user.
The required
level of security must be ensured at all stages of card production and transportation . At the development stage, it is necessary to ensure the safety of design
documentation for IS, software, pre-personalization procedures and the safety of the
production environment. The security policy is to identify all possible types of
threats and develop appropriate protective measures during production and transportation.
Control is established over the production environment - materials and
production tools , good and defective copies. Potential threats include disclosure of
product requirements, modification or theft of materials or finished goods, modification of
software (including IC firmware and operating system).
IC manufacturers start by manufacturing a silicon wafer that houses
multiple ICs. At this stage, each IC is tested for the operability of the
microprocessor. Working instances are locked using symmetric encryption with a silicon workshop key (factory key) 8 or 16 bits long; on the substrate is marked with the batch number and manufacturer's identifier. The fabrication key is calculated using the master key and using the diversification algorithm. This algorithm calculates the factory key based on the master key and
card number. This method allows the CA to authenticate all batches without
storing all the keys. At the final stage, the defective ICs are cut from the substrate, the substrate with the
working chips is sent to the card manufacturer.
During pre-personalization, the card supplier cuts individual chips from the substrate,
which are then pressed into the plastic card. On the back of the card there may be
the manufacturer's logo is placed. After that, the chip is tested, and if
the tests are successful, the supplier will unlock the chip using the factory key. It then
loads its operating system, prints the serial number on the card, and blocks direct
write to memory. From this point on, access to the memory is carried out through logical
addressing to protect the recorded data from alteration or unauthorized access.
Before delivery to the software supplier, the card is blocked again, this time in front of the
issuer's personalization (or transport) key.
At the personalization stage, the software provider transfers application files, personal
information of the owner (owner ID, PIN code and unlocking keys) to the card.
vania). The card is then delivered to the end user.
When using the card, depending on the commercial offer, the owner may
be given the opportunity to change some personal parameters (for example, the
PIN code).
The card can become invalid for several reasons:
o The card has expired. In the case of a card with one application, the
card expiration date is the same as the application expiration date . For a multipurpose card, the expiration date corresponds
to the expiration date of the master file. When the application expires, the
operating system blocks write and update operations; the read operation is not
blocked to allow subsequent analysis of the operations performed.
o All possible memory locations reserved for data are full.
If the correct PIN is entered, it is still possible to read only the contents
of the card memory. To maintain access to a service or service provided by the card, a new card is required.
o Fraudulent use or card theft. In this case, the issuing organization simultaneously blocks the PIN of the card and the unblocking key. Partial
blocking (eg blocking a particular PIN) only affects the application using
that PIN and can be removed by the application owner using the
appropriate unblocking key.
2.1. Physical security of the card when using it
The security architecture of cards used in financial transactions is standardized by
ISO 10102. The ANSI X9.17 / ISO 8732 standard governs
key management procedures . The plastic card contains elements intended for identification of the
issuer and personalization (establishing a connection between the owner and the card). The location of
these elements may vary depending on the country in which the map is used.
On the front side of the card there are:
• contacts of the card chip;
• logo of the card issuer, financial institution and payment system;
• embossed printing of the serial number of the card, the name of the holder and the expiration date of the card;
• hologram - to increase the level of protection against counterfeiting, the location of the hologram is the same for all countries.
There is a place for the holder's signature on the back of the card. There may also be an
address for returning the card if found; for North America - a list of associated
payment systems. Elements for identification, PIN-code verification, expiration
date and codes describing the card's functionality are located on the magnetic stripe on the back of the card.
The card number consists of 10-19 characters, divided into groups of four characters. The first digit in the first group defines the payment system (4 for VISA, 5 for MasterCard, etc.), the
next digits define the country, the representative of the payment system in this country and the card number. The last four digits are the verification code ("Luen's key").
In general, smart cards are equipped with attack-resistant chips — when a physical attack is detected, the chip blocks withdrawal operations. The dielectric layer
is the passive protection of the chip from dirt, dust and radiation. When this layer is removed, the chip can react to light, changes in temperature, frequency, and voltage.
To prevent selective erasure of memory cells or the placement of sequential
words in independent memory cells, physical protection of memory cells is provided.
To deactivate special test ICs used at the arbitrariness stage, fuses are provided, which are burned out before the cards are distributed.
2.2. Logical security of the card when using it
At the stage of use, logical access control is carried out at three levels.
The first level is user authentication by entering a PIN-code, the second is to define a set of privileges for the card, and the third is to establish a secure logical connection channel
between the card (via the terminal) and the remote server. In face-to-face-commerce card authentication can be carried dealer:
o using a variety of physical means (identity card, signature
oposredstvom authorization server request;
opri means of PIN-code, which is digitally signed for procedures
withdrawals or payments.
Microprocessor cards can use complex authentication procedures.
In order to avoid transmission of the PIN-code or session keys in unencrypted form,
symmetric encryption algorithms (usually before DES, now AES) are used to check the integrity of the message and authenticate the sender , including in the mode of
generating the MAC message authentication code.
In online authorization systems, the process consists of two stages:
o mutual authentication of the owner and the card;
o mutual authentication of carp and terminal.
Note that many systems use their own protocols, the EMV Consortium
(EuroPay, MasterCard, Visa) has created its own specification for financial
transactions. GSM mobile telephony also uses a standardized procedure
remote authentication.
In the case of offline authorization (for example, when paying in the South African
electricity billing system ), the card contains a credit charged for the use of electricity. In
this symmetrical encryption algorithm is used.
Mutual authentication of the owner and the card.
Mutual authentication of the cardholder is as follows.
After placing the card in the slot, the reader asks the card to generate a random number, usually 64 bits long.
The owner enters the PIN-code on the reader's keypad.
The reader encrypts this number according to the algorithm specified by the payment system,
using the PIN-code as a key. The reader sends this number back to the card.
The card performs the same operations using the PIN code stored in its memory, and then
compares the result and the value received from the reader.
The result of the comparison determines whether mutual authentication was successful.
Mutual authentication of card and terminal.
If the previous phase is successful, then mutual authentication of the
card and the terminal begins .
The terminal generates a random number and sends it to the card.
The card encrypts this number with a secret key, depending on the selected type of service.
The encryption algorithm is determined by the payment system. The encrypted number is
sent back to the terminal.
The terminal performs similar calculations and compares the result with the value,
received from the card.
The result of the comparison determines whether mutual authentication was successful.
Audit management. Most audit management procedures require the chip to
record certain events and transaction details in a special audit file that is
later sent to the audit control center. Most smart cards have a
failed access counter . If the number of unsuccessful attempts has not reached a certain threshold, the counter is reset to zero on the first successful access attempt. If the threshold value is
exceeded, access to the card or a specific file is blocked. Some cards
allow the user to independently set the number of unsuccessful attempts for
card blocking, in others this value is preset and varies from 3 to 7 attempts.
2.3. Examples of implementation of safety procedures during
use of the card
Memory card reader for Minitel. The LECAMC (Lecteur de Cartes a Memoire) card reader was created to provide secure smart card transactions
for Minitel).
EMV card. EMV cards are designed for face-to-face commerce.
EMV specifications assume the use of a public key authentication algorithm.
Card authentication requires the exchange of four messages,
symmetric encryption and MAC are used to identify the owner. To form a MAC
the secret session key is used, which is also held by the bank.
An EMV session consists of the following stages.
1. Application selection.
2. Authentication of application data.
3. Determine general session restrictions due to incompatibility between map and server
versions, differences due to geographic location, or restrictions
imposed by the service provider.
4. Owner authentication.
5. Risk management (request for authorization, audit management, etc.).
6. If necessary, an online request for authorization is sent to the authorization server.
7. Updating data in the card memory.
There is an undeniable interest in microprocessor cards, despite the unequal level of their penetration into the markets of different countries. It provides an overview
of the security features for smart cards and provides an assessment of the security level.
Describes multipurpose cards (containing more than one application) and how
to manage those applications. It ends with an overview of the main standards
for multipurpose cards and the EMV specification (according to the first letters of the names of the
specification developers: Europay, MasterCard, Visa).
1. Classification and fields of use of microprocessor
cards
For the first time cards with integrated circuits (IC) were patented in the 70s in the USA,
Japan and France, and their full-scale commercial development began in Japan
in the 70s, in France in the 80s. There is now a trend of
widespread replacement of magnetic stripe cards with microprocessor cards, but in
e-commerce applications that are demanding in terms of memory, computing
performance and security.
Cards are of the following types:
Cards with bar codes.
Magnetic strip cards. These cards have
limited memory and cannot be programmed; as a consequence, they
cannot be used in applications where decision-making is necessary and there are
increased security requirements.
Integrated circuit cards:
- memory cards. They use a low-performance chip that allows you to store data and even provide
minimal protection. The performance of such cards is focused on
making prepaid payments (for example, telephone cards);
- hard logic cards (wired-logic cards). Such cards are used in applications
where minimal control of access to encrypted TV channels is required.
The cost of such cards is about US $ 1;
- microprocessor cards or smart cards. They are
programmable devices capable of performing complex calculations. Despite
thin (0.76 mm), the card contains a miniature computer, including an
operating system, memory and microprocessor. Such cards can support
advanced encryption techniques to authenticate parties, guarantee
data integrity and confidentiality. Unlike cards with a magnetic stripe,
payment authorization can be done offline.
IC cards can be used in three categories of commercial relationships:
B2B, B2C and face-to-face. The technical development of such cards is the result of the
merger of several technologies - microelectronics, software for transactions and
cryptographic methods. The price of microprocessor cards remains relatively high
and ranges from $ 5 to $ 20; there are
several compatible operating systems and programming languages on the market .
The first area of application of microprocessor cards is closed systems,
proprietary developments of firms. An example is calling cards that are only recognizable by the network of
one operator; cards for vending machines (parking machines,
public transport turnstiles , etc.). Today, smart cards can be
classified according to the following criteria:
Card usage time (there are disposable or “rechargeable” cards),
Intellect cards, which range from simple memory to gesture usage.
coy logic and programmable microprocessors.
The need for direct contact of the reader and the method of providing energy
(there are contact and contactless cards). Contact cards can transfer data at
speeds up to 9.6 Kb / s, contactless - up to 106 Kb / s.
Electromagnetic induction can be used as a power source for contactless cards , which makes them attractive for rail and trucking companies to pay tolls.
Characteristics of the card application. Distinguish between cards with one application and cards
with multiple applications - multipurpose cards.
Calling cards are usually disposable contact cards with one application,
their cost is about $ 0.50. The total number of telephone units
corresponds to the number of memory locations. When used, the cells are sequentially cleaned
. The amount of memory varies from 8 to 256 KB, but can reach hundreds of megabits.
Multipurpose cards can offer personalized services such as
badges, IDs, medical records, grade books, e-
wallets, and so on. Having multiple applications on a single card requires isolating the
memory areas used by each application. If access to the card depends on a PIN, communication
with each application can be controlled using a second set of secret
keys held by the application provider and customer.
Today microprocessor cards can be:
Bank cards.
Prepaid cards. If the values stored in the card are
fiduciary money, the card is an electronic wallet. A ***** operator
can only provide electronic tokens for any special service.
and Cards containing portable electronic documents (medical
records, grade books, etc.). Such maps are used by some European
universities. Examples of the use of such cards:
- SmameVitale in France and Versicherten-Karte in Germany - a way of
accessing an information system for collecting and storing administrative information;
- Hemacard in Belgium for people at risk - pregnant
women with cancer and other serious illnesses.
Access control of the cardholder to anywhere or to something can be carried out
physically (access to businesses, hotels, etc.) or logically (access to
software, secret databases, etc.). In this case, the card acts as a portable
calculator that uses dynamic passwords to authorize
user access. This type of application is more typical for security systems
than for electronic payments.
Adaptation of IC cards for use in computers. Several
attempts to make a microprocessor card standard equipment of a personal
computer. The main initiatives in this area are the creation of the OpenCard
Framework (OCF), PC SC and Java Card specifications . An experimental
UNIX file system for smart cards has also been created .
OCF is a product of the OpenCard consortium and is a common
programming interface for smart card readers and card applications. It is based on
Java technology and is incompatible with C and C ++ languages. OCF supports multi-
slot readers to access more than one card at a time; this feature is useful in
financial and medical applications where the presence of a master card is required (master
- cards) to allow access to a second card, which may belong to the customer
or patient.
PC / SC is an abbreviated version of the"
Interoperability Specification for Integrated Circuit Cards and Personal Computer Systems", created by a working group of
representatives of leading manufacturers of microprocessor cards and personal
computers: Bull CP8, GemPlus, Schlumberger, Hewlett-Packard, IBM, Sun and Microsoft.
The specification is written for Windows and supports many
programming languages . Microsoft has developed its own cryptographic library -
CryptoAPI used by Windows to access cryptographic functions and
certificates stored in smart cards. CryptoAPI also enables
secure messaging and certificate management. This library is
subject to US export restrictions on cryptographic software.
The Java Card specification defines a subset of the Java language for
use in microprocessor cards. Using Java allows developers to
create smart card applications that are independent of the microprocessor and
operating system. Application portability is achieved by using a
Java virtual machine on top of an operating system.
1.1. Contact pad cards
In cards with a contact pad (integrated circuit cards with contacts), the clock
frequency varies from 3.5 to 5 MHz, the supply voltage is from 3 to 5 V. In the
previous generation chips, the programmable memory worked from a power supply of 5 - 15 V and
even 21 V. Progress microelectronics made an additional power
supply unnecessary, which increased resistance to attacks through changes in supply voltage. Moreover, it became possible to use the released contact for two-way
(duplex) data transmission.
The IC card has 8 contacts, resistant to mechanical damage, corrosion,
contamination and damage by chemical reagents. Contact arrangement
is determined by the standard, however, manufacturers may define the
purpose of the contacts in different ways.
Readers are usually equipped with a mechanism for automatically capturing the card
when it is inserted into the slot. This increases the reliability of reading and "vandal resistance"
(albeit at the expense of increasing the complexity of the device and the cost of operation).
Contacts of the card with IC
Microprocessor cards have two types of memory:
• read-only memory (ROM);
• random access memory (RAM).
The ROM contains a mask of a card with a length of several kilobits, which contains the
operating system. RAM stores intermediate calculation results and
variables. Static RAM, unlike DRAM, does not require
periodic content refresh to prevent data loss.
The contents of the ROM are independent of the power supply. ROM can be of the following types:
• programmable read-only memory (PROM);
• erasable programmable read only memory (EPROM).
The contents of the EPROM can only be erased by exposure to ultraviolet radiation.
This type of memory is commonly used in disposable cards. EPROM is used in
programmable cards to store encryption keys and other variable values. To write a
value to an EPROM cell, two clock cycles are required: the first is to erase the information, the second is to
records. The use of new types of memory, such as flash memory or ferrite memory
(FeRAM), can reduce write time and power consumption.
Currently, the cards use 8-bit processors, 16KB ROM. RAM
256 or 512 bytes and PISA 3-8 Kbytes. From a functional point of view, the memory of the microprocessor
card is organized according to the hierarchy of zones:
o The production area is the part of the memory recorded before personalization.
Contains the batch number of the chip backing, the name of the backing manufacturer and its serial
number, the serial number of the card and the ID of the card supplier.
o Secret area. It contains confidential information of the cardholder
-PIN-code, secret cryptographic keys and personal data files.
o A transactional or work area that stores temporary
confidential information about a transaction (for example, the amount of a transaction). This
storage area is available for all multipurpose card applications.
o Access control area, in which the microprocessor keeps a log of attempts to
access a secret or transactional area (if this area is protected). Using such a zone allows you to block the card after several unsuccessful access attempts
(usually no more than three).
o Free zone, which contains non-confidential information
such as the names of the cardholder and issuer, as well as the expiration date of the card. This zone has
access all multipurpose card applications.
The operating system currently used depends on the card manufacturer. One of the most commonly used masks in single app maps is the
M4 mask. Among the makers of masks for multipurpose cards, there are two main
competitors - the Maosco consortium, led by Mastercard and including Hitachi,
Gemplus and Siemens. They offer the Multos operating system developed by
Mondex International. Visa International is spearheading the JavaSoft consortium backed by Sun
Microsystems, Schlumberger, Motorola and Gemplus to offer its
Java technology-based card specification.
2. Security of microprocessor cards
The microprocessor card protects sensitive data stored in the memory of
the card, as well as secure access to services. The purpose of the security process
is to:
• protect against counterfeiting at all stages of production,
• protect against theft of applications and ROM-based security software,
• protect the information stored in the card,
• detect and prevent attempts to unlawful use of the card.
Each phase of the card's life cycle implies the implementation of a sufficient level of
security to move to the next level.
There are seven stages in the issuance, personalization and distribution of microprocessor
cards.
1. Development of the chip.
2. Development of embedded software (firmware).
3. Creation of silicon substrates.
4. Placement of the chip and firmware on the substrate, packaging of the chip and final
testing.
5. Pre-personalization with the addition of programs depending on the purpose of the
card and testing them.
6. Personalization of the chip by placing in the memory of the card the names of the issuer and the
owner and application applications.
7. Issue of a smart card in the form of a plastic card with embossed printing, logo printing; card distribution.
The following participants are required for the production of the card:
• an integrated circuit (IC) and embedded software developer;
• IS manufacturer and security software developer;
• certification center;
• application developer;
• manufacturer of the actual carrier of the chip - a plastic card (design, relief printing, logo printing, etc.);
• card issuer - the organization responsible for the content of the card and
delivery to the end user.
The required
level of security must be ensured at all stages of card production and transportation . At the development stage, it is necessary to ensure the safety of design
documentation for IS, software, pre-personalization procedures and the safety of the
production environment. The security policy is to identify all possible types of
threats and develop appropriate protective measures during production and transportation.
Control is established over the production environment - materials and
production tools , good and defective copies. Potential threats include disclosure of
product requirements, modification or theft of materials or finished goods, modification of
software (including IC firmware and operating system).
IC manufacturers start by manufacturing a silicon wafer that houses
multiple ICs. At this stage, each IC is tested for the operability of the
microprocessor. Working instances are locked using symmetric encryption with a silicon workshop key (factory key) 8 or 16 bits long; on the substrate is marked with the batch number and manufacturer's identifier. The fabrication key is calculated using the master key and using the diversification algorithm. This algorithm calculates the factory key based on the master key and
card number. This method allows the CA to authenticate all batches without
storing all the keys. At the final stage, the defective ICs are cut from the substrate, the substrate with the
working chips is sent to the card manufacturer.
During pre-personalization, the card supplier cuts individual chips from the substrate,
which are then pressed into the plastic card. On the back of the card there may be
the manufacturer's logo is placed. After that, the chip is tested, and if
the tests are successful, the supplier will unlock the chip using the factory key. It then
loads its operating system, prints the serial number on the card, and blocks direct
write to memory. From this point on, access to the memory is carried out through logical
addressing to protect the recorded data from alteration or unauthorized access.
Before delivery to the software supplier, the card is blocked again, this time in front of the
issuer's personalization (or transport) key.
At the personalization stage, the software provider transfers application files, personal
information of the owner (owner ID, PIN code and unlocking keys) to the card.
vania). The card is then delivered to the end user.
When using the card, depending on the commercial offer, the owner may
be given the opportunity to change some personal parameters (for example, the
PIN code).
The card can become invalid for several reasons:
o The card has expired. In the case of a card with one application, the
card expiration date is the same as the application expiration date . For a multipurpose card, the expiration date corresponds
to the expiration date of the master file. When the application expires, the
operating system blocks write and update operations; the read operation is not
blocked to allow subsequent analysis of the operations performed.
o All possible memory locations reserved for data are full.
If the correct PIN is entered, it is still possible to read only the contents
of the card memory. To maintain access to a service or service provided by the card, a new card is required.
o Fraudulent use or card theft. In this case, the issuing organization simultaneously blocks the PIN of the card and the unblocking key. Partial
blocking (eg blocking a particular PIN) only affects the application using
that PIN and can be removed by the application owner using the
appropriate unblocking key.
2.1. Physical security of the card when using it
The security architecture of cards used in financial transactions is standardized by
ISO 10102. The ANSI X9.17 / ISO 8732 standard governs
key management procedures . The plastic card contains elements intended for identification of the
issuer and personalization (establishing a connection between the owner and the card). The location of
these elements may vary depending on the country in which the map is used.
On the front side of the card there are:
• contacts of the card chip;
• logo of the card issuer, financial institution and payment system;
• embossed printing of the serial number of the card, the name of the holder and the expiration date of the card;
• hologram - to increase the level of protection against counterfeiting, the location of the hologram is the same for all countries.
There is a place for the holder's signature on the back of the card. There may also be an
address for returning the card if found; for North America - a list of associated
payment systems. Elements for identification, PIN-code verification, expiration
date and codes describing the card's functionality are located on the magnetic stripe on the back of the card.
The card number consists of 10-19 characters, divided into groups of four characters. The first digit in the first group defines the payment system (4 for VISA, 5 for MasterCard, etc.), the
next digits define the country, the representative of the payment system in this country and the card number. The last four digits are the verification code ("Luen's key").
In general, smart cards are equipped with attack-resistant chips — when a physical attack is detected, the chip blocks withdrawal operations. The dielectric layer
is the passive protection of the chip from dirt, dust and radiation. When this layer is removed, the chip can react to light, changes in temperature, frequency, and voltage.
To prevent selective erasure of memory cells or the placement of sequential
words in independent memory cells, physical protection of memory cells is provided.
To deactivate special test ICs used at the arbitrariness stage, fuses are provided, which are burned out before the cards are distributed.
2.2. Logical security of the card when using it
At the stage of use, logical access control is carried out at three levels.
The first level is user authentication by entering a PIN-code, the second is to define a set of privileges for the card, and the third is to establish a secure logical connection channel
between the card (via the terminal) and the remote server. In face-to-face-commerce card authentication can be carried dealer:
o using a variety of physical means (identity card, signature
oposredstvom authorization server request;
opri means of PIN-code, which is digitally signed for procedures
withdrawals or payments.
Microprocessor cards can use complex authentication procedures.
In order to avoid transmission of the PIN-code or session keys in unencrypted form,
symmetric encryption algorithms (usually before DES, now AES) are used to check the integrity of the message and authenticate the sender , including in the mode of
generating the MAC message authentication code.
In online authorization systems, the process consists of two stages:
o mutual authentication of the owner and the card;
o mutual authentication of carp and terminal.
Note that many systems use their own protocols, the EMV Consortium
(EuroPay, MasterCard, Visa) has created its own specification for financial
transactions. GSM mobile telephony also uses a standardized procedure
remote authentication.
In the case of offline authorization (for example, when paying in the South African
electricity billing system ), the card contains a credit charged for the use of electricity. In
this symmetrical encryption algorithm is used.
Mutual authentication of the owner and the card.
Mutual authentication of the cardholder is as follows.
After placing the card in the slot, the reader asks the card to generate a random number, usually 64 bits long.
The owner enters the PIN-code on the reader's keypad.
The reader encrypts this number according to the algorithm specified by the payment system,
using the PIN-code as a key. The reader sends this number back to the card.
The card performs the same operations using the PIN code stored in its memory, and then
compares the result and the value received from the reader.
The result of the comparison determines whether mutual authentication was successful.
Mutual authentication of card and terminal.
If the previous phase is successful, then mutual authentication of the
card and the terminal begins .
The terminal generates a random number and sends it to the card.
The card encrypts this number with a secret key, depending on the selected type of service.
The encryption algorithm is determined by the payment system. The encrypted number is
sent back to the terminal.
The terminal performs similar calculations and compares the result with the value,
received from the card.
The result of the comparison determines whether mutual authentication was successful.
Audit management. Most audit management procedures require the chip to
record certain events and transaction details in a special audit file that is
later sent to the audit control center. Most smart cards have a
failed access counter . If the number of unsuccessful attempts has not reached a certain threshold, the counter is reset to zero on the first successful access attempt. If the threshold value is
exceeded, access to the card or a specific file is blocked. Some cards
allow the user to independently set the number of unsuccessful attempts for
card blocking, in others this value is preset and varies from 3 to 7 attempts.
2.3. Examples of implementation of safety procedures during
use of the card
Memory card reader for Minitel. The LECAMC (Lecteur de Cartes a Memoire) card reader was created to provide secure smart card transactions
for Minitel).
EMV card. EMV cards are designed for face-to-face commerce.
EMV specifications assume the use of a public key authentication algorithm.
Card authentication requires the exchange of four messages,
symmetric encryption and MAC are used to identify the owner. To form a MAC
the secret session key is used, which is also held by the bank.
An EMV session consists of the following stages.
1. Application selection.
2. Authentication of application data.
3. Determine general session restrictions due to incompatibility between map and server
versions, differences due to geographic location, or restrictions
imposed by the service provider.
4. Owner authentication.
5. Risk management (request for authorization, audit management, etc.).
6. If necessary, an online request for authorization is sent to the authorization server.
7. Updating data in the card memory.
