Tomcat
Professional
- Messages
- 2,689
- Reaction score
- 963
- Points
- 113
General characteristics of smart cards
A smart card is a microcomputer implemented in a single silicon crystal in the form of an integrated circuit (microcircuit), generally consisting of:- central processor (usually 8- or 16-bit RISC-processor, there are also 32-bit processors on the market);
- RAM (usually from 256 bytes to 4 Kb; for Java cards, the RAM size, as a rule, varies from 4 to 8 Kb, microcircuits with 16 Kb RAM are known on the market);
- read-only memory ROM (usually 16-196 Kb, there are cards with a ROM of more than 256 Kb);
- non-volatile memory (non-volatile memory) EEPROM (usually 2-72 KB in size, known cards with 1 MB EEPROM);
- backbone bus, consisting of control bus, data bus and address bus;
- memory management module MMU (Memory Management Unit), which provides control and management of access of the central processor to the operative, permanent and non-volatile rewritable memory of the microcircuit, as well as protection of the information stored in the memory of the card;
- a universal asynchronous receiver-transmitter (UART - Universal Asynchronous Receiver Transmitter), operating through a single I / O line of the serial interface;
- radio transceiver for contactless interface;
- USB interface;
An approximate view of the microcircuit of the card is shown in Fig. 2.1.
Rice. 2.1. Smart Card Chip Elements
An enlarged photograph of a microcircuit measuring 4.28 mm x x 4.96 mm (area 21.23 mm 2 ) is shown in Fig. 2.2.
The photo shows the areas of allocation of RAM (1.3 Kb), ROM (32 Kb), EEPROM (16 Kb) memory, the EC02000 central processor and the ACE cryptographic coprocessor on the chip.
The processor interacts with other components of the microcircuit (for example, memory modules) using the bus. This bus is used not only to transfer data, but also to address devices, as well as to exchange special service signals.
Smart cards, in which the microcircuit contains only memory modules and does not have a microprocessor, are called memory cards or synchronous cards. Such cards are noticeably cheaper than cards with a microprocessor. Synchronous cards are widely used, for example, to pay for telephone calls in street payphones, access control, fare payments in public transport systems, etc.
Memory cards are used in the mode of storing the recorded information (information is only read from the card) or in the overwrite mode (new information can be added and / or already recorded information can be changed). On the contact pad of the memory card from the microcircuit lines
r L 1
MasterCard to J
Rice. 2.2. Enlarged photo of the microcircuit
control of addressing memory cells (address bus lines) and read lines from the memory cells selected by the terminal and writing to them (data bus lines). Since there is no central processor on the card, it is not possible to support the data exchange protocols of the channel and higher levels of the reference model of interaction of open systems. Therefore, the control of the exchange of data between the card reader and the card occurs at the physical level and is performed by the card reader.
Most often, a synchronous data exchange mechanism is used in memory cards, from which one of the names of the card follows. In synchronous mode, the card reader transmits only lower-level commands to the card. The commands indicate the memory address and the action to be performed with the data at this address: read data or write data. In the latter case, the command also contains data that must be written to the specified address.
Some memory cards use secrets that are shared between the card and the terminal to improve the security of data writing and data reading. In general, different secrets can be used for read and write operations. The terminal must demonstrate to the card that it knows its secret in order to obtain permission to read or write data protected in this way.
Cards that have a central microprocessor along with memory modules are called asynchronous or microprocessor cards (IPC). This book will only talk about microprocessor cards.
The operating system of microprocessor cards supports a file system with differentiation of access to individual files, cryptographic functions that ensure a high level of security for operations performed using the IPC, communication protocols between the card and the reader, etc.
In general, several application programs are stored in the memory of the card to carry out various application functions. For example, the card may host applications that support financial transaction processing, cardholder identification / authentication, loyalty scheme, and the like.
IPC applications can operate both under the control of the operating system of the microcircuit (Native Card), and under the control of special open systems, among which, first of all, it should be noted GlobalPlatform / Java Card and MULTOS. Open operating systems allow for secure remote loading / removal of applications on the card (from the card), as well as remotely changing the parameters of card applications.
The basic standard for microprocessor cards is the ISO / IEC 7816 specifications. This standard defines the mechanical and electrical parameters of the IPC, the file system of the microprocessor card, the coding of data elements, the commands and procedures used, including the procedure for selecting the card application, communication protocols for the interaction of the card with the terminal, etc. NS.
In the field of financial applications for the IPC, the EMV standard was adopted (the last version 4.2 was adopted in June 2008), based on ISO / IEC 7816 and defining the physical parameters of the IPC, data elements and commands used in financial applications, as well as cryptographic functions that ensure security IPC operations.
The card can be contact, contactless and combined. In the first case, the microcircuit of the card is connected to the reader using an electrical connection. Physically, such a connection is made through a contact pad providing eight separate electrical connections (in practice, five connections are most commonly used) to the reader, as shown in Fig. 2.3.
Chapter 2. GENERAL INFORMATION ABOUT MICROPROCESSOR CARDS 97
-DI
MasierCa k '^? 1
| G 7SS | GND | |
| RST | I | VPP |
| CLK | LJ | I / O |
| RFU | RFU |
Nutrition
ISO 7816 protocol:
- ? physical access
- ? protocol
The contacts used include:
VCC - contact for supplying a working electrical voltage to the microcircuit;
RST - contact for signaling, with the help of which the microcircuit is initialized (restarted) before performing a new operation;
CLK - contact for supplying a clock signal used to synchronize the operation of individual microcircuit modules and organize data exchange between the reader and the card;
GND - contact for the ground line, providing a common "electrical ground" of the reader and the microcircuit;
I / O - contact for the input / output line used to organize a half-duplex communication channel between the reader and the microcircuit;
VPP is a voltage supply contact used to program the EEPROM memory.
The top five in the contact list are required to use. The sixth contact (C6) is considered optional and, for example, is not used at all in the EMV standard. The VPP pin was mainly used in the first microcircuits, which required a separate power supply to program the EEPROM memory (higher voltages are needed to program the memory). Modern microcircuits are able to extract the programming voltage from the supply supplied through the VCC pin and do without VPP. (For more details on the physical characteristics of contacts, see section 2.2.) Today, contact C6 is reserved for establishing a SWP (Single Wire Protocol) connection, which is used to connect an NFC chip with a SIM / UICC card in a cell phone. This is covered in detail in Chapter 7.
There are IPCs that use two backup contacts to implement a data exchange channel using the USB protocol. The appearance of the contact pad of such a card is shown in Fig. 2.4 (pins D + and D- are used for USB connection). In accordance with the USB standard, the data exchange rate between the reader and the card can reach 1.5 Mbit / s (USB 2.0 low speed) and 12 Mbit / s (USB 2.0 full speed).
The interaction of the card with the reader via the USB protocol is formalized within the framework of the ISO 7816-12 Cards with contacts - USB electrical interface and operating procedures standard, approved in 2005.
Rice. 2.4. External view of the contact pad of a smart card with USB contacts
Thus, all eight contacts of a modern microcircuit have already found their application.
The contactless card uses the electromagnetic field of the reader to exchange information between the card and the terminal. The interaction between the card and the terminal is based on the protocols described in the standards ISO 14443, ISO 15693, ISO 18000, ISO 18092, ISO 10536, etc.
In banking technologies, the ISO 14443 A & B standard is most often used, which is adopted by the leading payment systems VISA and MasterCard as the basic one for the implementation of financial applications of these systems. The ISO 14443 A standard, which is a subset of the ISO 14443 standard, was created on the basis of the MIFARE product, which was well known in the market for a long time. This product was developed by NXP Semiconductors and is a widely used contactless card for e-ticketing for public transportation.
In accordance with the ISO 14443 standard, data exchange between the card and the reader is carried out at a carrier frequency of 13.56 MHz. The distance between the card and the reader must not exceed 10 cm (in practice, it does not exceed 4 cm). In accordance with the ISO 14443 standard, the data exchange rate between the card and the card reader is set to 106 Kbps by default. As an option, data transmission is allowed at speeds of 212, 424, 848 Kbps and higher.
For contactless cards in the absence of an internal source of energy (for example, a battery), the energy for the operation of the processor built into the card must be extracted from the signal transmitted to the card from the reader. To receive the reader's signal, a conductor is usually soldered along the perimeter of the card, which serves as a transmit-receive antenna. Read more about contactless cards in Chapter 7 of this book.
Finally, there are cards that simultaneously support contact and contactless interfaces. Previously, all such smart cards contained two microcircuits: contactless and contact. Chip processors could be linked on the card or run autonomously.
The presence of two separate interconnected microcircuits on the card runs counter to one of the main principles of building a smart card - hiding all elements of the microcomputer of the card in one crystal. Therefore, today, combined cards have appeared and are widespread, implemented on the basis of one microcircuit with one processor and two types of interfaces - contact and contactless. Such cards are also called dual interface or combined.
Perhaps the first two-interface bank card was the JCOP30 card, which implements the multi-application GlobalPlatform 2.1.1 / Java Card 2.2.1 operating system performed by IBM. There are also JCOP40 triple interface cards on the market in which a USB interface has been added to the standard contact interface defined in ISO 7816 and the contactless interface defined in the ISO 14443 A&B standard.
Today, leading card manufacturers offer a wide range of contactless cards, in which the ISO 14443 radio interface is typically used to implement contactless applications from leading payment systems, as well as to emulate the MIFARE application.
