Good Carder
Professional
- Messages
- 208
- Reaction score
- 169
- Points
- 43
Overview of ISO/IEC 7816
ISO/IEC 7816 is an international standard series focused on electronic identification cards with contacts, particularly smart cards, and extends to contactless mobile devices. It is jointly managed by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC), and developed under ISO/IEC JTC 1/SC 17 (Joint Technical Committee 1, Subcommittee 17 on Cards and Security Devices for Personal Identification). The standard defines parameters for integrated circuit cards, enabling secure data exchange and interoperability across industries, without specifying internal card implementations. It is widely used in applications like SIM cards for mobile phones, EMV payment cards, bank cards, security tokens, and access control systems.Purpose and Scope
The primary purpose of ISO/IEC 7816 is to ensure global interoperability for contact-based and contactless identification cards in interchange environments. It covers physical, electrical, and operational aspects, including security mechanisms, communication protocols, and commands for data handling. The scope includes cards conforming to ISO/IEC 7810 (identification card dimensions) and supports applications in sectors like finance, telecommunications, healthcare, and government. It emphasizes secure interchange, such as through Application Protocol Data Units (APDUs) for command-response pairs, and integrates with protocols like CCID for USB devices.Key Components: Parts of the Standard
ISO/IEC 7816 is divided into multiple independent parts, each addressing specific aspects of card design, interface, and operations. Below is a table summarizing the main parts, their latest editions (as of available data), and brief descriptions:| Part | Title and Edition | Description |
|---|---|---|
| 1 | Cards with contacts—Physical characteristics (2011) | Specifies physical properties like size, flexibility, and mechanical strength, referencing ISO/IEC 7810. |
| 2 | Cards with contacts—Dimensions and location of the contacts (2007) | Defines contact positions (e.g., 8-pin interface including VCC, GND, I/O) and dimensions. |
| 3 | Cards with contacts—Electrical interface and transmission protocols (2006) | Covers electrical signals, voltage levels (e.g., 5V, 3V, 1.8V), and protocols like T=0 and T=1. |
| 4 | Organization, security and commands for interchange (2013) | Describes APDU structures, data organization, security architecture, and interindustry commands for contact and contactless cards. |
| 5 | Registration of application providers (2004) | Outlines registration procedures for unique application identifiers. |
| 6 | Interindustry data elements for interchange (2023) | Defines standardized data elements for secure interchange across industries. |
| 7 | Interindustry commands for Structured Card Query Language (SCQL) (1999) | Specifies commands using SCQL for database-like queries on cards. |
| 8 | Commands and mechanisms for security operations (2021) | Details security commands for cryptography, authentication, and key management. |
| 9 | Commands for card management (2017) | Covers lifecycle management commands, including file creation and secure loading. |
| 10 | Electronic signals and answer to reset for synchronous cards (1999) | Defines signals and reset responses for synchronous transmission. |
| 11 | Personal verification through biometric methods (2017) | Specifies biometric data structures and verification commands. |
| 12 | Cards with contacts—USB electrical interface and operating procedures (2005) | Outlines USB interface specifications and protocols for ICCs. |
| 13 | Commands for application management in a multi-application environment (2007) | Manages multiple applications on a single card. |
| 15 | Cryptographic information application (2016) | Defines applications for storing and retrieving cryptographic data. |
Note: Some parts may have amendments or corrigenda post-publication.
