smart card file system (iso 7816-4)

Muhammad Wasim Raad 1

Smart Card File System (ISO 7816-4)

MF

DF

EF EF

DF

EF EF

EF EF

DF

MF Master File (root directory, must always be present)

DF Dedicated File (directory file, can contain directory and data files)

EF Elementary File (data file)


Smart Card File Names (ISO 7816-4)

Reserved FIDs3F00 MF root directory

0000 EF PIN and PUK #10100 EF PIN and PUK #2

0001 EF application keys0011 EF management keys

0002 EF manufacturing info0003 EF card ID info0004 EF card holder info0005 EF chip info

3FFF file path selection

FFFF reserved for future use

MF

FID File Identifier (2 bytes)

FID File Identifier (2 bytes)

DF

DF Name (1-16 Bytes)usually ISO 7816-5 AID

EF Short-FID (5bits) FID File Identifier (2 bytes)


EEPROM pages

100'000 write cycles

64 byte page size

Smart Card Internal File Structure

EF

Header

Body

–Header: file structure info, access control rights, pointer to data body content changes never or seldom, protected from erasure

–Body: data, content might change often, many write operations

pointer


MULTOS• A high security architecture

– Apps needing high security can reside next to apps needing low security

• Co-residence of multiple, inter-operable, platform independent applications

• Dynamic remote loading and deletion of applications over the lifetime of a card– Achieved using the language MEL (MULTOS

Executable Language)


PC/SC• Architecture designed to ensure the

following work together even if made by different manufacturers:– smart cards– smart card readers– computers

• Differs from OpenCard because it offers API interoperability rather than uniform API

• Designed for Windows environment with development in Visual C++


Java card • The Java Card specifications enable Java technology to run on

smart cards and other devices

• Multi-Application Capable - Java Card technology enables multiple applications to co-exist securely on a single smart card

• Dynamic: - New applications can be installed securely

• Secure: - relies on the inherent security of the Java programming language to provide a secure execution environment. - platform's proven industry deployments and security evaluations ensure that card issuers benefit from the most capable and secure technology available today.


How can the SMART card help in new channels?

Earning and redeeming

rewards with Virtual

Merchants

To store personal data

for covenience

on-line

To Secure Virtual World Shopping with Credit (Chip

SecureCode) or e-Cash

To Managing Finances Securely and Conveniently

Virtual Health, Govt or other

Services

Entertainment on Demand


Proprietary Smart Card Operating Systems

Chip Hardware BChip Hardware BChip Hardware AChip Hardware A

Proprietary OS AProprietary OS B

Native EMV Code

Native LoyaltyCode

Data Data

RO

ME

2

Native EMV Code

Native EMVCode

Native LoyaltyCode

Data Data

RO

ME

2

Proprietary Chip OS developed in “native” code - specific to underlying silicon - to access chip functions. OS often dedicated to performing a single specific function – e.g. EMV OS code is fixed in the ROM of the chip, and cannot be changed after the chip is made.

Limited number of programmers able to make adaptations to proprietary OS – impact on time to market if changes / new functions required. In order to multi-source silicon, native code must be redeveloped from scratch for new chip.

Chip Hardware BChip Hardware BChip Hardware AChip Hardware A


KILLER Applications


Open Platform (Card Manager & Security Domain) APIOpen Platform (Card Manager & Security Domain) API

Windowsfor

Smart Cardby

Microsoftand

GlobalPlatform

Java Cardby

Sun Microand

GlobalPlatform

Multos

Credit/DebitCredit/DebitWIMWIMSIMSIM

Logical &Logical &Physical Physical AccessAccess

LoyaltyLoyaltyE-PurseE-Purse

oror oror

Operating System Options

MULTOSby

MondexInternational

andMAOSCOCouncil


Proximity Solutions for MULTOS

2 types of MULTOS “Dual-Interface” cards – supporting communication with the chip via both the contact plate and the contactless interface based on Proximity Standard - ISO 14443

Hitachi/DNP Contactless MULTOS: 36K EEPROM, Type B contactless interface, Available now

Supports both versions of Paypass transaction (contactless M/Chip 4, or Contactless Track 2 data) and in fact can execute ANY existing MULTOS application over the contactless interface.

Keycorp / Philips Contactless MULTOS, 16K EEPROM, MIFARE Type A contactless interface, Prototypes available now

Supports Mifare ticketing only. Full contactless MULTOS application execution planned for Q3 2004

250K issued for 250K issued for Japan Residential Japan Residential

ID cardID card


Smart Card Corporate ID& E-Purse Multi-application system


Smart toolz File creation utility


What is RFID?• RFID is an ADC technology that uses

radio-frequency waves to transfer data between a reader and a movable item to identify, categorize, track...

• RFID is fast, reliable, and does not require physical sight or contact between reader/scanner and the tagged item


What is RFIDWhat is RFID

Radio Frequency Radio Frequency IdentificationIdentification

Radio Frequency Radio Frequency IdentificationIdentification

LabelLabel

(Transponder)(Transponder)

Reader/AntennaReader/Antenna

(Interrogator)(Interrogator)

ComputerComputer

Tag enters RF field

RF signal powers tag

Tag transmits ID, plus data

Reader captures data

Reader sends data to computer

Computer determines action

Computer instructs reader

Reader transmits data to tag

Muhammad Wasim Raad

• RFID Diagram:

Note: The host is the software database...

Reader

RF Module

Antenna

Host ComputerHost Computer

RFID Primer

Muhammad Wasim Raad

Note: The RF module creates radio frequency (RF). It receives and transmits RF through the antenna…

Reader

RF Module

AntennaAntenna


RFID Primer

Muhammad Wasim Raad

Note: Tag (transponder) is interrogated by the antenna....

ReaderReader

RF ModuleRF ModuleTagTag

AntennaAntenna


RFID Primer

Muhammad Wasim Raad

Note: The antenna captures the tag ID number…first as analog RF waves, then it is converted to digital information.

(Tag ID Communication)

Reader

RF ModuleTag

Antenna


RFID Primer


An RFID Tag Is A Portable Database

…A sophisticated computing and communications device…A wireless extension of Information Systems

Interrogation UnitTx/RxMicro

Computer

Computer Network

Antenna Tag

Radio Tx/Rx

RAM ROM

CPU I/O

Pwr Supply

Radio Tx/Rx

RAM ROM

CPU I/O

Pwr Supply


What is RFID? -- The Tags

• Tags can be read-only or read-write• Tag memory can be factory or field

programmed, partitionable, and optionally permanently locked

• Bytes left unlocked can be rewritten over more than 100,000 times


• Tags can be attached to almost anything:– pallets or cases of product– vehicles– company assets or personnel– items such as apparel,

luggage, laundry– people, livestock, or pets– high value electronics such

as computers, TVs, camcorders

What is RFID? -- The Tags


Are All Tags The Same?

Basic Types:Active

•Tag transmits radio signal•Battery powered memory, radio & circuitry

•High Read Range (300 feet)Passive

•Tag reflects radio signal from reader•Reader powered•Shorter Read Range (4 inches - 15 feet)


• Variations:– Memory

• Size (16 bits - 512KBytes +)• Read-Only, Read/Write or WORM• Type: EEProm, Antifuse, FeRam

– Arbitration (Anti-collision)• Ability to read/write one or

many tags at a time– Frequency

• 125KHz - 5.8 GHz– Physical Dimensions

• Thumbnail to Brick sizes – Price ($0.50 to $250)

Are All Tags The Same?


Types of Tags - Memory Segmentation

Read Only (Factory Programmed)

WORM - Write Once, Read Many times

Reprogrammable (Field Programmable)

Read/Write (In-Use Programmable)


What is RFID? -- The Readers

• Readers (interrogators) can be at a fixed point such as– Entrance/exit– Point of sale– Warehouse

• Readers can also be mobile -- tethered, hand-held, or wireless


Advantages• Uses normal CMOS processing

—basic and ubiquitous

• Relative freedom from regulatory limitations

• Well suited for applications requiring reading small amounts of data at slow speeds and minimal distances

• Penetrates materials well (water, tissue, wood, aluminum)

<150 kHz (125 kHz & 134 kHz )


Disadvantages:• Does not penetrate or transmit around metals

(iron, steel)• Handles only small amounts of data• Slow read speeds• Large Antennas -- compared to higher

frequencies• Minimal Range

<150 kHz (125 kHz & 134 kHz )


Disadvantages:• Tag construction:

is thicker (than 13.56 MHz) is more expensive (than 13.56 MHz)more complex

(requires more turns of the induction coil)

<150 kHz (125 kHz & 134 kHz )


RFID Primer…RFID Primer…FrequenciesFrequencies

Inductive Magnetic Field Coupling: 13.56 MHz (Popular Smart Card Frequency) 1 MHz 10 MHz

Mid. Freq.EAS

AM CB

RFID:Smart Cards


13.56 MHz13.56 MHz Advantages• Uses normal CMOS processing--basic and

ubiquitous • Well suited for applications requiring

reading small amounts of data and minimal distances

• Penetrates water/tissue well • Simpler antenna design (fewer turns of

the coil); lower costs to build• Higher data rate (than 125 kHz--but

slower than higher MHz systems) • Thinner tag construction (than 125 kHz)


Disadvantages• Government regulated frequency

(U.S. versus Europe)• Does not penetrate or transmit around

metals (unless very thick)

• Large Antennas (compared to higher frequencies)

• Larger tag size than higher frequencies• Tag construction: requires more than one

surface to complete a circuit• Minimal Range

13.56 MHz13.56 MHz


Bar Codes vs. RFIDBar Codes vs. RFIDSystem Barcode RFID Data Transmission Optical Electromagnetic

Typical Data Volume 1-100 Bytes 128-8K Bytes

Data Modification Not possible Possible

Position of Data Carrier for Read Write

Visual contact Non line of sight possible

Reading Distance Several Meters (line of sight)

From centimeters to meters (depending on the frequency and tags)

Access Security Little High

Environmental Susceptibility

Dirt Very Small

Anticollision Not possible Possible


RFID Applications• Petrol Service Stations

– In Singapore, the Mobil petrol service stations has already introduced RFID technology to implement their Speed Pass system to enable drivers to fill up the petrol and drive away. All information will be gathered automatically through RFID smart tags and customers’ bills can be settled through GIRO.


RFID Application in Petrol Service Station


RFID Application in a Factory Canteen

• In the video, it is very interesting to notice that in the factory canteen’s environment, RFID tags are attached at the bottom of the plates to identify the cooked food and its price.

• The staff of the factory need only to pick up the food on the tray and place the tray on top of a RFID reader.

• The RFID reader will identify the products and its price. The staff need only to place the cash card to pay for the food.

smart card file system (iso 7816-4)

Documents

card issuers

ef card id info

ef card holder info

java card specifications

smart card file system

new chip

smart card file names

visual c java card