? Soon it will be possible to access the data in smart cards by the use of biometrics.
? Smart card readers can be built into future computer or peripherals which will enable the users to pay for good purchased on the internet.
The smart card being most secure and proven for its security, but was not popular amount the payment schemes. The financial institutions were watching the developments in the area of smart card, until it get mature.
But inspite of its proven capability in the area of security, smart card failed to get enough popularity. One of the reasons of it is the lack of acceptance by the user.
The penetrations of mobile device like mobile phone and PDA have made a significant impact in the area of e commerce.
The mobile operators are also try to sell “Hard” their product by providing additional value added services. Even the Customer wants to have useful application in their mobile devices. The financial institutions are looking for a new revenue generation business and M-Commerce is one of those new areas.
Steps are taken by the financial organization to set the standards for m-commerce. From the above discussion it is evident that the financial institute, mobile operator and customer are looking towards a reliable, flexible and proven frame work for mobile commerce.
If this frame work is in place and supported by financial institutes, then customer will trust the new scheme and mobile commerce is going to be new area of commerce
Learn how smart cards do more than just open doors
Smart cards—cards with embedded integrated circuits that can process information—offer a number of features that provide or enhance privacy protection in an access-control system. Check out the following:
Authentication. Smart cards provide ways to authenticate others who want to gain access to the card. These mechanisms can be used to validate users, devices, or applications wishing to use the data on the card’s chip. These features can protect privacy by ensuring that a banking application has been authenticated as having the appropriate access rights before accessing financial data or functions on the card, for example.
Secure data storage. Smart cards provide a way to securely store data on the card. This data can only be accessed through the smart-card operating system by those with proper access rights. This feature can be utilized by a system to enhance privacy by storing personal user data on the card rather than in a central database, for example. In this situation, the user has better knowledge and control of when their personal data is being granted access—and who is involved.
Encryption. Smart cards provide a robust set of encryption capabilities, including key generation, secure key storage, hashing, and digital signing. These capabilities can be used to protect privacy in many ways. For example, a smart-card system can produce a digital signature for an e-mail message, providing a way to validate the e-mail’s authenticity. This protects the message from being tampered with, and also provides the recipient with assurance about origination. The fact that the signing key originated from a smart card adds credibility to the origin and the intent of the signer.
Strong device security. Smart-card technology is extremely difficult to duplicate or forge, and has built-in tamper resistance. Smart-card chips include a variety of hardware and software capabilities that detect and react to tampering attempts, and help counter possible attacks.
Secure communications. Smart cards provide secure communication between the card and reader. Similar to security protocols used in many networks, this feature allows smart cards to send and receive data in a secure, private manner.
Biometrics . Smart cards provide ways to securely store biometric templates and perform biometric matching functions. These features can be used to improve privacy in systems that use biometrics. For example, storing fingerprint templates on smart cards rather than in a central database can be an effective way to increase privacy in a single sign-on system that uses fingerprint biometrics as the single sign-on credential.
Personal device. A smart card is, of course, a personal and portable device associated with a particular cardholder. The smart-card plastic is often personalized, providing an even stronger binding to the cardholder. These features, while somewhat obvious, can be leveraged to improve privacy. For example, a healthcare application might elect to store prescription information on the card vs. on paper to improve the accuracy and privacy of patient prescriptions.
The Princeton Junction, NJ-based Smart Card Alliance is a not-for-profit, multi-industry association working to stimulate the understanding, adoption, use, and widespread application of smart-card technology.
The future of Smart Cards is looking bright. The many existing and potential benefits smart card has to offer both the public and the private sectors of the industry raise the interests of many large corporations such as Wachovia and Motorola. Compared to the conventional magnetic stripe cards, smart cards offer increase security, convenience, and economic advantages. Reducing fraud, reducing time to complete redundant paperwork, and having the potential to have one card to access diverse networks and applications are just some of such examples. The discussion for the future of the smart card across the global industries can be divided into public and private sectors and are discussed below.
With the increase in the application development (due to the implementation of the smart card standards) and reducing cost in technology, plans for the card’s usage have increased. However, majority of the applications are either being piloted or implemented in Europe, but are not widely accepted in the U.S. just yet.
Health cards with multiple functions are issued to patients in France. The card can be used to store information such as administrative, medical, biological, and pharmaceutical records. The card simplifies the administrative process and enables doctors to have access to a more complete and comprehensive healthcare information.
Multifunction ID cards are issued to students at university campuses and schools. The card has the function of identifying the student and also acts as an electronic purse and can be used purchase products from stores or tickets to public transportation.
Rechargeable contact-less cards allow ticket-less and cash-less travels. Parking and telecommunications can also be paid using the smart card. This will simplify the passenger boarding process.
Card can be used to identify the holder using a series of personal keys and fingerprint. The card holder then uses the card to access government databases and receive the welfare payment. The security will help eliminate fraud.
Information such as those on a driver’s license can be stored on the smart card, along with an up-to-date driving records including fines and offenses. The new system can help the government keep track of individual’s records and have a higher successful rate in collecting fines.
Card can be stored with cash values and thus remove coins from public phones. This will reduce vandalism and operating costs, and increase revenue (study has shown that people using the card tend to talk longer on the phone).
According to Andy Honeywood of Central Computer and Telecommunications Agency in Norwich, England, application in the future most likely will continue to increase. However, central/federal government will probably implement the applications at a slower rate than the lower level government/public organizations. The reason being that the applications for the higher government require more security and involve greater privacy issues, thus makes the applications more difficult to develop and costly to deliver. Nonetheless, the central/federal government may reap great benefits by implementing the smart card system in the future.
Originally developed as a stored-value card to make small value transactions (; than $20) easier. Today, over 80% of transactions are in the form of cash. Using smart card can lower transaction cost, handling cost, and costs associated with banking system infrastructure supports. The card will bring much conveniences to the consumers by combing the functions of multiple cards into one and given the ability to make transactions on/off line and peer-to-peer. The card is currently widely used in Western Europe and Asia, and which leads to potential advancement in markets such as banking, Internet, and electronic commerce.
The limitations of the magnetic stripe and the problems with fraud and bad debt can make smart cards a better choice. It not only can store 80 times more information than the traditional card, it can also help banks to have better control over credit risks by enabling banks to customize credit lines based on individual cardholder’s risk profiles and alter the parameters dynamically as needed. Also, the financial institutes can also offer more personalized products and services to fit cardholder’s lifestyles.
The card can contain all necessary personal data for easier Web connection and personalize networking. The card, with all personal information such as user’s ID, e-mails, settings for electronic appliances, and phone numbers stored on the card itself instead of a remote device, will be able to allow network connection anywhere globally as long as there is a phone or an information kiosk. As appliances become generic tools, users will have the convenience of carrying the card alone to have a personalized networking experience.
According to the Gartner Group, it is expected that Internet purchasing will grow to $20 billion by 2000 worldwide, with security and portability in payment transaction over the network continue to play an integral roles to the success of this marketplace. SET protocol will provide a mean to transport customer data and payments information securely over the Internet without having to be locked into using one PC. Electronic cash stored on cards will enable consumers to make micropayments (penny-payments) over the internet.
According to Dataquest, 3.4 billion smart cards will be used worldwide by 2001. Activity growth is about 30% per year, mostly outside of the U.S. About 70% of the card were used in Western Europe, and about 10% each in South America and Asia, while North America accounts for less than 5%. However, Dataquest, another market-research firm, expects that by 2001, Europe will account for only 40% of the card shipments, Asia 25%, and Americas 20%. The Insight Research Corp expects the smart card to grow to about $2.8 billion by year 2002. Also, the smart card industry will grow steadily over the next 5 years, especially in cards and devices, harnessing the power of electronic commerce. In addition, 95% digital wireless phone services will mostly likely be using smart cards worldwide. The areas that are predicted to have the greatest potential growth in the next 3 years are Asia, Latin America, and North America.
In the States and Worldwide
Smart cards are mostly accepted in Europe and Asia, especially in the less developed countries where consumers and businesses do not trust checks and other debt instruments. Other reasons are that in those countries there may be a high incidence of inflation, fraud, crime, and other factors that draw them to implement smart card technology. In the U.S., the credit cards and ATM card are working very well that Americans are hesitant to switch to this unfamiliar technology. One of the reasons is their concern over security in having money stored on a card. However, pilot projects are being implemented to test consumer’s future acceptance. Transit authorities in San Francisco, Washington, D.C., and Finland are taking up this challenge. Canada’s Quebec Soccer Federation will try registering members at the tournaments using the smart card system, and McDonald’s restaurants will test out accepting the card as payments. Ohio and Wyoming will test this technology to make government benefit payments. Globally, smart card are currently being use for payphones, wireless telephony, Internet access, banking, healthcare, and payTV.
Smart cards may look like any other plastic card with a magnetic stripe on the back, but they're a radically different technology. While consumer advertising has tried to downplay the differences between smart cards and normal credit cards — other than to tout them as "safer" — the differences are what make smart cards worth considering.
1. Persistent, protected storage. Persistent storage is an obvious piece of the smart card, and one that makes it similar to an ordinary mag-stripe card. Smart cards have memory; how much memory depends on the application, but 4K to 32K is typical. While this is dramatically more than what can be stored on a mag-stripe card, the key to the storage is protection: You can't just wipe the card against a reader and expect to pull everything off it. While experts have determined that a scanning electron microscope can circumvent the protection built into a smart card, this is not the kind of tool you can pick up at Radio Shack.
2. Processing power. Most smart cards have a small CPU, which means that they can do things other than parrot data stored in the card. The CPU can protect the information, for example, by requiring the user to enter a PIN code. Here's where smart cards have a huge advantage over mag-stripe cards: the CPU can count. Get the PIN code wrong seven times, and the CPU may refuse to let you try again for an hour or a day. Or, with some applications, the CPU may simply wipe the information if you get it wrong too many times, or force you to call a customer support number to retrieve a special unlock code.
In fact, the smart card may never have to actually give up the data at all. For example, when smart cards are used with X.509 digital certificates for applications such as VPN or Windows 2000 authentication, the private key part of the public/private key pair linked to the certificate never leaves the card. The private key is generated by a random number generator on the card, and when data needs to be signed with the private key, the card does the signing.
3. Packaging. While they're not as cheap as credit cards to manufacture, in moderate quantities of 100 or so, smart cards will cost less than $10 each, making them dramatically less expensive than other authentication technologies, such as digital tokens.
The smart card can come in different form factors to work with a wide range of devices. Smart cards were originally modeled on credit cards and were built the same size. American Express' Blue is an example of a combination smart/credit card. But smart cards are used around the world in GSM cellphones (ubiquitous in Europe and available in the U.S.). Those smart cards are cut down to a size little larger than the familiar multipad connector to fit the small handsets. Some wireless LAN adapters, such as Nokia's C110 (www.nokia.com), have small smart card readers to carry configuration data or authentication information.
Inexpensive (less than $50) smart card readers are now available for PCMCIA, serial and USB connectors on personal computers. The packaging doesn't even have to be in the shape of a card.
For example, Rainbow Technologies has combined a smart card with its own USB reader in its iKey product, a single token smaller than your thumb.
The benefits of smart cards are directly related to the volume of information and applications that are programmed for use on a card. A single contact/contactless smart card can be programmed with multiple banking credentials, medical entitlement, driver’s license/public transport entitlement, loyalty programs and club memberships to name just a few. Multi-factor and proximity authentication can and has been embedded into smart cards to increase the security of all services on the card. For example, a smart card can be programmed to only allow a contactless transaction if it is also within range of another device like a uniquely paired mobile phone. This can significantly increase the security of the smart card.
Governments and regional authorities save money because of improved security, better data and reduced processing costs. These savings help reduce public budgets or enhance public services. There are many examples in the UK, many using a common open LASSeO specification.38
Individuals have better security and more convenience with using smart cards that perform multiple services. For example, they only need to replace one card if their wallet is lost or stolen. The data storage on a card can reduce duplication, and even provide emergency medical information.