Chipcard technology

A microprocessor Smartcard is the most up-to-date device for storing electronicaly security sensitive data.

The smartcard is the size of a standard plastic credit card with an embedded computer chip. The chip holds various types of information in electronic form with sophisticated security mechanisms.

There are different types of security mechanisms used in smart cards. Those necessary for a memory-only card are less sophisticated than those for a microprocessor card.

A microprocessor card is a microcomputer with built-in processor, memories and operating system. These cards use cryptographic algorithms for securing data and transactions. An "intelligent" smart card contains a central processing unit - a CPU-- that actually has the ability to store and secure information, and "make decisions", as required by the card issuer's specific applications needs. Because intelligent cards offer a "read/write" capability, new information can be added and processed. For example, monetary value can be added (credit process) and decrement (debit process) as a particular application might require. Memory cards are primarily information storage cards that contain stored value which the user can "spend" in a pay phone, retail, vending or related transaction.

The intelligence of the integrated circuit chip in both types of cards allows them to protect the information being stored from damage or theft. For this reason, smart cards are much more secure than magnetic stripe cards, which carry information on the outside of the card and can be easily copied. Smart cards are an effective way of ensuring secure access to open interactive systems, such as encryption key mobility and electronic digital signatures.

There are two types of communication between the card and the interface:
  • Contact smart cards require insertion into a smart card reader.
  • Contactless smart cards require only close proximity to an antenna.

The contact smart card has a small gold chip on the front, instead of a magnetic stripe on the back like a "credit card". When the card is inserted into a smart card reader, it makes contact with electrical connectors that transfer data to and from the chip.

A contactless smart card looks just like a plastic credit card with a computer chip and an antenna coil inside, which allows it to communicate with remote receiver/transmitter. Contactless smart cards are used when transactions must be processed quickly, as in mass-transit toll collection. The TwinCard is a single card, which functions both as a contact, and contactless card.

Some advantages of the smart card:
  • Proven to be more reliable than the magnetic stripe card.
  • Can store up to 100 or more times information than the magnetic stripe card.
  • Reduces tampering and counterfeiting through high security mechanisms.
  • Disposable or reusable.
  • Performs multiple functions.
  • Has wide range of applications (e.g., banking, transportation, and healthcare...).
  • Compatible with portable electronic devices (e.g., PCs, telephones...).
  • Incorporates rapidly developing semi-conductor technology.

A smart card can restrict the use of information to an authorised person with a password. However, if this information is then transmitted by radio or telephone, additional protection is necessary. 

One form of protection is ciphering, which is like translating the information into some unknown foreign language. Some smart cards are capable of ciphering and deciphering (translating back to an easily understood form) so the stored information can be transmitted without compromising confidentiality. Smart cards can cipher into billions and billions of foreign languages, and choose a different language at random every time they communicate. This authentication process ensures only genuine cards and computers are used and make eavesdropping virtually impossible.

The CompuWorx smart card systems are based on the most sophisticated microprocessor smart card technologies. We use in average the following Gemplus cards in our applications: PCOS and his successor, the MPCOS-EMV (Europay-MasterCard-Visa electronic purse application standard) which use the 3 DES secret key cryptography or the GPK which is suitable for on-board public key generation.