Smart card definition is a plastic device that uses in-built microchip to perform various computer-based actions. Sometimes, smart cards are referred to as integrated circuit cards.
Most often, smart cards contain an embedded microprocessor and an operating system. This is needed to control the device and allowance of access to objects in its memory. In addition, most of smart cards are able to perform cryptographic manipulations. There are multiple purposes to use smart cards, like for user authentication (one- and two-factor), the sensible information storage and so on.
Smart cards are increasingly used in a variety of areas, from discount systems to credit and debit cards, student cards, GSM phones and travel cards.
The benefits of the device helped it to become widely used in multiple fields. Smart card-based IT solutions are used in finance, cyber security, identification, etc.
Financial smart card implementations include their usage in banking cards, discount cards, phone cards, various household services, etc.
Smart cards are also used as e-wallets. The information about the means by which the owner can pay at various outlets is uploaded on smart card. Cards that work in the described way are called stored-value cards.
Sometimes, smart cards work with no direct connection with the issuer bank. In this case, operations take place in the offline mode, unlike magnetic cards that make a request to the bank, and wait for it to give a permission for a funds manipulation. The possibility of the offline value storage makes smart cards very useful for secure money saving.
Smart cards are a useful tool for the cryptocurrency usage. For example, smart cards are popular in Japan as a solution for the cryptocurrency usage, amongst other things. Smart cards are often used as an alternative to online wallets, which also are a very popular way of storing cryptocurrency. However, online wallets are exposed to additional theft risks. Smart card-based hardware wallets, on the other side, have no risk of being attacked online. Smart card is compact, approachable for an average user and can have embedded technologies for private key generation, data encryption, etc..
The use of smart cards in digital identification is rapidly developing. For example, it can be used with a conjunction with a Public Key Infrastructure (PKI). In this case, a smart card stores the encrypted digital certificate received from the PKI along with some other personal information about owner.
If such smart card id is combined with biometric data, it can provide two - or three-factor authentication. Identification smart cards for drivers are used in several countries over the world. They contain unalterable information and are used register rules violation, personal information of car’s owner, his/her medical information and so on. Such cards help to efficiently collect fines and have easy access to a person’s medical information in case of an accident.
As a citizen ID, smart cards are used in Estonia. There are also Belgian and Spanish electronic identification cards.
Smart cards are used to collect private and public keys that are used to access private and classified information. Safe, offline storage makes it harder to obtain passwords and attack a data storage. Smart cards allow for additional data encryption to protect the info.
Smart cards are also useful due to the fact that they provide users with a Single Sign-on technology making it possible to perform only one smart card authentication to move within several sections of one protected resource.
Security and problems
Enterprise-grade smart cards are developed under a number of governmental and international regulations. Sometimes, particular departments have additional requirements for smart cards used in their work.
Some important problems of smart cards are:
- Smart cards are easily lost. Due to the fact, that most of them have no way of being blocked online, it can lead to significant difficulties.
- Not every facility has a way to work with smart cards. For example, stored value cards are not always accepted for payment. Smart card id and smart card authentication are only possible if the gear of a user is compatible with it.
- If a criminal gathers access to one’s smart card id, he simultaneously gets health info, personal information, passwords and so on.
Smart cards are well protected, but not impossible to hack. Smart cards can be hacked with exploits and physical break (gaining access to the electric circuits of the smart card after chemical removal of protective layers from the crystal. Allows you to analyze the smart card device and connect to it using microelectrodes). Also, smart cards can become vulnerable for attacks in case of unpredictable usage conditions.