Smart Cards generally refer to any wallet sized or credit card type of thin plastic which has embedded integrated circuits. These are used for key-less entry, identification, authentication, data storage, application processing, transaction payments and among other functions.
The first generation of cards had a small grid of 6 to 10 metal contacts (typically gold) that were accessed by a mechanical reader. Cards of this type were prevalent in Europe beginning in the 1980’s for telephone calling cards, and replaced magnetic stripe type cards.
One major benefit of a smart card over a magnetic stripe is that a system is no longer limited to just reading a small amount of data contained in the magnetic medium. Smart cards can have sophisticated electronics such as processors and memory devices, which is the “smart” part in the card.
Second generation smart cards did away with the metal contacts to become “contactless”. This was a huge advance in the technology as it was no longer necessary to have the card physically in a machine to access its data or for communications. Today, nearly all building security cards, garage entry cards and other access devices are contactless.
The early versions of these were very limited in how far the card could be from the reader to be activated. As a proximity card, these rely on Near Field Effects (see related article on Near Field Communications ) to energize and power the electronics within the card, and for communications between the card and the reader. Next generation devices had much greater range, or the order of 15 to 20 feet, and these are used today in mass transit lanes (e.g., “Fast Pass”) and commercial security systems / parking garages.
With the enhancement of the processing power and memory storage that could now be embedded in a smart card, it’s possible to effectively and securely use this technology for biometrics. Biometrics can be defined as an automated method to validate a persons identity based on their specific characteristics.
For the highest security, the characteristics can be anything which are unique to that individual. For example, facial structure, finger prints, retinal prints or DNA are biologically unique to each of us. A side note – biological twins, triplets, etc. start out with the same genetic makeup, or genotype, but they have different phenotypes. This means that the same DNA is expressed in different ways as the embryo develops resulting in similar but unique DNA, as well as finger prints, for each person. It’s also important to mention that living tissue is easily distinguished by scanners from non-living. So it’s not possible to steal a finger print impression, much less an actual finger, to trick a biometric scanner.
Also unique to individuals are certain behavioral characteristics.
Speech patterns, dynamic signature tracking or even how a password is typed on a keyboard would work to validate a persons identity as these are nearly impossible to mimic or duplicate. Unlike biological traits, behavioral characteristics can change over time and circumstances – an illness can change vocal cords and injury can alter how one writes or types.
Taking this in account, a robust biometric identification system must have method to either adapt over time or somehow allow for changes from the initial reference. However, in some instances it is more important that identification be secure (e.g., a military facility) rather than robust (e.g., an office elevator bank). Depending on the circumstances there is a spectrum of allowed false positives in which it would be possible for an impersonator to be granted accesses, and false negatives in which a valid user is denied access. In the case of a military site, the false positives would tend to zero and false negatives would required an alternative means of identity verification. For an office building, the false positives may be as high as 20% to 30% and false negatives tend to zero.
Whichever traits or combination of validation techniques are used, these must first be obtained and stored on the card as part of an enrollment process. A trusted party either takes a finger print, retinal scan, facial scan or combination of all three. This information is then encoded, encrypted and downloaded to the smart card. For added security, a user may also be asked for a PIN or password which is also encoded on the card. The biometric data, along with the second level security, provides an even more authentication method.
One company that makes biometric sensor systems is Cardwerk .
The next stage of this technological evolution is the move from a smart card which stores and processes biometric data on silicon chips to one without the chips. The Chipless Biometric Smart Card uses transparent polymer circuity in place of the traditional silicon transistors. Chipless cards only account for less than 1% of the smart card and RFID tag market today, but is expected to grow to over 35% by 2020. One major benefit is cost. In volume for a printed tag, per card cost is less than $0.001 compared with about $0.04 for a standard RFID tag and up to $1.25 for a smart card with embedded electronics.
There are still a number of obstacles to overcome to bring the polymer circuit type cards into mass production including increasing the type and density of
circuits which can be printed on a card. Two companies which have invested in this technology are Renesas and NXP.
If you found this article interesting and informative, please be sure to sign up for our weekly e-newsletter as well as daily email / RSS Feeds at SourceTech411 .