Smart Cards

In thinking about the numerous terminologies within the area of Information Technology that we have discussed in the preceding five weeks, I decided to focus on what I might share with my employer that I believe may be both beneficial and possibly a reality. The subject of my presentation and written report is on smart cards.

My objectives are as follows:
- Provide a brief history of smart cards
- Describe the differences between magnetic stripe cards and smart cards
- Identify and describe smart card classification parameters
- Provide the advantages of smart cards
- Most importantly, deliver rationale to support a recommendation for my company to determine the feasibility of offering smart cards to our members.

History
Many people believe that smart cards are a recent invention. This is not so. As early as 1968, German inventors Jurgen Dethloff and Helmet Grotrupp first filed a patent for using plastic as a carrier for microchips. In 1970, Japanese inventor Kunitake Ariumura applied for a similar patent. Smart cards were introduced in Japan that year. In 1974, Frenchman Roland Moreno registered his smart card patent in France. Europeans continue to be the largest users of smart cards.

Magnetic Stripe Card versus Smart Card
A magnetic stripe card can be easily read and altered by anyone with access to the right equipment. Card skimming is the term that describes the process of reading data of a valid card and copying it bit for bit onto another card. Magnetic cards cannot be used for storing confidential information.
A smart card is basically a card that is usually in the size and shape of a credit card and has a very tiny computer embedded within it.

Smart Card Classifications
Components Interface OS Used
Memory Cards Contactless Java
Chip Cards Contact Multos
Hybrid

Component-Based Classification
Memory Cards are those without a processor. Memory cards are the most common and least expensive, around $1 when purchased in bulk. Memory cards contain EEPROM (electrically erasable programmable read-only memory), which is similar to a data storage device where all the application data gets written. Memory cards also contain ROM (read-only memory), which stores data that does not change during the card life (card number, cardholder’s name, etc.). Chip cards (AKA Microprocessor cards) are those with a processor. These are the cards that can technically be called “Smart Cards”. The components of a chip card include ROM, EEPROM, RAM, and CPU. Chip cards are more expensive than memory cards, ranging from $2 to $20. There are multiple applications for chip cards. These include access control, electronic purses, credit and other financial cards, travel, ticketing, and other applications where high security is required.

Interface-Based Classification
Smart cards are also classified on the basis of the method of their communication and data transfer with the reader device. Contact cards must be inserted into a reader. Contact card limitations include the certainty of a limited life, electrostatic charges due to improper contact may damage circuits, and removing a card from a reader before a transaction is completed can damage the card. This is referred to as card tearing. Contactless cards must pass near an antenna to carry out the transaction. The reading distance varies from a few centimeters to up to 50cm. Contactless cards eliminate the limitations of contact cards and are often used in places where a transaction must be carried out very quickly (i.e. mass transit, road tolling, etc.). A hybrid card (AKA Combi Card) has both a contact and a contactless interface. The contactless chip is for applications that require fast transaction times. The contact chip is use for applications that require higher security.

OS-Based Classification
This classification is based on operating system (OS). Smart-card operating systems (SCOS) are placed on the ROM and usually occupy less than 16kB. Some of the main OS include MaultOS, JavaCard, Cyberflex, StarCOS, and MFC.

Advantages of Smart Cards
Smart cards can hold up to 32kB of data where magnetic cards can hold only approximately 1000 bits. Card participants can store a lot of additional information on the cards. Data can be protected against unauthorized viewing. Smart cards cannot be easily replicated – they are much more secure than magnetic stripe cards. While smart cards have caught on in various sectors, they have not been as successful in the financial cards sector. The amount of money invested by the various players in the magnetic stripe card infrastructure and the slightly higher cost of smart cards have been identified as two reasons why smart cards have not yet been successful in the financial cards sector.

Recommendation
While I recognize and accept that smart cards have not yet made the strides in the financial cards sector as in other sectors, I believe that it is both responsible and imperative that the management of my company investigate the feasibility of providing smart card services to its members in the near future. One of the first facts to support my claim to the importance in considering smart cards is security. Smart cards provide an opportunity to combat fraud and skimming. According to David Breitkopf, “Paul Garcia, the chairman, president, and chief executive of the Atlanta transaction processor Global Payments Inc. said that as smart cards become more common elsewhere, U.S. card systems are becoming comparatively less secure, and more attractive to criminals” (American Banker, 2005, Vol. 170, Issue 125). As mentioned earlier, smart cards are more secure than traditional magnetic stripe cards.
Next, I believe that financial institutions need to consider smart cards to protect their interests. According to Kreinin Souccar, “As long as the banks are on the sidelines, telecommunications companies, information technology developers, and transportation authorities all may be in position to seize the payments territory that historically belonged to financial institutions” (American Banker, 1999, Vo. 164, Issue 176).
Strides in smart card implementation in Europe have far surpassed the U.S. According to Alfred Schmauss, chairman of the cards working group of the European Payments Council, “The banking group charged with creating a single European market for payment cards has told Europe’s banks to convert to smart cards by 2010. Switching their magnetic stripe credit card and debit cards to smart cards that conform to the international standard known as EMV will boost security as Europe moves to common card standards” (Cardline, 2005, Vol. 5, Issue 39).
Europe has made great strides with smart cards. I believe this success will force the U.S. to eventually (soon) respond. I have witnessed unprecedented instances of fraud, identity theft, phishing, skimming, etc. in the banking profession. Smart cards can combat a great deal of this activity. I believe fraud costs will soon outweigh the cost of implementing smart cards, if they haven’t already. For this reason, it also seems only logical and responsible for management to explore smart cards in depth.
Lastly, being a leader in offering smart cards in our market, when able, would provide us with a competitive edge. If our smart card were promoted as safer and more convenient, I believe we would not only retain market share, but also gain new market share. Can we imagine a hybrid card that could be waved as the member/customer enters our place of business? Tellers could greet customers as they walked toward them with account information already accessed. Would this not provide customer quality service? The speed in which members/customers is greatly improved. Can we imagine this same card being a consolidation of an account ID card, ATM card, debit card, with improved security? Could this card be expanded to be a phone card and also include a means for paying tolls and tickets? Could our smart card also serve as a driver’s license with adequate information and be a health care card? An all-encompassing smart card in the U.S. in the near future may be a reality toward a more ubiquitous world.