Achieving security in integrated circuit card applications reality or desire?

Author

Sanchez-Reillo, Raul

Author_Institution

Univ. Carlos III, Madrid, Spain

Volume

17

Issue

6

fYear

2002

fDate

6/1/2002 12:00:00 AM

Firstpage

4

Lastpage

8

Abstract

It has always been claimed that smart cards provide a really high level of security, considering them as a tamper-proof device, with the possibility to auto-block some or all of the services it provides. Unfortunately, nowadays some hackers appear to have demonstrated the lack of security involved in some applications where Integrated Circuit Cards (ICC) have been used. This has led to the opinion that smart cards are not secure enough, and their security is only in the minds of the commercial companies involved with the technology. In this paper, the author explains the reasons why this hacking has succeeded. For example, sometimes memory cards have been used instead of smart cards, or very old smart cards have been issued and not renewed, or the development team involved has not used basic security techniques, such as diversified keys. The author also gives clues to achieve a high level of security depending on the final application, and the environment in which it is going to be used

Keywords

access control; security of data; smart cards; PayTV access; authentication; banking cards; card hacking; chip cards; embedded IC; identity verification; integrated circuit card applications; public telephony; security; smart cards; Application specific integrated circuits; Computer crime; Computer hacking; Integrated circuit technology; Operating systems; Plastics; Radiofrequency identification; Security; Smart cards; Telephony;

fLanguage

English

Journal_Title

Aerospace and Electronic Systems Magazine, IEEE

Publisher

ieee

ISSN

0885-8985

Type

jour

DOI

10.1109/MAES.2002.1010114

Filename

1010114