smart cards and biometrics are considered to be what type of access control?
What is a smart card?
A smart card is a physical card that has an embedded integrated fleck that acts as a security token. Smart cards are typically the aforementioned size as a driver's license or credit carte and can be made out of metallic or plastic. They connect to a reader either past direct physical contact -- too known equally chip and dip -- or through a curt-range wireless connectivity standard such equally radio-frequency identification (RFID) or near-field communication.
The chip on a smart bill of fare can be either a microcontroller or an embedded memory bit. Smart cards are designed to be tamper-resistant and use encryption to provide protection for in-memory data. Cards with microcontroller chips can perform on-menu processing functions and manipulate information in the chip's retentiveness.
Smart cards are used for a multifariousness of applications simply are almost commonly used as credit cards and other payment cards. The payment menu industry's back up of smart cards for the Europay, Mastercard and Visa (EMV) bill of fare standard has driven the distribution of smart cards. Smart cards capable of brusque-range wireless connectivity can be used for contactless payment systems. They tin can also be used as tokens for multifactor authentication (MFA).
International standards and specifications cover smart card applied science. Some of those standards and specs are industry-specific applications. In the United States, smart carte technology conforms to international standards -- International Organization for Standardization/International Electrotechnical Commission 7816 and ISO/IEC 14443 -- backed by the Secure Applied science Alliance.
The first mass use of smart cards was Télécarte, a phone card for payment in French pay phones, launched in 1983. Smart cards are now ubiquitous and take largely replaced magnetic stripe -- as well known as mag stripe -- carte du jour engineering science, which but has a capacity of 300 bytes of nonrewriteable memory and no processing capability.
How smart cards work
Smart card microprocessors or memory chips exchange information with card readers and other systems over a serial interface. The smart carte itself is powered by an external source, unremarkably the smart carte du jour reader.
Smart cards communicate with readers via direct physical contact or using RFID or some other short-range wireless connectivity standard. The chip or processor on the card contains data that the bill of fare reader accesses. The processor on the card contains a bones operating system (OS) that lets the card concur, transmit and protect the data.
The card reader passes information from the smart bill of fare to its intended destination, normally a payment or authentication organization, over a network connection.
Uses of smart cards
Smart cards are mostly used in applications that must evangelize fast, secure transactions. They can protect personal information in numerous situations, including the following:
- credit cards;
- other types of payment cards;
- corporate and authorities identification cards;
- transit fare payment cards; and
- east-documents, such as electronic passports and visas.
Smart cards, such every bit debit cards, are often used with a personal identification number (PIN). Organizations also utilize them for security purposes, equally MFA tokens and for authenticating single sign-on (SSO) users and enabling passwordless authentication.
Types of smart cards
Smart cards are categorized based on criteria such every bit how the carte du jour reads and writes data, the type of chip used and its capabilities. They include the following types:
- Contact smart cards are the nearly common type of smart bill of fare. They are inserted into a smart card reader that has a direct connection to a conductive contact plate on the surface of the card. Commands, data and card condition are transmitted over these physical contact points.
- Contactless cards require only shut proximity to a card reader to be read; no direct contact is necessary. The card and the reader are both equipped with antennae and communicate using radio frequencies over a contactless link. The antennae are often a copper wire that wraps around the border of the card.
- Dual-interface cards are equipped with both contactless and contact interfaces. This type of menu enables secure access to the smart card'southward chip with either the contactless or contact smart carte interfaces.
- Hybrid smart cards incorporate more than one smart carte technology. For example, a hybrid smart carte du jour might take an embedded processor scrap that is accessed through a contact reader and an RFID chip for proximity connection. The dissimilar chips may exist used for different applications linked to a single smart card -- for example, when a proximity chip is used for physical access control to restricted areas and a contact bit is used for SSO authentication.
- Retentiveness smart cards just contain retentivity chips and tin but store, read and write data to the chip. The data on these cards can be overwritten or modified, but the card itself is not programmable. So, data can't be processed or modified programmatically. These cards can be read-merely and used to store data such every bit a PIN, password or public key. They tin also be read-write and used to write or update user data. Memory smart cards can be configured to be rechargeable or disposable, in which case the data they contain can only be used once or for a express fourth dimension before beingness updated or discarded.
- Microprocessor smart cards accept a microprocessor embedded onto the chip, in add-on to memory blocks. A microprocessor card may as well incorporate specific sections of files where each file is associated with a specific part. The data in the files and the memory allocation are managed with a smart card OS. This type of card can be used for more than than one office and unremarkably enables adding, deleting and otherwise manipulating data in memory.
Smart cards tin also be categorized by their awarding, such as credit carte du jour, debit carte, entitlement or other payment card, authentication token so on.
Advantages of smart cards
Smart cards offer several advantages, such as these:
- Stronger security. Smart cards provide a higher level of security than magnetic stripe cards considering they contain microprocessors capable of processing data straight without remote connections. Even retentivity-only smart cards tin be more secure because they can store more hallmark and account data than traditional mag stripe cards. Smart cards are generally safe against electronic interference and magnetic fields, unlike magnetic stripe cards.
- Data persistence. Once information is stored on a smart card, information technology can't exist hands deleted, erased or altered. That is why smart cards are good for storing valuable data that should not be reproduced. However, applications and information on a carte tin be updated through secure channels, so issuers practice not have to consequence new cards when an update is needed.
- Multiple uses. Multiservice smart carte systems let users admission more than than one service with 1 smart carte du jour.
Disadvantages of smart cards
While smart cards have many advantages, in that location besides drawbacks, including the following:
- Toll. The cards and the smart card readers tin can be expensive.
- Compatibility. Not all smart card readers are compatible with all types of smart cards. Some readers utilise nonstandard protocols for data storage and card interface, and some smart cards and readers use proprietary software that is incompatible with other readers.
- Security vulnerabilities. Smart cards are secure for many applications, but they are still vulnerable to sure types of attack. For case, attacks that tin recover data from the fleck can target smart card technology. Differential ability analysis (DPA) tin can be used to deduce the on-chip private primal used by public central algorithms, such as the Rivest-Shamir-Adleman (RSA) algorithm. Some implementations of symmetric ciphers are vulnerable to timing attacks or DPA. Smart cards may also be physically disassembled in order to gain admission to the onboard microchip.
Examples of smart cards
Examples of smart card applications include the following:
- Payment cards, including debit and credit cards issued past commercial credit carte du jour companies and banks, are used for fiscal transactions.
- Electronic benefits transfer cards are used for distribution of government benefits, such as the U.S. Supplemental Nutrition Assistance Program.
- Transit cards permit local and regional transit systems process payments, as well as give riders points on their purchases.
- Admission command cards enable schools, companies and government entities to control admission to physical locations.
- Smart health cards help medical facilities securely store patient medical records.
- SIM cards, used inside of digital cameras and smartphones, store media and other data.
Future of smart menu engineering science and applications
Smart cards are ubiquitous in the payment card industry, and they are widely used for business applications. They are likely to become a common alternative to passwords for authentication. It is likewise probable that the standard, wallet-sized smart carte du jour will exist replaced with a smaller alternative.
As the financial industry changes, so volition smart card uses and applications. Every bit blockchain technology gains traction, smart cards are showtime to exist used every bit wallets and payment cards for cryptocurrencies.
Security is a key benefit of smart cards. The technology makes it difficult to take personal credentials directly from the concrete menu. Unfortunately, cybercriminals take myriad ways of attaining this information. Learn how cybercriminals steal credit carte du jour information in the age of smart cards.
This was last updated in December 2021
Go on Reading About smart carte du jour
- 5 PCI DSS all-time practices to improve compliance
- The ultimate guide to cybersecurity planning for businesses
- 10 cybersecurity best practices to protect your business
- SASE identity policies enhance security and access control
- How to safely stop unnecessary Windows 10 services
Dig Deeper on Identity and access management
-
contactless payment
-
menu dipping (EMV menu dipping)
-
U.s. retailer Staples investigates possible data breach
-
MasterCard develops biometric authentication card
Source: https://www.techtarget.com/searchsecurity/definition/smart-card
0 Response to "smart cards and biometrics are considered to be what type of access control?"
Kommentar veröffentlichen