It is a very familiar portable object with a rather long life cycle (3 to 10 years) and a light carbon footprint.
A realistic estimation of a credit card carbon footprint is about 150 grams of CO2eq.(equivalent to less than 1 mile done by car per card manufactured).
It has a low electric consumption (only seconds and when in use) and can be available en masse and at a very reasonable cost per unit.
At Thales, we encourage the use of organic and/or non-toxic alternative materials such as polylactic acid and recycled PVC for eco-friendly banking cards and polycarbonate for ID or health cards.
We also promote innovative climate-conscious programs such as the remarkable one from Doconomy.
Smart card dimensions and major standards
The ISO/IEC 7810 ID-1 standard defines, in particular, the usual size of an ID card.
The ID-1 size is 85.60 × 53.98 mm (3 3⁄8 in. × 2 1⁄8 in.) and rounded corners with a radius of 2.88–3.48 mm.
This format is used for PET, PVC, eco-friendly PLA, polycarbonate, or even full metal cards.
It is used for IDs, driver's licenses, and health cards in many countries.
Credit card dimensions (with or without a chip) are the same, with a thickness of 0,03 inches or 0,76 mm.
SIM cards have different formats: Standard SIM (15 x 25mm), Micro SIM (12 x 15mm), Nano-SIM (8.8 x 12.3mm), embedded SIM or eSIM (5x6 mm and 1 mm thick).
ISO/IEC 7816 is an international standard related to electronic identification cards with contacts, especially smart cards, managed jointly by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC).
Smart cards provide ways to securely identify and authenticate the holder and third parties who want to gain access to the card. For example, a PIN code or biometric data can be used for authentication.
They also provide a way to securely store data on the card and protect communications with encryption.
Smart cards provide a portable, easy-to-use form factor.
What are the benefits of a smart card?
Smart cards contain unique features that bring many benefits to both consumers and issuing organizations.
Smart cards provide:
Security (the physical layout of the chip is designed to be tamper-resistant, and a large portion of the operating-system code is dedicated to self-protection.)
Confidentiality (the card and its data are with you, and YOU decide what to do with them.)
Portability (you carry it in your wallet or phone.)
Convenience (a consequence of all the above)
Smart cards offer more security and confidentiality than other financial information or transaction storage vehicles, making them a perfect solution for e-commerce transactions.
As they include a tamper-resistant microprocessor, they have substantial processing power to protect the information, encrypt and execute instructions from specific programs. Here's where smart cards have a massive advantage over magstripe cards.
Can you imagine a portable vault?
You have it.
A smart card is a safe place to store valuable information such as private keys, account numbers, passwords, or personal information.
It's also a secure place to perform processes that one doesn't want to be exposed to the world, for example, performing a public key or private key encryption.
The benefit of the smart card is that you can verify the PIN or fingerprint securely, off-line.
From left to right:
online authentication access (with the US DoD smart badge - military CAC),
To begin with, magnetic stripe cards are definitively not smart cards.
Memory vs. microprocessor
Smart cards come in two varieties: memory and microprocessor.
Memory cards store data and can be viewed as a small USB memory stick with optional security. On the other hand, a microprocessor card can add, delete, and manipulate information in its memory on the card.
Like a miniature computer, a microprocessor card has an input/output port operating system and a hard disk with built-in security features such as encryption capabilities.
Contact vs. contactless
Smart cards have two different types of interfaces: contact and contactless.
Contact smart cards are inserted into a smart card reader, making physical contact with the reader.
However, contactless smart cards have an antenna embedded inside the card that enables communication with the reader without physical contact. You tap and pay.
Contactless is easy and convenient. It's a significant trend everywhere now due to the recent pandemic.
The COVID-19 outbreak has accelerated contactless payments thanks to their hygienic benefits, as Forbes revealed (11 May 2020).
The standard for contactless smart card communications is ISO/IEC 14443 and allows for communications up to 10 cm (3.9 in).
A combi card combines the two features with a very high level of security.
The use of smart cards has expanded each year to include applications in various markets and disciplines.
The information age has introduced various security and privacy issues for advanced smart card security applications in recent years.
Here are some smart card examples:
Businesses, the government, and healthcare organizations continue to move towards storing and releasing information via networks, Intranets, extranets, and the Internet.
These organizations are turning to smart cards to make this information readily available to those who need it while at the same time protecting the privacy of individuals and keeping their informational assets safe from hacking and other unwanted intrusions.
In this IT area, smart cards enable:
Secure login and authentication of users to PCs and networks,
Secure B2B and B2C e-commerce,
Storage of digital certificates, credentials, and passwords,
Encryption of sensitive data.
Subscribers using the Global System for Mobile communications (GSM) standard for mobile phones use smartcard technology as SIM cards. The smart card is inserted (removable SIM) or integrated (eSIM, M2M SIM) into the mobile handset or the M2M module.
Developers use the STK to define how the SIM card interacts with other applications. Read more on What is a SIM toolkit?
The card stores personal subscriber information and preferences that can be PIN code protected and transported from phone to phone. The SIM cards enable:
Secure subscriber authentication,
International roaming across networks,
Secure mobile value-added services.
SIM cards have been regularly evolving to deliver each new generation promise, from 2G to 5G (5G SIM).
Wireless providers benefit from reduced fraud thanks to the security offered by smart cards. With the advent of mobile services such as mobile commerce, Internet browsing, and information services, wireless providers rely on smart cards to act as the security mechanism to protect those services and ensure trust.
Smart cards also provide benefits for a host of business applications in both B2B and B2C environments. In addition, the smart card's portability and ability to be updated make it a technology well suited for connecting the virtual and physical worlds, as well as multi-partner card programs.
For online banking payments, new display cards are available. They come with an LCD and optionally with a keypad.
The cards store information, money, and/or applications that can be used for:
In Spain, Portugal, and Latin America, over 9 million university students use a Student Smart Card, developed by Banco Santander in 279 universities.
The University Card is an ID, an access card, a payment card, and a wallet.
The Algerian health program uses smart health cards for patients (here in a reader) and smart USB tokens (with a chip) for health professionals. Discover the benefits of health cards in universal health care systems.
An electronic ID (e-ID) card fulfills various roles: it acts as a traditional means of identification, as a travel document, and finally, as a passkey to citizen's data.
Many international regulations and standards have been established on e-ID, most of which are applied by States.
The public has become accustomed to computerized smart cards through their use in the banking system, and as a result, their reliability is no longer questioned.
National ID cards are now also being used to access an array of services that were previously difficult to synchronize.
The e-ID card (aka computerized National identity cards) can be used for identification and authentication and electronic signature. Thus, this system enables several previously complex information paths to be simplified.
It can be used as:
A representation of sovereign authority certifying that the holder is in a legitimate legal position to their national jurisdiction.
A means for citizens to access services and exercise their rights and duties to the public authorities.
A genuine seal of authenticity that the citizen can use to authenticate their actions regardless of the exchange formats and media used, since the data used to ensure security and trust also guarantee the legal validity of any transactions certified in this way.
Health and health insurance cards
Health cards, including a microprocessor, also act as a significant component of an IT system.
They identify the holder and their affiliation to an organization and verify their rights.
These cards are widely used. Every French and German citizen has a smart card for health insurance.
Unlike paper documents, which can easily be forged, these tamper-proof devices are challenging to reproduce or unlawfully manipulate.
Electronic and biometric passports
Migration to electronic passports has been in progress since 2005.
Over 1 billion e-passports are now in circulation, and more than 150 states have started issuing this new type of travel document in mid-2019.
The electronic passport integrates smart card technology with a microprocessor that stores a digital version of the ID photo and all of the ID data found on the paper passport's first page.
Is my passport an electronic one?
Yes, the symbol printed at the bottom of the front page indicates that the U.S. passport contains a microprocessor. They were first issued in 2006.
The ICAO (International Civil Agency Organization) 9303 standards have been vital for the international deployment of biometric identification and electronic data storage in so-called machine readable travel documents (MRTDs).
Why are other countries ahead of the U.S. in applying smart card technology?
Card issuers in different countries build their business case to justify smart cards' issuance for various reasons.
In the U.S., the fraud liability shift (EMV liability shift) ran into effect in late 2015 for POS devices and will apply in April 2021 for Automatic Fuel Dispensers.
In January 2021, over 72% of all credit card payments (card present) were done with an EMV card chip.
This figure is to be compared with 95%+ in Canada, Latin America, Europe, Asia, Africa, and the Middle East.
New markets will further help make smart cards widespread in North America.
Why are interoperability and standards crucial to the widespread adoption of smart cards?
Even though hundreds of smart card pilots exist worldwide, users may not take a card from one country or scheme and use it in another.
An industry-wide trend toward interoperability and open platforms is emerging, enabling developing cards and applications that will work together in open environments.
To do this, the industry must examine the business and technical issues surrounding the need for standardized interfaces between cards, terminals, and slots, which is the key to securing dramatic growth for the industry.
The International Organization for Standardization (ISO) has developed standards for smart cards.
These standards were developed for use by multiple industries.
Individual industries are now developing proprietary versions of these ISO standards to support their own specific smart card applications.
Members of the Forum and others design many standards to support and promote smart card standards.
What is a multiple application card?
A multiple application card is a smart card that can support different types of applications on the card itself, reducing the number of cards in the wallet.
For example, the Blue from American Express chip currently offers two applications: extra security when shopping online using a PC smart card reader and an online wallet and a ticketing application that verifies a Cardmember's ticket order.
Blue uses a multiple application operating system, and American Express plans to add other applications to the card's smart chip.
We can find other examples with the Estonian ID card (Identity, transport, voting...), the Malaysian ID card (Identity, micro-payment, transportation, driving license, health care, welfare...), the Portuguese ID card (identity, welfare, tax, healthcare, voting), the Belgian and Finnish ID (ID and health)...
Added value with multiple applications
Meanwhile, Visa's multiple application card strategies provide applications that add value to Visa's core credit and debit payment products.
A key component of Visa's multi-application offering is the flexible Open Platform technology. In addition to providing added application security through the use of 'firewalls' on the chip, the Open Platform allows for downloading new applications to the chip without reissuing the card.
Another multi-application program was conducted at Florida State University, where 40,000 smart cards were deployed, which featured students' identification, dormitory security, banking, and a wide range of stored value functions for food, payphone, photocopying, transportation, and vending services.
What is the cost of an average smart card?
Trying to respond to this question is like asking the cost of a car without defining whether it is a Volkswagen or a new Rolls Royce.
Let's be clear: the price of a smart card depends upon its capacity.
Why is reloadability essential to the development of smart cards vis-a-vis disposable cards?
There are markets for both disposable and reloadable cards.
Disposable cards work well for an event and as a collectible card.
If the card is a multiple application card supporting, for example, debit and credit and stored value, the customer would not want to throw this type of card away.
It would be more appropriate if the stored value application is reloadable. This process is sometimes called "post-issuance."
The Smart Card Alliance
The Smart Card Forum represents a diverse group of industries and government groups, many of whom have seemingly competing interests.
Is it possible that such a diverse group can work together productively?
Today, even competing entities agree that where new technologies are concerned, industry-wide efforts are required to build workable infrastructures and to develop compatible, interoperable, multi-use systems.
This effort cannot be accomplished, on any meaningful scale, by individual players acting in their own interests.
To date, the Forum has been highly successful in fostering communications across industries and the public sector and in encouraging various trials that demonstrate the viability of smart card-based payment and information systems.
Now it's your turn
What do you think?
If you've something to say on smart cards, a question to ask, or have found this article useful; please leave a comment in the box below. We'd also welcome any suggestions on how it could be improved or proposals for future papers.