Want to know more about smart cards?

Then you're in the right place.

Smart card

Ever thought about how that tiny piece of plastic in your wallet or phone can unlock a world of finances, identity, and communication? 

Join us as we dive into the captivating story of smart cards and discover how they've seamlessly woven into the fabric of our everyday lives.

In this dossier, you'll discover critical facts about smart cards:

  • What is a smart card?
  • Smart card markets, size, and value
  • A short history of smart cards
  • What are the features and benefits of smart cards?
  • Smart card use cases: payment, IDs, mobile telephony, health...
  • The crucial role of standards
  • What is a multiple application card?
  • What is the cost of a smart card?

What is a smart card?

Let's start with a definition: a smart card is a small portable computer, usually the size of a credit card, without a display and a keyboard.

It integrates a microprocessor, some memory, and some apps. 

The circular metal contact is vital to connect to the chip below and activate the card electrically.

It's used with a contact or contactless card reader (POS for payments, at the ATM, or even on your mobile phone).

Why? 

The card reader (or mobile phone) brings the 3V or 1.8 voltage to activate the chip.

Smart cards offer enhanced security and convenience, making them ideal for various applications, including secure transactions, access control, and identification purposes.

30 to 50B smart cards in circulation today

In the form of credit cards and SIM cards, smart cards are the most common form of IT processing power on the planet. 

It is estimated that between 30 to 50B smart cards are in circulation today.

The smart card has a microprocessor or memory chip with the processing power to serve many different applications when coupled with a smart card reader.

In the last three decades, these tools, more than any other technology, have quietly taken us all into a virtual world.

  • Smart credit cards mediate daily transactions worth trillions of dollars.
  • SIM cards facilitate billions of conversations that connect our social and economic worlds.
  • As an access-control device, smart cards (company badges, university IDs) make personal and business data available only to the appropriate users.
  • As a National eID card, smart health card, residence permit, or electronic passport, smart card technology offers more robust identification and authentication tools for both authorities' and citizens' benefits.
  • This technology, such as a driver's license or a tachograph card, contributes to road safety.
 

Over 10B smart cards shipped in 2022

According to the 11 February 2023 Eurosmart forecasts, smart card markets will probably exceed 10 billion units in 2022. 

The overall market was stable in 2022 and reflected a mature market.

A flattish but stable market is expected for 2023 with a +0,2% growth.

2022 market share 

  • Telecom: Telecom (SIM cards) accounts for 43% of the market. Mobile Device Manufacturers reach 5.0%
  • Financial Services (payments and banking cards) for 44.6%
  • Government & Healthcare (eIDS and e-passports) for 5.3%
  • Transport: 2.2%

Significant trends in 2022 (updated)

  • Telecom: Eurosmart predicts 4.5 billion units of rSIM and eSIM shipped, with eSIM showing double-digit growth. The telecom segment may decline slightly due to a constrained environment and consumer uncertainty.
  • Mobile device manufacturers: A 6% growth is expected, reaching 520 million units, driven by contactless secure element payment features.
  • Financial services: A slight decline of 0.6% is foreseen due to a constrained environment. However, contactless adoption continues to grow, with 81% of global shipments estimated to be contactless cards in 2022.
  • Government and healthcare: The market will grow in 2022, reaching 550 million units, driven by contactless features in identity documents and health cards.
  • Transport: An increase in demand in 2022 is confirmed, with 225 million units expected to be reached.
  • Sustainability: The take-off of sustainable cards in 2022 is a significant driver, with an estimated 350 million payment cards and SIM cards using sustainable materials.

2023 forecasts by markets

  • Telecom: A flattish but stable market with a 0.2% growth is expected. 
  • Mobile device manufacturers: A growth of 3.8% is predicted, with 540 million units shipped.
  • Financial services: A 3.7% growth is expected, reaching 3.35 billion units, driven by the continued increase in contactless adoption.
  • Government and healthcare: Market volumes are expected to reach 575 billion units shipped, representing a 4.5% YoY growth, thanks to accelerated digitalization and public policies.
  • Transport: An 11% growth in demand is expected, driven by factors like fuel prices, urbanization, and sustainability concerns.
  • Sustainability: Further progression of sustainable payment cards and SIM cards is expected during 2023.

 

A $17B market in 2026

According to Markets and Markets' recent research report, the smart card market value is expected to reach $16.9 billion by 2026.

Currently, smart cards and card readers account for more than 75% of the market.

The related market for software comprises management system software and databases. In addition, consulting, support, and maintenance services are also crucial.

The Asia Pacific is forecast to take the largest share of the market, as reported by the same study.

  • Gemalto (now part of THALES), Giesecke and Devrient, and IDEMIA (formerly Oberthur Technologies and Morpho) are prominent players in these markets.
  • Major smart card microprocessor vendors are Infineon Technologies, NXP Semiconductors, Samsung, and STMicroelectronics.

The Mordor Intelligence market study, excluding readers and services, sizes the smart card market at USD 8.14B in 2019 and 11.50B by 2025.

What is the history of smart cards?

Roland Moreno patented the memory card in 1974.

By 1977, three commercial manufacturers, Bull CP8, SGS Thomson, and Schlumberger, started developing smart card products. 

In March 1979, Michel Hugon from Bull CP8 was the first to design and develop a microprocessor-based card combining a processor and local memory. He invented the computerized smart card.

  • 1979: early developments in the banking sector
  • 1995: first SIM cards
  • 1999: first national eID card (Finland ID)
  • 1999: first smart cards for transport
  • 2001: The Department of Defense first issued Military CAC credentials for physical access control and secured logical authentication
  • 2003: Micro-SIM launched
  • 2003: Chip and PIN cards began to be issued in the UK.
  • 2005: first ICAO-compliant electronic passport (Norway passport)
  • 2010: Smart credit cards arrived in the US.
  • 2012: Nano-SIM introduced
  • 2018: first biometric contactless payment card, eSIM, launched (thickness is <1 mm or 0.039 in)
  • 2019 First 5G SIM available
  • 2021 First voice payment card launched
  • 2023 First GSMA-certified iSIM 

Smart card technology

 

About smart cards and Green I.T. technologies

Smart card technology is an ideal Green I.T. tool. 

It is a familiar portable object with a long life cycle (3 to 10 years) and a light carbon footprint.

A realistic credit card carbon footprint estimation is about 150 grams of CO2eq.(equivalent to less than 1 mile done by car per card manufactured).

There's more.

It has a low electric consumption (only seconds and when in use) and can be available en masse at a very reasonable cost per unit.

At Thales, we encourage using organic or non-toxic alternative materials such as polylactic acid and recycled PVC for eco-friendly banking cards and polycarbonate for ID or health cards.

We also promote innovative climate-conscious programs such as the remarkable one from Doconomy and the fight against marine plastic pollution.

Visit our page on Parley Ocean Plastic and American Express.

 

Smart card dimensions and major standards

The ISO/IEC 7810 ID-1 standard defines, in particular, the usual size of an ID card.

The ID-1 size is 85.60 × 53.98 mm (3 3⁄8 in. × 2 1⁄8 in.) and rounded corners with a 2.88–3.48  mm radius.

This format is used for PET, PVC, eco-friendly PLA, polycarbonate, or total metal cards.

  • Many countries use it for IDs, driver's licenses, and health cards.
  • Credit card dimensions (with or without a chip) are the same, with a thickness of 0,03 inches or 0,76 mm.
  • SIM cards have different formats: Standard SIM (15 x 25mm), Micro SIM (12 x 15mm), Nano-SIM (8.8 x 12.3mm), embedded SIM or eSIM (5x6 mm and 1 mm thick).

ISO/IEC 7816 is an international standard for electronic identification cards with contacts, especially smart cards, managed jointly by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC).

ISO/IEC 14443 defines the standard for contactless cards.

 

What are the features of a smart card?

Smart cards provide ways to securely identify and authenticate the holder and third parties who want access to the card. For example, a cardholder can use a PIN code or biometric data for authentication.

They also provide a way to securely store data on the card and protect communications with encryption.

To know more about encryption, visit our dossier on the history of cryptography.

Smart cards provide a portable, easy-to-use form factor.

Technical features of a smart-chip card: overview

Feature

Description

Memory Capacities

- EEPROM: up to 128 KB (non-volatile)

 

- Flash memory: up to a few MB (non-volatile)

 

- RAM: up to 256 KB (volatile)

Microprocessors

- 8-bit, 16-bit, or 32-bit microprocessors

 

- Common manufacturers: Infineon Technologies, NXP Semiconductors, Samsung, STMicroelectronics

Operating Systems

- Java Card, MULTOS, proprietary OSs

Communication Interfaces

- Contact: ISO/IEC 7816 standard

 

- Contactless: ISO/IEC 14443 or ISO/IEC 15693 standards

 

- Dual-interface: Both contact and contactless interfaces

Data Encryption

- AES (Advanced Encryption Standard)

 

- DES (Data Encryption Standard) and Triple DES (3DES)

 

- RSA (Rivest-Shamir-Adleman)

 

- ECC (Elliptic Curve Cryptography)

Digital Signatures

- RSA

 

- DSA (Digital Signature Algorithm)

 

- ECDSA (Elliptic Curve Digital Signature Algorithm)

Cryptographic Protocols

- TLS (Transport Layer Security)

 

- SSL (Secure Sockets Layer)

 

What are the benefits of a smart card?

Smart cards contain unique features that benefit both consumers and issuing organizations.

Smart cards provide:

  • Security (the physical layout of the chip is designed to be tamper-resistant, and a large portion of the operating-system code is dedicated to self-protection.)
  • Confidentiality (the card and its data are with you, and YOU decide what to do with them.)
  • Portability (you carry it in your wallet or phone.)
  • Convenience (a consequence of all the above)

Smart cards offer more security and confidentiality than other financial information or transaction storage vehicles, making them a perfect solution for e-commerce transactions.

As they include a tamper-resistant microprocessor, they have substantial processing power to protect the information and encrypt and execute instructions from specific programs. Here's where smart cards have a massive advantage over magstripe cards.

Can you imagine a portable vault? 

You have it.

A smart card is a safe place to store valuable information such as private keys, account numbers, passwords, or personal information.

It's also a secure place to perform processes that one doesn't want to be exposed to the world, for example, performing a public key or private key encryption. 

The benefit of the smart card is that you can verify the PIN or fingerprint securely offline.

Smart card technology

Different types of smart cards, from left to right:

  • online authentication access (with the US DoD smart badge - military CAC),
  • secure transaction with an EMV card (with a biometric sensor), 
  • strong identification with your national ID card.

What are the types of smart cards?

To begin with, magnetic stripe cards are definitively not smart cards.

Memory vs microprocessor

Smart cards come in two varieties: memory and microprocessor (smart chip).

Memory cards store data and can be viewed as small USB memory sticks with optional security. On the other hand, a microprocessor card can add, delete, and manipulate information in its memory on the card.

Like a miniature computer, a microprocessor card has an input/output port operating system and a hard disk with built-in security features like encryptions.

Contact vs contactless

Smart cards have two different types of interfaces: contact and contactless. 

Contact smart cards are inserted into a smart card reader, making physical contact with the reader.

However, contactless smart cards have an embedded antenna inside the card, enabling communication with the reader without physical contact. You tap and pay.

Contactless is easy and convenient. It's a significant trend everywhere now due to the recent pandemic.

 

The COVID-19 outbreak has accelerated contactless payments thanks to their hygienic benefits, as Forbes revealed (11 May 2020). 

The standard for contactless smart card communications is ISO/IEC 14443 and allows for communications up to 10 cm (3.9 in).

A combi card combines the two features with a very high level of security.

Do you want to know why contactless is safe?

 

How are smart cards used?

The use of smart cards has expanded each year to include applications in various markets and disciplines.

The information age has recently introduced various security and privacy issues for advanced smart card security applications.

Here are some smart card examples:

Information Technology

Businesses, the government, and healthcare organizations continue to move towards storing and releasing information via networks, Intranets, extranets, and the Internet. 

These organizations are turning to smart cards to make this information readily available to those who need it while at the same time protecting the privacy of individuals and keeping their informational assets safe from hacking and other unwanted intrusions.

In this IT area, smart cards enable:

  • Secure login and authentication of users to PCs and networks,
  • Secure B2B and B2C e-commerce,
  • Storage of digital certificates, credentials, and passwords,
  • Encryption of sensitive data.

Mobile Telecommunications

Using the Global System for Mobile Communications (GSM) standard for mobile phones, subscribers use smartcard technology as SIM cards.

The smart card is inserted (removable SIM) or integrated (eSIMM2M SIM) into the mobile handset or the M2M module.

Read more on What is an eSIM card?

Developers use the STK to define how the SIM card interacts with other applications.

Read more on  :

What is a SIM toolkit?

Understanding Soft SIM and Cloud SIM 

 
The card stores personal subscriber information and preferences that can be PIN code protected and transported from phone to phone. The SIM cards enable:
  • Secure subscriber authentication,
  • International roaming across networks,
  • Secure mobile value-added services.
SIM cards have regularly evolved to deliver each new generation promise, from 2G to 5G (5G SIM).
 
Wireless providers benefit from reduced fraud thanks to the security offered by smart cards.
 
With the advent of mobile services such as mobile commerce, Internet browsing, and information services, wireless providers rely on smart cards to act as the security mechanism to protect those services and ensure trust.
 
With the 5G rollout, security becomes even more critical. 

Commercial Applications

Smart cards also benefit many business applications in B2B and B2C environments. In addition, the smart card's portability and ability to be updated make it a technology well-suited for connecting the virtual and physical worlds and multi-partner card programs.

For online banking payments, new display cards are available. They come with an LCD and optionally with a keypad.

The cards store information, money, and applications that can be used for:

  • Banking/payment
  • Loyalty and promotions
  • Access control
  • Identification
  • Ticketing
  • Parking and toll collection

The EMV payment standard had a powerful impact on smart payments worldwide. 

 

 Is a bank card a smart card? Yes, in most countries, credit and debit cards integrate a microprocessor with the EMV standard.

 
No matter which payment method is used, EMV affords the added security of credit cards remaining in the cardholder's possession throughout the entire transaction.
 
With EMV, the computer chip inside the credit card is an active part of the transaction, unlike the magstripe, which is passive.

As of late 2015, all major U.S. payment brands moved from magnetic stripe cards to the global standard for payments, chip-based EMV cards.

 
In India, the Reserve Bank of India set the EMV migration deadline for bank cards for 31 December 2018.
 
Over 12 billion EMV payment cards are in circulation worldwide as of 2022, according to EMV Co. 
 
Learn more on EMV in 3 minutes with our EMV chip web dossier.
 
There's more.
 

Multiple applications can be stored on the card, enabling partnering on card programs and providing added convenience to the cardholder. (Payment, loyalty, transport, eID, electronic signature...)

Biometrics can be added to the payment cards. Read our dossier: the case of the biometric banking card.

In Spain, Portugal, and Latin America, over 9 million university students use a Student Smart Car, developed by Banco Santander in 279 universities. 

The University Card is an ID, an access card, a payment card, and a wallet.

Digital money issued by Central banks could soon leverage payments offline  (smartphones and other offline devices such as banking cards), as evidenced by our recent studies. These new digital currencies could be accessible to the general public.

This is not the case for private crypto-currencies.

Smart card for health

The Algerian health program uses smart health cards for patients (here in a reader) and smart USB tokens (with a chip) for health professionals. Discover the benefits of health cards in universal health care systems.
 

Electronic IDs 

An electronic ID (e-ID) card fulfils various roles: it acts as a traditional means of identification, as a travel document, and finally, as a passkey to citizens' data.

Many international regulations and standards have been established on e-ID, most of which are applied by States.

The public has become accustomed to computerized smart cards through their use in the banking system, so their reliability is no longer questioned.

National ID cards are now also being used to access an array of services that were previously difficult to synchronize.

The e-ID card (aka computerized National identity card) can be used for identification, authentication, and electronic signature. Thus, this system enables several previously complex information paths to be simplified.

It can be used as:

  • A representation of sovereign authority certifying that the holder is in a legitimate legal position to their national jurisdiction.
  • A means for citizens to access services and exercise their rights and duties to the public authorities.
  • A genuine seal of authenticity that the citizen can use to authenticate their actions regardless of the exchange formats and media use since the data used to ensure security and trust also guarantee the legal validity of any transactions certified in this way.

Health, health insurance and welfare cards

Health cardsincluding a microprocessor, also act as a significant component of an IT system. 

They identify the holder and their affiliation to an organization and verify their rights. 
 
These cards are widely used. Every French and German citizen has a smart card for health insurance.
 
Unlike paper documents, which can easily be forged, these tamper-proof devices are challenging to reproduce or unlawfully manipulate.
 

Smart Card India initiative was launched in India in the early 2000s.

In Andhra Pradesh, a state in southeast India, the government began to use smart cards to distribute welfare.

The government planned to use smart cards for a variety of initiatives; however, they focused on two social welfare enterprises. The Social Security Pensions (SSP) provides monthly allowances to the disabled and elderly, and the Mahatma Gandhi National Rural Employment Scheme (NREGS) ensures rural households a hundred days of paid employment every year.

The results?

The Smart Card India initiative has lowered transaction time, decreased leakages, and augmented beneficiary gratification.

Innovative technology, such as smart cards, has the potential to improve future welfare programs.

 

Electronic and biometric passports

Migration to electronic passports has been in progress since 2005. 

 
Over 1,2 billion e-passports are now in circulation, and more than 150 states have started issuing this new type of travel document in 2021.

The electronic passport integrates smart card technology with a microprocessor that stores a digital version of the ID photo and all the ID data on the paper passport's first page.

Electronic passport

Is my passport an electronic one?

Yes, the symbol printed at the bottom of the front page indicates that the US passport contains a microprocessor. They were first issued in 2006. 

The ICAO (International Civil Agency Organization) 9303 standards have been vital for the international deployment of biometric identification and electronic data storage in so-called machine-readable travel documents (MRTDs).

 

Why are other countries ahead of the US in applying smart card technology?

For various reasons, card issuers in different countries build their business case to justify smart cards' issuance. 

In the US, the fraud liability shift (EMV liability shift) occurred in late 2015 for POS devices and will apply in April 2021 for Automatic Fuel Dispensers. 

In June 2021, over 77% of all credit card payments (card present) were done with an EMV card chip. 

This figure will be compared with 95%+ in Canada, Latin America, Europe, Africa, and the Middle East.

New markets will further help make smart cards widespread in North America. 

 

Why are interoperability and standards crucial to the widespread adoption of smart cards?

Even though hundreds of smart card pilots exist worldwide, users may not take a card from one country or scheme and use it in another.

An industry-wide trend toward interoperability and open platforms is emerging, enabling the development of cards and applications that will work together in open environments.

To do this, the industry must examine the business and technical issues surrounding the need for standardized interfaces between cards, terminals, and slots, which is the key to securing dramatic growth for the industry.

The International Organization for Standardization (ISO) has developed standards for smart cards. 

PC/SC technology is a valuable asset too.

These standards were developed for use by multiple industries.

Individual industries are now developing proprietary versions of these ISO standards to support specific smart card applications.

Members of the Forum and others design many standards to support and promote smart card standards.

 

What is a multiple application card?

A multiple-application card is a smart card that can support different applications on the card itself, reducing the number of cards in the wallet. 

For example, the Blue from American Express chip offers two applications: extra security when shopping online using a PC smart card reader, an online wallet, and a ticketing application that verifies a Cardmember's ticket order.

Blue uses a multiple-application operating system, and American Express plans to add other applications to the card's smart chip.

We can find other examples with the Estonian ID card (Identity, transport, voting...), the Malaysian ID card (Identity, micro-payment, transportation, driving license, health care, welfare...), the Portuguese ID card (identity, welfare, tax, healthcare, voting), the Belgian and Finnish ID (ID and health)...

 

Added value with multiple applications

Meanwhile, Visa's multiple application card strategies provide applications that add value to Visa's core credit and debit payment products. 

The flexible Open Platform technology is critical to Visa's multi-application offering.

In addition to providing added application security through 'firewalls' on the chip, the Open Platform allows downloading new applications without reissuing the card.

Another multi-application program was conducted at Florida State University, where 40,000 smart cards were deployed, which featured students' identification, dormitory security, banking, and a wide range of stored value functions for food, payphone, photocopying, transportation, and vending services.

 

What is the cost of an average smart card?

Trying to respond to this question is like asking the cost of a car without defining whether it is a Volkswagen or a new Rolls Royce.

Let's be clear: the price of a smart card depends upon its capacity.

 

Why is reloadability essential to the development of smart cards vis-a-vis disposable cards?

There are markets for both disposable and reloadable cards.

Disposable cards work well for an event and as a collectable card.

If the card is a multiple application card supporting, for example, debit and credit and stored value, the customer would not want to throw this type of card away. 

It would be more appropriate if the stored value application is reloadable. This process is sometimes called "post-issuance."

 

The Smart Card Alliance

The Smart Card Forum represents diverse industries and government groups, many of whom have seemingly competing interests.

Is it possible that such a diverse group can work together productively?

Today, even competing entities agree that where new technologies are concerned, industry-wide efforts are required to build workable infrastructures and develop compatible, interoperable, multi-use systems.

On any meaningful scale, this effort cannot be accomplished by individual players acting in their interests. 

To date, the Forum has been highly successful in fostering communications across industries and the public sector and encouraging various trials demonstrating the viability of smart card-based payment and information systems.

 

Now it's your turn

What do you think?

If you've something to say on smart cards, a question to ask, or have found this article interesting, please leave a comment in the box below. We'd also welcome any suggestions on how it could be improved or proposals for future papers.

We look forward to hearing from you.