3. Classification of Smart Cards

Due to the communication with the reader and functionality of smart cards, they are classified differently.

3.1. Contact vs Contactless

As smart cards have embedded microprocessors, they need energy to function and some mechanism to communicate, receiving and sending the data. Some smart cards have golden plates, contact pads, at one corner of the card. This type of smart cards are called Contact Smart Cards. The plates are used to supply the necessary energy and to communicate via direct electrical contact with the reader. When you insert the card into the reader, the contacts in the reader sit on the plates. According to ISO7816 standards the PIN connections are below:

      ,----,            ,----,
      | C1 |            | C5 |         C1 : Vcc = 5V      C5 : Gnd  
      '----'            '----'         C2 : Reset         C6 : Vpp
      ,----,            ,----,         C3 : Clock         C7 : I/O
      | C2 |            | C6 |         C4 : RFU           C8 : RFU
      '----'            '----'         
      ,----,            ,----,         
      | C3 |            | C7 |         
      '----'            '----'         
      ,----,            ,----, 
      | C4 |            | C8 | 
      '----'            '----' 
      

The readers for contact smart cards are generally a separate device plugged into serial or USB port. There are keyboards, PCs or PDAs which have built-in readers like GSM cell phones. They also have embedded readers for GSM style mini smart cards.

Some smart cards do not have a contact pad on their surface.The connection between the reader and the card is done via radio frequency (RF). But they have small wire loop embedded inside the card. This wire loop is used as an inductor to supply the energy to the card and communicate with the reader. When you insert the card into the readers RF field, an induced current is created in the wire loop and used as an energy source. With the modulation of the RF field, the current in the inductor, the communication takes place.

The readers of smart cards usually connected to the computer via USB or serial port. As the contactless cards are not needed to be inserted into the reader, usually they are only composed of a serial interface for the computer and an antenna to connect to the card. The readers for contactless smart cards may or may not have a slot. The reason is some smart cards can be read upto 1.5 meters away from the reader but some needs to be positioned a few millimeters from the reader to be read accurately.

There is one another type of smart card, combo card. A combo card has a contact pad for the transaction of large data, like PKI credentials, and a wire loop for mutual authentication. Contact smart cards are mainly used in electronic security whereas contactless cards are used in transportation and/or door locks.

3.2. Memory vs Microprocessor

The most common and least expensive smart cards are memory cards. This type of smart cards, contains EEPROM(Electrically Erasable Programmable Read-Only Memory), non-volatile memory. Because it is non-volatile when you remove the card from the reader, power is cut off, card stores the data. You can think of EEPROM, inside, just like a normal data storage device which has a file system and managed via a microcontroller (mostly 8 bit). This microcontroller is responsible for accessing the files and accepting the communication. The data can be locked with a PIN (Personal Identification Number), your password. PIN's are normally 3 to 8 digit numbers those are written to a special file on the card. Because this type is not capable of cryptography, memory cards are used in storing telephone credits, transportation tickets or electronic cash.

Microprocessor cards, are more like the computers we use on our desktops. They have RAM, ROM and EEPROM with a 8 or 16 bit microprocessor. In ROM there is an operating system to manage the file system in EEPROM and run desired functions in RAM.

              ----------------                       
             |  8 or 16 bit   |                      
  Reader <===| microprocessor |-----+                
              ----------------      |                
                                    |                 
                                    |---> RAM           
              NON-CRYPTOGRAPHIC     |                   
                    CARD            |---> ROM            
                                    |                    
                                    +---> EEPROM         
    
As seen in the diagram above all communication is done over the microprocessor, There is no direct connection between the memory and the contacts. The operating system is responsible for the security of the data in memory because the access conditions are controlled by the OS.

              ----------------             -------- 
             |  8 or 16 bit   |           | Crypto |
  Reader <===| microprocessor |-----------| Module |
              ----------------      |      --------
                                    |                
                                    |---> RAM        
                CRYPTOGRAPHIC       |                
                    CARD            |---> ROM        
                                    |                
                                    +---> EEPROM     

With the addition of a crypto module our smart card can now handle complex mathematical computations regarding to PKI. Because the internal clock rate of microcontrollers are 3 to 5 MHz, there is a need to add a component, accelerator for the cryptographic functions. The crypto-cards are more expensive than non-crypto smart cards and so do microprocessor card than memory cards.

Depending on your application you should choose right card.