How can the SMART card help in new channels?

Download Report

Transcript How can the SMART card help in new channels?

How can the SMART card help in
new channels?
To Managing Finances Entertainment on
Securely and
Demand
Conveniently
To store
personal data
for
covenience
on-line
To Secure Virtual World
Shopping with Credit (Chip
SecureCode) or e-Cash
Earning and
redeeming
rewards with
Virtual
Merchants
Virtual Health,
Govt or other
Services
KILLER Applications
MULTOS
• The only OS
obtaining ITSEC(E6)
Very secure
• Multi-application
support
• Requires
Coprocessor for RSA
makes it expensive
MULTOS: The OPEN STANDARD
smart card operating system

MULTOS defines a standard
CHIP HARDWARE INDEPENDENT
Smart Card Operating System:
 Portable:
 Develop applications ONCE
and run on ANY MULTOS chip.
 Open:
 Develop in C or Java and
Compile. API FREELY
available.
MEL Editor
C Compiler
/ Translator
EMV
EMV
Application
A
PKI
Application
A
MULTOS API
MULTOS API
MULTOS VM
MULTOS VM
ROM
ROM
Infineon Silicon
E2PROM
PKI
E2PROM
 Highest Hardware and OS
Security Assurance:
 ITSEC E6 High
evaluated
 MULTOS SCHEME
facilitates management of
multiple applications
 Advanced Asymmetric
Cryptographic mechanism
Java Compiler
Renesas Silicon
Proprietary Smart Card
Operating Systems
Chip Hardware A
Data
Native
Native
EMV
EMV
Code
Code
Native
Loyalty
Code
Proprietary OS B
Chip Hardware B
ROM
Proprietary OS A
Data
E2
Native
Loyalty
Code
ROM
Native
EMV
Code
Data
E2
Data
Proprietary Chip OS developed in
“native” code - specific to underlying
silicon - to access chip functions.
OS often dedicated to performing a
single specific function – e.g. EMV

OS code is fixed in the ROM of the
chip, and cannot be changed after
the chip is made.

Limited number of programmers
able to make adaptations to
proprietary OS – impact on time to
market if changes / new functions
required.
 In order to multi-source silicon,
native code must be redeveloped
from scratch for new chip.

Chip Hardware A
Chip Hardware B
ALC( Application Load Certificate)
• Third party not able load applications
without prior permission card issuer
• The ALC is the digital certificate
accompanying software to be loaded
• Generated by Trusted third party called:
Multos Key Management Authority: KMA
• Card will only load or delete application if
ALC is valid
• The KMA generates the keys that
guarantee confidentiality of the application
loading process
• It securely produces MULTOS card Unique
issuer ID
• It securely generates unique public/private
key pair
What Is a Digital Signature ?
• Used To Establish Authenticity of
Electronically Transmitted messages
• Only one Smart Card Can Sign a
Document
• Every One Can Verify The Signature
• RSA algorithm is usually used to form a
cryptographic checksum which is
appended to the message
Digital Signature