{[ promptMessage ]}

Bookmark it

{[ promptMessage ]}

karppinen - PStoPDF trial version http/www.adultpdf.com...

Info icon This preview shows pages 1–3. Sign up to view the full content.

View Full Document Right Arrow Icon
Attacks related to the smart card used in electronic payment and cash cards Lauri Karppinen Laboratory of Telecommunications Software and Multimedia Helsinki University of Technology [email protected] Abstract A cash card is a small computer with a stored value representing cash or a set of digital cash units embedded into a small chip wrapped in plastic which is intended to be used like cash. In addition to traditional computer exploits these cards are also open for a wide range of new interesting attack possibilities against which there are no fully proof counter-measures. 1 Introduction Science fiction novels have for a long time intruduced us to the consept of cash chips and digital credit systems. Venerable physical cash has nevertheless endured to this day and is looking as strong as it did 500 years ago. Cash is simple, cash is universal and it works, which is a concept not very often appli- cable to computers. Achieving the same level of robustness, universality, anonymity and ultimately trust as cash is not an easy task but in order to replace cash smart cards must not only achieve this but also offer something that cash cannot. That something could be added convenience and lowered operating costs. This paper takes a quick peek at the robustness of current IC (Integrated Circuit)-cards, such as Mondex cards and cards used at Finnish universities and offers an overview on a range of attacks used against such card systems. 1.1 Terminology Smart card A smart card is a often credit-card sized plastic card embedded with an in- tegrated circuit chip which allows a vast amount of data to be stored on the card. An onboard microprocessor allows data to be accessed and processed on-chip. An internal module connects the IC chip into a card reader. Cardholder The cardholder is the person who physically has the smart card and the se- crets needed to use it. 1 PStoPDF trial version. http://www.adultpdf.com
Image of page 1

Info icon This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
HUT TML 2000 Tik-110.501 Seminar on Network Security Data owner is the entity (for example a bank or digital cash issuer) who owns the data embedded on the card. Terminal Terminal is the device used to access and manipulate the information on smart card eg. ATM machine, in-store digital cash register or a smart card reader equipped PC. Card issuer Card issuer originally issued the card and controls the OS running on the card as well as the initial data on the card. Electronic money Electronic money in this paper [18] refers to abstract units of tokens which represent single units of currency. They use cryptographic algorithms to en- sure uniqueness and to hamper cloning. Electronic money can be stored on a smart card but is not dependant on any physical media. 2 Benefits of cash/smard cards a.k.a. Why bother? Smart card technology offers numerous benefits all-around the information society. In the world of e-commerce smart cards reduce the handling and transaction costs by eliminating paper and numerous delays in handling papers. Some estimates quote an increase of 30% in revenue [5] due to lower maintenance costs of public phones, park meters and the like.
Image of page 2
Image of page 3
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern