Previous Table of Contents Next


High-Level Design

The Smart Shopper smart card program consists of the following major system components:

  A Smart Shopper smart card. This card contains Smart Commerce Solutions program administration and security data, cardholder personal data, and merchant-specific programs for each of a number of merchants. The master file of the Smart Shopper smart card contains a file for card administration information, a file for personal data of the cardholder, and a subdirectory of a fixed size for each merchant program. Each merchant directory contains the files needed to implement the schemes selected by the merchant.
  A program library. This library includes a number of prebuilt and canned loyalty schemes that the merchants participating in the Smart Shopper program can use to define their individual loyalty programs. In order to encourage the creation of merchant-specific extensions to the Smart Shopper smart card program, Smart Commerce Solutions provides to every participating merchant a high-level application program interface and program library to facilitate the building of Smart Shopper card application programs. This program library can be used to build applications that run on standalone kiosks, that are networked with existing business systems, or that work in tandem with World Wide Web servers.
  The Smart Shopper Web site. This site, run by Smart Commerce Solutions Inc., lets customers examine their smart cards from their homes or offices and edit personal data fields. The Smart Shopper Web site provides information and interactive applications for both customers and merchants. Customers can review the contents of their card and update personal information files. Merchants can use interactive utilities at the site to allow customers to update merchant-specific data on the card. Web merchants can send their customers to the site to download their loyalty program into customers’ cards.

File Layout

The overall data architecture of the five-merchant Smart Shopper card is shown in Figure 10.1. The master file contains Smart Commerce Solutions administrative data, cardholder personal data, and a subdirectory for each of the five merchant programs on the card.


Figure 10.1.  File layout of the Smart Shopper card.

The Smart Commerce Solutions administrative data file is used primarily for security purposes. Among other things, it contains a directory of the currently active merchant programs on the card.

The cardholder personal data file is under the control of the cardholder and could, for example, contain names, telephone numbers, billing and shipping addresses, and payment information, such as credit account numbers.

Each merchant directory contains an external authentication file with the keys that the merchant uses to administer the security of his own loyalty program. Each merchant directory also contains one or more loyalty schemes which define the merchant’s loyalty program. These schemes are provided in a general form by Smart Commerce Solutions Smart Shopper card and are particularized by Smart Commerce Solutions to the needs and requirements of each merchant.

The Master File

The master file (3F0016) on the five-merchant Smart Shopper card contains the following files:

  Serial number file (000216)
  PIN file (000016)
  External authentication file (001116)
  Internal authentication file (000116)
  Cardholder personal data (020016)
  Smart Commerce Solutions card administration file (010016)
  Merchant #1 directory (100016)
  Merchant #2 directory (200016)
  Merchant #3 directory (300016)
  Merchant #4 directory (400016)
  Merchant #5 directory (500016)

The serial number, PIN, and external and internal authentication files are discussed in Chapter 5, “The Schlumberger Multiflex Smart Card.” The personal identification number in the PIN file is what the cardholder enters to identify herself to the card; it is what the card uses to ensure that it is being held by the authentic cardholder. The external and internal authentication files contain keys that are used by Smart Commerce Solutions to provide security for its administrative functions and data.

A merchant directory (x00016) always contains the merchant external authentication file (001116), which contains the keys that the merchant uses to administer security on this loyalty program. A merchant directory also contains one or more of the loyalty schemes provided by Smart Commerce Solutions.

The Cardholder Personal Data File

The cardholder personal data file is a fixed-length record file consisting of 20 records of 24 bytes each. Each record starts with four ASCII characters, which name the cardholder data value contained in the record; that is, NAME for name, SHAD for shipping street address, and so on. These four characters are followed immediately in the record by up to 20 ASCII characters which comprise the data value itself. Here’s an example:

NAMESally Green
HTEL1 617 484 0391
OTEL1 617 484 3307
SHADOne Main Street
SHCTCambridge
SHSTMassachusetts
SHZP02142

The names of all the possible values in the cardholder personal data file, NAME, HTEL, and so on, are standardized by Smart Commerce Solutions so that all the merchants participating in the program can use them. A cardholder is not obliged to enter any values in the personal data file and may enter only those values she is comfortable with providing to the program merchants.

The Smart Commerce Solutions Card Administration File

The Smart Commerce Solutions card administration file contains, among other things, a registry of all active merchant programs currently loaded on the card. This is one way Smart Commerce Solutions ensures that the card is used only by merchants who have joined and are currently active in the Smart Shopper smart card program.

The Merchant External Authentication File

The merchant external authentication file is a transparent file containing three keys of 8 bytes each. These keys can be used by the merchant to define a security architecture and policy for the files in his directory.


Previous Table of Contents Next