The Manufacturing Process
The manufacturing of smart cards comprises a number of distinct steps:
- 1. Fabrication of the chip, or many chips in the form of a wafer. Several thousand integrated circuit chips are manufactured at a time in the form of silicon wafers. An individual chip for a smart card is approximately 25 square millimeters, or about 5 millimeters on a side. The template for the circuitry on a chip is repeated many thousands of times to overlay a silicon wafer approximately 4 inches in diameter. Such a wafer might routinely contain 3,000 to 4,000 chips when completed. The actual fabrication of the chips on the silicon wafer is done through a highly refined process of vacuum deposition of extremely pure semiconductor material on the silicon substrate (see Figure 2.2).
Figure 2.2. Chip fabrication.
- 2. Packaging of individual chips for insertion into a card. Once a wafer is completed, each individual chip on the wafer must be tested to make sure that it is operable. Each good chip is identified by a physical marking in preparation for sawing the wafer into many thousands of pieces (that is, one chip in each piece). Once the chips are segmented, an electrical connector which is larger than the chip itself is attached. Very tiny electrical connectors (wires) link various areas on this connector with specific pins on the chip itself. The resulting configuration is referred to as a module. Figure 2.3 illustrates the components of a module, including the micro-electronic connections between the connector and the chip.
Figure 2.3. Elements of a smart card module.
- 3. Fabrication of the card. The card itself is constructed out of polyvinyl chloride or a similar material. Both the chemical characteristics and the dimensions of the card and its associated tolerances are stringently regulated by international standards (which are further discussed in Chapter 3, Some Basic Standards for Smart Cards). The card material is produced in a large, flat sheet of the prescribed thickness. For many types of mass-produced cards, these sheets are then printed. Individual cards are then punched from this flat sheet and the edges of each card are ground to a smooth finish.
- 4. Insertion of the chip into the card. Once the module and card are prepared, the two are brought together during an insertion operation. A hole is made in the card, and the module is glued into it. This hole is typically produced either through a milling operation or by melting the material and pushing the module directly into it (see Figure 2.4).
Figure 2.4. Module insertion in card body.
- 5. Pre-personalization. Once the module is inserted into the card, most smart card applications require that certain programs or data files be installed on each chip (card) before the card can be personalized and given to a specific cardholder. This general preparation of software or files on the card is done through an operation called pre-personalization, which is done through the I/O connectors on the surface of the card and hence can proceed only at the speed supported by that interface.
- 6. Personalization. The personalization procedure involves putting information such as names and account numbers into the chip on the card. This also usually entails writing a personal identification number (PIN) on the card which the cardholder can then use to confirm his or her identity to the card. The personalization procedure usually involves physical manipulation of the card as well; that is, pictures, names, and address information is often printed on the card. In addition, some information, such as account numbers, may be embossed on the card to allow physical transference of that information onto other media (for example, printing a paper receipt of a credit card transaction).
- 7. Printing of the card. The printing of graphics and text on a smart card is an extremely important feature. The appearance of the card generally reflects both aesthetically and financially on the issuer of the card. Branding information such as corporate symbols and logos builds name recognition for the issuer and has significant advertising value. When a card is used as a personal identification card, a persons picture along with name and address information is often printed on the card. For many cards supporting financial transactions, issuers are often concerned with the threat of counterfeiting of their cards; they will sometimes make use of anti-counterfeiting mechanisms such as holograms printed on the face of the card as a safeguard, much as is found in thwarting the counterfeiting of currency.
Depending on the information to be placed on a card, a variety of printing processes may be used. For cards that will have exactly the same graphics on every card, such as telephone cards, transit tokens, and the like, the printing step is often done prior to the insertion of the integrated circuit chip in the card. In this case, the cards are formed from large plastic sheets. The printing is done on the sheet, prior to cutting the individual cards from the sheet. Following the printing operation, the individual cards are stamped from the sheet and their edges are smoothed to conform to ISO specifications, which is examined in a bit more detail in Chapter 3.
- 8. Initialization of the program and program information on the chip in the card.
Smart Card Application Software Development
Applications that make use of smart cards typically comprise software that runs on a reader-side computer (a PC or PC class computer), on the smart card itself, and perhaps even on other computers widely distributed within a local area or wide area network. Development of such applications require special considerations to fully incorporate the smart card, both with respect to development of software to go on the card itself and in testing the smart card in the full application. Some of the elements of this application software development that are specific to the smart card component are described in the following sections.
Mask Development
Programs stored into the chip on a smart card are often referred to as masks. The term derives from the fact that the software is actually reduced to a bit pattern which is actually masked onto the silicon components (the ROM) of the chip during the fabrication process. If the program is to be stored into ROM as part of the fabrication process of the chip itself, then this is generally referred to as a hard mask.