Index
Symbols
- 006.1 cards, 13
- 3F0016 file name, 85
- 3K Multiflex smart cards, see Multiflex, cards
A
- A3 algorithm, 12, 319
- A8 algorithm, 12, 319
- ABS (acrylonitrile butadiene stryrene), 319
- AC (access condition), 319
- access conditions, 88-89
- Access Conditions window (EZ Formatter), 121
- ACKbyte, 64
- ACLs (Access Control Lists), 218-219
- Adaptive Security Framework, 125
- addresses
- number of lines, 25
- see also email addresses
- Advanced Card Systems ACR20 reader functions, 132
- Advanced Controls module, executing commands, 122
- Advanced Controls window (EZ Formatter), 123
- AID (application identifier), 319
- Aladdin ASESoft Microprocessor APIs functions, 130
- algorithms, 12, 319
- A3, 12, 319
- A8, 12, 319
- COMP128, 321
- DES (data encryption standard), 12, 322
- DSA (digital signature algorithm), 323
- Elliptic curve, 12
- encryption bulk, 221
- IDEA, 325
- MD5, 215
- PKA (public key algorithm), 329
- RSA, 12, 330
- SHA-1, 215
- SKA (secret key algorithm), 330
- symmetric, 331
- TESA-7, 332
- TSA7, 12
- Alpha tests, 177
- ANSI (American National Standards Institute), 34, 55, 319
- ISO/IEC
- 7811-2, 34, 38, 40
- 7811-3, 34
- 7811-4, 34
- 7811-5, 34
- 7812, 40
- 7812-1-1993, 34
- 7813-1995, 35
- X3.118 (1984), 55
- X3.15-1975 (R1996), 55
- X9.15-1990 (R1996), 55
- X9.8-1995, 55
- answer to reset, see ATR
- anticollision, 319
- APDUs (application protocol data units), 58-59, 179-180, 319
- ISO 7816-4 commands, 68-71, 271-272
- APIs (application programming interfaces), 58, 125-128
- Aladdin ASESoft Microprocessor functions, 130
- C-SET (Chip-Secured Electronic Transaction), 162-163
- DCE PSM (Personal Security Module), 165-166
- domain specific, 147
- EMV96 specification, 157-159
- ETSI (European Telecommunications Standards Institute), 181
- GSM 11.14, 181-182
- IATA (International Air Transport Association), 164
- ICC Specification Payment Systems, 157-158
- ISO 7816-4, 181
- Java Cards, 184-185
- MULTOS, 183
- licenced application developer, 184
- obtaining a copy, 156
- Open Card Framework, 157
- PC/SC architecture, 148-149
- reader-side
- C-SET, URL and Email, 147
- Cryptographic API URL, 147
- DCE Personal Security Module URL, 147
- EMV96 URL, 147
- IATA (International Air Transport Association) URL, 148
- MULTOS URL, 147
- Open Card Framework URL, 147
- PC/SC, SSPs (Smart Card Service Providers), 147, 150-152
- PKCS#11 URL, 147
- Schlumberger Cryptoflex URL, 147
- SET Version 2.0 URL, 147
- Visa ICC Specification URL, 147
- Visa Open Technology Platform URL, 147
- SCOS (Schlumberger Customer Oriented System), 182-183
- SET 2.0, 162
- SIM (Subscriber Interface Module) cards
- functions, 182
- services, 181
- software, 180-184
- Visa ICC (Integrated Circuit Card), 161-162
- see also Java, class libraries
- APP Auth function, 150
- Append Record command (ISO 7816-4), 77, 279-280
- Application Block command, 160
- Application Framework class functions, 197
- application programming interfaces, see APIs
- application protocol data units, see APDUs
- Application Services class functions, 196
- Application Unblock command, 160
- applications
- application-level protocols, 67-71
- assembly languages, 10
- building, 127
- development time, 11
- domains, 158
- flags, 252
- Harvest Festival, 240
- Java, 9
- keys, authentication, 211-212
- MULTOS licensed developer, 184
- networks, adding smart cards, 124-125
- programming interfaces, 169-180
- Scriveners Corner, 240-242
- security, 208
- Smart Commerce Solutions, 238-247
- software, 6, 30, 32
- chip emulators, 31-32
- chip simulators, 31
- code development, 31
- development time, 11
- interface devices, 32
- mask development, 30
- see also software
- architecture, 19
- C-SET (Chip-Secured Electronic Transaction), 163
- EMV (Europay, MasterCard, and Visa) smart cards, 158
- PC/SC, 148-152
- security, 209, 235-237
- Smart Shopper cards, 235-237
- Arimura, Dr. Kunitaka, 319
- ASC (application-specific command), 319
- ASCII (American Standard Code for Information Interchange), 320
- Aspects SmarTest system Web site, 177
- assemblers (manufacturers), 136-137
- Assembly languages, 10, 170
- asymmetric key encryption, 212-214
- Asynchronous protocol, 320
- ATMs (automatic teller machines), 149
- ATR (answer to reset), 48, 57, 320
- characters, 50
- Multiflex cards, 84
- AttachByHandle function, 150
- AttachByIFD function, 150
- attacks
- blinding, 320
- induced errors, 325
- voltage, 332
- Attributes window (EZ Formatter), 119
- Authenticate key, 93
- authenticating data, static and dynamic, 160-161
- authentication, 201-202, 320
- access conditions, 89
- external, 95, 106-109, 111
- files, 93
- external, updating, 98-100
- internal format, 96-98
- internal, 106-109, 111
- keys
- asymmetric, 213-214
- cryptographic, 94
- private, 213-214
- public, 213-214
- PIN codes, 94
- procedures, 111
- public keys, 216
- shared secrets, 211-212
- states, 108-110
- symmetric keys, 209-212
- authorization, 202-203, 218-220
- ACLs (Access Control Lists), 219
- authorities
- certificates, 217-218
- certifying, 216-218
- capabilities list, 219-220
- automatic teller machines, see ATMs
B
- batch cards, 91, 320
- beta tests, 177
- binding, 320
- biometrics, 320
- bits, 49
- black book, 320
- blocks
- defined, 65
- T=1 protocol, 66-67
- Borland Delphi code control screen, 127
- Bright, Roy, 320
- browsers
- FlexCash cards, 255-262
- Smart Shopper cards, 240
- Build Command button, 122
- Builder interface window (EZ Formatter), 120-121
- business model (identification cards), 39-41
- buttons
- Build command, 122
- Enter PIN, 244
- Get Personal Profile, 244-245
- Process, 122
- Security Manager, 119
- Verify, 127
- View Attributes, 119
- bytes, 60
- ACK, 64
- DAD, 67
- NAD, 67
- NULL, 64-65
- reading, 92
- SAD, 67
- string, 320
- SW1, 65
C
- C header files, 152-156
- C++ Java, 250
- C-SET (Chip-Secured Electronic Transaction), 162-163, 322
- architecture, 163
- URL and Email, 147
- CAD (card accepting device), 320
- calculations, see computations
- Capabilities list, 219-220
- CAPI (Cryptographic application programming interface), 164
- Card Block command, 160
- Card Europe, 320
- Card manager, overriding, 183
- card software, 5-9, 171
- APIs (application programming interfaces), 180-184
- debugging, 176-177
- file design, 178-179
- integration, 177
- linking, 177-178
- loading, 177-178
- memory, 172-174
- readers, 179-180
- scripting, 177
- testing, 176-177
- CARDAUTH interface functions, 150
- Cardholder Verification Numbers, see CHVs
- cardholders, 320
- files, 232
- frequent buyer points, 241
- personal data, controlling, 236-237
- PINs (personal identification numbers), 205-206
- security, 205-206
- Web sites, handling purchases, 238-239
- CARDIS, 321
- cards
- batch, 91
- chips, tamper resistant, 209
- contact, 322
- counterfeit, 170-171
- credit, global market, 34
- daughter, 322
- financial transactions specifications, 41
- higher value, transport key protocols, 90
- hybrid, 325
- I006.1, 13
- identification
- business model, 39-41
- encoding information, 37, 39
- IFD (interface device), 42
- intelligent memory, 325
- issuers, 206
- logic, 5
- magnetic stripe, 40
- memory, 5, 327
- MFC (multifunction card), 327
- mother, 328
- mother cards, 91
- MPCOS64K, 13
- Multiflex, 13
- OC100, 13
- optical, 328
- personalization, 94
- phone, 329
- processor, 329
- return, 40
- rogue, 105
- security, 205, 208-209
- smart, see smart cards
- SVC (stored value card), 331
- USCO48, 13
- Visa Cash card, 332
- wired logic, 333
- see also FlexCash cards; ICC (integrated circuit card); ID-1 cards; Java, cards; Smart Shopper cards
- CardTech/Securetech, 321
- Carte Bancaire, 321
- Cartes, 321
- CAs (certificate authorities), 217
- Castrucci, Paul, 321
- CCPS (Chip Card Payment Service), 161, 171
- Cellular telephones (GSM 11.14), 181
- CEN (Comite Europeen de Normalisation), 321
- central processing units, see CPUs
- cert, 321
- certificates, 217-218
- digital, 160-161, 322
- identities, 217-218
- standards, 218
- CEU (Commission of the European Union), 54
- chain of trust, 216-217
- ChaneDir function, 151
- Change PIN command (Multiflex), 104, 292
- ChangeCode function, 151
- characters
- embossing, 37-38
- encoding, 38
- CheckAccess function, 196
- checksum, 214-215, 321
- Cherry G80-1500 keyboard functions, 133-135
- Chip Card Payment Service, see CCPS
- Chip-Secured Electronic Transaction, see C-SET
- chips
- disabling, 46
- firmware, 31
- hardware emulators, 32
- integrated circuit, 23
- fabricating, 27
- inserting, 29
- packaging, 28
- manufacturerers, 136
- masks, 30
- hard mask, 31
- soft mask, 31
- software simulators, 31
- tamper-resistant, 209
- CHVERIFICATION functions, 151
- CHVs (cardholder verification numbers), 95, 195, 211, 321
- CLA instruction sets, 62, 321
- classes
- Application Framework functions, 197
- Application Services functions, 196
- Cryptography functions, 197
- JavaSoft Java Card 2.0 API, 196-197
- clock rate, 321
- Close function, 151
- code
- developing, 31
- E-Bucks
- card-side, 265-266
- reader-side, 267
- frequent buyer points totals, 246-247
- hash, 215-216
- KLOC, 327
- libraries, 184-185
- one-way hash, 214
- operating systems, 135
- PIN, 94
- smart cards, adding, 174
- soft masks, 174
- commands, 165
- Append Record, 77
- Application Block, 160
- Application Unblock, 160
- Card Block, 160
- Change PIN, 104
- Create File, 87, 98, 103-104
- Create Record, 104
- Decrease, 102-104, 252
- Delete File, 104
- Directory, 86, 89
- e-cash, 265
- EMV96, 159-160
- Envelope, 80
- Erase Binary, 76
- Execute Application, 255-256
- External Authentication, 79, 98, 104, 160
- EZ Formatter, 122
- Generate Application Cryptogram, 160
- Get Challenge, 79-80, 104-105
- Get Data, 78, 160
- Get Processing Options, 160
- Get Response, 80-81, 86-88, 90-92, 99, 103, 105
- Get Values, 252
- IATA (International Air Transport Association), 164
- Increase, 102-103, 105
- Internal Authenticate, 79, 105, 160-161
- Invalidate, 87, 105
- ISO 7816-4, 181
- APDU structures, 271-272
- Append Record, 279-280
- Erase Binary, 276-277
- file system, 272
- Get Data, 281-282
- Put Data, 282-283
- Read Binary, 273-274
- Read Record, 277-278
- security status, 272
- Select File, 283-284
- Update Binary, 275-276
- Update Record, 280-281
- Write Binary, 274-275
- Write Record, 278-279
- ISO/IEC 7816-4
- Envelope, 289-290
- External Authenticate, 286-287
- Get Challenge, 287
- Get Response, 288-289
- Internal Authenticate, 285-286
- Manage Channel, 287-288
- Verify, 284-285
- Java Card 1.0 bootstrap loader, 255-256
- Manage Channel, 75, 80
- Multiflex cards, 104-106, 183
- Change PIN, 292
- Create File, 293-294
- Create Record, 294-295
- Decrease, 295-297
- Delete File, 297-298
- External Authentication, 298-299
- Get Challenge, 299-300
- Get Response, 300-301
- Increase, 301-302
- Internal Authentication, 302-303
- Invalidate, 304-305
- Read Binary, 305-306
- Read Record, 306-307
- Rehabilitate, 307-309
- Seek, 309-310
- Select File, 310-311
- Unblock PIN, 311-312
- Update Binary, 312-314
- Update Record, 314-315
- Verify Key, 316-317
- Verify PIN, 315-316
- PIN change/Unblock, 160
- Put Data, 78
- Read Binary, 75, 92, 105
- Read Record, 76-77, 102, 105, 160
- Rehabilitate, 87, 105
- Schlumberger Cryptoflex cards, 165
- Seek, 105
- Select, 105, 160
- Select File, 74-75, 85, 91
- Set Application Flag, 252
- Set Default ATR, 255-256
- T=0 protocol, 60
- CLAinstruction sets, 62-63
- header fields, 61-62
- header parameters, 64-65
- T=1 protocol, 65
- blocks, 66-67
- Unblock PIN, 105
- Update Binary, 76, 99-100
- Update Record, 77-78
- Verify, 78-79, 127, 160
- Verify Key, 98, 105
- Verify PIN, 94, 100, 105
- Write Binary, 75-76
- Write Record, 77, 164
- Commission of the European Union, see CEU
- communications, 14
- COMP128, 321
- compilers, 136-137
- components
- identification numbers, 40-41
- smart cards, 23, 27
- computations, 5
- contact cards, 322
- contactless cards, 22, 322
- contacts
- definitions, 45
- electrical, 44
- idle states, 47
- locations, 45-46
- measurements, 44
- shapes, 45-46
- sizes, 45-46
- states before card resets, 47
- controls
- hierarchial access, 111
- master files, 86-87
- core, 322
- COS (card operating system), 322
- cost, smart cards, 4
- counterfeit cards, 170-171
- soft masks, 174
- CPUs (central processing units), 3, 16, 322
- Create File command (Multiflex), 87, 98, 103-104, 293-294
- Create function, 151
- Create Record command (Multiflex), 104, 294-295
- credit cards, global market, 33-34
- CRT (chinese remainder theorem), 322
- Cryptographic application programming interface, see CAPI
- cryptography, 11-12
- API (application programming interface), 147
- coprocessor, 322
- keys, 94-95
- public keys, 26, 216
- smart cards, 164-165
- Cryptography class functions, 197
- CRYPTPROV interface functions, 152
- custom smart cards, 10
- Cyberflex
- 1.0 Java API, 184-185
- 2.0 Core API functions, 192-196
- programmers manual, 256
- Web site, 191
- see also FlexCash cards
- cyclic files, 13-14, 74, 102-104, 322
- electronic purses, handling transactions, 102
- lengths, 100
- transaction logs, 102
- wrapping around, 102
D
- DAD byte (Destination address), 67
- Danmont, 322
- data
- authenticating, statis and dynamic, 160-161
- integrity, 4, 18-19
- security, 4, 18
- smart cards and readers, 48-49
- daughter cards, 322
- DCE (Distributed Computing Environment), 125
- Personal Security Module URL, 147
- PSM (Personal Security Module), 165-166
- Snare software, 124-125
- DEA (Data Encryption Algorithm), 322
- debugging, 137
- manufacturers of debuggers, 138-139
- software, card-side, 176-177
- Decrease command (Multiflex), 102-104, 252, 295-297
- Decrypt function, 152
- dedicated files, 73
- Delete File command (Multiflex), 104, 297-298
- Delete function, 151
- DeriveKey function, 152
- DES algorithm, 12
- design
- FlexCash cards, 251-252
- Smart Shopper cards, 229-230
- Detach function, 150
- Dethloff, Jürgen (co-inventor of smart cards), 4, 322
- DF (dedicated files), 322
- diagrams, smart cards and readers, 47
- Diffie-Hellman protocol, 220
- digital certificates, 322
- public keys, 160-161
- digital signatures, 214-215, 323
- direct convention, 49
- directories
- domains, 158
- elementary files, 109
- EMV96 payment system, 158-159
- IATA air travel, 158
- merchants, 231
- Multiflex cards, 85-89
- PIN variables, 109
- Directory command, 86, 89
- Directory/File Attributes window (EZ Formatter), 120
- DisplayText function, 182
- Distributed Computing Environment, see DCE
- distribution state, magnetic stripe cards, 40
- diversified key, 91, 323
- DLLs (dynamic link libraries), SSPs (Smart Card service providers), 152
- domains
- directories, 158
- specific, 150
- Done handler, 245-246
- DSA (digital signature algorithm), 323
- DSS (Digital Signature Standard), 323
- dynamic link libraries, see DDLs
E
- E-Bucks
- code
- card-side, 265-266
- reader-side, 267
- e-cash
- implementing, 262-263
- protocol, 262-265
- e-cash
- cards, 323
- protocols, 262-265
- standard, 251
- E-purse (electronic purse), 324
- ECMA (European Computer Manufacturers Association), 55
- ECMA-219, 55
- Editing completion handler, 246
- Editor, window (EZ Formatter), 122
- editors
- FlexCash cards, 255-262
- smart cards, 116-117, 330
- EZ Formatter, 118-123
- EEPROM (electrically erasable programmable read-only memory), 25, 63, 323
- application flags, 252
- Multiflex carads, 111
- tracking usage, 111-112
- EFT (electronic funds transfer), 323
- electrical contacts, 44
- electronic purses, 102-104
- electronic wallet, 323
- elementary files (EFs), 88
- access conditions, updating, 88
- authentication states, 109
- characteristics, 73-74
- fileIds, 90
- selecting, 90-94
- serial number files, 90
- transport key files, 90
- Elliptic curve algorithm, 12
- email addresses, 147-148
- embossed cards, 37
- return cards, 40
- unused cards, 40
- emulation, debugging or testing, 176-177
- emulators, 139, 323
- manufacturers, 140
- EMV (Europay, MasterCard, and Visa), 157-158, 323
- commands, 159-160
- data, authenticating, 160-161
- digital certificates, 160-161
- IATA (International Air Transport Association), 164
- payment system
- directory, 158-159
- transaction, 158-159
- SET 2.0, 162
- smart card architecture, 158
- specification, 157-159
- URLs (Uniform Resource Locators), 147
- Visa ICC (integrated circuit card), 161-162
- EN 726, 54, 324
- EN 742, 324
- encoding
- characters, recording techniques, 38
- identification cards, 37, 39
- Encrypt function, 152
- encryption, 12
- algorithms, 12
- bulk, 221
- symmetric keys, 210-212
- Enter PIN button handler, 244
- Envelope command (ISO/IEC 7816-4), 80, 289-290
- EP (electronic purse), 324
- erasable and programmable read-only memory, see EEPROM
- Erase Binary command (ISO 7816-4), 76, 276-277
- errors, detection, 60-61
- ESCAT (European Smart Card Application and Technology), 324
- ETSI (European Telecommunication Standards Institute), 54, 181, 324
- European Computer Manufacturers Association, see ECMA
- European Telecommunications Standards Institute, see ETSI
- Execute Application command, 255-256
- Execute function, 196
- Export function, 152
- external authentication, 106-109, 111
- External Authentication command (Multiflex), 98, 104, 298-299
- external descriptions, 126-127
- EZ Component, 126-128
- EZ Formatter
- commands, 122
- files, 119
- readers, 123
- smart cards, 123
- toolbar, 118
- Users Guide, 123
- windows
- Access Conditions, 121
- Advanced Controls, 123
- Attributes, 119
- Builder, 120
- Builder interface, 121
- Directory/File Attributes, 120
- Editor, 122
- Log, 118-119
- Security Manager, 119
- Status Display, 118
F
- fields, 291
- INS, 325
- RFU (reserved for future use), 291
- T=1 protocol blocks, 66-67
- file systems, 13-14
- ISO/IEC 7816-4, 71-72
- dedicated file characteristics, 73
- elementary file characteristics, 73-74
- master file characteristics, 73
- see also files
- FILEACCESS routines, 151
- files
- 3F0016 file, 85
- access conditions, 88
- ACLs (Access Control Lists), 13, 219
- authentication key files
- controlling, 93
- format of internal/external, 96-98
- updating, 98-100
- C header, 152-156
- creating, 119-120
- cyclic, 13-14, 74, 102-104, 322
- electronic purses, handing transactions, 102
- lengths, 100
- transaction logs, 102
- wrapping around, 102
- deleting, 119-120
- DFs (dedicated files), 322
- EFs (elementary files), 88, 323
- authentication states, 109
- fileIds, 90
- selecting, 90-94
- serial number, 90
- updating access conditions, 88
- EZ Formatter, 123
- internal authentication, 107
- ISO 7816-4 commands, 272
- key files, 94-98
- linear, 13-14, 327
- managing, 121
- master
- changing, 119
- file controls, 86-87
- making as current file, 85
- merchants
- external authentication, 232
- managing, 236-237
- MF (master file), 327
- Multiflex cards, 85
- file types, 87-88
- standard key files, 95
- operations, 88-89
- paths, 328
- PINs (personal identification numbers), 98-100
- purse, 13-14, 329
- records, 74
- lengths, 100
- Seek, 100-102
- serial number files, 90-92
- SIM, 14
- Smart Commerce Solutions, 232
- Smart Shopper cards
- access conditions, 236-237
- cardholder personal data, 232
- cumulative purchases, 233-234
- frequent buyer points, 232-233
- layout, 230
- master, 231
- merchant external authentication, 232
- sizes, 234-235
- want lists, 233-234
- software (card-side), designing, 178-179
- transparent, 13-14, 74, 88, 332
- reading bytes, 92
- see also file systems
- financial transaction cards, specifications, 41
- FIPS 140-1, 55, 324
- firewalls, ITSEC E6 certified, 183
- firmware, 31
- FLASH, 324
- FlexCash cards, 249-250
- application flags, 252
- browsers, 255-262
- code
- E-Bucks card-side, 265-266
- E-Bucks reader-side, 267
- Java Card (11.1), 252-255
- commands
- Decrease, 252
- Execute Application, 255-256
- Get Values, 252
- Make Debit, 265
- Request Credit, 265
- Request Debit, 265
- Set Application Flag, 252
- Set Default ATR, 255-256
- designing, 251-252
- E-Bucks e-cash
- implementing, 262-263
- protocol, 262-265
- editors, 255-262
- Java
- bootstrap loader commands, 255-256
- modules, 251-252
- standards, 251
- formats
- authentication key files, 96-98
- PIN files, 96
- FRAM (ferroelectric memory), 324
- France C-SET (Chip-Secured Electronic Transaction), 162-163
- frequent buyer points, 246-247
- FSCUG (Federal Smart Card Users Group), 324
- functions
- Advanced Card Systems ACR20, 132
- Aladdin ASESoft Microprocessor APIs, 130
- APIs (application programming interfaces), 182
- APP Auth, 150
- Application Framework class, 197
- Application Services class, 196
- AttachByHandle, 150
- AttachByIFD, 150
- ChangeCode, 151
- ChangeDir, 151
- CheckAccess, 196
- Cherry G80-1500 keyboard, 133-135
- CHVERIFICATION, 151
- Close, 151
- Create, 151
- Cryptography class, 197
- Cyberflex 2.0 Core API, 192-196
- DCE PSM (Personal Security Module), 166
- Decrypt, 152
- Delete, 151
- DeriveKey, 152
- Detach, 150
- Directory, 151
- DisplayText, 182
- Encrypt, 152
- Execute, 196
- Export, 152
- GenKey, 152
- GetChallenge, 150
- GetCurrentDir, 151
- GetFileCapabilities, 151
- GetFileSize, 196
- GetInKey, 182
- GetInput, 182
- GetMessage, 250
- GetParm, 152
- GetProperties, 151
- GetRandom, 152
- GetUserKey, 152
- hash code, 215
- HashData, 152
- HashSessionKey, 152
- I/O interrupt, 183
- ICC Auth, 150
- ImportKey, 152
- interfaces
- CARDAUTH, 150
- FILEACCESS, 151
- SCARD, 150
- Invalidate, 151
- JavaSoft Java Card 2.0 APU, 196-197
- MoreTime, 182
- Open, 151
- PlayTone, 182
- PollInterval, 182
- Prolekila Smart Card Reader library, 133
- Read, 151
- receive, 183
- Reconnect, 150
- Rehabilitate, 151
- Reset, 182
- Seek, 151
- SelectItem, 182
- SendMessage, 250
- SendShortMessage, 182
- SendSS, 182
- SendUSSD, 182
- Set Properties, 151
- SetDefaultATR, 196
- SetParm, 152
- SetUpCalls, 182
- SetUpMenu, 182
- SignHash, 152
- transmit, 183
- Tritheim SmartPort, 131-132
- Unblock, 151
- User Auth, 150
- Verify, 151
- VerifySignature, 152
- Write, 151
G
- Generate Application Cryptogram command, 160
- GenKey function, 152
- Get Challenge command, 79-80, 104-105
- ISO/IEC 7816-4, 287
- Multiflex, 299-300
- Get Data command, 78, 160
- ISO 7816-4, 281-282
- Get Personal Profile button handler, 244-245
- Get Processing Options command, 160
- Get Response command, 80-81, 86-88, 90-92, 103, 105
- ISO/IEC 7816-4, 288-289
- Multiflex, 300-301
- Get Values command, 252
- GetChallenge function, 150
- GetCurrentDir function, 151
- GetFileCapabilities function, 151
- GetFileSize function, 196
- GetInKey function, 182
- GetInput function, 182
- GetMessage function, 250
- GetParm function, 152
- GetProperties function, 151
- GetRandom function, 152
- GetUserKey function, 152
- global markets (credit cards), 33-34
- government entities, security, 204
- Groupe Special Mobile/Global System for Mobile Communication, see GSM
- Gröttrupp, Helmut (co-inventor of smart cards), 4, 324
- GSCAS (Global Smart Card Advisory Service), 324
- GSM (Groupe Special Mobile or Global Service for Mobile Communications), 324
- 11.14 standard, 54, 181, 324
- cellular telephones, 181
- SIM (subscriber interface module) functions, 182
H
- Habgood, Nick (MULTOS), 184
- handlers, 245-246
- buttons
- Enter PIN, 244
- Get Personal Profile, 244-245
- editing completion, 246
- line, 245
- handshakes, 324
- hardware, 15
- Harvest Festival, 227-229
- applications, 240
- Smart Shopper cards, updating, 241
- hash, 324-325
- code, 215
- HashData function, 152
- HashSessionKey function, 152
- headers (command), T=O protocol, 61-62
- hierarchical access control, 111
- history of smart cards, 4
- host software, 5-9
- development time, 11
- development tools, 116
- smart cards, recording traffic, 118
- hybrid cards, 325
I
- I/O (input/output), 325
- overriding interrupt function, 183
- IATA (International Air Transport Association)
- air travel directory, 158
- commands, 164
- IET (Interline Electronic Ticketing), 164
- URL (Uniform Resource Locator), 148
- IBM
- email address, 147
- Open Card Framework, 147
- IC (integrated circuit), 325
- ICC (integrated circuit card), 41, 161-162, 325
- Auth function, 150
- Specification Payment Systems, 157-158
- ICMA (International Card Manufacturers Association Suite), 325
- ID-1 cards, 35-37
- form factors, 36
- magnetic stripes, 39
- recording techniques, 38
- IDEA, 325
- identification cards
- business model, 39-41
- encoding information, 37, 39
- ID-1 cards, 35-39
- identification numbers
- check digits, 41
- components, 40-41
- identities
- access conditions, 89
- authentication, 213-214
- symmetric key, 209-212
- certificates, 217-218
- idle states, 47
- IEC (International Electrotechnical Commission), see ISO (International Standards Organization) standards
- IET (Interline Electronic Ticketing), 164
- IFD (interface device), 42, 325
- ImportKey function, 152
- Increase command (Multiflex), 102-103, 105, 301-302
- Induced error attach, 325
- industries, 41
- Information block (T=1 protocol), 66-67
- infrastructures, software, 124
- Initial bit, 325
- initialization, 48, 325
- INS codes, ISO/IEC 7816-4, see ISO 7816-4
- instruction sets, 62
- integrated circuit card, see ICC
- integrated circuit chips
- inserting into smart cards, 29
- smart cards, 23
- integration, 177
- integrity, 203-204
- authorities, 216
- one-way hash codes, 214-215
- public keys, 216
- security, 214-218
- intelligent memory cards, 325
- Intellisoft software developments, 125
- interface device, see IFD
- interfaces
- applications, 169-180
- architecture, 149-152
- CARDAUTH functions, 150
- CRYPTPROV functions, 152
- devices, 32, 206
- readers, 32, 128
- terminals, 32
- readers, 32, 206
- software, 129-135
- SCARD, 150
- Interline Electronic Ticketing, see IET
- Internal Authenticate command, 79, 160-161
- ISO/IEC 7816-4, 285-286
- internal authentication, 106-109, 111
- Internal Authentication command (Multiflex), 105, 302-303
- International Electrotechnical Commission, see IEC
- International Standards Organization, see ISO
- International Telecommunication Union, see ITU
- interpreters (Schlumberger), 184
- Invalidate command (Multiflex), 87, 105, 304-305
- Inverse convention, 49, 325
- ISO (International Standards Organization) standards, 34-35, 326
- 639, 54
- 646, 54
- 1073-1, 38
- 1073-2, 38
- 1831, 38
- 3166, 54
- 4217, 54
- 4909, 41, 326
- 7501, 54
- 7810, 34, 54, 326
- 7811, 54, 326
- 7812, 54, 326
- 7813, 41, 54, 326
- 7816, 326
- 7816-1, 35, 42, 44
- 7816-2, 35, 38, 44-45
- 7816-3, 35, 45
- Amendment 1, 35
- Amendment 2, 35
- 7816-4, 35, 41, 43, 53, 175-176, 179-180, 211
- 7816-4
- APDU (application protocol data unit), 68-71, 179, 271-272
- Append Record command, 279-280
- application-level protocols, 67-68
- Envelope command, 289-290
- Erase Binary command, 276-277
- External Authenticate command, 286-287
- file system API, 71-74
- file system commands, 272
- Get Challenge command, 287
- Get Data command, 281-282
- Get Response command, 288-289
- INScodes, 63
- Internal Authenticate command, 285-286
- Manage Channel command, 287-288
- Put Data command, 282-283
- Read Binary command, 273-274
- Read Record command, 277-278
- security status commands, 272
- Select File command, 283-284
- Update Binary command, 275-276
- Update Record command, 280-281
- Verify command, 284-285
- Write Binary command, 274-275
- Write Record command, 278-279
- 7816-5, 35
- 7816-6, 35
- 7816-37, 251
- 8583, 326
- 8601, 54
- 8859, 54
- 9564, 54
- 9797, 54
- 9992, 326, 549
- 10181-3, 326
- 10202, 54, 326
- 10373, 38, 326
- 10536, 54, 326
- 11568, 54
- 11694, 54
- parts 1-5, 42
- smart cards, 85
- security, 284
- ITSEC (Information Technology Security Evaluation Criteria), 55
- certified firewalls, 183
- ITU (International Telecommunication Union), 55
J
- Java, 9
- C++, 250
- cards, 184-185
- Cyberflex 1.0, 184
- Cyberflex 2.0 Core API functions, 192-196
- classes
- JavaSoft Java Card 2.0 API, 196-197
- libraries, 184-185
- Cyberflex 1.0 Java API, 185
- FlexCash cards, 251-252
- functions, 196-197
- Java Card Forum, 185
- JavaSoft API, 185
- virtual machines, 185
- Java Card
- API (Application Programming Interface)
- classes, 196-197
- functions, 196-197
- bootstrap loader commands, 255-256
- Forum Web site, 185
- OTP (Open Technology Platform), 162
- JavaSoft Web site, 185
K
- key files, 94-98
- keyboards, Cherry G80-1500 functions, 133-135
- keys, 94-98
- asymmetric key encryption, 210-214, 331
- authentication, 93
- cryptographic, 94
- diversified, 91, 323
- private, 164, 213-214, 329
- public, 213-214, 216, 329
- DCE PSM (Personal Security Module), 165-166
- digital certificates, 160-161
- shared secrets, 211-212
- symmetric encryptions, 210-214, 331
- transport, 18, 90, 332
- protocols, 90
- purposes, 94
L
- languages, 146, 170
- layering protocols, 59-60
- layers, OSI (Open Systems Interconnect) Reference Model, 58
- layout, 327
- LDAP (Lightweight Directory Access Protocol), 125
- libraries
- class, 184-185
- Prolekila Smart Card Reader functions, 133
- Lightweight Directory Access Protocol, see LDAP
- Line handler, 245
- linear files, 13-14, 327
- link-level protocols, 57-60
- linking software (card-side), 177-178
- listings
- E-Bucks e-cash card-side code, 266
- E-Bucks e-cash host-side code, 267
- FlexCash code on the Java Card, 252-255
- FlexCash card browser and editor program, 257-262
- Schlumbergers Java Card version 1.0 API, 186-192
- Log window (EZ Formatter), 118-119
- logic cards, 5
- loops, overriding elements, 183
- Loyalty programs, 225-231, 327
M
- MACs (message authentication codes), 215, 327
- magnetic stripe cards, distribution state, 39-40
- Make Debit command, 265
- Manage Channel command (ISO/IEC 7816-4), 75, 80, 287-288
- Management utility, 242-247
- manufacturers
- chips, 136
- compilers, 137
- debuggers, 138-139
- emulators, 140
- simulators, 138-139
- smart card operating systems, 141
- software
- operating systems, 141
- tools, 142-143
- testers, 140
- MAOS (multiapplication operating system), 327
- masks, 327
- developing, 30
- soft, 31, 331
- master file, 327
- characteristics, 73
- file controls, 86-87
- MasterCard email address, 147
- MD5 algorithm, 215
- memory, 15
- cards, 5, 327
- circuitry, 22
- integrated circuit chips, 23
- chipcards, 327
- EEPROM (electrically erasable programmable read-only memory), 25, 63
- FLASH, 324
- FRAM (ferroelectric memory), 324
- NVM (nonvolatile memory), 15, 172-173, 328
- RAM (random access memory), 16, 26, 172
- ROM (read-only memory), 15, 25
- shelf life, 173-174
- smart cards, 25-26
- software, 172-174
- zeroization, 333
- merchants
- cardholders, frequent buyer points, 241
- directories, 231
- files
- cumulative purchases, 233-234
- external authentication, 232
- frequent buyer points, 232-233
- managing, 236-237
- sizes, 234-235
- want lists, 233-234
- Harvest Festival, 227-229
- application programs, 240
- updating Smart Shopper cards, 241
- loyalty programs, 225-229, 231
- purchasing programs, 227-229
- Scriveners Corner, 227-229, 240-242
- Smart Shopper cards, 227-229
- Web sites, 238
- message authentication codes, see MACs
- MF (master files), 327
- characteristics, 73
- file controls, 86-87
- MFC (multifunction card), 327
- microcontrollers, 135
- Microsoft CAPI (Cryptographic application programming interface), 147, 164
- MIP (million instructions per second), 327
- modules, 327
- Mondex, 147, 327
- monitors, FlexCash cards
- commands, 252
- implementing, 252-255
- Montgomery multiplication, 327-328
- Moréno, Roland, 328
- MoreTime function, 182
- mother cards, 91, 328
- MPCOS64K cards, 13
- Multiflex
- cards, 13, 83-84
- ATR (answer to reset), 84
- authentication states, 108-109
- commands
- Change PIN, 103-104, 292
- Create File, 87, 98, 104, 293-294
- Create Record, 104, 294-295
- Decrease, 103-104, 295-297
- Delete File, 104, 297-298
- Directory, 86, 89
- External Authentication, 98, 104, 298-299
- fields, 291
- Get Challenge, 104-105, 299-300
- Get Response, 86-88, 90-92, 99, 103, 105, 300-301
- Increase, 103, 105, 301-302
- Internal Authentication, 105, 302-303
- Invalidate, 87, 105, 304-305
- protected-mode, 105-106
- Read Binary, 92, 105, 305-306
- Read Record, 102, 105, 306-307
- Rehabilitate, 87, 105, 307-309
- Seek, 105, 309-310
- Select, 105
- Select File, 85, 91, 310-311
- Unblock PIN, 105, 311-312
- Update Binary, 99-100, 105, 312-314
- Update Record, 105, 314-315
- Verify Key, 98, 105, 316-317
- Verify PIN, 94, 100, 105, 315-316
- directories, 85-89
- EEPROM, 111
- files, 87-88, 95
- Seek, 100, 102
- Seek instruction, 101
- hierarchical access control, 111
- key files, 94-98
- keys, 94-98
- Not Found error, 102
- NVM (nonvolatile memory), 111
- personalizaton, 94
- SCOS (Schlumberger Customer Oriented System), 182-183
- Seek instruction, 101
- serial number files, 90
- stamped variants, 103
- transport keys, 90
- MULTOS (Mondex), 328
- application segregation, 183
- licensed application developer, 184
- Nick Habgood, 184
- obtaining a copy, 156
- URL (Uniform Resource Locator), 147
N
- NACCU (National Association of Campus Card Users), 328
- NAD byte, 67
- networks
- applications, adding smart cards, 124-125
- security, 208
- NIST (U.S. National Institute for Standards and Testing), 55
- non-stomic write, 175
- nonrepudiation, 204
- nonvolatile memory (NVM), see NVM
- Not Found error (Multiflex cards), 102
- NULL byte, 64-65
- NVM (nonvolatile memory), 15, 111, 328
- data, overwriting, 175-176
- programming
- card-side, 172-173
- power loss, 175
- shelf life, 173
- smart cards, adding code, 174
O
- OC100 cards, 13
- one-way hash code, 214-216
- Open Card Framework (IBM), 147, 157
- Open function, 151
- Open Group, 147
- Open Technology Platform, see OTP
- operating systems, 12-13
- code, see code
- manufacturers, 141
- MULTOS, see MULTOS
- optical cards, 328
- OSI (Open Systems Interconnect) Reference Model, 58-59
- OTP (Open Technology Platform), 162
- overriding
- card manager, 183
- I/O interrupt function, 183
- loop elements, 183
- receive function, 183
- transmit function, 183
- ownership of smart cards, 177-178
P
- page size, 328
- pass-along readers, 128
- paths, 328
- PC/SC (personal computer/smart card), 150, 328
- architecture, 148-152
- SSPs (Smart Card service providers), 150-152, 250
- URL (Uniforma Resource Locator), 147
- PCs (personal computers), security, 207
- personal identification numbers, see PINs
- Personal Security Module, see PSM
- personalization of cards, 29, 94, 238, 328-329
- phone cards, 329
- physical security, 208-209
- PINs (personal identification numbers), 7, 78, 195, 329
- authentication
- directory variable, 109
- procedures, 111
- cardholders, 205-206
- Change/Unblock command, 160
- CHVERIFICATION functions, 151
- codes, 94
- entry and checking, 211
- files
- creating, 98-100
- format, 96
- security, 207
- PKA (public key algorithm), 329
- PKCS#11, 147
- PKI (public key infrastructure), 329
- PlayTone function, 182
- plug-ins
- EZ Component, 126-128
- software, 124
- PollInterval function, 182
- POS (point of sale), 149, 329
- power loss when programming, 175
- pre-personalization, 29
- printing smart cards, 29
- privacy, 203, 220-221
- private keys, 164, 213-214, 329
- Process button, 122
- processor cards, 26
- programming, 3-5, 170
- interfaces, 169-180
- languages, 146, 329
- non-atomic write, 175
- power loss, 175
- see also applications; software
- protected-mode commands, 105-106
- protocols
- APDUs (application protocol data units), 58
- APIs (application programming interfaces), 58
- application-level, 67-71
- between smart cards and readers, 52
- designations, 52
- e-cash, 262-265
- layering, 59-60
- link-level, 57-60
- OSI Reference Model, 58-59
- secure messaging, 59
- synchronous, 331
- T=0, 57-60, 331
- command header fields, 61-62
- command header parameters, 64-65
- error detection, 60-61
- T=1, 57-59, 65, 331
- blocks, 66-67
- transport keys, 90
- PSM (Personal Security Module), 165-166
- public keys, 213-216, 329
- cryptography, 26
- cryptology, see asymmetric key encryption
- DCE PSM (Personal Security Module), 165-166
- digital certificates, 160-161
- purses
- electronic, 102-104
- files, 13-14, 329
- Put Data command (ISO 7816-4), 78, 282-283
- PVC (polyvinyl chloride), 329
Q-R
- RAM (random access memory), 15-16, 26, 329
- programming, card-side, 172
- Read Binary command
- ISO 7816-4, 75, 92, 105, 273-274
- Multiflex, 305-306
- Read function, 151
- Read Record command
- ISO 7816-4, 76-77, 102, 105, 160, 277-278
- Multiflex, 306-307
- read-only memory, see ROM
- readers, 206
- Advanced Card Systems ACR20 functions, 132
- Aladdin ASESoft Microprocessor API functions, 130
- APIs (application programming interfaces), 130, 145-147
- Cherry G80-1500 keyboard functions, 133-135
- descriptions, 123
- interfaces, 128
- devices, 32
- software, 129-135
- pass-along, 128
- Prolekila Smart Card Reader library functions, 133
- reset sequence, 48
- smart cards
- bit ordering, 49
- communicating, 45
- data transfer, 48
- data transmission, 49
- diagrams, 47
- protocols, 52
- swallowing, 175
- software (card-side), 179-180
- Tritheim SmartPort, 130-132
- reading smart cards, 152
- Receive function, overriding, 183
- Receive Ready block (T=1 protocol), 66-67
- Reconnect function, 150
- record files, 74
- lengths, 100
- Seek, 100, 102
- Seek instruction, 101
- recording techniques, encoding characters, 38
- Regulation E, 329
- Rehabilitate command (Multiflex), 87, 105, 307-309
- Rehabilitate function, 151
- relative path, 329
- replay attacks, 104
- Request Credit command, 265
- Request Debit command, 265
- Reset function, 182
- ResetSecurityState function, 151
- resetting readers, 48
- retention time, 330
- return cards, 40
- RF/DC (radio frequency/direct communication), 330
- RF/ID (radio frequency/identification), 330
- RFU (reserved for future use) field, 291
- rogue cards, 105
- rogue terminals, 105
- ROM (read-only memory), 15, 25, 330
- programming, card-side, 173-174
- routines, FILEACCESS functions, 151
- RSA, 330
- algorithm, 12
- URL (Uniform Resource Locator), 147
- RST, 330
S
- SAD byte (Source address), 67
- SCARD interface functions, 150
- Schlumberger
- Cryptoflex cards, 147, 165
- Cyberflex
- 1.0 cards, 184-185
- 2.0 Core API, 192-196
- Web site, 191
- interpreter, 184
- Java Card version 1.0 API (listing 8.l), 186-192
- Multiflex smart cards, see Multiflex, cards
- Pont Audemer factory, 90
- SCOS (Schlumberger Customer Oriented System), 182
- commands, activating, 183
- loops, overriding elements, 183
- SOLO software, 141
- virtual machine, 184
- see also FlexCash cards
- screens, Borland Delphi code control, 127
- scripting
- debugging or testing, 177
- software, card-side, 177
- Scriveners Corner, 227-229, 240-242
- SDKs (software development kits), 125-128, 145, 330
- secrets, shared, 211-212
- secure electronic transactions, see SET
- secure messaging, 59
- security, 4
- ACLs (Access Control Lists), 218-219
- Adaptive Security Framework, 125
- applications, 208
- architecture, 209
- asymmetric key encryption, 212-214
- authentication, 209-214
- authorization, 218-220
- capabilities list, 219-220
- certifying authorities, 216-218
- cardholders, 205-206
- cards, 205-209
- CAs (certificate authorities), 217
- certificates, 217-218
- chain of trust, 216-217
- checksum, 214-215
- chips, tamper-resistant, 209
- code, 215-216
- commands, protected-mode, 105-106
- counterfeit cards, 170-171
- cryptography, 11-12
- cryptology, public keys, 216
- Cyberflex 2.0 Core API, 195
- data security, 18
- Diffie-Hellman protocol, 220
- digital signatures, 214-215
- E-Bucks e-cash protocol, 263-265
- encryption, 12
- government entities, 204
- induced error attach, 325
- integrity, 214-218
- ISO 7816-4, 284
- keys
- private, 213-214
- public, 213-214
- MACs (message authentication codes), 215
- mechanisms, 208-209
- microcontrollers, 135
- Multiflex SCOS (Schlumberger Customer Oriented System), 182
- networks, 208
- one-way hash codes, 214
- PCs (personal computers), 207
- physical, 208-209
- PINs (personal identification numbers), 207, 211
- privacy, 220-221
- secure messaging, 59
- shared secrets, 211-212
- smart cards, 23, 27
- Smart Shopper cards, 235-237
- software, 11-12, 135
- symmetric key encryption, 210-212
- systems
- authentication, 201-202
- authorization, 202-203
- components, 204-205
- integrity, 203-204
- nonrepudiation, 204
- privacy, 203
- TCP/IP infrastructure, 124-125
- terminals, 206-207
- transactions, 200
- trust, establishing, 201-202
- trust brokers, 33
- Visa
- CCPS (Chip Card Payment Service), 171
- SET (secure electronic transaction), 171
- Security Manager button, 119
- Security Manager window (EZ Formatter), 119
- Seek command (Multiflex), 105, 309-310
- seek files, 100-102
- Select command, 105, 160
- Select File command, 74-75, 85, 91
- ISO 7816-4, 283-284
- Multiflex, 310-311
- selecting files (elementary), 90-94
- SelectItem function, 182
- SendMessage function, 250
- SendShortMessage function, 182
- SendSS function, 182
- SendUSSD function, 182
- serial number files, 90-92
- SET (secure electronic transactions), 157-158, 330
- availability, 171
- specifications, 162
- Set Application Flag command, 252
- Set Default ATR command, 255-256
- Set Properties function, 151
- SetDefaultATR function, 196
- SetParm function, 152
- SetUpCalls function, 182
- SetUpMenu function, 182
- SHA-1 algorithm, 215
- shelf life, NVM (nonvolatile memory), 173
- SignHash function, 152
- SIM (subscriber interface module), 330
- files, 14
- functions, 182
- services, 181-182
- simulation
- debugging or testing, 176-177
- simulators, 137-139, 330
- sites (Web)
- Aspects SmarTest system, 177
- Cyberflex, 191
- Java Card Forum, 185
- JavaSoft, 185
- SKA (secret key algorithm), 330
- smart cards, 330
- bending testing, 44
- communications, 14
- components, 23, 27
- cost, 4
- defined, 3
- fabricating, 28
- file systems, see file systems
- future developments, 146-147
- hardware, 15
- history, 4
- initialization, 30, 48
- integrated circuit chips
- address lines, 25
- fabricating, 27
- inserting, 29
- memory, 25-26
- packaging, 28
- size, 24
- manufacturing, 27, 30
- mask development, 30
- operating systems, see operating systems
- ownership, 177-178
- physical characteristics, 21, 23
- printing, 29
- readers
- bit ordering, 49
- communicating, 45
- data transfer, 48
- data transmission, 49
- diagrams, 47
- protocols, 52
- Smart Card Forum, 330
- Smart Card service providers, see SSPs
- software, see software
- specifications, 53-56
- swallowing, 175
- tearing, 175
- tortion testing, 44
- Smart Commerce Solutions
- applications, 238-247
- card administration, 232
- Web site, 238-239
- Smart Shopper cards, 225
- browsers, 240
- cardholders
- controlling personal data, 236-237
- frequent buyer points, 241
- files
- access conditions, 236-237
- cardholder personal data, 232
- cumulative purchases, 233-234
- frequent buyer points, 232-233
- layout, 230
- master, 231-232
- merchant external authentication, 232
- sizes, 234-235
- Smart Commerce Solutions card administration, 232
- want lists, 233-234
- loyalty programs, 226-229, 231
- merchants, 231
- Harvest Festival, 227-229
- participation, 227-229
- Scriveners Corner, 227-229
- personalizing, 238
- program components, 229-230
- purchases
- handling on Web sites, 238-239
- programs, 227-229
- scenarios for using, 228-229
- security, 235-237
- updating, 241
- utilities, 242-247
- Web sites
- purchasing, 242
- updating, 239
- SmartGate software, 124-125
- soft masks, 31, 174, 331
- counterfeit cards, 174
- software, 5-6
- assemblers, 136-137
- card-side, 5-9, 171
- APIs, standards-based, 180-184
- debugging, 176-177
- file design, 178-179
- integration, 177
- linking, 177-178
- loading, 177-178
- memory, 172-174
- readers, 179-180
- scripting, 177
- testing, 176-177
- chips, 136
- compilers, 136-137
- DCE/Snare, 124-125
- debuggers, 138
- developing
- time, 11, 30, 32
- tools, 135-142
- emulators, 139-140
- host, 5-9, 11
- Intellisoft developments, 125
- languages, 170
- microcontrollers, 135
- plug-ins, 124
- reader interfaces, 129-135
- security, 11-12
- simulators, 138-139
- smart card operating systems, 141
- SmartGate, 124-125
- SOLO, 141
- systems, 6, 11, 124
- testers, 139-140
- tools, 142-143
- V-ONE developments, 125
- see also applications
- software development kits, see SDKs
- SOLO software, 141
- specifications
- cards, financial transactions, 41
- smart cards, 53-56
- see also ANSI; ISO
- SPOM (self-programmable), 331
- SSPs (Smart Card service providers), 149, 250
- DLLs (dynamic link libraries), 152
- domain specific, 150
- Multiflex C header file, 152-156
- stamped variants, 103
- stamps, 331
- standards, 326
- American National Standards Institute, see ANSI
- certificates, 218
- IEC (International Electrotechnical Commission), see ISO (International Standards Organization) standards
- ISO, see ISO
- STARCOS cards, 165
- Start bit, 331
- Status Display window (EZ Formatter), 118
- structures, APDU ISO/IEC 7816-4 standard, 68-71
- subscriber interface module, see SIM
- supervisory block (T=1 protocol), 66-67
- SVC (stored value card), 331
- SW1 byte, 65
- swallowing smart cards, 175
- symmetric algorithms, 331
- symmetric keys, 209-212, 331
- synchronous protocol, 331
- system
- architecture, 19
- design, 17
- software, see software
T
- T=0 protocol, 57-60, 331
- command header fields, 61-62
- command header parameters, 64-65
- error detection, 60-61
- T=1 protocol, 57-59, 65, 331
- blocks, 66-67
- tag length value, see TLV
- tamper detection, 331
- tamper evident, 331
- tamper resistant, 331
- tamper response, 332
- TC 224, 54
- TCP/IP (Transmission Control Protocol/Internet Protocol), 124-125
- TE (terminal equipment), 332
- tearing smart cards, 175-176
- telephones (cellular), GSM 11.14, 181
- terminals
- commands, 105-106
- rogue, 105
- security, 206-207
- smart cards, identifying, 107-108
- see also interfaces, devices; readers
- TESA-7, 332
- testing
- software, card-side, 176-177
- testers, 139-140
- tests, 177
- timing attack, 332
- TLV (tag length value), 179, 332
- toolbars (EZ Formatter), 118
- tools
- smart cards
- editors, 116-117
- EZ Formatter, 118-123
- software
- development, 116, 135-142
- manufacturers, 142-143
- TPDUs (Transmission Protocol Data Units), 59, 332
- transactions, 332
- authentication, 201-202
- authorization, 202-203
- electronic purses, handling, 102
- integrity, 203-204
- logs, wrapping around cyclic files, 102
- nonrepudiation, 204
- privacy, 203, 220-221
- processing, 158-159
- security, 200
- time, 332
- Transmission Protocol Data Units, see TPDUs
- Transmit function, overriding, 183
- transparent files, 13-14, 74, 88, 92, 332
- transport keys, 18, 90, 332
- protocols, 90
- purposes, 94
- Tritheim SmartPort reader, 130-132
- trust
- brokers, 33
- chain of, 216-217
- establishing, 201-202
- TSA7 algorithm, 12
U
- U.S. National Institute for Standards and Testing, see NIST
- Unblock function, 151
- Unblock PIN command (Multiflex), 105, 311-312
- Unicode, 332
- unused fields, 291
- Update Binary command, 76, 99-100, 105
- ISO 7816-4, 275-276
- Multiflex, 312-314
- Update Record command, 77-78, 105
- ISO 7816-4, 280-281
- Multiflex, 314-315
- URLs (Uniform Resource Locators), 147-148
- USCO48 cards, 13
- User Auth function, 150
- utilities
- card management, 242-247
- Management Utility, 242-247
V
- V-ONE software developments, 125
- value checkers, 332
- vending machines, electronic purses, 104
- Verify button, 127
- Verify command (ISO/IEC 7816-4), 78-79, 127, 160, 284-285
- Verify Key command (Multiflex), 98, 105, 316-317
- Verify PIN command (Multiflex), 94, 100, 105, 315-316
- VerifySignature function, 152
- View Attributes button, 119
- virtual machine (Schlumberger), 184-185
- Visa
- Cash cards, 332
- CCPS (Chip Card Payment Service), 161, 171
- ICC (Integrated Circuit Card), 147, 161-162
- Open Technology Platform URL, 147
- OTP (Open Technology Platform), 162
- SET (Secure Electronic Transaction), 171
- voltage attack, 332
W
- Web sites
- Aspects SmarTest system, 177
- Cyberflex, 191
- Java Card Forum, 185
- JavaSoft, 185
- purchases, 238
- Smart Commerce Solutions, 238-239
- Smart Shopper cards
- purchasing, 242
- updating, 239
- Windows
- EZ Formatter
- Access Conditions, 121
- Advanced Controls, 123
- Attributes, 119
- Builder, 120
- Builder interface, 121
- Directory/File Attributes, 120
- Editor, 122
- Log, 118-119
- Security Manager, 119
- Status Display, 118
- smart cards
- accessing, 250
- possibility of, 146-147
- wired logic card, 333
- Write Binary command (ISO 7816-4), 75-76, 274-275
- Write function, 151
- Write Record command (ISO 7816-4), 77, 164, 278-279
- write/erase time, 333
X-Z
- X.400, 55
- X.509, 55
-
- zeroization, 333