Previous Table of Contents Next


Card Security Architecture

The operating characteristics of the Smart Shopper card—who can see what, who can change what, and so on—are determined by the access conditions placed on the files on the card, together with who possesses what keys stored on the card. This collection of access conditions together with the key distribution policy taken as a whole is the Smart Shopper card security architecture.

Smart Commerce Solutions has control of the overall security of the card together with control of the files in the master file and is the only entity that knows the keys in the external authorization file in the master file. Furthermore, Smart Commerce Solutions knows one key in the external authorization file in each merchant directory. This key allows Smart Commerce Solutions to block access to the external authorization file itself, if necessary. Blocking this file would essentially deactivate the merchant’s program on the card.

By virtue of knowing one key in the external authorization file in the master file, each merchant can create new files in the directory into which his program is loaded and, in the process, can set all the access conditions on these new files. The merchant knows all but cannot change any but one of the keys in the external authorization file in his directory. He can use the keys as he wishes in crafting a security architecture for his program. The merchant cannot delete files in his directory because this would let him delete the external authorization file and remove Smart Commerce Solutions’s control over activation of the merchant’s program.

Merchants can, however, activate and deactivate the frequent buyer points file. The frequent buyer point total on a Smart Shopper card is a liability for the merchant because he is obliged to exchange these points for other value. As a result, the merchant must have total control over the growth of this liability. If the merchant suspects that a particular customer is receiving unauthorized increases in their frequent buyer total—for example, by working in collusion with a store employee—the merchant can deactivate the frequent buyer point total file to immediately stop the incursion of further liability while the situation is being investigated.

The cardholder has complete control over her personal data. This control is exercised by putting a PIN access condition on all operations that view or change this data. This does not mean that the cardholder must enter or edit by hand all this information. It means that such access is impossible without the cardholder being aware that the access has been granted through the entry of a PIN. Merchant applications have to access this information, and merchants may provide convenient utilities for updating this information.

Table 10.2 lists the details about which entity can perform which actions on which files on a Smart Shopper card with Harvest Festival and Scrivener’s Corner programs loaded on it.

Table 10.2. File access conditions on the Smart Shopper card.
Directory Name FileId DIRECTORY DELETE
FILE
CREATE
FILE
REHABILITATE INVALIDATE

Master File 3F0016 Never Smart Commerce Smart Commerce Smart Commerce Smart Commerce
Merchant #1 100016 Never Smart Commerce Harvest Festival Smart Commerce Smart Commerce
Merchant #2 200016 Never Smart Commerce Scrivener’s
Corner
Smart Commerce Smart Commerce
Merchant #3 300016 Never Smart Commerce Smart Commerce Smart Commerce Smart Commerce
Merchant #4 400016 Never Smart Commerce Smart Commerce Smart Commerce Smart Commerce
Merchant #5 500016 Never Smart Commerce Smart Commerce Smart Commerce Smart Commerce

Filename FileId READ/
SEEK
UPDATE/
DECREASE
INCREASE CREATE
RECORD
REHABILITATE INVALIDATE

Master File

PIN 000016 Never Smart Commerce Never Never Smart Commerce Smart Commerce
Internal Authentication 000116 Never Never Never Never Smart Commerce Smart Commerce
Serial Number 000216 Always Smart Commerce Never Never Never Never
External Authentication 001116 Never Smart Commerce Never Never Smart Commerce Smart Commerce
Personal Data 010016 Cardholder Cardholder Cardholder Never Smart Commerce Smart Commerce
Administration 0F0016 Smart Commerce Never Never Never Smart Commerce Smart Commerce

Harvest Festival

External Authentication 001116 Never Smart Commerce Never Never Smart Commerce Smart Commerce
Points 100216 Cardholder Harvest Festival Harvest Festival Never Harvest Festival Harvest Festival
Cumulative Purchases 100316 Cardholder Harvest Festival Harvest Festival Never Harvest Festival Harvest Festival

Scrivener’s Corner

External Authentication 001116 Never Smart Commerce Never Never Smart Commerce Smart Commerce
Points 200216 Cardholder Scrivener’s Corner Scrivener’s Corner Never Scrivener’s Corner Scrivener’s Corner
Book Want List 200316 Cardholder Cardholder Never Never Scrivener’s Corner Scrivener’s Corner


Previous Table of Contents Next