Smart cards, whether they are contactless and/or have contacts, are used inter alia in cashless payment transaction or as access authorization. The smart cards usually include a smart card module (FIG. 1A illustrates by way of example an at least inter alia contactless smart card module 100), having a chip 110 for storing and/or processing the confidential data or data having a monetary value, which chip for forming the smart card 101 can be arranged in a smart card body 220 (see FIG. 1B: the smart card body 220 is also equipped with a booster antenna 222 by way of example for an at least inter alia contactless utilization, said booster antenna comprising a chip coupling region 224, within which the smart card module 100 can be arranged). The chip can be mounted on a chip carrier 116, e.g. a substrate or a leadframe, and can customarily be encapsulated (not visible in the schematic plan view) in order to protect the contacting and the chip 110 against mechanical loads.
The encapsulation is usually formed by a covering compound or an encapsulation material being applied to the already mounted and contacted chip 110. The encapsulation can be formed for example as so-called glob top applied by dispensing, or a so-called mold cap formed by applying a molding compound under high pressure.
In some smart card modules or smart cards, however, an external access to the chip may be possible. External access means that the chip can be exposed chemically, mechanically, by a laser and/or plasma and can be contacted externally in the functioning state. Such methods are used for manipulating chips or e.g. to read out the data stored in the chip 110. One aim of such attacks may also be to ascertain the chip design for reproductions. Another conceivable aim of the attack is to use the chip 110 improperly in some other way.
An attack includes stripping away the chip encapsulation in such a way that the chip 110 is exposed as far as possible without being destroyed and such that it still functions electrically. The unprotected chip 110 can then be examined with regard to its mode of functioning and the stored data during its operation by physical attacks. The physical attacks may include for example so-called “probing”, in which the signals of the chip are tapped off and evaluated. In so-called “forcing” the conductor tracks of the chip are rewired at a microscopic level in order to manipulate the functional sequence of the chip.
On the part of the electrical industry, particularly in the field of pay television, also referred to as pay TV, and cashless payment transactions, there is great interest in preventing attacks on the corresponding chips. Companies incur great financial losses owing to manipulation of the semiconductor chips used for decrypting the pay TV programs broadcast in an encrypted fashion.
A further field that is particularly affected by smart card manipulations is the field of credit and cash cards. Owing to the improper manipulation of credit cards or cash cards, the affected companies and/or card holders incur financial damage.
Another field of application in which the smart cards should be protected against manipulation is the storage of security-relevant or sensitive data, for example in smart cards used as access authorization, electronic passports or patient cards having data concerning medical history.
Without additional protection of the chip surface, the chip 110 can be attacked as soon as the encapsulation (e.g. the molding compound) has been removed.
Such attacks may generally concern any type of packaged, e.g. encapsulated, semiconductor components (e.g. chips), also referred to as semiconductor packages: in addition to the smart card modules described, for example, including semiconductor packages which can be used on printed circuit boards in a wide variety of applications.