Increasing numbers of organizations which issue transaction cards to their users, customers, or employees require cards tailored to meet the requirements of their particular service or application. These organizations also want the cards to contain data about the cardholder. Existing transaction cards encode such data in a magnetic stripe on the back of the card but the amount of data that can be held by a magnetic stripe is limited. A new type of transaction card embeds a microprocessor computer chip in the plastic of the card to greatly increase the card's data storage capacity. Additionally, sophisticated card applications specific to the card issuer can execute in certain varieties of the chips, and the chip may also contain a type of operating system. Transaction cards with embedded chips are referred to in the industry as portable programmed data carriers, more commonly called “smart cards.” The chip in a smart card is generally programmed with initialization and/or personalization data at the same time as the surface of the card is being embossed and/or printed.
The initialization data comprises three major types of information: application data, security data, and printed data. The application data is common to all cards for a given card application and includes application program code and variables. The security data prevents fraudulent use of the card and is usually provided in the form of “secure keys.” Printed data, such as a logo, bar codes, and various types of numerical information, are placed on the surface of the card. Some or all of the same data can also be embossed on the surface. Optical technology also can be employed to make part or all of the surface of the card into a storage medium with data accessible by an appropriate optical reader.
Smart cards are also programmed with information specific to an individual cardholder through a process called “personalization.” The personalization information for a smart card is similar to the personalization information currently contained on non-smart cards, such as the cardholder's name, account number, card expiration date, and a photograph. Because of its increased storage capacity, the chip in a smart card can contain additional data beyond the basic information on the standard transaction card including a graphical representation of the individual's signature, data defining the types of service the cardholder is entitled to, and account limits for those services.
Current systems from performing smart card initialization and/or personalization include a controller or a personal computer which is connected to a personalization station. All of the smart card programming data required for the personalization process is sent from the controller or personal computer to the personalization station which programs the smart card. An application running on the personalization station controls the programming of the smart card. Many current personalization stations have a limited capacity to handle the increasingly sophisticated personalization process as the size and functionality of smart card computer chips increase. Such limitations include the memory, processing capacity, and buffer size of the personalization stations.
In addition, personalization stations may require access to external resources which provide security services or access to card data. The external resources, particularly the security services, are expensive infrastructures to repeat for each personalization station. Also, communication between the personalization station and the external resource is limited by the speed of the communication link between them. In addition, the application development environment available on the personalization stations is often unique and lacking in development tools.
Therefore, there is a need for a personalization system which overcomes the limitations on memory capacity and processing flexibility of current personalization stations. There is also a need for a personalization system which can share external resources between multiple personalization stations.