The term “smart card” is generally used to describe a card that employs an integrated circuit (IC) device (e.g., a microchip) to facilitate one or more functionalities of the card. Smart cards may be used in a variety of contexts (e.g., as phone cards, credit cards, debit cards, membership cards, transit cards, identification cards, etc.). The incorporation of IC devices provides additional features beyond the scope of those offered by traditional transaction cards (e.g., cards that employ a magnetic stripe or a bar code).
As may be appreciated, the realization of such additional features entails the transfer of data between a memory of a smart card and a card reader or other interface device. Such data transfer and additional functionalities are carried out in accordance with protocols associated with a given card operating system (COS) provided on a smart card. Data transfer between a smart card and a card reader may be facilitated by way of physical contact between a portion of the smart card and the card reader in the case of a “contact smart card” or may be facilitated by way of wireless communication between the smart card and the card reader (e.g., using RF or other wireless technologies) in the case of a “contactless smart card.”
In light of the proprietary nature of information stored on a smart card, it is advantageous to provide security measures to protect such stored data from being accessed by unauthorized parties that may seek to exploit the proprietary data. To facilitate such security measures, the COS may comprise logic (e.g., an application or series of applications, executable files, etc.) stored on the smart card to facilitate secure transmission of data between a memory on the smart card and a card reader or the like. A variety of security regimes may be provided in conjunction with a COS to protect data transferred during use of a smart card, including, as an example, the use of various encryption techniques for encryption/decryption of transferred data. Non-limiting examples of various security regimes that may be employed on a smart card can be found in U.S. Pat. No. 5,682,031 to Geronimi, U.S. Pat. No. 5,684,742 to Bublitz et al., and U.S. Pat. No. 7,353,403 to Kim, all of which are hereby incorporated by reference in their entirety.
During production processing of smart cards, “pre-personalization” processing operations may be employed prior to the personalization of a card for a given end user. The pre-personalization process may encompass a variety of operations, including unlocking the IC device (e.g., unlocking via a specific encryption key), loading and/or initialization of a COS specified by a given card issuer (e.g., a given credit card issuer, debit card issuer, gift card issuer, etc.), transfer and/or verification of security data utilized by a given card issuer, toggling a COS (e.g., selecting one of a plurality of preloaded COSs or applications specific to a customer or card issuer), testing of card functionality, re-locking the COS with customer specific transport key, etc. Each of such operations may entail a data signal interface between the smart cards and production processing componentry.
After pre-personalization, production processing of smart cards typically entails one or more operations that prepares each given smart card for use by a corresponding card issuee. By way of example, smart card personalization may entail printing operations, embossing operations, and/or data transfer operations (e.g., data transfer with an IC device or magnetic stripe).