A smart card resembles a credit card in size and shape. (See ISO 7810). The inside of a smart card usually contains an embedded 8-bit microprocessor. The microprocessor is under a gold contact pad on one side of the card. Smarts cards may typically have 1 kilobyte of RAM, 24 kilobytes of ROM, 16 kilobytes of programmable ROM, and an 8-bit microprocessor running at 5 MHz. The smart card uses a serial interface and receives its power from external sources like a card reader. The processor uses a limited instruction set for applications such as cryptography. The most common smart card applications are:                Credit cards        Electronic cash        Computer security systems        Wireless communication        Loyalty systems (like frequent flyer points)        Banking        Satellite TV        Government identification        
Smart cards can be used with a smart-card reader attachment to a personal computer to authenticate a user. (However, these readers are relatively costly, and have not been well accepted by users.) Web browsers also can use smart card technology to supplement Secure Sockets Layer (SSL) for improved security of Internet transactions. The American Express Online Wallet shows how online purchases work using a smart card and a PC equipped with a smart-card reader. Smart-card readers can also be found in vending machines.
There are three basic types of smart cards: contact chip, contactless and dual interface (DI) cards.
A contact smart card (or contact chip card) is a plastic card about the size of a credit card that has an embedded integrated circuit (IC) chip to store data. This data is associated with either value or information or both and is stored and processed within the card's chip, either a memory or microprocessor device.
The predominant contact smart cards in consumer use are telephone cards as a stored value tool for pay phones and bank cards for electronic cash payments. Contact smart cards require the placement of the card in a terminal or automatic teller machine for authentication and data transaction. By inserting the contact smart card into the terminal, mechanical and electrical contact is made with the embedded chip module.
Contactless smart cards have an embedded antenna connected to a microchip, enabling the card to pick up and respond to radio waves. The energy required for the smart card to manipulate and transmit data is derived from the electromagnetic field generated by a reader. Contactless smart cards do not require direct contact with the reader because they employ the passive transponder technology of Radio Frequency Identification (RFID). By just waving the card near the reader, secure identification, electronic payment transaction and authentication are completed in milliseconds.
Contactless chip card technology is based on two standards: ISO/IEC 14443 Type A and Type B (for proximity cards), and ISO/IEC 15693 (for vicinity cards). Cards that comply with these standards operate at the 13.56 MHz frequency. ISO/IEC 14443 products have a range of up to 10 cm (centimeters), while ISO/IEC 15693 products can operate at a range between 50 and 70 cm.
Dual interface (DI) cards, sometimes called combination chip cards, are microprocessor multi-function cards that incorporate both the functions of a contact chip card and a contactless card. Within the smart card is a microprocessor or micro-controller chip with radio frequency identification (RFID) capability that manages the memory allocation and file access. The on-board memory is shared and can be accessed either in contact or contactless mode.
This type of chip is similar to those found inside all personal computers and when implanted in a smart card, manages data in organized file structures, via a card operating system. This capability permits different and multiple functions and/or different applications to reside on the card.
A dual interface (DI) card is ideal for single and multi-application markets ranging from micro-payment (convenient alternative to low value cash transaction) to e-commerce and from ticketing in mass transit to secure identification for cross border control. Originally, such cards were intended to be used in conjunction with a reader connected to a PC for downloading tickets, tokens, or electronic money via the contact interface and used in contactless mode in the application for physical access or proximity payment
Passive radio frequency identification (RFID) devices derive their energy from the electromagnetic field radiated from the reader. Because of international power transmission restrictions at the frequencies of 125 KHz and 13,56 MHz, the contactless integrated circuits are generally low voltage and low power devices. Read/Write circuits use low voltage EEPROM and low power analogue cells. The read/write memory capacity in transponders, contact smart cards, contactless memory based smart cards, dual interface smart cards (contact & contactless) and multi-interface micro-controllers is generally limited to approximately 64 kilobytes.
The dual interface (DI) smart cards typically have an 8, 16 or 32 bit microprocessor controller, operate at a low voltage of 1.8V-5V and run at an internal frequency of 5 or 15 MHz. The open platform architecture includes memory management, non volatile memory, contactless interfaces and security features such as Advanced Crypto Engine (ACE) 1100 bit, triple DES encryption and RSA.
High performance crypto controllers with multiple interfaces such as USB, ISO 14443 Type A, B, Felica have been developed for multi-functional smart cards in applications such as security access, healthcare, electronic purse, banking etc.
The main focus of the smart card industry has been on secure card applications where large memory capacity is not of paramount importance, and/or where pertinent information and application software is stored at a centralized server location.
Copending U.S. patent application Ser. No. 10/990,296 (the '296 application) generally discloses a compact personal token apparatus, suitably resembling a conventional USB memory fob in size, shape, and form which can be plugged into a PC and interfaced with the virtual world of the Internet. The apparatus is capable of loading and storing information from the Internet, via the PC to its flash memory or EEPROM and then using the stored information or value via its contactless or wireless interface in the real world. The apparatus is capable of implementing an auto-run application, when inserted into a personal computer. The apparatus is capable of exchanging information with other devices having compatible interfaces. The apparatus can also function as a firewall when plugged between an Internet connection and a PC.
Apart from using USB tokens for file storage, they are also used for desktop settings, screen lock, network login & access control, log book, user authentication (storing digital signatures, certificates, key sets, finger-based biometric templates, usernames and passwords), digital content and transaction security as well as enterprise and Internet security.
A USB token can also be used to download emails, remotely access a PC or to open a customized browser that allows the user to surf the Web with total privacy.
Recent developments in USB flash memory drives have resulted in CDROM-like auto-run devices that automatically execute a file when the USB token is inserted into a PC. The read-only and auto-run contents are installed during the manufacturing process. Examples of auto-run contents include opening a website, running a demo application, showing a presentation, making a product pitch, providing customers with discount coupons etc.
U.S. Pat. No. 6,763,399, incorporated by reference herein, entitled “USB key apparatus for interacting with a USB host via a USB port” describes a smart card—host system that operates without the intermediation of a smart card reader. The smart card—host system comprises a host, which has a USB interface, and a portable device, which provides smart card function(s). The portable device has a smart card chip for performing the smart card function(s); a USB interface for connecting the portable device with the host via USB protocol; and a microprocessor for controlling the transfer of data between the USB interface and the smart card chip, for converting data from a USB format to the format of the smart card chip and for converting data from the format of the smart card chip to a USB format.
U.S. Pat. No. 6,801,956, incorporated by reference herein, entitled “Arrangement with a Microprocessor” describes an arrangement with a microprocessor, particularly a microprocessor for use in a chip card. The arrangement includes a microprocessor, which is connected to at least a USB interfaces and an ISO interface for exchanging data signals. A selection unit within the microprocessor may be configured to select between the USB and ISO interfaces, and a switching unit within the microprocessor may be configured to subsequently switch between the USB and ISO interfaces by initiating an internal reset of the microprocessor.
International Patent Publication No. WO 01/96990, incorporated by reference herein, entitled “USB-Compliant Personal Key using a Smartcard Processor and a Smartcard Reader Emulator” describes a compact, self-contained, personal key. The personal key comprises a USB-compliant interface releaseably coupleable to a host processing device operating under command of an operating system; a smartcard processor having a smartcard processor-compliant interface of communicating according to a smartcard input and output protocol; and an interface processor, communicatively coupled to the USB-compliant interface and to the smartcard processor-compliant interface, the interface processor implementing a translation module for interpreting USB-compliant messages into smartcard processor-compliant messages and for interpreting smartcard processor-compliant messages into USB-compliant messages.
U.S. Patent Publication No. 2003/0236821, incorporated by reference herein, describes a body wearable personal network server device having a display, function keys, alarm output indicators, a disk drive to receive and store client's data, and communication devices to communicate to its clients, such as mobile phone, personal digital assistant (PDA), personal computer, and notebook computer. A body wearable personal network device also containing software modules; such as a protocol handler to handle Internet based protocols XML/FTP/HTTP/TCP/IP, diagnostic system to automatically transmit of notification messages to its clients, and various applications to provide various services for its clients. A body wearable personal network device having gate way functionality between PAN (using BLUETOOTH wireless) and WLAN (using IEEE 802.11b).
U.S. Pat. No. 6,148,354, incorporated by reference herein, describes a flash memory device, containing one or more flash modules, in which the flash memory is mapped to the address space of an ASIC or a controller which has a USB-defined electrical interface and a USB-defined logical interface. This controller/ASIC (hereinafter termed a “controller”) supports the USB functionality according to the USB standard, thereby supporting enumeration onto the USB bus, as well as data reception and transmission over USB pipes to and from USB endpoints. This controller also supports the functionality and control of the flash memory device, as well as the processing of command and data packets from the host controller. The host controller uses one of several possible protocols, either standard or proprietary, to signal the next command to be performed to the USB flash controller. Thus, the entire device acts as a dynamically attachable/detachable non-volatile storage device for the host platform. The primary function of the controller is memory management and to directly interface between the host computing device and the flash memory.
U.S. Pat. No. 6,763,399 (“Alladin”), incorporated by reference herein, describes a portable device, for providing smart card function(s), said portable device having thereon a smart card chip, for performing said smart card function(s), a USB interface, for connecting said portable device with said host via USB protocol; and a microprocessor, for enabling at least one function selected from the group consisting of controlling the transfer of data between said USB interface and said smart card chip, for converting data from a USB format to the format of said smart card chip and for converting data from the format of said smart card chip to a USB format. The portable device is configured to translate the USB communications from USB protocol, into smart card protocol such as an ISO 7816 protocol, and from smart card protocol into USB protocol and a smart card chip operative to perform at least one smart card function such as authentication, encryption, access control and secure memory. In Alladin, the term “smart card” refers to a plastic card with an embedded chip, which interacts with a smart card reader.
Patent Publication WO01/61692, incorporated by reference herein, describes a portable data storage device comprising a coupling device for coupling to a computer serial bus, an interface device coupled to the coupling device, a memory control device and a non-volatile solid-state memory device; the memory control device being coupled between the interface device and the memory device to control the flow of data from the memory device to the coupling device. The interface device comprises of a universal serial bus (USB) driver to convert data between a USB format and a PC format. Alternatively, the interface device comprises of a driver for IEEE 1394 (FireWire) protocol. The configuration as described is a modular approach to the memory management controller provided in the U.S. Pat. No. 6,148,354.
Patent Publication No. WO00/42491, incorporated by reference herein, describes a cryptographic USB token as a compact personal token, comprising: a USB-compliant interface releasably coupleable to a host processing device; a memory; a processor, communicatively coupled to the memory and communicatively coupleable to the host processing device via the USB-compliant interface, the processor for providing the host processing device conditional access to data storable in the memory; and a user input device, communicatively coupled to the processor by a path distinct from the USB-compliant interface”. The compact personal token or key as described includes a processor and a memory which implements software protection schemes to prevent copying and unauthorized use. The personal key provides for the storage and management of digital certificates, allowing the user to store all of his or her digital certificates in one media that is portable from platform to platform. In another embodiment, the personal key comprises a biometric sensor disposed to measure biometrics such as fingerprint data. The biometric sensor measures characteristics of the person holding the key (such as fingerprints) to confirm that the person possessing the key is the actual owner of the key.