Smart Card Operating System Development


Smart card chip operating machine (COS) has traditionally been designed with no precise application in thoughts. However, there are a few standard functions that are always required ex: card authentication, terminal authentication, cardholder authentication, read and replace, get admission to, secured examine and updated access, and so forth, that are required by way of each software. This sort of COS can be organization beneath the class referred to as standard purpose COS. When used as a banking card, financial value is saved in a record (handbag file) protected by replacing and read get admission to. The study and update get admission to, card & terminal authentication are managed by secret keys in the POS terminal. The entire device protection relies on the fact that the terminal is trusted.

In a widespread purpose COS, the handbag document is debited by letting the POS read the fee, debiting the amount to be debited, and replacing returned into the report. For safety purposes, the access to the purse documents ought to be ciphered with a session key. From the safety factor of view, the rule of want-of-understand foundation should observe—the POS terminal handiest required to debit the purse report. However, a well-known motive COS will allow replace get right of entry to through the terminal. Thus inherently, the terminal has both debit and credit functionality.

Operating System

Although the terminal is relied on simplest to carry out the debit characteristic, the security design necessities have to be very high due to the fact if the keys are compromised in a POS terminal, someone may be capable of carrying out credit score characteristic based totally on the secrets and techniques internal a POS terminal. A payment COS, except having examined and updated get entry to manage for information documents, must also have a credit score and debt to get entry to for handbag documents. Thus, a merchant POS terminal is best required to debit a banking card to understand the debt key. Even if the game’s name in the POS terminal is compromised, no one can create cash fraudulently. This is a primary difference between a standard reason COS and a price COS.

In a banking application, there can be a demand to cater to substitute debt at some point when goods are rejected (replacement with 0 debit quantity) or records access errors by the cashier (substitute debt with the aid of any other fee). COS will employ examine and replace admission to the handbag report to put in force the fictitious debit function, consequently having the identical security trouble. An excellent fee chip working gadget has to be capable of support this characteristic. It must be noted that a replacement debit isn’t always a credit feature and need to be no longer carried out just like the credit feature, i.e., there is not want to prove the know-how of the credit key if you want to perform this feature. Rather, it needs to depend on the POS terminal’s capability to show that it is the terminal that performs the preceding transaction to carry out a replacement debit function. Although the substitute debit feature can be a beneficial characteristic, the smart card can most effectively ensure a secured mechanism of appearing the bogus debit feature. The POS terminal and the again-quit host must also carry out the complementary features to ensure that this selection is applied securely.

Depending on the weighting of hazard and flexibility needed with the aid of the issue, the company must be able to select if the bogus debit function is to be definitely disabled, to permit simplest in the course of the present-day consultation with the card before the card is pulled out or can be accomplished any time earlier than another transaction is performed. It needs to be referred to that not all chip running machine that says to be delegated for price utility can support this feature.

By the regulation of physics, if updating of statistics right into a medium is interrupted, the information is corrupted, irrespective of whether it’s far a tape, a disk, or a smart card. A trendy motive COS or even a few feet COS can best detect that the purse report is corrupted. However, a cleverly designed charge COS can change a handbag file thru dual backup incremental modifications of the current and previous balance to constantly ensure that although the card is pulled out anytime at some point of the update, the stability is not corrupted. In a banking utility, it’s miles very critical for the card to no longer best show to the terminal that the amount is certainly debited from the card thru a Card Debt Certificate (CDC). Still, also it’s far finished via a particular terminal.


CDC = f(debit quantity, terminal certificate, debit key)

The terminal certificates need to be particular to a particular terminal and for every transaction. A general-purpose COS or even some price delegated COS is not able to try this. The POS terminal must verify the CDC to ensure that the debit command to the card isn’t intercepted from the card and a fake CDC back to trick the terminal. But requiring the POS terminal to confirm the CDC means that if the secrets in the terminal are exposed, there can be a potential security problem. To prevent this capacity protection trouble, the card should produce a Card Signature Certificate (CSC) to sign the debit transaction with a key not found within the POS terminal. A trendy reason COS or even a few prices delegated COS isn’t always capable of doing that.

Credit characteristic is the maximum touchy operation inside the entire machine. There are claims that a single DES operation can be damaged effortlessly if one has masses of cash ( 1 million $), superb information of cryptography, good hardware, and semiconductor ASIC fashion designer to design a software unique IC to carry out a DES computation in a single clock cycle and have lots of such chip in parallel technique. Potentially, a double DES may be broken within the future. Thus a triple DES is known to be safe even in the future with the aid of specialists. Thus, the credit score characteristic needs to require a double or triple DES computation.


It isn’t the goal of this paper to do a product evaluation but to study the banking card device’s highest safety requirements – what they may be, why it is important, and what’s the possible implication if it isn’t always done within the precise way. These must then served because the evaluation criteria to look if there’s any smart card command to perform the feature. There are many tiers of security:

  • – a layperson can’t ruin the security
  • – an information era employees can not break the safety
  • – the equipment suppliers can not smash the safety
  • – the device application programmers cannot destroy the security
  • – the device dressmaker himself break the safety


Also, no longer all clever cards have the same security. Even if the great safety clever card is selected, the system should also be designed to exercise all safety features supplied by using the smart card. There have not to be any vulnerable factors within the complete gadget, of which the smart card is handiest a tiny element. Still, the complete device key management and security architecture are based on. Eric Wilhelm.Banking and structures designer. Security in Banking. Encryption Schemes

Previous articleOperating Systems
Next articleInstalling the Chrome Operating System
Harlan J. Whelan
Pop culture fanatic. Tv scholar. Coffeeaholic. Zombie maven. Food advocate. Analyst. Enthusiastic about buying and selling cannibalism in Pensacola, FL. Had some great experience licensing robotic shrimp in Phoenix, AZ. Earned praise for analyzing accordians for farmers. Enthusiastic about training lint in Libya. Earned praised for my work researching wooden tops in Orlando, FL. Crossed the country exporting the elderly in Jacksonville, FL.