Smart cards have been a lot longer coming than was predicted, but 2002 is probably the time for a large scale take-up of this desirable technology. The technology itself is remarkable, involving a complete computer, with input/output capability, on a single chip.
This "microcomputer" is obviously very small, but it must also have very low power consumption and above all must be very cheap. This means that it is only applicable to high volume applications. The dominant application to date is probably SIM cards in mobile phones, but it is the use of a microcomputer on a conventional sized plastic card, similar to the common credit card that is likely to cause a lot of activity.
The current credit cards store data on a magnetic stripe, which is cheap and relatively simple. It is possible to write to such a card but in practice the cards are preformatted when distributed, encoded with basic data such as an identification and parameters such as maximum limits, etc. These cards use a contact reader and thus wear out all too frequently. They can only store a small amount of fixed data. Inevitably, even in huge quantities, the smart card will be more expensive than a magnetic stripe card, so we should investigate what advantages there are to justify the extra cost.
Purely from a cost perspective the immediate advantage is that the one physical card, with a significant memory, can replace a number of other cards, even if no added functionality is provided. What a blessing that would be. But simply aping the data on a magnetic stripe fails to utilise the potential of the processor on the chip. It is relatively easy to write and update data as well to read it, so that transactions can be processed and the results retained. The simple example is to use the card as a replacement for cash. The bank machine updates the card with an amount of cash debited from your account. The merchant’s system records the amount spent and also debits the same amount from the card, which can be topped up when convenient.
The processor on the card is powered from the reader device when it is activated. There is an operating system, typically a Java Virtual Machine (JVM), embedded but more importantly applications, specialised Java applets for instance, can be loaded to personalise the card, not just the data but the application as well.
The card and reader must be connected. On the systems targeted at magnetic stripe card replacement there is a physical slot in the reader which makes electrical contact with the card when it is inserted. However radio frequency and/or infra red technologies can also be employed. These allow the card to be connected to the reader without an actual physical contact. A common example of this type of device is one being introduced on London Underground for season ticket holders. The smart card holds personal details, etc. and the services that have been purchased such as valid zones and the expiry date. When an update is needed the card is simply refreshed at the ticket counter, there being no need to replace it, avoiding irritating queues. These cards are proximity activated, not via slot readers.
Security is obviously a key feature. The smart card itself can be used in personal security systems as an application in itself. These are coupled to time recorders, automatic locks, etc. This has always been a need in commercial organisations, but now with the growth of the Internet and home shopping there is a demand for an equally sophisticated system for each and every PC. Microsoft have recognised this by including the basic APIs in Windows XP to support a smart card reader attached to a PC, mainly for Internet security purposes.
There are two major stumbling blocks to the mass take up of smart cards, first standards and second the huge investment needed to make the transition from magnetic stripe equipment. Standards are essential, otherwise if there are a variety of smart card types, each with their own readers, then we will finish up with multiple cards and the big advantage will be lost. There are needs for physical standards, standard for supporting loadable applets and standard protocols for secure communication between card and reader, let alone standards for intercommunication between reader and financial and other services. Fortunately the dominance of credit card organisations such as Visa and MasterCard has lead to a lot of recent progress, which is why I feel that 2002 is the year of lift-off.
