|
|||||
|
|
|||||
Related Technologies
|
This page provides a short description of several smart card related
technologies:
One Time PasswordIn today’s competing working environment, organizations are opening up their networks and applications for access by a wider group of employees, business partners and customers. The traditional static password method of securing that access can no longer meet today’s information security requirements. PKI (Public Key Infrastructure) technology addresses this issue but comes with a non negligible Total Cost of Outsourcing. A good compromise between the static password and PKI is One Time Password technology. Although not new, this technology has until recently been a niche market for proprietary solution providers. The initiative for Open Authentication (OATH), of which Gemplus is a contributing member, proposes a standardized implementation of a One Time Password algorithm (HMAC-based OTP Algorithm). |
|
OTP Deployment Cycle:
A company which wants to deploy OTP based authentication for their employees would go through the following steps:
- Upgrade the existing IT legacy infrastructure to support the OTP technology
- Perform employee registration, physical issuance and data provisioning
- Set-up a Help Desk for broken tokens, lost password and temporary access
The actual deployment of OTP is simplified by its similarity with static password systems. OTP authentication servers are Radius based and integrate easily to existing IT infrastructures. Typically no changes are necessary on depending applicative systems. The employees’ database needs to be augmented to associate each employee with their issued OTP token. Other operational logistics however depend to a large extent on the technology supplier.
OTP & Gemplus:
To simplify the operational logistics, while at the same time maintaining their inherent security, Gemplus offers the following technologies:
- Multi-form factor OTP token design
- Smart card based manufacturing and personalization of OTP tokens
- Provisioning and direct user distribution of the hardware tokens
- Dynamic life cycle management of the issued OTP tokens
Additionally Gemplus is bringing the OTP technology into its wireless product line, so that Mobile Network Operators can leverage the technology for their own subscriber base, employees and business partners.
The Java Card platform is based on a subset of the Java language, tailored to smart card limited resources. It provides card application developers with a familiar language and user friendly environment, independent of the card operating system or chip used.
The Java Card platform standardization process is driven by the Java Card Forum.
The Java Card technology allows to dynamically download new applications to the card after issuance. A sophisticated card management framework has been defined by Global Platform, an industry-wide association.
Gemplus offers a full range of Java Card based products for all market segments. See the GemXpresso and GemXplore pages.
Public Key cryptography has proven to be a fundamental enabler for many security-based applications and most forms of electronic transactions. PK cryptography relies on a trusted association between users and their cryptographic keys.
A Public Key Infrastructure (PKI) is a set of services vouching for user identities, and binding cryptographic public keys to users (typically in "X.509 certificates" - see Glossary.)
PKI-based applications are everywhere:
- secure e-mail - secure access to protected web sites (SSL)
- virtual private networks (VPN)
- digital signature of electronic documents
- etc...
Smart cards are ideally suited to public key cryptography. They can securely store private keys and certificates, and perform cryptographic operations using the private key without exposing it. This is why smart cards are often part of PKI-based applications.
Gemplus is heavily involved with PKI-based applications:
- ResIdent, a set of smart card-based e-Government & ID programs
- SafesITe, a complete range of products, software and services for corporate security solutions
- New generation SIM (see below) also play a growing role in PKI. For example the WIM function (WAP Identity Module) is based on PKI.
Run our animation to understand what is PKI.
Smart card provide secure user authentication and is mainly used in GSM standard as "Subscriber Identification Module" (or "SIM"). The SIM is the major component of the GSM market paving the way to value-added services.
The role of the SIM has extended far beyond subscriber authentication. Its secure storage capabilities allow it to host for example a personal, portable phone directory. Thanks to the SIM Toolkit technology (see below), it can offer new menus, prerecorded numbers for speed dialing, and can send pre formatted short messages (SMS) to query a database.
The SIM is today at the heart of hundreds of mobile applications. Just have a look at some success stories. White papers, brochures and related documents are available here.
The SIM Application Toolkit is a set of commands which defines how the card should interact with the telephone handset it is inserted in. It extends the communication protocol between the card and the handset. SIM Application Toolkit is often referred to as "SIM Toolkit" or even as "STK" for brevity.
With SIM Application Toolkit, the SIM card has a proactive role in the handset. The SIM can send commands to the handset, piloting to some extent the handset interface and the connection to the network.
The SIM ToolKit allows to create additional menus on the phone screen that provide a user-friendly access to the operators' service portfolio. The customer interface can be tailored to both operator and subscriber needs and can be updated at any point in the future (through OTA technology, see below). It gives access to a whole range of services from mobile entertainment to m-banking and has contributed to large percentages of operators' non-voice revenue.
The SIM ToolKit page describes the technology and provides additional material (whitepapers, case studies, brochures) as well links to Gemplus related products and ETSI standards reference.
OTA (Over-The-Air) is a technology used to communicate with a SIM card without being connected physically to the card. OTA is based on client/server architecture where the server-side part is an operator back-end system (customer care, billing system, application server… ) and the client part is a SIM card inserted in a telephone handset.
OTA applications allow to update data in the SIM card without having to reissue it. New services can be downloaded and activated directly without having customers returning to a retail outlet.
A more complete description of OTA technology can be found here. Case studies, presentations and links to Gemplus OTA products can also be found from this page.
3G stands for the third generation of wireless communication technology. It includes a large set of improvements in wireless data and voice communications through any of a variety of proposed standards. The immediate goal is to raise transmission speeds from 9.6K to 2M bit/sec.
3G Technologies allow mobile telephony operators to provide mobile customers with new and exciting services such as high-speed internet access, videoconferencing and television streaming among many others.
The Universal Subscriber Identity Module (or "USIM") is obviously at the heart of 3G technologies. Visit our 3G pages to learn more about 3G and the exciting potential of USIM today.
Contactless cards are smart cards powered and able to communicate by means of radio frequency (RF); there is no need for batterry or physical contact between the card and the reader.
Gemplus contactless cards are used globally in mass transit, access control, payment, loyalty , identity and also in the new e-Passport applications as consumers and service providers require improved transaction speed, convenience and security.
At a distance of up to 10cm, the contactless card carries out read/write operations with a coupler. Chip power supply and data are carried by the RF signal. When there is more than one card in the antenna field, the contactless card's anti-collision mechanism ensures that communication occurs with the right card.
An expert in contactless technology, Gemplus provides reliable, secure and
easy to use contactless cards in varied applications.
Look at our FAQ (Flash animation)