:-)
It should be obvious. But it's not. A few billions
of investment in smart cards says that it is anything
but obvious.
To be fair, the smart card investments I've been
familiar with have been at least very well aware of
the problem. It didn't stop them proceeding with
papering over the symptoms, when they should have
gone for the underlying c
iang
my claim about the paradigm is that during the 80s, there was start of lot of investment by all sorts of parties into smartcards ... targeted for the portable computing market niche ... where the state of the art would allow relatively powerful computing and memory in such chips ... but the technology didn't exist for portable input/output technology .... as a result there also had to be ISO international standards for the input/output stations that would interoperate with the smartcards. that market niche started to disappear in the early 90s with the appearance of portable input/output technology associated with cellphones and PDAs. by this time, at least several billion dollars had been invested in the technology.
somewhat to recoup (at least some portion of) the investment, there has been some searching for alternative market niches for the
technology. In the early 90s, my wife and I consulted to some agencies on aspects of this. one such target was emergency medical information .... a person could carry their complete medical records in such a form factor .... and in a life&death emergency .... the emergency crews could pull out the victims card and insert it into their locak, offline, portable display technology and have access to the victims complete medical records. The problem in this scenario was that an emergency first responder isn't likely to be able to make use of the victims medical records in offline manner. First off, if it is a real emergency ... how does a first responder do other than triage. Typically for anything that involves anything more complicated ... the first responder has to go online to "real" doctors at some remote location. If you have a real online environment ... to real (remote) doctors ... then a much better solution is to have something that authenticates the victim ... and the consulting doctor then has some mechanism for locating and retrieving the online medical records (as opposed to first responder being able to make sense out of a victim's complete medical records).
Another niche for the technology was offline financial transactions ... for parts of the world where online connectivity was difficult, non-existent and/or extremely expensive. the smartcard would contain the business rules and logic for performing (offline) financial transaction interacting with random merchant terminals. Two issues arise here .... there is a significant mutual suspicion (lack of trust) problem between random merchant terminals anywhere in the world and random consumer smartcards anywhere in the world; and the technology started to be deployed at a time when online connectivity was starting to become ubiquitous and easily available in most places in the world. An example is the european deployed stored-value (offline) smartcards in the 90s compared to the rapid market penetration of stored-value (online) magstripe (gift, affinity, merchant, etc) cards in the US .... making use of the ubiquitous nature of online connectivity available in the US. Again, which the availability of online .... the problem changes from requiring a very expensive and trusted distributed offline infrastructure and offline distributed business rules .... to the much more simple problem of requiring (increasingly strong) authentication.
So the financial oriented infrastructure has seen some amount of "skimming" threats and exploits with the terminals and/or networks. Even if the smartcard paradigm is just reduced to a (dumb) chipcard that only provides strong authentication .... the issue is does the consumer completely provide their own environment ... or do they have to depend on (and trust) randomly located terminals at random locations around the world.
Part of the authentication issue ... is the 3-factor authentication model
* something you have
* something you know
* something you are
the "card" (or chip) provides the "something you have" piece.
in order to add "something you know" ... requires the consumer entering a pin or password; the issue then becomes does the consumer trust some randomly located pin-pad. there is a similar issue with whether the consumer trust their own biometric sensor or would they trust somebody else's biometric sensor.
a consumer owned cell phone .... could presumably provide both a consumer trusted pin-pad ... and w/o a whole lot of magic ... a consumer camera cell phone could be used for sensor for various kinds of biometric info.
some part of the issue is that the original target market niche for smartcards (portable computing with fixed interoperable input/output stations) started to evaporate after a lot of the investment had been done but before there was a lot of deployment and investment recovery.
Anne & Lynn Wheeler http://www.garlic.com/~lynn/
