There was an effort under way to find alternate means of communications
between the card and the dock besides electromagnetic fields to reduce
the eavsdropping (em does not attenuate as quickly as sound). I recall
the power source being a primary issue (if you have a dock for the power
source, why not feed back the signal?).
Because piezzo-electrics are mature micro (mini?) technology, whereas
modulating in the presence of a power field was a bit newer, this was
another dimension. I have not followed the area, and as you point out,
marketting types are quick to coopt new technology terms to fancy up
lower technology (or inappropriate technology) products.
Vin McLellan wrote:
>
> Pieter Grobler <[EMAIL PROTECTED]> queried the Listocracy:
>
> >What is a NTT acoustic Smart Card??
> >
> >Can it be used for hardware authentication for electronic transactions?
>
> Never heard of an "acoustic smart card" from NTT, but the phrase
> "acoustic smart card" is a generic misnomer, used like the vendors of
> hand-held authentication tokens (e.g. SecurID) years ago used the phrase
> "super smart card" to indicate that their tokens had a processor, but were
> different from the traditional smart card (which, of course, requires a
> reader, while the generic HHA token does not.)
>
> The term "acoustic smart card" generally refers to a hand-held token
> the size of a thick credit card, with a keypad. The device generates sounds
> which can be transmitted over a POTS analog line: typically standard Dual
> Tone Multi-Frequency (DTMF) tones, or pseudo-DTMF acoustic signals (faster,
> with shorter intervals for pauses between tones than standard DTMF requires.)
>
> "Acoustic smart cards" are typically used both to authenticate an
> individual (with a user-memorized PIN, its a two-factor authentication),
> and/or to transmit a brief encrypted transaction from a remote location over
> analog POTS.
>
> The technique can obviously be adapted transmit any kind of brief
> message -- a crypto key, for instance, or a few fields of transaction data
> -- over analog lines, or to any sound recorder, or CPU with a microphone and
> IVR software.
>
> In direct answer to your questions, with two-factor token-based
> authentication, today's acoustic smart card is "hardware" which can
> authenticate (with a PKC or symmetric-based digsig) and encrypt maybe a
> couple of dozen characters or digits -- more than enough for transactions in
> a dedicated e-commerce system.
>
> The security and integrity of any given system would depend upon the
> crypto and the implementation, of course, but the technology is adaptable
> and chips used are likely to offer ever greater capacity over time.
>
> Suerte,
>
> _Vin
> --------
> "Cryptography is like literacy in the Dark Ages. Infinitely potent,
> for good and ill... yet basically an intellectual construct, an idea,
> which by its nature will resist efforts to restrict it to bureaucrats
> and others who deem only themselves worthy of such Privilege."
> _A Thinking Man's Creed for Crypto _vbm
>
> * Vin McLellan + The Privacy Guild + <[EMAIL PROTECTED]> *
> 53 Nichols St., Chelsea, MA 02150 USA <617> 884-5548
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
--
Daemeon Reiydelle
Systems Engineer, Anthropomorphics Inc.
[EMAIL PROTECTED]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
