Re: Financial identity is *dangerous*? (was re: Fake companies, real money)
At 10:41 PM +0200 10/23/04, Eugen Leitl wrote: No, that's going to be the mobile phone. Certainly getting to be like Chaum's ideal crypto device. You own it, it has its own I/O, and it never leaves your sight. Cheers, RAH -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA ... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire' - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Are new passports [an] identity-theft risk?
* Dave Emery: Correct me if I am wrong, but don't most of the passive, cheap RF or magnetic field powered RFIDs transmit maybe 128 bits of payload, not thousands and thousands of bits which would be enough to include addresses, names, useful biometric data and so forth ? Those that perform actual cryptographic operations can store tens of thousands of bits. Even older tags (without proper crypto) easily reach 2**15 bits. These tags (for example, MIFARE) are usually not considered RFID tags by privacy activists, even though they can be read at some distance (but not with COTS equipment). Contactless readers are only used for user comfort (you can leave the card in your purse) and to counter vandalism, not for tracking purposes. The tags you are referring to are RFID tags used in logistics which usually provide only very, very few bits (which sometimes can't even be changed). - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
RE: Financial identity is *dangerous*? (was re: Fake companies, real money)
At 9:30 AM -0400 10/25/04, Trei, Peter wrote: If we're going to insist on dedicated, trusted, physical devices for these bearer bonds, then how is this different than what Chaum proposed over 15 years ago? I don't think that face to face will be necessary. It just means keeping control of your keys, etc. You can stash bearer-bonds on the net in m-of-n storage, where nobody knows what's what, paid by the bit, etc. If you just add a requirment for face to face transactions, then I already have one of these - its called a wallet containing cash. Certainly bits are smaller. See above, though. Cheers, RAH -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA ... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire' - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Financial identity is *dangerous*? (was re: Fake companies, real money)
Alan Barrett wrote: On Sat, 23 Oct 2004, Aaron Whitehouse wrote: Oh, and make it small enough to fit in the pocket, put a display *and* a keypad on it, and tell the user not to lose it. How much difference is there, practically, between this and using a smartcard credit card in an external reader with a keypad? Aside from the weight of the 'computer' in your pocket... The risks of using *somebody else's keypad* to type passwords or instructions to your smartcard, or using *somebody else's display* to view output that is intended to be private, should be obvious. :-) It should be obvious. But it's not. A few billions of investment in smart cards says that it is anything but obvious. To be fair, the smart card investments I've been familiar with have been at least very well aware of the problem. It didn't stop them proceeding with papering over the symptoms, when they should have gone for the underlying causes. iang - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Printers betray document secrets
Ben Laurie wrote: This only works if the marks are not such that the identity of the printer is linked to the marks (as opposed to being able to test whether a particular document was produced by a particular printer). To be really safe, I'd suggest going somewhere without surveillance cameras, buying a printer for cash, using it and then destroying it. Don't forget not to use your car and leave your mobile phone behind. Oh, and take the RFID tags out of your clothes. It's actually quite an amusing problem. When put in those terms, it might be cheaper and more secure to go find some druggie down back of central station, and pay them a tenner to write out the ransom demand. Or buy a newspaper and start cutting and pasting the letters... In more scientific terms, is there a way to efficiently print an anonymous paper document? (By anonymous, I mean a document that leaves no easy clues back to the author.) When creating ones anonymous political pamphlets revealing the latest government scandal, one might need the help of RFC 666, how to print anonymous pamphlets with modern printers. E.g., something like: acquire a HP inkjet and a Brother laser. Disengage the ink drying fan in the Brother. Print the page through the Brother then print the same page (wet!) through the HP within 5 seconds. For paper, use fishchip wrap, cleaned with sarsons and dried for 30 mins under a tanning lamp with the UV filter removed... iang - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Financial identity is *dangerous*? (was re: Fake companies, real money)
On Sun, 2004-10-24 at 09:35 -0400, [EMAIL PROTECTED] wrote: | [EMAIL PROTECTED] writes: | | I'm pretty sure that you are answering the question | Why did Microsoft buy Connectix? | | The answer to that one is actually To provide a | development environment for Windows CE (and later XP | Embedded) (the emulator that's used for development | in those environments is VirtualPC). Thank you for | playing. TILT No need to buy a company just to use its product in your development shop. Please insert additional coins. I'd thought it was so Microsoft could offer an emulation-based migration path to all the apps that would be broken by Longhorn. MS has since backed off on the new filesystem proposal that would have been the biggest source of breakage (if rumors of a single-rooted, more *nix-like filesystem turned out to be true). -- Roy M. Silvernail is [EMAIL PROTECTED], and you're not It's just this little chromium switch, here. - TFS SpamAssassin-procmail-/dev/null-bliss http://www.rant-central.com - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Financial identity is *dangerous*? (was re: Fake companies, real money)
[EMAIL PROTECTED] writes: No need to buy a company just to use its product in your development shop. They're not using it in their development shop, that's their standard development environment that they ship to all Windows CE, Pocket PC, SmartPhone, and XP Embedded developers (and include free with every copy of MSDN). If an entire branch of my OS development was centered around a particular technology, I'd want to make sure I owned both the technology and the developers who created it and will be maintaining/updating it in the future. This isn't an optional add-on that MS uses internally, it's a core component of their embedded OS effort that they push out to anyone who'll take it in an attempt to dissuade them from going with QNX, embedded Linux, VxWorks, etc etc. Peter. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Are new passports [an] identity-theft risk?
At 06:11 AM 10/24/2004, Ian Grigg wrote: The questions would then be, what frequency do these things operate on, what power is required to power them up, and what power is required to ... power them down. Any radio guys around? There's an excellent RFID reference article at http://www.acmqueue.com/modules.php?name=Contentpa=showpagepid=216 RFIDs run at a variety of frequencies, including 128 kHz, 13.56MHz, 915 MHz, 2.45GHz, which are the common ISM bands that lots of other things run in, such as cordless phones, WiFi, Microwave ovens, etc., which means that detecting readers may be tough. It doesn't take a lot of power to power them; not sure what it takes to fry them. Bill Stewart [EMAIL PROTECTED] - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
E-Vote Vendors Hand Over Software
http://www.wired.com/news/print/0,1294,65490,00.html Wired News E-Vote Vendors Hand Over Software By Kim Zetter? Story location: http://www.wired.com/news/evote/0,2645,65490,00.html 03:00 PM Oct. 26, 2004 PT In an effort to increase the integrity of next week's presidential election, five voting machine makers agreed for the first time to submit their software to the National Software Reference Library for safekeeping, federal officials said on Tuesday. The stored software will serve as a comparison tool for election officials should they need to determine whether anyone tampered with programs installed on voting equipment. The National Software Reference Library is part of an election security initiative launched by the U.S. Election Assistance Commission, a new federal entity that Congress created after the Florida 2000 election problems. The EAC is the first federal entity established to improve the integrity and efficiency of elections. DeForest Soaries, chairman of the EAC, in June requested software from the largest voting companies, which provide 90 percent of the software to be used in computerized voting machines on Tuesday. The EAC will eventually ask all voting companies, even those that produce counting software for punch card machines, to submit their software. Soaries called the library a major step and praised the vendors for their willingness to increase the transparency of elections. Their acceptance of our request to submit their software begins the process that assures the country that we will have (a) higher level of security and therefore confidence in e-voting than we have ever had before, Soaries said in a press conference. The National Institute of Standards and Technology -- the agency that sets official measurements and defines standards for all kinds of commercial products -- will maintain the voting software library. NIST already manages a library of other types of software, like the Windows 2000 operating system, to help law enforcement investigate crimes involving computers. Doug White, the library's project leader, said NIST stores applications on CDs in a room that is similar to a criminal investigator's evidence locker, which means the software can be used as evidence in a court. Counties and states will eventually be able to use the library to verify that they are using a certified version of software. This is good news to Scott Konopasek, the registrar of voters for San Bernardino County in California. In September, after California certified a new version of software for his county's voting system, the vendor, Sequoia Voting Systems, sent Konopasek the software to load on his machines. But when Konopasek asked the state to verify that the software the vendor gave him was unchanged from the version the state certified, state officials told him they had no means to verify it and that Konopasek would have to trust the vendor. Vendor trust was precisely the measure of verification the state was using last November when it discovered that Diebold Election Systems had installed uncertified software on machines in 17 California counties without telling the state. NIST's voting software library was established too late this year to examine software that has already been loaded onto locked voting machines, so election officials won't be able to verify that they have unchanged, certified software before Tuesday's election. But if questions about the veracity of a voting system arise after the election, computer forensic experts will be able to compare the software used on machines with the software in the NIST library to see if the software was altered. They can do this by comparing hash files, which are digital fingerprints that identify the integrity of software. The hash is a mathematical sum derived from the software code. If someone changes the software, the mathematical sum changes as well. This gives us one more mechanism for assuring voters that their votes have been recorded and reported correctly and haven't been tampered with, Konopasek said. There's no one single thing that election officials will ever be able to do to convince everyone. But the more we can add to our inventory of audits and controls, the more we can establish confidence of voters -- not just the technically savvy voters, but all voters. Soaries acknowledged that the library alone can't secure elections and voting systems but can only work in concert with other procedures. And the EAC still has to work out several issues related to the library, such as who will be responsible for checking hashes before an election if county election officials don't have someone knowledgeable on staff to do so. EAC has to determine how best to handle patches, or last-minute fixes and upgrades to machines. Currently, it will be up to the county and vendor to decide whether to resubmit that software to the library before an election. And the EAC has to establish a policy for dealing with
Re: Financial identity is *dangerous*? (was re: Fake companies, real money)
This is what I love about the Internet -- ask a question and get silence but make a false claim and you get all the advice you can possibly eat. OK, I (quite happily) stand corrected about why Microsoft bought Connectix -- it was cheaper given their extensive dependence on the Virtual PC product, including redistribution to outside parties. That's fascinating, actually. Now the reason I brought this up was it seemed like a Heaven- sent bit of circumstantial evidence[1] to inference about a larger business strategy question. That question still stands, but I'll have to look harder for corroborating evidence. --dan, on the road [1] Some circumstantial evidence is very strong, like finding a trout in the milk. -- Henry David Thoreau - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Deadline extended to November 5th - Fourth Annual PKI RD Workshop
--- begin forwarded text From: Carl Ellison [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Deadline extended to November 5th - Fourth Annual PKI RD Workshop Date: Tue, 26 Oct 2004 21:00:01 -0700 Thread-Index: AcS72W7c3/cyBY4hSTyGnbNT4eKDuQ== Sender: [EMAIL PROTECTED] The deadline for paper submissions to the Fourth Annual PKI RD Workshop: Multiple Paths to Trust and has been extended until 5:00 PM Pacific time on Friday November 5th. http://middleware.internet2.edu/pki05/http://middleware.internet2.edu/pki05/ This year, the workshop has a particular interest in how emergent trust mechanisms will interact with each other mechanisms at the technical, policy and user levels. Clifford Neuman Program Committee Chair --- end forwarded text -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA ... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire' - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
New 32-bit SIM Chip from STMicroelectronics
The core includes dedicated DES (Data Encryption Standard) instructions for Secret Key cryptography, and a fast Multiply and Accumulate instruction for Public Key (RSA) and Elliptic Curve cryptography, plus a CRC (Cyclic Redundency Check) instruction. A firmware cryptographic subroutine library is located in a secure ROM area to save designers the need to code first-layer functions. http://www.tmcnet.com/usubmit/2004/Oct/1087666.htm Technology Marketing Corporation TMCNet [October 27, 2004] New 32-bit SIM Chip from STMicroelectronics Will Benefit Mobile Phone Multimedia Services GENEVA, Oct. 27 /PRNewswire-FirstCall/ -- STMicroelectronics has announced a new smartcard MCU in its ST22 range -- based on the SmartJ(TM) Java-accelerated RISC architecture -- which integrates 256-kbytes of EEPROM memory with a high performance CPU to support the demands of multimedia applications on the latest mobile phones. With sales of multimedia-equipped handsets booming, mobile communications operators supporting 3G (Third Generation) and 2.5G mobile phones need (U)SIM cards (Universal Subscriber Identity Modules) that have sufficient memory capacity to store Multimedia Messaging System (MMS) data, video, and photographic images, coupled with the capability to transfer and use this data efficiently to provide advanced phonebooks and audio-visual services. 2.5G is an intermediate level of service that uses an enhanced second-generation technology to provide some of the 3G features over GPRS (General Packet Radio Service). The ST22N256 is perfectly in line with the growing demand for secure high-performance chips with high-speed interfaces and a large memory capacity, for use in 2.5 and 3G SIMs, said Reza Kazerounian, General Manager of ST's Smart Card ICs Division. ST already offers the largest range of secure 32-bit processors for smartcard systems, and will remain at the forefront of smartcard silicon suppliers as 3G takes off. The SmartJ CPU core at the heart of ST22 Family -- which the new ST22N256 now combines with 256-kbytes of EEPROM -- is a 32-bit RISC-architecture core developed specifically to provide very fast execution of Java, the programming language commonly used for small applications, or applets, downloaded to mobile phones. The ST22 augments its own highly efficient native RISC instruction set with a hardware decoder that directly converts Java bytecodes into native microcode instructions, thereby eliminating the overhead and lower performance of processors based on Java emulation. The result is not only very fast Java execution but also reduced power consumption. An essential component of all GSM (Global System for Mobile Communications) mobile phones, the SIM card stores critical subscriber authentication information; private data such as personal phone directories, messages, audio, and images; and the operating system and operator's multimedia environment. With the quantity and size of users' MMS messages increasing, operators will now be able to provide increased storage for subscriber data without impacting user friendliness, due to the exceptional performance of the ST22N256's SmartJ processor, and its communication through a fast Asynchronous Serial Interface (ASI) which enables 440-kbit/s communication speeds with mobile equipment, in line with the fastest deployments of ISO 7816 in the GSM world. Two additional serial I/O ports are also provided. The Java-accelerated CPU ensures that the ST22N256 not only provides the memory needed for today's multimedia services (M-services), but also the processing power to exploit it. The core, with 24-bit linear memory addressing, is complemented by 368-kbytes of on-chip ROM, 16-kbytes of RAM, and a set of standard peripherals and custom plug-in circuits. Logical and physical security mechanisms are fully integrated into the silicon, including a hardware Memory Protection Unit for application firewalling and peripheral access control, and a protected Context Stack. The core includes dedicated DES (Data Encryption Standard) instructions for Secret Key cryptography, and a fast Multiply and Accumulate instruction for Public Key (RSA) and Elliptic Curve cryptography, plus a CRC (Cyclic Redundency Check) instruction. A firmware cryptographic subroutine library is located in a secure ROM area to save designers the need to code first-layer functions. The ST22 product platform is supported by a comprehensive Integrated Development Environment, which allows coding, compilation, and debugging using a common interface. It provides a code-generation chain that includes a C/C++ compiler, a native and JavaCard assembler and a linker, plus a SmartJ instruction set simulator, C/C++ source level debugger, and hardware emulation tools. Operating System developers currently working with the 128-kbyte ST22L128 will be able to benefit from the design continuity offered by the ST22N256, as well as its immediate availability and compliance with the fastest
[Publicity-list] DIMACS Workshop on Mobile and Wireless Security
* DIMACS Workshop on Mobile and Wireless Security November 3 - 4, 2004 DIMACS Center, Rutgers University, Piscataway, NJ Organizers: Bill Arbaugh, University of Maryland, [EMAIL PROTECTED] Presented under the auspices of the Special Focus on Communication Security and Information Privacy. The rapid growth of both voice and data wireless communications has resulted in several serious security problems in both the voice and data spaces. Unfortunately, many of the early security mistakes made with wireless voice communications were repeated with data communications, i.e. the use of flawed authentication and confidentiality algorithms. For example, the standards committee for 802.11 left many of the difficult security issues such as key management and a robust authentication mechanism as open problems. This has led many organizations to use either a permanent fixed cryptographic variable or no encryption with their wireless networks. Since wireless networks provide an adversary a network access point that is beyond the physical security controls of the organization, security can be a problem. Similarly, attacks against WEP, the link-layer security protocol for 802.11 networks can exploit design failures to successfully attack such networks. This workshop will focus on addressing the many outstanding issues that remain in wireless cellular and WLAN networking such as (but not limited to): Management and monitoring; ad-hoc trust establishment; secure roaming between overlay networks; availability and denial of service mitigation; and network and link layer security protocols. We will seek to extend work on ad hoc networking from a non-adversarial setting, assuming a trusted environment, to a more realistic setting in which an adversary may attempt to disrupt communication. We will investigate a variety of approaches to securing ad hoc networks, in particular ways to take advantage of their inherent redundancy (multiple routes between nodes), replication, and new cryptographic schemes such as threshold cryptography. ** Workshop Program: Wednesday, November 3, 2004 9:00 - 10:00 Breakfast and Registration 10:00 - 10:15 Welcome and Overview of Program Fred Roberts, DIMACS Director 10:15 - 11:00 Wireless Authentication Overview William Arbaugh 11:00 - 11:45 Role of Authorization in Wireless Network Security Pasi Eronen, Nokia 11:45 - 12:30 Network Access Control Schemes Vulnerable to Covert Channels Florent Bersani 12:30 - 2:00 Lunch 2:00 - 2:45 802.11 Authentication and Keying Requirements Jesse Walker, Intel 2:45 - 3:30 Secure and Efficient Network Access Jari Arkko, Ericsson 3:30 - 4:00 Break 4:00 - 5:00 Extending the GSM/3G Key Infrastructure Scott Guthery, CTO Mobile-Mind, Inc. 5:00 Social Event Thursday, November 4, 2004 8:30 - 9:00 Breakfast and Registration 9:00 - 9:45 Wireless Security and Roaming Overview Nidal Aboudagga, UCL 9:45 - 10:30 A Proposal for Next Generation Cellular Network Authentication and Authorization Architecture James Kempf, DoCoMo USA Labs 10:30 - 11:00 Break 11:00 - 11:45 Threshold Cryptography and Wireless Roaming Dan Geer and Moti Yung 11:45 - 12:30 Securing Wireless Localization Zang Li, Rutgers 12:30 - 2:00 Lunch 2:00 - 3:30 Discussion Period- how to move forward, hard problems? William Arbaugh 3:30 Closing ** Registration: Pre-registration deadline: October 27, 2004 Please see website for registration information. * Information on participation, registration, accomodations, and travel can be found at: http://dimacs.rutgers.edu/Workshops/MobileWireless/ **PLEASE BE SURE TO PRE-REGISTER EARLY** - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Europe opts for biometric passports
http://news.com.com/2102-1012_3-5429679.html?tag=st.util.print CNET News Europe opts for biometric pasports By Lars Pasveer http://news.com.com/Europe+opts+for+biometric+pasports/2100-1012_3-5429679.html Story last modified October 27, 2004, 5:56 PM PDT Ministers for European Union member states agreed on Tuesday to adopt biometric passports. The first biometric passports are set to arrive in 18 months and initially will record the facial characteristics of the bearer. In three years, European travelers will also have to provide a fingerprint for the passport. The facial and fingerprint data will be stored on an embedded chip, along with a digital copy of the bearer's photo. The decision, made at a meeting of interior ministers in Luxembourg, is not yet final. Austria, Finland and the Netherlands have voiced minor concerns about the proposal, but they will probably not turn out to be insurmountable obstacles. The European push for biometrics is heavily influenced by a United States policy change for passports for people from visa waiver countries after the Sept. 11 attacks. U.S. plans to introduce a biometric passport requirement by this fall for these countries were widely seen as unrealistic. However, by Oct. 26 next year, all visitors from these countries will have to provide a machine-readable passport with biometric data. -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA ... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire' - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Financial identity is *dangerous*? (was re: Fake companies, real money)
-- R.A. Hettinga wrote: [The mobile phone is] certainly getting to be like Chaum's ideal crypto device. You own it, it has its own I/O, and it never leaves your sight. Is there a phone that is programmable enough to store secrets on and sign and decrypt stuff? The ideal crypto device would be programmed by burning new proms, thus enabling easy reprogramming, while making it resistant to trojans and viruses. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG Fkc1LRTOk91ROlSR8FZ74DmqbH7hISIn+MSojROa 4nrRtvxhCmqe2NdvICprDQBO78fHoQXljK45ROM2W - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: MCI set to offer secure two-way messaging with strong encryption
MCI Inc. will offer secure two-way messaging through its SkyTel Communications subsidiary next month, encrypting wireless text with the Advanced Encryption Algorithm. Note that they don't say it's end to end encryption: Messages are encrypted between the device and an encryption server at SkyTels secure network operations center. And presumably wiretappable there. John - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Financial identity is *dangerous*? (was re: Fake companies, real money)
At 03:31 PM 10/25/2004, Ian Grigg wrote: :-) It should be obvious. But it's not. A few billions of investment in smart cards says that it is anything but obvious. To be fair, the smart card investments I've been familiar with have been at least very well aware of the problem. It didn't stop them proceeding with papering over the symptoms, when they should have gone for the underlying c iang my claim about the paradigm is that during the 80s, there was start of lot of investment by all sorts of parties into smartcards ... targeted for the portable computing market niche ... where the state of the art would allow relatively powerful computing and memory in such chips ... but the technology didn't exist for portable input/output technology as a result there also had to be ISO international standards for the input/output stations that would interoperate with the smartcards. that market niche started to disappear in the early 90s with the appearance of portable input/output technology associated with cellphones and PDAs. by this time, at least several billion dollars had been invested in the technology. somewhat to recoup (at least some portion of) the investment, there has been some searching for alternative market niches for the technology. In the early 90s, my wife and I consulted to some agencies on aspects of this. one such target was emergency medical information a person could carry their complete medical records in such a form factor and in a lifedeath emergency the emergency crews could pull out the victims card and insert it into their locak, offline, portable display technology and have access to the victims complete medical records. The problem in this scenario was that an emergency first responder isn't likely to be able to make use of the victims medical records in offline manner. First off, if it is a real emergency ... how does a first responder do other than triage. Typically for anything that involves anything more complicated ... the first responder has to go online to real doctors at some remote location. If you have a real online environment ... to real (remote) doctors ... then a much better solution is to have something that authenticates the victim ... and the consulting doctor then has some mechanism for locating and retrieving the online medical records (as opposed to first responder being able to make sense out of a victim's complete medical records). Another niche for the technology was offline financial transactions ... for parts of the world where online connectivity was difficult, non-existent and/or extremely expensive. the smartcard would contain the business rules and logic for performing (offline) financial transaction interacting with random merchant terminals. Two issues arise here there is a significant mutual suspicion (lack of trust) problem between random merchant terminals anywhere in the world and random consumer smartcards anywhere in the world; and the technology started to be deployed at a time when online connectivity was starting to become ubiquitous and easily available in most places in the world. An example is the european deployed stored-value (offline) smartcards in the 90s compared to the rapid market penetration of stored-value (online) magstripe (gift, affinity, merchant, etc) cards in the US making use of the ubiquitous nature of online connectivity available in the US. Again, which the availability of online the problem changes from requiring a very expensive and trusted distributed offline infrastructure and offline distributed business rules to the much more simple problem of requiring (increasingly strong) authentication. So the financial oriented infrastructure has seen some amount of skimming threats and exploits with the terminals and/or networks. Even if the smartcard paradigm is just reduced to a (dumb) chipcard that only provides strong authentication the issue is does the consumer completely provide their own environment ... or do they have to depend on (and trust) randomly located terminals at random locations around the world. Part of the authentication issue ... is the 3-factor authentication model * something you have * something you know * something you are the card (or chip) provides the something you have piece. in order to add something you know ... requires the consumer entering a pin or password; the issue then becomes does the consumer trust some randomly located pin-pad. there is a similar issue with whether the consumer trust their own biometric sensor or would they trust somebody else's biometric sensor. a consumer owned cell phone could presumably provide both a consumer trusted pin-pad ... and w/o a whole lot of magic ... a consumer camera cell phone could be used for sensor for various kinds of biometric info. some part of the issue is that the original target market niche for smartcards (portable computing with fixed interoperable input/output stations) started to
