Source: Giesecke & Devrient
Giesecke & Devrient (G&D) has developed the first mobile security card offering contactless smart-card security in addition to the usual data storage functions. The new security feature is provided by a cryptography controller with an NFC-compatible interface integrated in the microSD card along with the flash memory. The Mobile Security Card CL thus serves as an ideal basis for implementing security and payment functions in cell phones and for many other mobile applications. This innovation from G&D addresses the needs of digital identity solution providers.
"The holder of a Mobile Security Card CL can now use one and the same card for authenticated access to all services requiring a digital identity, both from their home PC and when out and about from their mobile phone. The advantage for the card-issuer is that there is only one card to be administered, while the user benefits by being able to choose freely how the card is used," points out Dr. Kai Grassie, Head of G&D's New Business division.
The mobile security cards designed by G&D are suitable for use in mobile phones, smart phones, netbooks and other mobile devices, and even in USB tokens. The only requirement is that they should be equipped with a slot for microSD cards. Such cards can provide security functions for all of these devices, as well as PCs and laptops, without the need for an external smart card reader. The latest product in this family of cards, the Mobile Security Card CL, has been enhanced to include a contactless interface in addition to the integrated smart card, based on the international standards ISO 14443 and MIFARE. In order to use the card in contactless mode, the device in which it is inserted must be equipped with an antenna for the contactless communication link. The card contains two additional standardized contacts for this purpose. A battery is not required to operate the contactless interface: The necessary energy is tapped from the radio field generated by the card reader. A secure communication link is established as soon as the antenna comes within a few centimeters of the reading device.
This innovation using the ultra-compact microSD format enables a multitude of onboard security applications to be implemented in cell phones or microSD USB tokens. The range of possible contactless applications includes electronic access control to buildings, electronic event ticketing and transit ticketing, and electronic passes for companies, libraries and universities. The Mobile Security Card CL can also be used for contactless mobile payment. With its user-friendly interface for mobile phones and desktop or laptop PCs, it supports all of the usual smart card applications such as secure banking transactions, e-government, and the secure storage of digital certificates for public key infrastructure (PKI) applications. Other potential uses of the card concern the workplace environment, where it can be used for secure authentication when using single sign-on procedures to access enterprise networks, or for attaching digital signatures to documents or workflows.
All types of terminals automatically recognize the microSD format of the mobile security cards. In conjunction with the integrated user identity, this gives the cards a high added value. This can be usefully exploited to develop new, feature-rich products such as an electronic student pass with incorporated encrypted e-learning content and signature applications for electronic document submission, library passes capable of storing downloaded and copy-protected eBooks, or personal identity cards for bank accounts containing a secure banking application.