Smartcards
Maria Ribaulo
Smartcards are the buzzword in the financial world today. Chip
technology of today has advanced enough so that a computer chip
can be embedded in a credit card sized card and used as a store
of cash. The US market is behind in the adaptation of this technology
but is poised to begin a more wide spread adoption of Smartcards
as financial institutions clamor for the advantages of a large
amount of float. Some issues that are being addressed is the overall
security aspect of these cards and possible other uses for a personal
card that has enough room for a large amount of data. The US seems
to be missing the vast opportunities that this type of technology
has to offer. If the level of integration into several US colleges
is any indication of the success of the Smartcard, they will soon
be appearing in wallets everywhere.
The basic properties of Smartcards is the chip and reader technology
that come together to allow a quick, accurate exchange of information.
The credit and debit card that are currently in use, do not receive
information from the reader unit when the card is swiped. The
reader only takes an account number and name off the card, verifies
the account, and available balance or credit. At the end of the
day, the reader transmits to the merchant's bank the information
it has gathered and clears the transactions (Kidwell). With Smartcard
technology, primarily supplied by Multos and Sun Microsystems,
value is deducted from the chip that is embedded in the card and
the balance stored on the card is reduced (cardtechnology.com).
The value that was deducted is then stored in the reader-like
machine and can be deposited to the merchant's account in the
same way as cash. The advantage to the merchant is that there
is no clearing time on the transaction. Another advantage to the
merchant is the lower instance of fraud per se. If the card has
no balance, the transaction will not be completed. It is obvious
that fraudulent cards will turn up as hackers gain the ability
to crack the encryption algorithms on the chips, but the merchant
will avoid some of the risk involved. The US will have an advantage
in this case because of the security issues that have already
been addressed in other countries.
On March 17, 2000 banks in France found that the security codes
to their Smartcard network had been cracked and posted on the
Internet (lafferty.com). Further research shows that the encryption
technology that the French system was using had not been changed
since 1985 (lafferty.com). This scare has forced the whole banking
system of France to bring itself up to code with the European
Central Bank (ECB) prior to its rollout of the Euro in 2002 (lafferty.com).
Security code length is one of the major issues. France is rapidly
upgrading equipment from cafés and cash-dispensers to customers'
cards in order to handle larger encryption codes that will be
more difficult to crack. Even with the technology as it stands,
fraud for the chip integrated plastic cards is .02% as compared
with .27% with magnetic swipe cards (abcnews.com). Financial institutions
in the US are gearing up to take advantage of what has been learned
and the advantages of Smartcards.
Normal usage of these cards involves having the cardholder
load the card at a bank, cash machine, or enabled phone or merchant.
The money then stays in the card until the holder presents it
to a merchant as payment. During the span of time the money is
not used, this remains on the banks books as a liability against
which the bank can invest this balance and earn short-term returns
on the funds. On average, it can be deduced that the average holder
will use most of the balance in less then one-week. Some holders
may use most of the balance in two weeks - the increasingly predominant
pay period schedule. The possibility of the holder using the card
down the last penny is slim. This remaining balance would always
float on the banks' books as a liability. For these reasons, banks
are encouraging the integration of this new product into their
lineup and will be forced to confront and decrease the risk associated
with the security issues discovered in Europe before banking regulators
will sanction widespread deployment of Smartcards. The decrease
of risk associated with this type of card lends itself to expanded
utilization of this instrument.
Rapid increases in microchip storage capacity have evolved
the potential of the Smartcard into more of a me-card. The large
capacity of these cards can carry medical records, employment
records, public-assistance identification and data, education
records, and virtually any other personal information. The increased
security risks related to this type of confidential information
is the critical issue of this functionality. However, the ability
to carry your medical records in your wallet can mean the difference
between life and death if a patient is brought to an emergency
room without a friend along to inform the staff that the patient
has a severe penicillin allergy or complex medical history. Current
public assistance cards are used as a means of identification.
Smartcards would make significant contributions to the fight against
fraud against these programs because they could store an image
of the recipient and also report information back to the agency
regarding purchases made with food credits. Food stamp fraud would
be virtually eliminated. The adoption of Smartcards on college
campuses around the country is testament to their viability as
a utility beyond financial.
Currently, several college campuses nationwide have switched
from the typical photo ID cards to Smartcards (Aston). Students
now have one card that serves as photo ID, meal plan, cash card,
academic record holder, and proof of identification beyond just
a photo. Students use the card to 'sign-in' to exams, pay for
vending and laundry, and also have an option to use it as a cash
card at local and on campus merchants. The University of Michigan's
Mcard program is the largest use of Smartcard technology with
over 95,000 cards in use (University..). The current program was
launched in the spring of 1998 and has gained widespread acceptance
throughout Ann Arbor. The University has succeeded in bringing
over 30 local merchants, from Ben & Jerry's to the local drugstore,
on line with the Mcard. The Mcard serves as ID, access card, epurse
for laundry and vending, library card, calling card, and many
other on and off campus applications. In addition to the University
of Michigan, thirty-seven other colleges in the US and over sixty-six
foreign universities have also implemented their own Smartcard
systems (University..Other). This means millions of students will
be graduating pre-programmed to use Smartcards.
Great technology is useless until it finds a way
to become integrated into industry or society. Smartcards are
on the verge of this integration. Projections for the growth of
this market are staggering. Most people are already acclimated
with the ease of using plastic cards in lieu of cash, and now
millions of students have come to expect using just one card to
replace access badges, coins and cash, laminated ID cards, and
phone cards. The banking industry needs to take the lead in this
in order to have an ample voice in the security and regulation
of these cards. Transactions with these cards need the same security
and regulation as current debit and credit cards. By working with
existing Smartcard organizations, financial institutions will
find themselves in a lucrative position as issuer and regulator
of this tool that will, no doubt, find its way into any wallet
that now carries a debit or credit card.
Works Cited
ABC News.com. 5 Jan. 2001. France Smartens Up: Exposed
Vulnerability in Country's Smart Card Prompts Action.
http://www.abcnews.go.com/sections/tech/DailyNews/smartcard000315.html
Aston University. 6 Jan. 2001.
THE SMART CAMPUS Newsletter
http://www.aston.ac.uk/smartcard/newsletter/am-newlet.htm
Card Technology.Com. 4 Jan. 2001. More Bulletins.
http://www.cardtechnology.com/more.htm
Kidwell, Peterson, and Blackwell. Financial
Institutions, Markets, and Money,
7th edition, Orlando: The Dryden Press, 2000.
Lafferty.com. 4 Jan. 2001. France hit by chip scheme
scare. http://www.lafferty.com/btsecurity/archives/000323frchipscare.shtml
Smartcard Central. 3 Jan.
2001. Research Statistics: NEW: WorldWide SmartCards Market
Forecast (Millions of Dollars and Millions of Units) http://www.smartcardcentral.com/research/
University of Michigan. 6
Jan. 2001. The University of Michigan's Smartcard. http://www.mcard.umich.edu/
University of Michigan. 6
Jan. 2001. Smartcard Other Links. http://www.mcard.umich.edu/otherLinks.htm