Mifare, Oyster and ITSO Cards Hacked Smart Card & Identity News

dentity News • Smart Card & Identity News • Smart Card & Identity News • Smart Card & Identity News • Smart Ca 

ews • Smart Card & Identity News • Smart Card & Identity News • Smart Card & Identity News • Smart Card & Id 

mart Card & Identity News • Smart Card & Identity News • Smart Card & Identity News • Smart Card & Identity Ne 

rd & Identity News • Smart Card & Identity News • Smart Card & Identity News • Smart Card & Identity News • Sm 

dentity News • Smart Card & Identity News • Smart Card & Identity News • Smart Card & Identity News • Smart Ca 

January 2008 Volume 17 • Number 1 

Smart Card & Identity News 

Smart Cards, SIM, Biometrics, NFC and RFID 

www.smartcard.co.uk 

Mifare, Oyster and ITSO 

Cards Hacked 

5 • Payzone To Target The 

'Unbanked' With Pre-paid Card 

6 • Interview With Remy De Tonnac 

11 • Versatile Hardware Security With 

Cryptographic RF Smartcards 

Mifare: Little Security, Despite Obscurity was the title of the paper given at the 

24th Congress of the Chaos Communication Congress that took place in Berlin 

on the 28th December 2007. Given by Karsten Nohl (University of Virginia) 

and Henryk Plötz but also involving Starbug from the Chaos Computer Club 

the presentation gave a first hand account of reverse engineering the Crypto-1 

algorithm employed in the Mifare RFID chips. These chips are widely used 

particularly in the mass transit area such as the London transport Oyster card 

and the ITSO cards deployed across Scotland. 

There have been various responses from the main adopters of the technology 

ranging from ‘it’s an alleged attack’ to it doesn’t really matter because we have 

other security techniques. Let there be no doubt this is not alleged, it really has 

happened and although the full details have not been published in the paper it 

seems clear that the authors know what they are doing. We understand from 

Karsten Nohl that they have agreed with NXP (nee Philips Semiconductors 

who bought the original technology from Mikron in 1998) not to publish any 

further details before March. As Karsten points out they are not in the business 

of creating a manual for free riding. The original source of their interest was OV 

Chipcard, the new public transport scheme due to be released in the 

Netherlands next year and which also uses the Mifare technology. 

As to the question of it doesn’t matter then you have to immediately ask why 

you are using a smart card in the first place, here is the latest ITSO press release, 

14 • Mifare (In)security Update 

January 2008 

Alleged Mifare Crypto "hack" 

ITSO is aware of the recently reported alleged hacking of the Mifare® classic 

security system used in many commercial transport smartcard systems around 

the world. 

Continued on page 4…. 

©2008 Smart Card News Ltd., Worthing, England. No part of this publication may be reproduced, stored in a retrieval system, or transmitted in 

any form or by any means, electronic, mechanical, optical, recording or otherwise, without the prior permission of the publishers.

Smart Card & Identity News 

Is published monthly by 

Smart Card News Ltd 

Head Office: Smart Card Group, 

Columbia House, Columbia Drive, 

Worthing, BN13 3HD, UK. 

Telephone: +44 (0) 1903 691779 

Fax: +44 (0) 1903 692616 

Website: www.smartcard.co.uk 

Email: info@smartcard.co.uk 

Managing Director – Patsy Everett 

Subscriptions & Administrator – 

Lesley Dann 

Editor –John Owen 

Contributors to this Issue – Tom 

Tainton, Remy De Tonnac, Carl-Otto 

Künnecke, David Everett, Eustace 

Asanghanwa, Legic 

Printers – Hastings Printing Company 

Limited, UK 

ISSN – 1755-1021 

Editorial 

Disclaimer 

Smart Card News Ltd shall not be liable 

for inaccuracies in its published text. 

We would like to make it clear that 

views expressed in the articles are those 

of the individual authors and in no way 

reflect our views on a particular issue. 

All rights reserved. No part of this 

publication may be reproduced or 

transmitted in any form or by any 

means – including photocopying – 

without prior written permission from 

Smart Card News Ltd. 

© Smart Card News Ltd 

Smart Card & Identity News • January 2008 

Well the Xmas holiday season is well and truly 

over but not without a flurry of activity at the 

Chaos Communication Congress held in Berlin 

at the end of December. Researchers Karsten 

Nohl (University of Virginia), Starbug and 

Henryk Plötz from the Chaos Computer Club 

Patsy Everett reported their reverse engineering attacks on the 

Mifare Crypto-1 security algorithm. It looks to 

be just a matter of time before they prove their 

results with a practical demonstration. I leave the more technical 

discussions to others which you will find reported in our lead story 

and also with an update on Mifare security from David Everett which 

we originally reported in 2004. 

So what does all this mean to you and me? Should we stop 

using our Oyster card or write to the Major of London, Ken 

Livingstone, to warn him of the dangers? Well we don’t need to stop 

using our cards because the loser here is the service provider who has 

the risk of providing the service to hackers for free. This was also my 

differentiation between a hacker and a researcher, the former sets out 

to abuse the commercial service upon which the technology is 

unraveled by the researcher. Clumsy perhaps but one just seems 

much nicer than the other. 

The problem for the user would be if the Mifare card is used 

as any form of identifier to an account such as an epurse or what 

have you, then you stand to lose by having the hacker empty your 

account. It’s a bit like payment cards today, the banks usually try to 

make you prove that you didn’t use the card rather than them prove 

you did. That’s not so good in a scenario full of copied or emulated 

cards. 

However significant as this may be, my memory of 2007 is 

all about data loss. This culminated in the HMRC’s loss of CDs 

containing the records of 25 million people. It’s a classic example of 

the failure of government departments to manage people’s privacy a 

point made by many security experts in their concerns about the 

National ID register. Worse still concerns have also been raised 

about the NHS national records service and other large scale public 

data bases. Just before Xmas we also heard about the Post Office 

sending out account records to the wrong people. 

Stolen laptops were also high on the list of data loss in 2007 

and it just seems inconceivable to me that this data is not encrypted. 

There must be hundreds of commercial products available to protect 

this sort of data, why isn’t it being used? Encryption of data and 

smart cards for access control are fundamental security controls yet 

the organisations you would most expect to be using such techniques 

are seemingly falling down on the most basic principles. 

The banks through Mastercard and Visa have been 

progressively enhancing the security of cardholder data most recently 

with the Payment Card Industry (PCI) Data Security Standard (DSS) 

that must be adopted by all organisations storing or processing card 

holder data. Is the government really that far behind? Let’s hope that 

in 2008 we see evidence of a more credible security approach. 

Patsy. 

Our Comments 

Dear Subscribers, 

2

Contents 

Regular Features 

Lead Story - Mifare, Oyster and ITSO Cards Hacked …...……………..1 

Events Diary …………………………………………………………3 

World News In Brief .…………………………………...…………. 4,7 

Industry Articles 

Interview with Remy De Tonnac – CEO of Inside Contactless ……… 6 

Growing market for PIN applications ..………………………………. 9 

Versatile Hardware Security With Cryptographic RF Smartcards …….. 11 

Mifare (In)security Update January 2008….………………………….. 14 

LEGIC embeds badge and purse into NFC mobile phones ...………... 17 

Buying into Contactless Payment …………………………………….. 19 

Events Diary 

January 2008 

16-18 Omnicard 2008 - Berlin, Germany 

13-15 Intersec Middle East - Dubai, UAE 

22-23 Global Payments Strategies - Brussels, Belgium 

22-23 Nordic Card Markets - Stockholm, Sweden 

29-30 Global RFID ROI 2008 - Munich, Germany 

29-30 2nd Annual Card & Payment Developments in CEE - Vienna, Austria 

February 2008 

5-6 Cards & Payments Innovation Summit 2008 - Barcelona, Spain 

11-14 GMSA MobileWorld Congress 2008 - Barcelona, Spain 


3

…. Continued from page 1 

Although smart cards of the same type may be used in the ITSO environment, the risk of this kind of attack has 

been recognised throughout the development of the ITSO environment and ITSO uses an internationally 

recognised security system which sits over and above the proprietary security algorithm that has reportedly been 

cracked. 

Schemes using Customer Media of this type within the ITSO environment can be assured that, even if an 

individual card can be cracked (and it reportedly took the alleged hackers a week to do so), their transport 

products in the card still remain secure when the security seal is verified by the ITSO Secure Application 

Module (ISAM). 

ITSO, being a multi-platform Specification and environment, also offers its members the opportunity to use 

other, more secure, alternative Customer Media types, should they be required. 

Now maybe ITSO has come up with something revolutionary but it seems to us that if you have cracked the 

crypto algorithm then you are capable of copying, emulating or counterfeiting commercial Mifare cards and 

their contents without detection by the terminal. In other words you could produce a copy of a card containing 

perhaps an annual first class rail ticket. No matter what cryptography has been applied to that electronic ticket if 

it’s not an integral part of an authentic and verifiable smart card instrument then the terminal can’t tell one from 

another. Of course you may become aware of multiple copies of such a ticket but again it’s not obvious how 

you can effectively manage that process. 

Just for the avoidance of doubt neither can you protect against replays but please read an updated version of 

our original article on Mifare (In)security published in this month’s newsletter. 

David Everett, Technical Editor. 

News In Brief 

US Passport Card Criticized By 

Privacy Advocates 

Passport cards for Americans who travel to Canada, 

Mexico, Bermuda and the Caribbean will be 

equipped with technology that allows information on 

the card to be read from a distance. The technology 

was approved Monday by the State Department and 

privacy advocates were quick to criticize the 

department for not doing more to protect 

information on the card, which can be used by U.S. 

citizens instead of a passport when travelling to other 

countries in the western hemisphere. 

The technology would allow the cards to be read 

from up to 20 feet (6 meters) away. This process only 

takes one or two seconds, said Ann Barrett, deputy 

assistant secretary for passport services at the State 

Department. The card would not have to be 

physically swiped through a reader, as is the current 

process with passports. 

The technology is inherently insecure and poses 

threats to personal privacy, including identity theft. 

Ari Schwartz, of the Center for Democracy and 

Technology, said in a statement. Schwartz said this 

specific technology, called 'vicinity read', is better 

suited for tracking inventory, not people. 

The State Department said privacy protections would 


be built into the card. The chip on the card will not 

contain biographical information, Barrett said. And 

the card vendor, which has yet to be decided will also 

provide sleeves for the cards that will prevent them 

from being read from afar, she said. 

A 2004 law to strengthen border security called for a 

passport card that frequent border crossers could use 

that would be smaller and more convenient than the 

traditional passport. Currently, officials must swipe 

travellers' passports through an electronic reader at 

entry points. 

The technology change for passport cards was 

initially proposed in October 2006, and public 

comments closed on Jan. 7, 2007. The State 

Department received more than 4,000 comments, 

and most were about the security of the technology. 

To relieve a backlog at U.S. passport offices, the 

Bush administration recently delayed a requirement 

that Americans present passports when crossing the 

U.S. border by land or sea. The administration 

wanted to begin requiring passports or passport cards 

in mid-2008, but Congress mandates that the rule not 

go into effect until mid-2009. 

4

Payzone To Target The 'Unbanked' 

With Pre-paid Card 

A joint venture between the Luxembourg-based 

Bank Invik and Payzone plc, announced the launch 

of a new pre-paid debit card, "payzone worldwide 

money". The new card was being trailed in London 

and the South East in the run-up to Christmas and 

will be rolled-out nationwide in Q1 2008. 

The card is targeted at the estimated 3 million people 

in the UK that do not have a bank account and who 

are at increasing risk of being excluded from 

engaging in an increasingly card-based economy. As 

banks tighten up on sub-prime lending a record 3.27 

million credit card applications were turned down in 

the UK between April and September last year, and 

the numbers of the 'unbanked' in the UK have been 

further swollen by the estimated 1.9 million 

immigrants now working in the UK, many of whom 

are from the new EU states such as Poland and 

Romania and who find it difficult to access 

traditional banking services. 

A Mastercard-branded product, the payzone 

worldwide money card can be loaded with up to 

£350 in cash per transaction, with no credit checks. 

The re-usable card will cost £6.99 with loading costs 

of £4 for up to £100 and £8 for up to the maximum 

of £350. 

Egyptian ID Cards Proposed 

The Egyptian Government has finally decided on 

issuing two Identity Cards for each of its nations 

50 Million applicants. 

The first card is for Ministry of interior applications 

such as ID, Driving license, E-passport, etc, while the 

second Card will be for all the other government 

services such as Health cards, Family cards, Tax 

cards, etc. 

Dr.Ahmad Darwish the Egyptian minister of 

administrative development and the National ID 

committee chairman will give a key note speech at 

Cardex conference during the 25th – 27th May 2008 

informing the industry about the details of this mega 

project which is expected to be the biggest project in 

the region for many years to come. 

Gemalto To Provide Yemen's 

National Electronic ID System 

Gemalto, announced that it has been selected to 

deliver the electronic ID cards solution 

commissioned by the Ministry of Interior of Yemen 

for the next national elections. Under the contract, 

Gemalto will implement the whole solution including 

enrolment processes, creation of a secure biometric 

national registry, maintenance, local support, training 

and integration services, as well as provide the 10 

million Smart ID cards that will see Yemen step in 

the digital security era. The first cards will be 

delivered to the Yemeni citizens during first half of 

2008, and the program will reach completion by 2009 

when the population is to vote for the new 

Parliament. 

Smart Card Communication To Be 

Based On HTTP 

Sagem Orga GmbH and the Software Quality Lab (slab) 

at the University of Paderborn have extended 

their research cooperation by a further two years 

following one year of successful project work. 

Next Generation Java Card is the new specification 

for Java on Smart Cards from Sun Microsystems 

GmbH. Among other things, this new standard 

envisages integration of a Web server and support of 

servlets. A servlet is an object that dynamically 

generates responses to queries. Servlets allow 

dynamic content to be added to a Java-based Web 

server. 

The cooperation with s-lab relates to the current 

issue of servlets on Smart Cards. It builds on the first 

successfully completed project "Secure and highperformance 

standard Java implementation on a 

Smart Card platform", in which the prototype of a 

Java Virtual Machine for the Next Generation Java 

Card was implemented. 

"The card of the future will be Web-enabled, i.e. 

communication with the card will preferentially be 

based on HTTP," says Carsten Rust, Project Manager 

at Sagem Orga. "Development of card applications 

will thus move closer to Web application 

development and so be possible for a larger number 

of developers. We aim to create the conditions for 

that as part of the project. Basic services on the card 

can be developed as servlets and so can be integrated 

simply by application developers in more extensive 

systems." 


5

Interview with Remy De Tonnac – CEO of 

Inside Contactless 

By Tom Tainton, Smart Card News 

Tom Tainton 

SCN 

On the 7 th of January 2008 Motorola announced a strategic investment in Inside 

Contactless, bringing the potential of NFC technologies and contactless payments closer 

to the consumer than ever before. This capped off a successful year for Inside 

Contactless which included recognition at the Sesames and Remy De Tonnac, the CEO 

of Inside Contactless earning the ID trail blazer award for his efforts. I spoke to De 

Tonnac to gauge just how important the deal was for the smartcard market and the 

future of NFC. 

Congratulations on Motorola’s investment, does this signal the progress that Inside 

Contactless has made in recent years? 

Thank you very much. I would say absolutely, yes. The interest from global brands is a reflection of our 

progress, and how far Inside Contactless has come from a small start up to where we are today. We have been 

in the woods so to speak for many years, and now we are venturing out of the woods. 

How will the investment benefit your company, and in particular how will this affect the 

consumer market? 

The investment is crucial to us in that we have strong assurance that someone is helping us to push NFC. It is a 

strong indication of our potential, Motorola have backed us and believe in our aims and the technology to we 

have worked so hard to deliver. Our credibility has been enhanced, a factor that we feel is as important as any 

financial gain. Of course, it is a strategic investment from their perspective. Motorola will expect a return for 

the investment, and we are confident we can deliver that. Over the next 2-3 years we aim to have the NFC 

application within 50% of commercial phones. 

Is there an expected date that we will see NFC being introduced on a large scale, and in 

which country do you envisage this being trialled? 

Everyone in the industry agrees players such as Nokia, Motorola and of course competitors like NXP that 2010 

will be the year of mass deployment. In 2009 we are already likely to see over 100 million devices on the market 

with NFC capabilities. Currently we have successful trials here in France, Orange is utilizing NFC in Bordeaux 

and of course London has had successful trials with the Oyster card. We believe mass deployment will focus 

initially on Asia and we are very confident that it is a case of ‘when’ and not ‘if’. 

Does the US Market interest you as a potential pathway for NFC introduction? 

Absolutely, but whereas the UK adopts a dual interspace technology with regards to Visa, MasterCard and the 

London Underground, the US payment system emulates magnetic stripe applications. It is a misconception that 

Inside Contactless are two separate business units with one kind of chip specific to finance and credit cards, and 

another specific to applications used by the likes of Nokia and Motorola. We do in fact utilise the same IP 

block and low power consumption in all our products. We are currently paving the way to deploying the 

appropriate infrastructure within the US to accept our technology. 

How will you strive to eradicate any concerns with the NFC technology? 

I believe that we have passed this point. A few years ago issues were raised but today we have a reliable 

platform and tested technology to support NFC which has been proven to be just as reliable as contactless 

cards. There are certainly no additional concerns. Today’s is a different business model which crucially is more 

flexible than previously. For example, it is unlikely that credit card or personal information will be stored in the 

SIM card. Instead, it will be stored in a separate secure unit. 


6

What are the changes or differences you see in market demand today as opposed to five years 

ago? 

I don’t know if you are aware but five years ago I was working as a venture capitalist and looking at the 

emerging markets, so I feel very qualified to answer this particular question. 2002 was the year after the 

technology ‘bubble’ had burst, and the market had begun to slow down. There are no major differences in 

demand to note, although it was around the time that Bluetooth was adopted with a very similar appetite to the 

enthusiasm that surrounds NFC today. 

Do you think your impressive financial pedigree as well as international recognition (De 

Tonnac was awarded the ID trail blazer award) attracted Motorola and other major players to 

invest? 

Excuse my lack of modesty, but definitely, yes. Inside Contactless were rewarded with an innovation award at 

the Sesames 2007. In the same way that an employer looks at a resume, investors look at how successful our 

company is. We have an annual turnover of 200 million US dollars and employ over 500 people worldwide. In 

my experience, an investor considers three factors. First, an interest in the NFC market which Motorola 

certainly has. Secondly, satisfaction with the technology and intellectual property which I believe we provide 

and finally, the right people and appropriate management for the task. 

So what are the critical factors in Inside Contactless’ success? 

Consistency. We have had the same people working for us for 12 years and we all share the same goals. Our 

technicians are experts in their fields who live, breathe, eat, sleep and drink contactless cards. We are engaging a 

crusade to introduce NFC to the world! We have 60 patents and a healthy bottom-line profit; the company 

really has come a long way. We hold 70% of the market share because of our assets such as our microprocessor. 

In an innovative market we have continued to make breakthroughs, and we are a forerunner in the industry 

because of this. 

Finally in light of the Motorola investment, what are your long and short term goals? 

In the short term, over the next 12 months we want to gain a strong position within the US and develop some 

revenue streams. We will tap into new markets such as the UK, and Canada which is moving towards dual 

interface technology. We also aim to capitalise on Motorola’s investment by speeding up the NFC adoption 

process. In the long term, we will massively invest in software and increase our chip sales. We must be willing 

to go public and primarily make some money! 

De Tonnac predicts a bright future for NFC, and is confident that he and his staff can lead the explosion of 

contactless applications. With continued high performance, and financial injection from major players, Inside 

Contactless seems to have all the ingredients for success. De Tonnac’s latest coup in signing Motorola to the 

cause will only serve to enhance his company’s already lofty reputations in the industry. 

News In Brief 

Australian Go Card Transport 

Systems Crash 

Queensland news have reported the new Go Card 

smartcard system has suffered another devastating 

credibility blow - only a day after the Bligh 

Government boasted the long-overdue project was 

"going well" and nearing completion. 

Thousands of morning peak-hour train commuters 

struggled to buy a ticket on the 15 th January when 

all 179 high-tech TransLink smartcard machines 


across the CityTrain network went into meltdown 

for nine hours. 

Besieged contractor Cubic Transportation Systems 

was supposed to be installing new software on a 

few machines overnight but instead crashed the 

whole system. Some machines even began spitting 

out Japanese to frustrated patrons. 

The lack of purchase points forced Queensland 

Rail into an embarrassing backdown of a new fareevasion 

campaign as commuters travelled free or 

7

attled queues at old machines and station 

windows. 

Liberal transport spokesman Tim Nicholls said the 

card was now facing credibility issues. 

Trial commuters had already told him they were 

not receiving discounts while encountering 

problems topping up the card. 

"We hope it is fine, but none of this bodes well for 

the future of smartcard," Mr Nicholls said. 

L-1 to Provide Fingerprinting For 

South Carolina Law Enforcement 

L-1 Identity Solutions, a supplier of identity 

management solutions and services, received a 

contract from the State of South Carolina, South 

Carolina Law Enforcement Division, to provide 

digital fingerprinting services for civil applicants 

statewide through the South Carolina EasyPath 

network. The three-year indefinite 

delivery/indefinite quantity contract has four 

possible one-year renewals and a potential value of 

$30 million if all options are exercised. 

Integrated Biometrics Technology, will provide the 

fingerprinting services and initially open five 

enrollment centers in Columbia, Greenville, 

Charleston, Myrtle Beach and Rock Hill, with plans 

to increase service to more than 30 locations 

throughout the State. State-of-the-art L-1 

Enhanced Definition TouchPrint live scan systems 

will be used to collect fingerprints. It is expected 

that approximately 500,000 applicants will be 

processed through the new system, which is 

expected to be fully operational by early 2008. 

website: www.l1id.com 

INSIDE Contactless Receives $38m 

Funding For NFC 

INSIDE Contactless, a provider of contactless 

payment chips and NFC technologies, announced 

a new round of investment led by Nokia Growth 

Partners, the global private equity and venture 

capital management arm of Nokia. 

This new investment round of €25m ($38m), will 

allow the company to accelerate its international 

presence and broaden its product portfolio. 

"This is more than a financial investment, this is 

about a strategic partnership with key players who 

are committed to building and driving the NFC 


eco-system", says Rémy de Tonnac, CEO of 

INSIDE Contactless. "Three years ago a similar 

strategic investment was made with Visa which 

brought the company to a leading position in the 

field of Contactless payment. We hope that this 

new development for INSIDE will lead to a similar 

success in the NFC market." 

website: www.insidecontactless.com 

Near Field Communication 

Forecasts Revised Downward 

The worldwide market for contactless technology 

in transportation ticketing and contactless 

payments grew more than 15 percent in 2007. The 

market now stands at a value of more than $200 

million but will reach more than $820 million by 

2013, according to the latest market analysis from 

ABI Research. 

Positive growth in contactless card rollouts took 

place during the last half of 2007, while the uptake 

of contactless capabilities in mobile handsets - 

dubbed NFC (Near Field Communication) - 

continued to be stymied by difficulties in bringing 

the technology to the consumer market. 

Accordingly, NFC handsets did not ship in any 

volume toward the end of 2007 and the market will 

remain limited for the first half of 2008. 

ABI Research now believes there will be longer 

than anticipated delays to NFC deployments and 

has again adjusted its latest quarter and next annual 

figures accordingly: the previous forecasts for total 

NFC device shipments stood at 1.1 million for 

2007, and 9.81 million for 2008. The revised 

forecast stands at 0.65 million and 6.52 million 

respectively. However, says Collins, "Given the 

strength and interest among carriers around the 

world for NFC, our long-term forecasts remain 

unchanged." 

The bulk of the growth of contactless demand over 

the next five years will stem from the uptake of 

contactless payments from cards and mobile 

handsets. Europe took its first real steps toward 

contactless payment adoption in 2007. The initial 

UK contactless rollout in London that began in the 

second half of the year will prove a bellwether for 

the technology in Europe, especially given the scale 

of the initial rollout and the integration of 

contactless with the established EMV smartcard 

payment system. 

website: www.abiresearch.com 

8

Carl-Otto Künnecke 

Growing market for PIN applications 

By Carl-Otto Künnecke Managing Director, OK systems 

Personal Identification Numbers (PINs) are very versatile and can be used for 

manifold applications. They are not only utilized in the banking sector (mostly for 

debit and with an increasing number also for credit cards), but also become more and 

more important for health insurance funds, where secure data are protected with a 

password on the chip of a health card. PINs are also employed for ID cards as for 

example the new German ID card. In this case PIN and chip form a digital signature 

which can be applied in the field of e-government, signing of contracts or secure entry 

into public facilities. 

In general, the PIN consists mostly of four characters (like they are used to access ATMs). However, some 

applications require PINs with more characters. The PIN is generated via an encryption procedure using 

different algorithms such as DES (symmetric Data Encryption Standard), RSA (asymmetric encryption 

system) or ISO 9564-1. 

The entire PIN handling is situated in rooms with highest security levels. If PINs and cards are personalized 

in the same building, the processes must be physically disconnected from each other. Due to this risk, PIN 

personalization is mostly completely separated from card personalization. The outsourcing trend visible in the 

card personalization sector does not have the same momentum for the PIN personalization process. 

Even though PINs have become indispensable in bank applications, there is no Visa/ Mastercard 

certification for PINs. This affects the products itself as well as PIN generation and transportation to the end 

customer. More than ever, transportation is an extremely insecure element when PINs are forwarded to the 

end customer or bank agency. In countries where bank cards are sent directly to the customers the PIN is 

dispatched delayed by a few days or sent prior to the card mailing. The common understanding is that PIN 

and card should never meet in the same post box on the same day. In cases of indirect distribution where the 

card holders have to fetch their card and PIN at the local branch office packages of cards and PINs are often 

sent by separate courier to the branch. In just a few cases cards and PINs go together with the same carrier 

and in the same envelope. What seems to be a high risk can be discounted when PIN and card are not 

activated yet. In case of stolen or opened envelopes the cards and PINs are of no use at all. Either by 

activating the package at the bank office or by special telephone verification the issuer activates PIN and card 

and the customer can use it. The reason for financial institutes to use this approach is reducing dispatch costs 

because postage is the biggest portion of the whole product in most cases. By sending only one product the 

banks save production costs as well as costs for dispatch and courier services. And the costumer will get one 

product instead of two. 

Besides this classic process where a printed PIN is used with paper, there are some cases where electronic 

transmission is employed like in China. Or – like in Korea – the PIN is generated through the application 

form when a card holder applies for a new card. However, due to high security risks these are only 

exceptions. Traditionally, PIN letters have been generated on 3-layered carbon copy paper, and have been 

labelled with address and PIN on needle printers. Due to visual aspects and security risks this process is not 

contemporary any more for many banks. Card carriers and enclosures convey the marketing ideas of the 

financial institute and the PIN stills looks like in the beginning of the computerized era. So the change in 

demands for a new product which fits the overall corporate design of a financial institute is mostly based on 

new marketing needs, but also on the fact that in many countries banks issue several PINs for each customer: 

one for ATM, one for electronic banking and sometimes even a third one for ATMs abroad. The oldfashioned 

“dot.matrix” makes this impossible and thus application and layout have to be changed. 

Therefore, some new processes have been established on the market. All these processes use laser printers to 

print the information on the PIN letter. The advantage is that significantly more information can be 

forwarded to the end customer. As another benefit the issuers can also use their own color logos and thus 

make the PIN letter a means of advertising. 

The foundation for all processes currently available on the market is the issuers’ need for corporate design, 

secure products and production processes as well as costs for the consumables. 


9

In Germany, almost all banks and bank organisations have converted to modern PIN production methods. 

Here the following techniques are used: 

1. Thermo Sealing® - The single form is printed on special paper, 

folded and thermo sealed and therewith becomes a casing ready for 

dispatch, but which can also be put in envelopes. This method 

means up to 60% less paper, no elaborate handling, and no 

outdated technology, significantly less time, effort and waste. Data 

security is provided through a perfect thermo lock which cannot be 

opened without visible damage. 

2. Single label – The back side of the printed paper has a special 

matrix making the PIN invisible. One or more security labels can 

be attached to the letter. These labels can have special security 

features like void effects or holograms and can either be peel-off 

labels or special scratch labels where the customer uses his 

fingernail or a coin to visualize his PIN. All these labels are 

designed to show attempts of manipulation. The final product 

could be either in the same size of the old fashioned “Dot.Matrix” 

solution or an A4 letter size which is folded. 

Scratch label with 

void effect Peel-off label Double label with 

hologram 

3. Double label – The letter is printed and the first label is applied. Then the 

PIN is printed on the label. Immediately after printing the PIN the 

second label is applied so that the PIN becomes invisible. This sandwich 

technology has the highest security level of all processes used today. 

4. Combination of Thermo Sealing® and label – In this case the PIN is 

hidden by a security label and then the product is sealed. This 

solution offers double protection of the PIN and is the most 

widespread form of PIN protection in Germany. 

A key point in using such systems is the security of the process. All described systems were supplied by Otto 

Künnecke – specialists for card mailing and high security systems. 

The machines use special black covers and a special security lock which does not enable the operator to open 

any cover. In case of machine problems the covers can only be opened by an operator and a supervisor. The 

machines can be integrated in existing HSM surroundings or could be equipped with special encryption and 

decryption hard and software. When designing a PIN mailer one key point is that the file sent to the printer 

encrypts, the PIN at the latest stage and that these PINs are not visible in any software, audit files or at any 

device in this process. 

OK offers modularly extendable systems in different security levels. Due to high demand and the excellent 

cost-benefit-ratio these applications are marketed worldwide. Several banks from all parts of the world want 

to follow the German example and use more modern, secure and economic PIN letters. The OK systems are 

available with and without security software like HSM. 


10

Versatile Hardware Security With 


By Eustace Asanghanwa, Atmel 

Affordable True Hardware Security for Mutual Authentication and Data Security 

Cryptographic RF smartcards offer true hardware-based security for applications that 

need authentication, value storage, identification, and secure access control. It bridges 

the complexity and affordability gap between high-end secure microcontroller-based 

smartcards used in banking, and low-end cards used for loyalty tracking and access 

control, without giving up security. 

Eustace Asanghanwa 

Developers and service providers can now apply the desired amount of security to their applications without 

the complexity and unit costs associated with high-end smartcards. Additionally, there is no tradeoff in 

security for low-end smartcards. Example applications include: 

‣ Subscription management including cable and satellite TV. 

‣ Electronic purses used in Laundromats, energy meters, internet café resources and 

transportation. 

‣ Information cards including ID cards and driver licenses. 

‣ Multi-application cards, for example, a single card that combines multiple functions like hotel 

access, mini-bar purchases, movie purchases, and secure access to [high-value] in-room hotel 

safes. 

Smartcards are available today for a wide range of applications and are classifiable under two broad 

categories: Microprocessor-based and memory-based smartcards. Microprocessor-based smartcards embed a 

microprocessor, volatile and non-volatile memories, and communication circuitry such as Analog Front-End 

(AFE) in an integrated circuit that eventually embeds inside the standard smartcard. They contain 

cryptographic routines either in firmware or hardware accelerators to service high-end security applications 

like banking and passports. They require special software or operating system developed by security experts 

for effective security. Their complex nature allows them to command premium prices in the market. In 

addition, these smartcards require external power to support the energy requirements of the microprocessor, 

the memories and the cryptographic routines. For this reason, their connectivity to the outside world is 

usually contacted in nature, at least for power sourcing. Contacted connectivity demands periodical card 

replacement due to worn out contacts. In the rare cases where connectivity is not contacted, as in RFID 

cards, power limitations translate into long transaction times making them less practical for mainstream 

security applications. 

Figure 1: A high level block diagram of a microprocessor smartcard 


11

On the other hand, memory-based smartcards are just non-volatile memories, typically EEPROM, with 

external connectivity in a smartcard form factor. Some provide simple password protection for specific data 

contained within the smartcard, while others allow free access to all the data. Their simplicity makes them 

affordable and their modest power requirement makes them easy to use not only in contacted form but also 

in non-contacted form as RFID cards. 

Figure 2: A high-level block diagram of a memory smartcard 

The Right Card for Each Application 

Product developers and service provides never want to overpay for security. They want adequate security to 

protect the value at stake, but not too much because it may erode profit margins. High-end applications like 

banking have immense value at stake and so require the highest level of security. These high-end applications 

are well suited for microcontroller-based smartcards. Applications with lower-end security demands, like 

plain loyalty cards, are well suited for memory smartcards. However, there are many applications that require 

more security than memory smartcards offer, but do not command enough profit margins to cover the costs 

associated with microprocessor-based smartcards. These applications need an alternative type of smartcard – 

the cryptographic RF smartcard. 


Cryptographic RF smartcards innovatively capture the security offering of microprocessor smartcards and 

implement that security in pure hardware logic. This eliminates the need to develop complex operating 

systems. The innovative logic-only implementation lowers power requirements for the smartcard enabling 

full-performance as non-contacted RF smartcards, which eliminates the need for periodic replacement. 

Figure 3: A high Level Diagram of a cryptographic RF smartcard 


12

True Hardware-based Security 

Cryptographic RF smartcards offer true hardware-based security for authentication, encryption, and secure 

data storage. They contain a 64-bit hardware-based cryptographic engine embedded in the silicon, with up to 

four sets of non-readable 64-bit authentication keys, four sets of non-readable 64-bit session encryption keys, 

and 2K bits of configuration memory. The configuration memory provides application developers with true 

flexibility for customizing security and data protection options and then blowing fuses to permanently lock in 

the configuration and custom security keys in the hardware. 

Secure Dynamic Mutual Authentication Capability 

Up to now, when there was a need to prove authenticity, as in trying to gain access (TV subscription program 

access or secure building access) or to claim value (cash registers, laundry machines, pay-per-use copier 

machines), only high-end microprocessor based smartcards were able to provide true authentication. 

Cryptographic RF smartcards can establish authenticity securely through a cryptographic dynamic mutual 

authentication process using the non-readable keys. They use the authentication keys, session encryption 

keys and a random number to generate a unique identity, or “cryptogram”, for each transaction. Both the RF 

smartcard reader and the RF smartcard must be able to duplicate each other’s cryptograms before any data 

can be accessed or written. The keys are completely inaccessible, even to the owner of the device or original 

silicon manufacturer. A unique cryptogram is generated for each transaction, so a cryptogram, intercepted 

during a transaction, cannot be used to effect a second transaction. In the extremely unlikely event that the 

non-readable key(s) from one smartcard becomes known, they cannot be used with any other smartcard 

because each cryptographic RF smartcard has its own unique set of authentication keys. Fuse bits are blown 

to permanently lock the security information in the smartcard such that even the card silicon manufacturer 

cannot access it. 

Dual Authentication Supports Cash-equivalent Cards 

Uniquely, cryptographic RF smartcards allow two completely independent users to access the same section of 

the memory, using completely separate authentication keys with different access levels for adding and 

deducting cash. As an example, energy meter applications that happen to be very popular in developing 

countries using pre-pay models, the energy company will use a higher privilege access key to add energy 

credits to the card from its offices. The energy meter at the purchaser’s home is then equipped with a less 

privileged key that can only allow for reduction of energy credits and never vice-versa. 

Multiple Sectors with Configurable Access 

Cryptographic RF smartcards are available as a complete family in densities from 1 Kbit to 64 Kbits of 

completely usable memory to accommodate a wide range of information storage and cost requirements. The 

user memory itself may be divided into as many as 16 separate sections, each of which can independently 

customized to allow different levels of read and write access. For example, a smartcard that contains health 

records might keep the patient’s ID and billing address in a portion that is accessible by the billing 

department and insurance company, while diagnostic information is stored in another area that is accessible 

only by the doctor, and prescription information is stored in yet another section that can be written to by the 

doctor and only read by the insurance company and the pharmacist. 

Multitude of Data Protection Options 

Be it cash credits or private health records, cryptographic RF smartcards provide many protection options 

customizable by the application developer at deployment time. These include one-time-program (OTP) 

modes, read-only modes and program-only modes. In addition to protection by pre-authentication 

requirements, cryptographic RF smartcards can fully encrypt data during transmission to protect 

confidentiality and dynamically generate Message Authentication Codes (MAC) to verify message source and 

integrity. To top off, cryptographic RF smartcards are implemented in hardened silicon using secure product 

strategies that include content scrambling, tamper monitors for environmental factors, and detection 

capabilities for physical and systematic security attacks. 

Cryptographic RF smartcards are innovative in their approach to true hardware security and bridge the 

complexity and affordability gaps between microprocessor and memory based smartcards. Laden with usable 

memory and security options, cryptographic RF smartcards offer an unrivaled level of flexibility for 

application developers, allowing full customization to enable adaptability to virtually any application in the 

smartcard space. 


13

Mifare (In)security Update January 2008 

By Dr David Everett, CEO, Smart Card Group 

David Everett 

Mifare: Little Security, Despite Obscurity was the title of the paper given at the 24th 

Congress of the Chaos Communication Congress that took place in Berlin on the 28th 

December 2007. Given by Karsten Nohl (University of Virginia) and Henryk Plötz 

but also involving Starbug from the Chaos Computer Club the presentation gave a 

first hand account of reverse engineering the Crypto-1 algorithm employed in the 

Mifare RFID chips. These chips are widely used particularly in the mass transit area 

such as the London transport Oyster card and the ITSO cards deployed across 

Scotland and as also proposed for the new Dutch National public transport smart card 

scheme (OV chipcard). 

There have been lots of discussions over the security of the Mifare card particularly because of the extended 

business applications such as an ePurse being proposed for this platform. Expressions such as low security 

are thrown around in a way that could confuse or even misrepresent the platform. In any scheme it is the 

overall security that matters not the individual components. It is also fundamental to ensure that the 

components are used in the right way, in most high visibility failures it has been a protocol or procedure 

failure that has resulted in the end disaster. However memory cards such as Mifare do have restricted security 

functionality and when the cryptographic security relies on keeping the algorithm secret that is an additional 

risk that has now exploded. It should be noted that the researchers have not published their findings in detail 

(and may never do so) but they have publicly demonstrated not only that it is possible with limited equipment 

to reverse engineer the random number generator and the algorithm but also to point out many weaknesses 

in the actual Crypto-1 implementation. 

The Mifare chip technology is based on a simple contactless memory device with discrete logic to provide 

some security functionality across the air gap with the reader (i.e. at the radio frequency level). This 

technology is proprietary to Philips Semiconductors and requires their IPR to be available in both the Smart 

Card chip and the Mifare reader. In practice this means that both the smart card and the reader need to have 

a Philips (or a Mifare licensed chip, e.g. Infineon) chip embedded within them. The original Mifare 1K 

memory was introduced in 1994 and there are now 6 chips in the Mifare range from NXP (previously Philips 

Semiconductors); 

• Mifare Classic (1 Kbytes of EEPROM non-volatile memory), 

• Mifare 4K (4 Kbytes of EEPROM), 

• Mifare DESFire (4 Kbytes of EEPROM), 

• Mifare Ultralite (64 bytes of EEPROM), 

• Mifare ProX (1 Kbytes or 4 Kbytes Mifare emulation in a micro controller chip. Total chip 

EEPROM including Mifare emulation memory is 16 Kbytes) 

• Smart MX (a more advanced Mifare ProX replacement series with up to 72 Kbytes of 

EEPROM). 

The Mifare ProX and the Smart MX are micro controller based chips and provide the Mifare functionality as 

an emulation in the chip. These chips are used for example by the IBM JCOP30 and JCOP40 Java Cards 

respectively. The discussion that follows relates to the Classic 1k Mifare but the arguments would hold for 

most other memory cards. 

Mifare Card Operation: The Mifare 1K card has its 1 Kbyte memory arranged as 16 sectors, each with 4 

blocks of 16 bytes. The last block in each sector stores two keys, A and B, which are used to access 

(depending on the access conditions also set in this block) the other data blocks. The Mifare reader interacts 

with the card as follows; 1) Select card (ISO 14443 allows multiple cards in its field), 2) Log-in to a sector (by 

providing key A or key B) and 3) Read, Write, Increment, or Decrement a block (must conform to the access 

conditions). The Increment and Decrement operations allow the block to be treated as an electronic purse. 


14

It is important to note that the cryptographic interchange takes place between the reader and the card and 

more precisely between the Mifare chip in the reader and the Mifare chip in the card. The terminal has to 

present the appropriate key to the reader and normally this key would be derived from a Master key stored in 

a Secure Access Module (SAM) at the terminal. The card ID and parameters, which are unique to each card, 

can act as the derivation factor. This means that each card is using a different key set to protect a particular 

sector. Breaking an individual card will not reveal the Master keys. The Login process referred to above 

implements a mutual authentication process (a challenge/response mechanism) which then sets up an 

encrypted channel between the card and the reader using Philips proprietary Crypto-1 algorithm. These 

security services operate at the RF (Radio Frequency) level and cannot provide any cryptographic audit trail. 

In essence this means that you must trust the terminal but more particularly you have no evidence if it 

misbehaves. 

Mifare Vulnerabilities: The threats to the Mifare scheme are in three areas; 

1) Attacker breaks the cryptographic algorithm, 

2) Attacker implements a key exhaustion attack 

3) Attacker obtains the cryptographic keys. 

The scheme opens up an additional vulnerability in that Mifare cannot provide secure messaging. In other 

words because the Mifare chip doesn't have a CPU it can't cryptographically protect transactions for 

confidentiality, data integrity, or authentication on any form of end to end basis. This also means that 

message replays and deletions cannot be detected which is fundamental to most security schemes. 

Strength of the Cryptographic Algorithm: The Mifare Crypto-1 algorithm is proprietary and has not been 

published. However the work undertaken by Karsten Nohl (University of Virginia), Starbug and Henryk 

Plötz in so far as they have released their results is very informative giving the block diagram below 

reproduced from their presentation, 

15 

Smart Card & Identity News • January 2008

In addition to this drawing they have also released further information about the RNG which is a 16 bit 

LFSR with characteristic polynomial, 

X 16 + X 14 + X 13 + X 11 + 1 

The RNG is seeded by the time delay between power on and the reception of message data from the 

contactless card reader. As they point out this is rather easy to control but they also noticed by intercepting 

messages between the card and reader that there were already repeats of the random number used as part of 

the authentication protocol and which is also input to the main 48 bit LFSR. This main LFSR has 16 

feedback taps defined by its characteristic polynomial and apparently 20 taps are used for the key stream 

output function. 

In subsequent discussion the authors have also commented that the exclusive OR input with the secret key 

and tag ID is not quite as simple as shown in the slide. 

When a cryptographic algorithm is widely available one suspects it is only a matter of time before it gets into 

the public domain either due to a malevolent employee or by a reverse engineering attack on the chip. This 

has happened in many other cases such as in the GSM world and the DVD protection algorithm. Public 

attacks on the Internet swiftly followed. It is believed that counterfeit Mifare chips are already available from 

China, the companies concerned would need to have reverse engineered the chip in order to produce such 

copies. 

Key Exhaustion Attack: The design of cryptographic algorithms is normally based on the assumption that 

knowledge of the algorithm is assumed. In other words the algorithm itself is adequately strong and that the 

security depends on obtaining the secret cryptographic keys. Assuming there is no flaw in the algorithm or its 

implementation then the security of the scheme falls down to key exhaustion. Key exhaustion would require 

an emulation of the algorithm where all the keys in the key space are tested one by one using matching plain 

text and cipher text. Alternatively the keys in the key space can be tested one by one against a valid 

implementation of the algorithm (e.g. an authentic card). The first condition requires the algorithm to be 

known as per the above comments and for the key space to be practically realisable. 

The Mifare algorithm uses a 48 bit key, this gives a total key space of 2^48 or approximately 3 with fourteen 

noughts. With today's processing power this would not be deemed adequate by experts in the field. The single 

DES algorithm with its 56 bit key has long since been dismissed (it has been practically exhausted in 10 

hours) in favour of triple DES with an effective key length of 112 bits (in practice it can be attacked with 

slightly less effort but still insurmountable). Today anything much less than a 96 bit key would not be deemed 

secure against such an exhaustion attack. An alternative approach would be to take a valid card and literally 

try each key in turn from the key space. This would require a card select followed by a login process. Just 

assuming this could be done in say 10 mS then an attack would take, 2^48 X 10 mS = 89194 years. This 

attack is clearly not viable. 

Key Vulnerability: The vulnerability of the keys arise from these considerations; 1) An exposure in key 

management (including the terminal and reader) and 2) An exposure to an attack on the card. As mentioned 

previously because the keys have to be transmitted to the reader there is an assumption that the terminal can 

be trusted. This may be reasonable in some closed schemes such as a mass transit application but in the more 

general case this would not be an acceptable assumption. Apart from the obvious invasive attacks on the 

chip, we have in recent years, seen very successful attacks on Smart Cards by intercepting the power 

consumed by the chip whilst undertaking cryptographic operations. Called Differential Power Analysis (DPA) 

by their inventor Paul Kocher these techniques were originally applied against the RSA secret keys but later 

used against symmetric algorithms such as DES. Such forms of attacks may well be applicable to the Philips 

Mifare algorithm. 

Secure Messaging: In a transaction-based scheme it is standard practice to protect the messages with some 

Cryptographic Check Value (CCV) or digital signature. This ensures the authenticity of the source of the 

message and that the message has been unchanged in transit from source to destination. This requires that 

the Smart Card is able to both create and check such CCVs or digital signatures. Without such security 

services being applied it is not easy to resolve disputes and the scheme is vulnerable to a wide range of 


16

attacks. The Mifare card because it hasn't got a CPU is not capable of creating or checking such 

cryptographic messages. Consider the operation of a CPU Card as shown. 

Both the card and SAM can encipher messages or create and check cryptographic checksums as necessary 

and appropriate 

In this case the transactions operate between the SAM (Secure Access Module) and the card. Cryptographic 

protection operates between these end points. Consider for example the case where you want to increment 

the value of a purse stored on the card. The card is set up so that the command to increment the purse has a 

CCV attached, the chip checks this CCV before it effects the value load process. This cryptographic CCV is 

created by the Secure Access Module (SAM) attached to the terminal. Nowhere in this scenario are the 

cryptographic keys available in plain text. Even if the terminal is attacked with some Trojan software, the 

transaction records can be subsequently checked for authenticity. It is not possible for the Trojan operation 

to fool this process. In addition sequencing controls can be incorporated in the messages which are checked 

by the CPU to stop replays. 

User Authentication: The Mifare card has no facility for checking user PINs or passwords. This means that 

you cannot adequately bind a user to the card which is necessary in any form of Identity management 

scenario. 

Summary: Memory cards with discrete security logic such as Mifare can offer adequate security for some 

closed business scenarios. In the more open transaction model the increased security functionality offered by 

a CPU chip with cryptographic capability is highly desirable. In the light of the latest public attack on the 

Crypto-1 algorithm system integrators would be advised to upgrade to a more resilient algorithm. The NXP 

DESFire memory RFID product for example uses Triple DES but we see little advantage in a memory only 

device given the small overhead of a CPU micro-controller. 

LEGIC embeds badge and purse into NFC 

mobile phones 

Mobile telephony is already something we can’t imagine being without. New NFC (Near Field 

Communication) technology will revolutionise our daily transactions further still and make many deeds even 

easier. Buying a bus ticket, paying at a machine or kiosk, opening a door or accessing information services: in 

the future, the mobile telephone will be able to do all. 

NFC pilot project with and at Swisscom 

LEGIC, Swisscom and Selecta are pursuing new paths with this NFC pilot project. In the Swisscom’s 

modern buildings in Bern, Switzerland, Swisscom staff use their mobile phones to get chilled drinks and 

snacks from Selecta vending machines. The ability to connect a mobile phone to contactless applications, 

such as to make cashless payments using electronic purses, is opening up endless possibilities thanks to 

LEGIC’s new card-in-card solutions. For a long time these two worlds, with their different technologies, 

were not compatible. Buying drinks using an electronic purse was only possible with the contactless staff 

badge, while the mobile phone was used for standard communication purposes. 


17

NFC technology enables mobile phones to behave as conventional contactless cards and to connect to the 

network via mobile technology. Contactless applications can also work when the phone battery is empty or 

no network is available. The new solutions therefore combine the advantages of both technologies, providing 

more security, ease-of-use and availability. 

The partners of this pilot project intend to convert the project into a real business model. Additional 

applications, such as the integration of Adasoft secure entry applications used in all Swisscom buildings, will 

also be discussed. 

Swisscom provides greater comfort for end users thanks to NFC 

For Swisscom, NFC is not only a trend-setting technology, but the key to greater comfort for end users, who 

will be able to access everyday cashless services with their mobile phone. This includes buying everyday items 

such as snacks and drinks, booking tickets, and more. Thanks to contactless NFC technology, end users will 

simply have to present their mobile phone and they will be able to buy easily, without cash. 

Swisscom is supporting the further development of SIM cards as hosts for the new NFC applications. It is 

actively engaged in the development of new services and working closely with leading mobile phone 

manufacturers to bring a wide variety of NFC phones quickly to the market. Customers will only be able to 

benefit from these new services if relevant appliances are available and if all network operators cooperate. 

Swisscom believes that an agreement between mobile phone companies is vital in order to avoid individual 

solutions. 

Thomas Kummernuss, Product Manager and responsible for NFC development at Swisscom, is delighted 

with the success of the pilot project: “Swisscom believes in the potential of NFC technology in Switzerland: 

cashless payments, public transport ticketing, access control, etc. will be more secure, comfortable and 

customer-friendly with a mobile phone. We are also discussing the possibility of a single service offer and a 

B2B business model. The success of this project is helping us to convince our partners and customers of the 

advantages and possibilities of the new contactless technology in mobile phones.” 

Vending machines by market leader, Selecta 

Selecta is an international trendsetter for easy, safe and fast purchases from vending machines, in private or 

public areas. The Swiss market leader endeavours to offer its customers up-to-date and trend-setting products 

and solutions. Contactless technologies like NFC set new priorities in the development of such solutions. 

Cashless payments at vending machines are a good starting point. Selecta is giving NFC solutions the chance 

to be accepted on the market, in particular in public and semi-public areas. Pilot projects like the one with 

Swisscom underpin and strengthen acceptance by consumers. They contribute, through communication, to 

the creation of further applications and card acceptors, such as in the public transport field or with 

wholesalers. 

A union of different worlds thanks to LEGIC’s card-in-card solutions 

LEGIC’s contactless smart card technology has been world leader for several years. LEGIC is pursuing new 

directions with its card-in-card solutions. In the form of a virtual card, LEGIC functionality will be applied to 

dual interface cards or third party NFC mobile phones via the new software solution for smart card 

platforms. 

This enables the connection of public transport applications, PC access via PKI or credit cards with LEGIC 

applications such as access control or cashless payments. Thanks to further extensions of the LEGIC 

technology – there are already over 50,000 facilities with more than one million LEGIC readers in service – 

and to a worldwide licence partner network, the possibilities for building on existing and developing new, 

even more comfortable solutions, are endless. 

“We’re expecting a lot from the NFC technology in connection with our LEGIC card-in-card solutions. We 

are world leader in contactless smart card technology for personal identification applications. The fact that 

the LEGIC all-in-one area can be integrated into third party cards and NFC mobile phones widens the scope 

of our technology and also makes way for new solutions for our partners, as well as providing advantages and 

comfort to the end user. In the future, it will be possible to go to work just with a mobile phone and to do 

without all the different cards”, explained Urs A. Lampe, Vice President Product Marketing & New Business 

of LEGIC Identsystems Ltd. 


18

Buying into Contactless Payment 

By Debbie Mitchell, Head of Regional Marketing, VeriFone EMEA 

Debbie Mitchell 

Contactless payment solutions represent one of the most important card payment 

innovations of the last decade, and are currently transforming payment at the point of 

service. Today’s ever more sophisticated consumers expect speed, convenience and 

simplicity when paying for goods. What’s more, they’re embracing contactless payment 

and demonstrating that self-service pays dividends in terms of expediency, ease of use 

and the freedom to chose the time and place best suited to them to make a purchasing 

decision. 

Contactless in unattended card payment environments is similarly emerging as a fast growing global 

development in a variety of scenarios — including ticketing, car parking, self-service kiosks and vending 

machines — and engendering a monumental change in consumer attitudes and behaviours. 

Indeed, the days of consumers viewing ‘cash as king’ may well be numbered. A recent report from APACS, the 

UK’s association for payment clearing services, The Way We Pay 2007: UK Plastic Cards, showed that in 2005 

card payments in retail exceeded cash for the first time, and that this gap further increased in 2006. This trend 

looks set to accelerate further, hastening the demise of hard cash especially for low value payment transactions. 

The contactless transaction 

Contactless technology is ideal for speeding up small-value payments that are typically below US$25 where, 

until now, cash has been the predominant form of payment. Since cash still accounts for a significant 

proportion of total consumer payments, even in the most developed card markets, this market represents a 

significant opportunity for contactless payment technologies. Indeed, figures from Datamonitor's Consumer 

Payments Model show that in 2003 cash still accounted for around 20.4 per cent of the total value of consumer 

payments in France, Germany, Italy, Spain, UK and the US. 

Market research firm Tower Group estimates contactless payment can reduce individual transaction times by 

between 10 to 15 seconds; an assertion that is borne out by the findings of the Smart Card Alliance’s recent 

investigation of contactless payments in the US. As well as confirming contactless payment technologies 

enabled faster transactions than EMV, its investigation also reported merchants experienced increased 

cardholder transaction volumes and average transaction size. 

Similarly, unattended payment terminals generate enhanced self-service options for consumers and offer an 

additional convenience that’s helping to propel contactless payment into low value cash-based transactions. 

Contactless payment certainly effectively delivers against consumer expectations in relation to expediency and 

rapidity. Rather than inserting a payment card into an EFTPoS device, or swiping it through a magnetic stripe 

reader, a cardholder simply waves a card — or other contactless token, such as a key fob — within 10cm of a 

contactless reader. 

Underpinned by the same advanced technology that secures chip and PIN transactions, consumers have been 

quick to accept contactless payment as a safe, convenient and fast way to complete low value purchases. For 

retailers, contactless payments similarly generate significant advantages in terms of reduced cash handling, 

improved operational efficiencies and in busy retail environments, like quick service restaurants, faster service 

throughput and reduced queuing. 

Charting the progress 

Contactless payment first made the transition from niche technology to a mainstream payment option when, in 

August 2004, McDonald’s announced an agreement to accept MasterCard PayPass at selected McDonald’s 

restaurants. By early 2006, industry analyst Datamonitor reported there were over 10 million contactless devices 

in circulation in the US, with 160,000 acceptance terminals in 30,000 merchant locations. Contactless payment 

was launched, and today the US represents the world’s largest contactless payment market. 

In the US, usage of unattended payment terminals is growing between 17 per cent and 20 per cent each year 

and millions of consumers are now accustomed to contactless payment technologies through electronic toll 

collection systems — such as EZPass and FasTrack — or through using ExxonMobil’s SpeedPass to make gas 

and convenience store purchases. 

This meteoric growth is being replicated elsewhere around the world. In just five years, the contactless Octopus 


19

card in Hong Kong has gained over 11 million cardholders, is used in nearly nine million transactions a day and, 

in addition to transport and parking, is accepted in payment for groceries. In the UK, Transport for London 

has already issued over 10 million Oyster cards and currently reports that just three per cent of payments on 

London Underground and buses are made in cash. 

Changing user behaviours 

The use of contactless cards in mass transit environments has become almost ubiquitous; transit system 

contactless smart cards are now in use in major cities worldwide — including Hong Kong, Tokyo, Seoul, 

Washington DC and Shanghai — and the majority of planned new transit fare payment systems are electing to 

use contactless smart cards as the primary ticket media. From a user perspective, the simplicity and familiarity 

of the ‘tap-and-go’ transit payment systems are proving to be key to wider scale acceptance and adoption in 

other payment or usage scenarios. 

As a result contactless smart cards are now making the transition into retail environments as transit agencies 

and card associations work together to extend the use of contactless payment devices. Transport for London 

(TfL), in partnership with Barclaycard, recently launched its co-branded multiple application card for both 

transit and retail payment, OnePulse. The 3-in-1 card combines Oyster, credit and cashless facilities and aims to 

effortlessly extend Oyster’s functionality to existing customers. Retailers already signed up to the new 

technology include Books Etc, Chop’d, Coffee Republic, EAT, Krispy Kreme, Threshers and Yo! Sushi. 

In the UK, an initial 2,000-strong retailer roll-out of contactless payment in London in autumn 2007 will 

dovetail into a series of full scale national implementation programmes throughout 2008. London commuters, 

who are already familiar with contactless technology through TfL’s Oyster card, will be able to take advantage 

of improved customer experience in new retail payment environments, while the planned point-of-sale 

deployments across the rest of the UK are expected to widely establish contactless payment. By the end of 

2008, the UK payments association APACS estimates that over five million contactless cards will have been 

issued and will be accepted in at least 100,000 merchants across the country. 

Making the leap 

The UK contactless payment initiatives aim to capitalise on the benefits of simplicity, convenience and speed, 

combined with existing consumer familiarity with a proven and well-established EMV structure. 

In terms of deployment, a key advantage of implementing contactless solutions is that the technology can be 

readily adapted to current payment systems. Existing EFTPoS terminals can be easily modified with an interface 

to a contactless RF (radio frequency) reader, enabling retailers to leverage their existing payment structure and 

providing a future proofed solution to support full-scale contactless rollouts. 

The contactless interface can also be deployed with EMV chip-based cards, or in magnetic stripe card 

environments. In EMV scenarios, PIN data entry can be used to verify contactless transactions, while in non- 

EMV transactions, data derived from Track 2 magnetic stripe-related information and secret data is transmitted 

by the contactless chip in response to a signal from an EFTPoS device; in some instances this data undergoes 

authorisation in a manner similar to a magnetic stripe transaction. 

Securing the transaction 

In the self-service applications that today’s consumers now demand, ensuring the highest security at the point 

of payment is a critical challenge. Contactless payments use the international ISO/IEC14443 standard for 

contactless reader-card communication, and leverage the existing payments infrastructure, which has supported 

card payments for the past 40 years. 

Although the use of a contactless interface does not routinely require the consumer to enter a PIN, the card’s 

chip tracks activity, and after a consecutive number of transactions may prompt the user to enter a PIN. 

This security feature provides options that re-affirm card possession and deter potential fraudulent use, should 

the card be lost or stolen. Additional security features include a unique in-build 128-bit encrypted key on each 

contactless card for verification. At a system level, payment networks can automatically detect and reject any 

attempt to use the same transaction information more than once. 

Contactless payments are fast approach the tipping point of adoption within retail environments. In the UK, 

the collaboration between TfL and Barclaycard signals the first mass deployment of a bank-controlled 

contactless payment application with an operational transit application, and may well prove transformational for 

contactless payment adoption in many countries. 


20

Mifare, Oyster and ITSO Cards Hacked Smart Card & Identity News

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?