Contactless IC card, also known as RF card, is composed ofIC chip, inductive antenna, packaged in a standardPVCThere is no exposed part of the chip and antenna in the card.It is a new technology developed in the world in recent years, and its success willRFID technologyandIC cardThe combination of technologies ends the problem of passive (no power supply in the card) and contactlesselectronic deviceA major breakthrough in the field.The card is close at a certain distance (usually 5-10cm)Reader writerSurface, passing throughradio wavesTo complete data reading and writingoperation。
The RF reader/writer sends a set of fixed frequencyelectromagnetic waveThere is a LC series resonant circuit in the card, whose frequency is the same as the frequency emitted by the reader writer, so that under the excitation of electromagnetic waves, the LC resonant circuit will resonate, so that there will be charges in the capacitor;At the other end of this charge, there is a unidirectional conduction electronic pump, which sends the charge in the capacitor to another capacitor for storage. When the accumulated charge reaches 2V, this capacitor can be used as power supply for other circuitsworking voltage , transmit the data in the card or receive the data from the reader writer.
Emission principle
Announce
edit
Non-contactIC card andcard readerReading and writing operations are completed through radio waves.Between the twoCommunication frequencyIs 13.56MHZ.The non-contact IC card itself is a passive card. When the reader/writer reads and writes the card, the signal sent by the reader/writer consists of two parts: one is the power signal, which is received by the card and generates an instant energy with its L/C to supply the chip for work.The other part is the instruction and data signal, which commands the chip to read, modify and store data, and returns the signal to the reader writer to complete a read/write operation.The reader writer is generally composed ofsinglechip, dedicatedIntelligent moduleAnd antenna, and equipped withcommunication interface , print port, I/O port, etc., so that they can be used in different fields.
classification
Announce
edit
Contactless IC card can be divided into:
1). RF ID is commonly calledID card。RF card information is accessed throughradio wavesTo complete.There is no mechanical contact point between the host and the RF.For example, HID, INDARA, TI, EM, etc.
2). radio frequencyStorage card(RF IC) is commonly referred to asContactless IC card。The RF memory card also accesses information through radio.It is in theMemory cardThe RF transceiver circuit is added.For example, MIFARE ONE.
Early used in some citiesBus cardThe meal card and hot water card used by some schools belong to the RF memory card.
3). radio frequencyCPUCard(RFCPU) is commonly referred to asActiveCard, inCPU cardRF transceiver circuit is added on the basis of.CPU card has its own operating systemCOSIs a real smart card.
Bus cards in big cities,Financial IC cardA few school meal cards belong to RF CPU cards.
Support Agreement
Announce
edit
becauseContactless IC cardWhen communicating, itReader writerData is transmitted through radio frequency, so both parties must comply with the sameCommunication protocolThe standard can meet the normal communication requirements.The standard protocols of contactless IC card commonly used in China are ISO14443A, ISO14443BISO15693Etc.Under different protocol standards, corresponding to different IC cards, common IC cards are:
ISO14443A: GeneralLogical encryption cardThere are: Mifare 1K, Mifare4KFM11RF08, Ultralight, Ultralight C, Mifare Mini, DesFire; CPU card: Mifare ProX T=CL TYPE A
ISO14443B: Common logical encryption cards include:SR176SRI512, SRI1K, SRI2K, SRI4K, SRIX4K; CPU card: AT88RF020 T=CL TYPE B
Enterprise/campusOne card solution, bus stored value card, expressway toll, parking lot, community/park management, etc
Internal partition
Announce
edit
The inner part of the contactless smart card consists of two parts: the system area (CDF) and the user area (ADF).
System area: used by card manufacturers, system developers and card issuers.
User area: used to store the relevant data information of the cardholder.
AB standard
Announce
edit
At present, the International ISO Organization is determining two main standards for contactless cards, one is based onPhilips、SiemensOne of the proposed TYPEA is based onMotorola,STCTYPEB proposed by the company.Both have their own advantages:
TYPEA
The most widely used Mifare technology is compliant with the TYPEA standard.Its difference from TYPEB mainly lies in the communication between the card and the reader writermodulation mode To put it simply, when the message is "1", the signal will have a gap of 0.2-0.3 microseconds; when the message is "0", the signal may or may not have a gap, which is related to the front and rear information.The advantages of this method are obvious information difference, less chance of interference, fast response speed and no easy misoperation;The disadvantage is that the energy may fluctuate when it needs to continuously improve the energy to the non-contact card.
TYPEB
This standard has just been developed. Its card communicates with the reader writer in a 10% ASK modulation mode.That is, the difference between information "1" and information "0" is that the signal amplitude of information "1" is large, that is, the signal is strong, while the signal amplitude of information "0" is small, that is, the signal is weak.The advantages of this approach are continuoussignal transmission , there will be no energy fluctuation;The disadvantage is that the information difference is not obvious, relatively vulnerable to external interference, and there will be false signals. Of course, it can also be made up by inspection.
From the above comparison, it can be seen that it is difficult to say which is better or worse for the two technologies, which is one of the reasons why the International ISO Organization determines the two standards.However, for the public transportation system, a careful analysis is needed, and it is better to adopt a standard.staybusOn the one hand, there is a lot of interference, and the clocking time must be very fast, so the smaller the probability of false signals, the better. In this respect, TYPEA is relatively suitable.In addition, due to the limitations of national conditions, there is little chance for buses to use contactless CPU cards in the short term. Generally, contactless logic encryption cards will be used.In the process of using the contactless logic encryption card, because there is no CPU working in the cardSustainabilityThe requirements are not very strong, so TYPEA can work well, which is also the reason why TYPEB pushes non-contact CPU cards. They basically do not produce non-contact logical encryption cards.
advantage
Announce
edit
High reliability
wrongContact IC cardThere is no mechanical contact with the reader writer, avoiding various faults caused by contact reading and writing.For example: due to rough card insertion, non card foreign matter insertion, dust or oil stainpoor contactFault caused by.In addition, there is no exposed chip on the surface of the non-contact card, so there is no need to worry about chip falling off, electrostatic breakdown, bending damage and other problems, which not only facilitates card printing, but also improves theService reliability。
easy operation
Because of non-contact communication, the reader writer can operate the card within 10CM, so it is not necessary to insert or dial the card, which is very convenient for users.The non-contact card has no directionality when used. The card can sweep across the surface of the reader writer in any direction, which can not only complete the operation, but also greatly improve the speed of each use.
Conflict prevention
There is a quick anti-collision mechanism in the contactless card, which can prevent data interference between cards. Therefore, the reader can process multiple contactless IC cards "simultaneously".This improves the application'sParallelism, which can improve the working speed of the system invisibly.
application
The serial number of the non-contact card is unique. The manufacturer has solidified this serial number before the product leaves the factory and cannot change it again.A two-way verification mechanism is used between the non-contact card and the reader writer, that is, the reader writer verifies theLegitimacyAt the same time, the IC card also verifies the validity of the reader writer.
Before processing, the non-contact card and the reader writer must be mutually authenticated for three times, and allDataEncryption.In addition, each sector in the card has its own operation password and access conditions.
The memory structure of the contact card makes it versatile and can be used in different systems. Users can set different passwords and access conditions according to different applications.
Good encryption performance
Contactless IC card consists of IC chip and induction antenna, and is completely sealed in a standardPVCThere is no exposed part in the card.The reading and writing process of non-contact IC card is usually completed by radio waves between the non-contact IC card and the reader writer.
Composition: one part is the power signal, which is generated by the card and its own L/C after receivingresonance, generate a moment of energy to supply the chip.The other part is to command the chip to complete data, modify, store, etc. and return to the reader writer by combining data signals.Formed by non-contact IC cardRead-write systemBoth the hardware structure and the operation process have been greatly simplified. At the same time, with the help of advanced management software, the offline operation mode makes the data reading and writing process easier.
The most common contactless IC card in the market is the contactless logic encryption card. With its good performance and high cost performance, this type of IC card has been favored by the majority of users, and has been widely used in public transportation, medicalCampus all-in-one card, access control and other fields.Because the non-contact logic encryption card chip uses streamCryptography,secret keyThe length is also not very long (the typical password length is 48 bits of Mifare), so there are some security risks in logic encryption card chips, which may be cracked by hackers.In areas with high security requirements such as finance, identity recognition and e-passport, they prefer to use embeddedmicroprocessorNon contact CPU card chip.
The CPU card chip has dual security mechanisms inside, the first is the integration of the chip itselfencryption algorithm Module, chip design companies usuallyPractical testSeveral of the most secure encryption algorithms are integrated into the chip. Common security algorithms areRSA,3-DESEtc.Domestic chip design companies will also introduce the national secret algorithm (SSF33, SCB2,SM2,SM3To enhance the security of the chip.The national secret algorithm is not open to the public, so the national secret algorithm generally has higher security than other public encryption algorithms.The second protection is the COS (Card Operation System) system unique to the CPU card chip. COS can set multiple mutually independent passwords for the chip. The keys are stored in a directory. The keys under each directory are independent from each other and havefirewallFunction (keys in different directories will not affect each other).At the same time, COS also sets the maximum number of password retries to prevent malicious attacks.This shows that the non-contact CPU card has higher security than the non-contact logical encryption card.
Three threats
Announce
edit
With the progress and development of society, smart card technology has also been applied to our lives, which brings about a large number of smart card security controllersHacker attack。More and more attacks have also announced the end of many previous claims that their products are very safe.
aboutContactless cardFor applications, a very high level of privacy protection anddata protection。The specially designed security controller can meet the high-level requirements of privacy protection and data protection for such applications.
The goal of chip manufacturers is to design effective, testable and verifiableSafety measures. to resist the following three types of threats: false sensing attacksPhysical attackandbypassChannel attack.
Missense attack
Disrupting the function of smart cards has evolved into a comparative attack method, which is used by thousands of hackers from amateurs to very professional all over the world.Therefore, this false sensing attack (also known as semi intrusion attack) has become the main object of security performance evaluation and verification of security controllers.
smart cardThe controller is usually made of silicon chips.The electrical properties of silicon chips will vary withEnvironmental parametersBut different.For example, the electrical properties of a silicon chip will vary with the voltage, temperature, lightionizing radiationAnd aroundelectromagnetic fieldChange.The attacker will try to introduce some wrong behaviors by changing these environment parameters, including introducing errors into the program flow of the smart card controller.Usually, attackers force the chip to make wrong decisions (such as receiving wrong inputAuthentication code), allow accessstorageConfidential data in.This so-called "memory dump" is gradually becoming an area of interest for error attacks.
However, for an attacker to extract a complete key using a complex algorithm, the use of "different error attacks (DFA)" is only effective for a single error operation in some cases.There are various methods to induce unknown errors, including changing power supply, electromagnetic inductionvisible lightOr radiant materials to illuminate the surface of the smart card, or change the temperature, etc.Some of the above methods can be implemented with very low-cost devices, thus becoming an ideal choice for amateur attackers.
Although countermeasures against these attacks are given in the data of the security controller, they can only be proved to be truly effective through actual tests.Because the performance of these countermeasures varies up to severalOrder of magnitude. Therefore, it is necessary to check theSafety levelIs extremely important.When the chip is approved forIDorE-PassportBefore, it must undergo a large number of security tests.However, for different ID card systems in different countries, the standards for these security tests are also different.The realization of the concept of error induced attack must be seen from different perspectives, and a strict mutual cooperation mechanism must be constructed.Chip cardController'sSafety conceptIt is established in the following three aspects:
1. Prevent wrong induction;
2. Test error inducing conditions;
3. Various measures against the wrong behavior of the security controller.
Filter power supply andInput signalAs the first barrier, a fast reaction stabilizer is used to prevent the sudden change of voltage in a given range.Similarly, some irregular behaviors related to clock power supply are also prevented.For example, if the security controller is attacked by a very high voltage that cannot be resisted by ordinary rules only, the sensor is used as part of the second barrier.If the sensor detectscritical value, an alarm will be triggered. The chip will be set toSecurity status。Voltage sensorUsed to check the power supply, the clock sensor checks the irregular behavior of the frequency, and the temperature andOptical sensorCheck for light and temperature attacks.South light attack can be realized through the back of the chip, and the optical sensor is effective for attacks on both sides of the device.The second barrier is built from the security controller core itself.The combination of hardware and software forms an effective third barrier.Here, the combination of hardware and software is crucial, because in some cases, pure software measures themselves are the target of error attacks.
In order to deal with physical attacks, the most important thing is tobus system Encrypt, which means that the data on the chip itself needs to use a powerfulcryptographic algorithm Encrypt. This means that even if an attacker can get these data, only useless information can be generated.
On the other hand, effectiveShielding netIt is an effective barrier for attackers.In this case, micron grade superfineProtective lineTo override the security controller.These protection lines are continuously monitored if someLine andOther short circuits, cuts off or damages will start the alarm.With such multi-level protection measures, the controller can be protected from physical attacks, even attacks from advanced attack devices.
Attackers will also use methods to obtain confidential data information (such as authentication code), which is achieved by carefully observing various parameters when the chip is working.Using power analysis (SPA - simple power analysis. DPA - different power analysis. EMA - electromagnetic analysis), attackers canelectromagnetic radiationTo extract information, because the power consumption andradiation intensityIt is changeable.
advantage
Announce
edit
1. High reliability, which can prevent various failures caused by card insertion, dust and oil contamination;There is no exposed chip on the card surface, no chip falling offElectrostatic breakdown, bending damage and other problems;The operation is convenient and fast, and the card can be operated within the effective range;nothingdirectional;The reading speed is improved, and there is no mechanical contact between the card and the reader writer.
2. Anti conflict (automaticResolution)The RF card has a quick anti-collision mechanism to prevent data interference between cards. The reader/writer can handle multiple cards at the same timeInduction card。
3. Convenient operation. Due to non-contact communication, the reader writer can operate the card within 10cm. Generally, the card reading distance depends on different machines and tools.
4.Scope of applicationWide, RF cardMemory structureIts features make it possible to apply one card to different systems, and users can set different passwords and access conditions according to different applications.
5. Good encryption performance, two-way verification mechanisma sectorThere are operation passwords and access conditions.
Production instructions
Announce
edit
1、Correctly place the draft as coreldraw,AI,photoshop,pdfFile.Characters, symbols and patterns must be converted into curves after special effectsLattice diagram;
3、The small embossed code is font 14, and the large embossed code is font 18, which can be represented in bold. The small embossed code and the large embossed code, including spaces, can only be 19 digits at most.The embossed code can be gilded or gilded with silver or other gold and silver, and can be used for personalized embossed code in special requirements;
4、Convex code and cardMarginsMust be greater than 5mmMagnetic stripeThe inner frame edge (upper and lower) of the spacer is 4mm, and the width of the magnetic strip is 12mm;
5、Contactless IC card: the convex code design position should not press the chip on the reverse side, otherwise the chip will not be able to swipe;
6、Do not press the convex design position to the reverseIC chipOtherwise, the barcode data cannot be read,IC cardLeave space according to the barcode model provided by the customer;
7、colorStep tone: The ideal stage range is 18% - 85% if the highlight is less than 18% orUndertoneIf some of them are higher than 85%Color Grad Poor;
8、Color modeShould beCMYKFront and back pure black text or black background filling K100 solid color block reverseWhite words, white words need white edges;
9、The thickness of the line shall not be less than 0.076mm, otherwise the printing will not be presented;
10、ShadingorBase mapThe color setting should not be less than 8% to prevent the finished product from being rendered during printing;
11、The following items shall be noted in the manuscript before the order is placed for the document of making non-contact IC card:;
A:Indicate how many cards are made in total, indicating where the card number starts and special requirements. The card number is small convex, large convex, flat orInkjet code;Whether bronzing is requiredHot silverOr not hot?How many signature notes are there on the back?If the card number or tail number meets "4" or "7", it should be removed;
B:If there is a pattern or text on the front that needs to be gilded or gilded, it also needs to be highlighted;
C:If the non-contact IC card has a special manufacturing process, it should be explained in detail in the next single manuscript;
12、Because the printed carrier of the card is different, the printed finished product is the same as that displayed or printed by the computerColor manuscriptThere will be a certain color difference;
13、The color shall be filled according to CMYK color bookscreen colorAnd printer printing color, not as printing color.