Abstract
Smart cards are portable secure devices designed to hold personal and service information for many kind of applications. Examples of the use of smart cards are cell phone user identification (e.g. GSM SIM card), banking cards (e.g. EMV credit/debit cards) or citizen cards. Smart cards and Biometrics can be used jointly in different kinds of scenarios. Being a secure portable device, smart cards can be used for storing securely biometric references (e.g. templates) of the cardholder, perform biometric operations such as the comparison of an external biometric sample with the on-card stored biometric reference, or even relate operations within the card to the correct execution and result of those biometric operations.
In order to provide the reader of the book with an overview of this technology, this chapter provides a description of smart cards, from their origin till the current technology involved, focusing especially in the security services they provide. Once the technology and the security services are introduced, the chapter will detail how smart cards can be integrated in biometric systems, which will be summarized in four different strategies: Store-on-Card, On-Card Biometric Comparison, Work-sharing Mechanism, and System-on-Card.
Also the way to evaluate the joint use of smart cards and Biometrics will be described; both at the performance level, as well as its security. Last, but not least, this chapter will illustrate the collaboration of both technologies by providing two examples of current major deployments.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Zoreda JL, Oton JM (1994) Smart Cards. Artech House, Norwood
Bright R (1988) Smart Cards: Principles, Practice, Applications. Ellis Horwood Books in Information Technology
International Organization for Standardization (ISO). ISO/IEC 7816 identification cards—integrated circuit cards. http://www.iso.org
Rankl W, Effing W (1997) Smart Card Handbook. Wiley, New York
Oracle. Java card. http://www.oracle.com/technetwork/java/javacard/overview/index.html
International Organization for Standardization (ISO). ISO/IEC 7816 identification cards—integrated circuit cards—part 4: organization, security and commands for interchange. http://www.iso.org
PC/SC Workgroup. http://www.pcscworkgroup.com/
Kömmerling O, Kuhn MG (1999) Design principles for tamper-resistant smartcard processors. In: Proceedings of the USENIX Workshop on Smartcard Technology on USENIX Workshop on Smartcard Technology (WOST’99). USENIX Association, Berkeley
Schneier B (1995) Applied Cryptography. Wiley, New York
RSA Laboratories. PKCS #11 cryptographic token interface (cryptoki). http://www.rsa.com/rsalabs/node.asp?id=2133
RSA Laboratories. PKCS #15 cryptographic token information format standard. http://www.rsa.com/rsalabs/node.asp?id=2124
Sanchez-Reillo R (2002) Achieving security in integrated circuit card applications: reality or desire? IEEE Aerospace and Electronic Systems Magazine 17(6):4–8
Ratha NK, Connell JHBRM (2001) Enhancing security and privacy in biometrics-based authentication systems. IBM Systems Journal 40(3):614–634
Sanchez-Reillo R (2009) Tamper-Proof Operating System. Encyclopaedia of Biometrics, vol 2. Springer, Berlin, pp 1315–1321
International Organization for Standardization (ISO). ISO/IEC 24787 information technology—identification cards—on-card biometric comparison. http://www.iso.org
Sanchez-Reillo R, Gonzalez-Marcos A (1999) Access control system with hand geometry verification and smart cards. In: IEEE 33rd Annual 1999 International Carnahan Conference on Security Technology, pp 485–487
Cuerpo Nacional de Policia. DNI electrónico. http://www.dnielectronico.es/
Precise Biometrics. Precise match-on-card. http://www.precisebiometrics.com/?id=136
Gemalto. NET bio. http://www.gemalto.com/products/dotnet_bio/
NIST. MINEX II—performance of fingerprint match-on-card algorithms—phase IV report, NIST interagency report 7477 (revision II), http://biometrics.nist.gov/cs_links/minex/minexII/minex_report.pdf
NEUROtechnology. Megamatcher on card SDK. http://www.neurotechnology.com/megamatcher-on-card.html
Sanchez-Reillo R (2001) Including Biometric Authentication in a Smart Card Operating System. International conference on audio and video-based biometric person authentication (AVBPA). Lecture Notes on Computer Science, vol 2091. Springer, Berlin. pp 342–347
NIST. MINEX minutia exchange homepage. http://www.nist.gov/itl/iad/ig/minex.cfm
Common Criteria Portal. http://www.commoncriteriaportal.org/pps/
International Civil Aviation Organization (ICAO) (2006) Doc 9303: machine readable travel documents—part 1: machine readable passports—vol 2: specifications for electronically enabled passports with biometric identification capability, 6th edn. http://www.icao.org/
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag London
About this chapter
Cite this chapter
Sanchez-Reillo, R., Alonso-Moreno, R., Liu-Jimenez, J. (2013). Smart Cards to Enhance Security and Privacy in Biometrics. In: Campisi, P. (eds) Security and Privacy in Biometrics. Springer, London. https://doi.org/10.1007/978-1-4471-5230-9_10
Download citation
DOI: https://doi.org/10.1007/978-1-4471-5230-9_10
Publisher Name: Springer, London
Print ISBN: 978-1-4471-5229-3
Online ISBN: 978-1-4471-5230-9
eBook Packages: Computer ScienceComputer Science (R0)