The RFID and Smart Card Reader

Friday, October 06, 2006

Another try

Now let's see if by starting all over again with a new blogger blog, Technorati indexes it (or maybe Google will?)

Wednesday, October 04, 2006

myspace

It's surprising that Google doesn't index its own Blogger service, but it seems to be the case, so let's see how an Alvin Toh myspace is faring for a while.

Friday, September 29, 2006

ETSI, USB, and Gemalto

Card Technology Magazine has reported September 28, 2006 that Gemalto would be supporting USB exclusively at ETSI for the new high-capacity SIM format. That would certainly clarify the situation at ETSI, by lowering the number of competing proposals, and hopefully leading to breaking the current logjam.

Thursday, September 28, 2006

msystems

msystems has announced September 27, 2006 a "high-capacity SIM" card of 1 Gigabyte. I think that's an MMC card, so the word SIM may be confusing for some, who understand SIM today as being defined by ETSI as ISO-7816 cards, not MMC cards at this point. What I find interesting here is that MMC cards and "high-capacity SIM" cards are getting in synch regarding memory sizes.

Wednesday, September 27, 2006

Secure ID Coalition

The Secure ID Coalition is opposing smart cards to RFID. May be what should be considered is high security devices versus low security devices, whether they are called smart cards or RFID.

Monday, September 25, 2006

Motorola and Symbol Technologies

Motorola has announced September 18, 2006, that it is acquiring Symbol Technologies, maker of RFID Gen 2 tags and equipment. Motorola is back to the smart card business?

Monday, September 18, 2006

RealNetworks and SanDisk

RealNetworks and SanDisk have announced a platform for playing music by RealNetworks that will be used in particular in SanDisk MP3 players. The digital rights management component provided by RealNetworks is called Helix. I don't know if there is hardware support in SanDisk players for Helix. It's interesting that now SanDisk is a smart card company that provides MP3 players. From an MP3 players to a WiFi phone, there is not a long distance.

Thursday, September 14, 2006

Kayote Networks announced that they are embedding KoolSpan's smart card in their VoIP solution. This is in fact adding a new factor of authentication to voice communications, as voice itself is an authentication means.

Sunday, September 10, 2006

CardLogix

CardLogix has announced September 6, 2006, its new smart card family answering the U.S. Department of Homeland Security request for HSPD 12 compliant cards. It looks like the field will be quite competitive, and the program a leading example of government use of smart cards.

Friday, September 08, 2006

RFID Gazette

I've just discovered RFID Gazette. That's smart cards with a different name?

Wednesday, September 06, 2006

Athena Smartcard Solutions

Athena Smartcard Solutions has published September 6th, 2006, that it has acquired the Java Card technology from Aspects Software. This is an interesting story to follow as it makes Athena Smartcard Solutions a leading independent Java Card software provider. This is a business model that separates OS technology from smart card vendors, such as Microsoft and Intel have separate functions in the PC world. Whether smart cards will follow the PC industry in this respect is not established.

Friday, September 01, 2006

3G Americas

3G Americas indicated August 31, 06, that there are now two billion GSM and UMTS/HSPDA (3G) subscribers. That's two billion smart cards (SIM) for authentication, roaming, and other services. Another 500 million cell phones using different technologies typically don't carry smart cards.

Thursday, August 31, 2006

Trusted Computing Group

The Trusted Computing Group published August 28, 2006 that they will hold a seminar on security and mobile devices September 13 at CTIA. It looks like the Trusted Platform Module of mobile devices is on its way, via new security specifications. Once this happened, the security functions that belong to the phone will be done there, and those that belong to the SIM will stay there, i.e., notwithstanding standards edicts, they will have to be centered on portability of credentials. However, this is somewhat limited by the form factor of the SIM and the necessity of keeping it in the phone on a semi-permanent basis.

Tuesday, August 29, 2006

LaserCard

LaserCard announced August 21, 2006 a million dollars contract in the Middle East for optical memory-based national identity cards. In their boilerplate, the company mentions that LaserCard memory cards come with chip-ready capability. Optical capabilities and chip capabilities sure complement each other nicely.

Monday, August 28, 2006

Verichip

Verichip announced August 23, 2006 that they sold an RFID system for infant protection to the Brampton Civic Hospital in Brampton, Ontario. Here we see smart cards become very personal. So close that the person becomes in fact the RFID.

Friday, August 25, 2006

UnitedHealth Group

UnitedHealth Group has announced August 14, 2006 that their health card will provide authentication, payment, and health record capabilities ("That Personal Health Record uses claims data and other data elements to automatically compile a comprehensive summary of medical conditions, medication history, significant medical interventions and laboratory results."). It looks like it's a magnetic card at this point, not a smart card yet.

Thursday, August 24, 2006

HP

HP has announced July 17, 2006, its "memory spot", a contactless chip with 10 Mbits/s transfer, up to 4 Mbits of memory capacity, and a surface of 2 to 4 square millimeters. This sounds like a mix or an RFID and a smart card. The protocols used are not indicated, and security is not mentioned. An RFID with much information has to be protected, and then it's also a smart card.

Wednesday, August 23, 2006

Gemalto and Infineon

Gemalto announced August 4, 2006, that they have an order for the US electronic passport. Infineon published August 21, 2006, that they have a purchase order for the US passport. Gemalto is a smart card manufacturer, Infineon is a chip manufacturer, therefore a supplier or potential supplier to Gemalto. This creates a healthy competitive dynamics.

Tuesday, August 22, 2006

Giesecke & Devrient

Giesecke & Devrient announced August 21, 2006, the anniversary of their first SIM card sale fifteen years ago. (The Subscriber Identity Module [SIM] is the smart card present in all mobile phones of the GSM [and subsequent 3G] variety). The question today is: now that the SIM fundamental function, which is support of roaming operations, can be done by exchange of authorization over the Internet by the office systems of the operators, will SIM re-invent itself to still be a critical piece of the mobile phone? To do so, the SIM must bring the personal values of security, privacy, and convenience to the forefront.

Monday, August 21, 2006

SanDisk

SanDisk is selling a 1 GB USB Flash drive with biometric protection. If they added to that the U3 capability that they have on other drives, they would now have a biometric authentication device for using host computers as truly personal computers. With biometry and U3, the USB drive would be one step closer to actually becoming the personal part of computing on the network.

Friday, August 18, 2006

United States Department of Veterans Affairs

The United States Department of Veterans Affairs has announced August 14, 2006 that all computers of the department will embed encryption software by GuardianEdge and Trust Digital. It looks like the idea would be for them to use GuardianEdge for desktop and laptop computers, and Trust Digital for Personal Digital Assistants [PDA's] and smart phones. On their website today [August 18, 2006], GuardianEdge explicitly supports smart cards, while Trust Digital only mentions passwords at this point. It seems that this might change, as we would anticipate a uniform use of smart cards on all devices for key transport.

Thursday, August 17, 2006

China Unicom

Card Technology Magazine reported August 15, 06, that China Unicom will stop issuing SIM cards to CDMA subscribers since because of it, "it doesn't get timely access to the latest CDMA handsets". Now smart cards have never been mandatory with CDMA technology, whereas they've always been mandatory with GSM technology. What's interesting here is that one rationale for SIM presence in GSM is that it provides users with the ability to change handsets while staying with the same GSM operator. Now we see that for CDMA, the effect would be exactly the contrary. What this says is that handsets have now reached a point where their price and/or attraction are such that, in a sense, the handset becomes the smart card. Since the handset doesn't have the same security properties as the smart cards, security, privacy, and other properties of the smart card are the remaining (and true) rationale for smart cards in handsets. This is where the value resides.

Wednesday, August 16, 2006

Sony

Sony announced August 7, 2006, the "mylo™ personal communicator". It's a device that links to any open Wi-Fi network, and is loaded with Skype, in other words, a mobile phone. There is no traditional mobile phone operator involved (Skype here is the "operator"), and there is no authentication smart card. Actually, there is authentication at play, since voice itself serves as authentication, and the payment means for Skype calls made to the public network are another form of authentication. It is unlikely that a smart card will ever be needed for voice authentication except in the most stringent situations (say, financial, or military), but smart cards will end up being needed for payment to Skype, just as they are needed for other payments. More generally, smart cards will end up in these devices to provide private and secure access to institutional networks.

Tuesday, August 15, 2006

Kena Kai

On PRNewswire on August 14, 2006, a company called Kena Kai, surprisingly with no presence yet on the web, as far as we can see, announced wallets protecting contactless smart cards. The idea is to provide an electronic shield for contactless payment cards just as one was provided for the US electronic passport. As a reminder, the new US electronic passport embeds in its cover a metallic shield which forces one to open the passport to read its embedded ship. The concept of protecting contactless smart cards against undue reading is not new, but making it explicit like Kena Kai does may entice payment companies to emphasize how the protection schemes of payment applications are protecting cardholders in the event of undue, or hostile, reading.

Monday, August 14, 2006

RFID Gen 2

RFID Gen 2 is the latest generation of RFID [Radio Frequency IDentification] tags, an evolution of Electronic Product Codes [EPC] specified by EPCglobal Inc. The security of Gen 2 is way lighter than smart card security, as circuits are not necessarily protected, protocols are not based on strong cryptography, and access is based on passwords. Anyway, there is a security layer in Gen 2, however weak, that can be improved on in future generation. An obvious way to do it would be to import specifications and practices from the smart card world, at which point RFID would possibly become a disruptive technology to smart cards, in the sense intended by Clay Christensen in The Innovator's Dilemma. I.e. RFID comes from a low price point, with inferior capabilities, but may climb up the value chain below the smart cards one.

Friday, August 11, 2006

Omnikey

Omnikey just said August 8, 2006 that they are joining the NFC [Near Field Communication] forum. The importance of NFC compared to other smart card contactless technologies is its symmetry. Other technologies are using smart cards as passive units powered by induction by a reader, like RFID [Radio Frequency Identification Tag]. NFC, in contrast, allows the smart card to be a reader if it has its own source of power for the NFC chip. The smart card can then act both as an emitter and a receiver, capable of engaging freely in peer-to-peer relationships.

Thursday, August 10, 2006

Irdeto

Irdeto published Aug 8, 06, that they got a contract for one million smart cards to Shaanxi Broadcasting & TV Information Network Co., Ltd. in China. It is interesting here to note that this is a Digital Rights Management (DRM) application in China, supposedly not a strong supporter of copyrights. TV is a natural for smart cards, particularly for the part of TV that is temporally bound. Historically, TV smart cards have had unique properties, because the TV channel was one-way only, which makes the cryptographic content very specific. As TV channels become two-ways thanks to cable and other network technologies, TV smart cards will now rely more and more on widely used cryptographic protocols (such as RSA and AES), and therefore will join other smart cards in capabilities. Next step will be fusion between TV and other smart cards applications. On the business side, it will be worth watching for Chinese smart card companies following the footsteps of Irdeto.

Wednesday, August 09, 2006

Sprint Nextel

Sprint Nextel announced on Aug 8, 06 that it plans to deploy WiMax. My guess is that they would provide seamless access between WiMax (sometimes referred to as a 4G [Fourth Generation] network) and their current 3G networks. They would probably extend the use of smart cards as 3G authentication devices to WiMax, hereby integrating straight TCP/IP technology (the base of WiMax) with traditional wireless technology (as specified by ETSI, the European Telecommunications Standards Institute). This could be considered as a preemptive move to slow down the commoditization of networks via TCP/IP, by providing users a friendly experience.

Tuesday, August 08, 2006

Citrix