Smart Cards and Applications - 2025

Instructor:
Cătălin Bîrjoveanu (catalin.birjoveanu@uaic.ro)
Why "Smart Cards and Applications":
  • Mature and expanding market: The idea of embedding a chip in a plastic card is almost as old as public-key cryptography. Thanks to ever-smaller silicon geometries and more powerful cryptographic coprocessors, the performance and storage capacity of smart cards have grown exponentially, enabling new generations of cards and increasingly ambitious applications. National electronic-ID projects, banks, mobile operators, health insurers and the ICAO ePassport standard now generate billions of smart cards and security tokens each year - proof that this technology has a dynamic future
  • Ubiquitous technology: Behind contactless payments (mobile or otherwise), biometric passports, SIM/eSIM cards, public-transport tickets, product tagging, anti-theft systems, item and container tracking, asset management and distribution, health insurance, and both physical and IT access control lie smart cards, RFID and NFC technologies. The course offers a rigorous overview of these technologies, their standards and usage scenarios
  • Need for security: Because secure design, implementation security and attack resistance are more vital than ever, you will examine smart card and NFC systems from a security perspective, identifying typical attacks (cloning, relay, side-channel) and studying the corresponding countermeasures. By developing secure smart card applications, you will understand how these devices protect users and critical infrastructures and how they can be leveraged as key assets in cybersecurity
  • Hands-on labs: Using Java Card - the leading platform for developing smart card applications - you will build and test real-world applications such as e-purse, transport card, or health card, moving from theory to implementation
Objectives:
  • Providing a detailed overview of smart cards, RFIDs and NFC, their characteristics and applications where they can be used
  • Presenting the most used operating systems and platforms required to develop multiple applications for smart cards
  • Understanding the application of smart card and NFC technology in payment systems
  • Understanding the key role of the embedded smart card and RFID/NFC for passports, IDs, mobile communications, transport, pay-TV systems, product tagging, anti-theft systems, item tracking, container identification, asset management and distribution, healthcare, both physical and IT access control.
  • Identifying the different types of attacks on smart cards, RFIDs and NFC, and countermeasures analysis
  • Developing applications for smart cards using Java Card
Topics:
  • Smart Cards and RFIDs Introduction
  • Communication with Smart Cards
  • Smart Card Files Management
  • Authentication
  • Smart Card Operating Systems and Platforms
  • Java Card
  • Applications of Smart Cards and NFC Technology in Payment Systems:
    • Contactless and Contact Smart Cards
    • Contactless Mobile Payments
    • Security Attacks and Countermeasures for Smart Cards, RFIDs and NFC
    • Smart Cards in E-Commerce
    • 3-D Secure
    • Smart Cards for Internet Banking
  • ePassports
  • Other Applications of Smart Cards, RFIDs and NFC: Mobile Communications, Transport, Pay-TV systems, etc
  • Side Channel Attacks
Labs:

Using Java Card Development Kit for developing and testing Java Card applications such as electronic purse, loyalty card, transport card, health card, student card.

Exam: May 20, 10:00-12:00, C210


Lecture Notes References
Smart Cards and RFIDs Introduction Wolfgang Rankl and Wolfgang Effing, Smart Card Handbook, Fourth Edition, John Wiley & Sons, 2010, Chapters 1, 2, 4, 5.
Konstantinos Markantonakis, Keith Mayes, Secure Smart Embedded Devices, Platforms and Applications, Springer, 2014, Chapter 1.
Communication with Smart Cards Wolfgang Rankl and Wolfgang Effing, Smart Card Handbook, Fourth Edition, John Wiley & Sons, 2010, Chapter 8, 9.
ISO/IEC 7816-4 Identification cards - Integrated circuit cards - Part 4:Organization, security and commands for interchange, Fourth Edition, 2020, Chapters 4-6.
Java Card Java Card Platform Specification 3.2, 2023.
Smart Card Files Management. Authentication Wolfgang Rankl and Wolfgang Effing, Smart Card Handbook, Fourth Edition, John Wiley & Sons, 2010, Chapters 11, 12.
Smart Cards in Payment Systems
EMV Smart Cards (I) EMV Integrated Circuit Card Specifications for Payment Systems, Version 4.4, 2022.
EMV Smart Cards (II)
Smart Card Attacks
RFID. NFC. Contactless and Mobile Payments (I) EMV Contactless Specifications for Payment Systems, Version 2.11, 2023.
RFID. NFC. Contactless and Mobile Payments (II)
ePassports (I) ICAO Doc 9303, Machine Readable Travel Documents, Eighth Edition, 2021.
ePassports (II)

Labs References
Java Card Development Kit 3.1 Installing
Java Card Wallet (I) Communication with Smart Cards, Lecture Notes.
Java Card, Lecture Notes.
Complete List of APDU Responses.
Java Card Development Kit Tools
Java Card Wallet (II)
Loyalty Card
Transport Card
Health Card
Grades