Main Index
| Company | Tech Writing | Problem Solving | Contact |
| Biometrics | Smart Cards | Common Criteria | Web Site Development | Photography |

SMART CARDS

Smart cards combine the utility of a small computer with the convenience of a credit card. Having a computer as part of the card allows the storage of significant amounts of data. Processing, such as data manipulation or encryption/decryption, can also be performed. The resulting product is useful for a wide variety of applications in the financial industry, in access control, and in any other functions where mobile data storage and processing is required.

The following activities represent some of the output of RMTCI in the field of smartcards.
  • Technical Editor for preparation and certification of the Smart Card Security Users Group Smart Card Protection Profile. This effort involved a consortium of the major payment associations (Visa, MasterCard, American Express, and JCB) as well as multiple government representatives (US, Canada, Great Britain, France, Germany, and Japan). The Protection Profile (written according to the requirements of the Common Criteria ISO 15408) was certified in the US, Canada , Germany, and France in September, 2001.

  • Author of EMV Integrated Circuit Card Credit and Debit Application Protection Profile draft (submitted to EMVCo for review in 2001).

  • Adjunct Technical Consultant for Authenti-Corp. Contributed to:
    • Defining Smart Card Security, A Guide to Process and References, DRAFT 2002
    • NIST Special Publication 500-157a, Smart Card Technologies: Physical and Logical System Security Tools DRAFT 2002.
    • Government Smart Card Interoperability Specification - Smart Card Application Protection Profile, DRAFT 2003.

  • Author of Monographs for Smart Card Industry Association (SCIA is now part of the Smart Card Alliance).
    • Smart Card Attack Review - GSM Cellphone Clone, Differential Power Analysis, July 1998
    • Smart Card Attack Review, June 1999
    • Common Criteria and Smart Card Security Evaluations, May 2000

  • Instructor for Smart Card Forum smart card security
    (Smart Card Forum is now part of the Smart Card Alliance).

  • Developer of prototype 3Com Palm III Java card smart card reader
    (in association with AcuLab, Inc.)

  • Developer of PC based prototype smart card identification card with photo contained in smart card memory
    (in association with AcuLab, Inc.)

  • Attended Europay International and MasterCard International Chip Vendor Services Program, September 2000 to review presentations and provide independent comments on possible improvements.

  • Invited attendee to TNO EIB "Cooperation in Security - A Seminar and Look Behind the Scenes", Delft, The Netherlands, September 2000.

  • Invited attendee to TNO ITSEF Seminar "Security a Moving Target", Delft, The Netherlands, October 2004.

  • Provided training in Common Criteria to various industrial groups.

  • Provided technical writing services for various customers to generate papers on Smart Card Security Principles, Chip Card Migration Studies, Smart Card Test Requirements, and reviews of specific smart card hacks and penetrations.

  • Managed smart card security evaluations while at Sandia National Laboratories, Albuquerque, New Mexico (prior to "retirement" in 1997).

  • Professional Contributions:
    • "Common Criteria and the Smart Card Security Users Group Smart Card Protection Profile", presented at the SMPTE Study Group DC28.4, Los Angeles, CA, May 22, 2001.
    • "Review of Smart Card Security Reports and Publications", presented at Smart Card Industry Association Fall '98 Workshop, Arlington, VA, November 16-17, 1998.
    • "Smart Card Security and System Integrity", presented at Smart Card Forum 1997, Fifth Annual Meeting, Washington, DC, September 16, 1997 as part of Smart Card Forum Educational Institute Smart Card Introductory Course.
    • "Multi-Application Cards", presented at the International Cards Council, London, England, April 15, 1997.