Smart Card

Ｆ ＥＬ Ｎ Ｗ ＦＷ Ｐ Ｎ ＡＬＥ
ＣＬＥ
ＣＬＥ
其 读写 速度 分别 能够达 到３ ＭＢＳ ６ ／。 ８ ／和２ ＭＢＳ
接
２２ 主 控 芯 片 与 Ｓ ６ ５ 分 硬 件 设 计 ． Ｋ６ ２ 部
１ 相 关 芯 片介 绍
Ｆ ７ ０ 是 一 款 内 核 为 ８ 增 强 型 ５ 单 片 机 ．是 Ｆ ７ ０ ＭＣ Ｓ８２ 位 １ Ｓ ８５ Ｕ
Ｎ ＮＤ Ｆａｈ 由１２ 个块 组成 ， Ａ １ｓ ， ０ ４ 每块 ６ 页 ， ４ 每页２ ＋ ４ ｋ ６ 字节 ， 中 其 的２ 字节 是数 据存 储 区 ， ｋ 附加 的６ 字节 是扩 展 存储 区 ， 于保 ４ 用 存 一些 页面信 息及 Ｅ Ｃ Ｃ 校验 数据 等 。 Ｋ ６ ５ Ｓ ６ ２ 是专 门设计 来连 接 Ｎ Ｄ Ｆａｈ ，Ｋ ６ ５ 身能 够 同时接４ Ｆａｈ ＡＮ ｌｓ 的 Ｓ ６ ２ 本 块 ｌ ，本 设计 中只 ｓ
２ Ｓ ｒ ｒ ａ ｅ 硬 件 设 计 ｍａ ｔＣａ ｄ Ｒｅ ｄ ｒ
硬 件 方 面 通 过 Ｓ ６ ２ Ｎ ＮＤ Ｆａｈ 连 ． 主 控 芯 片 Ｋ ６ ５和 Ａ ｌｓ 相
Ｆ ７ ０ 通 过 Ｓ Ｄ Ｔ 线 与 Ｓ ６ ２ 以 实 现 相 互 之 间 的 通 信 。 外 Ｓ８２ Ｄ Ａ Ａ Ｋ６５ 另
种 类 的 Ｎ Ｎ ｌｓ ，包 括 Ｎ Ｄ Ｓ ＬＦａｈ Ｎ Ｎ Ｃ Ｆａｈ Ａ Ｄ Ｆａｈ ＡＮ Ｃ ｌｓ ， Ａ Ｄ ＭＬ ｌｓ 。
体 引脚 连接 如 图２ 示 。 所
ＳＫ６ ２５ ６ ＦＲＥ Ｎ ＲＥ Ｎ ＮＡＮＤ Ｆ ａ ｈ ｌ ｓ
Ｗ Ｅ Ｎ Ｗ Ｐ Ｎ Ａ ＬＥ
接 口将 Ｅ Ｐ Ｍ， ａｈ 的 代 码 自动 装 载 到 Ｆ ７ ０ 内 部 的 Ｃ ｄ Ｅ Ｒ０ Ｆ ｓ 中 １ Ｓ ８２ ｏｅ

activedirectory 验证方法Active Directory 是由微软开发的一种目录服务，它提供了一种集中管理和组织网络中的用户、计算机和其他网络资源的方法。

在企业网络中，用户需要通过验证才能访问网络资源。

因此，Active Directory 验证方法是非常重要的。

本文将介绍几种常用的 Active Directory 验证方法。

1. 基本身份验证（Basic Authentication）基本身份验证是最简单的验证方法之一。

用户在登录时输入用户名和密码，并将其发送给 Active Directory 服务器进行验证。

如果用户名和密码正确，用户将获得访问权限；否则，将被拒绝访问。

2. NTLM 身份验证（NTLM Authentication）NTLM 身份验证是一种基于 Windows 操作系统的验证方法。

它使用单向散列函数来加密用户的密码，并将加密后的密码发送给服务器进行验证。

NTLM 身份验证支持单向和双向身份验证，在安全性和性能方面都有一定的优势。

3. Kerberos 身份验证（Kerberos Authentication）Kerberos 身份验证是一种网络身份验证协议，用于在非安全网络上进行安全身份验证。

它使用票据和票据授权服务器来验证用户的身份，并为用户生成访问票据，以便在网络上访问资源。

Kerberos 身份验证提供了更高的安全性和可扩展性。

4. Smart Card 身份验证（Smart Card Authentication）Smart Card 身份验证是一种基于智能卡的验证方法。

用户需要插入智能卡并输入密码才能进行身份验证。

智能卡中存储了用户的证书和私钥，用于加密和解密身份验证信息。

Smart Card 身份验证提供了更高的安全性，因为智能卡很难被伪造或盗用。

5. 多因素身份验证（Multi-Factor Authentication）多因素身份验证结合了多个验证方法，以提供更高的安全性。

10.什么是认同卡？
认同卡（AffinityCard）是由发卡银行和非盈利性的社会团体或机构联合发行的银行卡。认同卡的持卡人通过领卡和用卡对联名发卡的社会团体或机构所从事的活动表示认可和赞同，发卡银行通过持卡人的领卡和用卡以一定形式使联名的社会团体或机构得到经济上的支持，如中国建设银行发行的“南开龙卡” 等。
12.什么是智能卡？
芯片卡/智能卡（ChipCard/SmartCard）是当今信用卡领域的新产品。所谓“智能卡”，实际上就是在信用卡上安装一个拇指大小的微型电脑芯片，这个芯片包含了持卡人的各种信息。这种芯片与磁条相比，具有更高的防伪能力，一般不易伪造，因而更加安全。智能卡于20世纪70年代末在法国产生，其后各国都着手研制。目前，智能卡已经广泛的应用于我国银行、电信、交通等社会的各个方面，得到了快速的发展。
2.什么是信用卡？
信用卡（CreditCard）是银行或其它财务机构签发给那些资信状况良好的人士，用于在指定的商家购物和消费、或在指定银行机构存取现金的特制卡片，是一种特殊的信用凭证。
3.什么是贷记卡？
贷记卡是指发卡银行给予持卡人一定的信用额度，持卡人可在信用额度内先消费，后还款的信用卡。
注：专门用途是指在百货、餐饮、饭店及娱乐行业以外的用途。
8.什么是储值卡？
储值卡是发卡银行根据持卡人要求将其资金转至卡内储存，交易时直接从卡内扣款的预付钱包式借记卡。
9.什么是联名卡？
联名卡（Co-BrandedCard）是商业银行与盈利性机构合作发行的银行卡附属产品。目前最常见的是联名借记卡，即在借记卡的基础上开发的具有联名性质的银行卡。联名卡的运作形式是由发卡银行与诸如航空公司、电讯公司、商场等盈利机构联手发行一张卡片，凡持有该卡片的消费者在这些机构消费可以享受商家提供的一定比例的优惠。如中信实业银行发行的中信STAR高尔夫联名信用卡等。

Windows XP 操作系统用户
您或许已经完成了
.确认——驱动程序安装
.确认——读卡器识别
.确认——服务器证书安装
.确认——[smart card]服务存在且正常启动
但登陆系统时仍然“初始化端口1失败”
我们将建议您升级安装[smart card]服务
并对[smart card]服务进行配置
接着输入此命令 regsvr32 scardssp.dll
确认后，系统提示
"DllRegisterServer in scardssp.dll succeeded"
*注意*
您或许会发现"smart card holder"服务 或“智能卡助手”服
务在本文中它与"smart card"服务无关
这意味着：您的EP-600 \EP-801型智能卡读卡器无法正常工作
您或许已经顺利的安装了读卡器的驱动程序、
并且该设备连接/识别正常
在尝试登陆电子口岸系统时：系统仍然提示您
“初始化端口1失败”
您需要参考下文
转贴请注明出自 电子口岸数据中心

请提供错误银幕截图
发送电子邮件到 rexian@
<>如果没有找到该服务
<>试图打开、启用该服务时遇到异常情况
则您需要升级/安装smart card 服务
2. 如何升级或重新安装[smart card]服务
方法：
点击银幕左下角[开始]--[运行]
首先输入此命令 scardsvr reinstall
确认后，等待黑色窗体消失
第一步. 检查自己的Smart card服务是否存在

智能一卡通管理中心Smart card management center管理中心产品特点1. 智能一卡通：管理使用脱机运行2. 开放式积木式扩展式3。

提供API OR SDK4. 智能一卡通：管理使用一卡一库一平台5. 模块化简单化智能化傻瓜化产品说明写卡器软件SOFTKEY多串口卡通讯转换器调试卡Features of the Management Center1 smart card：the management and use of offline operation2 Open building block extension type3 Provide API OR SDK4 Smart card: the management and use of a card，a library and a platform5 modular simplified intelligent foolProduct DescriptionSmart card deviceSoftwareSOFTKEYMultiport serial cardsCommunication converterDebug card什么是智能一卡通系统？What is a smart card system？“智能一卡通”是以IC卡技术为核心,以计算机和通信技术为手段，将智能建筑内部的各项设施连接成为一个有机的整体，用户通过一张IC卡便可完成通常的钥匙、资金结算、考勤和某些控制操作，如用lC卡开启房门、IC卡就餐、购物、娱乐、会议、停车、巡更、办公、收费服务等各项活动.而不必像以往携带多把沉重的钥匙开门，去各个对应部门交费等繁杂的操作。

整个系统可根据需要对各部门进行监控管理和决策, 各局部系统和终端可自动将收集到的信息整理归纳，供系统查询、汇总、统计、管理和决策。

通过IC卡可互相沟通，既满足各个职能管理的独立性，又保证整体管理的一致性。

外文原文SMART CARD for SMART CAMPUSKFUPM Case StudyTala1 Halawani and Mohamed MohandesKing Fahd University of Petroleum and Mineralsmohandes@. SaAbstractSmart card is the latest addition in the world of information technology. The vision of the smart card program is to provide access to services that is secure, fast,friendly, easy to use, flexible, personal, and is accessible by the users kom anyplace at any time. A smart card is of the size of a conventional credit card with an embedded computer chip that stores and transacts data between users and devices. This data is associated with either value or information or both and is stored and processed within the chip of the card. The card data is transacted via a card reader attached to a computing system as a peripheral device. Smart cards are extensively used through several key applications like education, healthcare, banking, entertainment, and transportation.1. IntroductionSmart card is a mini-computer capable of storing and processing data. Although, at -present, they are most popular as single-function cash cards and long-distance calling cards, their capabilities range from retaining tickets, money, frequent flyer miles, travel preferences, insurance information, key demographic data, links to a patient’s medical records, to allowing access into a building, logging onto a network, etc. The potential of the smart card is limitless. With the added bonus of these functions being performed on a single card, smart cards have the ability to become indispensable tools.Smart cards were first introduced in Europe a couple of decades ago as a stored value tool for pay phones to reduce theft [I]. As smart cards and other chip-based cards advanced, people found new ways to use them, such as charging cards for creditpurchases and for record keeping in place of paper. Smart cards provide tamper-proof storage of user and account identity. They provide protection against a full range of security threats, kom careless storage of user passwords to sophisticated system hacks. Smart card can be multi-functional through the use of several applications stored on the card. This paper starts with the history of smart cards and describes the different types of smart cards with characteristics of each type. Finally, the paper will detail KFUPM smart card system as an important case study in the field.2. The History of Smart CardsThe first plastic payment card for general use was issued by the Dinners Club in 1950. At first the card’s functions were quite simp le [2]. They initially served as data carriers that were secure against forgery and tampering. General information, such as the card issuer’s name, was printed on the surface while personal data elements, such as the cardholder’s name and the card number were embossed. Further more, many cards bad a signature field. Protection against forgery was provided by visual features. Therefore, the system’s security depended completely on the retail staff accepting the cards. However, this was not an overwhelming p roblem due to the card‘s initial exclusivity. There was a pressing need for machine-readable cards to reduce handling cost in addition to the fact that card issuer’s losses due grew from year to year due to fraud [2].The first improvement consisted of a magnetic strip on the back of the card. This allowed digital data to be stored on the card in a machine-readable form as a supplement to the visual data. Additionally, security is enhanced by the use of a secret personal identification number (PIN) that is compared to a reference number stored in the magnetic strip [3].Although the embossed card with a magnetic strip is still the most commonly used type of payment card, they suffer from a severe weakness in that data stored on the strip can be read, deleted and rewritten by anyone with access to the appropriate equipment. PIN must be stored in the host system in a secure environment, instead of on the magnetic strip. Most systems that employ magnetic strip cards have on-line connectionsto the system’s host computer for security reasons. However, this generates considerable data transmission costs.The development of the smart card, combined with the expansion of electronic data processing has created completely new possibilities for solving this problem. Progress in microelectronics in the 1970’s made it possible to integrate data storage and arithmetic logic on a single silicon chip measuring a few square millimeters [2]. The ideas of incorporating such an integrated circuit into an ID card was contained in a patent application filed in Japan by Kunitaka Arimura in Japan concerning “a plastic card incorporating one or more integrated circuit chips for the generationof distinguishing signals” in1970 [3]. However, the first real progress in the development of smart cards came when Ronal Moreno registered his smart card patent on “an independent electronic object with memory” in France in 1974.A breakthrough was achieved in 1984, when the French telecommunication authorities decided to use prepaid chip cards for public pay phones due to the increasing vandalism and theft. Chip cards were demonstrated to be a cost effective solution. The French example was followed by many other countries. Today, more than 100 countries use chip cards for their public phone systems. By 1990 the total number of smart cards reached 60 million cards [4]. Today, several billion smart cards are in use worldwide.3. Types of Smart CardsSmart cards are composed of a chip, an interface between the chip and the card reader, and a plastic body. Smart cards are classified according to the chip type; memory chip cards as well as microprocessor chip cards. They can also be classified according to the method of communication with the reader. Cards may communicate with readers either through direct physical contacts (contact cards) or through a radio kequency signals (contactless cards).3.1 Memory Chip CurdsMemory cards have no sophisticated processing power and cannot manage filesdynamically. They are used for data storage and applications. Data can consist of the identification number, serial number of the card, installed applications and the information required to a specific application in case of mudti-appliciation cards. The main use for memory smart cards is to store card’s operating sy stem, nm-time e:nvironment, issuer security domain, card issuer application, keys, and certificates for cryptography. Keys function as passwords to secure environments, and certificates verify the authenticity of keys. Memory smart cards are built wi.th erasable programmable read-only memory (EPROM) or electrically EPROM (EEPROM) chi,ps. EPROM is often used in prepaid service cards such as phone cards that count off minutes used and then are discarded. EEPROM, which can be changed up to 100,000 times, includes built-in logic that can be used to update a. counter in prepaid service cards.3.2 Microprocessor Chip CurdsThese cards have on card dynamic data processing capabilities. The chip contains a microprocessor or a microcontroller that manages memory allocations and file access. It manages data in organized file structures, via a card operating system (COS). Unlike other operating systems, this software controls access to the on card user memory. Thi,s capability permits different and multiple functions and/or different applications to reside on tkle card. The microprocessor chips used for cards are smaller, slower versions of the central processing units used in PCs. Their pro,gamming capability provides support to functionality of the card. Microprocessor smart cards are required for applications that manipulate or compare data, such as public key infrastructure (PKI), dataencryption, Java applets, and electronic purses. Every microprocessor smart card bas a COS on the chip to operate the internal functions of the application. The COS loads off the read-onlymemory (ROM), much like: a basic inputloutput system (BIOS) on a PC [Z].3.3 Contact Smart CmdsIn addition to the classification of smart card based on the chip type, smart cards can be classified based on communication type. Contact smart card requires a phyriical contact between card and the reader. They use an eight or six pin contacts on the top of the card to physically connect to the card reader. Their ch.ip could be memory or microprocessor type [5].3.4 Contactless Smart CurdsContactless smart cards use an antenna to communicate with the reader. They are powered from an RF field generated by the card reader. The RF field also transfers data between the card and the reader [4]. Employee identification badges for building access are typically contactless smart cards. Additionally, most cards used for transportation are contactless as well.3.5 Combination Smart CardsMultipurpose combination smart cards are a hybrid mix of the contact and contactless designs. They include contacts for communication with a contact type reader, and also include an antenna for communication with an RF type reader [5].4. KFUPM Smart Card SystemUniversities need simple identity cards for all employees and students who are granted access to certain data, equipment and departments according to their status. Multifunction, microprocessor based smart cards incorporate identity with access privileges and also stores value for use in various locations, such as cafeterias and stores. Numerous universities around the world are utilizing smart cards. KFUPM is one of the first universities in the area to adopt a comprehensive multifunctional smart card system. KFUPM card is a dual card that bas two chips; one for contact applications and the other is for contactless applications. The contact chip will be utilized to store cardholder photo in addition for future bank services while the contactless chip will be utilized for all other functions. The card systemwill provide the following functions:Photo IDLibrary borrowing privilegesElectronic purseRecreation center sewicesMedical center servicesE-LeamingAccess control to university facilities Logical access to PCs and the internet These functions are controlled from a control management center (CMC) as shown in Figure.1. The CMC will host a file database server that is connected to the university network, enabling the system to access the student information system (SIS) and personnel payroll databases (PPS). An additional database is created for the cardholder database and will be residing in the system's server. There are several components of the CMC.Figure.1 Card Management CenterThe function of the card issuing System (CIS) is to capture the digital photograph and the biometrics template of the cardholder [6-71. As can be seen in Figure.2, the CIS consists of a card printer, biometrics scanner, digital camera, and a workstation. The CIS workstation is connected to the network to access the databases for the required information and data. However, records under processing could be stored for a sbort period in the CIS local database before it is passed onto the cardholder database to reduce the load on KFUPM network.Figure.2 Card Issuance CenterCard personalization system (CPS) performs the chip personalization in addition to defining the door access level for the cardbolder. CPS works on a cliendserver configuration, where the application used for the personalization process resides on the server. Therefore, each defined CPS workstation uses the KFUPM network to access and invoke the CPS application in the server. The CPS application can access the SIS and PPS through the KFUPM network. CPS consists of biometrics scanner, contact card reader and contactless reader as seen in Figure.3.Figure.3 Card Personalization SystemDue to the presence of contact and contactless chips, personalization has to be performed twice. Once the personalization process is complete, the system performs a biometrics verification process to insure that biometrics templates match the actual physical cardholder.Access control system (ACS) is responsible for controlling all defined accesscontrolled areas. It is also used to define the various group levels, which allow proper control of the movement of students and personnel in the university. This system provides access control to the university gates, buildings,Laboratories, library, recreation centers and car parks, as shown in Figure.4. ACS tracks and records movement of staff and students in controlled regions.Figure.4 Access control systemPayment management system (PMS) is responsible for collecting the various E-purse and university account transactions performed at the point of sale (POS) terminals. These POS terminals would be available at restaurants, library, recreation center, medical center, and coffee shops. The POS system accepts cash payments, make payments via university account, and make payments and provide refunds using the E-Purse system. Figure.5 shows the POS system.Figure5 Point of Sale SystemConclusionsThis paper introduced smart card technology. It presented the history and Ines of smart cards. Additionally, it highlighted the important points of KFUPM smart card system. Upon completion of the system, it is hoped that KFUPM smart card project will be an important case study for other universities in the are.% to follow.中文译文校园智能卡摘要智能卡的诞生是对世界信息技术的一种补充。

This guide describes the HID OMNIKEY Smart Card Reader installation. Reference your driver documentation (readme) for a list of supported windows versions.Three types of installation exist:• Unattended (preferred installation)• Automatic (internet connection required)• Manual UnattendedThe Unattended installation is the preferred method. Unattended installation files are found at /omnikey . Optionally, obtain these files from an installation CD (if available).1. T o download the latest HID OMNIKEY Unattended setupdrivers, go to: /omnikey , and select Download OMNIKEY drivers .2. Select your OMNIKEY product and operating system.3. From the list, select the Unattended Setup Installer andconfirm the license agreement.4. Double-click the executable file and follow the instructionsdisplayed in the setup window.Note: In addition, download API drivers. The SYNC-API is required for applications with memory or contactless (iCLASS ®) cards. The CT-API is often required for PIN Pad readers (electronic signature applications), as well as health care applications.In standard installations, installing these APIs is suggested.For driver installation local administration rights may be required.Do not plug in the OMNIKEY reader into your computer until setup is complete.5. Execute the Unattended Setup.EXE file and follow theInstall Wizard instructions.Note: For uninstalling the OMNIKEY drivers, restart the setup or (from the control panel) use Add/Remove Programs .6. After finishing the installation, plug in your reader to the port(USB, ExpressCard ®, or PCMCIA).7. Windows automatically detects and installs the newhardware connected to the port (USB, ExpressCard, or PCMCIA).Proceed to the OMNIKEY Workbench section for testing and installation.AutomaticEnsure your computer has an online connection to the Internet.1. Connect the reader to the computer port (USB,ExpressCard, or PCMCIA).2. Windows detects the new hardware connected to the port(USB, ExpressCard, or PCMCIA) and requests the drivers.3. After the Windows Hardware Wizard opens, Windowsrequests to connect to Windows Update to search for software, click Yes, this time only .4. The OMNIKEY reader automatically is recognized and theappropriate driver installed through Windows Update.The OMNIKEY reader is ready for use.Note: If your OMNIKEY reader is CCID compliant, use a native Windows CCID driver to operate the reader. However thenative driver does not allow you to utilize the readers advanced features and functions.Proceed to the OMNIKEY Workbench section for testing the installation.ManualFor manual driver installation, local administration rights may be required.Original OMNIKEY drivers must be locally available on your computer (for example, after internet download or from a CD).1. T o download the latest OMNIKEY drivers, go to:/omnikey , and select Download OMNIKEY drivers .2. Select your OMNIKEY product and operating system.3. From the list, select the driver for download and confirm thelicense agreement.Note: In addition, download API drivers. The SYNC-API is often required for applications with memory or contactless cards (HID iCLASS). While the CT-API is often required for PIN Pad reader use (electronic signature applications), as well as health care applications.In standard installations, installing these APIs is suggested.4. After downloading the self-extracting file, execute the file toextract the drivers to the local hard drive (default path c:\HID Global ).Note: Drivers have not yet been installed.5. Select the driver location, click Next .OMNIKEY ®Smart Card Readers(USB, ExpressCard and PCMCIA)Base Models: 1021, 3021, 3121, 4040, 4121, 4321, 5021, 5025, 5121,5125, 5127, 5321, 5325, 5326, 5421, 5427, 6121, 6221, 6321U ser G Uide3121-905-ENEN, Rev A.7December 2013© 2008 - 2013 HID Global Corporation/ASSA ABLOY AB. All rights reserved.15370 Barranca Parkway Irvine, CA 92618-2215USAPage 2December 2013© 2008 - 2013 HID Global Corporation/ASSA ABLOY AB. All rights reserved.OMNIKEY Smart Card Readers (USB, ExpressCard, and PCMCIA) User Guide, 3121-905-ENEN, A.76. Once the drivers are stored on the computer, connectthe OMNIKEY reader to the port (USB, ExpressCard, or PCMCIA) and start the installation process. When the Windows Hardware Wizard requests for the driver, select Install from a list or specific location .7. Check Include this location in search and specify thelocation where the drivers are stored (for example: C:\HID Global\5x21_V1.2.9.2). Click Next . When installation is complete, click Finished .Note: If using unsigned BETA drivers, choose the Don’t search, I will choose the driver to install radio button.After finishing the installation your OMNIKEY Smart Card Reader is ready for use.Installation CheckEnsure your device is recognized and listed in the Windows Device Manager dialog, for example OMNIKEY 5x21, in the Smart Card Reader section.Note: If you are using an OMNIKEY reader with a native CCID driver, the reader is listed as a CCID compliant device.1. Open Windows Explorer. Click Start > Programs >Accessories > Click Windows Explorer .2. Open the Device Manager. Right-click Computer >Properties > click Device Manager .3. Expand the Smart card readers and ensure the OMNIKEYreader is found.Proceed to the OMNIKEY Workbench section for testing the installation.Release NotesWhen installing with Unattended or Manual options, theReadme, and Driver Release Notes are installed by default at C:\Program Files\HID Global\HID OMNIKEY Workbench .OMNIKEY Workbench1. Download the latest OMNIKEY Workbench , by goingto: /omnikey . Select Driver Downloads .2. Select your OMNIKEY product and operating system.Choose to download the OMNIKEY Workbench and confirm the license agreement. When download is complete, click Run .Note: The OMNIKEY Workbench only works with OMNIKEY readers. Older drivers use a Diagnostic tool which is available from the control panel.Start the OMNIKEY Workbench from the program shortcut. Go to Start > Programs > HID Global > OMNIKEY Workbench .OMNIKEY Workbench provides various applications. On startup the Diagnosis application shows the General Settings view with different tabs for smart card reader service status. Alsoshown is the driver file and API DLL information.The Diagnosis application also lists all connected OMNIKEY smart card reader details (per the available contact andcontactless interface).For a functional test, insert a working smart card into the reader.As a result, an ATR string and other card details will display.。

SmartCard
智能卡的外观
ISO 7811-4和ISO7811-5规定的磁条位置 （磁道1，2，3）
签名条 集成电路 芯片位置 ISO 7811-3规定的冲压 凸型字符位置
SmartCard
SmartCard
1.2 智能卡分类

根据卡与外界数据交换界面的不同分类
接触式IC卡(contact card)
SmartCard






个人身份认证：城市流动人口管理（IC卡暂住证）， IC卡身份证 社会保险：医疗保险，养老保险等 工商税务：税务自动申报，工商企业监管 金融：信用卡(Credit Card,for example VISA CARD,Master Card)，扣款卡(Cash Card) or (ED— Electronic Deskbook)，电子钱包(EP—Electronic Purse,for example Mondex Card)，POS、ATM 电子标签：车辆识别、防伪、仓储管理、生产管理、 集装箱管理、汽车钥匙等 网络安全：密码钥匙Ekey

SmartCard
CPU卡
输入/输出接口 I/O 触点 微处理器 CPU 协处理器 CAU
ROM 只读存储器
RAM 随机存储器 图 4.2 CPU 卡结构示意图
EEPROM 可编程存储器
SmartCard
CPU卡

CPU 卡硬件构成包括： CPU 、存储器（含 RAM 、 ROM 、 EEPROM等）、卡与读写终端通讯的I/O接口及加密运算 协处理器CAU，ROM中则存放有片内操作系统COS。

（1）公开的存储区：内含公用信息，如发行标志符、持卡 人帐号等。 （2）外部不可读的存储区：存储的内容是供内部决策用的， 如PIN值，密钥。输入正确PIN值后可修改但永不可读。 （3）保密存储区：内含账面余额、允许卡使用的服务类型 及限额等。输入正确的PIN值后，可读（读余额）可改写 （修改余额）。 （4）记录区：内含每次交易细节，称为“日志”，可供查 询

药 店 复星大药房 得一大药房 华氏大药房 国大药房 童涵春堂 雷允上 宝芝堂
健身场所 浦世体育 半岛健身 尧力体育 大桶大足浴 梵伽瑜珈
其 他 店 半岛烟酒 宝乐部 剪刀·石头·布 运动100
SMART卡使用商户点
百货 Foxtown购物中心 锦江迪生商厦 馥邦购物中心 奥特莱斯 锦丽华购物 港汇广场 巴黎春天 九海百盛 国际商品广场 宝贝百货 马莎百货 恒隆广场 宝大祥浦东九六广场店 梅龙镇广场 宏伊国际广场 宝大祥青少年儿童购物… 美罗城 虹桥百盛 宝大祥真光路店 名品商厦 淮海青少年用品 贝沁儿童购物中心 南站广场 环龙商场 曹杨商城 浦东商场 汇联商厦 长江国际商业购物中心 浦东商场现代店 嘉定商城 大宁奥莱 曲阳生活购物中心 嘉杰国际广场 大西洋百货 瑞鑫百货 假日百货 地中海百货 上海大悦城 金叶商厦 东宝百货 上海六百 金豫商厦 芳汇广场 上海市妇女用品商店 置地广场 超市便利 超市便利 大润发 华联吉买盛 乐购 欧尚 家乐福 易买得 卜蜂莲花 屈臣氏 易士多 全家 良友金伴 迪亚天天 华联超市 7-ELEVEN 丝芙兰化妆品专卖 大润发 华联吉买盛 乐购 面包西饼 克莉丝汀 新侨饼屋 伊莎贝尔 季诺面包房 红宝石 可颂坊 宜芝多 香特莉 餐 饮 棒！约翰 美林阁 俏江南 代官山 肯德基 味千拉面 楚炫堂 金钱豹 苏浙汇 吉野家 大食代 蕉叶 望湘园 伊藤家 饮 品 店 星巴克 真锅 哈根达斯 九龙冰室 爱茜茜里 上岛咖啡 甜蜜蜜 石化百货 时代购物广场 松江商城 太平洋百货 外滩名店 现代广场二期 莘庄百盛 新世界 亚新生活广场 银名百货 永新百货 友谊商城 友谊商店 兆兴百货公司闵行分部 真丝商厦 美容美发 佰草集 佐登妮丝 玛萨 克丽缇娜 可诺丹婷 京世国际发型美容 艾西尔国际护肤中心 瘦必站纤体美容

Following document will give a step by step detail about:1.CA installation2.Smart card setup on Connection server, Agent & ClientPre-requisites:∙The host machine on which CA is going to be installed must have Static IP Address.∙There should be time synchronization between View Connection Server, Agent, CA and the View Client.∙All the machines should be in same domain (View Connection Server, Agent, CA and the View Client.)1.CA Installation:Install an Enterprise Certificate Authority in Windows Server:a)Start the Server Manager.b)Click Add Roles under Roles Summary.c)Check the Active Directory Certificate Services role & Certification Authority Web Enrollment.Click Next.If you have not yet installed all of the IIS components the Web Enrollment service needs, it will ask for prerequisites to be installed. Go ahead and accept these, then click Next.d)Check on Enterprise CA, click Next.e)Choose the Root CA and click Nextf)This is a new CA without existing keys so select “Create a new private key and click Next.”g)Keep the default CSP, hashing method, and key length and click Next.h)Keep the defaults and click Next.i)Click Nextj)Accept the default database locations and click Next. Then at the confirmation screen click Install.k)After CA installation is completed ->Open the Certificate Authority through Administrative tools-> Expand the CA created->Select Certificate Templates. To make sure that Administrator has Full control over the Templates to be issued by CA follow the steps given below: ∙Right Click on Certificate Templates -> Select Manage -> “Certificate Templates Console”is opened->Sele ct Template “Enrollment Agent” -> Click “Properties” -> Open “Security”tab -> Add “Administrator” and assign Full Control∙Repeat the above step for following Templates: Smartcard Logon, Smart card User, Enrollment Agent (Computer)∙Close “Certificate Templates Console”l)Select “Certificate Templates”-> Click New-> “Certificate Template to issue”->Select Smartcard Logon, Smart card User, Enrollment Agent, Enrollment Agent (Computer) and click on OK.m)Open internet explorer -> browse to http:\\localhost\certsrv\Click on “Request a certificate” -> “Advanced certificate request” -> “Create and submit arequest to this CA” -> If prompted Allow access for “Active X control” ->Do not change anysetting and click on “Submit” -> Click on “Install”-> Go back to “Home” page using the link on top right corner-> Click “Download CA certificate, certificate chain, or CRL” -> Select “Download CA certificate” -> Save the CA certificate (certnew.cer)n)If you are using 2008 Web Enrollment∙Open Certificate Management Console by running certmgr.msc∙Select the 'Personal Store'; and from the context menu select All Tasks->Request New Certificate∙Do not change the Certificate Enrollment Policy -> Click Next∙Select “Domain Controller Authentication” to get a certificate which will later be used for signing.∙Select "Enroll" to finish the wizard and get a certificate2.Smart card setup on Connection server, Agent & ClientConnection Broker:a)Obtain the root certificate(certnew.cer) from the CAb)Add the root certificate to connection broker “Truststore”:∙On your View Connection Server, use the keytool utility to import the root certificate into the server truststore file. Open command line with Admin privilege and browse to C:\ProgramFiles\VMware\VMware View\Server\jre\bin . Run following command:keytool -import -alias alias -file root_certificate -keystore truststorefile.keyIn this command, alias is a unique case-insensitive name for a new entry in the truststore file,root_certificate is the root certificate that you obtained or exported, and truststorefile.key is the name of the truststore file that you are adding the root certificate to. If the file does not exist, it will be created in the current directory.Note: The keytool utility might prompt you to create a password for the truststore file. You will be asked to provide this password if you need to add additional certificates to the truststore file at a later time.∙Copy the truststorefile.key to the SSL gateway configuration folder on the View Connection Server host. (SSL gateway configuration folder path: C:\Program Files\VMware\VMwareView\Server\ssl gateway)For example: install_directory\VMware\VMwareView\Server\sslgateway\conf\truststorefile.key ∙Create or edit the locked.properties file in SSL gateway configuration folder on the View Connection Server or security server host. For example: install_directory\VMware\VMwareView\Server\sslgateway\conf\locked.properties∙Add the trust Keyfile, trustStore type, and useCertAuth properties to the locked.properties file.For ex:trustKeyfile=lonqa.keytrustStoretype=JKSuseCertAuth=true∙Restart the View Connection Server service or security server service to make your changes take effect.Agent:∙Install smart card drivers (\\10.112.208.1\Repository\software\SmartCard Reader)∙Install KB909520 for windows xp machine∙Restart after installClient:∙Install smart card drivers and the smart card reader(\\10.112.208.1\Repository\software\SmartCard Reader)∙RDP to CA server machine∙If you are using 2008 Web Enrollmento Open Certificate Management Console by running certmgr.msco Select the 'Personal Store'; and from the context menu select All Tasks-> Advanced Operations-> Enroll on behalf ofo Do not change the Certificate Enrollment Policy -> Click Nexto When prompted to select a signing certificate, select the "Enrollment Agent Certificate"enrolled earliero Next, it will show all the available templates, select "Smartcard Logon" or "Smartcard User" based upon the requirementClick on Details for the selected template and then select Properties for the same o On the "Private Key" tab, click on "Cryptographic Service Provider" and select“Microsoft Base Cryptographic Provider v1.0”o Select the user for whom you want to enroll the certificateo Insert the smartcard in the reader and when prompted, enter the PINo The information would be written to the smart card and you can repeat thesame process for another account or close the wizard to complete it.∙If you are using 2003 Web Enrollmento Browse to http:\\localhost\certsrvo Click “Request a certificate” -> “Advanced certificate request” -> “Create and submit a request to this CA” -> Under Key options select CSP “Microsoft Base CryptographicProvider v1.0” -> Submit.o Click on “Request a certificate”-> “Advanced certificate request” -> “Request a certificate for a smartcard on behalf of another user” -> Select Cryptographic Serviceprovider as “Microsoft Base Cryptographic Provider v1.0” -> Select Certificate->Administrator certificate should selected by default -> Select the user for whom youwant to enroll the certificate -> Enroll。

SIM Card也称为智能卡、用户身份识别卡，属于Smart card的一个分类； 由三部分组成：塑胶卡片、微处理器或是存储器、控制逻辑所组合而成的芯片 （IC CHIP）。 尺寸有3种规格：标准卡尺寸为 25mm× 15mm× 0.8mm ； Micro Sim尺寸为 12x15mm× 0.8mm； Nano SIM尺寸为12.3mm× 8.8mm× 0.7mm。 2.应用 SIM卡主要用于手机及基于使用网络的设备，即GSM网络、W-CDMA网络和 TD-SCDMA网络； 3.实物参考照片
手机卡（Sim Card）
Micro Sim卡连接器卡槽
Confidential
Page:3/5
三、产品零件折分
Material ： Housing ：LCP E471i, UL94V-1. Terminal : C5210-EH SWITCH PIN:C5210-EH
Confidential
Page:4/5
Page:7/5
Thank You
Confidentialonfidential
Page:5/5
五、SAMRT CARD 自动生产线：
零件进料
插端子
插开关端子
电测（OPEN/ SHORT)
下板包装
Confidential
Page:6/5
六、SIM CARD 自动生产线：
零件进料
插左边端子
插右边端子
CCD检测 平面与弹高
包装
Confidential
根据卡片内部的IC线路设计之不同，可划分为记忆卡（Memory Card）与智 能卡（Smart Card）两类，前者如预付卡、电话卡，后者如金融卡、银行卡。
3.实物参考照片

Smart Card FunctionsWindows Mobile 6.5A version of this page is also available forWindows Embedded CE 6.0 R34/8/2010The following table shows the Smart Card Services functions with a description of the purpose of each. Programming element DescriptionSCardBeginTransaction This function starts a transaction, waiting for the completion of all othertransactions before it begins.SCardCancel This function terminates all outstanding actions within a specificresource manager context.SCardConnect This function establishes a connection, using a specific resourcemanager context, between the calling application and a smart cardcontained by a specific reader.SCardControl This function gives you direct control of the reader. You can call it anytime after a successful call to SCardConnect and before a successful callto SCardDisconnect.SCardDisconnect This function terminates a connection previously opened between thecalling application and a smart card in the target reader.SCardEndTransaction This function completes a previously declared transaction, enablingother applications to resume interactions with the card.SCardEstablishContext This function establishes the resource manager context (the scope)within which database operations are performed.SCardForgetCardType This function removes an introduced smart card from the smart cardsubsystem.SCardForgetReader This function removes a previously introduced reader from control bythe smart card subsystem.SCardFreeMemory This function frees memory that has been returned from the resourcemanager using the SCARD_AUTOALLOCATE length designator.SCardGetAttrib This function gets the current reader attributes for the specified handle.SCardGetCardTypeProviderName This function returns the name of the dynamic link library (DLL)containing the provider for a given card name and provider type.SCardGetProviderId This function returns the globally unique identifier (GUID) of theprimary service provider for a specified card.SCardGetStatusChange This function blocks execution until the current availability of the cardsin a specific set of readers changes.SCardIntroduceCardType This function introduces a smart card to the smart card subsystem forthe active user by adding it to the smart card database.SCardIntroduceReader This function introduces a new name for an existing smart card reader.Smart card readers are automatically introduced to the system. SCardIsValidContext This function determines whether a smart card context handle is valid.SCardListCards This function searches the smart card database and provides a list ofnamed cards previously introduced to the system by a user. SCardListInterfaces This function provides a list of interfaces supplied by a specified card.SCardListReaders This function provides the list of readers within a set of named readergroups, eliminating duplicates.SCardLocateCards This function searches the readers listed in the rgReaderStatesparameter for a card with an Automatic Terminal Recognition (ATR)string that matches one of the card names specified in mszCards,returning immediately with the result.SCardLocateCardsByATR This function searches the readers listed in the rgReaderStatesparameter for a card with an ATR string that matches one of the ATRsspecified in rgAtrMasks, returning immediately with the result.SCardReconnect This function re-establishes an existing connection between the callingapplication and a smart card.SCardReleaseContext This function closes an established resource manager context, freeingany resources allocated under that context, including SCARDHANDLEWindows Mobile 6.5A version of this page is also available forWindows Embedded CE 6.0 R34/8/2010The following table shows the primary error values returned by smart card functions.Some error values can have the same value as existing Microsoft® Win32® error values that signify a similar condition. The following table shows these values.SCARD_E_NO_MEMORY 0x80100006L Not enough memory available to completethis command.SCARD_F_WAITED_TOO_LONG 0x80100007L An internal consistency timer has expired.SCARD_E_INSUFFICIENT_BUFFER 0x80100008L The data buffer to receive returned data is toosmall for the returned data.SCARD_E_UNKNOWN_READER 0x80100009L The specified reader name is not recognized. SCARD_E_TIMEOUT 0x8010000AL The user-specified timeout value has expired.SCARD_E_SHARING_VIOLATION 0x8010000BL The smart card cannot be accessed becauseof other connections outstanding.SCARD_E_NO_SMARTCARD 0x8010000CL The operation requires a smart card, but nosmart card is currently in the device.SCARD_E_UNKNOWN_CARD 0x8010000DL The specified smart card name is notrecognized.SCARD_E_CANT_DISPOSE 0x8010000EL The system could not dispose of the media inthe requested manner.SCARD_E_PROTO_MISMATCH 0x8010000FL The requested protocols are incompatiblewith the protocol currently in use with thesmart card.SCARD_E_NOT_READY 0x80100010L The reader or smart card is not ready toaccept commands.SCARD_E_INVALID_VALUE 0x80100011L One or more of the supplied parametersvalues could not be properly interpreted.SCARD_E_SYSTEM_CANCELLED 0x80100012L The action was cancelled by the system,presumably to log off or shut down.SCARD_F_COMM_ERROR 0x80100013L An internal communications error has beendetected.SCARD_F_UNKNOWN_ERROR 0x80100014L An internal error has been detected, but thesource is unknown.SCARD_E_INVALID_ATR 0x80100015L An ATR obtained from the registry is not avalid ATR string.SCARD_E_NOT_TRANSACTED 0x80100016L An attempt was made to end a non-existenttransaction.SCARD_E_READER_UNAVAILABLE 0x80100017L The specified reader is not currently availablefor use.SCARD_P_SHUTDOWN 0x80100018L The operation has been aborted to allow theserver application to exit.SCARD_E_PCI_TOO_SMALL 0x80100019L The PCI Receive buffer was too small.SCARD_E_READER_UNSUPPORTED 0x8010001AL The reader driver does not meet minimalrequirements for support.SCARD_E_DUPLICATE_READER 0x8010001BL The reader driver did not produce a uniquereader name.SCARD_E_CARD_UNSUPPORTED 0x8010001CL The smart card does not meet minimalrequirements for support.SCARD_E_NO_SERVICE 0x8010001DL The Smart Card Resource Manager is notrunning.SCARD_E_SERVICE_STOPPED 0x8010001EL The Smart Card Resource Manager has shutdown.SCARD_E_UNEXPECTED 0x8010001FL An unexpected card error has occurred.SCARD_E_ICC_INSTALLATION 0x80100020L No primary provider can be found for thesmart card.SCARD_E_ICC_CREATEORDER 0x80100021L The requested order of object creation is notsupported.SCARD_E_UNSUPPORTED_FEATURE 0x80100022L This smart card does not support therequested feature.SCARD_E_DIR_NOT_FOUND 0x80100023L The identified directory does not exist in thesmart card.SCARD_E_FILE_NOT_FOUND 0x80100024L The identified file does not exist in the smartcard.SCARD_E_NO_DIR 0x80100025L The supplied path does not represent a smartcard directory.SCARD_E_NO_FILE 0x80100026L The supplied path does not represent a smartcard file.SCARD_E_NO_ACCESS 0x80100027L Access is denied to this file.SCARD_E_WRITE_TOO_MANY 0x80100028L The smart card does not have enoughmemory to store the information.SCARD_E_BAD_SEEK 0x80100029L There was an error trying to set the smart cardfile object pointer.SCARD_E_INVALID_CHV 0x8010002AL The supplied PIN is incorrect.SCARD_E_UNKNOWN_RES_MNG 0x8010002BL An unrecognized error code was returnedfrom a layered component.SCARD_E_NO_SUCH_CERTIFICATE 0x8010002CL The requested certificate does not exist.SCARD_E_CERTIFICATE_UNAVAILABLE 0x8010002DL The requested certificate could not beobtained.SCARD_E_NO_READERS_AVAILABLE 0x8010002EL Cannot find a smart card reader.SCARD_E_COMM_DATA_LOST 0x8010002FL A communications error with the smart cardhas been detected. Retry the operation.SCARD_E_NO_KEY_CONTAINER 0x80100030L The requested key container does not exist onthe smart card.SCARD_E_SERVER_TOO_BUSY 0x80100031L The Smart Card Resource Manager is too busyto complete this operation.SCARD_W_UNSUPPORTED_CARD 0x80100065L The reader cannot communicate with thecard, due to ATR string configurationconflicts.SCARD_W_UNRESPONSIVE_CARD 0x80100066L The smart card is not responding to a reset.SCARD_W_UNPOWERED_CARD 0x80100067L Power has been removed from the smart card,so that further communication is not possible.SCARD_W_RESET_CARD 0x80100068L The smart card has been reset, so any sharedstate information is invalid.SCARD_W_REMOVED_CARD 0x80100069L The smart card has been removed, so furthercommunication is not possible.SCARD_W_SECURITY_VIOLATION 0x8010006AL Access was denied because of a securityviolation.SCARD_W_WRONG_CHV 0x8010006BL The card cannot be accessed because thewrong PIN was presented.SCARD_W_CHV_BLOCKED 0x8010006CL The card cannot be accessed because themaximum number of PIN entry attempts hasbeen reached.SCARD_W_EOF 0x8010006DL The end of the smart card file has beenreached.SCARD_W_CANCELLED_BY_USER 0x8010006EL The action was cancelled by the user. SCARD_W_CARD_NOT_AUTHENTICATED 0x8010006FL No PIN was presented to the smart card.。

下载驱动软件：从公司QQ群下载“写卡器安装”压缩包并解压至“写卡器安装”文件夹。

1、检查Smart Card服务是否启动开始菜单——设置——控制面板——管理工具——服务双击“服务”并在打开的系统服务列表中找到Smart Card服务：如上图，若Smart Card服务为“已启动”状态，启动类型为“自动”，则说明SmartCard服务正常。

若该服务没有启动，请在“Smart Card服务”上点击右键选择“属性”，如下图：点击“启动”按钮，并将启动类型选择为“自动”，点击应用、确定退出。

如图：2、安装驱动程序：（打开写卡器文件夹）Smart Card Reader为例：双击安装，（注意：最后若提示重新启动计算机，则点击是，重启计算机。

）3、写卡器OCX控件的安装（打开写卡器文件夹）AICard.CAB文件夹内四个文件复制到C:\windows\system32\ 目录下，点击reg运行；浏览器设置：Internet选项-安全-可信站点-添加http://130.30.15.194、验证写卡器驱动、OCX控件将写卡器正确地接到计算机上，并将白卡插入写卡器（点击联通拨号，进入联通内网），打开网址：http://130.30.15.19/getocx/loadCard.html 如图：确定写卡器正确接入计算机后点击“列出写卡器“按钮，如下图：操作错误信息为0 说明写卡器连接成功，可以使用。

注意：在上图中的“请选择写卡器”后的下拉框里如果出现多个项，请在设备管理器的智能卡阅读器下禁用除写卡器外的服务项进行验证，如图：图中只有一项即写卡器，若有其他项，则可以在其他项中点右键依次进行禁用，或者将其卸载，只保留写卡器，对于联通现有营业厅工作机其他设备，请联通网管人员自行解决兼容性问题。

（设备管理器的打开方法：我的电脑上点右键——管理——左侧目录中选择“设备管理器”）附：现场写卡所有的操作必须严格保证在http://130.30.15.19/地址上操作，使用其他地址会造成的数据错误、白卡做废、打印失败或其他类型无法挽回的错误!注意：在上图中的“请选择写卡器”后的下拉框里如果出现多个项，请禁用除写卡器外的服务项进行验证，直到只有写卡器一项：图中的第一项为写卡器，下面4项为U盾驱动，在此可以在此4项中点右键依次进行禁用，或者卸载U盾驱动。

SmartCard知识智能卡(SmartCard)，也叫IC卡，它是⼀个带有微处理器和存储器等微型集成电路芯⽚的、具有标准规格的卡⽚。

智能卡必须遵循⼀套标准，ISO7816是其中最重要的⼀个。

下⾯将从以下⼏个⽅⾯展开，对Smart Card进⾏讨论：1. 电⽓特性2. 复位应答（ATR – Answer to Reset）3. T=0 传输协议电⽓特性：ISO7816⾮常严格地要求了卡⽚的外形、厚度、触点位置和电信号。

下⾯可以看到正常Smart Card的管脚分布：l C1 电源信号VCC 3/5 Vl C2 复位信号RSTl C3 始终信号CLK 采⽤27MHz的分频 – 3.375/4.5/6.75MHzl C4 预留某些CA⼚商会加以利⽤，如NDSl C5 接地信号GNDl C6 编程电压VPP ⼀些存储芯⽚需要⾼电压（12.5/21V）进⾏编程l C7 数据通信I/Ol C8 预留对于供电⼜分两种，⼀种是5V供电，两外⼀种是3V供电。

⽬前，市⾯上见得多还是5V，左右偏差在0.25V以内，也就是说压值范围为4.75~5.25V，另外它的电流为200mA。

Smart Card⼯作的时钟信号由外部供给，⼀般来说有两个，3.579545MHz和4.9152MHz。

相⽐之下，前者⽤得更多⼀点。

当然对于这两种时钟频率，要得到数据通信所需的波特率9600s/s，那么他们的分频系数⾃然也不⼀样，分为为372分频和512分频。

复位信号是如何产⽣的呢？管脚必须满⾜5个条件，1）RST管脚拉低；2）CLK管脚拉低；3）VPP管脚不供电；4）I/O管脚拉低；5）VCC 管脚不供电。

字符传输：Smart Card的字符传输采⽤的是异步半双⼯模式，这种异步的模式很像个⼈电脑上的RS232通信。

传输⼀个字符时，除了8Bits的数据外，还加了以下⼏个Bits：起始位 -- ⽤于字符帧的同步校验位 -- ⽤于校验检测Guard Time -- 两个字符间的间隔时间Guard Time⼀般为两个bit的时钟周期，这⼀点很像PC上的UART的通信，⽤两个停⽌位来间隔相连的字符。

IC卡和ID卡有什么区别IC卡和ID卡的区别一,IC卡与ID卡定义IC卡全称集成电路卡(Integrated Circuit Card),又称智能卡(Smart Card).可读写,容量大,有加密功能,数据记录可靠,使用更方便,如一卡通系统,消费系统等,目前主要有PHILIPS的Mifare系列卡.ID卡全称身份识别卡(Identification Card),是一种不可写入的感应卡,含固定的编号,主要有台湾SYRIS的EM格式,美国HID,TI,MOTOROLA等各类ID卡.二,为什么IC卡要做初始化(即加密)工作,而ID卡不用1.IC卡在使用时,必须要先通过IC卡与读写设备间特有的双向密钥认证后,才能进行相关工作,从而使整个系统具有极高的安全保障.所以,就必须对出厂的IC卡进行初始化(即加密),目的是在出厂后的IC卡内生成不可破解的一卡通系统密钥,以保证一卡通系统的安全发放机制.2.IC卡初始化加密后,交给用户使用时,客户通过IC卡发行系统,又将各用户卡生成自己系统的专用密钥.这样,就保证了在其它用户系统发行的用户卡不能在该系统使用,保证了系统的专一性,从而保证了系统的安全使用机制.3.ID卡与磁卡一样,都仅仅使用了"卡的号码"而已,卡内除了卡号外,无任何保密功能,其"卡号"是公开,裸露的.所以说ID卡就是"感应式磁卡",也就根本谈不上需要还是不需要初始化的问题.4.初始化过程为什么不交由用户自己做呢这是因为:1)如果由用户自己初始化,就不能防范用户内部人员作弊.因为用户在使用一卡通系统时,若有员工用社会上买来的卡随意初始化,便可随意发行成住户才能使用的住户卡,甚至可随意给卡充值消费,这不仅将造成严重作弊后果,也将导致一卡通系统的安全出现使用机制上的严重漏洞.2)另外,若用户买到劣质出厂卡自己初始化,而在系统上不能使用,则会使系统使用性能不良或瘫痪,这将造成事故责任不清.3)初始化过程在厂家执行,主要是IC卡安全密钥认证机制的基本需要,也是IC卡系统集成商的行规.就像城市公共交通IC卡一样,这些卡在交给公交系统使用前,每张卡的密钥都要进行出厂加密控制.4)如果因用户缺乏专业性管理而万一丢失了初始化授权用的密钥卡,用户和厂家将无法补用该卡.所以,初始化工作由厂家做,才有安全保障.三,IC卡系统与ID卡系统的比较1.安全性:IC卡的安全性远大于ID卡.ID卡内的卡号读取无任何权限,易于仿制.IC卡内所记录数据的读取,写入均需相应的密码认证,甚至卡片内每个区均有不同的密码保护,全面保护数据安全,IC卡写数据的密码与读出数据的密码可设为不同,提供了良好分级管理方式,确保系统安全.2.可记录性:ID卡不可写入数据,其记录内容(卡号)只可由芯片生产厂一次性写入,开发商只可读出卡号加以利用,无法根据系统的实际需要制订新的号码管理制度.IC卡不仅可由授权用户读出大量数据,而且亦可由授权用户写入大量数据(如新的卡号,用户的权限,用户资料等),IC卡所记录内容可反复擦写.3.存储容量:ID卡仅仅记录卡号;而IC卡(比如Philips mifare1卡)可以记录约1000个字符的内容.4.脱机与联网运行:由于ID卡卡内无内容,故其卡片持有者的权限,系统功能操作要完全依赖于计算机网络平台数据库的支持.而IC卡本身已记录了大量用户相关内容(卡号,用户资料,权限,消费余额等大量信息),完全可以脱离计算机平台运行,实现联网与脱机自动转换的运行方式,能够达到大范围使用,少布线的需求.5.一卡通扩展应用:ID卡由于无记录,无分区,只能依赖网络软件来处理各子系统的信息,这就大大增加对网络的依赖;如果在ID卡系统完成后,用户欲增加功能点,则需要另外布线,这不仅增加了工程施工难度,而且增加了不必要的投资.所以说,使用ID卡来做系统,难以进行系统扩展,难以实现真正的一卡通.而IC卡存储区自身分为16个分区,每个分区有不同的密码,具有多个子系统独立管理功能,如第一分区实现门禁,第二分区实现消费,第三分区实现员工考勤等等.充分实现一卡通的目的,并且可以做到完全模块化设计,用户即使要增加功能点,也无需再布线,只需增加硬件和软件模块,这便于IC卡系统以后的随时升级扩展,实现平稳升级,减少重复投资.比如:某小区曾建立了ID卡一卡通系统,但由于ID卡系统的上述弊端,系统无法投入日常使用,因而只能将该系统完全作废,后改采用IC卡一卡通系统.6.智能化系统的维护和运行:比如:电脑发行了一张新的用户ID卡,就必须通过ID卡系统的网络,用人工方式将所有ID卡号一个个下载到各ID卡读卡控制器中,否则ID 卡被作为无效卡而不能使用;若要更改用户权限,则需在每个ID卡控制器上输入有权限的ID卡号.又比如:在系统投入使用后经常要新增ID卡,则每新增一张卡或修改了某一张卡片的权限,就必需在该卡可用的所有控制器上输入该卡片号码,这就增加了工作量。

专利名称：Fingerprint sensing smart card with on-card fingerprint comparison发明人：Lin, Fong-Jei,Zhu, Shengbo申请号：EP02250039.1申请日：20020104公开号：EP1326196B1公开日：20060322专利内容由知识产权出版社提供摘要：A smart card for use in conjunction with a security portal, such as a transit turnstile, a residential access gate, or a parking facility, for performing authentication checks for authorized passage. A print sensor is positioned on each major surface of the card in positions conforming to the natural placement of the thumb and a finger. The print sensors generate print pattern signals which are checked against authentic versions stored in non-volatile memory in the card, using a processor located within the card. The result of the authentication check is communicated to the associated external security portal by an r.f. circuit, which also receives r.f. energy from the external device to provide D.C. power for the circuits internal to the card. The card can be used on-the-fly without the need to stop at the check point, thereby facilitating traffic flow through the check point.申请人：MAGNEX CORP地址：US国籍：US代理机构：Frost, Alex John更多信息请下载全文后查看。

专利名称：Fingerprint sensing smart card with on-cardfingerprint comparison发明人：Lin, Fong-Jei,Zhu, Shengbo申请号：EP02250039.1申请日：20020104公开号：EP1326196A1公开日：20030709专利内容由知识产权出版社提供专利附图：摘要：A smart card for use in conjunction with a security portal, such as a transit turnstile, a residential access gate, or a parking facility, for performing authentication checks for authorized passage. A print sensor is positioned on each major surface of thecard in positions conforming to the natural placement of the thumb and a finger. The print sensors generate print pattern signals which are checked against authentic versions stored in non-volatile memory in the card, using a processor located within the card. The result of the authentication check is communicated to the associated external security portal by an r.f. circuit, which also receives r.f. energy from the external device to provide D.C. power for the circuits internal to the card. The card can be used on-the-fly without the need to stop at the check point, thereby facilitating traffic flow through the check point.申请人：Magnex Corporation地址：6284-A San Ignacio Ave. San Jose, California 95119 US国籍：US代理机构：Frost, Alex John更多信息请下载全文后查看。