EMV Integrated Circuit Card Specifications
The EMV specifications can be found at: http://www.emvco.com/specifications.aspx
|VISA Technology Specifications and Applets
Visa technical and applet specifications provide guidelines on how to develop products and services in accordance with Visa requirements.
|VISA Contactless Payment Specification (VCPS)|
VCPS offers the ability to perform issuer updates over the contactless interface, a new cryptogram version that allows more protected data to be sent to the issuer in the authorization request and enables the issuer to send simplified updates to the card as part of the authorization response, expanded currency conversion with support for up to 5 conversion currencies, and improved alignment with contact chip payment functionality on dual-interface cards.
|Visa Integrated Circuit Card Specifications (VIS)
VIS 1.5 offers a new cryptogram version that allows more protected data to be sent to the issuer in the authorization request and enables the issuer to send simplified updates to the card as part of the authorization response, expanded currency conversion with support for up to 5 conversion currencies, and improved alignment with contactless payment functionality on dual-interface cards.
|VISA Card Acceptance Device Guidelines|
|VISA PIN Entry Devices
The PCI Security Standards Council (PCI-SSC) is a global, open industry standards body providing management of the Payment Card Industry Data Security Standard (DSS), PCI PIN Entry Device (PED) Security Requirements and the Payment Application Data Security Standard (PA-DSS). PCI-SSC manages the PCI PED equipment approval listings and the PCI security requirements and supporting documents. These documents and other information are available from the Council´s website at https://www.pcisecuritystandards.org/security.
|Visa Smart Debit/Credit (VSDC)
Visa Smart Debit/Credit (VSDC) is Visa's global initiative to help our Visa financial institutions evolve from magnetic stripe cards to more versatile and more secure smart cards. The power of a computer chip embedded on VSDC cards provides increased memory and processing capabilities that translate into increased customized service and options for customers.For Visa Financial Institutions - download the VSDC Public Keys from here.
|VISA Chip Card Testing and Approval
|Chip card product vendors must complete an eligibility process prior to submitting products to Visa. To apply as an eligible vendor, or to get technical specifications, requirements and licensing agreements, please contact PartnerNetwork.
Interoperability Specification for ICCs and Personal Computer Systems
The current Version 2.01 has revised Part 2, Section 3.1.1 Operating Voltage Condition, and Section 3.2 ISO/IEC 7816-10 Compatible Card and IFD; Part 3 to add specifications for identification of contactless cards and now includes information on the RID number (in a supplemental document); Part 10 has been added to address IFD's with secure pin entry capabilities.
Revision 2.01 of the PC/SC Specifications extends the specification to cover a broader range of smart card based products. It focuses on the support of two main technologies:
- IFDs with extended capabilities
Covered by an IFD Service Provider (IFDSP), which provides interfaces to manage new functionality, allowing IFD capabilities such as pin pad, display and multi-slot. The concept of application context is introduced to represent a list of IFD functions with security features required for ICC aware applications and ICC Service Provider (ICCSP).
- Support of contactless ICCs
Also embedded in the actual scheme of PCSC. The impact on the specification is that new tags must be defined (in part 3), and functionality must be ensured by the IFD Subsystem.
- Part 1: Provides an overview of the system architecture and components defined by the Workgroup.
- Part 2: Details compliant ICC-IFD (smart card - Interface Device) characteristics and interoperability requirements.
- Part 3: Describes the interface to, and required functionality for, compliant IFD devices.
- Part 4: Discusses design considerations for IFD devices. In particular, it provides a recommended implementation for PS/2 keyboard integrated IFDs.
- Part 5: Describes the interfaces and functionality supported by the ICC Resource Manager, a required system level component.
- Part 6: Describes the ICC Service Provider model, identifies required interfaces, and indicates how this may be extended to meet application domain-specific requirements.
- Part 7: Describes design considerations for application developers, and how to make use of the other components.
- Part 8: Describes recommended functionality for ICCs intended to support general purpose cryptographic and storage requirements. This is oriented toward support of Internet and PC standards for security and privacy.
- Part 9: Describes the management of IFDs with some extended capabilities such as secure PIN entry or user interface functionality.
- Part 10: Describes the management of IFDs with secure pin entry capabilities.
The ICC Resource Manager is intended to provide a system level service. It manages the ICC and IFD resources, controls shared access to these devices, and supports transaction management primitives.
The Service Provider(s) provide a high level interface mapped onto a specific ICC implementation. The Workgroup has defined common interfaces for widely implemented services (Authentication, File Access, Cryptography) and defined how extensions for domain-specific requirements are supported. Cryptographic interfaces are isolated in a Cryptographic Service Provider, in recognition of existing import/export issues.
Finally, applications written to take advantage of this architecture will typically make use of both the Resource Manager and a specific ICC Service Provider.
The PCSC specifications can be found at:
GlobalPlatform is tasked with aligning the smart card infrastructure across existing technologies and multiple operating systems. The primary objective of the organization is the development and publication of standards and specifications that can be used by companies implementing multiple application smart card programs. The GlobalPlatform card specification and terminal framework is owned, managed and amended by GlobalPlatform.
The GlobalPlatform specifications can be found at:
Public-Key Cryptography Standards
The Public-Key Cryptography Standards are specifications produced by RSA Laboratories in cooperation with secure systems developers worldwide for the purpose of accelerating the deployment of public-key cryptography. First published in 1991 as a result of meetings with a small group of early adopters of public-key technology, the PKCS documents have become widely referenced and implemented. Contributions from the PKCS series have become part of many formal and de facto standards, including ANSI X9 documents, PKIX, SET, S/MIME, and SSL.
The Public-Key Cryptography Standards can be found at:
3G Mobile Communication Specifications
The 3rd Generation Partnership Project (3GPP) is a collaboration agreement that was established in December 1998. The collaboration agreement brings together a number of telecommunications standards bodies which are known as "Organizational Partners". The current Organizational Partners are ARIB, CWTS, ETSI, T1, TTA, and TTC.
The original scope of 3GPP was to produce globally applicable Technical Specifications and Technical Reports for a 3rd Generation Mobile System based on evolved GSM core networks and the radio access technologies that they support (i.e., Universal Terrestrial Radio Access (UTRA) both Frequency Division Duplex (FDD) and Time Division Duplex (TDD) modes). The scope was subsequently amended to include the maintenance and development of the Global System for Mobile communication (GSM) Technical Specifications and Technical Reports including evolved radio access technologies (e.g. General Packet Radio Service (GPRS) and Enhanced Data rates for GSM Evolution (EDGE)).
The term "3GPP specification" covers all GSM (including GPRS and EDGE) and 3G specifications.
The 3G Mobile Communication Specifications can be found at:
Smart Card Documents
What's So Smart about SmartCards [152KB PDF, 12 pages]
Government Smart Card Handbook [3.7MB PDF, 262 pages]
IBM Red book - Smart Cards: A Case Study [1.38MB PDF, 234 pages]
Smart Card Handbook, Third Edition by W. Rankl, W. Effing
RFID Handbook by Klaus Finkenzelle