docUniversity Smartcards
download 
Report Transcription
University Smartcards
University Smartcards Multiapplication success 4èmes Assises des Transactions Electroniques dans les Collectivités Territoriales Pablo Sotres and Jorge Lanza psotres, jlanza@tlmat.unican.es OTTIUC Network Planning and Mobile Communications Laboratory Communications Engineering Department University of Cantabria 0 Table of Contents 1 OTTIUC 2 University Smart Card Services 3 Synergies Santander – Calypso 4 Conclusions OTTIUC 1 O.T.T.I.U.C OTTIUC 2 University Smart Card What is it? ! Most adopted support worldwide ! Piece of paper with photo no longer use " no added value ! Up to 200 universities in the world " Santander University Smart Card ! Share similar support, applications and experiences ! More to come for sure ! Benefits not only for the university but also for the students and third parties ! University identification card ! Key to many added value services that eases the electronic administration of the university OTTIUC ! Existing market solution deployment and expansion 3 O.T.T.I.U.C. Who are we? ! UC starts successfully using SmartCards in 1995 – Innovative concept ! Services provided ! P.I.U. – marks, internal certificates (burocracy),… ! Identification – access control, libraries, … ! Payments – e-purse and credit card Identification E-purse Transport PIU ATM Access control OTTIUC Marks Library 4 O.T.T.I.U.C. Who are we? ! Improve university smart card capabilities " O.T.T.I.U.C Smart Card Technological Observatory ! Multi-application JavaCard Smart Card OTTIUC ! More flexibility and dynamism ! Personalized contents 5 O.T.T.I.U.C. What do we do? ! Multidisciplinary team ! Engineers ! Physicists ! Mathematicians ! Economists ! Lawyers ! Babson College (Boston [MA], USA) – socio-economic analysis ! Research and activities ! R&D activities ! State of the art of technology ! Applications and trends ! Get in touch with technology ! Development of smart card systems ! One step ahead – analysis and viability ! Technical support to Santander universities OTTIUC ! Memberships ! European Campus Card Association ! WLAN Smart Card Consortium 6 University Smart Card Services OTTIUC 7 Generic applications Services Access control Loyalty Travel Banking E-purse Smart card Parking Public transport Telephone Pay TV OTTIUC Network Access Mobile devices Health Care 8 Generic applications Santander University Smartcard ! Javacard based smartcard: WG10, EMV (M/CHIP 2.1), ... OTTIUC ! Contactless: ISO 14443-A T=CL # Mifare 1-4K, Paypass (M/CHIP 2.1),... 9 Information Services Information Points ! Spread all over universities ! Look and work similar to traditional ATM ! Services provided: ! Smart card update ! Internet and e-mail access ! Academic certificates, marks, enrolling,… ! Administrative – holidays, … ! Banking capabilities – e-purse, online payment ATMs ! Access to university services from external ATMs OTTIUC ! Marks, process of enrolling, … 10 Access control Buildings, parkings,… ! Smart card is used as a key to access buildings, rooms, … ! Access Policies from information stored in smart card (off-line) ! Session control ! User rights and permissions ! Adaptable to different environments OTTIUC Contact - Contactless - Dual 11 Access control Buildings, parkings,… ! Smart card is used as a key to access buildings, rooms, … ! Access Policies from information stored in smart card (off-line) ! Session control – working time control, … ! User rights and permissions ! Adaptable to different environments OTTIUC Contact - Contactless - Dual 12 Access control Computer access Base de Datos de Gestión Sala de Informática ... Chequeo reserva WWW iM ac W I/H 0 W 0 E H P W R A C T C T /IH T C O K 1A 1A O L Reservas via Web Lector Tarjetas Autenticación/ Identificación Otras Salas de Informática UC UNIVERSIDA D DE CANTABRIA USUARIOS Web application: PC Booking, place, time, user id Tarjeta Universitaria Inteligente Booking storage and access policies User identification and authentication OTTIUC 13 Libraries Libraries - Book Loan ! Easy tasks to ! Student ! Librarian ! Technology: ! Chip ! Bar code ! RFID tags Desk Self-service Credit/Debit ! Similar behaviour to card in wallets ! Technology ! Magnetic stripe OTTIUC ! Contact with EMV ! Contactless 14 e-Purse General ! Smart card + Money = e-Purse Vending machines Parking Public transport Canteen, bars, … Centralised Payment System OTTIUC 15 Security Digital Signature – Public Key Infrastructure ! Replacement of traditional handwriting signature ! Provides extra features ! Data integrity ! Authentication ! Confidentiality ! Non-repudiation ! Smart cards increase security and provides added value ! Private key generated and securely stored within the card ! Secure Certificate storage ! Reduce use of paper and increase administration performance (speed up) ! Applications ! Email signature and encryption OTTIUC ! Marks Certificates and other official documents signing 16 Security Digital Signature – Public Key Infrastructure ! University of Cantabria - OTTIUC example ! Uses PKI infrastructure ! Complement and/or replacement to current methodology ! Signing process requires introduction of PIN code ! Gemalto ! Gemsafe application personalized for each university ! Other proprietary solutions OTTIUC 17 Mobile communications Characteristics ! Migrate smart card functionalities to mobile environment ! Access to dynamic contents from any device ! Uses security provided by the smart cards (SIM card) Canal UC Notas Deportes Salir Ok Cancel Selec. Fecha Deportes Reservar Pista Mis Reservas Ayuda Futbol Sala Baloncesto Otras Ok Ok Cancel Selec. Franja 12/11/2003 13/11/2003 14/11/2003 09:00 – 14:00 14:00 – 22:00 Salir Ok Ok Cancel Selec. Disciplina Cancel Local Access Remote Access Cancel El pago se realizara a traves de Mobipay Ok Cancel Compra Ref Universidad 3,50 Eur. Tarjeta 8vcorpSCH Aut. con NIP Ok Cancel OTTIUC 18 Near Field Communications General ! Contactless technology advances enables access to chip information and provides the capabilities for inter-devices short range communication ! Access to JavaCard application through contactless interface !Same behaviour as current smartcard !Banking applications with increased security OTTIUC 19 University Smart Card Services Services Use 1 198 univ. 196 univ. 93 univ. 31 univ. 198 univ. 32 univ. 31 univ. 26 univ. Debit Consultations at ATMs e-Purse OTTIUC 1. Weighting on number of universities and usage of service. 2. Usage is mandatory. Discounts at shops Access to computers2 Digital signature Self-service kiosks Access to sites2 Time control2 Library loans2 20 Future Trends General ! The world is moving contactless and mobile ! Each user is different and demands same services in different ways ! User environment is really important ! Ambient Intelligence ! Sensor around user ! User profiles: automatically adapt services to user requirements OTTIUC 21 Synergies Santander – Calypso OTTIUC 22 Santander – Calypso Public transportation ! Heterogeneous environment with no dominant solution ! European level standards: CEN/TC 224 (EN 1545 y EN 15320) ! Proprietary solutions generalised depending on location: ! Calypso (Belgium, Portugal, France, Italy,...) ! ITSO (UK) ! VDV (Germany) ! Octopus OTTIUC 23 Santander – Calypso Global Overview Number of ongoing projects 30 25 20 Europa América Latina 15 Oceanía 10 America del Norte 5 0 Mifare 1K Mifare 4K Calypso DESFire Bancario OTTIUC Based on internal study: “Evaluación del uso de Mifare “ 24 Santander – Calypso Santander University Smartcard ! Santander University Smartcard includes public transport support ! Agreement with regional companies ! Give advice on more suitable solution ! Transport support with both contact and contactless ! e-Purse (open or close) extended to use in public transport ! WG10 ! Proprietary ! Contactless solutions ! Mifare with proprietary memory map ! Calypso OTTIUC ! Paypass 25 Santander – Calypso Santander experience ! Mifare based ! Santiago de Compostela ! Málaga ! Lleida ! Santander (Universidad Cantabria) ! Santiago de Chile (i.e. Universidad Chile) ! Bogotá (Universidad Sergio Arboleda) ! Portoalegre (Unisinos) ! Calypso based ! Oporto (Universidad Porto) OTTIUC 26 Santander – Calypso Santander experience ! Transport is a really demanded and use application ! Mostly used Mifare or ISO 14443 A smartcards ! Unable to set an smartcard to work both A/B mode ! Javacard is widely established ! Compatible and easily tuneable ! Co-existence and cooperation between applications ! Standards are better accepted ! Interoperability ! Roaming or reusability ! World is moving mobile OTTIUC ! NFC on mobiles will rule (mainly use type A mode) 27 Conclusions OTTIUC 28 Conclusions ! An smartcard is more than just a plastic ! Multiapplication offers dynamicity and flexibility ! Successful experience on using multiapplication environment ! World is moving mobile Technology is there, the limit is our imagination OTTIUC 29
