How a Magnetic Card Reader Works

8/3/2019 How a Magnetic Card Reader Works

http://slidepdf.com/reader/full/how-a-magnetic-card-reader-works 1/8

How a Magnetic Card Reader WorksA magnetic card is a rectangular plastic object (credit/debit card) that contains either a magnetic

object embedded within the card or a magnetic stripe on the card¶s exterior. A magnetic card canstore any form of digital data.

The electronic devices designed to read stored information from a magnetic card do so either when someone swipes the card through a slot in the reading device or holds the card next to a

magnetic card reader. About a hundred bytes of information can be stored on a magnetic card.

Because of their extensive use, most magnetic cards employ standards that describe a magneticstripe¶s physical and magnetic characteristics on a plastic card. These standards also define

specifications for a storage format and information exchange.

Before describing how a magnetic card reader works, look at how data is stored on a magnetic

card and the format of data storage collected.

According to existing standards, a magnetic card stores information in three separate tracks. Allthree tracks possess different bit densities and encoded character sets. The average bit density of

the first track is 210 bits per inch (bpi). A 64-bit character data set stores information in track 1.The characters are made up of six data bits and an odd parity bit. The encoding format grants the

least significant bit to come first and the parity bit, last. So, track one can hold around 79characters.

The information density of the second and third tracks is around 75 and 210 bpi respectively.

Only numeric data can be stored on the second and third track. 4-bit binary encoding is used as a

decimal subset with odd parity and it is encoded with the least significant bit first and the parity bit last. The second and third tracks hold 40 and 107 characters respectively. The actual usabledata stored will be minimized as the Start Sentinel, End Sentinel, and LRC characters are added.

³Two-Frequency, Coherent Phase Recording´ is used for encoding magnetic cards. It is alsocalled F/2F sampling-encoding. By using combined data and clock bits, self-clocking is

achieved.



For all 3 tracks, the data storage format is as follows: Leading zero bits are encoded to specifythe presence of an encoded magnetic card and provide synchronization pulses to the read head

electronics and, ultimately, to the controller. The Start Sentinel character then indicates theinitiation of actual data. The coded data follows the Start Sentinel character, which the End

Sentinel character follows. The End Sentinel character terminates the card¶s data portion, which

an LRC byte (used for error detection) follows. Zero bits fill the remaining card. Now that it is understood how data is stored on a magnetic card, it is a bit easier to build on that

foundation to gain an understanding of how the reader actually works.

The magnetic card reader uses a specific component to read data from a magnetic card, which is

referred to as the read head. The magnetic card reader is a microcontroller-based device. Theread heads contain signal amplifiers and line drivers. All modern magnetic read heads contain

integrated F/2F bit recovery circuitry and interface with the host controller.

Using good coding techniques, interrupt driven sampling can be used to read and handle the data.Most of the head will read the first and second tracks simultaneously. Some of advanced read

heads can read all three tracks simultaneously. Linear conditioning is used for noise reduction

and signal conditioning.

The reader also contains an oscillator section that provides the clocks for the recovery sectionand for the enable/disable timers. The enable/disable counters provide initialization for the

recovery section. The recovery section locks onto the data rate and recovers the individual data bits from the data stream.

The magnetic card reader is a microcontroller-based device and has been programmed for a

specific application. That program simply reads the card in a forward direction in a simple dataformat or it can be complex enough to read the card in any direction with a corresponding

encoding format.



How a Smart Card Reader WorksSmart Card Readers are also known as card programmers (because they can write to a card), card

terminals, card acceptance device (CAD), or an interface device (IFD). There is a slight difference

between the card reader and the terminal. The term µreader¶ is generally used to describe a unit that

interfaces with a PC for the majority of its processing requirements. In contrast, a µterminal¶ is a self-

contained processing device.

Smart cards are portable data cards that must communicate with another device to gain access to a

display device or a network. Cards can be plugged into a reader commonly referred to as a card

terminal, or they can operate with radio frequencies (RF).

When the smart card and the card reader come in contact, each identifies itself to the other by

sending and receiving information. If the messages exchanged do not match, no further processing

takes place. So, unlike ordinary bank cards, smart cards can defend themselves against unauthorized

users and uses in innovative security measures.

Communicating with a Smart Card Reader

The reader provides a path for an application to send and receive commands from the card. There are

many types of readers available, such as serial, PCCard, and standard keyboard models.

Unfortunately, the ISO group was unable to provide a standard for communicating with the readers so

there is no ³one size fits all´ approach to smart card communication.

Each manufacturer provides a different protocol for communication with the reader.

y First, users have to communicate with the reader.

y Second, the reader communicates with the card, acting as the intermediary before sending the

data to the card.

y Third, communication with a smart card is based on the APDU format. The card will process

the data and return it to the reader, which will then return the data to its originating source.

The following classes are used for communicating with the reader:

y ISO command classes for communicating with 7816 protocol



y Classes for communicating with the reader

y Classes for converting data to a manufacturer-specific format

y An application for testing and using the cards for an intended and specific purpose

Readers come in many forms, factors, and capabilities. The easiest way to describe a reader is by the

method of its interface to a PC. Smart card readers are available that interface to RS232 serial ports,

USB ports, PCMCIA slots, floppy disk slots, parallel ports, infrared IRDA ports, and keyboards andkeyboard wedge readers. Card readers read data from and write data to the smart card. Readers can

easily be integrated into a PC utilizing Windows 98/Me, 2000, or XP platforms. However, some

computer systems already come equipped with a built-in smart card reader. Some card readers come

with advanced security features such as secure PIN entry, secure display and an integrated fingerprint

scanners for the next-generation of multi-layer security, and three-factor authentication.

Another difference in reader types is on-board intelligence and capabilities. An extensive price and

performance difference exists between an industrial strength reader that supports a wide variety of

card protocols and the less expensive win-card reader that only works with microprocessor cards and

performs all data processing in the PC.

The options in terminal choices are just as varied. Most units have their own operating systems and

development tools. They typically support other functions such as magnetic-stripe reading, modemfunctions and transaction printing.

To process a smart card, the computer has to be equipped with a smart card reader possessing the

following mandatory features:

y Smart Card Interface Standard ± ISO 7816 is an international standard that describes the

interface requirements for contact-type smart cards. These standards have multiple parts. For

instance, part 1, 2, and 3 are applicable to card readers. Part 1 defines the card¶s physical

characteristics. Part 2 defines the dimension and location of smart card chip contacts. Part 3

defines the card¶s electronic signals and transmission protocols. Card readers may be referred

to as conforming to ISO 7816 1/2/3, or in its simplified term, ISO 7816.

y Driver ± This refers to the software that a PC¶s operating system (OS) uses for managing asmart card and applicable card reader. To read a smart ID card, the driver of the card reader

must be PC/SC compliant, which most card reader products currently available support. It

should be noted that different OS would require different drivers. In acquiring card readers,

the compatibility between the driver and the OS has to be determined and ensured.

Desirable Features in a Smart Card Reader

Card Contact Types refers to how the contact between a card reader and a smart card is physically

made. There are two primary types of contact: landing contact and friction contact (also known as

sliding or wiping). For card readers featuring friction contact, the contact part is fixed. The contact

wipes on the card surface and the chip when a card is inserted. For card readers featuring the landing

type, the contact part is movable. The contact ³lands´ on the chip after a card is wholly inserted. In

general, card readers of the landing type provide better protection to the card than that of the friction

type.

Smart card readers are also used as smart card programmers to configure and personalize integrated

circuit cards. These programmers not only read data, but also put data into the card memory. This

means that not only CPU based smart cards, but also simple memory cards can be programmed using

a smart card reader. Of course the card reader must support the appropriate protocol such as the

asynchronous T=0, T=1 or synchronous I2C protocols.



It will not take long before smart card readers become an integral part of every computer, and,

subsequently, of computer users¶ lives. Computer systems with keyboards that have smart card

reader/writer integration are also available.

Smart card readers are also accessible as a USB dongle. USB dongles are frequently used

with GSM phones, which contain a SIM smart card. Additionally, phone numbers can be edited on a PC

using the USB smart card dongle.



How a Smart Card Programmer WorksA smart card is a mini computer which requires programming to run. A smart card doesn¶t contain an

interface-like display or keyboard, so smart card readers are used to read or update the data tofrom

smart cards. Smart cards contain an operating system which provides a platform to run applications.

Smart card operating systems can be divided into two categories.

The first kind of operating system is based on the Disk Drive approach. This operating system contains

an active memory manager which can load any file or application in the card on demand. The Card

Operating System allows for active file allocation and management (JAVA Card OS is an example of

this approach).

The advantage of Disk Drive based operating system is that the substitution cost for cards is less

expensive, but the start-up costs are higher. This card requires a lager amount of free memory to

cope with future application uploads. Due to the heavy use of expensive semiconductors, the cost is

higher for these cards. The security infrastructure costs are also higher due to the multiple points of

entry to card system functions.

The second approach treats the card as a secure device where, files and permissions to these files are

all set by the admin. The only access to the cards is through the operating system. There is no other

way to access the file structure. Data can be accessed as per the permissions set by the user. These

operating systems can then run your applications. Commands can be passed to the card via the card

reader and then the desired application can be accessed through the smart card.

One of the most commonly used smart card operating systems is JavaCard. It provides standard API

to load and run java applets directly on a standard ISO 7816 compliant card. JavaCards enable secure

and chip-independent execution of various applications.

The following requirement needs to be addressed before starting application development on smart

cards:

y Smart card reader

y Software to communicate with the reader



y Software to communicate with the smart card

y Smart cards and smart card hardware

Before we address smart card programming, we have to be able to communicate with the reader.

Because there are many different cards, there are many different readers. So proper interface

implementation should be used for communication.

Once the above setup is complete, programming and application upload can begin utilizing the smart

card. JavaCard allows applications to be loaded on demand.

In the early years of smart card development, each software application representing a product on a

card was written for a specific card with a specific operating system, which in turn was specific to a

hardware application. Sometimes a direct application was also installed without an operating system

to make the card very specific to that application. However, the evolution of multiple application

operating systems brought about a new era. JavaCard is an open, multi-application operating system

for smart cards. Any person can develop applications using Java programming language. The java

programs can run independently on the card and can be run on any ISO 7816 compliant smart cards.

This way applications from various vendors can be combined, yet remain separate from each other.

The ISO 7816 standard was developed to define the mechanical and electrical characteristics along

with the protocol for communication with the card. Unfortunately, the ISO group was unable to

baseline a standard for communicating with the reader. So, in order to communicate with the smart

card it is required to first understand the commands supported by the card. Then these commands

need to be encapsulated into ISO standard commands.

Now, let¶s take a look of the APIs which allow us to send commands from an application to a reader.

The reader communicates with the card where the actual processig takes place. From a technical

standpoint, the key is a smart card API. This is a layer of software that allows an application to

communicate with smart cards and readers from more than one manufacturer. The API allows the

programmers or users the ability to select smart cards from multiple vendors. Running an application

on multiple smart cards encourages competition among card vendors and the benefits of that

competition include greater quality and lower prices.

The smart card programming API provides an application layer between the smart card and the

application interface. The unit of exchange with a smart card is the called as Application Protocol Data

Unit (APDU) packet. Communication with the card and the reader is performed using APDUs. An APDU

can be considered a data packet that contains a complete instruction for the card or a complete

response from a card.

The following are some of the classes provided for transporting APDUs and their function:

y Response

y Command

y ISOCommand

y ISOCardReader interfacey ISOCardReader

Sun has developed the Java Electronic Commerce Framework (JECF), an extension to the core Java

platform that allows developers to easily and rapidly develop electronic commerce applications. JECF

provides several classes that easily support communication with smart cards. It can be downloaded

free of charge from Sun¶s website and can be used easily by a smart card programmer.

The smart card application development process includes following steps:

y User requirements: What does the user want to accomplish?



y Software requirements: Map user requirements to software requirements.

y Architectural design: Design the architecture of the solution.

y Code Generation: Create code as per the architecture.

y Emulation: Use emulators to test the code on virtual card.

y In-card Emulation: Run the code on actual card using card reader.

y Verification and Validation: It involves the testing.

y Final testing and maintenance.

How a Magnetic Card Reader Works

Documents

Transcript of How a Magnetic Card Reader Works