With both contact and contactless on board, the cards are finding favor with a host of global issuers
08 February, 2016
In the world of smart cards, interface is key. The term describes the way data is communicated between card and reader.
In the early days, issuers chose either a card with a contact interface that is inserted into a reader or contactless interface that requires only close proximity to the reader.
Later, hybrid cards offered both interfaces by embedding two separate chips on a single card. Today, however, demand is growing in multiple markets for dual-interface cards that offer both contact and contactless interfaces via a single chip.
Dual-interface cards are widely adopted in the federal government space through both the PIV and the Defense Department’s CAC cards. Dual interface is also poised for growth in both banking and transit sectors, as the payments industry continues its transition to EMV chip cards and transit boards explore open-loop fare collection systems.
For the first time, ABI Research predicts that dual-interface smart card shipments will exceed the 1 billion mark in 2015.
“Having a single processor in a card has enabled us to enhance both security and personalization,” says Paul Brady, senior director of sales engineering at Identiv. “It has also reduced the complexity of the card itself, making it more reliable and cheaper to produce.”
One chip versus two
It used to be that a hybrid card – one with two separate chips – was the only way offer contact and contactless interfaces on a single card.
Initially the hybrid technology was the easiest way to merge the two functionalities into a single card without substantially changing the manufacturing process. In essence, the hybrid concept simply required embedding a contact chip onto a pure contactless card. Until recently, dual-interface card manufacturing remained prohibitive for most of the industry because of its complexity.
“Dual-interface cards are often an intermediate step for migrating from a contact to a contactless card,” says Stefan Barbu, head of NXP’s Secure Identity Business for the Americas. High-security card applications originally started using contact chips, which were more mature than contactless. But as contactless technology evolved, it became faster and more secure and is now preferred for many applications due to its speed, security, durability and user convenience.
Because many card programs and schemes have a large deployment of legacy contact-based infrastructure, it can take years to migrate the hardware, standards and processes to contactless. In such cases, dual-interface cards can facilitate a transition over time.
Today, new card programs that don’t have these constraints in terms of legacy compatibility typically start directly with contactless, explains Barbu.
In addition to the easier manufacturing processes, hybrids also worked because there wasn’t a business reason that demanded a one-chip solution, says Julian Lovelock, vice president of strategic initiatives for HID Global Identity Assurance. The cards supported separate functions with contactless generally enabling physical access and contact enabling logical access.
“The fact that there were two chips really didn’t matter because they were two completely different sets of use cases – with two different sets of cryptographic keys – and that is the way many people wanted it to be,” says Lovelock.
But having two chips on one card did lead to challenges managing multiple credentials on a single piece of plastic. With hybrid cards, there is no electrical communication between the contact and contactless chips. Instead separate, unconnected processors manage the two chips, making it impossible to update both via a single process.
With hybrid cards, there is no communication between the contact and contactless chips. Instead separate processors manage the two chips, making it impossible to update both with a single process.
Also with hybrids, contactless chips were typically lower end memory or read/write-only. “The application loaded on those chips could not be changed, making it impossible to provide risk remediation in case of compromised data or to address other security issues,” says Stephane Ardiley, director of product management for Identiv.
The benefit of a dual-interface chip is that it is programmable, and its application can be upgraded during the life cycle of the card, says Ardiley. This offers the opportunity to increase the level of security or security protocol without having to reissue the card itself.
The more robust chip in a dual interface card can handle more applications, heavier applications and better cryptography, says Terry Gold, founder of IDAnalyst LLC.
Jerome Becquart, vice president of operations for access management provider Axiad, says that nearly every enterprise that had been deploying hybrid cards are now looking at dual interface because they enable both identity security and physical access via a single chip.
“From a cost standpoint as well as a security standpoint, it’s a better solution than a card with two different chips,” Becquart says.
Still others argue the true costs for the two solutions are difficult to compare. While the dual interface cards save cost by requiring one chip instead of two, they also add complexity in the manufacturing process and result in significantly higher losses and field returns than hybrid cards. This, however, is something that gets better with time as card manufacturers continue to refine production processes and techniques.