Victor Chan

1
Personalization of Multi-Application Smart Card

• Victor Chan
• NBS Card Technology, MIST Inc.
• August 21, 2002

2
Impact on Issuance Market

• Multiple Applications on a single card
• Market Segment of One
• Choice for Pre-issuance (Initial Issuance)
• Service Bureau, Regional Center, Branches
• Dynamic Post-issuance loading of applications
• Anytime, Anywhere Access
• Portability of applications across chip-cards
• Write Once, Run Anywhere
• Multiple Application Providers on a single card

3
Impact on Issuance Market

• Standardization of personalization
• GlobalPlatform Scripting
• Common Personalization Process (CPP)
• One set of software for all machines
• Interface to Smart Card Management System
• New technologys compatibility with existing
  personalization systems

4
Traditional Personalization SolutionTwo step
process
Issuers Host
2
1
Personalization Data Preparation Process (P3)
Personalization System
XYZ BANK
Card Holder Data with Generated Keys
Certificates
Card Holder Data
HSM
HSM
XYZ BANK
4000 1234 5678
J. Smith
WIN NT PC
WIN NT PC
5
Alternative Personalization SolutionOne step
process

• Seamless personalization directly from the card
  holder data
• Functionalities of P3 are provided inline in the
  Personalization system
• Keys and certificates are generated in real time
• One software vendor for both P3 and
  personalization
• Eliminate duplication of HSM
• PCI Bus HSM space saving

Card Holder Data
Branch Issuance
XYZ BANK
XYZ BANK
4000 1234 5678
J. Smith
Pilot or Regional Issuance
Service Bureau Issuance
6
Pre-issuance - Central Issuance

• Service bureau
• Batch issuance
• High volume

P3
Card Holder Data
XYZ BANK
4000 1234 5678
J. Smith
Card Holder Data
Two Step Process

• One Step process
• Solution from a single vendor
• Simpler to operate
• Only one HSM
• Lower Cost Solution
• Two Step Process
• Issuer key pair does not need to be installed at
  the card service bureau
• Could be a local banking requirement

OR
Card Holder Data
XYZ BANK
4000 1234 5678
J. Smith
One Step Process
7
Pre-issuance - Regional Issuance

• Mid to low volume
• Pilot Program
• Install at issuer location

• One Step process is preferable
• Issuer mange solution from a single vendor
• Simpler to operate
• Only one HSM
• Lower Cost Solution

Card Holder Data
XYZ BANK
4000 1234 5678
J. Smith
One Step Process
8
Pre-issuance - Branch Level
P3
Card Holder Data
Card Holder Data
OR
XYZ BANK
XYZ BANK
4000 1234 5678
4000 1234 5678
J. Smith
J. Smith
One Step Process
Two Step Process

• Functionalities of P3 is provided in the branch
  level
• Simpler integration to branch system

• Functionalities of P3 is provided centrally
• Issuer key pair remains at one location

9
Post Issuance
P3

• Dynamic Post Issuance

• At merchant, home, etc
• Anywhere, Anytime
• Via PC, or POS terminal
• Functionality of P3 needs at the central system

Issuer Central System
Internet, Network etc..
Card Holder Data
10
Future of Issuance anywhere, anytime, with
easy access
Personal Computers
Point-of-sale
Internet
wireless
Point-of-sale
Pagers PDAs
Issuance Gateway
Telephone Networks
wired
issuance
Point-of-sale
Banks Processors
11
Summary

• Pre issuance (initial issuance)
• Centrally in a service bureau
• Bank Regional Center
• Bank Branches
• instant issuance
• Many different options to provide the
  functionalities of P3
• Local banking regulation may be a consideration
• Post issuance
• PC via Internet access
• POS Terminals
• Wired or wireless
• IP Terminals