A Smart Card Management System (SCMS) is a system for managing smart cards[1] through the life cycle[2] of the smart cards. Thus, the system can issue the smart cards, maintain the smart cards while in use and finally take the smart cards out of use (EOL). Chip/smart cards provide the foundation for secure electronic identity, and can be used to control access to facilities, networks or computers.[3] As the smart cards are security credentials for authenticating the smart card holder (for example using two-factor authentication) the security requirements for a smart card management system are often high and therefore the vendors of these systems are found in the computer security industry.
Smart card management systems are generally implemented as software applications. If the system needs to be accessible by more than one operator or user simultaneously (this is normally the case) the software application is often provided in the form of a server application accessible from several different client systems. An alternative approach is to have multiple synchronized systems.
Smart card management systems connect smart cards to other systems. Which systems the smart card management system must connect to depends on the use case for the smart cards. Typical systems to connect to include:
Connected smart card reader[4]
Unconnected (RFID) smart card reader
Card printer
User directory
Certificate authority[5]
Hardware security module
Physical access control systems
During the smart card lifecycle, the smart card is changing state (examples of such states include issued, blocked and revoked), the process of taking a smart card from one state to another, is the main responsibility of a smart card management system. Different smart card management systems call these processes by different names. Below a list of the most widely used names[6] of the processes are listed and briefly explained:
Register – adding a smart card to the smart card management system
Issue – issuing or personalizing the smart card for a smart card holder
Initiate – activating the smart card for first use by the smart card holder
Deactivate – putting the smart card on hold in the backend system
Activate – reactivating the smart card from a deactivated state
Lock – also called block; smart card holder access to the smart card is not possible
Unlock – also called unblock; smart card holder access to the smart card is re-enabled
Revoke – credentials on the smart card are made invalid
Retire – the smart card is disconnected from the smart card holder
Delete – the smart card is permanently removed from the system
Unregister – the smart card is removed from the system (but could potentially be reused)
Backup - Backup smart card certificates and selected keys
Restore - Restore smart card certificates and selected keys
^Schneier, Bruce (1996). Applied Cryptography. John Wiley & Sons Inc. p. 587. ISBN 0-471-11709-9.
^Rankl, Wolfgang (2003). Smart Card Handbook. John Wiley & Sons Ltd. pp. 597–653. ISBN 0-470-85668-8.
^Wilson, Chuck (2001). Get Smart. Mullaney Publishing Group. pp. 115. ISBN 0-9674460-5-8.
^Rankl, Wolfgang (2003). Smart Card Handbook. John Wiley & Sons Ltd. p. 655. ISBN 0-470-85668-8.
^Hansche, Susan (2004). Official (ISC)2 guide to the CISSP exam. Auberbach Publications. pp. 431. ISBN 0-8493-1707-X.
^"Smart Card Industry Glossary". Smart Card Alliance. Retrieved 2 February 2012.
and 28 Related for: Smart card management system information
A SmartCardManagementSystem (SCMS) is a system for managing smart cards through the life cycle of the smart cards. Thus, the system can issue the smart...
A smartcard (SC), chip card, or integrated circuit card (ICC or IC card), is a card used to control access to a resource. It is typically a plastic credit...
A contactless smartcard is a contactless credential whose dimensions are credit card size. Its embedded integrated circuits can store (and sometimes...
contactless smartcard payment system. Its success led to the development of similar systems elsewhere, including Navigo card in Paris, Oyster card in London...
of miter saw Smartcardmanagementsystem Society for Cinema and Media Studies Structured Content ManagementSystem Supply chain management software This...
The SMART Health Card framework is an open source immunity passport program designed to store and share medical information in paper or digital form....
Times. 4 March 2019. Retrieved 5 March 2019. "UD issues Smart National Common Mobility Card model - Times of India". The Times of India. 4 September...
an account at a financial institution. It can also be a smartcard that contains a unique card number and some security information such as an expiration...
The Clipper card is a reloadable contactless smartcard used for automated fare collection in the San Francisco Bay Area. First introduced as TransLink...
keypad, biometric sensor, access card, Bluetooth, or Wi-FI from a registered mobile device. These locks are called smart locks because they use advanced...
Java Card is a software technology that allows Java-based applications (applets) to be run securely on smart cards and more generally on similar secure...
misuse. Modern banking systems require interoperability between a variety of PIN entry devices, smart cards, card readers, card issuers, acquiring banks...
The TFI Leap Card is a contactless smartcard for automated fare collection overseen by Transport for Ireland (TFI). It was introduced in the Greater Dublin...
Java Card OpenPlatform (JCOP) is a smartcard operating system for the Java Card platform developed by IBM Zürich Research Laboratory. On 31 January 2006...
SCNIC (Smart Computerised National Identity Card) too having information both in English and Urdu languages. The Computerized National Identity Card (CNIC)...
The CharlieCard is a contactless smartcard used for fare payment for transportation in the Boston area. It is the primary payment method for the Massachusetts...
technical standards and specifications for the SmartCard Certification services for payment smartcard and personalisation centres MEPS provide the following...
The ORCA card (standing for One Regional Card for All) is a contactless, stored-value smartcardsystem for public transit in the Puget Sound region of...
cloud card, as a digital virtual representation of a physical card. They share a common purpose: Identity Management, Credit card, Debit card or driver...
the reader system. The SAM component is typically housed within a secure enclosure soldered onto the PCB. A typical smartcard reader system generally...
charging ₹ 50 to 200 to produce a PVC version of the card, and it is marketed by them as a smartcard, despite having no official validity and no chip. Certain...
based on various levels of the ISO/IEC 14443 Type-A 13.56 MHz contactless smartcard standard. It uses AES and DES/Triple-DES encryption standards, as well...
with the UPS Network ManagementCard, enables safe server shutdown by communicating over a network to any network-enabled APC Smart-UPS (those that contain...
delay before the money is taken out. Smart-card-based electronic purse systems (in which value is stored on the card chip, not in an externally recorded...
following product lines: vSEC:CMS – credential or smartcardmanagementsystems for managing PKI tokens, smart cards and digital certificates, generally with...
of the above systems are smart and smart 2(Annex 1C) ready. TIS WEB - provides full fleet management TachoSAFE WEB - basic fleet management and completely...
with the Octopus card in Hong Kong, contactless smart cards have become the standard fare media in AFC systems, though many systems support multiple media...