Talk:Contactless smart card

Credit card contactless technology - EMVWTF?

The section on credit cards talks about EMV this, non-EMV that. But what is EMV? I thought common sense would dictate that you don't throw initialisms around without defining them at least once. --66.18.233.247 (talk) 19:09, 5 May 2010 (UTC)

The EMV article explains what it is. I've added a link in Contactless_smart_card#Credit_card_contactless_technology. Mitch Ames (talk) 05:35, 7 May 2010 (UTC)

The article differentiates between contactless MSD and contactless EMV cards and says that the first was only distributed in the U.S.. Is this meant to be the Magnetic Stripe Mode which is part of the EMV standard and therefore not restricted to the U.S. but part of every standard EMV chip? Or is it indeed a separate (US-specific) kind of Non-EMV chip? --Anorax (talk) 10:51, 20 December 2018 (UTC)

1cm is much larger than the chip

The proper disposal section talks about cutting the card into pieces smaller than 1cm. Given that the chip itself is smaller than 1cm, this seems a bit suspicious. If you wanted to be sure of destroying the chip, you'd need to cut the card into pieces much smaller, eg a few millimetres. Mitch Ames (talk) 12:38, 3 August 2010 (UTC)

The other way to destroy the chip is to stick the card in a microwave oven for a second or two. I have not added this to the article as that would be original research. Perhaps somebody knows of a reference for this technique. HairyWombat 16:44, 5 June 2011 (UTC)

Later. Found a suitable <ref>, so have added this technique to the article. HairyWombat 19:05, 5 June 2011 (UTC)

I have my doubts as to the reliability of that source. In any case it's hardly a "proper" method for disposal, if you can't use the microwave oven for food afterwards. Even the source says "Microwaves are designed for cooking food, not electronic devices." So I've removed the entry. Mitch Ames (talk) 11:29, 6 June 2011 (UTC)

In the absence of any references, I've removed the entire section. Mitch Ames (talk) 11:31, 6 June 2011 (UTC)

Easyrider

Resolved

 – ref added. Mitch Ames (talk) 12:00, 18 February 2011 (UTC)

add to example section refance needs to be add but not allowing me here it is so if someone can try add for me http://www.nctx.co.uk/fares/easyrider/index.php

Category renaming

Security

Security would seem to be an issue - there was a video clip from a News Show showing how cards could be read and copied just by going near the card (in a pocket) with a scanner - and then using the data

I wonder why not covered here — Preceding unsigned comment added by Robfwoods (talk • contribs) 16:40, 6 February 2012 (UTC)

Range

Contactless_smart_card#Technology says "[ISO/IEC 14443] ... allows for communications at distances up to 10 cm". ISO/IEC 14443-2:2001 Part 2: Radio frequency power and signal interface (which I have a copy of) does not define the range at all. In particular, clause 6.2 "Operating field" says that the reader "shall generate a field of at least Hmin and not exceeding Hmax at manufacturer specified positions (operating volume)." (my emphasis). Hmin and max are magnetic field strength values in A/m. However 14443-2:2001 has been superseded by 14443-2:2010, which I don't have a copy of. The abstract doesn't give any hint as to whether the new version defines the range. Does anyone have access to a copy of 14443-2:2010 to verify whether it defines the range? I suggest that in the absence of definite evidence that it does define the range, we should reword the article to remove the statement that the standard "allows for ... 10 cm". Mitch Ames (talk) 03:06, 3 November 2012 (UTC)

Electromagnetic Induction, not Radio Waves; Inductor, not Antenna

This article includes several references to the communication with the card using radio waves. While that might be technically possible (if the card was self-powered, for example) all the practical uses referred to in the article actually use electromagnetic induction, as stated in the Technology section of the article. Unfortunately that section then goes on to talk about an antenna, which is incorrect as antennas use radio waves; what is being referred to is an inductor.

I'm reluctant to fix this myself as the mistake is quite pervasive throughout the article, can any of the previous authors address this?

- Strobie (talk) 11:19, 7 May 2013 (UTC)

Merge with Proximity card?

How do contactless smart cards differ from proximity cards? There seems to be some overlap between these two articles. Are the two names synonymous, or is one type of card a subset of the other? Should the two articles be merged? --Chetvorno^TALK 05:13, 26 December 2013 (UTC)

One might argue that:

• A proximity card is one that works in "close proximity" (eg up to about 10 centimetres (3.9 in), without necessarily being a "smart" card - it might be read-only, or just "dumb" memory card (eg with no security). (ISO/IEC 14443 Identification cards -- Contactless integrated circuit cards -- Proximity cards defines communications protocols, but doesn't require that the card be "smart".)
• A contactless smart card is necessarily smart, but could include vicinity cards, which operate over longer distances, eg up to 1.5 metres (4.9 ft)

Realistically though, we might be better of just merging proximity card to contactless smart card. Note that proximity card#Active cards should probably be removed and/or moved to vicinity cards. Mitch Ames (talk) 06:07, 26 December 2013 (UTC)

Blockers

Could you say something about RFID blockers to protect these cards from unauthorized access? --Error (talk) 02:06, 27 February 2015 (UTC)

Eavesdropping

The current "Eavesdrop on NFC Communication" section says, "Short distance (≈10cm. or 4″) is required for supplying power. The radio frequency, however, can be eavesdropped within several meters. A nearby attacker can thus capture a session key and decrypt the whole communication." The source is a mailing list post from the GnuPG project and does not describe how a session key would be compromised. Indeed, as far as I know, EMV contactless cards don't even use session keys. As such, I'm removing that sentence about being able to capture the session key and decrypt the communication. Vbscript2 (talk) 16:56, 2 April 2019 (UTC)