1.
Amol Kamble
1

2.
Presentation Agenda
 Identify Java Card Technology
 Identify Elements of Java Card
applications
 Communicating with a Java Card Applet
 Java Card Language Limitations
2

3.
Introduction
The first Java Card was introduced in 1996 by
Schlumberge’s card division which later merged
with Gemplus to form Gemalto
Java Card refers to a technology that
allows Java-based applications to be run
securely on smart cards.
Java Card gives the user, the ability to
program the device and make them
application specific.
3

4.
Smart Cards
 A smart card is a plastic
card that contains an
embedded integrated
circuit (IC)
 Examples:
 Our very Own T-Card!
 Credit Cards
 Cell Phone SIM Cards
4

5.
Java Cards are Smart! How??
 They store and process Information
 Smart Cards can be used to add
authentication and secure access to
information systems that require a high
level of security
5

6.
Properties
 Highly secure
 Tampering with one, results in destruction
of the information it contains
 Does not contain a battery. Becomes active
when connected with a card reader
 Comes in two forms:
 Contact
 Contact less
6

7.
Contact Java cards work
by communicating via
physical contact
between a card reader
and the smart card.
Contact-Less smart
cards communicate by
means of a radio
frequency signal, with a
typical range of less
than 2 feet.
7
Contact & Contact-Less

8.
Features of Java Card
 SUPPORTED NOT SUPPORTED
• Small primitive data types:
boolean, byte, short.
• One dimensional arrays.
• Object oriented features:
inheritance, virtual methods,
dynamic object creation,
overloading, scope.
• Large primitive data
types: long, double, float.
• Characters, strings.
• Multidimensional arrays.
• Dynamic class loading.
• Garbage collection.
• Threads.
• Object Cloning
8

9.
Elements of Java Card
Application
 A complete Java Card application
consists of :
 A back-end application
 A host (off-card) application
 An interface device (card reader )
 The on-card applet
 User credentials
9

10.
10

11.
The Back-End Application and
Systems
Provides connectivity to security systems
Example:
 In an electronic payment system, the back-end
application could provide access to credit card and
other payment information
11

12.
Card Reader’s side
 Consists of two parts:
 Host Application
 Card Acceptance Device
 Example
Think of an ATM machine
 Host Application, being the Computer, provides
interaction with the system.
 Card Acceptance Device, where you insert a debit card.
12

13.
The Card-Side
Elements:
 One or more Java
Applets
 Card’s operating System
 Java Card Runtime
Environment (JCRE)
• Java Card Virtual Machine
• Java Card Framework and
APIs
13

14.
Developing a Java Card Applet
 Write the Java source
 Compile your source
 Convert the class files into a Converted
Applet (CAP) file (binary representation of
classes and interfaces)
 Verify that the CAP is valid (structure,
valid bytecode subset, inter-package
dependencies)
 Install the CAP file
14

15.
Communicating with a
Java Card Applet
 Two methods for communicating with Java
Card Applet:
1. Fundamental message-passing model
2. Java Card Remote Method Invocation (JCRMI) which
is a subset of J2SE RMI!
15

16.
16

17.
The Message-Passing Model
 All Java Card applets extend the Applet base
class and must implement the install() and process()
methods
 JCRE calls install() when installing the applet, and
process() every time there is an incoming APDU for the
applet
 APDU: A logical data packet that's exchanged
between the CAD and the Java Card Framework (It
Is considered as the center piece for the Message-Passing
Model)
17

18.
Processing APDUs
 Every time there is an incoming APDU for a
selected applet:
 The JCRE invokes the applet's process() method
 The incoming APDU is passed as an argument
 The applet must:
• parse the command APDU
• process the data
• generate a response APDU
• and return control to the JCRE
18

19.
The Command APDU
CLA - Class of Instruction
INS - Instruction Code
P1,P2 - Parameters
Lc - Length of the field
Le - Maximum Response Length
19

20.
The Response APDU
SW1 : Status word1
SW2: Status word2
20

21.
The Java Card RMI (JCRMI)
 The second communication model relies on a
subset of the J2SE RMI distributed-object model
 a server application creates and makes accessible remote
objects
 a client application obtains remote references to remote
objects, and then invokes remote methods on them.
21

22.
Benefits
Hardware Independence: Java Card is
independent of the type of hardware used and it
can be run on any Smart card processor (8 bits or
16 bits or 32 bits )
 Ability to store and manage many applications
 Applets developed with Java Card technology will
run on any Java Card technology-enabled smart
card, independently of the card vendor and
underlying hardware.
22

23.
Applications
Subscriber Identity Module (SIM) cards, used in cell
phones on most wireless networks
Government and health-care identity cards
Financial cards supporting both online and offline
transactions
Smart tickets for mass trans
23

24.
24

25.
25