Editor's Note: The Buyer's Guide summarizes vendor-submitted information. To find out about future Buyer's Guide topics or to learn how to include your product in an upcoming Buyer's Guide, go to http://www.win2000mag.com/buyersguide. To view previous Buyer's Guides on the Web, go to http://www.win2000mag.net/channels/products.
Europeans use smart cards as prepaid phone cards, public-transit fare cards, and health-insurance ID cards. Smart cards aren't as widely accepted in North America, but some organizations use them for security applications.
Smart cards are available in two forms: memory cards and microprocessor cards. Memory cards are a relatively inexpensive way to improve PC and network security because the user must present a card, a username, and a password to gain access. You generally use memory cards to access personal computers and networks, but some vendors offer cards that also let you access your employer's entry doors so that you don't have to carry more than one card.
The least expensive memory cards have contacts on the card that mate with the contacts on a card reader, so you're required to place the card into the reader each time you use the card. Contact wear and dirt can diminish the reliability of the card and reader. Contactless cards contain a small antenna coil that lets a reader communicate with the card without requiring the two to come in contact. Contactless cards and readers cost more, but they last longer and require less long-term maintenance. Some vendors offer cards that work with both types of readers.
Microprocessor cards let you load and run customized applications, but these added capabilities could cost you. Microprocessor cards add a CPU, a larger OS than memory cards, as much as 64KB of EEPROM, and a small amount of RAM. Some microprocessor cards provide an encryption coprocessor to handle digital signatures and public key encryption of messages. Depending on the amount of EEPROM on the card, several applications can reside on the card, including functions common to memory cards. Generally, microprocessor cards are more tamper-resistant than memory cards. Because contactless interfaces are intended for only high-speed transactions, microprocessor cards usually come with contact interfaces. Some vendors' cards, however, might also include a contactless interface that you can use for suitable applications.
When choosing a smart card solution, consider what applications you plan to use so that you can determine which card type meets your needs. Discuss your plans with the smart card vendor or a smart card software developer. The vendor might already have the applications you need, and if so, it can determine total cost, memory requirements, and how the applications will work with various microprocessor-card CPUs. If you require custom applications, the vendor might offer to create them at an additional cost, or it might refer you to a smart card application developer.
Then, you need to select a reader. Standalone readers for desktop systems typically plug into a USB or RS232 port. Some readers provide keypads with security modules to encrypt keystrokes so that you can prevent someone from capturing PINs. For notebooks, PC Card readers are usually the simplest solution.
If you plan to buy very few readers, you might find it easier to buy the reader that the card vendor offers. If you purchase contactless cards and readers from different suppliers, you should verify compatibility with the vendors. Cards with contact interfaces won't cause compatibility problems as long as the readers support both the T=0 and T=1 communications protocols from the International Organization for Standardization (ISO) 7816 standard. Make sure that the reader you choose complies with the PC/SC Workgroup specification.
If you choose a card with a contact interface, you probably want a reader that uses landing contacts. Readers that use sliding contacts tend to be less expensive but can scratch the card's contact area and shorten the card's life. Landing contacts drop down onto the card and don't scratch the card's surface.