Vesna Hassler, Michail Gordeev, Martin Manninger, Christoph Müller: Java Card for E-Payment Applications, Artech House, 2001, ISBN 1-58053-291-8
Cover: Java Card for E-Payment Applications

Content

Preface

Chapter 1 Smart Card Basics

1.1 Logic of Integrated Circuit Cards

1.2 Communication Interface of Integrated Circuit Cards

1.3 Smart Card Operating Systems

1.4 Smart Card Life Cycle

1.5 Integrated Circuit Card Standards

Chapter 2 Security Issues

2.1 Symmetric Cryptography

2.2 Asymmetric Cryptography

2.3 Authentication

2.4 Smart Card Security

2.5 Known Attacks on Smart Cards

2.6 System Security

2.7 Security Evaluation Criteria

2.7.1 Common Criteria

Chapter 3 File structure and commands

3.1 File structure of integrated circuit cards

3.2 Command Structure of Integrated Circuit Cards

3.3 Examples of Smart Card Commands

3.4 Cryptographic Authentication and Secure Messaging

Chapter 4 ISO 7816 Smart Card Communication

4.1 Answer to Reset

4.2 T = 1

Chapter 5 Card readers and card terminals

Chapter 6 Related technologies

Chapter 7 Debit and credit cards

7.1 Relevant Specifications

7.2 EMV Transaction

7.3 EMV 2000 Details

7.3.1 EMV Book 1

7.3.2 EMV Book 2

7.3.3 EMV Book 3

7.3.4 Book 4

Chapter 8 Java Card Basics

8.1 Java Card Architecture

8.2 Differences from Java

8.2.1 Primitive Data Types and Arrays

8.2.2 Operations and Type Casting

8.2.3 Exceptions

8.3 Java Card Applet

8.3.1 Installation and Registration

8.3.2 Selection and Deselection

8.3.3 APDU Processing

8.4 References

Chapter 9 Deployment of Java Card Technology

9.1 Java Card Forum

9.1.1 Card Management

9.2 SIM Application Toolkit

9.3 Visa Open Platform

9.4 References

Chapter 10 Java Card Security

10.1 Java Card Language Subset Security

10.1.1 Java Safety

10.1.2 Java type safety

10.1.3 Transient Objects

10.1.4 Atomicity of Transactions

10.2 Card Applet Security Mechanisms

10.2.1 Card Applet Firewall

10.2.2 Secure Object Sharing

10.3 Java Card Crypto APIs

10.3.1 PIN Verification

10.4 References

Chapter 11 Application Development

11.1 Java Card API

11.1.1 JCSystem Class

11.1.2 Class Applet

11.1.3 APDU Class

11.1.4 OwnerPIN Class

11.1.5 Util Class

11.1.6 Interface ISO7816

11.2 Existing Implementations

11.2.1 Giesecke&Devrient Sm@rtCafé

11.2.2 Gemplus GemXpresso 211

11.2.3 Schlumberger Cyberflex Access

Chapter 12 OCF Basics

12.1 Smart Card Applications

12.2 The OpenCard Framework

12.3 The OpenCard Consortium

12.4 OCF Architecture Overview

12.4.1 What is a Framework?

12.4.2 What is an Abstract Factory?

12.4.3 Singleton and Registry

12.5 PC/SC

12.6 OCF versus PC/SC

12.6.1 Platform

12.6.2 Operating System

12.6.3 Terminal Application

12.6.4 Programming Language

12.6.5 Architecture

12.6.6 Interoperability

12.6.7 Java Card and Windows for SmartCard

12.7 Other Card Terminal APIs

Chapter 13 OCF structure

13.1 OCF Card Terminal Layer

13.1.1 The Core Part of the Card Terminal Layer

13.1.2 The Optional Part of the Card Terminal Layer

13.2 OCF Card Service Layer

13.2.1 The Core Part of the Card Service Layer

13.2.2 The Optional Part of the Card Service Layer

13.2.3 Standard Card Service Interfaces

13.3 OCF Security

13.4 OCF-Card Terminal Communication

13.5 OCF and Java Card Applets

Chapter 14 Case Study Overview

14.1 Sample Application Functionality

14.1.1 Application Architecture

14.1.2 Transaction Flow

14.1.3 Data Objects

14.1.4 Application Selection

14.1.5 Processing Options Retrieval

14.1.6 Reading Application Parameters

14.1.7 Cardholder Verification

14.1.8 Application Cryptogram

14.2 Security Functions

14.2.1 Card Risk Management

14.2.2 Session Key Derivation Algorithm

14.2.3 Application Cryptogram Calculation Algorithm

14.3 Application Design

Chapter 15 Java Card Applet Development

15.1 Applet Architecture

15.2 EMVPurse class

15.2.1 Data Structures and Related Methods

15.2.2 Class Constructor

15.2.3 GENERATE AC Command Processing

15.2.4 CVR Object

15.2.5 Card Risk Management and Card Action Analysis

15.2.6 Application Cryptogram Calculation

15.3 Class EMVdemo

15.3.1 Class Constructor, Methods install and select

15.3.2 Method process

15.4 Class EMVFileSystem

15.4.1 Record

15.4.2 File

15.4.3 File System

Chapter 16 OCF Card Service Development

16.1 Setting up the environment

16.2 The Properties File and the Factory

16.3 The Card Service

16.3.1 Select Command

16.3.2 Verify Command

16.3.3 Read Record Command

16.3.4 Get Processing Options Command

16.3.5 Generate AC Command

Chapter 17 Terminal Application

17.1 Startup and Shutdown

17.2 Processing Options and Restrictions

17.3 Dynamic Data Authentication

17.3.1 Certificate chain

17.3.2 Signing authentication data

17.4 Terminal risk management

17.5 Verification of the Result

17.5.1 General Verification

17.5.2 AC Calculation

Conclusions

Appendix A Card Applet Source Code

Appendix B OCF Reference Manual

Abbreviations

Author Information
Footnote: This website contains facts from my books, but the use of this information is restricted to reading. I have to respect the rights of my co-authors and publishers.