Infineon Introduces Chip Card Controllers for Improved Security of Electronic Identity Cards and Passports

Jul 07, 2004

Munich, Germany / Seoul, Korea – 7. July 2004 – Infineon Technologies AG will be offering new chip card controllers for improved security of electronic identity cards and passports when the first global tests on electronic ID cards and passports commence later this year. With double the storage capacity and state-of-the-art security features, Infineon’s chips are ideal for use in documents requiring foolproof security.

Infineon’s SLE66CLX640P security controller is designed for tomorrow’s chip card-format electronic ID cards, while the SLE66CLX641P controller is intended for integration into electronic passports. Until now, chip cards have been designed for a maximum useful lifetime of five years, whereas electronic ID cards and passports are generally valid for ten years. Infineon has aimed its new controllers at precisely these requirements.

“One of the biggest concerns today is how to safeguard data and protect against identity theft,” said Dr. Juergen Kuttruff, Vice President & General Manager, Security at Infineon’s business group Secure Mobile Solutions. “With the Infineon-enabled chips, electronic ID cards and passports will be much more secure than ID cards and passports today.”

The most important requirement for identification documents is that all data is stored in a reliable form and as securely as possible. Infineon’s security controllers contain more than 50 individual security mechanisms built into the chip. This ensures that the stored data enjoys today’s the best possible protection against manipulation and improper use.

Featuring a storage capacity of 64 kilobytes (Kb), both the new security controllers meet the provisions of the global Standard 9303-1, issued by the International Civil Aviation Organization (ICAO), which has laid down framework standards for globally valid travel documents for 188 countries. In line with the ICAO requirements for electronic travel documents, the encrypted data on both chips includes not just the details currently printed on ID papers, such as name, date of birth and period of validity, but also a number of biometric features, characteristics specific to the individual, which can be the face, the prints of one or more fingers, the image of the holder’s iris or a combination of these characteristics. Unlike today, the holders of future generations of ID cards may be sure that if they should lose their card it cannot be used without authorization.

Infineon’s chips are the only products in the world capable of supporting both of the contactless interface formats that dominate the marketplace, ISO/IEC 14443 Type A and Type B, which differ in the data transmission protocols they employ. This means that cards or passes containing Infineon’s security controller can be used worldwide, regardless of the reader infrastructure already installed or being set up.

Electronic ID cards can do more

Tomorrow’s electronic ID cards will be suitable for a variety of applications. A multi-application card of this kind could integrate: a personal identity card, a driver’s license, an e-government card with a digital signature for using special official services, a credit card, and a monthly commuter ticket for urban transportation systems.

Infineon’s SLE66CLX640P security chip keeps these applications and the associated data records securely separate from each other. In addition, it permits graduated access authorizations, so that only an authorized group of individuals may access or modify the data. This means that the holder need have no anxiety that the border guard examining their ID card is able to gain access to his or her tax return.

The SLE66CLX640P designed for use in the ID cards of the future performs the contactless transfer of data up to a distance of around ten centimeters from the reader or via electrical contacts directly to the reader. The SLE66CLX641P, on the other hand, which could be integrated into the laminated side of the electronic passport, along with the holder’s personal details, has a purely contactless interface.

Technical details of the security chips

The two security chips SLE66CLX640P and SLE66CLX641P belong to Infineon’s 66Plus family of 16-bit chip card controllers. In order to meet the exacting security requirements of identity cards, the chip card controllers offer numerous physical protection functions, such as an active shield feature and encryption functionality. Also on offer is the sector’s most effective protection to date against so-called DPA/SPA (Differential Power Analysis / Simple Power Analysis) attacks, which involve hackers attempting to read the information off the chip by applying different voltages to it.

The Memory Management Unit (MMU) of the chips contains hardware firewalls, in order to keep the applications and other system software securely and reliably separate from each other. The security controllers calculate symmetrical algorithms such as DES (Data Encryption Standard) and Triple-DES. They offer a powerful crypto-coprocessor, which permits the calculation of asymmetrical algorithms like RSA (Rivest, Shamir, Adleman) and elliptical curves.

Tens of millions of examples of the forerunners to the two chips being launched now are already in use in ID projects. These include electronic ID cards in Macao, Hong Kong, Oman, Italy and the US Department of Defense, as well as the national healthcare cards in Taiwan and Italy.

The security controllers are being developed in Infineon’s center of excellence for contactless technology in Graz, Austria. Here, Infineon is creating about 30 new jobs in development, marketing and application technology for chip card applications. The chip package, specially developed for the requirements of ID cards and passports, originates in Regensburg, Germany, along with the inlay consisting of the antenna and its connection to the chip. Infineon believes it is the only semiconductor manufacturer to design the chip, the package, which has been specially designed for identification documents, as well as the inlay in line with the demanding requirements of security documents.

For further information on Infineon’s product portfolio of security and chip card ICs, please got to: www.infineon.com/security_and_chipcard_ics

The original press release can be found here.

Explore further: Researchers discover low-grade nonwoven cotton picks up 50 times own weight of oil

add to favorites email to friend print save as pdf

Related Stories

SR Labs research to expose BadUSB next week in Vegas

9 hours ago

A Berlin-based security research and consulting company will reveal how USB devices can do damage that can conduct two-way malice, from computer to USB or from USB to computer, and can survive traditional ...

Probing Question: What is Bitcoin?

Jul 10, 2014

In 1729, when he was 23 years old, Benjamin Franklin authored a pamphlet titled "A Modest Inquiry into the Nature and Necessity of a Paper Currency." The revolutionary idea he advocated? Paper money printed ...

ISS seeks ouster of most of Target's board

May 28, 2014

A prominent proxy advisory firm has recommended that Target shareholders vote out seven of its 10 board members after a massive pre-Christmas data breach.

New algorithm shakes up cryptography

May 16, 2014

Researchers at the Laboratoire Lorrain de Recherches en Informatique et ses Applications (CNRS/Université de Lorraine/Inria) and the Laboratoire d'Informatique de Paris 6 (CNRS/UPMC) have solved one aspect of the discrete ...

Recommended for you

Iliad founder says T-Mobile offer is 'real'

8 hours ago

French telecom upstart Iliad's founder said Friday that the company's offer for US-based T-Mobile is "real" and that he is open to working with partners on a deal.

Law changed to allow 'unlocking' cellphones

8 hours ago

President Barack Obama signed a bill into law on Friday making it legal once again to unlock a cellphone without permission from a wireless provider, so long as the service contract has expired.

Social network challenges end in tragedy

8 hours ago

Online challenges daring people to set themselves ablaze or douse themselves in ice water are racking up casualties and fueling wonder regarding idiocy in the Internet age.

Microsoft sues Samsung alleging contract breach

8 hours ago

Microsoft on Friday sued Samsung in federal court claiming the South Korean giant had breached a contract over cross-license technology used in the fiercely competitive smartphone market.

States debate digital currency

10 hours ago

Now that consumers can use digital currencies like bitcoin to buy rugs from Overstock.com, pay for Peruvian pork sandwiches from a food truck in Washington, D.C., and even make donations to political action committees, states ...

User comments : 0