Smart Card
What is Smart Card?
Smart CardA credit-card-sized device with an embedded secure microcontroller that stores credentials and performs cryptographic operations, defined by ISO/IEC 7816 for contact cards.
A smart card is a plastic card containing a tamper-resistant chip that exposes a small operating system, secure memory and a cryptographic engine. The contact electrical interface is standardised by ISO/IEC 7816 (parts 1-4 cover physical, signal and command-level behaviour); contactless variants follow ISO/IEC 14443 or 15693. Smart cards host PKI keys, symmetric keys, biometric templates, applets and personal data, and they are at the heart of credentials such as PIV, CAC, EMV bank cards, SIMs and national eID cards. Because keys never leave the chip and operations require a PIN or biometric, smart cards provide strong two-factor authentication.
● Examples
- 01
Banking EMV chip cards using ISO/IEC 7816 to authorize PIN-based transactions.
- 02
A national eID smart card storing the citizen's PKI certificates and biometric template.
● Frequently asked questions
What is Smart Card?
A credit-card-sized device with an embedded secure microcontroller that stores credentials and performs cryptographic operations, defined by ISO/IEC 7816 for contact cards. It belongs to the Cryptography category of cybersecurity.
What does Smart Card mean?
A credit-card-sized device with an embedded secure microcontroller that stores credentials and performs cryptographic operations, defined by ISO/IEC 7816 for contact cards.
How does Smart Card work?
A smart card is a plastic card containing a tamper-resistant chip that exposes a small operating system, secure memory and a cryptographic engine. The contact electrical interface is standardised by ISO/IEC 7816 (parts 1-4 cover physical, signal and command-level behaviour); contactless variants follow ISO/IEC 14443 or 15693. Smart cards host PKI keys, symmetric keys, biometric templates, applets and personal data, and they are at the heart of credentials such as PIV, CAC, EMV bank cards, SIMs and national eID cards. Because keys never leave the chip and operations require a PIN or biometric, smart cards provide strong two-factor authentication.
How do you defend against Smart Card?
Defences for Smart Card typically combine technical controls and operational practices, as detailed in the full definition above.
What are other names for Smart Card?
Common alternative names include: ISO 7816 card, Chip card, ICC.
● Related terms
- cryptography№ 827
PIV Card
A US federal smart card that carries identity credentials and PKI keys as defined by FIPS 201 and NIST SP 800-73, used by federal employees and contractors.
- cryptography№ 138
CAC (Common Access Card)
The smart-card identity credential issued by the US Department of Defense to military, civilian and contractor personnel for physical and logical access.
- cryptography№ 413
FIDO Security Key
A hardware authenticator that uses the FIDO U2F or FIDO2/WebAuthn standards to perform phishing-resistant, public-key-based authentication to web and enterprise services.
- cryptography№ 739
Nitrokey
An open-source security key from German vendor Nitrokey GmbH that provides FIDO2, OpenPGP, X.509 smart-card and OTP functionality in a USB token.
- network-security№ 878
Public Key Infrastructure (PKI)
The combined system of policies, software, hardware and trusted authorities used to issue, distribute, validate and revoke digital certificates that bind identities to public keys.
- identity-access№ 708
Multi-Factor Authentication (MFA)
An authentication method that requires two or more independent factors — typically from different categories — before granting access.
● See also
- № 829PKCS#11