Key storage devices (Tokens, Smart Cards, OTP, Biometry)

Generally key storage device is a device storing sensitive information in its memory. Such storages can be of different form-factors:

  • smart cards;
  • USB-keys;
  • contactless smart cards;
  • one-time password generators.

The technologies best known and well-proven in this area at Russian market are smart cards of common or USB form-factor and one-time password generators.

Contact smart cards

Architecture of smart cards developed by different vendors has typical structure (RFC):

Smart Card Architecture

As the scheme shows, device memory has three areas:

  • System memory – memory area storing operating system, file system and software required for validating input information.
  • Open memory – memory area storing information that can be accessed to without PIN. This information includes data about smart card, its name, free space, etc.
  • Locked memory – memory area that can be accessed to only after PIN input.

For interaction with processor APDU (Application Protocol Data Unit) commands are used.