1 Victor Chan NBS Card Technology, MIST Inc. August 21, 2002 Personalization of Multi-Application Smart Card.

1

Victor ChanNBS Card Technology, MIST Inc. August 21, 2002

Personalization of Multi-Application Smart Card

2

Impact on Issuance Market• Multiple Applications on a single card:

“Market Segment of One”• Choice for Pre-issuance (Initial Issuance)

Service Bureau, Regional Center, Branches

• Dynamic Post-issuance loading of applications: “Anytime, Anywhere Access”

• Portability of applications across chip-cards: “Write Once, Run Anywhere”

• Multiple Application Providers on a single card

3

• Standardization of personalization– GlobalPlatform Scripting– Common Personalization Process (CPP)

• One set of software for all machines• Interface to Smart Card Management

System• New technology’s compatibility with

existing personalization systems

Impact on Issuance Market

4

Traditional Personalization SolutionTwo step process

Issuer’s Host

XYZ BANK4000 1234 5678J. Smith

XYZ BANK

Personalization Data Preparation Process (P3™)

Card Holder Data

WIN NT PC WIN NT PC

Personalization System

HSMHSM

Card Holder Data with Generated Keys & Certificates

#2#1

5

XYZ BANK4000 1234 5678J. Smith

XYZ BANK

Seamless personalization directly from the card holder data

Functionalities of P3™ are provided inline in the Personalization system

Keys and certificates are generated in real time

One software vendor for both P3™ and personalization

Eliminate duplication of HSM PCI Bus HSM – space saving

Branch Issuance

Pilot or Regional Issuance

Service Bureau Issuance

Card Holder Data

Alternative Personalization SolutionOne step process

6

Pre-issuance - Central Issuance

• Service bureau

• Batch issuance

• High volume

XYZ BANK4000 1234 5678J. Smith

P3™XYZ BANK

4000 1234 5678J. Smith

One Step Process

Two Step Process

OR

Card Holder Data

Card Holder Data

Card Holder Data

• One Step process– Solution from a single vendor– Simpler to operate– Only one HSM– Lower Cost Solution

• Two Step Process– Issuer key pair does not need to be

installed at the card service bureau– Could be a local banking

requirement

7

Pre-issuance - Regional Issuance

• Mid to low volume

• Pilot Program

• Install at issuer location

XYZ BANK4000 1234 5678J. Smith

One Step Process

Card Holder Data

One Step process is preferable– Issuer mange solution from

a single vendor– Simpler to operate– Only one HSM– Lower Cost Solution

8

Pre-issuance - Branch Level

XYZ BANK4000 1234 5678J. Smith

One Step Process

ORCard Holder Data

XYZ BANK4000 1234 5678J. Smith

Two Step Process

Card Holder Data

P3™

• Functionalities of P3™ is provided in the branch level

• Simpler integration to branch system

• Functionalities of P3™ is provided centrally

• Issuer key pair remains at one location

9

Post Issuance

Dynamic Post Issuance • At merchant, home, etc…

• Anywhere, Anytime

• Via PC, or POS terminalFunctionality of P3™ needs at the central system

Internet, Network etc..

Card Holder Data

P3™

Issuer Central System

10

Future of Issuance anywhere, anytime, with easy access

wireless Internet

Issuance Issuance GatewayGateway

wired

Banks & Processors

issuance

Point-of-sale

Pagers & PDAs

Personal Computers

Point-of-sale

Telephone Networks

Point-of-sale

11

Summary• Pre issuance (initial issuance)

– Centrally in a service bureau– Bank Regional Center– Bank Branches

• instant issuance– Many different options to provide the

functionalities of P3™ • Local banking regulation may be a consideration

• Post issuance– PC via Internet access– POS Terminals

• Wired or wireless• IP Terminals