After lagging behind Europe for years, the U.S. is starting to employ smart cards, with a number of government agencies adopting the technology. Being a late adopter has given the U.S. a different technology model, using wireless cards that can handle multiple applications.
Unlike European groups that use cards that must be inserted into a reader for a specific application, U.S. technologists are using primarily contactless cards that use Java to permit multiple applications. Many also use public key-security techniques, sometimes in conjunction with biometric markers, for entry into sites and computer systems.
That's far more sophisticated than higher volume cards used in Europe, where phone cards and transit cards are common. "The U.S. is not only starting to use smart cards, it's becoming one of the more sophisticated users," says Gilles Lisimaque, who serves on the executive board of the Smart Card Alliance (www.smartcardalliance.org). The SCA, a trade organization, estimates that about 70 million smart cards shipped in North America last year, most employing sophisticated CPUs. "Of those, 50-60 million were microcontroller cards," adds Lisimaque, a founder of GemPlus International S.A. (www.gemplus.com).
Though the North American market represents a miniscule portion of the 1.7 billion smart cards shipped in 2002, he adds that multi-application cards are typically used for years, while single-app cards rarely remain in circulation beyond a year.
Though U.S. usage is still small, it's grown substantially from practically zero a few years ago. Now, GSM phones that use smart cards are growing rapidly, and the U.S. government is moving forward with a number of programs that have been under study for years.
In government applications, as well as many others, one of the major challenges of these more »complex cards is managing the data they store. System designers must figure out what they want to store in the 32 or 64 kbytes of memory that's available on current generation cards. That was a key factor ironed out by the Department of Defense over nearly a decade before issuing 4.5 million smart cards to enlisted personnel.
"To make it work to full potential, you need software management over a long time, life to death," says Bill Holcombe, chairman of the federal government's Smart Card Project Manager's Group (www.estrategy.gov/smartgov/smart_card.cfm) in Washington, D.C. He adds that many other government agencies, including the Department of Homeland Security, Federal Aviation Administration, General Services Administration, as well as the Transportation Security Administration are also in various stages of major smart card rollouts which use multi-application cards.
That's also a challenge for multi-application cards being used by transit agencies and other entities. Users are more inclined to carry a card that pays a toll, gets them on the bus and maybe covers a cup of coffee. But distributing the funds collected at such various sites can be complex—each entity has to be sure to receive its correct amount. There can be thousands of small transactions, and making sure all the funds are distributed properly requires planning and close attention.
"It's easy to sell the card, but when you start distributing the money out the back end, to the transit and tollway agencies and say McDonald's, there seem to be more [of those financial] concerns," says Hallie Smith, public transportation consultant for the Intelligent Transportation Society of America (www.itsa.org) an Atlanta-based group that works closely with several government agencies.
Though there are still some concerns about privacy issues—for example using cards for state medical program data—most observers say they're fading as more people use cards without problems.
Proponents contend that storing data on a card can protect a person's privacy by limiting the number of times it's released in human readable form. "There are massive amounts of personal data floating about, a major issue is securing that personal information. Smart cards, if implemented with the right scheme, can protect people's privacy," says Marvin Tansley, vice president of the access, public and transportation at Axalto (www.axalto.com), the Austin, TX-based smart card division of Schlumberger.