Document Layout This document is meant to serve as an introduction to our contact less smart cards The goal of this document is to provide the necessary background detail for the reader in order to be able to answer potentially interesting questions by a journalist The hope is that once the readers has perused through this document he she shall have sufficient information and training to answer any further queries We first detail the usage of smart cards in typical scenarios It is important for the reader to familiarize himself with the current usage models of smart cards and understand how does our product differ from existing RFID or smart card technology This is important to understand because many naive concerns people have are based on an unfamiliarity of the technical details of these technologies We then outline the security details of our contact less smart cards and it is imperative that the reader understands this section well Most potential questions are expected to be in the realm of security and the misuse of such technology We also present a section that compares RFID technology with our product since this is another realm of potential concern There is significant concern over the misuse of RFID or its lack of privacy that fuels speculation and significant business decisions It is important for one to understand the differences and how is it that we offer addition security Finally we present a section that is devoted almost entirely to a few questions and answers on the material presented The idea is to be able to assimilate this material and then use it to answer questions We repeat important points concerns in this document in an effort to drive home the point to the reader Please treat such issues as potential questions on the interview What is our product We are selling a unique product that is a secure contact less smart card It is born out of the synthesis of RFID s mobility features the computable power of smart cards cryptographic and biometric techniques for security In our pilot programme the aim is to deploy these cards as stored value cards in amusement parks in an effort to enhance consumer experience Our cards will only function when used in extreme close proximity of a reader The cards have very little memory capabilities and they do not store a history of transactions on them An an effor to improve security the owner s finger prints are read bio metrically and then used to generate a unique signature that is used in all transactions These stored value cards can be credited value at various kiosks around the park These kiosks can also be used to check the balance credit on a card Smart Card Usage Currently smart cards using contact less technology have been utilized as stored value holders for many major metropolitan areas worldwide 1 Many of these cards are used mainly for mass transit however in some locations they are gaining significant ground as a form of electronic money Hong Kong s Octopus card was launched for use in mass transit in 1997 and is today being used for other forms of transit such as car parking lots and meters vending machines retail purchasing including convenience stores and supermarkets and more 2 Japan has a few such cards in place for the countries various mass transit and light rail systems and Suica the card used in Tokyo and the surrounding areas has begun to be used for vending machine and station retail purchases as well Both Octopus and Suica use Sony s FeliCa RFID technology 3 which allows power to be induced from the reader and utilizes the computing power of the smart card s microprocessor to perform mutual authentication and provide for a much better level of security than most passive RFID systems Adoption in these areas suggests that the trend towards electronic money by use of stored value smart cards will likely become attractive to other areas particularly cities with the card infrastructure already in placed for mass transit Within an amusement park or resort such a card could be used effectively for stored value electronic currency access and identification Stored value would eliminate the need to fumble with currency and speed check out times at POS terminals and many hotel rooms use magnet strip access cards and the shift to contact less smart card would provide marginal convenience to the patron A card could have age programmed in for things such as alcohol purchasing allowing a patron to leave their wallet in their suitcase Within an amusement park or resort the security risks for such a card should be further diminished While utilizing such a system in a major city requires that cards be kept by individuals for long periods of times the natural turn over of cards within a closed system such as a resort would make it possible to refresh information and programming such as encryption algorithms on a periodic basis to help prevent against fraud Privacy concerns at a resort tend to be less significant than at home patrons are staying in hotels not their houses and are expecting more in terms of services While a mass transit card allows an individual s movement over the course of a normal day to be monitored patrons at a resort should be less worried about such information It seems likely that someone on vacation would be willing to trade off the privacy of location data for the services that could come along with doing so for example if a patron goes to the beach the hotel provides fresh towels and more sunscreen upon their return To further diminish privacy concerns cards could have a reasonable opt out for patrons such as carrying cash Security Unlike the range of RFID chips which are able to be read from long distances contact less smart cards operate only up to approximately 10 centimeters Contact less smart cards support many security features to ensure the integrity confidentiality and privacy of information stored or transmitted which is possible because of the on board microprocessor a feature that is not available using traditional RFID tags Security features on our smart cards include but are not limited to the following Mutual authentication A reader must perform a secure handshake with the smart card before the smart card securely sends encrypted data to the reader This encrypted data helps to prevent eavesdropping as cryptographically strong random number generators on the smart card can dynamically change keys preventing third party interception attacks Smart cards are incredibly difficult to