Online and Digital Identification, Securing Web 2.0, PKI and Digital Certificates

Smart card vulnerability, license fees and patent law

Monday, May 4, 2009

Cryptography Research wins legal battle against Visa and licensees begin to sign


by Chris Corum, Executive Editor

I met Kit Rodgers from Cryptography Research in 2004 when his company announced its intent to license the countermeasures that protect smart card chips from a specific attack called Differential Power Analysis (DPA). He passionately argued that it was time for the chip and card manufacturers to pay up for the security measures his colleagues had developed in the late 1990s. Indeed the patents had just recently been issued and Cryptography Research was preparing itself for battle.

As I wrote my initial article on the topic, A new license fee for every smart card? January 2005, I was pessimistic of their chances to prevail. It seemed to me like David vs. Goliath and Goliath and Goliath and Goliath … a relatively small San Francisco-based team of mathematicians and electrical engineers were going to convince the card associations, the semiconductor industry, card manufacturers and maybe even end issuers that they should send them money every time they made a smart card. Sure they were.

There are 1339 words in the rest of this article …

Library Access Required

Library subscribers have access to the full archives of more than 10,000 original news items and feature articles published by AVISIAN’s suite of ID technology publications (ContactlessNews.com, CR80News.com, DigitalIDNews.com, FIPS201.com, NFCNews.com, RFIDNews.org, SecureIDNews.com, and ThirdFactor.com).

For just $49, you receive unlimited password-protected access to content on all of AVISIAN’s sites for an entire year. Your subscription helps fund the continued creation of independent, insightful content. Find out more.

Sign in as a Subscriber

If you are already a subscriber, you may sign in now. Enter your Email Address and Password and click Sign In.

Email Address →
Password →
Action →

If you have forgotten your password, enter just your Email Address, and click Send Password.

Email Address →
Action →
Related Articles
Evolution of the Identity Credential: The Electronic Driver License

By Neville Pattinson, vice president for Government Affairs and Business Development at Gemalto

The identity credential in the United States is evolving and it’s not hard to see why: the number of exposed identities in 2011 increased by more than 40% since 2010, from 16 million to 23 million, according to the IDTheftCenter.org. The Privacy Rights Clearinghouse tracked 535 breaches involving 30.4 million sensitive records in 2011 in the U.S. alone. That’s a conservative number because many states don’t require breaches to be reported.

read more »
Audio from December 7 IAB meeting online now

The December meeting of the influential Government Smart Card Interagency Advisory Board (IAB) was recently held in Washington D.C. FIPS201.com was on hand to cover the event and has provided, as a service to the IAB and the smart card community, an audio recording of the presentations. Click on the link below to access a list of audio and accompanying PowerPoint slides (in pdf format).

read more »
Wisconsin university offering free voter ID cards

With many states requiring voter ID cards, and if you’re a student, proof of enrollment, some colleges are offering students free cards that will enable them to vote.

read more »
OTI granted U.S. patent for contactless 'Smart SIM'

On Track Innovations has received a U.S. patent for adding contactless capability to existing mobile handsets through contactless SIM technology.

U.S. Patent No. 8,090,407, aka “Contactless Smart SIM,” covers the capabilities necessary to turn existing mobile handsets into NFC-enabled devices through the use of a SIM card and a specifically designed antenna, all while keeping the phone and operating system “fully agnostic,” says OTI.

read more »
U.S. government settles smart card infringement case

The U.S. government has settled an infringement case with Leighton Technologies by agreeing to license its smart cards.

Leighton Technologies, a subsidiary of General Patent, filed a case against the federal government in the U.S. Court of Federal Claims in January 2010. Leighton alleged that 54 federal agencies used its six smart card patents without authorization. Leighton’s technology was also used in e-passports.

read more »
Malware attacks smart cards

A variant of malware called Sykipot is circulating that purportedly enables it to hijack U.S. Defense Department Common Access Cards and Windows smart cards, according to Alien Vault Labs. This variant, which appears to have been put together in March 2011, has been seen in dozens of attack samples from the past year.

read more »

Copyright © 2012, AVISIAN, Inc. All rights reserved.