Free Essay

Smart Card

In:

Submitted By snowdee
Words 1254
Pages 6
Smart Cards for Future Healthcare Systems
Secure, efficient, reliable

Card-based e-health networks: cutting costs and improving care
All around the world, news­ paper headlines warn about the exploding costs of health­ care. Advanced medicines and technology are boosting life expectancy. As a result, people can now look forward to living past the age of 80 – twice as long as 100 years ago. This trend, however, has the side effect of driving up healthcare costs. As people get older, they need more frequent and more expensive care, causing the price of insurance to skyrocket. Clearly, something needs to be done to contain these costs. A number of countries have implemented conventional measures aimed at saving money. One of the most basic measures is the introduction of card­based e­health net­ works, which can help reduce costs remarkably. Card for physicians and phar­ macists, and a Card Application Management System (CAMS). Patient Data Card The Patient Data Card is a PIN­protected smart card incor­ porating a microprocessor and protected by cryptographic functions. It contains adminis­ trative insurance information and entitles patients to seek medical treatment. In turn, the patients give their doctors access to their personal medical data, which is stored either on the card or in the e­health network. The card can also hold information such as elec­ tronic prescriptions.

How to cut healthcare costs
1. Reduce fraud 2. Streamline administration 3. Improve communication 4. Enhance quality

Every project carried out by Giesecke & Devrient (G&D) has shown that efficient card­ based e­health networks have three main components: a Patient Data Card for the in­ sured, the Health Professional

2

Health Professional Card The Health Professional Card is a person­specific ID with a picture used by physicians and pharmacists. Like a key, it allows the holder to “unlock” patient data stored on the card and/or in the e­health network. It comes with an electronic signature for use on electronic documents such as e­prescriptions. Card Application Management System (CAMS) It takes a powerful e­health network to introduce a health­ care insurance card system. Naturally, this platform includes physical components such as cards, kiosks, card readers, and computer servers. However, it also contains a card applica­ tion management system to monitor the cards as they are being used and their contents updated.

G&D’s CAMS provides issuers with end­to­end lifecycle management for the cards – from initial data collection and personalization to cancellation at the end of the lifecycle. It supports patient data updates, card renewal, and the upload­ ing of new applications using an online connection over a high­performance network. Using one system to manage these tasks for millions of card­ holders keeps costs down.

G&D’s CAMS consists of the following modules
• Card management system • Data preparation • Application management • Post­issuance personalization • Key management

3

Tailored approaches for local requirements
Card issuers may also add optional applications, such as emergency data, health records, electronic signature, or bonus programs. Germany’s e­health card project is being managed primarily by a commercial enterprise established by leading health­ care industry organizations. Together, they are working to successfully roll out more than 72 million Patient Data Cards. Benefits of Germany’s new system: • Considerable reduction in fraud, thanks to the inclusion of a photo and online verifi­ cation of the card’s validity. • Improved communication and information­sharing by eliminating media disconti­ nuity in prescriptions. Germany In 2006, the German Parlia­ ment passed healthcare modernization legislation that required the introduction of Patient Data and Health Professional Cards. The law defines the electronic Patient Data Card in detail: it contains a photo of the insured person printed on the front, the holder’s basic data (printed on the surface and stored in more detail on the chip), and on the reverse side, the man­ datory information according to the European Health Insur­ ance Card (EHIC). • Decreased occurrence of adverse medical interactions by providing medication history. Expected to save more than 500 million euros annually and cut down on the number of accidental deaths resulting from cross­ over reactions. • Reduction of administration costs e.g. by automatically updating copayment status information.

4

The dangers of medication crossover reactions
Clinical drug tests usually focus on the medicines themselves. In the field, however, drugs might be taken in combination with other medications. If the drugs react with one another – a “crossover reac­ tion” – they could produce unde­ sirable side effects. International studies have concluded that more than 500 million euros could be saved annually by introducing a detection and warning system for crossover reactions.

The card´s operating system and memory will make it easy to upload applications in the field later on. Detection of medication crossover reactions will be incorporated for several test regions. To unleash its full potential, the card must be connected online to a back­ ground system. Switzerland G&D has been supplying Swiss Post with chip modules for Switzerland’s health insur­ ance cards since the start of 2010. System architecture and application scenarios in a PKI environment have been key focal points here. The total project volume is seven million cards, issued over a seven­year period. Products and solutions devel­ oped by G&D for the German healthcare market formed the basis of this project, ena­ bling smooth and rapid imple­ mentation. These included the smartcard itself, the card application management soft­ ware (CAMS), and essential

Austria The Main Association of the Austrian Social Insurance Institutions introduced a healthcare smart card dubbed the “e­card”. G&D won the contract for the entire project: design, development, issue, and introduction of the per­ sonalization and lettershop system for all chip cards with a minimum service life of 7 years. G&D produced and shipped 8.4 million Patient Data Cards for the insured and 30,000 Health Professional Cards within a period of 6 months. Rolled out from 2010 on­ wards, these cards belong to the third e­card generation. The e­card can generate elec­ tronic signatures and be used as citizen ID card.

software components for PCs (middleware). The chip modules were used in their certified form as ap­ proved by the German Digital Signature Act (SigG/SigV).

5

G&D helps find the right solution for card-based e-health networks
As these examples show, there is no one­size­fits­all solution. Each approach is very different and must be adapted to local requirements. As a capable partner with extensive experi­ ence in the e­health network sector, G&D can execute largescale projects from start to finish. We provide initial consultations to identify the ideal design with you. G&D can provide a turnkey solution as the general contractor, handle ongoing system oper­ ations as an outsourcing part­ ner, or supply components as a vendor.

System architecture of a card-based e-health network

Doctor’s office

Secure health network

Healthcare provider
Issue

Pharmacy

Status inquiry, directory services, card database Security transaction and other services

Status inquiry • E-prescription • Medication log • Referral letters • Electronic patient health record

Health Professional Card

Certificate authority

Health insurer
Issue

Hospital
Patient Data Card Card Application Management System

6

Giesecke & Devrient GmbH Prinzregentenstrasse 159 P.O. Box 80 07 29 81607 Munich GERMANY
RDN 11/11 E 1000 Art.­Nr. 2886240

Phone: +49 (0) 89 4119-18 37 Fax: +49 (0) 89 4119-27 78 health@gi-de.com www.gi-de.com

© Giesecke & Devrient GmbH, 2011 All technical data subject to change without notice.G&D/GAO patents.

Similar Documents

Premium Essay

Smart Cards in Healthcare

...Module 3 - Smart Cards Module 3 - Smart Cards Kari Wachs Grand Canyon University: HCA - 360 November 19, 2011 Module 3 - Smart Cards Smart card technology is becoming commonplace in todays society. Smart cards are also referred to as chip cards. The smart card is a plastic card that contains an embedded computer chip that stores and transacts data (Smart card basics, n.d.). The computer chip could function strictly as memory or as a microprocessor depending on the intended use of the smart card. “The data is usually associated with either value, information or both and is stored and processed within the card’s chip” (Smart card basics, n.d.). Smart cards are being used in several different markets currently in the United States. European countries have been utilizing smart card technology for almost three decades. (Smart card basics, n.d.). The Smart Card Alliance is a group of businesses that have a vested interest in the adoption of smart card technology. The Smart Card Alliance’s mission is to help the forward momentum of the use of smart card technology in health care in the United States (Smart card alliance, 2007). Europe initially used the smart card as a tool for reducing theft at pay phones. Their use has advanced tremendously over the last three decades. They are used for credit purchases and for record keeping instead of paper (Smart card basics, n.d.). In the United States, smart cards are being used by consumers in many ways. Several states...

Words: 1022 - Pages: 5

Free Essay

Smart Card

...all the banks in Kuwait use the smart cards instead of the regular credit and debit cards. A smart card resembles a credit card in size and shape, but inside it is completely different. First of all, it has an inside -- a normal credit card is a simple piece of plastic. The inside of a smart card usually contains an embedded microprocessor. The microprocessor is under a gold contact pad on one side of the card. Think of the microprocessor as replacing the usual magnetic stripe on a credit card or debit card. The microprocessor on the smart card is there for security. The host computer and card reader actually "talk" to the microprocessor. The microprocessor enforces access to the data on the card. If the host computer read and wrote the smart card's random access memory (RAM). The Smart Cards provides unlimited benefits to the customers, and its used recently almost in every organization and the business benefit from implementing the smart card. The most common smart card applications are: Credit cards Electronic cash Computer security systems Wireless communication Loyalty systems (like frequent flyer points) Banking Satellite TV Government identification Advantages and Disadvantages: Advantages: 1- Flexibility: Smart cards have a lot of flexibility. They can store multiple types of information including identification, credit cards, business and family contacts. 2-Cost and Availability: Smart card readers are expensive to produce...

Words: 881 - Pages: 4

Premium Essay

Smart Cards and Electronic Cash

...Electronic Cash and Smart Cards CMPS / ECBU 410: Management Information Systems Prepared by Joanna Carey Fall 2012 Instructor: Dr. Seta Whitby Table of Contents I. Introduction II. Body III. Advantages/Disadvantages of Electronic Cash & Smart cards and paper based currency IV. Conclusion V. References Introduction This research paper will closely investigate the relative importance between electronic and paper-based payments across the world. Although electronic payments are becoming more popular and easy to use, numerous surveys for payment instruments have shown the pace of change from an established payment method to a new payment method to be considerably slower than industry predictions. The movement to electronic payments and smart cards has been slow and has focused primarily on credit cards at the point of sale because bank emphasis is on expanding loan revenue and a historical reliance on checks which provide users with short-term credit. As technology continues to evolve the use of paper currency is becoming more obsolete. Although the modernization of digital money is changing into forms that don’t directly connect our electronic payments to our private information, such as smart cards, the transition into “cybercash” is still in the premature stages of development. This paper will highlight the advantages as well as the disadvantages...

Words: 1387 - Pages: 6

Free Essay

Multiservice Smart Cards

...a single smart card to be used for multiple services has been around for years. Instead of using separate access devices for different services, a user can access multiple services from different service providers by a single smart card. For example, a user can use the same smart card to log on to a remote server system, enter a secure building, and perform a financial transaction. This kind of design frees people from carrying many cards, bringing users the great convenience and at the same time saving resources and costs by manufacturing and managing less volume of cards. Therefore, multi-service smart card systems exhibit a high potential for economic and social benefits. Such a system is even more convenient if only one pass- word is used for each card so that users do not need to remember and cope with many passwords. 1.1 MULTISERVICE SMARTCARDS A smart card, chip card, or integrated circuit card (ICC), is any pocket-sized card with embedded integrated circuits. With a single card, and a single administration tool, organizations from government, to industry to academic institutions can deliver an array of personalized credit and loyalty-based services to their users, while generating comprehensive reports, and maintaining strict controls on usage. These cards can offer multiple applications such as: * Credit cards : These are the best known payment cards (classic plastic card): * Financial : Smart cards serve as credit or ATM cards, fuel cards...

Words: 4969 - Pages: 20

Free Essay

Energy Meter

...problem associated with billing consumer living in isolated area and reduces deployment of manpower for taking meter readings. Every consumer can buy a memory card (is nothing but an EEPROM IC) with a password stored inside it using a MC program. The memory card is available at various ranges (ie. Rs 50, Rs 100, Rs 200 etc).In our project we have given the name for memory card as smart card. When the consumer insert a smart card into the card reader which is connected kit.Then the card reader will read the stored information and delete the information from the EEPROM IC(smart card) using the MC program. So that the smart card cannot be reused by others. Suppose if a consumer buy a card for Rs.50/- he / she can insert this amount through the card reader so that prepaid energy meter with tariff indicator kit will be activated. According to the power consumption the amount will be reduced. When the amount is over, the relay will automatically shutdown the whole system. In our project we also have a provision to give an alarm sound to consumer before the whole amount is reduced. You can also find the Card programmer circuit and program from the download. So that you can easily create your own cards. Here's the procedure to create the cards. How to program a new card. For making a unit price card for Rs 2.50 1. Insert the card into the Programmer 2. Dial 1*0250# The format is 1 for unit price * for start process - Higher digit of the unit price - lower digot of the unit price...

Words: 2185 - Pages: 9

Free Essay

Chapter 6 Review Questions

...1. You are preparing to implement smart cards into your organization for all users. Which Windows Server 2003 service must you install in order to support smart card authentication? A: b. Certificate Service 2. Based on strong password characteristics, what is wrong with the password TiGer01? What would you recommend changing to make this password stronger? A: Do not use a full dictionary word, make it at least 8 characters, and add a symbol/special character to the password. 3. One of your employees is unable to gain access to the network because she left her smart card at home. Keeping in mind that your network has fairly high security guidelines, which of the following choices is the most secure solution for this situation? A: d. Create a temporary smart card for her with a certificate that expires at the close of the business day. 4. You are the main administrator for an enterprise environment consisting of four domains in separate locations. Your network is becoming increasingly difficult to manage due to the number of users in separate geographic locations. Each location has people who are willing to learn to maintain their part of the network. In addition, as departments grow, you want each department to have control over their user accounts and resources. The CEO has asked you to come up with a plan to set up decentralized administration. What will you include in your plan? A: Delegation of control to each admin of each sub-domain, Standardized...

Words: 425 - Pages: 2

Free Essay

Final Paper

...THE ART OF CYBER WAR — ASYMMETRIC PAYOFFS LEAD TO MORE SPENDING ON PROTECTION 151 As Physical Security Converges With IT Security and Becomes More Network-Based, Can Cisco Compete? Cisco recently introduced new video surveillance IP cameras and monitoring software targeted for small businesses. As corporate security technology and services become increasingly network-delivered and database-driven, the physical security market presents a compelling incremental growth opportunity for Cisco that we believe can exceed the billion dollar annual revenue threshold in the next 35 years. The physical security industry has been undergoing a paradigm shift toward convergence, whereby previously disjointed functions of IT security and physical security are experiencing greater formal cooperation. Organizations continue to implement more IP-based video surveillance cameras and building access controls both to upgrade capabilities and to reduce operational costs. Deploying IP-based security upgrades capabilities and reduces operational costs. Through the IP network a security system can assign priority to data and automatically discover new nodes such as IP cameras and control sensors, eliminating the time and effort of manual provisioning. Shifting building access controls from isolated networks to existing IP networks that house data, voice, and video can improve incident detection and assessment, authenticating both the user and device to provide efficient integrity checks. • Video...

Words: 10724 - Pages: 43

Free Essay

Term Papers

...The Smart Card Detective: a hand-held EMV interceptor Omar S. Choudary University of Cambridge Computer Laboratory Darwin College June 2010 This dissertation is submitted for the degree of Master of Philosophy in Advanced Computer Science Declaration I Omar Salim Choudary of Darwin College, being a candidate for the M.Phil in Advanced Computer Science, hereby declare that this report and the work described in it are my own work, unaided except as may be specified below, and that the report does not contain material that has already been used to any substantial extent for a comparable purpose. The word count, including footnotes, bibliography and appendices is 14 978. Signed: Date: The Smart Card Detective: a hand-held EMV interceptor Omar Choudary Abstract Several vulnerabilities have been found in the EMV system (also known as Chip and PIN). Saar Drimer and Steven Murdoch have successfully implemented a relay attack against EMV using a fake terminal. Recently the same authors have found a method to successfully complete PIN transactions without actually entering the correct PIN. The press has published this vulnerability but they reported such scenario as being hard to execute in practice because it requires specialized and complex hardware. As proposed by Ross Anderson and Mike Bond in 2006, I decided to create a miniature man-in-the-middle device to defend smartcard users against relay attacks. As a result of my MPhil project work I created a hand-held...

Words: 10985 - Pages: 44

Free Essay

Birometric

...encountered with the use of paper passports are copying and manipulation, selling of valid passports to a third party, and counterfeit or forged passports. Due to the difficulty of discerning a real passport from a fake, agents must undergo extensive training that still does not adequately protect against these threats. One of the initial attempts to increase border security by more accurately verifying identity and preventing counterfeit passports was the introduction of e-passports, or electronic passports. E-passports are identical to paper passports with the addition of an embedded, contactless smart-card containing the same information as the visual passport, including a digital version of the photograph. The contactless smart card is a tiny microprocessor that transmits information wirelessly utilizing RFID technology over distances of less than four inches. These smart-cards utilize advanced security mechanisms to prevent alterations to the embedded data. Unfortunately, these attempts did not prevent passport abuse. In response to persistent passport fraud, biometric technologies have been employed as an additional security measure. Biometric technology is an automated mechanism that verifies or identifies an individual based on physiological or behavioral characteristics (Down and Sands 1). Physiological characteristics are related to the shape of the human body and are inherited (e.g. fingerprint, retina, face, hand), while behavioral characteristics are related...

Words: 1617 - Pages: 7

Premium Essay

Project

...Essay Week 2 Daniel Farella I.T.T. Technical Institute Author Note: This essay is being submitted on 5/9/2013 for Earl Robinson intorduction to security class. Essay week 2 * The remote access control policy consists of * Group membership  * Type of connection  * Time of day  * Authentication methods  * Advanced conditions:  * Access server identity  * Access client phone number or MAC address  * Whether user account dial-in properties are ignored  * Whether unauthenticated access is allowed  After the connection is authorized, remote access policies can also be used to specify connection restrictions, including the following: * Idle timeout time  * Maximum session time  * Encryption strength  * IP packet filters  * Advanced restrictions:  * IP address for PPP connections  * Static routes  Additionally, you can vary connection restrictions based on the following settings: * Group membership  * Type of connection  * Time of day  * Authentication methods  * Identity of the access server  * Access client phone number or MAC address  * Whether unauthenticated access is allowed  On this network I recommend a WAN network . Because the wan network is great for going cities to cities or state to state plus there are more security features that can be recommended. The physical and logical access controls are as follows Authentication Identification is usually...

Words: 348 - Pages: 2

Premium Essay

Banking

...The article presents a study which aims to analyze the role of information technology (IT) in the Indian banking industry. Indian banks are investing heavily in the technologies such as automated teller machine (ATMs), net banking, mobile banking, tele -banking, credit cards, debit cards, smart cards, call centers, CRM, data warehousing etc. It is essential to evaluate the impact of information technology on the performance of Indian banks in terms of extended value added services and customer satisfaction thereby. Foreign banks and Private sector banks which took more IT initiative, were found to be more efficient and more competent force than public sector banks in India. Based on the article, technological innovations have enabled the industry to open up efficient delivery channels. It is said that IT has helped the banking industry to deal with the challenges the new economy poses. The study examines the views of banking customers on the implementation of IT in banks. According to the author, private and foreign banks use more IT-related banking services than public sector banks. Keywords and Abbreviations: Awareness level, Banking sector, Customer Satisfaction, ITeS, Security ATM – Automated Teller Machines / Any Time Money CBS – Core Banking Solution IAM – Investment and Assets Management CRM – Customer Relationship Management GRC – Governance Risk and Compliance IDRBT - Institute for Development and Research in Banking Technology...

Words: 318 - Pages: 2

Premium Essay

Cmgt 400 Week 3

...Securing and Protecting Information CMGT 400 April 8, 2013 Securing and Protecting Information Authentication With the advances in technology, authentication has become part of our everyday lives, whether scanning your badge at work, signing for a credit card purchase, or logging into your Facebook/Twitter accounts. Authentication is the act of validating your identity while requesting access to software, purchases, or entry to a secured facility. There are four types of authentication; something you know, something you have, something you are, and something you can produce. When a service requests two or more types of authentication, it is called strong authentication, such as inserting an identification card and providing a password to access a computer workstation. “Something you know” refers to the use of passwords, passphrases, and codes or PINs. When creating a password, the user must make the decision to create a string of alphanumeric and special characters with differing cases. The longer and more complicated a password the user creates drastically reduces the risk of cracking or brute force attacks. The same password must also be something easily remembered by the user to dissuade it from being written down and stored onsite or left at the workstation. A solution to this is creating a passphrase, a common phrase or date abbreviated and linked together with special characters to create a personal passphrase difficult to crack but easy to remember. An example...

Words: 1768 - Pages: 8

Free Essay

Fnlkre; Ohanrt;

...system unit with a business user specification would be prefect for this usage. In detail, Server or PC with i5 Processor, Windows 7, a 500 GB hard drive, 4 GB of fast DDR3 RAM memory, and a LCD display. Hardware which would be even necessary would be like the finger print reader where this can used to scan and read finger print of students who want to borrow books just have to place their finger to be scanned as their details and data would appear in the monitor’s screen of the librarian. This would be necessary as scanning wouldn’t take a very long time and its even precise compared to filing data manually. The only disadvantage of using the deivce would be where if the if the finger is dirty or injured the reader cant read its print. A smart card reader would also do the...

Words: 888 - Pages: 4

Premium Essay

Failed Project Essay

...considerations and situations in which physical security measures are valuable (for example, limiting access within a facility and/or to specific assets and controls to reduce physical incidents such as fires). Security unavoidably incurs costs and, in reality, it can never be perfect or complete - in other words, security can reduce but cannot entirely eliminate risks. Given that controls are imperfect, strong physical security applies using appropriate combinations of overlapping and complementary controls. For instance, physical access controls for protected facilities are generally intended to: • deter potential intruders (e.g. warning signs and perimeter markings); • distinguish authorized from unauthorized people (e.g. using pass cards/badges and keys) • delay and ideally prevent intrusion attempts (e.g. strong walls, door locks and safes); • detect intrusions and monitor/record intruders (e.g. intruder alarms and CCTV systems); and • trigger appropriate incident responses (e.g. by security guards and police). It is up to security designers to balance security controls against risks, taking into account the costs of specifying, developing, testing, implementing, using, managing, monitoring and maintaining the controls. Physical access control is a matter of who, where, and when. An access control system determines who is allowed to enter or exit, where they are allowed to exit or enter, and when they are allowed to enter or exit. Historically this was partially accomplished...

Words: 2097 - Pages: 9

Premium Essay

Case Study

...Use Cases As an intern software developer for a retail bank, you have been tasked with developing use cases to support the ATM service. Prepare a 5-6 page paper in which you: 1. Describe (in a one to two (1-2) page narrative) a use case, complete with typical and alternate courses, that documents the event of a bank customer withdrawing money from an ATM. 2. Illustrate the use case using Visio or a similar product. 3. Describe (in a one to two (1-2) page narrative) a use case dependency for making an account deposit. Illustrate this use case with Visio or a similar product. 4. Describe (in a one to two (1-2) page narrative) a use case dependency for making an account transfer. Illustrate this use case with Visio or a similar product. 5. Identify and explain at least one (1) ethical issue that the use case exposes in connection with the development or use of the ATM system. 6. Research and cite at least three (3) authoritative academic sources Use case diagrams in ATM usage CIS210 Use case diagrams of an ATM system Use case diagrams are pictorial representations of different process involved during a specific operation. They are used in modeling real world interaction of system modules and the outside user during the systems analysis stage of software development. They are used mainly in the representation of how the software works in defining the requirements analysis. Use case diagrams in this field are used...

Words: 1140 - Pages: 5