Javacard and Its Deployment in Millions of Credit Cards and Other Devices     


Javacard and Its Deployment in Millions of Credit Cards and Other Devices - overview

Security Accomplishment | 1999

IBM researchers: Michael Baentsch, Peter Buhler, Thomas Eirich, Frank Hoebring, Marcus Oestreicher

Where the work was done: IBM Zurich Research Center

What we accomplished: Javacard enabled easy use of Java in embedded and widely deployed form factors, such as credit cards. Paraphrasing the paper below, "All Java programmers can develop smart card code that can be downloaded to cards, even cards that have already been issued to customers."

Related links:
JavaCard - From Hype to Reality" in Oct-Dec 1999 issue of IEEE Concurrency.  Additional observations:

  • Before Java cards, programming these nasty little cards was like working in the 1970s again: machine language, special debuggers, porting programs over and over again for the latest 8-bit processor, and hoping that your code didn't accidentally step on anything important in the nonvolatile memory inside the card.

    With Java card, there was less porting, much easier development tools, commonly shared code, and a standard programming language. At first, Java cards became standard in all Europay, Visa, and MasterCard smart cards. Javacard (not just IBM's) has been inside millions of smart cards and cellphones throughout the world.  

    IBM Zurich's implementation of Javacard showed the feasibility of a portable, small footprint card operating system and interpreter with native crypto. The concept has not only flourished, but is now ubiquitous and part of the fabric of international payment systems, identity cards, mass transit, passports, and road usage tax systems throughout the world.