Most personal electronic devices entail wireless communication. A cellular phone can reach a communication tower several kilometers distant. This is an expensive operation in terms of electrical consumption, but it is not an operation that requires the secure core. However, we see more and more applications where the cellular phone is used to effect payment. For example, as a means to pay for public transport, when getting to the turnstile the cellular phone can be placed close to a sensor on the vehicle door. An exchange then takes place between that equipment and the personal electronic device, payment is made and the door opens. This is not done with the same communications means as those used by the phone to reach the communication tower, but rather by a much weaker radio frequency channel that can reach only a few centimeters. Since we are effecting payment, this function is obviously one for the secure core. Actually, the standard configuration for this operation is to put the secure core in charge of the financial transaction itself and of the coding of the information to transmit. The antenna and its controller can be located in the personal electronic device, external to the secure core.

When the secure core is not attached to a personal electronic device, but to a passport, it is directly attached to an antenna embedded with the secure chip inside the cover of the passport. In this case, as we have previously noted, the secure core is powered by electro-magnetic induction. Similar to the case of using a cellular phone for payment of transport, the passport’s communication capabilities are very short-range; also a few centimeters. While dictated by the small amount of energy available, the limited distance is a factor of trust; the same that make us speak softer when we confide a secret to someone.

As we’ve seen, secure cores need to be protected in order to limit as much as possible access to their electronics. Therefore, secure core have two pieces: the body and the chip. The substrate of the body is typically a plastic frame with some generic printing. A receptacle is carved in the plastic to receive the chip and its contacts. Inside the plastic, it is also possible to have an antenna for contactless communications directly from the secure core. The size of the antenna can vary depending on the type of transmission used. As we have noted, the chip can be treated in various manners for protection against intrusion. Finally, once the chip completes the basic set up then various markings can be added to the card body to personalize the card. Each assembly of plastic plus chip is made unique by marking the plastic in ways that can be very difficult to alter; for example by a combination of embossing, indenting, laser and thermal marking, holograms and other means to identify the secure core with its owner and institutions vouching for the owner. An obvious example of such is the issuer logo and hologram on a credit card. This effectively says, “Trust that I, the bank, will pay you, the merchant, if the owner, whose name is also on the card, will sign in front of you.” In parallel, the same operation of personalization is done with the chip. Inside the chip are digital certificates for the banking institution vouching for payment, along with coded information giving the references of the owner. So, we see that the source of trust is two-fold: it comes from the physical markings on the secure core body and from the corresponding digital marking on the secure core chip. Henceforth, the trust in the physical and digital domains follows a similar path. There is no better way to illustrate that human and computer networks use the same mechanisms. We are not seeing anthropomorphism at work here. We are seeing an actual identity exchange between human and computer trust foundations, which is in retrospect not surprising, since the computer is acting on the behalf of the human.

As with inter-human comparisons, a most important difference between run-of-the-mill computers and secure cores is their upbringing. Secure cores must be both inexpensive and secure. Additionally, they need to be personalized. This puts important constraints on their manufacturing and distribution. To give an idea of how important this is to the trust imbued to the secure core, consider that it is common for large purchasers of secure cores to request a tour of manufacturing

Book available at Midori Press (regular)
Book available at Midori Press (signed)
Book available at Amazon (regular)