Ideally, the reader should run the banking application itself (to assemble the order in the right format).
SMART CARD READER KEYBOARD CODE
When you go down the road of "host computer is potentially hostile", you normally end up with the idea that the smart card reader should have its own keyboard and display, so that it may show you what you are about to sign, and makes sure that your PIN code goes to the card only. Since you do not trust the host computer, you need an extra display. You then want to be sure that what the card sees and signs is indeed the payment order you believe. Because when you use the smart card to perform a payment, the card "authenticates" the payment order (with some operation that the bank will accept as valid this could be a MAC You would not be at the end of your worries, though.
the LED turns green when key presses are sent to the smart card).
SMART CARD READER KEYBOARD MANUAL
Therefore, your special keyboard, if it exists at all, should have a manual switch or at least an indicator LED which the OS cannot override (e.g. But you do not trust the host computer (that's the point of the discussion), so you cannot trust it for actually sending this command.
You could imagine a specific command sent from the computer, which tells to the keyboard: "now, key presses should be sent to the smart card, not to me". The keyboard, by itself, won't be able to guess whether you are about to type a PIN code. For your PIN entry scenario, you not only need the key presses to be sent to the smart card, but you also want the same key presses not to be sent to the operating system. When a keyboard is plugged in a machine, then the operating system on that machine is made aware of every key press and key release event, and the OS maintains the knowledge of which key is pressed at any time. The problem with what you ask for is about sharing the keyboard with the OS.
0 kommentar(er)
