Exclusive Interview with Mr. Bernard Chiang, General Manager BU Asia, LEGIC
Nowadays the 13.56Mhz contactless smart cad and RFID application is the most mature sector, the contactless IC card are warmly embraced by the customers and system integrators with its high capacity, high reliability and anti-counterfeit security, easy to use, long durance. RFID standard ISO14443 and ISO15693 already published, meanwhile the security request from customer is more and more critical. Both the security and standard are the two main issues in IC card application, the contactless IC card security becomes the most focused topic. So we had an interview with Mr. Bernard Chiang, GM of Asia Pacific region in LEGIC, which launched the world first 13.56MHz contactless smart card platform.
Reporter: LEGIC won a great reputation in the global market as the dedicated 13.56MHz contactless technology platform provider, could you please generally introduce your company? And when did your company started to care and enter China market, which partners did you find in China market?
Mr. Chiang: LEGIC Identsystems founded in Swiss in 1990, and launched the world first 13.56MHz high security contactless smart card technology platform in 1992 as the reliable platform for customer. LEGIC set up Representative Office in China in 2000, as the first cooperation and most important step, LEGIC built the partnership with Shenzhen transit operators in 2001.LEGIC also held forum routinely to build win-win result between partners' network and educate them with the up to date technologies. The earlier partners of LEGIC are Shenzhen Coson, Shanghai Vitlon, Shenzhen Kenluck, Shenzhen LiHe, Beijing Intcard, and the partners number also increased with business growing.
Reporter: Now there are also some other vendors provide the 13.56MHz contactless technology, such as NXP, TI, Inside, What is your advantage, and how about your market share?
Mr. Chiang: first of all, LEGIC has the unique password management solution which is ignored by other competitors, second we also have special advantages apart from the normal HF advantage, such as:
Security: LEGIC's product has a very high security. LEGIC offers two different authorization methods, one is used during initialization, the other is used in application data access. ( other technologies use same authorization in both password and application data access, thus can be easier crack comparatively.
High capacity: LEGIC offers different data space from 128 bytes, 256 bytes,1K bytes, 2K bytes and 4K bytes, can be used exactly to meet customer requirement. Memory waste is minimized no capacity waste.
Multi sectors mechanism: the sector of LEGIC card is dynamic instead of static, and different sector size can be configured for different application request. Some vendors can only provide fixed size sectors, this will limit costumer flexibility, sometimes waste the memory space, but LEGIC can offer 127 tailored sectors at most.
Key protection: Each sector in LEGIC's chip is managed and initialized with LEGIC token mechanism, this is the most outstanding feature of LEGIC product, it is called master token system control (MTSC).
LEGIC first provided highest security transit card in Europe. We can see the European domestic market also preger high security technology. In most Europe countries, LEGIC has won the overwhelmingly market share. Such as in German, LEGIC's market share is nearly 70%. In fact there is less usage of other technologies in Europe, even have that must be less than 50% environments without any critical security concerns. On the contrary to the situation of Mifare dominated China market, people in Europe countries is more likely to accept LEGIC. Such as BMW, AirBus, VW, UBS ordered their global branches to use LEGIC technology. It is also worth to mention that the 2004 Athens Olympic Game also used LEGIC in all the venues and related facilities. LEGIC is playing a leading role in German, Italy and Swiss market, since the "security" and "flexibility" are the key factors.
Reporter: The RFID in 13.56MHz is already mature, and widely used in transit, parking, ID. Could you please introduce your expertise solution in this field?
Mr. Chiang: In order to prevent the security issues, LEGIC's MTSC does not use password, but uses the patented LEGIC MTSC, to offer the thorough security control and ensure the customer usage safety. The security of this system not only relies on the two different authorization methods but also on the different token will be used in initialization process. With this double layered mechanism, the system will be more secure. That's why a lot of high security applications selected LEGIC. This system has been implemented more than 50000 sets worldwide. The customers believe the security can be controlled by themselves with the help of LEGIC MTSC.
LEGIC's MTSC uses a special featured contactless smart card as the token card with the globally unique password and gene code. The sub-token can be programmed to 3 different kinds of authorization card: IAM, SAM and GAM with different functions. For example, the IAM is for card initialization authorization; SAM is used for system reader and GAM is used for general authorization to generate next level of sub-token. Due to the different functions of the IAM and SAM token, if either one of them is missed, the system can not run properly.
Additionally, the access right of each generated sub token can be controlled, such as either the sub token can generate the next level sub token or to self produce the same level sub token can be easily controlled. And thus the whole token system is under properly control. This function is more important in auto vending machine and electronic toll collection systems where the control right need to be transferrred to the terminal in a safe way. In these systems more security technology is needed to avoid system security risk.
Every kind of end user and product supplier can obtain a token with gene code to assure the generated cards are unique with each other. With this mature card and reader unique authorization gene code it is impossible to duplicate the generated card, so as to achieve the high security and password protection.
To add new card into the system or to authorize new reader, the LEGIC token is needed. The security is from the token which contains the authorized access to the card data. The password will be transferred to the card and reader during initialization and authorization.
Since the mutual authentication between card and reader, plus the unique inherited gene resided in the token, and the token can not be duplicated, any terminal user and supplier with different scale can obtain their token with gene code and the generated token must be unique also. The end user will never experience the trouble to manage the key, simply control your token and the generated sub token then everything is under your control.
Reporter: In the past years the domestic contactless smart card application mainly focused on multi applications, the low value payment based on transit card has been widely piloted. Please provide some expertise suggestion and comments to this.
Mr. Chiang: Some domestic applications with offline data management between contactless front end and back end. Software developers are also very important, the future application focus maybe in NFC service. I here recommended the domestic customers to study the mature applications, to find out where is the application's key point and how many functions needed based on their own requirement. In contactless payment application the data exchange is an area with some problems, the data processing time and transaction accurate need to be improved.
Reporter: NFC as the new emerging mobile payment method is increasingly attracting the customer, this is a new market. Do you involve in NFC market also? How do you think about the NFC future in China? There are lots of security issues in mobile payment, does LEGIC have any standards to guarantee the transaction security?
Mr. Chiang: Yes, NFC is the trend of modern smart card development, and more and more users and enterprises showed their interests in NFC, LEGIC Swiss headquarter already put NFC technology into the agenda, there are some NFC pilots in China now, this is good to the new technology and the new market in China. But there are some barriers in NFC promotion, such as too many parties will be involved, and the NFC mobile phone cost is too high, as well as the acceptance sites is limited.
Reporter: Finally could you please make a forecast of domestic contactless market, and your next 3 years development plan in China market?
Mr. Chiang: Contact and contactless smart card leverage different pros and cons due to their usage environment and information exchanged. The advantages of contact IC card lies in security performance, the contactless IC card is convenience to but the security is not as high as the banking sectors required. Multi application is the endless pursue of smart card industry, so the dual interface card combines the contact and contactless advantages will become the hot choice either now or in the future. LEGIC will show actively in exhibitions and promoting events, meanwhile emphasize the coordinated development with current partners.