How are memory cards and smart cards different?
Click on the arrows to vote for the correct answer
A. B. C. D.C.
The main difference between memory cards and smart cards is their capacity to process information.
A memory card holds information but cannot process information.
A smart card holds information and has the necessary hardware and software to actually process that information.
A memory card holds a users authentication information, so that this user needs only type in a user ID or PIN and presents the memory card to the system.
If the entered information and the stored information match and are approved by an authentication service, the user is successfully authenticated.
A common example of a memory card is a swipe card used to provide entry to a building.
The user enters a PIN and swipes the memory card through a card reader.
If this is the correct combination, the reader flashes green and the individual can open the door and enter the building.
Memory cards can also be used with computers, but they require a reader to process the information.
The reader adds cost to the process, especially when one is needed for every computer.
Additionally, the overhead of PIN and card generation adds additional overhead and complexity to the whole authentication process.
However, a memory card provides a more secure authentication method than using only a password because the attacker would need to obtain the card and know the correct PIN.
Administrators and management need to weigh the costs and benefits of a memory card implementation as well as the security needs of the organization to determine if it is the right authentication mechanism for their environment.
One of the most prevalent weaknesses of memory cards is that data stored on the card are not protected.
Unencrypted data on the card (or stored on the magnetic strip) can be extracted or copied.
Unlike a smart card, where security controls and logic are embedded in the integrated circuit, memory cards do not employ an inherent mechanism to protect the data from exposure.
Very little trust can be associated with confidentiality and integrity of information on the memory cards.
The following answers are incorrect: "Smart cards provide two-factor authentication whereas memory cards don't" is incorrect.This is not necessarily true.A memory card can be combined with a pin or password to offer two factors authentication where something you have and something you know are used for factors.
"Memory cards normally hold more memory than smart cards" is incorrect.
While a memory card may or may not have more memory than a smart card, this is certainly not the best answer to the question.
"Only smart cards can be used for ATM cards" is incorrect.This depends on the decisions made by the particular institution and is not the best answer to the question.
Reference(s) used for this question: Shon Harris, CISSP All In One, 6th edition , Access Control, Page 199and also for people using the Kindle edition of the book you can look at Locations 4647- 4650
Schneiter, Andrew (2013-04-15)
Official (ISC)2 Guide to the CISSP CBK, Third Edition : Access Control ((ISC)2 Press) (Kindle Locations 2124-2139)
Auerbach Publications.
Kindle Edition.
Memory cards and smart cards are two different types of cards used in various applications. The main difference between these two cards is that memory cards are used for storing data, while smart cards are used for performing various functions, including authentication, identification, and data storage.
Memory cards are generally used for storing large amounts of data, such as digital photos, videos, music, and documents. They are available in different types and capacities, ranging from a few megabytes to several gigabytes of storage. Memory cards do not have any processing power or intelligence of their own, and they are mainly used for storing and transferring data between different devices, such as cameras, smartphones, and computers.
On the other hand, smart cards are embedded with a microprocessor and are capable of performing various functions. They are commonly used for authentication and identification purposes, such as in access control systems, electronic passports, and payment systems. Smart cards have the ability to store and process data securely, which makes them ideal for applications that require high levels of security. They can also be used for storing data, but their primary purpose is to perform functions that require processing power.
In terms of authentication, smart cards provide a two-factor authentication mechanism, which involves something the user has (the card) and something the user knows (a PIN or password). This makes them more secure than memory cards, which do not have any authentication mechanism.
Finally, it is important to note that ATM cards can be either memory cards or smart cards, depending on the technology used by the card issuer. Both types of cards can be used for ATM transactions, although smart cards are generally considered more secure due to their processing power and ability to provide two-factor authentication.