|
Written by Robo
|
|
Sunday, 16 August 2009 20:46 |
The "Chipknip" is an electronic payment system used in the Netherlands since the late 1990's. It uses a smart card that can be loaded with money from special terminals located at bank offices, which can then be used to make small payments. The Dutchies never really got the hang of this system, and much of the infrastructure saw little use for several years. Recently however, many vendors have embraced the Chipknip as a specialty payment system for use in unmanned locations, such as parking meters and vending machines, and it's become reasonably successful in this role.
This is all the average user ever sees of their Chipknip. These metal contacts are standardized by some ISO document, and are used by lots of different smart cards around the world.
A composite image of the chip inside. We can immediately see that it contains lots of memory: two large blocks at the top, a big one on the lower right, and a smaller one next to that. Most probably, one area contains ROM that tells the processor what to do, another houses the RAM that the chip uses when it's working, and one part contains EEPROM that stores the amount of credit and other dynamic information. The actual processor is located mainly on the lower left.
There is some sort of chip ID number here, "K460A". A web search shows that this is an ST19SF08CE, made by STMicroelectronics. Not much information is available about this chip, other than a spec sheet that tells us that it includes an 8-bit CPU, 32 kB of ROM, 960 bytes of RAM and 8 kB of EEPROM. Which pretty much confirms what we saw in the picture above.
Here we find that it was indeed made by ST. Also note a security feature: most of the chip is covered with a layer of metal, etched into a wavy pattern. This obscures most of the features of the circuits below. You can still see some of the interconnections, but not enough by far to determine what the circuits are doing.
Here's a close-up of these wavy things. Note how you can make out some straight lines below. These are the top layers of interconnect metal. If you'd really want to see what's inside the circuits, you'd have to grind away the wavy pattern. That's quite a challenge, because it's only a fraction of a millimetre thick, and the layers below it are even thinner. Still, it is possible if you have the right equipment. Equipment that costs millions, far more than you'd ever be able to earn back by using a hacked Chipknip.
In another corner, we find a couple of serpentine resistors sitting underneath the security barrier.
|
