SCM Microsystems Reference Manual – version 1.
Reference manual SDI011 Dual Interface (Contactless and Contact) Stationary Reader © SCM Microsystems Oskar-Messter-Strasse, 13 85737 Ismaning Germany Phone +49 89 9595 5000 • Fax +49 89 9595 5555
Document history Date Version Description of change 08/09/2010 1.0 Initial Version 11/10/2010 1.01 Add FCC warning Typo corrections Contact information http://www.scmmicro.com/products-services/smart-card-readers-terminals/contactless-dualinterface-readers.html For sales information, please email sales@scmmicro.
Table of Contents 1. Legal information ................................................................................................................... 9 1.1. Disclaimers ..................................................................................................................... 9 1.2. FCC ................................................................................................................................ 9 1.2.1. Section 15.21 Information to user ................................
5.3.3. PC/SC 2.0 compliant ATR for contactless interface ............................................. 27 5.4. Firmware ...................................................................................................................... 30 5.4.1. 5.4.2. 6. CCID transport protocol ........................................................................................ 30 Automatic PPS for the contactless interface......................................................... 31 Commands description ..........
.4. Annex D – Mechanical drawings .................................................................................. 68 7.4.1. 7.4.2. Top Casing ............................................................................................................ 68 Bottom Casing ...................................................................................................... 69 7.4.3. Stand ....................................................................................................................
SDI011 REFERENCE M ANUAL 1. Legal information 1.1. Disclaimers The content published in this document is believed to be accurate. SCM Microsystems does not, however, provide any representation or warranty regarding the accuracy or completeness of its content and regarding the consequences of the use of information contained herein. If this document has the status ―Draft‖, its content is still under internal review and yet to be formally validated.
SDI011 REFERENCE M ANUAL 10 You MAY NOT copy or distribute parts of or the entire source code without prior written consent from SCM Microsystems. You MAY NOT combine or distribute the source code provided with Open Source Software or with software developed using Open Source Software in a manner that subjects the source code or any portion thereof to any license obligations of such Open Source Software.
SDI011 REFERENCE M ANUAL 11 2. Introduction to the manual 2.1. Objective of the manual This manual provides an overview of the hardware and software features of the SDI011 dual interface (contactless and contact) reader, hereafter referred to as ―SDI011‖. This manual describes in details interfaces and supported commands available for developers using SDI011 in their applications. 2.2. Target audience This document describes the technical implementation of SDI011.
SDI011 REFERENCE M ANUAL 2.4.
SDI011 REFERENCE M ANUAL 2.5.
SDI011 REFERENCE M ANUAL 2.6. 14 Conventions Bits are represented by lower case ‗b‘ where followed by a numbering digit. Bytes are represented by upper case ‗B‘ where followed by a numbering digit.
SDI011 REFERENCE M ANUAL 15 3. General information about SDI011 3.1. SDI011 key benefits With its combination of a modern slim design and its state of the art feature set, SDI011 is the perfect desktop reader choice for environments where both contact and contactless smart card support is required. Such environments may be corporate where physical and logical access control is implemented.
SDI011 REFERENCE M ANUAL 3.3. 16 SDI011 ordering information Item Part number SDI011 905214 Contactless SDK 905124 Contact SDK 905129 3.4. SDI011 customization options Upon request, SCM can customize: The color of the casing The logo The product label The USB strings Terms and conditions apply, please contact your local SCM representative or send an email to sales@scmmicro.com.
SDI011 REFERENCE M ANUAL 17 3.5. Contactless communication principles and SDI011 usage recommendations SDI011 is a dual interface reader capable of reading both contact smart cards and contactless user tokens. The following paragraph focuses on a few specifics of the contactless communication to outline usage recommendations in order to ensure best user experience. 1 SDI011 is a contactless reader designed to communicate with user tokens.
SDI011 REFERENCE M ANUAL 18 3.5.3. Recommendations The communication between the reader and the user token is sensitive to the presence of material or objects interfering with the magnetic field generated by the reader. The presence of conductive materials like metal in the vicinity of the reader and the user token can severely degrade the communication and even make it impossible.
SDI011 REFERENCE M ANUAL 3.6. 19 Applications 3.6.1. General SDI011 is a transparent reader designed to interface a personal computer host supporting PC/SC interface with 13.56MHz user tokens like public transport cards, contactless banking cards, electronic identification documents – e.g. e-passports, e-ID cards, driving licenses etc. Those user tokens can have several form factors like credit cards, key fobs, NFC mobile phones or USB dongles like SCT3511 that SCM Microsystems markets.
SDI011 REFERENCE M ANUAL 20 4. SDI011 characteristics 4.1. SDI011 high level architecture 4.1.1. Block diagram The link between SDI011 and the host to which it is connected is the USB interface providing both the power and the communication channel. Device controller To host STC2 ASIC (SCM) with embedded flash RF front-end MFRC531 (NXP) EMC filter + Matching circuitry Antenna ISO7816 contact smart card interface text text text LED SDI011 has a device controller which is SCM‘s STCII ASIC.
SDI011 REFERENCE M ANUAL 21 4.1.2. Software architecture Applications can interface with the driver directly through the PC/SC interface. The SDI011 driver implements PC/SC v2.0 API towards upper layers and uses SCM firmware commands encapsulated in CCID-like protocol for the contactless slot and full CCID for the contact slot. The SDI011 contactless driver handles all the contactless-related intelligence – i.e.
SDI011 REFERENCE M ANUAL 4.2. 22 Quick reference data 4.2.1. SDI011 dimensions Item Characteristic Value Weight 128 Grams External dimensions Cable length L 118 mm W 78mm H 22mm 1.5 meter long with USB type A connector Default color Black with metallic silver SDI011 Default label Drawing with dimensions of the SDI011 and accessories can be found in annex.
SDI011 REFERENCE M ANUAL 23 4.2.2. LED behavior SDI011 is equipped with a bicolor LED. Its behavior is described in the table below.
SDI011 REFERENCE M ANUAL 24 4.2.3. Other data 4.2.3.1. Parameter Clock of the device controller API Operating temperature range Operating humidity range Certifications 4.2.3.2. General Value/Description 24 MHz PC/SC 2.0 0º to 50ºC Up to 95%RH non condensing USB CE FCC VCCI WEEE RoHS WHQL USB Parameter Value/Description DC characteristics High bus powered (SDI011 draws power from USB bus) Voltage: 5V Max. Current : 200mA Suspend current : 380uA USB specification USB 2.
SDI011 REFERENCE M ANUAL 4.2.3.3. 25 Contactless interface Parameter Value/Description RF carrier frequency Modulation 13.56 MHz +/- 50ppm ID1 format tokens supported Maximum baud rate 12 to 14 % ISO/IEC 14443-4 PICC type A and type B MIFARE Type B memory card PICC through SCM-proprietary APDU 424Kbps (848 Kbps is available as configurable option) Supported and is kept disabled by default. Multiple PICC in field 4.2.3.4.
SDI011 REFERENCE M ANUAL 26 5. Software modules 5.1. Installation SCM provides an installer for Windows and for Mac The installers can be used to install the driver as well as some utilities. 5.2.
SDI011 REFERENCE M ANUAL 27 5.3.2. Supported operating systems Operating systems supported by the driver: Windows 98 Windows ME Windows 2000 Windows 2003 Server (32 & 64 bit) Windows XP (32 & 64 bit) Windows Vista (32 & 64 bit) Windows Server 2008 (32 & 64 bit) 5.3.3. PC/SC 2.0 compliant ATR for contactless interface When a user token is placed on the reader, initialization, anti-collision is done.
SDI011 REFERENCE M ANUAL 5.3.3.1. 28 ATR for contactless storage user tokens The ATR of the user token is composed as described in the table below. In order to allow the application to identify the storage card properly, it‘s Standard and Card name describing bytes must be interpreted according to the Part 3 Supplemental Document, maintained by PC/SC. Tokens using technology like MIFARE are examples of such user tokens.
SDI011 REFERENCE M ANUAL 5.3.3.2. 29 ATR for ISO/IEC 14443-4 user tokens The user token exposes its ATS or application information which is mapped to an ATR. The table describes how this mapping is done. Byte# Value Designation Description 0 0x3B Initial header 1 0x8n T0 n indicates the number of historical bytes in following ATR 2 0x80 TD1 Nibble8 indicates no TA2, TB2, TC2 Nibble 0 means T=0 3 0x01 TD2 Nibble8 indicates no TA3, TB3, TC3 Nibble 1 means T=1 4...
SDI011 REFERENCE M ANUAL 5.4. 30 Firmware 5.4.1. CCID transport protocol SDI011 implements a transport protocol that is compliant with USB Device Class: Smart Card CCID Specification for Integrated Circuit(s) Cards Interface Devices Revision 1.10 for the contact smart card interface and CCID-like transport protocol for the contactless interface. This paragraph describes the CCID specification features that are implemented and those that are not implemented. 5.4.1.1.
SDI011 REFERENCE M ANUAL BAD_ATR_TS BAD_ATR_TCK ICC_MUTE 31 The following sub-sections discuss when and why these error codes are returned: 5.4.1.3.1. HW_ERROR This error code is returned when a hardware short circuit condition is detected, during application of power to the card or if any other internal hardware error is detected. This error code has been defined in the error code table 6.2-2 of the CCID specification. 5.4.1.3.2.
SDI011 REFERENCE M ANUAL 32 6. Commands description 6.1. Generic APDU 6.1.1. Get UID Command 6.1.1.1. Description GET UID will retrieve the UID or SNR or PUPI of the user token. This command can be used for all supported technologies. 6.1.1.2. Format CLA INS P1 P2 Lc Data in Le 0xFF 0xCA 0x00 0x00 - - XX Setting Le = 0x00 can be used to request the full UID or PUPI is sent back.(e.g. for ISO14443A single 4 bytes, double 7 bytes, triple 10 bytes, for ISO14443B 4 bytes PUPI). 6.1.1.3.
SDI011 REFERENCE M ANUAL 6.1.1.5.
SDI011 REFERENCE M ANUAL 34 6.1.2. Escape command APDU 6.1.2.1. Description This command can be used to send escape commands to SDI011. For description of escape commands please refer to the dedicated chapter in this manual. 6.1.2.2. Format CLA INS P1 P2 P3 Data in 0xFF 0xCC 0x00 0x00 Lc Input buffer of escape command Lc is the length of the escape command‘s input buffer. See escape commands description later in this manual 6.1.2.3. Response Output buffer of the escape command 6.1.2.
SDI011 REFERENCE M ANUAL 6.2. 35 Set of APDU for contactless storage user tokens 6.2.1. STORAGE_CARD_CMDS_READ_BINARY 6.2.1.1. Description Using this APDU, application can read a memory block on user tokens based on technologies like MIFARE Classic 1K or 4K (block size 0x10 bytes) or MIFARE Ultra light (block size 0x04 bytes). 6.2.1.2.
SDI011 REFERENCE M ANUAL 6.2.1.5.
SDI011 REFERENCE M ANUAL 37 6.2.2. STORAGE_CARD_CMDS_WRITE_BINARY 6.2.2.1. Description This APDU writes data to a memory address 6.2.2.2. Format CLA INS P1 P2 Lc Data in 0xFF 0xD6 Address MSB Address LSB 0xXX Data Where: P2 indicate the memory block number where data should be written Lc=0x10 for MIFARE Classic 1K/4K. Lc=0x04 for MIFARE Ultralight 6.2.2.3. Response Data Out SW1 + SW2 6.2.2.4.
SDI011 REFERENCE M ANUAL Results into the following memory mapping 38
SDI011 REFERENCE M ANUAL 39 6.2.3. STORAGE_CARD_CMDS_LOAD_KEYS 6.2.3.1. Description Some type of user tokens like MIFARE Classic may require that an authentication happens before any data can be read or written. To perform this authentication, keys need to be loaded in the reader‘s memory using this command. 6.2.3.2.
SDI011 REFERENCE M ANUAL 40 6.2.4. STORAGE_CARD_CMDS_AUTHENTICATE 6.2.4.1. Description This command enables to perform authentication for user tokens based on MIFARE Classic 1K or 4K. Before this command can be successfully executed, the STORAGE_CARD_CMDS_LOAD_KEY command must have been executed. 6.2.4.2.
SDI011 REFERENCE M ANUAL 6.2.4.5. 41 Example For a MIFARE Classic 1K card which has the following memory mapping: Reading sector 0 or sector 1 of this card requires authentication with key A or key B.
SDI011 REFERENCE M ANUAL 42 6.2.5. STORAGE_CARD_CMDS_VALUE_BLOCK 6.2.5.1. Description This APDU is used to interact with MIFARE Classic e-purse applications. Please refer to MIFARE Classic documentation available from NXP Semiconductors for further details on MIFARE classic memory mapping and commands. 6.2.5.2.
SDI011 REFERENCE M ANUAL 6.3. 43 Set of APDU for ISO/IEC14443-4 user tokens 6.3.1. T=CL Command Description SDI011 can transfer directly ISO/IEC7816-4 APDU to the PICC. SDI011 supports user tokens that have both the MIFARE and T=CL partitions. Depending on the APDU sent by the host, the reader switches to the corresponding mode (MIFARE or T=CL) automatically and the command is processed accordingly. 6.3.1.1.
SDI011 REFERENCE M ANUAL 44 6.3.2. T=CL user command Description This command can be used to send raw data to the user token. 6.3.2.1. Format CLA INS P1 P2 P3 Data 0xFF 0xFE 0x00 0x00 Lraw_data Raw_data 6.3.2.2. Response Data Out PICC response data+ SW1 + SW2 6.3.2.3. SW1 SW2 Status Words Description User should refer to the status words defined by the PICC manufacturer for a description of the status words 6.3.2.4. Example Let‘s consider the Select command defined in ISO7816-4.
SDI011 REFERENCE M ANUAL 6.4. 45 Set of APDU defined by SCM Microsystems 6.4.1. MIFARE DESFire Commands Description This command can be used to send commands to DESFire-based user tokens. For a description of DESFire commands please contact NXP Semiconductors. 6.4.1.1.
SDI011 REFERENCE M ANUAL 6.5. 46 Escape commands for the contactless interface 6.5.1. Sending escape commands to SDI011 A developer can use 2 methods to send escape commands to SDI011 to the contactless interface SCardControl method defined in PC/SC API SCardTransmit method defined in PC/SC API in conjunction with the escape command APDU defined earlier in this manual 6.5.2.
SDI011 REFERENCE M ANUAL 47 6.5.3. READER_GETCARDINFO This escape command is used to get information about the card placed on the reader. The SDI011 returns an error if no card is placed on it. The input buffer shall contain the escape command code Input buffer 0x11 The output buffer contents are described below.
SDI011 REFERENCE M ANUAL 48 6.5.4. READER_LED_CONTROL_BY_FW This escape command may be used to enable or disable LED control by the firmware. The input buffer is Byte # Value Description B0 0xB2 Escape command code B1 0x00 Disable LED control by FW 0x01 Enable LED control by FW The output buffer is Output buffer NULL 6.5.5. READER_LEDCONTROL This escape command is used to turn ON/OFF the LED. This escape command shall work only if LED control by firmware is disabled.
SDI011 REFERENCE M ANUAL 49 6.5.7. READER_CNTLESS_GET_ATS_ATQB This escape command enables the host to retrieve the ATS for Type A T= CL or the ATQB for Type B cards. The input buffer contains the escape command code Input buffer 0x93 The output buffer contains the ATS bytes or the ATQB bytes depending on the type of PICC placed on the reader. 6.5.8. READER_CNTLESS_GET_TYPE This escape command retrieves the type of the card which SDI011 is configured to poll for.
SDI011 REFERENCE M ANUAL 6.5.10. 50 READER_CNTLESS_RF_SWITCH This escape command can be used to retrieve/set the RF state of SDI011. The default RF field state is ON. The input buffer shall contain 2 bytes Byte # Value Description B0 0x96 Escape command code B1 0x00 Switch RF Field OFF 0x01 Switch RF Field ON 0xFF Get current field state After the RF is turned off, to turn the RF ON again, card connect shall be done in direct mode.
SDI011 REFERENCE M ANUAL 6.5.12. 51 READER_CNTLESS_RAW_XMIT_EX This escape command can only be executed by the firmware once SDI011 is put in raw mode using the READER_CNTLESS_RAW_CFG escape command.
SDI011 REFERENCE M ANUAL 6.5.13. 52 READER_ CNTLESS_DISABLE_PPS By default SDI011 does automatic PPS – i.e. it switches the RF communication speed to the highest possible supported by the card. This escape command can be used to switch ON/OFF automatic PPS. When automatic PPS is OFF, then 106Kbps only is available. The input buffer is Byte # Value Description B0 0x99 Escape command code B1 0x01 Disable Auto-PPS 0x00 Enable Auto-PPS The output buffer is Output buffer NULL 6.5.14.
SDI011 REFERENCE M ANUAL 53 If B1 of the input buffer is 0x00 or 0x01 the output buffer is Output buffer NULL If B1 of the input buffer is 0xFF, the output buffer is a BYTE buffer with 2 possible values Output buffer Description 0x00 RF field is OFF 0x01 RF field is ON 6.5.15. READER_CNTLESS_848KBPS This escape command can be used to enable/disable 848kbps support by SDI011 as well as query whether 848kbps is currently enabled or disabled by SDI011.
SDI011 REFERENCE M ANUAL 6.5.16. 54 READER_CNTLESS_BAUDRATE This escape command can be used to get the actual operating baud rate of card-reader communication. The input buffer shall contain the escape message value.
SDI011 REFERENCE M ANUAL 6.5.17. 55 READER_CNTLESS_FORCE_BAUDRATE_PCSC_REV2 This escape command can be used to force baud rate for Contactless cards.
SDI011 REFERENCE M ANUAL 6.6. 56 Escape commands for the contact interface 6.6.1. Sending escape commands to SDI011 A developer can use the following method to send escape commands to SDI011 for the contact interface SCardControl method defined in PC/SC API 6.6.2. Escape command codes Escape commands can be used by an application to configure SDI011 to function in a mode that is not its default configured mode or to get specific information.
SDI011 REFERENCE M ANUAL 57 6.6.4. READER_GETMODE This escape command may be used to retrieve the current mode of the reader. The input buffer is Byte # Value Description B0 0x02 Escape command code The output buffer is Output buffer Description 0x00 ISO 7816 mode 0x01 EMV mode 0x02 Memory card mode 6.6.5. READER_APDU_TRANSFER This escape command may be used to exchange an APDU with the smart card.
SDI011 REFERENCE M ANUAL 58 6.6.6. READER_SWITCH_SPEED In case, when the application is capable of switching the card‘s speed through APDU (if the card supports such a feature), this escape command is used to inform the reader about the speed change occurred between application and card. The first byte will contain the escape function value; the next two bytes contain Fi and Di respectively. The output buffer field shall be NULL.
SDI011 REFERENCE M ANUAL 59 6.6.8. READER_DISABLE_PPS This escape command disables the automatic PPS done by the firmware. The input buffer is Byte # Value Description B0 0x0F Escape command code B1 0x00 Enable PPS 0X01 Disable PPS The output buffer is Output buffer NULL 6.6.9. READER_GETIFDTYPE This escape command is used to get the current IFD type from the reader. The first byte of the input buffer contains the escape id value.
SDI011 REFERENCE M ANUAL 6.6.10. 60 READER_GETINFO_EXTENDED This escape command is used to get the information of the reader like the major and minor version of the firmware, capabilities of the reader and the Unicode serial number. The output buffer shall point to an application allocated SCARD_READER_GETINFO_PARAMS_EX structure mentioned below.
SDI011 REFERENCE M ANUAL 61 7. Annexes 7.1.
SDI011 REFERENCE M ANUAL 62 7.2. Annex B – Sample code using escape commands through Escape IOCTL File Name : T_hbr.H #ifdef __cplusplus extern "C" { #endif #define IOCTL_CCID_ESCAPE SCARD_CTL_CODE (0xDAC) #define CCID_GET_848KBPS_STATUS 0xFF9D #define CCID_SET_848KBPS_ON 0x019D #define CCID_SET_848KBPS_OFF 0x009D #define MINTIMEOUT 300 #ifdef __cplusplus } #endif File Name : T_hbr.CPP #include #include #include #include #include "winscard.
SDI011 REFERENCE M ANUAL 63 SCARD_READERSTATE Reader[1]; // please add the name of the used reader here or use SCardListReaders // to find the right reader name char *ReaderName[] = {"SCM Microsystems Inc.
SDI011 REFERENCE M ANUAL 64 MINTIMEOUT, Reader, 1); printf ("\nATR: "); for (i=0; icbAtr; i++) { printf ("%.2x ",Reader->rgbAtr[i]); } printf ("\n----------------------------------------------\n"); /* enable 848KBPS: ON */ printf ("\nEnable 848kbps "); InBufLen = 2; InWord = CCID_SET_848KBPS_ON; ret = SCardControl (CardHandle, IOCTL_CCID_ESCAPE, &InWord, InBufLen, &OutByte, 1, &ResLen); ret = SCardDisconnect(CardHandle, SCARD_RESET_CARD); ret = SCardConnect (ContextHandle, ReaderName[0], SCA
SDI011 REFERENCE M ANUAL 65 printf ("\n Get 848kbps status: %lx: %.2x", ret,OutByte); Reader[0].dwCurrentState = SCARD_STATE_UNAWARE; Reader[0].dwEventState = SCARD_STATE_UNAWARE; Reader[0].szReader = ReaderName[0]; ret = SCardGetStatusChange (ContextHandle, MINTIMEOUT, Reader, 1); printf ("\nATR: "); for (i=0; icbAtr; i++) { printf ("%.2x ",Reader->rgbAtr[i]); } printf ("\n----------------------------------------------\n"); /* Disable 848Kbps: OFF */ printf ("\nDisable 848KBPS "); InBufLen =
SDI011 REFERENCE M ANUAL 66 Reader[0].szReader = ReaderName[0]; ret = SCardGetStatusChange(ContextHandle, MINTIMEOUT, Reader, 1); printf ("\nATR: "); for (i=0; icbAtr; i++) { printf ("%.2x ",Reader->rgbAtr[i]); } printf ("\n----------------------------------------------\n"); ret = SCardDisconnect(CardHandle, SCARD_RESET_CARD); } else { printf("\n SCardConnect failed with 0x%.8lX",ret); } ret = SCardReleaseContext(ContextHandle); } else { printf("\n SCardEstablishContext failed with %.
SDI011 REFERENCE M ANUAL 7.3. 67 Annex C - SCM Proprietary CLA bytes CLA Byte Function 0xF0 Contact Memory cards MIFARE-TCL Switching 0xFF T=CL User command Escape command APDU The second SCM Proprietary APDU is blocked for the application layer. This is used for internal communication i.e. between the driver and the firmware. Function CLA byte – PC/SC1.0 CLA byte – PC/SC2.
SDI011 REFERENCE M ANUAL 7.4. Annex D – Mechanical drawings 7.4.1.
SDI011 REFERENCE M ANUAL 7.4.2.
SDI011 REFERENCE M ANUAL 7.4.3.