Difference between native smart cards and Java Card

Question

I want to know what the difference is between a native smart card and a Java Card.

I know Java card smart card have capability to download and delete applets and I read in the JavaCardOS forum that smart cards with Java Card do not have pointer.

How to detect native smart card from java card in practice? How are they different?

Answer 1

"Smart Card" basically means a processor card with a SoC that includes a full CPU. Java Card runs on top of a Smart Card.

A native smart card is generally thought of as a smart card which contains a runtime that uses "native" processor instructions. For these smart cards the application and file system implementation is generally implemented in a low level language, usually C. This C is then compiled into machine code, the native constructions. C does have pointer arithmetic of course.

There are file based cards that have contain a full ISO/IEC 7816-4/9/11 filesystem, although those usually also have proprietary parts (which is somewhat required because ISO/IEC 7816-4 doesn't contain a full specification of what needs to be implemented and leaves many blanks to be filled in by the implementer). There is a large overlap between native and file based smart cards.

---

For Java Card you basically have to implement those APDU's that are required for your specific functionality. There was once a file system API in there but that has long been deprecated, for better or worse. Java Card uses applets that consist of byte code, so yes: Java Cards actually contain a byte code interpreter, a Java Virtual machine.

Due to processing and memory constraints, the linking is however done on the development environment (using the .class -> .cap convertor). There the references are created, which in turn will be converted to pointers in the runtime, when the values are de-referenced. Java Card still provides memory protection and doesn't allow pointer arithmetic. This e.g. means that there is limited capability of Java Card applets to interact, as they are separated from each other by a firewall.

---

There isn't any specific command that tells you if a card is a Java Card or not. Some cards have a specific set of historical bytes in the ATR when delivered to a client. However, those may be set to different values as well.

If you want to check if a card is a Java Card: try and see if there is a Card Manager on the card, using SELECT by AID with the Open and Global platform AID's. If one of the SELECT commands succeeds then that's a pretty big hint that the card is a Java Card.

Because each application DF in Java Card is selected by name, you generally won't find SELECT by DF ID working in the root folder. If none of those work before you select a Java Card applet (i.e. when you are in the root) then the card may be a Java Card. There is however the possibility to have an applet default selected, and such an applet may implement that function as well.

Answer 2

For a native smartcard, you just add a whole filesystem (directory structure, including special objects like PINs and keys), since everything else (algorithm implementations) is part of the operating system.

The easiest check is: look at the class byte of some instructions, which the card understands. Zero might indicate compliance to ISO 7816-4.

Other check: The Create command from ISO 7816-9 is not useful for a Javacard.