【正文】 stored and processed within the chip of the card. The card data is transacted via a card reader attached to a puting system as a peripheral device. Smart cards are extensively used through several key applications like education, healthcare, banking, entertainment, and transportation. 1. Introduction Smart card is a miniputer capable of storing and processing data. Although, at present, they are most popular as singlefunction cash cards and longdistance calling cards, their capabilities range from retaining tickets, money, frequent flyer miles, travel preferences, insurance information, key demographic data, links to a patient?s medical records, to allowing access into a building, logging onto a work, etc. The potential of the smart card is limitless. With the added bonus of these functions being performed on a single card, smart cards have the ability to bee indispensable tools. Smart cards were first introduced in Europe a couple of decades ago as a stored 2 value tool for pay phones to reduce theft [I]. As smart cards and other chipbased cards advanced, people found new ways to use them, such as charging cards for credit purchases and for record keeping in place of paper. Smart cards provide tamperproof storage of user and account identity. They provide protection against a full range of security threats, kom careless storage of user passwords to sophisticated system hacks. Smart card can be multifunctional through the use of several applications stored on the card. This paper starts with the history of smart cards and describes the different types of smart cards with characteristics of each type. Finally, the paper will detail KFUPM smart card system as an important case study in the field. 2. The History of Smart Cards The first plastic payment card for general use was issued by the Dinners Club in 1950. At first the card?s functions were quite simple [2]. They initially served as data carriers that were secure against forgery and tampering. General information, such as the card issuer?s name, was printed on the surface while personal data elements, such as the cardholder?s name and the card number were embossed. Further more, many cards bad a signature field. Protection against forgery was provided by visual features. Therefore, the system?s security depended pletely on the retail staff accepting the cards. However, this was not an overwhelming problem due to the card?s initial exclusivity. There was a pressing need for machinereadable cards to reduce handling cost in addition to the fact that card issuer?s losses due grew from year to year due to fraud [2]. The first improvement consisted of a magic strip on the back of the card. This allowed digital data to be stored on the card in a machinereadable form as a supplement to the visual data. Additionally, security is enhanced by the use of a secret personal identification number (PIN) that is pared to a reference number stored in the magic strip [3]. Although the embossed card with a magic strip is still the most monly used type of payment card, they suffer from a severe weakness in that data stored on the strip can be read, deleted and rewritten by anyone with access to the appropriate equipment. 3 PIN must be stored in the host system in a secure environment, instead of on the magic strip. Most systems that employ magic strip cards have online connections