Card Testing

What Is Card Testing?

Card testingCard testingManufacturingQA verification of completed smart card electrical and physical specs.Click to view → is the quality assurance process that verifies completed smart cards meet all electrical, mechanical, functional, and security requirements before they are shipped to issuers or end users. Testing occurs at multiple stages during manufacturing -- after chip embedding, after electrical personalization, and after graphical personalization -- with each stage verifying different aspects of the finished card.

Test Categories

Card testing covers four major categories:

Electrical Testing

Every smart card must pass electrical verification of its contact pad interface:

• Contact resistance -- each of the eight contact pads (C1-C8) must exhibit less than 0.5 ohm resistance.
• ATR verification -- the card must respond to a cold reset with a valid Answer to Reset within the time specified by ISO 7816-3 (400-40,000 clock cycles after RST release).
• APDU round-trip -- the test system sends a series of standard commands (SELECT, GET DATA, INTERNAL AUTHENTICATE) and verifies correct response codes.
• Current consumption -- the card's power draw must remain within ISO 7816 limits (max 60 mA at 5V class A).

Functional Testing

Functional tests verify that the personalized card application works correctly:

• Application selection -- selecting each AID returns the expected FCI (File Control Information).
• PIN verification -- test PINs are verified successfully; incorrect PINs are rejected and the try counter decrements correctly.
• Cryptographic operations -- test data is signed with the card's private key and verified against the card's certificate. RSA and ECC operations must produce correct results.
• Secure channel -- an SCP03 session is established and verified using the card's GlobalPlatform keys.
• Data integrity -- all personalized data fields (cardholder name, PAN, certificates) are read back and compared against the personalization input.

RF Testing (Contactless Cards)

For dual-interface and contactless-only cards:

• Resonant frequency -- the card antenna must be tuned to 13.56 MHz (+/- 7%).
• Minimum field strength -- the card must operate at the minimum H-field specified by ISO 14443 (1.5 A/m for Type A).
• Transaction time -- a complete contactless EMV transaction must complete within 500 ms.
• Load modulation -- the card's response signal strength must be detectable by the reader across the specified operating distance.

Sampling vs 100% Testing

Rejected cards are securely destroyed at the personalization bureau to prevent any possibility of partially personalized cards entering circulation.