For offline transactions it is required that you store the data in persistent memory. Moreover, updates to this persistent memory should be atomic. This means that if a transaction is in progress and there is a card tear then the transaction should be nullified. For this, Java Card has the (aptly named) beginTransaction
and abortTransaction
methods in JCSystem
.
There are some discussions if the security level of normal EEPROM or Flash is enough for sensitive data such as transactions and balances. It could not hurt to update a (secure) checksum together with the transaction so that an advanced attacker cannot alter the data stored on the smart card. Storing this checksum has to be part of the atomic transaction.
Java Card does not supply any file based structure. There was a proposed API a long time ago, but currently the support for the ISO 7816-4 file system ends with the applet selection by it's AID. The rest of the protocol is your responsibility. Note that you should not update the contents of an Elementary File by anything other than UPDATE BINARY
(and friends). In general the content of the files should be either static or generated by the off card entity. Using for instance records and GET DATA
would be more appropriate - but you will have to program those yourself as well.