The FM4428​ is a 1 KB contact-type logic encryption memory card chip​ developed by Shanghai Fudan Microelectronics Group (FMSH). It is a pin-to-pin and function-compatible domestic replacement for the Siemens SLE4428, widely used in cost-effective scenarios requiring simple data storage and basic password protection, such as phone cards, prepaid cards, and membership systems.

1. Core Definition

The FM4428​ is a contact smart card IC​ that utilizes a logic encryption memory​ architecture (not a high-security CPU card). It communicates via a synchronous serial interface​ following the ISO/IEC 7816-3​ standard and requires physical contact with a card reader for power and data exchange.

2. Key Specifications

3. Memory Structure & Security Logic

The chip's 1024-byte EEPROM is managed with a strict security logic mechanism:

1. PSC Authentication (Password):
• A 2-byte (16-bit) password​ is stored in the highest addresses.
• Erase/Write operations​ are only allowed after correct PSC verification.
• Read operations​ (except for the password area) are always open, making it a "read open, write controlled" card.
2. Error Counter:
• An 8-bit error counter (initial value = 8) decrements with each incorrect password attempt.
• If the counter reaches 0, the card permanently locks​ (only reading is allowed, writing and password verification are blocked). This is a one-way irreversible security feature.
3. Byte-wise Write Protection:
• Each of the 1024 bytes has a corresponding Protection Bit.
• Once the protection bit is set, the corresponding byte becomes Read-Only permanently​ (similar to ROM). This is often used to lock card serial numbers or key data.
4. Unique Identification:
• Addresses 21–26 (6 bytes) are typically used for a globally unique card number (UID), which can be fused (write-protected) during initialization to prevent tampering.

4. Communication Protocol (ISO 7816-3)

• Contact Layout: Uses the standard C1 (VCC), C2 (RST), C3 (CLK), C5 (GND), C7 (I/O) contact assignment.
• Synchronous Transmission: Data transfer is synchronized with the clock signal (CLK) provided by the reader.
• Reset Response: Upon power-up and reset, the chip outputs a specific Answer-to-Reset (ATR) sequence.

5. Typical Applications

• Prepaid & Utility Cards: Phone cards, electricity meter cards, and gas cards.
• Membership & Loyalty Cards: Low-cost retail membership systems.
• Simple Identification: Employee ID cards with basic data storage.
• Data Carriers: Industrial process cards for storing configuration parameters.

6. Comparison with Similar Chips

7. Advantages & Limitations

Advantages:

• Cost-Effective: Lower price than CPU cards, suitable for large-scale issuance.
• Basic Security: The error counter and irreversible write protection provide a certain level of anti-cracking capability.
• Mature Ecosystem: High compatibility with existing SLE4428 reader infrastructure.

Limitations:

• Weak Crypto: Lacks hardware encryption; relies on simple password verification, which is vulnerable to brute-force attacks if the error counter is not utilized.
• Contact Dependency: Requires exposed contacts, which are prone to wear, contamination, and electrostatic damage compared to contactless cards.

Summary

The FM4428​ is a classic contact logic encryption memory chip​ offering 1 KB of storage with 2-byte password protection and byte-level write locking. It serves as a reliable and economical solution for closed-loop payment, membership, and data carrier systems where high-level cryptographic security (like RSA or AES) is not required.