If someone has your card and the time to tear it apart, then a SEM will let them read the executing code+data, no matter what the power fluctuations are like. No need for any fancy bacteria or whatever, just standard shave the layers off.
So starting with money-bearing smart cards :
But if your card is missing then, like your checkbook or conventional credit card, you should notice this and get it deactivated. Figuring out something by any external analysis takes some time.
The real danger is in someone "sniffing" transactions in cercumstances where the card's user feels secure, being unaware that they are being hacked. In that case the card's owner has no reason to turn off their card, until the weird transactions turn up on the record.
Now for smart cards carrying personal information such as medical records, access code, and the like :
The theft of such a card would be of greater concern, if simple because of the amount of effort needed to secure anything threatened by revealed passcodes. Personal information - once that's uncovered then it's too late, a good reason to make such cards as secure as possible. But as I said at the start, if they have physical possesion of the card then uniform power consumtion won't stop the card from being cracked.
So long as someone else doesn't have physical control of the card, there are a number of methods to make it tough to snoop on the card's operation to crack it. The same methods used to protect a card/button from being opened for SEM reading can (and should) be used to protect it from being opened to defeat power/signal filtering.
Part of the point of putting conductive traces on the outer layers is to make it more work to make the card function after pulling those layers off - they are part of the traces just as t he metal on the chip itself. It is possible to make a chip such that it scrambles its contents if some of those connections are broken, making the problem even more difficult. Kill the card's internal keep-alive power and the chip randomises itself, pull the outer layers of the chip and the chip randomises itself.
And making the card that it does - receive data, isolate from the world, crunch data, connect to the world, transmit data - can really reduce EM snooping, unless the snooper has the card in their hands (in which case, see the start of the msg.) Slows things down a bit, note enough to matter I believe. You could even use optical coupling in a shrouded connector to reduce EM transmissions when exchanging data.
[ Parent ]