Authentic program modification is very important for a multi-application smart card system since applications in the system are realized after the issuance of the smart card. In this paper, we propose a framework for such authentic program modification. In our framework, before issuing a smart card to an individual, the card issuer stores a unique long bit string called PID on the card. From the PID, unique substrings (subPIDs) are generated and used for different authentication purposes. The program modification protocol utilizes the subPIDs along with a one-way hash function and a pseudo random number generator function to verify the identity of the parties and the authenticity of the program. Our proposed framework provides a simple and practical solution to the program modification problem by avoiding direct interaction between the card holder and the issuer. In addition, use of hash functions makes the implementation cost of smart cards low.