GlobalPlatform made simple guide: Amendment A - Confidential Card Content Management
What does GlobalPlatform Card Specification v2.2 Amendment A do?
As more and more secure applications are loaded, personalized and managed on mobile devices to deliver convenient services to end-users, it is important that a service provider (such as a bank, transit operator or government body) can securely manage and take responsibility for its applications. This ensures that the service provider retains accountability for the sensitive information and the responsibility for managing the application.
Prior to the release of Amendment A, the service provider had to rely on a secure element (SE) issuer – such as a SIM/UICC managed by a mobile network operator (MNO) – and its infrastructure for loading, personalizing and managing the secure keys and application. Alternatively, to get full independence, the service provider would have needed to invest in an infrastructure that reached the SE (such as SIM-over-the-air (OTA) platform, open-air-interface (OAI) platform or electronic funds at point-of-sale (EFT/POS) infrastructure) which can be highly expensive if the deployment is implemented across various networks.
Amendment A provides an alternative solution. It enables the service provider to confidentially and independently manage their application on a GlobalPlatform compliant secure chip remotely – while using a third party's infrastructure.
Also, this amendment offers a new mechanism to load primary keys into the secure area (security domain) of the service provider. This confidential key loading uses a third party actor that ensures separation between the service provider and the infrastructure owner.
How does the technology work?
The technical document explains how a SE issuer can create 'space' in the SE – which might be a SIM/UICC, micro SD or embedded SE – for a service provider and then authorize them to control this area.
The service provider can use a third party actor to confidentially load its first keys and take ownership of the recently created area. After using a third party network, the service provider will be able to confidentially install and personalize applications securely. The technology has been designed to ease the reuse of the management scripts regardless of the remote network used.
Who benefits from this technology?
As a cross industry specifications body, GlobalPlatform developed the technology to be transferable across any market where multiple service providers require control of their application but are operating without the necessary industry infrastructure.
It therefore significantly benefits:
- Service providers such as banks / payment providers or transit operators wanting to deliver mobile services including payments and e-tickets exclusive of a mobile infrastructure.
- SE issuers, for example MNOs, which need to establish a neutral infrastructure capable of allowing approved service providers to manage their applications OTA on an end-user's UICC, micro SD or embedded SE.
- And finally, trusted service managers (TSMs), which are independent and trusted third parties that facilitate the provisioning and secure management of mobile contactless services for various service providers across different SE form factors.
Why is GlobalPlatform promoting Amendment A so assertively?
GlobalPlatform works with the industry to understand its long-term secure application management needs. Amendment A to Card Specification v2.2 is built on a GlobalPlatform framework for card content management that is already available, proven and deployed and therefore provides a simple solution for service providers deploying applications on smart cards to transition to mobile services. GlobalPlatform is actively promoting Amendment A to help reduce development time and cost for service providers.
The implementation of this amendment with the extended flexibility to manage OTA SEs, offers greater security with new scenarios thanks to third party services for key management.
GlobalPlatform Card Specification v2.2 Amendment A – Confidential Card Content Management was created in close collaboration with GSMA and the European Telecommunications Standardisation Institute (ETSI). The technical document is available royalty-free from www.globalplatform.org.