Advanced GlobalPlatform Card Technology Supports Activation of Multiple Contactless Applications
18 February 2010 – The international specification body for smart card infrastructure, GlobalPlatform, has released an amendment to its Card Specification v2.2 to significantly advance the management of multiple contactless applications within a secure element – such as a SIM, secure memory card/ embedded secure element in a mobile device, or a simple contactless card. The technical document, named Contactless Services, can be downloaded at https://globalplatform.wpengine.com/specificationscard.asp and will be of particular interest to the NFC mobile, payment and transit sectors.
Amendment C to GlobalPlatform Card Specification v2.2 addresses how end-users can manage contactless services on a secure element and easily select which application they would like to activate. The technology outlines how the mobile phone interface can be tailored by the card issuer to meet its needs and those of service providers, including the storage of commercial logos to enable simple brand recognition on a mobile phone screen.
This document also enhances the deployment and lifecycle management of contactless applications by detailing how new data can be controlled within this environment, such as contactless protocols parameters, logo, application family and end user priority.
With the finalization of Amendment C, GlobalPlatform has completed the first phase of its activity to enhance and support NFC technology. When this amendment is used together with GlobalPlatform Card Specification v2.2 Amendment A(*), entitled Confidential Card Content Management, a service provider can:
- Manage their applications over-the-air on an end-user’s secure element
- Present their service visually on a mobile phone screen
- Pilot the behavior of their applications within an NFC mobile phone infrastructure, and the interaction between the secure element and a reader.
Karl Eglof Hartel, Chair of the GlobalPlatform Card Committee, and Project Manager for New Technologies in the Telecom division at Giesecke & Devrient, comments: “This is an important enhancement for securely and effectively delivering NFC services to users. It successfully overcomes some of the barriers that were restricting NFC technology realizing its full potential. From a commercial perspective, for example, it is vital to have the technical capability to display logos to support brand recognition and awareness, while also guaranteeing the highest level of security and offering service providers a clear separation of domains for application management.
“As a result of the Card Committee’s efforts, Amendment C to GlobalPlatform Card Specification v2.2 delivers to the NFC marketplace a neutral platform that enables service providers to directly interact with an end-user. In addition to creating new business opportunities at all levels across the NFC ecosystem, GlobalPlatform believes that the technology will create a fundamental transition in consumer habits. For example, today’s process of choosing a payment card from a wallet will be replaced by the selection of a contactless service via the screen of a mobile handset.”
GlobalPlatform Card Specification v2.2 Amendment C will be referenced by the European Telecommunications Standards Institute’s (ETSI) Technical Committee SCP (Smart Card Platform) in its forthcoming specification ‘UICC Application Programming Interface for Java Card(TM) for Contactless Applications’.
Sebastian Hans, Rapporteur of ETSI’s HCI API Specification and Vice Chair of ETSI SCP’s Technical Working Group, comments: “Amendment C for GlobalPlatform Card Specification v2.2 and ETSI’s HCI API (UICC Application Interface for Java Card(TM) for contactless applications) are examples of cooperation between the two organizations to create the most successful series of specifications for smart cards. The publication of Amendment C is a milestone in providing the end user with a UICC which takes full advantage of the ever expanding feature set of mobile phones, specifically for the development, deployment and management of UICC-based contactless applications.”
Privacy aspects are also detailed within Amendment C to GlobalPlatform Card Specification v2.2 to ensure that applications are ‘hidden’ on a secure element when deactivated by the user. This protects against an unauthorized rogue element illegally sourcing information about the content stored within a ‘virtual contactless wallet’ on a mobile device.
Mr Hartel concludes: “The technology is not only applicable to the secure element within a mobile phone, where we have the SIM card and possibly an additional embedded secure element or a removable NFC enabled SD card, but it can also be used within any NFC environment where we have a multiple application contactless card together with a device allowing the user to manage their services. It is an extremely exciting development for GlobalPlatform and the NFC industry as a whole.”
Notes to Editors
*Press release issued 19 November 2007 – Coordinating the delivery of applications by multiple parties
Title: GLOBALPLATFORM RELEASES CONFIDENTIAL CARD CONTENT MANAGEMENT
New Technology Offers Confidential and Independent OTA Application Management
19 November 2007 – International smart card specifications body, GlobalPlatform, has released its Confidential Card Content Management Amendment, which enables application providers to confidentially and independently manage applications while using a third party’s infrastructure.
This amendment of the current Card Specification v2.2 has been developed in close collaboration with GlobalPlatform members operating within the mobile telecom sector, together with mobile industry associations including the European Telecommunications Standardisation Institute (ETSI) and the GSM Association (GSMA). It will significantly benefit application providers that offer end user services exclusive of a mobile infrastructure, and will enable mobile operators to establish a neutral infrastructure capable of allowing approved application providers to manage their applets Over-The-Air (OTA) on an end-user’s SIM.
The amendment is of particular importance for mobile telecom implementations that incorporate transit, entertainment or financial applications such as e-tickets, video and payments, as the application provider is unlikely to have its own network infrastructure, yet is accountable for sensitive information that it must be responsible for encrypting.
Gil Bernabeu, Technical Director at GlobalPlatform and Technical Advisor for the Standardization and Technology Department at Gemalto, comments: “Prior to the launch of this amendment to Card Specification v2.2, an application provider had only two choices: to invest in the network infrastructure or rely on the issuer’s infrastructure for application management.
“Today, following a year-long initiative by GlobalPlatform’s Card Committee to develop the Confidential Card Content Management Amendment to Card Specification v2.2, an issuer is able to dynamically create new application provider ‘space’ in its secure element, i.e. a Security Domain, and authorizes the application provider to take control of this area. The application provider can use a third party network to load, install and personalize applications if authorized by the issuer’s management policy. From a technical perspective, this enhancement will facilitate the deployment of new services on SIM/contactless programs by using an OTA platform of a ‘Trusted Service Manager’ as defined by GSMA.”
As a cross industry specifications body, GlobalPlatform has developed the technology to be transferable across any market where multiple application providers are operating without the necessary industry infrastructure, yet require control of their application. The Confidential Card Content Management Amendment can be downloaded at www.globalplatform.org, and is compatible with all existing GlobalPlatform technology.
GlobalPlatform is the global leader in smart card infrastructure development and its proven, technical specifications for cards, devices and systems are known as the standard for smart card infrastructure. GlobalPlatform is a member driven association with cross-industry representation from all world continents. For more information about GlobalPlatform, visit: www.globalplatform.org