For inquiries about GlobalPlatform or website assistance, contact

GlobalPlatform Specification Simplifies Process to Check the Compliance and Certification Status of a Secure Component Product

10 August 2016 – Industry association GlobalPlatform has released a specification which standardizes the digital format of Letters of Approval issued from certification bodies and standardizes how they can be retrieved. This clarity will simplify the process for validating the functional compliance and security certification status of a secure component product or of an application.

The Digital Letter of Approval (DLoA) Specification, which is free to download from the GlobalPlatform website, will be of interest to stakeholders wanting to clarify the certification status of secure component products, such as a secure element (SE) or trusted execution environment (TEE), and of applications. This includes trusted service manager vendors, certification bodies, platform and application developers, platform evaluators, issuers, manufacturers and verification authorities.

All Letters of Approval issued by GlobalPlatform are now published on its website in this universal format.

Gil Bernabeu, Technical Director at GlobalPlatform, explains: “Today, multiple applications can reside on one secure component. If product issuers commit to ensuring DLoAs are centrally available and presented in a globally consistent manner, as outlined in our specification, trusted service managers and other parties can quickly and easily validate if a product is secure and if an application can be updated without complication.”

    • The specification also:


    • Clarifies how to access all certification documents (DLoAs) available for a given secure component.


    • Improves the management of the certification lifecycle.


  • Defines a new entity called a DLoA registrar. A repository that states the interface which enables a management system to retrieve a digital letter.

“It is important that product testing and security certification activity does not become a barrier to adoption,” adds Gil. “While the need to confirm the security and performance of a product is paramount, we must continually seek ways to streamline these processes and better align to the product lifecycle needs of the connected device marketplace. This specification defines a relatively easy approach to manage the security of secure component products that carry sensitive and/or basic applications and simplify post-issuance management of applications.”

For further media information, please contact Rob Peryer or David Amos at / or on + 44 (0) 1943 468007
Keep up to date with the latest news from GlobalPlatform:

Notes to editors:
About GlobalPlatform
GlobalPlatform defines and develops specifications to facilitate the secure deployment and management of multiple embedded applications on secure chip technology. Its standardized infrastructure empowers service providers to develop services once and deploy across different markets, devices and channels. GlobalPlatform’s security and privacy parameters enable dynamic combinations of secure and non-secure services from multiple providers on the same device, providing a foundation for market convergence and innovative new cross-sector partnerships.

GlobalPlatform is the international industry standard for trusted end-to-end secure deployment and management solutions. The technology’s widespread global adoption across finance, mobile/telecom, government, premium content, automotive, healthcare, retail and transit sectors delivers cost and time-to-market efficiencies to all. GlobalPlatform supports the long-term interoperability and scalability of application deployment and management through its secure chip technology open compliance program.

As a non-profit, member-driven association, GlobalPlatform has cross-market representation from all continents.  120+ members contribute to technical committees and market-led task forces. For more information on GlobalPlatform membership visit

Back to Archive

If you are a media representative, analyst, or conference organizer with a question, please email us at:

Hey There!

It seems you are using an outdated browser, unfortunately this means that our website will not render properly for you. Update your browser to view this website correctly.