Industry Bodies Collaborate to Expand Secure Element Access for Secure Mobile Services

03 November, 2016 – SIMalliance has announced that it is transferring ownership of its established Open Mobile API (OMAPI) Specification to GlobalPlatform. The OMAPI Specification defines how mobile applications may access different Secure Elements (SEs), including the UICC and embedded secure elements (eSEs) in a mobile device and is currently referenced by GSMA, mandated by EMVCo in devices used for contactless payments, and implemented in over 250 models of Android NFC smartphone. This most recent move by SIMalliance will ensure that the technical specification continues to evolve in line with the wider secure chip ecosystem, which is fully represented by the GlobalPlatform membership.

Hervé Pierre, Chairman of SIMalliance, comments: “Since SIMalliance launched the OMAPI Specification in 2011, it has been globally implemented and now plays an extremely important role in enabling mobile services to access SEs across Android devices. As the secure mobile ecosystem continues to evolve and expand, the OMAPI Specification has the potential to play an ever greater role in defining how secure and trusted applications across many platforms, in addition to Android, can utilize the SE to offer enhanced security benefits.

“After very careful consideration, the SIMalliance Board has concluded that transferring the specification to GlobalPlatform is the best way to preserve the integrity of the OMAPI Specification and ensure it is optimized to expand future SE access across applications and devices. This decision has been made easier thanks to GlobalPlatform’s position as an active specifications development body, which will increase opportunities for the integration of OMAPI with other relevant technology, as well as the organization’s unwavering commitment to developing complementary specifications and certification programs.”

Gil Bernabeu, Technical Director of GlobalPlatform, adds: “GlobalPlatform is a long- standing advocate of the OMAPI Specification, which is already referenced in the organization’s compliance program. We stand alongside other influential industry bodies, such as GSMA and EMVCo, in recognizing the value of this cornerstone technology; we have already used it to develop value added specifications, which enable the control of communication between device applications and SE applications, and which also allow open communication between trusted applications and SEs.

“GlobalPlatform has agreed to take on the development of the OMAPI Specification from SIMalliance, to ensure that it can be expanded in the future to serve new use cases and environments. We are currently exploring the extension of OMAPI to allow web applications to benefit from access to SE applications within a device. This is especially relevant and timely considering the security challenges that the Internet of Things (IoT) looks set to deliver. On behalf of GlobalPlatform I’d like to offer my thanks to SIMalliance for its significant investment in developing the OMAPI Specification to date, and its contribution of this important technology to GlobalPlatform. I can assure all OMAPI stakeholders that GlobalPlatform welcomes this decision by SIMalliance and is committed to the long term development of the specification.”

The current version, OMAPI Specification v3.2 and the corresponding OMAPI Test Suite v2.2, are now available for download from both the SIMalliance and GlobalPlatform websites. The next release of the specification, v3.3, and all future extensions and test suite updates, will be made available for download from the Device Committee pages of the GlobalPlatform website. All archived specifications (v3.2 and earlier) will remain on the SIMalliance website, however any future releases (v3.3 and beyond) will be available on GlobalPlatform’s website.

SIMalliance is the global, non-profit industry association which simplifies aspects of hardware-based device security to drive the creation, deployment and management of secure mobile services. GlobalPlatform is the association which standardizes the management of applications on secure chip technology.

-Ends-

Note to Editors:

About GlobalPlatform
GlobalPlatform defines and develops specifications to facilitate the secure deployment and management of multiple embedded applications on secure chip technology. Its standardized infrastructure empowers service providers to develop services once and deploy across different markets, devices and channels. GlobalPlatform’s security and privacy parameters enable dynamic combinations of secure and non-secure services from multiple providers on the same device, providing a foundation for market convergence and innovative new cross-sector partnerships.

GlobalPlatform is the international industry standard for trusted end-to-end secure deployment and management solutions. The technology’s widespread global adoption across finance, mobile/telecom, government, healthcare, retail and transit sectors delivers cost and time-to-market efficiencies to all. GlobalPlatform supports the long- term interoperability and scalability of application deployment and management through its secure chip technology open compliance program.

As a non-profit, member-driven association, GlobalPlatform has cross-market representation from all continents. 120+ members contribute to technical committees and market-led task forces. For more information on GlobalPlatform membership visit www.globalplatform.org

Press contact: Erin Lovett, iseepr, + 44 (0) 113 350 1922, erin@iseepr.co.uk

About SIMalliance (Security, Identity, Mobility)
SIMalliance is the global, non-profit industry association which simplifies aspects of hardware-based device security to drive the creation, deployment and management of secure mobile services. The organisation promotes the essential role of a dedicated tamper resistant hardware module in delivering secure mobile applications and services across all devices that can access wireless networks. By identifying and addressing related technical issues, and both clarifying and recommending existing technical standards relevant to the implementation of hardware security, the SIMalliance aims to facilitate and accelerate delivery of secure mobile applications globally. SIMalliance members represent 88% of the global SIM card market. As such, the SIMalliance’s membership is responsible for delivering the most widely distributed secure application delivery platform in the world (UICC/SIM/USIM).

SIMalliance members are Card Centric Solutions, Eastcompeace, Gemalto, Giesecke & Devrient, Incard, Kona I, Oasis Smart SIM, Oberthur Technologies, Safran Identity & Security, VALID, Watchdata, Wuhan Tianyu and XH Smartcard (Zhuhai) Co. Ltd. SIMalliance Strategic Partners are Comprion, Linxens, Movenda and Simulity Labs. For more information visit www.simalliance.org

Press contact: David Amos, iseepr, +44 (0) 113 350 1922, david@iseepr.co.uk