New White Paper Highlights the Value of Standards-Based Technologies to Mobile ID Deployments
12 November 2015 - GlobalPlatform has published a free to download white paper, which highlights how standardized GlobalPlatform technologies support the implementation and deployment of mobile identity (ID) solutions, while meeting the advanced security requirements of a wide range of markets, including government-to-citizen, government-to-government, enterprise, eHealth, financial, commercial and consumer.
As the use of mobile devices for all kinds of transactions grows on a daily basis, the need for reliable and secure identification of devices and users is growing too, and as a result more and more mobile ID applications are being deployed. The white paper, entitled 'Mobile ID: Realization of Mobile Identity Solutions by GlobalPlatform Technologies', discusses the importance of mobile ID applications as a means of enabling authentication capabilities on mobile devices, alongside the essential role that the secure element (SE) and trusted execution environment (TEE) play in mobile ID architectures. The derivation and deployment of mobile ID across various applications is examined and the paper explains how credentials can be managed and implemented in a SE or in a TEE using GlobalPlatform Specifications.
With security an overarching concern for mobile ID deployments, the paper explores the value of certification schemes when providing assurance in relation to the security requirements of particular markets. It outlines how standard mobile ID applications and protocols like FIDO (online authentication), GSMA Mobile Connect (telecommunication sectors), RADIUS VPN (enterprise sectors), TLS (web authentication), PIV (U.S. government specifications), and eIDAS (EU regulation with respective ISO/IEC, ETSI and CEN standards) can be implemented on a TEE or SE, in order to securely store credentials, protect applications, or secure the mobile device user interface.
The paper concludes with a comparison of different implementation scenarios for mobile ID solutions based on the rich execution environment (REE), SE and TEE. This offers an insight into which platform(s) are the most suitable to meet the needs of specific markets and applications.
"Mobile ID service providers have to make many decisions when shaping a successful deployment. One of the most important is which combination of execution environments will best fulfil the needs of the application in regards to viability, security, deployment, and usability," says Kevin Gillick, Executive Director of GlobalPlatform.
"GlobalPlatform's standardized secure components, the TEE and SE, enable mobile ID applications to be implemented in a secure way and are essential to fulfill specific privacy and security requirements. GlobalPlatform technologies can also be used in combination with a REE, controlled by a Rich OS. Depending on the application, the single use or combination of these three elements can address the varying requirements of mobile ID schemes.
"With ongoing growth in mobile ID deployments and use cases, GlobalPlatform provides an established infrastructure for service providers which assures interoperability, consistency and enables implementation of end-to-end solutions in a secure and certified way. Through this paper, we aim to educate relevant stakeholders that standards-based technologies, such as those specified by GlobalPlatform, provide a solid foundation for the realization of further growth in the global mobile ID market."
The new GlobalPlatform white paper, which can be downloaded from the GlobalPlatform website, will be of interest to product managers and business analysts with its overview of market opportunities for mobile ID in various market sectors, as well as system integrators and developers with its explanation of how GlobalPlatform technologies can be used to implement mobile ID solutions.
To learn more about the SE, please read the SE Made Simple guide on the GlobalPlatform website.
For further media information, please contact Rob Peryer or David Amos at iseepr: email@example.com / firstname.lastname@example.org or on + 44 (0) 1943 468007
Keep up to date with the latest news from GlobalPlatform:
• Follow on Twitter: https://bit.ly/wOiHFp / /
• Join us on LinkedIn: https://linkd.in/xjxsN5
• Subscribe to GlobalPlatformTV: https://bit.ly/1BzvLoa
Notes to editors:
Secure element (SE) - A secure component which comprises autonomous, tamper-resistant hardware within which secure applications and their confidential cryptographic data (e.g. key management) are stored and executed.
Trusted execution environment (TEE) - A secure area of the main processor in a smart phone (or any connected device) that ensures sensitive data is stored, processed and protected in an isolated, trusted environment.
GlobalPlatform defines and develops specifications to facilitate the secure deployment and management of multiple embedded applications on secure chip technology. Its standardized infrastructure empowers service providers to develop services once and deploy across different markets, devices and channels.
GlobalPlatform's security and privacy parameters enable dynamic combinations of secure and non-secure services from multiple providers on the same device, providing a foundation for market convergence and innovative new cross-sector partnerships.
GlobalPlatform is the international industry standard for trusted end-to-end secure deployment and management solutions. The technology's widespread global adoption across finance, mobile/telecom, government, healthcare, retail and transit sectors delivers cost and time-to-market efficiencies to all. GlobalPlatform supports the long-term interoperability and scalability of application deployment and management through its secure chip technology open compliance program.
As a non-profit, member-driven association, GlobalPlatform has cross-market representation from all continents. 120+ members contribute to technical committees and market-led task forces. For more information on GlobalPlatform membership visit www.globalplatform.org