For inquiries about GlobalPlatform or website assistance, contact secretariat@globalplatform.org.

December 2020 Newsletter

Letter from GlobalPlatform’s Executive Director

As 2020 draws to a close, GlobalPlatform can look back on another successful year, despite challenging circumstances for all.

The eagle-eyed among you may already have noticed the new website structure and content, with dedicated information for some of our key stakeholder groups as well as keeping a focus on our standardized technology, committees, task  forces and key initiatives.

Last month also saw GlobalPlatform virtually host its annual Fall Meetings which once again served as a fantastic platform for discussions around the future of our organization and the work of our members.

2020 All Member Virtual Fall Meetings

As with the Spring Meetings in March, the GlobalPlatform All Member Fall Meetings went ahead virtually, with the All Member meeting on October 28, and Committee and Task Force meetings from November 16 – 20.

The meetings played host to interesting discussions around the current initiatives of GlobalPlatform and the work of our members.

It was fantastic to see so many attend and contribute as we drive forward GlobalPlatform’s common objectives.

We would like to thank all members who attended, and we look forward to hosting you once again in the new year for our Spring Meetings in March, which we hope will take place physically in Austin, Texas.

View the All Member Meeting recording

Thanks for attending SESIP webinar #2

On December 2, GlobalPlatform hosted its 2nd SESIP webinar, ‘Using SESIP to Simplify Security Evaluation and Build Trusted IoT Products.’ During the webinar, a panel of experts discussed the value that SESIP is bringing to device manufacturers throughout IoT in building certified, secure products.

We would like to offer thanks to contributors from Arm, Brightsight, ETSI, NXP, STMicroelectonics and TrustCB for their valuable contributions.

We would also like to thank partners, Eurosmart, IoT For All, RISC-V and Trusted Connectivity Alliance for their support of the workshop.

Watch the 1st SESIP webinar

BLOG: Trusted Platform Services

The latest blog in the GlobalPlatform insight series comes from Trusted Platform Services (TPS) Committee Chair, Jeremy O’Donoghue.

In it, Jeremy explains how TPS APIs enable device makers to build solutions that can establish trustworthy connections with networks to unlock the full value of connectivity.

Read the blog

IoTopia Task Force established

The IoTopia committee and IoT Task Force have now combined to form the new IoTopia Task Force to further GlobalPlatform’s work in supporting the secure deployment of IoT products and solutions.

The task force will be responsible for continuing the development of IoTopia, an industry wide, standards-based framework to securely manage connected IoT devices from inception to device end of life.

Learn more

DigiTimes discusses GlobalPlatform security impact

Following on from GlobalPlatform, and Winbond’s IoT Certification workshop in Taiwan earlier this year, DigiTimes has reported on how GlobalPlatform, as well as event partners Arm and Industrial Technology Research Institute (ITRI), is providing standardized technologies to offer a secure foundation for the development of connected solutions.

Read the article
Technical Documents

New Document Releases

This is a minor version release of the TMF ASN.1 Profile, incorporating additions and bug fixes such as:

  • Fetch object has been added to permit retrieval of public keys belonging to a SD.
  • Updated TA and Data for atomic update.
  • Moved definition of CryptoProcIDs to normative - moving section B.2 to 8.3.4.
Download

This defines the TEE Biometric System PP-Module, which extends the TEE Protection Profile. The scope of the module is the biometric verification system on which applications rely for the authentication of an end user and the confirmation of user acceptance.

Download

Specifications Under Review

This document is final draft of the MCU – Root of Trust (MCU-RoT) Protection Profile. Editorial content and naming has been aligned, wherever relevant, with the latest version of the TEE Protection Profile.

This has been made available to solicit public comments. Please provide your comments by Monday, 7 December 2020.

Download

The aim of this document is to define claims and how to assemble, encrypt and sign them for use in attestation.

This has been made available to solicit member comments. Please provide your comments by Monday, 21 December 2020.

Download

This defines a TPS Keystore API protocol for communicating with TPS keystore, which is a TPS service.

This has been made available to solicit member comments. Please provide your comments by Monday, 21 December 2020.

Download

This specification defines the TPS Client API which connects TPS Clients, for example TPS Applications or other services, with another TPS Service. It provides a C language interface used to discover, open a session, communicate and close a session with a TPS Service.

This has been made available to solicit member comments. Please provide your comments by Monday, 21 December 2020.

Download

This document specifies a new Secure Channel Protocol (SCP70) to enable the exchange of messages between a device and a server to ensure integrity and confidentiality and considering constraints of low range power transport layers.

This has been made available to solicit member comments. Please provide your comments by Monday, 21 December 2020.

Download

This document is the final draft of the Cryptography Recommendations for TEE Internal Mechanisms. The final changes were agreed upon during the TEE-MCU Security WG meeting on November 3, 2020.

This has been made available to solicit public comments. Please provide your comments by Monday, 28 December 2020.

Download

An update of the GlobalPlatform Card Specification Amendment F: Secure Channel Protocol 11 which contains an alignment with the recently published SCP03 on longer checksums plus other clarifications.

This has been made available to solicit member comments. Please provide your comments by Monday, 28 December 2020.

Download

This document describes requirements for a Biometric Payment Card (BPC), which is a smart card into which fingerprint biometrics have been integrated. It involves connecting a fingerprint sensor to the Secure Element (SE) on the card, either directly or with an MCU for processing of the sensor data as an intermediary.

This has been made available to solicit member comments. Please provide your comments by Sunday, 7 January 2021.

Download

This presentation offers a common view of the Security Levels alignment occurring in GlobalPlatform between the GlobalPlatform Schemes and SESIP, as well as to align these views with the Cyber Security Act.

This has been made available to solicit member comments. Please provide your comments by Thursday, 21 January 2021.

Download
Speaking Engagements

Next-Generation Cards Virtual Summit & Expo

Earlier this month Technical Director, Gil Bernabeu, delivered a presentation for APSCA’s virtual event, explaining how developers can use GlobalPlatform APIs to simplify and bring trust to biometric authentication in payments, including fingerprint recognition on contactless cards. The presentation recordings are available to conference delegates on the website.

Watch on-demand

RISC-V Summit

Gil Bernabeu will deliver a virtual presentation on how standardizing TEE architecture enables IoT use cases. Join Gil’s presentation ‘Standardizing the TEE with GlobalPlatform and RISC-V – The IoT Opportunity’ on  Tuesday, December 8 at 12:30 PST / 21:30 CET.

Register here

Embedded World VIRTUAL

Gil will join the speaker line-up at Embedded World Virtual 2021 to deliver two presentations: ‘Using SESIP to Simplify Security Evaluation and Build Trusted IoT Products’ and ‘Standardizing the TEE – The IoT Opportunity’. Further details will be announced shortly.

Stay tuned for further details
Membership Offers

For archived newsletters

GlobalPlatform
Hey There!

It seems you are using an outdated browser, unfortunately this means that our website will not render properly for you. Update your browser to view this website correctly.

GOOGLE CHROME
FIREFOX
MICROSOFT EDGE