Mobile ID: Realization of Mobile Identity Solutions by GlobalPlatform Technologies
This white paper primarily discusses how credentials can be managed and implemented in an SE or in a TEE using GlobalPlatform Specifications. The paper examines the management of these credentials by remote credential management systems which use the GlobalPlatform Messaging Specifications for Trusted Service Management. Futhermore, it outlines how standard Mobile ID applications and protocols like FIDO, GSMA Mobile Connect, VPN, TLS, PIV, and eIDAS can be implemented on a TEE/TUI or SE, in order to securely store credentials, protect applications, or secure the user interface. Finally, this paper discusses Mobile ID architecture and implementation scenarios for combinations of the Rich Execution Environment (REE), the SE, or the TEE as platforms for the Mobile ID applications.