MultiApp ID IAS ECC   In Production
 
The Gemalto Mutliapplication platform compliant with the European standard European Citizen Card (ECC)  
 

Sealys MultiApp ID IAS ECC, the best way to be compliant with the European Citizen Card (ECC) standard for Public sector applications 

Sealys MultiApp ID IAS ECC is the Gemalto implementation of the European standards for e-services, digital signature and travel applications for e-ID using contact and contactless modes (2 chips). 

The European Citizen Card standard has been published by the European Standard organisation (CEN) in June 2007 and is mainly composed of two main technology bricks: 

  • Identification Authentication Signature (IAS) for e-services and digital signature applications
  • ICAO EAC for travel applications.

Gemalto has designed the MultiApp ID IAS ECC to be fully compliant with these standards and to facilitate the product introduction for all e-ID applications in Europe such as: 

  • National e-ID (for e-Government & private e-Services)
  • National e-HC
  • National e-DL
  • National e-Resident Permit Card.

 MultiApp ID IAS ECC complies with the following international and European standards:

  • Java Card 2.2.1
  • Global Platform 2.1.1
  • ISO 7816 parts 1, 2, 3, 4, 5, 6, 8 & 9
  • ISO14443 type-A and type B
  • CEN TS 15480 part 1 and 2
  • E-SingK EN 14890 part 1 and 2
  • ICAO EAC V1.11
  • ICAO Doc 9303 Sixth Edition
  • ICAO Machine Readable Travel Document ? RF Protocol and Application Test Standard for e-Passport.

 

Key benefits of the MultiApp ID  

Full compliance with the European standards for e-ID applications

  • Allows full compatibility with existing e-passport infrastructure with the ICAO EAC application (enrolment, biometric data?s, verification infrastructure, and airport infrastructure)
  • Allows cross border server application compatibility thanks to the IAS application (standardized secure messaging and APDU)

Based on Global platform technology

  • Possibility to add any new applications by adding applets to meet various needs (EMV, OTP, Match on Card, MPCOS, 3rd party applet)
  • Available on all interfaces (contact, contactless, and dual) independently from the card body material
  • Comprehensive range of tools and services based on Gemalto?s proven Java Card experience: Support and training, development kit, middleware, card readers, CMS as well as personalisation and integration services.

Flexibility and Modularity

  • Open platform principle and interoperability allow separation of application development (Applet) from the platform.
  • Rapid time to market for introduction of new applications
  • Java Card technology enables also customer specific and 3rd party applets
  • Existing 3rd party applets can be loaded and thus generate cards compatible with those already in circulation.

Most Secure Platform on the Market

  • Full security on the entire card product
  • Certified OS
  • Selection of chips with strong security mechanisms
  • Card body with overt and covert security features
  • Highly secure production flow
  • Highest number of OS security evaluations in the industry
  • The industry leading security team of Gemalto:

  • 50  Ph.D. or security specialists (security & cryptography)

  • Over 150 security patents  

Strong Performance

  • Maximum software performance without any compromise on security, with the highly optimized MultiApp ID Virtual Machine 

Field Proven System to Secure Your Investment

  • Gemalto?s unrivalled experience in Java Card technology protects your investment, acknowledged by customers worldwide:
  • Widest range of references on Java-based National eID schemes
  • World s first Java Card based true multiapplication national eID scheme (Oman 2003)
  • Over 20 years of pioneering and leadership in Smart Cards.

 

MultiApp ID IAS ECC Technical Overview

General features 

  • JavaCard Virtual Machine, RTE and API compliant with JC2.2.

  • Card Management & API compliant with GP2.1.1

  • SCP01 and SCP02 supported with scripting capability of Amendment A

  • Cryptographic algorithms*: 3DES (ECB, CBC), RSA up to 2048bit , SHA-1, SHA-2, ECDSA and ECDH up to 383 bit

  • Delegated Management

  • Multiple Logical Channel (allow selection of multiple applets at the same time)

  • Contact Interface : T=0, T=1

  • Contactless Interface: ISO14443 type-A and type B (by default)

  • Communication mode ISO14443-4, T=CL supported, Mifare-1 emulation on part of memory

  • Available EEPROM for the contact chip (IAS ECC): 72K Bytes

  • Available EEPROM for the contactless chip (ICAO EAC) : 72K Bytes  

 

Pre-loaded applets in ROM

  • IAS ECC applet

  • One time password applet

  • Mifare emulation upon request

  • ICAO applet on a 2nd contactless chip (Hybrid) 

 

Security

MultiApp ID IAS ECC includes multiple hardware and software countermeasure against various public & non-public attacks as:

  • Side channel attacks (SPA, DPA, Timing attacks etc)

  • Invasive attacks

  • Advanced fault attacks.

 

The MultiApp ID IAS ECC platform is based on a Java Card platform which has been evaluated as:

  • FIPS 140

  • Common Criteria  EAL4+

 

Memory management

MultiApp ID advanced memory management supports the following features:

  • Applet deletion

  • Real Garbage collector (JC 2.2.1 specification) memory space can be real-time released to the platform after individual object deletion and made available to the applets. 

Card Body Ordering Options : 

  • PC

  • PET

  • PVC with banking attributes (Signature panel, Hologram etc)

  • Standard PVC.