2FA (Two-Factor Authentication)
All techniques used to strengthen typical Username/password login session (e.g. single factor authentication) by adding a second security challenge.
3FF (3rd Form Factor)
A very small SIM card, also known as micro-SIM, for use in small mobile device.
3G (Third Generation)
The broadband telecommunications systems that combine high speed voice, data and multimedia.
3GPP (3G Partnership Project)
A industry group that aims to produce specifications for a 3G system based on GSM Networks.
A Comprehensive, secure all-IP based mobile broadband solution to smartphones, tablets, laptop computers, wireless modems and other mobile devices.
Automatic Border Control
The use of an Automated gate in lieu of a one-to-one meeting between the Traveller and an Immigration Officer.
The objective of deploying Automatic Border Control is to automate the process for a large percentage of the Travellers' flow and to allow the Immigration Officers personnel to perform face-to-face control on identified targets.
Techniques and solutions to grant or deny access to a given user for a given digital service.
Consumers are very familiar with Username/Password as a basic access control technique for popular web services such as web mails or eMerchants web sites.
Security sensitive services such as Payment or eGov are often deploying more robust access control techniques, usually relying on Secure Elements, Smart Cards being one example.
A collection of data set so large and complex that they are difficult to process with traditional applications.
The term "big data" is commonly used to present new analytical applications leveraging on the power of very large amounts of data sets.
A typical example is CRM (Customer Relationship Management) whereby the analysis of large amounts of past data can provide tools to improve sales forecasts, stocks management, marketing trends and customer behaviors.
Data Analysis is foreseen as an opportunity to monetize such "big data" by improving business intelligence.
Human attributes that are unique to one given individual and can be digitalize to then be compared with a stored reference.
The use of biometrics data such as finger prints can be used for security services such as access control, data encryption or digital signature The challenge of Biometry is to enroll then securely store the reference data for each individual.
Smart Card solutions offer match-on-card applications, removing the need for an online verification via a central database.
A short range wireless technology that simplifies communication and synchronization between the internet, devices and other computers.
Bluetooth is commonly used for consumers electronics devices such as, for example, headsets for cell phones or MP3 players.
Bluetooth requires first the user to establish a pairing between two devices. Once this pairing is establish, a fast wireless data exchange between the two devices can happen.
Everything about the standard at:
Bot (Internet bot)
A type of computer program designed to do automated tasks.
The act of controlling Travellers identities and visas when entering a given country (Airports, Sea-ports or roads)
Common Access Card: a US Department of Defense smart card issued as standard physical and network identification for military and other personnel.
Learn more about the DoD Common Acces Card
CDMA (code Division Multiple Access)
A wireless communications technology that uses the spread spectrum communication to provide increased bandwidth.
Computing by using servers, storage and applications that are accessed via the internet.
Cloud Computing is the architecture of choice for popular applications such as Web Mail, Social Networks, collaborative applications such as Microsoft office 365 or Google Docs.
The promesses of Cloud Computing are no data losses, no backup needed, no software license updates needed. Applications are executed from a web browser or an apps. The application itself and the user data are hosted in a Data Center.
Cloud Computing is often seen as the alternative to client software where a license of a given software is installed and executed on the user's device.
A card that communicates by means of a radio frequency signal, eliminating the need for physical contact with a reader.
Contactless communications includes several technologies aiming at performing short range data transfer betwenn two communicating devices. Operational ranges can vary from 2cm to 10 to 15 meters.
Contactless Cards used for Payment or Transport use very short range technolgy. Such card's silicon chip are powered by the proximity of the reader to establish the contactless communication in a secure manner.
Customer Relationship Management
A set of tools and techniques using data to enhance sales forecast, supply strategy, pricing strategy and all aspects of products&services strategy.
CRM is foreseen has a key application of Big Data, where large amounts of past data can really enhance current and future business steering and decision making.
DDA (Dynamic Data Authentication)
Authentication technology that allows banks to approce transactions at the terminal in a highly secure way.
DI (Dual Interface)
A device that is both contact and contactless.
Dual-Interface cards, combining contact and contactless transactions are often used for EMV payment. There are also more an more payment + transport cards where a payment card is also used to access to a mass transit network.
Diagnostic and Monitoring Management objects. The Diagnostics and Monitoring (DiagMon) functions perform various Diagnostics and Monitoring activities on mobile phones.
DIAGMONMO defines as well a way to perform network monitoring (GSM, UMTS or LTE) byautomatically getting network status from the handset.
Humans can own one or several Digital Identiti(es) - also called avatars - to be used to access various deigital services
For secure services, Digital Identities must be issued by a Certificate Authority (CA) capable to establish a link between the actual user and his/her digital Identities.
There is no limit to how many Digital Identities any given user may have.
An electronic signature created using a public-key algorithm that can be used by the recipient to authenticate the identity of the sender.
Device Management: Management of mobile phone configuration, updates and other managed objects of mobile devices over the entire life-cycle as defined by
OMA DM. DM is also used generically to describe all methods and activities associated with mobile device management.
Device Management Solutions
DNS Cache poisoning
A technique that tricks a Domain Name Server (DNS server) into believing it has received authentic information when in reality it has not.
Any small piece of hardware that plugs into a computer.
Most popular form-factor are USB keys or Smart Cards that can get inserted into card readers
Innovative device using optical reader have also been launched onto the market.
Diffractive Optical Variable Image Device: a hologram, kinegram or other image used in secure printing of cards, documents etc.
Digital Video Broadcasting-Handheld: a technical specification for bringing broadcast services to handheld receivers.
EAC (Extended Access Control)
A mechanism enhancing the security of ePassports whereby only authorized inspection systems can read biometric data.
Accessing banking services via the internet
Buying and selling goods via the internet.
a pre-3G digital mobile phone technology allowing improved data transmission rates.
The use of digital technologies (often via the internet) to provide Government services. Second generation eGov 2.0 programs aim to increase efficiency, lower costs and reduce.
Personal identification using a variety of devices secured by microprocessors, biometrics and other means.
The industry standard for international debit/credit cards established by Europay, MasterCard and Visa.
Find out more about EMV
An "electronic" passport with high security printing, an inlay including an antenna and a microprocessor, and other security features.
More info on ePassport
A small portable device that contains "electronic money" and is generally used for low-value transactions.
A diverse family of computer networking technologies for local area networks (LANs).
Electronic systems for issuing, checking and paying for tickets predominantly for public transport.
More info on Transport
European Telecommunications Standards Institute: the EU organization in charge of defining European telecommunications standards.
FIPS 201 (Federal Information Processing Standard)
A US federal government standard that specifies Personal Identity Verification requirements for employees and contractors.
FOMA (Freedom of Mobile Multimedia Access)
The brand name for world's first W-CDMA 3G services offered by NTT DoCoMo, the Japanese operator.
Please refer to FUMO
Device Management Solutions
Firmware Update Management Object, is an Open Mobile Alliance specification for updating the firmware of mobile devices over the air.
FUMO allows mobile operators to update mobile devices across network infrastructure without requiring consumers or network engineers to initiate upgrades through direct contact.
It enables operators and device manufacturers to perform updates over-the-air ranging from the simple ones (e.g.:security patch) to the most complex (e.g.: important parts of the operating system).
Device Management Solutions
GSM (Global System for Mobile Communications)
A European standard for digital cellular phones that has now been widely adopted throughout the world.
GSMA (GSM Association)
The global association for Mobile phone operatorsFind out more about GSMA
Health Insurance Portability and Accountability Act: the US act that protects health insurance coverage for workers and their families when they change or lose their jobs
HSPD-12 (Homeland Security Presidential Directive 12)
Orders all US Federal Agencies to issue secure and reliable forms of identification to employees and contractors , with a recommendation in favor of smart card technology.
Identity and Access Management
ICAO (International Civil Aviation Organization)
The United Nations agency which standardizes machine-readable and biometric passports worldwide.
Using text on a mobile handset to communicate in real time
IP (Internet Protocol)
A protocol for communicating data accross a network; hence an IP address is a unique computer address using the IP standard.
International Organization for Standardization: an international body that produces the worldwide industrial and commercial "ISO" standards.
A network oriented programming language invented by Sun Microsystems and specificallt designed so that programs can be safely downloaded to remote devices.
Key (keystroke )logging
A means of capturing a user’s keystrokes on a computer keyboard, sometimes for malicious purposes.
L6S (Lean Six Sigma)
A methodology for eliminating defects and improving processes.
Lock And Wipe Management Object. It is an Open Mobile Alliance specification for locking handsets in case they are lost or stolen or for wiping the handsets’ memory. The handset wipe removes all personal data stored either on the handset memory or on the inserted memory card. As a result, the handset is then totally blank, without any chance to retrieve the data.
Device Management Solutions
LTE (Long Term Evolution)
The standard in advanced mobile network technology, often referred to as 4G.
Technology enabling communication between machinesfor applications such as smart meters, mobile health solutions, etc…
Malicious software designed to infiltrate or damage a computer system without the owner's consent.
An attack in which an outsider is able to read, insert and modify messages between two parties without either of them knowing.
Buying and selling goods and services using a mobile device connected to the internet.
MFS (Mobile Financial Services)
Banking services such as money transfer and payment, available via a mobile device.
Microprocessor (smart) card
A 'smart" card comprising a module embedded with a chip, a computer with its own processor, memory, operating system and application software.
A removable memory card that can also be modified by adding a microprocessor to become a Secure Element, using the SDIO protocol to communicate with the device.
Complementary information about MicroSD Card
MIM (Machine Identification Module)
The equivalent of a SIM with specific features such that it can be used in machines to enable authentificationMMS (Multimedia Messaging Service) a standard way of sending messages that include multimedia content (e.g. photographs) to and from mobile phones.
A standard way of sending messages that include multimedia content (e.g. photographs) to and from mobile phones.
MNO (Mobile Network Operator)
A company that provides services for Mobile devices subscribers.
Banking and payment services for unbanked users.
The unit formed of a chip and a contact plate.
Using a mobile handset to pay for goods and services.
NFC (Near-Field Communication):
A wireless technology that enables communication over short distances (e.g. 4cm), typically between a mobile device and a reader.
OATH (The Initiative for Open Authentication)
An industry coalition comprising Gemalto, Citrix, IBM, Verisign and others, that is creating open standards for strong authentication.
OMA (Open Mobile Alliance)
A body that develops open standards for the mobile phone industry.
Find out more about Open Mobile Alliance
Open Mobile Alliance – Client Provisioning. Standardized protocol to configure basic settings on a mobile phone, using SMS bearer.
Device Management Solutions
Open Mobile Alliance – Device Management. Standardized protocol to configure advanced services on mobile phones, using IP bearer.
Device Management Solutions
OS (Operating System)
Software that runs on computers and other smart devices and that manages the way they function.
OTA (Over The Air)
A method of distributing applications and new software updates which are already in use.
OTP (One Time Password)
A password that is valid for only one login session or transaction.
The process of recovering secret passwords from data in a computer system.
PDA (Personal Digital Assistant)
A mobile device that functions as a personal information manager, often with the ability to connect to the internet.
PDC Personal Digital Cellular
A2G mobile phone standard used in Japan and South Korea.
Sending fraudulent emails requesting someone’s personal and financial details.
PIN (A Personal Identification Number)
A secret code required to confirm a user's identity.
PKI (Public Key Infrastructure)
The software and/or hardware components necessary to enable the effective use of public key encryption technology. Public Key is a systel that uses two different keys (public and private) for encrypting and signing data.
Short to mid-range wireless communication technology typically used for low end services with no security needs (Tags).
RUIM (Public Key Infrastructure)
Xan identity module for standards other than GSM.
Software Component Management Object. It is an Open Mobile Alliance specification that allows a management authority to perform software management on a remote device, including installation, uninstallation, activation and deactivation of software components.
Device Management Solutions
SE (Secure Element)
A secure and personalised physical component added to a system to manage users rights and to host secure apps.
SE typically consist of a Silicon Chip, a secure Operating System, application software and a secure protocol to communicate to the device.
SE can be a removable device (such as UICC or µSD for mobile devices or MIM for M2M connected machines). SE can also be components inside the system.
SIM (Subscriber Identity Module)
A smart card for GSM systems.
SMS (Short Message Service)
A GSM service that sends and receives text messages to and from a mobile phone.
It refers to any authentication protocol that requires multiple factors to establish identity and privileges.
This contrasts with traditional password authentication which requires only one authentication factor such as knowledge of a password.
Common implementations of strong authentication use 'something you know' (a password) as one of the factors, and ‘something you have' (a physical device) and/or 'something you are' (a biometric such as a fingerprint) as the other factors.
TEE (Trusted Execution Environment)
A software and hardware dedicated environment embedded within the core device microprocessor to host and execute secure applications.
TEE consists of dedicated logic (hardware) within the device microprocessor with its own secure Operating System (software) and secure API to communicate with the Device rich-Operating system.
TEE acts like a vault within the microprocessor to ensure a secure provisioning and execution of security sensitive appliactions such as payment.
A TSM service is used to install software applications within the TEE environment, as well as performin activation:de-activation of services.
A computer (client) that depends primarily on a central server for processing activities. By contrast, a fat client does as much local processing as possible.
A program that contains or installs a malicious program.
TSM (Trusted Services Manager)
A third party enabling Mobile Operators, Mass Transit Operators, Banks and businesses to offer combined services seamlessly and securely.
UICC (Universal Integrated Circuit Card)
A high capacity smart card used in mobile terminals for GSM, UMTS/3G and now 4G/LTE networks.
UMTS (Universal Mobile Telecommunications System):
One of the 3G mobile telecommunications technologies which is also being developed into a 4G technology.
USB (Universal Serial Bus)
A standard input/output bus that supports very high transmission rates.
USIM (Universal Subscriber Identity Module)
A SIM with adbanced software that ensures continuity when migrating to 3G services.
VPN (Virtual Private Network)
A private network often used within a company or group of companies to communicate confidentially over a public network.
W-CDMA (Wideband Code Division Multiple Access)
A 3G technology for wireless systems based on CDMA technology.