Standardization – the field in which Béatrice Peirani has specialized for most of her 18 years at Gemalto – may sound rather dull, but it is absolutely critical in digital security. Put simply, it is standardization that ensures that the SIM card in your mobile phone works in any device, wherever you are in the world. The same goes for bank cards, ePassports and so on.
As Béatrice explains, "a standard is the unique way to guarantee the interoperability of solutions and integrate new technologies". Because it requires her to work with a wide range of people inside Gemalto and across the entire digital ecosystem, her role requires a mixture of technical expertise, strategic skills and leadership ability.
These qualities have recently been acknowledged by two of the standardization bodies Béatrice works with. For the past two years she has chaired the GlobalPlatform Crypto Task Force, which advises on cryptographic algorithms, new trends and the the possible impact of new markets, and she has now been recognised in GlobalPlatform's Star Award program.
She is also very active in the FIDO Alliance. FIDO is short for Fast Identity Online, and the Security Working Group she leads is working on defining a new security certification methodology for mobile security software solutions. The FIDO Alliance has named her as the winner of its 2017 Outstanding Contributor Award.
In both cases, the awards came as a pleasant surprise to Béatrice. "It is very encouraging to receive such awards, because it shows that your work is recognized by your peers," she says. "It is not so frequent in our daily work that we receive encouragement like this, and it adds another dimension to the pleasure I get from doing my job."
She adds that winning awards like this helps to show that women can be successful in science and technology. "I have a daughter, and every day I try to persuade her that she can do what she wants in life without thinking about gender," she says. This is something she fervently believes in.
From academia to industry
Béatrice's interest in digital security began at the University of Provence in the south of France, where she studied mathematics and wrote her PhD thesis on 'Cryptography based on error-correcting codes and random generators'. At the beginning of her postgraduate studies, she was fully expecting to become a university professor, but when she finished, she was offered the chance to work in industry and decided to try it and see.
That first job was with Thomson-CSF (now Thales), working in the cypher laboratory developing cryptography for military products for the French Ministry of Defense. From there she moved to Brittany to work for CELAR (Centre Electronique de l'Armement – an agency of the French military). "It was a very exciting period when the center grew from few people to more than a hundred," she recalls. "I learned a lot, and I got my first view of big projects and how they are managed."
It was around the millennium that she was first offered a job by Gemplus (one of the companies that later became Gemalto). Having turned down a first approach, she accepted the second time, for a number of reasons.
"It was the right move at that time of my life," she explains. She had reached the limits of what she could achieve at CELAR (some roles being barred to her because she was not part of the military), and the idea of working on smart cards appealed to her as "something completely different and attractive – still about security, but with more visible and direct applications in real life." There was also a personal dimension; she had grown up and studied in the south of France and was keen to move closer to her friends and family.
Having started at Gemplus as a security architect, she moved to the standardization team when Gemalto was created in 2006. For nearly 10 years after that, her main focus was electronic signature – the creation of a digital equivalent to handwritten signatures, with the same legal value, that could be used across Europe. This finally came to fruition with the publication of the eIDAS Regulation by the European Union in 2014.
"It was very interesting," Béatrice recalls. "I worked with two different standard bodies, CEN (the European Committee for Standardization) and ETSI (the European Telecommunications Standards Institute), with people from different backgrounds, and then I made presentations and lobbied to the European Commission and was part of the expert teams developing the standards in this field."
After eIDAS she moved on to focus on FIDO, but "I never stopped looking at the evolution of cryptography, because it was my hobby". She launched an internal group in Gemalto, the CABOT, to share experiences, discuss issues and anticipate new trends in the field of cryptography, together with security experts and individual business units. "It's a good way to map state-of-the-art technology against our products," she says.
They are currently working on quantum-safe cryptography, looking at how cryptographic algorithms behave in a quantum computing environment. It's a key topic for the future of digital security, and another area where Béatrice is set to make a vital contribution.