Implementing GlobalPlatform ™ Standards to Ensure Smart Card Success Jim Harper Datacard Group August 2002
Mar 29, 2015
Implementing GlobalPlatform™ Standards
to Ensure Smart Card Success
Jim HarperDatacard Group
August 2002
Page 2
Topics• Smart Cards before Standards
• Key Considerations for Issuing Multi-application Smart Cards
– Smart Card (Chip) Operating System
– Smart Card Personalization Process
– Smart Card Management System and Post Issuance Personalization Process
– Smart Card Terminals/Devices
• Implement GP Standards for Control, Reliability and Value
Page 3
The “Traditional” Smart Card Industry
Print & Laminate(Sheets)
Die Cut Mill
Embed Initialize Personalize
1234 5678 9012 3456Patty Doe – Exp 13/999
LOTSACREDIT
LOTSA CREDIT
LOTSA CREDIT
LOTSA CREDIT
LOTSA CREDIT
LOTSA CREDIT
LOTSA CREDIT
Deliver
1234 5678 9012 3456Patty Doe – Exp 13/999
Post Issuance Update
1234 5678 9012 3456Patty Doe – Exp 13/999
LOTSACREDIT
Silicon/Chip
Prop.“O/S” Prop. Apps
ProprietaryPersonalization
Application
Use
N E W
Standards-based O/S
Standards-based Personalization
Standards-based Card Management
Page 4
Before Standards• Single application, proprietary
smart cards (operating systems)
– Lack of interoperability• increased time to market
•costs to change cards/applications
– Consumer: single use, no choice, lessening card value over time
– No cross-marketing or “pull” from other applications on card
– Proprietary “issuance” systems
Page 5
1. Smart Card (Chip) Operating System
2. Smart Card Personalization Process
3. Smart Card Management System Interface to “Bureau” Environments
4. Smart Card Terminals/Devices
Where Standards Matter
Page 6
VPN
Smart Card Management
System
Card Usage•ATMs• POSs•Home PCs•Kiosks•Mobile Devices
Where Standards Matter
Loading and Personalization
Process
Chip Data Generation
Process
Standards-based Data Generation and Card Personalization Process
(using GP Profiles and Scripts)
2
Personalization
System(s)
3
Standards-based SCMS to “Bureau” Interface
4
Standards-based Terminal to Terminal Application Interface
Delivered Card
Fully Automated Processes!
Smart cards to be used
Chip Applet(s)
Chip O/S
“Standard” I/F
“Standard” Development
---
“Standard” Development
--- “Standard”
Development
---
“Standard” Development
---
1
Standards-based Chip Application to Chip Operating System Interface
2
Page 7
Key Consideration #1:Smart Card Operating System• Standard interface between chip
operating system and chip “applets”
– “Write Once/Run Anywhere”
• Common approach to loading, deleting and changing applications on cards
• Standard security scheme
• Allows for “standard” personalization and post-issuance personalization processes to be used
Page 8
Key Consideration #2: Smart Card Personalization
Process• New “challenges”
– Data generation (“disintermediate”)– Data encryption– Key management– Application loading– Card personalization – Card life cycle management
• GlobalPlatform response…– A “script-driven” data generation and
personalization process – Simplifies the updating of single and
multi-application smart cards – Moves responsibility to application
developer
Page 9
• Standards-based interface between SCMS and existing issuance/bureau environments
– Independent of personalization hardware
• Card activity must be tracked and managed with great precision
• You must have confidence that a card’s suite of applications and contents (data) can be re-created
• Simplify post-issuance personalization and re-issuance (using Profiles and Scripting)
• SCMS becomes a powerful marketing tool
Key Consideration #3: Smart Card Management System
Page 10
• Standards-based interface between a terminal and it’s applications
• Common approach to adding, deleting and changing applications on a terminal device/reader
• Well defined interface for terminal application development and testing
• Standards-based management interface
Key Consideration #4: Smart Card Terminals/Devices
Page 11
Control• GP standards enables issuers to
quickly capitalize on the power and promise of new technology
• GP standards allow issuers to maintain control of their suppliers and supplies
• Interoperability
Implement GlobalPlatform Standards for…
Page 12
Implement GlobalPlatform Standards for… Reliabilit
y• Standard interfaces and processes simplify development and testing
• High quality
• Vendors held accountable
• Datacard has a wide variety of GP-compliant systems in place today, from desktop to high volume central issuance and smart card management systems
Page 13
• GP systems can exchange data with other systems that use GP methods and specifications
– Interoperability
– Vendor and hardware independence
• Costs can be reduced, reuse is higher, and testing can be handled in the same way (using GP scripts/profiles)
Implement GlobalPlatform Standards for… Value
Page 14
Datacard’s commitment to GlobalPlatform™
standards GlobalPlatform Board
SystemCommittee
MarketingCommittee
CardCommittee
Bill Reding
Stuart Miller
Bob Beer,Chairperson
Pete Thorsen
Christophe Biehlmann
Lorna Williamson
Chris Lomax
PlanningCommittee
Brendan Jones
Jerry Johnson,Datacard President & CEO
Page 15
• Development of new Profiles and Scripts
– XML data with Java Script
• Interface Specifications
– SCMS to Bureau Environment
• Card Specifications
– Open Kernel (OCAPI)
Datacard’s contributions to GlobalPlatform efforts
Page 16
• Datacard solutions personalize more than 90% of the worlds financial cards (7MM every day, 2.5B annually)
• Datacard has nearly 1000 high volume personalization systems installed worldwide
• Experts in “chip” consulting, EMV migration, and systems integration
• Only vendor with true production level Smart Card Management Systems in operation
• Watch for Datacard MAXSYS™ and Syntera – Coming Soon!
Datacard and Smart Cards
Page 17
PR
OD
UC
TIO
NE
NV
IRO
NM
EN
TC
AR
D P
LA
TF
OR
ME
NV
IRO
NM
EN
T
SO
FT
WA
RE
AN
DS
OL
UT
ION
SE
NV
IRO
NM
EN
T
MULTOS™
Shared CryptographicResources and
Certificate Authorities
Smart CardManagement System
(Affina™)
Smart Card Personalization Manager (SCPM™)
and P3™
Low VolumeIssuance
9000/7000/500
Proprietary
Maxsys
Datacard Smart Card MAP™ Architecture(Multi-application Architecture for Personalization)
GlobalPlatform™/Java™
Page 18
MULTOS™
Smart CardManagement System
(Affina™)
Shared CryptographicResources and
Certificate Authorities
Smart Card Personalization Manager (SCPM™)
and P3™
Low Volume Issuance 9000/7000/500
• Modular• Flexible• Scalable
Proprietary P
RO
DU
CT
ION
EN
VIR
ON
ME
NT
CA
RD
PL
AT
FO
RM
EN
VIR
ON
ME
NT
SO
FT
WA
RE
AN
DS
OL
UT
ION
SE
NV
IRO
NM
EN
T
Maxsys
• Full Range• Investment Protection• Future Proof
GlobalPlatform™/Java™
• Standard• Open• Customizable
Datacard Smart Card MAP™ Architecture(Multi-application Architecture for Personalization)
Page 19
Summary• Choose your smart card solution partner
carefully– Your partner and solutions should
“future proof” your investments (i.e., flexible, scalable, extensible)
• Request GP standards in your:– Cards– Personalization Systems (Processes)– Smart Card Management System– Terminals
• Enjoy…– Control– Reliability– Value
Page 20
White Papers on www. datacard.com:
“Implementing GlobalPlatform™ Standards to Ensure Smart Card Success”
“The Transition from Magnetic Stripe to EMV Chip (Smart) Cards”
“The Transition to Multi-application Smart Cards with Post Issuance Personalization Capabilities”
“Datacard MAP™ Smart Card Architecture”
For More Information…
Page 21
Brochures on www. datacard.com:
Smart Card Issuance and Management
Datacard Smart Card Solutions
Datacard Smart Card Infrastructure
Datacard Smart Card Personalization Manager (SCPM)
Datacard Desktop Smart Card Issuance Solutions
Datacard Smart Card Consulting Services
For More Information…
Page 22
Presentation on www. datacard.com:
“Datacard products which implement GlobalPlatform™ methods”
For More Information…
Page 23
Thank You!
Jim HarperDirector, Smart Card Solutions Marketing
Datacard Group
jim_harper@ datacard.comOffice 952-988-1179Mobile (1) 612-229-1179
Page 24
Additional Slides
Page 25
Smart Card Personalizatio
n Manager
Store Issuance Data
Issue,Re-issueCards
Download new apps and update existing apps over the internet or other secure “channels”
Internetor VPN
How Datacard’s Smart Card Solutions Relate to Each Other
AffinaCard Life Cycle Management (Card Data Warehouse)
Marketing
Call CenterCustomer Support
New Card Products
Aptura(Java/GP cards)
Several card delivery solutions are available from Datacard. Ask your sales rep. for more info.
Move perso apps to
production after fully tested
Move chip applets to
production after fully tested
Move cards to production after
fully tested
SCPM SDKSmart Card Loading and
Personalization Development and Test
Systems
Aptura ADKSmart Card Applet
Developers Kit
CSM/Synter
a
Data Filewith Chip Data
Test the loading and
personalization of the new chip
applets
•Home PCs•Kiosks•Mobile Handsets
Low Volume Smart Card Issuance
High Speed Smart Card Issuance
Central Smart Card Issuance
Gen 2E smart card module
Deliver
Generate Chip Data Process (Fully Automated
Operation)Card Data File
(from host)
P3
Page 26
450280/295150i
Embossing
SCPM*
9000 MAXSYS500 7000
X XXX XX
Graphics Printing
XX XX
Laser
Color Printing/Photo
XX
X
SCPM* X XXX XX
SCPM* - supports loading and personalization of Multos, Java, Open Platform, TIBC, VC, VSDC, M/Chip, Mondex, UKIS and other cards. Many proprietary single application smart cards also supported. SCPM also has an SDK for custom application development of industry-specific cards (e.g., for Transit, Health, Telecom, Government, other). Users can migrate from one Datacard hardware system above to another and the SCPM loading and personalization process and applications remain unchanged.
Cards Pgmmed Simult.
1 1431 71
DCL3000
X
Custom
8
X
X
100+
ID Works with SCPM*
P3 DesktopP3 Advance
P3 Server
Inkjet X
Dev.& Test
Dev.& Test
Aptura**
Aptura** - Datacard’s industry standard Java Card/GlobalPlatform Card - portable Java operating system.
Select Magna IC-IV
X XX
X XX
1 11
Datacard Smart Card Personalization Systems
X
Mag Stripe XXX XX X XXX XX
Contactless SC
XXX X X X
Affina Card Life Cycle Management System
XX X
X
X
X