IDENTITY DOCUMENTS TRUST AND SECURITY IN A DIGITAL WORLD
|
|
- Bernice Adams
- 7 years ago
- Views:
Transcription
1 GOVERNMENT IDENTITY DOCUMENTS TRUST AND SECURITY IN A DIGITAL WORLD
2 Identity solutions by Trüb In today s mobile and networked society the need for secure and versatile travel and identification documents is continuously increasing. And with the availability of new standards and technology the concept of identity protection is permanently evolving and advancing. Trüb is responding to these ever increasing public and political expectations for trustworthy identity products with smartcards that match the latest public and private sector requirements. Premium quality Polycarbonate is the state of the art material for durable and fraud-resistant identity documents with high quality personalization features and security elements. Excellence in production Trüb develops and builds polycarbonate cards with adherence to the most stringent standards for over 20 years. As a leading supplier with reference projects worldwide and long-time broad experience, Trüb is excellently PREMIUM QUALITY IN POLYCARBONATE positioned to fulfill even most demanding requirements of ambitious customers. Electronic identity Trüb s scope of supply addresses a wide spectrum of customer needs. Be it a traditional national ID card without chip, an e-id with chip and biometric data for cross-border travel, or a PKI smartcard aligned to the demands of a digital society for online and e-government services. More than just cards In addition to manufacturing premium quality products, Trüb also supports customers in defining the identity document best suited to the needs of their administration, citizens and economy. Therefore Trüb can offer identity document solutions covering consultancy, card design services, client-specific Java Card software development, turnkey solutions for personalization centers and project management. Product portfolio National ID cards with or without chip Biometric Residence Permits Crew Member Certificates Civil servant ID cards PKI cards for Identification, Authentication and digital Signature Complete ID card technology portfolio: chip-less, contactbased, contactless, dual interface and hybrid (with both a contactless and contact-based chip) Wired antenna for superior performance Service portfolio Security concept design Secure logistics concepts Project consulting Artwork services Application development services Prototyping Personalization setup and services 2 IDENTITY DOCUMENTS
3 Biometric security Identity cards are not only personalized and hard to manipulate identity proving documents. Equipped with a secure microcontroller the functionality and security is further enhanced. Biometric and other Multi-functionality An increasing number of identification documents - like Identity Cards (e-id), Biometric Residence Permits or Crew Member Certificates - incorporate a chip for additional security. MULTI-PURPOSE IDENTITY CARDS card holder data stored in the chip is inseparably tied to the personalized data on the card body. At the same time unauthorized usage is prevented by implementing secure communication protocols. With the customized chip, operating system and applications such an electronically enabled identity document can be used for many additional purposes. Applications by Trüb Trüb offers an adaptable PKI application and partners also with leading independent software companies specialized in smartcard applications. ID card in polycarbonate PKI for e-government solutions Digital signature Citizen data management Biometric authentification Match on card ICAO travel document and European Citizen Card functionality e-travel documents E-ID APPLICATION PORTFOLIO Public Key Infrastructure Trüb application services ICAO applications Data structure and applications for machine-readable travel documents with Passive and Active Authentication (PA/AA), Basic (BAC), Enhanced (EAC) and Supplemental (SAC) Access Control EU specific e-passport & e-id applications Biometric data with advanced access control Biometric applications Match on card (MINEX II-compliant, ISO/IEC ) Trüb tru/sign TM PKI applet Customizable application for strong authentication & qualified digital signature (based on PKCS#15) Other IAS applets Off-the shelf application for Identification, Authentication ans Signature Trüb CDA Citizen Data Management Application Secure, role-based access to customer specific data stored on chip (based on ISO/IEC file structure and ISO/ IEC commands) Support for native and JavaCard operating systems Choice of various approved and certified hardware and software platforms Solutions and applications tailored to customer needs Project specific certification Development of customer specific middleware Delivery of secure smartcard readers Secure logistics concepts Personalization setup and services IDENTITY DOCUMENTS 3
4 embedded transparent DOVID (Kinegram, DID ) security background with guilloche and rainbow printing tru/window LOCK laser ablation feature Tactile surface elements tactile laser engraving Dynaprint MLI / CLI OVI Optically Variable Ink tru / vision serial number microlettering positive and negative in rainbow printing IR and UV printing LFI Latent Filter Image COMMITTED TO STRONG FRAUD-RESISTANCE Optical security features Security printing features such as micro lettering, guilloche and rainbow printing OVI Optically Variable Ink Diffractive Optically Variable Image Devices (DOVID) - embedded metallized or transparent hologram or Kinegram LFI Latent Filter Image optically variable image with integrated filter Dynaprint - optically variable images in combination with MLI /CLI tru/window ANIMATION - transparent window with optically moving element tru/vision - color image visible under 365 nm UV IR and UV printing Tactile micro lettering and other surface elements Personalization features Tamper-resistant, high quality true grayscale laser engraving Tactile laser engraving MLI / CLI based on lenticular structures PhotoLock - integrated photo security element ImagePerf - laser perforated secondary image IPI TM Invisible Personalized Information tru/window LOCK transparent window with inversely personalized ghost image on metal foil Electronic security features Choice of certified high security chips Chip modules embedded tightly into the card body Support of ICAO and EU security protocols and regulations Mechanical features Long lifespan due to high integrity of fused polycarbonate card layers Superb resistance to mechanical, chemical and thermal stress Encapsulated electronics for contactless cards Certified card body with test reports from international accredited testing institutions Company certification Produced in Switzerland by Gemalto AG, a certified high security printing company 4 IDENTITY DOCUMENTS
5 INNOVATION IN SECURITY tru/window TM unrivaled document protection Trüb s window technology tru/window both enhances document strength against illegal alterations and provides visually attractive security elements. tru/window is a transparent area within the multilayer polycarbonate card body. Such a window element is a strong counter measure against grinding attacks on the card body itself, therefore safeguarding the integrity of the card and protecting against forgery. Furthermore, polycarbonate documents which include tru/window security elements benefit from an enhanced defense against counterfeit attacks such as copying or reproduction. tru/window LOCK a new dimension in photo protection This patented security feature effectively prevents manipulation of the card holder portrait after issuance. This is accomplished by a secondary portrait image personalized into a metallic foil integrated into the transparent tru/window area inside the polycarbonate card body. In fact, tru/window LOCK implements a negative personalization process where lightcolored image information is selectively removed from the metallic foil by laser ablation, leaving transparent areas. The result is a positive halftone ghost image visible in high resolution under transmitted light. Due to the negative personalization process it is not possible to add any additional dark image information to the secondary image. Hence, the tru/window LOCK security feature prevents a concurrent manipulation of both the primary and secondary card holder portrait. tru/window ANIMATION striking visual effects This first line security element both is visually appealing and allows for a distinct individual design. The optically variable security feature is based on Moiré technology and requires sophisticated algorithms and printing technology. Dynamic image transitions, linear and circular movements, objects shifting in different directions or flashing and pulsating effects all can be realized. To observe these stunning effects it s enough to tilt the card. It s therefore easy to judge whether the card is genuine without needing special equipment or dedicated knowledge. tru/vision TM brilliant true-color UV images This security and design feature implements images invisible under normal daylight that turn into brilliant true-color images with excellent color reproduction under ultraviolet light. Customer specific true-color UV images can be integrated into the document design, offering a distinct visual appearance with high recognition value and enhanced document security. The high resolution images comprise UV fluorescent inks with advanced color separation and halftone printing. Compared to standard UV security printing, tru/vision technology provides enhanced protection against duplication and reproduction. Resistance towards document counterfeits is significantly increased due to the complexity of the underlying image processing algorithms. The true-color images can be observed by naked eye under 365nm UV exposure. Thus tru/vision is an attractive and distinct security feature allowing easy verification of document authenticity. IDENTITY DOCUMENTS 5
6 tru/sign TM PKI security highlights Based on its extensive experience gained as card manufacturer of Switzerland s PKI card SuisseID and especially as supplier of the highly advanced e-id scheme in Estonia, Trüb offers its own Public Key Infrastructure solution. The centerpiece constitutes Trüb s tru/sign TM PKI application - a proven and reliable tool to gain fast but secure access to web based e-government and e-commerce services. Developed for the certified Java Card Open Platform, tru/sign connects the user in the most efficient but easy way to e-services in tightly secured IT-environments. tru/sign implements a future proof design since the applications and their settings can be configured according to specific customer requirements and allow for postissuance application download. PROVEN PKI SOLUTION 2-factor dentification e-voting digital company founding strong uthentification digital tax declaration municipal e-services qualified digital ignature IAS Functionality e-procurement others Web Applications Functionality SSL client/server authentication Digital signature VPN client support Secure client Authentication profile: two PIN one PUK Optional passphrase authentication PIN/PUK replacement procedure Post-issuance certification renewal Support for all current customary PC platforms and browsers: Microsoft, Mac, Linux Extendable with CDA (Citizen Data Management Application) Security Certified Java Card v chip-platform with Common Criteria EAL5+ security level Global Platform Specification v On-chip and external key generation Distinguished PKI use cases for authentication and digital signature Cryptographic performance: RSA and ECC, AES, SHA-2, Diffie-Hellman ECC key agreement Support of PIN pad reader for secure PIN entry Turnkey solution Including secure chip operating system and application on chip with integrated client software Ready to execute trusted web services Proof of concept for new e-id projects Consultancy for customer specific PKI-solution based on tru/sign TM Hands-on training by Estonian e-governance Academy System integration support for e-id program implementation Software development kit for application development by customer 6 IDENTITY DOCUMENTS
7 DIGITAL SIGNATURES IN ESTONIA At the forefront of leading edge PKI-solutions since 2001, Trüb provides one of the most advanced e-government schemes worldwide the e-id card of Estonia with Trüb PKI application tru/sign. Identity in a digital world The card - next to being used as «normal» identification card by more than 1.2 million citizens - comprises a chip with the PKI application tru/sign to provide electronic identification, authentication and digital signature. Cryptographic keys can be generated directly on chip and currently two pairs, each consisting of a private and public key bound to qualified digital certificates, are used on the Estonian e-id card: one for strong authentication and one for electronic signature. A multitude of services Today all citizen of Estonia can enjoy the benefits of this e-id platform that supports, just to mention a few, innovative e- services like e-voting - popular since 2007, or digital company register - which allows a card holder to establish a company online within 15 minutes. Other examples are digital tax declaration, e-procurement, e-banking and many other national and municipal e-government and private services. A complete system The Estonian e-id card with tru/sign TM PKI-application is part of the comprehensive Estonian public key infrastructure (PKI) allowing many e-services to be accessed securely by means of digital certificates, which are released and managed by one Certification Authority. This increases efficiency and reduces costs for administration. Today, citizens have access to more than 700 e-services in the public and private sector, all connected by the Estonian IT-system X- Road. This availability of manifold online services at any time makes the e-id card a very popular token for daily use for the better part of the population. Now available as Mobile ID, too, the Estonian e-id allows for an ever increasing number of options with more and more e-services many usable even internationally. High usage Evidence of the active use and the popularity of the Estonian e-id with tru/sign TM PKI solution is that more than 207 million digital signatures and 335 million electronic authentications have been processed since launch (Status 3/2015). Public sector - e-government Private sector - B2B / e-commerce database I database II database III database IV database V Security server Security server Security server Security server Security server Secure data transfer platform - Internet based on Estonian X-Road architecture Security server Security server Security server Security server State portal: Administrative center of the state information system tru/sign TM card & client software National register database Certification Authority Citizen view Enterpriser view Central monitoring Central servers Authority view Help desk IDENTITY DOCUMENTS 7
8 SPECIFICATIONS Dimensions ID-1: 54.0 mm x 85.6 mm Thickness: 0.8 mm typical Standards ISO/IEC 7810 (Physical characteristics of ID cards) ISO/IEC (ID cards test methods) ISO/IEC 7816 (ID cards chip with contacts) ISO/IEC (ID cards - contactless chip for proximity cards) ICAO 9303 (Machine Readable Travel Documents): Part 3 TR (Technical Guidelines on Advanced Security Mechanisms for Machine Readable Travel Documents): Parts 1 (BAC, EACv1), Part 2 (EACv2, PACE) and Part 3 Cryptography PKCS Public Key Cryptography Standards (#1:RSA; #5: Password-based Encryption; #11: Cryptoki; #13: Elliptic Curve; #15: cryptographic format) RFC 2631 (Diffie-Hellman) X.509v3 (Digital certificates) AES Advanced Encryption Standard Material Genuine polycarbonate Option: PCC Polycarbonate Color for color personalization Fused under heat and pressure, free of adhesives Real lifetime proven for 10 years Surface: matt or glossy All information provided in this document is subject to change without any prior notice. The information is provided in good faith and the publisher cannot be held liable for any discrepancies. No part of this document can be published without the authorization by Gemalto AG. Processing Layout: customer-specific artwork provided by Trüb Personalization: laser engraving modules from leading personalization suppliers supported Gemalto AG Hintere Bahnhofstrasse Aarau Switzerland Tel Fax info@trueb.ch Gemalto AG
Preventing fraud in epassports and eids
Preventing fraud in epassports and eids Security protocols for today and tomorrow by Markus Mösenbacher, NXP Machine-readable passports have been a reality since the 1980s, but it wasn't until after 2001,
More informationeid Security Frank Cornelis Architect eid fedict 2008. All rights reserved
eid Security Frank Cornelis Architect eid The eid Project > Provides Belgian Citizens with an electronic identity card. > Gives Belgian Citizens a device to claim their identity in the new digital age.
More informationDOCUMENT SECURITY ISSUES
DOCUMENT SECURITY ISSUES Part of a Series of Datacard Group White Papers for the Secure Document Issuer DESIGNING AN ID DOCUMENT FOR ENHANCED SECURITY Overview Governments today are being driven to increase
More informationFull page passport/document reader Regula model 70X4M
Full page passport/document reader Regula model 70X4M Full page passport reader with no moving parts inside. Automatic reading and authenticity verification of passports, IDs, visas, driver s licenses
More informationPosition Paper European Citizen Card: One Pillar of Interoperable eid Success
Position Paper European Citizen Card: One Pillar of Interoperable eid Success October 2008 Disclaimer Eurosmart takes reasonable measures to ensure the quality of the information contained in this document.
More informationCombatting Counterfeit Identities: The Power of Pairing Physical & Digital IDs
Combatting Counterfeit Identities: The Power of Pairing Physical & Digital IDs 1 GOVERNMENTS ADOPTING DIGITAL STRATEGIES Governments designing/operating digital ecosystems to create, transform and optimize
More informationIDENTIFICATION Morpho Driver s license Solution for governments and road traffic authorities
IDENTIFICATION Morpho Driver s license Solution for governments and road traffic authorities Morpho Driver s license Solution for governments and road traffic authorities Governments are looking for an
More informationCRESCENDO SERIES Smart Cards. Smart Card Solutions
CRESCENDO SERIES Smart Cards Smart Card Solutions Crescendo offers the lowest total cost of ownership (TCO) for a combined logical and physical access control solution. Crescendo smart cards allow me to
More informationSmart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi
Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi Purpose This paper is intended to describe the benefits of smart card implementation and it combination with Public
More informationBanking. Extending Value to Customers. KONA Banking product matrix. KONA@I is leading the next generation of payment solutions.
Smart IC Banking Banking Extending Value to Customers KONA Banking product matrix Contact - SDA Product EEPROM Java Card Type KONA Products KONA@I is leading the next generation of payment solutions Banks,
More informationImplementation of biometrics, issues to be solved
ICAO 9th Symposium and Exhibition on MRTDs, Biometrics and Border Security, 22-24 October 2013 Implementation of biometrics, issues to be solved Eugenijus Liubenka, Chairman of the Frontiers / False Documents
More informationIDENTITY SOLUTIONS END-TO-END SYSTEMS SOLUTIONS TO PROTECT IDENTITIES AND SECURE ACCESS FOR A MOBILITY WORLD
IDENTITY SOLUTIONS END-TO-END SYSTEMS SOLUTIONS TO PROTECT IDENTITIES AND SECURE ACCESS FOR A MOBILITY WORLD 8 BILLION IDENTITY DOCUMENTS IN CIRCULATION IN 2014 END-USER BENEFITS OT invents products and
More informationPrinting/Encoding and Engraving Solutions
Printing/Encoding and Engraving Solutions FARGO HDP8500LE Industrial Card Laser Engraver Engrave durability and confidence into ultra-high security credentials. Laser Engraving Technology in the FARGO
More informationConverged Smart Card for Identity Assurance Solutions. Crescendo Series Smart Cards
Converged Smart Card for Identity Assurance Solutions Crescendo Series Smart Cards Crescendo is the proven smart card solution for a combined logical and physical access control solution. Crescendo smart
More informationRF-Enabled Applications and Technology: Comparing and Contrasting RFID and RF-Enabled Smart Cards
RF-Enabled Applications and Technology: Comparing and Contrasting RFID and RF-Enabled Smart Cards January 2007 Developed by: Smart Card Alliance Identity Council RF-Enabled Applications and Technology:
More informationZEBRA CUSTOM LAMINATE QUOTE REQUEST FORM Custom Laminate Quick Reference Guide: Added Security to Meet Your Needs
ZEBRA CUSTOM LAMINATE QUOTE REQUEST FORM Custom Laminate Quick Reference Guide: Added Security to Meet Your Needs Zebra offers a range of high-security card solutions to meet customer needs for reliable,
More informationEntrust Smartcard & USB Authentication
Entrust Smartcard & USB Authentication Technical Specifications Entrust IdentityGuard smartcard- and USB-based devices allow organizations to leverage strong certificate-based authentication of user identities
More informationSmart Tiger STARCHIP SMART TIGER PAYMENT PRODUCT LINE. Payment. STiger SDA. STiger DDA. STiger DUAL
PAYMENT CATALOG Smart Tiger Payment STiger SDA Static or Java Card Modules offer for Contact SDA markets STARCHIP SMART TIGER PAYMENT PRODUCT LINE is a versatile compound of a Highly Secure Microcontroller,
More informationPrivyLink Cryptographic Key Server *
WHITE PAPER PrivyLink Cryptographic Key * Tamper Resistant Protection of Key Information Assets for Preserving and Delivering End-to-End Trust and Values in e-businesses September 2003 E-commerce technology
More informationMore Power and Performance With Each Printed Card
s tan d ar d ID SOlutions GUIDE More Power and Performance With Each Printed Card the importance of secure identity Today s society shares information at incredible speeds. A technologically advanced world
More informationeidas as blueprint for future eid projects cryptovision mindshare 2015 HJP Consulting Holger Funke
eidas as blueprint for future eid projects cryptovision mindshare 2015 HJP Consulting Holger Funke Agenda eidas Regulation TR-03110 V2.20 German ID card POSeIDAS Summary cryptovision mindshare 2015: eidas
More informationSecure egovernment Where convenience meets security. www.infineon.com/ccs
Secure egovernment Where convenience meets security www.infineon.com/ccs Gaining transparency Electronic ID documents replace and enhance conventional ID documents that governments have been issuing for
More informationGlobal eid Developments. Detlef Eckert Chief Security Advisor Microsoft Europe, Middle East, and Africa
Global eid Developments Detlef Eckert Chief Security Advisor Microsoft Europe, Middle East, and Africa Agenda Country View on eid initiatives Trustworthy Identity Scenarios Microsoft eid update Summary
More informationPRIME IDENTITY MANAGEMENT CORE
PRIME IDENTITY MANAGEMENT CORE For secure enrollment applications processing and workflow management. PRIME Identity Management Core provides the foundation for any biometric identification platform. It
More informationLandscape of eid in Europe in 2013
Landscape of eid in Europe in 2013 July 2013 Eurosmart White Paper Contents Executive Summary 3 1. Purpose of the document 3 2. EU regulation 3 3. EU Member States identification policies 4 3.1. National
More informationBest Solutions for Biometrics and eid
Best Solutions for Biometrics and eid In times of virtual communication even a person s identity is converted into an electronic form with the help of biometrics and then organised through intricate technical
More informationIntroducing etoken. What is etoken?
Introducing etoken Nirit Bear September 2002 What is etoken? Small & portable reader-less Smartcard Standard USB connectivity Logical and physical protection Tamper evident (vs. tamper proof) Water resistant
More informationEuropean Electronic Identity Practices Country Update of Portugal
European Electronic Identity Practices Country Update of Portugal Speaker: Anabela Pedroso anabela.pedroso@umic.pt Date: 3 November 2006 1. Status of National legislation on eid Are eid specific regulations
More informationEntrust Managed Services PKI. Getting started with digital certificates and Entrust Managed Services PKI. Document issue: 1.0
Entrust Managed Services PKI Getting started with digital certificates and Entrust Managed Services PKI Document issue: 1.0 Date of issue: May 2009 Copyright 2009 Entrust. All rights reserved. Entrust
More informationMoving to the third generation of electronic passports
Moving to the third generation of electronic passports A new dimension in electronic passport security with Supplemental Access Control (SAC) > WHITE PAPER 2 Gemalto in brief Gemalto is the world leader
More informationGemalto Mifare 1K Datasheet
Gemalto Mifare 1K Datasheet Contents 1. Overview...3 1.1 User convenience and speed...3 1.2 Security...3 1.3 Anticollision...3 2. Gemalto Mifare Features...4 2.1 Compatibility with norms...4 2.2 Electrical...4
More informationPayment and Identification Secure solutions
Payment and Identification Secure solutions ST at a glance STMicroelectronics is a global leader in the semiconductor market serving customers across the spectrum of sense & power, automotive and embedded
More informationContactless Smart Cards vs. EPC Gen 2 RFID Tags: Frequently Asked Questions. July, 2006. Developed by: Smart Card Alliance Identity Council
Contactless Smart Cards vs. EPC Gen 2 RFID Tags: Frequently Asked Questions July, 2006 Developed by: Smart Card Alliance Identity Council Contactless Smart Cards vs. EPC Gen 2 RFID Tags: Frequently Asked
More informationBest Practices for the Use of RF-Enabled Technology in Identity Management. January 2007. Developed by: Smart Card Alliance Identity Council
Best Practices for the Use of RF-Enabled Technology in Identity Management January 2007 Developed by: Smart Card Alliance Identity Council Best Practices for the Use of RF-Enabled Technology in Identity
More informationMicrosoft Identity Lifecycle Manager & Gemalto.NET Solutions. Jan 23 rd, 2007
Microsoft Identity Lifecycle Manager & Gemalto.NET Solutions Jan 23 rd, 2007 Microsoft ILM is a comprehensive, integrated, identity and access solution within the Microsoft system architecture. It includes
More informationWhite Paper PalmSecure truedentity
White Paper PalmSecure truedentity Fujitsu PalmSecure truedentity is used for mutual service and user authentication. The user's identity always remains in the possession of the user. A truedentity server
More informationCERTIFICATION PRACTICE STATEMENT UPDATE
CERTIFICATION PRACTICE STATEMENT UPDATE Reference: IZENPE-CPS UPDATE Version no: v 5.03 Date: 10th March 2015 IZENPE 2015 This document is the property of Izenpe. It may only be reproduced in its entirety.
More informationSmart Card Security How Can We Be So Sure?
Smart Card Security How Can We Be So Sure? Ernst Bovelander TNO Centre for Evaluation of Instrumentation and Security Techniques PO Box 5013 2600 GA Delft, The Netherlands bovenlander@tpd.tno.nl 1. Introduction
More informationChapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography
Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography What Is Steganography? Steganography Process of hiding the existence of the data within another file Example:
More informationE-Visas Verification Schemes Based on Public-Key Infrastructure and Identity Based Encryption
Journal of Computer Science 6 (7): 723-727, 2010 ISSN 1549-3636 2010 Science Publications E-Visas Verification Schemes Based on Public-Key Infrastructure and Identity Based Encryption Najlaa A. Abuadhmah,
More informationApplication Note Gemalto.NET 2.0 Smart Card Certificate Enrollment using Microsoft Certificate Services on Windows 2008
7 Application Note Gemalto.NET 2.0 Smart Card Certificate Enrollment using Microsoft Certificate Services on Windows 2008 All information herein is either public information or is the property of and owned
More informationNeutralus Certification Practices Statement
Neutralus Certification Practices Statement Version 2.8 April, 2013 INDEX INDEX...1 1.0 INTRODUCTION...3 1.1 Overview...3 1.2 Policy Identification...3 1.3 Community & Applicability...3 1.4 Contact Details...3
More informationOFFICE OF THE CONTROLLER OF CERTIFICATION AUTHORITIES TECHNICAL REQUIREMENTS FOR AUDIT OF CERTIFICATION AUTHORITIES
OFFICE OF THE CONTROLLER OF CERTIFICATION AUTHORITIES TECHNICAL REQUIREMENTS FOR AUDIT OF CERTIFICATION AUTHORITIES Table of contents 1.0 SOFTWARE 1 2.0 HARDWARE 2 3.0 TECHNICAL COMPONENTS 2 3.1 KEY MANAGEMENT
More informationMeasurement and Analysis Introduction of ISO7816 (Smart Card)
Measurement and Analysis Introduction of ISO7816 (Smart Card) ISO 7816 is an international standard related to electronic identification cards with contacts, especially smart cards, managed jointly by
More informationSmart Card Technology Capabilities
Smart Card Technology Capabilities Won J. Jun Giesecke & Devrient (G&D) July 8, 2003 Smart Card Technology Capabilities 1 Table of Contents Smart Card Basics Current Technology Requirements and Standards
More informationUsing Contactless Smart Cards for Secure Applications
Using Contactless Smart Cards for Secure Applications Classification: Public (Info Level 1) Document No.: LA-11-005d-en Edition: 2010 www.legic.com LEGIC Identsystems Ltd Binzackerstrasse 41, CH-8620 Wetzikon,
More informationResearch Article. Research of network payment system based on multi-factor authentication
Available online www.jocpr.com Journal of Chemical and Pharmaceutical Research, 2014, 6(7):437-441 Research Article ISSN : 0975-7384 CODEN(USA) : JCPRC5 Research of network payment system based on multi-factor
More informationSicherheitsaspekte des neuen deutschen Personalausweises
Sicherheitsaspekte des neuen deutschen Personalausweises Dennis Kügler Bundesamt für Sicherheit in der Informationstechnik egov Fokus 2/2013: Identity- und Access Management im E-Government Rethinking
More informationEmbedded Java & Secure Element for high security in IoT systems
Embedded Java & Secure Element for high security in IoT systems JavaOne - September 2014 Anne-Laure SIXOU - ST Thierry BOUSQUET - ST Frédéric VAUTE - Oracle Speakers 2 Anne-Laure SIXOU Smartgrid Product
More informationElectronic machine-readable travel documents (emrtds) The importance of digital certificates
Electronic machine-readable travel documents (emrtds) The importance of digital certificates Superior security Electronic machine-readable travel documents (emrtds) are well-known for their good security.
More informationKey & Data Storage on Mobile Devices
Key & Data Storage on Mobile Devices Advanced Computer Networks 2015/2016 Johannes Feichtner johannes.feichtner@iaik.tugraz.at Outline Why is this topic so delicate? Keys & Key Management High-Level Cryptography
More informationTrustKey Tool User Manual
TrustKey Tool User Manual 1 Table of Contents 1 Introduction... 5 2 TrustKey Product...6 2.1 TrustKey Tool... 6 2.2 TrustKey function modules...7 2.3 TrustKey using environment...7 3 TrustKey Tool Installation...
More informationPUF Physical Unclonable Functions
Physical Unclonable Functions Protecting next-generation Smart Card ICs with SRAM-based s The use of Smart Card ICs has become more widespread, having expanded from historical banking and telecommunication
More information1. Product Overview 2. Product Features 3. Comparison Chart 4. Product Applications 5. Order Information 6. Q & A
www.acs.com.hk 1. Product Overview 2. Product Features 3. Comparison Chart 4. Product Applications 5. Order Information 6. Q & A 2 3 ACOS5 Series (32KB EEPROM) Cryptographic Smart Card and Token Module
More informationVPN. Date: 4/15/2004 By: Heena Patel Email:hpatel4@stevens-tech.edu
VPN Date: 4/15/2004 By: Heena Patel Email:hpatel4@stevens-tech.edu What is VPN? A VPN (virtual private network) is a private data network that uses public telecommunicating infrastructure (Internet), maintaining
More informationNIST s FIPS 201: Personal Identity Verification (PIV) of Federal Employees and Contractors Masaryk University in Brno Faculty of Informatics
NIST s FIPS 201: Personal Identity Verification (PIV) of Federal Employees and Contractors Masaryk University in Brno Faculty of Informatics Jan Krhovják Outline Introduction and basics of PIV Minimum
More informationSecure Web Access Solution
Secure Web Access Solution I. CONTENTS II. INTRODUCTION... 2 OVERVIEW... 2 COPYRIGHTS AND TRADEMARKS... 2 III. E-CODE SECURE WEB ACCESS SOLUTION... 3 OVERVIEW... 3 PKI SECURE WEB ACCESS... 4 Description...
More informationM2M For industrial and automotive
M2M For industrial and automotive Content ST at a glance... 4 Where to find us... 5 The value chain... 5 Secure MCU... 6 Focus on ST33 secure microcontrollers... 6 M2M fields of application... 7 What is
More informationChapter 1: Introduction
Chapter 1 Introduction 1 Chapter 1: Introduction 1.1 Inspiration Cloud Computing Inspired by the cloud computing characteristics like pay per use, rapid elasticity, scalable, on demand self service, secure
More informationEnhancing Web Application Security
Enhancing Web Application Security Using Another Authentication Factor Karen Lu and Asad Ali Gemalto, Inc. Technology & Innovations Austin, TX, USA Overview Introduction Current Statet Smart Cards Two-Factor
More informationFighting product clones through digital signatures
Paul Curtis, Katrin Berkenkopf Embedded Experts Team, SEGGER Microcontroller Fighting product clones through digital signatures Product piracy and forgery are growing problems that not only decrease turnover
More informationAn Open Source eid Simulator Open Identity Summit 9th -11th September 2013
An Open Source eid Simulator Open Identity Summit 9th -11th September 2013 BSI Tobias Senger HJP Consulting Holger Funke Agenda Requirements of BSI Current state Simulator Virtual Smart Card Reader Community
More informationOECD workshop on digital identity management BELGIAN approach
OECD workshop on digital identity management BELGIAN approach FEDICT Frank LEYMAN Trondheim - 08/05/2007 Information security in Belgium > Government disposes of data: Identification data, fiscal data,
More informationThe security features which are not visible on a photocopy
The security features which are not visible on a photocopy ID SHIELD does not authenticate an Identity document on the base of a photocopy but on the base of the original documents. This behaviour has
More informationX-Road. egovernment interoperability framework
X-Road egovernment interoperability framework Serving e-nation over 10 years Backbone of the Estonian egovernment 12 years of active duty, no downtime Over 2000 connected e-services More than 900 connected
More informationCardOS API V3.2. Standard cryptographic interface for using applications with CardOS smart cards
API V3.2 API is an integration software for the use of smart cards and security tokens in a variety of applications and heterogeneous operating system environments. API is compatible with international
More informationIDENTITY ANYONE CAN TRUST
IDENTITY ANYONE CAN TRUST TRUST SERVICE PROVIDER SINCE 2002 SK provides full e-authentication and digital signature solutions for even the most demanding private and public services. We work on a level
More informationI N F O R M A T I O N S E C U R I T Y
NIST Special Publication 800-78-3 DRAFT Cryptographic Algorithms and Key Sizes for Personal Identity Verification W. Timothy Polk Donna F. Dodson William E. Burr Hildegard Ferraiolo David Cooper I N F
More informationTechnical Description. DigitalSign 3.1. State of the art legally valid electronic signature. The best, most secure and complete software for
Technical Description DigitalSign 3.1 State of the art legally valid electronic signature The best, most secure and complete software for Adding digital signatures to any document, in conformance with
More informationSecure Data Exchange Solution
Secure Data Exchange Solution I. CONTENTS I. CONTENTS... 1 II. INTRODUCTION... 2 OVERVIEW... 2 COPYRIGHTS AND TRADEMARKS... 2 III. SECURE DOCUMENT EXCHANGE SOLUTIONS... 3 INTRODUCTION... 3 Certificates
More informationPublic-Key Infrastructure
Public-Key Infrastructure Technology and Concepts Abstract This paper is intended to help explain general PKI technology and concepts. For the sake of orientation, it also touches on policies and standards
More informationInformation Technology Policy
Information Technology Policy Identity Protection and Access Management (IPAM) Architectural Standard Identity Management Services ITP Number ITP-SEC013 Category Recommended Policy Contact RA-ITCentral@pa.gov
More informationI N F O R M A T I O N S E C U R I T Y
NIST Special Publication 800-78-2 DRAFT Cryptographic Algorithms and Key Sizes for Personal Identity Verification W. Timothy Polk Donna F. Dodson William. E. Burr I N F O R M A T I O N S E C U R I T Y
More informationSavitribai Phule Pune University
Savitribai Phule Pune University Centre for Information and Network Security Course: Introduction to Cyber Security / Information Security Module : Pre-requisites in Information and Network Security Chapter
More informationDigital Certificates (Public Key Infrastructure) Reshma Afshar Indiana State University
Digital Certificates (Public Key Infrastructure) Reshma Afshar Indiana State University October 2015 1 List of Figures Contents 1 Introduction 1 2 History 2 3 Public Key Infrastructure (PKI) 3 3.1 Certificate
More informationECC Certificate Addendum to the Comodo EV Certification Practice Statement v.1.03
ECC Certificate Addendum to the Comodo EV Certification Practice Statement v.1.03 Comodo CA, Ltd. ECC Certificate Addendum to Comodo EV CPS v. 1.03 6 March 2008 3rd Floor, Office Village, Exchange Quay,
More informationEuropean Electronic Identity Practices
European Electronic Identity Practices Country Update of Austria Speaker: Herbert Leitold Date: 9 Nov 2004 PART I: Overview Table of contents Overview of Citizen Card initiatives and its status (Summary
More informationDigital Signatures and Interoperability
Setting Processes for Electronic Signature Dr. Joachim Schiff On behalf of the SPES Consortium Workgroup City of Saarbruecken IKS Nell-Breuning-Allee 1 D-66115 Saarbruecken Germany Tel. 0049 681 905 5000
More informationWhite Paper. Enhancing Website Security with Algorithm Agility
ENHANCING WEBSITE SECURITY WITH ALGORITHM AGILITY White Paper Enhancing Website Security with Algorithm Agility Enhancing Website Security with Algorithm Agility Contents Introduction 3 Encryption Today
More informationCertification Report
Certification Report EAL 4+ Evaluation of Entrust Authority Security Manager and Security Manager Administration v8.1 SP1 Issued by: Communications Security Establishment Canada Certification Body Canadian
More informationmcard CPK Supported Solutions
mcard CPK Supported Solutions Century Longmai White Paper All rights reserved Contents 1. MTOKEN CPK CARD INTRODUCTION... 2 PRODUCT INTRODUCTION... 2 Product appearance... 3 Hardware parameters... 4 2.
More informationTHE LEADING EDGE OF BORDER SECURITY
THE LEADING EDGE OF BORDER SECURITY RECORD-BREAKING TRAVEL CREATING NEW CHALLENGES TIM KLABUNDE Entrust Datacard; Director, Government Vertical Marketing THE ERA OF THE MOBILE IDENTITY In an increasingly
More informationRFID Security. April 10, 2006. Martin Dam Pedersen Department of Mathematics and Computer Science University Of Southern Denmark
April 10, 2006 Martin Dam Pedersen Department of Mathematics and Computer Science University Of Southern Denmark 1 Outline What is RFID RFID usage Security threats Threat examples Protection Schemes for
More informationGoldKey Product Info. Do not leave your Information Assets at risk Read On... Detailed Product Catalogue for GoldKey
GoldKey Product Info Detailed Product Catalogue for GoldKey Do not leave your Information Assets at risk Read On... GoldKey: Reinventing the Security Strategy The Changing Landscape of Data Security With
More informationMEng, BSc Computer Science with Artificial Intelligence
School of Computing FACULTY OF ENGINEERING MEng, BSc Computer Science with Artificial Intelligence Year 1 COMP1212 Computer Processor Effective programming depends on understanding not only how to give
More informationMulti-Factor Authentication Protecting Applications and Critical Data against Unauthorized Access
Multi-Factor Authentication Protecting Applications and Critical Data against Unauthorized Access CONTENTS What is Authentication? Implementing Multi-Factor Authentication Token and Smart Card Technologies
More informationEMV-TT. Now available on Android. White Paper by
EMV-TT A virtualised payment system with the following benefits: MNO and TSM independence Full EMV terminal and backend compliance Scheme agnostic (MasterCard and VISA supported) Supports transactions
More informationW.A.R.N. Passive Biometric ID Card Solution
W.A.R.N. Passive Biometric ID Card Solution Updated November, 2007 Biometric technology has advanced so quickly in the last decade that questions and facts about its cost, use, and accuracy are often confused
More informationVASCO Consulting Services
VASCO Consulting Services OVERVIEW OF ALL VASCO CONSULTING SERVICES 1. VASCO Consulting Services BEFORE your implementation S trong authentication for e-banking: overview and best practices Two-factor
More informationORDINANCE ON THE ELECTRONIC SIGNATURE CERTIFICATES IN THE. Chapter One GENERAL PROVISIONS
ADMINISTRATIONS Effective as of 13 June 2008 Adopted by Decree of the Council of Ministers No 97 of 16 May 2008 Promulgated SG, No. 48 of 23 May 2008 Chapter One GENERAL PROVISIONS Article 1. This Ordinance
More informationLongmai Mobile PKI Solution
Longmai Mobile PKI Solution A quick Solution to External and Internal fraud in Insurance Industry Putting the client at the center of modernization Contents 1. INTRODUCTION... 3 1.1 Challenges... 3 1.2
More informationSecurity and Security Certificates for OpenADR systems. Background. Content:
Security and Security Certificates for OpenADR systems Content: Background... 1 Setup for OpenADR... 2 Test-, Evaluation-, and Production Certificates... 3 Responsibilities... 3 Certificate Requesting
More informationSmart Card Certificate Authentication with VMware View 4.5 and Above WHITE PAPER
Smart Card Certificate Authentication with VMware View 4.5 and Above WHITE PAPER Table of Contents.... About This Paper.... 3 Introduction... 3 Smart Card Overview.... 3 Getting Started... 4 Authenticating
More informationCertification Practice Statement
Certification Practice Statement Revision R1 2013-01-09 1 Copyright Printed: January 9, 2013 This work is the intellectual property of Salzburger Banken Software. Reproduction and distribution require
More informationISO/IEC 24727 for secure mobile web applications
ISO/IEC 24727 for secure mobile web applications Jan Eichholz 1 Detlef Houdeau 2 Detlef Hühnlein 3 Manuel Bach 4 1 Giesecke & Devrient GmbH, jan.eichholz@gi-de.com 2 Infineon Technologies AG, detlef.houdeau@infineon.com
More informationComplying with PCI Data Security
Complying with PCI Data Security Solution BRIEF Retailers, financial institutions, data processors, and any other vendors that manage credit card holder data today must adhere to strict policies for ensuring
More informationImplementing high-level Counterfeit Security using RFID and PKI
Implementing high-level using RFID and PKI Drugs as example products RFID SysTech 2007 June, 13 Andreas Wallstabe, Hartmut Pohl Technologies RFID, PKI Anti-ing Implementation, Review und Suspected damage:
More information7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?
7 Network Security 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework 7.4 Firewalls 7.5 Absolute Security? 7.1 Introduction Security of Communications data transport e.g. risk
More informationEXPLORING SMARTCARDS: AN INDEPENDENT LOOK TO TECHNOLOGIES AND MARKET
EXPLORING SMARTCARDS: AN INDEPENDENT LOOK TO TECHNOLOGIES AND MARKET Giuseppe Gippa Paternò gpaterno@gpaterno.com June 2008 WHO AM I Experienced architect Linux, Networking and Security Focused on Telcos
More informationFor more information, please refer to our Check Armor FAQ: https://www.blackbaud.com/files/pdf/blackbaud forms/checkarmorfaq.pdf
Check fraud is one of the largest challenges facing nonprofits and financial institutions today. With the advancement of computer technology, it is increasingly easy for criminals to manipulate checks
More information