CIPURSE V2 Certification Program



Similar documents
Mobile MasterCard PayPass Testing and Approval Guide. December Version 2.0

Self Testing and Product Qualification Processes

AN1305. MIFARE Classic as NFC Type MIFARE Classic Tag. Application note COMPANY PUBLIC. Rev October Document information

M/Chip Mobile Secure Element Approval Guide. September Version 1.6

Data Integration using Integration Gateway. SAP Mobile Platform 3.0 SP02

StreamServe Persuasion SP5 Control Center

Nokia 9210i/9290 Communicators and PersonalJava TM Application Development

AN1304. NFC Type MIFARE Classic Tag Operation. Application note PUBLIC. Rev October Document information

Deploying the Workspace Application for Microsoft SharePoint Online

Siebel Application Deployment Manager Guide. Siebel Innovation Pack 2013 Version 8.1/8.2 September 2013

Chip Card & Security ICs Mifare NRG SLE 66R35

Amman Jordan Mob: Tel:

Intel Retail Client Manager Audience Analytics

IBM Security QRadar Version (MR1) Replacing the SSL Certificate Technical Note

HP Software-as-a-Service

Agile Business Suite (AB Suite)

CA Nimsoft Monitor. Probe Guide for Microsoft Exchange Server Response Monitoring. ews_response v1.1 series

Connector for CA Unicenter Asset Portfolio Management Product Guide - On Premise. Service Pack

INTEGRATION GUIDE. General Radius Config

An Overview of Oracle Forms Server Architecture. An Oracle Technical White Paper April 2000

KonyOne Server Prerequisites _ MS SQL Server

INTEGRATION GUIDE. DIGIPASS Authentication for Microsoft Exchange ActiveSync 2007

Getting Started Guide

Security & Chip Card ICs SLE 44R35S / Mifare

A Secure and Open Solution for Seamless Transit Systems

HTML Code Generator V 1.0 For Simatic IT Modules CP IT, IT, IT

Mail Programming Topics

Technical Certificates Overview

NFC Forum Certification Policy

Intel HTML5 Development Environment. Tutorial Building an Apple ios* Application Binary

Oracle Enterprise Manager

Upgrade Guide. CA Application Delivery Analysis 10.1

Sage 100 ERP. Installation and System Administrator s Guide

ETSI TS V7.1.0 ( ) Technical Specification

Sage HRMS 2014 Sage Employee Self Service Tech Installation Guide for Windows 2003, 2008, and October 2013

CA Nimsoft Service Desk

Implicit Sync. Professional Edition Users Guide

Getting Started with IntelleView POS Administrator Software

Installing on Windows

Cisco TelePresence VCR Converter 1.0(1.8)

EV Feature Briefing

MF1 IC S General description. Functional specification. 1.1 Contactless Energy and Data Transfer. 1.2 Anticollision. Energy

Intel Cloud Builder Guide: Cloud Design and Deployment on Intel Platforms

RSA Security Analytics Netflow Collection Configuration Guide

REPLACING THE SSL CERTIFICATE

SD Specifications Part 1 NFC (Near Field Communication) Interface Simplified Addendum

RSA Security Analytics Netflow Collection Configuration Guide

Oracle Enterprise Manager

Aras Innovator Internet Explorer Client Configuration

Symantec Enterprise Vault

Foglight. Dashboard Support Guide

PingFederate. Identity Menu Builder. User Guide. Version 1.0

docs.rackspace.com/api

Symantec NetBackup for DB2 Administrator's Guide

RSA envision Windows Eventing Collector Service Deployment Overview Guide

TIBCO BusinessConnect Trading Partner Administration. Software Release 6.0 November 2011

Noah 4 Mobile App Certification Test

Personal Token Software Installation Guide

OT PRODUCTS & SOLUTIONS TRANSPORT

CA Spectrum and CA Service Desk

Business Portal for Microsoft Dynamics GP Field Service Suite

Chytré karty opět o rok dál...

U.S. FDA Title 21 CFR Part 11 Compliance Assessment of SAP Records Management

RSA SecurID Software Token Security Best Practices Guide

SOFTWARE TAG IMPLEMENTATION IN ADOBE PRODUCTS TECH NOTE

TCO Certified Notebooks Application Process Desktops, All-in-One PCs & Tablets

Oracle FLEXCUBE Direct Banking Android Tab Client Installation Guide Release

Abstract. Overview. Features and Benefits T P P A P P N O T E

EMC Data Domain Management Center

Spam Manager. Quarantine Administrator Guide

vsphere Upgrade Update 1 ESXi 6.0 vcenter Server 6.0 EN

BC450 ABAP Performance: Analysis and Optimization

Oracle Enterprise Manager

Tutorial: BlackBerry Object API Application Development. Sybase Unwired Platform 2.2 SP04

Standardizing contactless communication between ticketing equipment and fare media Transport Ticketing 2014

BrightStor ARCserve Backup for Linux

Oracle Utilities Integration for Device Operations

SETTING UP ACTIVE DIRECTORY (AD) ON WINDOWS 2008 FOR EROOM

Admin Quick Start Guide

Defender Delegated Administration. User Guide

NFC Tag Type 5 Specification

Intel Active Management Technology with System Defense Feature Quick Start Guide

User Guide. DocAve Lotus Notes Migrator for Microsoft Exchange 1.1. Using the DocAve Notes Migrator for Exchange to Perform a Basic Migration

SSL Configuration on Weblogic Oracle FLEXCUBE Universal Banking Release [August] [2014]

ETSI TS V9.2.0 ( ) Technical Specification. Smart Cards; Remote APDU structure for UICC based applications (Release 9)

BlackShield ID MP Token Guide. for Java Enabled Phones

CA Desktop Migration Manager

Infineon Chip Card & Security Security for the connected world

IBM Security QRadar Version (MR1) Checking the Integrity of Event and Flow Logs Technical Note

BrightStor ARCserve Backup for Windows

SOFTWARE LICENSE LIMITED WARRANTY

BROADSOFT PARTNER CONFIGURATION GUIDE VEGASTREAM VEGA 100

Tivoli Endpoint Manager for Security and Compliance Analytics

Dell Command Integration Suite for System Center Version 4.1. Installation Guide


MODULE 7 REFERENCE TO ACCREDITATION AND ADVERTISING

Installing and Configuring DB2 10, WebSphere Application Server v8 & Maximo Asset Management

Wireless Router Setup Manual

Adeptia Suite LDAP Integration Guide

Transcription:

www.osptalliance.org

Legal This document is copyright 2014 by the OSPT Alliance. 1. You may, without charge, copy (for internal purposes only) and share this document with your members, employees, and consultants (as appropriate). You may not modify or create derivative works of this document for external distribution. 2. The information given in this document shall in no event be regarded as a guarantee of conditions or characteristics. With respect to any examples or hints given herein, any typical values stated herein and/or any information regarding the application of the device, OSPT Alliance hereby disclaims any and all warranties and liabilities of any kind, including without limitation, warranties of non-infringement of intellectual property rights of any third party. 3. CIPURSE, OSPT and the OSPT logo are registered trademarks of the OSPT Alliance in Germany and other territories. OSPT Alliance Prinzregenten str. 159 D-81677 Munich Germany Revision History Version Date Major changes since previous revision 1.0 14 Feb. 2014 Initial Revision. www.osptalliance.org 2

Table of Contents Legal... 2 Revision History... 2 1 Introduction... 5 1.1 Purpose... 5 1.2 Audience... 5 1.3 Terminology... 5 2 Certification Process Description... 6 2.1 Definition of a CIPURSE -Certified product... 6 2.2 Card Certification... 7 2.3 Conformance Testing... 7 2.4 Prerequisite for Testing... 8 3 Details of Card Certification Process... 8 3.1 Part A: Registration and Configuration Assessment... 10 3.2 Part B: Conformance Test Session... 10 3.3 Part C: Conformance Test Report and CIPURSE Certificate... 11 3.4 Part D: Deployment... 11 4 Certification Conditions... 12 4.1 Test Laboratory and Location... 12 4.2 Pricing and Support... 12 4.3 CIPURSE Certificate Duration Validity... 12 4.4 CIPURSE Specification Change Management... 12 5 Appendix... 13 5.1 Product Registration Form... 13 5.2 PICC Implementation Conformance Statement... 14 5.3 CIPURSE -Certified Logo... 16 www.osptalliance.org 3

List of Figures Figure 2-2: CIPURSE V2 Certification Overview... 7 Figure 3-1: CIPURSE V2 Product Certification Process... 9 Figure 5-1: CIPURSE -Certified Color Version... 16 Figure 5-2: CIPURSE -Certified Black & White Version... 16 Figure 5-3 : CIPURSE -Certified Logos Minimum Dimensions... 16 www.osptalliance.org 4

1 Introduction 1.1 Purpose This document describes the process defined by the OSPT Alliance to control the compliance of a product with the CIPURSE V2 card specifications. It defines the set of requirements and certification rules applicable to obtain a CIPURSE Certificate and maintain a product as a CIPURSE -Certified product. It covers the following topics: Prerequisites Laboratory organization Conformance Testing Registration forms Implementation Conformance Statement It also describes the relationship between the different participants (Test Laboratory / Certification Authority / CIPURSE product vendor) during the certification process. 1.2 Audience This document is intended for: OSPT Alliance members who want to obtain a CIPURSE Certificate Test Laboratories that are selected by the OSPT Alliance to perform conformance testing. 1.3 Terminology AID DUT IC ICS JCRE NDA PICC PRF SCP Application Identifier Device Under test Integrated Circuit Implementation Conformance Statement JavaCard Run-time Environment Non-Disclosure Agreement Proximity Integrated Circuit Card Product Registration Form Secure Channel Protocol www.osptalliance.org 5

2 Certification Process Description 2.1 Definition of a CIPURSE -Certified product A CIPURSE product shall conform to a CIPURSE specification. A CIPURSE product can be called CIPURSE -Certified if the following requirements are met: A Conformance Test Report is provided to the Certification Authority (OSPT Alliance) by the Test Laboratory, based on the test plan for CIPURSE specification(s) this product is conforming to. A CIPURSE Certificate is provided to the vendor by the OSPT Alliance based on the Conformance Test Report received from the Test Laboratory. A CIPURSE -Certified product can be either: A PICC implementing one or several CIPURSE Profiles and optionally the CIPURSE V2 Crypto Server API, A PICC implementing the CIPURSE V2 Crypto Server API. www.osptalliance.org 6

2.2 Card Certification The Card Certification of a CIPURSE V2 implementation is the main part of the global Certification Program managed by the OSPT Alliance, applicable to a CIPURSE product as defined in section 2.1. A Card Certification is processed in four parts. Each of them is managed by a separate entity. Figure 2-1: CIPURSE V2 Certification Overview Part A is managed by the Vendor. After contacting the Laboratory for product registration, the Vendor is responsible for preparing its product and documentation. See details in section 3.1. Part B is managed by the Laboratory, which is responsible for conducting the test plan, according to its ISO/IEC 17025 accreditation. At the end, the Test Laboratory prepares the Conformance Test Report. See details in section 3.2. Part C is managed by the OSPT Alliance. Based on the Test Laboratory Conformance Test Report, the OSPT Alliance issues the CIPURSE Certificate. See details in section 3.3. Part D is managed by the Vendor who deploys, maintains and guarantees a product that is in conformance with the certified product. See details in section 3.4. 2.3 Conformance Testing The purpose of conformance testing is to determine if the Device Under Test (DUT) conforms to the requirements of the CIPURSE specification. Today, the conformance testing requires provisioning of samples with ISO/IEC 14443 contactless interface (such as a smart card, key fob, a tag or an NFC card emulation handset). Both RF Type A and Type B interfaces are supported. Additionally to the conformance testing some test scripts are issued on the DUT to provide some indications related to the performance of the DUT. Currently OSPT Alliance does not define minimum performance requirement, the results of the performance tests are provided for information only. www.osptalliance.org 7

2.4 Prerequisite for Testing Before initiating any CIPURSE Certification, the Vendor must fulfill the following prerequisites: Be registered as Full OSPT Alliance Member. Details are available in the Members section of the OSPT Alliance web site (www.osptalliance.org). Ensure that the Device Under Test (DUT) is compatible with the ISO/IEC Standard 14443 - Part 2:2010, Part 3:2011 and Part 4:2008. Submit the samples in a form which is suitable for running the conformance test. 3 Details of Card Certification Process The flowchart in the Figure 3-1 on next page illustrates the interactions between the Vendor, the Test Laboratory and the Certification Authority (OSPT Alliance) during the certification process. www.osptalliance.org 8

Vendor Test Laboratory OSPT Alliance Provide Product Registration Form to Test Laboratory Product Registration Form (PRF) A Product Registration Number Implementation Conformance Statement (ICS) - Analyze PRF - Provide Product Registration Number and ICS to Vendor - Prepare DUT - Complete ICS PICC Sample Cards Provide Samples Cards and ICS to Test Laboratory PICC Implementation Conformance Statement Setup Conformance Tests B Perform Conformance Tests Write Conformance Test Report Conformance Test Report Deliver Conformance Test Report to Vendor C Indicate to Test Laboratory if Conformance Test Report can be submitted to OSPT No Submit? Yes Deliver Conformance Test Report to OSPT Conformance Test Report Analyse and decision Cancellation No Approve? Yes D CIPURSE Certificate CIPURSE -Certified Logo Can apply CIPURSE -Certified logo CIPURSE Certificate Archive CIPURSE Certificate and samples End Provide CIPURSE Certificate to Vendor and CIPURSE -Certified logo Provide CIPURSE Certificate to Test Laboratory Publish CIPURSE Certificate on www.osptalliance.org Figure 3-1: CIPURSE V2 Product Certification Process www.osptalliance.org 9

3.1 Part A: Registration and Configuration Assessment The Vendor product registration is the entry point to the CIPURSE certification. The Vendor must complete the Product Registration Form described in Appendix 5.1 and provide it to the Test Laboratory. The Test Laboratory analyzes the document and provides the Vendor with: The Product Registration Number (PRN), which uniquely identifies the certification session for the Vendor s CIPURSE product. The Implementation Conformance Statement (ICS). Number of samples required. NDA (Allowing disclosure of the Conformance Test Report to the OSPT Alliance). The Vendor must provide the Test Laboratory with the Samples Cards and the completed ICS. ICS details are given in annex 5.2 for informative purpose. Only the details of the ICS provided by the Test Laboratory are applicable for a CIPURSE certification. 3.2 Part B: Conformance Test Session The CIPURSE V2 Conformance Test Session is done as a single shot, which means that the samples are clearly identified and the tests performed only once. The Vendor does not participate in the test session. The session proceeds as follows: The Test Laboratory analyzes the Implementation Conformance Statement to configure the Test Suite. The Test Laboratory executes all the test cases in accordance with its ISO/IEC 17025 management system. At the end of testing, the Test Laboratory prepares the Conformance Test Reports for the Vendor. www.osptalliance.org 10

3.3 Part C: Conformance Test Report and CIPURSE Certificate After performing the Conformance Test, the Test Laboratory provides the Vendor with the Conformance Test Report. The Vendor then decides on one of the following options and informs the Laboratory: a. Submission to the OSPT Alliance of the Conformance Test Report. b. Restarting the certification with appropriate corrections. This is managed by the Test Laboratory and the Vendor with (at least) a new Product Registration Number for new DUTs and a new ICS document. c. Stop the certification. In this case, the Test Laboratory does not provide the Conformance Test Report to the OSPT Alliance. Once the OSPT Alliance receives the Conformance Test Report (option a): The OSPT Alliance reviews the Conformance Test Report. If the Conformance Test Report does not show any issue, OSPT Alliance issues the CIPURSE Certificate to the Vendor and informs the Test Laboratory. Otherwise the OSPT Alliance reviews the Conformance Test Report in details and decides of any further steps. 3.4 Part D: Deployment After issuing the CIPURSE Certificate to the Vendor, the OSPT Alliance publishes the information about the CIPURSE -Certified product and the CIPURSE Certificate on its web site at www.osptalliance.org. The Test Laboratory receives a copy of the CIPURSE Certificate and archives the DUTs (a vendor may ask to the Test Laboratory to return the samples to the vendor in case of mobile phone form factor for example). The Vendor can apply the CIPURSE -Certified logo to its products and/or use the CIPURSE -Certified logo in its commercial documentation mentioning its product. The Vendor shall use the referenced CIPURSE - Certified logo as defined in Appendix 5.3. CIPURSE Certificate is applicable to all CIPURSE products that are built exactly the same way as the DUT. www.osptalliance.org 11

4 Certification Conditions 4.1 Test Laboratory and Location The list of the Test Laboratories selected by the OSPT Alliance and the corresponding contact details are available under the OSPT Alliance web site (www.osptalliance.org). 4.2 Pricing and Support Pricing and conditions are fixed by the OSPT Alliance and are available under the OSPT Alliance web site (www.osptalliance.org) or by contacting the Test Laboratory. The Test Laboratory may offer additional services (debugging test session or software licenses for Test Suite ) that can help the vendor before entering into certification. 4.3 CIPURSE Certificate Duration Validity A CIPURSE Certificate does not have an expiration date but a vendor can ask to be delisted from the OSPT Alliance official list on the OSPT Alliance website. 4.4 CIPURSE Specification Change Management The OSPT Alliance reserves the right to update the CIPURSE specification and the related test plan at any time. A CIPURSE Certificate always includes references which allow the identification of the CIPURSE specifications and related test plan. www.osptalliance.org 12

5 Appendix 5.1 Product Registration Form Certification Session Identification Product Registration Number:* (Assigned by the Test Laboratory based on the OSPT Alliance member ID) Vendor Description Vendor Name:* OSPT Alliance member since: Product Description Commercial Product Name:* Product Version:* CIPURSE Profile(s) to be certified:* Select none, one or multiple checkbox(s). Shall CIPURSE Server Crypto API be certified on the JavaCard platform?* Profile L Profile S Profile T Yes No Information in fields marked with an asterisk (*) will be used on the public OSPT Alliance web site and the certificate. www.osptalliance.org 13

5.2 PICC Implementation Conformance Statement The Implementation Conformance Statement (ICS) is provided by the Test Laboratory (see chapter 3.1). The ICS details below are provided for informative purpose only. Vendor Information Vendor Name Technical Contact Name Address Phone Fax Mail Product Information Product Registration Number (From the Product Registration Form) Commercial Product Name (From the Product Registration Form) Product Version (From the Product Registration Form) PICC Sample General Information RF Protocol For JavaCard product, referenced JCRE platform Type A Type B Global Platform Version: JavaCard Version: Sample identification Visual PICC Sample Identification Serial Numbers for each sample (byte 8-23 of EF.ID_INFO) (Not applicable on Java Card products when only the CIPURSE Crypto Server API are certified) # 1: # 2:. # n: PICC Additional Information Device supports selection of ADFs using the File Identifier? CLA byte value(s) supported by the Device Indicate class in hexadecimal (example: <61h>) Indicate a range of classes with - (example: <64h-6Ah>) Separate each class or range with, (example: <61h,64h-6Ah,6F> Which type of administrative interface does the CIPURSE V2 device supports Does this product contain any installed applications? If yes, provide the AID(s) of each application Yes NO <CLA Byte values> File System Oriented application Java Card application Yes No www.osptalliance.org 14

For GlobalPlatform based Application only: Card Manager AID Value ISD Secure Channel Key(s) values ISD Secure Channel Key Version / Key ID values <Card Manager AID> <Kenc, Kmac, Kdek Values> <key version number> <key identifier> Supported Secure Channel Mode & Option SCP01 Option 05 SCP02 Option 05 SCP02 Option 15 Package AID value to be used for CIPURSE application installation Application Class(es) AID value to be used for CIPURSE application installation Details of Application should be indicated. <CIPURSE Applet Package AID> I.e: <CIPURSE Application Class AID> for CIPURSE Profile L For CIPURSE Profile L product only: In order to facilitate the execution of the test session with CIPURSE Profile L, it is useful to be able to restore the card to a blank state before executing the next test. If the card can be erased between individual tests, please provide a detailed sequence of command to achieve this result. CIPURSE Profile L product can be erased CIPURSE Profile L product cannot be erased www.osptalliance.org 15

5.3 CIPURSE -Certified Logo The following logos can be used by Vendors having a CIPURSE -Certified product referenced on www.osptalliance.org. Figure 5-1: CIPURSE -Certified Color Version Figure 5-2: CIPURSE -Certified Black & White Version These logos can be printed on the CIPURSE -Certified products and/or used in the Vendor documentations. For these purposes, OSPT Alliance provides the vendor with both high quality logo files with the CIPURSE certificate delivery email. When printed on a product, the OSPT Alliance recommends maintaining the following minimum dimensions of the CIPURSE -Certified logos (Figure 5-1 and Figure 5-2): Figure 5-3 : CIPURSE -Certified Logos Minimum Dimensions Note that the ratio between height and width is ~ 1: 2,2. www.osptalliance.org 16

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information