Implementing GlobalPlatform ™ Standards to Ensure Smart Card Success
description
Transcript of Implementing GlobalPlatform ™ Standards to Ensure Smart Card Success
Implementing GlobalPlatform™ Standards
to Ensure Smart Card Success
Jim HarperDatacard Group
August 2002
Page 2
Topics• Smart Cards before Standards• Key Considerations for Issuing Multi-
application Smart Cards– Smart Card (Chip) Operating System– Smart Card Personalization Process– Smart Card Management System and Post
Issuance Personalization Process– Smart Card Terminals/Devices
• Implement GP Standards for Control, Reliability and Value
Page 3
The “Traditional” Smart Card Industry
Print & Laminate(Sheets)
Die Cut Mill
Embed Initialize Personalize
1234 5678 9012 3456Patty Doe – Exp 13/999
LOTSACREDIT
LOTSA CREDIT
LOTSA CREDIT
LOTSA CREDIT
LOTSA CREDIT
LOTSA CREDIT
LOTSA CREDIT
Deliver
1234 5678 9012 3456Patty Doe – Exp 13/999
Post Issuance Update
1234 5678 9012 3456Patty Doe – Exp 13/999
LOTSACREDIT
Silicon/Chip
Prop.“O/S” Prop. Apps
ProprietaryPersonalization
Application
Use
N E W
Standards-based O/S
Standards-based Personalization
Standards-based Card Management
Page 4
Before Standards• Single application, proprietary
smart cards (operating systems)– Lack of interoperability
• increased time to market•costs to change cards/applications
– Consumer: single use, no choice, lessening card value over time
– No cross-marketing or “pull” from other applications on card
– Proprietary “issuance” systems
Page 5
1. Smart Card (Chip) Operating System
2. Smart Card Personalization Process
3. Smart Card Management System Interface to “Bureau” Environments
4. Smart Card Terminals/Devices
Where Standards Matter
Page 6
VPN
Smart Card Management
System
Card Usage•ATMs• POSs•Home PCs•Kiosks•Mobile Devices
Where Standards Matter
Loading and Personalization
Process
Chip Data Generation
Process
Standards-based Data Generation and Card Personalization Process
(using GP Profiles and Scripts)
2
Personalization
System(s)
3Standards-based SCMS
to “Bureau” Interface
4
Standards-based Terminal to Terminal Application Interface
Delivered Card
Fully Automated Processes!
Smart cards to be used
Chip Applet(s)
Chip O/S“Standard” I/F
“Standard” Development
---
“Standard” Development
---
“Standard” Development
---
“Standard” Development
---1
Standards-based Chip Application to Chip Operating System Interface
2
Page 7
Key Consideration #1:Smart Card Operating System• Standard interface between chip operating
system and chip “applets”– “Write Once/Run Anywhere”
• Common approach to loading, deleting and changing applications on cards
• Standard security scheme • Allows for “standard” personalization and
post-issuance personalization processes to be used
Page 8
Key Consideration #2: Smart Card Personalization
Process• New “challenges”
– Data generation (“disintermediate”)– Data encryption– Key management– Application loading– Card personalization – Card life cycle management
• GlobalPlatform response…– A “script-driven” data generation and
personalization process – Simplifies the updating of single and
multi-application smart cards – Moves responsibility to application
developer
Page 9
• Standards-based interface between SCMS and existing issuance/bureau environments– Independent of personalization hardware
• Card activity must be tracked and managed with great precision
• You must have confidence that a card’s suite of applications and contents (data) can be re-created
• Simplify post-issuance personalization and re-issuance (using Profiles and Scripting)
• SCMS becomes a powerful marketing tool
Key Consideration #3: Smart Card Management System
Page 10
• Standards-based interface between a terminal and it’s applications
• Common approach to adding, deleting and changing applications on a terminal device/reader
• Well defined interface for terminal application development and testing
• Standards-based management interface
Key Consideration #4: Smart Card Terminals/Devices
Page 11
Control• GP standards enables issuers to
quickly capitalize on the power and promise of new technology
• GP standards allow issuers to maintain control of their suppliers and supplies
• Interoperability
Implement GlobalPlatform Standards for…
Page 12
Implement GlobalPlatform Standards for… Reliabilit
y• Standard interfaces and processes simplify development and testing
• High quality
• Vendors held accountable
• Datacard has a wide variety of GP-compliant systems in place today, from desktop to high volume central issuance and smart card management systems
Page 13
• GP systems can exchange data with other systems that use GP methods and specifications– Interoperability– Vendor and hardware
independence• Costs can be reduced, reuse is
higher, and testing can be handled in the same way (using GP scripts/profiles)
Implement GlobalPlatform Standards for… Value
Page 14
Datacard’s commitment to GlobalPlatform™
standards GlobalPlatform Board
SystemCommittee
MarketingCommittee
CardCommittee
Bill Reding
Stuart Miller
Bob Beer,Chairperson
Pete Thorsen
Christophe Biehlmann
Lorna Williamson
Chris Lomax
PlanningCommittee
Brendan Jones
Jerry Johnson,Datacard President & CEO
Page 15
• Development of new Profiles and Scripts– XML data with Java Script
• Interface Specifications– SCMS to Bureau Environment
• Card Specifications– Open Kernel (OCAPI)
Datacard’s contributions to GlobalPlatform efforts
Page 16
• Datacard solutions personalize more than 90% of the worlds financial cards (7MM every day, 2.5B annually)
• Datacard has nearly 1000 high volume personalization systems installed worldwide
• Experts in “chip” consulting, EMV migration, and systems integration
• Only vendor with true production level Smart Card Management Systems in operation
• Watch for Datacard MAXSYS™ and Syntera – Coming Soon!
Datacard and Smart Cards
Page 17
PRO
DU
CTI
ON
ENVI
RO
NM
ENT
CA
RD
PLA
TFO
RM
ENVI
RO
NM
ENT
SOFT
WA
RE
AN
DSO
LUTI
ON
SEN
VIR
ON
MEN
T
MULTOS™
Shared CryptographicResources and
Certificate Authorities
Smart CardManagement System
(Affina™)
Smart Card Personalization Manager (SCPM™)
and P3™
Low VolumeIssuance 9000/7000/500
Proprietary
Maxsys
Datacard Smart Card MAP™ Architecture(Multi-application Architecture for Personalization)
GlobalPlatform™/Java™
Page 18
MULTOS™
Smart CardManagement System
(Affina™)
Shared CryptographicResources and
Certificate Authorities
Smart Card Personalization Manager (SCPM™)
and P3™
Low Volume Issuance 9000/7000/500
• Modular• Flexible• Scalable
Proprietary PR
OD
UC
TIO
NEN
VIR
ON
MEN
TC
AR
D P
LATF
OR
MEN
VIR
ON
MEN
TSO
FTW
AR
E A
ND
SOLU
TIO
NS
ENVI
RO
NM
ENT
Maxsys
• Full Range• Investment Protection• Future Proof
GlobalPlatform™/Java™• Standard• Open• Customizable
Datacard Smart Card MAP™ Architecture(Multi-application Architecture for Personalization)
Page 19
Summary• Choose your smart card solution partner
carefully– Your partner and solutions should “future
proof” your investments (i.e., flexible, scalable, extensible)
• Request GP standards in your:– Cards– Personalization Systems (Processes)– Smart Card Management System– Terminals
• Enjoy…– Control– Reliability– Value
Page 20
White Papers on www. datacard.com: “Implementing GlobalPlatform™
Standards to Ensure Smart Card Success”
“The Transition from Magnetic Stripe to EMV Chip (Smart) Cards”
“The Transition to Multi-application Smart Cards with Post Issuance Personalization Capabilities”
“Datacard MAP™ Smart Card Architecture”
For More Information…
Page 21
Brochures on www. datacard.com: Smart Card Issuance and Management Datacard Smart Card Solutions Datacard Smart Card Infrastructure Datacard Smart Card Personalization
Manager (SCPM) Datacard Desktop Smart Card Issuance
Solutions Datacard Smart Card Consulting
Services
For More Information…
Page 22
Presentation on www. datacard.com: “Datacard products which implement
GlobalPlatform™ methods”
For More Information…
Page 23
Thank You!
Jim HarperDirector, Smart Card Solutions Marketing
Datacard Groupjim_harper@ datacard.comOffice 952-988-1179Mobile (1) 612-229-1179
Page 25
Smart Card Personalizatio
n Manager
Store Issuance Data
Issue,Re-issueCards
Download new apps and update existing apps over the internet or other secure “channels”
Internetor VPN
How Datacard’s Smart Card Solutions Relate to Each Other
AffinaCard Life Cycle Management (Card Data Warehouse) Marketing
Call CenterCustomer Support
New Card Products
Aptura(Java/GP cards)
Several card delivery solutions are available from Datacard. Ask your sales rep. for more info.
Move perso apps to
production after fully tested
Move chip applets to
production after fully tested
Move cards to production after
fully tested
SCPM SDKSmart Card Loading and
Personalization Development and Test
Systems
Aptura ADKSmart Card Applet
Developers Kit
CSM/Synter
a
Data Filewith Chip Data
Test the loading and
personalization of the new chip
applets
•Home PCs•Kiosks•Mobile Handsets
Low Volume Smart Card Issuance
High Speed Smart Card Issuance
Central Smart Card Issuance
Gen 2E smart card module
Deliver
Generate Chip Data Process (Fully Automated
Operation)Card Data File
(from host)
P3
Page 26
450280/295150i
Embossing
SCPM*
9000 MAXSYS500 7000
X XXX XXGraphics Printing
XX XXLaser
Color Printing/Photo
XX
X
SCPM* X XXX XX
SCPM* - supports loading and personalization of Multos, Java, Open Platform, TIBC, VC, VSDC, M/Chip, Mondex, UKIS and other cards. Many proprietary single application smart cards also supported. SCPM also has an SDK for custom application development of industry-specific cards (e.g., for Transit, Health, Telecom, Government, other). Users can migrate from one Datacard hardware system above to another and the SCPM loading and personalization process and applications remain unchanged.
Cards Pgmmed Simult.
1 1431 71
DCL3000
X
Custom8
X
X100+
ID Works with SCPM*
P3 DesktopP3 Advance
P3 Server
Inkjet X
Dev.& Test
Dev.& Test
Aptura**
Aptura** - Datacard’s industry standard Java Card/GlobalPlatform Card - portable Java operating system.
Select Magna IC-IV
X XX
X XX1 11
Datacard Smart Card Personalization Systems
X
Mag Stripe XXX XX X XXX XX
Contactless SC
XXX X X X
Affina Card Life Cycle Management System
XX X
XX
X