Identity, Security, Payments, Biometrics, Smart Cards and Authentication News

GlobalPlatform releases security management specs

Wednesday, April 23, 2008

GlobalPlatform, the international smart card specification organization, has finalized its Device Application Security Management Specification for terminals, including mobile phone handsets and EFT-POS devices, based of GlobalPlatform device technology.

This specification defines how multiple actors within a device environment, such as issuers and third-party application providers, can exchange and manage secure data when downloading applications either pre or post issuance.

The DASM Specification is three documents. The first – the DASM Concepts and Descriptions Specification – was introduced in May 2007 and defines the roles and responsibilities of different actors and specifies the data that needs to be shared in the application download process. The final two documents, which have just been published on the GlobalPlatform website, are:

The DASM Key and Certificate Management Specification – This document details the keys, signature scheme and certificate infrastructure that must be applied to ensure that all actors active within the device environment are verified as trustworthy.

The DASM Provisioning Specification – This document specifies the data format required to install an application and set up a security configuration on GlobalPlatform systems. [end] 

Related Articles
GlobalPlatform's upcoming card training session to focus on mobile

GlobalPlatform announced that it will hold a two-day card specification training session March 1-2 at the Mirage Hotel in Las Vegas.

Directly preceding CARTES North America 2012 (March 5-7, Las Vegas), the training session will aim to educate CARTES delegates and other participants on the importance of GlobalPlatform Specifications, their capabilities and functionality.

read more »
GlobalPlatform extends compliance program to meet financial sector requirements

GlobalPlatform extended its compliance program for validation that secure products meets the requirements of GlobalPlatform’s new basic financial configuration.

This advancement meets industry demand for a qualification process which confirms that a financial card product operates within the payment landscape.

read more »
GlobalPlatform white paper details versatility of SAMs with remote management

GlobalPlatform released a white paper explaining how technology can be leveraged to enhance the flexibility and security of electronic transaction systems, such as a public transport authority or electronic identity provider.

read more »
GlobalPlatform launches Trusted Execution Environment guide

GlobalPlatform has launched the first in a series of online guides that will explain in simple terms the association’s current projects and technologies.

Up now on the GlobalPlatform Web site, the first guide covers Trusted Execution Environments (TEE), or the hardware and software on a mobile device that ensures that sensitive data is stored, processed and protected.

read more »
GlobalPlatform, SIMalliance collaborate on mobile security

GlobalPlatform and SIMalliance have signed a Memorandum of Understanding to improve application security on mobile devices.

Through the formal partnership, the associations say they will work together to develop an end-to-end solution that will enable a mobile device application to communicate with an application loaded in a secure element.

read more »
Clear2Pay, Shanghai COS join GlobalPlatform

GlobalPlatform has announced that Clear2Pay, a global payment solutions provider, and Shanghai COS, a chip operating system (COS) developer, have become the organization’s newest members.

read more »

Copyright © 2012, AVISIAN, Inc. All rights reserved.