05/02/02 ad/global platform tokyo
TRANSCRIPT
105/02/02 AD/Global Platform Tokyo
Oberthur Card Systems Product Policy and Global Platform
Alain DAGUISEDirector Oberthur Card SystemsFor Japan and KoreaTokyo 05/02/2002
Alain DAGUISEDirector Oberthur Card SystemsFor Japan and KoreaTokyo 05/02/2002
205/02/02 AD/Global Platform Tokyo
François-Charles Oberthur (FCO) Group
• Oberthur Card Systems (OCS) is part of FCO Group
• Leading security printer in the world
• N°1 supplier of lottery instants
• Employees: 5000
305/02/02 AD/Global Platform Tokyo
Oberthur Card SystemsOCS in 2000
Turnover: € 460.7 million (Listed on Paris Stock Exchange) Employees worldwide: 3125
Target Markets: Payment 1st Supplier of Visa Mastercard Card Worldwide Mobile Communications: SIM, UIM cards E-Business
Volumes: 450 mil. Magnetic stripe cards 80 mil. Micro-processor chip cards: 59% of the sales 55 mil. Memory chip cards
405/02/02 AD/Global Platform Tokyo
N°1 for Visa/Mastercard N°1 for Visa/Mastercard Worldwide MarketWorldwide Market
Schlumberger12%
Gemplus12%
Giesecke & Devrient14%
Others44%
Oberthur18%
Source : The Nilson Report n°748 Sept/2001
505/02/02 AD/Global Platform Tokyo
World-wide presence Europe,
Middle East, Africa
62 %
Americas
26 %
13 manufacturing and personalisation sites
25 distribution offices
3000 employees
Asia Pacific
12 %
605/02/02 AD/Global Platform Tokyo
Market trends by the Analysts
« Open standards and interoperability are key issues to facilitate growth, and the Java 2.1 specifications for SIM cards will make a significant contribution to interoperability »
« There is a strong focus on development e-Commerce and m-Commerce capabilities for smart cards. Their future use for more advanced tasks implies increased demand for card security, and for features such as embedded crypto-processors and digital certificates. »
New smart card opportunities: One card a million uses?
Datamonitor 05/2001
705/02/02 AD/Global Platform Tokyo
Native cards
CPU + CRYPTO
ROM
OPERATING SYSTEM
ROM
APPLICATION
ROM
ISO 7816 3
ISO 7816 4
Banking applicationB0’, VSDC,MChipLite
MChipSelect
History of the smart card
Hardware dependent
FILE STRUCTURE
E2PRO
M
805/02/02 AD/Global Platform Tokyo
Native cards Consequences
History of the smart card 2
CPU + CRYPTO
ROM
OPERATING SYSTEMRO
M
APPLICATION
ROM
E2PRO
M Development need smart card expertise•AApplications are hardware dependent and dependant of Proprietary OS•AAdding new application means re-issue a new card
FILE STRUCTURE
905/02/02 AD/Global Platform Tokyo
Platform Concept – the Java card
ROM
CPU + CRYPTO
OPERATING SYSTEM
ROM
• Developments faster• Can add or update
services after issuing the card
• Investments protected
Java Interpreter
APPLICATION 1 APPLICATION 2
ROM
APPLICATION 3
File Structure 1 File Structure 2 File Structure 3
E2PRO
ME2PRO
M
ROM
ROM
Hardware independent
Loader
History of the smart card 3
1005/02/02 AD/Global Platform Tokyo
Multi-sector approach
• First concept pushed by Financial Institutions• VISA Int. VOP• Mondex Multos
• Large Volume came from Telecom Operators• GSM and Sim Tool Kit first OTA loading of Applications• Demand for InterOperability• Next steps will combine Telecom, Payment and ID
• Need for Card Management• Pre-Issuance• Post-Issuance
1105/02/02 AD/Global Platform Tokyo
Telecom Sector pushed for standards and Interoperability
SAT proprietary solution
OCS first to introduce Java in
SAT
Standard achievement
Standard consolidation
1996 1998 2001 2002
SIMphonIC V1 SIMphonIC V3 SIMphonIC V3 64k
GSM 11.11
GSM 11.14
Java Virtual Machine v1.0
Java API v1.0
GSM 11.11
GSM 11.14
03.48
03.19
Java Virtual Machine v2.1
Java API v2.1
3GPP
Interoperability
8k, 16k cards
1205/02/02 AD/Global Platform Tokyo
ApplicationApplication
creationcreation
•03.19•JavaCard
1 Balance2 Last transactions3 Transfert4 Invoices5 Call Bank OK
ApplicationApplication
executionexecution
•03.19•JavaCard
ApplicationApplication
loadingloading
What’s Interoperability?
3 aspects
1305/02/02 AD/Global Platform Tokyo
Application Download Protocol
ETSI 03.48Source Code
Interoperability : What does that mean?
GSM Network
Application Download Server
Application Code
Situation without Standards
Standards :03.19SIM API Java Card 2.1
Situation with Standards
ETSI 03.19
Java Card 2.1
03.48 Loader
1405/02/02 AD/Global Platform Tokyo
Dynamic E²PROM Manager
GSM Phase 2+ Kernel
Java CardVirtual Machine
Java Card API
Open PlatformApplication Manager
SIM API
Applet 1 Applet n
Interoperability: SIMphonIC V3
Java Card 2.1
GSM 11.11 GSM 11.14
SIM Toolkit OTA LoaderETSI TS 03.48
Generic LOADEROpen Platform V2External Spec
SIM API
ETSI TS 03.19
1505/02/02 AD/Global Platform Tokyo
Dynamic E²PROM ManagerDynamic E²PROM Manager
Operating SystemOperating System
UICCUICC
4 Logical Channels4 Logical Channels
Dynamic RAM ManagerDynamic RAM Manager
GSMGSM USIMUSIM CDMACDMA Java Card Run Time EnvironmentJava Card Run Time Environment
COMP 128COMP 128 AESAES MilenageMilenage CAVECAVE RSARSA Java Card Virtual MachineJava Card Virtual Machine
Global Platform Global Platform Application Loader & ManagerApplication Loader & Manager
Java Card APIJava Card API
PhonePhoneBookBook
UCAT Run Time EnvironmentUCAT Run Time Environment
Card Application Toolkit APIsCard Application Toolkit APIs
UCATUCATApplet nApplet n
UCATUCATApplet 1Applet 1
AppletAppletVSDCVSDC
SIMphonIC™ 3GSIMphonIC™ 3G
Java Card 2.1Java Card 2.1
JavaJavaAppletApplet
1605/02/02 AD/Global Platform Tokyo
Payment Market segmentation
CONSUMER MARKETCORPORATE
MARKET
Native 2k (no RSA)
EMV SDAIdentification
Native 2k-8k(RSA)
JavaOP 16k-32k(no RSA)
JavaOP 32k-64k(RSA)
$1 $3 CardPrice (Mu)
Convenient Data Storage
LoyaltyProgram
SKI / EMV SDA-DDAIdentification
e-signature
e-Payment
¨PKIAuthentication
UserProfile
HomeBanking
DataStorage
e-payment
LoyaltyProgram
e-signature
1705/02/02 AD/Global Platform Tokyo
OCS current OP cards CosmopolIC Lite
Product Applets in Rom
Algorithms Certification Benefits
CosmopolIC Lite V1 Visa Low Cost Card 3 $
VSDC 2.0.1 Visa Cash purse Access applet (US market)
DES, 3DES
Completed Entry point non RSA plateform for Visa banks
CosmopolIC Lite V2-1
VSDC 2.0.1 (Internet access)
DES, 3DES
Visa certi. To be completed Available Q2 2002
Entry point non RSA with Internet access & data storage
1805/02/02 AD/Global Platform Tokyo
OCS current OP cards CosmopolIC
Version Size Algorithms Applets in Rom
Certification Benefits
CosmopolIC 2.1 V1
32k/32 K DES, 3DES, RSA, SHA, MD5
Completed Visa level 3
Entry point Java RSA platform
CosmopolIC 2.1 V2
96 K/32 K DES, 3DES, RSA, SHA, MD5
B0'V2 VSDC 1.18
Completed Visa level 3 EAL 1 +
Multi channels projects Key generator reinforces
security and facilitate card deployment
CosmopolIC 2.1 V3
96 K/32 K DES, 3DES, RSA, SHA, MD5, DSA
VSDC 2.0. 1
Visa cert. Under progress Avail. Q2 2002
Same as V2 plus latest applications in rom
CosmopolIC 2.1 V4
96 K/32 K DES, 3DES, RSA, SHA, MD5, DSA
VSDC 2.0. 1 )
Visa cert EAL4 +. Under progress Avail. Q2 2002
Same as V3 plus EAL4 + certification
1905/02/02 AD/Global Platform Tokyo
CosmopolIC V3/V4 Architecture
ISOFile SystemISOFile System VSDCVSDC PSEPSE Random #GeneratorRandom #Generator
JAVA Card API 2.1JAVA Card API 2.1 Open Platfrom API 2.0Open Platfrom API 2.0
Java Interpreter 2.1Java Interpreter 2.1
T=0 / T=1 (PTS)T=0 / T=1 (PTS) DES 3DES DSA RSA(2048) MD5 SHA-1DES 3DES DSA RSA(2048) MD5 SHA-1
OCS Operation SystemOCS Operation System
Identrus AppletIdentity & Utility Key
Identity & Utility Certificate+/- 4 Other Certificates
Identrus AppletIdentity & Utility Key
Identity & Utility Certificate+/- 4 Other Certificates
APPLET
APPLET
APPLET
APPLET
F ATF ATEEPROM
32K
ROM96K
2005/02/02 AD/Global Platform Tokyo
OP Roll Out in Asia PacKorea, Taiwan and Australia
• 900 000 cards delivered by Oberthur Card Systems.
• Hybrid and Contact Only cards
• Debit Credit plus Loyalty, E-Purse
• Mobile Commerce Application with SKT
• Mass Transit Application
2105/02/02 AD/Global Platform Tokyo
Moneta SKT Project
2205/02/02 AD/Global Platform TokyoClient software
Reader
Smart Card
OCS E-Com solutions
2305/02/02 AD/Global Platform Tokyo
The next generation of OCS cards
• Integrating the latest evolutions of standards
• Differentiation through value added applications
(authentication…) integrated in a solution pattern
• Competitive pricing through fine tuning memory size
• Dual source of IC policy
2405/02/02 AD/Global Platform Tokyo
THANK YOU FOR
YOUR ATTENTION