Java Card Forum

The Java Card Forum is an industry association of companies from the smart card, secure operating system and secure silicon industry, working together to promote and develop Java as the preferred programming language for multi-application smart cards, secure devices and other execution environments.

Why Java Card Is the Logical Choice for SECORA™️ Pay M from Infineon

by

SECORA Pay M, FIDO, and the Role of Java Card

The new SECORA Pay M platform from Infineon brings together two high-security domains that traditionally lived on separate hardware: EMV-grade payment and FIDO-based authentication. By enabling both functions on a single secure element, SECORA Pay M targets devices such as payment cards and wearables that require seamless “tap-to-pay” and “tap-to-authenticate” behaviour.

To make this convergence practical, Infineon built SECORA Pay M on Java Card 3.1, and there are clear technical reasons why:

1. Multi-application secured co-existence— essential for EMV payment + FIDO on one chip

EMV payment applet and a FIDO authenticator (for passwordless login) have distinctly different threat models and certification paths. Java Card provides strict application sandboxing, ensuring that the FIDO applet cannot access or infer anything about the payment keys, and vice-versa. This isolation is fundamental when combining two high-value credential domains.

2. Standards-aligned platform for FIDO

FIDO authentication relies on modern cryptographic primitives, secure key storage, attestation, and anti-phishing protections. Java Card provides standardized crypto APIs and lifecycle management consistent with GlobalPlatform, making it easier to implement a certified FIDO authenticator while reusing proven secure-element infrastructure.

3. Future-proofing across rapidly evolving authentication standards

FIDO specifications evolve quickly, and authentication requirements (e.g., passkeys, enterprise attestation, hybrid credentials) continue to expand. Java Card’s applet-based modularity allows updates or new authentication functions without redesigning the secure hardware. This gives SECORA Pay M a longer, more flexible lifecycle.

4. Faster certification and deployment for customers

Payment schemes, banks, and authentication providers all rely on well-established certification frameworks. Because Java Card is a long-standing standard in smart cards, much of the security architecture is already audit-proven. This reduces time-to-market for SECORA Pay M deployments that must satisfy both EMVpayment and FIDO requirements.

In short: SECORA Pay M combines contactless EMV payments and modern “tap-to-authenticate” / passwordless login  in a single secure element, and Java Card is the enabling layer – providing isolation, cryptographic consistency, standardization, and an upgrade path that makes this dual-function design both secure and scalable.

More details can be found here on the Infineon site.

Unknown's avatar

Author: Karen B

Karen has been working in the high-tech industry for over 30 years covering system support, event management, corporate publishing and secretariat support for special interest groups. As well as running the UK office, she is the Marketing & Operations Secretariat for the Java Card Forum. She is currently based in the UK.

Comments are closed.