Java Card Forum

The Java Card Forum is an industry association of companies from the smart card, secure operating system and secure silicon industry, working together to promote and develop Java as the preferred programming language for multi-application smart cards, secure devices and other execution environments.

JCF 2021 Webinar Series

*** Please note that the 2021 Webinar Series has now finished, however, you can access the material below ***

The JCF, in conjunction with GlobalPlatform and the Trusted Connectivity Alliance, is planning a Series of 7 Webinars in Q4 of 2021, to share with you insights into why Java Card should be your platform of choice. This Series is FREE OF CHARGE and you can attend as many of the Webinars as you want.

WHAT WILL YOU LEARN?
The Java Card Webinar Series will provide you with an exceptional opportunity to discover how Java Card technology could expand your business. This Series will explain:

  • The key new SIM features enabled by the recommended 5G SIM
  • The challenges for real-world adoption of PQC
  • How FIDO helps organizations to strengthen their security
  • How to use Java Card on a secure element in an IoT device, to secure access to peripherals on an I3C bus
  • The impact Virtualizing Secure Elements will have on Java Card technology

WHO SHOULD ATTEND?
This Series is key for IoT device developers, IoT security systems architects, product managers, MNOs, application developers and security experts.
During the Series you will be able to interact with our panel of Java Card specialists (including such companies as G+D Mobile Security, Infineon, Thales, Oracle and our guest speakers GlobalPlatform and Trusted Connectivity Alliance).

Please note: All presentations/demos will be in English

WEBINAR 1: TUESDAY 23RD NOVEMBER, 9am – 10am CET + 5pm – 6pm CET

Recommended 5G SIM – Unlocking the potential of 5G networks (Trusted Connectivity Alliance)

square bw Claus DietzePresenter: Claus Dietze, Senior Director Global Standardisation, G+D Mobile Security + Chair of the Board, TCA

Biography: In his current role, Claus is responsible for defining and driving strategic standardisation activities within G+D’s business segment Trusted Connected Devices. Prior to this, Claus held various positions in project management, R&D, technology office and product management within G+D since joining the company in 1996.

Claus has a long history in standardization of smart card technologies and was seconded to the European Telecommunications Standards Institute (ETSI) from 2002-2003. In 2009, Claus was appointed Director and Head of Embedded Development for mobile device solutions and software security. He headed the Innovation department within the R&D organization from 2014 onwards and was responsible for carrying out technical feasibility studies and prototyping for new technologies.

Claus has a master’s degree in Computer Sciences from the Collaborative University of Mannheim.

Webinar Overview: In the same way that network core architecture is evolving, SIM technology is transforming to meet new challenges and opportunities introduced by 5G. With momentum now building across the industry for Phase 2 deployments, TCA’s latest member market data indicates that mobile network operators already recognise the benefits of upgrading to more advanced SIM technology, but are yet to fully optimise their 5G Phase 1 and 2 deployments to unlock the full potential of 5G networks.

Within this presentation, TCA will explain how mobile network operators select the right choice of SIM technology at 5G launch. It will introduce its updated Recommended 5G SIM paper, which outlines the optimal technical features required by SIM technology, so MNOs to unlock the full benefits of 5G networks, maximise their investments through new features and services, promote the highest levels of trust and functionality and address key challenges posed by 5G migration.

Delegates will learn:

  • How the technical features of SIM technology can be used to address the 5G migration challenges beyond network access.
  • About the powerful new features introduced by 3GPP Release 16 for 5G Phase 2 deployment, which are aimed at promoting trust, addressing emerging use cases across massive IoT applications, critical communication infrastructures and connected vehicles, and supporting the delivery of enhanced services.
  • The key new SIM features enabled by the Recommended 5G SIM – additional subscriber privacy protections; private network access across enterprises and industry verticals; and cellular vehicle-to-everything (V2X) communication.
  • How MNOs can use these various features to enable the delivery of improved mobile experiences are also identified, including: 5G roaming; network slicing support; trusted non-3GPP network access; and multi-device and multi-identity services.

TCA logo with tagline_PNG

ACCESS THE PRESENTATION HERE

VIEW THE RECORDED WEBINAR BELOW:

WEBINAR 2: THURSDAY 2ND DECEMBER, 9am – 10am CET + 5pm – 6pm CET

On the Current Status of Post-Quantum Cryptography (Infineon)

square bw_peter_pessl1Presenter: Peter Pessl, Security Architect, Infineon 

Biography:Peter Pessl is a security architect working in the field of Post-Quantum Cryptography at Infineon Technologies. Before joining Infineon, he achieved his PhD and worked as a Postdoc at Graz University of Technology, where his research was aimed at implementation attacks (side channels and faults) and respective countermeasures for cryptographic primitives. In particular, he focuses on implementation security of lattice-based cryptography and other quantum-secure schemes.

Webinar Overview: Quantum computers might one day break many crucial cryptographic methods. Industry, academia, and standardization bodies are preparing for this and are putting significant effort into developing quantum-secure alternatives under the term Post-Quantum Cryptography (PQC).
This talk gives an introduction to PQC and describes the various families of promising schemes. Furthermore, the current status of standardization efforts is shown and challenges for the real-world adoption of PQC are pointed out.

ACCESS THE PRESENTATION HERE

VIEW THE RECORDED WEBINAR BELOW: 

WEBINAR 3: MONDAY 6TH DECEMBER, 9am – 10.15am CET + 5pm – 6.15pm CET

Introducing Java Card DIO to secure peripherals on I3C bus (Oracle)

Patrick_100 b&wPresenter: Patrick van Haver, Principal Engineer, Oracle

Biography: Patrick is a Principal Engineer in the Java Platform Group at Oracle and spec lead for the Java Card platform.
He has extensive experience in security and held multiple positions in engineering, product management and sales organizations, previously at Gemalto and now at Oracle.
He led the design and the deployment at scale of security solutions for telecom, payment, identity & access management and IoT markets.
Patrick holds a MSc degree in Computer Science and AI from Luminy University, France.

Webinar Overview: Secure Elements running Java Card are widely used to achieve the highest level of security to authenticate users to connect to mobile networks or access web services, make payments, control physical access to buildings or verify the identity of a person. With IoT deployments, we have also demonstrated how Java Card can be used to authenticate devices and secure communication with cloud services, but we face new security challenges to protect edge devices with their peripherals and ensure end-to-end data integrity and confidentiality for IoT solutions.
This webinar explores how to use Java Card on a secure element in an IoT device to secure access to peripherals on an I3C bus. We will present some use cases, propose a design, and describe how a Java Card application can use the Device IO API to implement a secure solution.

Strong User Authentication using Java Card and FIDO (Thales)

square_ bw YardenPresenter: Yarden Gaon, Product Owner, Thales

Biography: In Thales, Yarden is the product owner for the CP&L certificate based smart card authenticators, consolidating the FIDO solution offered with these devices.

Yarden brings nearly two decades of experience in successfully delivering new product releases in the cyber security field, that includes access management (IAM), cryptography, certificates, PKI and FIDO. As a Product Owner within Thales, he works closely with the Sales teams, R&D, Operations and Marketing teams for the product requirements definition, development and delivery.

Webinar Overview: Thales has announced the launch of its first Fast Identity Online 2.0 (FIDO2) authentication devices, offering passwordless access for cloud apps, network domains including Azure AD-connected apps and services. This integration will enable organizations to move to the cloud securely and apply secure access across hybrid environments via an integrated access management and authentication offering.

In the FIDO webinar we will review what is FIDO, how FIDO helps organizations to strengthen their security and what Thales has to offer.

Strong User Authentication Demo using Java Card and FIDO (Oracle)

NicolaeBorsOracle_100_b&wPresenter: Nicolae Bors, Software Engineer, Oracl

Biography: Nicolae is a Software Engineer for Oracle, based in Bucharest, Romania. He has 4 years of experience in Java, as well as being involved in different Java Card and Internet of Things projects during his masters studies.
At Oracle, since last year, he has been contributing to the implementation of solutions for the Java Card Platform. He is an IoT and hardware security enthusiast.

Vlad_b&w 100Presenter: Vlad Petrovici, Senior Software Engineer, Oracle

Biography: Vlad Petrovici M.Sc is from Bucharest – Romania, where he works as a Senior Software Engineer at Oracle. He has over 13 years experience with various technologies used in the Java and Internet of Things Oracle products, with a focus on Security for Embedded Systems and Data Analytics. He utilizes his programming knowledge, as well as understanding how to implement the right solutions for the Java Card platform.

Webinar Overview: The demo showcases a high security password-less authentication experience using a biometry method based on the FIDO specification, powered by a Java Card implementation at the backend and the Oracle Identity Cloud Service at the server side. **Please note that the demo will only be available to those people attending the live Webinar – it will not be recorded**

ACCESS THE I3C PRESENTATION HERE

ACCESS THE INTRODUCTION TO FIDO (with use cases) HERE

ACCESS THE INTRODUCTION TO THE FIDO JAVA CARD DEMO HERE

VIEW THE RECORDED WEBINAR BELOW (Please note that the Demo itself has not been recorded): 

WEBINAR 4: THURSDAY 9TH DECEMBER, 9am – 10am CET + 5pm – 6pm CET

GlobalPlatform SE device integration (GlobalPlatform)

100px bw_Gil_BernabeuPresenter: Gil Bernabeu, Technical Director, GlobalPlatform 

Biography: GlobalPlatform Technical Director and Technical Advisor for the Standardization and Technology Department at Thales. In this role, he supports Gemalto’s marketing and product groups to deploy trusted and convenient digital services.

Gil was elected as GlobalPlatform’s Technical Director in 2005. His main role is to drive forward the development of GlobalPlatform’s Specifications to deploy secure services. Gil also acts as GlobalPlatform’s central technical liaison point, coordinating the efforts of the organization’s three technical committees – Secure Element (SE), Trusted Execution Environment (TEE) and Trusted Platform Services (TPS) – and the GlobalPlatform Task Forces with external partners.

Webinar Overview: To answer to evolving market requirements and regulations, device architectures should be based on a secure Root of Trust and be able to create secure services for the boot, the OS and the application layer. This presentation will explain how SEs build security into connected devices, and introduce several new technical documents published by GlobalPlatform to simplify integration and management for device manufacturers:

  • Protocols to connect and manage the SE content: I2C & SPI APIs
  • Protocols to update the SE RAM & OMAPI
  • TPS APIs and the soon to be release Open-Source TPS APIs

New Logo w Tagline JPEG

ACCESS THE PRESENTATION HERE

VIEW THE RECORDED WEBINAR BELOW: 

WEBINAR 5: MONDAY 13TH DECEMBER, 9am – 10am CET + 5pm – 6pm CET

GlobalPlatform Secure Element Protection Profile and FIDO 2.0 Extension (GlobalPlatform)

Presenter: Gil Bernabeu, Technical Director, Global Platform 

Biography: GlobalPlatform Technical Director and Technical Advisor for the Standardization and Technology Department at Thales. In this role, he supports Gemalto’s marketing and product groups to deploy trusted and convenient digital services.

Gil was elected as GlobalPlatform’s Technical Director in 2005. His main role is to drive forward the development of GlobalPlatform’s Specifications to deploy secure services. Gil also acts as GlobalPlatform’s central technical liaison point, coordinating the efforts of the organization’s three technical committees – Secure Element (SE), Trusted Execution Environment (TEE) and Trusted Platform Services (TPS) – and the GlobalPlatform Task Forces with external partners.

Webinar Overview: Secure Elements are used in multiple environments – from SIMs, to smart cards, electronic ID solutions like passports and embedded in to connected devices. While the specific scope of features may differ from environment to environment, all require consistent high levels of security. This presentation will introduce GlobalPlatform’s SE Protection Profile, and how it standardizes the security definitions of the different options and features available on a GlobalPlatform-certified SE. Attendees will also learn about enhancement made to the Protection Profile to align with FIDO 2.0, and how this is reducing the cost of certification for developers.

ACCESS THE PRESENTATION HERE

VIEW THE RECORDED WEBINAR BELOW:

WEBINAR 6: WEDNESDAY 15TH DECEMBER, 9am – 10am + 5pm – 6pm CET

Virtualizing Secure Elements (G+D Mobile Security)

Presenter: Karl Eglof Hartel, Director for Standardization, G+D Mobile Security

Biography: Karl received a diploma in Physics from LMU Munich and spent 13 years at Siemens/DASA/EADS working on military command and communications systems. He joined 
Giesecke+Devrient Mobile Security in 2000 and since 2001 has focused on Standardization, first with ETSI SCP, then also GlobalPlatform. In 2009 Karl became Chairman of the GlobalPlatform SE Committee and since 2011 has worked on standardizing different eSIM solutions at GSMA.

Webinar Overview: The trend to Virtualization, which is omnipresent in the IT server world, is reaching Secure Elements.
What has been implemented on multiple Security Chips in the past is moving onto a single chip providing support for multiple “logical SEs”.
The presentation will highlight the developments in GSMA for MEP (Multiple Enabled Profiles) and SAM (Secured Applications for Mobile), as well as those in ETSI for MLI (Multiple Logical Interfaces) and touch on the impact for Java Card™ and GlobalPlatform.

ACCESS THE PRESENTATION HERE

VIEW THE RECORDED WEBINAR BELOW:

WEBINAR 7: THURSDAY 16TH DECEMBER, 9am – 10am CET + 5pm – 6pm CET

Moving towards keyless car access with Digital Car Keys (Thales)

Presenter: Pierre Girard, Senior Cybersecurity Expert, Thales

Biography: Pierre is a Cybersecurity Senior Expert in the Automotive and mobility services business line at Thales.

He co-designs security solutions with customers and partners. He is also technology advisor at corporate level and was previously Principal investigator for smart cities in the Strategy and Innovation division. Before that, Pierre has managed the security architecture team in Gemalto security labs for more than 10 years.

Pierre holds an Habilitation and a PhD in computer security.

Webinar Overview: Digital car keys allow cars users to lock/unlock their vehicles and start the engine, using their smartphone or any other mobile device. This opens a wide range of use cases such as family or friends car sharing, company car fleet management, or rental car seamless experience.

To build users’ trust and keep the highest security level, mobile devices and vehicles need to securely connect with each other. To do so, digital IDs and associated digital keys need to be provisioned and stored securely into each component of the ecosystem: in mobile devices on one side, and in vehicles on the other side. This way, both sides will be able to recognize each other through a secure and mutual digital authentication, based on encryption mechanisms.

The Car Connectivity Consortium, which represents a large portion of the global automotive and smartphone industries with more than one hundred member companies, developed a standardized ecosystem for global smartphone-to-vehicle connectivity solutions (https://global-carconnectivity.org/). This should ensure a large adoption of the CCC Digital Key by all mobile device OEMs, car makers and fleet managers.

Thales actively contributes to the development of the CCC Digital Key specification and certification program. Thanks to our chairman position in the CCC Digital Key Certification working group, Thales´ standardization team has been leading the certification activities since 2019.

This webinar describes the current Digital Key ecosystem, challenges and promises, and also explain Thales secure end-to-end solution for automotive stakeholders looking to implement the latest CCC Digital Key specification.

ACCESS THE PRESENTATION HERE

VIEW THE RECORDED WEBINAR BELOW: