Java Card Forum

The Java Card Forum is an industry association of companies from the smart card, secure operating system and secure silicon industry, working together to promote and develop Java as the preferred programming language for multi-application smart cards, secure devices and other execution environments.

Tag Archives: JAva CArd


by

Why Java Card is used by ST in their next generation payment solution

STMicroelectronics has unveiled STPay-Topaz-2, its next-generation contactless payment card system on chip (SoC). With Java Card providing the engine for critical aspects including multi-application coexistence, payment logic, and security, the new SoC’s arrival is a major advancement for the card industry and consumers. There is more flexibility to support a wider variety of payment brands, while a new auto-tuning feature ensures reader-independent connection quality for an enhanced user experience. In addition, advanced cryptography strengthens security and prepares the platform for upcoming, stronger industry standards.

ST has already supplied more than three billion STPay ready-to-use solutions to the payment market. STPay-Topaz-2 now introduces a specific feature which allows preloading the greatest quantity of payment applets per orderable part number in the market, which simplifies inventory management for card manufacturers. This innovation includes a unique product versioning which embeds the latest and most popular payment applets worldwide, including both VSDC2.8.1g1 and 2.9.2 Visa applets.

“Contactless payment has been a huge hit with consumers and the technology must now move forward as card suppliers strive to meet growing customer demand and more diverse market requirements,” said Bruno Batut, Banking & ID Business Unit Marketing Director, Connected Security Division, STMicroelectronics. “STPay-Topaz-2 can consolidate the largest set of payment apps on one orderable part number to simplify inventory management for card manufacturers, paving the way for further expansion in contactless payment popularity. We’ve also added auto-tuning to ensure the best tap-anywhere user experience and upgraded security ready for future standards including the forthcoming EMVCo C-8 kernel.”

The STPay-Topaz-2 is based on the ST31R480 secure microcontroller (MCU), manufactured in ST’s secure and certified facilities in France. The secure MCU achieved EMVCo certification in November 2024 and recently completed Common Criteria EAL6+ certification.

This STPay solution is ready for the payment industry’s adoption of stronger digital security, ranging from RSA/3DES encryption to advanced encryption standard (AES) and elliptic curve cryptography (ECC): it is designed to comply with the forthcoming EMVCo C 8 kernel. The platform also meets GlobalPlatform and Java Card standards, making it suitable for payments, loyalty programs, and custom applications.

With enhanced wireless performance, STPay-Topaz-2 also simplifies antenna integration for card manufacturers and enables efficient connectivity even with smaller antennas, providing greater design flexibility.

STPay-Topaz-2 samples are available immediately, with production already launched.

For pricing and sample requests, contact your local STMicroelectronics sales office.

Please visit https://www.st.com/en/secure-mcus/banking-id-transport.html for more information or watch this video: https://youtu.be/3FzpA4KIgdY


by

Nicolas Regnault is announced as the 2024 “Bertrand” Award Winner

Nicolas is recognised by his peers for his exceptional contribution to the Java Card Forum’s work

To celebrate the work of Bertrand du Castel (one of the Founder members of the JCF who sadly passed away in February 2019), the Java Card Forum (JCF) has worked with his family to initiate an Annual Award in his memory. The JCF has been keen to showcase the “Bertrand Award” as a visible recognition of the continued drive and dedication still shown by its Members, over 25 years since its inception.

Nicolas Regnault (left) receives his Award from Jean-Daniel Aussel (right), President of JCF

A new voting process has been introduced this year, where all members were listed and could be voted for (rather than just 4 members nominated by the Technical and Business Chairmen). The top 3 then went through to a second ballot to produce a Winner. 

This year’s top 3 were:
Alexandre Frey (NXP)
Nicolas Regnault (Thales)
Christian Kirchstaetter (NXP)

“It was a great pleasure in Munich during our Java Card Forum Fall meeting to present on behalf of the Java Card Forum the 2024 Bertrand Award to Nicolas Regnault of Thales,” declared Jean-Daniel Aussel, President of the Java Card Forum. “As the Java Card Forum is preparing for the great challenge to keep up with ever evolving security attacks and the upcoming of quantum computers, Nicolas has been fully dedicated to work on a Java Card based cryptographic framework for crypto agility and the support of post-quantum cryptographic algorithms with the other members of the Java Card Forum Technical Committee. This year’s award was based on an open vote without nomination, and truly reflects the peer recognition of Nicolas for his outstanding work on the topic.”

“I am really honoured to receive the 2024 Bertrand Award and the recognition of my peers,” responded Nicolas Regnault. “You can still count on me for my commitment in the Java Card Forum to make the technology as good and secure as possible.”

Congratulations to all 3 of the selected members and in particular, to Nicolas for his win.


by

jNet Secure Joins Java Card Forum, Expands Role in Driving Secure Java Card Solutions for Fintech, IoT, and Biometrics

November 13th, 2024—jNet Secure, a leader in Java Card OS and security solutions, is pleased to announce its new membership in the Java Card Forum (JCF), a premier industry association dedicated to advancing Java as the leading technology for smart cards and secure devices. Through this membership, jNet joins global technology leaders in shaping the future of Java Card standards for high-security environments.

In addition to its foundational Java Card OS licensing expertise, jNet Secure has pioneered advanced Fintech, IoT, and Biometric solutions on Java Card technology, now deployed across multiple markets. These innovations empower clients to secure digital transactions, authenticate identities biometrically, and enable safe IoT integrations, all while leveraging Java Card’s secure and scalable framework.

“We are thrilled to join the Java Card Forum and contribute to the evolution of secure, interoperable solutions that protect digital identities and transactions worldwide,” said Mikhail Friedland, CEO at jNet Secure. “Our commitment to innovation in Fintech, IoT, and Biometrics aligns perfectly with JCF’s mission, and we look forward to working together to set new standards in secure digital services.”

“The Java Card Forum is delighted to welcome jNet as a new member.”, declared Jean-Daniel Aussel, President of the Java Card Forum. “jNet has a strong Java Card expertise both in legacy segments, such as payment or identity, or more innovative applications such as crypto wallets. jNet is joining forces with the other leading member organizations collaborating in the Java Card Forum to foster the adoption and to advance the evolution of Java Card-based technology as the base for strong and interoperable digital security.”

As part of the Java Card Forum, jNet Secure will collaborate with other industry leaders to drive advancements in next-generation Java Cards, promoting a more secure and connected digital ecosystem.

For more information about jNet Secure and its solutions, please visit jnet-secure.com.

About jNet Secure
jNet Secure specializes in Java Card OS licensing and advanced security solutions for diverse finance, IoT, and biometrics applications, empowering secure digital experiences across industries.

About Java Card Forum
The Java Card Forum e.V. is an industry association of companies from the smart card, secure operating system and secure silicon industry, working together to promote and develop Java as the preferred programming language for multi-application smart cards, secure devices and other execution environments.


by

Java Card is platform of choice for STMicroelectronics STeID solutions for trusted e-Identity and e-Government applications

STMicroelectronics has revealed the STeID Java Card smartcard platform that meets state-of-the-art requirements for electronic identity (eID) and eGovernment use cases. As eID documents using secure microcontrollers continue gaining importance in the fight against identity fraud, the STeID platform now accelerates the deployment of advanced solutions. Certified to common criteria EAL 6+, the platform comprises a secure operating system, STeID JC Open OS, and a portfolio of proprietary applets.

The STeID JC Open OS is compliant with the Java Card 3.0.5 card application framework and the Global Platform® 2.3.1 security and card-management architecture. This Open Platform OS provides all the features needed to host important applications such as machine-readable travel documents (eMRTD) compliant with the International Civil Aviation Organization ICAO 9303 standard. It also supports the electronic driving license standard ISO 18013, and eIDAS QSCD for qualified digital-signature creation devices. It will include Match-on-Card support for secure offline biometric authentication.

STeID Java Card incorporates support for Near Field Communication (NFC) specifications thereby providing a secure framework for creation of digital identity on mobile devices. The platform is used in conjunction with secure ICs such as ST’s ST31 microcontrollers, which are based on the dual-core Arm® SecurCore® SC000™ core with additional hardware security features. These low-power devices contain non-volatile memory, support contactless communication, RF-energy harvesting, and biometry, and are available in smartcard industry chip-module form factors and wafer-level chip-scale packages.

ST eID Java Card will be available from www.st.com at the end of June 2024.

For further information please visit https://www.st.com/steid


by

Calinel Pasteanu is announced as the 2023 “Bertrand” Award Winner

Calinel is recognised by his peers for his exceptional contribution to the Java Card Forum’s work

To celebrate the work of Bertrand du Castel (one of the Founder members of the JCF who sadly passed away in February 2019), the Java Card Forum (JCF) has worked with his family to initiate an Annual Award in his memory: The “Bertrand”. The JCF has been keen to showcase the “Bertrand Award” as a visible recognition of the continued drive and dedication still shown by its Members, over 25 years since its inception.

Each year the Business and Technical Committee Chairs nominate up to four Members who have made a significant contribution to the Forum and voting is then open to each individual JCF participant. This year’s nominees were:
Calinel Pasteanu (Oracle)
Nicolas Regnault (Thales)

Although Calinel could not be present at the Award ceremony held during the JCF Autumn Plenary in person, he participated via TEAMS and could be congratulated by his peers.

“Calinel is a well-deserved winner,” said Jean-Daniel Aussel, President of the Java Card Forum e.V. “In his position at Oracle, he gave unwavering support to the JCF. His long standing active participation in the steering and advancement of the Forum’s activities was instrumental in shaping and making a success of the successive Java Card releases.”

“The Java Card Forum has been designing the most advanced APIs to match up to date security requirements for billions of devices. Java Card technology has been and remains, the first choice for mass deployments in several markets, e.g. ID, Payment, Telco, and several IoT industrial profiles and fulfilling security requirements defined by different security schemes at different security levels (CC, FIPS, EMVCo, SESIP, etc.),” declared Calinel. “I am honoured to have been nominated for and to have received this Java Card Forum award. And I recommend joining the Java Card Forum to be part of designing the future – Java Card technology is getting more and more relevant as time goes on, due to the increasing importance of security requirements and the technology relevance reflected in setting standards organizations.”

Congratulations to both of the selected nominees and, in particular, Calinel for his win.


by

Java Card enables innovative biometric cards

To further improve the performance and production effectiveness of biometric payment cards, Infineon Technologies AG and its strategic partner Fingerprints™ are developing the all-in-one solution SECORA™ Pay Bio.

This turnkey solution will come with a pre-certified Java Card operating system including Mastercard and Visa bio-applets. It will enable a cost-efficient, scalable production based on state-of-the-art card manufacturing equipment.

SECORA™ Pay Bio will extend Infineon’s well-established SECORA™ Pay turnkey solution family (all based an Java Card technology) to address the fast growing segment of biometric banking cards. SLC39B is Infineon’s advanced system-on-chip (SoC) cryptoprocessor with integrated power source, large memory size and diverse peripherals as well as best-in-class contactless performance. The company’s BCoM is a tailored innovative dual-interface Coil on Module (CoM) for SECORA™ Pay Bio, which integrates Fingerprints’ advanced sensor and Infineon’s upcoming Secure Element into a single package. With the inductive coupling technology, no wire-connection between the card antenna and the module is needed. This allows to significantly improve the robustness and long-term reliability of biometric payment cards. With its innovative concept and enhanced capabilities, SECORA™ Pay Bio will make touchless payments more convenient without the need of  low transaction limits.

Java Card technology as a flexible smart card platform combined with GlobalPlatform card management features ennables fast innovation. With the standardized Java Card API, that separates the application layer from the operating system layer, payment networks can focus on the application design, whereas platform providers innovate at the operating system and chip level. The integration of new interfaces to sensors or libraries to extract and match fingerprint information does not result in a complete re-design of the system, but results in new Java Card APIs that can be used by all players in the industry. All this allows interoperability in the market andwill provide added value for all players in the value chain.

More information is available at Payments-in-Motion.


by

Java Card Forum celebrates its collaboration with ISO/IEC/JTC1/SC17

As the Java Card Forum celebrates its 25th Anniversary, it acknowledges the collaboration with ISO/IEC/JTC1/SC17 and looks ahead to future opportunities

A lot has been achieved over 25 years and Java Card is the leading platform for secure elements with billions of devices issued each year. Founded in 1997, the Java Card Forum has been the key environment for defining and developing Java Card technology, through constant interaction between Java Card vendors and Oracle (owner of the specification and Java Card technology).

What brought Java Card to the fore in the late 90s is interoperability of the applications running on the smart cards, at a time where interoperability was a pain point for SIM cards, as well as a means to install and host several applications concurrently, even post issuance. Moreover, Java Card offered a strong, secure environment for applications, and was quickly able to address major markets where the highest possible level of security is required, such as SIM cards, payment cards, passports or identity cards. All this was recognised rapidly by the market, and the number of Java Cards in 2004, seven years after the Java Card Forum was created, was already reaching a Billion smart cards per year. Now the number has risen to over 6 Billion per year.

The Java Card Forum and ISO/IEC/JTC1/SC17

SC17 is the committee in ISO/IEC/JTC1 that deals with identification and its related documents (e.g. electronic passports), cards, security devices and tokens, and also standardizes the interfaces associated with their use in inter-industry applications and international interchange. The committee has published over 115 standards which build the base and the backbone for any secure application based on identification. The ISO/IEC 7816 series is, for example, the basis for any smartcard operating system.

Java Card and its specification follows the standards of SC17, that allows their usage in all inter-industry applications. The flexibility of the Java Card operating system allows manufacturers and customers to use one implementation of a compliant smartcard operating system with many independent applications – the implementation of applications is separated from the implementation of the operating system. With this approach, Java Card enhances SC17 standards without contradiction and becomes a major stakeholder for existing and future standards.

Future Opportunities

Some traditional applications, such as identity cards, although present with a bright future, are also increasingly being deployed onto the mobile phone or wearable devices, such as connected watches. In these devices, Java Card is now running on the soldered embedded secure element, or even integrated onto the system-on-chip. This motivates us to work on new features, such as new communications channels and protocols, improved power management with, for example, the support of suspend and resume, as well as new memory management capabilities or the ability to communicate with sensors, such as fingerprint readers, directly from the Java Card applet.

In addition, cryptographic agility is also a big item on the Java Card Forum agenda, initially to address the support of post-quantum cryptography, but more generally to make sure the security can be updated post-issuance should the need arise.

SC17 and Java Card Forum have had a fruitful, long-lasting partnership and liaison and will continue to inform each other about new developments, features and requirements.

Article by Jean-Daniel Aussel, President of the Java Card Forum and Werner Ness, Business Committee, Java Card Forum