In the fourth interview of the 25th Anniversary series, Eric Vétillard, Lead Certification Expert at ENISA explains ENISA’s certification mandate and discuses how Java Card certification schemes are related to the ENISA scope. He also reflects on his time as the JCF Technical Committee (TC) Chairman and how it has shaped his career path since.
Tag Archives: JavaCard
Trusted Connectivity Alliance celebrates collaboration with Java Card Forum
As part of the Java Card Forum’s 25 year Anniversary celebrations, we have been talking to leading standards organisations to highlight the importance of industry collaboration over the years.
In this interview, Claus Dietze, Chair of the Board, Trusted Connectivity Alliance (TCA) explains the importance of Java Card technology in the Telecoms industry, how the 2 organisations have successfully collaborated over the years and why Java Card should be the platform of choice for IoT solutions.
What is the role of Java Card in Telecoms and how has it evolved over the last 25 years?
Java Card is a key pillar of the Telecoms industry; it’s a key technology for our Secure Element ecosystem. And why is it like this? Because it’s providing the capabilities our ecosystem actually needs.
First of all, it’s providing flexibility, but of course it also provides one of the main features and capabilities, which is interoperability. And due to this, many of the demands that the ecosystem has, can be answered.
The other aspect of evolution, is of course in regards to its market share – you may know that the TCA, formerly the SIMalliance, is tracking its Members’ market data and we started doing this almost 20 years ago (not quite 25 years!). We already started tracking the market share of Java Card in 2004 and back then, I think it’s not a secret if I disclose that we had a market share which was significant, but not yet reaching the level of native operating systems – we had something like 40%. Since then, the market share of Java Card and its adoption in the field steadily grew year on year and we see that this is going to grow even further in the future. So, with new exciting technologies, such as the eSIM, we see that, as far as I am aware, all the eSIMs that are commercially deployed out there in the field are all based on Java Card technology.
It has evolved significantly, because it’s adapting its requirements and capabilities to the needs of our ecosystems very well.
How have the TCA and JCF collaborated?
This started many years ago. The way that the TCA organises its work is by establishing Working Groups. And one of the first working groups that the TCA established was dealing with interoperability – a Working Group that is still alive today. Java Card was a brand new technology in the early days and even though it was claiming to be interoperable from the beginning, different vendors actually interpreted the specification slightly differently and also some of the capabilities and features requested by the customers of those same vendors, were not yet available in the Java Card specification, so proprietary extensions were implemented and that’s what was always causing problems when it comes to the interoperability. As we have key members of the TCA who are also key members of the JCF, we established some sort of “exchange”, so that findings of the TCA were then reported back into the JCF and could be brought into the specifications of Java Card, thus enhancing interoperability and also enhancing the feature set.
What benefits did this collaboration bring?
It improved interoperability – it brought benefits in particular to the whole SIM ecosystem I would say.
Maybe for the network operators it brought the benefit that they had one type of application, so it brought interoperability on the applet level in particular. The idea was to develop an applet once and to run it on all the different platforms of the various SIM vendors and that improved the network operators’ time to market, introducing new services on different SIM vendors’ platforms, because they just had to take the existing applet and put it onto the new SIM and deploy.
For the SIM vendors themselves, it also reduced their efforts, because they just had to develop their application once, and to run it, or even licence it to other SIM vendors, thus also creating additional revenue potential. So, it brought many benefits, in particular, increasing the interoperability of technical implementations.
How does the TCA see Java Card changing in line with the evolving IoT landscape?
The Internet of Things is actually very fragmented, so everyone is understanding something different by this term. You have a wide area of use cases and a wide area of different types of devices. But what they have in common, is that most of those devices need to be connected – so they have a need for connectivity again. And we think that this connectivity should be trusted. In the IoT you don’t currently have security experts, certainly not in the early days at least; they think – let’s connect a device and talk about security later. We think we have to make sure this is done at the very beginning. The technology that we are offering, with SIM technology, eSIM technology and also integrated SIM technology, provides a foundation for first of all enabling trusted connectivity, and of course also for putting additional applications on top of those platforms, that are increasing the security level of the IoT in general. So we think that with Java Card, we can inherit the benefits we have from the traditional SIM and take it and transfer it over into the IoT. And just to add on top of that, of course we also think that eSIM technology, which is based on Java Card these days, is also enabling the IoT to be trusted and more secure. There is also a lot that Java Card can bring with regards to Low Power, to Memory Sizes and so on…there are many features that Java Card is implementing already, that we can leverage off very well, so I think the future is bright for Java Card in IoT and I am very much looking forward to the continued collaboration between the 2 associations on this topic as well.
You can see this interview in video format here.
The Birth of JavaCard
By Tad Bogdan and Ted Goldstein, Ph.D.
They say that success has a thousand fathers and failure is an orphan
In the early 1990s, the smartcard industry had many hardware platforms each with their own unique operating environment. Like the computer industry decades before, each smartcard manufacturer created proprietary software tools. The manufacturers intended to optimize performance on their smartcard platforms, and to lock customers into their platforms. Customers such as MasterCard and Visa demanded an open, standardized platform from the industry before committing to a smartcard strategy. Many efforts began to answer this need, two of which were Mondex and Integrity Arts. David Everett of NatWest bank in England designed Mondex, a multi-application, multi-currency, secure, smartcard-based payment system. Meanwhile, Patrice Peyret at Gemplus formed a spinoff company called Integrity Arts that created a new programming language called TOSCA. But the tools for programming Mondex and TOSCA were not available to the public.
At the same time, the Sun Microsystems’ Java platform was trying to solve a similar problem of software applications that would work on any computer. Java implemented the ideal of Write Once, Run Anywhere (WORA) applications. Sun founder Bill Joy always proposed open portable platforms. The Java system enables binary programs to run unmodified across any computer platform using an object-oriented C-like language. The Java language uses a portable byte code that is dynamically compiled across any CPU architecture.
The Internet was just emerging as a potent technology and enabler of many new businesses. Smartcards seemed like a good way to bring physical security and identity to credit and debit cards, and government ID cards, and emerging mass-transportation systems. Before Java, smartcard developers had to program in low-level machine code, a tedious error-prone process. The Java system provided an easy-to-use, efficient, high-level language to create secure applications for commerce and the Internet. The trimmed Java system designed for smartcard applications was called JavaCard.
In 1995, seizing this opportunity, James Gosling and Ted Goldstein created JavaCard to expand Sun’s Java franchise and offer a subset of the Java language to develop secure payment applications. Java even works on the largest Cray supercomputers. Thus, having the great virtue that Java programs could then run from smartcards to supercomputers (SC-SC) —the most extensive range of computing capabilities possible. Smartcards were well established in Europe. But payment systems in the USA at the time used magnetic stripe technology and did not yet have a smartcard platform. Giant payment aggregators such as Visa and Mastercard did not want to commit to a single smartcard manufacturer. Peter Hill, Executive Vice President at Visa, recognized in JavaCard an opportunity to have a smartcard manufacturer-independent standard. Visa became the first large payment company to license JavaCard. Visa mandated JavaCard for all of Visa’s smartcard payment cards. Later, MasterCard acquired Mondex, and Peter Hill joined as their CTO, licensed JavaCard, and ported the Mondex payment platform to JavaCard.
The following fall, Ted Goldstein authored the first JavaCard 1.0 API as part of the Java Development Kit (JDK) 1.1 specification. He became Sun Microsystems’ Chief Java Commerce Officer and began presenting JavaCard publicly.
Concurrently, Tim Jurgensen and Scott Guthery of Schlumberger Inc. were developing a smartcard system based on Java. So they visited JavaSoft (a new division of Sun Microsystems) to ask whether they could license the Java name. JavaSoft had already begun working on JavaCard, so the Java team explained that the Java licensing model was not just a name and a logo. It also required that any Java product conform to interoperable manufacturer-independent standards and pass a
compliance software test suite. JavaSoft and Schlumberger decided to join forces. With Schlumberger’s endorsement, the idea of JavaCard prompted Sun to commence a licensing campaign to smartcard manufacturers and their customers.
Tad Bogdan rejoined Sun to head up the JavaCard Sales and Business Development initiative. He developed the business licensing model for JavaCard and proceeded to license JavaCard to over twenty smartcard companies, comprising 95% of the smartcard world market. Sun formally launched JavaCard at the Salon de Cartes in 1996, and the first royalty payment for JavaCard was received in June of 1997. The JavaCard forum began that same summer in Marseilles, France. Before the end of year, Sun Microsystems acquired Integrity Arts from Gemplus, giving Sun sufficient technical horsepower to support the smartcard technology and to create JavaSoft’s implementation of the JavaCard API.
There are now many billions of JavaCard products in the world. Payment and Financial Services were the original market driver, which quickly expanded to include Telecom, Set-top boxes, Government Identity, Corporate Identity, Portable Anonymous Stored-value, Transportation, Network Security, Medical, and other markets. An industry full of JavaCard Forum members, licensees, developers, and customers make JavaCard arguably the most ubiquitous operating platform in the world. Oracle acquired Sun Microsystems in 2010 and still licenses the JavaCard technology to new licensees every year!
Tad Bogdan is currently a consultant, speaker, and the author of “HOW TO MASTER THE UNIVERSE: A Guide for Mastering you Personal, Interpersonal, and Professional Lives” http://www.MasterTheUniverse.org.
Ted Goldstein, Ph.D. is a consulting CTO and investigator seeking new horizons in technology, artificial intelligence, and healthcare. Previously he was an Apple Vice President and a cancer researcher on the Faculty of Medicine at University of California at San Francisco.
** The views expressed in this article are solely those of the authors listed and do not necessarily reflect the views of the Java Card Forum, its Members or Oracle. **
Java Card is platform of choice for first M2M eSIM certification under GSMA’s Security Assurance scheme
STMicroelectronics has the first machine to machine (M2M) eSIM certified by the GSMA’s Security Assurance scheme.
STMicroelectronics used SGS Brightside in Delft, the Netherlands, to test its ST4SIM-201v1.0.8, with the tests ratified by GSMA’s appointed Certification Body, TrustCB, also in the Netherlands.
The certification scheme by the GSM Association ensures that new eSIM products are resilient against a range of high-level attack threats and is designed to speed up the security certification process, overcome complexities, and reduce time to market for eSIM products.
The GSMA is currently seeking tenders for the provision of eSA Scheme Certification Body services.
M2M and IoT roll outs are moving to remotely configured eSIMs and integrated iSIM devices to simplify the roll out of hundreds of thousands of devices without having to individually provision separate SIM cards. However ensuring that the technology is rugged and secure is vital.
The ST4SIM-201S eSIM (above) is designed for all IoT devices and can remotely manage different MNO profiles while ensuring the appropriate security level.
The device is based on the ST33G1M2 with a tamper-resistant secure element certified by Common Criteria EAL5+, with a 32bit ARM SecurCore SC300 core. It supports a secure and interoperable Java Card environment compliant with Java Card v3.0.5 classic and integrates a dynamic memory management with Java Card garbage collection mechanism optimizing the usage of the memory.
The GSMA certification scheme requires manufacturers to prove a benchmark level of security resilience across product processes. It does this by combining high-security quality with a pragmatic evaluation implementation approach adapted for the mobile market. The processes are in line with industry and ISO requirements and reflect the highest Common Criteria security standards recognised in Europe.
“The GSMA is committed to promoting security across the entire mobile ecosystem to ensure the benefits of mobile connectivity can be enjoyed safely by all. In addition to guaranteeing the highest security – eSA ensures that eSIM products have the same level of security resilience required for chips embedded in passports – we are delighted that our processes enable faster time to market for manufacturers,” said the GSMA’s Chief Technology Officer, Alex Sinclair.
“This is a critical milestone for STMicroelectronics, and we thank the GSMA for maintaining the highest security levels for the product and their efforts to support reduced time-to-market with quick and efficient eSIM certification,” commented Laurent Degauque, Marketing Director at STMicroelectronics.
“SGS Brightsight is pleased to implement the GSMA assurance framework to maintain high security quality using a pragmatic and efficient evaluation approach. The programme ensures we focus on the topics that are fundamental to promoting a ‘security-first’ culture across the entire telecommunication and network industry,” said Adjay Gopie, Director Business Development at SGS Brightsight.
“TrustCB is delighted to issue this first eSA certification. From the very start, the eSA scheme has proved its ability to provide a high-assurance certification in a predictably short timeframe alongside experienced labs. Congratulations to ST for their certified ST4SIM-201v1.0.8 and thanks to SGS Brightsight,” said Wouter Siegers, CEO at TrustCB.
Press Release from eeNews Europe (20/7/22)
Trusted Connectivity Alliance celebrates collaboration with Java Card Forum
In the third interview of the 25th Anniversary series, Claus Dietze, Chair of the Board, Trusted Connectivity Alliance explains the importance of Java Card technology in the Telecoms industry, how the 2 organisations have successfully collaborated over the years and why Java Card should be the platform of choice for IoT solutions.
JCF Technical Committee Members discuss the challenges that Java Card technology will address in the coming years
In the second interview of the 25th Anniversary series, 3 members of the Java Card Technical Committee: Christian Kirchstaetter (Technical Committee Chairman), Luca Di Cosmo and Alexandre Frey (past winners of the annual Bertrand Award) discuss how the Java Card specification is changing in response to new markets and the impact this will have for developers.
The last 25 years have led to quite some changes to the specification. What will the work of the technical committee look like over the next 10 years. Or differently asked, what will the specification look like after 10 years?
Java Card will still be the root of a complex ecosystem with many influencing standards (e.g. communication standards, banking, secure identity, Global Platform). The future will bring a high level of serious multi-application scenarios, where mixing payment, eGov, IoT, telecom, automotive applications will be normal.
In the past we learnt that we needed to look into the market requirements and translate this into the evolution of the specification. We see that the coming years will be challenging due to the increased complexity of our ecosystems. We need to add more flexibility in the provided mechanisms of Java Card, while maintaining the backward compatibility and security.
What challenges is the Java Card Forum facing in new markets?
Traditionally, smart card products have always been associated with the card form factor but, more recently, secure elements soldered on PCBs and integrated secure elements came into play, introducing new technical issues to solve, as well as new kinds of security concerns. As Java Card Forum technical experts, we have wide experience with security evaluation methodologies (Common Criteria, EMVco, etc.) and we collaborate with Oracle in maintaining the Java Card Protection Profile to ease evaluations of Java Card products – but new markets will bring new challenges as well. For instance, the Automotive market defines its own cybersecurity assessment methodology (ISO 21434): fostering integration of Java Card secure elements in the automotive market means looking at the best ways to harmonize smart card security with automotive cybersecurity concerns, including the production of supporting documents.
What are the biggest advantages of using the Java Card Platform?
* Java Card provides a perfect separation between the actual application domain knowledge and the required know-how to securely and efficiently use hardware platforms.
* Application developers can utilize a subset of the Java language and a standardized Java Card API to implement their applications.
* In the past, the number of different use cases has increased due to new markets and requirements. Java Card allows adoption to new environments much faster than specialized native solutions can.
* The biggest advantages compared to native solutions are when it comes to scenarios where different applications need to be served by one product. This also holds true when it comes to the certification of the individual applications.
When you look at the evolution of the Java Card specification over the next few years, will it be necessary to update application code to comply with latest Java Card specs?
No, this not be required. Being a specification designed with backward compatibility in mind, applications not using the latest features will run unchanged on the newest Java Card platforms, thus allowing seamless integration of existing applications with state-of-the-art Java Card platforms. We have seen in the past how important it is to keep backward compatibility. Platform users take legacy applets and install them unchanged on new platforms, together with other applets, creating new product variants. Differently said, an update of the Java Card specification with the exchange of the platform does not cause problems for legacy applets. New applets can benefit from the new features.
What do you find technically interesting about Java Card?
Java Card is the root of a complex ecosystem with many influencing standards (e.g. communication standards, banking, secure identity, GlobalPlatform). The future will bring a high level of serious multi-application scenarios, where mixing payment, eGov, IoT, telecom, automotive applications will be normal. We like to work on the challenge to utilize the Java language in very small deeply-embedded devices with only kilobytes of memory. It is amazing to see how all impacting factors finally lead to a sound picture in the form of a specification.
It is exciting to work on a specification that leads to broadly spread products in various markets. We talk about billions of devices and the most used operating system on this planet.
We are excited to participate in the success story of a specification that is only 25 years old and will continue to evolve to open up new markets. Java Card is not only a standard; from a technical point of view it is also a very complex platform providing a high amount of functionality used by applets.
You can view the actual interview below:
JCF President shares his insights into the success of Java Card over the last 25 years & plans for the future
A lot has been achieved over 25 years and Java Card is the leading platform for secure elements with billions of devices issued each year. Why do you think Java Card has been so successful?
What brought Java Card to the fore in the late 90s is interoperability of the applications running on the smart cards, at a time where interoperability was a pain point for SIM cards, as well as a means to install and host several applications concurrently, even post issuance. Moreover, Java Card offered a strong, secure environment for applications, and Java Card was quickly able to address major markets where the highest possible level of security is required, such as SIM cards, payment cards, passports or identity cards. All this was recognised rapidly by the market, and the number of Java Cards in 2004, seven years after the Java Card Forum was created, was already reaching a billion smart cards per year.
There are several major benefits of Java Card:
- Application interoperability, with one single solution in terms of coding, testing, certification and executing on different vendor platforms
- Hardware independence, with the ability to support any type of secure element, such as removable smart cards, embedded secure elements or integrated, so that vendors can reuse the sample Java Card platform for different markets and products
- Market segment independence, as the same Java Card platform can be deployed to host payment, identity, telecommunications or IoT applications
- Perfect fit for secure element requirements, in terms of security, footprint, or performance
- Recognition and very close alignment with the technology evolution and standardisation in various major standard organisations referencing Java Card
- A high degree of backward compatibility of the specifications – continuity of product portfolios
How was the Java Card Forum instrumental for the success of Java Card?
Early on, the pioneers of Java Card realised that this technology was a major shift that required standardisation to ensure interoperability. They decided to join efforts within a newly created Java Card Forum and provide recommendations to the owner of the Java language – at that time Sun – for the maintenance and evolution of the Java Card technology.
The Java Card Forum is the key place and indispensable environment where Java Card technology is defined and developed, through constant interaction between Java Card vendors and Oracle (owner of the specification and Java Card technology).
The Java Card Forum is an open Forum where recommendations are discussed to influence the future features of Java Card and shape the evolution of Java Card, making it the major platform for smart cards.
What is the outlook of Java Card from a Java Card Forum perspective?
We see some evolution on two major levels, due to the increasing demand for security solutions.
Some traditional applications, such as the SIM cards, payment cards or identity cards, although present with a bright future, are also increasingly being deployed onto the mobile phone or wearable devices, such as connected watches. In these devices, Java Card is now running on the soldered embedded secure element, or even integrated onto the system-on-chip. This motivates us to work on new features, such as new communications channels and protocols, improved power management with, for example, the support of suspend and resume, as well as new memory management capabilities or the ability to communicate with sensors, such as fingerprint readers, directly from the Java Card applet.
Moreover, we see new applications that can benefit from Java Card’s unique features, for example, Internet-of-Things devices or gateways, which are bound to rise exponentially with 5G and massive IoT. Here again, efficient power management, communication with external sensors, as well as lightweight cryptographic or communication protocols with the cloud, is key.
In addition, cryptographic agility is also a big item on the Java Card Forum agenda, initially to address the support of post-quantum cryptography, but more generally to make sure the security can be updated post-issuance should the need arise.
If companies are interested in joining the Java Card Forum, how would they go about it?
The Java Card Forum is an open Forum and there is only one condition – that you have to be an Oracle licencee. Then you can apply for membership and help shape the future of Java Card. We look forward to welcoming you. [Find out more about membership here.]
You can see this interview in video format below:
Java Card Forum 
You must be logged in to post a comment.