GlobalPlatform

GlobalPlatform

Abbreviation	GP
Formation	1999;26 years ago (1999)
Founder	Visa Inc.
Type	Nonprofit, consortium
Legal status	Association
Purpose	Promotion of digital security technical standards
Location	Redwood City, California , United States
Region served	Worldwide
Membership	100 companies (2024)
Official language	English
Executive Director	Ana Lattibeaudiere
Website	globalplatform.org
Formerly called	Visa OpenPlatform

GlobalPlatform (formerly Visa OpenPlatform) is a non profit industry consortium for technical standards focused on the interoperability, management and security of embedded hardware such as smart cards. ^[1] The GlobalPlatform specifications are the de facto standard for remote management of smart card applications. ^[2]

GlobalPlatform has more than 100 members, including Visa, Mastercard, Qualcomm, T-Mobile US, Apple, and Samsung. ^[3] Membership tiers include full member, observer and public entities with fees based on the level of involvement. ^[4]

History

Former logo of GlobalPlatform

Visa Inc. introduced the Visa OpenPlatform smart card specification in April 1998 to support the development of multi-application smart cards based on Java Card technology. ^[5] In 1999, Visa donated the specifications to the OpenPlatform Consortium in order to drive wider adoption. The OpenPlatform Consortium and the specifications themselves were renamed GlobalPlatform later that year. ^{[1] [6]} Mastercard joined the association in 2001, who intended to include MULTOS. ^[7] American Express joined in 2009. ^[8]

Specifications

The specifications cover security, interoperability, and multi-application functionality. Key components include lifecycle management for secure application handling, a Card Manager for central control, and security domains for application isolation. The specifications also define secure channel protocols for data communication and offers an API. ^[4]

In recent years, GlobalPlatform has expanded its scope beyond physical smart cards to include other technologies or form factors that require a secure element. These include embedded SIMs (eSIMs), Trusted Execution Environments (TEEs) that provide a secure area independent of the device operating system, and IoT devices. ^[3]

The GlobalPlatform specifications and security frameworks are incorporated into other industry standards. For example, they form part of the ETSI/3GPP standards that define how SIM cards are used to authenticate users on mobile networks. ^{[9] [10]} GlobalPlatform is also used within the EMV standard to secure card, contactless, and smartphone-based payments. ^[11]

See also

• Trusted Computing Group
• EMV
• Common Access Card

Further reading

• Béguelin, Santiago Zanella (2006). "Formalisation and Verification of the GlobalPlatform Card Specification Using the B Method". In Barthe, Gilles; Grégoire, Benjamin; Huisman, Marieke; Lanet, Jean-Louis (eds.). Construction and Analysis of Safe, Secure, and Interoperable Smart Devices. Lecture Notes in Computer Science. Vol. 3956. Berlin, Heidelberg: Springer. pp. 155–173. doi:10.1007/11741060_9. ISBN   978-3-540-33691-4.
• Bernabeu, Gil (2007-11-01). "GlobalPlatform – the future of mobile payments". Card Technology Today. 19 (11): 9. doi:10.1016/S0965-2590(07)70154-8. ISSN   0965-2590.
• De Almeida Braga, Daniel; Fouque, Pierre-Alain; Sabt, Mohamed (2020-06-19). "The Long and Winding Path to Secure Implementation of GlobalPlatform SCP10". IACR Transactions on Cryptographic Hardware and Embedded Systems: 196–218. doi:10.46586/tches.v2020.i3.196-218. ISSN   2569-2925.
• Avoine, Gildas; Ferreira, Loïc (2018-05-08). "Attacking GlobalPlatform SCP02-compliant Smart Cards Using a Padding Oracle Attack". IACR Transactions on Cryptographic Hardware and Embedded Systems: 149–170. doi: 10.46586/tches.v2018.i2.149-170 . ISSN   2569-2925.

References

1. Mayes, Keith; Markantonakis, Konstantinos (2017). "3.2.2: The GlobalPlatform Card Specificiation". Smart Cards, Tokens, Security and Applications (2nd ed.). Springer International Publishing. pp. 73–81. ISBN   978-3-319-50500-8.
2. Sabt, Mohamed; Traoré, Jacques (2016). "Cryptanalysis of GlobalPlatform Secure Channel Protocols". In Chen, Lidong; McGrew, David; Mitchell, Chris (eds.). Security Standardisation Research. Lecture Notes in Computer Science. Vol. 10074. Cham: Springer International Publishing. pp. 62–91. doi:10.1007/978-3-319-49100-4_3. ISBN   978-3-319-49100-4.
3. Niwano, Eikazu (February 2019). "New Standardization Trends at GlobalPlatform--Secure Components for the IoT Era". NTT Technical Review. 17 (2): 63–69. doi:10.53829/ntr201902gls. ISSN   2436-5327.
4. Markantonakis, Konstantinos; Mayes, Keith (March 2003). "An overview of the GlobalPlatform smart card specification". Information Security Technical Report. 8 (1): 17–29. doi:10.1016/S1363-4127(03)00103-1.
5. "JavaCard - From Hype to Reality". IBM Zurich Research Lab. Retrieved 13 November 2024.
6. Rao, H. R.; Gupta, Manish; Upadhyaya, Shambhu; IGI Global, eds. (2007). Managing information assurance in financial services. Hershey, Pa: IGI Global (701 E. Chocolate Avenue, Hershey, Pennsylvania, 17033, USA). p. 175. ISBN   978-1-59904-173-5.
7. "MasterCard joins GlobalPlatform". Card Technology Today. 13 (9): 3–4. October 2001. doi:10.1016/s0965-2590(01)01005-2. ISSN   0965-2590.
8. Wade, Will (September 30, 2009). "Amex Joins Smart Card Trade Group". American Banker – via Ebsco.
9. Welte, Harald (2024-06-02). GlobalPlatform in USIM and eUICC . Retrieved 2024-11-17– via Osmocom.
10. "Smart Cards; Remote APDU structure for UICC based application" (PDF). ETSI. October 2022.
11. "A Guide to EMV Chip Technology". EMVCo. November 2014.

External links

• Official website