MULTOS

Last updated August 12, 2023

MULTOS is a multi-application smart card operating system, that enables a smart card to carry a variety of applications, from chip and pin application for payment to on-card biometric matching for secure ID and ePassport. MULTOS is an open standard whose development is overseen by the MULTOS Consortium – a body composed of companies which have an interest in the development of the OS and includes smart card and silicon manufacturers, payment card schemes, chip data preparation, card management and personalization system providers, and smart card solution providers. There are more than 30 leading companies involved in the consortium.

One of the key differences of MULTOS with respect to other types of smart card OS, is that it implements a patented public key cryptography-based mechanism by which the manufacture, issuance and dynamic updates of MULTOS smartcards in the field is entirely under an issuer's control using digital certificates rather than symmetric key sharing. This control is enabled through the use of a Key Management Authority (KMA), a special kind of certification authority. The KMA provides card issuers with cryptographic information required to bind the card to the issuer, initialize the card for use, and generate permission certificates for the loading and deleting of applications under the control of the issuer.

Application providers can retrieve and verify the public key certificate of an individual issuer's card, and encrypt their proprietary application code and confidential personalisation data using that card's unique public key. This payload is digitally signed using the private key of the application provider. The KMA, on request from the card issuer, signs the application provider's public key and application code has and creates a digital certificate (the Application Load Certificate) that authorises the application to be loaded to an issuer's card or group of cards. Applications are therefore protected for integrity and confidentiality and loaded to a card without any party sharing symmetric keys and therefore needing to trust any other party sharing the card platform – including the card issuer. Both the Application Provider and Card Issuer know that only specific, authorised applications from authorised parties can be loaded to any specific card.

Hundreds of millions of MULTOS smart cards have been issued by banks and governments all around the world, for projects ranging from contactless payment, Internet authentication and loyalty, to national identity with digital signature, ePassport with biometrics, health care and military base and network access control.^[1]

Technical overview

A MULTOS implementation provides an operating system upon which resides a virtual machine. The virtual machine provides:

Application run-time environment.
Memory management.
Application loading and deleting.

Run-time environment

The run-time environment operates within the application space. This consists of code space and data space. The code, developed in the C language and compiled into MULTOS bytecodes is interpreted every time it is executed. The virtual machine performs code validity and memory access checks during execution of the code. The data space is divided into static and dynamic portions. Static memory is persistent and transaction protection ensures the integrity of application's stored data.

The key component of dynamic memory is the last in, first out (LIFO) stack as this makes using the various functions much easier. A MULTOS chip is a stack machine, which makes use of this dynamic memory to pass parameters and perform calculations. In addition, the Input/output buffer resides in another dynamic memory segment.

Memory management

Each application resides with a rigorously enforced application memory space, which consists of the application code and data segments. This means that an application has full access rights to its own code and data, but can not directly access that of another application. If an application attempts to access an area outside its space, it results in an abnormal end to process

Application loading and deleting

A MULTOS card permits the loading and deleting of applications at any point in the card's active life cycle. A load can take place once the application and its corresponding certificate are transmitted to the chip. A delete is permitted if a certificate that corresponds to a loaded application is transmitted to the chip.^[2]

Related Research Articles

<span class="mw-page-title-main">Telephone card</span> Card used to pay for telephone services

A telephone card, calling card or phonecard for short, is a credit card-size plastic or paper card, used to pay for telephone services. It is not necessary to have the physical card except with a stored-value system; knowledge of the access telephone number to dial and the PIN is sufficient. Standard cards which can be purchased and used without any sort of account facility give a fixed amount of credit and are discarded when used up; rechargeable cards can be topped up, or collect payment in arrears. The system for payment and the way in which the card is used to place a telephone call vary from card to card.

A smart card, chip card, or integrated circuit card is a physical electronic authentication device, used to control access to a resource. It is typically a plastic credit card-sized card with an embedded integrated circuit (IC) chip. Many smart cards include a pattern of metal contacts to electrically connect to the internal chip. Others are contactless, and some are both. Smart cards can provide personal identification, authentication, data storage, and application processing. Applications include identification, financial, public transit, computer security, schools, and healthcare. Smart cards may provide strong security authentication for single sign-on (SSO) within organizations. Numerous nations have deployed smart cards throughout their populations.

ISO/IEC 7816 is an international standard related to electronic identification cards with contacts, especially smart cards, and more recently, contactless mobile devices, managed jointly by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC).

A SIM card is an integrated circuit (IC) intended to store securely the international mobile subscriber identity (IMSI) number and its related key, which are used to identify and authenticate subscribers on mobile telephony devices. Technically the actual physical card is known as a universal integrated circuit card (UICC); this smart card is usually made of PVC with embedded contacts and semiconductors, with the SIM as its primary component. In practice the term "SIM card" refers to the entire unit and not simply the IC.

A proximity card or prox card also known as a key card or keycard is a contactless smart card which can be read without inserting it into a reader device, as required by earlier magnetic stripe cards such as credit cards and contact type smart cards. The proximity cards are part of the contactless card technologies. Held near an electronic reader for a moment they enable the identification of an encoded number. The reader usually produces a beep or other sound to indicate the card has been read.

EMV is a payment method based on a technical standard for smart payment cards and for payment terminals and automated teller machines which can accept them. EMV stands for "Europay, Mastercard, and Visa", the three companies that created the standard.

MIFARE is a series of integrated circuit (IC) chips used in contactless smart cards and proximity cards.

An electronic identification ("eID") is a digital solution for proof of identity of citizens or organizations. They can be used to view to access benefits or services provided by government authorities, banks or other companies, for mobile payments, etc. Apart from online authentication and login, many electronic identity services also give users the option to sign electronic documents with a digital signature.

The Malaysian identity card, is the compulsory identity card for Malaysian citizens aged 12 and above. The current identity card, known as MyKad, was introduced by the National Registration Department of Malaysia on 5 September 2001 as one of four MSC Malaysia flagship applications and a replacement for the High Quality Identity Card, Malaysia became the first country in the world to use an identification card that incorporates both photo identification and fingerprint biometric data on an in-built computer chip embedded in a piece of plastic.

A hardware security module (HSM) is a physical computing device that safeguards and manages secrets, performs encryption and decryption functions for digital signatures, strong authentication and other cryptographic functions. These modules traditionally come in the form of a plug-in card or an external device that attaches directly to a computer or network server. A hardware security module contains one or more secure cryptoprocessor chips.

A card reader is a data input device that reads data from a card-shaped storage medium. The first were punched card readers, which read the paper or cardboard punched cards that were used during the first several decades of the computer industry to store information and programs for computer systems. Modern card readers are electronic devices that can read plastic cards embedded with either a barcode, magnetic strip, computer chip or another storage medium.

A contactless smart card is a contactless credential whose dimensions are credit-card size. Its embedded integrated circuits can store data and communicate with a terminal via NFC. Commonplace uses include transit tickets, bank cards and passports.

<span class="mw-page-title-main">Gemalto</span> International digital security company

Gemalto was an international digital security company providing software applications, secure personal devices such as smart cards and tokens, e-wallets and managed services. It was formed in June 2006 by the merger of two companies, Axalto and Gemplus International. Gemalto N.V.'s revenue in 2018 was €2.969 billion.

There are a number of security and safety features new to Windows Vista, most of which are not available in any prior Microsoft Windows operating system release.

A datacard is an electronic card for data operations.

An information card is a personal digital identity that people can use online, and the key component of an identity metasystem. Visually, each i-card has a card-shaped picture and a card name associated with it that enable people to organize their digital identities and to easily select one they want to use for any given interaction. The information card metaphor has been implemented by identity selectors like Windows CardSpace, DigitalMe or Higgins Identity Selector.

A whole new range of techniques has been developed to identify people since the 1960s from the measurement and analysis of parts of their bodies to DNA profiles. Forms of identification are used to ensure that citizens are eligible for rights to benefits and to vote without fear of impersonation while private individuals have used seals and signatures for centuries to lay claim to real and personal estate. Generally, the amount of proof of identity that is required to gain access to something is proportionate to the value of what is being sought. It is estimated that only 4% of online transactions use methods other than simple passwords. Security of systems resources generally follows a three-step process of identification, authentication and authorization. Today, a high level of trust is as critical to eCommerce transactions as it is to traditional face-to-face transactions.

Biometrics refers to the automated recognition of individuals based on their biological and behavioral characteristics, not to be confused with statistical biometrics; which is used to analyse data in the biological sciences. Biometrics for the purposes of identification may involve DNA matching, facial recognition, fingerprints, retina and iris scanning, voice analysis, handwriting, gait, and even body odor.

The term digital card can refer to a physical item, such as a memory card on a camera, or, increasingly since 2017, to the digital content hosted as a virtual card or cloud card, as a digital virtual representation of a physical card. They share a common purpose: Identity Management, Credit card, or Debit card. A non-physical digital card, unlike a Magnetic stripe card can emulate (imitate) any kind of card. Other common uses include loyalty card and health insurance card; physical driver's license and Social Security card are still mandated by some government agencies.

A secure element (SE) is a secure operating system (OS) in a tamper-resistant processor chip or secure component. It can protect assets (root of trust, sensitive data, keys, certificates, applications) against high level software and hardware attacks. Applications that process this sensitive data on an SE are isolated and so operate within a controlled environment not impacted by software (including possible malware) found elsewhere on the OS.

References

↑ "Multos International - Announcements - MULTOS celebrates 500 million issued devices". 26 January 2014. Archived from the original on 2014-01-26.
↑ "Smart Cards: State-of-the-Art to Future Directions".

External links

Further MULTOS Information

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[1] "Multos International - Announcements - MULTOS celebrates 500 million issued devices". 26 January 2014. Archived from the original on 2014-01-26.

[2] "Smart Cards: State-of-the-Art to Future Directions".

[1]

[2]