cryptovision ePasslet Suite
ePasslet Suite is a Java card framework for electronic ID documents. From the electronic identity card to the electronic driving license, almost any electronic identity document can be realized quickly and easily.
ID cards, passports, driving licences and other identification documents can be equipped with a small computer chip. The result is called an electronic identity card (eID). The embedded chip increases security and can be used for many interesting applications, e.g. for computer login, automated age verification and proof of identity on the internet.
Electronic identity documents have become very popular in recent years. There are more than 120 states and non-state entities (i.e. the United Nations) currently issuing electronic passports, and over a billion electronic passports in circulation. Many countries also issue electronic identity cards.
To realize eID applications, it is necessary to implement them on the ID chip. The ePasslet Suite, a product developed by cryptovision, is ideally adapted for this purpose. The suite consists of a collection of Java Card applets, each of which implements a special eID functionality, making working with these chip-secured documents easy and secure.
The ePasslet Suite is delivered either as a solution embedded in the ROM or pre-installed in the flash memory of a Java Card enabled smart card. The ePasslet Suite provides applets for various eID document applications, including electronic passports, eIDAS compliant signature cards, ISO 18013 electronic driver‘s licenses, electronic health cards, custom national eID cards, and more. The solution also allows for post-issuance activation of applets, and new applets can be developed using an internal core library API that provides a comprehensive set of functional blocks, reducing memory requirements and time to market.
The ePasslet Suite is executable on NXP JCOP, Infineon SECORA ID X and Verido‘s Sm@rtcafé Expert. This means that all market-leading Java Card operating systems are supported, which offers the customer great flexibility. In particular, the operator of an eID system can work with several suppliers of Java Card solutions at the same time (second source).
The ePasslet Suite is the ideal solution for government agencies looking to add functionality to eID documents.
PRODUCT ARCHITECTURE
The ePasslet suite can be used on any GlobalPlatform-compliant executable Java Card. A performance optimized version is available on NXP JCOP, Veridos Sm@rtcafé and Infineon SECORA ID X.
EDITIONS, BASICS, KEY FEATURES, COMPARISONS
The ePasslet Suite editions:
Edition 1
- ICAO MRTD with Basic Access Control (BAC) and Password Authenticated Connection Establishment (PACE)
- ISO 7816 File System
- ISO Driving License with Basic Access Protection (BAP) and PACE
Additionally in Edition 2
- ICAO MRTD with EACv1 (including BAC and PACE)
- ISO Driving License with EACv1 or EAP (including BAP / PACE)
- ePKI / Secure Signature Creation Device
- Vehicle Registration
- Health Insurance
- Fingerprint Match-on-Card (based on 3rd party matching package)
Additionally in Edition 3
-
- Bespoken eID with EACv2 (reference: German eID card)
- EU Residence Permit
- European Citizen Card (Identification, Authentication, Signature)
- eIDAS token functionality (platform dependent)
- Custom eID application
ePasslet Suite
cryptovision‘s ePasslet Suite is a flexible solution for national identity cards, signature cards, driving licences, security access cards, travel documents, health cards and other eID systems.
Electronic identity cards
ePasslet Suite offers applets for eIDAS compliant eID cards with various profiles being supported. This includes, for example, the profile used in Germany. In addition, ePasslet Suite makes it easy to put proprietary national identity cards into practice .
Java Card
The ePasslet suite is based on the Java Card standard. It offers a large collection of Java Card applications for all common requirements and enables multi-application cards and documents.
Vendor independence
The ePasslet Suite runs on NXP JCOP, Infineon SECORA ID X and Veridos Sm@rtcafé Expert and thus on all major Java Card platforms. The operator of an eID system is thus independent and can change providers without much effort if necessary.
ICAO
With the ePasslet Suite, the operator of an eID system can easily fully implement a Machine Readable Travel Document (MRTD) according to the International Civil Aviation Organization (ICAO) specification.
The ePasslet Suite supports the MRTD protocols Basic Access Control (BAC), Password Authenticated Connection Establishment (PACE) and Extended Access Control (EAC).
Certified security
Two versions of the ePasslet Suite have been certified to Common Criteria (ISO 15408) at EAL 4+, each with four configurations and corresponding protection profiles. The latest product version has already been certified twice to CC EAL5+.
Further applications
The ePasslet Suite enables, among other applications, both the International Driving Licence (IDL) and a European Health Insurance Card (eHIC). With the ePasslet Suite, multiple applications with shared resources can be realised on the same card.
If necessary, further applications can be instantiated and new applets can be developed and even loaded afterwards on already issued cards
- Vendor-independence, all market-leading Java Card platforms (NXP JCOP, Infineon SECORA ID X, and Veridos Sm@rtcafé Expert) are supported
- Highest certification of a Java Card mask
- Allows for post-issuance applet activation from ROM with minimal EEPROM footprint
