A composite product consists of an open platform (such as a secure element [SEs]), with one or more secure applications (known as sensitive applications), and optionally one or more basic applications (which does not need to comply with stringent security requirements to operate). As SEs in mobile devices begin to host multiple applications, it is important that all applications perform as intended and do not interfere with the other services being delivered. Evaluating the security of applications pre and post issuance is therefore vital, but needs to be cost and time effective for all market stakeholders.
The GlobalPlatform Composition Model, which was first released in 2011, defines a relatively easy approach to certify the security of SE products that carry sensitive and/or basic applications and simplify post-issuance application management. The model achieves this by promoting two key concepts: re-using existing security evaluation results; and limiting security evaluation work to only test the impact of new application and SE combinations. The streamlined methodology enables the telecom and payment industries to more easily redeploy SEs and applications once they have been certified.
Adding to its initial work in this area, GlobalPlatform has recently released:
- The Card Composition Model Security Guidelines for Basic Applications v1.0, which proposes a minimal set of guidelines for basic applications. Adhering to these guidelines will protect sensitive applications, other applications, and the SE.
- Card Composition Model v1.1, introduces the relationship between sensitive and basic applications.
- Card Composition Frequently Asked Questions v1.1, supports industry players using this model for the first time.
All documents can be downloaded from the GlobalPlatform website without charge.
Gil Bernabeu, GlobalPlatform Technical Director, comments: “Most of the applications we have on our mobile handsets today have low security requirements. As we start to add applications that connect to our bank accounts or identity, the need to protect an application is crucial. Security evaluation can be expensive and time consuming and while it is imperative that the industry adheres to the highest security standards, it is important that products can be brought to market quickly. GlobalPlatform’s work in this area aims to streamline the security testing process. This will encourage application developers to validate the security of their applications appropriately without stifling innovation and product advancements.”
Gil highlights that GlobalPlatform is also trying to establish security certification best practice for all developers, including basic application developers. He adds: “The GlobalPlatform Composition Model also encourages basic applications to be validated against a given set of applicable security rules. Basic application developers need to understand their responsibilities as more and more services are downloaded onto mobile devices.”
The Card Composition Model has been developed in association with EMVCo – the EMV standards body, and GSMA – which represents the interests of mobile operators worldwide.
Concluding, Gil adds: “GlobalPlatform is committed to continually advancing the GlobalPlatform Composition Model to meet the needs of the industry .This first version has focused on SE applications and we already have plans to develop an implementation of the composition model for trusted applications hosted in a trusted execution environment.”