________________________________________________________________________________________________________________________________

 

 

ISO-7816

 

 

- A complex DF/EF structure could be setup

 

 

Files could be transparent, cyclic or linear records and purse
Security could be by PIN, External, Internal or Mutual Authenticate
Secure messaging with MAC and Encryption
Several separated application

 

 

This standards is the one used by DesFire product range. The only difference with MutliQ is that we put no restrictions in structure and use.

 

______________________________________________________________________________________________________________

 

 

ISO-15693 : Viccinity

 

 

 

 Vicinity Badges have a reading range up to 1.5 meter depending on the size of the antenna.

 

The contactless protocol implementing Vicinity is ISO-15693

A version of MultiQ runs on a chip (VICC) with both protocols (14443A/B and 15693).

 

Indeed, MultiQ allows to create a VICC file at MF level.

 
 
This VICC file could be reach:
Via protocol 15693 in read/write mode
Via protocol 14443 - in that case security conditions defined during the creation of the file apply

 

 

 

This VICC/PICC chip could be used for applications where some access control has to be granted with a range of 50 cm(f.i.) , and some logical access with a range of a few centimeters.

 

  ______________________________________________________________________________________________________________

 

 

ISO-14443 : Proximity

 

 

 

 Proximity badges have a reading range of a few centimeters.

 

 

125 KHz, Technology

This is an old technology, allowing only to exchange only a few data bytes.

When data are written to a 125KHz card, there is no security.

 

 

Proximity badges use commonly a communication frequency of 13.56MHz.

 

Qilium ports its OS range to chips supporting the protocol 14443 Type A and type B.

 

Data are stored in the badge with a Read/Write protection of 8 byte and an AES Secure Messaging.

 

 

______________________________________________________________________________________________________________

 

 

ICAO

 

 

 

ICAO stands for Iinternational Civil Aviation Organisation.

This standard is defined for Machine readable Transport Documents (MRTD).

 

See www.icao.int

 

 

MultiQ implements ICAO specification BAC and BAC+.
 
Latter-on an ICAO EA (Extended Access), we will proposed based on ECC (Elliptic Curve Cryptography).
A chip with an ECC co-processor is required for EA.
 
 

 

______________________________________________________________________________________________________________

 

 

PKCS#15

 

 

 

PKCS#15 is part from the PKCS specification range publicated by RSA Laboratories. (see www.rsa.com)

 

 

 
It defines a structure for identity documents with RSA signature capabilities
 
A chip with an RSA co-processor is required for defining a PKCS#15 structure
 
With a PKCS#15 card, a middleware CSP or PKCS#11 is provided
 
 

 

______________________________________________________________________________________________________________

 

 

ITSO

 

 

 

ITSO is a UK transportation standard.

MultiQ implements the ITSO CMD2 vmedia type.

It is based on contactless protocol ISO 14443 Type A.

 

see www.itso.org.uk

 

______________________________________________________________________________________________________________

 

 

CALYPSO

 

 

 

Calipso is a transportation infrastructure standard, setup by several transportation actors (RATP, STIB, ....)

The standard includes smartcards.

It is based on contacless protocol 14443 Type B.

 

see www.calypsonet-asso.org

 

______________________________________________________________________________________________________________

 

 

OSPT - CiPURSE

 

 

 

Cipurse is a new transportation standard defined by OSPT.

OSPT stands for Open Standard for Public Transportation, and has been setup by several big players from the smartcard world (Infineon, Inside, Oberthur, Giesecke-Devrient, Samsung, ...)

 

It intends to define an open transportation standard to be an alternative to existing systems

 

see www.osptalliance.org

 

______________________________________________________________________________________________________________

 

 

EMV

 

 

 

EMV is the standard for payments used worldwide by Mastercard, Visa , JCB, ...

EMV standards are specified, maintenaed and certified by Emvco ( see www.emvco.com)

EMV defines Common Core specification (CCD) for smartcard Operating System able to run an EMV application.

EMV specifies a Common Payment Application (CPA), which defines a structure and a policy above CCD.

 

 

 
There is two kind of wokinjg for EMV payment cards:
SDA (Static Data Authentication):
DDA (Dynamic Data Authentication)
 
 

 

SDA

 

The EMV payment card contains a static cryptogram, constructed with the private key of the issuer.

The verification of this cryptogram is done by the terminal.This last contains the public key of the issuer.

 

 

 

EMV-SDA cards doesn't require a co-processor
The EMV transaction is done online only
 
MultiQ allows EMV-SDA structure

 

 

 

DDA

 

The EMV payment card contains a private-public key pair.

 

 

 

EMV-DDA cards require a cryptographic co-processor (RSA or ECC)
The authentification is done by the signature of the card with its private key
This could be used for off-line transaction

 

Later on, Qpay will be ported on a chip with a co-processor, allowing to perform EMV-DDA

 

 

 

______________________________________________________________________________________________________________

 

 

NFC

 

 

 

NFC stands for Near Field Communication.

 

It is a contactless standard defined upon contactless protoccol 14443.

It aims to normalize the way data are stored on NFC tags and are accessed.

 

 

 

NFC tags are read by any NFC compliant reader, including smartphones
In MultiQ Qilium implements a NFC Forum Type 4 tag
 
 

 

See www.nfc-forum.org