GlobalPlatform
{{Short description|Information security consortium}}
{{Infobox organization
| name = GlobalPlatform
| logo = Logo of GlobalPlatform.svg
| logo_caption =
| image =
| image_size =
| abbreviation = GP
| formation = {{start date and age |1999 }}
| founder = Visa Inc.
| type = Nonprofit, consortium
| status = Association
| purpose = Promotion of digital security technical standards
| location_city = Redwood City, California
| location_country = United States
| region_served = Worldwide
| membership = 100 companies
| membership_year = 2024
| language = English
| leader_title = Executive Director
| leader_name = Ana Lattibeaudiere
| website = {{URL|https://globalplatform.org/}}
| formerly = Visa OpenPlatform
}}
GlobalPlatform (formerly Visa OpenPlatform) is a non profit industry consortium for technical standards focused on the interoperability, management and security of embedded hardware such as smart cards.{{Cite book |last1=Mayes |first1=Keith |title=Smart Cards, Tokens, Security and Applications |last2=Markantonakis |first2=Konstantinos |date=2017 |publisher=Springer International Publishing |isbn=978-3-319-50500-8 |editor-first= |edition=2nd |location= |pages=73–81 |chapter=3.2.2: The GlobalPlatform Card Specificiation }} The GlobalPlatform specifications are the de facto standard for remote management of smart card applications.{{Cite book |last1=Sabt |first1=Mohamed |last2=Traoré |first2=Jacques |chapter=Cryptanalysis of GlobalPlatform Secure Channel Protocols |series=Lecture Notes in Computer Science |date=2016 |volume=10074 |editor-last=Chen |editor-first=Lidong |editor2-last=McGrew |editor2-first=David |editor3-last=Mitchell |editor3-first=Chris |title=Security Standardisation Research |chapter-url=https://link.springer.com/chapter/10.1007/978-3-319-49100-4_3 |language=en |location=Cham |publisher=Springer International Publishing |pages=62–91 |doi=10.1007/978-3-319-49100-4_3 |isbn=978-3-319-49100-4}}
GlobalPlatform has more than 100 members, including Visa, Mastercard, Qualcomm, T-Mobile US, Apple, and Samsung.{{Cite journal |last=Niwano |first=Eikazu |date=February 2019 |title=New Standardization Trends at GlobalPlatform--Secure Components for the IoT Era |url=https://ntt-review.jp/archive/ntttechnical.php?contents=ntr201902gls.html |journal=NTT Technical Review |language=en |volume=17 |issue=2 |pages=63–69 |doi=10.53829/ntr201902gls |issn=2436-5327}} Membership tiers include full member, observer and public entities with fees based on the level of involvement.{{Cite journal |last1=Markantonakis |first1=Konstantinos |last2=Mayes |first2=Keith |date=March 2003 |title=An overview of the GlobalPlatform smart card specification |url=https://linkinghub.elsevier.com/retrieve/pii/S1363412703001031 |journal=Information Security Technical Report |language=en |volume=8 |issue=1 |pages=17–29 |doi=10.1016/S1363-4127(03)00103-1}}
History
File:Logo of GlobalPlatform (old).svg
Visa Inc. introduced the Visa OpenPlatform smart card specification in April 1998 to support the development of multi-application smart cards based on Java Card technology.{{cite web |title=JavaCard - From Hype to Reality |url=https://citeseerx.ist.psu.edu/document?repid=rep1&type=pdf&doi=78bd9ac0f5a92e5c720fe144d70ad5aaef9ea671 |publisher=IBM Zurich Research Lab |access-date=13 November 2024}} In 1999, Visa donated the specifications to the OpenPlatform Consortium in order to drive wider adoption. The OpenPlatform Consortium and the specifications themselves were renamed GlobalPlatform later that year.{{Cite book |title=Managing information assurance in financial services |date=2007 |publisher=IGI Global (701 E. Chocolate Avenue, Hershey, Pennsylvania, 17033, USA) |isbn=978-1-59904-173-5 |editor-last=Rao |editor-first=H. R. |location=Hershey, Pa |pages=175 |editor-last2=Gupta |editor-first2=Manish |editor-last3=Upadhyaya |editor-first3=Shambhu |editor-last4=IGI Global}} Mastercard joined the association in 2001, who intended to include MULTOS.{{Cite journal |date=October 2001 |title=MasterCard joins GlobalPlatform |url=https://doi.org/10.1016/s0965-2590(01)01005-2 |journal=Card Technology Today |volume=13 |issue=9 |pages=3–4 |doi=10.1016/s0965-2590(01)01005-2 |issn=0965-2590}} American Express joined in 2009.{{Cite news |last=Wade |first=Will |date=September 30, 2009 |title=Amex Joins Smart Card Trade Group |url=https://search.ebscohost.com/login.aspx?direct=true&db=bth&AN=44395676&site=eds-live&scope=site |work=American Banker |via=Ebsco}}
Specifications
The specifications cover security, interoperability, and multi-application functionality. Key components include lifecycle management for secure application handling, a Card Manager for central control, and security domains for application isolation. The specifications also define secure channel protocols for data communication and offers an API.
In recent years, GlobalPlatform has expanded its scope beyond physical smart cards to include other technologies or form factors that require a secure element. These include embedded SIMs (eSIMs), Trusted Execution Environments (TEEs) that provide a secure area independent of the device operating system, and IoT devices.
The GlobalPlatform specifications and security frameworks are incorporated into other industry standards. For example, they form part of the ETSI/3GPP standards that define how SIM cards are used to authenticate users on mobile networks.{{Cite AV media |url=https://media.ccc.de/v/osmodevcon2024-173-globalplatform-in-usim-and-euicc |title=GlobalPlatform in USIM and eUICC |date=2024-06-02 |last=Welte |first=Harald |author-link=Harald Welte |language=en |access-date=2024-11-17 |via=Osmocom}}{{cite journal |title=Smart Cards; Remote APDU structure for UICC based application |journal=ETSI |date=October 2022 |url=https://cdn.standards.iteh.ai/samples/66941/e6a836b4cc324b7d9ce7cc063c8508a0/ETSI-TS-102-226-V16-1-0-2022-10-.pdf}} GlobalPlatform is also used within the EMV standard to secure card, contactless, and smartphone-based payments.{{cite journal |title=A Guide to EMV Chip Technology |journal=EMVCo |date=November 2014}}
See also
Further reading
- {{Cite book |last=Béguelin |first=Santiago Zanella |date=2006 |editor-last=Barthe |editor-first=Gilles |editor2-last=Grégoire |editor2-first=Benjamin |editor3-last=Huisman |editor3-first=Marieke |editor4-last=Lanet |editor4-first=Jean-Louis |chapter=Formalisation and Verification of the GlobalPlatform Card Specification Using the B Method |chapter-url=https://link.springer.com/chapter/10.1007/11741060_9 |title=Construction and Analysis of Safe, Secure, and Interoperable Smart Devices |series=Lecture Notes in Computer Science |volume=3956 |language=en |location=Berlin, Heidelberg |publisher=Springer |pages=155–173 |doi=10.1007/11741060_9 |isbn=978-3-540-33691-4}}
- {{Cite journal |last=Bernabeu |first=Gil |date=2007-11-01 |title=GlobalPlatform – the future of mobile payments |url=https://www.sciencedirect.com/science/article/abs/pii/S0965259007701548 |journal=Card Technology Today |volume=19 |issue=11 |pages=9 |doi=10.1016/S0965-2590(07)70154-8 |issn=0965-2590}}
- {{Cite journal |last1=De Almeida Braga |first1=Daniel |last2=Fouque |first2=Pierre-Alain |last3=Sabt |first3=Mohamed |date=2020-06-19 |title=The Long and Winding Path to Secure Implementation of GlobalPlatform SCP10 |url=https://tches.iacr.org/index.php/TCHES/article/view/8588 |journal=IACR Transactions on Cryptographic Hardware and Embedded Systems |pages=196–218 |doi=10.46586/tches.v2020.i3.196-218 |issn=2569-2925}}
- {{Cite journal |last1=Avoine |first1=Gildas |last2=Ferreira |first2=Loïc |date=2018-05-08 |title=Attacking GlobalPlatform SCP02-compliant Smart Cards Using a Padding Oracle Attack |url=https://tches.iacr.org/index.php/TCHES/article/view/878 |journal=IACR Transactions on Cryptographic Hardware and Embedded Systems |pages=149–170 |doi=10.46586/tches.v2018.i2.149-170 |issn=2569-2925|doi-access=free }}
References
{{reflist}}
External links
- {{official website|https://globalplatform.org/}}
Category:Non-profit organizations based in the United States