secure element

{{Short description|Isolated and secure electronic component}}

A secure element (SE) is a secure operating system (OS) in a tamper-resistant processor chip or secure component. It can protect assets (root of trust, sensitive data, keys, certificates, applications) against high-level software and hardware attacks. Applications that process this sensitive data on an SE are isolated and so operate within a controlled environment not affected by software (including possible malware) found elsewhere on the OS.{{cite web |last1=Bertrand |first1=Cambou |title=Enhancing Secure Elements - Technology and Architecture |url=https://in.nau.edu/wp-content/uploads/sites/223/2020/06/CH10-Enhancing-Secure-Elements-May-1st-2016.pdf |publisher=Northern Arizona University}}{{cite web |title=What is Secure Element? |url=https://encyclopedia.kaspersky.com/glossary/secure-element/ |publisher=Kaspersky}}

The hardware and embedded software meet the requirements of the Security IC Platform Protection Profile [PP 0084] including resistance to physical tampering scenarios described within it.{{cite web |title=Security IC Platform Protection Profile with Augmentation Packages |url=https://www.commoncriteriaportal.org/files/ppfiles/pp0084b_pdf.pdf |publisher=Common Criteria}} More than 96 billion secure elements were produced and shipped between 2010 and 2021.{{cite web |title=Worldwide Market of Secure Elements Confirms its Resiliency in 2021 |url=https://www.eurosmart.com/worldwide-market-of-secure-elements-confirms-its-resiliency-in-2021/ |publisher=Eurosmart}}

SEs exist in various form factors, as devices such as smart cards, UICCs, or smart microSD cards,{{cite web |last1=Lee |first1=Nicole |title=SD Association adds secure NFC support to its smartSD memory cards |url=https://guce.engadget.com/consent?brandType=nonEu&gcrumb=D1bnWYY&lang=en-US&done=https%3A%2F%2Fwww.engadget.com%2F2013-06-06-sd-association-nfc-support-smartsd.html%3Fguccounter%3D1%26guce_referrer%3DaHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS8%26guce_referrer_sig%3DAQAAADoGSFhiYXKXHHqGwn3GAkV2q9LUgMJsuJnQX4DnDYZa_OE-kfd8hL6gjQRy1oOlcrSoxgkz_IiGjz_1tJeNuNZETDsZK9vNVIf4vp97NE19VvkjmAatxCVjBIs33eCS3rL3WCClL9Coq_Dd9tedcTOLxyWnUjiJQgM8YrDS52SK |publisher=Engadget |date=June 6, 2013}} or embedded, or integrated, as parts of larger devices.{{cite web |last1=Mehta |first1=Tushar |title=What is Integrated SIM (iSIM)? How is it better than eSIM? |url=https://www.digitaltrends.com/mobile/integrated-sim-isim-explainer/ |publisher=Digital Trends |date=April 4, 2022}}{{cite web |last1=Page |first1=Carly |title=Yubico's new hardware key features a fingerprint reader for passwordless logins |url=https://techcrunch.com/2021/10/05/yubicos-new-hardware-key-lands-with-a-fingerprint-reader-for-passwordless-logins/?guccounter=1 |publisher=TechCrunch |date=October 5, 2021}} SEs are an evolution of the chips in earlier smart cards, which have been adapted to suit the needs of numerous use cases, such as smartphones, tablets, set-top boxes, wearables, connected cars, and other internet of things (IoT) devices. The technology is widely used by technology firms such as Oracle,{{cite web |title=The Open Application Platform for Secure Elements |url=https://www.oracle.com/technetwork/java/javacard/overview/java-card-data-sheet-19-01-07-5250140.pdf |publisher=Oracle}} Apple{{cite web |title=How Apple Pay keeps users’ purchases protected |url=https://support.apple.com/en-gb/guide/security/seccb53a35f0/web |publisher=Apple}} and Samsung.{{cite web |title=Samsung Elevates Data Protection for Mobile Devices with New Security Chip Solution |url=https://news.samsung.com/global/samsung-elevates-data-protection-for-mobile-devices-with-new-security-chip-solution |publisher=Samsung |date=May 26, 2020}}

SEs provide secure isolation, storage and processing for applications (called applets) they host while being isolated from the external world (e.g. rich OS and application processor when embedded in a smartphone) and from other applications running on the SE. Java Card and MULTOS are the most deployed standardized multi-application operating systems currently used to develop applications running on SEs.

Since 1999, GlobalPlatform has been the body responsible for standardizing secure element technologies to support a dynamic model of application management in a multi-actor model. GlobalPlatform also runs Functional and Security Certification programmes for secure elements, and hosts a list of Functional Certified and Security Certified products. GlobalPlatform technology is also embedded in other standards such as ETSI SCP (now SET) since release 7.{{cite web |title=Smart Cards; Remote APDU structure for UICC based applications (Release 12) |url=https://www.etsi.org/deliver/etsi_ts/102200_102299/102226/12.00.00_60/ts_102226v120000p.pdf |publisher=ETSI}} A Common Criteria Secure Element Protection Profile has been released targeting EAL4+ level with ALC_DVS.2 and AVA_VAN.5 extension to standardize the security features of a secure element across markets.{{cite web |title=GlobalPlatform Technology Secure Element Protection Profile Version 1.0 |url=https://www.commoncriteriaportal.org/files/ppfiles/CCN-CC-PP-5-2021.pdf |publisher=Common Criteria}}