GlobalPlatform launches Mobile ID white paper

13/11/15

GlobalPlatform has published a new white paper, which highlights how standardised GlobalPlatform technologies support the implementation and deployment of mobile ID solutions, while meeting the advanced security requirements of markets such as government-to-citizen, government-to-government, enterprise, eHealth, financial, commercial and consumer.

The white paper, entitled ‘Mobile ID: Realization of Mobile Identity Solutions by GlobalPlatform Technologies’, discusses the importance of mobile ID applications as a means of enabling authentication capabilities on mobile devices, alongside the essential role that the secure element (SE) and trusted execution environment (TEE) play in mobile ID architectures. The derivation and deployment of mobile ID across various applications is examined and the paper explains how credentials can be managed and implemented in a SE or in a TEE using GlobalPlatform specifications.   

With security an overarching concern for mobile ID deployments, the paper explores the value of certification schemes when providing assurance in relation to the security requirements of particular markets. It outlines how standard mobile ID applications and protocols such as FIDO (online authentication), GSMA Mobile Connect (telecommunication sectors), RADIUS VPN (enterprise sectors), TLS (web authentication), PIV (US government specifications), and eIDAS (EU regulation with respective ISO/IEC, ETSI and CEN standards) can be implemented on a TEE or SE, in order to securely store credentials, protect applications, or secure the mobile device user interface.

The paper concludes with a comparison of different implementation scenarios for mobile ID solutions based on the rich execution environment (REE), SE and TEE. This offers an insight into which platform(s) are the most suitable to meet the needs of specific markets and applications.

“Mobile ID service providers have to make many decisions when shaping a successful deployment,” says Kevin Gillick, executive director of GlobalPlatform. “One of the most important is which combination of execution environments will best fulfil the needs of the application in regards to viability, security, deployment, and usability.”

He adds: “GlobalPlatform’s standardised secure components, the TEE and SE, enable mobile ID applications to be implemented in a secure way and are essential to fulfil specific privacy and security requirements. GlobalPlatform technologies can also be used in combination with a REE, controlled by a Rich OS. Depending on the application, the single use or combination of these three elements can address the varying requirements of mobile ID schemes.

“With on-going growth in mobile ID deployments and use cases, GlobalPlatform provides an established infrastructure for service providers which assures interoperability, consistency and enables implementation of end-to-end solutions in a secure and certified way. Through this paper, we aim to educate relevant stakeholders that standards-based technologies, such as those specified by GlobalPlatform, provide a solid foundation for the realisation of further growth in the global mobile ID market.”  

The new GlobalPlatform white paper can be downloaded below.

Related articles

Subscribe to our free newsletter
Follow us on Twitter
Join us on LinkedIn

GlobalPlatform launches Mobile ID white paper

Latest Features & Interviews

Interview: Get Group's Gerald Hubbard

Ahead of connect:ID 2017, Security Document World took time-out to speak to Gerald Hubbard, director of business development  at Get Group

White paper: Slovakia prototypes mobile electronic identification (MeID) solution

Empowering e-government by shifting to smart cards is accelerating the arrival of a new era of mobile identity and electronic documents.

Hewlett Packard: Implementing mobile electronic identity

In this white paper, Hewlett Packard details an enterprise approach to mobile eID based on hardware tokens in microSD cards.

More articles >>
Share |

Sponsored Links

SDW Conference and Exhibition
SDW is a world-leading conference and exhibition providing a global showcase for next-generation secure credentialing solutions.