Giesecke & Devrient (G&D) is enhancing its credentials as a technology leader for security-certified signature card solutions. The German Federal Office for Security in Information Technology (BSI) has granted STARCOS 3.5, G&D’s new smartcard-based operating system, a security certificate for EU-compliant contactless signature cards on the basis of the PACE (Password Authenticated Connection Establishment) protocol. Data is exchanged between the card chip and the reader via a tap-proof, encrypted wireless connection. This enables users to create a secure, legally binding digital signature without having to insert the card into the reader. That is not only practical, but also saves time and protects the card.
“The Federal Office for Security in Information Technology (BSI) had already certified STARCOS 3.5 for machine-readable passports that comply with the current EU requirements as well as for new electronic ID cards of the kind being launched in Germany. Now, the office has also certified G&D’s smartcard operating system for contactless signature cards. That makes Giesecke & Devrient the only provider worldwide to offer a complete portfolio of security-certified solutions for contactless signature applications, EU-compliant passport applications and ID cards that are secured using the PACE protocol,” says Hans-Wolfgang Kunz, Head of Government Solutions at G&D.
Thanks to STARCOS 3.5, creating a legally binding digital signature is just as secure with a contactless card as it is with a contact-based one – but even more convenient. Further advantages of the contactless solution include faster data transmission and greater durability because the card does not need to be mechanically inserted into the reader. Going forward, it will also be possible to use NFC-capable smartphones as readers for contactless cards.
STARCOS 3.5 is unique among smartcard operating systems in that it simultaneously supports two different encryption algorithms for the creation of digital signatures: Elliptic Curve Cryptography (ECC), with keys of up to 521 bits in length, and the RSA algorithm, with 4,096-bit keys. ECC is gaining ground because it offers the same level of security as RSA keys but is faster and requires less storage space on the smartcard. By supporting both algorithms, G&D makes it quick and easy for its customers to change from RSA to ECC even after their cards are in circulation. Whatever the future may bring, users of this technology will be ready for it as they will be able to migrate to ECC without the expense of having to replace the cards.
G&D provides complete hardware and software packages for the trouble-free operation of its card and passport solutions. In addition to passports, signature cards and ID cards, the technology group offers middleware that can be easily integrated into existing system environments. The purpose of this middleware is to establish a secure and reliable connection between the card applications, a large number of PC applications and server applications. That makes it easy to support the standard applications in use today – e.g. e-mail clients, PDF software, and encryption applications – and means that G&D’s card solutions can be seamlessly integrated in a cost-effective manner.