Responsible for the development and maintenance of
a common Smart Card Platform for all mobile telecommunication systems, for
the application independent specifications, for the interface with terminal
equipment and for smart card standards for general telecommunications,
mCommerce and security applications
The
main task of ETSI’s Smart Card Platform Technical Committee (TC SCP) is to
expand and maintain the Smart Card Platform specifications for mobile
communication systems. The specifications developed by TC SCP are, however,
not bound to usage only in the telecommunications sector. They are, by
design, generic and application-agnostic and may thus be used as
specifications for a (secure) platform for any application designed to
reside on a smart card or a secure element.
To date, TC SCP has produced well over 40 specifications on smart cards. For
each topic addressed, its specifications define requirements, the technical
solution, and testing for both the smart card and the terminal. It is the
hallmark of TC SCP in the world of standards that it provides the industry
with a hitherto unknown basis for the development and integration of
applications. This way, interoperability between terminals and the
applications implemented on this true multi-application platform (called the
UICC) can be achieved.
The topics addressed by TC SCP range from the definition of all lower layers
and interfaces of the Smart Card Platform itself and application
functionality, including administrative commands, Application Programming
Interfaces (APIs), browsers, Internet connectivity, Machine-to-Machine
(M2M), interfaces for high speed and Near Field Communication (NFC) as well
as remote management.
TC SCP also provides and maintains the application identity register for
smart card applications on behalf of other committees including the Third
Generation Partnership Project (3GPP™), 3GPP2, various financial
institutions and the WiMAX Forum.
2011 was a year dominated by the introduction of two important, as well as
exciting, new topics – the definition of a 4th Form Factor for the UICC and
the specification of an embedded UICC and its interfaces. The specifications
of TC SCP are widely used by the industry, and giving ongoing support as
they are implemented is an important adjunct of the work of TC SCP,
particularly following the publication of seven new Technical Specifications
in 2010.
Agreement on the requirements for a 4th Form Factor for the UICC, smaller
and possibly thinner than the Mini-UICC (which is sometimes referred to as
3FF or by some, in the context of mobile communications, as micro-SIM) was
achieved after intense discussion; whilst smaller, a mandatory requirement
for a UICC of this form factor is that it shall retain existing UICC
functionalities. Also agreed were the criteria to be used when selecting a
technical solution, should several technical proposals be identified which
could meet the requirements. The technical realisation of this form factor
is, however, still under discussion, and currently there are three candidate
proposals. Whilst one option involves removing all plastic surrounding the
contact area and shifting the two contacts needed for the high speed
interface to the central part of the contact area, the other two proposals
follow a more radical approach, having all, or all but two, contacts in a
single row, resembling consumer memory cards. An agreed solution is expected
early in 2012.
Work on M2M applications has given rise to the possibility of having a UICC
that is embedded in a communication device in such a way that it is ‘not
easily accessible or replaceable’. Such a UICC is called an ‘embedded UICC’
(eUICC) and an example is the MFF2 (Machine-to-Machine Form Factor 2) which
is a Surface Mounted Device (SMD) package and must be soldered to a circuit
board. This form factor was specified by TC SCP in 2010 for use in an M2M
environment, where aspects such as extreme temperature, vibration and shock,
as well as the form factor itself, must be taken into account. The ability
to change subscriptions on devices which utilise an eUICC, as, for instance,
outlined in an input paper to TC SCP by the GSM Association entitled
‘Embedded SIM Task Force Requirements and Use Cases’, necessitates new
methods for provisioning identity and access credentials both securely and
remotely. In early 2011, TC SCP formally agreed to undertake new work to
address this topic. The work involves the identification, analysis and
definition of a representative set of use cases that will provide the key
requirements for the development of a trusted framework for the management
of an eUICC, and for remote personalisation and subscription management of
such an eUICC, including its integration in telecommunication network
infrastructures. This has, however, proved to be a rather complex topic, due
to the influence of the underlying architecture of the whole ecosystem.
Furthermore, the increased interest in this topic, the potential impact of a
technical solution, as well as possible differing business opportunities
within the various markets, has led to extensive discussions and numerous
input papers which require far more time than originally anticipated. This
topic will continue to be a major area of work in 2012.
A significant achievement of 2011 concerned the Card Application Toolkit. It
can now be executed on composite devices such as an M2M module to which, for
instance, an external display and/or keypad would be temporarily or
permanently attached. The technical solution allows the new device
capabilities to be exposed to the UICC which can then make use of a broader
set of proactive commands that would otherwise not be accepted by the device.
A typical use would be for an M2M communication module in a vending machine
to which a display and keypad are connected for maintenance operations while
not being needed for normal operation.
Two certification bodies – the Global Certification Forum (GCF) and the PCS
Type Certification Review Board (PTCRB) – selected the TC SCP test cases for
the Single Wire Protocol (SWP) and the Host Controller Interface (HCI) to be
requirements for certification of NFC-enabled terminals.
Two customer organisations of TC SCP decided to use the Secure Channel
specification of TC SCP for the specification of their features – the Open
Mobile Alliance (OMA), for use in the OMA BCAST specifications, and 3GPP,
for secure communications between the USIM application on a UICC and a Relay
Node. In its effort to ensure that all the necessary ingredients for a
professional solution are available, TC SCP began work in 2011 on a related
conformance test specification for the architecture, functional capabilities
and characteristics of the Secure Channel. This is expected to be completed
early in 2012.
Work was also started on memory integrity monitoring in M2M applications, a
test specification for a UICC API for Java™ Card for contactless
applications and the peer-to-peer mode for contactless communications.
A full list of all active and completed work items and detailed information
pertaining to them can be found in the ‘Work Item Monitoring’ window at:
http://portal.etsi.org/scp.