Giesecke & Devrient’s (News - Alert) (G&D) new smartcard-based operating system, STARCOS 3.5, has been granted a security certificate by The German Federal Office for Security in Information Technology (BSI). This certification is given for its EU-compliant contactless signature cards on the basis of the PACE (Password Authenticated Connection Establishment) protocol.
STARCOS 3.5 enables data exchange between the card chip and the reader via a tap-proof, encrypted wireless connection, allowing users to create a secure, legally binding digital signature without having to insert the card into the reader.
“The Federal Office for Security in Information Technology (BS) had already certified STARCOS 3.5 for machine-readable passports that comply with the current EU requirements as well as for new electronic ID cards of the kind being launched in Germany,” said Hans-Wolfgang Kunz, head of Government Solutions at G&D. “Now, the office has also certified G&D’s smartcard operating system for contactless signature cards. That makes Giesecke & Devrient the only provider worldwide to offer a complete portfolio of security-certified solutions for contactless signature applications, EU-compliant passport applications and ID cards that are secured using the PACE protocol.”
STARCOS 3.5 enables the creation of a convenient, legally binding digital signature with a contactless card as secure as it is with a contact-based one. It also provides faster data transmission and greater durability as the card does not need to be mechanically inserted into the reader.
Going forward, it will also be possible to use NFC-capable smartphones as readers for contactless cards.
In comparison with other smartcard operating systems, STARCOS 3.5 can simultaneously support two different encryption algorithms for the creation of digital signatures: Elliptic Curve Cryptography (ECC), with keys of up to 521 bits in length; and the RSA (News - Alert) algorithm, with 4,096-bit keys.
ECC is becoming popular for offering the same level of security as RSA keys, but faster and requiring less storage space on the smartcard.
By supporting both algorithms, G&D makes it quick and easy for its customers to change from RSA to ECC even after their cards are in circulation.
No matter how things shape up in the future, users of this technology will be ready for it as they will be able to migrate to ECC without the expense of having to replace the cards.
Want to learn more about the latest in communications and technology? Then be sure to attend ITEXPO West 2012, taking place Oct. 2-5, in Austin, TX. Stay in touch with everything happening at ITEXPO (News - Alert). Follow us on Twitter.