GlobalPlatform, the standard for secure digital services and devices, has released version 2.3.1 of its Card / Secure Element (SE) Specification. The release supports the latest extensions of GlobalPlatform technology following widespread deployments in consumer and machine-to-machine (M2M) devices. 100% of the 1 billion SEs embedded in smartphones in the last three years are GlobalPlatform-certified and more than 5.5 billion GlobalPlatform-certified SEs were produced in 2017. 

Enhanced SE & App Management

Amendment I – the SE Management Service – and an extension to Amendment F – the Secure Channel Protocol 11 – enable important changes to the deployment of applications and digital services to SEs. 

“Secure apps and services now need to be provisioned to thousands, if not millions of SEs,” comments Gil Bernabeu, Technical Director of GlobalPlatform. “Previously, service providers have connected to each SE to perform functions like the installation of a security domain, or to load and personalize applets. This can take time and requires a constant connection. These amendments allow service providers to create and load a single package into an app store for multiple end-users to download. This not only simplifies life for service providers and reduces load on their servers, it makes secure apps more readily available to end-users.”

Simplified secure applet updates

Amendment H – the Executable Load File Upgrade simplifies and streamlines the process of updating personalized applets on a SE. The traditional approach requires the old software to be deleted before the new one can be installed and re-personalized. Amendment H securely stores the personalized information and installs the new program code before automatically re-personalizing the applet.

“The adoption and deployment of specifications in the real world bring opportunities into focus and these enhancements bring a range of benefits to device makers, service providers and end-users. Much of this work enables the ecosystem to interact and collaborate more efficiently when deploying and managing digital services, regardless of the device type or use case. And all of this is achieved while maintaining security and privacy,” adds Gil.

GlobalPlatform’s next priority will be the publication of its Secure Element Configuration for Authentication Devices to simplify the deployment of SEs within tailormade authentication devices and peripherals.