ETSI TS 102 412 V11.0.0 (2011-05)

Technical Specification
Smart Cards;
Smart Card Platform Requirements Stage 1
(Release 11)
Release 11 2 ETSI TS 102 412 V11.0.0 (2011-05)

Reference
RTS/SCP-R00002vb00
Keywords
smart card
ETSI
650 Route des Lucioles
F-06921 Sophia Antipolis Cedex - FRANCE

Tel.: +33 4 92 94 42 00  Fax: +33 4 93 65 47 16

Siret N° 348 623 562 00017 - NAF 742 C
Association à but non lucratif enregistrée à la
Sous-Préfecture de Grasse (06) N° 7803/88

Important notice
Individual copies of the present document can be downloaded from:
http://www.etsi.org
The present document may be made available in more than one electronic version or in print. In any case of existing or
perceived difference in contents between such versions, the reference version is the Portable Document Format (PDF).
In case of dispute, the reference shall be the printing on ETSI printers of the PDF version kept on a specific network drive
within ETSI Secretariat.
Users of the present document should be aware that the document may be subject to revision or change of status.
Information on the current status of this and other ETSI documents is available at
http://portal.etsi.org/tb/status/status.asp
If you find errors in the present document, please send your comment to one of the following services:
http://portal.etsi.org/chaircor/ETSI_support.asp
Copyright Notification
No part may be reproduced except as authorized by written permission.
The copyright and the foregoing restriction extend to reproduction in all media.

© European Telecommunications Standards Institute 2011.
All rights reserved.
TM TM TM TM
DECT , PLUGTESTS , UMTS , TIPHON , the TIPHON logo and the ETSI logo are Trade Marks of ETSI registered
for the benefit of its Members.
TM
3GPP is a Trade Mark of ETSI registered for the benefit of its Members and of the 3GPP Organizational Partners.
LTE™ is a Trade Mark of ETSI currently being registered
for the benefit of its Members and of the 3GPP Organizational Partners.
GSM® and the GSM logo are Trade Marks registered and owned by the GSM Association.
ETSI
Release 11 3 ETSI TS 102 412 V11.0.0 (2011-05)
Contents
Intellectual Property Rights . 9
Foreword . 9
Introduction . 9
1 Scope . 10
2 References . 10
2.1 Normative references . 10
2.2 Informative references . 11
3 Definitions and abbreviations . 12
3.1 Definitions . 12
3.2 Abbreviations . 14
4 Requirements . 15
4.1 Run time environment timing constraints . 16
4.1.1 Abstract (informative) . 16
4.1.2 Background (informative) . 16
4.1.2.1 Use case - Network authentication . 16
4.1.3 Requirements . 17
4.1.4 Interaction with existing features (informative) . 17
4.2 Launch Application feature . 17
4.2.1 Abstract (informative) . 17
4.2.2 Background (informative) . 17
4.2.3 Requirements . 18
4.2.4 Interaction with existing features (informative) . 18
4.3 Mapped file support on the UICC . 18
4.3.1 Abstract (informative) . 18
4.3.2 Background (informative) . 19
4.3.3 Requirements . 19
4.3.4 Interaction with existing features (informative) . 19
4.4 Extension of logical channels . 19
4.4.1 Abstract (informative) . 19
4.4.2 Background (informative) . 19
4.4.2.1 Typical problem situation . 19
4.4.2.2 Possible problem solution . 20
4.4.2.3 Use cases . 20
4.4.2.3.1 Use case - JSR 177 applications . 20
4.4.2.3.2 Use case - PC connection . 20
4.4.3 Requirements . 20
4.4.3.1 General requirements . 20
4.4.3.2 Backward compatibility requirements. 20
4.4.4 Interaction with existing features (informative) . 20
4.5 Secure channel to secure local terminal interfaces . 20
4.5.1 Abstract (informative) . 20
4.5.2 Background (informative) . 21
4.5.2.1 Use case - User interface . 21
4.5.2.2 Use case - UICC as a control point for device management . 22
4.5.2.3 Use case - DRM and distributed applications . 23
4.5.2.4 Use case - Toolkit commands protection . 25
4.5.3 Requirements . 25
4.5.3.1 End point requirements . 25
4.5.3.2 Integrity requirements . 25
4.5.3.3 Confidentiality requirements . 25
4.5.3.4 Authentication requirements . 26
4.5.3.5 Audit/Compliance requirements . 26
4.5.3.6 Policy requirements . 26
ETSI
Release 11 4 ETSI TS 102 412 V11.0.0 (2011-05)
4.5.3.7 Transport Protocol requirements . 26
4.5.4 Interaction with existing features (informative) . 26
4.5.4.1 Logical Channels . 26
4.6 Authenticate command longer than 255 bytes. 26
4.6.1 Abstract (informative) . 26
4.6.2 Background (informative) . 27
4.6.2.1 Use case - EAP packet exchange . 27
4.6.3 Requirements . 27
4.6.3.1 General requirements . 27
4.6.3.2 Backward compatibility requirements. 27
4.6.4 Interaction with existing features (informative) . 27
4.7 CAT mechanisms to indicate the bearer connection status . 27
4.7.1 Abstract (informative) . 27
4.7.2 Background (informative) . 27
4.7.2.1 Use case - Availability of network bearers . 27
4.7.2.2 Use case - Network connection temporarily lost . 28
4.7.2.3 Use case - Availability of local bearers . 28
4.7.3 Requirements . 28
4.7.3.1 Requirement 1 - Network bearer connection status . 28
4.7.3.2 Requirement 2 - Local bearer connection status . 28
4.7.4 Interaction with existing features (informative) . 28
4.8 New UICC-Terminal interface . 28
4.8.1 Abstract (informative) . 28
4.8.2 Background (informative) . 29
4.8.2.1 Use case - multimedia file management . 29
4.8.2.2 Use case - MMI on UICC . 29
4.8.2.3 Use case - real-time multimedia data encryption/decryption . 29
4.8.2.4 Use case - storage of terminal applications on the UICC . 29
4.8.2.5 Use case - direct and indirect UICC connection to a PC . 29
4.8.2.6 Use case - web server on Smart Card . 30
4.8.2.7 Use case - antivirus on UICC . 30
4.8.2.8 Use case - big phonebook management from the UICC . 30
4.8.2.9 Use case - reduce personalization time . 30
4.8.2.10 Use case - generic TCP/IP connectivity . 30
4.8.3 Requirements . 31
4.8.3.1 General requirements . 31
4.8.3.2 Backward compatibility requirements. 31
4.8.4 Interaction with existing features (informative) . 32
4.9 UICC based application acting as a server . 32
4.9.1 Abstract (informative) . 32
4.9.2 Background (informative) . 32
4.9.3 Requirements . 32
4.9.4 Interaction with existing features (informative) . 32
4.10 API for applications registered to a Smart Card Web Server . 32
4.10.1 Abstract (informative) . 32
4.10.2 Background (infor mative) . 33
4.10.2.1 Registration of an application to the SCWS . 33
4.10.2.2 Data exchange between SCWS and application . 33
4.10.2.3 Issuing Proactive Commands . 33
4.10.3 Requirements . 33
4.10.4 Interaction with existing features (informative) . 33
4.11 Specific UICC environmental conditions . 34
4.11.1 Abstract (informative) . 34
4.11.2 Background (infor mative) . 34
4.11.2.1 Use case - Automotive service . 34
4.11.2.2 Use case - Remote monitoring camera . 34
4.11.2.3 Use case - Remote stock monitoring for vending machines . 34
4.11.2.4 Use case - Online electronic advertising board . 34
4.11.3 Considerations (informative) . 34
4.11.4 Requirements . 35
4.11.4.1 Requirement 1: Temperature range . 35
4.11.4.2 Requirement 2: Humidity . 35
ETSI
Release 11 5 ETSI TS 102 412 V11.0.0 (2011-05)
4.11.5 Interaction with existing features (informative) . 35
4.12 Introduction of high density memory technology in UICC . 35
4.12.1 Abstract (informative) . 35
4.12.2 Background (infor mative) . 35
4.12.2.1 Use case - Enhanced UICC features. 35
4.12.3 Requirements . 36
4.12.4 Interaction with existing features (informative) . 36
4.13 Power supply indication mechanism . 36
4.13.1 Abstract (informative) . 36
4.13.2 Background (infor mative) . 36
4.13.2.1 Use case - generic situation . 36
4.13.2.2 Use case - USIM application with toolkit applications . 37
4.13.3 Requirements . 37
4.13.3.1 General Requirements . 37
4.13.3.2 Backward compatibility requirements. 37
4.13.4 Interaction with existing features (informative) . 37
4.14 Internet Connectivity up to UICC applications . 38
4.14.1 Abstract (informative) . 38
4.14.2 Use Cases (informative) . 38
4.14.2.1 Use Case - Card OTA management . 38
4.14.2.2 Use Case - User local access from the terminal to a card server . 38
4.14.2.3 Use Case - Remote access to an identity server in the card . 39
4.14.2.4 Use Case - User access from a locally connected device to a card service . 39
4.14.3 Requirements . 39
4.14.4 Interaction with existing features (informative) . 39
4.15 Contactless UICC services . 40
4.15.1 Abstract (informative) . 40
4.15.2 Background (infor mative) . 40
4.15.2.1 Use case - Access . 40
4.15.2.1.1 System aspects of use case . 40
4.15.2.1.2 UICC role in use case . 40
4.15.2.2 Use case - tickets . 41
4.15.2.2.1 System aspects of throughput ticketing scenario . 42
4.15.2.2.2 System aspects of high priced ticketing scenario . 42
4.15.2.2.3 UICC role in use case . 42
4.15.2.3 Use case - digital rights . 44
4.15.2.3.1 System aspects of contactless digital rights . 44
4.15.2.3.2 UICC role in use case . 44
4.15.2.4 Use case - payment application . 44
4.15.2.5 Use case - loyalty application. 45
4.15.2.6 Use case - health care application . 46
4.15.2.7 Use case - retail . 46
4.15.2.7.1 System aspects of the use case . 46
4.15.2.7.2 UICC role in the use case . 46
4.15.2.8 Consideration about multiple applications in peer to peer mode . 46
4.15.2.8.1 System aspects of multiple applications in peer to peer mode . 46
4.15.2.8.2 Service discovery in peer to peer mode . 47
4.15.2.8.3 Application connection in peer to peer mode . 47
4.15.2.8.4 Customer care in peer to peer mode . 47
4.15.2.9 Considerations about the P2P technology . 47
4.15.3 Requirements . 48
4.15.3.1 Physical interface requirements . 48
4.15.3.2 Multi-protocol concurrent operation requirements . 48
4.15.3.3 Contactless communication modes requirements . 48
4.15.3.4 Compatibility with existing contactless systems requirements . 48
4.15.3.5 Parameters to be transported by the CLFIP requirements . 48
4.15.3.6 Application integration requirements . 49
4.15.3.7 Terminal and user interaction requirements . 49
4.15.3.8 Interoperability requirements . 49
4.15.3.9 RFID requirements . 49
4.15.3.10 P2P mode requirements . 50
4.15.3.10.1 General P2P requirements . 50
ETSI
Release 11 6 ETSI TS 102 412 V11.0.0 (2011-05)
4.15.3.10.2 P2P application management requirements . 51
4.15.4 Interaction with existing features (informative) . 52
4.16 Administration of the Smart Card Web Server. 52
4.16.1 Abstract (informative) . 52
4.16.2 Background (infor mative) . 52
4.16.3 Requirements . 52
4.16.4 Interaction with existing features (informative) . 52
4.17 Confidential Application Services . 52
4.17.1 Abstract (informative) . 52
4.17.2 Background (infor mative) . 53
4.17.2.1 Use case 1: Mobile TV services . 53
4.17.2.2 Use case 2: Banking Services. 54
4.17.2.3 Use case 3: Contactless Applications . 55
4.17.2.4 Use case 4: Mobile Virtual Network Operator services . 56
4.17.3 Requirements (normative) . 57
4.17.3.1 Confidential application environment . 57
4.17.3.2 Administration by Card issuer. 57
4.17.3.2.1 Third party area environment administration . 57
4.17.3.2.2 Third party area creation. 58
4.17.3.2.3 Third party area policy definition . 58
4.17.3.3 Administration by Third party. 58
4.17.3.4 Service Operator specific requirements . 59
4.17.4 Interaction with existing features (informative) . 59
4.18 UICC for Machine-to-Machine (M2M) applications . 59
4.18.1 Abstract (informative) . 59
4.18.2 Use Cases (informative) . 60
4.18.2.1 Use case - Track and Trace . 60
4.18.2.1.1 Use case - Emergency Call . 60
4.18.2.1.2 Use case - Fleet Management . 60
4.18.2.1.3 Use case - Theft Tracking . 61
4.18.2.2 Use case - Monitoring . 62
4.18.2.2.1 Use case - Metering/Prepaid delivery of utilities (water, gas, electricity) . 62
4.18.2.2.2 Use case - Person / Animal protection . 62
4.18.2.2.3 Use case - Object protection . 63
4.18.2.3 Use case - Transaction . 64
4.18.2.3.1 Use case - PoS Terminals (Point of Sale Terminals) . 64
4.18.2.4 Use case - Control . 64
4.18.2.4.1 Use case - Controlling vending machines. 64
4.18.2.4.2 Use case - Controlling production machines . 65
4.18.3 Requirements . 65
4.18.3.1 General M2M UICC Requirements . 65
4.18.3.1.1 Specific requirements related to definition of classes . 65
4.18.3.1.2 Example for a possible class system (informative). 66
4.18.3.2 MFF Requirements . 66
4.18.4 Interaction with existing features (informative) . 66
4.19 Location based services for broadcast technology . 66
4.19.1 Abstract (informative) . 66
4.19.2 Use Cases (informative) . 67
4.19.3 Requirement for retrieving location information for broadcast technology . 67
4.19.4 Interaction with existing features (informative) . 67
4.20 Terminals with reduced functionality . 67
4.20.1 Abstract (informative) . 67
4.20.2 Use case (informative) . 67
4.20.2.1 Use case - Data card . 67
4.20.3 Requirements . 67
4.20.4 Interaction with existing features (informative) . 68
4.21 Digital Rights Management . 68
4.21.1 Abstract (informative) . 68
4.21.2 Use cases (informative) . 68
4.21.2.1 Use case - Transfer of protected contents and rights by using a UICC . 68
4.21.2.2 Use case - Provisioning of rights in the UICC . 68
4.21.2.3 Use case - Direct rendering of DRM-protected content by using the UICC . 68
ETSI
Release 11 7 ETSI TS 102 412 V11.0.0 (2011-05)
4.21.2.4 Use case - Pre-loading of rights by using the UICC . 69
4.21.3 Requirements . 69
4.21.4 Interaction with existing features (informative) . 69
4.22 Multicast dataflow in UICC . 69
4.22.1 Abstract (informative) . 69
4.22.2 Use cases (informative) . 69
4.22.2.1 Use case - Broadcast data services . 69
4.22.2.2 Use case - Mobile TV related services . 70
4.22.3 Requirement for multicast dataflow (subscription and dataflow reception) . 70
4.22.4 Interaction with existing features (informative) . 70
4.23 New type of data storage and access . 70
4.23.1 Abstract (informative) . 70
4.23.2 Background (infor mative) . 70
4.23.2.1 Use case - Taking a picture from the terminal, storing it on the UICC and retrieving it . 70
4.23.2.2 Use case - Storing and protecting data through operator portal . 71
4.23.2.3 Use case - Storing a service description . 71
4.23.2.4 Use case - Managing multimedia content via UICC to a remote server. 71
4.23.2.5 Use case - Partitioning UICC memory . 71
4.23.2.6 Use case - UICC content depending on user authentication . 71
4.23.2.7 Use case - Migration to a USB UICC without ICCD class . 71
4.23.3 Requirements . 72
4.23.3.1 Data storage and structure requirements . 72
4.23.3.2 Data protection requirements . 72
4.23.3.3 Local and remote access requirements . 72
4.23.4 Interaction with existing features (informative) . 73
4.24 CAT access over a modem interface . 73
4.24.1 Abstract (informative) . 73
4.24.2 Background (infor mative) . 73
4.24.2.1 Use case - Extending CAT to the connected entity capabilities . 73
4.24.2.2 Use case - Using CAT for data acquisition and control in an M2M device . 74
4.24.2.3 Use case - Addition of CAT support by adding a CAT extender device . 74
4.24.3 Requirements . 74
4.24.3.1 General requirements . 74
4.24.3.2 Connected device registration requirements . 75
4.24.3.3 Legacy support requirements . 75
4.24.3.4 Extended support requirements . 77
4.24.3.5 CAT over modem-client interface requirements .
...