iTeh StandardsiTeh Standards
EURUSD
Your shopping cart is empty.
ISO

ISO/IEC 7816-4:2013

(Main)

Identification cards — Integrated circuit cards — Part 4: Organization, security and commands for interchange

Identification cards — Integrated circuit cards — Part 4: Organization, security and commands for interchange

ISO/IEC 7816-4:2013 is intended to be used in any sector of activity. It specifies: a) contents of command-response pairs exchanged at the interface, b) means of retrieval of data elements and data objects in the card, c) structures and contents of historical bytes to describe operating characteristics of the card, d) structures for applications and data in the card, as seen at the interface when processing commands, e) access methods to files and data in the card, f) a security architecture defining access rights to files and data in the card, g) means and mechanisms for identifying and addressing applications in the card, h) methods for secure messaging, i) access methods to the algorithms processed by the card. It does not describe these algorithms. It does not cover the internal implementation within the card or the outside world. ISO/IEC 7816-4:2013 is independent from the physical interface technology. It applies to cards accessed by one or more of the following methods: contacts, close coupling and radio frequency. If the card supports simultaneous use of more than one physical interface, the relationship between what happens on different physical interfaces is out of the scope of ISO/IEC 7816-4:2013.

Cartes d'identification — Cartes à circuit intégré — Partie 4: Organisation, sécurité et commandes pour les échanges

Identifikacijski dokumenti - Kartice z integriranim vezjem - 4. del: Organizacija, varovanje in ukazi za izmenjavo

Ta del standarda ISO/IEC 7816 je namenjen za uporabo v katerem koli sektorju dejavnosti. Določa:
 vsebine parov ukaz-odziv, izmenjane v vmesniku,
 sredstva za pridobivanje podatkovnih elementov in podatkovnih objektov v kartici,
 strukture in vsebine preteklih bajtov za opis operativnih značilnosti kartice,
 strukture za aplikacije in podatke v kartici, kot so videti v vmesniku ob obdelavi ukazov,
 metode dostopa do datotek in podatkov na kartici,
 varnostno arhitekturo, ki določa pravice dostopa do datotek in podatkov na kartici,
 sredstva in mehanizme za identificiranje in obravnavo aplikacij na kartici,
 metode za varno sporočanje,
 metode dostopa do algoritmov, ki se obdelajo s kartico. Teh algoritmov ne opisuje.
Ne zajema notranje izvedbe v kartici ali v okolju.
Ta del standarda ISO/IEC 7816 je neodvisen od fizične vmesniške tehnologije. Uporablja se za kartice, do katerih se dostopa z eno ali več naslednjih metod: stiki, bližinsko spajanje in radiofrekvenca. Če kartica podpira hkratno uporabo več fizičnih vmesnikov, je odnos med tem, kar se zgodi na različnih fizičnih vmesnikih, zunaj področja uporabe te izdaje standarda ISO/IEC 7816-4.

General Information

Status
Withdrawn
Publication Date
03-Apr-2013
Withdrawal Date
03-Apr-2013
ICS
35.240.15 - Identification cards. Chip cards. Biometrics
Technical Committee
ISO/IEC JTC 1/SC 17 - Cards and security devices for personal identification
Drafting Committee
ISO/IEC JTC 1/SC 17/WG 4 - Generic interfaces and protocols for security devices
Current Stage
9599 - Withdrawal of International Standard
Completion Date
27-May-2020
Ref Project
SIST ISO/IEC 7816-4:2018 - Identification cards -- Integrated circuit cards -- Part 4: Organization, security and commands for interchange

Relations

Revised
ISO/IEC 7816-4:2020 - Identification cards — Integrated circuit cards — Part 4: Organization, security and commands for interchange
Effective Date
23-Apr-2020
Amended By
ISO/IEC 7816-4:2013/Amd 1:2018 - Identification cards — Integrated circuit cards — Part 4: Organization, security and commands for interchange — Amendment 1: Multiple record handling
Effective Date
01-Jan-2022
Amended By
ISO/IEC 7816-4:2013/Amd 2:2018 - Identification cards — Integrated circuit cards — Part 4: Organization, security and commands for interchange — Amendment 2: Waiting time management
Effective Date
08-Jan-2022
Revises
ISO/IEC 7816-4:2005/Amd 1:2008 - Identification cards — Integrated circuit cards — Part 4: Organization, security and commands for interchange — Amendment 1: Record activation and deactivation
Effective Date
06-Jun-2009
Revises
ISO/IEC 7816-4:2005 - Identification cards — Integrated circuit cards — Part 4: Organization, security and commands for interchange
Effective Date
06-Jun-2009

Buy Standard

ISO/IEC 7816-4:2013 - Identification cards -- Integrated circuit cardsISO/IEC 7816-4:2013 - Identification cards -- Integrated circuit cards
PreviousNext
Standard
ISO/IEC 7816-4:2013 - Identification cards -- Integrated circuit cards
English language
150 pages
sale 15% off
Preview
sale 15% off
Preview
ISO/IEC 7816-4:2018ISO/IEC 7816-4:2018
PreviousNext
Standard
ISO/IEC 7816-4:2018
English language
159 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day

Standards Content (Sample)

INTERNATIONAL ISO/IEC
STANDARD 7816-4
Third edition
2013-04-15


Identification cards — Integrated circuit
cards —
Part 4:
Organization, security and commands for
interchange
Cartes d'identification — Cartes à circuit intégré —
Partie 4: Organisation, sécurité et commandes pour les échanges




Reference number
ISO/IEC 7816-4:2013(E)
©
ISO/IEC 2013

---------------------- Page: 1 ----------------------
ISO/IEC 7816-4:2013(E)

COPYRIGHT PROTECTED DOCUMENT


©  ISO/IEC 2013
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means,
electronic or mechanical, including photocopying and microfilm, without permission in writing from either ISO at the address below or
ISO's member body in the country of the requester.
ISO copyright office
Case postale 56  CH-1211 Geneva 20
Tel. + 41 22 749 01 11
Fax + 41 22 749 09 47
E-mail copyright@iso.org
Web www.iso.org
Published in Switzerland

ii © ISO/IEC 2013 – All rights reserved

---------------------- Page: 2 ----------------------
ISO/IEC 7816-4:2013(E)
Contents Page
Foreword . vii
Introduction . viii
1  Scope . 1
2  Normative references . 1
3  Terms and definitions . 2
4  Symbols and abbreviated terms . 7
5  Command-Response pairs . 8
5.1  Conditions of operation . 8
5.2  Syntax . 9
5.3  Chaining procedures . 10
5.3.1  General . 10
5.3.2  Payload fragmentation . 10
5.3.3  Command chaining . 10
5.3.4  Response chaining . 11
5.4  Class byte . 12
5.4.1  Coding . 12
5.4.2  Logical channels . 13
5.5  Instruction byte . 14
5.6  Status bytes . 14
6  Data objects . 17
6.1  SIMPLE-TLV data objects . 18
6.2  BER-TLV data objects . 18
6.3  Constructed DOs versus primitive DOs . 18
7  Structures for applications and data . 19
7.1  Available structures . 19
7.2  Validity area . 20
7.2.1  Definitions and attributes . 20
7.2.2  Basic rules for VA handling and use . 20
7.3  Structure selection . 21
7.3.1  Structure selection methods . 21
7.3.2  File reference data element and DO . 22
7.3.3  General reference data element and DO . 23
7.3.4  Data referencing methods in elementary files . 23
7.4  File and data control information . 23
7.4.1  File control information retrieval . 23
7.4.2  Data control information retrieval . 24
7.4.3  Control parameters . 24
7.4.4  Short EF identifier . 26
7.4.5  File descriptor byte . 26
7.4.6  Profile indicator . 27
7.4.7  Data descriptor byte . 27
7.4.8  DF and EF list data elements . 27
7.4.9  Instance number data element . 28
7.4.10  Life cycle status . 28
7.4.11  Indirect referencing by short EF identifier using DO'A2' . 28
7.4.12  Interface and life cycle status dependent security attribute template . 29
8  Specific use of DOs and related concepts. 30
8.1  BER-TLV payloads and padding . 30
© ISO/IEC 2013 – All rights reserved iii

---------------------- Page: 3 ----------------------
ISO/IEC 7816-4:2013(E)
8.1.1  Padding conditions.30
8.1.2  Padding procedure .30
8.2  Current template and data object generations .31
8.2.1  Current template and current DO .31
8.2.2  Template extension .31
8.2.3  Data object sub-tree .31
8.2.4  Data object life cycle .32
8.3  Identification of data elements and data objects .32
8.3.1  Principles .32
8.3.2  Tag interpretation in command and response data fields or payloads .32
8.3.3  Tag allocation .32
8.3.4  Standard tag allocation scheme .33
8.3.5  Compatible tag allocation scheme .33
8.3.6  Coexistent tag allocation scheme .34
8.3.7  Avoidance of independent tag allocation schemes .34
8.4  Referencing and retrieval of DOs and data elements .34
8.4.1  General .34
8.4.2  Element list .35
8.4.3  Tag list .35
8.4.4  Header list .35
8.4.5  Extended header and extended header list .35
8.4.6  Resolving an extended header .36
8.4.7  Resolving an extended header list .37
8.4.8  Wrapper .37
8.4.9  Tagged wrapper .38
9  Security architecture .38
9.1  General .38
9.2  Cryptographic mechanism identifier template .39
9.3  Security attributes .40
9.3.1  Security attributes targets .40
9.3.2  Compact format .40
9.3.3  Expanded format .44
9.3.4  Access rule references .48
9.3.5  Security attributes for data objects .49
9.3.6  Security parameters template .49
9.3.7  Security attributes for logical channels .55
9.4  Security support data elements .56
10  Secure messaging .57
10.1  SM fields and SM DOs .57
10.1.1  SM protection of command payloads .57
10.1.2  SM protection of chained commands and responses .57
10.1.3  SM DOs .57
10.2  Basic SM DOs .58
10.2.1  SM DOs for encapsulating plain values .58
10.2.2  SM DOs for confidentiality .59
10.2.3  SM DOs for authentication .60
10.3  Auxiliary SM DOs .61
10.3.1  Control reference templates .61
10.3.2  Control reference DOs in control reference templates .61
10.3.3  Security environments .63
10.3.4  Response descriptor template .65
10.4  SM impact on command-response pairs .65
11  Commands for interchange .67
11.1  Selection .67
11.1.1  SELECT command .67
11.1.2  MANAGE CHANNEL command .69
11.2  Data unit handling.70
11.2.1  Data units .70
iv © ISO/IEC 2013 – All rights reserved

---------------------- Page: 4 ----------------------
ISO/IEC 7816-4:2013(E)
11.2.2  General . 70
11.2.3  READ BINARY command . 71
11.2.4  WRITE BINARY command . 71
11.2.5  UPDATE BINARY command . 72
11.2.6  SEARCH BINARY command . 72
11.2.7  ERASE BINARY command . 72
11.2.8  COMPARE BINARY function . 73
11.3  Record handling . 73
11.3.1  Records . 73
11.3.2  General . 74
11.3.3  READ RECORD (S) command . 74
11.3.4  WRITE RECORD command . 76
11.3.5  UPDATE RECORD command . 77
11.3.6  APPEND RECORD command . 77
11.3.7  SEARCH RECORD command . 78
11.3.8  ERASE RECORD (S) command . 79
11.3.9  ACTIVATE RECORD (s) command . 80
11.3.10 DEACTIVATE RECORD (s) command . 80
11.3.11 COMPARE RECORD function. 81
11.4  Data object handling . 81
11.4.1  General . 81
11.4.2  SELECT DATA command . 82
11.4.3  GET DATA/GET NEXT DATA commands - even INS code . 86
11.4.4  GET DATA/GET NEXT DATA command - odd INS codes . 87
11.4.5  General properties of PUT/PUT NEXT/UPDATE DATA commands . 89
11.4.6  PUT DATA command . 89
11.4.7  PUT NEXT DATA command . 90
11.4.8  UPDATE DATA command . 91
11.4.9  COMPARE DATA function . 91
11.5  Basic security handling . 91
11.5.1  General . 91
11.5.2  INTERNAL AUTHENTICATE command . 92
11.5.3  GET CHALLENGE command . 92
11.5.4  EXTERNAL AUTHENTICATE command . 93
11.5.5  GENERAL AUTHENTICATE command . 94
11.5.6  VERIFY command . 95
11.5.7  CHANGE REFERENCE DATA command . 96
11.5.8  ENABLE VERIFICATION REQUIREMENT command . 96
11.5.9  DISABLE VERIFICATION REQUIREMENT command . 97
11.5.10 RESET RETRY COUNTER command . 97
11.5.11 MANAGE SECURITY ENVIRONMENT command . 97
11.6  Miscellaneous . 99
11.6.1  COMPARE command . 99
11.6.2  GET ATTRIBUTE command . 101
11.7  Transmission handling . 101
11.7.1  GET RESPONSE command . 101
11.7.2  ENVELOPE command . 101
12  Application-independent card services . 102
12.1  Card identification . 102
12.1.1  Historical bytes . 102
12.1.2  Initial data string recovery . 106
12.2  Application identification and selection . 107
12.2.1  EF.DIR . 107
12.2.2  EF.ATR/INFO . 107
12.2.3  Application identifier . 108
12.2.4  Application template and related data elements . 109
12.2.5  Application selection . 110
12.3  Selection by path . 111
12.4  Data retrieval . 111
© ISO/IEC 2013 – All rights reserved v

---------------------- Page: 5 ----------------------
ISO/IEC 7816-4:2013(E)
12.5  Card-originated byte strings . 111
12.5.1  Triggering by the card . 112
12.5.2  Queries and replies . 112
12.5.3  Formats . 112
12.6  General feature management . 112
12.6.1  On-card services . 113
12.6.2  Interface services. 113
12.6.3  Profile services . 113
12.6.4  Provision of additional information . 114
12.7  APDU management . 114
12.7.1  Extended length information . 114
12.7.2  List of supported INS codes . 114
Annex A (informative) Examples of object identifiers and tag allocation schemes . 115
A.1  Object identifiers . 115
A.2  Tag allocation schemes . 115
Annex B (informative) Examples of secure messaging . 117
B.1  Cryptographic checksum . 117
B.2  Cryptograms . 121
B.3  Control references . 121
B.4  Response descriptor . 121
B.5  ENVELOPE command . 122
B.6  Synergy between secure messaging and security operations . 122
Annex C (informative) Examples of AUTHENTICATE functions by GENERAL AUTHENTICATE commands . 125
C.1  GENERAL AUTHENTICATE using witness-challenge-response triples . 125
C.2  GENERAL AUTHENTICAT
...

SLOVENSKI STANDARD
SIST ISO/IEC 7816-4:2018
01-september-2018
1DGRPHãþD
SIST ISO/IEC 7816-4:2005
Identifikacijski dokumenti - Kartice z integriranim vezjem - 4. del: Organizacija,
varovanje in ukazi za izmenjavo
Identification cards -- Integrated circuit cards -- Part 4: Organization, security and
commands for interchange
Cartes d'identification -- Cartes à circuit intégré -- Partie 4: Organisation, sécurité et
commandes pour les échanges
Ta slovenski standard je istoveten z: ISO/IEC 7816-4:2013
ICS:
35.240.15 ,GHQWLILNDFLMVNHNDUWLFHýLSQH Identification cards. Chip
NDUWLFH%LRPHWULMD cards. Biometrics
SIST ISO/IEC 7816-4:2018 en,fr,de
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

---------------------- Page: 1 ----------------------

SIST ISO/IEC 7816-4:2018

---------------------- Page: 2 ----------------------

SIST ISO/IEC 7816-4:2018

INTERNATIONAL ISO/IEC
STANDARD 7816-4
Third edition
2013-04-15


Identification cards — Integrated circuit
cards —
Part 4:
Organization, security and commands for
interchange
Cartes d'identification — Cartes à circuit intégré —
Partie 4: Organisation, sécurité et commandes pour les échanges




Reference number
ISO/IEC 7816-4:2013(E)
©
ISO/IEC 2013

---------------------- Page: 3 ----------------------

SIST ISO/IEC 7816-4:2018
ISO/IEC 7816-4:2013(E)

COPYRIGHT PROTECTED DOCUMENT


©  ISO/IEC 2013
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means,
electronic or mechanical, including photocopying and microfilm, without permission in writing from either ISO at the address below or
ISO's member body in the country of the requester.
ISO copyright office
Case postale 56  CH-1211 Geneva 20
Tel. + 41 22 749 01 11
Fax + 41 22 749 09 47
E-mail copyright@iso.org
Web www.iso.org
Published in Switzerland

ii © ISO/IEC 2013 – All rights reserved

---------------------- Page: 4 ----------------------

SIST ISO/IEC 7816-4:2018
ISO/IEC 7816-4:2013(E)
Contents Page
Foreword . vii
Introduction . viii
1  Scope . 1
2  Normative references . 1
3  Terms and definitions . 2
4  Symbols and abbreviated terms . 7
5  Command-Response pairs . 8
5.1  Conditions of operation . 8
5.2  Syntax . 9
5.3  Chaining procedures . 10
5.3.1  General . 10
5.3.2  Payload fragmentation . 10
5.3.3  Command chaining . 10
5.3.4  Response chaining . 11
5.4  Class byte . 12
5.4.1  Coding . 12
5.4.2  Logical channels . 13
5.5  Instruction byte . 14
5.6  Status bytes . 14
6  Data objects . 17
6.1  SIMPLE-TLV data objects . 18
6.2  BER-TLV data objects . 18
6.3  Constructed DOs versus primitive DOs . 18
7  Structures for applications and data . 19
7.1  Available structures . 19
7.2  Validity area . 20
7.2.1  Definitions and attributes . 20
7.2.2  Basic rules for VA handling and use . 20
7.3  Structure selection . 21
7.3.1  Structure selection methods . 21
7.3.2  File reference data element and DO . 22
7.3.3  General reference data element and DO . 23
7.3.4  Data referencing methods in elementary files . 23
7.4  File and data control information . 23
7.4.1  File control information retrieval . 23
7.4.2  Data control information retrieval . 24
7.4.3  Control parameters . 24
7.4.4  Short EF identifier . 26
7.4.5  File descriptor byte . 26
7.4.6  Profile indicator . 27
7.4.7  Data descriptor byte . 27
7.4.8  DF and EF list data elements . 27
7.4.9  Instance number data element . 28
7.4.10  Life cycle status . 28
7.4.11  Indirect referencing by short EF identifier using DO'A2' . 28
7.4.12  Interface and life cycle status dependent security attribute template . 29
8  Specific use of DOs and related concepts. 30
8.1  BER-TLV payloads and padding . 30
© ISO/IEC 2013 – All rights reserved iii

---------------------- Page: 5 ----------------------

SIST ISO/IEC 7816-4:2018
ISO/IEC 7816-4:2013(E)
8.1.1  Padding conditions.30
8.1.2  Padding procedure .30
8.2  Current template and data object generations .31
8.2.1  Current template and current DO .31
8.2.2  Template extension .31
8.2.3  Data object sub-tree .31
8.2.4  Data object life cycle .32
8.3  Identification of data elements and data objects .32
8.3.1  Principles .32
8.3.2  Tag interpretation in command and response data fields or payloads .32
8.3.3  Tag allocation .32
8.3.4  Standard tag allocation scheme .33
8.3.5  Compatible tag allocation scheme .33
8.3.6  Coexistent tag allocation scheme .34
8.3.7  Avoidance of independent tag allocation schemes .34
8.4  Referencing and retrieval of DOs and data elements .34
8.4.1  General .34
8.4.2  Element list .35
8.4.3  Tag list .35
8.4.4  Header list .35
8.4.5  Extended header and extended header list .35
8.4.6  Resolving an extended header .36
8.4.7  Resolving an extended header list .37
8.4.8  Wrapper .37
8.4.9  Tagged wrapper .38
9  Security architecture .38
9.1  General .38
9.2  Cryptographic mechanism identifier template .39
9.3  Security attributes .40
9.3.1  Security attributes targets .40
9.3.2  Compact format .40
9.3.3  Expanded format .44
9.3.4  Access rule references .48
9.3.5  Security attributes for data objects .49
9.3.6  Security parameters template .49
9.3.7  Security attributes for logical channels .55
9.4  Security support data elements .56
10  Secure messaging .57
10.1  SM fields and SM DOs .57
10.1.1  SM protection of command payloads .57
10.1.2  SM protection of chained commands and responses .57
10.1.3  SM DOs .57
10.2  Basic SM DOs .58
10.2.1  SM DOs for encapsulating plain values .58
10.2.2  SM DOs for confidentiality .59
10.2.3  SM DOs for authentication .60
10.3  Auxiliary SM DOs .61
10.3.1  Control reference templates .61
10.3.2  Control reference DOs in control reference templates .61
10.3.3  Security environments .63
10.3.4  Response descriptor template .65
10.4  SM impact on command-response pairs .65
11  Commands for interchange .67
11.1  Selection .67
11.1.1  SELECT command .67
11.1.2  MANAGE CHANNEL command .69
11.2  Data unit handling.70
11.2.1  Data units .70
iv © ISO/IEC 2013 – All rights reserved

---------------------- Page: 6 ----------------------

SIST ISO/IEC 7816-4:2018
ISO/IEC 7816-4:2013(E)
11.2.2  General . 70
11.2.3  READ BINARY command . 71
11.2.4  WRITE BINARY command . 71
11.2.5  UPDATE BINARY command . 72
11.2.6  SEARCH BINARY command . 72
11.2.7  ERASE BINARY command . 72
11.2.8  COMPARE BINARY function . 73
11.3  Record handling . 73
11.3.1  Records . 73
11.3.2  General . 74
11.3.3  READ RECORD (S) command . 74
11.3.4  WRITE RECORD command . 76
11.3.5  UPDATE RECORD command . 77
11.3.6  APPEND RECORD command . 77
11.3.7  SEARCH RECORD command . 78
11.3.8  ERASE RECORD (S) command . 79
11.3.9  ACTIVATE RECORD (s) command . 80
11.3.10 DEACTIVATE RECORD (s) command . 80
11.3.11 COMPARE RECORD function. 81
11.4  Data object handling . 81
11.4.1  General . 81
11.4.2  SELECT DATA command . 82
11.4.3  GET DATA/GET NEXT DATA commands - even INS code . 86
11.4.4  GET DATA/GET NEXT DATA command - odd INS codes . 87
11.4.5  General properties of PUT/PUT NEXT/UPDATE DATA commands . 89
11.4.6  PUT DATA command . 89
11.4.7  PUT NEXT DATA command . 90
11.4.8  UPDATE DATA command . 91
11.4.9  COMPARE DATA function . 91
11.5  Basic security handling . 91
11.5.1  General . 91
11.5.2  INTERNAL AUTHENTICATE command . 92
11.5.3  GET CHALLENGE command . 92
11.5.4  EXTERNAL AUTHENTICATE command . 93
11.5.5  GENERAL AUTHENTICATE command . 94
11.5.6  VERIFY command . 95
11.5.7  CHANGE REFERENCE DATA command . 96
11.5.8  ENABLE VERIFICATION REQUIREMENT command . 96
11.5.9  DISABLE VERIFICATION REQUIREMENT command . 97
11.5.10 RESET RETRY COUNTER command . 97
11.5.11 MANAGE SECURITY ENVIRONMENT command . 97
11.6  Miscellaneous . 99
11.6.1  COMPARE command . 99
11.6.2  GET ATTRIBUTE command . 101
11.7  Transmission handling . 101
11.7.1  GET RESPONSE command . 101
11.7.2  ENVELOPE command . 101
12  Application-independent card services . 102
12.1  Card identification . 102
12.1.1  Historical bytes . 102
12.1.2  Initial data string recovery . 106
12.2  Application identification and selection . 107
12.2.1  EF.DIR . 107
12.2.2  EF.ATR/INFO . 107
12.2.3  Application identifier . 108
12.2.4  Application template and related data elements . 109
12.2.5  Application selection . 110
12.3  Selection by path . 111
12.4  Data retrieval . 111
© ISO/IEC 2013 – All rights reserved v

---------------------- Page: 7 ----------------------

SIST ISO/IEC 7816-4:2018
ISO/IEC 7816-4:2013(E)
12.5  Card-originated byte strings . 111
12.5.1  Triggering by the card . 112
12.5.2  Queries and replies . 112
12.5.3  Formats . 112
12.6  General feature management . 112
12.6.1  On-card services . 113
12.6.2  Interface services. 113
12.6.3  Profile services . 113
12.6.4  Provision of additional information . 114
12.7  APDU management . 114
12.7.1  Extended length information . 114
12.7.2  List of supported INS codes . 114
Annex A (informative) Examples of object identifiers and tag allocation schemes . 115
A.1  Object identifiers . 115
A.2  Tag allocation schemes . 115
Annex B (informative) Examples of secure messaging . 117
B.1  Cryptographic checksum .
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

This May Also Interest You

ISO
ISO/IEC TS 23465-3:2023(Main)
Card and security devices for personal identification — Programming interface for security devices — Part 3: Proxy

This document describes the software (SW) layer called “proxy”. It supports the programming interface to security devices and the application using this API to access the application related security devices defined in ISO/IEC TS 23465-2. This document is applicable to: — proxy requirements, functionality and layers; — resolving mechanisms for API functions; — data structures related to security device handling; — translation for security device communication; — serialization/de-serialization syntax and methods.

  • Technical specification
    19 pages
    English language
    sale 15% off
  • Draft
    19 pages
    English language
    sale 15% off
  • Draft
    19 pages
    English language
    sale 15% off
ISO
ISO/IEC 18013-3:2017/Amd 2:2023(Amendment)
Information technology — Personal identification — ISO-compliant driving licence — Part 3: Access control, authentication and integrity validation — Amendment 2: Updates for passive authentication
  • Standard
    8 pages
    English language
    sale 15% off
  • Draft
    9 pages
    English language
    sale 15% off
  • Draft
    9 pages
    English language
    sale 15% off
ISO
ISO/IEC 18013-2:2020/Amd 1:2023(Amendment)
Personal identification — ISO-compliant driving licence — Part 2: Machine-readable technologies — Amendment 1: DG11 length for compact encoding
  • Standard
    9 pages
    English language
    sale 15% off
  • Draft
    10 pages
    English language
    sale 15% off
  • Draft
    10 pages
    English language
    sale 15% off
ISO
ISO/IEC 7816-6:2023(Main)
Identification cards — Integrated circuit cards — Part 6: Interindustry data elements for interchange

This document specifies directly or by reference, data elements, including composite data elements that are applicable to interindustry interchange. It identifies the following characteristics of each data element: — identifier; — name; — description and reference; — format and coding (if not available in other ISO standards or parts of the ISO/IEC 7816 series). The layout of each data element is described as seen at the interface between the interface device and the card. This document provides the definition of data elements without consideration of any restrictions on the usage of the data elements. It does not cover the internal implementation within the card and/or the outside world. With the exception of login data objects (6.5), only application class tags are eligible in this document. When using an interindustry template, an application is allowed to nest context-specific class tags (see ISO/IEC 7816-4) under such a template unless it is previously marked as reserved for future use by ISO/IEC JTC 1/SC 17.

  • Standard
    27 pages
    English language
    sale 15% off
  • Draft
    28 pages
    English language
    sale 15% off
ISO
ISO/IEC TS 23465-2:2023(Main)
Card and security devices for personal identification — Programming interface for security devices — Part 2: API definition

This document describes the following aspects of the programming interface between the client application dealing with the security device and the proxy, based on the framework outlined in ISO/IEC 23465-1: — the generic API definition; — state and security models for use cases; — class and API definitions of functionality, defined in other standards, e.g. the ISO/IEC 7816 series.

  • Technical specification
    55 pages
    English language
    sale 15% off
ISO
ISO/IEC 23465-1:2023(Main)
Card and security devices for personal identification — Programming interface for security devices — Part 1: Introduction and architecture description

This document introduces and describes the concept of the application programming interface (API) to security devices with the intention to simplify the usage of commands and mechanisms defined by the ISO/IEC 7816 series. This document gives guidelines on: — the system overview and description of the system of the programming interface; — the architecture description; — the data model in general, used by the API; — the use cases and the usage model of the API.

  • Standard
    22 pages
    English language
    sale 15% off
ISO
ISO/IEC 23220-1:2023(Main)
Cards and security devices for personal identification — Building blocks for identity management via mobile devices — Part 1: Generic system architectures of mobile eID systems

This document specifies generic system architectures and generic life-cycle phases of mobile eID systems in terms of building blocks for mobile eID system infrastructures. It standardizes interfaces and services for mdoc apps and mobile verification applications. It is applicable to entities involved in specifying, architecting, designing, testing, maintaining, administering and operating a mobile eID system in parts or entirely.

  • Standard
    48 pages
    English language
    sale 15% off
  • Standard
    48 pages
    English language
    sale 15% off
ISO
ISO/IEC 7816-11:2022(Main)
Identification cards — Integrated circuit cards — Part 11: Personal verification through biometric methods

This document specifies security-related interindustry commands that are intended to be used for personal verification through biometric methods in integrated circuit cards. It also defines the data structure and data access methods for use of the card as a carrier of the biometric reference and/or as the device to perform the verification of the cardholder's biometric probe (on-card biometric comparison). Identification of persons using biometric methods is outside the scope of this document.

  • Standard
    25 pages
    English language
    sale 15% off
ISO
ISO/IEC 18013-3:2017/Amd 1:2022(Amendment)
Information technology — Personal identification — ISO-compliant driving licence — Part 3: Access control, authentication and integrity validation — Amendment 1: PACE protocol
  • Standard
    14 pages
    English language
    sale 15% off
  • Draft
    14 pages
    English language
    sale 15% off
ISO
ISO/IEC 18328-2:2021(Main)
Identification cards — ICC-managed devices — Part 2: Physical characteristics and test methods for cards with devices

This document defines physical characteristics and test methods for cards with devices, including but not limited to, power supplying devices, displays, sensors, microphones, loudspeakers, buttons or keypads. This document also covers aspects of coexistence of technologies of devices on the card and other machine-readable card technologies. Additional requirements related to biometric capture devices are defined in ISO/IEC 17839-2. Such requirements can be applied in addition to the ones defined in this document. ISO/IEC 17839-2 defines a type S2 card; the physical dimensions of the type S2 card are specified in Annex A.

  • Standard
    25 pages
    English language
    sale 15% off
  • Draft
    25 pages
    English language
    sale 15% off