iTeh StandardsiTeh Standards
EURUSD
Your shopping cart is empty.
SIST

SIST EN 419212-2:2018

(Main)

Application Interface for Secure Elements for Electronic Identification, Authentication and Trusted Services - Part 2: Signature and Seal Services

Application Interface for Secure Elements for Electronic Identification, Authentication and Trusted Services - Part 2: Signature and Seal Services

This part specifies mechanisms for SEs to be used as qualified signature creation devices covering:
•   Signature creation and mobile signature creation
•   User verification
•   Password based authentication
The specified mechanisms are suitable for other purposes like services in the context of EU Regulation 910/2014 of the European Parliament and the Council of 23 July 2014 on electronic identification and trust services for electronic transactions in the internal market and repealing Directive 1999/93/EC.
The particular case of seal is also covered by the specification. The differences between seal and signature are exposed in Annex B. Annex B also explains how the mechanisms for SEs as qualified signature creation devices can be used for SEs as qualified seal creation devices.
Mobile signature is an alternative to the classical signature case which is performed by a secure element. Mobile signature is encouraged by the large widespread of mobile devices and the qualification authorized by the eIDAS Regulation. The particular case of remote signature (or server signing) is covered by this specification in Annex C.
In the rest of this document, except Annex B, there will be no particular notion of a seal since it technically compares to the signature.

Anwendungsschnittstelle für sichere Elemente, die als qualifizierte elektronische Signatur-/Siegelerstellungseinheiten verwendet werden - Teil 2: Zusätzliche Dienste

Identification personnelle et dispositifs associés, éléments de sécurité, systèmes, opérations et protection de la vie privée dans un environnement multisectoriel - Partie 2 : Services de signatures et de cachets

La présente partie spécifie les mécanismes pour l'utilisation de SE comme dispositifs de création de signatures qualifiés, qui recouvrent :
   la création de signatures et création de signatures mobiles ;
   la vérification de l’utilisateur ;
   l’authentification par mot de passe.
Les mécanismes spécifiés conviennent à d'autres objectifs, tels que les services dans le cadre de [2].
Le cas particulier du cachet est également traité par la spécification. Les différences entre cachet et signature sont présentées dans l’Annexe B. L’Annexe B explique également comment les mécanismes des SE servant de dispositifs de création de signatures qualifiés peuvent être utilisés pour les SE servant de dispositifs de création de cachets qualifiés.
La signature mobile est une variante de la signature traditionnelle qui est exécutée par un élément de sécurité. La signature mobile bénéficie de la grande diffusion des dispositifs mobiles et de la qualification autorisée par le Règlement eIDAS [2]. Le cas particulier de la signature à distance (ou signature par serveur) est traité par la présente spécification dans l’Annexe C.
Dans la suite du présent document, à l’exception de l’Annexe B, il n’y aura aucune notion particulière relative au cachet, puisque, sur un plan technique, il est comparable à la signature.

Uporabniški vmesnik za varnostne elemente za elektronsko identifikacijo, avtentifikacijo in zanesljivost storitev - 2. del: Podpis in dodatne storitve

Ta del določa mehanizme za uporabo varnostnih elementov (SE) kot kvalificiranih naprav za elektronsko podpisovanje in zajema: • oblikovanje podpisa in mobilno oblikovanje podpisa,
• preverjanje uporabnika,
• preverjanje pristnosti na podlagi gesla.
Opredeljeni mehanizmi so primerni za druge namene, kot so storitve v okviru Uredbe (EU) št. 910/2014 Evropskega parlamenta in sveta z dne 23. julija 2014 o elektronski identifikaciji in storitvah zaupanja za elektronske transakcije na notranjem trgu ter razveljavitve Direktive 1999/93/ES. Specifikacija zajema tudi poseben primer žiga. Razlike med žigom in podpisom so izpostavljene v dodatku B. Dodatek B tudi pojasnjuje, kako se lahko mehanizmi za varnostne elemente kot kvalificirana sredstva za elektronsko podpisovanje uporabljajo za varnostne elemente kot naprave za ustvarjanje kvalificiranega elektronskega žiga. Alternativa običajnemu podpisu je mobilni podpis, ki ga izvede varnostni element. Mobilni podpis se spodbuja zaradi razširjenega obsega mobilnih naprav in kvalifikacij, odobrenih z uredbo o elektronski identifikaciji (eIDAS). Poseben primer podpisa na daljavo (ali strežniškega podpisa) je zajet v tej specifikaciji v dodatku C.
Preostanek dokumenta z izjemo dodatka B posebej ne omenja pomena žiga, saj je v tehničnem smislu podoben podpisu.

General Information

Status
Published
Public Enquiry End Date
30-Dec-2016
Publication Date
05-Mar-2018
ICS
35.240.15 - Identification cards. Chip cards. Biometrics
Technical Committee
ITC - Information technology
Current Stage
6060 - National Implementation/Publication (Adopted Project)
Start Date
22-Dec-2017
Due Date
26-Feb-2018
Completion Date
06-Mar-2018
Mandate
M/460 - Standardisation Mandate to the European Standardisation Organizations CEN, CENELEC and ETSI in the field of Information and Communication Technologies applied to Electronic Signatures
Ref Project
EN 419212-2:2017 - Application Interface for Secure Elements for Electronic Identification, Authentication and Trusted Services - Part 2: Signature and Seal Services

Relations

Replaces
SIST EN 419212-1:2015 - Application Interface for smart cards used as Secure Signature Creation Devices - Part 1: Basic services
Effective Date
20-Dec-2017
Replaces
SIST EN 419212-2:2015 - Application Interface for smart cards used as Secure Signature Creation Devices - Part 2: Additional Services
Effective Date
20-Dec-2017
Replaces
SIST EN 419212-2:2015 - Application Interface for smart cards used as Secure Signature Creation Devices - Part 2: Additional Services
Effective Date
08-Jun-2022
Replaces
SIST EN 419212-1:2015 - Application Interface for smart cards used as Secure Signature Creation Devices - Part 1: Basic services
Effective Date
08-Jun-2022

Buy Standard

EN 419212-2:2018 - BARVEEN 419212-2:2018 - BARVE
PreviousNext
Standard
EN 419212-2:2018 - BARVE
English language
115 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day

Standards Content (Sample)

2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.Uporabniški vmesnik za varnostne elemente za elektronsko identifikacijo, avtentifikacijo in zanesljivost storitev - 2. del: Podpis in dodatne storitveAnwendungsschnittstelle für sichere Elemente, die als qualifizierte elektronische Signatur-/Siegelerstellungseinheiten verwendet werden - Teil 2: Zusätzliche DiensteApplication Interface for Secure Elements for Electronic Identification, Authentication and Trusted Services - Part 2: Signature and Seal Services35.240.15Identification cards. Chip cards. BiometricsICS:Ta slovenski standard je istoveten z:EN 419212-2:2017SIST EN 419212-2:2018en,fr,de01-april-2018SIST EN 419212-2:2018SLOVENSKI
STANDARDSIST EN 419212-2:2015SIST EN 419212-1:20151DGRPHãþD



SIST EN 419212-2:2018



EUROPEAN STANDARD NORME EUROPÉENNE EUROPÄISCHE NORM
EN 419212-2
December
t r s y ICS
u wä t v rä s w Supersedes EN
v s { t s tæ sã t r s vá EN
v s { t s tæ tã t r s vEnglish Version
Application Interface for Secure Elements for Electronic Identificationá Authentication and Trusted Services æ Part
tã Signature and Seal Services Interface applicative des éléments sécurisés utilisés comme dispositifs de création de signature signatures et de cachets
Anwendungsschnittstelle für sichere Elementeá die als qualifizierte elektronische SignaturæZusätzliche Dienste This European Standard was approved by CEN on
x February
t r s yä
egulations which stipulate the conditions for giving this European Standard the status of a national standard without any alterationä Upætoædate lists and bibliographical references concerning such national standards may be obtained on application to the CENæCENELEC Management Centre or to any CEN memberä
translation under the responsibility of a CEN member into its own language and notified to the CENæCENELEC Management Centre has the same status as the official versionsä
CEN members are the national standards bodies of Austriaá Belgiumá Bulgariaá Croatiaá Cyprusá Czech Republicá Denmarká Estoniaá Finlandá Former Yugoslav Republic of Macedoniaá Franceá Germanyá Greeceá Hungaryá Icelandá Irelandá Italyá Latviaá Lithuaniaá Luxembourgá Maltaá Netherlandsá Norwayá Polandá Portugalá Romaniaá Serbiaá Slovakiaá Sloveniaá Spainá Swedená Switzerlandá Turkey and United Kingdomä
EUROPEAN COMMITTEE FOR STANDARDIZATION COMITÉ EUROPÉEN DE NORMALISATION EUROPÄISCHES KOMITEE FÜR NORMUNG
CEN-CENELEC Management Centre:
Avenue Marnix 17,
B-1000 Brussels
9
t r s y CEN All rights of exploitation in any form and by any means reserved worldwide for CEN national Membersä Refä Noä EN
v s { t s tæ tã t r s y ESIST EN 419212-2:2018



EN 419212-2:2017 (E) 3 Contents Page European foreword .6 1 Scope .8 2 Normative references .8 3 Terms and definitions .9 4 Symbols and abbreviations .9 5 Signature application .9 5.1 Application Flow .9 5.2 Trusted environment versus untrusted environment . 11 5.3 Selection of ESIGN application . 12 5.3.1 General . 12 5.3.2 Exceptions for Secure Messaging . 13 5.4 Selection of cryptographic information application . 13 5.5 Concurrent usage of signature applications . 13 5.5.1 General . 13 5.5.2 Methods of channel selection . 14 5.5.3 Security issues on multiple channels . 14 5.6 Security environment selection . 14 5.7 Key selection . 14 5.8 Security Services . 15 6 User verification . 15 6.1 General . 15 6.2 Knowledge based user verification . 16 6.2.1 General . 16 6.2.2 Explicit user verification . 16 6.2.3 Password-based mechanisms . 18 6.2.4 Presentation formats . 18 6.2.5 Retry and Usage counters . 18 6.2.6 Password Change . 19 6.2.7 Reset of RC and setting a new password . 19 6.3 Biometric user verification . 20 6.3.1 General . 20 6.3.2 Retrieval of the Biometric Information Template . 21 6.3.3 Performing the biometric user verification . 22 6.3.4 Reset of RC . 24 7 Digital Signature Service . 24 7.1 General . 24 7.2 Signature generation algorithms . 25 7.3 Activation of digital signature service . 25 7.4 General aspects . 25 7.5 Signature Generation . 27 7.5.1 General . 27 7.5.2 No hashing in Card. 27 7.5.3 Partial hashing . 27 7.5.4 All hashing in ICC . 29 7.6 Selection of different keys, algorithms and input formats . 30 7.6.1 General . 30 7.6.2 Restore an existing SE . 31 SIST EN 419212-2:2018



EN 419212-2:2017 (E) 4 7.6.3 Setting the Hash Template (HT) of a current Security Environment (SE) . 31 7.6.4 Modify the Digital Signature Template (DST) of a current Security Environment (SE) . 32 7.7 Read certificates and certificate related information . 32 7.7.1 General . 32 7.7.2 Read certificate related CIOs . 33 7.7.3 Read signer's certificate from ICC . 33 7.7.4 Retrieval of the signer's certificate from a directory service . 34 8 Password-based authentication protocols . 35 8.1 General . 35 8.2 Notation . 35 8.3 Authentication steps . 36 8.3.1 General . 36 8.3.2 Step 1 — Reading the protocol relevant public parameters . 37 8.3.3 Step 2 — Set PBM parameters and generate blinding point. 38 8.3.4 Step 3 — Get encrypted nonce . 39 8.3.5 Step 4.1 — Map nonce and compute generator point for generic mapping . 40 8.3.6 Step 4.2 — Map nonce and compute generator point for integrated mapping. 41 8.3.7 Step 5 — Generate session keys . 43 8.3.8 Step 6 — Explicit key authentication . 43 9 Secure Messaging . 44 9.1 General . 44 9.2 CLA byte . 45 9.3 TLV coding of command and response message . 45 9.4 Treatment of SM-Errors . 45 9.5 Padding for checksum calculation . 46 9.6 Send sequence counter (SSC) . 46 9.7 Message structure of Secure Messaging APDUs . 46 9.7.1 Cryptograms . 46 9.7.2 Cryptographic Checksums . 48 9.7.3 Final command APDU construction . 51 9.8 Response APDU protection . 52 9.9 Use of TDES and AES . 56 9.9.1 TDES/AES encryption/decryption . 56 9.9.2 CBC mode. 57 9.9.3 Retail MAC with TDES . 57 9.9.4 EMAC with AES . 58 9.9.5 CMAC with AES . 59 10 Key Generation. 59 10.1 General . 59 10.2 Signature key and certificate generation . 60 11 Key identifiers and parameters . 61 11.1 General . 61 11.2 Key identifiers (KID) . 62 11.2.1 General . 62 11.2.2 Secret and private keys . 62 11.3 Public Key parameters . 62 11.3.1 General . 62 11.3.2 RSA public key parameters . 62 11.4 Diffie-Hellman key exchange parameters . 63 11.5 Authentication tokens in the protocols mEACv2 and PCA . 63 11.5.1 General . 63 SIST EN 419212-2:2018



EN 419212-2:2017 (E) 5 11.5.2 TDES. 63 11.5.3 AES. 63 11.5.4 Ephemeral Public Key Data Object . 63 11.6 The compression function Comp() . 63 11.7 DSA with ELC public key parameters . 64 11.7.1 General . 64 11.7.2 The plain format of a digital signature . 65 11.7.3 The uncompressed encoding . 65 11.8 ELC key exchange public parameters . 65 12 AlgIDs, Hash- and DSI Formats . 66 12.1 General . 66 12.2 Algorithm Identifiers and OIDs . 66 12.3 Hash Input-Formats . 66 12.3.1 General . 66 12.3.2 PSO:HASH without command chaining . 67 12.3.3 PSO:HASH with command Chaining . 67 12.4 Formats of the Digital Signature Input (DSI) . 68 12.4.1 General . 68 12.4.2 DSI according to ISO/IEC 14888-2 (scheme 2) . 69 12.4.3 DSI according to PKCS #1 V 1.5 . 69 12.4.4 Digest Info for SHA-X Hash:Digest Info SHA:Digest Info . 71 12.4.5 DSI according to PKCS #1 V 2.x MGF function . 73 12.4.6 DSA with DH key parameters . 74 12.4.7 Elliptic Curve Digital Signature Algorithm - ECDSA . 74 13 Files . 74 13.1 General . 74 13.2 File structure . 74 13.3 File IDs . 75 13.4 EF.DIR . 75 13.5 EF.SN.ICC . 76 13.6 EF.DH . 76 13.7 EF.ELC . 77 13.8 EF.C.ICC.AUT . 77 13.9 EF.C.CAICC.CS-AUT . 78 13.10 EF.C_X509.CH.DS . 78 13.11 EF.C_X509.CA.CS (DF.ESIGN) . 79 13.12 EF.DM . 79 14 Cryptographic Information Application . 79 14.1 General . 79 14.2 ESIGN cryptographic information layout example . 81 14.2.1 General . 81 14.2.2 EF.CIAInfo . 82 14.2.3 EF.AOD . 84 14.2.4 EF.PrKD . 88 14.2.5 EF.PuKD . 92 14.2.6 EF.CD . 93 14.2.7 EF.DCOD. 95 Annex A (normative)
Security environments . 100 Annex B (informative)
Seals and Signatures . 108 Annex C (informative)
Remote Signatures . 111 SIST EN 419212-2:2018



EN 419212-2:2017 (E) 6 European foreword This document (EN 419212-2:2017) has been prepared by Technical Committee CEN/TC 224 “Furniture”, the secretariat of which is held by AFNOR. This European Standard shall be given the status of a national standard, either by publication of an identical text or by endorsement, at the latest by June 2018, and conflicting national standards shall be withdrawn at the latest by June 2018. Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. CEN shall not be held responsible for identifying any or all such patent rights. This document supersedes EN 419212-1:2014 and EN 419212-2:2014. This standard supports services in the context of electronic IDentification, Authentication and Trust Services (eIDAS) including signatures. In EN 419212 Part 2, the standard allows support of implementations of the European legal framework for electronic signatures, defining the functional and security features for a Secure Elements (SE) (e.g. smart cards) intended to be used as a Qualified electronic Signature Creation Device (QSCD) according to the Terms of the “European Regulation on Electronic Identification and Trust Services for electronic transactions in the internal market” [2]. A Secure Element (SE) compliant to the standard will be able to produce a “qualified electronic signature” that fulfils the requirements of Article of the Electronic Signature Regulation ” [2] and therefore can be considered equivalent to a hand-written signature. This standard consists of five parts: Part 1: “Introduction and common definitions” describes the history, application context, market perspective and a tutorial about the basic understanding of electronic signatures. It also provides common terms and references valid for the entire 419212 series. Part 2: “Signature and Seal Services” describes the specifications for signature generation according to the eIDAS regulation.
Part 3: “Device Authentication” describes the device authentication protocols and the related key management services to establish a secure channel.
Part 4: “Privacy specific Protocols” describes functions and services to provide privacy to identification services.
Part 5: “Trusted eServices” describes services that may be used in conjunction with signature services described in Part 2.
This document has been prepared under a mandate given to CEN by the European Commission and the European Free Trade Association. According to the CEN-CENELEC Internal Regulations, the national standards organisations of the following countries are bound to implement this European Standard: Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and the United Kingdom. SIST EN 419212-2:2018



EN 419212-2:2017 (E) 7 Introduction Recipients of this draft are invited to submit, with their comments, notification of any relevant patent rights of which they are aware and to provide supporting documentation. The European Committee for Standardization (CEN) draws attention to the fact that it is claimed that compliance with this document may involve the use of a patent concerning the mapping function given in Part 2, clause 8.3.6. The patent relates to “Sagem, MorphoMapping Patents FR09-54043 and FR09-54053, 2009”. CEN takes no position concerning the evidence, validity and scope of this patent right. The holder of this patent right has ensured CEN that he/she is willing to negotiate licences under reasonable and non-discriminatory terms and conditions with applicants throughout the world. In this respect, the statement of the holder of this patent right is registered with CEN. Information may be obtained from: Morpho 11, boulevard Galliéni 92
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

This May Also Interest You

SIST
SIST-TS CEN/TS 17661:2022(Main)
Personal identification – European enrolment guide for biometric ID documents (EEG)
CEN/TS 17661:2021

This technical specification provides guidance on
• capturing of facial images to be used as reference images in identity or similar documents,
• capturing of fingerprint images to be used as reference images in identity or similar documents,
• data quality maintenance for biometric reference data,
• data authenticity maintenance for biometric reference data.
The TS addresses the following aspects which are specific for biometric reference data capturing:
• biometric data quality and interoperability ensurance,
• data authenticity ensurance,
• morphing and other presentation attack detection,
• accessibility and usability,
• privacy and data protection,
• optimal process design.
The following aspects are out of scope:
• IT security,
• data capturing for verification purposes, e.g., in ABC gates.
• self-taken images, although a section on this has been included

  • Technical specification
    73 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST-TS CEN/TS 17631:2021(Main)
Personal identification - Biometric group access control
CEN/TS 17631:2021

This technical specification provides guidance on providing access
• To areas with physical access control, e.g., entertainment facilities, train stations, shops, libraries,banks, or border control,
• For small groups of persons, e.g., families with small children or seniors, or other accompanied persons in need of support,
• By means of biometric authentication technologies, e.g., facial, fingerprint, or vein recognition,
• In the European regulatory context.
The TS addresses the following aspects which are specific for biometric and group access:
• Accessibility and usability,
• User guidance including group guidance and interaction control,
• Privacy including data set content,
• Presentation attack detection,
• Applicable biometric technologies,
• Storage of reference data,
• Biometric process integration,
• Specific needs considering biometrics for groups,
• Biometric performance and error rates, and
• Group internal linkage.
The following aspects which reflect on generic access control issues are out of scope:
• IT security,
• Application specific physical security,
• Policy definition,
• Processes not related to biometric authentication, and
• Specific performance requirements of identification (1:N) and verification (1:1) applications.

  • Technical specification
    18 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST ISO/IEC 4909:2021(Main)
Identification cards -- Financial transaction cards -- Magnetic stripe data content for track 3
ISO/IEC 4909:2006

ISO/IEC 4909:2006 establishes specifications for financial transaction cards using track 3 and is intended to permit interchange based on the use of magnetic stripe encoded information. It specifies the data content and physical location of read/write information on track 3 and is to be used in conjunction with the relevant parts of ISO/IEC 7811 and ISO/IEC 7812.
ISO/IEC 4909:2006 recognizes the need for formats of track 3 which can be used independently of, or in conjunction with, track 2 as defined in ISO/IEC 7813. This approach is intended to permit the greatest degree of flexibility within the financial community in facilitating international interchange.
Using track 3 in conjunction with track 2 is a mode of operation in both on-line and off-line interchange environments. This mode of operation requires that the original encoded data on track 2 be read; the data on track 3 be read; and, if update is required, all the data on track 3 be rewritten.
Independent use of track 3 is an alternative mode of operation permitting both on-line interchange and off-line interchange based on mutual agreement between interested parties. It requires reading only of the data on track 3 and, if update is required, the rewriting of all the data on track 3.

  • Standard
    19 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Standard
    14 pages
    English language
    sale 15% off
SIST
SIST-TS CEN/TS 17489-1:2020(Main)
Personal identification - Secure and interoperable European Breeder Documents - Part 1: Framework overview
CEN/TS 17489-1:2020

This document provides an overview of a framework on breeder documents. It introduces the document structure of FprCEN/TS 17489 (all parts) that specifies how citizens retain the control of breeder document data and how they can use them to support identity proofing and verification. Moreover, the framework provides methodologies to assess and increase the level of trust in breeder documents.
This framework specifies methods for:
-   defining physical and logical/digital representations of a secure breeder document (hardware based, paper-based, server-based),
-   securing breeder document processes,
-   linking the document to its legitimate holder.
The following types of breeder documents are in the scope of the framework:
-   birth certificates,
-   marriage and partnership certificates,
-   death certificates.
The following breeder documents management processes including first-time application, later-in-life registration of an identity, and content update (e.g. name-changing) are in the scope of this framework:
-   registration,
-   issuance,
-   renewal,
-   inspection/verification,
-   revocation.
The specification of policies is out of scope.

  • Technical specification
    14 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN 1332-3:2020(Main)
Identification card systems - User Interface — Part 3: Key pads
EN 1332-3:2020

This European Standard covers the ergonomic layout and usability of keypads. The keypad may consist of numeric, command and function keys and alphanumeric characters. On the basis that keypad layout impacts performance (keying speed, and errors), this European Standard aims to:
-   enhance usability;
-   ensure ease of use through consistency;
-   increase customer confidence;
-   reduce customer error;
-   improve operating time;
-   ensure ergonomic data entry.
This European Standard specifies the arrangement, the number and location of numeric, function and command keys, including placement of alphabetic characters on numeric keys. Design requirements and recommendations are also provided.
This standard applies to all identification card systems with a numeric keypad for use by the public for stationary or non-stationary devices. This standard also covers keypads on touch sensitive devices.

  • Standard
    20 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    19 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST-TS CEN/TS 16794-2:2019(Main)
Public transport - Communication between contactless readers and fare media - Part 2: Test plan for ISO/IEC 14443
CEN/TS 16794-2:2019

This document comes as a complement to the technical requirements expressed in CEN/TS 16794-1, for ensuring contactless communication interoperability between Public Transport (PT) devices or between PT devices compliant to CEN/TS 16794-1 and NFC mobiles devices compliant to NFC Forum specifications.
This document lists all the test conditions to be performed on a PT reader or a PT object in order to ensure that all the requirements specified in CEN/TS 16794-1 are met for the PT device under test.
This document applies to PT devices only:
-   PT readers which are contactless fare management system terminals acting as a PCD contactless reader based on the ISO/IEC 14443 series;
-   PT objects which are contactless fare media acting as a PICC contactless object based on the ISO/IEC 14443 series.
This document applies solely to the contactless communication layers described in Parts 1 to 4 of the ISO/IEC 14443 series. Application-to-application exchanges executed once contactless communication has been established at RF level fall outside the scope of this document. However, a test application will be used so as to make end-to-end transactions during tests on the RF communication layer.
This document does not duplicate the contents of the ISO/IEC 14443 series or ISO/IEC DIS 10373-6 standard. It makes reference to the ISO/IEC DIS 10373-6 applicable test methods, specifies the test conditions to be used and describes the additional specific test conditions that may be run.
The list of test conditions applicable to the PT device under test will be conditioned by the Information Conformance Statement (ICS) declaration made by the device manufacturer. For each test case, the test conditions are clearly specified in order to determine the pertinence to run or not the test case in accordance with the device capabilities or in accordance with the device manufacturer’s choice.
In order to facilitate the test report issuance, a test report template is included in Annex A of this document.
Although this document aims at becoming the primary basis for certification of contactless communication protocol applicable to PT readers and PT objects, it does not describe any certification or qualification processes as such processes should be defined between local or global transit industry stakeholders.

  • Technical specification
    32 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST-TS CEN/TS 16794-1:2019(Main)
Public transport - Communication between contactless readers and fare media - Part 1: Implementation requirements for ISO/IEC 14443
CEN/TS 16794-1:2019

This document constitutes the 3rd edition of CEN/TS 16794 1. It sets out the technical requirements to be met by contactless Public Transport (PT) devices in order to be able to interface together using the ISO/IEC 14443 series contactless communications protocol.
This document applies to PT devices:
-   PT readers which are contactless fare management system terminals acting as a PCD contactless reader based on the ISO/IEC 14443 series;
-   PT objects which are contactless fare media acting as a PICC contactless object based on the ISO/IEC 14443 series.
This edition addresses interoperability of consumer-market NFC mobile devices, compliant to NFC Forum specifications, with above mentioned PT devices, aligns with the 4th edition of the ISO/IEC 14443 series and maintains the possibility for PT readers to comply with the requirements from EMV Contactless Interface Specification [1] and the present document.
An interface–oriented test approach is used to evaluate the conformity of PT devices and is defined in CEN/TS 16794 2.
Application-to-application exchanges executed once contactless communication has been established at RF level fall outside the scope of this document. In line with the rules on independence between OSI protocol layers, this document works on the assumption that application-to-application exchanges are not contingent on the type of contactless communication established or the parameters used for the low-level protocol layers that serve as the platform for these application-to-application exchanges.

  • Technical specification
    38 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN 17054:2019(Main)
Biometrics multilingual vocabulary based upon the English version of ISO/IEC 2382-37:2012
EN 17054:2019

This European Standard establishes a systematic description of the concepts in the field of biometrics pertaining to recognition of human beings and reconciles variant terms in use in pre-existing biometric standards against the preferred terms, thereby clarifying the use of terms in this field.
Excluded from the scope of this document are concepts (represented by terms) from information technology, pattern recognition, biology, mathematics, etc. Biometrics uses such fields of knowledge as a basis.
In principle, mode specific terms are outside the scope of this European Standard.
Words in bold are defined in this document. Words that are not in bold are to be understood in their natural language sense. The authority for natural language use of terms in this document is the Concise Oxford English Dictionary (COD), Thumb Index Edition (tenth edition, revised, 2002). Words used in their natural language sense are considered out-of-scope for further definition in this document.

  • Standard
    76 pages
    English, French and German language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    77 pages
    English, French and German language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST-TS CEN/TS 17261:2019(Main)
Biometric authentication for critical infrastructure access control - Requirements and Evaluation
CEN/TS 17261:2018

The technical specification
i) Specifies design, performance and attack resistance requirements for biometric systems used as part of an automated access control system protecting access to Critical Infrastructure (defined in Council directive 2008 /114 / EC)
ii) Describes methodologies for evaluation of biometric access control products against these requirements

  • Technical specification
    18 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST-TS CEN/TS 17262:2019(Main)
Personal identification - Robustness against biometric presentation attacks - Application to European Automated Border Control
CEN/TS 17262:2018

This Technical Specification is an application profile for the International Standard ISO/IEC 30107 Biometric presentation attack detection. It provides best practice recommendations for the implementation of Automated Border Control (ABC) systems in Europe.
Presentation Attack Detection (PAD) is addressed for facial and fingerprint recognition.
The biometric reference data can be stored in electronic Machine Readable Travel Documents (eMRTD) and/or EU Visa Information System (VIS).
The TS covers the robustness of the system, privacy and data protection aspects, usability and acceptance as well as countermeasures including their evaluation from the Biometrics perspective. Enrolment, issuance and verification applications of eMRTD other than border control are not in scope.

  • Technical specification
    23 pages
    English language
    sale 10% off
    e-Library read for
    1 day