iTeh StandardsiTeh Standards
EURUSD
Your shopping cart is empty.
SIST

SIST-TS CEN/TS 15480-1:2009

(Main)

Identification card systems - European Citizen Card - Part 1: Physical, electrical and transport protocol characteristics

Identification card systems - European Citizen Card - Part 1: Physical, electrical and transport protocol characteristics

This Technical Specification specifies Electronic Citizen Card (ECC) requirements. The ECC, is a smart card issued under the authority of a government institution, either national or local and carries credentials in order to provide all or part of the following services:
1)   verify the identity;
2)   act as an Inter-European Union travel document;
3)   facilitate logical access to e-government or local administration services.
A public administration authority may entitle a private organisation to provide all or part of the ECC services.
This Technical Specification is intended to offer the card issuer with a great deal of flexibility for the ECC specification, in connection with the services that the ECC provides, the authentication mechanisms supported and the national specific public policy with an special concern to protect the citizen privacy according to the applicable European legislation.
The requirements described in this Technical Specification are used to:
a)   define a plastic body card with associated physical and logical securities;
b)   specify the electrical interface and data transport protocols for the ECC;
c)   support the basic set of Identification and, authentication elements visible at the card surface.
This Technical Specification also contains a possible methodology for ECC durability testing in informative Annex B.
This Technical Specification refers to the European legislation and regulations in effect.

Identifikationskartensysteme - Europäische Bürgerkarte - Teil 1: Physikalische, elektrische und transportprotokollbezogene Merkmale

Diese Technische Spezifikation legt die Anforderungen an die Electronic Citizen Card (elektronische Bürgerkarte, ECC) fest. Die ECC ist eine Chipkarte, die von einer nationalen oder lokalen Behörde ausgegeben wird und Berechtigungsnachweise enthält, um eine oder alle der folgenden Leistungen zu ermöglichen:
   Identitätsüberprüfung;
   Einsatz als Reisedokument innerhalb der Europäischen Union;
   Erleichterung des logischen Zugangs zu E Government Diensten oder Diensten lokaler Verwaltungseinrichtungen.
Eine private Organisation kann von einer öffentlichen Verwaltungsbehörde die Genehmigung erhalten, die ECC bezogenen Dienstleistungen ganz oder teilweise zu erbringen.
Diese Technische Spezifikation soll dem Ausgeber der Karte hinsichtlich der durch die ECC ermöglichten Dienstleistungen, der unterstützten Authentifizierungsmechanismen und der nationalen Regelungen, die den Schutz der Privatsphäre der Bürger entsprechend den geltenden europäischen Gesetzen betreffen, ein hohes Maß an Flexibilität in Bezug auf die ECC Spezifikation bieten.
Die in diesem Teil dieser Technischen Spezifikation beschriebenen Anforderungen dienen zur:
Definition einer aus Kunststoff gefertigten Karte mit entsprechenden physikalischen und logischen Sicherheitsmerkmalen;
Festlegung der elektrischen Schnittstelle und der Datentransportprotokolle für die ECC;
Unterstützung des auf der Kartenoberfläche sichtbaren Basissatzes von Identifizierungs  und Authentifizierungselementen.
Darüber hinaus legt dieser Teil der Technischen Spezifikation in Anhang B eine Methodik für die Dauerhaftigkeitsprüfungen von ECC fest.

Systèmes des cartes d'identification - Carte Européenne du Citoyen - Partie 1: Caractéristiques physiques, électriques et protocoles de transmission

Sistemi z identifikacijskimi karticami - Kartica evropskih državljanov - 1. del: Fizične, električne in transportne značilnosti protokola

General Information

Status
Withdrawn
Publication Date
05-Jan-2009
Withdrawal Date
25-Nov-2012
ICS
35.240.15 - Identification cards. Chip cards. Biometrics
Technical Committee
ITC - Information technology
Current Stage
9900 - Withdrawal (Adopted Project)
Start Date
23-Nov-2012
Due Date
16-Dec-2012
Completion Date
26-Nov-2012
Ref Project
CEN/TS 15480-1:2007 - Identification card systems - European Citizen Card - Part 1: Physical, electrical and transport protocol characteristics

Relations

Replaced By
SIST-TS CEN/TS 15480-1:2013 - Identification card systems - European Citizen Card - Part 1: Physical, electrical and transport protocol characteristics
Effective Date
01-Jan-2013
Replaced By
SIST-TS CEN/TS 15480-1:2013 - Identification card systems - European Citizen Card - Part 1: Physical, electrical and transport protocol characteristics
Effective Date
08-Jun-2022

Buy Standard

TS CEN/TS 15480-1:2009TS CEN/TS 15480-1:2009
PreviousNext
Technical specification
TS CEN/TS 15480-1:2009
English language
42 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day

Standards Content (Sample)

SLOVENSKI STANDARD
SIST-TS CEN/TS 15480-1:2009
01-februar-2009
6LVWHPL]LGHQWLILNDFLMVNLPLNDUWLFDPL.DUWLFDHYURSVNLKGUåDYOMDQRYGHO
)L]LþQHHOHNWULþQHLQWUDQVSRUWQH]QDþLOQRVWLSURWRNROD
Identification card systems - European Citizen Card - Part 1: Physical, electrical and
transport protocol characteristics
Identifikationskartensysteme - Europäische Bürgerkarte - Teil 1: Physikalische,
elektrische und transportprotokollbezogene Merkmale
Systèmes des cartes d'identification - Carte Européenne du Citoyen - Partie 1:
Caractéristiques physiques, électriques et protocoles de transmission
Ta slovenski standard je istoveten z: CEN/TS 15480-1:2007
ICS:
35.240.15 Identifikacijske kartice in Identification cards and
sorodne naprave related devices
SIST-TS CEN/TS 15480-1:2009 en
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

---------------------- Page: 1 ----------------------

SIST-TS CEN/TS 15480-1:2009

---------------------- Page: 2 ----------------------

SIST-TS CEN/TS 15480-1:2009
TECHNICAL SPECIFICATION
CEN/TS 15480-1
SPÉCIFICATION TECHNIQUE
TECHNISCHE SPEZIFIKATION
April 2007
ICS 35.240.15

English Version
Identification card systems - European Citizen Card - Part 1:
Physical, electrical and transport protocol characteristics
Systèmes des cartes d'identification - Carte Européenne du Identifikationskartensysteme - Europäische Bürgerkarte -
Citoyen - Partie 1: Caractéristiques physiques, électriques Teil 1: Physikalische, elektrische und
et protocoles de transmission transportprotokollbezogene Merkmale
This Technical Specification (CEN/TS) was approved by CEN on 17 July 2006 for provisional application.
The period of validity of this CEN/TS is limited initially to three years. After two years the members of CEN will be requested to submit their
comments, particularly on the question whether the CEN/TS can be converted into a European Standard.
CEN members are required to announce the existence of this CEN/TS in the same way as for an EN and to make the CEN/TS available
promptly at national level in an appropriate form. It is permissible to keep conflicting national standards in force (in parallel to the CEN/TS)
until the final decision about the possible conversion of the CEN/TS into an EN is reached.
CEN members are the national standards bodies of Austria, Belgium, Bulgaria, Cyprus, Czech Republic, Denmark, Estonia, Finland,
France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal,
Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland and United Kingdom.
EUROPEAN COMMITTEE FOR STANDARDIZATION
COMITÉ EUROPÉEN DE NORMALISATION
EUROPÄISCHES KOMITEE FÜR NORMUNG
Management Centre: rue de Stassart, 36  B-1050 Brussels
© 2007 CEN All rights of exploitation in any form and by any means reserved Ref. No. CEN/TS 15480-1:2007: E
worldwide for CEN national Members.

---------------------- Page: 3 ----------------------

SIST-TS CEN/TS 15480-1:2009
CEN/TS 15480-1:2007 (E)
Contents Page
Foreword.3
Introduction .4
1 Scope.5
2 Normative references.5
3 Terms and definitions .6
4 Symbols and abbreviations .12
5 Definition, use and functions of the European Citizen Card (ECC) .13
5.1 General .13
5.2 Compliance with public administration requirements and citizen expectations.14
5.3 Citizen privacy protection.14
5.4 Identifying a ECC holder.14
5.5 European Citizen Cards functions .15
6 ECC physical characteristics.15
6.1 General .15
6.2 Materials .16
6.3 ECC physical security elements.16
6.4 ECC security evaluation .18
7 Electrical characteristics .18
7.1 Dimensions and location of the contacts or coupling area .18
7.2 The contact interface .18
7.3 Contactless interface .18
8 Transport protocols .18
9 Terminal characteristics .19
Annex A (informative) General card design (with reference to Directive 96/47/EC relating to
European driving licences).20
Annex B (informative) Methodology for the design of ECC durability testing.23
B.1 General .23
B.2 Introduction .23
B.3 Vocabulary.24
B.4 Methodology for ECC durability .24
B.5 Core test sequence requirements .29
B.6 Individual tests relevant for the ECC.30
B.7 Examples of mission profile calculations for the ECC.35
Annex C (informative) Security requirements for the ECC as a travel document (Council Regulation
on e-passports and travel documents) .39
C.1 Material .39
C.2 Biographical data page .39
C.3 Printing techniques.40
C.4 Protection against copying.40
C.5 Issuing technique.41
Bibliography.42
2

---------------------- Page: 4 ----------------------

SIST-TS CEN/TS 15480-1:2009
CEN/TS 15480-1:2007 (E)

Foreword
This document (CEN/TS 15480-1:2007) has been prepared by Technical Committee CEN/TC 224 “Personal
identification, electronic signature and cards and their related systems and operations”, the secretariat of which is
held by AFNOR.
CEN/TS 15480, Identification card systems — European Citizen Card consists of the following parts:
Part 1: Physical, electrical and transport protocol characteristics
Part 2: Logical data structures and card services
Part 3: ECC interoperability using an application interface
Part 4: Recommendations for ECC issuance, operation and use
According to the CEN/CENELEC Internal Regulations, the national standards organizations of the following
countries are bound to announce this CEN Technical Specification: Austria, Belgium, Bulgaria, Cyprus, Czech
Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania,
Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden,
Switzerland and United Kingdom.
3

---------------------- Page: 5 ----------------------

SIST-TS CEN/TS 15480-1:2009
CEN/TS 15480-1:2007 (E)
Introduction
This Technical Specification describes the specifications for the European Citizen Card (ECC) including electronic
identity cards, with smart card format, defining identity justification with emphasis on remote civil service
procedures.
This proposal is intended to comply with the scope of the NWI ECC as defined by the terms of reference
document approved by the CEN/TC 224 Resolution 667/2004.
This Technical Specification is one of a set of documents describing card specifications. It defines identity
justification functions, with emphasis on remote public service procedures requiring the generation and/or
verification by the ECC card of electronic signatures and electronic certificates.
4

---------------------- Page: 6 ----------------------

SIST-TS CEN/TS 15480-1:2009
CEN/TS 15480-1:2007 (E)
1 Scope
This Technical Specification specifies Electronic Citizen Card (ECC) requirements .The ECC, is a smart card
issued under the authority of a government institution, either national or local and carries credentials in order to
provide all or part of the following services:
1) verify the identity;
2) act as an Inter-European Union travel document;
3) facilitate logical access to e-government or local administration services.
A public administration authority may entitle a private organisation to provide all or part of the ECC services.
This Technical Specification is intended to offer the card issuer with a great deal of flexibility for the ECC
specification, in connection with the services that the ECC provides, the authentication mechanisms supported
and the national specific public policy with an special concern to protect the citizen privacy according to the
applicable European legislation.
The requirements described in this Technical Specification are used to:
a) define a plastic body card with associated physical and logical securities;
b) specify the electrical interface and data transport protocols for the ECC;
c) support the basic set of Identification and, authentication elements visible at the card surface.
This Technical Specification also contains a possible methodology for ECC durability testing in informative Annex
B.
This Technical Specification refers to the European legislation and regulations in effect.
2 Normative references
The following referenced documents are indispensable for the application of this document. For dated references,
only the edition cited applies. For undated references, the latest edition of the referenced document (including any
amendments) applies.
ISO/IEC 7810, Identification cards — Physical characteristics
ISO/IEC 7816-1, Identification cards — Integrated circuit(s) card(s) with contacts — Part 1: Physical
characteristics
ISO/IEC 7816-2, Identification cards — Integrated circuit cards — Part 2: Cards with contacts — Dimensions and
location of the contacts
ISO/IEC 7816-3, Identification cards -- Integrated circuit cards -- Part 3: Cards with contacts -- Electrical interface
and transmission protocols
ISO/IEC 7816-4, Identification cards — Integrated circuit(s) cards — Part 4: Organization, security and commands
for interchange
5

---------------------- Page: 7 ----------------------

SIST-TS CEN/TS 15480-1:2009
CEN/TS 15480-1:2007 (E)
ISO/IEC 7816-5, Identification cards — Integrated circuit cards — Part 5: Registration of application identifiers
ISO/IEC 7816-6, Identification cards — Integrated circuit cards — Part 6: Interindustry data elements for
interchange
ISO/IEC 7816-7, Identification cards — Integrated circuit(s) cards with contacts — Part 7: Interindustry commands
for Structured Card Query Language (SCQL)
ISO/IEC 7816-8, Identification cards — Integrated circuit cards — Part 8: Commands for security operations
ISO/IEC 7816-9, Identification cards — Integrated circuit cards — Part 9: Commands for card management
ISO/IEC 7816-10, Identification cards — Integrated circuit(s) cards with contacts — Part 10: Electronic signals
and answer to reset for synchronous cards
ISO/IEC 7816-11, Identification cards — Integrated circuit cards — Part 11: Personal verification through
biometric methods
ISO/IEC 7816-12, Identification cards — Integrated circuit cards — Part 12: Cards with contact — USB electrical
interface and operating procedures
ISO/IEC 7816-15, Identification cards — Integrated circuit cards — Part 15: Cryptographic information application
ISO/IEC 10373-3, Identification cards — Test methods — Part 3: Integrated circuit(s) cards with contacts and
related interface devices
ISO/IEC 10373-6, Identification cards — Test methods — Part 6: Proximity cards
ISO/IEC 14443-1, Identification cards — Contactless integrated circuit(s) cards — Proximity cards — Part 1:
Physical characteristics
ISO/IEC 14443-2, Identification cards — Contactless integrated circuit(s) cards — Proximity cards — Part 2:
Radio frequency power and signal interface
ISO/IEC 14443-3, Identification cards — Contactless integrated circuit(s) cards — Proximity cards — Part 3:
Initialization and anticollision
ISO/IEC 14443-4, Identification cards — Contactless integrated circuit(s) cards — Proximity cards — Part 4:
Transmission protocol
ICAO 9303, Part 1, Machine Readable Passports
ICAO 9303, Part 2, Machine Readable Visas
ICAO 9303, Part 3, Machine Readable Official Documents of Identity
3 Terms and definitions
For the purposes of this document, the following terms and definitions apply.
6

---------------------- Page: 8 ----------------------

SIST-TS CEN/TS 15480-1:2009
CEN/TS 15480-1:2007 (E)
3.1
access control
mechanism for limiting the use of some ECC resources to authorized users, based on the privilege attributes of
the requester and control attributes of the requested resource. Access control mechanisms may be used to
protect disclosure of private sensitive data stored in the ECC
3.2
alteration
fraudulent action of changing a part of an original document, e.g. by changing the biographical data of the
document holder
3.3
application
data structure, data elements and program modules needed for a specific functionality to be satisfied
3.4
authentication
provision of assurance of the claimed identity of an entity
[ISO/IEC 10181-2:1996]
3.5
authorization
right or permission that is granted to the ECC holder after its successful authentication
3.6
card holder
legal holder of the ECC
3.7
card issuing authority
entity that issues the ECC
3.8
Certification Authority (CA)
means an entity or a legal or natural person who issues certificates or provides other services related to electronic
signatures
[Directive 1999/93/EC]
3.9
checking the authenticity of the issuing authority
 verifying the authenticity of the card,
 verifying that the card is compliant with Civil Service specifications;
 verifying the issuing authority;
 identifying the ECC by its intrinsic properties.
The authenticity inspection may be conducted using resources such as a magnifying glass, UV lamp, digital
fingerprint sensor, micromodule reader etc.
7

---------------------- Page: 9 ----------------------

SIST-TS CEN/TS 15480-1:2009
CEN/TS 15480-1:2007 (E)
3.10
counterfeiting
unauthorized document that has the same security characteristics as the original document ones and that cannot
be distinguished from a legitimate one. For instance a card made from a blank stolen document
3.11
credentials
known data attesting to the truth of certain citizen identity attributes and stored in the ECC
3.12
electronic certificate
means an electronic attestation which links signature-verification data to a person and confirms the identity of that
person
[Directive 1999/93/EC]
3.13
electronic signature
means data in electronic form which are attached to or logically associated with other electronic data and which
serve as a method of authentication
[Directive 1999/93/EC]
3.14
evaluation
assessment of a PP, an ST or a TOE, against defined criteria
3.15
Evaluation Assurance Level (EAL)
package consisting of assurance components from ISO/IEC 15408-3 that represents a point on the CC predefined
assurance scale
3.16
fingerprint minutia(e)
minutiae are characteristics of digital fingerprint ridges (start, end, ridge bifurcation). Each minutia is represented
by a mathematical point and an angle defining a position and a direction. Minutiae are represented by a dot map
used to single out digital fingerprints and people
3.17
falsification
refer to alteration and simulation
3.18
fixed administrative information
general information on an identity document in a predefined, precise order, pre-printed or otherwise, constituting
the structure for all personal information contained in the said document
3.19
guilloche
motifs formed using continuous thin lines, usually created by a computer, together forming a unique image that
may only be perfectly reproduced with the same equipment (software, parameters, hardware and materials) used
to produce the original motif
8

---------------------- Page: 10 ----------------------

SIST-TS CEN/TS 15480-1:2009
CEN/TS 15480-1:2007 (E)
3.20
identification
process necessary to recognise the identity of the cardholder
3.21
identified transaction
is one in which the data can be readily related to a particular individual, because the transaction carries a
credential of the person concerned or because the transaction contains data which, in combination with other
available data, links the transaction to a particular person
3.22
initial and secondary ECC examinations
initial examination is an analysis of the ECC security components either visually and/or using light, transportable
resources. A secondary examination is an analysis of ECC security components using laboratory technology
resources
3.23
interoperability
property enabling heterogeneous equipment concerned by electronic exchanges, to inter-communicate in
compliance with standards.
These standards specify the following common characteristics:
 electrical and mechanical interfaces;
 structure and coding of exchanged messages;
 data identifiers;
commands structure and coding for data processing
3.24
machine readable zone
three lines of OCR-B characters on the back of a ID1 card that may be read by a machine
(see ICAO 9303)
3.25
microcontroller
electronic component integrating the different physical elements of a card (CPU, ROM, RAM, EEPROM and
possibly a cryptoprocessor etc.)
3.26
micromodule
electronic part of the ECC and includes the integrated circuit and components required to connect to the outside
world. There are several micromodule types. The main types are:
 contact micromodule:
this type of micromodule is designed to communicate using embedded mechanical characteristics in
compliance with the rules of ISO/IEC 7816;
 contactless micromodule:
9

---------------------- Page: 11 ----------------------

SIST-TS CEN/TS 15480-1:2009
CEN/TS 15480-1:2007 (E)
this type of micromodule is designed to allow the card to only communicate using radio frequencies whose
characteristics are defined in ISO/IEC 14443;
 mixed micromodule:
this type of micromodule is designed to allow the card to communicate in both contact and contact-less
modes via a radio frequency link, whose characteristics are defined in ISO/IEC 14443, with the reader. Cards
with this type of micromodule are called “combination cards” or “dual interface cards”
3.27
microlettering
text with very small font size, printed in positive or in negative and that may be read using a magnifying device
3.28
mission profile
durability of a card in the field is defined with respect to the “usage” conditions and the “age” criteria. Both are
dependant on the environment, storage by the user and the reader profile. Respectively all these parameters are
influenced by the frequency of use and the card operational life
3.29
optical variable feature
image or device whose colour and/or design changes depending on the angle of vision or the amount of light used
3.30
private key
key of an entity’s asymmetric key pair which should only be used by that entity
[ISO/IEC 11770-1:1996]
3.31
protection profile
implementation-independent set of security requirements for a category of TOEs that meet specific consumer
needs
3.32
public key
key of an entity’s asymmetric key pair which can be made public
[ISO/IEC 11770-1:1996]
3.33
public key infrastructure (PKI)
system that uses asymmetric encryption to provide proof of identity, data privacy, non-repudiation and data
integrity
3.34
rainbow printing
technique used to print two or more colours simultaneously to create controlled mixes of colours that vary
consistently and gradually between two different zones
 electronic reading/writing zone with contact:
this is determined by the location of the micromodule metallic contacts. The location of this zone is defined by
ISO/IEC 7816-2;
10

---------------------- Page: 12 ----------------------

SIST-TS CEN/TS 15480-1:2009
CEN/TS 15480-1:2007 (E)
 electronic reading/writing zone without contact:
this is determined by the volume associated with the information exchange device in which a card may be
read or written by the reader as per ISO/IEC 14443;
 electronic reading/writing zone for a mixed card:
this zone provides the same function as both the contact and contactless electronic communication zones
3.35
physical protection
additional layer applied during the personalization process that protects the variable data of the ECC (e.g. photo)
and the ECC card body. They include laminate, overlay, varnish, patches, holograms or any combination of them
3.36
pseudonym
identifier for a party to a transaction, which is not, in the normal course of events, sufficient to associate the
transaction with a particular citizen
3.37
pseudonymous transaction
one in which the transaction data contains no direct citizen identifier. The data may however be indirectly
associated with the citizen if particular procedures are followed
3.38
remote procedure
paperless exchange of administrative processes between public authorities (ministers, public bodies etc.) and
their partners and citizens.
The main stages are:
 request for access to an on-line procedure;
 loading of an on-line procedure;
 loading of procedure-related data;
 filling up of document on screen;
 signature and transfer of procedure-related data
3.39
remote transmission
transmission via a paperless data network of non-secure and secure data (encoding and/or electronic signature)
3.40
ROM
non-volatile, non-rewritable memory technology applicable to operating systems and allowing the storage of all or
some software components. Other non-volatile memory technologies can also be used, such as Flash-EEPROM
memories
11

---------------------- Page: 13 ----------------------

SIST-TS CEN/TS 15480-1:2009
CEN/TS 15480-1:2007 (E)
3.41
secure signature creation device (SSCD)
electronic device meeting the requirements of Annex III of Directive 1999/93/EC covering electronic signatures.
The ECC platform is capable to support an electronic signature service meeting these requirements
3.42
security target (ST)
set of security requirements and specifications to be used as the basis for evaluation of an identified TOE
3.43
simulation
unauthorized document that simulates the original document in terms of overall aspect and in terms of security
characteristics but without having the original ones
3.44
target of evaluation (TOE)
IT product or system and its associated administrator and user guidance documentation that is the subject of an
evaluation
3.45
user authentication
authentication mechanism involving the provision of evidence of the identity of an individual
3.46
variable information
personal information on an identity document, summarising data linked to the document holder
3.47
visual inspection and automatic inspection
when an agent responsible for this procedure inspects the document and information specifications without
instrumentation, this inspection is considered to be visual. If the agent uses a device to inspect all or part of a
document's characteristics, this inspection is considered to be automatic
4 Symbols and abbreviations
AID Application Identifier
APDU Application Protocol Data Unit
API Application Programmable Interface
CC Common Criteria
ECC European Citizen Card
CEN European Standardization Committee
EEC European Economic Community
EEPROM Electrically Erasable Programmable Read Only Memory
ETSI European Telecommunications Standards Institute
IAS Identification Authentication Signature
ICAO International Civil Aviation Organization
ISO International Organization for Standardization
MAC Message Authentication Code
12

---------------------- Page: 14 ----------------------

SIST-TS CEN/TS 15480-1:2009
CEN/TS 15480-1:2007 (E)
MRZ Machine Readable Zone
OS Operating System
OVF Optical Variable Feature
PCD Proximity Coupling Device
PICC Proximity Integrated Circuit card
PIN Personal Identification Number
PP Protection Profile
RAM Random Access Memory
ROM Read Only Memory
SSCD Secure Signature Creation Device
TOE Target of Evaluation
USB Universal Serial Bus
UV Ultra Violet
5 Definition, use and functions of the European Citizen Card (ECC)
5.1 General
The ECC shall be a personalized smart card with an ID-1 format as defined in ISO/IEC 7810 and a module
compliant with ISO/IEC 7816 parts 1 and 2.
The ECC shall serve to verify the identity of its holder electronically by using identity credentials securely stored in
the card memory and possibly using visual features on the card. These features:
 shall be designed for visual inspection by suitable technological means;
 shall be designed for easy control only by a visual inspection;
 enable the generation of an electronic signature using the certificate issued by the corresponding certification
authority;
 offer stringent security to match the level of the threat of fraud;
 enable the owner to check personal data contained in the card
 dependant on the options selected, enable its holder to access remote procedures, remote transmissions and
services made available by the public administration

The card shall reflect sufficiently the outcomings of the national global risk analysis incorporating visual
identification risks, natural or accidental risks, fraud or counterfeiting risks and risks linked to the voluntary
degradation of the protective covering and micromodule.
The card shall include a contact interface according to ISO/IEC 7816-3 and / or ISO/IEC 7816-12. When the ECC
logical data set is compliant with ICAO specification, then the ECC shall include a contact-less interface, access
method mechanisms and visual data field compliant with ICAO 9303, Parts 1 to 3, requirements.
13

---------------------- Page: 15 ----------------------

SIST-TS CEN/TS 15480-1:2009
CEN/TS 15480-1:2007 (E)
5.2 Compliance with public administration requirements and citizen expectations
5.2.1 Public administration requirements
ECC shall take into account public administration requirements where based upon EC Directives and the
following:
 administrative structures of the State. The ECC simplifies the administrative handling of citizen services and
provides the means to ensure the full integrity of processed and transmitted information;
 reliable and secure means of authentication;
 specific security requirements for access to on-line e-government services (e.g. access only possible using
certified terminals).
5.2.2 Citizen expectations
 Easy access for the citizen to local and public authorities information;

...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

This May Also Interest You

SIST
SIST-TS CEN/TS 17661:2022(Main)
Personal identification – European enrolment guide for biometric ID documents (EEG)
CEN/TS 17661:2021

This technical specification provides guidance on
• capturing of facial images to be used as reference images in identity or similar documents,
• capturing of fingerprint images to be used as reference images in identity or similar documents,
• data quality maintenance for biometric reference data,
• data authenticity maintenance for biometric reference data.
The TS addresses the following aspects which are specific for biometric reference data capturing:
• biometric data quality and interoperability ensurance,
• data authenticity ensurance,
• morphing and other presentation attack detection,
• accessibility and usability,
• privacy and data protection,
• optimal process design.
The following aspects are out of scope:
• IT security,
• data capturing for verification purposes, e.g., in ABC gates.
• self-taken images, although a section on this has been included

  • Technical specification
    73 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST-TS CEN/TS 17631:2021(Main)
Personal identification - Biometric group access control
CEN/TS 17631:2021

This technical specification provides guidance on providing access
• To areas with physical access control, e.g., entertainment facilities, train stations, shops, libraries,banks, or border control,
• For small groups of persons, e.g., families with small children or seniors, or other accompanied persons in need of support,
• By means of biometric authentication technologies, e.g., facial, fingerprint, or vein recognition,
• In the European regulatory context.
The TS addresses the following aspects which are specific for biometric and group access:
• Accessibility and usability,
• User guidance including group guidance and interaction control,
• Privacy including data set content,
• Presentation attack detection,
• Applicable biometric technologies,
• Storage of reference data,
• Biometric process integration,
• Specific needs considering biometrics for groups,
• Biometric performance and error rates, and
• Group internal linkage.
The following aspects which reflect on generic access control issues are out of scope:
• IT security,
• Application specific physical security,
• Policy definition,
• Processes not related to biometric authentication, and
• Specific performance requirements of identification (1:N) and verification (1:1) applications.

  • Technical specification
    18 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST ISO/IEC 4909:2021(Main)
Identification cards -- Financial transaction cards -- Magnetic stripe data content for track 3
ISO/IEC 4909:2006

ISO/IEC 4909:2006 establishes specifications for financial transaction cards using track 3 and is intended to permit interchange based on the use of magnetic stripe encoded information. It specifies the data content and physical location of read/write information on track 3 and is to be used in conjunction with the relevant parts of ISO/IEC 7811 and ISO/IEC 7812.
ISO/IEC 4909:2006 recognizes the need for formats of track 3 which can be used independently of, or in conjunction with, track 2 as defined in ISO/IEC 7813. This approach is intended to permit the greatest degree of flexibility within the financial community in facilitating international interchange.
Using track 3 in conjunction with track 2 is a mode of operation in both on-line and off-line interchange environments. This mode of operation requires that the original encoded data on track 2 be read; the data on track 3 be read; and, if update is required, all the data on track 3 be rewritten.
Independent use of track 3 is an alternative mode of operation permitting both on-line interchange and off-line interchange based on mutual agreement between interested parties. It requires reading only of the data on track 3 and, if update is required, the rewriting of all the data on track 3.

  • Standard
    19 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Standard
    14 pages
    English language
    sale 15% off
SIST
SIST-TS CEN/TS 17489-1:2020(Main)
Personal identification - Secure and interoperable European Breeder Documents - Part 1: Framework overview
CEN/TS 17489-1:2020

This document provides an overview of a framework on breeder documents. It introduces the document structure of FprCEN/TS 17489 (all parts) that specifies how citizens retain the control of breeder document data and how they can use them to support identity proofing and verification. Moreover, the framework provides methodologies to assess and increase the level of trust in breeder documents.
This framework specifies methods for:
-   defining physical and logical/digital representations of a secure breeder document (hardware based, paper-based, server-based),
-   securing breeder document processes,
-   linking the document to its legitimate holder.
The following types of breeder documents are in the scope of the framework:
-   birth certificates,
-   marriage and partnership certificates,
-   death certificates.
The following breeder documents management processes including first-time application, later-in-life registration of an identity, and content update (e.g. name-changing) are in the scope of this framework:
-   registration,
-   issuance,
-   renewal,
-   inspection/verification,
-   revocation.
The specification of policies is out of scope.

  • Technical specification
    14 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN 1332-3:2020(Main)
Identification card systems - User Interface — Part 3: Key pads
EN 1332-3:2020

This European Standard covers the ergonomic layout and usability of keypads. The keypad may consist of numeric, command and function keys and alphanumeric characters. On the basis that keypad layout impacts performance (keying speed, and errors), this European Standard aims to:
-   enhance usability;
-   ensure ease of use through consistency;
-   increase customer confidence;
-   reduce customer error;
-   improve operating time;
-   ensure ergonomic data entry.
This European Standard specifies the arrangement, the number and location of numeric, function and command keys, including placement of alphabetic characters on numeric keys. Design requirements and recommendations are also provided.
This standard applies to all identification card systems with a numeric keypad for use by the public for stationary or non-stationary devices. This standard also covers keypads on touch sensitive devices.

  • Standard
    20 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    19 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST-TS CEN/TS 16794-1:2019(Main)
Public transport - Communication between contactless readers and fare media - Part 1: Implementation requirements for ISO/IEC 14443
CEN/TS 16794-1:2019

This document constitutes the 3rd edition of CEN/TS 16794 1. It sets out the technical requirements to be met by contactless Public Transport (PT) devices in order to be able to interface together using the ISO/IEC 14443 series contactless communications protocol.
This document applies to PT devices:
-   PT readers which are contactless fare management system terminals acting as a PCD contactless reader based on the ISO/IEC 14443 series;
-   PT objects which are contactless fare media acting as a PICC contactless object based on the ISO/IEC 14443 series.
This edition addresses interoperability of consumer-market NFC mobile devices, compliant to NFC Forum specifications, with above mentioned PT devices, aligns with the 4th edition of the ISO/IEC 14443 series and maintains the possibility for PT readers to comply with the requirements from EMV Contactless Interface Specification [1] and the present document.
An interface–oriented test approach is used to evaluate the conformity of PT devices and is defined in CEN/TS 16794 2.
Application-to-application exchanges executed once contactless communication has been established at RF level fall outside the scope of this document. In line with the rules on independence between OSI protocol layers, this document works on the assumption that application-to-application exchanges are not contingent on the type of contactless communication established or the parameters used for the low-level protocol layers that serve as the platform for these application-to-application exchanges.

  • Technical specification
    38 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST-TS CEN/TS 16794-2:2019(Main)
Public transport - Communication between contactless readers and fare media - Part 2: Test plan for ISO/IEC 14443
CEN/TS 16794-2:2019

This document comes as a complement to the technical requirements expressed in CEN/TS 16794-1, for ensuring contactless communication interoperability between Public Transport (PT) devices or between PT devices compliant to CEN/TS 16794-1 and NFC mobiles devices compliant to NFC Forum specifications.
This document lists all the test conditions to be performed on a PT reader or a PT object in order to ensure that all the requirements specified in CEN/TS 16794-1 are met for the PT device under test.
This document applies to PT devices only:
-   PT readers which are contactless fare management system terminals acting as a PCD contactless reader based on the ISO/IEC 14443 series;
-   PT objects which are contactless fare media acting as a PICC contactless object based on the ISO/IEC 14443 series.
This document applies solely to the contactless communication layers described in Parts 1 to 4 of the ISO/IEC 14443 series. Application-to-application exchanges executed once contactless communication has been established at RF level fall outside the scope of this document. However, a test application will be used so as to make end-to-end transactions during tests on the RF communication layer.
This document does not duplicate the contents of the ISO/IEC 14443 series or ISO/IEC DIS 10373-6 standard. It makes reference to the ISO/IEC DIS 10373-6 applicable test methods, specifies the test conditions to be used and describes the additional specific test conditions that may be run.
The list of test conditions applicable to the PT device under test will be conditioned by the Information Conformance Statement (ICS) declaration made by the device manufacturer. For each test case, the test conditions are clearly specified in order to determine the pertinence to run or not the test case in accordance with the device capabilities or in accordance with the device manufacturer’s choice.
In order to facilitate the test report issuance, a test report template is included in Annex A of this document.
Although this document aims at becoming the primary basis for certification of contactless communication protocol applicable to PT readers and PT objects, it does not describe any certification or qualification processes as such processes should be defined between local or global transit industry stakeholders.

  • Technical specification
    32 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN 17054:2019(Main)
Biometrics multilingual vocabulary based upon the English version of ISO/IEC 2382-37:2012
EN 17054:2019

This European Standard establishes a systematic description of the concepts in the field of biometrics pertaining to recognition of human beings and reconciles variant terms in use in pre-existing biometric standards against the preferred terms, thereby clarifying the use of terms in this field.
Excluded from the scope of this document are concepts (represented by terms) from information technology, pattern recognition, biology, mathematics, etc. Biometrics uses such fields of knowledge as a basis.
In principle, mode specific terms are outside the scope of this European Standard.
Words in bold are defined in this document. Words that are not in bold are to be understood in their natural language sense. The authority for natural language use of terms in this document is the Concise Oxford English Dictionary (COD), Thumb Index Edition (tenth edition, revised, 2002). Words used in their natural language sense are considered out-of-scope for further definition in this document.

  • Standard
    76 pages
    English, French and German language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    77 pages
    English, French and German language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST-TS CEN/TS 17261:2019(Main)
Biometric authentication for critical infrastructure access control - Requirements and Evaluation
CEN/TS 17261:2018

The technical specification
i) Specifies design, performance and attack resistance requirements for biometric systems used as part of an automated access control system protecting access to Critical Infrastructure (defined in Council directive 2008 /114 / EC)
ii) Describes methodologies for evaluation of biometric access control products against these requirements

  • Technical specification
    18 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST-TS CEN/TS 17262:2019(Main)
Personal identification - Robustness against biometric presentation attacks - Application to European Automated Border Control
CEN/TS 17262:2018

This Technical Specification is an application profile for the International Standard ISO/IEC 30107 Biometric presentation attack detection. It provides best practice recommendations for the implementation of Automated Border Control (ABC) systems in Europe.
Presentation Attack Detection (PAD) is addressed for facial and fingerprint recognition.
The biometric reference data can be stored in electronic Machine Readable Travel Documents (eMRTD) and/or EU Visa Information System (VIS).
The TS covers the robustness of the system, privacy and data protection aspects, usability and acceptance as well as countermeasures including their evaluation from the Biometrics perspective. Enrolment, issuance and verification applications of eMRTD other than border control are not in scope.

  • Technical specification
    23 pages
    English language
    sale 10% off
    e-Library read for
    1 day