The company established at Sophia presented a tool allowing the secured management of Java cards (credit or SIM cards) and thus allowing the development of new applications.
It is a new worldwide innovation for Trusted Logic at the “Salon Cartes 2001”, held at the CNIT Paris La Défense from October 23rd to 25th 2001. Established at Sophia Antipolis, this company has presented “the first TL VSAM product, implemented on a IBM PCI secured module“. Thus announced, this new innovation doesn’t mean much except for those who work in the sector of embedded Java technologies and who know the complexity of security problems on Java Cards.
SIM cards or credit cards
The TL VSAM tool, designed by Trusted Logic, aims at the secured management of Java cards. For example, it is most of the SIM cards of your mobile phones (Orange has thus issued about 100 million Java cards in 2001). It is also credit cards equipped with applications such as the PME (Electronic purse) or loyalty applications (supermarket distribution, airline companies, etc.). All these examples show that the market targeted by Trusted Logic is quite large. They also explain why one of the partners of the company of Sophia is Visa International (moreover, this group did the VSAM specification).
Avoiding to download codes
The main problem for this type of chip card dedicated to receive additional applications is security. How is it possible to avoid that someone can view your mobile phone’s PIM code, or worse, the confidential code of your credit card? The software tool developed by Trusted Logic and embedded for the presentation in Paris on a PCI card of IBM (Fifteen centimetres long PCI cards which can fit in special places of your computer) allows to check and recognise the code lines that you will download on your Java Card.
Of course, it isn’t a tool dedicated to the general public but to “issuers” (banks or telephone companies), neither a tool answering to a market already developed. At the United States, thousands of cards hosting applications that already work but in France, the first cards should only be marketed on the first term 2002. However, the TL VSAM tool is for a near future, which is already preparing nowadays. It will allow to deliver a signature of conformity to the application you want to download if this application is secured. This signature will be recognized by your card which will then be able to download securely.
A tool allowing the development of Java cards
It should allow the development of Java cards, because until now, secured solutions were not simple to implement. Moreover, since the “issuers” are responsible of eventual malfunctioning, it was difficult to plan to market massively without developing trust between the different actors of a multi-applications programme.
”If TL VSAM is integrated to their multi-applications cards management system, the issuers of Java™ cards using the GlobalPlatform standard will be able to easily guarantee the integrity of any application dedicated to work on their platforms. Thus, it will develop their trust in the global system, , says Dominique Bolognano, CEO at Trusted Logic. TL VSAM can also be personalised to do additional validations for each issuer”. This new product is thus part of a consistent approach. It follows the first embedded verifier operators (September 1999) and verifier operators without cards (September 2000) which had already made Trusted Logic known as one of the greatest specialists of secure embedded systems.