Logo

Site non disponible sur ce navigateur

Afin de bénéficier d'une expérience optimale nous vous invitons à consulter le site sur Chrome, Edge, Safari ou Mozilla Firefox.

adnews

Compliance: Oberthur Technologies Certified CC EAL 4+

  • The ANSSI has granted EAL4+ certification to Oberthur Technologies FlyBuy NFC SIM card. Oberthur Technologies has become the first non-banking supplier to gain Common Criteria EAL4+ certification.
  • The product is an open (U)SIM Java Card platform likely to be inserted in a mobile phone or any other communication equipment. The product proposes contactless communications (SWP compliant (Single Wire Protocol) and contact communications (ISO7816 compliant). [we translate]
  • Mobile operators can now issue NFC SIM cards displaying a security level as demanding as for most payment cards.
  • The Common Criteria for Information Technology Security Evaluation (ISO/IEC 15408) provide a list of approved evaluation procedures. Certifications are based on assessments conducted by private laboratories, certified by the relevant service/institution in charge in each country (in France, the ANSSI).
  • The EAL scale, Evaluation Assurance Level, expresses the rigor with which a product has been assessed. Each level corresponds to a set of SAR, Security Assurance Requirements, encompassing the entire development cycle of the product. Seven levels are included: from EAL1 (less demanding and cheaper) to EAL7 (the most demanding and expensive). EAL4 ensures that the product has been “Methodically Designed, Tested, and Reviewed”.
  • In some cases the assessment can be “augmented” to include requirements that exceed the required minimum of a given level. Vendors generally use the sign “+” to specify it. Oberthur Technologies’s NFC FlyBuy card was assessed “EAL4 augmented ALC_DVS.2, AVA_VAN.5”.