GlobalPlatform and SIMalliance Will Work Together to Enhance Mobile Application Security
3 January – A Memorandum of Understanding (MoU) has been signed between GlobalPlatform and SIMalliance, which will see the two industry bodies align their work initiatives to further enhance application security on mobile devices. Through the formal partnership, the associations will work together to develop an end to end solution that will allow a mobile device application to communicate with an application loaded in a secure element (SE).
SIMalliance – an organization which supports the creation, deployment and management of secure mobile services and applications globally – released its Open Mobile API earlier this year to standardize a controlled link between a mobile device application and a SE application. The specification creates a common API – delivering a single, consistent specification and interface across multiple operating systems, which will facilitate the access to secure services hosted in a SE. As the organization which standardizes the management of applications on secure chip technology, GlobalPlatform is building on this foundation to ensure only authorized applications can communicate with applications hosted in the SE in this manner.
Gil Bernabeu, Technical Director at GlobalPlatform, explains: “The Open Mobile API will become a de-facto standard and will allow all applications to send commands to a SE application. The two associations will work together to combine the filtering technology of GlobalPlatform (known as SE access control) with the Open API, to deliver a complete solution for handset manufacturers.
“As two associations heavily engaged in the emerging secure mobile services landscape, we are perfectly positioned to work on this initiative together. The work will bring many benefits to secure mobile services providers that will find a simple standard solution to protect SE services from unauthorized mobile applications.”
Frédéric Vasnier, Chairman of the SIMalliance Board, adds: “Our two associations have a long-standing relationship and we look forward to sharing expertise on this specific activity as attacks on smart phone and tablet applications increase in number and sophistication. While connecting the application to the SE via the Open Mobile API prevents many of the security breaches we see today, it is vital that we protect this communication channel – between the SE and application – from future malicious attacks.”
Further announcements on this work will be released in 2012.
GlobalPlatform is a cross industry, not-for-profit association which identifies, develops and publishes specifications which facilitate the secure and interoperable deployment and management of multiple embedded applications on secure chip technology. Its proven technical specifications are regarded as the international industry standard for building a trusted end-to-end solution which serves multiple actors and supports several business models.
The freely available specifications provide the foundation for market convergence and innovative new cross-sector partnerships. The technology has been adopted globally across finance, mobile/telecom, government, healthcare, retail and transit sectors. GlobalPlatform also supports an open compliance program ecosystem to ensure the long-term interoperability of secure chip technology.
As a member-driven association with cross-market representation from all world continents, GlobalPlatform membership is open to any organization operating within this landscape. Its 60+ members contribute to technical committees and market-led task forces. www.globalplatform.org.
SIMalliance is (the non-profit trade association) dedicated to supporting the creation, deployment and management of secure mobile services and applications across the globe. Working in partnership with members, strategic partners and the wider mobile community SIMalliance anticipates and addresses the security, identity and mobility challenges of an increasingly converged internet. Through its working groups the alliance seeks to offer the blueprint to create a secure, open and interoperable environment where mobile services thrive. Headquartered in London, its membership is responsible for delivering the most widely distributed secure application delivery platform in the world (SIM/USIM). For more information visit www.simalliance.org
Its membership is responsible for delivering the most widely distributed mobile application platform in the world (SIM/USIM).
SIMalliance members are Datang, Eastcompeace, Gemalto, Giesecke & Devrient, Incard, Inkript, Kebt, Oberthur Technologies, Morpho, Valid, Watchdata & Wuhan Tianyu.
SIMalliance Strategic Partners are Comprion, Linxens and Movenda.
Press Contact: Stéphanie de Labriolle