Implementations
 
 
 
 
 
 
    Implementations  > Government

> Financial
> Mobile Telecom
> Government
> Healthcare
> Retail
> Transit

Deploying GlobalPlatform Specifications within smart card based government e-ID programs can:

  • Provide a secure, scalable and cost-effective infrastructure to support government applications
  • Protect the government issuer's investment, by 'future-proofing' the program against business decisions which have not been made at the time of deployment. GlobalPlatform's flexible and scalable infrastructure can accommodate significant changes to the program post-issuance
  • Ensure that mandated international and national standards are met and that application specific requirements are fulfilled.
  • Support multi-factor authentication and a variety of authentication encryption techniques.

Government Implementations:

Austrian Citizen Cards
In the first quarter of 2005, Bell ID's ANDiS Management System facilitated the issuance and management of eleven million social insurance citizen smart cards in Austria. Based on GlobalPlatform systems technology, the new 'e-card' system eliminated the need to issue and process 40 million paper-based healthcare vouchers annually. In addition to the e-cards, ANDiS also issued and managed more than 25,000 o-cards which were for authorized staff in doctors' practices.

Bell ID's web-based ANDiS Management System managed the complete life-cycle of all e-cards and o-cards with the integrated GlobalPlatform based Post-Issuance Personalization (PIP) functionality. This added feature not only allows cardholders to download and reload applications at a later date, but also enables the Main Association of Austrian Social Insurance Institutions to change on-card data via their own e-portal, the Karten Service Portal. In addition, the PIP feature assists the Karten Service Portal in allowing citizens to apply for and download digital certificates.

Used as citizen cards, the new multi-application e-cards managed by the ANDiS solution, contain personal cardholder data as well as up to four digital certificates for data security and verification of the cardholder's identity.

GlobalPlatform member solution providers include Bell ID.



Daejeon Project
In October 2003, Visa Cash and Hana Bank launched a project to transform the city of Daejeon into a 'digital city' which involved the issuance of GlobalPlatform smart cards with transit functions. The first phase of the project targeted a customer base of 500,000 cardholders between the ages of 14-24. Hana Bank issued multi-functional cards to customers over the age of 18 and single cash applet only cards to customers under the age of 18. Both cards carried the Visa Cash, membership, loyalty, ID, and internet applications. Only the multi-functional cards targeted at 18 and over carried the Visa Smart Debit Credit application.

In addition to payment capabilities, the GlobalPlatform smart card allows for personal portable storage capabilities in the area of online transaction certification, ID student cards, and medical card functions.

Visa's role in the project was to provide the e-purse system and services, installing the infrastructure for Hana Bank, reloading the card, and coordinating with City Hall, Hana Bank, and other vendors. Hana Bank was responsible for issuing and personalizing the cards, settlement, installing the infrastructure, and arranging for the system provider. City Hall was responsible for service planning, policy and regulation, and coordination.

GlobalPlatform member solution providers include NXP Semiconductors, and Visa Inc.



General Services Administration (GSA)
In October 2006, the United States General Services Administration (GSA) implemented a FIPS 201 compliant shared-service card issuance and management system. The system allowed participating US Federal Agencies to issue FIPS 201 compliant GlobalPlatform identification cards to its employees and contractors.

The FIPS 201 compliant identification cards issued within this implementation utilize GlobalPlatform Card Specification v2.0. The shared-service card issuance system is under the direction of the GSA and implemented by BearingPoint and Gemalto. Gemalto's SafesITe Government solution employs Bell ID's ANDiS Card Management System (CMS) which is based on GlobalPlatform's Systems Specifications. The personalization interface and Post Issuance Personalization Modules also utilize GlobalPlatform Specifications.

The multi-issuer capability of the ANDiS CMS allows any number of agencies to be added to the system and issue FIPS 201 compliant identification cards. Small and medium federal agencies greatly benefit from the system by getting reasonable prices for a small quantity of cards without having to invest in their own smart card issuance infrastructure.

FIPS 201 compliant GlobalPlatform identification cards have successfully been issued to several agencies since the end of 2006.

GlobalPlatform member solution providers include Bell ID and Gemalto.



Hong Kong National ID Card
In 2002, the Government of the Hong Kong Special Administrative Region (HKSAR) awarded a contract for the implementation of a Smart ID Card System to a consortium that was led by Hong Kong Systems Integrator PCCW Solutions and of which ACI Worldwide was a member. ACI was selected by PCCW Solutions to provide its GlobalPlatform compliant Smart Chip Manager system for card and application life-cycle management of the HKSAR Smart ID Card, including post issuance functionality.

ACI's Smart Chip Manager allows issuers to track smart cards from the point at which they are personalized in the production environment, through normal use, to the downloading of new versions of applications, up to the point at which they expire and must be replaced.

ACI implemented GlobalPlatform system technology to provide the Hong Kong National ID card program and other clients with a modular approach to smart card management. The following features describe this modular approach:

  • Managing different application life cycles on smart cards;
  • Managing post-issuance activities including post issuance of new applications to multi-application card schemes;
  • Managing on-card application parameters in the field;
  • Personalizing smart cards.

Since February 2007, the HKSAR Government has also used the system for the issuance and management of ICAO compliant electronic passports.

GlobalPlatform member solution providers include ACI Worldwide.



Macau Special Administrative Region (SAR) Project
In 2003, the Macau Government's Identification Department (DSI) commissioned the distribution of multi-application, smart-card based identity cards to all of Macau's 460,000 citizens, resident within the Chinese Special Administrative Region (SAR), with a target completion date of 2007.

In January 2003, distribution of the 460,000 GlobalPlatform multi-functional cards began. The cards had built-in security features to prevent forgery, such as the use of fingerprint matching for automated identity verification. They also allowed the uploading of other applications to realize Macau's e-government goals among others.

The ultimate vision for the smart card was for it to serve as an all-in-one card combining, ID card, driving license, student card, medical card, social security card and possibly e-purse functionality for secure electronic transactions.

GlobalPlatform member solution providers include Bell ID and Giesecke & Devrient.



Moroccan National ID Project
In an effort to curb illegal immigration, the Moroccan national security service began implementing a national ID program beginning in early 2007. The program utilized a GlobalPlatform Smart Card Management System (SCMS) solution provided by Thales e-Security. The Thales SCMS solution will drive card production for four years, during which time 20 million cards will be issued and managed.

The Moroccan cards will include both personal and biometric data and meet established security requirements for travel documents and control of border migration flows.

Thales' SCMS solution delivered to the Moroccan government will include equipment and software for ID document production, and will connect with the Automated Fingerprint Identification System (AFIS) which acquires cardholders' digital fingerprints and compares them with a fingerprint database.

GlobalPlatform member solution providers include Thales e-Security.



Qatari National ID Card
In early 2007, the Qatari Ministry of Interior began implementing a national ID card for Qatar citizens and foreign residents to address concerns of national security, border control and identity theft. The Qatari government chose Bell ID's ANDiS Card Management Software, which is based on GlobalPlatform systems technology, to manage the cards throughout their lifecycle. The SCMS includes a post-issuance personalization system and an application to manage the secret keys that encrypt the data stored on the card's chip.

Gemalto will provide multi-application smart cards and readers which will combine and support a built-in biometrics feature, and contact and contactless technologies.

The fingerprint match-on-cards will be given to every Qatari citizen above the age of 16 and will include personal data as well as the cardholder's fingerprint. The cards will provide access to e-government services and allow the user to perform transactions securely using a Gemalto smart card reader connected to a home computer.

The Qatari Government plans to collect facial images and iris patterns for later use in the program. It is expected that 700,000 Qatari national ID cards will be issued by 2010.

GlobalPlatform member solutions providers include Bell ID and Gemalto.



Saudi Arabia's King Fahd University
In 2005, Saudia Arabia's King Fahd University implemented Bell ID's ANDiS Card and Application Management System (CMS/AMS) and Key Management System (KMS) solutions to manage over 15,000 smart ID cards distributed to students and staff at the university. This was the first smart card management system of its kind deployed in the Middle East region. Bell ID's CMS/AMS solution is based on the GlobalPlatform Smart Card Management System (SCMS) Functional Requirements and the ANDiS KMS solution is based on the GlobalPlatform Key Management Systems Functional Requirements Specification.

The smart ID cards serve as identification cards by providing a digital fingerprint for identity verification, which can be used for library applications and for use of the university's medical center. They also feature a contactless chip that includes e-purse functionality for electronic payments in cafeterias and restaurants throughout the campus. The embedded chip's open electronic purse acts as prepaid stored value and also allows for the download of digital certificates, securing transactions conducted on the web.

In addition to the management of multi-applications, the use of GlobalPlatform systems technology in Bell ID's solution supports future applications like logical access control and electronic voting for students. With the incorporation of Post-Issuance Personalization (PiP) functionality, and the use of biometrics to access certain parts of the university building, the university can manage the complete life-cycle of all cards by adding, changing and deleting applications after the cards have been issued.

GlobalPlatform member solution providers include Bell ID.



Sultanate of Oman National ID Card
In October 2002, the Sultanate of Oman and the Royal Omani police launched a project to deploy a GlobalPlatform smart card based national ID program to the 2.7 million citizens of Oman. This GlobalPlatform implementation was the first smart card based citizen ID solution ever to be deployed in the Middle East.

The objectives of the GlobalPlatform identity solution developed for the Royal Omani Police (ROP) were to modernize the National Registry System, simplify and speed up administrative processes, provide better qualitative public services to Omani citizens and residents, promote the usage of IT technology, and provide better homeland security.

The contract to develop and launch the project was awarded to Gemplus (now part of Gemalto) who selected GlobalPlatform's secure card and systems technology to address the objectives and provide the best overall solution for the citizens of Oman.

The national ID card supports three applications, including an identity application, a driver's license application and a border control application. There are plans to extend the scope of the program with a PKI application to secure e-Government applications. The ID cards also include biometric recognition, allowing for verification by portable terminals and by automatic electronic validation, for example at airport immigration checkpoints.

The first issuance of the Sultanate of Oman's national ID cards took place in January 2004. A nationwide rollout took place over the summer of 2004 and a complete rollout for the entire population is planned by 2009.

GlobalPlatform member solution providers include Datacard Group, Gemalto and Sagem ORGA.



Transportation Worker Identification Credential (TWIC): Phase III
Security is one of the most important drivers for the United States Department of Transportation Security Administration (TSA). The challenge for the TSA is to increase homeland security through the issuance and usage of highly secure, FIPS-201 compliant, ID smart cards in a nationwide interoperable ID infrastructure.

In November 2005, phase III of the Transportation Worker Identification Credential (TWIC) was deployed to a few hundred transport workers at four sites around the United States. TWIC identifies and authenticates TSA workers granting physical and logical access to secure facilities at seaports, airports, rail, pipeline, trucking and mass transit facilities. The credential contains a digital photograph, worker name, TWIC expiration date, fingerprint templates of two fingers, a personal identification number, and a Federal Agency Smart Credential number.

TWIC cards utilize the highly secure GlobalPlatform Card Specification v2.0. The implementation employs Bell ID's ANDiS solution as the central Card Management System (CMS) which is based on GlobalPlatform Systems Specifications. The ANDiS solution is highly flexible, scalable and reliable when working with several million cards and allowed the TSA to migrate from one application standard to another (GSCIS to PIV) while saving time and money.

GlobalPlatform member solution providers include Bell ID.



US Department of Defense Common Access Card
In 1999, the US Department of Defense (DoD) began work on a program to issue a smart, common-access identification card to 4.5 million active duty, Selected Reserve, DoD civilian and eligible contractor personnel with a target completion date of April 2004.

The Common Access Card (CAC), is a smart card standard established by the Government Services Administration (GSA), a key purchasing arm of the US government, in conjunction with various military departments. The CAC card utilizes GlobalPlatform technology to simplify the process of multiple government agencies deploying an interoperable smart card. The ultimate goal is to be able to use a CAC anywhere that the cards are accepted, regardless of which government agency issued it.

The CAC is the principal card used to enable physical access to buildings and controlled spaces and is used to gain access to the DoD's computer network and systems. As of February 2008, approximately 15 million CAC cards had been issued at over 2000 issuance stations worldwide.

GlobalPlatform member solution providers include ActivIdentity, Gemalto, Infineon Technologies and Oberthur Card Systems.


If your organization has deployed a program, product or solution which utilizes GlobalPlatform Specifications, and would like to submit a case study for publication on this website, please submit the details outlined in the case study content template below to GlobalPlatform's PR agency, iseepr.


 
 		 
 
   
     

  web programming by Media Bits