Media and Resource Center

    Media & Resource Center 

> Press Releases
> Industry Events
> FAQs
> White Papers & Guides
> Audio / Video
> Newsletters
> Industry Interviews
> Executive Profiles

White Papers

Practical Business Considerations
Realizing FIDO Authentication Solutions with GlobalPlatform Technologies - January 2018

Practical Considerations: Technical Overview
Realizing FIDO Authentication Solutions with GlobalPlatform Technologies - January 2018
These white papers explain the value of FIDO authentication standards implemented based on GlobalPlatform technologies (including SE and TEE and the management of those) in different use cases. It highlights how FIDO U2F and UAF can be implemented securely by using GlobalPlatform technologies and demonstrates the involvement in certain FIDO authenticators (USB/BLE token, ID-card, eSE, eUICC, secure μSD, UICC, TEE). The business white paper primarily is intended to educate product managers and business analysts about the value of GlobalPlatform technologies in the context of FIDO authentication. The technical white paper informs system integrators and engineers how FIDO authentication can be implemented based on GlobalPlatform technologies.

Ensure Interworking Between Multiple Contactless Card Emulation Environments - March 2017
ETSI, GlobalPlatform and the NFC Forum aligned to standardize on-device NFC service management. This collaboration ensures predictable behavior of an NFC service regardless of where it is hosted and other services being delivered. The standardized approach clarifies how the ecosystem details the expected behavior of multiple NFC services hosted in the same device and simplifies the end user experience. This benefits service providers offering NFC services in devices such as smartphones and covers services such as payment, transport, loyalty or access control. The approach will also be of interest to device manufacturers developing devices that support NFC services.

GlobalPlatform Root of Trust Definitions and Requirements - October 2016
The aim of this document is to provide definitions and requirements for the GlobalPlatform Root of Trust. It is intended for use by GlobalPlatform Task Forces and Committees specifying the Root of Trust mechanism.

eBook: Why Service Providers should choose a GlobalPlatform Certified Trusted Execution Environment? – October 2016
Service providers today need to deploy value added services across multiple ecosystems such as mobile, the smart home and connected cars, and on a variety of devices. At the same time, they have to protect assets such as code, data and credentials and ensure that their users can authenticate themselves to the service with the right device and interact safely with back office systems. Why should service providers rely on a GlobalPlatform certified Trusted Execution Environment (TEE) and what value does this bring to their business and services?

End-to-End Simplified Service Management Framework: Streamlining Payment Service Management Using GlobalPlatform Technologies - January 2016
The End-to-End Simplified Framework is a new type of implementation guide published by GlobalPlatform. The framework does not contain new technology, and it does not focus on a single specifications group (such as Card, Device, or Systems). Instead, it enables Service Providers to deploy services faster by starting with a basic template of relevant GlobalPlatform Specifications, drawn from the holistic GlobalPlatform technical infrastructure. The framework aims to ensure Service Providers find the most cost- effective solutions that are quick and easy to deploy while ensuring that both functionality and security are retained. Following the End-to-End Simplified Framework ensures both functionality and security.

Mobi le ID: Realization of Mobile Identity Solutions by GlobalPlatform Technologies - November 2015
This white paper primarily discusses how credentials can be managed and implemented in an SE or in a TEE using GlobalPlatform Specifications. The paper examines the management of these credentials by remote credential management systems which use the GlobalPlatform Messaging Specifications for Trusted Service Management. Futhermore, it outlines how standard Mobile ID applications and protocols like FIDO, GSMA Mobile Connect, VPN, TLS, PIV, and eIDAS can be implemented on a TEE/TUI or SE, in order to securely store credentials, protect applications, or secure the user interface. Finally, this paper discusses Mobile ID architecture and implementation scenarios for combinations of the Rich Execution Environment (REE), the SE, or the TEE as platforms for the Mobile ID applications.

Improving Premium Content Protection with the Trusted Execution Environment - September 2015
This document is intended for content holders, rights holders, and premium content providers, as well as manufacturers of media consumption devices. The rapid evolution of Premium Content distribution within the media market has raised new security concerns. This white paper illustrates the benefits of utilizing GlobalPlatform’s Trusted Execution Environment (TEE) to improve Premium Content protection to be both secure and platform-agnostic. Premium Content providers can leverage the TEE for accelerated time to market, reduced content risk, and lower deployment costs.

The Trusted Execution Environment: Delivering Enhanced Security at a Lower Cost to the Mobile Market - June 2015
This document is intended as a high-level introduction to the Trusted Execution Environment, and this paper is a wholesale revision of a 2011 whitepaper published on the same topic. While it contains several use cases in an effort to introduce the TEE to stakeholders across the industry, it is not intended to be a technical document. GlobalPlatform envisions publishing two complementary documents in 2015 aimed at addressing technical topics–a Technical Whitepaper to introduce the architecture and components/building blocks of a TEE, and a Device Assurance Whitepaper to discuss the TEE Compliance and Certification programs.

New Japanese Translation: Leveraging GlobalPlatform to Improve Security and Privacy in the Internet-of-Things - May 2014
This document is intended for professionals interested in the way that industries such as health care, automotive, and energy are increasingly making use of embedded technologies that allow for new forms of secure communication and data transmission. The intended reader includes product managers, business development personnel, or system integrators who have an interest in understanding the potential use cases–and related security concerns–that result from these connected devices.

Leveraging GlobalPlatform to Improve Security and Privacy in the Internet- of-Things - May 2014
This document is intended for professionals interested in the way that industries such as health care, automotive, and energy are increasingly making use of embedded technologies that allow for new forms of secure communication and data transmission. The intended reader includes product managers, business development personnel, or system integrators who have an interest in understanding the potential use cases–and related security concerns–that result from these connected devices.

GlobalPlatform's Secure Solution for Deploying Value-Added Mobile Services - February 2014
This document highlights GlobalPlatform's three key specifications (Secure Element, Trusted Execution Environment and System Messaging) which benefit the mobile services market by enabling end-to-end interoperability and security. Application of these specifications ensures the portability of services across platforms, the scalability of security across applications and devices, and end-to-end security and interoperability while leveraging proven methods and technologies.

GlobalPlatform On-Chip Services: Seamlessly Performing Payment Transactions within the Existing Transportation Ticketing Infrastructure - January 2014
This document explores how to work within existing transportation networks and ticketing processes to seamlessly deploy applications that require interaction between the public transportation and payment industries. For any solution to gain mass market traction, it must work within the existing infrastructure and allow ticketing transactions to be initiated either through the transportation network or the payment application.

A New Model: The Consumer-Centric Model and How it Applies to the Mobile Ecosystem - March 2012
This white paper details GlobalPlatform's vision to create an ecosystem that enables consumers to have ultimate control over which secure applications they want to use on their device. It addresses the current technological trend for a 'consumer centric model' and highlights remaining work envisioned to achieve the standardization and security required to make this concept a reality.

GlobalPlatform uses the white paper to outline its roadmap to support this model and how a verifiable level of security can be delivered for both low and highly-sensitive applications. Key to GlobalPlatform's envisaged work is the need to define an open and scalable infrastructure that encourages the proliferation of supplier agnostic standards- based technology.

The GlobalPlatform Value Proposition for Remote Post-Issuance Secure Access Modules (SAM) Management – November 2011
As the number of onboard applications present on smart chips has increased, so have the authentication responsibilities of the Secure Access Module (SAM), as well as the complexities of the processes involved. This has meant that implementing changes to the SAM have, to date, only been applied pre-issuance.

This white paper details how post-issuance 'over-the-air' management of the SAM can be achieved in a standardized and interoperable manner. This will eliminate the need to issue new chips with each SAM update, and enables the keys and certificates for each onboard application to be updated without interfering with those of other parties.

GlobalPlatform's Value Proposition for the Public Transportation Industry: Seamless, Secure Travel Throughout Multiple Transportation Networks – November 2009
This white paper explains how GlobalPlatform technology can add value to the subscription and management of e-ticketing solutions. The document is of interest to public transport operators, transportation authorities, fare management system integrators, equipment providers and consultants advising on the implementation of e- ticketing programs. The paper outlines how GlobalPlatform Specifications enable three applications to sit securely in a mobile phone – payment, transit and GSM. This allows the mobile device itself to become a transport ticket, permitting users to miss queues by 'tapping' their phone at terminals to gain access to transportation networks. This concept could support uninterrupted travel between cities or entire countries, as users can download travel tickets appropriate to the city they are in. It can also allow the management of additional customer services such as timetable access or bike rental.

The GlobalPlatform Proposition for NFC Mobile: Secure Element Management & Messaging – April 2009
This white paper gives an overview of the technical foundation created by GlobalPlatform for the management of multi-application, multi-actor and multi-business model NFC implementations and details how GlobalPlatform Specifications are able to support all roles in the NFC ecosystem. It outlines the roles and responsibilities of each player in the maintenance of an end-to-end security chain, for managing over-the-air applications. The document also presents GlobalPlatform's plans to develop future specifications for this market, and illustrates how GlobalPlatform adds value to different NFC business relationship models.

Interested parties who wish to read this white paper are advised to reference and Interested parties who wish to read this white paper are advised to reference and download the GlobalPlatform UICC Configuration. This is the implementation guide for deploying GlobalPlatform Card Specification v2.2 within the mobile services sector and managing the secure delivery over-the-air of new applications.

The GlobalPlatform Value Proposition for Biometric Match-on-Card Verification – March 2009
This white paper explains how existing GlobalPlatform Specifications can add value to biometric match-on-card verification solutions from research and development cost- savings and improved time to market, to compliance with industry security requirements. Of interest to government officials, project managers and consultants advising on the implementation of biometric match-on-card programs, as well as technical smart card audiences, the paper details how current GlobalPlatform technology enables the deployment of a secure, interoperable and flexible biometric match-on- card solution.

The GlobalPlatform Value Proposition for Identity Management - November 2007
This white paper, incorporating a use-case scenario, explains the value GlobalPlatform Specifications bring to smart card based government ID programs worldwide. It outlines the advantages of deploying GlobalPlatform's open and interoperable card management infrastructure, and provides an overview of how and where GlobalPlatform technology is applied across an ID management program and to what effect.

GlobalPlatform's GPD/STIP Solution for Mobile Security - August 2007
This white paper outlines the relevance and importance of GlobalPlatform's device technology - the GPD/STIP Specifications and the Device Application Security Management (DASM) Specifications - to the global mobile telecoms sector and the secure deployment of handset applications.