Recyclable and compostable bio-sourced SIM card was launched by SFR on trial basis. This was announced by world’s leading digital security provider, Gemalto. With more than 20 million mobile subscribers, SFR is one of the leading mobile operators in France.

The launch of this bio-sourced SIM card demonstrates the operator’s commitment to introduce innovative products in the market. It is also the company’s policy to reduce the impact on the environment due to its activities. Bio-plastics material that is derived from plants such as corn, potato starch or sugarcane is utilized for the manufacture of these SIM card body. It is easily compostable and recyclable and no toxic fumes are emitted during its incineration.

Eco-friendly products in Gemalto’s expanded portfolio are utilized by customers such as telecom, banking and governments throughout the world. Gemalto’s eco-friendly product portfolio demonstrates the company’s commitment to reduce its impact on the environment. The bio-sourced SIM card is part of this portfolio.

Philippe Vallée, Executive Vice President, Telecommunication Business Unit, Gemalto, said that both SFR and Gemalto have a common goal to introduce new innovative eco-friendly products in the market. Bio-sourced cards will be distributed by SFR in spring 2010.

For something invisible, sentiment behind Near Field Communication (NFC) was very visible at the Mobile World Congress this year, with everyone from phone manufacturers to software start-ups pushing for the arrival of the mobile wallet.

NFC is a short-range, high-frequency, wireless communications technology that enables the exchange of data between devices over some 10 centimetres (four inches) apart. The technology could enable the growth in the market for contactless credit cards and other forms of identification and transaction.

The technology is already in use in two towns in Ireland – Dundalk and Tuam – as well as across 32 Insomnia Cafes around Ireland, not to mention various Londis, Munchies and Eddie Rockets outlets via former Alphyra CEO John Nagle’s firm, Zapa Technology.

According to the global head of mobile products at consumer electronics giant Samsung, Chris Evans, NFC will represent a step change in data communications – not to mention commerce – as we know it.

NFC was in plenty of evidence at the GSM Association’s Mobile World Congress in Barcelona. Everything from proving identity cards to buying coffee utilised NFC.

First-ever SIM-based NFC payments pilot
GSMA, Samsung Electronics Co. Ltd., Telefonica, and Visa, together with Giesecke & Devrient, Ingenico, ITN International and La Caixa, announced the arrival of contactless mobile payments at Mobile World Congress in Barcelona this year. The companies unveiled the result of months of collaboration and have brought the first-ever SIM-based NFC payments pilot to Mobile World Congress.

The participating companies provided more than 400 NFC handsets to guests for use at the congress. The Samsung Star NFC handsets contain Telefonica SIM cards from O2 pre-loaded with €60 airtime credit, as well as a La Caixa Visa Mobile Payment Application. Participants used their NFC phones to pay for food and drink up to a value of €75 at more than 30 merchant locations around the congress.

Evans showed me how NFC content could be accessed instantly by a handset by placing the phone directly over my identity badge. The device was able to grab various data sets, including name and email address.

“We are investing a huge level of R&D in NFC,” Evans said. “This year, NFC will gain momentum and over the next five years we see it becoming more widespread than even contactless payment cards because of the ubiquitous nature of mobile devices.

“The key is getting the general ecosystem working together. It requires the banks, credit card issuers like Visa, and of course various handset manufacturers and technology providers working together.

“In five years’ time we see people carrying NFC on their mobile devices rather than credit cards.”

“We are hoping that this year there will be an all-in effort to see the commercial launch of NFC.”

NFC in Ireland
NFC is already operating commercially in Ireland and is enabling towns like Dundalk and Tuam to help local merchants retain trade in the town by providing NFC-based loyalty cards that at present punters can simply stick onto the back of their mobile handsets.

“Some 80pc of regular loyalty customers at Insomnia coffee shops now have our Zapatag on their handsets,” explained Donal McGuinness of Zapa Technology who added the company has made NFC available as an app on the iPhone and the BlackBerry smart phone.

“In a couple of years we envisage all tickets for things like concerts and football matches being sent over the air by NFC to allow people entry to events. We see contactless credit and debit cards being stored on mobile devices and people using their train and plane tickets this way.”

McGuinness’ colleague John Wall said he saw the use of NFC tags as a transition until the technology becomes more prevalent in smart phones. Zapa’s technology currently features as apps on all smart-phone devices, bar the Android at present.

“The next five years will be all about building out the ecosystem, getting the banks on side and ensuring that this secure, accurate form of payment gets widely adopted. We feel by helping Irish towns retain trade we’re off to a good start,” Wall said.

Researchers at the University of Cambridge in the UK released a report claiming to have identified vulnerabilities with the EMV payment scheme. Industry organizations are meanwhile defending the technology, saying the hack would be difficult to pull off in the real world.

The attack uses a fake chip card connected with wires to custom electronics, a computer with specially designed software, and a stolen EMV chip & PIN card. The fake card and equipment sit between the stolen card and the point-of-sale terminal; the attack fools the terminal into thinking that the correct PIN had been presented and makes the stolen card believe that no PIN was required.



The Smart Card Alliance has reviewed the hack along with other industry organizations and concluded that widespread implementation of this attack is unlikely and that there is no evidence that the attack described has happened in the real world.


These conclusions are supported by the following points:

The attack requires the use of a stolen EMV card that has not yet been reported as stolen; this limits the scalability of this type of fraud since it must be done with one card at a time and in a potentially short window of time.
The combination fake card and stolen chip & PIN card cannot be used in an ATM for a cash withdrawal, as ATMs rely on an online PIN verification.
The fraud requires using a fake chip card with wires coming out of it, running up the sleeve of the fraudster and connecting to a hidden circuit board, computer and stolen EMV card, making detection likely at an attended merchant point-of-sale.
The attack is technically difficult, requiring highly sophisticated software and customized hardware that could only be created by individuals with extensive knowledge of EMV protocols.
Countermeasures are already available, either in EMV, within payment system products and networks, or within issuer host systems.
Electronic audits of data from suspected transactions would protect cardholders and merchants from responsibility for fraudulent charges made to their card with this type of attack, if reported properly.
Additionally, such an attack would not compromise the smart card as the PIN would still remain secure inside the card.

The Norwegian telecoms firm and the SIM and smart card specialist are using an NFC-enabled key fob in combination with a new wireless-enabled SIM to deliver NFC functionality to 100% of today’s mobile phones.

CONNECTION: The companies have come up with an NFC keyfob that connects to a phone’s SIM via Wifi integrated into both devices
Norwegian telecoms operator Telenor and SIM and smart card supplier Sagem Orga have announced the development of a new method of delivering NFC functionality to existing mobile phones.

The new solution uses an NFC-enabled key fob in combination with a wireless-enabled SIM card and, say the two companies, it will work with 100% of today’s mobile phones.

Sagem Orga, Telenor and STMicroelectronics are demonstrating the new solution in live payments/ticketing demos at the Mobile World Congress in Barcelona this week.

“Use cases for NFC are numerous, but until today there has been a gap: The infrastructure is there, but no NFC-enabled phones,” says Sagem Orga. “The industry has been looking for ways of bridging this gap. Previous bridge solutions have drawbacks such as missing network connections or user interactivity, and none of the existing solutions leverages the SIM card in the mobile phone with all its capabilities. The new solution by Sagem Orga and partners overcomes these disadvantages. Mobile network operators will be able to fully manage and control NFC applications thanks to the SIM card.”

For the demo solution, a key fob has been equipped with a Sagem Orga NFC-enabled SIM card connected by Single Wire Protocol to a ST21NFCA chip from ST Microelectronics to enable the contactless functionality.

The NFC key fob connects to the SIM in the mobile phone via a new SIM technology called WLAN SIM that uses WiFi to form the bridge between the NFC device and the SIM card in a mobile phone.

“Any NFC application, such as mobile payment or Calypso for transportation, can be installed on the SIM card of the mobile phone and/or the NFC key fob using any traditional or over-the-air mechanism,” says Sagem Orga. “It can be executed in both devices or only in one of them, depending on the required performance, resources and connectivity.”

For example, a terminal for contactless banking can trigger the mobile payment application stored in the key fob to start a transaction. Next the key fob starts a remote SIM Toolkit execution on the SIM inserted in the mobile phone to enable interaction with the user, such as asking for a password, displaying a message or logging information to the network.

With the same key fob solution, the user can also start a SIM Toolkit application on the mobile phone to order new transportation e-tickets. In this scenario, the Calypso vending server would then use the normal OTA infrastructure to send the tickets securely to the SIM and on to the key fob.

“The WLAN communication channel between the SIM in the handset and the secure element in the key fob is highly secured and can be protected by a PKI mechanism if needed,” Sagem Orga explains.

“We believe that this innovative wireless bridge between NFC and the SIM card can give operators greater flexibility in the launch of NFC services,” explains Yogesh Malik, senior vice president at Telenor Group business development and research. “We hope to see this technology refined further through tests and trials so that it can become a user-friendly commercial product for services in ticketing, payment and access control.”

“The NFC key fob in combination with the WLAN SIM brings more convenience and security to contactless technology,” adds Didier Sérodon, chief technology officer at Sagem Orga. “We are demonstrating the advantages of a constant connection between the SIM in the mobile phone and the secure element in the accessory via a wireless link with examples from the transportation and the mobile payment area, but this can also pave the way for all classic NFC use cases such as access control, loyalty, etc. All of them can be managed by the NFC key fob.”

WLAN SIM, developed by Sagem Orga and Telenor, is the world’s first WiFi-enabled SIM and is designed to combine WiFi functionality on a mobile phone with the security of a SIM card.

“The SIM card has always been recognized as the secure element inside a mobile phone,” says Sagem Orga. “However, to date, mobile network operators have not been able to leverage its security features to bring trusted services in the field for fixed-mobile convergence and, in particular, to initiate communications with other proximity devices. Only phone to phone communication is possible, but in many ways such as infrared, Bluetooth, etc, the SIM card is not involved at all. User authentication on a PC is already possible via SIM card, but it would be more convenient to have one general and standardized way instead of different ones for each mobile phone model and provider.

“To overcome all these barriers and inconveniences, Sagem Orga is launching the first WLAN SIM. Equipped with a Telenor Wi-Fi module, it will be able to communicate independently with all other devices in the mobile ecosystem to enable strong security services managed by the mobile network operator. The WLAN SIM card can be used in any kind of mobile phone to enable fixed-mobile convergence, proximity transactions, trusted peer-to-peer operations between two SIM cards, strong authentication services, Web security and a large and varied set of use cases.”

“This innovative technology has the capability of opening up new business opportunities for operators and can also provide the possibility of deploying a range of new proximity services with a high degree of security and reliability,” Malik explains. “Through the cooperation with Sagem Orga we are now exploring different use cases that involve other operators. The purpose of this is to verify the potential of the technology and get valuable market feedback.”

“The SIM needs to open itself to the world,” concludes Jean-Christophe Tisseuil, head of marketing and business development for the telecommunications product line at Sagem Orga. “It’s the only way forward when talking about user authentication.”

Gemalto, the world leader in digital security, today announced a new solution enabling commuters to use their mobile phones as e- tickets in MIFARE DESFire* infrastructures. Gemalto achieved the world’s first implementation of a transport application compliant with the DESFire specifications in a SIM or UICC card, and will be presenting this innovation on its booth (8A102).

This innovation will enable commuters to use their NFC (”Near Field Communications”) mobile phone as an e-ticket, as simply as any other contactless travelcard. A high level of security is ensured, as the tickets are stored in the SIM card and the application meets the stringent security requirements of the DESFire specifications.

NFC technology in transport dramatically enriches the commuter experience by adding the mobile phone’s keypad and screen to the travelcard and by connecting it to the online world. NFC-based services are part of Gemalto’s Trusted Services Management (TSM) dedicated offering of solutions and services. It enables transport operators to offer travelers the ability to purchase and recharge their transport tickets, with the convenience of the mobile phone.

“Mobile phones have become an essential part of our daily life and mobile e-ticketing perfectly illustrates the trend by simplifying access to public transport,” commented Rémi De Fouchier, Senior Vice President, Trusted Services Management at Gemalto. “With this new solution, Gemalto broadens the use of mobile phones as travel passes in cities equipped with a DESFire infrastructure, enabling more and more commuters across the world to enjoy an enriched service.” Note to editors DESFire is an automatic fare collection technology which provides 3DES (Triple Data Encryption Standard) and AES (Advanced Encryption Standard) cryptographic algorithms. To date, it has been deployed in 40 cities across the world.

Gemalto (Euronext NL0000400653 GTO), the world leader in digital security, today announced that Bulgaria has started deploying its smart cards to secure access to personal health records for the country’s military personnel and their family.
Gemalto has vast experience in providing solutions for eHealth, and has proved itself as a strong and reliable partner in Slovenia, Germany, France, Finland, the UK, Gabon, Algeria, Mexico, etc.
In Bulgaria, Gemalto delivered double-slot readers and smart cards with the associated middleware to KIM-2000, a local company specialized in eHealth projects. KIM-2000 acts as prime contractor for the electronic health record system commissioned by the Military Medical Academy*. This innovative system optimizes medical treatments, simplifies and modernizes procedures and increases security for accessing health information.
The Gemalto card is compliant with the Identification Authentication Signature (IAS) European standard to ensure the highest level of security for accessing personal electronic health records. The patient and the healthcare professional simultaneously insert their own card into the double-entry Gemalto reader and type in their PIN code to enable viewing or modifying of the medical file, which is stored on a highly secure IT infrastructure. The patient can also view their personal data online, using the Gemalto reader and card to authenticate themselves.
The personal electronic health record is a complete electronic archive of the patient’s medical history. It stores all existing medical documentation, including laboratory tests and results, X-ray pictures, all visual tests, electronic prescriptions, etc. It also contains the patient’s blood group, allergies and genetic predisposition to diseases, health check ups, surgical interventions and all useful medical information. The personal electronic health record enables healthcare professionals to immediately access a patient’s medical data and therefore, make more accurate decisions, especially in emergency situations, for which there is a special section in the electronic health record, containing the most important relevant information.
“For securing our system, we needed a smart card that meets the stringent requirements of international and European standards,” commented Kalcho Hinov, Chairman of the Board, KIM-2000. “Gemalto’s European Standard-compliant IAS solution ensures trust and confidence and enables smoother, more efficient interaction between patients and healthcare professionals.”
“The implementation of an electronic health record system is a highly innovative project and Gemalto is proud to contribute to this venture alongside KIM-2000,” added Ari Bouzbib, Senior Vice President Identity and Government Programs at Gemalto. “Through this initiative, Gemalto’s digital security technology proves to be a key enabler to next-generation eHealth programs. These are intended to deliver optimized treatment for each patient with utmost security, while protecting the privacy of personal data.”

The NFC Forum (http://www.nfc-forum.org), a non-profit industry association that advances the use of Near Field Communication (NFC) technology, today announced it has formed liaisons with three industry-leading organizations key to the NFC global ecosystem: EMVCo, the GSM Association and the Smart Card Alliance. These liaisons broaden and strengthen the NFC Forum’s collaborative ties with key associations and standards bodies across the NFC ecosystem. As a first step in the liaisons, the Forum has signed a Memorandum of Understanding (MOU) with each organization that outlines how they will collaborate to further the development of the NFC market and NFC-based solutions.

“The ongoing global deployment and adoption of NFC technology requires our close cooperation and interaction with all the key players in the NFC ecosystem”
EMVCo

EMVCo’s primary role is to manage, maintain and enhance the EMV™ Integrated Circuit Card Specifications to ensure interoperability and acceptance of payment system integrated circuit cards on a worldwide basis.

With this new liaison, EMVCo will share relevant technical information with the NFC Forum that will enable the certification of properly-provisioned NFC devices for use in the following scenarios:

to make POS payments (in Card Emulation mode) wherever such payments can be made with EMVCo contactless card products;
to act as POS devices (in Reader/Writer mode) within the EMVCo contactless payment infrastructure.
GSM Association (GSMA)

The GSMA represents the interests of the worldwide mobile communications industry. The new partnership will facilitate the NFC Forum and GSMA working together by:

exchanging information relating to each other’s programs through written comments;
commenting on technical specifications, certification and testing requirements;
sharing documents of interest and relevance to members of both organizations;
collaborating on joint marketing activities, such as seminar sessions, white papers and presentations; and
attending each other’s meetings as appropriate.
Smart Card Alliance

The Smart Card Alliance is a not-for-profit, multi-industry association working to stimulate the understanding, adoption, use and widespread application of smart card technology.

The Smart Card Alliance is teaming up with the NFC Forum on several joint marketing initiatives, including educational programs for vertical markets such as retail and transport. Other programs under discussion include presentations at each other’s events and meetings, a joint event targeting the retail market in the U.S., and the provision for regular information sharing between the NFC Forum Marketing Committee and Smart Card Alliance Contactless and Mobile Payments Council.

“The ongoing global deployment and adoption of NFC technology requires our close cooperation and interaction with all the key players in the NFC ecosystem,” said Koichi Tagawa, chairman of the NFC Forum. “As the leading voices representing payment card companies, mobile operators, and the smart card industry, respectively, EMVCo, GSMA and Smart Card Alliance are valued partners in our efforts to bring the ease and power of NFC technology to mobile users around the globe.”

In addition to EMVCo, GSMA and SmartCard Alliance, the NFC Forum has established liaisons with the European Telecommunications Standards Institute (ETSI) and the Mobey Forum, a global financial industry forum whose mission is to facilitate the offering by banks of mobile financial services.

About EMVCo

EMVCo LLC was formed in February 1999 by Europay, MasterCard and Visa to manage, maintain and enhance the EMV™ Integrated Circuit Card Specifications for Payment Systems. With the acquisition of Europay by MasterCard in 2002, JCB joining the organisation in 2004 and American Express becoming its fourth member in 2009, EMVCo is currently operated by American Express, JCB, MasterCard and Visa.

EMVCo’s primary role is to manage, maintain and enhance the EMV Integrated Circuit Card Specifications to ensure interoperability and acceptance of payment system integrated circuit cards on a worldwide basis. EMVCo also maintains type approval processes for terminal compliance testing and Common Core Definitions (CCD) and Common Payment Application (CPA) card compliance testing. These testing processes ensure that a single terminal and card approval process is developed at a level that will allow cross payment system interoperability through compliance with the EMV specifications. Additional information can be found at http://www.emvco.com.

About the GSMA

The GSMA represents the interests of the worldwide mobile communications industry. Spanning 219 countries, the GSMA unites nearly 800 of the world’s mobile operators, as well as more than 200 companies in the broader mobile ecosystem, including handset makers, software companies, equipment providers, Internet companies, and media and entertainment organisations. The GSMA is focused on innovating, incubating and creating new opportunities for its membership, all with the end goal of driving the growth of the mobile communications industry. For more information, please visit: http://www.gsmworld.com/.

About the Smart Card Alliance

The Smart Card Alliance is a not-for-profit, multi-industry association working to stimulate the understanding, adoption, use and widespread application of smart card technology.

Through specific projects such as education programs, market research, advocacy, industry relations and open forums, the Alliance keeps its members connected to industry leaders and innovative thought. The Alliance is the single industry voice for smart cards, leading industry discussion on the impact and value of smart cards in the U.S. and Latin America. For more information please visit http://www.smartcardalliance.org.

About Near Field Communication Technology

Near Field Communication (NFC) is a standards-based, short-range wireless connectivity technology that enables simple and safe two-way interactions between electronic devices. NFC technology allows consumers to perform contactless transactions, access digital content and connect devices with the simplicity of a single touch.

Near Field Communication (NFC) technology provides global interoperability of contactless identification and interconnection technologies. NFC operates in the 13.56 MHz frequency range, over a typical distance of a few centimeters. The underlying layers of NFC technology are based on ISO, ECMA, and ETSI standards. NFC technology is supported by the world’s leading communication device manufacturers, semiconductor producers, network operators, IT and services companies, and financial services organizations. NFC is compatible with hundreds of millions of contactless cards and readers already deployed worldwide.

About the NFC Forum

The NFC Forum, http://www.nfc-forum.org, was launched as a non-profit industry association in 2004 by leading mobile communications, semiconductor and consumer electronics companies. The Forum’s mission is to advance the use of Near Field Communication technology by developing specifications, ensuring interoperability among devices and services and educating the market about NFC technology. The Forum’s 140 global member companies currently are developing specifications for a modular NFC device architecture, and protocols for interoperable data exchange and device-independent service delivery, device discovery and device capability.

The NFC Forum’s Sponsor members, which hold seats on the Board of Directors, include leading players in key industries around the world. The Sponsor members are: Innovision Research & Technology plc, INSIDE Contactless, MasterCard Worldwide, Microsoft Corp., NEC, Nokia, NTT DOCOMO, Inc., NXP Semiconductors, Renesas Technology, Samsung, Sony Corporation, STMicroelectronics and Visa Inc.

The Smart Card Alliance Health care Council will focus on educating the industry on the need for a solid, secure identity management infrastructure, its newly elected officers said.

“This has been an important year for the health care industry, with the federal government ready to invest over $19 billion in health care information technology as a result of the ARRA HITECH Act, and interest growing around the use of electronic medical records,” said Randy Vanderhoof, executive director of the Smart Card Alliance. “The Health care Council has made a lot of progress this year, raising awareness of the need for a strong identity management infrastructure that is a necessary foundation for using electronic medical records, and introducing smart cards as a secure technology for health care applications.”

The officers and steering committee that will lead the Council for the upcoming year are:

Chair: Paul Contino, Mount Sinai Medical Center·
Vice chair: Michael Magrath, CSCIP, Gemalto
Secretary: Dale Grogan, CSCIP, LifeMed / SMART Association
Ola Martins, Oberthur Technologies
Matthew Neuman, Giesecke & Devrient
This past year, the Health care Council partnered with the Secure ID Coalition on the health care IT briefing in Washington, DC, “Protecting Your Health Information: Raising Public Awareness of the Privacy and Security Challenges of Health care Information Management.”

The council continued educational efforts by collaborating with the Smart Card Alliance Identity Council on two papers addressing health care identity management, “Health care Identity Management: The Foundation for a Secure and Trusted National Health Information Network,” and “Effective Health care Identity Management: A Necessary First Step for Improving U.S. Health care Information Systems,” and hosting the webinar, “Identity Management in Health care.”

The Smart Card Alliance Health care Council is currently developing a position paper on data breaches and identity theft.

A new smartcard ticketing system should be in operation on Adelaide’s buses, trains and trams by 2013, Transport Minister Patrick Conlon says.
The Minister today announced that US Fortune 500 company Affiliated Computer Services (ACS) had won the $30 million contract to supply the ATLAS ticketing system.

“Our current ticketing system has been in place for nearly 24 years – it has served us well but it is time to replace it as we continue our massive public transport revitalisation,” he said.

Passengers will be able to touch the smartcard against a validator, which will automatically deduct the fare. Cards can be topped up at stations, vending machines and shops, and on trains, trams and the internet.