Unlike other conventional smart cards, our next-generation COS allows the cardholder to decide which applications go into his smart card, similar to how mobile devices and digital wallets work. The cardholder shall own the card, literally, in every aspect. In partnership with application providers, an opt-in business model provides savvy cardholders with the means to install essential card applications for convenience, back-up, replacement and other purposes that we would not have thought of, or introduce new ones for added services.
To achieve this, we believe our next-generation COS needs to be an open system, yet secured. It will apply the relevant standards, such as GlobalPlatform for administrative and application management; JavaCard virtual machine to execute third-party applications; native applications which comply with specifications by EMVCo, ICAO, ISO/IEC, FIPS, etc. with smaller memory footprint and faster performance; and ISO/IEC 7816 contact interface, ISO/IEC 14443 contactless interface and ISO/IEC 18092 near-field communication to serve as many use-cases as possible.
Cardholders will be assured of the product’s security by virtue of certification by independent authorities, like the Common Criteria, EMVCo, PCI-DSS, FIPS 186 and others of the future.