The discussion around assurance level "high" is rightfully confusing for many following the revision of the eIDAS Regulation. What is meant by assurance level "high"? Does it mean resistance to skilled attackers, so a high level of cybersecurity for a given product? Does it mean...
Eurosmart, the Voice of the Digital Security Industry, started working on digital identity topics in 1999 – long before the eIDAS Regulation was even enacted. The association has developed strong expertise in the field, including standardisation aspects. In this new document, Eurosmart would like to focus...
Sometimes, the security industry must make a critical balancing act between market realities and security. Chip-based documents are a prime example of this fact. Identity cards, passports and other documents usually have a long lifetime, typically ten years. That’s the reality of the identity document...
The EU eIDAS expert group working on eIDAS 2.0 published on February 22nd, the European Digital Identity Architecture and Reference Framework (the “ARF”). Eurosmart's members have collectively reviewed this document and provided the EU eIDAS expert group with an exhaustive list of comments (the commenting table is...
The German Federal Office for Information Security (BSI) completed the certification of Eurosmart’s PP-0117 Protection Profile for Secure Sub-System in System-on-Chip (3S in SoC). The PP-0117 version 1.5 has been evaluated at an approved evaluation facility using the Common Methodology for IT Security Evaluation (CEM) for...
Eurosmart Feedback on BSI draft TR-03166 Eurosmart welcomes this opportunity to provide feedback on the BSI draft TR-03166 "Technical Guideline for Biometric Authentication Components in Devices for Authentication". This document is very timely: the European Commission published two months ago its proposal for a revision of...
The European Commission recently proposed a framework for a European Digital Identity. The proposed legislation amends the eIDAS Regulation and introduces the concept of European Digital Identity Wallet. The European Commission did not choose a particular technology at this stage. However, Member States will soon...
Public Consultation Eurosmart Technical group, ITSC, has developed a Protection Profile for Secure Sub-System in System-on-Chip (3S in SOC) Modern System-on-Chip (SoC) products integrate more and more advanced functions, including security. Security Sub-System is also being integrated into the SoC (integrated Secure Element / eUICC). The target is...
Context The number of vulnerable devices on the market has resulted in an increased need for trust. Many new security standards, evaluations and certifications are flourishing, all with different levels of assurance. In this highly competitive market and fast-evolving security threats landscape, it is critical to...
ETSI TC ESI is currently drafting a technical specification on “Security and policy requirements for trust service components providing identity proofing for trust services subjects” (TS 119 461 V005). In this context, Eurosmart decided to draft recommendations for this document. Eurosmart gives the following recommendations: Clarify the...
