Stephanie El Rhomri
GlobalPlatform has hailed its 20th year as a strategic milestone in its mission to create collaborative and open ecosystems in which stakeholders can efficiently deliver innovative digital services, while providing greater security, privacy, simplicity and convenience for users. Kevin Gillick, Executive Director of GlobalPlatform, comments: “Twenty years ago, we set out to create an environment for experts to develop the foundations for innovative digital services and devices. Billions of GlobalPlatform-compliant Secure Elements and Trusted Execution Environments are deployed around the world, protecting devices, data and services for identity, payments, telecoms, and transportation and we are now extending this experience with a comprehensive approach to IoT device security. It is fitting that our anniversary year should be pivotal for the organisation and wider industry.” Addressing the needs of the IoT ecosystem The organisation also appointed a Strategic Director to accelerate the association’s work on IoT security Building on GlobalPlatform’s previous work to secure the internet of things (IoT), the organisation launched IoTopia in October 2019. It proposes a common framework for standardising the design, certification, deployment and management of IoT devices. IoTopia device security will be testable and meet vertical and geographical market requirements by building upon four foundational pillars: Security by Design; Device Intent; Autonomous, Scalable, Secure Device Onboarding (SDO); and Device Lifecycle Management. The organisation also appointed a Strategic Director to accelerate the association’s work on IoT security. Chris Steck, Head of Standardisation, IoT & Industries at Cisco, is providing strategic guidance to the Board of Directors on GlobalPlatform’s IoT initiatives, the security requirements of cloud and edge devices and the use of GlobalPlatform technologies to bring trust to the IoT ecosystem. Security Evaluation Standard for IoT Platforms The GlobalPlatform Board has also been monitoring the rapid growth of the secure microcontroller unit (MCU) market. With IoT device manufacturers looking for ever greater security and a range of secure component choices, GlobalPlatform has taken the decision to begin standardisation work to support the integration of greater security within IoT MCUs. GlobalPlatform will also support the IoT device security certification ecosystem with the adoption of the Security Evaluation Standard for IoT Platforms (SESIP) methodology. The objective is to build consistency across IoT certification schemes (regional or vertical) to facilitate product evaluation and certificate recognition. The organisation will share further updates on these activities later this year. 2020 Board of Directors GlobalPlatform has announced its Board of Directors for fiscal year 2020. Five seats were open and after member voting, the following candidates have each been re-elected to serve a two-year term on the GlobalPlatform Board: Rob Coombs – Arm Stéphanie El Rhomri – FIME Rémi de Fouchier – Gemalto, a Thales company Sebastian Hans – Oracle Olivier Van Nieuwenhuyze – STMicroelectronics Secure, scalable and interoperable way Nils Gerhardt of G+D Mobile Security will continue as Chairman of the Board. Rob Coombs retains his position as Vice Chairman and Stéphanie El Rhomri will continue in her role as Treasurer and Secretary. “Through the expertise and collaboration of our members, board and strategic director, our work will enable the IoT ecosystem to evolve with trust and security at its core and assure that users can manage risk in-line with their needs” adds Kevin. “Our successes wouldn’t be possible without the commitment, vision and expertise of our membership. For 20 years we have solved technical and business challenges to ensure technologies deliver value in a secure, scalable and interoperable way.”
FIME has been accredited to test biometric components in line with FIDO Alliance’s Biometric Component Certification Program. The accreditation enables device manufacturers and solution providers to ensure the quality and performance of biometric authentication solutions including fingerprint, facial, voice, and iris recognition. "In an age dominated by cumbersome passwords, biometric authentication delivers stronger security while improving UX. And in a post-PSD2 world, it’s a compelling option for the payments world to meet new Strong Customer Authentication (SCA) requirements,” comments Stephanie El Rhomri, Vice President of Services at FIME. Usability of biometric authentication FIME offers a broad portfolio of biometrics services including consultancy, customised test strategy development, and expertise on use of biometric ISO standards. “Expanding our existing biometric offering is an important strategic move for us. FIDO Alliance is leading biometric authentication standardisation efforts and we’re proud to be sharing our support and expertise that we are developing with insights from two research projects to help advance its success.” continues El Rhomri. “The Biometric Component Certification Program is the first of its kind in the industry, enhancing the security, interoperability and usability of biometric authentication methods," Dr. Rae Hayward, Certification Director, FIDO Alliance said. “Support from testing experts such as FIME is invaluable to the continued success and adoption of our standards and, in turn, moving us closer to our goal of removing reliance on server-side passwords to authenticate users.”
GlobalPlatform, the standard for secure digital services and devices, announces its Board of Directors for fiscal year 2019. Six Board seats were open and after a close election, the following individuals were re-elected to serve a further two-year term: Consecutive years Nils Gerhardt – Group VP and Head of Product and Project Management, Production IT and Professional Services for the Region Americas, Giesecke + Devrient Mobile Security. Marc Kekicheff – Vice President of Chip Innovation, Visa Inc. Eikazu Niwano – NTT Research Professor, Secure Platform Laboratories, NTT Corporation. Jeremy O’Donoghue – Principal Engineer / Manager, Qualcomm Inc. Christophe Colas – SVP Products, Trustonic. Mark Lipford – Director Global Standards & Ecosystem Development, Sprint. Nils Gerhardt has also been elected Chairman of the Board after serving as Vice Chairman for three consecutive years. Rob Coombs, Director of IoT Device IP at Arm, will serve as Vice Chairman and Stephanie El Rhomri, Vice President of Services at FIME, who joined the GlobalPlatform Board of Directors in 2015, will continue in her role as Secretary and Treasurer. Prevent attacks Quality, security and privacy need to be of the highest priority for all involved in the development, deployment and management of digital services and devices" Nils comments: “Quality, security and privacy need to be of the highest priority for all involved in the development, deployment and management of digital services and devices, especially in fast growing markets like IoT, connected cars, digital identities and industry 4.0. Standardised, foundational security is fundamental to prevent attacks on networks, devices, data and intellectual property (IP).” “But security should not restrict innovation and time to market, which is why we work at GlobalPlatform to create specifications, such as the Device Trust Architecture (DTA) framework, that support the development of open, collaborative and fast-moving ecosystems. I look forward to working with my fellow Board colleagues, all GlobalPlatform members as well as our industry and media partners to promote greater security, privacy, simplicity and convenience for the evolving markets and their consumers.” Security requirements Kevin Gillick, GlobalPlatform Executive Director, adds: “GlobalPlatform’s legacy of successful technical specification development has been made possible by strong leadership and cross-industry collaboration. As the industry evolves, the Board works to ensure that the technology specifications remain interoperable and ahead of the curve.” In 2019, GlobalPlatform will continue to work towards meeting the security requirements of the digital service and device ecosystem" “As discussed at our annual seminar, ‘Security in Our Connected World’, everyone is looking for the holy grail - a secure system that will do everything, is easy-to-use and, ideally, free. Although the industry has not reached that point yet, there is certainly commitment to getting there. In 2019, GlobalPlatform will continue to work towards meeting the security requirements of the digital service and device ecosystem, with a focus on the DTA framework.” Offering secure services DTA is a security framework which shows how GlobalPlatform’s standardised secure component technology can be used to build a Chain of Trust to protect devices and digital services. It does this by offering secure services, implemented within a secure component, which can be used at each level of a Chain of Trust: from the boot mechanism, to the device operating system and up to the application layer. It enables seamless interaction between stakeholders when deploying secure digital services, regardless of market or device type.
FIME has been accredited by Mastercard to deliver biometric authentication testing services for fingerprint in line with its new guidelines for mobile device sensors. The testing evaluation program enables mobile, wearable and sensor manufacturers to test the performance and accuracy of mobile fingerprint sensors. This enables financial service providers to easily evaluate the hardware and software integrated into devices and have confidence in the quality of the products that are integrating with their payment solutions. Detering financial fraud Goode Intelligence’s second Biometrics for Payments report found that biometrics has become an important tool in the fight against fraud Goode Intelligence’s second Biometrics for Payments report found that biometrics has become an important tool in the fight against fraud in almost all of the channels that payment is supporting. The report predicts that there will be over 2.6 billion biometric payment users by 2023, driven by desire for more frictionless authentication, fraud reduction, regulation, and standardisation. Mastercard’s program provides dedicated hardware performance testing to scrutinise the quality of solutions’ matching engines. Vendors and service providers can make use of FIME’s consulting, training and testing services to launch reliable mobile payment solutions. Enhanced security in payment solutions “Biometrics have taken the payments world by storm in recent years, delivering consumers greater convenience and security,” comments Stephanie El Rhomri, Vice President of Services at FIME. “But in a post-PSD2 and GDPR world, players across mobile and payments are increasingly understanding the importance of performance and quality to ensure customer adoption of new secure authentication solutions. We’re proud to be championing this evaluation program, the first of its kind to be fully ISO-compliant, as we continue to support the ever-expanding role of biometrics in payments.”