Obiettivo
The aim of the proposed Embedded FINREAD Project is to extend the functional and security architecture of FINREAD to mobile phones; set-top boxes, PDAs and other related mass-market devices. It is based on the FINREAD Project which specified a secure card reader connected to a PC.
Objectives:
Based on the expertise gained in the FINREAD activities launched in the framework of the European Commission's ISIS Programme and which is related to a secure ICC reader connected to a PC, the FINREAD Consortium has considered the extension of the FINREAD architecture to a larger variety of acceptance devices, with the principle that each device would accept a payment card with the same level of security and the same user- friendliness. The Embedded FINREAD concept has evolved as the natural continuation of the FINREAD initiative: a payment carried out on a Embedded FINREAD would offer to the cardholder the same convenience of payment and the same level of security, whatever the card.
Work description:
The embedded FINREAD intends to:
- continue the on-going standardisation activities started with FINREAD by issuing an industry standard for technical specifications related to a universal secure IC card reader embedded in a variety devices. The specifications would meet the requirements of the European banking industry, whilst being sufficiently open to accommodate requirements of a non- financial nature (e.g. access control, cardholder authentication.);
- ensure the same level of security to the cardholder and retailer independently of the type of the acceptance device;
- present the same user interface to the cardholder independently of the device;
- provide a multi-platform interoperability, which means that the same software application (e.g. applet) should be developed and downloaded in the card reader, independently of the target device (e.g. same applet downloaded in a PC reader, a mobile phone, a set-top box). A Virtual Machine is used for this purpose; - work in a close liaison with manufacturers and operators of the above devices to ensure that the standard is compliant with each device architecture adopted by the industry and are manufactured according to these specifications. This will allow manufacturers to achieve economies of scale to drive the unit price for such devices down;
- liaise with official standardisation bodies (ETSI, CEN, ISO, ANSI), bank industry and ad hoc standardisation bodies (e.g. ECBS) and global ad hoc industry initiatives (e.g. WAP, MET, MOBEY, EMV, SET, OTS) to adopt the proposed industry standard as an international standard;
- facilitate the development of software through the provision of a common development kernel.
Milestones:
Detailed Workplan - M0+1 ; Business Requirements - M0+3 : Identification of the scope and business constraints; Functional Architecture and Technical Requirements - M0+7,5 : Definition of the Common platform ; Functional and Security Specifications - M0+13 ; Protection Profile - M0+13 : Implementation- independent security requirements; Technical Specifications - M0+17 : APIs, Virtual Machine ; Demonstrator - M0+20 ; Exploitation Plan - M0+20; Management of the Project - M0+20.
Campo scientifico
- natural sciencescomputer and information sciencescomputer securityaccess control
- engineering and technologyelectrical engineering, electronic engineering, information engineeringinformation engineeringtelecommunicationsmobile phones
- natural sciencescomputer and information sciencessoftwaresoftware applications
Argomento(i)
Invito a presentare proposte
Data not availableMeccanismo di finanziamento
CSC - Cost-sharing contractsCoordinatore
75008 PARIS
Francia