GlobalPlatform released an HTTP remote application management framework. This new technology represents GlobalPlatform’s first advancement towards Internet connectivity as it offers an application provider with the ability to issue commands using the HTTP Internet communication protocol.
This latest amendment (Amendment B) to GlobalPlatform Card Specification v2.2 aims to align GlobalPlatform smart card technology with Web services. It achieves this by defining a mechanism for an application provider to perform remote management of its applets – such as loading, installing, and personalization – using the HTTP communication and SSL cryptographic protocols.
The document describes:
- How to open an over-the-air connection with a remote server, and send commands to a security domain.
- How responses to these commands can be returned to a remote server.
- How application providers can implement this mechanism over a third-party network, as the specification is fully compatible with the Card Specification v2.2 Amendment A: Confidential Card Content Management.
A key benefit of the technology is its ability to significantly reduce the costs of updating cards over-the-air. For example, for issuers that regularly connect and provide software updates to their deployed cards, it becomes resource-intensive to continually try to connect to cards that are offline at the time an update is issued.
Using Amendment B the card checks if an update is waiting on the server and then instinctively connects to the issuer’s system to receive the required commands. This advancement is therefore of particular interest to mobile network operators and governments implementing national ID card programs due to the scale of these deployments and the cost savings that can be achieved using a standard IP infrastructure.