Application Interface for smart cards used as Secure Signature Creation Devices - Part 1: Basic services

This European Standard specifies mechanisms for smart cards to be used as secure signature creation devices covering:
-   signature creation;
-   user verification;
-   password based authentication;
-   device authentication;
-   establishment of a secure channel.
The specified mechanisms are suitable for other purposes like services in the context of IAS.

Anwendungsschnittstelle für Chip-Karten, die zur Erzeugung qualifizierter elektronischer Signaturen verwendet werden - Teil 1: Allgemeine Dienste

Interface applicative des cartes à puces utilisées comme dispositifs de création de signature numérique sécurisés - Partie 1 : Services de base

La présente Norme européenne spécifie les mécanismes pour l'utilisation de cartes à puce comme dispositifs de création de signature sécurisée, qui recouvrent :
-   la création de la signature ;
-   la vérification de l’utilisateur ;
-   l’authentification par mot de passe ;
-   l'authentification du dispositif ;
-   la mise en place d'un canal sécurisé.
Les mécanismes spécifiés conviennent à d'autres objectifs, tels que les services dans le cadre des IAS.

Uporabniški vmesnik za pametne kartice, ki se uporabljajo kot naprave za izdelovanje varnega podpisa - 1. del: Osnovne storitve

Vzdrževanje standarda EN14890-1 v povezavi z naslednjim
– skladnost
– tehnične/uredniške napake
– trenutno stanje tehničnega razvoja (npr. novi razpršilni algoritmi ter algoritmi in sklici)
– npr. natančnejša določitev okolij, npr. zaupanja vredno okolje/okolje, ki ni vredno zaupanja,
ter pojasnitev potrebnih funkcij za zadevna okolja, npr. brezkontaktno
Nov algoritem, npr. AES za varno sporočanje
Novi uradno in šifrirno dokazani protokoli za preverjanje pristnosti na podlagi gesla, npr. fizične, električne in transportne značilnosti protokola PACE, ne spadajo na področje uporabe tega standarda.

General Information

Status: Withdrawn
Publication Date: 09-Dec-2014
Withdrawal Date: 20-Jan-2026

ICS: 35.240.15 - Identification cards. Chip cards. Biometrics

Technical Committee: CEN/TC 224 - Machine-readable cards, related device interfaces and operations
Drafting Committee: CEN/TC 224/WG 16 - Application Interface for smart cards used as Secure Signature Creation Devices

Current Stage: 9960 - Withdrawal effective - Withdrawal
Start Date: 20-Sep-2017
Completion Date: 21-Jan-2026

Mandate: M/460 - Standardisation Mandate to the European Standardisation Organizations CEN, CENELEC and ETSI in the field of Information and Communication Technologies applied to Electronic Signatures

Ref Project: SIST EN 419212-1:2015 - Application Interface for smart cards used as Secure Signature Creation Devices - Part 1: Basic services

Relations

Replaces: EN 14890-1:2008 - Application Interface for smart cards used as Secure Signature Creation Devices - Part 1: Basic services
Effective Date: 24-Oct-2011

Replaced By: EN 419212-4:2018 - Application Interface for Secure Elements for Electronic Identification, Authentication and Trusted Services - Part 4: Privacy specific Protocols
Effective Date: 08-Jun-2022

Replaced By: EN 419212-3:2017 - Application Interface for Secure Elements for Electronic Identification, Authentication and Trusted Services - Part 3: Device authentication protocols
Effective Date: 08-Jun-2022

Replaced By: EN 419212-1:2017 - Application Interface for Secure Elements for Electronic Identification, Authentication and Trusted Services - Part 1: Introduction and common definitions
Effective Date: 08-Jun-2022

Replaced By: EN 419212-5:2018 - Application Interface for Secure Elements for Electronic Identification, Authentication and Trusted Services - Part 5: Trusted eService
Effective Date: 08-Jun-2022

Replaced By: EN 419212-2:2017 - Application Interface for Secure Elements for Electronic Identification, Authentication and Trusted Services - Part 2: Signature and Seal Services
Effective Date: 08-Jun-2022

Refers: EN 1316-1:2012 - Hardwood round timber - Qualitative classification - Part 1: Oak and beech
Effective Date: 28-Jan-2026

Refers: CEN/TR 16674:2014 - Information technology - Analysis of privacy impact assessment methodologies relevant to RFID
Effective Date: 28-Jan-2026

Refers: EN 14516:2006/FprA1 - Baths for domestic purposes
Effective Date: 28-Jan-2026

Refers: EN 13480-3:2002/A5:2012 - Metallic industrial piping - Part 3: Design and calculation
Effective Date: 28-Jan-2026

Refers: EN 15649-6:2009/FprA1 - Floating leisure articles for use on and in the water - Part 6: Additional specific safety requirements and test methods for Class D devices
Effective Date: 28-Jan-2026

Refers: EN 15502-2-2:2014 - Gas-fired central heating boilers - Part 2-2: Specific standard for type B1 appliances
Effective Date: 28-Jan-2026

Refers: EN 12613:2009 - Plastics warning devices for underground cables and pipelines with visual characteristics
Effective Date: 28-Jan-2026

Refers: EN 14534:2003+A1:2007 - Postal services - Quality of service - Measurement of the transit time of end-to-end services for bulk mail
Effective Date: 28-Jan-2026

Refers: EN 419212-2:2014 - Application Interface for smart cards used as Secure Signature Creation Devices - Part 2: Additional services
Effective Date: 28-Jan-2026

EN 419212-1:2015 - BARVE - Page 3 preview

EN 419212-1:2015 - BARVE - Page 1 preview

EN 419212-1:2015 - BARVE - Page 2 preview

Standard

EN 419212-1:2015 - BARVE

English language

250 pages

Preview

e-Library read for

AI-Chat

1 day

Create e-Library subscription and get permanent access to the document. Subscriptions are available for: 35 35.240 35.240.15

Get Certified

Connect with accredited certification bodies for this standard

BSI Group

BSI (British Standards Institution) is the business standards company that helps organizations make excellence a habit.

UKAS United Kingdom Verified

Visit Website

Frequently Asked Questions

What is EN 419212-1:2014?

EN 419212-1:2014 is a standard published by the European Committee for Standardization (CEN). Its full title is "Application Interface for smart cards used as Secure Signature Creation Devices - Part 1: Basic services". This standard covers: This European Standard specifies mechanisms for smart cards to be used as secure signature creation devices covering: - signature creation; - user verification; - password based authentication; - device authentication; - establishment of a secure channel. The specified mechanisms are suitable for other purposes like services in the context of IAS.

What is the scope of EN 419212-1:2014?

This European Standard specifies mechanisms for smart cards to be used as secure signature creation devices covering: - signature creation; - user verification; - password based authentication; - device authentication; - establishment of a secure channel. The specified mechanisms are suitable for other purposes like services in the context of IAS.

What ICS categories does EN 419212-1:2014 belong to?

EN 419212-1:2014 is classified under the following ICS (International Classification for Standards) categories: 35.240.15 - Identification cards. Chip cards. Biometrics. The ICS classification helps identify the subject area and facilitates finding related standards.

What standards are related to EN 419212-1:2014?

EN 419212-1:2014 has the following relationships with other standards: It is inter standard links to EN 14890-1:2008, EN 419212-4:2018, EN 419212-3:2017, EN 419212-1:2017, EN 419212-5:2018, EN 419212-2:2017, EN 1316-1:2012, CEN/TR 16674:2014, EN 14516:2006/FprA1, EN 13480-3:2002/A5:2012, EN 15649-6:2009/FprA1, EN 15502-2-2:2014, EN 12613:2009, EN 14534:2003+A1:2007, EN 419212-2:2014. Understanding these relationships helps ensure you are using the most current and applicable version of the standard.

Is EN 419212-1:2014 a harmonized European standard?

EN 419212-1:2014 is associated with the following European legislation: Standardization Mandates: M/460. When a standard is cited in the Official Journal of the European Union, products manufactured in conformity with it benefit from a presumption of conformity with the essential requirements of the corresponding EU directive or regulation.

How can I access EN 419212-1:2014?

EN 419212-1:2014 is available in PDF format for immediate download after purchase. The document can be added to your cart and obtained through the secure checkout process. Digital delivery ensures instant access to the complete standard document.

Standards Content (Sample)

EN 419212-1:2015 - BARVE

2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.Uporabniški vmesnik za pametne kartice, ki se uporabljajo kot naprave za izdelovanje varnega podpisa - 1. del: Osnovne storitveAnwendungsschnittstelle für Chip-Karten, die zur Erzeugung qualifizierter elektronischer Signaturen verwendet werden - Teil 1: Allgemeine DiensteInterface applicative des cartes à puces utilisées comme dispositifs de création de signature numérique sécurisés - Partie 1: Services de baseApplication Interface for smart cards used as Secure Signature Creation Devices - Part 1: Basic services35.240.15Identifikacijske kartice in sorodne napraveIdentification cards and related devicesICS:Ta slovenski standard je istoveten z:EN 419212-1:2014SIST EN 419212-1:2015en,fr,de01-april-2015SIST EN 419212-1:2015SLOVENSKI
STANDARD
EUROPEAN STANDARD NORME EUROPÉENNE EUROPÄISCHE NORM
EN 419212-1
December 2014 ICS 35.240.15 Supersedes EN 14890-1:2008English Version
Application Interface for smart cards used as Secure Signature Creation Devices - Part 1: Basic services
Interface applicative des cartes à puces utilisées comme dispositifs de création de signature numérique sécurisés - Partie 1 : Services de base
Anwendungsschnittstelle für Chip-Karten, die zur Erzeugung qualifizierter elektronischer Signaturen verwendet werden - Teil 1: Allgemeine Dienste This European Standard was approved by CEN on 27 September 2014.
CEN members are bound to comply with the CEN/CENELEC Internal Regulations which stipulate the conditions for giving this European Standard the status of a national standard without any alteration. Up-to-date lists and bibliographical references concerning such national standards may be obtained on application to the CEN-CENELEC Management Centre or to any CEN member.
This European Standard exists in three official versions (English, French, German). A version in any other language made by translation under the responsibility of a CEN member into its own language and notified to the CEN-CENELEC Management Centre has the same status as the official versions.
CEN members are the national standards bodies of Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and United Kingdom.
EUROPEAN COMMITTEE FOR STANDARDIZATION
COMITÉ EUROPÉEN DE NORMALISATION EUROPÄISCHES KOMITEE FÜR NORMUNG
CEN-CENELEC Management Centre:
Avenue Marnix 17,
B-1000 Brussels © 2014 CEN All rights of exploitation in any form and by any means reserved worldwide for CEN national Members. Ref. No. EN 419212-1:2014 ESIST EN 419212-1:2015

(CHA-DO) . 187 15.7.5 Role identifier specifications. 189 15.7.6 CHAT-Certificate Holder Authorization Template (CHAT) . 192 15.7.7 OID — Object identifier . 192 15.7.8 CEDT — Certificate Effective Date Template . 192 15.7.9 CXDT — Certificate Expiration date Template . 192 15.8 Certificate signature . 193 15.8.1 Non self-descriptive certificates . 193 15.8.2 Self-descriptive certificates . 194 15.9 Coding of the certificate content . 194 15.9.1 Non self-descriptive certificates . 194 15.9.2 Self-descriptive certificates . 195 15.9.3 Self-descriptive certificates for elliptic curve cryptography. 195 15.10 Steps of CVC verification. 199 15.10.1 First round: CVC verification from a Root PuK . 200 15.10.2 Subsequent round(s) . 201 15.11 Commands to handle the CVC . 201 15.12 C_CV.IFD.AUT (non self-descriptive) . 201 15.13 C_CV.CA.CS-AUT (non self-descriptive) . 203 15.14 C.ICC.AUT. 204 15.15 Self-descriptive CV Certificate (Example) . 204 15.15.1 Public Key . 205 15.15.2 Certificate Holder Authorization Template . 205 15.15.3 Certificate Extension . 205 15.15.4 ECDSA Signature . 206 16 Files . 207 SIST EN 419212-1:2015

Algorithm Identifiers — Coding and specification . 226 Annex B (informative)
Device authentication Protocol Properties . 234 Annex C (informative)
Personalization scenarios . 236 Annex D (informative)
OID values . 238 D.1 OIDs for certificate signatures . 238 D.2 OIDs for key transport protocol . 239 D.3 OIDs for device authentication with privacy . 239 D.4 OIDs for password based mechanisms . 240 D.5 OIDs for mEAC protocol . 241 D.5.1 OIDs for Chip Device Authentication . 241 D.5.2 OIDs for Terminal Device Authentication . 241 D.6 OIDs for privacy protocols . 242 D.6.1 OIDs for Restricted Identification . 242 D.6.2 OIDs for Restricted Identification . 243 D.7 OIDs for mEAC based eServices . 243 D.7.1 OIDs for Terminal Device Authentication in mEAC-based eServices . 243 D.8 OIDs for the PCA mechanism . 244 Annex E (informative)
Build scheme for object identifiers defined by EN 14890 . 245 Bibliography . 247
to device authentication protocols (e.g. AES, ELC); – added AES to secure messaging; – introduced password based mechanisms (PACEv2); – updating references to their latest releases; SIST EN 419212-1:2015
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

Loading comments...