ISO/IEC 24727-2:2008/Amd 1:2014
(Amendment)Identification cards — Integrated circuit card programming interfaces — Part 2: Generic card interface — Amendment 1
Identification cards — Integrated circuit card programming interfaces — Part 2: Generic card interface — Amendment 1
Cartes d'identification — Interfaces programmables de cartes à puce — Partie 2: Interface de carte générique — Amendement 1
General Information
- Status
- Published
- Publication Date
- 23-Mar-2014
- Technical Committee
- ISO/IEC JTC 1/SC 17 - Cards and security devices for personal identification
- Current Stage
- 6060 - International Standard published
- Start Date
- 24-Mar-2014
- Completion Date
- 27-Jan-2015
Relations
- Effective Date
- 09-Feb-2026
- Effective Date
- 04-Dec-2021
Overview
ISO/IEC 24727-2:2008/Amd 1:2014 is an international standard amendment that enhances part 2 of the ISO/IEC 24727 series, which addresses integrated circuit card programming interfaces. This specific part focuses on the Generic Card Interface, providing a standardized framework for communication between integrated circuit cards (smart cards) and external applications. Amendment 1 modernizes and expands the original 2008 edition by introducing new definitions, an improved discovery mechanism for legacy cards, and enhanced interoperability features.
This amendment facilitates seamless integration and access to card services, ensuring compatibility with legacy cards and supporting evolving e-services infrastructures. The document is critical for developers, card issuers, service providers, and organizations implementing secure, interoperable smart card solutions based on ISO/IEC standards.
Key Topics
Generic Card Interface
The amendment reinforces the role of the generic interface as the abstraction layer enabling client applications to interact uniformly with different types of integrated circuit cards. This reduces the complexity and variation in card-specific implementations.Legacy Card Support
Defines a legacy card as an integrated circuit card not personalized for ISO/IEC 24727 compliance. The amendment introduces a discovery mechanism allowing legacy cards to be recognized and integrated into the ISO/IEC 24727 ecosystem without costly post-issuance personalization.Card Discovery Module
A major enhancement is the CardDiscovery Module, utilizing ASN.1 definitions to describe card characteristics such as ATR (Answer to Reset), ATS (Answer to Select), EF.ATR or INFO files, EF.DIR directory files, and APDU command-response sequences.- This module enables terminals to verify card types via bitmask operations for efficient identification.
- Supports retrieval of card registry information via URLs for comprehensive card capability descriptions.
Bitmask Verification
A logical mechanism whereby terminals apply binary operations (e.g., XOR, AND, OR) on card data fields and compare results to expected values. This method ensures precise matching between a card and its registry entry before interaction.Security and Integrity
Includes provisions for verifying the integrity of CardDiscovery data through digital signatures, guarding against tampering and misrecognition, particularly in untrusted environments.New Terminology and Interface Updates
Introduces procedural element as a software concept for manipulating interface commands, enhancing flexibility in processing layers. Updates table entries for specific protocol commands like the ENVELOPE command ‘C3’.
Applications
ISO/IEC 24727-2:2008/Amd 1:2014 is essential for:
Smart Card Manufacturers and Issuers
To ensure new and legacy cards can participate in interoperable systems using a common programming interface and discovery process.Service Providers and Terminals
To implement discovery and recognition mechanisms enabling legacy card support without the need for expensive card reissuance or personalization changes.E-Government and Identity Management
Facilitating access to e-services that rely on secure card authentication while maintaining compatibility with a broad range of card types.Payment Systems and Secure Access Control
Enabling heterogeneous card environments to communicate with terminals via standardized commands and discovery protocols, supporting smooth transaction processing.Middleware and Software Developers
Creating client applications and middleware that leverage the generic card interface for multi-vendor and legacy card interoperability.
Related Standards
Implementers and stakeholders should also consider the following complementary standards:
ISO/IEC 24727-1
Architecture and general concepts for integrated circuit card programming interfaces.ISO/IEC 7816 Series
Widely referenced for physical and logical characteristics of integrated circuit cards, including ATR (ISO/IEC 7816-3) and application identifiers (ISO/IEC 7816-15).ISO/IEC 14443
Contactless integrated circuit cards – used for ATS definitions referenced in this amendment.ISO/IEC 24727-3 and beyond
Other parts of the ISO/IEC 24727 series that define specific interface layers, protocols, and application frameworks.Relevant Security Standards
For ensuring integrity, signature verification, and trusted exchange of card registry data.
Keywords: ISO/IEC 24727-2 amendment, integrated circuit card programming interface, generic card interface, legacy card discovery, smart card standards, ASN.1 card discovery, bitmask verification, card registry, smart card interoperability, ISO smart card standards, card personalization, e-services security, secure identification cards.
Get Certified
Connect with accredited certification bodies for this standard
BSI Group
BSI (British Standards Institution) is the business standards company that helps organizations make excellence a habit.
NYCE
Mexican standards and certification body.
Sponsored listings
Frequently Asked Questions
ISO/IEC 24727-2:2008/Amd 1:2014 is a standard published by the International Organization for Standardization (ISO). Its full title is "Identification cards — Integrated circuit card programming interfaces — Part 2: Generic card interface — Amendment 1". This standard covers: Identification cards — Integrated circuit card programming interfaces — Part 2: Generic card interface — Amendment 1
Identification cards — Integrated circuit card programming interfaces — Part 2: Generic card interface — Amendment 1
ISO/IEC 24727-2:2008/Amd 1:2014 is classified under the following ICS (International Classification for Standards) categories: 35.240.15 - Identification cards. Chip cards. Biometrics. The ICS classification helps identify the subject area and facilitates finding related standards.
ISO/IEC 24727-2:2008/Amd 1:2014 has the following relationships with other standards: It is inter standard links to CEN/TS 15480-3:2014, ISO/IEC 24727-2:2008. Understanding these relationships helps ensure you are using the most current and applicable version of the standard.
ISO/IEC 24727-2:2008/Amd 1:2014 is available in PDF format for immediate download after purchase. The document can be added to your cart and obtained through the secure checkout process. Digital delivery ensures instant access to the complete standard document.
Standards Content (Sample)
INTERNATIONAL ISO/IEC
STANDARD 24727-2
First edition
2008-10-01
AMENDMENT 1
2014-04-01
Identification cards — Integrated
circuit card programming
interfaces —
Part 2:
Generic card interface
AMENDMENT 1
Cartes d’identification — Interfaces programmables de cartes à
puce —
Partie 2: Interface de carte générique
AMENDEMENT 1
Reference number
ISO/IEC 24727-2:2008/Amd.1:2014(E)
©
ISO/IEC 2014
ISO/IEC 24727-2:2008/Amd.1:2014(E)
© ISO/IEC 2014
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form
or by any means, electronic or mechanical, including photocopying, or posting on the internet or an intranet, without prior
written permission. Permission can be requested from either ISO at the address below or ISO’s member body in the country of
the requester.
ISO copyright office
Case postale 56 • CH-1211 Geneva 20
Tel. + 41 22 749 01 11
Fax + 41 22 749 09 47
E-mail copyright@iso.org
Web www.iso.org
Published in Switzerland
ii © ISO/IEC 2014 – All rights reserved
ISO/IEC 24727-2:2008/Amd.1:2014(E)
Foreword
ISO (the International Organization for Standardization) and IEC (the International Electrotechnical
Commission) form the specialized system for worldwide standardization. National bodies that are
members of ISO or IEC participate in the development of International Standards through technical
committees established by the respective organization to deal with particular fields of technical
activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other international
organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the
work. In the field of information technology, ISO and IEC have established a joint technical committee,
ISO/IEC JTC 1.
International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2.
The main task of the joint technical committee is to prepare International Standards. Draft International
Standards adopted by the joint technical committee are circulated to national bodies for voting.
Publication as an International Standard requires approval by at least 75 % of the national bodies
casting a vote.
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. ISO and IEC shall not be held responsible for identifying any or all such patent rights.
Amendment 1 to ISO/IEC 24727-2 was prepared by Joint Technical Committee ISO/IEC JTC 1, Information
technology, Subcommittee SC 17, Cards and personal identification.
© ISO/IEC 2014 – All rights reserved iii
ISO/IEC 24727-2:2008/Amd.1:2014(E)
Identification cards — Integrated circuit card
programming interfaces —
Part 2:
Generic card interface
AMENDMENT 1
Page 2, Clause 3
Insert the following new terms and definitions and renumber the current 3.3 as 3.5:
3.3
legacy card
integrated circuit card which is not personalized for the ISO/IEC 24727 standard
3.4
procedural element
software that can be accessed to provide manipulation of specific interface commands within a pro-
cessing layer
cf. translation code
Page 4, 5.1.3
Add the following row at the end of Table 2:
ENVELOPE ‘C3’ A None
Page 13
Add the following new subclause at the end of Clause 6:
6.5 Discovery Mechanism for Legacy Cards
Cards in the field for which post-issuance personalization may turn too expensive require a practical
means to fit easily in a ISO/IEC 24727 framework. To leverage access for these legacy-cards to
ISO/IEC 24727 enabled e-services (client-application), card issuers may deliver to Service Providers a
card discovery registry respective to each type of card so that to have it recognized at bootstrap. In
relation to this card discovery registry, either an ACD or ISO/IEC 7816-15 based or XML-based CardInfo
shall be made available to the service provider for a whole description of card capabilities involved in
the transaction with the ISO/IEC 24727 enabled client-application.
ASN.1 definition for legacy-card discovery
6.5.1 The CardDiscovery Module
ISO24727-2-CardDiscovery {iso(1) standard(0) iso24727(24727) part2(2)
...
Questions, Comments and Discussion
Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.
Loading comments...