We are getting very close to the release of Java Card 3, which should be available within a quarter from now. The impact of this release is very significant, and will introduce an entirely new way to work with smart cards. Before the release, I will discuss a few issues about this new spec. Since […]
Category Archives: Java Card Bandol
Java Card demos at Cartes
The next generation is getting closer than ever, with e forecast release in Q1 2008. Some demos were already present at Cartes, on both Gemalto and Oberthur booths. No major breakthrough in terms of cards, as both of them have been using USB tokens, about which they were not that talkative. The focus, in both […]
What about iCard and gCard?
This year seems to see the arrival of interesting newcomers in the mobile phone market. Apple has started an iPhone that also happens to be an iPod, and Google has recently announced that they will participate to some kind of a gPhone, which includes Google’s client applications. This is nice, but if we think as […]
e-Smart again
It is time for my yearly local conference, and this time, I am blogging live from it. I missed the first day, but here I am for the second day, and the Java Card session. This year, it is Oberthur who presents Java Card 3.0, more precisely Vincent Guerin, one of their JCF representatives. His […]
iPhone again
The iPhone is back in the news, this time as the target of an attack. This attack seems to me like a new one on mobile phones. The Safari vulnerability that it exploits also exists in the workstation version of the program. Apple is here falling victim of their “reuse” strategy: by using the same […]
iPhone and iCard
Over a week after the launch, it is a duty as a blogger to mention the iPhone. I am not going to explain how great it looks and feels, and I am not going to talk about the latest iPhone hacks. In fact, I will react on an old Steve Jobs quote that I saw […]
Should we deprecate DESKey.getKey() ?
The DESKey.getKey(byte[], short) method definitely is one of the most controversial methods of the Java Card 2.1 API. This method is quite simple; as stated in its description, it “Returns the Key data in plain text”. This definition is of course a nightmare for smart card security people: not only does it access the value […]
Preparing for Bandol
The specification of the Next Generation Java Card (aka Bandol) will not be publicly available before beginning of 2008, but the information that has been disclosed so far is sufficient for developers to start thinking about the architecture of future applications. The JavaOne session by Jean-Jacques vandewalle and Laurent Lagosanto provides the appropriate material to […]
Access control for smart card Web server
One of Bandol’s major innovations is the adoption of the servlet programming model. This can be considered as an acknowledgement by the smart card industry of the role of secure personal server for smart cards. Now, we just have to make sure that issuers share that vision. On technical matters, we are faced with the […]
Challenges for the SIM
I have chaired a session at the SIM Summit, whose topic was the technical challenges to be met in order to satisfy operator requirements. The speakers were mixed between operators and vendors. The session was very informative, especially because there seems to be a good convergence between the actors. In order, the hot topics are […]