IFSEC 2015: Giesecke & Devrient and baimos technologies to jointly demonstrate the secure personalization of contactless smart cards via smartphone

London / Munich, June 16, 2015. Digital access control typically relies on smart card technology to securely store digital keys. A complex and hardware- heavy infrastructure is required to write onto such cards securely and particularly in a decentralized environment - to personalize their individual access permissions. The higher the security requirements are, the greater the need to employ an expensive end-to-end solution from one single provider usually becomes. The two security experts G&D and baimos are now showcasing an integrated solution that can remove this complexity by turning any NFC smartphone into a secure smart card reader for contactless key cards. The cost for dedicated reader hardware and maintenance is reduced to virtually zero, while the number of readers can expand with existing smartphones at no incremental cost.

With many years of experience in the development of secure cards and Java CardTM technology for applications in SIM, payment and ID cards, G&D is providing a secure und proven smart card platform for BlueID from baimos technologies. G&D's smart cards are equipped with a Java CardTM operating system enabling not only data storage, but also the execution of Java applets. By employing strong encryption, the cryptographic protocols on the smart card improve the level of data security even further. G&D's secure card operating system and cryptologic protocols allow BlueID to initialize a special BlueID applet in the secure smart card environment and to securely receive and store data from smartphones via NFC. The G&D SmartCafe Expert 7.0 card is EAL5+ certified.

The software-based authorization platform BlueID by itself enables personalized secure keys to be remotely activated on smartphones for all kinds of objects like doors, cars, barriers, cabinets, etc.

As G&D and baimos will demonstrate at the IFSEC 2015, G&D's smart cards can now also be personalized with the same permissions that BlueID uses for smartphones. This bridges the gap between the existing infrastructure deployments and the mobile ecosystem, since BlueID permissions can be sent to selected smartphones and now as well to selected smart cards to increase security. BlueID permissions are time restricted and dedicated for unique identities. A PKI based BlueID permission clearly defines the holder, recipient, date and duration of access rights.

To turn a compatible NFC smartphone into a secure smart card reader, the smartphone itself also has BlueID installed. This way both components the stand-alone G&D smart card to be personalized, as well as the smartphone being the NFC card reader ? have dedicated unique and secure identities. The smartphone then transfers the defined permissions contactlessly via NFC onto the G&D smart card. The whole transport process and permission storage is 100% protected and can get clearly determined as well as controlled by BlueID.

BlueID is offering a robust security concept for digital smartphone permissions that scales and easily allows mass installation. We are pleased to support them with our expertise and products in order to go one step further by integrating the latest smart card technology into their permission system?, says Axel Deininger, Group Senior Vice President and Head of the Enterprise Security & OEM division at G&D.

Smart cards will remain a popular carrier of digital identities and access permissions. With our latest innovation smart card management can now leverage the benefits of the mobile wave, states Philipp Spangenberg, CEO of baimos technologies. ?Companies can now securely personalize smart cards with access permissions via already existing hardware a corporate or private smartphone outside of their firewalls to easily and instantly grant access to dedicated objects for employees, guests and subcontractors. Specific and expensive reader hardware across the whole ecosystem is not necessary anymore.

baimos technologies and demo partner G&D will present the Secure Smartcard Personalization solution at this year's IFSEC Conference in London at Stand C1605.

About baimos technologies gmbh
baimos technologies specializes in secure mobile communication and authorization management for smart devices to interact securely with embedded sensors and actuators locally around them.

The team of trusted computing specialists develops the software-based authorization platform BlueID which turns any mobile app and smartphone into a secure mobile key for real things like doors, cars, barriers, cabinets and the Internet of Things (IoT).

The strength of BlueID is its patent protected offline functionality which ensures local communication, authentication and authorization all within one second. BlueID provides strong security for digital keys stored on the smartphone but does not require secure elements on the smartphone side. It works with communication standards like Bluetooth Smart, NFC, WiFi and the mobile Internet.

baimos technologies works with partners like Marquardt, Emerson Network Power, eQ-3/ELV, Microsoft, novero, Valtech and others. Its list of customers includes Audi, Daimler, Sixt, DORMA, LG and others.