From Classic Smartcards to Integrated Secure Elements
White Papers
Modern devices are integrating many functionalities in a single chip or a System on Chip (SoC). Devices such as phones and set-top boxes (STBs) are commonly used for content delivery and payment services. To protect information leakage that could damage the individuals and businesses and inflict monetary damage, dedicated secure sub-systems are implemented to provide security as a service.
Traditionally, the Smartcard (also known as the Secure Element) is considered the most secure solution. Consequently, the approach the industry is trying to use is to integrate the Smartcard in an SoC. For the functionality, the approach is fully effective, but the emerging challenge is to retain the Smartcard levels of security in a secure element and prove the security claims in standard certification schemes, such as EMVCo and Common Criteria (CC - ISO 15408), without overhead introduced by the changing form factor.
The certification, and even a free-format security evaluation of an SoC with integrated sub-systems, is significantly more complex to perform due to the changed properties of the integrated Secure Element (iSE), increased complexity of the whole system, and different development environments.
Never before has functionality been overtaking the security of an iSE. The questions then arise: how are vendors going to approach this new paradigm, and how will the testing labs respond to the ever-growing challenge of evaluating vast number functionalities in a single secure enclave?
This paper lists and discusses critical factors vendors need to take into account when integrating Secure Elements into an SoC to replace Classic Smartcards. The content in this paper is relevant for vendors that would like to reduce costs of fixes, development, evaluation, certification, and time to market.