Contact & Contactless Payment
MULTOS smart card platforms are built on standards and offer a solid reliable base on which any EMV application of any brand may reside. EMV applications deployed include all the well known international schemes such as American Express, JCB “J-SMART”, Mastercard “M/Chip” and VISA “VSDC”. As well as Mastercard credit and debit EMV transactions, the Mastercard Integrated Card Application (MICA) for MULTOS application also supports the latest specifications for Mastercard payment applications such as Mastercard Pre-Authorised, Chip Authentication Programme (CAP) and Advanced Authentication For Chip (AA4C).
When used with a MULTOS platform featuring a contactless interface, MICA also supports Mastercard PayPass contactless payments and mass transit features. The VSDC for MULTOS application conforms to the latest VIS specification and also supports VISA payWave contactless payments when using a contactess or dual-interface MULTOS card.
Financial institutions often need to deploy domestic payment applications alongside the international applications. MULTOS allows domestic applications to be deployed in conjunction with the off-the-shelf international application, enabling features such as shared PIN across all applications. Examples of domestic applications deployed include Interac (Canada), SPAN (Saudi Arabia), JBA (Japan), K-Cash and TMoney (South Korea), FISC (Taiwan), B0’ and Moneo (France), Banricompras (Brazil).
Other applications that add value to the payment card may be deployed, such as loyalty, coupon and data storage or home and internet banking applications. MULTOS provides a financial institution with the most advanced, flexible and future-proofed payment card platform available. In addition, the MULTOS step/one platform offers the most cost-effective way to deploy a multi-application EMV program using applications implementing Static Data Authentication.
Contactless Innovation
Contactless payment is rapidly emerging as the preferred method of payment worldwide. More than 50% of cards currently being issued around the world already have the contactless function.
MULTOS technology is widely used for contactless cards and other innovative contactless devices such as passive wristbands, contactless tags, and more capable active contactless payment devices. Contactless MULTOS products support the industry standard protocols, ISO 7816, ISO 14443 A or B.
Biometric Payment Cards
Using smart cards with biometrics results in a trusted credential for authenticating an individual’s identity using one-to-one biometric verification.
With the biometric template stored on the smart card, comparison can be made locally, without the need for connection to a database of biometric identifiers.
With the latest secure smart card micro-controllers, sufficient on-card processing power and memory exist to perform the biometric match directly within the logic of the smart card instead of within the reader device. This biometric match-on-card approach can provide an even more private and secure identity verification system. MULTOS is a flexible and powerful technology which is ideal for biometric cards and has been implemented in some current match-on-card products on the market.
Architecture
MULTOS consists of two unique technologies that deliver the secure architecture – the on-chip virtual machine that executes applications and the MULTOS security scheme that protects the chip, application code and application data. MULTOS applications are developed in high-level languages such as ‘C’ or Java (or in low-level assembly language) and compiled into MULTOS Executable Language (MEL) bytecodes that are executed by the virtual machine. Any invalid instructions or attempted memory accesses are rejected by the virtual machine and all smart card application execution will stop. The execution-time checking ensures the complete safety of application execution and data – it is not possible for an application to access the data of another application on the smart card.
All MULTOS OS Implementations include the standard virtual machine and a standard set of primitive functions. There are a number of optional primitive functions, usually related to specific hardware features that may be present.
This ensures that applications are 100% compatible between different MULTOS and MULTOS step/one products from different vendors. All products undergo rigourous Type Approval to ensure compliance with specification and security of implementation.
Highly Secure
MULTOS has been at the leading edge of secure digital smart cards for over 20 years, and is renowned for achieving the highest levels of security compliance. As well as supporting traditional bureau personalisation, the MULTOS security architecture allows for applications and data to be securely loaded to a MULTOS device in an insecure environment – ideal for instant issuance, mobile payments and post issuance updates.
An overview of how this is achieved:
- Each MULTOS device contains a unique RSA key pair, generated and certified by the Key Management Authority. This key pair is securely loaded to the device when it is enabled.
- The public part of the key is used by data preparation software, in a secure environment such as a perso bureau, to encipher a packet of data called an Application Load Unit (ALU).
- The ALU contains the application code and personalised data.
- Only the target MULTOS device can decipher the ALU.
- The load process does not require any external cryptographic device and a secure channel is not required as all the cryptographic processing is internal to the MULTOS device itself
