OPTIMOS project demonstrates that ID systems with ‘substantial’ assurance level can be achieved using smartphones
Project funded by the Federal Ministry for Economic Affairs and Energy for secure identities on smartphones comes to a close. Technological basis for using mobile devices also in the public sector and high quality e tickets. OPTIMOS interest group to develop seal for secure mobile services
Berlin, 16 December 2020 – The OPTIMOS 2.0 project – Platform for Secure Identities on Smartphones – was successfully completed on schedule at the end of November 2020. Numerous well-known industrial companies and research institutions were involved in the project, defining an open security architecture for mobile applications on smartphones as well as a platform for data and application management for services with high protection requirements. The project was backed by the Federal Ministry for Economic Affairs and Energy (BMWi). “Working in the OPTIMOS 2.0 project, we developed the technological basis for using mobile devices in the public sector as well as for car sharing and high-quality e‑tickets in public transport, such as monthly tickets or annual season tickets,” explains project manager and head of marketing Hartmut Hemme from consortium leader Bundesdruckerei GmbH. The most advanced security technologies were needed to qualify the smartphone for public sector services. They are to guarantee the availability of personal data and the protection of privacy. “Our demonstrators for very different market segments show that the smartphone security technologies can be used to create the preconditions for digital ID systems that can reach ‘substantial’ assurance level in Europe.”
The OPTIMOS platform creates the precondition for implementing the requirements of the eIDAS regulation with a smartphone. Based on this, the eID function of the German ID card and other European ID systems can be used securely and directly from a smartphone. The central element of the OPTIMOS security architecture is a ‘Trusted Service Manager’ (TSM) which establishes the secure communication channel between a service provider and the customer’s smartphone. The TSM checks and initializes the security status of the smartphone and transmits the sensitive customer data to its secure zone, such as the embedded secure element (eSE) or the eUICC the successor to the SIM card. These security elements are protected against attack and tampering, serve as a secure store for cryptographic keys, and provide the necessary cryptographic algorithms for authorized services and applications. Verification, for instance, to check legitimate use of a public transport annual pass, is quick and easy via the smartphone's NFC interface. In the context of OPTIMOS 2.0, the smartphone is to become a trusted platform – with a security level comparable with smartcards. Privacy is protected by giving control over the data stored solely to the user. Public sector applications also require manufacturer-independent and non-discriminatory use of OPTIMOS security technology. This is the only way to ensure the digital sovereignty of a state as the issuer of identity data on a smartphone.
The OPTIMOS technology is being further developed within the framework of an OPTIMOS interest group that includes Bundesdruckerei GmbH, Kaprion, Governikus, Deutsche Telekom Security GmbH, Giesecke+Devrient, secunet Security Networks AG, and FU Berlin (Identity Management working group). One of the features to be developed is an OPTIMOS seal of conformity to guarantee a defined assurance level for mobile services.
In addition to Bundesdruckerei GmbH, the following partners were involved in the OPTIMOS-2.0 project: Authada GmbH, Berliner Verkehrsbetriebe AöR, Bundesamt für Sicherheit in der Informationstechnik, Cantamen GmbH, FU Berlin, Giesecke+Devrient Mobile Security GmbH, Governikus GmbH & Co. KG, Infineon Technologies AG, KAPRION Technologies GmbH, NXP Semiconductors Germany GmbH, Samsung Electronics GmbH, Sony Europe Limited (Germany branch), TU Dresden, Telefonica Germany GmbH & Co. OHG, Telekom Deutschland GmbH, T-Systems International GmbH, VBB Verkehrsverbund Berlin-Brandenburg GmbH, Verimi GmbH, Vodafone GmbH.
Press Release - OPTIMOS project demonstrates that ID systems with ‘substantial’ assurance level can be achieved using smartphones
File size: 150.29 KB