OPTIMOS – a practical ecosystem of secure identities for mobile services
Providers of digital services, such as car sharing or mobile phone companies, airlines or transport companies, want to use their customers’ smartphones to securely store application-specific data. Up to now, however, they have had to compromise when it comes to security. This is all set to change thanks to the OPTIMOS project funded by the Federal Ministry of Economics and Energy (BMWi).
Mobile services have become an indispensable part of our digitalized world: Airlines send customers their boarding passes directly to their mobile phones, public transportation companies offer digital tickets for smartphones and car sharing companies transmit the digital car keys to their customers by SMS or app. To ensure that this application-specific data is stored securely on the customer’s smartphone, each service provider has up to now had to set its own complex infrastructure. That’s because different types of mobile phones and mobile phone providers mean a high degree of heterogeneity.
The OPTIMOS project aims to create a platform that relieves service providers of the difficult part while at the same time enabling hardware-supported security. Service providers can dock on via an interface to the so-called Trusted Service Management (TSM) platform which would then manage storage of the data in the respective hardware security element on the customer’s smartphone.
The special features of OPTIMOS
The OPTIMOS project, which ran until the end of 2020, created an infrastructure for mobile services that fully met the criteria of an open and practical ecosystem:
- The OPTIMOS ecosystem is accessible to service providers and technology suppliers on a non-discriminatory basis
- Customers can choose between as many service providers as possible
- National and European requirements relating to IT security and data protection are to be fully supported
Bundesdruckerei led the project consortium with a total of 8 funding partners and 12 associated partners.
Focus on IT security and data protection from the outset
The project proactively implemented IT security and data protection according to the principles of Security by Design, Privacy by Design and Privacy by Default. In doing so, the project also picked up on the main objectives of the government’s coalition agreement. OPTIMOS is developing and demonstrating a system that fulfils the “substantial” assurance level requirements of the eIDAS Regulation. For this purpose, a Secure eID app was developed with an eID service that supports identification and authentication, the transfer of identity data and the use for declarations of intent.
Incorporation into international standards
The specifications developed in OPTIMOS are being incorporated into international standards. In addition to Bundesdruckerei, the following partners also participated in the project:
Cantamen GmbH, Freie Universität Berlin, Giesecke+Devrient Mobile Security GmbH, KAPRION Technologies GmbH, NXP Semiconductors Germany GmbH, Technische Universität Dresden, T-Systems International GmbH
Bundesamt für Sicherheit in der Informationstechnik, Berliner Verkehrsbetriebe AöR, Governikus GmbH & Co. KG, Infineon Technologies AG, Deutsche Hospitality (Steigenberger Hotels AG), Samsung Electronics GmbH, Sony Europe Limited (Germany Branch), Telefonica Germany GmbH & Co. OHG, Telekom Deutschland GmbH, VERIMI GmbH, VBB Verkehrsverbund Berlin-Brandenburg GmbH, Vodafone GmbH