GlobalPlatform Simplifies Secure User Authentication with Standardized API
September 2020 by Marc Jacob
GlobalPlatform has released a new specification to simplify and bring greater trust to the authentication of digital services on smartphones and biometric-enabled cards.
Originally developed within EMVCo, the global technical body that facilitates the worldwide interoperability and acceptance of secure payment transactions, the Secure Element Broker Interface defines a standard to make end-user authentication simpler for all applications running in a GlobalPlatform-certified Secure Element (SE). It enables service providers to easily develop secure apps that utilize the authentication mechanisms available in the device, which are now known as Consumer Device Cardholder Verification Methods (CDCVM). The specification means developers no longer need multiple app versions for different device operating systems or models. It also accelerates the roll out of contactless biometric payment cards. Regardless of whether a consumer is using a biometric card or a smartphone, they can rely on a single secure authentication method for all apps stored in the device, rather than remembering multiple PINs and passcodes.
The specification also supports FIDO authentication and GlobalPlatform will extend the application of the Application Programming Interface (API) beyond mobile payments. GlobalPlatform’s SE technology is widely deployed across sectors including enterprise ID, government and transport. It means the new interface can be used to support authentication services for a variety of use cases, and increase interoperability among digital service providers, Original Equipment Manufacturers (OEMs) and application developers.