CardOS smart card operating system gets Common Criteria EAL4+ certification

August 25, 2016

countries of European Union passports, identification biometric passport, EU stars

CardOS® DI V5.3, the Atos smart card operating system, gets Common Criteria EAL4+ certification and becomes compliant with ePassport ICAO standard

CardOS compliant with 2nd and 3rd generation electronic passports


Atos, through its technology brand Bull, announces that CardOS DI V5.3, its latest operating system for smart card, in combination with Infineon chip, has received certification according to Common Criteria EAL4+.


With the ICAO functionality, CardOS DI V5.3 is suited for ePassport projects as well as for contact based and contactless eID projects.

CardOS DI V5.3 provides an outstanding level of security and speed. Used across all different markets all over the world, CardOS DI V5.3 offers a multitude of applications like eID, ePassports, citizen cards, health insurance and health professional cards, employee badges, signature cards, as well as loyalty cards in many European countries.

Kay Prisille, Head of Smart Card Solutions at Atos, commented: “Through our leading CardOS solutions, we provide our customers with smart cards that guarantee identity and control access making them more efficient in their business and interactions with customers and citizens. With this latest certification we have confirmed the adherence to highest security regulations of our latest platform and our dedication to maintaining our position in the market for electronic ID documents.”

image description

image description

Technical features:

  • Operating system: CardOS DI V5.3 EAC(1) / PACE(2) Version 1.0
  • Chip: Infineon SLE78CLFX*P
  • Compliance with requirements:
    – Technical Guideline BSI(3) TR-03105
    – ICAO(4) Technical Report RF Protocol
    – Application Test Standard for E-Passport
  • ICAO functionality: ICAO Doc 9303
  • ePassport projects based on: BAC(5), EAC and SAC(6)
  • Contact based and contactless eID projects based on: PACE, EACv1 and RI(7).
    (1)EAC: Extended Access Control                       (2)PACE: Password Authenticated Connection Establishment
    (3) BSI:  Bundesamt für Sicherheit in der Informationstechnik (i.e. Federal Office for Information Security)
    (4) ICAO: International Civil Aviation Organization   (5) BAC: Basic Access Control
    (6) SAC: Supplemental Access Control                           (7) RI: Restricted Identification