Configuration places consumer at the center of the application ecosystem without compromising device security

Industry association GlobalPlatform has released its Consumer-Centric Model Configuration. This framework enables consumers to have ultimate control over which secure applications they want to use from the Secure Elements (SE) housed within their trusted devices. This configuration is of particular interest to service providers of applications such as loyalty, couponing and temporary physical access, as well as wearables and device manufacturers.

The GlobalPlatform Consumer Centric Model Configuration v1.0 defines a new type of security domain: the end user security domain and opens up this isolated area of the SE for end user controlled activity. It achieves this without compromising security for the SE as a whole. This enables issuers to give end users control over value added services on their device through a PIN-protected interface module that allows them to download and maintain apps. This new model is in contrast to traditional approaches where only the issuer or authorized service provider can manage an application in the SE.

“This configuration forms a blueprint for a move away from the issuer centric model to putting the consumer in control,” said Gil Bernabeu, Technical Director at GlobalPlatform. “It encourages consumers to tailor the applications on their devices to suit their individual requirements, representing a significant change from service providers determining what consumers can have to consumers choosing the digital experiences they want.”

The model focuses on a trusted token onto which applications are downloaded; a secure chip-based object, owned by the consumer, that adopts the role of a personal security container. Such hardware tokens will be supplied by trusted token providers – entities that can provide security assurances, allowing a service provider to verify the security of a consumer’s token. These tokens can take the form of a device such as a USB stick or micro SD card. Additionally, the configuration is flexible, allowing the token to also be embedded hardware.

The consumer centric approach can also work in collaboration with other application management models – like issuer centric or dual mode – that have already been defined by GlobalPlatform. A single SE can therefore host multiple trusted applications, each of which can be managed in a range of different ways.

“Security is at the heart of everything that GlobalPlatform does. The configuration shows that it is possible to enhance the user experience and gives the end user control without undermining the security that is crucial to the functioning of the app-based ecosystem,” Bernabeu added.

“GlobalPlatform is a neutral body that is keen to support different application management models and processes. We recognize that for some parties this approach aligns with its commercial and technical objectives and will be instrumental in achieving these goals.”

The configuration document is available to download free to members from the members only section of the GlobalPlatform website. Non-members wishing to purchase the configuration should buy it from the GlobalPlatform online store.