is a multi-application smart card
operating system, that enables a smart card to carry a variety of applications, from chip & pin application for payment to on-card biometric
matching for secure ID and ePassport. MULTOS is an open standard whose development is overseen by the MULTOS Consortium - a body compromised of companies which have an interest in the development of the OS and includes smart card and silicon manufacturers
, payment card schemes, chip data preparation, card management and personalization system providers, and smart card solution providers.
One of the key differences of MULTOS with respect to other types of smart card OS, is that it implements Secure Trusted Environment Provisioning or STEP, which is a patented mechanism by which the manufacture, issuance and dynamic updates of MULTOS smartcards in the field is entirely under the issuer’s control. This control is enforced through the use of a Key Management Authority (KMA). The KMA provides card issuers with cryptographic information required to bind the card to the issuer, initialize the card for use, and generate permission certificates for the loading and deleting of applications under the control of the issuer.
Millions of MULTOS smart cards are being issued by banks and governments all around the world, for projects ranging from contactless payment, internet authentication and loyalty, to national identity with digital signature, ePassport with biometrics, healthcare and military base and network access control.
A MULTOS implementation provides an operating system upon which resides a virtual machine
. The virtual machine provides:
The run-time environment operates within the application space. This consists of code space and data space. The code is assembled and is interpreted every time it is executed. The virtual machine performs code validity and memory access checks. The data space is divided into static and dynamic portions.
The key component of dynamic memory is the last in, first out (LIFO) stack as this makes using the various functions much easier. A MULTOS chip is a stack machine, which makes use of this dynamic memory to pass parameters and perform calculations. In addition, the Input/output buffer resides in another dynamic memory segment.
Each application resides with a rigorously enforced application memory space, which consists of the application code and data segments. This means that an application has full access rights to its own code and data, but can not directly access that of another application. If an application attempts to access an area outside its space, it results in an abnormal end to processing.
Application Loading and Deleting
A MULTOS card permits the loading and deleting of applications at any point in the card's active life cycle. A load can take place once the application and its corresponding certificate
are transmitted to the chip. A delete is permitted if a certificate that corresponds to a loaded application is transmitted to the chip.