Germany’s Federal Office for Information Security (BSI) has granted Giesecke & Devrient’s new STARCOS 3.5 smart card operating system a security certificate under the Common Criteria Protection Profile (BSI-CC-PP-0056-V2-2012) for machine-readable travel documents with Extended Access Control and PACE.

“The PACE procedure ensures that a highly secure connection is established between the contactless chip in the identification document and the reader. Data is encrypted before being exchanged, making it impossible for hackers to read the data communication or decrypt it later,” says Dr Hermann Sterzinger, head of Giesecke & Devrient’s Government division.

The PACE security mechanism is already used in the new German national ID card, for which G&D is also supplying a certified solution (under the ID card protection profile BSI-CC-PP-0061-2009) with the STARCOS 3.5 operating system.

G&D says with this new smart card operating system, it is already offering its customers a security-certified solution to bring their electronic documents up to date with the latest technology and afford them effective protection against fraud.

It is planned that, in the future, the new security protocol will not only be used in official documents within EU countries but worldwide. The International Civil Aviation Organization (ICAO) recommends that all countries should change their biometric passports over to the PACE access mechanism by December 2014, replacing the Basic Access Control (BAC) protocol.