Last update : august 2012

Steering Committee / Approval bodies

Participation in the OSeC Steering Committee is open to representatives of Approval Bodies, which have signed the OSeC Memorandum of Understanding (MoU).
Up to now the MoU is signed by :

American Express
American Express
Groupement des Cartes Bancaires CB Cartes Bancaires
Consorzio Bancomat Bancomat
Currence Currence
German Banking Industry Committee (GBIC) GBIC
MasterCard International Mastercard
PAN-Nordic Card Association
Pan-Nordic Association
The UK Card Association UKCards
Visa Europe VisaEU

Whereas the Steering Committee’s Members are Approval Bodies, work has started to guide the establishment and implementation of a permanent structure to steer a certification framework infrastructure in which more stakeholders could be represented.

The last meeting of the Steering Committee took place on 14th of July 2012. The next round table will be held on 6th September 2012 at ANSSI premises in Paris. The members of the Steering Committee are meeting on 31st August 2012 at the SRC premises in Bonn.

Organisation and Management Structure

The work of the OSeC Steering Committee is coordinated by the Steering Committee Co-ordinator, which is elected by the Steering Committee. The Co-ordinator is responsible for the overall management of the Pilot, chairs the Steering Committee meetings and prepares the meetings and decisions of the Steering Committee.

The OSeC Steering Committee benefits from an existing certification infrastructure which administrates and maintains the Common Criteria ISO 15408 evaluation and certification scheme. This certification scheme is organized within the governmental structures of different European countries and outside of the credit industry. It provides for

•    A harmonized evaluation methodology,
•    Harmonized and controlled evaluation rules and processes and
•    An international working structure.

In order to cover the POI certification area the current CC scheme’s certification infrastructure is being enhanced accordingly.

Cooperation with the Common Criteria Organization

The OSeC Organisation uses the existing Common Criteria Certification Infrastructure of Cards and POI. In close cooperation with the existing CC Scheme, OSeC contributes to the development of this infrastructure. This approach requires the full support and participation from Certification Bodies, as they will be required to certify the results of any evaluation conducted by any laboratory that they supervise. This harmonized evaluation process using one harmonized implementation specification will in addition assure a one-stop-shopping for each single requirement.

OSeC is working together with JTEMS (JIL Terminal Evaluation Methodology Subgroup). This Subgroup was initiated by the CAS Initiative. It is comprised of Approval Bodies coming from CAS, CC Certification Bodies, CC Laboratories and vendors. The main task of JTEMS is to transform the high level security requirements defined by CAS and published in the EPC Volume/Book of Requirements into a CC Protection Profile. JTEMS is OSeC´s primary expert group for CC. JTEMS defines the implementation specification of the CAS/EPC security requirements and will support the CC related technical issues of the pilot. JTEMS is part of the JIL Working Group (JIWG) of the CC organisation. JIL is the expert group for certification.

Stakeholders consultation, observers

The Steering Committee will consult with both regulators and other interested parties, including the wider stakeholder community. For this purpose, it foresees firstly to open a dialogue with the EPC. Secondly, the possibility will be assessed to establish ‘Stakeholder Councils’ for other stakeholders and organise public consultations on prospective Steering Committee implementation standards and/or rules.
The Eurosystem is monitoring and observing in order to ensure the delivery of the objective.