CEN/TS 15480-5:2013

1.1 Scope of CEN/TS 15480-5:2013. The scope of this Technical Specification is to provide a general description of the standard together with an introduction to each part of the ECC standard. Informative Annex A maps the relationship between the various parts of the ECC standard and other ISO/IEC standards relating to the card platform. 1.2 Scope of the ECC standard The European Citizen Card (ECC) standard addresses the difficulties presented to citizens when attempting to access various public services using a smart card as an access token. The scope of the ECC standard covers card capabilities and structures specified under the following headings: Specific definition of minimum features (for example, card surface print structure). Definition of optional features that may be required to provide the desired electronic services. Specification of discovery mechanisms to allow supported and in-use card capabilities and features to be identified. Besides covering the hardware and software of the card, the ECC standard also addresses interfaces to readers and servers through middleware components. This simple concept can enable ECC cards to adopt a widely different set of personas, even though a common application may be housed on cards used in different environments and in different ways. Generically, we can consider ECC cards as being classed as one of the following groups, even though the same application may be loaded (alongside others) in each environment. These groupings are: eID Verification token; Inter-European Union travel document; Provider of logical access to e-Government or local administration services or to private sector services by housing personal credentials. In order to support the above, it is noted that there will be certain minimum requirements upon any card conforming to the ECC, specifically, the European Citizen Card will be at a minimum a smart card with Identification, Authentication and electronic Signature (IAS) service capabilities. The ECC may act as a bridge between different application requirements of an integrated circuit card and in so doing act to reduce the number of different European specifications and standards required. The ECC will be issued under the responsibility of a European National Public Administration in order to provide a token supporting one of the above usage groupings by housing one or more relevant applications. In addition, there is nothing to stop the ECC being used to support private applications and environments which would therefore allow the ECC to be used in a shared public-private application scenario. It is apparent that the ECC is intended to offer the card issuer/ service provider with a great deal of flexibility in the services that the ECC provides, the authentication mechanisms supported and the local national specific public policy with an special concern to protect the citizen privacy according to the applicable European legislation.