DRAFT MALAYSIAN 14G008R1 STANDARD - SIRIM Berhad …€¦ · Suruhanjaya Komunikasi dan Multimedia...
Transcript of DRAFT MALAYSIAN 14G008R1 STANDARD - SIRIM Berhad …€¦ · Suruhanjaya Komunikasi dan Multimedia...
DRAFT
MALAYSIAN 14G008R1
STANDARD STAGE: PUBLIC COMMENT (40.20)
DATE: 01/08/2015 - 30/09/2015
Code of practice for deploying secure applications through the Third Party Gateway for Government Multipurpose Card - Part 2: Applet configuration (First revision) OFFICER/SUPPORT STAFF: (SD / zt)
ICS: 35.240.15
Descriptors: code of practice, secure, application, third party gateway, government multipurpose card,
applet configuration
© Copyright
DEPARTMENT OF STANDARDS MALAYSIA
For Pub
lic Com
ment
14G008R1
STANDARDS MALAYSIA 2015 - All rights reserved i
Contents
Page Committee representation .......................................................................................................... ii Foreword .................................................................................................................................... iii Introduction ................................................................................................................................ iv 1 Scope ............................................................................................................................. 1
2 Normative references .................................................................................................... 1 3 Terms and definitions .................................................................................................... 1 4 Abbreviations ................................................................................................................. 3 5 MyKad category identification........................................................................................ 4 6 TPG load/remove application for MyKad Category A ................................................... 5 7 TPG load/remove application for MyKad Category B ................................................. 18 Annex A Get sequence counter ........................................................................................... 28 Bibliography .............................................................................................................................. 29
For Pub
lic Com
ment
14G008R1
ii STANDARDS MALAYSIA 2015 - All rights reserved
Committee representation The Industry Standards Committee on Information Technology, Communications and Multimedia (ISC G) under whose authority this Malaysian Standard was developed, comprises representatives from the following organisations: Association of Consulting Engineers Malaysia Chief Government Security Office Cybersecurity Malaysia Department of Standards Malaysia Federation of Malaysian Manufacturers Institut Tadbiran Awam Negara, Malaysia Majlis Keselamatan Negara Malaysian Administrative, Modernisation and Management Planning Unit Malaysian International Chamber of Commerce and Industry Malaysian National Computer Confederation Malaysian Technical Standards Forum Bhd MIMOS Berhad Ministry of Communication and Multimedia Ministry of Domestic Trade, Co-operatives and Consumerism Ministry of Energy, Green Technology and Water Ministry of International Trade and Industry Ministry of Science, Technology and Innovation Multimedia Development Corporation Sdn Bhd Multimedia University Persatuan Industri Komputer dan Multimedia Malaysia Science and Technology Research Institute for Defence SIRIM Berhad (Secretariat) Suruhanjaya Komunikasi dan Multimedia Malaysia Telekom Malaysia Berhad The Institution of Engineers, Malaysia Universiti Teknologi Malaysia The Technical Committee on Identification Cards and Related Devices which developed this Malaysian Standard consists of representatives from the following organisations: CALMS Technologies Sdn Bhd CyberSecurity Malaysia
Datasonic Group Berhad IRIS Corporation Berhad Jabatan Imigresen Malaysia Jabatan Pendaftaran Negara Malaysia Malaysian Administrative, Modernisation and Management Planning Unit Malaysian Electronic Payment System Sdn Bhd Malaysian National Computer Confederation MIMOS Berhad Ministry of Home Affairs Multimedia Development Corporation Sdn Bhd Multimedia University Silterra Malaysia Sdn Bhd SIRIM Berhad (Secretariat) Tricubes Berhad Universiti Utara Malaysia
For Pub
lic Com
ment
14G008R1
STANDARDS MALAYSIA 2015 - All rights reserved iii
Foreword This Malaysian Standard was developed by the Technical Committee on Identification Cards and Related Devices under the authority of the Industry Standards Committee on Information Technology, Communications and Multimedia. MS 2482 consists of the following parts, under the general title Code of practice for deploying secure applications through the Third Party Gateway for Government Multipurpose Card: Part 1: Secure connectivity Part 2: Applet configuration Major modifications in this revision are as follows: a) the title has been changed to “Code of practice for deploying secure applications through
the Third Party Gateway for Government Multipurpose Card - Part 2: Applet configuration”;
b) definition of chip has been introduced in 3.5;
c) definition of Secure Access Module (SAM) has been amended in 3.10;
d) new Clause 5 regarding MyKad category identification has been added;
e) new Figure 1, MyKad category identification process flow has been added;
f) Figure 3b, TPG/load/remove process flow (part 2) for MyKad Category A has been
amended;
g) Table 1, Naming convention of Application Identifier (AID) has been removed for security purpose;
h) new Clause 7 regarding TPG load/remove application for MyKad Category B has been
added;
i) new subclauses 7.1. 7.2, 7.3, 7.4 and 7.5 have been added;
j) new Figures 7, 8, 9, 10, 11 and 12 have been added;
k) new Tables 4, 5, 6 and 7 have been added; and
l) Annex A, “Get sequence counter” has been amended. This Malaysian Standard cancels and replaces MS 2582-2:2012, Code of practice for deploying secure applications through the Third Party Gateway for Malaysia Multipurpose Smart Card - Part 2: Applet configuration. Compliance with a Malaysian Standard does not of itself confer immunity from legal obligations.
For Pub
lic Com
ment
14G008R1
iv STANDARDS MALAYSIA 2015 - All rights reserved
Introduction Overview This Malaysian Standard specifies commands for post-issuance application for the Government Multipurpose Card (MyKad). When a MyKad is inserted into an interface device (IFD), the IFD selects an applet on the MyKad and sends it a series of commands to execute. Each applet is identified and selected by its application identifier (AID). Commands are formatted and transmitted in the form of application protocol data units (APDUs). Applets reply to each APDU command with an APDU response. APDU response consists of status word (SW) that indicates the result of the operation and data. Process for loading/removal of applet on MyKad is based on the MyKad existing IC type. Objectives The objective of this standard is to facilitate application development on MyKad through the TPG of the agency. Furthermore, it ensures that these applications are to be deployed in a secure manner through a standard guidance.
For Pub
lic Com
ment
14G008R1
STANDARDS MALAYSIA 2015 - All rights reserved 1
Code of practice for deploying secure applications through the Third Party Gateway for Government Multipurpose Card - Part 2: Applet
configuration
1 Scope This Malaysian Standard provides guidance for deploying secure applications through the Third Party Gateway (TPG) for the Government Multipurpose Card (GMPC) such as MyKad issued by National Registration Department of Malaysia (NRD). This standard specifies the process and logic flow to execute loading/removal of applet as well as the description for post issuance application for MyKad.
2 Normative references The following normative references are indispensable for the application of this standard. For dated references, only the edition cited applies. For undated references, the latest edition of the normative reference (including any amendments) applies. MS 2482-1:YYYY, Code of Practice for deploying secure applications through the Third Party Gateway for Government Multipurpose Card - Part 1: Secure connectivity.
3 Terms and definitions For the purposes of this standard, the following terms and definitions apply. 3.1 applet Any small applications that perform a specific task that runs within the scope of a larger program. 3.2 application Structures, data elements and program modules needed for performing a specific functionality. 3.3 Application Program Interface Application Programming Interface (API) is an interface implemented by a software program which enables it to interact with other software. In this standard, API refers to the programs interfacing CLMS to the TPG systems. 3.4 Card Lifecycle Management System Card Lifecycle Management System (CLMS) manages the card and its applets lifecycle.
For Pub
lic Com
ment
14G008R1
2 STANDARDS MALAYSIA 2015 - All rights reserved
3.5 chip It is a small electronic device made out of a semiconductor material and is also referred as integrated circuit. 3.6 Generic Applet A pre-determined applet provided by NRD which can be customised and used by other organisations/agencies to store their business related data in MyKad. 3.7 MyKad MyKad is a multi-application Integrated Circuit(s) Card (ICC) issued by the National Registration Department of Malaysia to citizens of Malaysia. The artwork for MyKad is blue. There are two categories of MyKad in circulation i.e. Category A and Category B NOTE. For information on the categories of MyKad, refer to NRD.
3.8 MyKad applet A set of instructions that enables the creation/deletion of data items in the MyKad chip. 3.9 MyKad Software Development Kit (SDK) A set of development tools for development of application for MyKad. 3.10 Secure Access Module (SAM) An integrated circuit(s) card used to enhance the security and cryptography performance in secure electronic transactions. The SAM size can be in the form of normal card size of 85.60 mm wide by 53.98 mm height by 0.76 mm thick or the nominal size of 25 mm wide by 15 mm height by 0.76 mm thick 3.11 Secure Sockets Layer Secure Sockets Layer (SSL) is a cryptographic protocol that provides security for communications over a network. 3.12 Third Party Gateway Third Party Gateway (TPG) is the access point to the NRD’s Card Lifecycle Management System (CLMS). The connectivity between NRD’s CLMS web server and the agency’s TPG server is secured through the SSL Authentication System. 3.13 transport key Key used to protect the Generic Applet, from any unauthorised attempts to initialise the applet.
For Pub
lic Com
ment
14G008R1
STANDARDS MALAYSIA 2015 - All rights reserved 3
4 Abbreviations For the purposes of this standard, the following abbreviations apply. AID Application Identifier
AMM
Application Management Module
APDU Application Protocol Data Unit
API
Application Programming Interface
CAA
Card Authentication Applet
CLMS
Card Lifecycle Management System
CMM
Card Management Module
CTM
Card Tracking Module
EF
Elementary File
FP
Function Provider
GA Generic Applet
GMPC
Government Multipurpose Card
ICC Integrated Circuit(s) Card
KMM
Key Management Module
NRD National Registration Department
PCSC Personal Computer/Smart Card compliant
SAM
Secure Access Module
SMM SAM Management Module
SSL
Secure Socket Layer
TPG Third Party Gateway
XML Extensible Markup Language
For Pub
lic Com
ment
14G008R1
4 STANDARDS MALAYSIA 2015 - All rights reserved
5 MyKad category identification There are two categories of MyKad in circulation i.e. Category A and Category B. To identify the categories of MyKad, the process in Figure 1 is applicable.
Figure 1. MyKad category identification process flow
Based on the MyKad category identified after conducting the above process flow, the TPG load/remove application for Category A refers to Clause 6 and for Category B refers to Clause 7. NOTE. For information on the categories of MyKad, refer to NRD.
For Pub
lic Com
ment
14G008R1
STANDARDS MALAYSIA 2015 - All rights reserved 5
6 TPG load/remove application for MyKad Category A 6.1 Overview Processes related to the Generic Applet (GA) in MyKad include the following: a) GA loading and removing; b) GA initialisation; c) GA personalisation; and d) GA unblocking (if required). The flow for the GA processes is illustrated in Figure 2.
Figure 2. Generic Applet processes for MyKad Category A
6.2 Generic Applet loading and removing The process flow for the TPG GA load/remove is illustrated in Figures 3a and 3b.
For Pub
lic Com
ment
14G008R1
6 STANDARDS MALAYSIA 2015 - All rights reserved
Figure 3a. TPG load/remove process flow (part 1) for MyKad Category A
For Pub
lic Com
ment
14G008R1
STANDARDS MALAYSIA 2015 - All rights reserved 7
Figure 3b. TPG load/remove process flow (part 2) for MyKad Category A
For Pub
lic Com
ment
14G008R1
8 STANDARDS MALAYSIA 2015 - All rights reserved
The process flow consists of a number of pre-defined processes which is further elaborated in the following subclauses. In order to get the relevant applet data to be loaded into the MyKad, connection between the TPG server/workstation and CLMS web server shall be established according to requirements specified in MS 2482-1. 6.2.1 Identify chip type Since different chip types are available on MyKad, it is necessary to determine whether the chip has the capability to support load/remove functionality. In general, only MyKad chip having minimum 64 Kbytes data memory supports such functionality. However, for MyKad with ST19WL66 chip, the sequence counter is required to be obtained prior to load/remove application using the process in Annex A. 6.2.2 List existing applets In a multi-application environment such as MyKad, all applications are selectable by specifying its AID. For naming convention of applet and corresponding applet name, refer to NRD for pre-issued MyKad. 6.2.3 Get card info The “Get card info” process is necessary prior to any load/remove process in order to extract some card parameters in MyKad. These card parameters will be used to form the required XML request message that will be sent to the CLMS server in NRD. There are four key parameters to be extracted from MyKad and placed in the respective fields of the XML. The parameters are: a) MyKad serial number (CHIPSN); b) MyKad number (KPTNO); c) MyKad version number (KPTVERNO); and d) Card holder name (NAME). For detailed information on the XML, refer to subclause 6.3.3 of MS 2482-1:YYYY.
For Pub
lic Com
ment
14G008R1
STANDARDS MALAYSIA 2015 - All rights reserved 9
6.2.4 Load/removal of applet The “Load GA library applet” process is required to be performed if when listing applets in the MyKad, the GA library applet is not found. The “Load agency applet” process is required to be performed if the agency applet is not found when listing applets in the MyKad. If the agency wishes to remove an applet from the MyKad, it is crucial to perform “List existing applets” function in order to verify the following: a) whether the agency applet exist in the MyKad; and b) whether the generic agency applet is the only applet in the MyKad. If yes, then the
agency will then, have to perform the following:
i) “Remove GA library applet”; and ii) “Remove agency applet”.
Otherwise, remove the agency applet only. The relevant data to be used for applet load and removal is retrieved by performing the connection to NRD as specified in MS 2482-1. NOTE. “agency applet” is the applet personalised by the user agency, while a “generic agency applet” refers to a non-personalised applet obtainable from NRD.
6.2.5 Acknowledgement of applet load/removal Upon completion of applet load/removal, the agency shall send an acknowledgement request to NRD according to the requirements specified in Table 3 of MS 2482-1:YYYY (see column “Completion update for load” and “Completion update for remove”). With this acknowledgment request, NRD are able to keep track of the current card details. 6.3 Generic Applet initialisation The initialisation process comprises of the following main processes: a) validation of transport key in both applet and initialisation SAM card; b) transfer of application keys into applet; c) formatting of applet space; and d) activate applet. The process flow shown in Figures 4a and 4b depicts the entire initialisation process. Meanwhile Table 1 describes briefly each process in Figures 4a and 4b.
For Pub
lic Com
ment
14G008R1
10 STANDARDS MALAYSIA 2015 - All rights reserved
Figure 4a. Applet initialisation process flow (part 1) for MyKad Category A
For Pub
lic Com
ment
14G008R1
STANDARDS MALAYSIA 2015 - All rights reserved 11
Figure 4b. Applet initialisation process flow (part 2) for MyKad Category A
For Pub
lic Com
ment
14G008R1
12 STANDARDS MALAYSIA 2015 - All rights reserved
Table 1. Description of applet initialisation process
Process Description
Activate reader Establish communication with the smart card reader.
Select reader name for SAM card Select the slot being used for SAM card by specifying the reader name.
Select reader name for MyKad Select the slot being used for MyKad by specifying the reader name.
Establish connection with SAM card Establish communication with the SAM card.
Select applet for MyKad Select the specific AID of the MyKad applet for the next operation on that applet.
Select applet for SAM card Select the specific AID of the SAM card applet for the next operation on that applet.
Retrieve applet attribute from SAM card Get the applet information from the SAM card.
Verify PIN for SAM card If the SAM is protected with PIN, the application needs to present the PIN in order to access the SAM applet.
Inject transport key into MyKad Inject the transport key into MyKad applet.
Compare transport key between MyKad applet and SAM
Compare the injected transport key and the transport key in SAM. If the key match, then the application can continue to perform initialisation.
Inject applet key into MyKad Applet Transfer the applet key from SAM card into the applet. The number of keys will depend on the applet design.
Create data sets or EF in applet Create data files for the applet.
Activate applet Change the applet lifecycle status to “active” so that the applet is ready to be used.
Close reader Terminate communication with the reader.
6.4 Generic Applet personalisation The personalisation process involves encoding the necessary data into the appropriate EF space in the generic agency applet.
The pre-requisites of performing applet personalisation are as follows: a) SAM card for write process; b) PCSC compatible card reader with minimum one SAM slot; and c) applet personalisation application/function.
The process flow shown in Figures 5a and 5b depicts the entire applet personalisation process. Meanwhile Table 2 describes briefly each process in Figures 5a and 5b.
For Pub
lic Com
ment
14G008R1
STANDARDS MALAYSIA 2015 - All rights reserved 13
Figure 5a. Applet personalisation process flow (part 1) for MyKad Category A
For Pub
lic Com
ment
14G008R1
14 STANDARDS MALAYSIA 2015 - All rights reserved
Figure 5b. Applet personalisation process flow (part 2) for MyKad Category A
For Pub
lic Com
ment
14G008R1
STANDARDS MALAYSIA 2015 - All rights reserved 15
Table 2. Description of applet personalisation process
Process Description
Activate reader Establish communication with the smart card reader.
Select reader name for SAM Card Select the slot being used for SAM card by specifying the reader name.
Select reader name for MyKad Select the slot being used for MyKad by specifying the reader name.
Establish connection with SAM Card Establish communication with the SAM card.
Select applet for MyKad Select the specific AID of the MyKad applet for the next operation on that applet.
Select EF within the MyKad applet Select the specific EF that wanted to be written with data.
Select applet in SAM card Select the specific AID of the SAM applet.
Retrieve applet data in MyKad or SAM card Get the applet information from the SAM card.
Verify PIN for SAM card If the SAM is protected with PIN, the application needs to present the PIN in order to access the SAM applet.
Perform challenge response After the SAM Applet is accessed, perform challenge response authentication between MyKad applet and SAM in order to gain access to the MyKad applet.
Write data into applet Write data into the MyKad applet.
Set write once attribute For data that is supposed to be set as write once, apply the write once function.
Close reader Terminate communication with the reader.
6.5 Generic Applet unblocking In the scenario where a MyKad is blocked, the following explains the process flow of how to unblock a blocked generic agency applet. The pre-requisites of performing unblock applet process are as follows: a) SAM card for unblocking applet; b) PCSC compatible card reader with minimum one SAM slot; and c) applet unblock application/function. The process flow shown in Figures 6 depicts the entire applet unblock key process. Meanwhile Table 3 describes briefly each process in Figure 6.
For Pub
lic Com
ment
14G008R1
16 STANDARDS MALAYSIA 2015 - All rights reserved
Figure 6. Applet unblock key process flow for MyKad Category A
For Pub
lic Com
ment
14G008R1
STANDARDS MALAYSIA 2015 - All rights reserved 17
Table 3. Description of applet unblock key process
Process Description
Activate reader Establish communication with the smart card reader.
Select reader name for SAM card Select the slot being used for SAM card by specifying the reader name.
Select reader name for MyKad Select the slot being used for MyKad by specifying the reader name.
Establish connection with SAM card Establish communication with the SAM card.
Select applet for MyKad Select the specific AID of the MyKad applet for the next operation on that applet.
Select applet for SAM card Select the specific AID of the SAM.
Retrieve applet attribute from SAM card Get the applet information from the SAM card.
Verify PIN for SAM card If the SAM is protected with PIN, the application needs to present the PIN in order to access the SAM applet.
Perform challenge response After the SAM Applet is accessed, perform challenge response authentication between MyKad applet and SAM in order to gain access to the MyKad applet.
Perform unblock applet Perform unblock operation to the MyKad applet.
Close reader Terminate communication with the reader.
For Pub
lic Com
ment
14G008R1
18 STANDARDS MALAYSIA 2015 - All rights reserved
7 TPG load/remove application for MyKad Category B 7.1 Overview Processes related to the Generic Applet (GA) in MyKad include the following: a) GA loading and removing; b) GA initialisation; and c) GA personalisation. The flow for the GA processes is illustrated in Figure 7.
Figure 7. Generic Applet processes for MyKad Category B
For Pub
lic Com
ment
14G008R1
STANDARDS MALAYSIA 2015 - All rights reserved 19
7.2 Generic Applet loading and removing 7.2.1 Applet loading Figure 8 describes the process of loading an agency applet from MyKad. Meanwhile, Table 4 describes briefly process in Figure 8.
Figure 8. Process of loading an agency applet into MyKad Category B
For Pub
lic Com
ment
14G008R1
20 STANDARDS MALAYSIA 2015 - All rights reserved
In order to get the relevant applet data to be loaded into the MyKad, connection between the TPG server/workstation and CLMS web server shall be established according to requirements specified in MS 2482-1.
Table 4. Description of applet loading process for MyKad Category B
Process Description
Request ObjFile from Agency Server
The workstation requests the ObjFile, which is essentially the signed and pre-assembled applet, from the Agency Server if it is not already cached. This process is required to only execute once on each workstation start-up to minimize unnecessary bandwidth use.
Obtain Load Approval from NRD
MyKad is required to go through the approval process from NRD before applet loading is permitted. The connection to NRD is performed as described in MS 2482-1.
Acknowledgment of Applet Loading
Upon completion or should error occur during Applet Loading, the agency shall send an acknowledgment to NRD.
7.2.2 Applet removal
Figure 9 describes the process of removing an agency applet from MyKad. Meanwhile, Table 5 describes briefly process in Figure 9.
Table 5. Description of applet removal process for MyKad Category B
Process Description
Obtain Removal Approval from Agency Server
MyKad is required to go through the approval process from Agency Server before applet removal is permitted
Acknowledgment of Applet Removal
Upon completion or should error occur during Applet Removal, the agency shall send an acknowledgment to NRD.
For Pub
lic Com
ment
14G008R1
STANDARDS MALAYSIA 2015 - All rights reserved 21
Figure 9. Process of removing an agency applet from MyKad Category B
For Pub
lic Com
ment
14G008R1
22 STANDARDS MALAYSIA 2015 - All rights reserved
7.3 Generic Applet initialisation This subclause describes the initialisation process of applet. Applet is configured during this process. The EF files and read/write attributes are configured into the applet as per the applet profile. Figure 10 depicts the initialisation process. Meanwhile Table 6 describes briefly process in Figure 10.
Table 6. Description of applet initialisation process for MyKad Category B
Process Description
Activate reader Establish communication with the smart card reader.
Select applet for MyKad Select the specific AID of the MyKad applet for the next operation on that applet.
Authenticate Transport Key The workstation will first authenticate with MyKad using the default Transport Key in the SAM Bank
Inject applet key into MyKad Applet
Transfer the applet key from SAM Bank into the applet. The number of keys will depend on the applet design.
Activate applet Change the applet lifecycle status to “active” so that the applet is ready to be used.
Acknowledgment of Applet Initialisation
Upon completion or should error occur during initialisation, the agency shall send an acknowledgment to NRD as described in MS 2482-1.
Close reader Terminate communication with the reader.
For Pub
lic Com
ment
14G008R1
STANDARDS MALAYSIA 2015 - All rights reserved 23
Figure 10. Applet initialisation process for MyKad Category B
For Pub
lic Com
ment
14G008R1
24 STANDARDS MALAYSIA 2015 - All rights reserved
7.4 Generic Applet personalisation and data read/write This subclause describes the process for data personalisation, reading and writing onto MyKad. Figure 11 depicts the applet personalisation and data read/write process. Meanwhile Table 7 describes briefly process in Figure 11.
Figure 11. Applet personalisation and data read/write for MyKad Category B
For Pub
lic Com
ment
14G008R1
STANDARDS MALAYSIA 2015 - All rights reserved 25
Table 7. Description of applet personalisation and data read/write for MyKad Category
B
Process Description
Activate reader Establish communication with the smart card reader.
Select applet for MyKad and EF to read/write
Select the specific AID of the MyKad applet , and the specific EF for the next operation on that applet
Authenticate transport key The workstation will first authenticate with MyKad using the default Transport Key in the SAM Bank
Obtain read/write approval Approval from Agency Server is requested to gain read/write access to the agency applet
Perform read/write Data is read from/written to the agency applet
Close reader Terminate communication with the reader.
For Pub
lic Com
ment
14G008R1
26 STANDARDS MALAYSIA 2015 - All rights reserved
7.5 TPG batch update Figure 12 describes the process to update information and transaction records stored at TPG server to NRD.
Figure 12. Process to update information and transaction records stored at TPG server
to NRD.
For Pub
lic Com
ment
14G008R1
STANDARDS MALAYSIA 2015 - All rights reserved 27
The process in Figure 12 is described as follows: a) Window scheduler will check if it is the right time to send records of applet loading and
deletion to CLMS 1.0 or not. If yes, the batch update process is invoked. Else the window scheduler will continue to check for the right time.
b) Window scheduler will call CLMSAPIRequest webservice to trigger batch update for
records of applet loading and deletion. If the window schedule successfully call the webservice, records of applet loading and deletion will starts to transfer to CLMS 1.0.
c) If window scheduler failed to call the webservice, window scheduler will retry till the
counter reaches maximum count. Then window scheduler will return to process a).
For Pub
lic Com
ment
14G008R1
28 STANDARDS MALAYSIA 2015 - All rights reserved
Annex A (normative)
Get sequence counter The process flow in Figure A.1 is only required for MyKad with ST19WL66 chip. The sequence counter of the ST19WL66 chip shall be retrieved from the output.
Figure A.1. Get sequence counter process flow
For Pub
lic Com
ment
14G008R1
STANDARDS MALAYSIA 2015 - All rights reserved 29
Bibliography [1] ISO/IEC 7816-13, Identification cards - Integrated circuit cards - Part 13: Commands for
application management in a multi-application environment
For Pub
lic Com
ment
STANDARDS MALAYSIA 2015 - All rights reserved
Acknowledgements Members of Technical Committee on Identification Cards and Related Devices Prof Dr Zulkhairi Mohd Dahalin (Chairman) Universiti Utara Malaysia
Ms Syuibah Abirah Tarmizi (Deputy Chairman)
Multimedia Development Corporation Sdn Bhd
Ms Salwa Denan (Secretary) SIRIM Berhad
Ms Koh Lee Ching CALMS Tecnologies Sdn Bhd
Ms Norahana Salimin/
Mr Ahmad Dahari Jarno
CyberSecurity Malaysia
Mr Wong Chee Wai/
Mr Ramzani Abd Raub
Datasonic Group Berhad
Ms Connie Yee/
Mr Tan Jia Giin/
Ms Anis Azalina Mohamed
IRIS Corporation Berhad
Ms Nurul Ashikin Subli/
Ms Rohana Ismail
Jabatan Imigresen Malaysia
Ms Rajeswari Subaramaniam/
Ms Nur Diyana Fazlollah Suhaimi
Jabatan Pendaftaran Negara Malaysia
Ms Rohaila Abdul Latif Malaysian Electronic Payment System Sdn Bhd
Mr R Kunaseelan Malaysian National Computer Confederation
Mr Ahmad Nizar Harun/
Ms Siti Sarah Ramli
MIMOS Berhad
Mr Tahiruddin Hamdan Silterra Malaysia Sdn Bhd
Mr Shamsul Azhar Mohd Akhbar Tricubes Berhad
For Pub
lic Com
ment