German Federal Office for Information Security (BSI) has now certified a smart card

Certified smartcards offer users verified and therefore trustworthy security functionality and cryptography. They are used in particular where high security requirements apply. These include ID cards, health cards, credit cards and SIM cards for cell phones.

The German Federal Office for Information Security (BSI) has now certified a smart card that has implemented a post-quantum cryptographic (PQC) algorithm for the first time. The world’s first Common Criteria security certificate for a specific implementation of the new ML-KEM PQC process on a smart card was awarded to the manufacturer Infineon Technologies AG.

In view of the ever-increasing threat scenario for traditional cryptography posed by quantum algorithms, the BSI believes there is an urgent need for action to migrate to quantum-resistant algorithms. The BSI has published specific recommendations for action (BSI Recommendation for Action) and, together with 17 European partners, has called for an active transition to quantum-resistant methods by 2030 at the latest (Securing Tomorrow, Today: Transitioning to Post-Quantum Cryptography).

This CC certification of a smart card fulfills the quasi-industry standard for secure IT products, i.e. the Common Criteria (ISO/IEC 15408).

With such a CC certificate, manufacturers can reliably prove that a product actually meets the defined security requirements. A transparent and independent testing process by the BSI creates trust in the security of the product. In addition to the fundamental trust in the security of standardized cryptography, successful Common Criteria certification also guarantees the correctness of implementations and their resistance to attacks in the everyday use of these products as part of their special testing processes, which is a cornerstone of the success of Cybernation Deutschland.

With the imminent switch to European certification, thanks to EUCC, this successful model of CC certification will soon be able to be harmonized and extended to the pan-European level.