IDPrime MD 8840 MicroSD IDPrime MD 8840 is a secure MicroSD card that combines the storage capability of a standard MicroSD memory card and the high security level of a smart card or smart token. It mainly targets the enterprises, governments and Certification Authorities that need the highest security level for use cases such as: Strong authentication, data, voice or email encryption, digital signature, SSL/TLS communication, banking transactions, epurse, etc. It is particularly well suited to support the PKI, OTP and payment technologies. Gemalto also proposes a pure Java platform MicroSD card without PKI applet loaded, named IDCore 8030. IDPrime MD 8840 MicroSD card is an IDPrime 840 secure chip embedded into a MicroSD card form factor. So it directly inherits all its benefits and advantages, such as: the compliance with the Windows Base CSP / Minidriver cryptographic layers and the full integration in the Microsoft environments the support of the Elliptic Curves and RSA algorithms the Common Criteria EAL5+ / PP SSCD Digital Signature certification for the combination of the Java OS and the PKI applet. The OS itself is CC EAL5+ / JavaCard PP certified. the support of Gemalto Java applets such as PKI, OTP-OATH, MPCOS, etc.
Key Benefits Perfect integration in Windows environment The IDGo 800 minidriver is certified and distributed by Microsoft. It ensures immediate integration with all Microsoft environments, plus Plug & Play service on Windows 7, Windows 8 and Windows 8.1. Compatible with the main PC and mobile environments Fully supported by the IDGo 800 middleware and SDK for Android, as well as all the smart card friendly solutions running on Windows 7 / 8.x : Card Management Systems, logon, Office applications, Web browsers, VPN, SSO, Remote Desktop, file and data encryption, etc. Compliant with European Digital Signature law IDPrime MD 8840 is CC EAL5+ / PP SSCD certified offering state-of-the-art security and a solution fully compliant with European Digital Signature law. Its java platform is also CC EAL5+ / PP JavaCard certified. OTP and MPCOS options IDPrime MD are multi-application smart cards, and can have onboard the optional OATH One Time Password applet, offering a very flexible authentication service, combining both PKI and OTP. The MPCOS applet offers both e-purse and data management services. Part of the Gemalto IDPrime range IDPrime MD 8840 is part of a wide range of Gemalto PKI smart cards: IDPrime .NET, MD and PIV. It benefits from the long experience of Gemalto with middleware running on several OS platforms. No compromise on security IDPrime MD 8840 implements the most advanced security hardware and software countermeasures against various attacks: side channel attacks, invasive attacks, advanced fault attacks and other types of attacks.for enforcing protection of all sensitive data and functions in the card.
Non binding information – February 2015
IDPrime MD 8840 MicroSD Furthermore, the MicroSD form factor brings some other benefits: Flash memory size of 8 GB or 16 GB, providing a good complement to the user mobile phone storage capacity. This Flash memory can be used exactly as a standard memory card to store any professional or personal data such as videos, photos, or files. This memory is not natively encrypted by the MicroSD card but it can be encrypted by any dedicated mobile application or by the Mobile OS itself. Compatibility with the Android mobile devices equipped with a MicroSD slot. The IDGo 800 middleware for Mobiles is a cryptographic service that interfaces any third party application with all the Gemalto Secure Elements. Compatibility with the Windows 7 and 8.x based PC platforms equipped with an internal MicroSD slot or connected to a USB MicroSD reader. A specific PC/SC emulation driver is provided by Gemalto and is installed on the PC to access both the Flash memory (as a removable volume) and the Secure Element as a standard smart card.
Technical features MicroSD form factor Compliant with the SD Association specifications SDA physical specifications features v1.01 Mass storage 8 GB or 16 GB Flash memory capacity Communication protocol Secure chip hardware
Secure chip OS
IDPrime MD PKI applet
Other applets
- Compliant with the SDA ASSD protocol - Also supports the FSI proprietary protocol - T=1 protocol with the secure chip - Infineon SLE78CX800P - Common Criteria EAL5+ high certified, True RNG - EEPROM size: 80 KB - 500 K write/erase cycles IDCore Java OS: - Global Platform v2.1.1 (Amendment A) with SCP01 to 03 - Java Card v2.2.2 (& 3.0.1 for the elliptic curves algorithms) - ISO 7816 - Up to 15 X509 PKI certificates - Compliant with the Gemalto IDGo 800 middleware - Onboard PIN policy - Multi-PIN support - OTP-OATH event based compliant with Gemalto IDConfirm 1000 authentication server. This applet is included in the standard version. - Other possible optional applets: MPCOS
- Java OS: Common Criteria EAL5+ / JavaCard PP (Protection Profile) - PKI applet: Common Criteria EAL5+ / PP SSCD certified Certifications - On request: FIPS140-2 Level 3. The secure chip, the Java OS and the PKI / OTP applets are already FIPS certified - Symmetric: 3DES (ECB, CBC), AES (128, 192, 256 bits) - Hash: SHA-1, SHA-256, SHA-384, SHA-512. Cryptographic - RSA: up to RSA 2048 (and optionally up to 4096 bits) algorithms - RSA OAEP and PSS - Elliptic curves: P-256, P-384, P-521 bits - On-card asymmetric key pair generation (RSA up to 2048, Elliptic Curves) Support of Windows - Secure Flash Card driver emulating a PC/SC smart card reader 7 and 8.x - Flash memory integrated in the standard Windows file system Support of Android Support of Linux
- Compliant with the IDGo 800 for Android middleware and SDK, through the OMAPI interface - On request
Non binding information – February 2015