NXP JCOP J2A040 v2.4.1 Rel 3 Java Card 40K

NXP JCOP J2A040 v2.4.1 Rel 3 Java Card 40K

Description

The NXP J2A040 JCOP 2.4.1 R3 is a Java Card 2.2.2 running on Global Platform 2.1.1 with 40K of memory and replaces NXP’s JCOP21. This java card is contact interface and runs on NXP’s operating system called JCOP J2 V2.4.1 and offers 40 kByte EEPROM memory. The J2A040 JCOP is great for use where a high security solution at a low cost is needed. It’s ideal for multi application markets such as banking and finance, healthcare, mobile communications, public transportation, physical and logical access.

The JCOP J2A040 offers a Java Card Open Platform operating system called JCOP V2.4.1 based on independent, third party specifications, i.e. by Sun Microsystems, the Global Platform consortium, the International Organization for Standards (ISO), EMV (Europay, MasterCard and VISA) and others. JCOP V2.4.1 family based on the SmartMX family which is manufactured in most advanced CMOS 0.14 μm 5 metal layer technology is positioned to service high volume, single- and multi-application markets such as eGovernment e.g. Smart Passport, banking/finance, healthcare, mobile communications, public transportation, physical access, logical access, pay TV and digital rights management.

The Java Card, GlobalPlatform, EMV and ISO industry standards together ensure application interpretability for card issuers as well as application providers. By adhering not just to the standards themselves, but also to their spirit as evidenced in numerous heritage applications, JCOP V2.4.1 ensures large interpretability with third party applets as well as all existing smart card infrastructures. With JCOP V2.4.1 the promise of multi-sourcing any component in smart card solutions becomes true. Even in existing infrastructures, JCOP V2.4.1 equipped with proper applications can substitute any existing smart card.

Within its targeted segments, the new JCOP V2.4.1 platform on SmartMX is the most advanced solution available. It is combining standard interfaces as defined in Java Card 2.2.2, GlobalPlatform Card Specification 2.1.1 and powerful cryptographic capabilities by using co-processors for public and secret key encryption supporting RSA, ECC and Triple-DES, within the high security, ultra low power, performance optimized design concept of NXP Semiconductors‘ handshaking technology. The platform supports class “C”, “B” and “A” voltage ranges (1.62 to 5.5 V) as required by application standards such as 3G Mobile Communication (3GPP) and the credit/debit card standard (EMV).

The J2A040 has been discontinued by NXP, CardLogix can provide the J2A081 which is fully compatible with the J2A040 in PVC, ABS, PET, and composite cards with options like magnetic stripe, SAM and SIM cards with many security and printing graphics features.

Features

Security features
JCOP V2.4.1 includes extensive support for security applications based on following
features:

  • Support for Triple-DES co-processor
  • AES cryptography based on SmartMX AES cryptographic co-processor
  • RSA support for the key lengths up to 2048 bit
  • Elliptic Curve Cryptography with key lengths up to 320 bit
  • SHA1, SHA-224 and SHA-256
  • Support for SEED algorithm
  • Support for MD5
  • On-Card Key generation
  • CRC calculations
  • Data Authentication Pattern (DAP) for the Supplementary Security Domains

Security evaluation and certificates
Hardware security certification in accordance with CC EAL5+ is attained. Also, third-party approval such as EMVCo (VISA, CAST), ZKA and others, depending on the application
requirements, are available.

NXP Semiconductors continues to drive forward third-party security evaluations to provide
its customers with the relevant information and documentation needed to execute subsequent composite evaluations of implemented applications.

Security licensing
In addition to the various intellectual properties regarding attack resistance of the NXP
Semiconductors’ owned SmartMX family, NXP Semiconductors has obtained a patent
license for SPA and DPA countermeasures from Cryptography Research Incorporated (CRI). This license covers both hardware and software countermeasures. It is important to
customers that countermeasures within the operation system are covered under this
license agreement with CRI. Further details can be obtained on request.

Supported eGovernment specifications and applications
In order to provide extensive support for the eGovernment applications (electronic
passports, electronic identification cards), JCOP V2.4.1 is prepared to meet a wide range
of relevant specifications. Several applet providers worldwide are developing and testing
following applications on JCOP V2.4.1:

Optional crypto library
NXP Semiconductors offer an optional crypto library for all family types:
Various algorithms:

  • AES encryption and decryption using the AES coprocessor
  • DES and triple-DES encryption and decryption using the DES coprocessor
  • RSA encryption and decryption, signature generation and verification for straightforward and CRT keys up to 5024 bits

JCOPX – Additional Application Programming Interface (APIs) features
JCOP V2.4.1 provides extended support for several industry specific requirements. This
support is given with the JCOPX API that comprises following functionality:

  • BAC Accelerator API for secure messaging performance increase
  • Extended cryptography support (several algorithms and methods not specified in Java
    Card v2.2.2 (see Ref. 1)
  • UID options (single [fixed or random] or double UID support) according
    ISO/IEC 14443-3A

MIFARE emulation features
JCOP V2.4.1 provides full support for the MIFARE functionality. JCOP V2.4.1 is available
in 3 different configurations:

  • Configuration A – no support for MIFARE functionality.
  • Configuration B1 – 1 KB MIFARE functionality is supported according to the Java Card
    specification v2.2.2
  • Configuration B4 – 4 KB MIFARE functionality is based on the same specification with possibility to use up to 255 sectors
  • Extended Length APDU support
  • Extended Length APDUs are support for protocols T=1 and T=CL. For T=0 only short APDUs are supported.

Garbage collection
Garbage collection is fully implemented in JCOP V2.4.1; deleted objects, applets, and
packages are fully reclaimed (incl. compactification) and the space can be used for other
purposes after deletion.

Applications

  • Financial applications, like EMV Credit/Debit ones, stored value purse, or electronic commerce, among others.
  • Transport and ticketing, granting pre-paid access to a transport system like the metro and bus lines of a city.
  • Telephony, through the subscriber identification module (SIM) for digital mobile telephones. • Personal identification, for granting access to secured sites or providing identification credentials to participants of an event.
  • Electronic passports (E-Passport) and identity cards.
  • Basic Access Control according to ICAO 9303
  • EAC, Extended Access Control according to BSI TR03110 V1.1
  • Fingerprint Biometric Matching on Card
  • Digital Signature according to PKCS#11, IEC/CEN 14980
  • European Citizen Card based on IEC/CEN 15480
  • Various eID applications based on national specifications
  • Physical Access
  • Logical Access
  • Secure information storage, like health records (EMR), or health insurance cards.
  • Loyalty programs, like the ―Frequent Flyer – points awarded by airlines. Points are added and deleted from the card memory in accordance with program rules. The total value of these points may be quite high and they must be protected against improper alteration in the same way that currency value is protected.

Specifications

JCOP version 2.4.1 R3
Java Card version 2.2.2
Global Platform version 2.1.1
Security evaluation and certificates  Common criteria CC EAL5+
EMVCo (VISA, CAST)
ZKA
Security
  • RSA 2048 key generation
  • AES encryption and decryption
  • SHA1/SHA224/SHA256 hash algorithm
  • 3DES (ECB,CBC) encryption and decryption
  • ECC with key lengths up to 320 bit
  • Pseudo-Random Number Generator (PRNG)
  • Support for MD5
  • On-Card Key generation
  • CRC calculations
  • Data Authentication Pattern (DAP) for the Supplementary Security Domains
EEPROM: 40 KB
  • Data retention time: 25 years minimum
    Endurance: 500000 cycles minimum
  • MIFARE emulation with 1 KB or 4 KB
  • Persistent Heap 35940 bytes
ROM 76208 bytes free ROM for Applets
RAM
1 MHz to 10 MHz operating external clock frequency range
  • Internal CPU clock up to 30 MHz with synchronous operation
  • Internal clocking independent of externally applied frequency
Communication Protocol
  • Contact interface supports T=1 and T=0
  • Contactless interface supports T=CL according to ISO/IEC 14443 Type A
Communication interfaces Contact mode: T=0 and T=1 according to ISO/IEC 7816 with 3.5712 MHz following
communication speeds are supported:
  • 9600 bit/s [default]
  • 19200 bit/s
  • 38400 bit/s
  • 57600 bit/s
  • 115200 bit/s
  • 223200 bit/s
Default ATR
  • T=0 3B 6E 00 31 C0 71 C6 65 42 2C 01 35 35 83 90 00
  • T=1  3B F8 13 00 00 81 31 FE 45 4A 43 4F 50 76 32 34 31
Secure Channel Protocol: SCP01, SCP02 (Default)
Part Numbers Model: J2A040
NXP: J2A040xX0 PCM1.1 V2.4.1 Rel 3
Secure Smart Card Controller SmartMX P5CC040V0B

Support and Downloads

You may also like…