Brightsight completes first eUICC evaluation under Common Criteria scheme using Protection Profile PP-0100

20.02.20 12:03 PM By Brightsight

Delft, 20 February 2020. Brightsight is proud to announce that we have completed the world’s first Common Criteria (CC) evaluation against PP-0100, the Embedded UICC for Consumer Devices Protection Profile. We also evaluated a component against PP-0104, the Common Criteria Protection Profile Cryptographic Service Provider. Both protection profiles were used in our evaluation of NXP’s JCOP 5.2 (Java Card Operating System) on SN100.C58 (hardware).

This achievement marks the first-ever CC evaluation against PP-0100 for eUICC, also known as the GSMA Protection Profile. The GSM Association (GSMA) represents the worldwide mobile communications industry. It developed this protection profile to specify the security requirements for eUICC products. eUICC has been described as the next evolution of the SIM card.

“We are happy to have worked together with global semiconductor manufacturer NXP, evaluating their product against PP-0100”, says Thomas Jorgensen, CCO at Brightsight. “This opportunity allowed us to demonstrate that Brightsight can perform not only CC evaluations of eUICCs, but also GSMA evaluations of various kinds of devices, components and applications in the mobile telecommunications industry”.

Brightsight has over 35 years of experience in security evaluations in the high-end security domain. Our evaluation reports are recognized by all major certification and approval bodies. Our customers and partners benefit from our many accreditations and extensive experience through strong and clear support during the evaluation process.