This page was not yet optimized for use on mobile devices.

Xaica-a PLUS ePassport on MTCOS Pro 2.6 with SAC (BAC+PACE) and Active Authentication / ST31N600

CSV information

Status	active
Valid from	11.02.2026
Valid until	11.02.2031
Scheme	🇩🇪 DE
Manufacturer	MaskTech International GmbH
Category	ICs, Smart Cards and Smart Card-Related Devices and Systems
Security level	ALC_DVS.2, ALC_FLR.3, EAL4+

Heuristics summary

Certificate ID: BSI-DSZ-CC-1074-V3-2026

Certificate

Certificate PDF TXT

Extracted keywords

Security level

EAL 4, EAL 5, EAL 2, EAL 4 augmented

Security Assurance Requirements (SAR)

ALC_DVS.2, ALC_FLR.3, ALC_FLR

Certificates

BSI-DSZ-CC-1074-V3-2026

Standards

ISO/IEC 15408, ISO/IEC 18045

File metadata

Title	Certificate BSI-DSZ-CC-1074-V3-2026
Subject	Common Criteria, Certification, Zertifizierung, passport, Pass, Ausweis, hoheitliche Dokumente, MaskTech
Keywords	Common Criteria, Certification, Zertifizierung, passport, Pass, Ausweis, hoheitliche Dokumente, MaskTech
Author	Federal Office for Information Security
Pages	1

Certification report

Certification report PDF TXT

Extracted keywords

Symmetric Algorithms

AES, DES

Asymmetric Algorithms

ECC

Schemes

MAC

Protocols

PACE, PGP

Randomness

RNG

Libraries

NesLib 6.7.4

Vendor

STMicroelectronics, STM

Security level

EAL 4, EAL 5, EAL 2, EAL 1, EAL5+, EAL6, EAL 5+, EAL 6, EAL 4 augmented

Claims

OE.PKI

Security Assurance Requirements (SAR)

ALC_DVS.2, ALC_FLR.3, ALC_FLR, ALC_CMC.4, ALC_CMS.4, ALC_DEL.1, ALC_LCD.1, ALC_TAT.1, ALC_COMP.1

Certificates

BSI-DSZ-CC-1074-V3-2026, BSI-DSZ-CC-1074-V2-2020, ANSSI-CC-2022/21-R02, ANSSI-CC-2022/42-R02

Evaluation facilities

SRC Security Research & Consulting

Side-channel analysis

fault injection, JIL

Certification process

being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification, Pro 2.6 with SAC (BAC+PACE) and Active Authentication / ST31N600, MaskTech International GmbH (confidential document) [6] Evaluation Technical Report, Version 1.0, 19.01.2026, Evaluation Report- Evaluation Technical, ETR), SRC Security Research & Consulting GmbH, (confidential document) [7] Protection Profile for ePassport IC with SAC (BAC+PACE) and Active Authentication, Version 1, list - Xaica-α PLUS ePassport on MTCOS Pro 2.6 / ST31N600 MaskTech International GmbH (confidential document) [10] User Guidance, Version 1.1, 07 January 2026, User Guidance –Xaica-α PLUS ePassport on MTCOS

Standards

AIS 34, AIS 36, AIS 25, AIS 26, AIS 46, AIS 31, AIS 20, AIS 35, AIS 32, AIS 38, ISO/IEC 15408, ISO/IEC 18045, ISO/IEC 17065, ICAO

Technical reports

BSI TR-03110, BSI TR-02102

File metadata

Title	Certification Report BSI-DSZ-CC-1074-V3-2026
Subject	Common Criteria, Certification, Zertifizierung, passport, Pass, Ausweis, hoheitliche Dokumente, MaskTech
Keywords	Common Criteria, Certification, Zertifizierung, passport, Pass, Ausweis, hoheitliche Dokumente, MaskTech
Author	Federal Office for Information Security
Pages	24

Frontpage

Certificate ID	BSI-DSZ-CC-1074-V3-2026
Certified item	Xaica-α PLUS ePassport on MTCOS Pro 2.6 with SAC (BAC+PACE) and Active Authentication / ST31N600
Certification lab	BSI
Developer	MaskTech International GmbH sponsored by NTT DATA CORPORATION

References

Outgoing

BSI-DSZ-CC-1074-V2-2020 - archived - Xaica-Alpha PLUS ePassport on MTCOS Pro 2.5 with SAC (BAC+PACE) and Active Authentication / ST31G480 D01
ANSSI-CC-2022/21-R02 - active - ST31N600(A03) (ANSSI-CC-2022/21-R02)
ANSSI-CC-2022/42-R02 - active - Cryptographic library NESLIB 6.7.4 on ST31N600 A03 (version 6.7.4) (ANSSI-CC-2022/42-R02)

Security target

Security target PDF TXT

Extracted keywords

Symmetric Algorithms

AES, AES-, DES, 3DES, TDES, TDEA, CMAC

Asymmetric Algorithms

ECDH, ECDSA, ECC, Diffie-Hellman

Hash functions

SHA-1, SHA-256, SHA-384, Keccak

Schemes

MAC, Key agreement, Key Agreement

Protocols

PACE

Randomness

DRBG, RNG, RND

Libraries

NESLIB 6.7.4

Elliptic Curves

P-256, P-384, NIST P-256, NIST P-384

Block cipher modes

CBC

IC data groups

EF.DG1, EF.DG2, EF.DG13, EF.DG15, EF.DG14, EF.COM, EF.CardAccess, EF.SOD

Trusted Execution Environments

SSC

Vendor

STMicroelectronics

Security level

EAL4, EAL6, EAL5, EAL4 augmented, EAL6 augmented, EAL5 augmented

Claims

O.AA, O.BAC, O.PACE, O.RND, A.PKI, OE.PKI

Security Assurance Requirements (SAR)

ADV_ARC.1, ADV_IMP.1, ADV_FSP.4, ADV_TDS.3, ADV_ARC, AGD_OPE.1, AGD_PRE.1, ALC_DVS.2, ALC_FLR.3, ALC_FLR.2, ALC_DVS.1, ALC_CMC.4, ALC_DEL.1, ALC_TAT.1, ALC_CMS.4, ALC_LCD.1, ATE_COV.2, ATE_FUN.1, ATE_DPT.1, ATE_IND.2, AVA_VAN.5, AVA_VAN.3, ASE_INT.1, ASE_CCL.1, ASE_SPD.1, ASE_OBJ.2, ASE_ECD.1, ASE_REQ.2, ASE_TSS.1, ASE_TSS.2

Security Functional Requirements (SFR)

FAU_SAS.1, FAU_SAR, FAU_SAS, FCS_CKM, FCS_CKM.6, FCS_COP, FCS_RNG.1, FCS_CKM.4, FCS_RND, FCS_RNG, FCS_CKM.2, FCS_CKM.5, FCS_COP.1, FCS_RBG.1, FCS_CKM.1, FCS_CKM.6.1, FCS_CKM.6.2, FCS_RNG.1.1, FCS_RNG.1.2, FCS_RND.1, FCS_SBO, FDP_ACC, FDP_ACF, FDP_ITC.1, FDP_UCT, FDP_UIT, FDP_ITC.2, FDP_ACF.1, FDP_ACC.1, FDP_IFC.1, FDP_ITC.1.1, FDP_ITC.1.2, FDP_ITC.1.3, FDP_UCT.1, FDP_UIT.1, FDP_SDC.1, FDP_SDI.2, FDP_ITT.1, FIA_AFL, FIA_UAU.1, FIA_UAU.4, FIA_UAU.5, FIA_UID.1, FIA_AFL.1, FIA_UAU.1.1, FIA_UAU.1.2, FIA_UAU.4.1, FIA_UAU.5.1, FIA_UAU.5.2, FIA_UID.1.1, FIA_UID.1.2, FIA_API.1, FMT_MOF.1, FMT_MTD.1, FMT_SMF.1, FMT_SMR.1, FMT_MSA.3, FMT_MOF.1.1, FMT_MTD.1.1, FMT_SMF.1.1, FMT_SMR.1.1, FMT_SMR.1.2, FMT_LIM, FMT_MSA, FMT_SMF, FMT_SMR, FMT_UID, FMT_UAU, FPT_EMS.1, FPT_PHP.3, FPT_EMS, FPT_EMS.1.1, FPT_PHP.3.1, FPT_FLS.1, FPT_ITT.1, FPT_FLS, FRU_FLT.2, FTP_ITC.1, FTP_TRP.1, FTP_ITC.1.1, FTP_ITC.1.2, FTP_ITC.1.3, FTP_ITC

Protection profiles

BSI-CC-PP-0056-V2-2012-MA-02, BSI-CC-PP-0084-2014

Certificates

BSI-DSZ-CC-1073-V2-, ANSSI-CC-2022/21-R02, ANSSI-CC-2022/42-R02

Side-channel analysis

Leak-Inherent, physical probing, Malfunction, JIL

Standards

FIPS PUB 140-3, FIPS PUB 180-4, FIPS PUB 197, NIST SP 800-38B, NIST SP 800-67, AIS 31, ISO/IEC 9797-1, ISO/IEC 15408, ISO/IEC 10116-2017, ISO/IEC 7816, ICAO, CCMB-2022-11-001, CCMB-2022-11-002, CCMB-2022-11-003, CCMB-2022-11-004, CCMB-2022-11-005, CCMB-2022-11-006

File metadata

Pages	83

References

Outgoing

ANSSI-CC-2022/21-R02 - active - ST31N600(A03) (ANSSI-CC-2022/21-R02)
ANSSI-CC-2022/42-R02 - active - Cryptographic library NESLIB 6.7.4 on ST31N600 A03 (version 6.7.4) (ANSSI-CC-2022/42-R02)

Heuristics

Automated inference - use with caution

All attributes shown in this section (e.g., links between certificates, products, vendors, and known CVEs) are generated by automated heuristics and have not been reviewed by humans. These methods can produce false positives or false negatives and should not be treated as definitive without independent verification. For details on our data sources and inference methods, see our methodology. If you believe any information here is inaccurate or harmful, please submit feedback.

Certificate ID

BSI-DSZ-CC-1074-V3-2026

Extracted SARs

ADV_ARC.1, ADV_FSP.4, ADV_IMP.1, ADV_TDS.3, AGD_OPE.1, AGD_PRE.1, ALC_CMC.4, ALC_CMS.4, ALC_COMP.1, ALC_DEL.1, ALC_DVS.2, ALC_FLR.3, ALC_LCD.1, ALC_TAT.1, ASE_CCL.1, ASE_ECD.1, ASE_INT.1, ASE_OBJ.2, ASE_REQ.2, ASE_SPD.1, ASE_TSS.2, ATE_COV.2, ATE_DPT.1, ATE_FUN.1, ATE_IND.2, AVA_VAN.5

Similar certificates

Name	Certificate ID	Actions
Xaica-a PLUS ePassport on MTCOS Pro 2.6 with SAC (PACE) and Active Authentication / ST31N600	BSI-DSZ-CC-1073-V3-2026	Compare
Xaica-α PLUS ePassport on MTCOS Pro 2.5 with SAC (BAC+PACE) and Active Authentication / ST31G480 C01	BSI-DSZ-CC-1074-2019	Compare
Xaica-Alpha PLUS ePassport on MTCOS Pro 2.5 with SAC (BAC+PACE) and Active Authentication / ST31G480 D01	BSI-DSZ-CC-1074-V2-2020	Compare
Xaica-Alpha PLUS ePassport on MTCOS Pro 2.5 with SAC (PACE) and Active Authentication / ST31G480 D01	BSI-DSZ-CC-1073-V2-2020	Compare
Xaica-α PLUS ePassport on MTCOS Pro 2.5 with SAC (PACE) and Active Authentication / ST31G480 C01	BSI-DSZ-CC-1073-2019	Compare

Scheme data

Enhanced
Cert Id	BSI-DSZ-CC-1074-V3-2026
Product	Xaica-α PLUS ePassport on MTCOS Pro 2.6 with SAC (BAC+PACE) and Active Authentication / ST31N600
Vendor	MaskTech International GmbH
Certification Date	11.02.2026
Category	Electronic ID documents
Url	https://www.bsi.bund.de/SharedDocs/Zertifikate_CC/CC/Hoheitliche_Dokumente-IC_mit_Anwendung/1074.html
	Product	Xaica-α PLUS ePassport on MTCOS Pro 2.6 with SAC (BAC+PACE) and Active Authentication / ST31N600
	Applicant	MaskTech International GmbH Nordostpark 45 90411 Nürnberg
	Evaluation Facility	SRC Security Research & Consulting GmbH
	Assurance Level	EAL4+,ALC_DVS.2,ALC_FLR.3
	Certification Date	11.02.2026
	Expiration Date	10.02.2031
	Entries	[frozendict({'id': 'BSI-DSZ-CC-1074-V3-2026 (Ausstellungsdatum / Certification Date 11.02.2026, gültig bis / valid until 10.02.2031)', 'description': 'The target of evaluation (TOE) of this evaluation is the product Xaica-a PLUS ePassport on MTCOS Pro 2.6 with SAC (BAC+PACE) and Active Authentication / ST31N600 provided by MaskTech International GmbH. The TOE is an electronic travel document representing a contactless smart card providing the Basic Access Control (BAC), Password Authenticated Connection Establishment (PACE) and the Active Authentication protocol according to the ’ICAO 9303’ and BSI TR-03110 and is pro-grammed according to ICAO Technical Report “Supplemental Access Control”.'}), frozendict({'id': 'BSI-DSZ-CC-1074-V2-2020 (Ausstellungsdatum / Certification Date 30.07.2020, gültig bis / valid until 29.07.2025)', 'description': 'Technical Report "Supplemental Access Control"'}), frozendict({'id': 'BSI-DSZ-CC-1074-2019 (25.01.2019)', 'description': 'Certificate'})]
	Report Link	https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1000/1074V3a_pdf.pdf?__blob=publicationFile&v=3
	Target Link	https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1000/1074V3b_pdf.pdf?__blob=publicationFile&v=2
	Cert Link	https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1000/1074V3c_pdf.pdf?__blob=publicationFile&v=2
	Description	The target of evaluation (TOE) is the product Xaica-α PLUS ePassport on MTCOS Pro 2.5 with SAC (BAC+PACE) and Active Authentication / ST31G480 D01 provided by MaskTech International GmbH. The TOE is an electronic travel document representing a contactless smart card providing the Basic Access Control (BAC), Password Authenticated Connection Establishment (PACE) and the Active Authentication protocol according to the ICAO 9303 and BSI TR-03110 and is programmed according to ICAO Technical Report “Supplemental Access Control”.
Subcategory	IC with applications

References

Updates Feed

08.06.2026

The certificate data changed.
Certificate changed

The state of the certificate object was updated.

The cert property was updated, with the {'extract_ok': True} data.

The PDF extraction data was updated.

The cert_metadata property was set to {'pdf_file_size_bytes': 236193, 'pdf_is_encrypted': False, 'pdf_number_of_pages': 1, '/Author': 'Federal Office for Information Security', '/Keywords': 'Common Criteria, Certification, Zertifizierung, passport, Pass, Ausweis, hoheitliche Dokumente, MaskTech', '/Subject': 'Common Criteria, Certification, Zertifizierung, passport, Pass, Ausweis, hoheitliche Dokumente, MaskTech', '/Title': 'Certificate BSI-DSZ-CC-1074-V3-2026', 'pdf_hyperlinks': {'_type': 'Set', 'elements': []}}.
28.03.2026

The certificate was first processed.

Raw data

{
  "_type": "sec_certs.sample.cc.CCCertificate",
  "category": "ICs, Smart Cards and Smart Card-Related Devices and Systems",
  "cert_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1074V3c_pdf.pdf",
  "dgst": "3fc7dd21c9c28b97",
  "heuristics": {
    "_type": "sec_certs.sample.cc_eucc_common.Heuristics",
    "annotated_references": null,
    "cert_id": "BSI-DSZ-CC-1074-V3-2026",
    "cert_lab": [
      "BSI"
    ],
    "cpe_matches": null,
    "direct_transitive_cves": null,
    "eal": "EAL4+",
    "extracted_sars": {
      "_type": "Set",
      "elements": [
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_LCD",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_COMP",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_CCL",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "AGD_PRE",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ATE_COV",
          "level": 2
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_FLR",
          "level": 3
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ATE_FUN",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_DEL",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_ECD",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ADV_IMP",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_OBJ",
          "level": 2
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ADV_FSP",
          "level": 4
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ATE_DPT",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_TAT",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ADV_TDS",
          "level": 3
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ADV_ARC",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "AGD_OPE",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_INT",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ATE_IND",
          "level": 2
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "AVA_VAN",
          "level": 5
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_CMC",
          "level": 4
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_DVS",
          "level": 2
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_CMS",
          "level": 4
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_TSS",
          "level": 2
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_SPD",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_REQ",
          "level": 2
        }
      ]
    },
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "2.6"
      ]
    },
    "indirect_transitive_cves": null,
    "next_certificates": null,
    "prev_certificates": null,
    "protection_profiles": null,
    "related_cves": null,
    "report_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": {
        "_type": "Set",
        "elements": [
          "ANSSI-CC-2022/42-R02",
          "ANSSI-CC-2022/21-R02",
          "BSI-DSZ-CC-1074-V2-2020"
        ]
      },
      "indirectly_referenced_by": null,
      "indirectly_referencing": {
        "_type": "Set",
        "elements": [
          "BSI-DSZ-CC-1073-2019",
          "ANSSI-CC-2022/42-R02",
          "ANSSI-CC-2017/61",
          "ANSSI-CC-2022/21-R02",
          "ANSSI-CC-2016/58",
          "ANSSI-CC-2019/12",
          "BSI-DSZ-CC-1074-2019",
          "BSI-DSZ-CC-1074-V2-2020"
        ]
      }
    },
    "scheme_data": {
      "category": "Electronic ID documents",
      "cert_id": "BSI-DSZ-CC-1074-V3-2026",
      "certification_date": "2026-02-11",
      "enhanced": {
        "applicant": "MaskTech International GmbH Nordostpark 45 90411 N\u00fcrnberg",
        "assurance_level": "EAL4+,ALC_DVS.2,ALC_FLR.3",
        "cert_link": "https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1000/1074V3c_pdf.pdf?__blob=publicationFile\u0026v=2",
        "certification_date": "2026-02-11",
        "description": "The target of evaluation (TOE) is the product Xaica-\u03b1 PLUS ePassport on MTCOS Pro 2.5 with SAC (BAC+PACE) and Active Authentication / ST31G480 D01 provided by MaskTech International GmbH. The TOE is an electronic travel document representing a contactless smart card providing the Basic Access Control (BAC), Password Authenticated Connection Establishment (PACE) and the Active Authentication protocol according to the ICAO 9303 and BSI TR-03110 and is programmed according to ICAO Technical Report \u201cSupplemental Access Control\u201d.",
        "entries": [
          {
            "description": "The target of evaluation (TOE) of this evaluation is the product Xaica-a PLUS ePassport on MTCOS Pro 2.6 with SAC (BAC+PACE) and Active Authentication / ST31N600 provided by MaskTech International GmbH. The TOE is an electronic travel document representing a contactless smart card providing the Basic Access Control (BAC), Password Authenticated Connection Establishment (PACE) and the Active Authentication protocol according to the \u2019ICAO 9303\u2019 and BSI TR-03110 and is pro-grammed according to ICAO Technical Report \u201cSupplemental Access Control\u201d.",
            "id": "BSI-DSZ-CC-1074-V3-2026 (Ausstellungsdatum / Certification Date 11.02.2026, g\u00fcltig bis / valid until 10.02.2031)"
          },
          {
            "description": "Technical Report \"Supplemental Access Control\"",
            "id": "BSI-DSZ-CC-1074-V2-2020 (Ausstellungsdatum / Certification Date 30.07.2020, g\u00fcltig bis / valid until 29.07.2025)"
          },
          {
            "description": "Certificate",
            "id": "BSI-DSZ-CC-1074-2019 (25.01.2019)"
          }
        ],
        "evaluation_facility": "SRC Security Research \u0026 Consulting GmbH",
        "expiration_date": "2031-02-10",
        "product": "Xaica-\u03b1 PLUS ePassport on MTCOS Pro 2.6 with SAC (BAC+PACE) and Active Authentication / ST31N600",
        "report_link": "https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1000/1074V3a_pdf.pdf?__blob=publicationFile\u0026v=3",
        "target_link": "https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1000/1074V3b_pdf.pdf?__blob=publicationFile\u0026v=2"
      },
      "product": "Xaica-\u03b1 PLUS ePassport on MTCOS Pro 2.6 with SAC (BAC+PACE) and Active Authentication / ST31N600",
      "subcategory": "IC with applications",
      "url": "https://www.bsi.bund.de/SharedDocs/Zertifikate_CC/CC/Hoheitliche_Dokumente-IC_mit_Anwendung/1074.html",
      "vendor": "MaskTech International GmbH"
    },
    "st_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": {
        "_type": "Set",
        "elements": [
          "ANSSI-CC-2022/42-R02",
          "ANSSI-CC-2022/21-R02"
        ]
      },
      "indirectly_referenced_by": null,
      "indirectly_referencing": {
        "_type": "Set",
        "elements": [
          "ANSSI-CC-2022/42-R02",
          "ANSSI-CC-2022/21-R02"
        ]
      }
    },
    "verified_cpe_matches": null
  },
  "maintenance_updates": {
    "_type": "Set",
    "elements": []
  },
  "manufacturer": "MaskTech International GmbH",
  "manufacturer_web": "https://www.masktech.de/",
  "name": "Xaica-a PLUS ePassport on MTCOS Pro 2.6 with SAC (BAC+PACE) and Active Authentication / ST31N600",
  "not_valid_after": "2031-02-11",
  "not_valid_before": "2026-02-11",
  "pdf_data": {
    "_type": "sec_certs.sample.cc_eucc_common.PdfData",
    "cert_filename": "1074V3c_pdf.pdf",
    "cert_frontpage": null,
    "cert_keywords": {
      "asymmetric_crypto": {},
      "cc_cert_id": {
        "DE": {
          "BSI-DSZ-CC-1074-V3-2026": 1
        }
      },
      "cc_claims": {},
      "cc_protection_profile_id": {},
      "cc_sar": {
        "ALC": {
          "ALC_DVS.2": 1,
          "ALC_FLR": 1,
          "ALC_FLR.3": 1
        }
      },
      "cc_security_level": {
        "EAL": {
          "EAL 2": 1,
          "EAL 4": 2,
          "EAL 4 augmented": 1,
          "EAL 5": 1
        }
      },
      "cc_sfr": {},
      "certification_process": {},
      "cipher_mode": {},
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {},
      "crypto_scheme": {},
      "device_model": {},
      "ecc_curve": {},
      "eval_facility": {},
      "hash_function": {},
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {},
      "side_channel_analysis": {},
      "standard_id": {
        "ISO": {
          "ISO/IEC 15408": 2,
          "ISO/IEC 18045": 2
        }
      },
      "symmetric_crypto": {},
      "technical_report_id": {},
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {},
      "vulnerability": {}
    },
    "cert_metadata": {
      "/Author": "Federal Office for Information Security",
      "/Keywords": "Common Criteria, Certification, Zertifizierung, passport, Pass, Ausweis, hoheitliche Dokumente, MaskTech",
      "/Subject": "Common Criteria, Certification, Zertifizierung, passport, Pass, Ausweis, hoheitliche Dokumente, MaskTech",
      "/Title": "Certificate BSI-DSZ-CC-1074-V3-2026",
      "pdf_file_size_bytes": 236193,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": []
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 1
    },
    "report_filename": "1074V3a_pdf.pdf",
    "report_frontpage": {
      "DE": {
        "cc_security_level": "Common Criteria Part 3 conformant EAL 4 augmented by ALC_DVS.2, ALC_FLR.3 valid until: 10 February 2031 SOGIS Recognition Agreement for components up to EAL 4",
        "cc_version": "Product specific Security Target Common Criteria Part 2 conformant",
        "cert_id": "BSI-DSZ-CC-1074-V3-2026",
        "cert_item": "Xaica-\u03b1 PLUS ePassport on MTCOS Pro 2.6 with SAC (BAC+PACE) and Active Authentication / ST31N600",
        "cert_lab": "BSI",
        "developer": "MaskTech International GmbH sponsored by NTT DATA CORPORATION",
        "match_rules": [
          "(BSI-DSZ-CC-.+?) (?:for|For) (.+?) from (.*)"
        ],
        "ref_protection_profiles": "None - Based on Protection Profile for ePassport IC with SAC (BAC+PACE) and Active Authentication, Version 1.00, March 8, 2016, JISEC C0500"
      }
    },
    "report_keywords": {
      "asymmetric_crypto": {
        "ECC": {
          "ECC": {
            "ECC": 1
          }
        }
      },
      "cc_cert_id": {
        "DE": {
          "BSI-DSZ-CC-1074-V2-2020": 3,
          "BSI-DSZ-CC-1074-V3-2026": 15
        },
        "FR": {
          "ANSSI-CC-2022/21-R02": 3,
          "ANSSI-CC-2022/42-R02": 4
        }
      },
      "cc_claims": {
        "OE": {
          "OE.PKI": 1
        }
      },
      "cc_protection_profile_id": {},
      "cc_sar": {
        "ALC": {
          "ALC_CMC.4": 1,
          "ALC_CMS.4": 1,
          "ALC_COMP.1": 1,
          "ALC_DEL.1": 1,
          "ALC_DVS.2": 5,
          "ALC_FLR": 3,
          "ALC_FLR.3": 4,
          "ALC_LCD.1": 1,
          "ALC_TAT.1": 1
        }
      },
      "cc_security_level": {
        "EAL": {
          "EAL 1": 1,
          "EAL 2": 3,
          "EAL 4": 6,
          "EAL 4 augmented": 3,
          "EAL 5": 4,
          "EAL 5+": 1,
          "EAL 6": 1,
          "EAL5+": 1,
          "EAL6": 1
        }
      },
      "cc_sfr": {},
      "certification_process": {
        "ConfidentialDocument": {
          "ETR), SRC Security Research \u0026 Consulting GmbH, (confidential document) [7] Protection Profile for ePassport IC with SAC (BAC+PACE) and Active Authentication, Version 1": 1,
          "Pro 2.6 with SAC (BAC+PACE) and Active Authentication / ST31N600, MaskTech International GmbH (confidential document) [6] Evaluation Technical Report, Version 1.0, 19.01.2026, Evaluation Report- Evaluation Technical": 1,
          "being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification": 1,
          "list - Xaica-\u03b1 PLUS ePassport on MTCOS Pro 2.6 / ST31N600 MaskTech International GmbH (confidential document) [10] User Guidance, Version 1.1, 07 January 2026, User Guidance \u2013Xaica-\u03b1 PLUS ePassport on MTCOS": 1
        }
      },
      "cipher_mode": {},
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {
        "Neslib": {
          "NesLib 6.7.4": 3
        }
      },
      "crypto_protocol": {
        "PACE": {
          "PACE": 4
        },
        "PGP": {
          "PGP": 3
        }
      },
      "crypto_scheme": {
        "MAC": {
          "MAC": 1
        }
      },
      "device_model": {},
      "ecc_curve": {},
      "eval_facility": {
        "SRC": {
          "SRC Security Research \u0026 Consulting": 3
        }
      },
      "hash_function": {},
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {
        "RNG": {
          "RNG": 1
        }
      },
      "side_channel_analysis": {
        "FI": {
          "fault injection": 1
        },
        "other": {
          "JIL": 4
        }
      },
      "standard_id": {
        "BSI": {
          "AIS 20": 2,
          "AIS 25": 3,
          "AIS 26": 3,
          "AIS 31": 2,
          "AIS 32": 1,
          "AIS 34": 3,
          "AIS 35": 2,
          "AIS 36": 4,
          "AIS 38": 1,
          "AIS 46": 1
        },
        "ICAO": {
          "ICAO": 1
        },
        "ISO": {
          "ISO/IEC 15408": 4,
          "ISO/IEC 17065": 2,
          "ISO/IEC 18045": 4
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 1
          }
        },
        "DES": {
          "DES": {
            "DES": 1
          }
        }
      },
      "technical_report_id": {
        "BSI": {
          "BSI TR-02102": 1,
          "BSI TR-03110": 1
        }
      },
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {
        "STMicroelectronics": {
          "STM": 1,
          "STMicroelectronics": 12
        }
      },
      "vulnerability": {}
    },
    "report_metadata": {
      "/Author": "Federal Office for Information Security",
      "/Keywords": "Common Criteria, Certification, Zertifizierung, passport, Pass, Ausweis, hoheitliche Dokumente, MaskTech",
      "/Subject": "Common Criteria, Certification, Zertifizierung, passport, Pass, Ausweis, hoheitliche Dokumente, MaskTech",
      "/Title": "Certification Report BSI-DSZ-CC-1074-V3-2026",
      "pdf_file_size_bytes": 389383,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": []
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 24
    },
    "st_filename": "1074V3b_pdf.pdf",
    "st_frontpage": null,
    "st_keywords": {
      "asymmetric_crypto": {
        "ECC": {
          "ECC": {
            "ECC": 1
          },
          "ECDH": {
            "ECDH": 3
          },
          "ECDSA": {
            "ECDSA": 5
          }
        },
        "FF": {
          "DH": {
            "Diffie-Hellman": 2
          }
        }
      },
      "cc_cert_id": {
        "DE": {
          "BSI-DSZ-CC-1073-V2-": 1
        },
        "FR": {
          "ANSSI-CC-2022/21-R02": 3,
          "ANSSI-CC-2022/42-R02": 3
        }
      },
      "cc_claims": {
        "A": {
          "A.PKI": 4
        },
        "O": {
          "O.AA": 8,
          "O.BAC": 8,
          "O.PACE": 9,
          "O.RND": 1
        },
        "OE": {
          "OE.PKI": 3
        }
      },
      "cc_protection_profile_id": {
        "BSI": {
          "BSI-CC-PP-0056-V2-2012-MA-02": 1,
          "BSI-CC-PP-0084-2014": 1
        }
      },
      "cc_sar": {
        "ADV": {
          "ADV_ARC": 1,
          "ADV_ARC.1": 2,
          "ADV_FSP.4": 1,
          "ADV_IMP.1": 2,
          "ADV_TDS.3": 1
        },
        "AGD": {
          "AGD_OPE.1": 2,
          "AGD_PRE.1": 1
        },
        "ALC": {
          "ALC_CMC.4": 2,
          "ALC_CMS.4": 1,
          "ALC_DEL.1": 2,
          "ALC_DVS.1": 1,
          "ALC_DVS.2": 11,
          "ALC_FLR.2": 5,
          "ALC_FLR.3": 12,
          "ALC_LCD.1": 1,
          "ALC_TAT.1": 2
        },
        "ASE": {
          "ASE_CCL.1": 3,
          "ASE_ECD.1": 2,
          "ASE_INT.1": 3,
          "ASE_OBJ.2": 2,
          "ASE_REQ.2": 3,
          "ASE_SPD.1": 2,
          "ASE_TSS.1": 4,
          "ASE_TSS.2": 3
        },
        "ATE": {
          "ATE_COV.2": 2,
          "ATE_DPT.1": 1,
          "ATE_FUN.1": 2,
          "ATE_IND.2": 1
        },
        "AVA": {
          "AVA_VAN.3": 3,
          "AVA_VAN.5": 2
        }
      },
      "cc_security_level": {
        "EAL": {
          "EAL4": 6,
          "EAL4 augmented": 4,
          "EAL5": 2,
          "EAL5 augmented": 2,
          "EAL6": 2,
          "EAL6 augmented": 2
        }
      },
      "cc_sfr": {
        "FAU": {
          "FAU_SAR": 2,
          "FAU_SAS": 1,
          "FAU_SAS.1": 1
        },
        "FCS": {
          "FCS_CKM": 28,
          "FCS_CKM.1": 25,
          "FCS_CKM.2": 6,
          "FCS_CKM.4": 4,
          "FCS_CKM.5": 28,
          "FCS_CKM.6": 50,
          "FCS_CKM.6.1": 2,
          "FCS_CKM.6.2": 1,
          "FCS_COP": 114,
          "FCS_COP.1": 16,
          "FCS_RBG.1": 6,
          "FCS_RND": 2,
          "FCS_RND.1": 1,
          "FCS_RNG": 2,
          "FCS_RNG.1": 19,
          "FCS_RNG.1.1": 1,
          "FCS_RNG.1.2": 1,
          "FCS_SBO": 5
        },
        "FDP": {
          "FDP_ACC": 37,
          "FDP_ACC.1": 19,
          "FDP_ACF": 29,
          "FDP_ACF.1": 18,
          "FDP_IFC.1": 11,
          "FDP_ITC.1": 39,
          "FDP_ITC.1.1": 1,
          "FDP_ITC.1.2": 1,
          "FDP_ITC.1.3": 1,
          "FDP_ITC.2": 22,
          "FDP_ITT.1": 1,
          "FDP_SDC.1": 1,
          "FDP_SDI.2": 1,
          "FDP_UCT": 19,
          "FDP_UCT.1": 2,
          "FDP_UIT": 19,
          "FDP_UIT.1": 4
        },
        "FIA": {
          "FIA_AFL": 24,
          "FIA_AFL.1": 6,
          "FIA_API.1": 1,
          "FIA_UAU.1": 18,
          "FIA_UAU.1.1": 1,
          "FIA_UAU.1.2": 1,
          "FIA_UAU.4": 9,
          "FIA_UAU.4.1": 1,
          "FIA_UAU.5": 12,
          "FIA_UAU.5.1": 1,
          "FIA_UAU.5.2": 1,
          "FIA_UID.1": 15,
          "FIA_UID.1.1": 1,
          "FIA_UID.1.2": 1
        },
        "FMT": {
          "FMT_LIM": 8,
          "FMT_MOF.1": 8,
          "FMT_MOF.1.1": 1,
          "FMT_MSA": 4,
          "FMT_MSA.3": 12,
          "FMT_MTD.1": 8,
          "FMT_MTD.1.1": 1,
          "FMT_SMF": 2,
          "FMT_SMF.1": 15,
          "FMT_SMF.1.1": 1,
          "FMT_SMR": 1,
          "FMT_SMR.1": 11,
          "FMT_SMR.1.1": 1,
          "FMT_SMR.1.2": 1,
          "FMT_UAU": 1,
          "FMT_UID": 1
        },
        "FPT": {
          "FPT_EMS": 2,
          "FPT_EMS.1": 13,
          "FPT_EMS.1.1": 2,
          "FPT_FLS": 1,
          "FPT_FLS.1": 1,
          "FPT_ITT.1": 1,
          "FPT_PHP.3": 11,
          "FPT_PHP.3.1": 1
        },
        "FRU": {
          "FRU_FLT.2": 1
        },
        "FTP": {
          "FTP_ITC": 2,
          "FTP_ITC.1": 22,
          "FTP_ITC.1.1": 1,
          "FTP_ITC.1.2": 1,
          "FTP_ITC.1.3": 1,
          "FTP_TRP.1": 8
        }
      },
      "certification_process": {},
      "cipher_mode": {
        "CBC": {
          "CBC": 18
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {
        "Neslib": {
          "NESLIB 6.7.4": 1
        }
      },
      "crypto_protocol": {
        "PACE": {
          "PACE": 99
        }
      },
      "crypto_scheme": {
        "KA": {
          "Key Agreement": 1,
          "Key agreement": 3
        },
        "MAC": {
          "MAC": 10
        }
      },
      "device_model": {},
      "ecc_curve": {
        "NIST": {
          "NIST P-256": 4,
          "NIST P-384": 4,
          "P-256": 4,
          "P-384": 4
        }
      },
      "eval_facility": {},
      "hash_function": {
        "Keccak": {
          "Keccak": 1
        },
        "SHA": {
          "SHA1": {
            "SHA-1": 7
          },
          "SHA2": {
            "SHA-256": 10,
            "SHA-384": 5
          }
        }
      },
      "ic_data_group": {
        "EF": {
          "EF.COM": 14,
          "EF.CardAccess": 5,
          "EF.DG1": 14,
          "EF.DG13": 14,
          "EF.DG14": 13,
          "EF.DG15": 15,
          "EF.DG2": 14,
          "EF.SOD": 14
        }
      },
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {
        "PRNG": {
          "DRBG": 1
        },
        "RNG": {
          "RND": 1,
          "RNG": 7
        }
      },
      "side_channel_analysis": {
        "FI": {
          "Malfunction": 1
        },
        "SCA": {
          "Leak-Inherent": 1,
          "physical probing": 1
        },
        "other": {
          "JIL": 4
        }
      },
      "standard_id": {
        "BSI": {
          "AIS 31": 1
        },
        "CC": {
          "CCMB-2022-11-001": 2,
          "CCMB-2022-11-002": 2,
          "CCMB-2022-11-003": 2,
          "CCMB-2022-11-004": 2,
          "CCMB-2022-11-005": 2,
          "CCMB-2022-11-006": 2
        },
        "FIPS": {
          "FIPS PUB 140-3": 1,
          "FIPS PUB 180-4": 1,
          "FIPS PUB 197": 1
        },
        "ICAO": {
          "ICAO": 14
        },
        "ISO": {
          "ISO/IEC 10116-2017": 1,
          "ISO/IEC 15408": 2,
          "ISO/IEC 7816": 2,
          "ISO/IEC 9797-1": 2
        },
        "NIST": {
          "NIST SP 800-38B": 1,
          "NIST SP 800-67": 1
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 19,
            "AES-": 1
          }
        },
        "DES": {
          "3DES": {
            "3DES": 5,
            "TDEA": 1,
            "TDES": 1
          },
          "DES": {
            "DES": 8
          }
        },
        "constructions": {
          "MAC": {
            "CMAC": 11
          }
        }
      },
      "technical_report_id": {},
      "tee_name": {
        "IBM": {
          "SSC": 2
        }
      },
      "tls_cipher_suite": {},
      "vendor": {
        "STMicroelectronics": {
          "STMicroelectronics": 13
        }
      },
      "vulnerability": {}
    },
    "st_metadata": {
      "/Author": "",
      "/Subject": "",
      "/Title": "",
      "pdf_file_size_bytes": 497140,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": []
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 83
    }
  },
  "protection_profile_links": {
    "_type": "Set",
    "elements": []
  },
  "report_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1074V3a_pdf.pdf",
  "scheme": "DE",
  "security_level": {
    "_type": "Set",
    "elements": [
      "ALC_DVS.2",
      "ALC_FLR.3",
      "EAL4+"
    ]
  },
  "st_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1074V3b_pdf.pdf",
  "state": {
    "_type": "sec_certs.sample.cc_eucc_common.InternalState",
    "cert": {
      "_type": "sec_certs.sample.document_state.DocumentState",
      "convert_ok": true,
      "download_ok": true,
      "extract_ok": true,
      "json_hash": null,
      "source_hash": "c2c115199e17358f043ff97c401d2f22811511b3896382ed89568794a46c72ad",
      "txt_hash": "de84423449ea54ac19f9e8c0bd269862560a760f18ad24e4c102ec370d8c72ea"
    },
    "report": {
      "_type": "sec_certs.sample.document_state.DocumentState",
      "convert_ok": true,
      "download_ok": true,
      "extract_ok": true,
      "json_hash": null,
      "source_hash": "fd5ec42dcd806d0832512533c38ca0f02b98babd4502d00a44e64cba446ad72a",
      "txt_hash": "2d0284db9013be968726c01375fae4f005e7c203d64eaf049c01f24d0c146e3b"
    },
    "st": {
      "_type": "sec_certs.sample.document_state.DocumentState",
      "convert_ok": true,
      "download_ok": true,
      "extract_ok": true,
      "json_hash": null,
      "source_hash": "c820536af1c243639af597a7a423aa5b5663d5f9a239ec3dd9da82e48c56bcb2",
      "txt_hash": "4860ae8800234163d6fe8c112a9ff93eafaa83b2c2b85778903d4c6d349e7a02"
    }
  },
  "status": "active"
}

Sections

Xaica-a PLUS ePassport on MTCOS Pro 2.6 with SAC (BAC+PACE) and Active Authentication / ST31N600

CSV information

Heuristics summary

Certificate

Extracted keywords

Common Criteria

Security level

Security Assurance Requirements (SAR)

Certificates

Other

Standards

File metadata

Certification report

Extracted keywords

Cryptography

Symmetric Algorithms

Asymmetric Algorithms

Schemes

Protocols

Randomness

Libraries

Device

Vendor

Common Criteria

Security level

Claims

Security Assurance Requirements (SAR)

Certificates

Evaluation facilities

Security

Side-channel analysis

Certification process

Other

Standards

Technical reports

File metadata

Frontpage

References

Security target

Extracted keywords

Cryptography

Symmetric Algorithms

Asymmetric Algorithms

Hash functions

Schemes

Protocols

Randomness

Libraries

Elliptic Curves

Block cipher modes

Device

IC data groups

Trusted Execution Environments

Vendor

Common Criteria

Security level

Claims

Security Assurance Requirements (SAR)

Security Functional Requirements (SFR)

Protection profiles

Certificates

Security

Side-channel analysis

Other

Standards

File metadata

References

Heuristics

Automated inference - use with caution

Certificate ID

Extracted SARs

Similar certificates

Scheme data

References

Updates Feed

Raw data

Toggle raw data