Mobiles eHealth Kartenterminal ORGA 930 M online, 4.9.0: 1.0.0

CSV information

Status active
Valid from 18.01.2023
Valid until 17.01.2028
Scheme 🇩🇪 DE
Manufacturer Worldlline Healthcare GmbH
Category Other Devices and Systems
Security level EAL3+, ADV_FSP.4, ALC_TAT.1, AVA_VAN.5, ADV_IMP.1, ADV_TDS.3
Protection profiles
Maintenance updates Mobiles eHealth Kartenterminal ORGA 930 M online, Version 4.10.0:1.0.0 (02.01.2024) Certification report Security target
Mobiles eHealth Kartenterminal ORGA 930 M online, Version 4.11.0:1.0.0 (02.01.2025) Certification report Security target

Heuristics summary

Certificate ID: BSI-DSZ-CC-0596-V3-2023

Certificate

Certificate PDF TXT

Extracted keywords

Security level
EAL 3, EAL 4, EAL 2, EAL 3 augmented
Security Assurance Requirements (SAR)
ADV_TDS.3, ADV_IMP.1, ADV_FSP.4, ALC_TAT.1, ALC_FLR, AVA_VAN.5
Protection profiles
BSI-CC-PP-0052-2015
Certificates
BSI-DSZ-CC-0596-V3-2023

Standards
ISO/IEC 15408, ISO/IEC 18045

File metadata

Title Certificate BSI-DSZ-CC-0596-V3-2023
Subject Common Criteria, Certification, Zertifizierung, SMGW, Site Certification, Theben
Keywords "Common Criteria, Certification, Zertifizierung, SMGW, Site Certification, Theben"
Author Bundesamt für Sicherheit in der Informationstechnik
Pages 1

Certification report

Certification report PDF TXT

Extracted keywords

Symmetric Algorithms
AES-256, AES, HPC
Asymmetric Algorithms
RSA-4096
Hash functions
SHA-1, SHA-512
Block cipher modes
GCM

Security level
EAL 3, EAL 4, EAL 2, EAL 1, EAL 5+, EAL 6, EAL 3 augmented
Security Assurance Requirements (SAR)
ADV_TDS.3, ADV_IMP.1, ADV_FSP.4, ALC_TAT.1, ALC_FLR, ALC_DEL, AVA_VAN.5
Protection profiles
BSI-CC-PP-0052-2015, BSI-CC-PP- 0052-2015
Certificates
BSI-DSZ-CC-0596-V3-2023, BSI-DSZ-CC-0596-V2-, BSI-DSZ-CC-0950-V2-2018, BSI-DSZ-CC-0928, BSI-DSZ-CC-0596-V2-2018
Evaluation facilities
TÜV Informationstechnik

Certification process
being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification, GmbH [7] Evaluation Technical Report Summary, Version 2, 2023-01-06, TÜV Informationstechnik GmbH, (confidential document) [8] Common Criteria Protection Profile Mobile Card Terminal for the German Healthcare System, from Evaluation of the Product ORGA v 6141 online and ORGA 930 online, Worldline Healthcare GmbH (confidential document) [10] Bedienungsanleitung Mobiles eHealth Kartenterminal ORGA 930 M online mit Firmware-Version 4.9

Standards
FIPS197, PKCS#1, AIS 1, AIS 14, AIS 19, AIS 23, AIS 34, AIS 41, AIS 45, AIS 46, RFC6234, RFC3174, ISO/IEC 15408, ISO/IEC 18045, ISO/IEC 17065, X.509
Technical reports
BSI TR-02102, BSI 7148

File metadata

Title Certification Report BSI-DSZ-CC-0596-V3-2023
Subject Common Criteria, Certification, Zertifizierung, SMGW, Site Certification, Theben
Keywords "Common Criteria, Certification, Zertifizierung, SMGW, Site Certification, Theben"
Author Bundesamt für Sicherheit in der Informationstechnik
Pages 26

Frontpage

Certificate ID BSI-DSZ-CC-0596-V3-2023
Certified item Mobiles eHealth Kartenterminal ORGA 930 M online 4.9.0: 1.0.0
Certification lab BSI
Developer Worldline Healthcare GmbH

References

Outgoing

Security target

Security target PDF TXT

Extracted keywords

Symmetric Algorithms
AES, AES-256, AES-, HPC
Asymmetric Algorithms
RSA-4096
Hash functions
SHA-1, SHA-512
Block cipher modes
GCM

Vendor
Microsoft

Security level
EAL3+, EAL 3, EAL 3 augmented
Claims
O.MANAGEMENT, O.LOG_DATA, O.PIN, O.RESIDUAL, O.SELFTESTS, O.PROTECTION, O.AUTH_STATE, O.LOG_CARDS, O.TRANSFER, O.DMS_CONNECT, O.TIME, O.SEALING, O.DMS_CONNECTION, T.MAN_HW, T.DATA, T.ACCESS, T.AUTH_STATE, T.ADMIN_PIN, T.FIRMWARE, A.MEDIC, A.ADMIN, A.CARDS, A.DMS, A.ENVIRONME, A.PHYSICAL, A.ENVIRONMENT, A.DEVELOPER, OE.DMS, OE.PHYSICAL, OE.MEDIC, OE.ADMIN, OE.CARDS, OE.ENVIRONMENT, OE.DEVELOPER, OSP.LOG_DATA, OSP.LOG_CARDS, OSP.TRANSFER, OSP.DMS_CONNE, OSP.TIME, OSP.SEALING, OSP.SELFTESTS, OSP.EMERGENCY_, OSP.DMS_CONN, OSP.EMERGENCY, OSP.DMS_CONNECTION, OSP.EMERGENCY_DATA
Security Assurance Requirements (SAR)
ADV_FSP.4, ADV_IMP.1, ADV_TDS.3, ADV_ARC.1, AGD_KAL, AGD_IAN, AGD_OPE.1, AGD_PRE.1, ALC_TAT.1, ALC_DEL, ALC_CMC.3, ALC_CMS.3, ALC_DEL.1, ALC_DVS.1, ALC_LCD.1, ATE_COV.2, ATE_DPT.1, ATE_FUN.1, ATE_IND.2, AVA_VAN.5
Security Functional Requirements (SFR)
FCS_CKM.1, FCS_CKM.4, FCS_COP, FCS_COP.1, FCS_CKM.1.1, FCS_CKM.2, FCS_CKM.4.1, FDP_SVR, FDP_ACC.1, FDP_ACF.1, FDP_IFC, FDP_IFF, FDP_ITC.1, FDP_RIP, FDP_SDI.2, FDP_SVR.1, FDP_SVR.1.1, FDP_SVR.1.2, FDP_SVR.1.3, FDP_ITC.2, FDP_ACC.1.1, FDP_ACF.1.1, FDP_ACF.1.2, FDP_ACF.1.3, FDP_ACF.1.4, FDP_IFC.1, FDP_IFF.1, FDP_ITC.1.1, FDP_ITC.1.2, FDP_ITC.1.3, FDP_RIP.1, FDP_SDI.2.1, FDP_SDI.2.2, FDP_SDI.1, FIA_AFL, FIA_SOS.1, FIA_UAU.1, FIA_UAU.5, FIA_UAU.7, FIA_UID.1, FIA_UAU.5.1, FIA_UAU.5.2, FIA_AFL.1, FIA_SOS.1.1, FIA_UAU.7.1, FIA_UAU.1.1, FIA_UAU.1.2, FIA_UID.1.1, FIA_UID.1.2, FMT_MSA.1, FMT_MSA.3, FMT_MTD.1, FMT_MTD.3, FMT_SMF.1, FMT_SMR.1, FMT_MTD, FMT_MSA.1.1, FMT_MSA.3.1, FMT_MSA.3.2, FMT_MTD.1.1, FMT_MTD.3.1, FMT_SMF.1.1, FMT_SMR.1.1, FMT_SMR.1.2, FPT_STM.1, FPT_PHP.1, FPT_TST.1, FPT_STM.1.1, FPT_PHP.1.1, FPT_PHP.1.2, FPT_TST.1.1, FPT_TST.1.2, FPT_TST.1.3, FTA_SSL.3, FTA_SSL.4, FTA_SSL.3.1, FTA_SSL.4.1, FTP_ITC.1
Protection profiles
BSI-CC-PP-0052, BSI-CC-PP-0032, BSI-CC-PP- 0052
Certificates
BSI-DSZ-CC-0596-V3-2022

Side-channel analysis
physical tampering
Certification process
out of scope, done by an authorised card that is out of scope of this ST, the TOE • Signature generation for emergency data1 on the eHC (done by an authorised card that is out of scope of this ST) 1.4.6 Physical Protection of the TOE The TOE cannot counter physical attacks concerning

Standards
RFC8017, X.509
Technical reports
BSI TR-03116-1, BSI 7500, BSI 7586

File metadata

Title ORGA 900 Security Target
Author gematik GmbH
Pages 77

Heuristics

Automated inference - use with caution

All attributes shown in this section (e.g., links between certificates, products, vendors, and known CVEs) are generated by automated heuristics and have not been reviewed by humans. These methods can produce false positives or false negatives and should not be treated as definitive without independent verification. For details on our data sources and inference methods, see our methodology. If you believe any information here is inaccurate or harmful, please submit feedback.

Certificate ID

BSI-DSZ-CC-0596-V3-2023

Extracted SARs

ADV_ARC.1, ADV_FSP.4, ADV_IMP.1, ADV_TDS.3, AGD_OPE.1, AGD_PRE.1, ALC_CMC.3, ALC_CMS.3, ALC_DEL.1, ALC_DVS.1, ALC_LCD.1, ALC_TAT.1, ATE_COV.2, ATE_DPT.1, ATE_FUN.1, ATE_IND.2, AVA_VAN.5

Similar certificates

Name Certificate ID
Stationäres eHealth Kartenterminal ORGA 6141 online 3.9.0:2.0.0/ 3.9.0:1.2.0 BSI-DSZ-CC-0519-V5-2024 Compare
Stationäres eHealth-Kartenterminal ORGA 6141 online Version 3.9.2:1.2.0 / 3.9.2:2.0.0 BSI-DSZ-CC-0519-V6-2025 Compare

Scheme data

Cert Id BSI-DSZ-CC-0596-V3-2023
Product Mobiles eHealth Kartenterminal ORGA 930 M online, 4.9.0: 1.0.0
Vendor Worldline Healthcare GmbH
Certification Date 18.01.2023
Category eHealth
Url https://www.bsi.bund.de/SharedDocs/Zertifikate_CC/CC/Gesundheitswesen_Kartenlesegeraete/0596V2_0596V3.html
Enhanced
Product Mobiles eHealth Kartenterminal ORGA 930 M online, 4.9.0: 1.0.0
Applicant Worldline Healthcare GmbH Konrad-Zuse-Ring 1 24220 Flintbek
Evaluation Facility TÜV Informationstechnik GmbH
Assurance Level EAL3+,AVA_VAN.5,ALC_TAT.1,ADV_TDS.3,ADV_IMP.1,ADV_FSP.4
Protection Profile Common Criteria Protection Profile Mobile Card Terminal for the German Healthcare System (MobCT), Version 1.4, BSI-CC-PP-0052-2015, 24 September 2014
Certification Date 18.01.2023
Expiration Date 17.01.2028
Entries [frozendict({'id': 'BSI-DSZ-CC-0596-V3-2023-MA-02 (Ausstellungsdatum / Certification Date 02.01.2025)', 'description': 'The changes are firmware adaptions regarding gematik specifications, adaption of BCD-display and the clicktone. Further the advance warning time regarding the expiration of the HBA/SMC-B certificates is extended.'}), frozendict({'id': 'BSI-DSZ-CC-0596-V3-2023-MA-01 (Ausstellungsdatum / Certification Date 02.01.2024)', 'description': ', an improvement of power consumption management and a truststore update of the productive environment.'}), frozendict({'id': 'BSI-DSZ-CC-0596-V3-2023 (Ausstellungsdatum / Certification Date 18.01.2023, gültig bis / valid until 17.01.2028)', 'description': 'as product optimizing and Updates of the Open Source components. The Secure Delivery Chain was improved, as it is now independent from the forwarder with new security measures.'}), frozendict({'id': 'BSI-DSZ-CC-0596-V2-2018-MA-3 (23.11.2020)', 'description': 'TOEs are the mobile card terminal “ORGA 930 M” and the most widely identical “Cherry ST-1530” in Version 4.7.0:1.0.0 with integrated smart card readers. The TOE fulfills the requirements to be used with the German electronic Health Card (eHC) and the German Professional Card (HPC) based on the regulations of the German healthcare System.'}), frozendict({'id': 'BSI-DSZ-CC-0596-V2-MA-02 (19.12.2018)', 'description': 'The certified product itself did not change compared to 0596-V2-2018.'}), frozendict({'id': 'BSI-DSZ-CC-0596-V2-2018 (Ausstellungsdatum / Certification Date 25.09.2010, gültig bis / valid until 24.09.2018)', 'description': 'Certificate'})]
Report Link https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte05/0596V3a_pdf.pdf?__blob=publicationFile&v=2
Target Link https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte05/0596V3b_pdf.pdf?__blob=publicationFile&v=2
Cert Link https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte05/0596V3c_pdf.pdf?__blob=publicationFile&v=2
Description TOEs are the mobile card terminal “ORGA 930 M” and the most widely identical “Cherry ST-1530” in Version 4.7.0:1.0.0 with integrated smart card readers. The TOE fulfills the requirements to be used with the German electronic Health Card (eHC) and the German Professional Card (HPC) based on the regulations of the German healthcare system.
Subcategory Card reader

References

Updates

  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate was first processed.

Raw data 

{
  "_type": "sec_certs.sample.cc.CCCertificate",
  "category": "Other Devices and Systems",
  "cert_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0596V3c_pdf.pdf",
  "dgst": "a91d0202506bb11c",
  "heuristics": {
    "_type": "sec_certs.sample.cc.CCCertificate.Heuristics",
    "annotated_references": null,
    "cert_id": "BSI-DSZ-CC-0596-V3-2023",
    "cert_lab": [
      "BSI"
    ],
    "cpe_matches": null,
    "direct_transitive_cves": null,
    "eal": "EAL3+",
    "extracted_sars": {
      "_type": "Set",
      "elements": [
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_DVS",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_DEL",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ATE_DPT",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_CMC",
          "level": 3
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "AGD_OPE",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ATE_COV",
          "level": 2
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ADV_TDS",
          "level": 3
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ATE_IND",
          "level": 2
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_CMS",
          "level": 3
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ADV_IMP",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "AGD_PRE",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ADV_ARC",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "AVA_VAN",
          "level": 5
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_TAT",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ADV_FSP",
          "level": 4
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ATE_FUN",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_LCD",
          "level": 1
        }
      ]
    },
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "4.9.0",
        "1.0.0"
      ]
    },
    "indirect_transitive_cves": null,
    "next_certificates": null,
    "prev_certificates": null,
    "protection_profiles": {
      "_type": "Set",
      "elements": [
        "854be21fba7a106c"
      ]
    },
    "related_cves": null,
    "report_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": {
        "_type": "Set",
        "elements": [
          "BSI-DSZ-CC-0596-V2-2018",
          "BSI-DSZ-CC-0950-V2-2018"
        ]
      },
      "indirectly_referenced_by": null,
      "indirectly_referencing": {
        "_type": "Set",
        "elements": [
          "BSI-DSZ-CC-0596-V2-2018",
          "BSI-DSZ-CC-0950-2017",
          "BSI-DSZ-CC-0928-2018",
          "BSI-DSZ-CC-0950-V2-2018"
        ]
      }
    },
    "scheme_data": {
      "category": "eHealth",
      "cert_id": "BSI-DSZ-CC-0596-V3-2023",
      "certification_date": "2023-01-18",
      "enhanced": {
        "applicant": "Worldline Healthcare GmbH Konrad-Zuse-Ring 1 24220 Flintbek",
        "assurance_level": "EAL3+,AVA_VAN.5,ALC_TAT.1,ADV_TDS.3,ADV_IMP.1,ADV_FSP.4",
        "cert_link": "https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte05/0596V3c_pdf.pdf?__blob=publicationFile\u0026v=2",
        "certification_date": "2023-01-18",
        "description": "TOEs are the mobile card terminal \u201cORGA 930 M\u201d and the most widely identical \u201cCherry ST-1530\u201d in Version 4.7.0:1.0.0 with integrated smart card readers. The TOE fulfills the requirements to be used with the German electronic Health Card (eHC) and the German Professional Card (HPC) based on the regulations of the German healthcare system.",
        "entries": [
          {
            "description": "The changes are firmware adaptions regarding gematik specifications, adaption of BCD-display and the clicktone. Further the advance warning time regarding the expiration of the HBA/SMC-B certificates is extended.",
            "id": "BSI-DSZ-CC-0596-V3-2023-MA-02 (Ausstellungsdatum / Certification Date 02.01.2025)"
          },
          {
            "description": ", an improvement of power consumption management and a truststore update of the productive environment.",
            "id": "BSI-DSZ-CC-0596-V3-2023-MA-01 (Ausstellungsdatum / Certification Date 02.01.2024)"
          },
          {
            "description": "as product optimizing and Updates of the Open Source components. The Secure Delivery Chain was improved, as it is now independent from the forwarder with new security measures.",
            "id": "BSI-DSZ-CC-0596-V3-2023 (Ausstellungsdatum / Certification Date 18.01.2023, g\u00fcltig bis / valid until 17.01.2028)"
          },
          {
            "description": "TOEs are the mobile card terminal \u201cORGA 930 M\u201d and the most widely identical \u201cCherry ST-1530\u201d in Version 4.7.0:1.0.0 with integrated smart card readers. The TOE fulfills the requirements to be used with the German electronic Health Card (eHC) and the German Professional Card (HPC) based on the regulations of the German healthcare System.",
            "id": "BSI-DSZ-CC-0596-V2-2018-MA-3 (23.11.2020)"
          },
          {
            "description": "The certified product itself did not change compared to 0596-V2-2018.",
            "id": "BSI-DSZ-CC-0596-V2-MA-02 (19.12.2018)"
          },
          {
            "description": "Certificate",
            "id": "BSI-DSZ-CC-0596-V2-2018 (Ausstellungsdatum / Certification Date 25.09.2010, g\u00fcltig bis / valid until 24.09.2018)"
          }
        ],
        "evaluation_facility": "T\u00dcV Informationstechnik GmbH",
        "expiration_date": "2028-01-17",
        "product": "Mobiles eHealth Kartenterminal ORGA 930 M online, 4.9.0: 1.0.0",
        "protection_profile": "Common Criteria Protection Profile Mobile Card Terminal for the German Healthcare System (MobCT), Version 1.4, BSI-CC-PP-0052-2015, 24 September 2014",
        "report_link": "https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte05/0596V3a_pdf.pdf?__blob=publicationFile\u0026v=2",
        "target_link": "https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte05/0596V3b_pdf.pdf?__blob=publicationFile\u0026v=2"
      },
      "product": "Mobiles eHealth Kartenterminal ORGA 930 M online, 4.9.0: 1.0.0",
      "subcategory": "Card reader",
      "url": "https://www.bsi.bund.de/SharedDocs/Zertifikate_CC/CC/Gesundheitswesen_Kartenlesegeraete/0596V2_0596V3.html",
      "vendor": "Worldline Healthcare GmbH"
    },
    "st_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "verified_cpe_matches": null
  },
  "maintenance_updates": {
    "_type": "Set",
    "elements": [
      {
        "_type": "sec_certs.sample.cc.CCCertificate.MaintenanceReport",
        "maintenance_date": "2024-01-02",
        "maintenance_report_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0596V3ma1a_pdf.pdf",
        "maintenance_st_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0596V3ma1b_pdf.pdf",
        "maintenance_title": "Mobiles eHealth Kartenterminal ORGA 930 M online, Version 4.10.0:1.0.0"
      },
      {
        "_type": "sec_certs.sample.cc.CCCertificate.MaintenanceReport",
        "maintenance_date": "2025-01-02",
        "maintenance_report_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0596V3ma2a_pdf.pdf",
        "maintenance_st_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0596V3ma2b_pdf.pdf",
        "maintenance_title": "Mobiles eHealth Kartenterminal ORGA 930 M online, Version 4.11.0:1.0.0"
      }
    ]
  },
  "manufacturer": "Worldlline Healthcare GmbH",
  "manufacturer_web": "https://de.worldline.com",
  "name": "Mobiles eHealth Kartenterminal ORGA 930 M online, 4.9.0: 1.0.0",
  "not_valid_after": "2028-01-17",
  "not_valid_before": "2023-01-18",
  "pdf_data": {
    "_type": "sec_certs.sample.cc.CCCertificate.PdfData",
    "cert_filename": "0596V3c_pdf.pdf",
    "cert_frontpage": null,
    "cert_keywords": {
      "asymmetric_crypto": {},
      "cc_cert_id": {
        "DE": {
          "BSI-DSZ-CC-0596-V3-2023": 1
        }
      },
      "cc_claims": {},
      "cc_protection_profile_id": {
        "BSI": {
          "BSI-CC-PP-0052-2015": 1
        }
      },
      "cc_sar": {
        "ADV": {
          "ADV_FSP.4": 1,
          "ADV_IMP.1": 1,
          "ADV_TDS.3": 1
        },
        "ALC": {
          "ALC_FLR": 1,
          "ALC_TAT.1": 1
        },
        "AVA": {
          "AVA_VAN.5": 1
        }
      },
      "cc_security_level": {
        "EAL": {
          "EAL 2": 1,
          "EAL 3": 1,
          "EAL 3 augmented": 1,
          "EAL 4": 1
        }
      },
      "cc_sfr": {},
      "certification_process": {},
      "cipher_mode": {},
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {},
      "crypto_scheme": {},
      "device_model": {},
      "ecc_curve": {},
      "eval_facility": {},
      "hash_function": {},
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {},
      "side_channel_analysis": {},
      "standard_id": {
        "ISO": {
          "ISO/IEC 15408": 2,
          "ISO/IEC 18045": 2
        }
      },
      "symmetric_crypto": {},
      "technical_report_id": {},
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {},
      "vulnerability": {}
    },
    "cert_metadata": {
      "/Author": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "/Keywords": "\"Common Criteria, Certification, Zertifizierung, SMGW, Site Certification, Theben\"",
      "/Subject": "Common Criteria, Certification, Zertifizierung, SMGW, Site Certification, Theben",
      "/Title": "Certificate BSI-DSZ-CC-0596-V3-2023",
      "pdf_file_size_bytes": 327524,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": []
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 1
    },
    "report_filename": "0596V3a_pdf.pdf",
    "report_frontpage": {
      "DE": {
        "cc_security_level": "Common Criteria Part 3 conformant EAL 3 augmented by AVA_VAN.5, ALC_TAT.1, ADV_TDS.3, ADV_IMP.1, ADV_FSP.4",
        "cc_version": "PP conformant Common Criteria Part 2 extended",
        "cert_id": "BSI-DSZ-CC-0596-V3-2023",
        "cert_item": "Mobiles eHealth Kartenterminal ORGA 930 M online 4.9.0: 1.0.0",
        "cert_lab": "BSI",
        "developer": "Worldline Healthcare GmbH",
        "match_rules": [
          "(BSI-DSZ-CC-.+?) (?:for|For) (.+?) from (.*)"
        ],
        "ref_protection_profiles": "Common Criteria Protection Profile Mobile Card Terminal for the German Healthcare System (MobCT), Version 1.4, BSI-CC-PP-0052-2015, 24 September 2014"
      }
    },
    "report_keywords": {
      "asymmetric_crypto": {
        "RSA": {
          "RSA-4096": 2
        }
      },
      "cc_cert_id": {
        "DE": {
          "BSI-DSZ-CC-0596-V2-": 1,
          "BSI-DSZ-CC-0596-V2-2018": 1,
          "BSI-DSZ-CC-0596-V3-2023": 14,
          "BSI-DSZ-CC-0928": 1,
          "BSI-DSZ-CC-0950-V2-2018": 1
        }
      },
      "cc_claims": {},
      "cc_protection_profile_id": {
        "BSI": {
          "BSI-CC-PP- 0052-2015": 1,
          "BSI-CC-PP-0052-2015": 3
        }
      },
      "cc_sar": {
        "ADV": {
          "ADV_FSP.4": 4,
          "ADV_IMP.1": 4,
          "ADV_TDS.3": 4
        },
        "ALC": {
          "ALC_DEL": 1,
          "ALC_FLR": 3,
          "ALC_TAT.1": 4
        },
        "AVA": {
          "AVA_VAN.5": 5
        }
      },
      "cc_security_level": {
        "EAL": {
          "EAL 1": 1,
          "EAL 2": 3,
          "EAL 3": 4,
          "EAL 3 augmented": 3,
          "EAL 4": 4,
          "EAL 5+": 1,
          "EAL 6": 1
        }
      },
      "cc_sfr": {},
      "certification_process": {
        "ConfidentialDocument": {
          "GmbH [7] Evaluation Technical Report Summary, Version 2, 2023-01-06, T\u00dcV Informationstechnik GmbH, (confidential document) [8] Common Criteria Protection Profile Mobile Card Terminal for the German Healthcare System": 1,
          "being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification": 1,
          "from Evaluation of the Product ORGA v 6141 online and ORGA 930 online, Worldline Healthcare GmbH (confidential document) [10] Bedienungsanleitung Mobiles eHealth Kartenterminal ORGA 930 M online mit Firmware-Version 4.9": 1
        }
      },
      "cipher_mode": {
        "GCM": {
          "GCM": 2
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {},
      "crypto_scheme": {},
      "device_model": {},
      "ecc_curve": {},
      "eval_facility": {
        "TUV": {
          "T\u00dcV Informationstechnik": 3
        }
      },
      "hash_function": {
        "SHA": {
          "SHA1": {
            "SHA-1": 1
          },
          "SHA2": {
            "SHA-512": 3
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {},
      "side_channel_analysis": {},
      "standard_id": {
        "BSI": {
          "AIS 1": 1,
          "AIS 14": 1,
          "AIS 19": 1,
          "AIS 23": 1,
          "AIS 34": 1,
          "AIS 41": 1,
          "AIS 45": 1,
          "AIS 46": 1
        },
        "FIPS": {
          "FIPS197": 1
        },
        "ISO": {
          "ISO/IEC 15408": 4,
          "ISO/IEC 17065": 2,
          "ISO/IEC 18045": 4
        },
        "PKCS": {
          "PKCS#1": 1
        },
        "RFC": {
          "RFC3174": 1,
          "RFC6234": 2
        },
        "X509": {
          "X.509": 2
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 2,
            "AES-256": 1
          },
          "HPC": {
            "HPC": 4
          }
        }
      },
      "technical_report_id": {
        "BSI": {
          "BSI 7148": 1,
          "BSI TR-02102": 1
        }
      },
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {},
      "vulnerability": {}
    },
    "report_metadata": {
      "/Author": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "/Keywords": "\"Common Criteria, Certification, Zertifizierung, SMGW, Site Certification, Theben\"",
      "/Subject": "Common Criteria, Certification, Zertifizierung, SMGW, Site Certification, Theben",
      "/Title": "Certification Report BSI-DSZ-CC-0596-V3-2023",
      "pdf_file_size_bytes": 801696,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": [
          "https://www.bsi.bund.de/zertifizierungsreporte",
          "https://www.bsi.bund.de/AIS",
          "https://www.sogis.eu/",
          "https://www.bsi.bund.de/zertifizierung",
          "https://www.commoncriteriaportal.org/",
          "http://www.commoncriteriaportal.org/",
          "http://www.commoncriteriaportal.org/cc/",
          "https://www.bsi.bund.de/"
        ]
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 26
    },
    "st_filename": "0596V3b_pdf.pdf",
    "st_frontpage": null,
    "st_keywords": {
      "asymmetric_crypto": {
        "RSA": {
          "RSA-4096": 2
        }
      },
      "cc_cert_id": {
        "DE": {
          "BSI-DSZ-CC-0596-V3-2022": 2
        }
      },
      "cc_claims": {
        "A": {
          "A.ADMIN": 3,
          "A.CARDS": 4,
          "A.DEVELOPER": 2,
          "A.DMS": 4,
          "A.ENVIRONME": 1,
          "A.ENVIRONMENT": 2,
          "A.MEDIC": 3,
          "A.PHYSICAL": 2
        },
        "O": {
          "O.AUTH_STATE": 9,
          "O.DMS_CONNECT": 1,
          "O.DMS_CONNECTION": 5,
          "O.LOG_CARDS": 3,
          "O.LOG_DATA": 7,
          "O.MANAGEMENT": 10,
          "O.PIN": 7,
          "O.PROTECTION": 8,
          "O.RESIDUAL": 6,
          "O.SEALING": 3,
          "O.SELFTESTS": 6,
          "O.TIME": 6,
          "O.TRANSFER": 3
        },
        "OE": {
          "OE.ADMIN": 9,
          "OE.CARDS": 7,
          "OE.DEVELOPER": 2,
          "OE.DMS": 5,
          "OE.ENVIRONMENT": 6,
          "OE.MEDIC": 9,
          "OE.PHYSICAL": 6
        },
        "OSP": {
          "OSP.DMS_CONN": 1,
          "OSP.DMS_CONNE": 1,
          "OSP.DMS_CONNECTION": 1,
          "OSP.EMERGENCY": 1,
          "OSP.EMERGENCY_": 1,
          "OSP.EMERGENCY_DATA": 1,
          "OSP.LOG_CARDS": 3,
          "OSP.LOG_DATA": 4,
          "OSP.SEALING": 3,
          "OSP.SELFTESTS": 3,
          "OSP.TIME": 3,
          "OSP.TRANSFER": 3
        },
        "T": {
          "T.ACCESS": 3,
          "T.ADMIN_PIN": 3,
          "T.AUTH_STATE": 3,
          "T.DATA": 3,
          "T.FIRMWARE": 3,
          "T.MAN_HW": 4
        }
      },
      "cc_protection_profile_id": {
        "BSI": {
          "BSI-CC-PP- 0052": 1,
          "BSI-CC-PP-0032": 1,
          "BSI-CC-PP-0052": 1
        }
      },
      "cc_sar": {
        "ADV": {
          "ADV_ARC.1": 1,
          "ADV_FSP.4": 5,
          "ADV_IMP.1": 5,
          "ADV_TDS.3": 5
        },
        "AGD": {
          "AGD_IAN": 2,
          "AGD_KAL": 2,
          "AGD_OPE.1": 1,
          "AGD_PRE.1": 1
        },
        "ALC": {
          "ALC_CMC.3": 1,
          "ALC_CMS.3": 1,
          "ALC_DEL": 1,
          "ALC_DEL.1": 1,
          "ALC_DVS.1": 1,
          "ALC_LCD.1": 1,
          "ALC_TAT.1": 5
        },
        "ATE": {
          "ATE_COV.2": 1,
          "ATE_DPT.1": 1,
          "ATE_FUN.1": 1,
          "ATE_IND.2": 1
        },
        "AVA": {
          "AVA_VAN.5": 8
        }
      },
      "cc_security_level": {
        "EAL": {
          "EAL 3": 4,
          "EAL 3 augmented": 3,
          "EAL3+": 2
        }
      },
      "cc_sfr": {
        "FCS": {
          "FCS_CKM.1": 22,
          "FCS_CKM.1.1": 1,
          "FCS_CKM.2": 2,
          "FCS_CKM.4": 24,
          "FCS_CKM.4.1": 1,
          "FCS_COP": 37,
          "FCS_COP.1": 8
        },
        "FDP": {
          "FDP_ACC.1": 24,
          "FDP_ACC.1.1": 1,
          "FDP_ACF.1": 17,
          "FDP_ACF.1.1": 1,
          "FDP_ACF.1.2": 4,
          "FDP_ACF.1.3": 1,
          "FDP_ACF.1.4": 2,
          "FDP_IFC": 48,
          "FDP_IFC.1": 13,
          "FDP_IFF": 45,
          "FDP_IFF.1": 26,
          "FDP_ITC.1": 24,
          "FDP_ITC.1.1": 1,
          "FDP_ITC.1.2": 1,
          "FDP_ITC.1.3": 1,
          "FDP_ITC.2": 11,
          "FDP_RIP": 12,
          "FDP_RIP.1": 2,
          "FDP_SDI.1": 1,
          "FDP_SDI.2": 7,
          "FDP_SDI.2.1": 1,
          "FDP_SDI.2.2": 1,
          "FDP_SVR": 2,
          "FDP_SVR.1": 11,
          "FDP_SVR.1.1": 5,
          "FDP_SVR.1.2": 3,
          "FDP_SVR.1.3": 3
        },
        "FIA": {
          "FIA_AFL": 15,
          "FIA_AFL.1": 4,
          "FIA_SOS.1": 7,
          "FIA_SOS.1.1": 1,
          "FIA_UAU.1": 15,
          "FIA_UAU.1.1": 1,
          "FIA_UAU.1.2": 1,
          "FIA_UAU.5": 9,
          "FIA_UAU.5.1": 2,
          "FIA_UAU.5.2": 2,
          "FIA_UAU.7": 9,
          "FIA_UAU.7.1": 2,
          "FIA_UID.1": 15,
          "FIA_UID.1.1": 1,
          "FIA_UID.1.2": 1
        },
        "FMT": {
          "FMT_MSA.1": 9,
          "FMT_MSA.1.1": 1,
          "FMT_MSA.3": 26,
          "FMT_MSA.3.1": 1,
          "FMT_MSA.3.2": 1,
          "FMT_MTD": 6,
          "FMT_MTD.1": 12,
          "FMT_MTD.1.1": 1,
          "FMT_MTD.3": 6,
          "FMT_MTD.3.1": 1,
          "FMT_SMF.1": 15,
          "FMT_SMF.1.1": 1,
          "FMT_SMR.1": 21,
          "FMT_SMR.1.1": 1,
          "FMT_SMR.1.2": 1
        },
        "FPT": {
          "FPT_PHP.1": 6,
          "FPT_PHP.1.1": 1,
          "FPT_PHP.1.2": 1,
          "FPT_STM.1": 11,
          "FPT_STM.1.1": 1,
          "FPT_TST.1": 6,
          "FPT_TST.1.1": 1,
          "FPT_TST.1.2": 1,
          "FPT_TST.1.3": 1
        },
        "FTA": {
          "FTA_SSL.3": 8,
          "FTA_SSL.3.1": 2,
          "FTA_SSL.4": 8,
          "FTA_SSL.4.1": 1
        },
        "FTP": {
          "FTP_ITC.1": 1
        }
      },
      "certification_process": {
        "OutOfScope": {
          "done by an authorised card that is out of scope of this ST": 1,
          "out of scope": 1,
          "the TOE \u2022 Signature generation for emergency data1 on the eHC (done by an authorised card that is out of scope of this ST) 1.4.6 Physical Protection of the TOE The TOE cannot counter physical attacks concerning": 1
        }
      },
      "cipher_mode": {
        "GCM": {
          "GCM": 3
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {},
      "crypto_scheme": {},
      "device_model": {},
      "ecc_curve": {},
      "eval_facility": {},
      "hash_function": {
        "SHA": {
          "SHA1": {
            "SHA-1": 1
          },
          "SHA2": {
            "SHA-512": 6
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {},
      "side_channel_analysis": {
        "FI": {
          "physical tampering": 4
        }
      },
      "standard_id": {
        "RFC": {
          "RFC8017": 2
        },
        "X509": {
          "X.509": 7
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 10,
            "AES-": 1,
            "AES-256": 1
          },
          "HPC": {
            "HPC": 21
          }
        }
      },
      "technical_report_id": {
        "BSI": {
          "BSI 7500": 1,
          "BSI 7586": 1,
          "BSI TR-03116-1": 1
        }
      },
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {
        "Microsoft": {
          "Microsoft": 4
        }
      },
      "vulnerability": {}
    },
    "st_metadata": {
      "/Author": "gematik GmbH",
      "/Title": "ORGA 900 Security Target",
      "pdf_file_size_bytes": 955165,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": []
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 77
    }
  },
  "protection_profile_links": {
    "_type": "Set",
    "elements": [
      "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/pp0052b_pdf.pdf"
    ]
  },
  "report_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0596V3a_pdf.pdf",
  "scheme": "DE",
  "security_level": {
    "_type": "Set",
    "elements": [
      "EAL3+",
      "ADV_IMP.1",
      "ALC_TAT.1",
      "ADV_FSP.4",
      "ADV_TDS.3",
      "AVA_VAN.5"
    ]
  },
  "st_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0596V3b_pdf.pdf",
  "state": {
    "_type": "sec_certs.sample.cc.CCCertificate.InternalState",
    "cert": {
      "_type": "sec_certs.sample.document_state.DocumentState",
      "convert_ok": true,
      "download_ok": true,
      "extract_ok": true,
      "json_hash": null,
      "pdf_hash": "1df23ac7a357c86904542e99aa05d169144e48a2d253280918200487aa71d527",
      "txt_hash": "24a0777ddf24758aaaf55f08489f08897c740d0510b49ccd6f18cdc487a7b1fc"
    },
    "report": {
      "_type": "sec_certs.sample.document_state.DocumentState",
      "convert_ok": true,
      "download_ok": true,
      "extract_ok": true,
      "json_hash": null,
      "pdf_hash": "3e288b207550e45ff5c15e7db43876919ec9b60d50a64cb26b14dfec1a04753b",
      "txt_hash": "b17d89660b79c3367cd15b07ab391fd008916602ee02e8db6b360b408abb4041"
    },
    "st": {
      "_type": "sec_certs.sample.document_state.DocumentState",
      "convert_ok": true,
      "download_ok": true,
      "extract_ok": true,
      "json_hash": null,
      "pdf_hash": "7c78acd29f34a9208114ab6d54e6a759960d6f671012a028ee07a55250f18dd7",
      "txt_hash": "47dd8da847c15e7154db1c1f0c9861463b7a4f7a5a319722422315db86cc362b"
    }
  },
  "status": "active"
}