This page was not yet optimized for use on mobile
devices.
Stationäres eHealth-Kartenterminal ORGA 6141 online Version 3.9.2:1.2.0 / 3.9.2:2.0.0
CSV information
| Status | active |
|---|---|
| Valid from | 16.10.2025 |
| Valid until | 16.10.2030 |
| Scheme | 🇩🇪 DE |
| Manufacturer | Worldlline Healthcare GmbH |
| Category | ICs, Smart Cards and Smart Card-Related Devices and Systems |
| Security level | ADV_IMP.1, ADV_TDS.3, AVA_VAN.4, ADV_FSP.4, ALC_TAT.1, EAL3+ |
| Maintenance updates | Stationäres eHealth Kartenterminal ORGA 6141online, Version 3.9.2:1.2.0 / 3.9.2:2.0.0 (30.10.2025) Certification report |
Heuristics summary
Certificate ID: BSI-DSZ-CC-0519-V6-2025
Certificate
certificate file processing did not finish successfully.
Show more...
Download pdf:
OK
Convert pdf to text:
OK
Extract keywords:
ERROR
Extracted keywords
Security level
EAL 3, EAL 4, EAL 2, EAL 3 augmentedSecurity Assurance Requirements (SAR)
ADV_FSP.4, ADV_IMP.1, ADV_TDS.3, ALC_TAT.1, ALC_FLR, AVA_VAN.4Protection profiles
BSI-CC-PP-0032-V3-Certificates
BSI-DSZ-CC-0519-V6-2025Standards
ISO/IEC 15408, ISO/IEC 18045Certification report
Extracted keywords
Symmetric Algorithms
AES-128, AES-256, AES, HPCAsymmetric Algorithms
RSA-2048, ECDSA, Diffie-Hellman, DH, DSAHash functions
SHA256, SHA-256Protocols
TLS, TLS v1.2, VPNElliptic Curves
secp256r1, secp384r1, secp512r1Block cipher modes
CBC, GCMTLS cipher suites
TLS_DHE_RSA_WITH_AES_128, TLS_DHE_RSA_WITH_AES_256, TLS_DHE_RSA_WITH_AES_12, TLS_DHE_RSA_WITH_AES_25Security level
EAL 3, EAL 4, EAL 2, EAL 1, EAL3+, EAL 3 augmentedSecurity Assurance Requirements (SAR)
ADV_FSP.4, ADV_IMP.1, ADV_TDS.3, ALC_TAT.1, ALC_FLR, AVA_VAN.4Security Functional Requirements (SFR)
FCS_CKM.1.1, FCS_COP.1, FCS_COPProtection profiles
BSI-CC-PP-0032-V3-, BSI-CC-PP-0032-V3-2023Certificates
BSI-DSZ-CC-0519-V6-2025, BSI-DSZ-CC-0519-V5-2024, CC-0950-2017Evaluation facilities
TÜV InformationstechnikCertification process
being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification, 6] Evaluation Technical Report (ETR Summary), Version 1, 2025-10-08, TÜV Informationstechnik GmbH (confidential document) [7] Common Criteria Protection Profile Electronic Health Card Terminal (eHCT), BSI-, 15.12.2022 [8] SVN List (Configlist SW), 2025-07-24, Worldline Healthcare GmbH (confidential document) [9] Datensatz PDXpert (Configlist HW), Version 3.9.0, 2024-07-09, Worldline Healthcare GmbHStandards
FIPS180-4, PKCS#1, AIS 1, AIS 32, AIS 38, RFC5246, RFC3526, RFC5289, RFC4492, RFC7251, RFC5639, RFC7027, RFC8422, ISO/IEC 15408, ISO/IEC 18045, ISO/IEC 17065, X.509File metadata
| Title | Certification Report BSI-DSZ-CC-0519-V6-2025 |
|---|---|
| Subject | Common Criteria, Certification, Zertifizierung, eHealth, Kartenterminal, Worldline |
| Keywords | Common Criteria, Certification, Zertifizierung, eHealth, Kartenterminal, Worldline |
| Author | Federal Office for Information Security |
| Pages | 24 |
Frontpage
| Certificate ID | BSI-DSZ-CC-0519-V6-2025 |
|---|---|
| Certified item | Stationäres eHealth Kartenterminal ORGA 6141 online Version 3.9.2:1.2.0 / 3.9.2:2.0.0 |
| Certification lab | BSI |
| Developer | Worldline Healthcare GmbH |
References
Outgoing- BSI-DSZ-CC-0519-V5-2024 - active - Stationäres eHealth Kartenterminal ORGA 6141 online 3.9.0:2.0.0/ 3.9.0:1.2.0
Security target
Extracted keywords
Symmetric Algorithms
AES, AES128, AES256, HPCAsymmetric Algorithms
RSA2048, RSA4096, ECDHE, ECDSA, ECC, Diffie-Hellman, DSAHash functions
SHA1, SHA256, SHA384, MD5Protocols
TLS, IPsec, VPNElliptic Curves
secp256r1, brainpoolP256r1, brainpoolP384r1Block cipher modes
GCMSecurity level
EAL3+, EAL3, EAL 3, EAL3 augmented, EAL 3 augmentedClaims
O.ACCESS_CONTROL, O.PIN_ENTRY, O.MANAGEMENT, O.SECURE_CHANNEL, O.STATE, O.PROTECTION, O.PROTEC-, O.ACCESS_-, O.AC-, O.-, T.F-SAC, T.COM, T.PIN, T.DATA, T.F-CONNECTOR, T.F-CON-, A.SAC, A.PUSH_SERVER, A.ENV, A.ADMIN, A.CONNECTOR, A.SM, A.PUSH_SERV, OE.SAC, OE.ENV, OE.ADMIN, OE.CONNECTOR, OE.SM, OE.PUSH_SERVER, OE.AD-, OSP.PIN_ENTRYSecurity Assurance Requirements (SAR)
ADV_FSP.4, ADV_IMP.1, ADV_TDS.3, ADV_ARC.1, AGD_OPE.1, AGD_PRE.1, ALC_TAT.1, ALC_CMC.3, ALC_CMS.3, ALC_DEL.1, ALC_DVS.1, ALC_LCD.1, ATE_COV.2, ATE_DPT.1, ATE_FUN.1, ATE_IND.2, AVA_VAN.4, ASE_TSS, ASE_CCL.1, ASE_ECD.1, ASE_INT.1, ASE_OBJ.2, ASE_REQ.2, ASE_SPD.1, ASE_TSS.1Security Functional Requirements (SFR)
FCS_CKM, FCS_CKM.4, FCS_COP, FCS_CKM.1, FCS_CKM.2, FCS_COP.1, FCS_CKM.4.1, FDP_ACC, FDP_ACF, FDP_IFC, FDP_IFF, FDP_RIP.1, FDP_ITC.1, FDP_ITC.2, FDP_ACC.1, FDP_ACF.1, FDP_IFC.1, FDP_IFF.1, FDP_RIP.1.1, FIA_AFL, FIA_ATD.1, FIA_SOS.1, FIA_UAU.1, FIA_UAU.5, FIA_UAU.7, FIA_UID.1, FIA_AFL.1, FIA_ATD.1.1, FIA_SOS.1.1, FIA_UAU.1.1, FIA_UAU.1.2, FIA_UAU.5.1, FIA_UAU.5.2, FIA_UAU.7.1, FIA_UID.1.1, FIA_UID.1.2, FIA_UID, FMT_MSA, FMT_MSA.2, FMT_SMF.1, FMT_SMR.1, FMT_MSA.3, FMT_MSA.1, FMT_MSA.2.1, FMT_SMF.1.1, FMT_SMR.1.1, FMT_SMR.1.2, FPT_FLS.1, FPT_ITT.1, FPT_PHP.1, FPT_PHP.3, FPT_TST.1, FPT_FLS.1.1, FPT_ITT.1.1, FPT_PHP.1.1, FPT_PHP.1.2, FPT_PHP.3.1, FPT_TST.1.1, FPT_TST.1.2, FPT_TST.1.3, FTA_TAB, FTA_TAB.1, FTP_ITC, FTP_TRP, FTP_ITC.1, FTP_TRP.1Protection profiles
BSI-CC-PP-0032-, BSI-CC-PP-0032, BSI-CC-PP-0032-V3-2023, BSI-CC-PP-0082, BSI-CC-PP-0046, BSI-CC-PP-0098Certificates
BSI-DSZ-CC-0519Side-channel analysis
physical tamperingStandards
PKCS #1, RFC3268, RFC5289, RFC7251, RFC5246, ISO/IEC 14443, X.509Technical reports
BSI TR-03120, BSI 7500File metadata
| Title | Common-Criteria 3.1-Document |
|---|---|
| Subject | Security Target ORGA 6141 online |
| Keywords | ORGA 6141, online;Security, Target;Sicherheitsvorgaben |
| Pages | 66 |
References
Outgoing- BSI-DSZ-CC-0519 - archived - ORGA 6141 online Version 3.7.2:1.2.0
Heuristics
Automated inference - use with caution
All attributes shown in this section (e.g., links between certificates, products, vendors, and known CVEs) are generated by automated heuristics and have not been reviewed by humans. These methods can produce false positives or false negatives and should not be treated as definitive without independent verification. For details on our data sources and inference methods, see our methodology. If you believe any information here is inaccurate or harmful, please submit feedback.Certificate ID
BSI-DSZ-CC-0519-V6-2025Extracted SARs
ADV_ARC.1, ADV_FSP.4, ADV_IMP.1, ADV_TDS.3, AGD_OPE.1, AGD_PRE.1, ALC_CMC.3, ALC_CMS.3, ALC_DEL.1, ALC_DVS.1, ALC_LCD.1, ALC_TAT.1, ASE_CCL.1, ASE_ECD.1, ASE_INT.1, ASE_OBJ.2, ASE_REQ.2, ASE_SPD.1, ASE_TSS.1, ATE_COV.2, ATE_DPT.1, ATE_FUN.1, ATE_IND.2, AVA_VAN.4Similar certificates
Showing 5 out of 14.
Scheme data
| Cert Id | BSI-DSZ-CC-0519-V6-2025 | |
|---|---|---|
| Product | ORGA 6141 online V3.9.2:1.2.0/3.9.2:2.0.0 | |
| Vendor | Worldlline Healthcare GmbH | |
| Certification Date | 16.10.2025 | |
| Category | eHealth | |
| Url | https://www.bsi.bund.de/SharedDocs/Zertifikate_CC/CC/Gesundheitswesen_Kartenlesegeraete/0519.html | |
| Enhanced | ||
| Product | ORGA 6141 online V3.9.2:1.2.0/3.9.2:2.0.0 | |
| Applicant | Worldlline Healthcare GmbH Konrad-Zuse-Ring 1 24220 Flintbek | |
| Evaluation Facility | TÜV Informationstechnik GmbH | |
| Assurance Level | EAL3+,AVA_VAN.4,ALC_TAT.1,ADV_TDS.3,ADV_IMP.1,ADV_FSP.4 | |
| Protection Profile | Common Criteria Protection Profile Electronic Health Card Terminal (eHCT) Version 3.7, BSI-CC-PP-0032-V2-2015-MA-01, 22 May 2017 | |
| Certification Date | 16.10.2025 | |
| Expiration Date | 15.10.2030 | |
| Entries | [frozendict({'id': 'BSI', 'description': 'Management'}), frozendict({'id': 'BSI-DSZ-CC-0519-V6-2025 (16.10.2025)', 'description': 'Zertifizierungsreport / Certification Report Sicherheitsvorgaben / Security Target Zertifikat / Certificate'}), frozendict({'id': 'BSI', 'description': 'online'}), frozendict({'id': 'BSI-DSZ-CC-0519-V5-2024 (24.09.2024)', 'description': 'Management'}), frozendict({'id': 'BSI-DSZ-CC-0519-V4-2022-MA-01 (04.04.2023) Maintenancereport / Maintenance Report Sicherheitsvorgaben / Security Target Folgende Änderungen waren im Fokus dieser Re-Evalauierung: Updates von Open-Sopurce-Komponenten, Fehlerbehebung im TOE und die Erweiterung des Produkts um die Remote Management Schnittstelle als zweite Adiminstrationsschnittstelle, die eingabe der SMC-B PIN über diese Remote Management Schnittstelle sowie die VPN Authentifizierung via PSK und EAP-TLS. Following changes on the evaluated product have been in the focus of this re-evaluation: Update of open-source components, Bug fixing for the TOE, Product expansion, Remote Management Interface as second administration interface, SMC-B PIN entry via the Remote Management Interface and VPN authentication method PSK and EAP-TLS.', 'description': 'Firmware'}), frozendict({'id': 'BSI', 'description': 'Management'}), frozendict({'id': 'BSI', 'description': 'online'}), frozendict({'id': 'BSI', 'description': 'Maintenance Report'}), frozendict({'id': 'BSI', 'description': 'The certified product itself did not change compared to 0519-V2-2018.'}), frozendict({'id': 'BSI', 'description': 'online'}), frozendict({'id': 'BSI', 'description': 'The certified product itself did not change compared to 0519-V2-2018.'}), frozendict({'id': 'BSI', 'description': 'Certificate'})] | |
| Report Link | https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte05/0519V6a_pdf.pdf?__blob=publicationFile&v=3 | |
| Target Link | https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte05/0519V6b_pdf.pdf?__blob=publicationFile&v=3 | |
| Cert Link | https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte05/0519V6c_pdf.pdf?__blob=publicationFile&v=3 | |
| Description | The Target of Evaluation (TOE) is a smart card terminal ORGA 6141 online Version 3.7.2:1.2.0. It fulfils the IT security requirements to be used with the German electronic Health Card (eHC) and the German Health Professional Card (HPC) based on the regulations of the German healthcare system. | |
| Subcategory | Card reader | |
References
Loading...
Updates Feed
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate was first processed.
Raw data
{
"_type": "sec_certs.sample.cc.CCCertificate",
"category": "ICs, Smart Cards and Smart Card-Related Devices and Systems",
"cert_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0519V6c_pdf.pdf",
"dgst": "c9f1e8cb1664943f",
"heuristics": {
"_type": "sec_certs.sample.cc_eucc_common.Heuristics",
"annotated_references": null,
"cert_id": "BSI-DSZ-CC-0519-V6-2025",
"cert_lab": [
"BSI"
],
"cpe_matches": null,
"direct_transitive_cves": null,
"eal": "EAL3+",
"extracted_sars": {
"_type": "Set",
"elements": [
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_SPD",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_ECD",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_INT",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_DVS",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_IND",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_FUN",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_TDS",
"level": 3
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_TSS",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_REQ",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_OBJ",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_DEL",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_LCD",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AGD_PRE",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_TAT",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_CCL",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_CMC",
"level": 3
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_CMS",
"level": 3
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_DPT",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AGD_OPE",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_ARC",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_COV",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_IMP",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_FSP",
"level": 4
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AVA_VAN",
"level": 4
}
]
},
"extracted_versions": {
"_type": "Set",
"elements": [
"1.2.0",
"2.0.0",
"3.9.2"
]
},
"indirect_transitive_cves": null,
"next_certificates": null,
"prev_certificates": null,
"protection_profiles": null,
"related_cves": null,
"report_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": {
"_type": "Set",
"elements": [
"BSI-DSZ-CC-0519-V5-2024"
]
},
"indirectly_referenced_by": null,
"indirectly_referencing": {
"_type": "Set",
"elements": [
"BSI-DSZ-CC-0519-V5-2024",
"BSI-DSZ-CC-0519-V3-2021",
"BSI-DSZ-CC-0519-V4-2022"
]
}
},
"scheme_data": {
"category": "eHealth",
"cert_id": "BSI-DSZ-CC-0519-V6-2025",
"certification_date": "2025-10-16",
"enhanced": {
"applicant": "Worldlline Healthcare GmbH Konrad-Zuse-Ring 1 24220 Flintbek",
"assurance_level": "EAL3+,AVA_VAN.4,ALC_TAT.1,ADV_TDS.3,ADV_IMP.1,ADV_FSP.4",
"cert_link": "https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte05/0519V6c_pdf.pdf?__blob=publicationFile\u0026v=3",
"certification_date": "2025-10-16",
"description": "The Target of Evaluation (TOE) is a smart card terminal ORGA 6141 online Version 3.7.2:1.2.0. It fulfils the IT security requirements to be used with the German electronic Health Card (eHC) and the German Health Professional Card (HPC) based on the regulations of the German healthcare system.",
"entries": [
{
"description": "Management",
"id": "BSI"
},
{
"description": "Zertifizierungsreport / Certification Report Sicherheitsvorgaben / Security Target Zertifikat / Certificate",
"id": "BSI-DSZ-CC-0519-V6-2025 (16.10.2025)"
},
{
"description": "online",
"id": "BSI"
},
{
"description": "Management",
"id": "BSI-DSZ-CC-0519-V5-2024 (24.09.2024)"
},
{
"description": "Firmware",
"id": "BSI-DSZ-CC-0519-V4-2022-MA-01 (04.04.2023) Maintenancereport / Maintenance Report Sicherheitsvorgaben / Security Target Folgende \u00c4nderungen waren im Fokus dieser Re-Evalauierung: Updates von Open-Sopurce-Komponenten, Fehlerbehebung im TOE und die Erweiterung des Produkts um die Remote Management Schnittstelle als zweite Adiminstrationsschnittstelle, die eingabe der SMC-B PIN \u00fcber diese Remote Management Schnittstelle sowie die VPN Authentifizierung via PSK und EAP-TLS. Following changes on the evaluated product have been in the focus of this re-evaluation: Update of open-source components, Bug fixing for the TOE, Product expansion, Remote Management Interface as second administration interface, SMC-B PIN entry via the Remote Management Interface and VPN authentication method PSK and EAP-TLS."
},
{
"description": "Management",
"id": "BSI"
},
{
"description": "online",
"id": "BSI"
},
{
"description": "Maintenance Report",
"id": "BSI"
},
{
"description": "The certified product itself did not change compared to 0519-V2-2018.",
"id": "BSI"
},
{
"description": "online",
"id": "BSI"
},
{
"description": "The certified product itself did not change compared to 0519-V2-2018.",
"id": "BSI"
},
{
"description": "Certificate",
"id": "BSI"
}
],
"evaluation_facility": "T\u00dcV Informationstechnik GmbH",
"expiration_date": "2030-10-15",
"product": "ORGA 6141 online V3.9.2:1.2.0/3.9.2:2.0.0",
"protection_profile": "Common Criteria Protection Profile Electronic Health Card Terminal (eHCT) Version 3.7, BSI-CC-PP-0032-V2-2015-MA-01, 22 May 2017",
"report_link": "https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte05/0519V6a_pdf.pdf?__blob=publicationFile\u0026v=3",
"target_link": "https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte05/0519V6b_pdf.pdf?__blob=publicationFile\u0026v=3"
},
"product": "ORGA 6141 online V3.9.2:1.2.0/3.9.2:2.0.0",
"subcategory": "Card reader",
"url": "https://www.bsi.bund.de/SharedDocs/Zertifikate_CC/CC/Gesundheitswesen_Kartenlesegeraete/0519.html",
"vendor": "Worldlline Healthcare GmbH"
},
"st_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": {
"_type": "Set",
"elements": [
"BSI-DSZ-CC-0519"
]
},
"indirectly_referenced_by": null,
"indirectly_referencing": {
"_type": "Set",
"elements": [
"BSI-DSZ-CC-0519"
]
}
},
"verified_cpe_matches": null
},
"maintenance_updates": {
"_type": "Set",
"elements": [
{
"_type": "sec_certs.sample.cc.CCCertificate.MaintenanceReport",
"maintenance_date": "2025-10-30",
"maintenance_report_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0519V6ma1a_pdf.pdf",
"maintenance_st_link": null,
"maintenance_title": "Station\u00e4res eHealth Kartenterminal ORGA 6141online, Version 3.9.2:1.2.0 / 3.9.2:2.0.0"
}
]
},
"manufacturer": "Worldlline Healthcare GmbH",
"manufacturer_web": "https://de.worldline.com",
"name": "Station\u00e4res eHealth-Kartenterminal ORGA 6141 online Version 3.9.2:1.2.0 / 3.9.2:2.0.0",
"not_valid_after": "2030-10-16",
"not_valid_before": "2025-10-16",
"pdf_data": {
"_type": "sec_certs.sample.cc_eucc_common.PdfData",
"cert_filename": "0519V6c_pdf.pdf",
"cert_frontpage": null,
"cert_keywords": {
"asymmetric_crypto": {},
"cc_cert_id": {
"DE": {
"BSI-DSZ-CC-0519-V6-2025": 1
}
},
"cc_claims": {},
"cc_protection_profile_id": {
"BSI": {
"BSI-CC-PP-0032-V3-": 1
}
},
"cc_sar": {
"ADV": {
"ADV_FSP.4": 1,
"ADV_IMP.1": 1,
"ADV_TDS.3": 1
},
"ALC": {
"ALC_FLR": 1,
"ALC_TAT.1": 1
},
"AVA": {
"AVA_VAN.4": 1
}
},
"cc_security_level": {
"EAL": {
"EAL 2": 1,
"EAL 3": 1,
"EAL 3 augmented": 1,
"EAL 4": 1
}
},
"cc_sfr": {},
"certification_process": {},
"cipher_mode": {},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {},
"crypto_scheme": {},
"device_model": {},
"ecc_curve": {},
"eval_facility": {},
"hash_function": {},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {},
"side_channel_analysis": {},
"standard_id": {
"ISO": {
"ISO/IEC 15408": 2,
"ISO/IEC 18045": 2
}
},
"symmetric_crypto": {},
"technical_report_id": {},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"cert_metadata": null,
"report_filename": "0519V6a_pdf.pdf",
"report_frontpage": {
"DE": {
"cc_security_level": "Common Criteria Part 3 conformant EAL 3 augmented by ADV_FSP.4, ADV_IMP.1, ADV_TDS.3, ALC_TAT.1 and AVA_VAN.4 valid until: 15 October 2030",
"cc_version": "PP conformant",
"cert_id": "BSI-DSZ-CC-0519-V6-2025",
"cert_item": "Station\u00e4res eHealth Kartenterminal ORGA 6141 online Version 3.9.2:1.2.0 / 3.9.2:2.0.0",
"cert_lab": "BSI",
"developer": "Worldline Healthcare GmbH",
"match_rules": [
"(BSI-DSZ-CC-.+?) (?:for|For) (.+?) from (.*)"
],
"ref_protection_profiles": "Common Criteria Protection Profile Electronic Health Card Terminal (eHCT), BSI-CC-PP-0032-V3- 2023, 15.12.2022"
}
},
"report_keywords": {
"asymmetric_crypto": {
"ECC": {
"ECDSA": {
"ECDSA": 3
}
},
"FF": {
"DH": {
"DH": 2,
"Diffie-Hellman": 1
},
"DSA": {
"DSA": 1
}
},
"RSA": {
"RSA-2048": 1
}
},
"cc_cert_id": {
"DE": {
"BSI-DSZ-CC-0519-V5-2024": 2,
"BSI-DSZ-CC-0519-V6-2025": 12
},
"NL": {
"CC-0950-2017": 1
}
},
"cc_claims": {},
"cc_protection_profile_id": {
"BSI": {
"BSI-CC-PP-0032-V3-": 1,
"BSI-CC-PP-0032-V3-2023": 3
}
},
"cc_sar": {
"ADV": {
"ADV_FSP.4": 4,
"ADV_IMP.1": 4,
"ADV_TDS.3": 4
},
"ALC": {
"ALC_FLR": 3,
"ALC_TAT.1": 4
},
"AVA": {
"AVA_VAN.4": 5
}
},
"cc_security_level": {
"EAL": {
"EAL 1": 1,
"EAL 2": 3,
"EAL 3": 4,
"EAL 3 augmented": 3,
"EAL 4": 4,
"EAL3+": 1
}
},
"cc_sfr": {
"FCS": {
"FCS_CKM.1.1": 10,
"FCS_COP": 2,
"FCS_COP.1": 1
}
},
"certification_process": {
"ConfidentialDocument": {
"15.12.2022 [8] SVN List (Configlist SW), 2025-07-24, Worldline Healthcare GmbH (confidential document) [9] Datensatz PDXpert (Configlist HW), Version 3.9.0, 2024-07-09, Worldline Healthcare GmbH": 1,
"6] Evaluation Technical Report (ETR Summary), Version 1, 2025-10-08, T\u00dcV Informationstechnik GmbH (confidential document) [7] Common Criteria Protection Profile Electronic Health Card Terminal (eHCT), BSI-": 1,
"being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification": 1
}
},
"cipher_mode": {
"CBC": {
"CBC": 1
},
"GCM": {
"GCM": 1
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"TLS": {
"TLS": {
"TLS": 15,
"TLS v1.2": 3
}
},
"VPN": {
"VPN": 1
}
},
"crypto_scheme": {},
"device_model": {},
"ecc_curve": {
"NIST": {
"secp256r1": 1,
"secp384r1": 1,
"secp512r1": 1
}
},
"eval_facility": {
"TUV": {
"T\u00dcV Informationstechnik": 3
}
},
"hash_function": {
"SHA": {
"SHA2": {
"SHA-256": 5,
"SHA256": 2
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {},
"side_channel_analysis": {},
"standard_id": {
"BSI": {
"AIS 1": 1,
"AIS 32": 1,
"AIS 38": 1
},
"FIPS": {
"FIPS180-4": 4
},
"ISO": {
"ISO/IEC 15408": 4,
"ISO/IEC 17065": 2,
"ISO/IEC 18045": 4
},
"PKCS": {
"PKCS#1": 4
},
"RFC": {
"RFC3526": 1,
"RFC4492": 3,
"RFC5246": 8,
"RFC5289": 4,
"RFC5639": 1,
"RFC7027": 1,
"RFC7251": 1,
"RFC8422": 1
},
"X509": {
"X.509": 1
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 1,
"AES-128": 2,
"AES-256": 2
},
"HPC": {
"HPC": 4
}
}
},
"technical_report_id": {},
"tee_name": {},
"tls_cipher_suite": {
"TLS": {
"TLS_DHE_RSA_WITH_AES_12": 1,
"TLS_DHE_RSA_WITH_AES_128": 3,
"TLS_DHE_RSA_WITH_AES_25": 1,
"TLS_DHE_RSA_WITH_AES_256": 2
}
},
"vendor": {},
"vulnerability": {}
},
"report_metadata": {
"/Author": "Federal Office for Information Security",
"/Keywords": "Common Criteria, Certification, Zertifizierung, eHealth, Kartenterminal, Worldline",
"/Subject": "Common Criteria, Certification, Zertifizierung, eHealth, Kartenterminal, Worldline",
"/Title": "Certification Report BSI-DSZ-CC-0519-V6-2025",
"pdf_file_size_bytes": 365567,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"http://www.commoncriteriaportal.org/",
"https://www.bsi.bund.de/AIS",
"https://www.commoncriteriaportal.org/",
"https://www.sogis.eu/",
"https://www.bsi.bund.de/zertifizierung",
"https://www.bsi.bund.de/dok/Zertifizierung-Gesamtlisten",
"http://www.commoncriteriaportal.org/cc/"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 24
},
"st_filename": "0519V6b_pdf.pdf",
"st_frontpage": null,
"st_keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 10
},
"ECDH": {
"ECDHE": 3
},
"ECDSA": {
"ECDSA": 5
}
},
"FF": {
"DH": {
"Diffie-Hellman": 2
},
"DSA": {
"DSA": 1
}
},
"RSA": {
"RSA2048": 1,
"RSA4096": 3
}
},
"cc_cert_id": {
"DE": {
"BSI-DSZ-CC-0519": 2
}
},
"cc_claims": {
"A": {
"A.ADMIN": 3,
"A.CONNECTOR": 3,
"A.ENV": 6,
"A.PUSH_SERV": 1,
"A.PUSH_SERVER": 3,
"A.SAC": 6,
"A.SM": 5
},
"O": {
"O.-": 1,
"O.AC-": 1,
"O.ACCESS_-": 2,
"O.ACCESS_CONTROL": 7,
"O.MANAGEMENT": 8,
"O.PIN_ENTRY": 6,
"O.PROTEC-": 1,
"O.PROTECTION": 7,
"O.SECURE_CHANNEL": 4,
"O.STATE": 8
},
"OE": {
"OE.AD-": 1,
"OE.ADMIN": 5,
"OE.CONNECTOR": 7,
"OE.ENV": 14,
"OE.PUSH_SERVER": 2,
"OE.SAC": 10,
"OE.SM": 4
},
"OSP": {
"OSP.PIN_ENTRY": 4
},
"T": {
"T.COM": 3,
"T.DATA": 3,
"T.F-CON-": 1,
"T.F-CONNECTOR": 2,
"T.F-SAC": 7,
"T.PIN": 6
}
},
"cc_protection_profile_id": {
"BSI": {
"BSI-CC-PP-0032": 1,
"BSI-CC-PP-0032-": 1,
"BSI-CC-PP-0032-V3-2023": 1,
"BSI-CC-PP-0046": 1,
"BSI-CC-PP-0082": 1,
"BSI-CC-PP-0098": 1
}
},
"cc_sar": {
"ADV": {
"ADV_ARC.1": 1,
"ADV_FSP.4": 5,
"ADV_IMP.1": 6,
"ADV_TDS.3": 4
},
"AGD": {
"AGD_OPE.1": 1,
"AGD_PRE.1": 1
},
"ALC": {
"ALC_CMC.3": 1,
"ALC_CMS.3": 1,
"ALC_DEL.1": 1,
"ALC_DVS.1": 1,
"ALC_LCD.1": 1,
"ALC_TAT.1": 5
},
"ASE": {
"ASE_CCL.1": 1,
"ASE_ECD.1": 1,
"ASE_INT.1": 1,
"ASE_OBJ.2": 1,
"ASE_REQ.2": 1,
"ASE_SPD.1": 1,
"ASE_TSS": 2,
"ASE_TSS.1": 1
},
"ATE": {
"ATE_COV.2": 1,
"ATE_DPT.1": 1,
"ATE_FUN.1": 1,
"ATE_IND.2": 1
},
"AVA": {
"AVA_VAN.4": 5
}
},
"cc_security_level": {
"EAL": {
"EAL 3": 2,
"EAL 3 augmented": 2,
"EAL3": 1,
"EAL3 augmented": 1,
"EAL3+": 2
}
},
"cc_sfr": {
"FCS": {
"FCS_CKM": 23,
"FCS_CKM.1": 14,
"FCS_CKM.2": 4,
"FCS_CKM.4": 36,
"FCS_CKM.4.1": 1,
"FCS_COP": 54,
"FCS_COP.1": 10
},
"FDP": {
"FDP_ACC": 31,
"FDP_ACC.1": 12,
"FDP_ACF": 26,
"FDP_ACF.1": 15,
"FDP_IFC": 24,
"FDP_IFC.1": 12,
"FDP_IFF": 24,
"FDP_IFF.1": 17,
"FDP_ITC.1": 15,
"FDP_ITC.2": 12,
"FDP_RIP.1": 9,
"FDP_RIP.1.1": 1
},
"FIA": {
"FIA_AFL": 18,
"FIA_AFL.1": 5,
"FIA_ATD.1": 8,
"FIA_ATD.1.1": 1,
"FIA_SOS.1": 10,
"FIA_SOS.1.1": 1,
"FIA_UAU.1": 15,
"FIA_UAU.1.1": 1,
"FIA_UAU.1.2": 1,
"FIA_UAU.5": 8,
"FIA_UAU.5.1": 1,
"FIA_UAU.5.2": 1,
"FIA_UAU.7": 9,
"FIA_UAU.7.1": 1,
"FIA_UID": 1,
"FIA_UID.1": 15,
"FIA_UID.1.1": 1,
"FIA_UID.1.2": 1
},
"FMT": {
"FMT_MSA": 45,
"FMT_MSA.1": 8,
"FMT_MSA.2": 10,
"FMT_MSA.2.1": 1,
"FMT_MSA.3": 15,
"FMT_SMF.1": 14,
"FMT_SMF.1.1": 1,
"FMT_SMR.1": 24,
"FMT_SMR.1.1": 1,
"FMT_SMR.1.2": 1
},
"FPT": {
"FPT_FLS.1": 10,
"FPT_FLS.1.1": 1,
"FPT_ITT.1": 9,
"FPT_ITT.1.1": 1,
"FPT_PHP.1": 10,
"FPT_PHP.1.1": 1,
"FPT_PHP.1.2": 1,
"FPT_PHP.3": 14,
"FPT_PHP.3.1": 1,
"FPT_TST.1": 12,
"FPT_TST.1.1": 1,
"FPT_TST.1.2": 1,
"FPT_TST.1.3": 1
},
"FTA": {
"FTA_TAB": 8,
"FTA_TAB.1": 1
},
"FTP": {
"FTP_ITC": 8,
"FTP_ITC.1": 4,
"FTP_TRP": 9,
"FTP_TRP.1": 3
}
},
"certification_process": {},
"cipher_mode": {
"GCM": {
"GCM": 1
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"IPsec": {
"IPsec": 1
},
"TLS": {
"TLS": {
"TLS": 20
}
},
"VPN": {
"VPN": 7
}
},
"crypto_scheme": {},
"device_model": {},
"ecc_curve": {
"Brainpool": {
"brainpoolP256r1": 1,
"brainpoolP384r1": 2
},
"NIST": {
"secp256r1": 1
}
},
"eval_facility": {},
"hash_function": {
"MD": {
"MD5": {
"MD5": 1
}
},
"SHA": {
"SHA1": {
"SHA1": 1
},
"SHA2": {
"SHA256": 6,
"SHA384": 1
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {},
"side_channel_analysis": {
"FI": {
"physical tampering": 7
}
},
"standard_id": {
"ISO": {
"ISO/IEC 14443": 2
},
"PKCS": {
"PKCS #1": 1
},
"RFC": {
"RFC3268": 3,
"RFC5246": 1,
"RFC5289": 3,
"RFC7251": 2
},
"X509": {
"X.509": 6
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 7,
"AES128": 1,
"AES256": 1
},
"HPC": {
"HPC": 10
}
}
},
"technical_report_id": {
"BSI": {
"BSI 7500": 1,
"BSI TR-03120": 2
}
},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"st_metadata": {
"/Keywords": "ORGA\u00a06141, online;Security, Target;Sicherheitsvorgaben",
"/Subject": "Security Target ORGA\u00a06141 online",
"/Title": "Common-Criteria 3.1-Document",
"pdf_file_size_bytes": 1835805,
"pdf_hyperlinks": {
"_type": "Set",
"elements": []
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 66
}
},
"protection_profile_links": {
"_type": "Set",
"elements": []
},
"report_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0519V6a_pdf.pdf",
"scheme": "DE",
"security_level": {
"_type": "Set",
"elements": [
"EAL3+",
"ADV_IMP.1",
"ADV_FSP.4",
"AVA_VAN.4",
"ADV_TDS.3",
"ALC_TAT.1"
]
},
"st_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0519V6b_pdf.pdf",
"state": {
"_type": "sec_certs.sample.cc_eucc_common.InternalState",
"cert": {
"_type": "sec_certs.sample.document_state.DocumentState",
"convert_ok": true,
"download_ok": true,
"extract_ok": false,
"json_hash": null,
"pdf_hash": "78b4398e088fb54ab2c0382a5cb8a4d7345ded16f08287362bc4e7093090d518",
"txt_hash": "5d3056ce3af9ab52b2369398871413bed3383728d0054f3c12d8649ea42aaed2"
},
"report": {
"_type": "sec_certs.sample.document_state.DocumentState",
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"json_hash": null,
"pdf_hash": "1fa218a708930ccf98d6b29c581b0ae43aa2b5db8c600a7bdd10bd2a24e620ed",
"txt_hash": "1dd54b632fce38fb2c2b00b2b66c9ffb79137a76f4c3c5277fa9ea0eb8d76d9a"
},
"st": {
"_type": "sec_certs.sample.document_state.DocumentState",
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"json_hash": null,
"pdf_hash": "b9abf74b4bce4188662aae0ab838aef36934e7ca1453a37d3181942eb8ea1675",
"txt_hash": "04bae2d2d8d1bef6c93f577642658630c9a852e01411048829e464ed5d2032a4"
}
},
"status": "active"
}