Comparing certificates Experimental feature

You are comparing two certificates. By default, only differing attributes are shown. Use the button below to show/hide all attributes.

Showing only differing attributes.
Google Pixel Devices on Android 14
None 		STARCOS 3.7 COS HBA-SMC
None
name Google Pixel Devices on Android 14 STARCOS 3.7 COS HBA-SMC
category Mobility ICs, Smart Cards and Smart Card-Related Devices and Systems
scheme US DE
not_valid_after 27.03.2026 18.06.2026
not_valid_before 27.03.2024 18.06.2021
cert_link https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/st_vid11419-ci.pdf https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0976V4c_pdf.pdf
report_link https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/st_vid11419-vr.pdf https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0976V4a_pdf.pdf
st_link https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/st_vid11419-st.pdf https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/0976V4b_pdf.pdf
manufacturer Google LLC G+D Mobile Security GmbH
manufacturer_web https://www.google.com https://www.gi-de.com/de/de/mobile-security/
security_level {} ALC_DVS.2, EAL4+, ATE_DPT.2, AVA_VAN.5
dgst d822fb20999bc557 e86ac89b4f665c58
heuristics/cpe_matches cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:* {}
heuristics/related_cves CVE-2023-40096, CVE-2024-0039, CVE-2015-9030, CVE-2015-9050, CVE-2015-8998, CVE-2024-31316, CVE-2015-9028, CVE-2024-0037, CVE-2015-9043, CVE-2019-20606, CVE-2014-9979, CVE-2014-9972, CVE-2016-10332, CVE-2024-34741, CVE-2024-0045, CVE-2016-10386, CVE-2024-0038, CVE-2015-9023, CVE-2023-21352, CVE-2016-10391, CVE-2016-5853, CVE-2024-31332, CVE-2023-40079, CVE-2016-5859, CVE-2017-7372, CVE-2023-40095, CVE-2017-8241, CVE-2017-8253, CVE-2024-31324, CVE-2016-10380, CVE-2015-9073, CVE-2017-8268, CVE-2015-9001, CVE-2024-34738, CVE-2017-8234, CVE-2015-8595, CVE-2015-8592, CVE-2024-23713, CVE-2016-10341, CVE-2024-23704, CVE-2015-9062, CVE-2024-43084, CVE-2015-9029, CVE-2024-0036, CVE-2011-0419, CVE-2024-31323, CVE-2015-8596, CVE-2024-0018, CVE-2024-0049, CVE-2014-9965, CVE-2014-9973, CVE-2014-9974, CVE-2024-0040, CVE-2017-7364, CVE-2024-34739, CVE-2016-10381, CVE-2016-10387, CVE-2015-9051, CVE-2016-10383, CVE-2023-21355, CVE-2023-40080, CVE-2023-40084, CVE-2024-31314, CVE-2015-8996, CVE-2017-9678, CVE-2014-9963, CVE-2023-40078, CVE-2015-9027, CVE-2015-9068, CVE-2023-45776, CVE-2015-9069, CVE-2023-21360, CVE-2023-40111, CVE-2016-10339, CVE-2024-0048, CVE-2024-0022, CVE-2015-9066, CVE-2016-10384, CVE-2015-9046, CVE-2017-0843, CVE-2023-40076, CVE-2017-7367, CVE-2024-34727, CVE-2015-9036, CVE-2023-40073, CVE-2016-5867, CVE-2017-8263, CVE-2024-31331, CVE-2017-7366, CVE-2016-10392, CVE-2014-9968, CVE-2024-31317, CVE-2024-31322, CVE-2017-7371, CVE-2023-21357, CVE-2014-9937, CVE-2023-40094, CVE-2014-9935, CVE-2023-40081, CVE-2015-9065, CVE-2014-9411, CVE-2024-43081, CVE-2017-8267, CVE-2015-8999, CVE-2024-23712, CVE-2017-8240, CVE-2016-5872, CVE-2023-40082, CVE-2023-21350, CVE-2016-10338, CVE-2016-10340, CVE-2016-10239, CVE-2015-0576, CVE-2017-0862, CVE-2024-34737, CVE-2008-7298, CVE-2017-8243, CVE-2024-40661, CVE-2024-0032, CVE-2024-31339, CVE-2017-8255, CVE-2024-34740, CVE-2015-9072, CVE-2017-8237, CVE-2015-9000, CVE-2024-0019, CVE-2016-5862, CVE-2023-40114, CVE-2017-7373, CVE-2024-0017, CVE-2023-40110, CVE-2024-0047, CVE-2014-9962, CVE-2015-9031, CVE-2024-0050, CVE-2023-40090, CVE-2014-9978, CVE-2017-8233, CVE-2015-9070, CVE-2024-31326, CVE-2014-9936, CVE-2024-0053, CVE-2014-9981, CVE-2024-31325, CVE-2017-7365, CVE-2024-0052, CVE-2015-9048, CVE-2014-9964, CVE-2017-8266, CVE-2024-0046, CVE-2015-9060, CVE-2017-8239, CVE-2024-0030, CVE-2015-9054, CVE-2015-9035, CVE-2015-8593, CVE-2024-40656, CVE-2023-45781, CVE-2016-5858, CVE-2023-21373, CVE-2024-31318, CVE-2016-10342, CVE-2016-10334, CVE-2024-23708, CVE-2015-9037, CVE-2023-45777, CVE-2023-21361, CVE-2024-43089, CVE-2014-9977, CVE-2024-43086, CVE-2015-9041, CVE-2023-21351, CVE-2024-23705, CVE-2016-5861, CVE-2016-10335, CVE-2015-9052, CVE-2024-0020, CVE-2024-40652, CVE-2024-40659, CVE-2017-8256, CVE-2017-9685, CVE-2023-21364, CVE-2024-34721, CVE-2015-0574, CVE-2014-9961, CVE-2024-0023, CVE-2016-5863, CVE-2016-5347, CVE-2024-0016, CVE-2014-9976, CVE-2017-8261, CVE-2024-43088, CVE-2016-10346, CVE-2015-9032, CVE-2016-5871, CVE-2024-31315, CVE-2024-0044, CVE-2016-10389, CVE-2024-34719, CVE-2014-9969, CVE-2023-21366, CVE-2023-21374, CVE-2017-6421, CVE-2016-10343, CVE-2024-40662, CVE-2016-10390, CVE-2024-40654, CVE-2016-10344, CVE-2015-9020, CVE-2023-45774, CVE-2017-8235, CVE-2023-21353, CVE-2024-0041, CVE-2021-39810, CVE-2016-10347, CVE-2016-10333, CVE-2024-43093, CVE-2024-0014, CVE-2024-0051, CVE-2015-9055, CVE-2024-43090, CVE-2023-21354, CVE-2015-8594, CVE-2015-1529, CVE-2015-9038, CVE-2023-21359, CVE-2015-9045, CVE-2023-40077, CVE-2024-34720, CVE-2017-8272, CVE-2024-0024, CVE-2023-40091, CVE-2016-10385, CVE-2017-8260, CVE-2024-31313, CVE-2017-7370, CVE-2024-0026, CVE-2024-34743, CVE-2017-9682, CVE-2024-34731, CVE-2016-5855, CVE-2024-0031, CVE-2016-5864, CVE-2015-9022, CVE-2023-40109, CVE-2024-31327, CVE-2024-40655, CVE-2024-0027, CVE-2017-0865, CVE-2024-0025, CVE-2015-9040, CVE-2017-7369, CVE-2014-9975, CVE-2024-40657, CVE-2024-43087, CVE-2015-8997, CVE-2023-40093, CVE-2023-40075, CVE-2016-10382, CVE-2014-9966, CVE-2015-9042, CVE-2015-9067, CVE-2015-9025, CVE-2024-23717, CVE-2015-9061, CVE-2017-8238, CVE-2015-9024, CVE-2024-0021, CVE-2024-23709, CVE-2017-9679, CVE-2024-31319, CVE-2023-40107, CVE-2017-8270, CVE-2015-9044, CVE-2023-40100, CVE-2015-8995, CVE-2015-9047, CVE-2015-9049, CVE-2023-40105, CVE-2024-23707, CVE-2024-40660, CVE-2024-34722, CVE-2016-5854, CVE-2017-0864, CVE-2023-40092, CVE-2017-8257, CVE-2024-31310, CVE-2017-8236, CVE-2015-0575, CVE-2023-40106, CVE-2024-34723, CVE-2017-8262, CVE-2024-34734, CVE-2024-43083, CVE-2023-40098, CVE-2015-9064, CVE-2017-9680, CVE-2024-43085, CVE-2015-9063, CVE-2024-0035, CVE-2014-9971, CVE-2024-43091, CVE-2015-9053, CVE-2023-40087, CVE-2023-21358, CVE-2014-9980, CVE-2017-8254, CVE-2023-40088, CVE-2016-10337, CVE-2015-9033, CVE-2024-23706, CVE-2023-21356, CVE-2023-40115, CVE-2017-9684, CVE-2024-23710, CVE-2015-9034, CVE-2023-45775, CVE-2015-9021, CVE-2023-45773, CVE-2017-8242, CVE-2014-9960, CVE-2024-0033, CVE-2024-0043, CVE-2024-40658, CVE-2023-40089, CVE-2024-31312, CVE-2024-31311, CVE-2017-8265, CVE-2020-13843, CVE-2016-5860, CVE-2016-10388, CVE-2015-9003, CVE-2017-0863, CVE-2024-34736, CVE-2014-9967, CVE-2015-9002, CVE-2015-9071, CVE-2023-40103, CVE-2017-7368, CVE-2016-10336, CVE-2015-9026, CVE-2023-40083, CVE-2024-40650, CVE-2015-9039, CVE-2024-34742, CVE-2024-43080 {}
heuristics/extracted_sars {} ALC_DVS.2, AVA_VAN.5, ATE_DPT.2
heuristics/extracted_versions 14 3.7
heuristics/scheme_data
  • category: eHealth
  • cert_id: BSI-DSZ-CC-0976-V4-2021
  • certification_date: 18.06.2021
  • enhanced:
    • applicant: Giesecke & Devrient GmbH seit 1. Juli 2017 Giesecke+Devrient Mobile Security GmbH Prinzregentenstr. 159 81677 München
    • assurance_level: EAL4+,ALC_DVS.2,ATE_DPT.2,AVA_VAN.5
    • cert_link: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte09/0976V4c_pdf.pdf?__blob=publicationFile&v=3
    • certification_date: 18.06.2021
    • description: The Target of Evaluation (TOE) is the product STARCOS 3.6 COSGKV C1 developed by Giesecke & Devrient GmbH. The TOE is a smart card product according to the G2 Card Operating System (G2-COS) specification from gematik. The TOE is intended to be used as a card operating system platform for specific card types and applications of the card generation G2 in the framework of the German health care system, and therefore implements the mandatory part of the G2-COS specification with the base functionality of the operating system platform only. The TOE implements from the PP-0082-V2 the base part without any of the optional packages.
    • entries: [frozendict({'id': 'BSI-DSZ-CC-0976-V4-2021-MA-01 (Ausstellungsdatum / Certification Date 09.05.2022)', 'description': 'The partial ALC re-evaluation for procedure 0976-V4 covers the update of the product life-cycle concerning the involved development and production sites. The certified product itself did not change.'}), frozendict({'id': 'BSI-DSZ-CC-0976-V4-2021 (Ausstellungsdatum / Certification Date 18.06.2021, gültig bis / valid until 17.06.2026) Zertifizierungsreport / Certification Report', 'description': 'Software'}), frozendict({'id': 'BSI', 'description': 'The partial ALC re-evaluation for procedure 0976-V3 covers the update of the product life-cycle concerning the involved development and production sites. The certified product itself did not change.'}), frozendict({'id': 'BSI-DSZ-CC-0976-V3-2019-MA-01 (Ausstellungsdatum / Certification Date 15.06.2021)', 'description': 'Maintenance Report'}), frozendict({'id': 'BSI-DSZ-CC-0976-V3-2019 (Ausstellungsdatum / Certification Date 21.11.2019, gültig bis / valid until 20.11.2024)', 'description': '), to adaptations in the life-cycle model as well as to the integration of the functional package Contactless and further specific changes in the Embedded Software including a corresponding update of the related user guidance documentation. In particular, the TOE’s (crypto) implementation was re-evaluated and reassessed.'}), frozendict({'id': 'BSI-DSZ-CC-0976-V2-2018 (Ausstellungsdatum / Certification Date 20.09.2018, gültig bis / valid until 19.09.2023)', 'description': 'Software'}), frozendict({'id': 'BSI-DSZ-CC-0976-2015-MA-01 (Ausstellungsdatum / Certification Date 02.08.2018)', 'description': 'The changes are related to an update and reevaluation of the product life-cycle caused by changes in the development and porduction sites. The certified product itself did not change.'}), frozendict({'id': 'BSI-DSZ-CC-0976-2015-RA-01 (Ausstellungsdatum / Certification Date 19.09.2017)', 'description': 'Security Target'}), frozendict({'id': 'BSI-DSZ-CC-0976-2015 (Ausstellungsdatum / Certification Date 29.12.2015, gültig bis / valid until 28.12.2020)', 'description': 'Security Target'})]
    • evaluation_facility: SRC Security Research & Consulting GmbH
    • expiration_date: 17.06.2026
    • product: STARCOS 3.7 COS HBA-SMC
    • protection_profile: Card Operating System Generation 2 (PP COS G2), Version 2.1, 10 July 2019, BSI-CC-PP-0082-V4-2019
    • report_link: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte09/0976V4a_pdf.pdf?__blob=publicationFile&v=3
    • target_link: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte09/0976V4b_pdf.pdf?__blob=publicationFile&v=3
  • product: STARCOS 3.7 COS HBA-SMC
  • subcategory: Smartcards
  • url: https://www.bsi.bund.de/SharedDocs/Zertifikate_CC/CC/Gesundheitswesen_SmartCards/0976_0976V2_0976V3_0976V4.html
  • vendor: Giesecke & Devrient GmbH seit 1. Juli 2017 Giesecke+Devrient Mobile Security GmbH
heuristics/protection_profiles 29ba341b00e9bd10, c40ae795865a0dba, 51729b94f0ac139f, 36b1d4890baaa7f4, 83014eb399a802f3, 593b939921a117e0 55ed365edb2c317f
maintenance_updates
protection_profile_links https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/PP_MDF_V3.3.pdf, https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/MOD_WLANC_v1.0.pdf, https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/mod_mdm_agent_v1.0.pdf, https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/PKG_TLS_V1.1.pdf, https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/MOD-BIO-v1.1.pdf, https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/MOD_BT_V1.0.pdf https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/pp0082b_pdf.pdf
pdf_data/cert_filename st_vid11419-ci.pdf 0976V4c_pdf.pdf
pdf_data/report_filename st_vid11419-vr.pdf 0976V4a_pdf.pdf
pdf_data/st_filename st_vid11419-st.pdf 0976V4b_pdf.pdf