This page was not yet optimized for use on mobile
devices.
Xaica-a PLUS ePassport on MTCOS Pro 2.6 with SAC (BAC+PACE) and Active Authentication / ST31N600
CSV information
| Status | active |
|---|---|
| Valid from | 11.02.2026 |
| Valid until | 11.02.2031 |
| Scheme | 🇩🇪 DE |
| Manufacturer | MaskTech International GmbH |
| Category | ICs, Smart Cards and Smart Card-Related Devices and Systems |
| Security level | EAL4+, ALC_DVS.2, ALC_FLR.3 |
Heuristics summary
Certificate ID: BSI-DSZ-CC-1074-V3-2026
Certificate
certificate file processing did not finish successfully.
Show more...
Download pdf:
OK
Convert pdf to text:
OK
Extract keywords:
ERROR
Extracted keywords
Security level
EAL 4, EAL 5, EAL 2, EAL 4 augmentedSecurity Assurance Requirements (SAR)
ALC_DVS.2, ALC_FLR.3, ALC_FLRCertificates
BSI-DSZ-CC-1074-V3-2026Standards
ISO/IEC 15408, ISO/IEC 18045Certification report
Extracted keywords
Symmetric Algorithms
AES, DESAsymmetric Algorithms
ECCSchemes
MACProtocols
PACE, PGPRandomness
RNGLibraries
NesLib 6.7.4Vendor
STMicroelectronics, STMSecurity level
EAL 4, EAL 5, EAL 2, EAL 1, EAL5+, EAL6, EAL 5+, EAL 6, EAL 4 augmentedClaims
OE.PKISecurity Assurance Requirements (SAR)
ALC_DVS.2, ALC_FLR.3, ALC_FLR, ALC_CMC.4, ALC_CMS.4, ALC_DEL.1, ALC_LCD.1, ALC_TAT.1, ALC_COMP.1Certificates
BSI-DSZ-CC-1074-V3-2026, BSI-DSZ-CC-1074-V2-2020, ANSSI-CC-2022/21-R02, ANSSI-CC-2022/42-R02Evaluation facilities
SRC Security Research & ConsultingSide-channel analysis
fault injection, JILCertification process
being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification, Pro 2.6 with SAC (BAC+PACE) and Active Authentication / ST31N600, MaskTech International GmbH (confidential document) [6] Evaluation Technical Report, Version 1.0, 19.01.2026, Evaluation Report- Evaluation Technical, ETR), SRC Security Research & Consulting GmbH, (confidential document) [7] Protection Profile for ePassport IC with SAC (BAC+PACE) and Active Authentication, Version 1, list - Xaica-α PLUS ePassport on MTCOS Pro 2.6 / ST31N600 MaskTech International GmbH (confidential document) [10] User Guidance, Version 1.1, 07 January 2026, User Guidance –Xaica-α PLUS ePassport on MTCOSStandards
AIS 34, AIS 36, AIS 25, AIS 26, AIS 46, AIS 31, AIS 20, AIS 35, AIS 32, AIS 38, ISO/IEC 15408, ISO/IEC 18045, ISO/IEC 17065, ICAOTechnical reports
BSI TR-03110, BSI TR-02102File metadata
| Title | Certification Report BSI-DSZ-CC-1074-V3-2026 |
|---|---|
| Subject | Common Criteria, Certification, Zertifizierung, passport, Pass, Ausweis, hoheitliche Dokumente, MaskTech |
| Keywords | Common Criteria, Certification, Zertifizierung, passport, Pass, Ausweis, hoheitliche Dokumente, MaskTech |
| Author | Federal Office for Information Security |
| Pages | 24 |
Frontpage
| Certificate ID | BSI-DSZ-CC-1074-V3-2026 |
|---|---|
| Certified item | Xaica-α PLUS ePassport on MTCOS Pro 2.6 with SAC (BAC+PACE) and Active Authentication / ST31N600 |
| Certification lab | BSI |
| Developer | MaskTech International GmbH sponsored by NTT DATA CORPORATION |
References
Outgoing- ANSSI-CC-2022/21-R02 - active - ST31N600(A03) (ANSSI-CC-2022/21-R02)
- ANSSI-CC-2022/42-R02 - active - Cryptographic library NESLIB 6.7.4 on ST31N600 A03 (version 6.7.4) (ANSSI-CC-2022/42-R02)
- BSI-DSZ-CC-1074-V2-2020 - archived - Xaica-Alpha PLUS ePassport on MTCOS Pro 2.5 with SAC (BAC+PACE) and Active Authentication / ST31G480 D01
Security target
Extracted keywords
Symmetric Algorithms
AES, AES-, DES, 3DES, TDES, TDEA, CMACAsymmetric Algorithms
ECDH, ECDSA, ECC, Diffie-HellmanHash functions
SHA-1, SHA-256, SHA-384, KeccakSchemes
MAC, Key agreement, Key AgreementProtocols
PACERandomness
DRBG, RNG, RNDLibraries
NESLIB 6.7.4Elliptic Curves
P-256, P-384, NIST P-256, NIST P-384Block cipher modes
CBCIC data groups
EF.DG1, EF.DG2, EF.DG13, EF.DG15, EF.DG14, EF.COM, EF.CardAccess, EF.SODTrusted Execution Environments
SSCVendor
STMicroelectronicsSecurity level
EAL4, EAL6, EAL5, EAL4 augmented, EAL6 augmented, EAL5 augmentedClaims
O.AA, O.BAC, O.PACE, O.RND, A.PKI, OE.PKISecurity Assurance Requirements (SAR)
ADV_ARC.1, ADV_IMP.1, ADV_FSP.4, ADV_TDS.3, ADV_ARC, AGD_OPE.1, AGD_PRE.1, ALC_DVS.2, ALC_FLR.3, ALC_FLR.2, ALC_DVS.1, ALC_CMC.4, ALC_DEL.1, ALC_TAT.1, ALC_CMS.4, ALC_LCD.1, ATE_COV.2, ATE_FUN.1, ATE_DPT.1, ATE_IND.2, AVA_VAN.5, AVA_VAN.3, ASE_INT.1, ASE_CCL.1, ASE_SPD.1, ASE_OBJ.2, ASE_ECD.1, ASE_REQ.2, ASE_TSS.1, ASE_TSS.2Security Functional Requirements (SFR)
FAU_SAS.1, FAU_SAR, FAU_SAS, FCS_CKM, FCS_CKM.6, FCS_COP, FCS_RNG.1, FCS_CKM.4, FCS_RND, FCS_RNG, FCS_CKM.2, FCS_CKM.5, FCS_COP.1, FCS_RBG.1, FCS_CKM.1, FCS_CKM.6.1, FCS_CKM.6.2, FCS_RNG.1.1, FCS_RNG.1.2, FCS_RND.1, FCS_SBO, FDP_ACC, FDP_ACF, FDP_ITC.1, FDP_UCT, FDP_UIT, FDP_ITC.2, FDP_ACF.1, FDP_ACC.1, FDP_IFC.1, FDP_ITC.1.1, FDP_ITC.1.2, FDP_ITC.1.3, FDP_UCT.1, FDP_UIT.1, FDP_SDC.1, FDP_SDI.2, FDP_ITT.1, FIA_AFL, FIA_UAU.1, FIA_UAU.4, FIA_UAU.5, FIA_UID.1, FIA_AFL.1, FIA_UAU.1.1, FIA_UAU.1.2, FIA_UAU.4.1, FIA_UAU.5.1, FIA_UAU.5.2, FIA_UID.1.1, FIA_UID.1.2, FIA_API.1, FMT_MOF.1, FMT_MTD.1, FMT_SMF.1, FMT_SMR.1, FMT_MSA.3, FMT_MOF.1.1, FMT_MTD.1.1, FMT_SMF.1.1, FMT_SMR.1.1, FMT_SMR.1.2, FMT_LIM, FMT_MSA, FMT_SMF, FMT_SMR, FMT_UID, FMT_UAU, FPT_EMS.1, FPT_PHP.3, FPT_EMS, FPT_EMS.1.1, FPT_PHP.3.1, FPT_FLS.1, FPT_ITT.1, FPT_FLS, FRU_FLT.2, FTP_ITC.1, FTP_TRP.1, FTP_ITC.1.1, FTP_ITC.1.2, FTP_ITC.1.3, FTP_ITCProtection profiles
BSI-CC-PP-0056-V2-2012-MA-02, BSI-CC-PP-0084-2014Certificates
BSI-DSZ-CC-1073-V2-, ANSSI-CC-2022/21-R02, ANSSI-CC-2022/42-R02Side-channel analysis
Leak-Inherent, physical probing, Malfunction, JILStandards
FIPS PUB 140-3, FIPS PUB 180-4, FIPS PUB 197, NIST SP 800-38B, NIST SP 800-67, AIS 31, ISO/IEC 9797-1, ISO/IEC 15408, ISO/IEC 10116-2017, ISO/IEC 7816, ICAO, CCMB-2022-11-001, CCMB-2022-11-002, CCMB-2022-11-003, CCMB-2022-11-004, CCMB-2022-11-005, CCMB-2022-11-006File metadata
| Pages | 83 |
|---|
References
Outgoing- ANSSI-CC-2022/21-R02 - active - ST31N600(A03) (ANSSI-CC-2022/21-R02)
- ANSSI-CC-2022/42-R02 - active - Cryptographic library NESLIB 6.7.4 on ST31N600 A03 (version 6.7.4) (ANSSI-CC-2022/42-R02)
Heuristics
Automated inference - use with caution
All attributes shown in this section (e.g., links between certificates, products, vendors, and known CVEs) are generated by automated heuristics and have not been reviewed by humans. These methods can produce false positives or false negatives and should not be treated as definitive without independent verification. For details on our data sources and inference methods, see our methodology. If you believe any information here is inaccurate or harmful, please submit feedback.Certificate ID
BSI-DSZ-CC-1074-V3-2026Extracted SARs
ADV_ARC.1, ADV_FSP.4, ADV_IMP.1, ADV_TDS.3, AGD_OPE.1, AGD_PRE.1, ALC_CMC.4, ALC_CMS.4, ALC_COMP.1, ALC_DEL.1, ALC_DVS.2, ALC_FLR.3, ALC_LCD.1, ALC_TAT.1, ASE_CCL.1, ASE_ECD.1, ASE_INT.1, ASE_OBJ.2, ASE_REQ.2, ASE_SPD.1, ASE_TSS.2, ATE_COV.2, ATE_DPT.1, ATE_FUN.1, ATE_IND.2, AVA_VAN.5Similar certificates
| Name | Certificate ID | |
|---|---|---|
| Xaica-a PLUS ePassport on MTCOS Pro 2.6 with SAC (PACE) and Active Authentication / ST31N600 | BSI-DSZ-CC-1073-V3-2026 | Compare |
| Xaica-α PLUS ePassport on MTCOS Pro 2.5 with SAC (BAC+PACE) and Active Authentication / ST31G480 C01 | BSI-DSZ-CC-1074-2019 | Compare |
| Xaica-Alpha PLUS ePassport on MTCOS Pro 2.5 with SAC (BAC+PACE) and Active Authentication / ST31G480 D01 | BSI-DSZ-CC-1074-V2-2020 | Compare |
| Xaica-Alpha PLUS ePassport on MTCOS Pro 2.5 with SAC (PACE) and Active Authentication / ST31G480 D01 | BSI-DSZ-CC-1073-V2-2020 | Compare |
| Xaica-α PLUS ePassport on MTCOS Pro 2.5 with SAC (PACE) and Active Authentication / ST31G480 C01 | BSI-DSZ-CC-1073-2019 | Compare |
Scheme data
| Cert Id | BSI-DSZ-CC-1074-V3-2026 | |
|---|---|---|
| Product | Xaica-α PLUS ePassport on MTCOS Pro 2.6 with SAC (BAC+PACE) and Active Authentication / ST31N600 | |
| Vendor | MaskTech International GmbH | |
| Certification Date | 11.02.2026 | |
| Category | Electronic ID documents | |
| Url | https://www.bsi.bund.de/SharedDocs/Zertifikate_CC/CC/Hoheitliche_Dokumente-IC_mit_Anwendung/1074.html | |
| Enhanced | ||
| Product | Xaica-α PLUS ePassport on MTCOS Pro 2.6 with SAC (BAC+PACE) and Active Authentication / ST31N600 | |
| Applicant | MaskTech International GmbH Nordostpark 45 90411 NĂĽrnberg | |
| Evaluation Facility | SRC Security Research & Consulting GmbH | |
| Assurance Level | EAL4+,ALC_DVS.2,ALC_FLR.3 | |
| Certification Date | 11.02.2026 | |
| Expiration Date | 10.02.2031 | |
| Entries | [frozendict({'id': 'BSI-DSZ-CC-1074-V3-2026 (Ausstellungsdatum / Certification Date 11.02.2026, gültig bis / valid until 10.02.2031)', 'description': 'The target of evaluation (TOE) of this evaluation is the product Xaica-a PLUS ePassport on MTCOS Pro 2.6 with SAC (BAC+PACE) and Active Authentication / ST31N600 provided by MaskTech International GmbH. The TOE is an electronic travel document representing a contactless smart card providing the Basic Access Control (BAC), Password Authenticated Connection Establishment (PACE) and the Active Authentication protocol according to the ’ICAO 9303’ and BSI TR-03110 and is pro-grammed according to ICAO Technical Report “Supplemental Access Control”.'}), frozendict({'id': 'BSI-DSZ-CC-1074-V2-2020 (Ausstellungsdatum / Certification Date 30.07.2020, gültig bis / valid until 29.07.2025)', 'description': 'Technical Report "Supplemental Access Control"'}), frozendict({'id': 'BSI-DSZ-CC-1074-2019 (25.01.2019)', 'description': 'Certificate'})] | |
| Report Link | https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1000/1074V3a_pdf.pdf?__blob=publicationFile&v=3 | |
| Target Link | https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1000/1074V3b_pdf.pdf?__blob=publicationFile&v=2 | |
| Cert Link | https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1000/1074V3c_pdf.pdf?__blob=publicationFile&v=2 | |
| Description | The target of evaluation (TOE) is the product Xaica-α PLUS ePassport on MTCOS Pro 2.5 with SAC (BAC+PACE) and Active Authentication / ST31G480 D01 provided by MaskTech International GmbH. The TOE is an electronic travel document representing a contactless smart card providing the Basic Access Control (BAC), Password Authenticated Connection Establishment (PACE) and the Active Authentication protocol according to the ICAO 9303 and BSI TR-03110 and is programmed according to ICAO Technical Report “Supplemental Access Control”. | |
| Subcategory | IC with applications | |
References
Loading...
Updates Feed
-
The certificate was first processed.
Raw data
{
"_type": "sec_certs.sample.cc.CCCertificate",
"category": "ICs, Smart Cards and Smart Card-Related Devices and Systems",
"cert_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1074V3c_pdf.pdf",
"dgst": "3fc7dd21c9c28b97",
"heuristics": {
"_type": "sec_certs.sample.cc_eucc_common.Heuristics",
"annotated_references": null,
"cert_id": "BSI-DSZ-CC-1074-V3-2026",
"cert_lab": [
"BSI"
],
"cpe_matches": null,
"direct_transitive_cves": null,
"eal": "EAL4+",
"extracted_sars": {
"_type": "Set",
"elements": [
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_DEL",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_FUN",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_CMS",
"level": 4
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_TDS",
"level": 3
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AVA_VAN",
"level": 5
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_IND",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_DPT",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_COV",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_INT",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_FSP",
"level": 4
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_REQ",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_COMP",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_FLR",
"level": 3
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_ECD",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_OBJ",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_CCL",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_DVS",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_TAT",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_ARC",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AGD_OPE",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_CMC",
"level": 4
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_TSS",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_LCD",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AGD_PRE",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_IMP",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_SPD",
"level": 1
}
]
},
"extracted_versions": {
"_type": "Set",
"elements": [
"2.6"
]
},
"indirect_transitive_cves": null,
"next_certificates": null,
"prev_certificates": null,
"protection_profiles": null,
"related_cves": null,
"report_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": {
"_type": "Set",
"elements": [
"ANSSI-CC-2022/42-R02",
"BSI-DSZ-CC-1074-V2-2020",
"ANSSI-CC-2022/21-R02"
]
},
"indirectly_referenced_by": null,
"indirectly_referencing": {
"_type": "Set",
"elements": [
"ANSSI-CC-2019/12",
"ANSSI-CC-2017/61",
"BSI-DSZ-CC-1073-2019",
"ANSSI-CC-2022/42-R02",
"ANSSI-CC-2016/58",
"BSI-DSZ-CC-1074-2019",
"BSI-DSZ-CC-1074-V2-2020",
"ANSSI-CC-2022/21-R02"
]
}
},
"scheme_data": {
"category": "Electronic ID documents",
"cert_id": "BSI-DSZ-CC-1074-V3-2026",
"certification_date": "2026-02-11",
"enhanced": {
"applicant": "MaskTech International GmbH Nordostpark 45 90411 N\u00fcrnberg",
"assurance_level": "EAL4+,ALC_DVS.2,ALC_FLR.3",
"cert_link": "https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1000/1074V3c_pdf.pdf?__blob=publicationFile\u0026v=2",
"certification_date": "2026-02-11",
"description": "The target of evaluation (TOE) is the product Xaica-\u03b1 PLUS ePassport on MTCOS Pro 2.5 with SAC (BAC+PACE) and Active Authentication / ST31G480 D01 provided by MaskTech International GmbH. The TOE is an electronic travel document representing a contactless smart card providing the Basic Access Control (BAC), Password Authenticated Connection Establishment (PACE) and the Active Authentication protocol according to the ICAO 9303 and BSI TR-03110 and is programmed according to ICAO Technical Report \u201cSupplemental Access Control\u201d.",
"entries": [
{
"description": "The target of evaluation (TOE) of this evaluation is the product Xaica-a PLUS ePassport on MTCOS Pro 2.6 with SAC (BAC+PACE) and Active Authentication / ST31N600 provided by MaskTech International GmbH. The TOE is an electronic travel document representing a contactless smart card providing the Basic Access Control (BAC), Password Authenticated Connection Establishment (PACE) and the Active Authentication protocol according to the \u2019ICAO 9303\u2019 and BSI TR-03110 and is pro-grammed according to ICAO Technical Report \u201cSupplemental Access Control\u201d.",
"id": "BSI-DSZ-CC-1074-V3-2026 (Ausstellungsdatum / Certification Date 11.02.2026, g\u00fcltig bis / valid until 10.02.2031)"
},
{
"description": "Technical Report \"Supplemental Access Control\"",
"id": "BSI-DSZ-CC-1074-V2-2020 (Ausstellungsdatum / Certification Date 30.07.2020, g\u00fcltig bis / valid until 29.07.2025)"
},
{
"description": "Certificate",
"id": "BSI-DSZ-CC-1074-2019 (25.01.2019)"
}
],
"evaluation_facility": "SRC Security Research \u0026 Consulting GmbH",
"expiration_date": "2031-02-10",
"product": "Xaica-\u03b1 PLUS ePassport on MTCOS Pro 2.6 with SAC (BAC+PACE) and Active Authentication / ST31N600",
"report_link": "https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1000/1074V3a_pdf.pdf?__blob=publicationFile\u0026v=3",
"target_link": "https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1000/1074V3b_pdf.pdf?__blob=publicationFile\u0026v=2"
},
"product": "Xaica-\u03b1 PLUS ePassport on MTCOS Pro 2.6 with SAC (BAC+PACE) and Active Authentication / ST31N600",
"subcategory": "IC with applications",
"url": "https://www.bsi.bund.de/SharedDocs/Zertifikate_CC/CC/Hoheitliche_Dokumente-IC_mit_Anwendung/1074.html",
"vendor": "MaskTech International GmbH"
},
"st_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": {
"_type": "Set",
"elements": [
"ANSSI-CC-2022/42-R02",
"ANSSI-CC-2022/21-R02"
]
},
"indirectly_referenced_by": null,
"indirectly_referencing": {
"_type": "Set",
"elements": [
"ANSSI-CC-2022/42-R02",
"ANSSI-CC-2022/21-R02"
]
}
},
"verified_cpe_matches": null
},
"maintenance_updates": {
"_type": "Set",
"elements": []
},
"manufacturer": "MaskTech International GmbH",
"manufacturer_web": "https://www.masktech.de/",
"name": "Xaica-a PLUS ePassport on MTCOS Pro 2.6 with SAC (BAC+PACE) and Active Authentication / ST31N600",
"not_valid_after": "2031-02-11",
"not_valid_before": "2026-02-11",
"pdf_data": {
"_type": "sec_certs.sample.cc_eucc_common.PdfData",
"cert_filename": "1074V3c_pdf.pdf",
"cert_frontpage": null,
"cert_keywords": {
"asymmetric_crypto": {},
"cc_cert_id": {
"DE": {
"BSI-DSZ-CC-1074-V3-2026": 1
}
},
"cc_claims": {},
"cc_protection_profile_id": {},
"cc_sar": {
"ALC": {
"ALC_DVS.2": 1,
"ALC_FLR": 1,
"ALC_FLR.3": 1
}
},
"cc_security_level": {
"EAL": {
"EAL 2": 1,
"EAL 4": 2,
"EAL 4 augmented": 1,
"EAL 5": 1
}
},
"cc_sfr": {},
"certification_process": {},
"cipher_mode": {},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {},
"crypto_scheme": {},
"device_model": {},
"ecc_curve": {},
"eval_facility": {},
"hash_function": {},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {},
"side_channel_analysis": {},
"standard_id": {
"ISO": {
"ISO/IEC 15408": 2,
"ISO/IEC 18045": 2
}
},
"symmetric_crypto": {},
"technical_report_id": {},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"cert_metadata": null,
"report_filename": "1074V3a_pdf.pdf",
"report_frontpage": {
"DE": {
"cc_security_level": "Common Criteria Part 3 conformant EAL 4 augmented by ALC_DVS.2, ALC_FLR.3 valid until: 10 February 2031 SOGIS Recognition Agreement for components up to EAL 4",
"cc_version": "Product specific Security Target Common Criteria Part 2 conformant",
"cert_id": "BSI-DSZ-CC-1074-V3-2026",
"cert_item": "Xaica-\u03b1 PLUS ePassport on MTCOS Pro 2.6 with SAC (BAC+PACE) and Active Authentication / ST31N600",
"cert_lab": "BSI",
"developer": "MaskTech International GmbH sponsored by NTT DATA CORPORATION",
"match_rules": [
"(BSI-DSZ-CC-.+?) (?:for|For) (.+?) from (.*)"
],
"ref_protection_profiles": "None - Based on Protection Profile for ePassport IC with SAC (BAC+PACE) and Active Authentication, Version 1.00, March 8, 2016, JISEC C0500"
}
},
"report_keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 1
}
}
},
"cc_cert_id": {
"DE": {
"BSI-DSZ-CC-1074-V2-2020": 3,
"BSI-DSZ-CC-1074-V3-2026": 15
},
"FR": {
"ANSSI-CC-2022/21-R02": 3,
"ANSSI-CC-2022/42-R02": 4
}
},
"cc_claims": {
"OE": {
"OE.PKI": 1
}
},
"cc_protection_profile_id": {},
"cc_sar": {
"ALC": {
"ALC_CMC.4": 1,
"ALC_CMS.4": 1,
"ALC_COMP.1": 1,
"ALC_DEL.1": 1,
"ALC_DVS.2": 5,
"ALC_FLR": 3,
"ALC_FLR.3": 4,
"ALC_LCD.1": 1,
"ALC_TAT.1": 1
}
},
"cc_security_level": {
"EAL": {
"EAL 1": 1,
"EAL 2": 3,
"EAL 4": 6,
"EAL 4 augmented": 3,
"EAL 5": 4,
"EAL 5+": 1,
"EAL 6": 1,
"EAL5+": 1,
"EAL6": 1
}
},
"cc_sfr": {},
"certification_process": {
"ConfidentialDocument": {
"ETR), SRC Security Research \u0026 Consulting GmbH, (confidential document) [7] Protection Profile for ePassport IC with SAC (BAC+PACE) and Active Authentication, Version 1": 1,
"Pro 2.6 with SAC (BAC+PACE) and Active Authentication / ST31N600, MaskTech International GmbH (confidential document) [6] Evaluation Technical Report, Version 1.0, 19.01.2026, Evaluation Report- Evaluation Technical": 1,
"being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification": 1,
"list - Xaica-\u03b1 PLUS ePassport on MTCOS Pro 2.6 / ST31N600 MaskTech International GmbH (confidential document) [10] User Guidance, Version 1.1, 07 January 2026, User Guidance \u2013Xaica-\u03b1 PLUS ePassport on MTCOS": 1
}
},
"cipher_mode": {},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {
"Neslib": {
"NesLib 6.7.4": 3
}
},
"crypto_protocol": {
"PACE": {
"PACE": 4
},
"PGP": {
"PGP": 3
}
},
"crypto_scheme": {
"MAC": {
"MAC": 1
}
},
"device_model": {},
"ecc_curve": {},
"eval_facility": {
"SRC": {
"SRC Security Research \u0026 Consulting": 3
}
},
"hash_function": {},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"RNG": {
"RNG": 1
}
},
"side_channel_analysis": {
"FI": {
"fault injection": 1
},
"other": {
"JIL": 4
}
},
"standard_id": {
"BSI": {
"AIS 20": 2,
"AIS 25": 3,
"AIS 26": 3,
"AIS 31": 2,
"AIS 32": 1,
"AIS 34": 3,
"AIS 35": 2,
"AIS 36": 4,
"AIS 38": 1,
"AIS 46": 1
},
"ICAO": {
"ICAO": 1
},
"ISO": {
"ISO/IEC 15408": 4,
"ISO/IEC 17065": 2,
"ISO/IEC 18045": 4
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 1
}
},
"DES": {
"DES": {
"DES": 1
}
}
},
"technical_report_id": {
"BSI": {
"BSI TR-02102": 1,
"BSI TR-03110": 1
}
},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {
"STMicroelectronics": {
"STM": 1,
"STMicroelectronics": 12
}
},
"vulnerability": {}
},
"report_metadata": {
"/Author": "Federal Office for Information Security",
"/Keywords": "Common Criteria, Certification, Zertifizierung, passport, Pass, Ausweis, hoheitliche Dokumente, MaskTech",
"/Subject": "Common Criteria, Certification, Zertifizierung, passport, Pass, Ausweis, hoheitliche Dokumente, MaskTech",
"/Title": "Certification Report BSI-DSZ-CC-1074-V3-2026",
"pdf_file_size_bytes": 389383,
"pdf_hyperlinks": {
"_type": "Set",
"elements": []
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 24
},
"st_filename": "1074V3b_pdf.pdf",
"st_frontpage": null,
"st_keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 1
},
"ECDH": {
"ECDH": 3
},
"ECDSA": {
"ECDSA": 5
}
},
"FF": {
"DH": {
"Diffie-Hellman": 2
}
}
},
"cc_cert_id": {
"DE": {
"BSI-DSZ-CC-1073-V2-": 1
},
"FR": {
"ANSSI-CC-2022/21-R02": 3,
"ANSSI-CC-2022/42-R02": 3
}
},
"cc_claims": {
"A": {
"A.PKI": 4
},
"O": {
"O.AA": 8,
"O.BAC": 8,
"O.PACE": 9,
"O.RND": 1
},
"OE": {
"OE.PKI": 3
}
},
"cc_protection_profile_id": {
"BSI": {
"BSI-CC-PP-0056-V2-2012-MA-02": 1,
"BSI-CC-PP-0084-2014": 1
}
},
"cc_sar": {
"ADV": {
"ADV_ARC": 1,
"ADV_ARC.1": 2,
"ADV_FSP.4": 1,
"ADV_IMP.1": 2,
"ADV_TDS.3": 1
},
"AGD": {
"AGD_OPE.1": 2,
"AGD_PRE.1": 1
},
"ALC": {
"ALC_CMC.4": 2,
"ALC_CMS.4": 1,
"ALC_DEL.1": 2,
"ALC_DVS.1": 1,
"ALC_DVS.2": 11,
"ALC_FLR.2": 5,
"ALC_FLR.3": 12,
"ALC_LCD.1": 1,
"ALC_TAT.1": 2
},
"ASE": {
"ASE_CCL.1": 3,
"ASE_ECD.1": 2,
"ASE_INT.1": 3,
"ASE_OBJ.2": 2,
"ASE_REQ.2": 3,
"ASE_SPD.1": 2,
"ASE_TSS.1": 4,
"ASE_TSS.2": 3
},
"ATE": {
"ATE_COV.2": 2,
"ATE_DPT.1": 1,
"ATE_FUN.1": 2,
"ATE_IND.2": 1
},
"AVA": {
"AVA_VAN.3": 3,
"AVA_VAN.5": 2
}
},
"cc_security_level": {
"EAL": {
"EAL4": 6,
"EAL4 augmented": 4,
"EAL5": 2,
"EAL5 augmented": 2,
"EAL6": 2,
"EAL6 augmented": 2
}
},
"cc_sfr": {
"FAU": {
"FAU_SAR": 2,
"FAU_SAS": 1,
"FAU_SAS.1": 1
},
"FCS": {
"FCS_CKM": 28,
"FCS_CKM.1": 25,
"FCS_CKM.2": 6,
"FCS_CKM.4": 4,
"FCS_CKM.5": 28,
"FCS_CKM.6": 50,
"FCS_CKM.6.1": 2,
"FCS_CKM.6.2": 1,
"FCS_COP": 114,
"FCS_COP.1": 16,
"FCS_RBG.1": 6,
"FCS_RND": 2,
"FCS_RND.1": 1,
"FCS_RNG": 2,
"FCS_RNG.1": 19,
"FCS_RNG.1.1": 1,
"FCS_RNG.1.2": 1,
"FCS_SBO": 5
},
"FDP": {
"FDP_ACC": 37,
"FDP_ACC.1": 19,
"FDP_ACF": 29,
"FDP_ACF.1": 18,
"FDP_IFC.1": 11,
"FDP_ITC.1": 39,
"FDP_ITC.1.1": 1,
"FDP_ITC.1.2": 1,
"FDP_ITC.1.3": 1,
"FDP_ITC.2": 22,
"FDP_ITT.1": 1,
"FDP_SDC.1": 1,
"FDP_SDI.2": 1,
"FDP_UCT": 19,
"FDP_UCT.1": 2,
"FDP_UIT": 19,
"FDP_UIT.1": 4
},
"FIA": {
"FIA_AFL": 24,
"FIA_AFL.1": 6,
"FIA_API.1": 1,
"FIA_UAU.1": 18,
"FIA_UAU.1.1": 1,
"FIA_UAU.1.2": 1,
"FIA_UAU.4": 9,
"FIA_UAU.4.1": 1,
"FIA_UAU.5": 12,
"FIA_UAU.5.1": 1,
"FIA_UAU.5.2": 1,
"FIA_UID.1": 15,
"FIA_UID.1.1": 1,
"FIA_UID.1.2": 1
},
"FMT": {
"FMT_LIM": 8,
"FMT_MOF.1": 8,
"FMT_MOF.1.1": 1,
"FMT_MSA": 4,
"FMT_MSA.3": 12,
"FMT_MTD.1": 8,
"FMT_MTD.1.1": 1,
"FMT_SMF": 2,
"FMT_SMF.1": 15,
"FMT_SMF.1.1": 1,
"FMT_SMR": 1,
"FMT_SMR.1": 11,
"FMT_SMR.1.1": 1,
"FMT_SMR.1.2": 1,
"FMT_UAU": 1,
"FMT_UID": 1
},
"FPT": {
"FPT_EMS": 2,
"FPT_EMS.1": 13,
"FPT_EMS.1.1": 2,
"FPT_FLS": 1,
"FPT_FLS.1": 1,
"FPT_ITT.1": 1,
"FPT_PHP.3": 11,
"FPT_PHP.3.1": 1
},
"FRU": {
"FRU_FLT.2": 1
},
"FTP": {
"FTP_ITC": 2,
"FTP_ITC.1": 22,
"FTP_ITC.1.1": 1,
"FTP_ITC.1.2": 1,
"FTP_ITC.1.3": 1,
"FTP_TRP.1": 8
}
},
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 18
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {
"Neslib": {
"NESLIB 6.7.4": 1
}
},
"crypto_protocol": {
"PACE": {
"PACE": 99
}
},
"crypto_scheme": {
"KA": {
"Key Agreement": 1,
"Key agreement": 3
},
"MAC": {
"MAC": 10
}
},
"device_model": {},
"ecc_curve": {
"NIST": {
"NIST P-256": 4,
"NIST P-384": 4,
"P-256": 4,
"P-384": 4
}
},
"eval_facility": {},
"hash_function": {
"Keccak": {
"Keccak": 1
},
"SHA": {
"SHA1": {
"SHA-1": 7
},
"SHA2": {
"SHA-256": 10,
"SHA-384": 5
}
}
},
"ic_data_group": {
"EF": {
"EF.COM": 14,
"EF.CardAccess": 5,
"EF.DG1": 14,
"EF.DG13": 14,
"EF.DG14": 13,
"EF.DG15": 15,
"EF.DG2": 14,
"EF.SOD": 14
}
},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 1
},
"RNG": {
"RND": 1,
"RNG": 7
}
},
"side_channel_analysis": {
"FI": {
"Malfunction": 1
},
"SCA": {
"Leak-Inherent": 1,
"physical probing": 1
},
"other": {
"JIL": 4
}
},
"standard_id": {
"BSI": {
"AIS 31": 1
},
"CC": {
"CCMB-2022-11-001": 2,
"CCMB-2022-11-002": 2,
"CCMB-2022-11-003": 2,
"CCMB-2022-11-004": 2,
"CCMB-2022-11-005": 2,
"CCMB-2022-11-006": 2
},
"FIPS": {
"FIPS PUB 140-3": 1,
"FIPS PUB 180-4": 1,
"FIPS PUB 197": 1
},
"ICAO": {
"ICAO": 14
},
"ISO": {
"ISO/IEC 10116-2017": 1,
"ISO/IEC 15408": 2,
"ISO/IEC 7816": 2,
"ISO/IEC 9797-1": 2
},
"NIST": {
"NIST SP 800-38B": 1,
"NIST SP 800-67": 1
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 19,
"AES-": 1
}
},
"DES": {
"3DES": {
"3DES": 5,
"TDEA": 1,
"TDES": 1
},
"DES": {
"DES": 8
}
},
"constructions": {
"MAC": {
"CMAC": 11
}
}
},
"technical_report_id": {},
"tee_name": {
"IBM": {
"SSC": 2
}
},
"tls_cipher_suite": {},
"vendor": {
"STMicroelectronics": {
"STMicroelectronics": 13
}
},
"vulnerability": {}
},
"st_metadata": {
"/Author": "",
"/Subject": "",
"/Title": "",
"pdf_file_size_bytes": 497140,
"pdf_hyperlinks": {
"_type": "Set",
"elements": []
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 83
}
},
"protection_profile_links": {
"_type": "Set",
"elements": []
},
"report_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1074V3a_pdf.pdf",
"scheme": "DE",
"security_level": {
"_type": "Set",
"elements": [
"ALC_FLR.3",
"EAL4+",
"ALC_DVS.2"
]
},
"st_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1074V3b_pdf.pdf",
"state": {
"_type": "sec_certs.sample.cc_eucc_common.InternalState",
"cert": {
"_type": "sec_certs.sample.document_state.DocumentState",
"convert_ok": true,
"download_ok": true,
"extract_ok": false,
"json_hash": null,
"pdf_hash": "c2c115199e17358f043ff97c401d2f22811511b3896382ed89568794a46c72ad",
"txt_hash": "de84423449ea54ac19f9e8c0bd269862560a760f18ad24e4c102ec370d8c72ea"
},
"report": {
"_type": "sec_certs.sample.document_state.DocumentState",
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"json_hash": null,
"pdf_hash": "fd5ec42dcd806d0832512533c38ca0f02b98babd4502d00a44e64cba446ad72a",
"txt_hash": "2d0284db9013be968726c01375fae4f005e7c203d64eaf049c01f24d0c146e3b"
},
"st": {
"_type": "sec_certs.sample.document_state.DocumentState",
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"json_hash": null,
"pdf_hash": "c820536af1c243639af597a7a423aa5b5663d5f9a239ec3dd9da82e48c56bcb2",
"txt_hash": "4860ae8800234163d6fe8c112a9ff93eafaa83b2c2b85778903d4c6d349e7a02"
}
},
"status": "active"
}