This page was not yet optimized for use on mobile devices.
MTCOS Pro 2.6 EAC with PACE / SLC37 (V11)
CSV information ?
Status | active |
Valid from | 13.11.2024 |
Valid until | 13.11.2029 |
Scheme | 🇩🇪 DE |
Manufacturer | MaskTech International GmbH |
Category | ICs, Smart Cards and Smart Card-Related Devices and Systems |
Security level | EAL5+, ALC_FLR.3, AVA_VAN.5, ALC_DVS.2 |
Protection profiles |
Heuristics summary ?
Certificate ID: BSI-DSZ-CC-1219-2024
Certificate ?
Extracted keywords
PACESecurity level
EAL 5, EAL 2, EAL 5 augmentedSecurity Assurance Requirements (SAR)
ALC_DVS.2, ALC_FLR.3, ALC_FLR, AVA_VAN.5Certificates
ISO/IEC 15408, ISO/IEC 18045, ICAOFile metadata
Title | Certificate BSI-DSZ-CC-1219-2024 |
Subject | Common Criteria, Certification, Zertifizierung, Smartcard, MRTD, MaskTech, MTCOS Pro 2.6 EAC with PACE / SLC37 (V11) |
Keywords | Common Criteria, Certification, Zertifizierung, Smartcard, MRTD, MaskTech, MTCOS Pro 2.6 EAC with PACE / SLC37 (V11) |
Author | Federal Office for Information Security |
Pages | 1 |
Certification report ?
Extracted keywords
Symmetric Algorithms
AES, DES, 3DESAsymmetric Algorithms
ECDH, ECDSA, ECC, DH, Diffie-HellmanProtocols
PACE, PGPRandomness
RNGBlock cipher modes
Infineon Technologies AGSecurity level
EAL 5, EAL 2, EAL 1, EAL 4, EAL6, EAL5+, EAL 5+, EAL 6, EAL 5 augmented, EAL6 augmentedSecurity Assurance Requirements (SAR)
BSI-CC-PP-0068-V2, BSI-CC-PP- 0084-2014, BSI-CC-PP- 0056-V2-2012-MA-02, BSI-CC-PP-0084-, BSI-CC-PP-0084-2014, BSI-CC-PP-0056-V2-2012-MA-02, BSI-CC-PP-0068-V2-2011-MA01Certificates
BSI-DSZ-CC-1219-2024, BSI-DSZ-CC-1033-V2-, BSI-DSZ-CC-1033-V2-2021, BSI-DSZ-CC-1107-V5-2024, BSI-DSZ-CC-1219, BSI-DSZ-CC-1107-V4-2023, BSI-DSZ-CC-S-0281-, BSI-DSZ-CC-S-0232-2023, BSI-DSZ-CC-S-0233-2023Evaluation facilities
SRC Security Research & ConsultingSide-channel analysis
JILCertification process
being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification, Access Control with PACE, MTCOS Pro 2.6 EAC with PACE / SLC37 (V11), MaskTech International GmbH (confidential document) [7] Evaluation Technical Report, Version 1.2, 25 October 2024, Evaluation Technical Report Summary, MTCOS Pro 2.6 EAC with PACE / SLC37 (V11), SRC Security Research & Consulting GmbH (confidential document) [8] Common Criteria Protection Profile Machine Readable Travel Document with "ICAO Application, Configuration List for MTCOS Pro 2.6 EAC with PACE / SLC37 (V11), MaskTech International GmbH (confidential document) [13] ICAO. Technical Report: Supplemental Access Control for Machine Readable Travel Documents. V1Standards
AIS 34, AIS 36, AIS 37, AIS 26, AIS 25, AIS 20, AIS 31, AIS 46, AIS 35, AIS 32, AIS 38, AIS 47, ISO/IEC 15408, ISO/IEC 18045, ISO/IEC 17065, ISO/IEC 7816:2008, ICAOTechnical reports
BSI TR-02102-1, BSI 7148File metadata
Title | Certification Report BSI-DSZ-CC-1219-2024 |
Subject | Common Criteria, Certification, Zertifizierung, Smartcard, MRTD, MaskTech, MTCOS Pro 2.6 EAC with PACE / SLC37 (V11) |
Keywords | "Common Criteria, Certification, Zertifizierung, Smartcard, MRTD, MaskTech, MTCOS Pro 2.6 EAC with PACE / SLC37 (V11)" |
Author | Federal Office for Information Security |
Pages | 29 |
Certificate ID | BSI-DSZ-CC-1219-2024 |
Certified item | MTCOS Pro 2.6 EAC with PACE / SLC37 (V11 |
Certification lab | BSI |
Developer | MaskTech International GmbH |
Outgoing- BSI-DSZ-CC-1033-V2-2021 - active - MTCOS Pro 2.5 V2 EAC with PACE / SLE78CLFX400VPHM/BPHM/7PHM (M7892)
- BSI-DSZ-CC-1107-V5-2024 - active - IFX_CCI_00002Dh, 000039h, 00003Ah, 000044h, 000045h, 000046h, 000047h, 000048h, 000049h, 00004Ah, 00004Bh, 00004Ch, 00004Dh, 00004Eh design step T11 with firmware 80.306.16.0, 80.306.16.1 or 80.312.02.0, optional NRG™ SW 05.03.4097, optional HSL v3.52.9708, UMSLC lib v01.30.0564, optional SCL v2.15.000 or v2.11.003, optional ACL v3.35.001, v3.34.000, v3.33.003 or v3.02.000, optional RCL v1.10.007, optional HCL v1.13.002 and user guidance
- BSI-DSZ-CC-1107-V4-2023 - active - IFX_CCI_00002Dh, IFX_CCI_000039h, IFX_CCI_00003Ah, IFX_CCI_000044h, IFX_CCI_000045h, IFX_CCI_000046h, IFX_CCI_000047h, IFX_CCI_000048h, IFX_CCI_000049h, IFX_CCI_00004Ah, IFX_CCI_00004Bh, IFX_CCI_00004Ch, IFX_CCI_00004Dh, IFX_CCI_00004Eh design step T11 with firmware 80.306.16.0 & 80.306.16.1 & 80.312.02.0, optional NRG SW 05.03.4097, optional HSL v3.52.9708, UMSLC lib v01.30.0564, optional SCL v2.15.000 and v2.11.003, optional ACL v3.34.000 and v3.33.003 and v3.02.000, optional RCL v1.10.007, optional HCL v1.13.002 and guidance
- BSI-DSZ-CC-1220-2024 - active - MTCOS Pro 2.6 EAC with PACE / SLC37 (V11) (BAC)
Security target ?
Extracted keywords
Symmetric Algorithms
AES, DES, 3DES, TDES, Triple-DES, TDEA, KMAC, CMACAsymmetric Algorithms
ECDH, ECDSA, ECC, Diffie-Hellman, DHHash functions
SHA-1, SHA-224, SHA-256, SHA-384, SHA-512Schemes
MAC, Key AgreementProtocols
RNG, RNDBlock cipher modes
CBCIC data groups
EF.DG1, EF.DG2, EF.DG3, EF.DG4, EF.DG5, EF.DG16, EF.DG14, EF.DG15, EF.DG13, EF.COM, EF.SODTrusted Execution Environments
Infineon Technologies, Infineon Technologies AGSecurity level
EAL5, EAL6, EAL5+, EAL4+, EAL4, EAL5 augmented, EAL6 augmentedClaims
O.RND, O.TDES, O.AES, O.RSA, O.ECC, O.AES-TDES-MAC, O.HASHSecurity Assurance Requirements (SAR)
BSI-CC-PP-0084-2014, BSI-CC-PP-0068-V2, BSI-CC-PP-0056-V2, BSI-CC-PP-0055, BSI-CC-PP-0056-V2-2011, BSI-CC-PP-0056-V2-2012, BSI-CC-PP-0068-V2-2011, BSI-CC-PP-0055-2009, BSI-CC-PP-0056-V2-2012-MA-02, BSI-CC-PP-0068-V2-2011-MA-01Certificates
BSI-DSZ-CC-1219, BSI-DSZ-CC-1221, BSI-DSZ-CC-1107-V5-2024, BSI-DSZ-CC-1220, BSI-DSZ-CC-S-0232-2023, BSI-DSZ-CC-S-0233-2023, BSI-DSZ-CC-S-0281-2024Side-channel analysis
Leak-Inherent, physical probing, side channel, DPA, Physical tampering, physical tampering, Physical Tampering, Malfunction, malfunction, fault injection, reverse engineeringStandards
FIPS PUB 140-3, FIPS PUB 180-4, FIPS PUB 186-4, FIPS PUB 197, NIST SP 800-38B, NIST SP 800-56A, NIST SP 800-67, NIST SP 800-90A, PKCS#3, AIS 31, RFC 2631, RFC 3369, RFC 8017, ISO/IEC 7816, ISO/IEC 14443, ISO/IEC 7816-4, ISO/IEC 10116-2017, ICAO, CCMB-2017-04-001, CCMB-2017-04-002, CCMB-2017-04-003, CCMB-2017-04-004Technical reports
BSI TR-02102-1File metadata
Title | MTCOS Pro 2.6 ICAO - EAC with PACE / SLC37GDA512 (V11) - Security Target lite |
Subject | Common Criteria Certification |
Keywords | Common Criteria, CC, Machine Readable Travel Document, MRTD, EAC with PACE, ePass, MTCOS, EAL 5+ |
Author | MaskTech International GmbH |
Pages | 113 |
Outgoing- BSI-DSZ-CC-1107-V5-2024 - active - IFX_CCI_00002Dh, 000039h, 00003Ah, 000044h, 000045h, 000046h, 000047h, 000048h, 000049h, 00004Ah, 00004Bh, 00004Ch, 00004Dh, 00004Eh design step T11 with firmware 80.306.16.0, 80.306.16.1 or 80.312.02.0, optional NRG™ SW 05.03.4097, optional HSL v3.52.9708, UMSLC lib v01.30.0564, optional SCL v2.15.000 or v2.11.003, optional ACL v3.35.001, v3.34.000, v3.33.003 or v3.02.000, optional RCL v1.10.007, optional HCL v1.13.002 and user guidance
Heuristics ?
Certificate ID: BSI-DSZ-CC-1219-2024
Extracted SARs
Name | Certificate ID | |
MTCOS Pro 2.6 EAC with PACE / SLC37 (V11) (BAC) | BSI-DSZ-CC-1220-2024 | Compare |
Scheme data ?
Cert Id | BSI-DSZ-CC-1219-2024 | |
Product | MTCOS Pro 2.6 EAC with PACE / SLC37 (V11) | |
Vendor | MaskTech International GmbH | |
Certification Date | 13.11.2024 | |
Category | Electronic ID documents | |
Url | | |
Enhanced | ||
Product | MTCOS Pro 2.6 EAC with PACE / SLC37 (V11) | |
Applicant | MaskTech International GmbH Nordostpark 45 90411 Nürnberg | |
Evaluation Facility | SRC Security Research & Consulting GmbH | |
Assurance Level | EAL5+,ALC_DVS.2,ALC_FLR.3,AVA_VAN.5 | |
Protection Profile | Machine Readable Travel Document with "ICAO Application", Extended Access Control with PACE (EAC PP), Version 1.3.2, 5 December 2012, BSI-CC-PP-0056-V2-2012-MA-02 | |
Certification Date | 13.11.2024 | |
Expiration Date | 12.11.2029 | |
Entries | [frozendict({'id': 'neue'}), frozendict({'id': 'der'}), frozendict({'id': 'Das'}), frozendict({'id': 'Das'}), frozendict({'id': 'Aufgrund'})] | |
Report Link | | |
Target Link | | |
Cert Link | | |
Description | Target of evaluation (TOE) is the product MTCOS Pro 2.6 EAC with PACE / SLC37 (V11) provided by MaskTech International GmbH.The TOE is a fully interoperable multi-application smart card operating system compliant to 'ISO_7816' with a contact and contactless interface. It contains an MRTD application which is programmed according to ICAO Technical Report “Supplemental Access Control” and additionally providing the Extended Access Control according to the ’ICAO 9303’ and 'BSI_TR-03110-1', respectively. The communication between terminal and chip shall be protected by Password Authenticated Connection Establishment (PACE) according to “Electronic Passport using Standard Inspection Procedure with PACE”, BSI-CC-PP-0068-V2. Additionally, Active Authentication according to 'ICAO_9303' is provided.The current evaluation process is a re-evaluation of the product MTCOS Pro 2.5 EAC with PACE / SLE78CLFX400VPHM/BPHM/7PHM (M7892), which has been certified under the certification ID BSI-DSZ-CC-1033-V2-2021. Subject to the re-evaluation are changes to the certified product with respect to actual development and findings which are: The embedded software has been implemented to the hardware platform SLC37GDA512 (V11) secure dual-interface controller of Infineon Technologies AG, BSI-DSZ-CC-1107-V5-2024. This implies an adaption of the low-level interfaces to the functionality provided by the IC and the usage of the cryptographic library.While the base certification was provided as an ePassport application only, the TOE now includes a multi-application product, containing an SSCD application to be certified in a separate procedure. However, the basecertification itself is based on an SSCD-including multi-application product.The MTCOS operating system has been revised including the internal keyhandling. In this context, new commands for the generation and configuration of key files are provided. Furthermore, MTCOS now allows more configuration options: File sizes of specified transparent files can be set during personalization. In order to oblige customers with an established personalization system, a “compatibility mode” can be configured.The feature “in-field hardening of the cryptographic implementation” has been omitted.Due to expiration of the audit validity of MaskTech International GmbH a new site visit was performed in which course the assurance component ALC_FLR.3 was added. | |
Subcategory | IC with applications |
References ?
Updates ?
10.03.2025 The certificate data changed.
Certificate changed
The computed heuristics were updated.
- The scheme_data property was set to
{'cert_id': 'BSI-DSZ-CC-1219-2024', 'product': 'MTCOS Pro 2.6 EAC with PACE / SLC37 (V11)', 'vendor': 'MaskTech International GmbH', 'certification_date': '2024-11-13', 'category': 'Electronic ID documents', 'url': '', 'enhanced': {'product': 'MTCOS Pro 2.6 EAC with PACE / SLC37 (V11)', 'applicant': 'MaskTech International GmbH Nordostpark 45 90411 Nürnberg', 'evaluation_facility': 'SRC Security Research & Consulting GmbH', 'assurance_level': 'EAL5+,ALC_DVS.2,ALC_FLR.3,AVA_VAN.5', 'protection_profile': 'Machine Readable Travel Document with "ICAO Application", Extended Access Control with PACE (EAC PP), Version 1.3.2, 5 December 2012, BSI-CC-PP-0056-V2-2012-MA-02', 'certification_date': '2024-11-13', 'expiration_date': '2029-11-12', 'entries': [{'id': 'neue'}, {'id': 'der'}, {'id': 'Das'}, {'id': 'Das'}, {'id': 'Aufgrund'}], 'report_link': '', 'target_link': '', 'cert_link': '', 'description': "Target of evaluation (TOE) is the product MTCOS Pro 2.6 EAC with PACE / SLC37 (V11) provided by MaskTech International GmbH.The TOE is a fully interoperable multi-application smart card operating system compliant to 'ISO_7816' with a contact and contactless interface. It contains an MRTD application which is programmed according to ICAO Technical Report “Supplemental Access Control” and additionally providing the Extended Access Control according to the ’ICAO 9303’ and 'BSI_TR-03110-1', respectively. The communication between terminal and chip shall be protected by Password Authenticated Connection Establishment (PACE) according to “Electronic Passport using Standard Inspection Procedure with PACE”, BSI-CC-PP-0068-V2. Additionally, Active Authentication according to 'ICAO_9303' is provided.The current evaluation process is a re-evaluation of the product MTCOS Pro 2.5 EAC with PACE / SLE78CLFX400VPHM/BPHM/7PHM (M7892), which has been certified under the certification ID BSI-DSZ-CC-1033-V2-2021. Subject to the re-evaluation are changes to the certified product with respect to actual development and findings which are: The embedded software has been implemented to the hardware platform SLC37GDA512 (V11) secure dual-interface controller of Infineon Technologies AG, BSI-DSZ-CC-1107-V5-2024. This implies an adaption of the low-level interfaces to the functionality provided by the IC and the usage of the cryptographic library.While the base certification was provided as an ePassport application only, the TOE now includes a multi-application product, containing an SSCD application to be certified in a separate procedure. However, the basecertification itself is based on an SSCD-including multi-application product.The MTCOS operating system has been revised including the internal keyhandling. In this context, new commands for the generation and configuration of key files are provided. Furthermore, MTCOS now allows more configuration options: File sizes of specified transparent files can be set during personalization. In order to oblige customers with an established personalization system, a “compatibility mode” can be configured.The feature “in-field hardening of the cryptographic implementation” has been omitted.Due to expiration of the audit validity of MaskTech International GmbH a new site visit was performed in which course the assurance component ALC_FLR.3 was added."}, 'subcategory': 'IC with applications'}
- The scheme_data property was set to
03.03.2025 The certificate data changed.
Certificate changed
The computed heuristics were updated.
- The scheme_data property was set to
- The scheme_data property was set to
24.02.2025 The certificate data changed.
Certificate changed
The computed heuristics were updated.
- The scheme_data property was set to
{'cert_id': 'BSI-DSZ-CC-1219-2024', 'product': 'MTCOS Pro 2.6 EAC with PACE / SLC37 (V11)', 'vendor': 'MaskTech International GmbH', 'certification_date': '2024-11-13', 'category': 'Electronic ID documents', 'url': '', 'enhanced': {'product': 'MTCOS Pro 2.6 EAC with PACE / SLC37 (V11)', 'applicant': 'MaskTech International GmbH Nordostpark 45 90411 Nürnberg', 'evaluation_facility': 'SRC Security Research & Consulting GmbH', 'assurance_level': 'EAL5+,ALC_DVS.2,ALC_FLR.3,AVA_VAN.5', 'protection_profile': 'Machine Readable Travel Document with "ICAO Application", Extended Access Control with PACE (EAC PP), Version 1.3.2, 5 December 2012, BSI-CC-PP-0056-V2-2012-MA-02', 'certification_date': '2024-11-13', 'expiration_date': '2029-11-12', 'entries': [{'id': 'neue'}, {'id': 'der'}, {'id': 'Das'}, {'id': 'Das'}, {'id': 'Aufgrund'}], 'report_link': '', 'target_link': '', 'cert_link': '', 'description': "Target of evaluation (TOE) is the product MTCOS Pro 2.6 EAC with PACE / SLC37 (V11) provided by MaskTech International GmbH.The TOE is a fully interoperable multi-application smart card operating system compliant to 'ISO_7816' with a contact and contactless interface. It contains an MRTD application which is programmed according to ICAO Technical Report “Supplemental Access Control” and additionally providing the Extended Access Control according to the ’ICAO 9303’ and 'BSI_TR-03110-1', respectively. The communication between terminal and chip shall be protected by Password Authenticated Connection Establishment (PACE) according to “Electronic Passport using Standard Inspection Procedure with PACE”, BSI-CC-PP-0068-V2. Additionally, Active Authentication according to 'ICAO_9303' is provided.The current evaluation process is a re-evaluation of the product MTCOS Pro 2.5 EAC with PACE / SLE78CLFX400VPHM/BPHM/7PHM (M7892), which has been certified under the certification ID BSI-DSZ-CC-1033-V2-2021. Subject to the re-evaluation are changes to the certified product with respect to actual development and findings which are: The embedded software has been implemented to the hardware platform SLC37GDA512 (V11) secure dual-interface controller of Infineon Technologies AG, BSI-DSZ-CC-1107-V5-2024. This implies an adaption of the low-level interfaces to the functionality provided by the IC and the usage of the cryptographic library.While the base certification was provided as an ePassport application only, the TOE now includes a multi-application product, containing an SSCD application to be certified in a separate procedure. However, the basecertification itself is based on an SSCD-including multi-application product.The MTCOS operating system has been revised including the internal keyhandling. In this context, new commands for the generation and configuration of key files are provided. Furthermore, MTCOS now allows more configuration options: File sizes of specified transparent files can be set during personalization. In order to oblige customers with an established personalization system, a “compatibility mode” can be configured.The feature “in-field hardening of the cryptographic implementation” has been omitted.Due to expiration of the audit validity of MaskTech International GmbH a new site visit was performed in which course the assurance component ALC_FLR.3 was added."}, 'subcategory': 'IC with applications'}
- The scheme_data property was set to
17.02.2025 The certificate data changed.
Certificate changed
The computed heuristics were updated.
- The scheme_data property was set to
- The scheme_data property was set to
05.02.2025 The certificate data changed.
Certificate changed
The state of the certificate object was updated.
- The report property was updated, with the
{'_type': 'sec_certs.sample.document_state.DocumentState'}
data. - The st property was updated, with the
{'_type': 'sec_certs.sample.document_state.DocumentState'}
data. - The cert property was updated, with the
{'_type': 'sec_certs.sample.document_state.DocumentState'}
The computed heuristics were updated.
- The following values were inserted:
{'protection_profiles': {'_type': 'Set', 'elements': ['a33327d40f253f46']}, 'eal': 'EAL5+'}
. - The prev_certificates property was set to
. - The next_certificates property was set to
- The report property was updated, with the
03.02.2025 The certificate data changed.
Certificate changed
The state of the certificate object was updated.
- The report property was updated, with the
{'download_ok': True, 'convert_ok': True, 'extract_ok': True, 'pdf_hash': 'c789f7359bc1e1cf37afae1acd0ccea411a7838bfbcc8c1fd2f310833da68f32', 'txt_hash': 'b17e1b40da79fc1ca0d38ada914d7e7e47a98dd51b8ad5d1a4e620b5e11a1095'}
data. - The st property was updated, with the
{'download_ok': True, 'convert_ok': True, 'extract_ok': True, 'pdf_hash': 'a242626316b867244745fc4ad47cfb7086676c1cd160380d646347d8bb4ecfa9', 'txt_hash': 'e298ba78909ecb285591b19bf27595e664eff5948c0ce0d9018ca4ff9cf62270'}
data. - The cert property was updated, with the
{'download_ok': True, 'convert_ok': True, 'extract_ok': True, 'pdf_hash': '6f6fc8e7f3bec74429d5fdb08a975329a2669857e5869f4fd4d1ade2a6f1fe7b', 'txt_hash': '662e2e7e11b2546854eb78ea4ba88da50860c867684a2bd7bb6bbb3e4d3e8c26'}
The PDF extraction data was updated.
- The report_metadata property was set to
{'pdf_file_size_bytes': 400009, 'pdf_is_encrypted': False, 'pdf_number_of_pages': 29, '/Author': 'Federal Office for Information Security', '/Keywords': '"Common Criteria, Certification, Zertifizierung, Smartcard, MRTD, MaskTech, MTCOS Pro 2.6 EAC with PACE / SLC37 (V11)"', '/Subject': 'Common Criteria, Certification, Zertifizierung, Smartcard, MRTD, MaskTech, MTCOS Pro 2.6 EAC with PACE / SLC37 (V11)', '/Title': 'Certification Report BSI-DSZ-CC-1219-2024', 'pdf_hyperlinks': {'_type': 'Set', 'elements': ['', '', '', '', '', '', '', '']}}
. - The st_metadata property was set to
{'pdf_file_size_bytes': 787881, 'pdf_is_encrypted': False, 'pdf_number_of_pages': 113, '/Author': 'MaskTech International GmbH', '/Keywords': 'Common Criteria, CC, Machine Readable Travel Document, MRTD, EAC with PACE, ePass, MTCOS, EAL 5+', '/Subject': 'Common Criteria Certification', '/Title': 'MTCOS Pro 2.6 ICAO - EAC with PACE / SLC37GDA512 (V11) - Security Target lite', 'pdf_hyperlinks': {'_type': 'Set', 'elements': []}}
. - The cert_metadata property was set to
{'pdf_file_size_bytes': 230921, 'pdf_is_encrypted': False, 'pdf_number_of_pages': 1, '/Author': 'Federal Office for Information Security', '/Keywords': 'Common Criteria, Certification, Zertifizierung, Smartcard, MRTD, MaskTech, MTCOS Pro 2.6 EAC with PACE / SLC37 (V11)', '/Subject': 'Common Criteria, Certification, Zertifizierung, Smartcard, MRTD, MaskTech, MTCOS Pro 2.6 EAC with PACE / SLC37 (V11)', '/Title': 'Certificate BSI-DSZ-CC-1219-2024', 'pdf_hyperlinks': {'_type': 'Set', 'elements': []}}
. - The report_frontpage property was set to
{'DE': {'match_rules': ['(BSI-DSZ-CC-.+?) (?:for|For) (.+?) from (.*)'], 'cert_id': 'BSI-DSZ-CC-1219-2024', 'cert_item': 'MTCOS Pro 2.6 EAC with PACE / SLC37 (V11', 'developer': 'MaskTech International GmbH', 'cert_lab': 'BSI', 'ref_protection_profiles': 'Machine Readable Travel Document with "ICAO Application", Extended Access Control with PACE (EAC PP), Version 1.3.2, 5 December 2012, BSI- CC-PP-0056-V2-2012-MA-02', 'cc_version': 'PP conformant plus product specific extensions Common Criteria Part 2 extended', 'cc_security_level': 'Common Criteria Part 3 conformant EAL 5 augmented by ALC_DVS.2, ALC_FLR.3 and AVA_VAN.5 valid until: 12 November 2029 SOGIS Recognition Agreement'}}
. - The report_keywords property was set to
{'cc_cert_id': {'DE': {'BSI-DSZ-CC-1219-2024': 17, 'BSI-DSZ-CC-1033-V2-': 1, 'BSI-DSZ-CC-1033-V2-2021': 2, 'BSI-DSZ-CC-1107-V5-2024': 6, 'BSI-DSZ-CC-1219': 1, 'BSI-DSZ-CC-1107-V4-2023': 2, 'BSI-DSZ-CC-S-0281-': 1, 'BSI-DSZ-CC-S-0232-2023': 1, 'BSI-DSZ-CC-S-0233-2023': 1}}, 'cc_protection_profile_id': {'BSI': {'BSI-CC-PP-0068-V2': 1, 'BSI-CC-PP- 0084-2014': 1, 'BSI-CC-PP- 0056-V2-2012-MA-02': 1, 'BSI-CC-PP-0084-': 1, 'BSI-CC-PP-0084-2014': 2, 'BSI-CC-PP-0056-V2-2012-MA-02': 2, 'BSI-CC-PP-0068-V2-2011-MA01': 1}}, 'cc_security_level': {'EAL': {'EAL 5': 8, 'EAL 2': 3, 'EAL 1': 1, 'EAL 4': 1, 'EAL6': 4, 'EAL5+': 1, 'EAL 5+': 1, 'EAL 6': 1, 'EAL 5 augmented': 3, 'EAL6 augmented': 3}}, 'cc_sar': {'ADV': {'ADV_ARC': 1}, 'ALC': {'ALC_DVS.2': 5, 'ALC_FLR.3': 6, 'ALC_FLR': 3, 'ALC_FLR.1': 3, 'ALC_CMC.4': 1, 'ALC_CMS.5': 1, 'ALC_DEL.1': 1, 'ALC_LCD.1': 1, 'ALC_TAT.2': 1, 'ALC_COMP.1': 1}, 'ATE': {'ATE_IND': 1}, 'AVA': {'AVA_VAN.5': 4, 'AVA_VAN': 1}}, 'cc_sfr': {}, 'cc_claims': {}, 'vendor': {'Infineon': {'Infineon Technologies AG': 9}}, 'eval_facility': {'SRC': {'SRC Security Research & Consulting': 1}}, 'symmetric_crypto': {'AES_competition': {'AES': {'AES': 2}}, 'DES': {'DES': {'DES': 1}, '3DES': {'3DES': 1}}}, 'asymmetric_crypto': {'ECC': {'ECDH': {'ECDH': 2}, 'ECDSA': {'ECDSA': 2}, 'ECC': {'ECC': 2}}, 'FF': {'DH': {'DH': 2, 'Diffie-Hellman': 1}}}, 'pq_crypto': {}, 'hash_function': {}, 'crypto_scheme': {}, 'crypto_protocol': {'PACE': {'PACE': 33}, 'PGP': {'PGP': 1}}, 'randomness': {'RNG': {'RNG': 1}}, 'cipher_mode': {'CBC': {'CBC': 2}}, 'ecc_curve': {}, 'crypto_engine': {}, 'tls_cipher_suite': {}, 'crypto_library': {}, 'vulnerability': {}, 'side_channel_analysis': {'other': {'JIL': 5}}, 'technical_report_id': {'BSI': {'BSI TR-02102-1': 1, 'BSI 7148': 1}}, 'device_model': {}, 'tee_name': {}, 'os_name': {}, 'cplc_data': {}, 'ic_data_group': {}, 'standard_id': {'BSI': {'AIS 34': 3, 'AIS 36': 4, 'AIS 37': 2, 'AIS 26': 3, 'AIS 25': 2, 'AIS 20': 3, 'AIS 31': 3, 'AIS 46': 2, 'AIS 35': 2, 'AIS 32': 1, 'AIS 38': 1, 'AIS 47': 1}, 'ISO': {'ISO/IEC 15408': 4, 'ISO/IEC 18045': 4, 'ISO/IEC 17065': 2, 'ISO/IEC 7816:2008': 1}, 'ICAO': {'ICAO': 9}}, 'javacard_version': {}, 'javacard_api_const': {}, 'javacard_packages': {}, 'certification_process': {'ConfidentialDocument': {'being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification': 1, 'Access Control with PACE, MTCOS Pro 2.6 EAC with PACE / SLC37 (V11), MaskTech International GmbH (confidential document) [7] Evaluation Technical Report, Version 1.2, 25 October 2024, Evaluation Technical Report Summary': 1, 'MTCOS Pro 2.6 EAC with PACE / SLC37 (V11), SRC Security Research & Consulting GmbH (confidential document) [8] Common Criteria Protection Profile Machine Readable Travel Document with "ICAO Application': 1, 'Configuration List for MTCOS Pro 2.6 EAC with PACE / SLC37 (V11), MaskTech International GmbH (confidential document) [13] ICAO. Technical Report: Supplemental Access Control for Machine Readable Travel Documents. V1': 1}}}
. - The st_keywords property was set to
{'cc_cert_id': {'DE': {'BSI-DSZ-CC-1219': 1, 'BSI-DSZ-CC-1221': 1, 'BSI-DSZ-CC-1107-V5-2024': 2, 'BSI-DSZ-CC-1220': 1, 'BSI-DSZ-CC-S-0232-2023': 1, 'BSI-DSZ-CC-S-0233-2023': 1, 'BSI-DSZ-CC-S-0281-2024': 1}}, 'cc_protection_profile_id': {'BSI': {'BSI-CC-PP-0084-2014': 2, 'BSI-CC-PP-0068-V2': 1, 'BSI-CC-PP-0056-V2': 1, 'BSI-CC-PP-0055': 1, 'BSI-CC-PP-0056-V2-2011': 1, 'BSI-CC-PP-0056-V2-2012': 1, 'BSI-CC-PP-0068-V2-2011': 1, 'BSI-CC-PP-0055-2009': 1, 'BSI-CC-PP-0056-V2-2012-MA-02': 1, 'BSI-CC-PP-0068-V2-2011-MA-01': 1}}, 'cc_security_level': {'EAL': {'EAL5': 12, 'EAL6': 2, 'EAL5+': 1, 'EAL4+': 1, 'EAL4': 1, 'EAL5 augmented': 4, 'EAL6 augmented': 2}}, 'cc_sar': {'ADV': {'ADV_ARC.1': 3, 'ADV_FSP.4': 1, 'ADV_TDS.3': 1, 'ADV_IMP.1': 2, 'ADV_FSP.5': 1, 'ADV_INT.2': 1, 'ADV_TDS.4': 1}, 'AGD': {'AGD_PRE.1': 3, 'AGD_OPE.1': 2}, 'ALC': {'ALC_DVS.2': 7, 'ALC_FLR.3': 6, 'ALC_DEL.1': 2, 'ALC_CMC.4': 1, 'ALC_CMS.5': 1, 'ALC_LCD.1': 1, 'ALC_TAT.2': 1, 'ALC_FLR.1': 1}, 'ATE': {'ATE_DPT.2': 2, 'ATE_DPT.3': 2, 'ATE_DPT.1': 1, 'ATE_COV.2': 1, 'ATE_FUN.1': 1, 'ATE_IND.2': 1}, 'AVA': {'AVA_VAN.3': 1, 'AVA_VAN.5': 7}, 'ASE': {'ASE_INT.1': 3, 'ASE_CCL.1': 3, 'ASE_SPD.1': 3, 'ASE_OBJ.2': 3, 'ASE_ECD.1': 3, 'ASE_REQ.2': 3, 'ASE_TSS.1': 2}}, 'cc_sfr': {'FAU': {'FAU_SAS.1': 9, 'FAU_SAS.1.1': 1}, 'FCS': {'FCS_COP': 113, 'FCS_RND.1': 17, 'FCS_RNG.1': 3, 'FCS_CKM.1': 24, 'FCS_CKM': 75, 'FCS_CKM.2': 8, 'FCS_COP.1': 16, 'FCS_CKM.4': 44, 'FCS_CKM.4.1': 1, 'FCS_RND.1.1': 1, 'FCS_RND.1.2': 1, 'FCS_RNG': 6}, 'FDP': {'FDP_RIP.1': 9, 'FDP_ITC.1': 18, 'FDP_ITC.2': 18, 'FDP_ACC.1': 9, 'FDP_ACC': 13, 'FDP_ACF.1': 16, 'FDP_ACF': 14, 'FDP_UCT': 12, 'FDP_UIT': 12, 'FDP_RIP.1.1': 1, 'FDP_UCT.1': 3, 'FDP_IFC.1': 5, 'FDP_UIT.1': 4, 'FDP_RIP': 1, 'FDP_ITC': 1, 'FDP_SDC.1': 1, 'FDP_SDI.2': 1, 'FDP_ITT.1': 1}, 'FIA': {'FIA_API': 9, 'FIA_UID': 15, 'FIA_UAU': 74, 'FIA_API.1': 12, 'FIA_AFL': 8, 'FIA_UID.1': 7, 'FIA_UAU.1': 5, 'FIA_UAU.4': 2, 'FIA_UAU.4.1': 1, 'FIA_UAU.5': 6, 'FIA_UAU.6': 3, 'FIA_API.1.1': 1, 'FIA_AFL.1': 2, 'FIA_ACC.1.1': 1}, 'FMT': {'FMT_MTD': 88, 'FMT_MSA.3': 4, 'FMT_MTD.3': 10, 'FMT_SMR': 24, 'FMT_SMR.1': 17, 'FMT_SMF.1': 45, 'FMT_SMF.1.1': 1, 'FMT_LIM.1': 15, 'FMT_LIM.2': 12, 'FMT_LIM.1.1': 1, 'FMT_LIM.2.1': 1, 'FMT_MTD.1': 14, 'FMT_MTD.3.1': 1, 'FMT_MSA.1': 2, 'FMT_LIM': 2, 'FMT_SMF': 1, 'FMT_UID': 1}, 'FPT': {'FPT_EMS.1': 13, 'FPT_EMS.1.1': 3, 'FPT_EMS.1.2': 3, 'FPT_FLS.1': 10, 'FPT_FLS.1.1': 1, 'FPT_TST.1': 9, 'FPT_TST.1.1': 1, 'FPT_TST.1.2': 1, 'FPT_TST.1.3': 1, 'FPT_PHP.3': 10, 'FPT_PHP.3.1': 1, 'FPT_FLS': 1}, 'FRU': {'FRU_FLT.2': 1}, 'FTP': {'FTP_ITC.1': 8, 'FTP_TRP.1': 4, 'FTP_ITC': 12}}, 'cc_claims': {'O': {'O.RND': 1, 'O.TDES': 1, 'O.AES': 1, 'O.RSA': 1, 'O.ECC': 1, 'O.AES-TDES-MAC': 1, 'O.HASH': 1}}, 'vendor': {'Infineon': {'Infineon Technologies': 1, 'Infineon Technologies AG': 7}}, 'eval_facility': {}, 'symmetric_crypto': {'AES_competition': {'AES': {'AES': 24}}, 'DES': {'DES': {'DES': 1}, '3DES': {'3DES': 19, 'TDES': 4, 'Triple-DES': 1, 'TDEA': 1}}, 'constructions': {'MAC': {'KMAC': 3, 'CMAC': 10}}}, 'asymmetric_crypto': {'ECC': {'ECDH': {'ECDH': 10}, 'ECDSA': {'ECDSA': 11}, 'ECC': {'ECC': 3}}, 'FF': {'DH': {'Diffie-Hellman': 15, 'DH': 10}}}, 'pq_crypto': {}, 'hash_function': {'SHA': {'SHA1': {'SHA-1': 4}, 'SHA2': {'SHA-224': 4, 'SHA-256': 5, 'SHA-384': 3, 'SHA-512': 3}}}, 'crypto_scheme': {'MAC': {'MAC': 13}, 'KA': {'Key Agreement': 2}}, 'crypto_protocol': {'PACE': {'PACE': 338}}, 'randomness': {'RNG': {'RNG': 6, 'RND': 1}}, 'cipher_mode': {'CBC': {'CBC': 13}}, 'ecc_curve': {}, 'crypto_engine': {}, 'tls_cipher_suite': {}, 'crypto_library': {}, 'vulnerability': {}, 'side_channel_analysis': {'SCA': {'Leak-Inherent': 1, 'physical probing': 4, 'side channel': 1, 'DPA': 1}, 'FI': {'Physical tampering': 3, 'physical tampering': 1, 'Physical Tampering': 1, 'Malfunction': 5, 'malfunction': 6, 'fault injection': 1}, 'other': {'reverse engineering': 1}}, 'technical_report_id': {'BSI': {'BSI TR-02102-1': 1}}, 'device_model': {}, 'tee_name': {'IBM': {'SSC': 2}}, 'os_name': {}, 'cplc_data': {}, 'ic_data_group': {'EF': {'EF.DG1': 10, 'EF.DG2': 4, 'EF.DG3': 14, 'EF.DG4': 14, 'EF.DG5': 3, 'EF.DG16': 9, 'EF.DG14': 5, 'EF.DG15': 3, 'EF.DG13': 1, 'EF.COM': 3, 'EF.SOD': 5}}, 'standard_id': {'FIPS': {'FIPS PUB 140-3': 1, 'FIPS PUB 180-4': 1, 'FIPS PUB 186-4': 1, 'FIPS PUB 197': 1}, 'NIST': {'NIST SP 800-38B': 1, 'NIST SP 800-56A': 1, 'NIST SP 800-67': 1, 'NIST SP 800-90A': 1}, 'PKCS': {'PKCS#3': 1}, 'BSI': {'AIS 31': 1}, 'RFC': {'RFC 2631': 1, 'RFC 3369': 1, 'RFC 8017': 1}, 'ISO': {'ISO/IEC 7816': 4, 'ISO/IEC 14443': 2, 'ISO/IEC 7816-4': 1, 'ISO/IEC 10116-2017': 1}, 'ICAO': {'ICAO': 12}, 'CC': {'CCMB-2017-04-001': 2, 'CCMB-2017-04-002': 2, 'CCMB-2017-04-003': 2, 'CCMB-2017-04-004': 2}}, 'javacard_version': {}, 'javacard_api_const': {}, 'javacard_packages': {}, 'certification_process': {}}
. - The cert_keywords property was set to
{'cc_cert_id': {'DE': {'BSI-DSZ-CC-1219-2024': 1}}, 'cc_protection_profile_id': {}, 'cc_security_level': {'EAL': {'EAL 5': 2, 'EAL 2': 1, 'EAL 5 augmented': 1}}, 'cc_sar': {'ALC': {'ALC_DVS.2': 1, 'ALC_FLR.3': 1, 'ALC_FLR': 1}, 'AVA': {'AVA_VAN.5': 1}}, 'cc_sfr': {}, 'cc_claims': {}, 'vendor': {}, 'eval_facility': {}, 'symmetric_crypto': {}, 'asymmetric_crypto': {}, 'pq_crypto': {}, 'hash_function': {}, 'crypto_scheme': {}, 'crypto_protocol': {'PACE': {'PACE': 2}}, 'randomness': {}, 'cipher_mode': {}, 'ecc_curve': {}, 'crypto_engine': {}, 'tls_cipher_suite': {}, 'crypto_library': {}, 'vulnerability': {}, 'side_channel_analysis': {}, 'technical_report_id': {}, 'device_model': {}, 'tee_name': {}, 'os_name': {}, 'cplc_data': {}, 'ic_data_group': {}, 'standard_id': {'ISO': {'ISO/IEC 15408': 2, 'ISO/IEC 18045': 2}, 'ICAO': {'ICAO': 1}}, 'javacard_version': {}, 'javacard_api_const': {}, 'javacard_packages': {}, 'certification_process': {}}
. - The report_filename property was set to
. - The st_filename property was set to
. - The cert_filename property was set to
The computed heuristics were updated.
- The cert_lab property was set to
. - The cert_id property was set to
. - The st_references property was updated, with the
{'directly_referencing': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-1107-V5-2024']}, 'indirectly_referencing': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-1107-V5-2024']}}
data. - The report_references property was updated, with the
{'directly_referenced_by': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-1220-2024']}, 'indirectly_referenced_by': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-1220-2024']}, 'directly_referencing': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-1107-V4-2023', 'BSI-DSZ-CC-1107-V5-2024', 'BSI-DSZ-CC-1033-V2-2021']}, 'indirectly_referencing': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-1034-V2-2021', 'BSI-DSZ-CC-0996-2018', 'BSI-DSZ-CC-1107-V5-2024', 'BSI-DSZ-CC-0891-V2-2016', 'BSI-DSZ-CC-0891-V3-2018', 'BSI-DSZ-CC-1105-2020', 'BSI-DSZ-CC-0995-2018', 'BSI-DSZ-CC-1034-2019', 'BSI-DSZ-CC-1033-V2-2021', 'BSI-DSZ-CC-1033-2019', 'BSI-DSZ-CC-0782-2012', 'BSI-DSZ-CC-0973-V2-2016', 'BSI-DSZ-CC-1107-V4-2023', 'BSI-DSZ-CC-0973-2016', 'BSI-DSZ-CC-0891-2015', 'BSI-DSZ-CC-0891-V4-2019', 'BSI-DSZ-CC-1107-V3-2022']}}
data. - The extracted_sars property was updated, with the
{'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_REQ', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_FUN', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_OBJ', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_ECD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_DPT', 'level': 3}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_IND', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_INT', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_FSP', 'level': 5}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_COMP', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_CMC', 'level': 4}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_TAT', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_SPD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_ARC', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_TDS', 'level': 4}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_PRE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_INT', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_LCD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_CMS', 'level': 5}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_COV', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_OPE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_TSS', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_DEL', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_IMP', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_CCL', 'level': 1}]}
values added.
- The report property was updated, with the
27.01.2025 The certificate was first processed.
New certificate
A new Common Criteria certificate with the product name MTCOS Pro 2.6 EAC with PACE / SLC37 (V11) was processed.
Raw data
"_type": "",
"category": "ICs, Smart Cards and Smart Card-Related Devices and Systems",
"cert_link": "",
"dgst": "0eb5b19974b24cf7",
"heuristics": {
"_type": "",
"annotated_references": null,
"cert_id": "BSI-DSZ-CC-1219-2024",
"cert_lab": [
"cpe_matches": null,
"direct_transitive_cves": null,
"eal": "EAL5+",
"extracted_sars": {
"_type": "Set",
"elements": [
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_OBJ",
"level": 2
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_CMC",
"level": 4
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_FSP",
"level": 5
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_FUN",
"level": 1
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_DEL",
"level": 1
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_ECD",
"level": 1
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_COMP",
"level": 1
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_TAT",
"level": 2
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_IMP",
"level": 1
"_type": "sec_certs.sample.sar.SAR",
"family": "AGD_PRE",
"level": 1
"_type": "sec_certs.sample.sar.SAR",
"family": "AVA_VAN",
"level": 5
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_INT",
"level": 1
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_TSS",
"level": 1
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_FLR",
"level": 3
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_REQ",
"level": 2
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_INT",
"level": 2
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_DPT",
"level": 3
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_DVS",
"level": 2
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_SPD",
"level": 1
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_CMS",
"level": 5
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_TDS",
"level": 4
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_LCD",
"level": 1
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_COV",
"level": 2
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_CCL",
"level": 1
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_ARC",
"level": 1
"_type": "sec_certs.sample.sar.SAR",
"family": "AGD_OPE",
"level": 1
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_IND",
"level": 2
"extracted_versions": {
"_type": "Set",
"elements": [
"indirect_transitive_cves": null,
"next_certificates": null,
"prev_certificates": null,
"protection_profiles": {
"_type": "Set",
"elements": [
"related_cves": null,
"report_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": {
"_type": "Set",
"elements": [
"directly_referencing": {
"_type": "Set",
"elements": [
"indirectly_referenced_by": {
"_type": "Set",
"elements": [
"indirectly_referencing": {
"_type": "Set",
"elements": [
"scheme_data": {
"category": "Electronic ID documents",
"cert_id": "BSI-DSZ-CC-1219-2024",
"certification_date": "2024-11-13",
"enhanced": {
"applicant": "MaskTech International GmbH Nordostpark 45 90411 N\u00fcrnberg",
"assurance_level": "EAL5+,ALC_DVS.2,ALC_FLR.3,AVA_VAN.5",
"cert_link": "\u0026v=2",
"certification_date": "2024-11-13",
"description": "Target of evaluation (TOE) is the product MTCOS Pro 2.6 EAC with PACE / SLC37 (V11) provided by MaskTech International GmbH.The TOE is a fully interoperable multi-application smart card operating system compliant to \u0027ISO_7816\u0027 with a contact and contactless interface. It contains an MRTD application which is programmed according to ICAO Technical Report \u201cSupplemental Access Control\u201d and additionally providing the Extended Access Control according to the \u2019ICAO 9303\u2019 and \u0027BSI_TR-03110-1\u0027, respectively. The communication between terminal and chip shall be protected by Password Authenticated Connection Establishment (PACE) according to \u201cElectronic Passport using Standard Inspection Procedure with PACE\u201d, BSI-CC-PP-0068-V2. Additionally, Active Authentication according to \u0027ICAO_9303\u0027 is provided.The current evaluation process is a re-evaluation of the product MTCOS Pro 2.5 EAC with PACE / SLE78CLFX400VPHM/BPHM/7PHM (M7892), which has been certified under the certification ID BSI-DSZ-CC-1033-V2-2021. Subject to the re-evaluation are changes to the certified product with respect to actual development and findings which are: The embedded software has been implemented to the hardware platform SLC37GDA512 (V11) secure dual-interface controller of Infineon Technologies AG, BSI-DSZ-CC-1107-V5-2024. This implies an adaption of the low-level interfaces to the functionality provided by the IC and the usage of the cryptographic library.While the base certification was provided as an ePassport application only, the TOE now includes a multi-application product, containing an SSCD application to be certified in a separate procedure. However, the basecertification itself is based on an SSCD-including multi-application product.The MTCOS operating system has been revised including the internal keyhandling. In this context, new commands for the generation and configuration of key files are provided. Furthermore, MTCOS now allows more configuration options: File sizes of specified transparent files can be set during personalization. In order to oblige customers with an established personalization system, a \u201ccompatibility mode\u201d can be configured.The feature \u201cin-field hardening of the cryptographic implementation\u201d has been omitted.Due to expiration of the audit validity of MaskTech International GmbH a new site visit was performed in which course the assurance component ALC_FLR.3 was added.",
"entries": [
"id": "neue"
"id": "der"
"id": "Das"
"id": "Das"
"id": "Aufgrund"
"evaluation_facility": "SRC Security Research \u0026 Consulting GmbH",
"expiration_date": "2029-11-12",
"product": "MTCOS Pro 2.6 EAC with PACE / SLC37 (V11)",
"protection_profile": "Machine Readable Travel Document with \"ICAO Application\", Extended Access Control with PACE (EAC PP), Version 1.3.2, 5 December 2012, BSI-CC-PP-0056-V2-2012-MA-02",
"report_link": "\u0026v=2",
"target_link": "\u0026v=2"
"product": "MTCOS Pro 2.6 EAC with PACE / SLC37 (V11)",
"subcategory": "IC with applications",
"url": "",
"vendor": "MaskTech International GmbH"
"st_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": {
"_type": "Set",
"elements": [
"indirectly_referenced_by": null,
"indirectly_referencing": {
"_type": "Set",
"elements": [
"verified_cpe_matches": null
"maintenance_updates": {
"_type": "Set",
"elements": []
"manufacturer": "MaskTech International GmbH",
"manufacturer_web": "",
"name": "MTCOS Pro 2.6 EAC with PACE / SLC37 (V11)",
"not_valid_after": "2029-11-13",
"not_valid_before": "2024-11-13",
"pdf_data": {
"_type": "",
"cert_filename": "1219c_pdf.pdf",
"cert_frontpage": null,
"cert_keywords": {
"asymmetric_crypto": {},
"cc_cert_id": {
"DE": {
"BSI-DSZ-CC-1219-2024": 1
"cc_claims": {},
"cc_protection_profile_id": {},
"cc_sar": {
"ALC": {
"ALC_DVS.2": 1,
"ALC_FLR": 1,
"ALC_FLR.3": 1
"AVA": {
"AVA_VAN.5": 1
"cc_security_level": {
"EAL": {
"EAL 2": 1,
"EAL 5": 2,
"EAL 5 augmented": 1
"cc_sfr": {},
"certification_process": {},
"cipher_mode": {},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"PACE": {
"PACE": 2
"crypto_scheme": {},
"device_model": {},
"ecc_curve": {},
"eval_facility": {},
"hash_function": {},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {},
"side_channel_analysis": {},
"standard_id": {
"ICAO": {
"ICAO": 1
"ISO": {
"ISO/IEC 15408": 2,
"ISO/IEC 18045": 2
"symmetric_crypto": {},
"technical_report_id": {},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
"cert_metadata": {
"/Author": "Federal Office for Information Security",
"/Keywords": "Common Criteria, Certification, Zertifizierung, Smartcard, MRTD, MaskTech, MTCOS Pro 2.6 EAC with PACE / SLC37 (V11)",
"/Subject": "Common Criteria, Certification, Zertifizierung, Smartcard, MRTD, MaskTech, MTCOS Pro 2.6 EAC with PACE / SLC37 (V11)",
"/Title": "Certificate BSI-DSZ-CC-1219-2024",
"pdf_file_size_bytes": 230921,
"pdf_hyperlinks": {
"_type": "Set",
"elements": []
"pdf_is_encrypted": false,
"pdf_number_of_pages": 1
"report_filename": "1219a_pdf.pdf",
"report_frontpage": {
"DE": {
"cc_security_level": "Common Criteria Part 3 conformant EAL 5 augmented by ALC_DVS.2, ALC_FLR.3 and AVA_VAN.5 valid until: 12 November 2029 SOGIS Recognition Agreement",
"cc_version": "PP conformant plus product specific extensions Common Criteria Part 2 extended",
"cert_id": "BSI-DSZ-CC-1219-2024",
"cert_item": "MTCOS Pro 2.6 EAC with PACE / SLC37 (V11",
"cert_lab": "BSI",
"developer": "MaskTech International GmbH",
"match_rules": [
"(BSI-DSZ-CC-.+?) (?:for|For) (.+?) from (.*)"
"ref_protection_profiles": "Machine Readable Travel Document with \"ICAO Application\", Extended Access Control with PACE (EAC PP), Version 1.3.2, 5 December 2012, BSI- CC-PP-0056-V2-2012-MA-02"
"report_keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 2
"ECDH": {
"ECDH": 2
"ECDSA": {
"ECDSA": 2
"FF": {
"DH": {
"DH": 2,
"Diffie-Hellman": 1
"cc_cert_id": {
"DE": {
"BSI-DSZ-CC-1033-V2-": 1,
"BSI-DSZ-CC-1033-V2-2021": 2,
"BSI-DSZ-CC-1107-V4-2023": 2,
"BSI-DSZ-CC-1107-V5-2024": 6,
"BSI-DSZ-CC-1219": 1,
"BSI-DSZ-CC-1219-2024": 17,
"BSI-DSZ-CC-S-0232-2023": 1,
"BSI-DSZ-CC-S-0233-2023": 1,
"BSI-DSZ-CC-S-0281-": 1
"cc_claims": {},
"cc_protection_profile_id": {
"BSI": {
"BSI-CC-PP- 0056-V2-2012-MA-02": 1,
"BSI-CC-PP- 0084-2014": 1,
"BSI-CC-PP-0056-V2-2012-MA-02": 2,
"BSI-CC-PP-0068-V2": 1,
"BSI-CC-PP-0068-V2-2011-MA01": 1,
"BSI-CC-PP-0084-": 1,
"BSI-CC-PP-0084-2014": 2
"cc_sar": {
"ADV": {
"ADV_ARC": 1
"ALC": {
"ALC_CMC.4": 1,
"ALC_CMS.5": 1,
"ALC_COMP.1": 1,
"ALC_DEL.1": 1,
"ALC_DVS.2": 5,
"ALC_FLR": 3,
"ALC_FLR.1": 3,
"ALC_FLR.3": 6,
"ALC_LCD.1": 1,
"ALC_TAT.2": 1
"ATE": {
"ATE_IND": 1
"AVA": {
"AVA_VAN": 1,
"AVA_VAN.5": 4
"cc_security_level": {
"EAL": {
"EAL 1": 1,
"EAL 2": 3,
"EAL 4": 1,
"EAL 5": 8,
"EAL 5 augmented": 3,
"EAL 5+": 1,
"EAL 6": 1,
"EAL5+": 1,
"EAL6": 4,
"EAL6 augmented": 3
"cc_sfr": {},
"certification_process": {
"ConfidentialDocument": {
"Access Control with PACE, MTCOS Pro 2.6 EAC with PACE / SLC37 (V11), MaskTech International GmbH (confidential document) [7] Evaluation Technical Report, Version 1.2, 25 October 2024, Evaluation Technical Report Summary": 1,
"Configuration List for MTCOS Pro 2.6 EAC with PACE / SLC37 (V11), MaskTech International GmbH (confidential document) [13] ICAO. Technical Report: Supplemental Access Control for Machine Readable Travel Documents. V1": 1,
"MTCOS Pro 2.6 EAC with PACE / SLC37 (V11), SRC Security Research \u0026 Consulting GmbH (confidential document) [8] Common Criteria Protection Profile Machine Readable Travel Document with \"ICAO Application": 1,
"being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification": 1
"cipher_mode": {
"CBC": {
"CBC": 2
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"PACE": {
"PACE": 33
"PGP": {
"PGP": 1
"crypto_scheme": {},
"device_model": {},
"ecc_curve": {},
"eval_facility": {
"SRC": {
"SRC Security Research \u0026 Consulting": 1
"hash_function": {},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"RNG": {
"RNG": 1
"side_channel_analysis": {
"other": {
"JIL": 5
"standard_id": {
"BSI": {
"AIS 20": 3,
"AIS 25": 2,
"AIS 26": 3,
"AIS 31": 3,
"AIS 32": 1,
"AIS 34": 3,
"AIS 35": 2,
"AIS 36": 4,
"AIS 37": 2,
"AIS 38": 1,
"AIS 46": 2,
"AIS 47": 1
"ICAO": {
"ICAO": 9
"ISO": {
"ISO/IEC 15408": 4,
"ISO/IEC 17065": 2,
"ISO/IEC 18045": 4,
"ISO/IEC 7816:2008": 1
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 2
"DES": {
"3DES": {
"3DES": 1
"DES": {
"DES": 1
"technical_report_id": {
"BSI": {
"BSI 7148": 1,
"BSI TR-02102-1": 1
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {
"Infineon": {
"Infineon Technologies AG": 9
"vulnerability": {}
"report_metadata": {
"/Author": "Federal Office for Information Security",
"/Keywords": "\"Common Criteria, Certification, Zertifizierung, Smartcard, MRTD, MaskTech, MTCOS Pro 2.6 EAC with PACE / SLC37 (V11)\"",
"/Subject": "Common Criteria, Certification, Zertifizierung, Smartcard, MRTD, MaskTech, MTCOS Pro 2.6 EAC with PACE / SLC37 (V11)",
"/Title": "Certification Report BSI-DSZ-CC-1219-2024",
"pdf_file_size_bytes": 400009,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"pdf_is_encrypted": false,
"pdf_number_of_pages": 29
"st_filename": "1219b_pdf.pdf",
"st_frontpage": null,
"st_keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 3
"ECDH": {
"ECDH": 10
"ECDSA": {
"ECDSA": 11
"FF": {
"DH": {
"DH": 10,
"Diffie-Hellman": 15
"cc_cert_id": {
"DE": {
"BSI-DSZ-CC-1107-V5-2024": 2,
"BSI-DSZ-CC-1219": 1,
"BSI-DSZ-CC-1220": 1,
"BSI-DSZ-CC-1221": 1,
"BSI-DSZ-CC-S-0232-2023": 1,
"BSI-DSZ-CC-S-0233-2023": 1,
"BSI-DSZ-CC-S-0281-2024": 1
"cc_claims": {
"O": {
"O.AES": 1,
"O.ECC": 1,
"O.HASH": 1,
"O.RND": 1,
"O.RSA": 1,
"O.TDES": 1
"cc_protection_profile_id": {
"BSI": {
"BSI-CC-PP-0055": 1,
"BSI-CC-PP-0055-2009": 1,
"BSI-CC-PP-0056-V2": 1,
"BSI-CC-PP-0056-V2-2011": 1,
"BSI-CC-PP-0056-V2-2012": 1,
"BSI-CC-PP-0056-V2-2012-MA-02": 1,
"BSI-CC-PP-0068-V2": 1,
"BSI-CC-PP-0068-V2-2011": 1,
"BSI-CC-PP-0068-V2-2011-MA-01": 1,
"BSI-CC-PP-0084-2014": 2
"cc_sar": {
"ADV": {
"ADV_ARC.1": 3,
"ADV_FSP.4": 1,
"ADV_FSP.5": 1,
"ADV_IMP.1": 2,
"ADV_INT.2": 1,
"ADV_TDS.3": 1,
"ADV_TDS.4": 1
"AGD": {
"AGD_OPE.1": 2,
"AGD_PRE.1": 3
"ALC": {
"ALC_CMC.4": 1,
"ALC_CMS.5": 1,
"ALC_DEL.1": 2,
"ALC_DVS.2": 7,
"ALC_FLR.1": 1,
"ALC_FLR.3": 6,
"ALC_LCD.1": 1,
"ALC_TAT.2": 1
"ASE": {
"ASE_CCL.1": 3,
"ASE_ECD.1": 3,
"ASE_INT.1": 3,
"ASE_OBJ.2": 3,
"ASE_REQ.2": 3,
"ASE_SPD.1": 3,
"ASE_TSS.1": 2
"ATE": {
"ATE_COV.2": 1,
"ATE_DPT.1": 1,
"ATE_DPT.2": 2,
"ATE_DPT.3": 2,
"ATE_FUN.1": 1,
"ATE_IND.2": 1
"AVA": {
"AVA_VAN.3": 1,
"AVA_VAN.5": 7
"cc_security_level": {
"EAL": {
"EAL4": 1,
"EAL4+": 1,
"EAL5": 12,
"EAL5 augmented": 4,
"EAL5+": 1,
"EAL6": 2,
"EAL6 augmented": 2
"cc_sfr": {
"FAU": {
"FAU_SAS.1": 9,
"FAU_SAS.1.1": 1
"FCS": {
"FCS_CKM": 75,
"FCS_CKM.1": 24,
"FCS_CKM.2": 8,
"FCS_CKM.4": 44,
"FCS_CKM.4.1": 1,
"FCS_COP": 113,
"FCS_COP.1": 16,
"FCS_RND.1": 17,
"FCS_RND.1.1": 1,
"FCS_RND.1.2": 1,
"FCS_RNG": 6,
"FCS_RNG.1": 3
"FDP": {
"FDP_ACC": 13,
"FDP_ACC.1": 9,
"FDP_ACF": 14,
"FDP_ACF.1": 16,
"FDP_IFC.1": 5,
"FDP_ITC": 1,
"FDP_ITC.1": 18,
"FDP_ITC.2": 18,
"FDP_ITT.1": 1,
"FDP_RIP": 1,
"FDP_RIP.1": 9,
"FDP_RIP.1.1": 1,
"FDP_SDC.1": 1,
"FDP_SDI.2": 1,
"FDP_UCT": 12,
"FDP_UCT.1": 3,
"FDP_UIT": 12,
"FDP_UIT.1": 4
"FIA": {
"FIA_ACC.1.1": 1,
"FIA_AFL": 8,
"FIA_AFL.1": 2,
"FIA_API": 9,
"FIA_API.1": 12,
"FIA_API.1.1": 1,
"FIA_UAU": 74,
"FIA_UAU.1": 5,
"FIA_UAU.4": 2,
"FIA_UAU.4.1": 1,
"FIA_UAU.5": 6,
"FIA_UAU.6": 3,
"FIA_UID": 15,
"FIA_UID.1": 7
"FMT": {
"FMT_LIM": 2,
"FMT_LIM.1": 15,
"FMT_LIM.1.1": 1,
"FMT_LIM.2": 12,
"FMT_LIM.2.1": 1,
"FMT_MSA.1": 2,
"FMT_MSA.3": 4,
"FMT_MTD": 88,
"FMT_MTD.1": 14,
"FMT_MTD.3": 10,
"FMT_MTD.3.1": 1,
"FMT_SMF": 1,
"FMT_SMF.1": 45,
"FMT_SMF.1.1": 1,
"FMT_SMR": 24,
"FMT_SMR.1": 17,
"FMT_UID": 1
"FPT": {
"FPT_EMS.1": 13,
"FPT_EMS.1.1": 3,
"FPT_EMS.1.2": 3,
"FPT_FLS": 1,
"FPT_FLS.1": 10,
"FPT_FLS.1.1": 1,
"FPT_PHP.3": 10,
"FPT_PHP.3.1": 1,
"FPT_TST.1": 9,
"FPT_TST.1.1": 1,
"FPT_TST.1.2": 1,
"FPT_TST.1.3": 1
"FRU": {
"FRU_FLT.2": 1
"FTP": {
"FTP_ITC": 12,
"FTP_ITC.1": 8,
"FTP_TRP.1": 4
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 13
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"PACE": {
"PACE": 338
"crypto_scheme": {
"KA": {
"Key Agreement": 2
"MAC": {
"MAC": 13
"device_model": {},
"ecc_curve": {},
"eval_facility": {},
"hash_function": {
"SHA": {
"SHA1": {
"SHA-1": 4
"SHA2": {
"SHA-224": 4,
"SHA-256": 5,
"SHA-384": 3,
"SHA-512": 3
"ic_data_group": {
"EF": {
"EF.COM": 3,
"EF.DG1": 10,
"EF.DG13": 1,
"EF.DG14": 5,
"EF.DG15": 3,
"EF.DG16": 9,
"EF.DG2": 4,
"EF.DG3": 14,
"EF.DG4": 14,
"EF.DG5": 3,
"EF.SOD": 5
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"RNG": {
"RND": 1,
"RNG": 6
"side_channel_analysis": {
"FI": {
"Malfunction": 5,
"Physical Tampering": 1,
"Physical tampering": 3,
"fault injection": 1,
"malfunction": 6,
"physical tampering": 1
"SCA": {
"DPA": 1,
"Leak-Inherent": 1,
"physical probing": 4,
"side channel": 1
"other": {
"reverse engineering": 1
"standard_id": {
"BSI": {
"AIS 31": 1
"CC": {
"CCMB-2017-04-001": 2,
"CCMB-2017-04-002": 2,
"CCMB-2017-04-003": 2,
"CCMB-2017-04-004": 2
"FIPS": {
"FIPS PUB 140-3": 1,
"FIPS PUB 180-4": 1,
"FIPS PUB 186-4": 1,
"FIPS PUB 197": 1
"ICAO": {
"ICAO": 12
"ISO": {
"ISO/IEC 10116-2017": 1,
"ISO/IEC 14443": 2,
"ISO/IEC 7816": 4,
"ISO/IEC 7816-4": 1
"NIST": {
"NIST SP 800-38B": 1,
"NIST SP 800-56A": 1,
"NIST SP 800-67": 1,
"NIST SP 800-90A": 1
"PKCS": {
"PKCS#3": 1
"RFC": {
"RFC 2631": 1,
"RFC 3369": 1,
"RFC 8017": 1
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 24
"DES": {
"3DES": {
"3DES": 19,
"TDEA": 1,
"TDES": 4,
"Triple-DES": 1
"DES": {
"DES": 1
"constructions": {
"MAC": {
"CMAC": 10,
"KMAC": 3
"technical_report_id": {
"BSI": {
"BSI TR-02102-1": 1
"tee_name": {
"IBM": {
"SSC": 2
"tls_cipher_suite": {},
"vendor": {
"Infineon": {
"Infineon Technologies": 1,
"Infineon Technologies AG": 7
"vulnerability": {}
"st_metadata": {
"/Author": "MaskTech International GmbH",
"/Keywords": "Common Criteria, CC, Machine Readable Travel Document, MRTD, EAC with PACE, ePass, MTCOS, EAL 5+",
"/Subject": "Common Criteria Certification",
"/Title": "MTCOS Pro 2.6 ICAO - EAC with PACE / SLC37GDA512 (V11) - Security Target lite",
"pdf_file_size_bytes": 787881,
"pdf_hyperlinks": {
"_type": "Set",
"elements": []
"pdf_is_encrypted": false,
"pdf_number_of_pages": 113
"protection_profile_links": {
"_type": "Set",
"elements": [
"report_link": "",
"scheme": "DE",
"security_level": {
"_type": "Set",
"elements": [
"st_link": "",
"state": {
"_type": "",
"cert": {
"_type": "sec_certs.sample.document_state.DocumentState",
"convert_garbage": false,
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"pdf_hash": "6f6fc8e7f3bec74429d5fdb08a975329a2669857e5869f4fd4d1ade2a6f1fe7b",
"txt_hash": "662e2e7e11b2546854eb78ea4ba88da50860c867684a2bd7bb6bbb3e4d3e8c26"
"report": {
"_type": "sec_certs.sample.document_state.DocumentState",
"convert_garbage": false,
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"pdf_hash": "c789f7359bc1e1cf37afae1acd0ccea411a7838bfbcc8c1fd2f310833da68f32",
"txt_hash": "b17e1b40da79fc1ca0d38ada914d7e7e47a98dd51b8ad5d1a4e620b5e11a1095"
"st": {
"_type": "sec_certs.sample.document_state.DocumentState",
"convert_garbage": false,
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"pdf_hash": "a242626316b867244745fc4ad47cfb7086676c1cd160380d646347d8bb4ecfa9",
"txt_hash": "e298ba78909ecb285591b19bf27595e664eff5948c0ce0d9018ca4ff9cf62270"
"status": "active"