This page was not yet optimized for use on mobile
devices.
TCOS CSP Module Version 2.0 Release 1/P71
CSV information
| Status | active |
|---|---|
| Valid from | 14.01.2026 |
| Valid until | 14.01.2031 |
| Scheme | 🇩🇪 DE |
| Manufacturer | Deutsche Telekom Security GmbH |
| Category | ICs, Smart Cards and Smart Card-Related Devices and Systems |
| Security level | EAL4+, ALC_DVS.2, AVA_VAN.5 |
| Protection profiles |
Heuristics summary
Certificate ID: BSI-DSZ-CC-1264-2026
Certificate
certificate file processing did not finish successfully.
Show more...
Download pdf:
OK
Convert pdf to text:
OK
Extract keywords:
ERROR
Extracted keywords
Security level
EAL 4, EAL 2, EAL 4 augmentedSecurity Assurance Requirements (SAR)
ALC_DVS.2, ALC_FLR, AVA_VAN.5Protection profiles
BSI-CC-PP-0104-2019Certificates
BSI-DSZ-CC-1264-2026Evaluation facilities
Deutsche Telekom SecurityStandards
ISO/IEC 15408, ISO/IEC 18045Certification report
Extracted keywords
Symmetric Algorithms
AES, AES-128, AES-256, AES-, TDEA, HMAC, CMACAsymmetric Algorithms
ECDSA, ECCHash functions
SHA-512, SHA-256, SHA-384Schemes
MAC, Key agreement, Key AgreementProtocols
PACERandomness
RNGBlock cipher modes
ECB, CBC, OFB, GCMVendor
NXP, NXP SemiconductorsSecurity level
EAL 4, EAL 2, EAL 1, EAL5+, EAL 4 augmentedClaims
OE.SUCPSecurity Assurance Requirements (SAR)
ADV_ARC, ALC_DVS.2, ALC_FLR, ALC_CMC.4, ALC_CMS.4, ALC_DEL.1, ALC_LCD.1, ALC_TAT.1, AVA_VAN.5Security Functional Requirements (SFR)
FCS_COP, FCS_CKM.1, FCS_CKM, FIA_APIProtection profiles
BSI-CC-PP-0104-2019, BSI-CC-PP-0107-2019, BSI-CC-PP-0107-Certificates
BSI-DSZ-CC-1264-2026, BSI-DSZ-CC-1149-, BSI-DSZ-CC-1188, BSI-DSZ-CC-1078, BSI-DSZ-CC-1149-V4-2025, BSI-DSZ-CC-1059-Evaluation facilities
TĂśV Informationstechnik, Deutsche Telekom Security, SRC Security Research & ConsultingSide-channel analysis
side channel, malfunction, fault injection, JILCertification process
being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification, Update im Feld unter TCOS CSP Module 2.0, Version 1.0, 25.09.2025, Deutsche Telekom Security GmbH (confidential document) [RNG] Zufallszahlengenerierung in TCOS, Version 1.51, 02.07.2025, Deutsche Telekom Security GmbH, “Evaluation Report - Evaluation Technical Report (ETR)”, SRC Security Research & Consulting GmbH, (confidential document) 7 See sec. 9.1 27 / 31 Certification Report BSI-DSZ-CC-1264-2026 [7] Cryptographic Service, CSP Module Version 2.0 Release 1/P71”, Version 1.0, 03.11.2025, Deutsche Telekom Security GmbH (confidential document) [11] “TCOS CSP Module 2.0 - User’s Guidance Manual”, Version 2.0.1, 25.09.2025, Deutsche Telekom, GmbH (confidential document) [12] “TCOS CSP Module 2.0.1 - Personalization Guidance”, Version 1.5, 25.08.2025, Deutsche Telekom, GmbH (confidential document) [13] “Update im Feld unter TCOS CSP”, Deutsche Telekom Security GmbH, Version 1.0, 25.09.2025, ETR COMP), BSI-DSZ-CC-1149-V4-2025, Version 4, 2025-08-07, TÜV Informationstechnik GmbH (confidential document) [15] Crypto Conformity Report, Version 1.0, 2025-08-21, “Analysis of cryptographic implementation, conformity to standards”, SRC Security Research & Consulting GmbH, (confidential document) 28 / 31 BSI-DSZ-CC-1264-2026 Certification Report C. Excerpts from the Criteria For the meaningStandards
FIPS186, FIPS 180-4, FIPS197, FIPS186-4, FIPS180, FIPS PUB 180-4, FIPS180-4, FIPS PUB 186-4, SP 800-108, PKCS#1, PKCS #1, AIS 34, AIS 1, AIS14, AIS19, AIS20, AIS25, AIS26, AIS31, AIS32, AIS34, AIS36, AIS37, AIS38, AIS46, AIS47, AIS 36, RFC 5639, RFC8017, RFC5639, RFC2104, RFC 2104, RFC 8017, ISO/IEC 15408, ISO/IEC 18045, ISO/IEC 17065, ISO/IEC 10116:2017, ICAOTechnical reports
BSI TR-02102File metadata
| Title | BSI-DSZ-CC-1264-2025 |
|---|---|
| Subject | Common Criteria, Certification, Zertifizierung, Deutsche Telekom Security |
| Keywords | "Common Criteria, Certification, Zertifizierung, Deutsche Telekom Security" |
| Author | Federal Office for Information Security |
| Pages | 31 |
Frontpage
| Certificate ID | BSI-DSZ-CC-1264-2026 |
|---|---|
| Certified item | TCOS CSP Module Version 2.0 Release 1/P71 |
| Certification lab | BSI |
| Developer | Deutsche Telekom Security GmbH |
References
Outgoing- BSI-DSZ-CC-1149-V4-2025 - active - NXP Secure Smart Card Controller N7122 with IC Dedicated Software and Crypto Library (R1/R2/R3)
Security target
Extracted keywords
Symmetric Algorithms
AES, AES-128, AES-256, AES-, TDES, TDEA, HMAC, CMACAsymmetric Algorithms
ECDSA, ECC, Diffie-Hellman, DH, DSAHash functions
SHA-1, SHA-256, SHA-384, SHA384, SHA-512Schemes
MAC, Key Exchange, Key agreement, Key AgreementProtocols
PACE, IKE, IKEv2Randomness
RNG, RNDElliptic Curves
Curve P-192, Curve P-256, Curve P-384, Curve P-521, P-192, P-256, P-384, P-521, secp256r1, brainpoolP192r1, brainpoolP224r1, brainpoolP256r1, brainpoolP320r1, brainpoolP384r1, brainpoolP512r1, brainpoolP192t1, brainpoolP224t1, brainpoolP256t1, brainpoolP320t1, brainpoolP384t1, brainpoolP512t1Block cipher modes
CBC, CFB, OFB, GCM, CCMTrusted Execution Environments
SEVendor
NXP, NXP Semiconductors, STMSecurity level
EAL4, EAL 6+, EAL 4, EAL 6, EAL4 augmented, EAL 4 augmented, EAL 6 augmentedClaims
O.RBGS, O.TST, O.PUF, O.RND, O.AES, O.TDES, O.RSA, O.ECC, OE.SUCP, OSP.TCSecurity Assurance Requirements (SAR)
ADV_ARC.1, ADV_FSP.4, ADV_TDS.3, ADV_IMP.1, ADV_FUN.1, AGD_OPE.1, AGD_PRE.1, ALC_DVS.2, ALC_FLR.1, ALC_CMC.4, ALC_CMS.4, ALC_DEL.1, ALC_LCD.1, ALC_TAT.1, ATE_DPT.2, ATE_DPT, ATE_DPT.1, ATE_DPT.3, ATE_COV.2, ATE_FUN.1, AVA_VAN.5, ASE_TSS.2Security Functional Requirements (SFR)
FAU_GEN.1, FAU_STG.1, FAU_STG.3, FAU_STG.4, FAU_GEN, FAU_STG.4.1, FAU_GEN.1.1, FAU_GEN.1.2, FAU_STG, FAU_STG.2.1, FAU_STG.2.2, FAU_STG.2, FAU_SAS.1, FCS_CKM.5, FCS_RNG, FCS_RNG.1, FCS_RNG.1.2, FCS_COP, FCS_CKM, FCS_CKM.1, FCS_COP.1, FCS_CKM.4, FCS_CKM.6, FCS_RNG.1.1, FCS_CKM.2, FCS_RBG.1, FCS_CKM.6.1, FCS_CKM.6.2, FDP_SDC, FDP_DAU, FDP_UCT, FDP_ACC.1, FDP_IFC.1, FDP_UIT, FDP_ITC, FDP_ETC, FDP_ACC, FDP_ACF, FDP_ACF.1, FDP_ITC.1, FDP_ITC.2, FDP_DAU.1, FDP_DAU.2, FDP_ETC.2, FDP_ETC.2.1, FDP_ETC.2.2, FDP_ETC.2.3, FDP_ETC.2.5, FDP_ETC.1, FDP_ETC.1.1, FDP_ETC.2.4, FDP_ETC.1.2, FDP_SDC.1, FDP_SDC.1.1, FDP_RIP, FDP_RIP.1, FDP_SDI.1, FDP_ITT.1, FDP_SDI.2, FIA_API, FIA_UID.1, FIA_UAU.1, FIA_UAU.5.1, FIA_API.1, FIA_UAU.5, FIA_ATD.1, FIA_ATD.1.1, FIA_AFL.1, FIA_AFL.1.1, FIA_AFL.1.2, FIA_USB.1, FIA_USB.1.1, FIA_USB.1.2, FIA_USB.1.3, FIA_UID.1.1, FIA_UID.1.2, FIA_UAU.1.1, FIA_UAU.1.2, FIA_UAU.5.2, FIA_UAU.6, FIA_UAU.6.1, FMT_MTD.1, FMT_MTD.3, FMT_MSA.1, FMT_MSA.4, FMT_MTD, FMT_MOF, FMT_SMF, FMT_SMR, FMT_MSA, FMT_SMR.1, FMT_SMF.1, FMT_MSA.3, FMT_MOF.1.1, FMT_SAE.1, FMT_MTD.3.1, FMT_SAE.1.1, FMT_SAE.1.2, FMT_SMF.1.1, FMT_MOF.1, FMT_MSA.2, FMT_SMR.1.1, FMT_SMR.1.2, FMT_MSA.2.1, FMT_LIM.1, FMT_LIM, FMT_LIM.2, FPT_TCT, FPT_TIT, FPT_ISA, FPT_ESA, FPT_TCT.1, FPT_TCT.1.1, FPT_TIT.1, FPT_TIT.1.1, FPT_TIT.1.2, FPT_ISA.1, FPT_TDC.1, FPT_ISA.1.1, FPT_ISA.1.2, FPT_ISA.1.3, FPT_ISA.1.4, FPT_ISA.1.5, FPT_ESA.1, FPT_ESA.1.1, FPT_ESA.1.2, FPT_ESA.1.3, FPT_ESA.1.4, FPT_STM.1, FPT_TDC, FPT_TST.1, FPT_STM.1.1, FPT_FLS.1, FPT_TST.1.2, FPT_TST.1.3, FPT_FLS.1.1, FPT_PHP.3, FPT_TST.1.1, FPT_TST, FPT_PHP.3.1, FPT_EMS.1, FPT_FLS, FPT_PHP, FPT_ITT.1, FRU_FLT.2, FRU_FLT.1, FRU_FLT.2.1, FTP_ITC.1, FTP_ITC.1.1, FTP_ITC.1.2, FTP_ITC.1.3, FTP_TRP.1, FTP_ITCProtection profiles
BSI-CC-PP-0104-2019, BSI-CC-PP-0107-2019, BSI-CC-PP0035, BSI-CC-PP0104, BSI-CC-PP-0104-Certificates
BSI-DSZ-CC-1264, BSI-DSZ-CC-1149-V4-2025, BSI-DSZ-CC-1149Evaluation facilities
Deutsche Telekom SecuritySide-channel analysis
Leak-Inherent, physical probing, side channels, physical tampering, malfunction, Malfunction, JILStandards
FIPS PUB 186-4, FIPS186, FIPS 180-4, FIPS180, FIPS197, FIPS PUB 180-4, NIST SP 800-108, PKCS #1, PKCS#1, AIS36, AIS31, AIS 31, AIS 36, RFC5639, RFC5903, RFC6954, RFC8017, RFC2104, RFC 2104, RFC 5639, RFC 5903, RFC 6954, RFC 8017, ISO/IEC 19790, ISO/IEC 10116:2017, ICAO, CCMB-2022-11-006Technical reports
BSI TR-03151File metadata
| Title | TCOS CSP Module 2.0 Release 1/P71 |
|---|---|
| Subject | TCOS Cryptographic Service Provider |
| Keywords | Crypto Service Provider, TCOS, Electronic Cash Register, TSE |
| Author | Deutsche Telekom Security GmbH |
| Pages | 105 |
References
Outgoing- BSI-DSZ-CC-1149-V4-2025 - active - NXP Secure Smart Card Controller N7122 with IC Dedicated Software and Crypto Library (R1/R2/R3)
Heuristics
Automated inference - use with caution
All attributes shown in this section (e.g., links between certificates, products, vendors, and known CVEs) are generated by automated heuristics and have not been reviewed by humans. These methods can produce false positives or false negatives and should not be treated as definitive without independent verification. For details on our data sources and inference methods, see our methodology. If you believe any information here is inaccurate or harmful, please submit feedback.Certificate ID
BSI-DSZ-CC-1264-2026Extracted SARs
ADV_ARC.1, ADV_FSP.4, ADV_FUN.1, ADV_IMP.1, ADV_TDS.3, AGD_OPE.1, AGD_PRE.1, ALC_CMC.4, ALC_CMS.4, ALC_DEL.1, ALC_DVS.2, ALC_FLR.1, ALC_LCD.1, ALC_TAT.1, ASE_TSS.2, ATE_COV.2, ATE_DPT.3, ATE_FUN.1, AVA_VAN.5Similar certificates
Showing 5 out of 6.
Scheme data
| Cert Id | BSI-DSZ-CC-1264-2026 | |
|---|---|---|
| Product | TCOS CSP Module Version 2.0 Release 1/P71 | |
| Vendor | Deutsche Telekom Security GmbH | |
| Certification Date | 14.01.2026 | |
| Category | Smart Cards and similar devices | |
| Url | https://www.bsi.bund.de/SharedDocs/Zertifikate_CC/CC/SmartCards_Betriebssysteme_Anwendungen/1264.html | |
| Enhanced | ||
| Product | TCOS CSP Module Version 2.0 Release 1/P71 | |
| Applicant | Deutsche Telekom Security GmbH Koblenzer StraĂźe 87-93 57072 Siegen | |
| Evaluation Facility | SRC Security Research & Consulting GmbH | |
| Assurance Level | EAL4+,ALC_DVS.2,AVA_VAN.5 | |
| Protection Profile | Cryptographic Service Provider (CSP) Version 0.9.8, 19 February 2019, BSI-CC-PP-0104-2019Protection Profile Configuration Cryptographic Service Provider – Time Stamp Service and Audit (PPC-CSP-TS-Au) Version 0.9.5, 8 April 2019, BSI-CC-PP-0107-2019 | |
| Certification Date | 14.01.2026 | |
| Expiration Date | 13.01.2031 | |
| Entries | [frozendict({'id': 'Cryptographic Service Provider (', 'description': ') Version 0.9.8, 19 February 2019'}), frozendict({'id': 'Protection Profile Configuration Cryptographic Service Provider – Time Stamp Service and Audit (PPC-', 'description': '-Au) Version 0.9.5, 8 April 2019'})] | |
| Report Link | https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1200/1264a_pdf.pdf?__blob=publicationFile&v=3 | |
| Target Link | https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1200/1264b_pdf.pdf?__blob=publicationFile&v=3 | |
| Cert Link | https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1200/1264c_pdf.pdf?__blob=publicationFile&v=3 | |
| Description | The Target of Evaluation (TOE) is a Cryptographic Service Provider (CSP) representing a smart card with contact based interfaces programmed according to the Protection Profile BSI-CC-PP-0104-2019 in conjunction with the Timestamp and Audit functionality Protection Profile BSI-CC-PP-0107-2019. | |
| Subcategory | Operating systems and applications | |
References
Loading...
Updates Feed
-
The certificate was first processed.
Raw data
{
"_type": "sec_certs.sample.cc.CCCertificate",
"category": "ICs, Smart Cards and Smart Card-Related Devices and Systems",
"cert_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1264c_pdf.pdf",
"dgst": "1298990fb98f2577",
"heuristics": {
"_type": "sec_certs.sample.cc_eucc_common.Heuristics",
"annotated_references": null,
"cert_id": "BSI-DSZ-CC-1264-2026",
"cert_lab": [
"BSI"
],
"cpe_matches": null,
"direct_transitive_cves": null,
"eal": "EAL4+",
"extracted_sars": {
"_type": "Set",
"elements": [
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_DEL",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_FUN",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_CMS",
"level": 4
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_TDS",
"level": 3
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AVA_VAN",
"level": 5
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_DPT",
"level": 3
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_COV",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_FLR",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_FUN",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_FSP",
"level": 4
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_DVS",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_ARC",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_TAT",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AGD_OPE",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_CMC",
"level": 4
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_TSS",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_LCD",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AGD_PRE",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_IMP",
"level": 1
}
]
},
"extracted_versions": {
"_type": "Set",
"elements": [
"2.0"
]
},
"indirect_transitive_cves": null,
"next_certificates": null,
"prev_certificates": null,
"protection_profiles": {
"_type": "Set",
"elements": [
"1153ad24c84b397a",
"ae9dcab62c3296a2"
]
},
"related_cves": null,
"report_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": {
"_type": "Set",
"elements": [
"BSI-DSZ-CC-1149-V4-2025"
]
},
"indirectly_referenced_by": null,
"indirectly_referencing": {
"_type": "Set",
"elements": [
"BSI-DSZ-CC-1149-V2-2023",
"BSI-DSZ-CC-1149-V3-2023",
"BSI-DSZ-CC-1149-2022",
"BSI-DSZ-CC-1149-V4-2025"
]
}
},
"scheme_data": {
"category": "Smart Cards and similar devices",
"cert_id": "BSI-DSZ-CC-1264-2026",
"certification_date": "2026-01-14",
"enhanced": {
"applicant": "Deutsche Telekom Security GmbH Koblenzer Stra\u00dfe 87-93 57072 Siegen",
"assurance_level": "EAL4+,ALC_DVS.2,AVA_VAN.5",
"cert_link": "https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1200/1264c_pdf.pdf?__blob=publicationFile\u0026v=3",
"certification_date": "2026-01-14",
"description": "The Target of Evaluation (TOE) is a Cryptographic Service Provider (CSP) representing a smart card with contact based interfaces programmed according to the Protection Profile BSI-CC-PP-0104-2019 in conjunction with the Timestamp and Audit functionality Protection Profile BSI-CC-PP-0107-2019.",
"entries": [
{
"description": ") Version 0.9.8, 19 February 2019",
"id": "Cryptographic Service Provider ("
},
{
"description": "-Au) Version 0.9.5, 8 April 2019",
"id": "Protection Profile Configuration Cryptographic Service Provider \u2013 Time Stamp Service and Audit (PPC-"
}
],
"evaluation_facility": "SRC Security Research \u0026 Consulting GmbH",
"expiration_date": "2031-01-13",
"product": "TCOS CSP Module Version 2.0 Release 1/P71",
"protection_profile": "Cryptographic Service Provider (CSP) Version 0.9.8, 19 February 2019, BSI-CC-PP-0104-2019Protection Profile Configuration Cryptographic Service Provider \u2013 Time Stamp Service and Audit (PPC-CSP-TS-Au) Version 0.9.5, 8 April 2019, BSI-CC-PP-0107-2019",
"report_link": "https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1200/1264a_pdf.pdf?__blob=publicationFile\u0026v=3",
"target_link": "https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1200/1264b_pdf.pdf?__blob=publicationFile\u0026v=3"
},
"product": "TCOS CSP Module Version 2.0 Release 1/P71",
"subcategory": "Operating systems and applications",
"url": "https://www.bsi.bund.de/SharedDocs/Zertifikate_CC/CC/SmartCards_Betriebssysteme_Anwendungen/1264.html",
"vendor": "Deutsche Telekom Security GmbH"
},
"st_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": {
"_type": "Set",
"elements": [
"BSI-DSZ-CC-1149-V4-2025"
]
},
"indirectly_referenced_by": null,
"indirectly_referencing": {
"_type": "Set",
"elements": [
"BSI-DSZ-CC-1149-V4-2025"
]
}
},
"verified_cpe_matches": null
},
"maintenance_updates": {
"_type": "Set",
"elements": []
},
"manufacturer": "Deutsche Telekom Security GmbH",
"manufacturer_web": "https://www.telekom.de/security",
"name": "TCOS CSP Module Version 2.0 Release 1/P71",
"not_valid_after": "2031-01-14",
"not_valid_before": "2026-01-14",
"pdf_data": {
"_type": "sec_certs.sample.cc_eucc_common.PdfData",
"cert_filename": "1264c_pdf.pdf",
"cert_frontpage": null,
"cert_keywords": {
"asymmetric_crypto": {},
"cc_cert_id": {
"DE": {
"BSI-DSZ-CC-1264-2026": 1
}
},
"cc_claims": {},
"cc_protection_profile_id": {
"BSI": {
"BSI-CC-PP-0104-2019": 1
}
},
"cc_sar": {
"ALC": {
"ALC_DVS.2": 1,
"ALC_FLR": 1
},
"AVA": {
"AVA_VAN.5": 1
}
},
"cc_security_level": {
"EAL": {
"EAL 2": 1,
"EAL 4": 1,
"EAL 4 augmented": 1
}
},
"cc_sfr": {},
"certification_process": {},
"cipher_mode": {},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {},
"crypto_scheme": {},
"device_model": {},
"ecc_curve": {},
"eval_facility": {
"DeutscheTelekom": {
"Deutsche Telekom Security": 1
}
},
"hash_function": {},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {},
"side_channel_analysis": {},
"standard_id": {
"ISO": {
"ISO/IEC 15408": 2,
"ISO/IEC 18045": 2
}
},
"symmetric_crypto": {},
"technical_report_id": {},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"cert_metadata": null,
"report_filename": "1264a_pdf.pdf",
"report_frontpage": {
"DE": {
"cc_security_level": "Common Criteria Part 3 conformant EAL 4 augmented by ALC_DVS.2 and AVA_VAN.5 valid until: 13 January 2031 SOGIS Recognition Agreement",
"cc_version": "PP conformant Common Criteria Part 2 extended",
"cert_id": "BSI-DSZ-CC-1264-2026",
"cert_item": "TCOS CSP Module Version 2.0 Release 1/P71",
"cert_lab": "BSI",
"developer": "Deutsche Telekom Security GmbH",
"match_rules": [
"(BSI-DSZ-CC-.+?) (?:for|For) (.+?) from (.*)"
],
"ref_protection_profiles": "Cryptographic Service Provider (CSP) Version 0.9.8, 19 February 2019, BSI-CC-PP-0104-2019, Protection Profile Configuration Cryptographic Service Provider \u2013 Time Stamp Service and Audit (PPC-CSP-TS-Au) Version 0.9.5, 8 April 2019, BSI- CC-PP-0107-2019"
}
},
"report_keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 4
},
"ECDSA": {
"ECDSA": 4
}
}
},
"cc_cert_id": {
"DE": {
"BSI-DSZ-CC-1059-": 1,
"BSI-DSZ-CC-1078": 1,
"BSI-DSZ-CC-1149-": 1,
"BSI-DSZ-CC-1149-V4-2025": 2,
"BSI-DSZ-CC-1188": 1,
"BSI-DSZ-CC-1264-2026": 17
}
},
"cc_claims": {
"OE": {
"OE.SUCP": 1
}
},
"cc_protection_profile_id": {
"BSI": {
"BSI-CC-PP-0104-2019": 3,
"BSI-CC-PP-0107-": 1,
"BSI-CC-PP-0107-2019": 2
}
},
"cc_sar": {
"ADV": {
"ADV_ARC": 1
},
"ALC": {
"ALC_CMC.4": 1,
"ALC_CMS.4": 1,
"ALC_DEL.1": 1,
"ALC_DVS.2": 5,
"ALC_FLR": 3,
"ALC_LCD.1": 1,
"ALC_TAT.1": 1
},
"AVA": {
"AVA_VAN.5": 4
}
},
"cc_security_level": {
"EAL": {
"EAL 1": 1,
"EAL 2": 3,
"EAL 4": 5,
"EAL 4 augmented": 3,
"EAL5+": 1
}
},
"cc_sfr": {
"FCS": {
"FCS_CKM": 23,
"FCS_CKM.1": 1,
"FCS_COP": 18
},
"FIA": {
"FIA_API": 2
}
},
"certification_process": {
"ConfidentialDocument": {
"CSP Module Version 2.0 Release 1/P71\u201d, Version 1.0, 03.11.2025, Deutsche Telekom Security GmbH (confidential document) [11] \u201cTCOS CSP Module 2.0 - User\u2019s Guidance Manual\u201d, Version 2.0.1, 25.09.2025, Deutsche Telekom": 1,
"ETR COMP), BSI-DSZ-CC-1149-V4-2025, Version 4, 2025-08-07, T\u00dcV Informationstechnik GmbH (confidential document) [15] Crypto Conformity Report, Version 1.0, 2025-08-21, \u201cAnalysis of cryptographic implementation": 1,
"GmbH (confidential document) [12] \u201cTCOS CSP Module 2.0.1 - Personalization Guidance\u201d, Version 1.5, 25.08.2025, Deutsche Telekom": 1,
"GmbH (confidential document) [13] \u201cUpdate im Feld unter TCOS CSP\u201d, Deutsche Telekom Security GmbH, Version 1.0, 25.09.2025": 1,
"Update im Feld unter TCOS CSP Module 2.0, Version 1.0, 25.09.2025, Deutsche Telekom Security GmbH (confidential document) [RNG] Zufallszahlengenerierung in TCOS, Version 1.51, 02.07.2025, Deutsche Telekom Security GmbH": 1,
"being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification": 1,
"conformity to standards\u201d, SRC Security Research \u0026 Consulting GmbH, (confidential document) 28 / 31 BSI-DSZ-CC-1264-2026 Certification Report C. Excerpts from the Criteria For the meaning": 1,
"\u201cEvaluation Report - Evaluation Technical Report (ETR)\u201d, SRC Security Research \u0026 Consulting GmbH, (confidential document) 7 See sec. 9.1 27 / 31 Certification Report BSI-DSZ-CC-1264-2026 [7] Cryptographic Service": 1
}
},
"cipher_mode": {
"CBC": {
"CBC": 2
},
"ECB": {
"ECB": 4
},
"GCM": {
"GCM": 1
},
"OFB": {
"OFB": 1
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"PACE": {
"PACE": 4
}
},
"crypto_scheme": {
"KA": {
"Key Agreement": 1,
"Key agreement": 1
},
"MAC": {
"MAC": 5
}
},
"device_model": {},
"ecc_curve": {},
"eval_facility": {
"DeutscheTelekom": {
"Deutsche Telekom Security": 13
},
"SRC": {
"SRC Security Research \u0026 Consulting": 4
},
"TUV": {
"T\u00dcV Informationstechnik": 1
}
},
"hash_function": {
"SHA": {
"SHA2": {
"SHA-256": 1,
"SHA-384": 1,
"SHA-512": 2
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"RNG": {
"RNG": 3
}
},
"side_channel_analysis": {
"FI": {
"fault injection": 1,
"malfunction": 1
},
"SCA": {
"side channel": 1
},
"other": {
"JIL": 1
}
},
"standard_id": {
"BSI": {
"AIS 1": 1,
"AIS 34": 1,
"AIS 36": 1,
"AIS14": 1,
"AIS19": 1,
"AIS20": 1,
"AIS25": 1,
"AIS26": 1,
"AIS31": 1,
"AIS32": 1,
"AIS34": 1,
"AIS36": 1,
"AIS37": 1,
"AIS38": 1,
"AIS46": 1,
"AIS47": 1
},
"FIPS": {
"FIPS 180-4": 3,
"FIPS PUB 180-4": 1,
"FIPS PUB 186-4": 1,
"FIPS180": 2,
"FIPS180-4": 1,
"FIPS186": 9,
"FIPS186-4": 2,
"FIPS197": 9
},
"ICAO": {
"ICAO": 1
},
"ISO": {
"ISO/IEC 10116:2017": 1,
"ISO/IEC 15408": 4,
"ISO/IEC 17065": 2,
"ISO/IEC 18045": 4
},
"NIST": {
"SP 800-108": 1
},
"PKCS": {
"PKCS #1": 1,
"PKCS#1": 2
},
"RFC": {
"RFC 2104": 1,
"RFC 5639": 9,
"RFC 8017": 1,
"RFC2104": 2,
"RFC5639": 4,
"RFC8017": 4
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 13,
"AES-": 1,
"AES-128": 5,
"AES-256": 6
}
},
"DES": {
"3DES": {
"TDEA": 1
}
},
"constructions": {
"MAC": {
"CMAC": 3,
"HMAC": 3
}
}
},
"technical_report_id": {
"BSI": {
"BSI TR-02102": 1
}
},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {
"NXP": {
"NXP": 4,
"NXP Semiconductors": 1
}
},
"vulnerability": {}
},
"report_metadata": {
"/Author": "Federal Office for Information Security",
"/Keywords": "\"Common Criteria, Certification, Zertifizierung, Deutsche Telekom Security\"",
"/Subject": "Common Criteria, Certification, Zertifizierung, Deutsche Telekom Security",
"/Title": "BSI-DSZ-CC-1264-2025",
"pdf_file_size_bytes": 415210,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"http://www.commoncriteriaportal.org/",
"https://www.sogis.eu/",
"https://www.iso.org/standard/72913.html",
"https://www.bsi.bund.de/zertifizierung",
"https://www.bsi.bund.de/AIS",
"https://www.commoncriteriaportal.org/",
"https://www.bsi.bund.de/dok/Zertifizierung-Gesamtlisten",
"https://www.bsi.bund.de/",
"https://www.iso.org/standard/72906.html",
"https://www.iso.org/standard/72917.html",
"https://www.iso.org/standard/72892.html",
"https://www.iso.org/standard/72891.html",
"http://www.commoncriteriaportal.org/cc/"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 31
},
"st_filename": "1264b_pdf.pdf",
"st_frontpage": null,
"st_keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 15
},
"ECDSA": {
"ECDSA": 2
}
},
"FF": {
"DH": {
"DH": 2,
"Diffie-Hellman": 4
},
"DSA": {
"DSA": 1
}
}
},
"cc_cert_id": {
"DE": {
"BSI-DSZ-CC-1149": 1,
"BSI-DSZ-CC-1149-V4-2025": 1,
"BSI-DSZ-CC-1264": 1
}
},
"cc_claims": {
"O": {
"O.AES": 1,
"O.ECC": 1,
"O.PUF": 1,
"O.RBGS": 6,
"O.RND": 1,
"O.RSA": 1,
"O.TDES": 1,
"O.TST": 6
},
"OE": {
"OE.SUCP": 3
},
"OSP": {
"OSP.TC": 3
}
},
"cc_protection_profile_id": {
"BSI": {
"BSI-CC-PP-0104-": 1,
"BSI-CC-PP-0104-2019": 1,
"BSI-CC-PP-0107-2019": 2,
"BSI-CC-PP0035": 1,
"BSI-CC-PP0104": 1
}
},
"cc_sar": {
"ADV": {
"ADV_ARC.1": 5,
"ADV_FSP.4": 2,
"ADV_FUN.1": 1,
"ADV_IMP.1": 2,
"ADV_TDS.3": 3
},
"AGD": {
"AGD_OPE.1": 2,
"AGD_PRE.1": 2
},
"ALC": {
"ALC_CMC.4": 1,
"ALC_CMS.4": 1,
"ALC_DEL.1": 1,
"ALC_DVS.2": 8,
"ALC_FLR.1": 9,
"ALC_LCD.1": 1,
"ALC_TAT.1": 1
},
"ASE": {
"ASE_TSS.2": 1
},
"ATE": {
"ATE_COV.2": 1,
"ATE_DPT": 1,
"ATE_DPT.1": 1,
"ATE_DPT.2": 7,
"ATE_DPT.3": 1,
"ATE_FUN.1": 1
},
"AVA": {
"AVA_VAN.5": 8
}
},
"cc_security_level": {
"EAL": {
"EAL 4": 1,
"EAL 4 augmented": 1,
"EAL 6": 1,
"EAL 6 augmented": 1,
"EAL 6+": 1,
"EAL4": 10,
"EAL4 augmented": 2
}
},
"cc_sfr": {
"FAU": {
"FAU_GEN": 1,
"FAU_GEN.1": 7,
"FAU_GEN.1.1": 4,
"FAU_GEN.1.2": 1,
"FAU_SAS.1": 1,
"FAU_STG": 2,
"FAU_STG.1": 4,
"FAU_STG.2": 2,
"FAU_STG.2.1": 1,
"FAU_STG.2.2": 1,
"FAU_STG.3": 4,
"FAU_STG.4": 2,
"FAU_STG.4.1": 4
},
"FCS": {
"FCS_CKM": 98,
"FCS_CKM.1": 32,
"FCS_CKM.2": 13,
"FCS_CKM.4": 5,
"FCS_CKM.5": 16,
"FCS_CKM.6": 29,
"FCS_CKM.6.1": 2,
"FCS_CKM.6.2": 1,
"FCS_COP": 146,
"FCS_COP.1": 34,
"FCS_RBG.1": 5,
"FCS_RNG": 5,
"FCS_RNG.1": 17,
"FCS_RNG.1.1": 1,
"FCS_RNG.1.2": 2
},
"FDP": {
"FDP_ACC": 15,
"FDP_ACC.1": 28,
"FDP_ACF": 13,
"FDP_ACF.1": 18,
"FDP_DAU": 18,
"FDP_DAU.1": 3,
"FDP_DAU.2": 6,
"FDP_ETC": 4,
"FDP_ETC.1": 4,
"FDP_ETC.1.1": 1,
"FDP_ETC.1.2": 1,
"FDP_ETC.2": 10,
"FDP_ETC.2.1": 1,
"FDP_ETC.2.2": 1,
"FDP_ETC.2.3": 1,
"FDP_ETC.2.4": 2,
"FDP_ETC.2.5": 1,
"FDP_IFC.1": 20,
"FDP_ITC": 19,
"FDP_ITC.1": 21,
"FDP_ITC.2": 32,
"FDP_ITT.1": 1,
"FDP_RIP": 4,
"FDP_RIP.1": 1,
"FDP_SDC": 3,
"FDP_SDC.1": 4,
"FDP_SDC.1.1": 2,
"FDP_SDI.1": 1,
"FDP_SDI.2": 1,
"FDP_UCT": 2,
"FDP_UIT": 2
},
"FIA": {
"FIA_AFL.1": 5,
"FIA_AFL.1.1": 1,
"FIA_AFL.1.2": 1,
"FIA_API": 11,
"FIA_API.1": 3,
"FIA_ATD.1": 4,
"FIA_ATD.1.1": 1,
"FIA_UAU.1": 6,
"FIA_UAU.1.1": 2,
"FIA_UAU.1.2": 1,
"FIA_UAU.5": 5,
"FIA_UAU.5.1": 11,
"FIA_UAU.5.2": 1,
"FIA_UAU.6": 4,
"FIA_UAU.6.1": 1,
"FIA_UID.1": 11,
"FIA_UID.1.1": 1,
"FIA_UID.1.2": 1,
"FIA_USB.1": 3,
"FIA_USB.1.1": 1,
"FIA_USB.1.2": 1,
"FIA_USB.1.3": 1
},
"FMT": {
"FMT_LIM": 2,
"FMT_LIM.1": 1,
"FMT_LIM.2": 1,
"FMT_MOF": 5,
"FMT_MOF.1": 7,
"FMT_MOF.1.1": 7,
"FMT_MSA": 12,
"FMT_MSA.1": 8,
"FMT_MSA.2": 5,
"FMT_MSA.2.1": 1,
"FMT_MSA.3": 5,
"FMT_MSA.4": 5,
"FMT_MTD": 21,
"FMT_MTD.1": 17,
"FMT_MTD.3": 13,
"FMT_MTD.3.1": 1,
"FMT_SAE.1": 6,
"FMT_SAE.1.1": 1,
"FMT_SAE.1.2": 1,
"FMT_SMF": 4,
"FMT_SMF.1": 11,
"FMT_SMF.1.1": 1,
"FMT_SMR": 4,
"FMT_SMR.1": 17,
"FMT_SMR.1.1": 1,
"FMT_SMR.1.2": 1
},
"FPT": {
"FPT_EMS.1": 1,
"FPT_ESA": 8,
"FPT_ESA.1": 9,
"FPT_ESA.1.1": 1,
"FPT_ESA.1.2": 1,
"FPT_ESA.1.3": 1,
"FPT_ESA.1.4": 1,
"FPT_FLS": 1,
"FPT_FLS.1": 9,
"FPT_FLS.1.1": 1,
"FPT_ISA": 12,
"FPT_ISA.1": 14,
"FPT_ISA.1.1": 1,
"FPT_ISA.1.2": 1,
"FPT_ISA.1.3": 1,
"FPT_ISA.1.4": 1,
"FPT_ISA.1.5": 1,
"FPT_ITT.1": 1,
"FPT_PHP": 1,
"FPT_PHP.3": 5,
"FPT_PHP.3.1": 1,
"FPT_STM.1": 11,
"FPT_STM.1.1": 4,
"FPT_TCT": 10,
"FPT_TCT.1": 5,
"FPT_TCT.1.1": 1,
"FPT_TDC": 9,
"FPT_TDC.1": 16,
"FPT_TIT": 15,
"FPT_TIT.1": 10,
"FPT_TIT.1.1": 2,
"FPT_TIT.1.2": 1,
"FPT_TST": 3,
"FPT_TST.1": 7,
"FPT_TST.1.1": 1,
"FPT_TST.1.2": 2,
"FPT_TST.1.3": 2
},
"FRU": {
"FRU_FLT.1": 1,
"FRU_FLT.2": 6,
"FRU_FLT.2.1": 1
},
"FTP": {
"FTP_ITC": 1,
"FTP_ITC.1": 18,
"FTP_ITC.1.1": 1,
"FTP_ITC.1.2": 1,
"FTP_ITC.1.3": 1,
"FTP_TRP.1": 3
}
},
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 8
},
"CCM": {
"CCM": 4
},
"CFB": {
"CFB": 1
},
"GCM": {
"GCM": 5
},
"OFB": {
"OFB": 2
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"IKE": {
"IKE": 1,
"IKEv2": 2
},
"PACE": {
"PACE": 13
}
},
"crypto_scheme": {
"KA": {
"Key Agreement": 1,
"Key agreement": 5
},
"KEX": {
"Key Exchange": 1
},
"MAC": {
"MAC": 46
}
},
"device_model": {},
"ecc_curve": {
"Brainpool": {
"brainpoolP192r1": 1,
"brainpoolP192t1": 1,
"brainpoolP224r1": 1,
"brainpoolP224t1": 1,
"brainpoolP256r1": 4,
"brainpoolP256t1": 1,
"brainpoolP320r1": 1,
"brainpoolP320t1": 1,
"brainpoolP384r1": 2,
"brainpoolP384t1": 1,
"brainpoolP512r1": 2,
"brainpoolP512t1": 1
},
"NIST": {
"Curve P-192": 1,
"Curve P-256": 1,
"Curve P-384": 1,
"Curve P-521": 1,
"P-192": 1,
"P-256": 1,
"P-384": 1,
"P-521": 1,
"secp256r1": 1
}
},
"eval_facility": {
"DeutscheTelekom": {
"Deutsche Telekom Security": 110
}
},
"hash_function": {
"SHA": {
"SHA1": {
"SHA-1": 1
},
"SHA2": {
"SHA-256": 4,
"SHA-384": 2,
"SHA-512": 1,
"SHA384": 1
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"RNG": {
"RND": 1,
"RNG": 9
}
},
"side_channel_analysis": {
"FI": {
"Malfunction": 1,
"malfunction": 2,
"physical tampering": 1
},
"SCA": {
"Leak-Inherent": 1,
"physical probing": 5,
"side channels": 1
},
"other": {
"JIL": 8
}
},
"standard_id": {
"BSI": {
"AIS 31": 1,
"AIS 36": 1,
"AIS31": 2,
"AIS36": 2
},
"CC": {
"CCMB-2022-11-006": 2
},
"FIPS": {
"FIPS 180-4": 1,
"FIPS PUB 180-4": 1,
"FIPS PUB 186-4": 4,
"FIPS180": 2,
"FIPS186": 4,
"FIPS197": 11
},
"ICAO": {
"ICAO": 1
},
"ISO": {
"ISO/IEC 10116:2017": 1,
"ISO/IEC 19790": 6
},
"NIST": {
"NIST SP 800-108": 2
},
"PKCS": {
"PKCS #1": 4,
"PKCS#1": 2
},
"RFC": {
"RFC 2104": 1,
"RFC 5639": 1,
"RFC 5903": 1,
"RFC 6954": 1,
"RFC 8017": 1,
"RFC2104": 2,
"RFC5639": 13,
"RFC5903": 3,
"RFC6954": 4,
"RFC8017": 5
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 24,
"AES-": 2,
"AES-128": 9,
"AES-256": 11
}
},
"DES": {
"3DES": {
"TDEA": 1,
"TDES": 4
}
},
"constructions": {
"MAC": {
"CMAC": 14,
"HMAC": 9
}
}
},
"technical_report_id": {
"BSI": {
"BSI TR-03151": 1
}
},
"tee_name": {
"IBM": {
"SE": 3
}
},
"tls_cipher_suite": {},
"vendor": {
"NXP": {
"NXP": 5,
"NXP Semiconductors": 1
},
"STMicroelectronics": {
"STM": 1
}
},
"vulnerability": {}
},
"st_metadata": {
"/Author": "Deutsche Telekom Security GmbH",
"/Keywords": "Crypto Service Provider, TCOS, Electronic Cash Register, TSE",
"/Subject": "TCOS Cryptographic Service Provider",
"/Title": "TCOS CSP Module 2.0 Release 1/P71",
"pdf_file_size_bytes": 1786098,
"pdf_hyperlinks": {
"_type": "Set",
"elements": []
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 105
}
},
"protection_profile_links": {
"_type": "Set",
"elements": [
"https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/pp0104b_pdf.pdf",
"https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/pp0107b_pdf.pdf"
]
},
"report_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1264a_pdf.pdf",
"scheme": "DE",
"security_level": {
"_type": "Set",
"elements": [
"EAL4+",
"AVA_VAN.5",
"ALC_DVS.2"
]
},
"st_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1264b_pdf.pdf",
"state": {
"_type": "sec_certs.sample.cc_eucc_common.InternalState",
"cert": {
"_type": "sec_certs.sample.document_state.DocumentState",
"convert_ok": true,
"download_ok": true,
"extract_ok": false,
"json_hash": null,
"pdf_hash": "6bac731c00de606bf11a50c679add788c0b5434f7d080a675d4943c03985d176",
"txt_hash": "c488e6195646db9922e22431b28c59518ed472fdc892b2884aab81817c345763"
},
"report": {
"_type": "sec_certs.sample.document_state.DocumentState",
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"json_hash": null,
"pdf_hash": "c48760f42b2edd804b742d49efb68ebdae5190c787f59736e6a6fb58201f0edf",
"txt_hash": "ab262089242f40090425325cb633fe6bc2688ccabed0ef1ebfcf0aa31ba6be22"
},
"st": {
"_type": "sec_certs.sample.document_state.DocumentState",
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"json_hash": null,
"pdf_hash": "6c08d39764cd5c1a8d35ae25a887b8abd8dbb41178b424dcfe075f1e78f5a6a6",
"txt_hash": "cc000b12ed793d15962938bc3d0be445437e391abe7c6f42a84afbd27b849f25"
}
},
"status": "active"
}