MTCOS Professional
Press
Releases| Press Release |
| MTCOS Professional in over 5.4 million Swiss Health Insurance Cards Nuremberg, May 2010 The introduction and production of the new health insurance cards began in Switzerland in accordance with the VVK Standard on 5 January 2010 for over 70 health insurers, in respect of 5.4 million health insurance payers on behalf of the VeKa Center of Santésuisse. The insurance card 2010 comes with a high-security microprocessor, which supports important cryptographic functions. Also, the European Health Insurance Card (EHIC), as a visual means of identification, is integrated into the back of the Swiss electronic insurance card. Furthermore, the identification data is stored on the back of the card. The Swiss insurance card is produced and personalised by Intercard AG in Zürich, and Trüb AG in Aarau. The personal data of the card holder is processed, produced and distributed only in Switzerland. The new health insurance card has a storage space for 90 items of emergency data, which can be stored with the voluntary agreement of the cardholder and doctor / pharmacist. The card of the VeKa Center also has a reserved storage capacity available on the chip for the medical professional, in which three extra electronic certificates (in accordance with X.509) can be stored for a canton model experiment – e. g. electronic patient files. (Source: www.veka-center.ch; www.intercard.ch) The card microprocessor is operated with the MTCOS Pro operating system from MaskTech on the high security chip platform ST23 from ST Microelectronics. MTCOS Pro certified in accordance with Common Criteria EAL 4+, supports the ISO chip card standards and has already been successfully used in the passport and ID markets for a long time. Thus it offers ideal conditions for the realisation of a health insurance card. Special for this usage the Card-to-Card authentication (C2C), a comprehensive PIN management functionality and further useful functions and file structures have been implemented. The C2C function is a PKI application specifically to allow a doctor (or similar professional) access to medical data. The C2C function is based on asymmetrical cryptographic processes with corresponding Card Verifiable Certificate (CVC) and a PKI structure, which through strict verification determines that only professionals with relevant specific access rights are able to access the medical emergency data information. The PKI structure with its CVC is technologically based on the already established passport standard, and thus allows for easy adaptation of the already obtainable software by the application developers, and in turn allows for cheaper integration. With the PIN management functionality the card holder can satisfy his data protection requirements by optional PIN protection of seven emergency file categories. For the so-called cantonal model experiments the universal standardised ISO/IEC 7816-15 / PKCS#15 file structure was chosen, which allows for a connection to medical applications via a corresponding middleware function. By way of corresponding cryptographic functions the Swiss medical insurance card is in the position to carry out strict authentication and strict authorisation (electronic patient files, E-regulation, specific web portals, recovery procedures, and so on). MaskTech was involved in the following areas in the successful project integration: High security chip card operation system (MTCOS); customer-specific product extension; product integration; support on the development of the personalisation infrastructure at the card manufacturer / personaliser; design of security aspects on the relevant national standards in close cooperation with the companies involved on the project. |
About MaskTech |