The nationwide use of chip cards for highly sensitive patient information requires the greatest possible attention to the card platforms used. The approval procedure is the responsibility of the German Federal Office for Information Security (BSI).
In its technical guideline TR-03106 “eHealth — Certification Concept for G2 Generation Cards”, the BSI provides a security evaluation of eHealth card platforms according to Common Criteria. The BSI provides the “Card Operating System Generation 2 (PP COS G2)” protection profile as the basis for this evaluation. This protection profile defines the overall security requirements for health cards.
The first step of the concrete evaluation is to derive the security objective for the specific card platform. The evaluation is carried out on this basis. The results of the security evaluation are submitted to the BSI for security certification.
SRC is recognized by the BSI as a Common Criteria (ISO 15408) and Smart Card Evaluation Facility.
We would be pleased to offer you the opportunity to draw on the expertise of our experts when evaluating your eHealth card platform.
Contact
Dr. Bertolt Krüger
Inspection Authority
SRC Security Research & Consulting GmbH
