Java Card

Java Card is a software technology that allows Java-based applications (applets) to be run securely on smart cards and more generally on similar secure small memory footprint devices^[1] which are called "secure elements" (SE). Today, a secure element is not limited to its smart cards and other removable cryptographic tokens form factors; embedded SEs soldered onto a device board and new security designs embedded into general purpose chips are also widely used. Java Card addresses this hardware fragmentation and specificities while retaining code portability brought forward by Java.

Java Card is the tiniest of Java platforms targeted for embedded devices. Java Card gives the user the ability to program the devices and make them application specific. It is widely used in different markets: wireless telecommunications within SIM cards and embedded SIM, payment within banking cards^[2] and NFC mobile payment and for identity cards, healthcare cards, and passports. Several IoT products like gateways are also using Java Card based products to secure communications with a cloud service for instance.

The first Java Card was introduced in 1996 by Schlumberger's card division which later merged with Gemplus to form Gemalto. Java Card products are based on the specifications by Sun Microsystems (later a subsidiary of Oracle Corporation). Many Java card products also rely on the GlobalPlatform specifications for the secure management of applications on the card (download, installation, personalization, deletion).

The main design goals of the Java Card technology are portability, security and backward compatibility.^[3]

^ Chen, Z. (2000). Java Card Technology for Smart Cards: Architecture and Programmer's Guide. Addison-Wesley Java Series. Addison-Wesley. ISBN 978-0-201-70329-0. Retrieved 9 April 2019.
^ Oracle Learning Library (2013-01-30), Developing Java Card Applications, archived from the original on 2021-12-13, retrieved 2019-04-18
^ Ahmed Patel; Kenan Kalajdzic; Laleh Golafshan; Mona Taghavi (2011). "Design and Implementation of a Zero-Knowledge Authentication Framework for Java Card". International Journal of Information Security and Privacy. 5 (3). IGI: 1–18. doi:10.4018/ijisp.2011070101.

[Chen_2000-1] Chen, Z. (2000). Java Card Technology for Smart Cards: Architecture and Programmer's Guide. Addison-Wesley Java Series. Addison-Wesley. ISBN 978-0-201-70329-0. Retrieved 9 April 2019.

[2] Oracle Learning Library (2013-01-30), Developing Java Card Applications, archived from the original on 2021-12-13, retrieved 2019-04-18

[3] Ahmed Patel; Kenan Kalajdzic; Laleh Golafshan; Mona Taghavi (2011). "Design and Implementation of a Zero-Knowledge Authentication Framework for Java Card". International Journal of Information Security and Privacy. 5 (3). IGI: 1–18. doi:10.4018/ijisp.2011070101.

[1]

[2]

[3]

Java platform editions

Java Card Java ME (Micro Edition) Java SE (Standard Edition) Jakarta EE (Enterprise Edition) JavaFX (bundled in Oracle's JDK from versions 8 to 10 but separately since 11) PersonalJava (Discontinued)
v t e