Java Card is the leading open, interoperable platform for secure elements, enabling smart cards and other tamper-resistant chips to host multiple applications using Java technology. Java Card is an execution platform that can store and update multiple applications on a single resource-constrained device, while retaining the highest certification levels and compatibility with standards.
Release 3.2 of Java Card technology specifications comes with various enhancements, such as support for (D)TLS1.3 protocols. This latest release also includes API clarifications to help application developers and significantly increase the level of interoperability across multiple implementations. It is the reference for new Java Card technology products.
Get all the basics you need to know to start using Java Card technology—documentation, set up, programming, and more.
The Java Card platform is at its core a very minimal subset of Java, enriched with unique features catering to the needs of secure elements implementers and developers, specifically:
Applets developed with Java Card technology will run on any Java Card technology-enabled product, independently of the software vendor and underlying hardware. Java Card is available on a wide range of silicon form factors, including smart cards, embedded chips, secure enclaves within CPUs and MCUs, and removable SIMs. Applications can be reused across those form factors, enabling customers to maximize their security/cost ratio and supporting seamless migration if security requirements evolve.
Java Card technology relies on the inherent security of the Java programming language to provide a secure execution environment. An open design process, proven industry deployments, and high-level security evaluations make the Java Card platform one of the most capable and secure technology available today. Java Card also supports the latest security standards and is regularly updated with state-of-the-art cryptography algorithms, modes, and protocols.
Java Card technology enables multiple applications from multiple vendors to coexist securely on a single secure element. For example, several payment schemes can be included in the same chip or a SIM application can be loaded alongside device security services in an embedded secure element.
New services are developed using standards-based Java tools and can be created and deployed at any time during the life of a Java Card product. Remote management and upgrade of applications allows service providers to constantly adapt to security threats. Applets are updatable in the field, ensuring always-current device security to end users.
Java Card– based products are certified at the highest level (e.g. EAL4+ to EAL7+) using the Java Card Protection Profile as the world wide reference provided by Oracle. Additionally, it reduces the time and cost and time is savedfor developers to certify applets using composition models.
The Java Card API is compatible with international standards for secure elements, such as ISO 7816 or mobile communication standards issued by ETSI/3GPP. Major industry-specific standards, such as EMVCo and GlobalPlatform refer to the Java Card API.
Oracle Java Card technology provides the ability to program application-specific embedded devices. A few of the many use cases include SIM cards and embedded SIM in telecommunications, NFC mobile payment, and secure identification needs, such as passports.
Oracle Java Card technology Development Kit Tools are used to convert and verify Java Card applications. The tools can be used with products based on version 3.1, 3.0.5, and 3.0.4 of the Java Card Specifications.
The Java Card Development Kit Simulator offers a testing and debugging reference for Java Card applications. It includes a Java Card simulation environment and Eclipse plugin. It provides support for the latest Java Card 3.1 Specification and can also run applications written for earlier releases.
Use Java Card on a secure element in an IoT device to secure access to peripherals on an I3C bus.
Secure communication between IoT devices and IoT cloud services using Java Card.
Password-less authentication using biometry based on the FIDO specification with Java Card and Oracle Identity Cloud Service.
We’ll cover the fundamentals: What is the Java Card ecosystem? What is the Java Card technology? And how to develop a Java Card applet.
Learn how the Java Card platform can be used for EHR integration, device authentication, integrity, provisioning, and other use cases.
Learn how to improve the security and enforce the authenticity of new transactions added to a blockchain.
See how Java Card provides a secure IoT device attestation service that can ensure an onboarding checking device identity and other attributes.
Nicolas Ponsini, Java Security Solutions Architect, Oracle
Like any new Java Card release, this latest Java Card release comes with enhancements, such as support for (D)TLS1.3 protocols and API clarifications to help application developers and significantly increase the level of interoperability across multiple implementations.Read the complete post
Get familiar with Java Card Development Kit Tools.
Get familiar with Java Card Development Kit Simulator and Eclipse Plugin.
Learn the basics of developing Java Card applications.
Get information on becoming a Java Card licensee.