Skip to main content

Digital Security Development

Developing security-minded solutions today goes far beyond selecting your favorite cryptographic API and developing with your preferred programming language. There are actually lots of other parameters to be taken into account. They do not only depend on the choices made during the hardware platform design but also on the targeted use case and product.

Implementing security has become more challenging mainly because of

  • The complex and diverse infrastructure: on-card, off-card, communication networks and interfaces, app-stores, cryptographic APIs, etc.
  • The multi-factor authentication
  • The biometric authentication
  • The reunion of several Secure Component technologies in one device (SE, UICC, eUICC, TEE, TPM, etc.) like in smartphones, wearables or IoT devices
  • The different interfaces (Bluetooth/LE, ISO7816 contact, ISO14443 contactless/NFC, I2C, I3C, SPI, etc.)
  • The convergence of all the above technologies and the belonging of the device to one single user making those platforms genuinely multi-application environments.

Cardhoc has the competence to efficiently develop applications running on each of the above-mentioned Secure Components, layers, APIs and communication interfaces.

Our Software Development team uses the latest techniques to implement:

  • Secure Element / Smart Card applets in Java Card
  • Native Code cryptographic libraries
  • Secure MCU and TEE Trusted Applications in Java and C
  • Web applications in Vue, Svelte, PHP, uWSGI, etc.
  • Desktop applications in Python, C, C++ and Java using
    • Communication APIs:
      • PC/SC (WinSCard / PCSCLite / CCID, LibNFC)
      • OpenMobileAPI (formerly SEEK)
    • Cryptographic APIs like OpenSSL, PKCS#11, CNG, JCA, Bouncy Castle, etc.

On various platforms:

  • Microsoft Windows
  • Apple MacOS
  • Linux
  • BSD
  • iOS
  • Android

Cardhoc has also gathered experience in the development of Embedded SW (for “Proof of Concept” type of projects) using:

  • SDK boards embedding a secure hardware component like a TPM, a TEE, a Secure Element or a Secure MCUs
  • Single Board Computers like Arduino, Raspberry Pi, ESP32, STM32, RISC-V, etc.