Protection Profile List

Personal Number Cards Protection Profile

Japan Agency for Local Authority Information Systems
Last Updated 2015-10-22
Protection Profile Name :
Personal Number Cards Protection Profile
Version of PP :
Technology Type :
Personal Number Cards
Certification No. :
Date :
Version of Common Criteria:
3.1 release4
Conformance Claim :
EAL4 Augmented with ALC_DVS.2, AVA_VAN.5
PP Identifier :
Procurement Entity :
Japan Agency for Local Authority Information Systems


Description of PP

This PP provides security requirements for “Personal Number Cards”, which are the IC cards used for “The Social Security and Tax Number System” in Japan.
The TOE in this PP is an IC card including an IC chip that supports both a contact interface and a contactless interface.
In order to provide services of Personal Number Cards, four basic APs, a platform for APs and data for those programs are installed in the TOE.


PP security functionality

The PP requests a TOE to implement (1) security functions specific to the services of Personal Number Cards, and (2) security functions commonly required for IC cards. The main security features of the TOE are as follows:

- secure communication
  The TOE communicates using its external interfaces (i.e. contact interface or contactless interface) with an external device. For communication data which need protection from eavesdropping and/or tampering, the TOE protects confidentiality and/or integrity of those communication data by applying data encryption/decryption and/or generation/verification of message authentication code (MAC).
- identification and authentication
  In order to provide services specified for operators depending on their privilege, the TOE performs operator authentication for each service, and enforces access controls.
- cryptographic functionality
  The TOE provides the cryptographic processing functionality for services of the platform and the application programs.
- protection against physical attacks
  The TOE also mitigates physical attacks against its hardware part.


Security functional requirements

PP requires the following security functional requirements:

Security audit Non-repudiation of origin/receipt Cryptographic functionality Access control
Data authentication Export data protection Information flow control Import data protection
Internal transfer data protection Residual information protection Rollback Stored data integrity
Transfer data confidentiality Transfer data integrity Identification and authentication Security management
Privacy Control Security functionality protection Resource utilisation management TOE access control
Trusted path/channels Random number generation