By Joseph A. Naujokas, Naujokas & Associates
Back in 1996, ISO/IEC JTC1, Information Technology Standards Committee,
conducted an audit of its subcommittees to determine if the SC's were
properly addressing issues of conformance and interoperability in development
of IT Standards. SC17 addressed these questions at its plenary meeting
in Seoul, South Korea.
In a written reply, SC17 said that work was being done to develop test
methods for conformance testing. However, interoperability was outside
the scope of SC17. SC17 believed interoperability issues should be the
responsibility of application developers.
One such interoperability example was Europay, MasterCard and VISA
who were in the process of developing the EMV specification for interoperability
of credit cards in interchange.
Another such example was the interoperability specification for GSM
cell phone SIM cards which was completed by the European Telecommunications
Standards Institute (ETSI) in 1992.
Actually, test methods for IC cards with contacts were woefully inadequate
in 1996 and it became a hot issue 1997-98. WG1, who had overall responsibility
for test methods in SC17, challenged WG4 to update their test methods
to be suitable for compliance testing. This was resolved with the first
publication of ISO/IEC 10373-3 IC Card Test methods in 2001.
Recently, compliance testing problems have surfaced with contactless
IC cards. These are being addressed by SC17 WG8. I expect that a Contactless
IC test reader specification, similar to that developed for mag stripes,
may be considered.
SC17 WG3 early recognized the importance of interoperability for machine
readable travel documents. Work started 1998 on a data structure independent
of the card technology. While the initial work was completed in a relatively
short time period, it was put on hold for a few years as the work on
biometric technology progressed at a slower pace.
Interoperability was the genesis for work on the international driver's
license standard which was started in 2001.
Then in the aftermath of 9/11, ID cards for security purposes took
on more importance. The US Government soon decided that smart cards
would be required for secure personal identification of government employees,
contractors, and military personnel. Their needs were global in nature,
and the US Department of Commerce quickly realized that interoperability
of smart cards was required for both functionality and implementation
in a global environment.
So, in 2001, the US Department of Commerce through its agency, National
Institute of Standards and Technology (NIST), began working towards
establishing a New Work
item in SC17 on smart card interoperability. Germany and Japan indicated
support at the NP at the SC17 Plenary meeting, October 2003, as it fits
in with their plans to implement a smart card based systems to deliver
services to its citizens.
A New Work Item proposal was submitted by the USA to SC17 with voting
scheduled to conclude February 13, 2004. The SC17 Chair is so confident
of its passage, that he has scheduled a meeting of SC17 convenors and
other interested parties for March 5, 2004 to discuss the scope and
the way forward with the interoperability work. One of the basic issues
is whether to place the work in an existing WG or create a new WG in
SC17.
Even WG3 has now begun to realize that interoperability extends beyond
data structures and biometric templates as they are now finding interoperability
problems with the implementation of passports with contactless IC's.
Not all readers can read cards that are so-called "compliant with
ISO/IEC 14443." This is putting a big snag in their efforts to
have ISO/IEC 14443 compliant contactless IC passports being issued after
October, 2004. Both reader and IC vendors are being pressured by WG3
to solve the problems.
ISO/IEC JTC1 SC17 lost a large part of its personal ID work charter
by being too slow to respond to marketplace requirements of biometrics.
Instead, a new subcommittee, SC37, was created to do the work. SC17
is not making that mistake again.
SC17's further recognition of the importance of interoperability is
evident in plans to participate as a liaison with the International
Health Card Standards under way in ISO TC215 Health Informatics.
The attention being given to interoperability is a complete turnabout
from the SC17 position at the Korean Plenary in 1996 where it concluded
that "there is no market requirement for generic conformance assessment
and interoperability standards." Including interoperability as
part of SC17's scope and paying more attention to conformance testing
standards is certainly a positive step for our industry.