ISO IEC 24727-1-2014 PDF

Full title and description

ISO/IEC 24727-1:2014 — Identification cards — Integrated circuit card programming interfaces — Part 1: Architecture. Defines the system architecture and high-level principles for standardized programming interfaces that enable interactions between integrated circuit cards (ICCs) and external applications, with an emphasis on interoperability, protocol independence and trusted processes.

Abstract

Specifies a set of programming interfaces and protocols to support interactions between ICCs and applications on diverse computing platforms. The ICCs are expected to provide generic multi‑sector services; their organization and operation conform to ISO/IEC 7816‑4. Part 1 describes the architecture, conceptual service and data models, means to achieve interoperability across application domains, and the security/trust rationale that supports trusted processes and backward compatibility mechanisms.

General information

• Status: Published (confirmed international standard)
• Publication date: June 2014
• Publisher: ISO and IEC (joint publication)
• ICS / categories: 35.240.15
• Edition / version: Edition 2 (2014)
• Number of pages: 19 (ISO official PDF; page counts reported by national/adopted versions or reseller catalogs may vary).

Information above is taken from the ISO bibliographic record and related catalogues; earlier edition ISO/IEC 24727‑1:2007 was withdrawn and superseded by the 2014 edition.

Scope

Part 1 defines the overall architecture and principles of operation for the ISO/IEC 24727 family. It sets out architectural attributes, logical layers, protocol independence, capability discovery concepts and the conceptual service/data models that allow multiple application domains to interoperate with ICCs while supporting security and trusted-channel mechanisms. The document does not constrain internal card implementations but defines the external programming interfaces and interactions needed for cross‑domain interoperability.

Key topics and requirements

• System architecture and architectural attributes for ICC programming interfaces.
• Logical layered model (client application, services access layer, generic card interface, connection and trusted-channel interfaces).
• Protocol independence to allow diverse physical and transport technologies (contact, contactless, close coupling).
• Capability discovery and mechanisms for backward compatibility with pre‑existing applications.
• Conceptual service and data models spanning multiple application domains (identification, authentication, digital signature, etc.).
• Security rationale and trusted process models for secure operation and lifecycle management.

Typical use and users

Implemented and referenced by national authorities, identity management and e‑ID programs, smart card vendors, system integrators, middleware and API designers, payment and authentication service providers, and testing bodies. Typical uses include enabling interoperable card access services for identification, authentication and digital signature applications across different platforms and application domains.

Related standards

ISO/IEC 24727 is a multipart standard. Closely related parts include: - Part 2: Generic card interface, - Part 3: Application interface, - Part 4: Application programming interface (API) administration, - Part 5: Testing procedures, - Part 6: Registration authority procedures for authentication protocols for interoperability. Several parts have amendments published in 2014. The series complements and references ISO/IEC 7816 where card-level behaviour is defined.

Keywords

smart card, integrated circuit card (ICC), programming interfaces, architecture, interoperability, ISO/IEC 24727, trusted channel, capability discovery, API, eID

FAQ

Q: What is this standard?

A: ISO/IEC 24727‑1:2014 is Part 1 (Architecture) of the ISO/IEC 24727 series that defines the high‑level architecture and principles for programmable interfaces between integrated circuit cards and external applications.

Q: What does it cover?

A: It covers architecture, logical layering, protocol independence, conceptual service and data models, interoperability mechanisms and the security rationale for trusted processes; it does not mandate internal card implementation details.

Q: Who typically uses it?

A: Governments, national identity/eID programs, smart card manufacturers, middleware and API developers, integrators, payment and authentication solution providers, and test laboratories use or reference this part when designing interoperable card-based systems.

Q: Is it current or superseded?

A: The 2014 edition (Edition 2) is the current published edition of Part 1 and it superseded the 2007 edition; ISO records show the 2014 edition as published/confirmed. Users should check the ISO catalogue or national standards bodies for any later amendments or confirmations.

Q: Is it part of a series?

A: Yes — ISO/IEC 24727 is a multipart standard (Parts 1–6) addressing architecture, generic card interface, application interface, API administration, testing procedures and registration authority procedures for authentication protocols.

Q: What are the key keywords?

A: smart card, ICC, programming interfaces, interoperability, architecture, trusted channel, capability discovery, API.