1、BSI Standards Publication BS ISO/IEC 12905:2011 Integrated circuit cards Enhanced terminal accessibility using cardholder preference interface Incorporating corrigendum August 2013BS ISO/IEC 12905:2011 National foreword This British Standard is the UK implementation of ISO/IEC 12905:2011, incorporat
2、ing corrigendum August 2013. The start and finish of text introduced or altered by corrigendum is indicated in the text by tags. Text altered by ISO/IEC corrigendum August 2013 is indicated in the text by . The UK participation in its preparation was entrusted to Technical Committee IST/17, Cards an
3、d personal identification. A list of organizations represented on this committee can be obtained on request to its secretary. This publication does not purport to include all the necessary provisions of a contract. Users are responsible for its correct application. The British Standards Institution
4、2013. Published by BSI Standards Limited 2013 ISBN 978 0 580 84106 4 ICS 35.240.15 Compliance with a British Standard cannot confer immunity from legal obligations. This British Standard was published under the authority of the Standards Policy and Strategy Committee on 31 July 2011. Amendments/corr
5、igenda issued since publication Date Text affected 30 September 2013 Implementation of ISO/IEC corrigendum August 2013 BRITISH STANDARD Reference number ISO/IEC 12905:2011(E) ISO/IEC 2011INTERNATIONAL STANDARD ISO/IEC 12905 First edition 2011-07-15 Integrated circuit cards Enhanced terminal accessib
6、ility using cardholder preference interface Cartes circuit intgr Amlioration de laccs aux terminaux via une interface dacquisition des prfrences du porteur de carte BS ISO/IEC 12905:2011 ISO/IEC 12905:2011(E) COPYRIGHT PROTECTED DOCUMENT ISO/IEC 2011 All rights reserved. Unless otherwise specified,
7、no part of this publication may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from either ISO at the address below or ISOs member body in the country of the requester. ISO copyright office Case pos
8、tale 56 CH-1211 Geneva 20 Tel. + 41 22 749 01 11 Fax + 41 22 749 09 47 E-mail copyrightiso.org Web www.iso.org Published in Switzerland ii ISO/IEC 2013 All rights reservedBS ISO/IEC 12905:2011 ISO/IEC 12905:2011(E) iiiContents Page Foreword iv Introduction.v 1 Scope1 2 Normative references1 3 Terms
9、and definitions .2 4 Symbols and abbreviated terms 2 5 Overview.2 5.1 Universal Cardholder Information .2 5.2 Flexibility 3 5.3 Privacy of user related information .3 6 Requirements for interoperability3 6.1 Basic Rules of UCI.3 6.2 UCI Structure .4 6.3 Organization of UCI .4 6.3.1 Organization of G
10、lobal UCI.4 6.3.2 Organization of Local UCI.5 7 UCI organization and content 5 7.1 General structure of Global UCI.5 7.2 Global UCI components6 7.2.1 Global UCI, Tag 65 .6 7.2.2 Cardholder preferred language, Tag 5F2D6 7.2.3 Tag allocation authority and proprietary cardholders requirements. Tag 68.6
11、 7.2.4 Proprietary cardholders requirements, Tag 70-77 except 73 .7 7.2.5 Cardholders requirements for included features, Tag 7F22 7 7.2.6 Cardholders requirements for excluded features, Tag 7F237 7.3 General structure of Local UCI 7 7.4 UCI data objects 7 8 Construction of UCI.8 8.1 Construction of
12、 Global UCI 8 8.2 Construction of Local UCI 9 9 Procedure for reading UCI9 9.1 In case of Global UCI which exists in EF_ATR/INFO (Case 1)10 9.2 In case of Global UCI which exists in UCI_DF/DO (Case 2) 11 10 Maintenance.12 Annex A (normative) Data Element Specification for users with special needs13
13、A.1 User interface data objects.13 A.2 Coding of user requirements .14 A.3 Coding of user requirements for input15 A.4 Coding of user requirements for terminal output 23 Annex B (normative) .37 Annex C (informative) Comparison between Annex A and ISO/IEC 24786.39 Bibliography41 ISO/IEC 2013 All righ
14、ts reserved Summary of tags and meanings under the UCIBS ISO/IEC 12905:2011 ISO/IEC 12905:2011(E) iv Foreword ISO (the International Organization for Standardization) and IEC (the International Electrotechnical Commission) form the specialized system for worldwide standardization. National bodies th
15、at are members of ISO or IEC participate in the development of International Standards through technical committees established by the respective organization to deal with particular fields of technical activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other intern
16、ational organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the work. In the field of information technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1. International Standards are drafted in accordance with the rules given i
17、n the ISO/IEC Directives, Part 2. The main task of the joint technical committee is to prepare International Standards. Draft International Standards adopted by the joint technical committee are circulated to national bodies for voting. Publication as an International Standard requires approval by a
18、t least 75 % of the national bodies casting a vote. Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. ISO and IEC shall not be held responsible for identifying any or all such patent rights. ISO/IEC 12905 was prepared by Joint Techn
19、ical Committee ISO/IEC JTC 1, Information technology, Subcommittee SC 17, Cards and personal identification. ISO/IEC 2013 All rights reservedBS ISO/IEC 12905:2011 ISO/IEC 12905:2011(E) vIntroduction Card system terminals, which are commonly used worldwide in modern society and whose numbers are stil
20、l growing, do not operate effectively enough for cardholders with special needs or senior citizens because most of those terminals only have uniform man-machine interfaces. This International Standard aims to improve the man-machine interface through which cardholders interact with terminals by defi
21、ning a mechanism by which terminal functions can be adjusted to the individuals preferences. It can help terminal design to be more user-friendly by allowing the cardholder to carry his preferences within his card. This will benefit both ordinary cardholders and those with special needs. The purpose
22、 of this International Standard is to prescribe the contents and the form of unifying assistance information that can be mutually used in international systems to improve interoperability. Moreover, this will benefit manufacturers as currently system developers have to design and fund for each syste
23、m. ISO/IEC 2013 All rights reservedBS ISO/IEC 12905:2011 ISO/IEC 2013 All rights reservedBS ISO/IEC 12905:2011 INTERNATIONAL STANDARD ISO/IEC 12905:2011(E)1Integrated circuit cards Enhanced terminal accessibility using cardholder preference interface 1 Scope This International Standard specifies a s
24、et of data elements to be personalized into an integrated circuit card, encoding cardholder preferences. These data elements are to be retrieved from the card and to be used to indicate to the terminal that the user has special needs regarding the user interface. It is not intended to standardize th
25、e actual application programming interface or other terminal-specific software allowing the functionality, nor does it cover the actual alignment of the card to the card-reader slot. This International Standard is independent of the physical interface and is applicable to situations where the cardho
26、lder operates the card-accepting equipment (e.g. a cash dispenser, ticket machine, vending machine). It applies not only to ID-1 type cards, but also to SIM/UIM (ID-000) on mobile phones and form-factor-free contactless integrated circuit cards which are specified in ISO/IEC 14443. This Internationa
27、l Standard comprises: data elements containing the user preferences, the storage/retrieval formats for input and output of these data elements, security related to the information contained in these data elements, the access method to these data elements, and protection of cardholder information. 2
28、Normative references The following referenced documents are indispensable for the application of this document. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies. ISO/IEC 7816-4:2005, Identif
29、ication cards Integrated circuit cards Part 4: Organization, security and commands for interchange ISO/IEC 7816-6:2004, Identification cards Integrated circuit cards Part 6: Interindustry data elements for interchange ISO 639-1:2002, Codes for the representation of names of languages Part 1: Alpha-2
30、 code ISO/IEC 19785-3:2007, Information technology Common Biometric Exchange Formats Framework Part 3: Patron format specifications ISO/IEC 2013 All rights reservedBS ISO/IEC 12905:2011 ISO/IEC 12905:2011(E) 2 3 Terms and definitions For the purposes of this document, the following terms and definit
31、ions apply. 3.1 data element item of information seen at the interface for which are specified a name, a description of logical content, a format and a coding ISO/IEC 7816-4:2005 3.2 data object information seen at the interface consisting of the concatenation of a mandatory tag field, a mandatory l
32、ength field and a conditional value field ISO/IEC 7816-4:2005 3.3 template set of BER-TLV data objects forming the value field of a constructed BER-TLV data object ISO/IEC 7816-4:2005 3.4 UCI dataset set of data elements for each cardholder preference 4 Symbols and abbreviated terms ACR access contr
33、ol rule b8b1 bits one to eight of a byte BCD binary coded decimal DO data object ICC integrated circuit card PIN personal identification number SMS short message service TLV tag, length, value UCI universal cardholder information 5 Overview 5.1 Universal Cardholder Information This standard specifie
34、s a set of data elements to be personalized into the card encoding cardholder preferences. A set of data elements is called Universal Cardholder Information (UCI). ISO/IEC 2013 All rights reservedBS ISO/IEC 12905:2011 ISO/IEC 12905:2011(E) 3The UCI is held on the card, supplied and approved by a car
35、dholder and openly accessible by all. It may be used by the terminal and its applications to provide service in the form required by the cardholder. The UCI core dataset is intended to be read before the cardholder uses the application. That is, it may be read just after the card is presented to the
36、 terminal or just after application selection. 5.2 Flexibility The UCI should be specified in a flexible manner to cater for existing pre-defined situations, new and as yet undetermined environments (i.e. systems and terminal types), different application scenarios, and provider- specific requiremen
37、ts. UCI should be independent from specific systems or terminals. In addition, the UCI may be modified either temporarily or permanently by cardholder request; for example, if the cardholder is subject to a change in his / her circumstances. The implications of this are: many of the UCI dataset elem
38、ents are optional, as determined by the cardholder, where the provision of personal preference information is concerned. Where optional data elements specified in this standard are used, the formats shall be as specified in this standard; UCI allows itself to be formally extended through the use of
39、versions and version numbers, as well as informally extended on a case by case basis by providers and implementers who need to supply additional information in a standardised manner; a certificate or digital signature may optionally be associated with UCI data to warrant its authenticity and integri
40、ty; implementation of the on-card UCI application is not confined to its use in IC Cards compliant with ISO/IEC 7816. It may also be implemented on IC Cards compliant with other specifications providing that those cards support the provisions of this standard. 5.3 Privacy of user related information
41、 User privacy is provided as follows: the terminal shall not retain the data elements or objects stored on the card; a set of the data elements which is used for user preference should not be used for personal identification purposes. It may be linked to the personal information or it may be used wi
42、thout such a link; the data elements which are defined in this standard are not intended as a description of any or all of the obstacles faced by cardholders; the UCI shall always be available; modification of UCI preferences data by user shall require the permission of the cardholder. 6 Requirement
43、s for interoperability 6.1 Basic Rules of UCI The UCI dataset is accessible as chains of constructed data objects (DOs), with access mechanisms specified in this standard. Each constructed DO is known as one UCI Component. Constructed DOs shall use BER-TLV format. Constructed DOs shall use BER-TLV e
44、ncoding according to ISO/IEC 7816-4. ISO/IEC 2013 All rights reservedBS ISO/IEC 12905:2011 ISO/IEC 12905:2011(E) 4 The UCI dataset is recorded to the individual card for providing customization options when the cardholder uses the terminal (e.g. change the size of characters on screen or change the
45、contrast of the screen). See Annex A for a full list of options. Annex C shows the relationship between the data objects listed in Annex A and those listed in ISO/IEC 24786, Information technology User interfaces Accessible user interface for accessibility settings on information devices. 6.2 UCI St
46、ructure There are two types of UCI - Global or Local. Global UCI is common to all applications in an ICC. Local UCI exists in each application file. For the Local UCI, different Access Control Rules (ACRs) may apply. Figure 1 shows the Global UCI and Local UCI. The Global UCI shall be mandatory for
47、any implementation complying with this standard. In addition, application files may contain application specific user preferences in each Local UCI after a successful application selection. Figure 1 Global UCI and Local UCI 6.3 Organization of UCI 6.3.1 Organization of Global UCI The Global UCI shal
48、l be constructed as a logical hierarchy of Data Objects, both constructed and primitive (see ISO/IEC 7816-4:2005). A DO with tag 65 shall constitute Global UCI root, meaning that after initialization or after selection of Global UCI, Global UCI shall be accessible directly at the interface as a cons
49、tructed DO with tag 65. Figure 2 illustrates the types of data element specified in Global UCI. It does not show all possible data elements or components. ISO/IEC 2013 All rights reservedBS ISO/IEC 12905:2011 ISO/IEC 12905:2011(E) 565 Cardholder related data 5F2D Language Preference 68 Identification of allocation authority Proprietary cardholders requirements 7F22 Cardholder requirements included features 7F23 Cardholder requirements
