Gemalto Achieves Major Breakthrough in Security Technology with Java CardTM Highest Level of Certification

World's first Common Criteria certificate of a smart card involving formal assurances from the utmost EAL7 level

Amsterdam, The Netherlands – October 10, 2007 - Gemalto (Euronext NL0000400653 GTO), the world leader in digital security, today announces that its implementation of Java CardTM technology has been Common Criteria certified EAL4 using formal assurances from the EAL7 level, the highest level of certification possible. This is the world's first Common Criteria certificate of a smart card involving formal assurances from the EAL7 level. It provides high confidence in open multi-application cards as it ensures that each embedded application is completely and securely isolated from the others and that this security process has been mathematically proven. Gemalto received the certification end of September 2007.

The EAL levels, which range from 0 to 7, offer a simple scale for comparative measurement to the consumer. Internationally designed and recognized “Common Criteria� security certificates using the EAL scale enable to verify that products meet the security claims made by vendors. The EAL7 formal assurances in this certification provide the highest measure to verify the design and implementation of the security mechanisms of the Java Card System of the smart card. This achievement demonstrates that Gemalto uses the most advanced means of designing and testing the security of its Java Card products. The certification also conforms to Sun Microsystems’ Java Card System Protection Profile.

The certification was performed by the French DCSSI (Central Administration for Information Systems Security – Direction Centrale de la Sécurité des Systèmes d’Information). The measures of the DCSSI are focused on the functional and assurance requirements of a security product. Functional requirements define the desired security of the product as offered by the security vendor, and assurance requirements confirm the effectiveness and implementation of the security mechanisms.

This certificate received by Gemalto is recognized internationally, through the SOG-IS and CCRA international agreements.

All trademarks are properties of their respective owners.