JCOP Smart Card Lifecycle — GlobalPlatform Compliant
Apr 14th 2025
Overview
JCOP smart cards follow the GlobalPlatform specification and pass through several lifecycle states during their production and usage. Understanding these states is critical for developers, integrators, and issuers to manage applets, keys, and secure access.
Card Lifecycle States
| State Code | State Name | Description |
|---|---|---|
| SECURED | Secured | Default state after manufacturing; protected but not yet personalized. |
| INITIALIZED | Initialized | Formatted and ready for personalization. |
| OP_READY | Operational Ready | Personalization complete; card is ready for applet installation. |
| OP_SECURED | Operational Secured | Secure Channel authentication complete; card is fully manageable. |
| CARD_LOCKED | Card Locked | Card has been locked due to repeated authentication failures. |
| TERMINATED | Terminated | Card is permanently disabled and cannot be used again. |
Common Operations by State
| Operation | Required Card State |
|---|---|
| Install Applets | OP_READY or OP_SECURED |
| Delete Applets | OP_SECURED |
| Modify ATR or EEPROM Parameters | SECURED, OP_READY, or OP_SECURED |
| Update GlobalPlatform Keys | OP_SECURED |
| Lock the Card | CARD_LOCKED (triggered automatically) |
| Terminate the Card | TERMINATED |
Lifecycle Flow (Simplified)
+------------------+
| SECURED |
+------------------+
|
v
+------------------+
| INITIALIZED |
+------------------+
|
v
+------------------+
| OP_READY |
+------------------+
|
+-------------------------+
| Secure Channel (SCP) |
+-------------------------+
|
v
+------------------+
| OP_SECURED |
+------------------+
|
v
+------------------+
| TERMINATED |
+------------------+
^
|
+------------------+
| CARD_LOCKED |
+------------------+
Security Recommendations
- Always use SCP02 or SCP03 for authenticated administrative operations.
- Ensure cards do not remain in the
INITIALIZEDstate in production.
- Note: The
TERMINATEDstate is irreversible in most card operating systems.
Conclusion
NXP JCOP cards provide flexible, secure lifecycle management fully compliant with GlobalPlatform. Their ability to allow secure post-personalization operations—such as ATR modification, applet installation, and key updates—makes them ideal for developers, testers, and secure environments across banking, telecom, identity, and access control sectors.