Campus ID News
Card, mobile credential, payment and security
smartcard os

What happened to the smart card OS battle?

Once hotly contested, the operating system debate has cooled

CampusIDNews Staff   ||   Oct 03, 2011  ||   ,

Coke vs. Pepsi. Windows vs. Mac. Visa vs. MasterCard.

These well-known rivalries are good for consumers because they create healthy competition. For many years, this seemed to be the case for smart card operating systems. The debate and battle was quite heated, but today, there's little talk about the smart card OS. What happened the OS war?

In order to know why the smart card operating system was a hot topic, you need to look at its evolution. The smart card operating system took off in the '90s when the memory card underwent a transition. The memory card, a product of the '80s transformed when it became feasible to add microprocessors to cards, explains Jean-Louis Carrara, vice president of system development at Gemalto North America.

The addition of a microprocessor necessitated an operating system. In the early stages, the OS came from the card's manufacturer. Each manufacturer had its own proprietary operating system and at times a manufacturer had a different OS for its different card types.

This meant that applications had to be written for the specific card on which it would ultimately be used. For the most part, this resulted in both cards and applications being purchased from the same vendor. This worked out great for vendors but made it difficult for the end issuers.

"In the late '90s smart cards were controlled by manufacturers who developed native operating systems," says Anna Fernezian, principle leader and subject matter expert at CSC. "The native operating system made a lot of sense. It constrained the buyer to get cards from some specific suppliers."

The constraints on these operating systems extended to application development as each had to written specifically for a single, predetermined OS. "There was no development on the fly," says Fernezian, "it was nothing like today's applications."

As smart card capacity grew, issuers wanted to do more with their cards without waiting on suppliers for application development. A standardized OS was needed.

Two main operating systems emerged to fill the gap: Sun's Java Card, and MULTOS, an OS developed for the banking community. Then in the late '90s, Microsoft jumped into the smart card operating system market with great fanfare surrounding its Smart Card for Windows OS.

The competitive landscape looked very much like the bankcard wars as Visa aligned with the Java Card and MasterCard backed MULTOS. "Smart Card for Windows was a Johnny come lately, a ‘me too' operating system," says Fernezian.

"As a developer, you prefer having fewer operating systems," says Fernezian. Having to know fewer OS's means development of applications becomes easier in terms of structure, commands and responses. "Where am I going to get the biggest bang for my time?" says Fernezian. "You develop to the operating system that's most widely used."

Over time, Java Card emerged as the system preferred by developers. By 2003 it was clearly the leading OS with 220 million units shipped versus just 8.3 million for MULTOS, according to Frost & Sullivan.

The key to Java Card's victory was its simplicity, familiarity and portability. Developers knew Java, explains Carrara, and the Java Card applet was portable and could be loaded onto different systems.

Java Card's simple structure also made it more acceptable to an industry where technology changes need to get to the market quickly. "Java Card makes time to market much simpler and faster," says Fernezian. "(Applications) could be delivered in months instead of years."

MULTOS' predominant use has been in Asia-Pacific and Brazil. "(MULTOS is) an operating system ahead of its time," says Fernezian, due to PKI being inherent in its development. "It's more complicated than Java Card, and that scared people away," she adds.

"The MULTOS organization has realized there's complexity and has tried to simplify in the last five years or so, but Java Card has such a long lead and a huge development community that it's hard to get (suppliers and vendors) to buy into it now," says Fernezian.

As for Microsoft, it became an also-ran. "Since there wasn't a lot of progress, Microsoft seemed to lose interest," says Fernezian.

Java Card go-to OS for U.S. government

When the federal government's FIPS 201 specification was first written there was much discussion around smart card operating systems. MULTOS, Java and a file-based system were all discussed.

Early on, many were concerned that NIST would ignore the Defense Department's investment in the Java Card environment and create a specification that was purely for a file system based card.

FIPS 201 ended up being operating system agnostic, though implementations have all been based on the Java Card OS. There were MULTOS-approved systems when FIPS 201 first came out but agencies have exclusively deployed Java Card, says Neville Pattinson, vice president of government affairs at Gemalto.

To date U.S. government agencies have issued more than 4.8 million credentials running the Java Card OS.

The aftermath

The smart card OS war of the ‘90's has turned into a more or less peaceful competition. Developers and manufacturers have been able to answer the security, performance and interoperability issues that were so important when the industry took off. "The challenges and the interoperability has been addressed," says Carrara.

The industry has matured to a point where it can focus on usability and applications rather than the underlying platforms. "The operating system has become a commodity," says Fernezian. "It is so standardized and readily available that they're not interested in it anymore."



MULTOS history and timeline

1993 National Westminster Bank or NatWest (UK) develops MULTOS to support the Mondex stored value e-purse scheme

2001 MasterCard International assumes control of Mondex and MULTOS

2006 StepNexus is formed by Hitachi, Keycorp and MasterCard take over control and development of MULTOS

2008 Keycorp (Australia) acquires StepNexus and MULTOS

2008 Gemalto acquires Keycorp's smart card business including MULTOS and forms Multos International to manage system

Subscribe to our weekly newsletter


May 26, 23 / ,

Penn State adds mobile ordering to campus app

Penn State has added a mobile ordering feature to its comprehensive campus mobile app, Penn State Go. The Penn State Eats Mobile function is available for use by students on the flagship University Park campus, as well as across the university's Commonwealth Campuses.
May 26, 23 / ,

NAU leverages delivery robots to support late-night dining

Northern Arizona is leveraging Starship delivery robots and the mobile ordering app in a clever way to prop up late night dining, and putting a twist on the ghost kitchen concept. The university has launched its Hole in the Wall dining window that now serves either pickup or robot delivery for students by offering a number of dining concepts all from a single, concession-style window.
May 25, 23 / ,

HID's Technology Partner Program helps companies develop mobile solutions

Trusted identity solutions provider, HID Global, has announced its HID Origo Technology Partner Program, the company’s first program dedicated to partners with a focus on mobile technologies. The Origo Technology Partner Program is designed to help technology partners by providing the ideal platform for organizations to design, test, and market products that integrate with HID Origo via APIs and SDKs.
CIDN logo reversed
The only publication dedicated to the use of campus cards, mobile credentials, identity and security technology in the education market. CampusIDNews – formerly CR80News – has served more than 6,500 subscribers for more than two decades.

Join us, @NACCUorg, and @TouchNet to explore how campus card programs can successfully navigate the sales and procurement process. Join the webinar on June 6, 2 pm EDT.

Webinar: Learn how the University of Arizona uses campus cards, mobile ordering, kiosks, lockers, and robots to revolutionize campus dining. April 7, 2-2:30 EDT. Register Now at

Load More...
CampusIDNews is published by AVISIAN Publishing
315 E. Georgia St.
Tallahassee, FL 32301[email protected]
Use our contact form to submit tips, corrections, or questions to our team.
©2023 CampusIDNews. All rights reserved.