Java Card Applet Development

We take this opportunity to expand our AmbiSecure offering with custom Java Card Applet development as a service. We provide our customers with different kind of loyalty solutions, ID and club cards based on the Java Card OS.

Over the years, we created a number of JavaCard applets, implementing different security algorithms and industry standards for application based on secure channels, complex authentications powered by strong cryptography, wide range of ID cards including the PIV and FIDO Web Authentication applets etc.

Java Card Technology

The Java Card specifications enable Java technology to run on smart cards and other devices with limited memory. To simplify the material, the focus in this document is on the smart card. A smart card is identical in size to a typical credit card that stores and processes information through the electronic circuits embedded in silicon in the plastic substrate of the card. There are two basic types of smart cards: memory and intelligent. A memory card stores data locally, but does not contain a CPU for performing computations on that data. An intelligent (smart) card includes a microprocessor and can perform calculations on locally-stored data. There are several unique benefits of the Java Card technology in these smart cards, such as:

  • Platform Independent — Java Card applets that comply with the Java Card API specification will run on cards developed using the Java Card Application Environment (JCAE), allowing developers to use the same Java Card applet to run on different vendors’ cards.
  • Multi-Application Capable — Multiple applications can run on a single card. In the Java programming language, the inherent design around small, downloadable code elements makes it easy to securely run multiple applications on a single card.
  • Post-Issuance of Applications — The installation of applications, after the card has been issued, provides card issuers with the ability to dynamically respond to their customer’s changing needs.
  • Flexible — The object-oriented methodology of the Java Card technology provides flexibility in programming smart cards.
  • Compatible with Existing Smart Card Standards — The Java Card API is compatible with formal standards, such as, ISO7816, and industry-specific standards.

Custom JavaCard Applets Development



Depending to your requirements we use one of the following JavaCard development environments:

  • Eclipse with JCOP Tools
  • JavaCardOS Development Kit
  • Oracle Java Card Development Kit

Industry Standards

The applets we develop are based on many leading industry standards and specifications, some of which are listed below:

  • JavaCard 3.0, GlobalPlatform 2.3, Java Card OpenPlatform (JCOP) 3.1
  • PIV Card: NIST SP800-73-3 PART1-4…
  • GSM: ETSI GSM11.11, 3GPP TS 31.102, TS 31.121…
  • Web Authentication: FIDO U2F, FIDO2 CTAP, W3C WebAuthN

Services & products

Solutions To Order

We develop a wide range of custom JavaCard/JCOP applets implementing different smart card classes, and we can offer you the following solutions:

  • Compiled CAP files
  • JavaCard applet source code

Custom JavaCard Applets

We provide the full cycle of custom JavaCard / JCOP applets development, including:

  • Understanding your goals and requirements
  • Working with functional specifications and industry standards
  • Making the solution design
  • Developing the JavaCard applet(s) and testing GUI utility
  • Providing the quality assurance testing (QA)
  • Creating the smart card functional specification and the solution Setup utility
  • Providing the post-implementation ongoing support

Security Algorithms


To make our customers solutions secure we implement a wide range of security algorithms, some of which are listed below:

  • Secure Channels/Messaging
  • Secure Access Modules (SAM cards)
  • Multi-factor Authentications
  • Applet Countermeasures
  • Applet code and data integrity checks


In our applets we implement a wide range of strong cryptography algorithms, some of which are listed below:

  • Encryption: RSA, ECC, DES/3DES, AES, RC6…
  • Hash and Digest: MD5, SHA-1, SHA-2, HMAC…
  • Digital Signatures: RSA, ECDSA

Reach out to us with a simple click of a button:

Reach out to us