JavaCard

JavaCard

JavaCard is a technology that enables Java-based applications (applets) to run securely on smart cards and other Secure Elements. Originally developed by Schlumberger and now maintained by Oracle, JavaCard provides a portable, multi-application platform where applets from different providers can coexist on a single card, isolated from each other by the JavaCard firewall.

JavaCard Architecture

The JavaCard stack runs on top of the smart card hardware:

The JCRE provides a subset of the Java language — no floating point, no garbage collection, no threads, no dynamic class loading — optimized for the constrained resources of a smart card (typically 4 KB RAM, 128-512 KB ROM, 32-256 KB EEPROM).

Applet Lifecycle

JavaCard applets are managed through GlobalPlatform commands:

1. Install: The applet CAP file (Converted APplet) is loaded onto the card via a secure channel (SCP03) and instantiated with a unique AID
2. Select: A reader sends a SELECT APDU with the applet's AID to make it the active application
3. Process: The applet receives command APDUs and returns response APDUs through its process() method
4. Deselect: When another applet is selected, the current applet's deselect() method is called
5. Delete: GlobalPlatform DELETE command removes the applet and reclaims storage

JavaCard Versions

JavaCard vs MULTOS

JavaCard and MULTOS are the two major multi-application smart card platforms. JavaCard dominates the market with 90%+ share due to its Java-based tooling, wider vendor support (NXP JCOP, Infineon SLE, Thales IDPrime), and GlobalPlatform management layer. MULTOS offers higher security certification (EAL 7) and a simpler execution model but is limited to a smaller vendor ecosystem.