Digital Tachograph Workshop on Tachograph Cards issuing INFRA Speaker: Anne Worth

Digital Tachograph – General Overview on Card Issuing Which are the key activities on issuing the card ?  Appointing the actors and their responsibilities  Identifying the different types of card holders  Setting up the national legislation  Delivering the tachograph smartcard

Digital Tachograph – Actors & Responsibilities Who are the actors involved ?  AETR Member Country Authority  AETR Member Country Certification Authority  Card Issuing Authority  Card Personaliser

Digital Tachograph – Actors & Responsibilities What are the responsibilities of the AETR Member Country Authority ?  Appointing the AETR Member Country Certification Authority and the Card Issuing Authority  Tendering for the Card Personaliser  Auditing the above parties (they could be third party external contractors)  Stating the National Certification Authority Policy  Submitting the National Certification Authority Policy to European Root Certification Authority (ERCA) for approval  Getting card’s Type Approval  Organizing information campaigns

Digital Tachograph – Actors & Responsibilities What are the obligations of the AETR Member Country Certification Authority ?  Generating the national key pairs (key generation ceremony)  Submitting the above public keys for certification to ERCA (root signing ceremony)  Issuing the digital certificates upon requests from the Card Personaliser  Managing the lifecycle of the keys and certificates  Maintaining the security of the keys and certificates  Conforming to the National Certification Authority Policy

What are the responsibilities of the Card Issuing Authority ?  Providing application forms and instructions to the card holders  Using an Information System to process the applications and store the data  Issuing the cards for the approved applications  Distributing the cards to the card holders  Keeping track of the cards’ status  Ensuring the continuity of the cards issuing process  Following the National Certification Authority Policy Digital Tachograph – Actors & Responsibilities

What are the obligations of the Card Manufacturer ?  Producing the polycarbonate card  Ensuring security features embedded in the card body  embedding a chip with required software in the card Which are the obligations of the Card Personaliser ?  Receiving the cards’ data  Printing out the data  Inserting the data in the card memory  Inserting keys and certificates to the card  Following the National Certification Authority Policy

Digital Tachograph – Card Holders Which are the different types of cards ?  Driver card the driver must have only one valid driver card  Workshop card operates with a PIN  Company card  Control card  Multiple cards ownership: only under special circumstances workshop card – company card driver card - workshop card

Digital Tachograph – Legislation Which are the aspects that national legislation should consider ?  Accreditation of digital tachographs workshops and technicians  Terms and conditions regarding the use of cards  Terms and conditions regarding the applications  Nomination of official control bodies  Personal data protection

Digital Tachograph – Delivering the card Let’s put the different parts together to deliver the card Card Personaliser AETR Member Country Authority AETR Member Country Certification Authority Card Issuing Authority ERCA Card Uniqueness Card Holder Type Approval (data exchange) (responsibility)