MK Smart, Aventra gain high-assurance certifications for digital identity markets

Vietnamese smart card and identity security firm MK Smart has achieved Common Criteria EAL5+ certification for its MK Lotus GovID IMDa chip operating system. The certification was confirmed by the Spanish National Cryptologic Centre and recognized under the SOG‑IS agreement.

Common Criteria EAL5+ is one of the highest assurance levels used for systems handling sensitive identity and biometric data. It requires products to demonstrate resistance to sophisticated attacks and prove that their security architecture is rigorously designed and verified.

MK Smart’s certified configuration focuses on Extended Access Control (EAC) with PACE, a combination widely used in ePassports and national digital ID schemes. The evaluation report confirms the product’s compliance with these requirements.

The certification focuses on the company’s Lotus OS‑based chip operating system, which manages data storage, access control and execution of security mechanisms.

MK Smart says full ownership of the OS stack allows it to meet stringent lifecycle‑security requirements while reducing reliance on foreign technology platforms.

Aventra becomes the only Nordic smart card provider with EAL4+ certification

Finnish identity security provider Aventra has announced that its MyEID PKI smart card has obtained Common Criteria EAL4+ certification. This makes it the only Nordic company currently holding this level for smart card products.

The certification validates the security of the card, its production processes and its facilities, ensuring that vulnerabilities have been eliminated through independent testing.

Aventra’s MyEID card supports a wide range of PKI‑based authentication uses, which includes workstation login, VPN access and remote IoT‑device management. The company highlights rising cyber risks as a driver of demand for certified, high assurance identity solutions.

Industry partners say the certification strengthens Aventra’s position in the European digital identity ecosystem, particularly as eIDAS‑compliant solutions become essential for cross‑border public service access and legally binding digital signatures.

“Concern is increasing about preserving the integrity of key systems, as well as protecting access to critical information and physical premises,” says Jan Sjöblom, CEO and founder of Aventra. “The certification we have now achieved provides our customers across critical industries with the assurance that their most sensitive data is protected by a globally recognized solution.”

Article Topics

Aventra  |  biometrics  |  certification  |  Common Criteria  |  Finland  |  identity document  |  identity security  |  MK Smart  |  PKI  |  smart card  |  Vietnam