Fact-checked by Grok 2 weeks ago

Gemalto


Gemalto N.V. was a Netherlands-headquartered specializing in digital solutions, including secure personal devices such as smart cards, tokens, and e-wallets, alongside software applications and for protection, data , and .
Formed in June 2006 through the merger of Axalto and Gemplus International, Gemalto grew to employ approximately 15,000 people and generate annual revenues exceeding €3 billion by 2017, establishing itself as a leader in providing secure elements for mobile communications, payment systems, government IDs, and enterprise . In October 2018, French defense and aerospace firm announced its acquisition of Gemalto for €4.8 billion in cash, a deal completed in 2019 that integrated Gemalto's technologies into Thales' digital and portfolio to enhance capabilities in cybersecurity, IoT protection, and biometric .
Gemalto's innovations contributed to widespread adoption of cards and secure cards used by billions of devices globally, but the company drew attention in 2015 when documents leaked by , as reported by , alleged that U.S. and U.K. Government Communications Headquarters operatives had infiltrated Gemalto's networks around 2010 to extract keys from millions of cards, potentially enabling widespread mobile . Gemalto's subsequent investigation, detailed in a public statement, concluded that while remote access incidents occurred, they predated enhanced network protections, affected only unencrypted keys in development environments, and posed no material risk to deployed products, with the company affirming the ongoing integrity of its security solutions.

History

Origins: Axalto and Gemplus

Axalto originated from 's smart card division, which produced its first in within the company's Measurement and Systems Division, initially viewing the technology as a tool for tracking usage in payphones and vending machines. By the early 1980s, had licensed chip card technologies and acquired stakes in innovators like Innovatron, expanding into secure s for banking and applications, including early contactless solutions for and billing. The division rebranded as Axalto in to establish independent identity, followed by a from in , positioning it as a major player in microprocessor cards with emphasis on and systems driven by commercial demands for secure, portable data storage. Gemplus was founded in 1988 in Gémenos, , by entrepreneurs Marc Lassus, Daniel Le Gal, Philippe Maes, Jean-Pierre Gloton, and Gilles Lisimaque, starting as a supplier of microchip-embedded prepaid telephone cards amid rising demand for tamper-resistant payment alternatives in . Its breakthrough came with the first major order of one million cards from Télécom by year's end, capitalizing on the shift from magnetic stripe to chip-based systems for fraud reduction and usage tracking in public telephony. As networks proliferated in the , Gemplus pioneered cards integral to mobile authentication and billing, delivering nearly 200 million units by 2000 and expanding into payment and identification solutions fueled by the global telecom boom rather than mandates. Prior to their 2006 merger, Axalto and Gemplus competed fiercely as the top two producers, with Gemplus holding about 35% global market share and Axalto (as ) at 32% in 2000, spurring advancements like enhanced and multi-application chips to meet surging subscriptions and needs. Gemplus, in particular, reached a milestone of 500 million cards shipped and deployed by the early 2000s, capturing over one-third of the segment through innovations tailored to operator requirements for scalable, secure access. This rivalry emphasized practical enhancements in chip capacity and , reflecting market-driven evolution in digital for consumer and enterprise applications.

Merger and Initial Expansion (2006–2010)

In December 2005, Axalto Holding N.V. and Gemplus International S.A. announced a merger of equals valued at approximately €928 million, aiming to create a leading player in digital security through combined expertise in and related technologies. The transaction, structured as a share exchange, received regulatory approval from the in May 2006 following a notification in March, addressing competition concerns in the smart card sector. The merger completed on June 2, 2006, forming Gemalto N.V., headquartered in with significant operations in , and initially employing around 10,000 personnel across global facilities. This consolidation yielded projected annual synergies of €85 million by the third year, primarily from operational efficiencies, integration, and reduced redundancies in R&D and . Post-merger, Gemalto focused on integrating Axalto's strengths in and with Gemplus's dominance in SIM cards, securing contracts to supply billions of units annually to operators worldwide. Revenue for reached €1.698 billion, reflecting stable performance amid initial integration costs, with growth driven by demand in and sectors. By 2010, revenue had increased to €1.906 billion, fueled by in emerging markets where surged, alongside early investments in (NFC) technologies for secure transactions. Gemalto's initial expansion emphasized private-sector efficiencies, such as streamlined of secure elements for and solutions, enabling competitive pricing and faster entry compared to pre-merger fragmented operations. This period saw consolidation of manufacturing sites and customization centers, enhancing scalability for high-volume and chip card without compromising security standards. Early pilots, including integrations for and prototypes by 2010, positioned the company ahead in evolving contactless ecosystems, though commercial scale remained limited until later adoption.

Growth and Key Milestones (2011–2016)

Gemalto achieved steady revenue expansion from 2011 to 2016, reaching €3.13 billion in full-year sales by 2016, with fourth-quarter growth accelerating amid resilient performance in mixed market conditions. This growth reflected the company's focus on secure digital solutions, including platforms and services exceeding €1 billion in revenue for the year. By 2016, Gemalto employed over 14,000 people operating from 118 offices, alongside personalization centers and research facilities supporting global deployments. A pivotal milestone was Gemalto's leadership in chip migration for payment systems, where its expertise enabled issuers to transition from vulnerable magnetic stripe cards to chip-based authentication, reducing fraud through dynamic data generation. The company provided end-to-end solutions, including card personalization and , drawing on worldwide deployment experience to support U.S. banks and other markets during the liability shift period. This innovation directly addressed rising payment security demands, fostering market adoption without reliance on regulatory subsidies. Gemalto also advanced public sector identity solutions, with its biometric e-passport technologies enabling issuance in over 30 countries by the mid-2010s, incorporating secure chips for facial recognition and tamper-proof to streamline border controls. These deployments enhanced traveler while complying with international standards like ICAO specifications. To counter escalating cyber threats, Gemalto invested in and cloud security, acquiring in 2015 to integrate advanced and key management for enterprise data protection. In 2016, partnerships advanced biometric authentication prototypes for payments and access, combining fingerprints with smart cards for robust multi-factor . The company's platform earned the 2016 Cybersecurity Excellence Award, underscoring practical efficacy in defending against unauthorized access. These efforts stemmed from core engineering responses to vulnerabilities in traditional systems, prioritizing scalable hardware-software integration over hype-driven trends.

Android Patent Litigation

In October 2010, Gemalto NV filed a in the U.S. District Court for the Eastern District of against Inc. and Android device manufacturers HTC Corp., Inc., and Co., alleging that the Android operating system's Dalvik virtual machine and application platform infringed three of its s related to executing Java applications on resource-constrained devices by temporarily loading program instructions from off-chip memory into on-chip memory for secure processing. The asserted patents were U.S. Patent Nos. 7,127,317; 7,881,485; and 6,975,727, which Gemalto claimed covered technologies enabling smart card-like functionality in mobile environments, core to its digital security expertise. The defendants countered that Android's architecture did not meet the patents' specific claim limitations, particularly under the , arguing no infringement occurred during Java app execution on over 100 accused devices. In June 2013, the district court granted of non-infringement in favor of , , HTC, and , a ruling affirmed by the U.S. Court of Appeals for the Federal Circuit on June 19, 2014, which upheld the claim construction and found no reversible error in rejecting Gemalto's equivalence arguments. Gemalto's pursuit yielded no , , or licensing agreements from this action, contrasting with its broader strategy leveraging a exceeding 6,000 patents filed between 2009 and 2023 across security and embedded systems domains. Industry observers noted the case as emblematic of early Android ecosystem patent challenges, where non-practicing elements in Gemalto's claims faced scrutiny amid evolving standards for software patent validity post-bilski and precedents, though Gemalto maintained the suit underscored its foundational contributions to mobile secure execution without achieving empirical revenue gains from settlements. The defeat highlighted risks in aggressive enforcement against integrated platforms like , potentially impacting Gemalto's stock performance amid broader mobile patent wars, as analysts estimated foregone royalties in the tens of millions had infringement been upheld.

Acquisition by Thales (2017–2019)

In December 2017, announced an agreement to acquire Gemalto for €4.8 billion in an all-cash transaction, offering €51 per share, which represented a 57% premium over Gemalto's closing share price on December 8, 2017. This bid outmaneuvered a prior unsolicited offer from , valued at approximately €4.3 billion or €46 per share, which Gemalto had rejected as undervaluing the company; Atos subsequently withdrew its pursuit following Thales's higher proposal. The strategic rationale centered on merging Thales's expertise in , , and systems with Gemalto's capabilities in , data protection, and secure transactions to form a comprehensive provider of end-to-end solutions for an interconnected . This combination was projected to generate technological synergies across sectors like , , and , enhancing Thales's digital revenue stream by adding over €3 billion annually from Gemalto's operations while addressing vulnerabilities in critical decision chains. The deal faced extended regulatory scrutiny, requiring approvals from antitrust authorities in jurisdictions including the , , , , and , which delayed closure beyond initial expectations of mid-2018. Thales extended the share acceptance period multiple times, achieving 97% tender by March 2019, before finalizing the acquisition on April 2, 2019, after 15 months. Upon completion, Gemalto was integrated as Thales's and () division, one of seven global business units, preserving its operational focus on secure solutions without immediate reports of significant reductions. This structure positioned the enlarged entity to leverage combined strengths in hardware-secured digital ecosystems, particularly for defense-related and high-security markets.

Corporate Structure and Operations

Organizational Framework Pre-Acquisition

Gemalto operated with a dual-headquarters model, maintaining its legal headquarters in , , at Barbara Strozzilaan 382, while its primary operational center was in , , a structure inherited from the 2006 merger of Axalto (Netherlands-based) and Gemplus (France-based). This setup facilitated integrated governance through a one-tier , consisting of one (CEO Philippe Vallée) and nine non-executive directors, including Chairman Alex Mandl, which convened 11 times in 2018 to oversee strategic decisions and compliance with the Dutch Corporate Governance Code. The board's composition reflected the merged entities' expertise in digital security, ensuring balanced oversight without centralized bottlenecks. The company's internal framework divided operations into two main segments: Smartcards & Issuance, which generated €1,588 million in 2018 (53.5% of total) and encompassed secure devices such as cards for —accounting for approximately 40% of overall —and Platforms & Services (rebranded as , & Cybersecurity), contributing €1,381 million (46.5%). This segmentation emphasized hardware-secured devices alongside software platforms for , allowing specialized teams to address sector-specific demands in , payments, and . Gemalto's decentralized structure, supported by 110 offices, 35 R&D centers, and 24 facilities across more than 44 countries, enabled agile responses to diverse global challenges by localizing and efforts. The firm invested €265 million in R&D in 2018, equivalent to about 9% of its €2,969 million revenue, fostering advancements like multi-application smart cards that integrated multiple secure functions—such as , , and —on a single chip, enhancing efficiency for clients in banking and applications.

Global Presence and Workforce

Gemalto operated in approximately 47 countries, maintaining over 110 offices, 24 production sites, 47 personalization centers, and 35 centers to support its digital security operations. The company extended its reach to serve customers in more than 180 countries, enabling deployment of secure solutions across , financial, and sectors worldwide. Its manufacturing facilities were concentrated in and , with key sites including production in and semiconductor fabrication capabilities in and . The workforce peaked at around 15,000 employees prior to the acquisition by Thales, drawn from more than 120 nationalities to handle global R&D, production, and customization demands. This distributed labor force facilitated adaptations to regional regulatory environments, such as compliance with the European Union's regulation, which standardized electronic signatures and trusted services to enable legally binding digital transactions across member states.

Financial Performance and Market Position

Gemalto reported annual revenues of €3.0 billion in 2017, marking a slight decline from €3.1 billion in 2016, amid pressures from commoditizing traditional sales that constituted about one-third of its . from operations stood at €172 million for 2017, reflecting an of approximately 5.7%, down from prior years due to reduced volumes in segments and investments in higher-margin platforms and services, which reached €1 billion in revenue. By 2018, revenues dipped to €2.97 billion as the company navigated slowing growth in legacy products while expanding in solutions. In market position, Gemalto held a leading role as the world's largest producer of SIM cards, serving over 180 countries and capturing substantial share in , though facing erosion from low-cost competitors and transitions. It outperformed rivals like (now part of ) in payment card technologies, maintaining top rankings in banking and secure issuance per industry assessments, with strengths in EMV-compliant solutions amid global shift to contactless payments. However, commoditization in basic smart cards pressured margins, contrasting with growth in enterprise and government ID programs where Gemalto's differentiated it from pure providers. Gemalto's shares traded on under ticker until delisting in May 2019 following Thales' €4.8 billion acquisition at €51 per share, a valuation reflecting its strategic assets despite recent profit shortfalls and three prior warnings that highlighted vulnerabilities in cyclical markets. The deal underscored Gemalto's entrenched position in digital security, bolstering Thales' portfolio without overlapping in high-growth areas like payment hardware security modules, where combined shares remained modest at under 10% in the EEA.

Products and Services

Telecommunications Solutions

Gemalto's telecommunications solutions primarily encompassed secure identity modules for mobile network authentication, with a focus on Subscriber Identity Module (SIM) cards that stored encryption keys and user profiles to enable secure connectivity in , , and networks. These solutions evolved alongside technical standards from the , incorporating algorithms like COMP128 and Milenage to protect against unauthorized access and over-the-air () provisioning for remote updates. As a leading vendor, Gemalto supplied to major operators, contributing to global mobile subscriptions exceeding billions by integrating hardware root of trust for network integrity. The company dominated SIM card production, recognized as the world's largest provider, with deployments supporting authentication for hundreds of millions of subscribers across carriers like . In 2007, Gemalto enabled the world's largest mobile signature rollout for , leveraging SIM-based qualified electronic signatures for over 30 million users, facilitating secure telecom transactions compliant with emerging standards. For (IoT) applications, Gemalto advanced embedded SIM () technology, achieving the first GSMA security for in machine-to-machine (M2M) contexts in November 2016 and full for secure subscription management by August 2017, enabling remote provisioning under GSMA SGP.22 and SGP.32 specifications tailored for low-power IoT devices. Gemalto's SIM solutions incorporated (NFC) capabilities within the SIM for telecom-specific uses, such as mobile signatures and operator-keyed secure elements, adhering to NFC standards like SGP.11 for secure loading. These features supported mitigation by enforcing between devices and networks, with Gemalto's experts developing anti-fraud mechanisms that enhanced resistance to interception in early deployments. However, early-generation SIMs from vendors including Gemalto faced criticisms for vulnerabilities, including weak Java Card sandboxing that allowed exploitation via flawed DESFire implementations, as exposed in 2013 security research affecting millions of cards and enabling through over-the-air attacks. Subsequent upgrades, including stronger and , addressed these issues, though legacy deployments highlighted ongoing challenges in balancing with evolving threats.

Banking and Payment Security

Gemalto specialized in EMV-compliant chip cards and related infrastructure to secure banking and transactions, enabling dynamic data that resists skimming and counterfeiting compared to magnetic cards. These solutions supported the encoding of applications on microprocessors, compliant with standards from EMVCo, and were deployed by worldwide to migrate from vulnerable legacy systems. The company's instant issuance platforms, such as Dexxis, allowed banks to personalize and encode cards directly in branches using compact printers and encoders, minimizing delivery delays for new or replacement cards. For instance, implemented Gemalto's system across 1,200 issuance points in 2017, capable of producing up to 20,000 cards per month while maintaining chip security protocols. Similar deployments occurred at institutions like Cairo Bank, integrating hardware for on-demand chip encoding alongside traditional magstripe fallback. This technology reduced operational costs for banks by centralizing personalization remotely when needed, though it required robust tamper-resistant hardware to prevent local key exposure. Gemalto also advanced biometric authentication in payment cards, embedding fingerprint sensors in EMV-compliant designs that verify users locally without transmitting raw biometric data to networks, thus preserving privacy under regulations like GDPR. In 2018, the firm launched contactless biometric EMV cards, tested in pilots with partners including , where the card's sensor authenticates via a press against the chip during tap-to-pay. These cards aimed to supplant PIN entry for faster, low-fraud transactions, though adoption faced challenges from sensor durability and certification hurdles. For online and mobile banking, Gemalto's Ezio suite provided hardware tokens generating one-time passwords (OTPs) for transaction signing, with time-based algorithms limiting validity to seconds to thwart real-time . Deployed by banks for , these tokens integrated with server-side validation via the Confirm Authentication Server, authenticating millions of eBanking sessions daily and blocking attacks through challenge-response protocols. EMV migration facilitated by Gemalto's products correlated with substantial declines in card-present fraud rates—often 70-90% in mature markets like the and post-implementation—due to per-transaction cryptograms invalidating cloned data. However, this efficacy prompted fraud displacement to card-not-present channels, where remote attacks like account takeover rose as criminals exploited unchip-protected online purchases, underscoring 's limitations against non-physical vectors. Empirical data from regions with full rollout showed persistent overall fraud costs, as shifted threats evaded chip defenses entirely.

Public Sector Identity Solutions

Gemalto developed secure identity solutions for applications, focusing on electronic passports (e-passports) equipped with (PKI)-enabled chips that store biometric data and digital signatures to prevent forgery. These systems complied with (ICAO) Doc 9303 standards for machine-readable travel documents, incorporating contactless chips for verification. By 2017, Gemalto's biometric e-passport technologies had been deployed in over 30 countries, including , , and , enabling secure issuance and authentication of travel documents. The company's offerings extended to electronic national identity documents (e-IDs), driver's licenses, and related credentials, often integrating technology for in government services. For instance, Gemalto supplied integrated e-ID and e-passport solutions in , supporting enrollment, verification, and lifecycle management per ICAO best practices. In the United States, Gemalto participated in pilots for digital driver's licenses across four jurisdictions, funded by a 2016 National Institute of Standards and Technology grant, aiming to enable smartphone-based credentials compliant with federal identity standards. Healthcare cards were supported through secure platforms, though deployments emphasized tamper-resistant chips for in national systems. Despite technical advancements in PKI and biometric integration, these state-dependent systems introduced privacy risks from centralized data repositories, where a single compromise could expose millions of citizens' and personal details. includes Estonia's 2017 suspension of certificates on over 750,000 Gemalto-supplied ID cards due to cryptographic vulnerabilities in the chips, enabling potential without user knowledge; this flaw stemmed from inadequate protection of private keys during manufacturing. The subsequently sued Gemalto in 2018 for €152 million, citing failures in securing the ID infrastructure that underpinned services. Such incidents highlight causal vulnerabilities in relying on vendor-specific hardware for sovereign , where in systems—though not always publicly quantified—underscore the tension between issuance efficiency and systemic resilience.

Enterprise and Data Security

Gemalto developed solutions for and , emphasizing hardware-rooted authentication and to protect corporate networks and sensitive information. The company's Confirm Authentication Server enabled for remote access scenarios, including virtual private networks (VPNs), by verifying user identities through tokens, , or certificates before granting endpoint connections. This server supported scalable deployment across large organizations, handling millions of daily authentications while integrating with infrastructure for policy enforcement. Gemalto's hardware security modules (HSMs), bolstered by the 2015 acquisition of , provided tamper-resistant environments for cryptographic , storage, and operations. Models such as Luna HSMs facilitated secure data and decryption, essential for protecting enterprise endpoints and applications against unauthorized access. These modules aided compliance with standards like HIPAA for healthcare data safeguards and for financial reporting integrity by ensuring keys remained isolated from software vulnerabilities. Integration with platforms from vendors including and Citrix allowed HSMs to underpin workflows in and remote session environments. These offerings secured enterprise data flows by combining authentication servers with HSM-backed , reducing risks from credential compromise or key exposure in distributed systems. Deployment examples included VPN protections via Authentication integrations, which extended multi-factor controls to remote workers. Limitations arose from reliance on customer-side ; misconfigurations or inadequate policy updates could undermine protections, as efficacy hinged on organizational practices rather than the tools alone.

Partnerships and Key Clients

Telecommunications and Mobile Sector

Gemalto supplied secure SIM provisioning solutions to major mobile operators globally, supporting remote subscription management and deployments for enhanced connectivity. By October 2018, the company had implemented over 100 platforms for operators, alliances, and MVNOs, facilitating seamless activation of devices like smartwatches and vehicles. Specific deployments included Telecom's selection of Gemalto's connectivity platform in March 2018 for out-of-box services in connected cars, hosted in a GSMA-compliant . Similarly, SoftBank in partnered with Gemalto to integrate for devices, accelerating initial connectivity management. In NFC initiatives, Gemalto collaborated with operators on pilot programs for contactless services. adopted Gemalto's UpTeq Multi-tenant NFC SIMs in March 2015 for secure transport ticketing in and . TIM Brazil, alongside , launched a 2013 pilot using Gemalto's NFC SIMs and Trusted Service Management for mobile payments. in deployed Gemalto's technology in 2013 for the world's first commercial NFC-based flight boarding with , leveraging UpTeq NFC SIMs issued since March 2012. These partnerships contributed to improved roaming security, as seen in KPN Netherlands' 2010 rollout of Gemalto's real-time traffic steering solution, which dynamically routed subscribers to preferred international partners. Gemalto's early SIM release in 2019 enabled enhanced global and data privacy protections, though broader 5G operator adoption encountered delays from infrastructure and spectrum constraints.

Financial Institutions

Gemalto supplied EMV-compliant smart cards and related services to major banks worldwide, supporting migrations from magnetic stripe to technology that curtailed skimming and by rendering cloned data ineffective for . These implementations often integrated contactless and dual-interface capabilities, enhancing speed and security for financial institutions. In , Gemalto reinforced its partnership with in 2010, providing banking cards and services across multiple markets under a two-year , leveraging its global production footprint. Similarly, collaborated with and Gemalto to deploy the largest scale of contactless cards in by February 2015, enabling widespread adoption of secure payment methods in the region. In the Middle East, completed the primary phase of EMV card deployment using Gemalto's Dexxis instant issuance solution in 2012, allowing immediate card activation at branches and reducing issuance times. In India, FINO PayTech integrated Gemalto's multi-application smart cards with biometric , facilitating microbanking for over 10 million customers in rural and underbanked areas by 2017, supporting services like payments and identity verification on a single card. These customized deployments yielded measurable security improvements, with adoption linked to reduced card-present fraud in transitioned markets, as chips prevented easy data duplication at ATMs and terminals. However, the infrastructure and card upgrades associated with such migrations imposed high costs on banks and merchants—estimated at $10.5 billion for U.S. compliance by 2015—which in select markets prompted surcharges passed to consumers to offset expenses.

Government and Enterprise Examples

Gemalto secured multi-year contracts with the U.S. Government Printing Office (GPO) to supply secure components for electronic passports, including ICAO-compliant eCovers and pre-personalized chips, beginning with a 2006 award following competitive testing and extending through renewals such as the five-year deal. These implementations enhanced border security by embedding biometric data in contactless smart chips, with Gemalto's operating system for ePassports demonstrating superior processing speeds in independent industry evaluations. However, initial deployments faced delays due to policy disputes and legal challenges over chip technology standards, underscoring integration hurdles in federal initiatives. In state-level e-government applications, Gemalto extended its contract with in 2018 to bolster security features, incorporating advanced materials and for resistance, which improved efficiency in processes. Similarly, selected Gemalto in 2011 for its Coesys eGov 2.0 platform, leveraging national cards for secure in online public services, resulting in increased citizen portal usage while requiring customized adaptations to local regulatory frameworks. For enterprise deployments, Gemalto's Luna Hardware Security Modules (HSMs) integrated with Information Protection, allowing organizations to retain on-premises control of keys for hold-your-own-key (HYOK) scenarios, thereby addressing needs in regulated sectors without altering existing workflows. This setup provided gains in data protection scalability but demanded initial configuration efforts to bridge and on-premises environments. In remote access solutions, Gemalto collaborated with Citrix to embed via Protiva tokens into the Access Gateway, simplifying secure remote verification for enterprises and reducing unauthorized risks, though seamless integration necessitated joint technical alignments to minimize deployment friction.

Controversies and Security Issues

Corruption Investigations

In February 2023, judicial authorities opened an into Gemalto for suspected of foreign public officials, in an organized group, aggravated related to bribery proceeds, and criminal association, focusing on contracts for solutions in at least six African countries concluded between 2012 and 2018. The probe, handled by the judicial tribunal and the Financial Prosecutor's Office (PNF), stemmed from a 2022 report by the anti- agency AFA highlighting irregularities in Gemalto's dealings, including the use of opaque intermediaries to facilitate payments. Specific scrutiny targeted two contracts negotiated via an Israeli intermediary firm based in , which allegedly channeled funds to influence public officials in securing biometric ID and projects. The investigations examined Gemalto's practices in high-value tenders, where competitive bidding for multi-million-euro deals in emerging markets created pressures to offer inducements, though no formal admissions of wrongdoing by the company have been documented as of late 2024. Preliminary findings pointed to non-transparent commission structures and entities used to obscure payment trails, consistent with patterns in corruption where firms prioritize deal closure over compliance in jurisdictions with limited oversight. No criminal charges against individual executives have been publicly filed, and the case remains active without resolved penalties or agreements. These probes underscore vulnerabilities in the global and identity solutions industry, where reliance on local agents for contract navigation can enable improper influence peddling, driven by the causal dynamics of winner-takes-all auctions in state-controlled markets rather than isolated ethical lapses. Prior to its acquisition by Thales, Gemalto maintained programs, but the investigations revealed gaps in third-party intermediaries, a common risk factor in cross-border deals exceeding hundreds of millions in value. No U.S. FCPA actions or equivalent international fines were imposed on Gemalto itself during the , distinguishing these European-led inquiries from parallel enforcement trends in other sectors.

SIM Card Encryption Vulnerabilities

In the early , SIM cards produced by Gemalto, like those from other manufacturers, commonly employed the COMP128-1 authentication algorithm for networks, which relied on a compressed version of the for generating session keys and authenticating subscribers via the secret key. This algorithm exhibited significant cryptographic weaknesses, including a reduced effective key space due to internal collisions, allowing attackers to recover the 128-bit with as few as 2 to 8 over-the-air challenge-response queries using differential cryptanalysis. Researchers demonstrated practical of from physical cards in 1998 and remote vulnerabilities by 2013, potentially affecting billions of devices worldwide, though Gemalto-specific implementations varied in resilience based on tweaks. Allegations of bulk SIM key theft surfaced in February 2015 via documents leaked by and published by , detailing how the NSA and compromised Gemalto's networks around 2010–2011 to intercept keys for an estimated two billion cards across multiple countries. The , codenamed "AURORAGOLD" by the NSA, involved employee laptops and remote during to target production data, enabling potential bypass of cellular for without relying solely on SS7 flaws, which allow location tracking and but require network-level . Documents indicated successful acquisition of keys from Gemalto and other vendors like Sysmocom, though the exact volume for Gemalto remains unquantified in public records. Gemalto's internal investigation, announced on February 25, 2015, confirmed unauthorized access to certain office and networks in locations including , , and between 2010 and 2011, attributing it likely to actors based on intrusion patterns, but asserted no evidence of widespread key compromise due to air-gapped production systems and per-country practices. The company emphasized that many operators using Gemalto deployed custom algorithms beyond standard COMP128, enhancing security against bulk theft, and downplayed long-term risks given the migration to / networks with stronger AKA protocols like MILENAGE based on AES-128. Critics, including security analysts, questioned the investigation's scope, arguing that even partial key access could facilitate targeted attacks or persistent tracking, while inherent COMP128 flaws represented a broader failure predating state hacks. In response, Gemalto accelerated SIM upgrades, promoting proprietary and standardized alternatives such as COMP128-2/3 variants with improved resistance to known attacks and full AES-based suites for newer networks, which require substantially more computational effort for key recovery—often infeasible over the air without physical access. By 2015, these enhancements were integrated into contracts with major operators, mitigating vulnerabilities for active subscribers, though legacy SIMs remained exploitable in regions with delayed phase-outs. The incidents underscored causal dependencies in supply-chain security, where manufacturer breaches amplify protocol weaknesses, prompting industry-wide audits but no verified mass re-keying events.

Smart Card Weaknesses and Breaches

In October 2017, security researchers disclosed the ROCA (Return of Coppersmith's Attack) , stemming from flaws in ' RSA key generation software used in numerous , including models produced by Gemalto. The defect arose from a deterministic generation method optimized for computational efficiency on embedded hardware, which produced moduli with exploitable mathematical structures, allowing attackers to factor public keys and recover corresponding private keys with modest resources—such as a few hours on a standard workstation for 512-bit keys or days for larger ones up to 2048 bits. This affected an estimated tens of millions of certificates and keys across various vendors, as powered a significant portion of the market; Gemalto, a major producer of Java Card-based authentication and PKI cards, incorporated these in products like the IDPrime .NET series. The enabled practical attacks such as digital identities or electronic signatures on affected cards, as private recovery bypassed the protections of Java Card applets designed to secure cryptographic operations. Independent analysis provided reasonable evidence that Gemalto's IDPrime .NET cards systematically generated weak RSA keys due to reliance on the vulnerable Infineon libraries, without additional mitigations like validation for non-. Although not limited to 2^{16} distinct weak keys, the flaw reduced effective strength dramatically, akin to brute-forcing a space far smaller than advertised bit lengths, with attackers exploiting the predictable bias in prime factors rather than full . Patches were issued by Infineon in the form of updated cryptographic libraries and for newer chips, while Gemalto recommended rotation, reissuance, and migration to patched for affected deployments. Nonetheless, systems in banking, government ID, and enterprise —where card replacement is logistically challenging—retain exposure, as unrotated keys from pre-2017 production remain factorable. Critics argued that the incident exemplified flawed design priorities in engineering, where resource constraints favored rapid, deterministic over robust sources, compromising causal assumptions in high-stakes environments. Regulated sectors' dependence on proprietary implementations, often certified under schemes like EAL4+ or EAL5+, failed to prevent deployment of such weaknesses, as evaluations emphasized compliance over adversarial of vendor-specific algorithms. This overreliance exposed systemic risks, prompting calls for open, auditable standards and hardware-agnostic randomness testing in Java Card platforms to mitigate and hidden trade-offs between performance and resilience.

Alleged State-Sponsored Attacks

In February 2015, documents leaked by and published by indicated that the (NSA) and the United Kingdom's Government Communications Headquarters (GCHQ) had conducted operations against Gemalto around 2010–2011 to intercept subscriber identity module ( keys. These keys, embedded in SIM cards used by billions of mobile devices worldwide, enable the and of cellular communications, potentially allowing decryption if compromised. The agencies reportedly targeted Gemalto employees in countries including , , and the by exploiting unprotected networks such as hotel and internet cafes to install on personal devices like laptops and smartphones. Gemalto's subsequent internal investigation, announced on February 25, 2015, confirmed evidence of unauthorized access to its office networks during the 2010–2011 timeframe, attributing the intrusions to sophisticated actors consistent with GCHQ and NSA tactics. However, the company concluded that these breaches did not extend to its production environments, where SIM encryption keys are generated and stored in air-gapped, highly secure facilities isolated from corporate IT systems. Gemalto emphasized that intercepted keys, if any, would have been limited to those exchanged with mobile operators during testing phases rather than final production keys deployed in consumer SIM cards. No evidence emerged of widespread key theft enabling mass surveillance, though the firm enhanced its security protocols, including employee device monitoring and network segmentation, in response. The episode underscored the asymmetric capabilities of state intelligence agencies against private-sector cybersecurity defenses, revealing how targeted remote hacks on peripheral systems could probe for high-value cryptographic assets. While the allegations relied on classified documents whose full context remains unverifiable, Gemalto's findings aligned with practices segregating sensitive from general networks, mitigating risks of total compromise. This incident prompted broader discussions on the resilience of commercial providers to nation-state threats, without altering verified assessments of integrity at scale.

Legacy and Post-Acquisition Impact

Integration into Thales

Following the acquisition's completion on April 2, 2019, Gemalto's operations were integrated into Thales, forming the (DIS) division, which merged Gemalto's digital security portfolio with Thales's complementary activities in defence and security digital solutions. This structure retained Gemalto's core in areas such as smart cards, , and , alongside the majority of its approximately 15,000 employees, to maintain technological expertise and operational continuity. The merger targeted operational synergies, with cost savings projected to reach a €120 million annual run-rate by 2022 through efficiencies in , IT, and overheads, while revenue synergies were estimated at €300 million to €500 million cumulatively by 2023 via and joint innovations. Gemalto's secure technologies were extended into Thales's defence domain, enabling applications in (UAV) authentication, surveillance data protection, military (IoT) devices, and secure rail signalling systems. By June 2019, Thales reported the integration proceeding in line with expectations, updating its full-year objectives for the segment to include 0% to 2% organic sales growth and €240 million to €260 million in EBIT, reflecting stable performance amid the operational merger. No significant disruptions were disclosed in official updates, with the process emphasizing alignment to Group standards without noted cultural or structural conflicts.

Continued Technological Influence

Following its 2019 acquisition by Thales, Gemalto's technologies have persisted in Thales' offerings for network authentication, where tamper-proof and profiles ensure encrypted connectivity and automatic network slicing for optimal performance. Thales' solutions, rooted in Gemalto's world-first deployment, continue to support global roaming and data privacy enhancements amid widespread adoption by October 2025. In payment systems, Gemalto-derived biometric authentication persists through Thales' EMV-compliant cards featuring integrated sensors, enabling contactless transactions without PIN entry for registered users. These cards, updated as of September 2025, maintain with legacy EMV infrastructure while prioritizing on-card biometric matching to minimize data transmission risks. Gemalto's influence extends to digital identity deployments, including Thales' contributions to EU initiatives for secure e-IDs via the European Digital Identity Wallet, targeted for full rollout by 2026 to over 448 million citizens. Thales' wallet solutions leverage Gemalto-originated for offline credential storage and selective , supporting privacy-preserving in government services. The 2025 Thales Data Threat Report underscores persistent risks from AI-driven attacks on assets, with nearly 70% of organizations citing generative ecosystems as primary vulnerabilities—a where Thales' inherited Gemalto tools provide foundational defenses against decryption threats. This report, released May 20, 2025, highlights the ongoing relevance of these technologies in addressing fast-evolving threats, though into Thales' broader has sustained market leadership in secure communications without evidence of accelerated standalone post-acquisition.

Broader Industry Ramifications

Gemalto's technologies facilitated the secure deployment of smart cards and SIM cards underpinning billions of mobile subscriptions and payment transactions worldwide, with the company producing over 15 billion secure elements by 2019. Its contributions to EMV chip standards enabled migration from magnetic stripe cards to chip-and-PIN systems in multiple regions, including Europe and emerging markets like Angola, where Gemalto's solutions supported national debit card rollouts. This scaling reduced counterfeit and skimming fraud in adopting markets; for instance, EMV-compliant chip cards decreased card-present fraud rates by up to 80% in the UK post-2005 rollout, a model Gemalto helped implement globally through its anti-fraud cryptography expertise. Despite these advances, empirical data indicates that while physical card fraud declined, threats shifted to card-not-present (CNP) channels, with global CNP fraud losses exceeding $28 billion annually by , underscoring incomplete threat mitigation in centralized models. Gemalto's in secure elements influenced ongoing standards like contactless , yet vulnerabilities in —such as those affecting SIM —revealed systemic risks in relying on concentrated providers for . These exposures prompted industry reevaluation of trust architectures, highlighting causal vulnerabilities where compromise at the vendor level could cascade to millions of end-user devices without redundant safeguards. The net ramifications underscore the trade-offs in centralized digital : Gemalto accelerated volumes to trillions annually while embedding algorithms into global infrastructure, but incidents demonstrated the fragility of single-vendor , fueling for distributed mechanisms to distribute risk and enhance against state-level or threats. This legacy informs causal in , prioritizing empirical validation of defenses over assumed progress, as displacement rather than elimination remains evident in post-EMV data.

References

  1. [1]
    https://www.cardlogix.com/product-tag/gemalto/
  2. [2]
    Thales and Gemalto create a world leader in digital security
    Dec 17, 2017 · With over 23,000 engineers and researchers, Thales has a unique capability to design and deploy equipment, systems and services to meet the most ...Missing: products | Show results with:products
  3. [3]
    Gemalto History: Founding, Timeline, and Milestones - Zippia
    Gemalto was formed in 2006 as a result of a merger between two companies, Axalto and Gemplus. 2008. In 2008, Gemalto, the world leader in digital security, ...
  4. [4]
    Gemalto 2025 Company Profile: Valuation, Investors, Acquisition
    Gemalto Overview · Year Founded. 1986. Year Founded · Status. Acquired/​Merged · Employees. 15,000. Employees · Latest Deal Type. M&A · Financing Rounds. 7 ...
  5. [5]
    Gemalto - Ping Identity Support
    Gemalto is the global leader in digital security, with 2017 annual revenues of €3 billion and customers in over 180 countries.
  6. [6]
    Thales' €4.8 billion Acquisition of Gemalto - MergerSight
    Apr 16, 2018 · Thales and Gemalto announced that they had reached an agreement on an all-cash offer from Thales to acquire all Gemalto shares at €51 - a €4.8 billion ...Missing: history | Show results with:history
  7. [7]
    Thales Acquires Gemalto: $5.6 Billion Cybersecurity, IoT Buyout
    Dec 17, 2017 · Thales is acquiring Gemalto for US$5.6 billion (4.8 billion Euro) in cash, the two companies confirmed on Sunday.
  8. [8]
    The Great SIM Heist: How Spies Stole the Keys to the ... - The Intercept
    Feb 19, 2015 · American and British spies hacked into the internal computer network of the largest manufacturer of SIM cards in the world.Missing: notable achievements controversies
  9. [9]
    Gemalto presents the findings of its investigations into the alleged ...
    Feb 25, 2015 · Gemalto presents the findings of its investigations into the alleged hacking of SIM card encryption keys by Britain's Government Communications ...Missing: achievements controversies
  10. [10]
    Gemalto: Our SIM cards are secure despite alleged hack - CNET
    Feb 23, 2015 · Gemalto's SIM cards for mobile phones are secure despite purported hacks by US and UK spy agencies, the company announced Monday.Missing: achievements | Show results with:achievements
  11. [11]
    Smart Cards - Development
    Schlumberger entered the smart card market in 1979 with the purchase of a 34% stake in the company Innovatron.Missing: division | Show results with:division
  12. [12]
    Schlumberger renames smart-card unit - Washington Technology
    Sep 22, 2003 · By Joab Jackson. | September 22, 2003. The smart-card division of Schlumberger Ltd., New York, has changed its name to Axalto.
  13. [13]
    History of Gemplus International S.A. – FundingUniverse
    Gemplus found its first customer by the end of 1988, when France Telecom placed an order for one million microchip-embedded telephone cards. The use of the ...
  14. [14]
    Gemplus and Microsoft Announce Cooperation On Windows ...
    Feb 2, 2000 · Since its creation in 1988, Gemplus has designed, manufactured and delivered close to 200 million SIM cards to GSM operators worldwide.
  15. [15]
    Gemplus and Schlumberger increase dominance - ScienceDirect.com
    Jun 1, 2001 · Abstract. Gemplus achieved a 35% market share in 2000 and Schlumberger accounted for 32%, while both gained market share during the year. ...Missing: early | Show results with:early
  16. [16]
    Gemplus Sells 500M SIM Cards - Light Reading
    Gemplus marks milestone with 500M SIM cards sold and deployed across the globe; over one-third of SIM cards currently deployed are from Gemplus.Missing: 2000s | Show results with:2000s
  17. [17]
    Gemplus gains market share in 2002 and confirms leadership ...
    Apr 30, 2003 · Despite the highly competitive environment, Gemplus has actually gained market share over the past year from 30.4% in 2001 to 32% in 2002.”.
  18. [18]
    Leading smart-card firms in €928 million merger
    Dec 8, 2005 · Gemplus shareholders will swap 25 of their Gemplus shares for two shares in Axalto, based in Montrouge, France. Before the swap, set to be ...Missing: pre- | Show results with:pre-
  19. [19]
    [PDF] AXALTO / GEMPLUS REGULATION (EC) No 139/2004 MERGER ...
    May 19, 2006 · Innovation represents a key driver for competition among the most important card manufacturers. For instance, their SIM cards customers (that is ...
  20. [20]
    Axalto and Gemplus complete their merger - EE Times
    First announced in December 2005, this merger represents the “creation of a new world leader in digital security, with 2005 pro forma revenues of approximately ...
  21. [21]
    Smart card giants Gemplus and Axalto to merge - ScienceDirect
    Gemplus International and Axalto, the two largest smart card players in the world, have signalled their intention to merge, creating a new powerhouse in the ...Missing: pre- competition
  22. [22]
    [PDF] Second Quarter 2006 Revenue: $368 million
    Feb 1, 2007 · Full year revenue1 at €1,698 million, comparable with last year. • Fourth quarter revenue at € 461 million, 2% below same period last year1:.Missing: 2010 | Show results with:2010
  23. [23]
    [PDF] Gemalto Annual Report 2011 - 404
    1 Adjusted financial information. Revenue. +6%. (2010: €1,906m). €2,015m.
  24. [24]
    World's First: Gemalto Integrates DESFire Transport Card into NFC ...
    Feb 15, 2010 · This innovation will enable commuters to use their NFC (Near Field Communication) mobile phone as an e-ticket, as simply as any other ...Missing: expansion 2006-2010
  25. [25]
    Gemalto full year 2016 results | Thales Group
    Mar 3, 2017 · Gemalto announces its results for the full year 2016. Full-year revenue of €3.13 billion with acceleration in fourth-quarter revenue growth.
  26. [26]
    Gemalto full year 2016 results - GlobeNewswire
    Mar 2, 2017 · Full year revenue of €3.13 billion with an acceleration in fourth quarter revenue growth; Platforms & Services revenue exceeded €1 billion, ...Missing: 2011 | Show results with:2011
  27. [27]
    Gemalto Wins 2016 Cybersecurity Excellence Award for Best Multi ...
    25 may 2016 · Our 14,000+ employees operate out of 118 offices, 45 personalization and data centers, and 27 research and software development centers ...
  28. [28]
    Gemalto accelerates EMV launch time for card issuers in the U.S.
    Oct 2, 2014 · ... migration to chip technology. Customers benefit from Gemalto`s experience as the leader in EMV chip deployments worldwide as cited by the ...
  29. [29]
    Gemalto provides U.S. banks with a strategy for “EMV and Beyond”
    Nov 5, 2015 · Gemalto, the world leader in digital security ... EMV deployments makes Gemalto an experienced partner now and beyond the EMV migration.
  30. [30]
    https://www.securetechalliance.org/gemalto-enables-biometric-passports-in-over-30-different-countries/
  31. [31]
    [PDF] CASE M.8797 THALES/ GEMALTO MERGER PROCEDURE ...
    Dec 11, 2018 · Gemalto was formed in 2006 as a result of the combination of Axalto Holding N.V. ... 3998, Commission decision of 19 May 19 2006, Axalto/Gemplus.
  32. [32]
    Gemalto, Fingerprint Cards, Precise Biometrics, and ST to ...
    Feb 21, 2016 · This new proof-of-concept replaces conventional username/password authentication for applications such as payment, eTicketing, digital access ...Missing: cloud 2011-2016
  33. [33]
    Gemalto Wins 2016 Cybersecurity Excellence Award for Best Multi ...
    May 25, 2016 · Gemalto Wins 2016 Cybersecurity Excellence Award for Best Multi-Factor Authentication Solution · Type Press release · Published 25 May 2016.
  34. [34]
    Gemalto files Android patent lawsuit in U.S. | Reuters
    Oct 25, 2010 · PARIS, Oct 25 (Reuters) - Chipmaker Gemalto said on Monday it filed a patent infringement lawsuit against Google , and handset makers Motorola , ...
  35. [35]
    Gemalto Files Patent Infringement Suit Versus Google - Bloomberg
    Oct 24, 2010 · Gemalto NV filed a patent infringement lawsuit versus Google Inc., HTC, Motorola Inc. and Samsung concerning the Android operating system.
  36. [36]
    Digital security company Gemalto loses patent fight against Android
    Jun 20, 2014 · A panel of three judges on the nation's top patent court have ruled that Android phones don't infringe on three patents owned by French digital ...
  37. [37]
    [PDF] COMPLAINT FOR PATENT INFRINGEMENT against Exedea, Inc ...
    Plaintiff Gemalto is the owner of the '317, '485, and '727 patents and has the right to prevent others from making, having made, using, offering for sale or ...Missing: NFC | Show results with:NFC
  38. [38]
    June 2013: Summary Judgment Victory for Google, Motorola ...
    Gemalto claimed that each of defendants' Android devices (there were over 100 accused) infringed its patents and sought damages and an injunction. The first ...<|separator|>
  39. [39]
    GEMALTO v. HTC CORPORATION HTC LLC LLC (2014) | FindLaw
    Jun 19, 2014 · On appeal, Gemalto challenges the district court's claim construction and its grant of summary judgment of non-infringement under the doctrine ...
  40. [40]
    US court rejects Gemalto's Android patent lawsuit - Reuters
    Jun 20, 2014 · Gemalto NV, the French digital security company, said on Friday that the U.S. Court of Appeals for the Federal Circuit rejected its patent ...
  41. [41]
    Fed. Circ. Won't Revive Gemalto Android Patent Fight - Law360
    The Federal Circuit on Thursday shot down digital security company Gemalto SA's bid to revive its computer programming patent suit against Google Inc., ...
  42. [42]
    gemalto | report | Howmanypatents.com
    How many patents does gemalto have - Gemalto has 6326 patents for the period 2009 - 2023. There are 1349 patent families with 1623 granted patents and 4703 ...Missing: size | Show results with:size
  43. [43]
    Android patent war hurts Gemalto - Financial Times
    Aug 31, 2011 · The Paris-based company launched a suit against Google, Motorola, HTC and Samsung last October, alledging that they had used Gemalto's smartcard ...Missing: outcomes | Show results with:outcomes
  44. [44]
    US court rejects Gemalto's Android patent lawsuit - Yahoo Finance
    Jun 20, 2014 · US court rejects Gemalto's Android patent lawsuit ... Samsung and HTC, alleging that their Android applications infringed on its patents.
  45. [45]
    U.S. court rejects Gemalto's Android patent lawsuit | Reuters
    Jun 20, 2014 · "We had estimated that if Gemalto had won the case the company could have been entitled to either a one-off payment in damages, or higher ...
  46. [46]
    Thales and Gemalto create a world leader in digital - GlobeNewswire
    Dec 17, 2017 · By acquiring a global leader in trusted identities and data security, Thales adds over €3bn of revenue to its digital business sales and ...Missing: details | Show results with:details
  47. [47]
    Thales agrees to buy Gemalto in digital security deal worth ~$5.43BN
    Dec 17, 2017 · The unanimously board approved all-cash offer represents a premium of 57% over the closing price of Gemalto stock as of 8 December 2017. In a ...Missing: date | Show results with:date<|separator|>
  48. [48]
    Thales agrees 4.8 billion euro Gemalto takeover, Atos throws in towel
    Dec 18, 2017 · Aerospace and defence group Thales <TCFP.PA> has agreed to buy chipmaker Gemalto <GTO.AS> for 4.8 billion euros (4.23 billion pounds) ...Missing: details | Show results with:details
  49. [49]
    Thales acquires Gemalto for $5.6 billion to advance digital security
    Dec 19, 2017 · Thales outbidding Atos for Gemalto was somewhat unexpected. Both companies were attracted to Gemalto's security products, which helps safeguard ...
  50. [50]
    Thales Outflanks Atos With Surprise $5.6 Billion Gemalto Bid
    Dec 18, 2017 · Both company boards approve offer of 51 euros a share · Atos says it won't pursue own offer for Gemalto after Thales.Missing: outbids | Show results with:outbids
  51. [51]
    [PDF] Thales and Gemalto create a world leader in digital security
    Dec 18, 2017 · Thales and Gemalto create a world leader in digital security - 4. ·Compelling strategic rationale for Thales. Accelerating Thales's digital ...
  52. [52]
    Thales Completes Acquisition Of Gemalto To Become A Global ...
    Apr 2, 2019 · Completed in 15 months, the acquisition of Gemalto by Thales for €4.8 billion creates a Group on a new scale and a global leader in digital ...Missing: details 2017-2019
  53. [53]
    As previously announced, Thales further extends the acceptance ...
    Thales and Gemalto are seeking Regulatory Clearances from the competent antitrust authorities in Australia, in China, for the European Union, in Israel, in ...
  54. [54]
    Success of Thales offer for Gemalto shares
    Mar 29, 2019 · GEMALTO SHAREHOLDERS CAN VOLUNTARILY TRANSFER THEIR SHARES TO THALES BEFORE 4 OCTOBER 2019 · GEMALTO SHARES WILL BE DELISTED ON 29 MAY 2019 · 97% ...
  55. [55]
    Gemalto now known as Thales Digital Identity and Security with ...
    Apr 2, 2019 · Thales has completed the €4.8 billion acquisition of Gemalto, forming a global security giant to offer biometrics and other digital identity ...
  56. [56]
    [PDF] Gemalto 2018 Annual Report - Bnains.org
    Feb 13, 2019 · Gemalto Annual Report 2018 published February 14,. 2019. For more information visit our website www.gemalto.com. Statutory financial statements ...
  57. [57]
    Santander, MasterCard and Gemalto achieve largest deployment of ...
    Feb 11, 2015 · The multi-application card allows students - who are also, optionally, Santander's customers - to access their bank accounts and make low-value ...
  58. [58]
    What is Gemalto? Company Culture, Mission, Values | Glassdoor
    Rating 3.7 (1,238) Our 15,000 employees operate out of 114 offices, 40 personalization and data centers, and 35 research and software development centers located in 47 countries.
  59. [59]
    GEMALTO - ITC JSC
    The company was founded in June 2006 through the merger of Axalto and Gemplus International. ... The company has approximately 15,000 employees across 110 offices ...<|control11|><|separator|>
  60. [60]
    Gemalto Full Year 2018 Results | Financial Post
    Feb 13, 2019 · Gemalto posted revenue of €2,969 million for the full year, increasing by +3% at constant exchange rates and stable at historical exchange rates ...
  61. [61]
    Gemalto to Expand Operations in Singapore
    Nov 2, 2006 · Located at Ayer Rajah Crescent, Gemalto's Singapore facilities include smart card manufacturing, R & D and Sales and Marketing for the region.Missing: France | Show results with:France
  62. [62]
    [PDF] Gemalto Annual Report 2017 - Bnains.org
    Mar 2, 2018 · United States of America, Singapore, France, Germany, UK, Canada and in the United Arab Emirates. The group audit team visited locations in ...
  63. [63]
    GEMALTO (A Thales Company) - Passionate About OSS
    GEMALTO (A Thales Company) ; Company Size (approx.) 81,000 people ; Year Established (Founded). 2006 (via merger of Axalto and Gemplus) ; Location of Head Office.
  64. [64]
    Gemalto enables trust service providers to roll out eIDAS compliant ...
    Nov 24, 2016 · The new regulation sets a common standard for Trusted Services, including electronic signatures, and provides a basis for end-to-end electronic ...
  65. [65]
    Gemalto enables trust service providers to roll out eIDAS compliant ...
    New solution makes cross-border electronic identification, signing and transactions easier and safer. Amsterdam, November 24, 2016 - Gemalto (Euronext ...
  66. [66]
    Gemalto Full Year 2017 Results - Business Wire India
    Gemalto (Euronext NL0000400653 GTO) is the global leader in digital security, with 2017 annual revenues of €3 billion and customers in over 180 countries.
  67. [67]
    Gemalto Full Year 2017 Results - ANSA.it
    Revenue at €3 billion with Platforms & Services at €1 billion; Second semester revenue up +1% year-on-year at constant exchange rates; Profit From Operations ( ...
  68. [68]
    Gemalto Full Year 2017 Results - elEconomista.es
    Profit from operations, 85.7, 8.0%, 171.5, 14.6%, (6.6 ppt). The Mobile segment annual revenue came in at €1,078 million, (7%) lower year-on-year at constant ...
  69. [69]
    Gemalto - Wikipedia
    It was formed in June 2006 by the merger of two companies, Axalto and Gemplus International. Gemalto N.V.'s revenue in 2018 was €2.969 billion. Gemalto N.V. ...History · Structure · Telecommunications · Banking & Payment
  70. [70]
    Thales to buy Gemalto | Electronics Weekly
    Dec 18, 2017 · Gemalto is the world's largest producer of SIM cards which account for a third of its business. Gemalto has given three profits warnings in ...
  71. [71]
    Gemalto Maintains its Top Ranking in ABI Research's Payment ...
    May 29, 2015 · Oberthur Technologies and Morpho occupy the second and third spots, respectively. The payment and banking card technologies competitive ...
  72. [72]
    https://live.euronext.com/en/product/equities/NL0000400653-XAMS
  73. [73]
    GEMALTO | NL0000400653 | Euronext exchange Live quotes
    GEMALTO ; High, 51.25, [12:34] ; Low, 51.15, [12:36] ; Threshold, 52.70 0.0001 ; Previous Close. 51.25, [27/05/2019].
  74. [74]
    Gemalto announces world's first GSMA security accreditation for ...
    Nov 2, 2016 · Gemalto announces world's first GSMA security accreditation for eSIM ... standards of protection for sensitive data in M2M and IoT applications.
  75. [75]
    Turkcell Selects Gemalto for World's Largest Mobile Signature Rollout
    Apr 2, 2007 · SIM-enabled qualified electronic signatures to potentially benefit more than 30 million subscribers. Amsterdam, The Netherlands, April 2, ...
  76. [76]
    Gemalto Announces World's First GSMA Security Accreditation for ...
    Nov 2, 2016 · Gemalto Announces World's First GSMA Security Accreditation for eSIM ... standards of protection for sensitive data in M2M and IoT applications.
  77. [77]
    Gemalto first in the world to be fully-certified by the GSMA for secure ...
    Aug 3, 2017 · Gemalto first in the world to be fully-certified by the GSMA for secure eSIM subscription management.
  78. [78]
    SIM Cards Have Finally Been Hacked, And The Flaw Could ... - Forbes
    Jul 21, 2013 · Nohl says broken Java sandboxing is a shortcoming of leading SIM card vendors like Gemalto and Oberthur. Riscure's Van Woudenberg agrees ...Missing: criticisms | Show results with:criticisms
  79. [79]
    [PDF] Gemalto: the world leader in digital security - Bnains.org
    Mar 20, 2008 · Gemalto's internationally renowned team of security and cryptography experts leads the way in the design and implementation of new anti-fraud ...Missing: controversies | Show results with:controversies<|control11|><|separator|>
  80. [80]
    Thales cards: Payment Solutions, EMV, Biometrics, Security
    Sep 16, 2025 · Thales provides secure, customisable card personalisation solutions for issuers, with high-quality printing, embossing and encoding. Our ...
  81. [81]
    Gemalto Offers U.S. Banks Seamless EMV Migration with Instant ...
    Dexxis instant issuance allows banks to immediately issue and activate initial and replacement cards directly at the physical bank branch location, rather than ...
  82. [82]
    Al Rajhi Bank deploys Gemalto's instant EMV card issuance solution ...
    Jan 30, 2017 · The instant issuance system is now deployed in 1,200 points of issuance in the bank's branches and responsible for issuing up to 20,000 cards ...
  83. [83]
    [PDF] Cairo AmmanBank builds on instant issuance of cards with Gemalto ...
    Cairo Amman Bank uses Gemalto and Evolis's instant issuance solution, including software, hardware, and training, for immediate card use, with 105 printers ...
  84. [84]
    Gemalto launches Dexxis EMV instant issuance card service for US ...
    Gemalto's Dexxis EMV instant issuance offering performs smart card chip encoding in addition to magstripe encoding and plastic printing or embossing.<|separator|>
  85. [85]
    Gemalto launches the first biometric EMV card for contactless ...
    Jan 4, 2018 · Gemalto's biometric sensor payment card is based on the principle that biometric data should always remain in the hands of end users. Bank of ...
  86. [86]
    EMV Biometric Card for payment with Fingerprint Sensor
    Discover Thales Gemalto ultimate biometric payment card with a built-in fingerprint sensor. Enjoy secure, seamless payments with EMV technology.Missing: Barclays pilot
  87. [87]
    Gemalto spotlights banking authentication - SecureIDNews
    Nov 9, 2012 · Gemalto showcased its extended range of Ezio tokens for eBanking authentication and transaction signing at Cartes 2012.Missing: phishing reduction<|separator|>
  88. [88]
    [PDF] Thales Gemalto Confirm Authentication Server
    The Gemalto Confirm Authentication Server is the natural starting point of any eBanking security set-up. Highly customisable, it allows banks to combine ...
  89. [89]
    [PDF] Thales Gemalto OTP
    Time-based OTPs have a configurable validity duration (8 seconds to 48 hours) to prevent real-time phishing frauds while accommodating the constraints of.Missing: eBanking | Show results with:eBanking
  90. [90]
    How Successful is EMV at Reducing Fraud? - Wimsett & Company
    While in most countries EMV technology has helped reduce fraud in face-to-face transactions, the implementation of EMV technology has led to an increase in card ...
  91. [91]
    Card-Not-Present Fraud Rates in the United States After the ...
    May 21, 2025 · The insignificant increase in the card-not-present fraud rate immediately after EMV migration in the United States may partly reflect fraudsters ...Missing: impact | Show results with:impact
  92. [92]
    EMV and Its Double-Edged Impact on Fraud - FICO
    Jun 5, 2014 · In the end, EMV adoption will no doubt have a positive impact on the US fraud landscape. It will also plug the biggest remaining hole in other ...
  93. [93]
    Gemalto enables biometric passports in over 30 countries
    Sep 7, 2017 · Gemalto enables biometric passports in over 30 countries ... ​​Amsterdam, September 7 2017 - Gemalto, the world leader in digital security, ...
  94. [94]
    Gemalto ePassports ranked #1 for speed - Thales Group
    Sealys ePassport Embedded Software is the latest generation of Gemalto's ICAO-compliant operating system. It meets the exacting standards of the Common ...
  95. [95]
    Norway chooses Gemalto's fully integrated solution for eID and ...
    The solution has been designed to comply with ICAO1 best practices related to enrollment, document verification, identity proofing and lifecycle management.
  96. [96]
    Gemalto Wins U.S. Government Grant for Digital Driver's
    Nov 14, 2016 · Gemalto received a government grant to support these jurisdictions to pilot the development of a smartphone-based credential, and will implement ...<|separator|>
  97. [97]
    Gemalto Smart ID Card Approved for U.S. Government Deployment
    Apr 13, 2007 · Gemalto's credential makes it easier for federal agencies and departments to move to the new Personal Identity Verification (PIV) cards required ...Missing: IDs | Show results with:IDs
  98. [98]
    Estonia Blocks Electronic ID Cards Over Identity-Theft Risk
    Nov 3, 2017 · Cyber-savvy Estonia said on Thursday it would suspend security certificates for up to 760,000 state-issued electronic ID-cards with faulty chips ...<|control11|><|separator|>
  99. [99]
    Estonia sues Gemalto for 152 mln euros over ID card flaws | Reuters
    Sep 27, 2018 · Estonian police are seeking to recover 152 million euros ($178 mln) in a lawsuit filed on Thursday against digital security firm Gemalto.
  100. [100]
    Estonia sues Gemalto for 152M euros over flaws in citizen ID cards ...
    Sep 30, 2018 · According to Estonia's Police and Border Guard Board (PPA), Gemalto failed to protect private keys with card's chip exposing the government IDs ...
  101. [101]
    Authentication server for online banking - Thales
    The Gemalto Con​​​firm Authentication Server authenticates millions of online banking and e-commerce users daily, authorizes remote access and internet ...Missing: Telecom | Show results with:Telecom
  102. [102]
    Hardware Security Modules (HSMs) - Thales
    Enterprises buy hardware security modules to protect transactions, identities, and applications, as HSMs excel at securing cryptographic keys and provisioning ...Luna Network HSM · Luna USB HSM · Luna PCIe HSM · Hybrid Luna HSM
  103. [103]
    [PDF] HIPAA Compliance Checklist - Thales Trusted Cyber Technologies
    This document outlines specific HIPAA regulations and illustrates how SafeNet Assured Technologies solutions can address these specific requirements. In the ...
  104. [104]
    [PDF] SafeNet Authentication Client - Integration Guide - Thales
    In the following section we will describe how to configure Citrix Netscaler Access Gateway version 12 to support. PKI authentication using Safenet ...Missing: Confirm | Show results with:Confirm
  105. [105]
    [PDF] check point + gemalto - secure remote access
    Aug 16, 2017 · Check Point Remote Access VPN provides users with secure, seamless access to corporate networks and resources when traveling or working remotely ...
  106. [106]
    Thales Luna Network Hardware Security Modules (HSMs)
    Thales Luna HSMs are high-assurance, tamper-resistant, network-attached appliances that store, protect, and manage cryptographic keys in hardware.
  107. [107]
    Gemalto celebrates 100 eSIM solutions - Thales Group
    Oct 24, 2018 · Gemalto has deployed more than 100 eSIM remote subscription management platforms to mobile operators, operator alliances, MVNOs, car ...
  108. [108]
    Korea Telecom selects Gemalto to deliver out-of-box connectivity for ...
    Mar 6, 2018 · Gemalto hosts and maintains the IOT connectivity solution in its certified data center. It is compliant with the GSMA Remote SIM Provisioning ...
  109. [109]
    Gemalto accelerates IoT adoption and innovation in Japan - Secure ...
    Under the collaboration, Gemalto will supply its Remote SIM Provisioning platform, allowing SoftBank to remotely manage initial connectivity and ...<|separator|>
  110. [110]
    China Telecom selects Gemalto to deploy mobile NFC transport in ...
    Mar 24, 2015 · Gemalto announces that China Telecom has selected its UpTeq Multi-tenant NFC SIMs to deploy secure NFC transport services in Shanghai and ...Missing: expansion 2006-2010<|separator|>
  111. [111]
    Gemalto, Banco Itaú and TIM Launch Brazil's First Pilot Program for ...
    Feb 22, 2013 · Gemalto's UpTeq NFC SIM cards and Allynis Trusted Service Management platform enable mobile contactless payments for TIM Itaucard.
  112. [112]
    KDDI using Gemalto TSM in the world's first commercial NFC-based ...
    Feb 26, 2013 · In addition, Gemalto has been delivering its UpTeq NFC high end SIM to KDDI since March 2012. Launched in October 2012, the service will enable ...Missing: pilots | Show results with:pilots
  113. [113]
    KPN Netherlands Deploys Gemalto Real-Time Steering of Roaming ...
    Feb 15, 2010 · Gemalto's real time traffic steering solution enables KPN Netherlands to dynamically connect subscribers to its preferred partners through a ...
  114. [114]
    Gemalto first in the world to make 5G SIM available to unleash the ...
    Feb 21, 2019 · The new 5G SIM provides improved data privacy, enhanced protection against hacking and seamless 5G global roaming. 21 February 2019.
  115. [115]
    5G Deployment Delays: What's Slowing Expansion? - PatentPC
    Oct 3, 2025 · Find out what's causing 5G deployment delays, from spectrum issues to infrastructure challenges and policy roadblocks.
  116. [116]
    Card Fraud: The Case for Chips - BankInfoSecurity
    "European gangs [are] going to the U.S. because of the success of EMV implementation in Europe and other parts of the world in reducing skimming-related losses, ...
  117. [117]
    Gemalto Bringing Contactless EMV Cards To The US - PYMNTS.com
    Gemalto, the digital security company, announced Wednesday (Nov. 16) it is bringing contactless EMV cards to the U.S. market.
  118. [118]
    Gemalto and BNP Paribas Reinforce their Global Partnership
    Feb 2, 2010 · The contract will involve the supply of EMV banking cards and personalization services for a two-year period. Gemalto's global footprint is a ...
  119. [119]
    Santander, MasterCard and Gemalto achieve largest deployment of ...
    Feb 11, 2015 · Santander, MasterCard and Gemalto achieve largest deployment of contactless EMV cards in South America ...Missing: partnerships | Show results with:partnerships
  120. [120]
    Gemalto: Al Rajhi Bank deploys EMV cards solution
    Feb 8, 2012 · Saudi Arabia-based Al Rajhi Bank has completed the main deployment phase of Gemaltos Dexxis Instant Issuance programme for immediate EMV ...
  121. [121]
    10 Mn Indian FINO Customers Use Micro-Banking Apps On Gemalto ...
    Feb 2, 2017 · “FINO's goal is to make financial services available to everyone in the country, especially in rural areas. Gemalto's 'one-card-does-all' ...
  122. [122]
    As Canada's payment cards go to EMV, will fraud migration push ...
    Mar 15, 2007 · “Our decision to commit to EMV migration is in providing for long-term security. EMV reflects the best long term solution to skimming fraud.” He ...<|separator|>
  123. [123]
    EMV at 10 - Digital Transactions
    Oct 1, 2025 · Reducing fraud, especially in the United States, was a key initiative for the card networks in 2015, as fraud was migrating to the country from ...
  124. [124]
    U.S. Government Printing Office Awards Multi-Year Contract to ...
    U.S. Government Printing Office Awards Multi-Year Contract to Gemalto for ePassport Solution. Will deliver ICAO compliant electronic eCovers and secure pre ...
  125. [125]
    Infineon Tech, Gemalto Inc. win contracts for e-passports
    Aug 8, 2006 · The contracts follow months of testing, policy disputes and legal wrangling over the use of contactless smart chips to embed biometric and ...
  126. [126]
    Alaska extends contract with Gemalto to enhance driver's license ...
    Oct 31, 2018 · Alaska extends contract with Gemalto to enhance driver's license security. Alaska extends contract with Gemalto to enhance driver's license ...
  127. [127]
    Qatar picks Gemalto for eGovernment security - TradeArabia
    Jul 5, 2011 · Using Qatari citizens' national eID card as a strong authentication token, Gemalto's Coesys eGov 2.0 solution will boost usage of the ...
  128. [128]
    Gemalto's HSM enables Microsoft Azure Information Protection ...
    Mar 21, 2017 · The SafeNet Luna HSM integration with the Azure Information Protection's HYOK feature requires no change to the user experience or deployments.Missing: authentication | Show results with:authentication
  129. [129]
    Gemalto Adds Strong Identity Protection to Citrix Access Gateway
    Dec 11, 2007 · Citrix and Gemalto have collaborated to ensure that Protiva solutions easily integrate with Citrix Access Gateway to add multi-factor user ...
  130. [130]
    https://www.biometricupdate.com/202302/france-probes-thales-subsidiary-over-past-id-deals-in-africa
  131. [131]
    France probes Thales subsidiary over past ID deals in Africa
    Feb 14, 2023 · ... Gemalto was involved in corruption, aggravated money laundering and criminal association, notes Mediapart. The publication says it has ...Missing: Asia | Show results with:Asia
  132. [132]
    Red Flag Bulletin | March 2023 - S-RM
    Mar 2, 2023 · ... Gemalto NV, is under judicial investigation for alleged bribery and corruption in its African operations. Preliminary investigations ...Missing: fines | Show results with:fines
  133. [133]
    [PDF] Complaint : U.S. v. Thales S.A. and Gemalto N.V.
    Feb 28, 2019 · Thales intends to acquire all of the outstanding ordinary shares of Gemalto for approximately $5.64 billion. Thales and Gemalto are the ...Missing: achievements controversies
  134. [134]
    On cellular encryption – A Few Thoughts on Cryptographic ...
    to the point where you can clone a user's SIM key in as few as 8 queries. Bad ...
  135. [135]
    Two Billion Gemalto SIM Card Theft is a Huge Problem - Kaspersky
    Feb 27, 2015 · New allegations against the NSA claim the group hacked into the network of the world's largest SIM card provider, stealing encryption keys ...Missing: achievements | Show results with:achievements
  136. [136]
    ROCA vulnerability impact on Gemalto IDPrime .NET smart cards
    Oct 20, 2017 · We have reasonable grounds to believe that all Gemalto IDPrime .NET smart cards generate weak RSA keys vulnerable to the recently published ROCA ...<|separator|>
  137. [137]
    US and UK accused of hacking Sim card firm to steal codes - BBC
    Feb 20, 2015 · US and British intelligence agencies hacked into a major manufacturer of Sim cards in order to steal codes that facilitate eavesdropping on mobiles.Missing: cloning | Show results with:cloning
  138. [138]
    Sim card database hack gave US and UK spies access to billions of ...
    Feb 19, 2015 · GCHQ operatives singled out key individuals within Gemalto and then hacked their private accounts. One Gemalto employee in Thailand was ...
  139. [139]
    Gemalto Confirms It Was Hacked But Insists the NSA Didn't ... - WIRED
    Feb 25, 2015 · Gemalto also said that the hacking operations of the NSA and GCHQ, as described by The Intercept, were aimed at intercepting encryption keys ...
  140. [140]
    Gemalto Doesn't Know What It Doesn't Know - The Intercept
    Feb 25, 2015 · After the brief investigation, Gemalto now says that the NSA and GCHQ operations in 2010-2011 would not allow the intelligence agencies to spy ...
  141. [141]
    Sim card firm links GCHQ and NSA to hack attacks - BBC News
    Feb 25, 2015 · Gemalto denies that billions of Sim cards could have been compromised by the attacks. The Dutch Sim card maker at the centre of NSA-GCHQ ...Missing: cloning | Show results with:cloning
  142. [142]
    2019 Capital Markets Day: Thales sets out its action plan following ...
    Oct 3, 2019 · The integration of Gemalto delivers a major acceleration of Thales's digital strategy. It enhances the differentiation of the Group's business ...Missing: rationale | Show results with:rationale
  143. [143]
    Thales details plans for integrating Gemalto biometrics and digital ...
    Oct 4, 2019 · The integration of Gemalto into Thales “Digital Identity and Security” (DIS) will result in average organic sales growth of four percent to six percent between ...Missing: post- | Show results with:post-
  144. [144]
    Thales updates its 2019 financial objectives following the integration ...
    Jun 13, 2019 · Thales published today the update of its 2019 financial objectives following the integration of Gemalto, completed on 1st April 2019, ...
  145. [145]
    https://www.thalesgroup.com/en/solutions-catalogue/enterprise/mobile-communications/sim-esim-and-secure-elements
  146. [146]
    SIM, eSIM and Secure Elements - Thales Group
    A 5G SIM is a tamper-proof secure element, representing the only solution to secure 5G networks effectively. Explore Thales solutions.
  147. [147]
    EU Digital Identity Wallet: Secure ID for All by 2026 - Thales Group
    Sep 30, 2024 · The EU plans to launch a secure digital identity wallet for all citizens by 2026, enhancing privacy, security, and interoperability for ...
  148. [148]
    Thales Digital Identity Solutions: Empowering citizens with secure ...
    Our Digital ID Wallet empowers citizens to securely store, manage and share ID credentials from multiple sources for a wide range of use cases, both offline and ...Our Solutions · Onboarding: Thales Id... · Related Solutions
  149. [149]
    2025 Thales Data Threat Report Reveals Nearly 70% of ...
    May 20, 2025 · 2025 Thales Data Threat Report Reveals Nearly 70% of Organizations Identify AI's Fast-Moving Ecosystem as Top GenAI-Related Security Risk.
  150. [150]
    2025 Thales Data Threat Report
    The 2025 report continues to examine internal vulnerabilities, external threats and their impacts on enterprise assets.In The Era Of Ai, Data Takes... · Key Findings · Application Security...
  151. [151]
    Gemalto provides U.S. banks with a strategy for “EMV and Beyond”
    Nov 5, 2015 · Gemalto, the world leader in digital security, launches a comprehensive online resource covering key considerations banks will face ...
  152. [152]
    Angola embraces EMV card payments with PURE solution
    Mar 5, 2018 · Angola's payment processor EMIS is migrating its debit payment cards to 'Chip and PIN' based on Gemalto's technology.
  153. [153]
    Gemalto outlines the security benefits of move to EMV chip cards for ...
    Feb 2, 2015 · Gemalto (Euronext NL0000400653), the world leader in digital security ... Drawing on its extensive experience with global EMV deployments ...
  154. [154]
    Gemalto Protects Banks and Card Issuers against Card-Not-Present ...
    Oct 14, 2015 · Gemalto Protects Banks and Card Issuers against Card-Not-Present Fraud with Next Generation Payment Security Solution. Posted on October 14 ...
  155. [155]
    [PDF] Technologies for Payment Fraud Prevention: EMV, Encryption and ...
    While the core EMV specification is over 20 years old, it is continuously updated to counter new security threats and provides a proven global platform for ...
  156. [156]
    [PDF] GLOBAL DEVELOPMENT TRENDS IN PAYMENT CARD INDUSTRY
    Oct 24, 2024 · The main reasons for introducing chip payment cards were security enhancements (fraud prevention) and the possibilities for additional ...<|separator|>