Version 2020-4 ® TOV, TUEV and TUV are registered trademarks. Any use or application requires prior approval. Certificate Standard Certificate number Certificate holder Developer Product and assurance level Project number Evaluation facility © Common Criteria Recognition Arrangement for components up to EALZ and ALC_FLR.3 SOGIS Mutual Recognition ‘Agreement for components up to EAL and ALC_FLR.3 Validity Accredited by the Dutch Council for Accreditation www.tuv.com/nl Common Criteria for Information Technology Security Evaluation (CC), Version 3.1 Revision 5 Parts 1, 2 & 3 (ISO/IEC 15408-1, ISO/IEC 15408-2 & ISO/IEC 15408-3) CC-20-0229284 TUV Rheinland Nederland B.V. certifies: NXP Semiconductors Germany GmbH Troplowitzstrasse 20, 22529 Hamburg, Germany cv cryptovision GmbH Munscheidstr. 14, 45886 Gelsenkirchen, Germany NXP eDoc Suite v3.5 on JCOP4 P71 - cryptovision ePasslet Suite — Java Card applet configuration providing Machine- Readable Electronic Documents based on BSI TR-03110 for Official Use with BAC option Assurance Package: = EAL 4 augmented with ALC_DVS.2 Protection Profile Conformance: = Common Criteria Protection Profile Machine Readable Travel Document with “ICAO Application”, Basic Access Control, version 1.10, registered under the reference BSI-CC-PP-0055-2009. 0229284 Brightsight BV located in Delft, the Netherlands Applying the Common Methodology for Information Technology Security Evaluation (CEM), Version 3.1 Revision 5 (ISO/IEC 18045) The IT product identified in this certificate has been evaluated at an accredited and licensed/approved evaluation facility using the Common Methodology for IT Security Evaluation version 3.1 Revision 5 for conformance to the Common Criteria for IT Security Evaluation version 3.1 Revision 5. This certificate applies only to the specific version and release of the product in its evaluated configuration and in conjunction with the complete certification report. The evaluation has been conducted in accordance with the provisions of the Netherlands scheme for certification in the area of IT security [NSCIB] and the conclusions of the evaluation facility in the evaluation technical report are consistent with the evidence adduced. This certificate is not an endorsement of the IT product by TÜV Rheinland Nederland B.V. or by other organisation that recognises or gives effect to this certificate, and no warranty of the IT product by TÜV Rheinland Nederland B.V. or by any other organisation that recognises or gives effect to this certificate, is either expressed or implied. Date of 1° issue : 18-12-2020 Certificate expiry : 18-12-2025 A R.L. Kruit, LFM Systems TÜV Rheinland Nederland B.V. Westervoortsedijk 73, 6827 AV Arnhem P.O. Box 2220, NL-6802 CE Arnhem The Netherlands TUVRheinland® Precisely Right.