Alauda P38 Lightning Applet is a program on the Mobile User’s SIM/UICC card that is at the core of the signature process of Mobile ID. Alauda P38 is currently the only WPKI Client Applet on the market whose source code is available for licensing. This enables completely adaptable integration and auditing as well as disables vendor locking; alterations don’t need to go through Methics. Alauda P38 Applet follows the Alauda WPKI Client specification. More information on the specification can be found here.
In order to enable the User to sign incoming requests, Alauda P38 generates a public/private key pair on the User’s SIM/UICC card. The public key is sent to the User’s HomeMSSP, while the private key stays on the card. When the key pair has been bound to the User’s identity, the User can use Alauda P38 to sign requests with their PIN-protected private key, and the HomeMSSP can verify the signatures with the User’s public key.
For more information, see Alauda P38 Fact Sheet