Once enabled, a MULTOS device is under the full and unique control of the organisation issuing the device.
- Applications can only be added to and removed from such an enabled device when a matching certificate is presented to the device at the time of application loading or deleting.
- These load and delete certificates are requested by the issuer and generated by the Key Management Authority.
- The load and delete certificates not only give total control to the issuer but also guarantee authenticity and integrity of applications on the device.
A more detailed explanation can be found in the Technical Library documentation, especially the GLDA document.