Presentation
Ticket TAP
Campus Nova NFC Container
Campus Nova
NFC trial with Credit Agricole and mobile payment at the student cafeteria in SophiaAntipolis
Ticket TAP
mobile is digital, targeted and personal
VS.
50% reduction for girl students at the star light Dance Club Come & see us: Get 10% off ladies bags until tomorrow
Present
Future
Partners
Objectives
NFC services
Available devices
Objectives (2)
NFC for developers Dev kits Reading/Writing tags APDU JSR 257 & 177 Java Card PC/SC readers JSR-268 Midlet SCWS Demo and Examples Conclusion
Mobiquity
One of the major added value for NFC is the security of third party applications provided by the SIM card.
Google Android
ATAWAD
Google is going from web to mobile. This means you can now create a contact or an entry in your calendar from your mobile and data is automatically replicated not on the SIM but on Google servers (trust and private life is another debate). ATAWAD = Any Time, Any Where, Any Device They start from the needs without necessarily innovate. They did not create the search engine, they just improved it. In 5 years well probably say: "they didnt create the mobile, theyve just improved it."
Needs of NFC ?
NFC strenghts
Handset manufacturers Nokia, Apple, ... must agree with MNOs Orange, SFR, ...
PART 1
RFID
RFID : Radio Frequency Identification RFID Tags: Store and retrieve data (with a distant reader) History : radar technology, cow identification (year 1970). Use case examples: road taxes, trace books in libraires, access card, shops (Wall-Mart). RFID tags types
RFID Frequencies
125-135KHz
13.56MHz
UHF
GHz
Round corners
Through most things No radiation problem No reflection problem Cheaper electronics
1m max range
Doesnt work through metal and fluids
Long range
High data rate Smallest
CONVEYANCES, VEHICLES, LIBRARY, LAUNDRY, ITEM LEVEL TAGGING, BANKNOTES, ERROR PREVENTION, SECURE ACCESS, AIRPORT BAGGAGE
Can communicate with objects Magnetic field induction Contactless technology based on RFID 13,56MHz NFC is standardized ECMA-340 and ISO/IEC 18092 Backward compatibility with ISO14443 and SmartCard
Millions of readers Easy to use
Contactless Cards
FELICA (sony) encryption key generated dynamicaly at each auth. Topaz Tag Innovision MIFARE Standard:
512bits UL (no security) used for tickets Other formats : 1K (768 Bytes data), 4K The 16bits random of MIFARE has been hacked
MIFARE DESFire preprogrammed card Example: Oyster Card in London Gemalto: Mifare 4 Mobile Contactless Java Card
NFC
NFC allows a device to read and write a contactless card, act like a contactless card and even connects to another NFC device to exchange data. 3 modes :
Card reading (MIFARE ) Peer to peer (initiator & target) Card emulating
Distance : 0 - 20 centimeters Bandwidth to 424 kbits/s NFC Forum : NDEF specs N-Mark: http://www.nfc-forum.org/resources/N-Mark
Standardization bodies
ETSI / SCP (Smart Card Platform) to specify the interface between the SIM card and the NFC chipset. EMVCo for the impacts on the EMV payment applications.
GSM Association
Mobey Forum for mobile financial services AFSCM is French association for mobile contactless
Smart Poster
Location based services
List of proximity services depending on Points of Interest Trailers Tickets booking From SMS push to Smart Poster pull
Specifications
NFC Forum releases specification for NDEF.
NFC Data Exchange Format which is a way to format RFID tags to be compatible with NFC applications. Works with MIME type.
Action
Do the action (send the SMS, launch the browser, make the telephone call) Save for later (store the SMS in INBOX, put the URI in a bookmark, save the telephone number in contacts) Open for editing (open an SMS in the SMS editor, open the URI in an URI editor, open the telephone number for editing).
1 3
For example, the Smart Poster record defines a URI plus some added metadata about that URI.
MAY SHALL
Type 1, based on ISO14443A. Tags are read and re-write capable; users can configure the tag to become read-only. Memory availability is 96 bytes and expandable to 2 Kbytes. Communication speed is 106 Kbit/s. Type 2, same as Type 1 except that memory availability is 48 bytes and expandable to 2 Kbytes. Type 3 is based on FeliCa. Tags are pre-configured at manufacture to be either read and re-writable, or read-only. Memory limit is 1Mbyte per service. Communication speed is 212 Kbit/s or 424 Kbit/s. Type 4, fully compatible with ISO14443A and B standards. Tags are preconfigured. Up to 32 Kbytes per service. Communication speed is up to 424 Kbit/s.
SIM
cardlets Webapp
KS FS
Interfaces
TSM
Subscribe a service
SIM
management system
Card management system KS ISD
Customer service
Subscribe a service
Final user
Application
KS FS
Application data
GUI
SIM card
Customer
Subscribe a service
Mobile domain
Service provider
TSM
Tells phone has been lost Tells customer has new SIM card Services management & referral for SP
Mobile operator
Ask for token (delegated management) Ask applet installation via ISD (MNO centric model)
Customer
Low High
TRUST CONTROL
High Low
By Gemalto
Keyboard
Contactless
TV
NFC Architecture
PART 2
Smart Card
Piece of plastic the size of a credit card hosting an electronic circuit that can store and process information. The integrated circuit (chip) may contain a microprocessor capable of processing this information, or it can only contain non-volatile memory with a security component (memory card). Smart cards are mainly used as means of personal identification (identity card, access badge to buildings, health insurance card, SIM card) or payment (credit card, electronic purse) or proof of subscription to prepaid services (calling card, ticket). Contact or Contactless smart card readers are used as a communications medium between the smart card and a host (point of sale).
The automated chip card was invented by German rocket scientist Helmut Grttrup and his colleague Jrgen Dethloff. French inventor Roland Moreno actually patented his first concept of the memory card. Michel Ugon from Honeywell Bull invented the first microprocessor smart card. Bull patented the SPOM (Self Programmable One-chip Microcomputer) that defines the necessary architecture to auto-program the chip.
1974 1977
1978
The first mass use of the cards was for payment in French pay phones (Bull CP8). Smart Card is standardized ISO 7816. The second use was with the integration of microchips into all French debit cards. First Java Cards.
1992
1997 2006
Axalto and Gemplus, at the time the world's no.2 and no.1 smart card manufacturers, merged and became Gemalto.
Contact card
Contactless card
Memory card
Microprocessor card
Mifare
Advantages
Simple
Cheap
Drawbacks
Security
(easy to duplicate)
Microprocessor card
Microprocessor used by the application running on card to calculate operations. Each card can be personalized and updated after manufacture (for banks with more than 500 000 customers).
Credentials can be updated while the card is inserted in a bank automat for example.
Very secure for a reasonable cost
Information stored can be protected by a PIN code Cryptographic operations Circuit is shielded Unique serial number
Software security
Persistent
A Smart Card has 8 connectors : (ISO7816-2) C1 Vcc C2 RST C3 CLK C4 RFU (Reserved for future use) C5 GND C6 Vpp (old EEPROM) C7 I/O (bi-directional, in half-duplex mode) C8 RFU (Reserved for future use)
Contactless Card
Secure a computer
Store
internet security certificate Hard drives can be encrypted using and attached Smart Card Used to authenticate a user on the computer (at login screen)
Payment Credit card, SIM card, TV Channel card, Access card Transports Electronic purse (coffee machine) Identification PKI Digital signature Can store biometric data 2009 in Spain and Belgium: eID card
2 certificates: one used to authenticate and one to apply the digital signature (real legal value)
PKI Biometrics
User private key is kept in a device such as a smart card. Biometrics are also used to protect key.
Password + SSL
Part 3
NFC on iPhone
http://www.nearfield.org/
NFC already on iPhone: Stickers, 30-pin RFID readers, SIM add-on
Exchange data, P2P Configuration (bluetooth pairing) Vending machines, service maintenance Loyalty, couponing
Payment solution
Access control Mobile signature Etc.
by Nokia
Mobile Ticketing
14 millions RFID tickets were produced by ASK for Olympic Games in China - http://www.askrfid.com
He meets with his girlfriend and transfers the ticket on her mobile.
They arrives and unlock security gates thanks to their NFC mobile phone.
Mobile ticketing will become more popular over the next few years, with 2.6 billion tickets worth $87 billion, delivered by 2011
Juniper Research (April 2008)
Japan with Sony FeliCa, NTT DoCoMo NTT Docomo reports 10 million mobile credit card customers StoLPaN Store Logistics and Payment with NFC is a pan-European consortium supported by the European Commissions Information Society Technologies program: http://www.stolpan.com
Disneyland Paris to test NFC and contactless cards from October 2009, with Crdit Mutuel and CIC banks. Smart-Park with VINCI Park and Monext. Paris Metro: Paris transport operators to launch NFC ticketing from the end of 2010. STIF will coordinate the Paris transport operators (Optile, RATP and SNCF Transilien) and the participating telecoms operators (Orange, Bouygues Telecom and SFR). Pegasus workgroup: multi-operator (Orange, Bouygues Telecom, SFR), multi-bank (BNP Paribas, Groupe Crdit Mutuel-CIC, Crdit Agricole, Socit Gnrale) with MasterCard, Visa Europe and Gemalto for mobile payment in two cities: Caen and Strasbourg Nice NFC city http://www.afscm.org/entreprises/ nice-ville-nfc
Display
Object
Tag + URL Reader Mobile device Wireless service provider
NFC is not a Bluetooth replacement. NFC is not made to transfer objects. One of the key argument for NFC is to pair a Bluetooth device. More than wireless. Proximity and contact. Secure payment.
Information on Objects
NFC tomorrow
Hard beginning Three years ago, ABI Research predicted half of mobile phones in the world will be NFC ready in 2009. Juniper research, september 2009: NFC Mobile Payments to Exceed $30bn by 2012, Supported by Revenues from Mobile Coupons and Smart Posters June 2009: Top handset manufacturers begin sampling NXPs PN544 NFC chip
The PN544 NFC controller is the first fully industry standard NFC handset chip, offering compliance with the Single Wire Protocol and with Mifare.
NFC tomorrow
In a recent presentation, Sony Ericsson says mobile NFC will take more than 5 years to become mass market.
See iphone
Security
Infrastructure
NFC Devices
NFC Phones using single wire Protocol and UICC (08/2008)
All devices are more or less concept devices and come with an InsideContactless NFC Chip. In order to develop applications with these devices a Dev Kit (like the Gemalto Developer Suite) and a SWP UICC is required. All four devices are already capable of using SCWS.
NOKIA 6212
Java MIDP 2.0 Bluetooth 2.0 2 megapixel camera 3G connection Share business cards, bookmarks, calendar notes, images, profiles, and more. Contactless payment and ticketing capabilities. Access to mobile services and information with a simple touch. Uses Java specification requirement 257 (JSR 257) for third-party NFC applications.
Jeremy Belostock on the future of NFC http://fr.youtube.com/watch?v=BoOH7AtCT_E
http://europe.nokia.com/A4991363
Nokia 6216
of storing credit card, user account and other security details on the SIM card,
http://toptunniste.fi/topshop/product_catalog.php?c=72
7cents
Chip cost
3dollars
NFC requirements
What is the added value if service already exists Mesure social impact before Tickets or direct payments
Part 4
What are the solutions to develop a 3rd party application on a mobile phone
Single Wire Protocol (SWP) architecture: SIM & SE is same Java Card. MIFARE is a storage which enables the phone to act like a MIFARE card.
From a developer's point of view it does not matter at all where the SE is located. You will still code against the GlobalPlatform specs. The only difference comes with the distribution/lifecycle model; and since in most cases, the operators control both the SIM card and the phone, the difference is largely academical anyway. Of course, business people may think differently, but that's their problem.
Applications
J2ME
OS
CPU
Apps
UICC SIM
OS
NFC Chip
NFC antenna
External env.
JNI allows to call C code and DLL in Java. To use JNI, you must follow the following steps:
Create a Native method in Java Once the Java class is compiled, you must generate a header file with the tool javah h. Compile the native code using the interface generated at step 2. Change the methods headers and params. For example: a String becomes a Jstring.
Java / NFC Java is the key. It allows technologies to work together : Bluetooth, Video, Music, GPRS, Problems of JSR not implemented on a mobile phone
Graphical user Interface are not always compatible : screen size, different JVM.
Solution: Mobile Distillery ? SVG ? Flash lite ? SIM Toolkit ? SCWS ? HTML5 ? Native application : security problem, no API, manufacturer lock Symbian development is heavy.
Development Kits
Java IDE such as Eclipse or Netbeans SDK from manufacturers (Nokia) Dev Kit from card issuers (Gemalto, Oberthur) Dev Kit from MNO (Orange)
JCOP Tools
Configure SE keyset to 42
ENC, MAC and KEY are all "404142434445464748494A4B4C4D4E4F
MIDlet
String uri = System.getProperty("internal.se.url"); ISO14443Connection iseConn = (ISO14443Connection) Connector.open(uri);
For NFC and Infrared Optional package for J2ME DiscoveryMan ager Target listener (no matter the type) Connection NDEF & ISO14443
MIFARE
Security in a MIFARE 1K CARD
Card is composed of 16 sectors with 4 blocks of 16 bytes each.
MIFARE Anti-collision
An anti-collision system allows to operate with many cards in the same magnetic field. The algorithm selects each card one by one and ensures that the transaction takes place on the selected card without data corruption.
Request
Transaction time
Anti-collision
Card id ?
Select card
Authentication
MAD (MIFARE Application Directory) is a table written in first sector and used to identify which sector is dedicated to a specific application.
Read/Write
GSMA tech guide: NFC mobile device and reader shall be less than or equal to 250ms to meet Service Provider requirements.
NDEF push
The MIDlet can see that it was launched by touching a tag, by reading the DiscoveryManager property LaunchType.
Java Card
Java Card MIFARE ProX & SmartMX are cards with microprocessor and OS (for example JCOP). An Applet is a JAVA CARD application stored inside the Secure Element.
At the beginning, applications on Smart Card were all developed proprietary and native.
There was a need to find a generic way to develop an application that could run on 2 Smart Cards issued by different companies.
The Java Card technology allows developers to gather around one way of programming using Java. And it openned the path to third party applications. This technology can also be used to develop on a SIM card. A SIM card has more memory than other types of Smart Cards like Credit Card. Java Card includes:
An API (application programming interface) to define Java libraries that can be used A virtual machine Runtime (JCRE) : memory and security management
Java Card 2.1.1 SDK provides an environment to test applets, a tool to upload applets into the Java Card, and code examples.
T=1
APDU
Header, 4 Bytes
Class instruction (CLA) Code instruction (INS) Parameters : P1 et P2 Optional body (random size) Lc = length of body (data) in Bytes Le = length of response to the command (Bytes) The data field contains data to be sent to the card, to process instructions specified in header.
4 APDUs commands are possible depending on whether it expects a response back or if it contains data.
CLA INS P1 P2 CLA INS P1 P2 Lc Data CLA INS P1 P2 Le CLA INS P1 P2 Lc Data Le
AID
5 bytes are RID (resource identifier) Following bytes are PIX (proprietary identifier extension)
Java Card
Select
Threads
CPU on JavaCard does not support multiple tasks and you cant use synchronized or volatile .
Finalize() not supported
Garbage collector
System.abortTransaction()
Sandbox : In Java, code and application data (resources) are protected by a sandbox and cant interfere with other applications.
Lets take the example of a Wallet to see how to code an applet. This applet allows the SIM card to act as a real eletronic purse.
Use cases
The applet can add and substract money to a balance Shows the actual balance of the purse It includes a mechanism to ask for a PIN code for security purposes
Wallet.java
package com.sun.javacard.samples.wallet;
The Java class must extend Applet. It defines all the methods to communicate with JCRE.
public class Wallet extends Applet
PIN_TRY_LIMIT = 3
We choose the hexadecimal value 0xB0 to identify our Wallet. This value identifies all APDU commands that are processed by the applet. It means that the APDU commands debit and credit all start with the byte CLA 0xB0.
Wallet_CLA =(byte)0xB0;
INS
final static byte VERIFY = (byte) 0x20; final static byte CREDIT = (byte) 0x30; final static byte DEBIT = (byte) 0x40; final static byte GET_BALANCE = (byte) 0x50
Other values
// maximum balance final static short MAX_BALANCE = 0x7FFF; // maximum transaction amount final static byte MAX_TRANSACTION_AMOUNT = 127; // maximum number of incorrect tries before the // PIN is blocked final static byte PIN_TRY_LIMIT =(byte)0x03; // maximum size PIN final static byte MAX_PIN_SIZE =(byte)0x08;
The variables
Applet structure
Header
setIncomingAndReceive();
byte[] buffer = apdu.getBuffer(); short bytes_left = (short) buffer[ISO.OFFSET_LC]; short readCount = apdu.setIncomingAndReceive(); while (bytes_left > 0) { //{process received data in buffer} bytes_left -= readCount; //get more data readCount = apdu.receiveBytes (ISO.OFFSET_CDDATA); }
setOutgoingAndSend()
Transfer mode Expected length for the answer Send bytes in response
byte[] apduBuffer = apdu.getBuffer(); apduBuffer[0] = byte1; apduBuffer[1] = byte2; apduBuffer[2] = byte3; //0-offset, 3-number of bytes to send apdu.setOutgoingAndSend(0, 3);
Get Balance
0xB0 INS: 0x50: GET BALANCE P1: 0x00: Normal mode P2: 0x00 Data:
in:
Credit
Mutual authentication To send the APDU command, you must first initialize a secure transaction with the applet (MAC):
P2: 0x00
Data: - in: 2 bytes of value to credit.
- out: 2 bytes of updated balance. - exception: ISOException with reason SW_SECURITY_STATUS_NOT_SATISFIED (0x6982) if authentication failed.
JSR-177 SATSA
JSR-177: Security and Trust Services API for J2ME Used to communicate with SIM card Used to encrypt/decrypt/sign data Example with symmetric algorithm here: http://wiki.forum.nokia.com/index.php/Encrypti on_of_data_using_JSR-177
Gemalto examples
APDU commands of GPPurse applet are stored in the file APDU_Commands.atf that comes with the project. You can open this file with the Jcard Manager and execute each command at a time. Or manually thanks to the option Send APDU in the menu bar.
Secure Element consists of Java Smart Card area and Mifare 4K area A specific API provided for Applets to access Mifare memory All access is password protected Password is one-way hashed from Mifare KeyA and KeyB JCSystem : atomic transaction management
Protected by Issuer specific secret keys
PC/SC readers
The most commonly used smart-card interface is PC/SC, a middleware layer backed by Microsoft, and part of the Windows operating system. JPCSC is a Java-wrapper around the native PC/SC API. JCOP Tools includes JPCSC and uses it on Linux and MacOS X. On Windows, JCOP Tools uses the native PC/SC API directly. JCOP Tools also includes the JCOP offcard API, which is a comprehensive smart card API with special support for Java Card and GlobalPlatform. That sits on top of native PC/SC, JPCSC, and some other proprietary card middleware. OpenCard Framework (OCF), see http://www.opencard.org (consortium split up).
javax.smartcardio
Devices used - Mobile phone NOKIA 6131 - Tags MIFARE 1K - Pegoda Reader / Philips - SCM Contactless Reader
Graphical User Interface (GUI), implemented in J2ME (or other). Controller / Application logic (as much as possible), implemented on the Java Card / Secure Element. Memory of the Mifare element used for storing data.
MIDlet proxy
Phone
OTA Server
Mifare Applet MIDlet
Secure Element
BIP is a new generation protocol allowing remote SIM management over the air (remote file management, remote application management).
Physical layer
Steps for a standard NFC communication Open Poll Connect Exchange Disconnect
1. 2. 3. 4. 5. 6.
Close
ProGuard (obfuscator)
A mobile phone application is divided into 2 packages, a descriptor JAD file and a JAR file containing Java classes. Thanks to the JAD file, the JAR file is installed on the mobile phone. Developer can set JAD attributes to manage permissions, push registry, etc. Use a Controller to listen and launch threaded events:
1. 2. 3.
Call to NFC chip Print new screen Save data in Record Store
SIM Toolkit successor. SCWS technology can be installed on new generation SIM card and allows GUI management thanks to mobile web browser. The SIM card is the authorization module for secure electronic transactions but its the mobile phone that controls and generates graphical interfaces. With SCWS, a developer can implement the full application in one package and deploy it directly on the SIM card. MMI and Applets are on the same media. Deployment and administration of applications are simplified. For example: if the user changes his mobile phone. Moreover, generated interfaces are compatible with most phones but the rendering and user interaction is not necessarily better.
SCWS Demo
Example of applications
New key received.
PAMS Zone 1 Open application ? PAMS Zone 2
Lock A
NFC Applications My Keys
No
Yes
Office
Home Car
Parking P5 Writing key
Lock B
Installing key
75%
Edit
Delete
Key added
Access granted.
Add a shortcut ?
Exit
Yes
See Mobile PKI (ETSI). The MSSP platform is a solution to manage digital signatures for a MNO. Two processes:
Registration:
MSSP Operator
Certification authority
3. 4.
Customer accesses his bank website thanks to his login/password. Bank sends a request for authentication to Operator (WPKI). This request includes the mobile number (IMSI: International Mobile Subscriber Identity) Customer enters PIN code eBanking service is authorized
Secure Application
****
Ok
Ok
Back
Ok
DEMO
HelloKiosk
Conclusion
NFC in handsets without knowing it really soon Industry is now convinced SDK standardization Easy to use ! Remember iPhone
Use J2ME 3.0 Use JSR 257 or SCWS Optimize your code Store your data online Never trust a MIDlet Sign your application Use J2ME Polish or LWUIT to adapt your application to your target platforms (screen size) Use web app for cross-platform development Use AFSCM specifications for OTA NFC is not an exchange protocol but identification
Resources
http://discussion.forum.nokia.com/forum/forumdisplay.php?f=144 http://wiki.forum.nokia.com/index.php/NFC http://forum.java.sun.com/forum.jspa?forumID=23 http://www.nearfieldcommunicationsworld.com http://www.talknfc.com http://www.blognfc.com http://www.nfcnews.com Writing a Java Card Applet http://developers.sun.com/mobility/javacard/articles/intro/index.html
Resources
Contactless Smart Cards and NFC Peter Harrop, Ning Xiao & Raghu Das http://www.nxp.com, thanks for pictures http://www.nearfield.org http://www.nfc-forum.org http://www.gsmworld.com/documents/ http://www.rfidjournal.com RFID Information http://mobilepayment.typepad.com Mobile payment blog http://0x9000.blogspot.com Great blog on Java Card development
Contact me
Master MBDS, University of Nice Sophia-Antipolis
tdelazzari@gmail.com http://www.mbds-fr.org http://tdelazzari.blogspot.com http://twitter.com/tdelazzari