Ecosystems of Trusted Execution Environment on smartphones - a potentially bumpy road

Abstract

The advent of smartphones and the flexibility to have multiple applications serving the user's needs, has started a convergence of different services into a single device. Traditional services provided by mobile phones like voice and text communication became secondary to other domains like Online Social Network (OSN) and entertainment applications on smartphones. A similar trend is also happening for smart card services, in which traditional smart card services like banking, transport-ticketing and access control, are moving to smartphones. This transition from smart cards to smartphone is to a large extent, facilitated by Near Field Communication (NFC) technology which enables a smartphone to emulate a smart card. As the smart card services require a comparatively higher level of security than other applications on the smartphone. Initial proposals for this convergences were focused on secure elements. However, the ownership issues reminiscent of traditional smart card domain became the Achilles' heel. A potential way forward has been proposed by the Google Andriod in the shape of Host Card Emulation (HCE) to allow mobile phone applications to communicate via NFC. However to provide higher-level of security as required by smart card applications, a number of proposals have been put forward including the Trusted Execution Environment (TEE). In this paper, we will look into how the TEE fits into the overall picture of smart card services on a smartphone - provisioned via the HCE. We also analyse the current state of the art of TEE proposal and what potential ecosystem hurdles it might face due to the nature of current trends. Finally, we provide a potential pathway to overcome the ecosystem issues to achieve wide scale deployment, enabling secure services to individual users.