Abstract
With the introduction of Host Card Emulation (HCE) in Android 4.4 KitKat the Near Field Communication (NFC) card emulation mode took a twist. On one side, HCE allows for easier development and a shorter deployment path for contactless card services on the mobile phone (e.g. payment, ticketing, loyalty cards etc.). On the other side, it introduces new security issues since it does not intrinsically involve a secure element on the mobile phone. As an example, the Cipurse open ticketing standard for public transportation, published by OSPT, implies usage of a secure element for the authentication mechanism and key storage. How can Cipurse benefit from the advantages of HCE and still provide secure authentication and encryption of transferred data? We have designed a two-factor authentication mechanism that involves usage of the Universal Integrated Circuit Card (also known as the SIM card) as the secure second-factor that allows for the implementation of the Cipurse specification as a secure HCE application. The benefit is faster execution of the Cipurse emulated card but still with feasible security for many application areas.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
