SEEK project - Access to Secure Elements on Android. Frank Schäfer

Size: px
Start display at page:

Download "SEEK project - Access to Secure Elements on Android. Frank Schäfer 04.12.2014"

Transcription

1 SEEK project - Access to Secure Elements on Android Frank Schäfer

2 SEEK: Add Secure Element access to Android n Open Source project, maintained by G&D since 2010 n Implementation of SIMalliance Open Mobile API for Android n Integration of Global Platform Secure Element Access Control n Source code available under Apache License V2.0 n Drivers, applications, Android patches, code samples, guidelines, mailing list n Integrated by almost all Android handsets 2

3 SIMalliance Open Mobile API specification Enable access to Secure Elements in Mobile Devices Mobile Applications OS and programming language agnostic Access to all kind of Secure Elements Open Mobile API Secure Elements Easy to use API for APDU communication n Referenced in GSMA NFC handset requirements n Compliance programs in GlobalPlatform and GCF (Global Certification Forum) just started 3

4 Open Mobile API Architecture Application Layer Service Layer Transport Layer Access Control Mobile Applications Generic Transport Mobile Applications SIM Plug in Crypto API (PKCS / JCE) Crypto provider APIs File Management Transport ASSD Plug in Test Specifications Authentication Secure Storage Discovery Further SE Further SE PKCS#15 SE provider Secure Element Provider Interface Open Mobile API Specification V3.0: released Open Mobile API Test Specification for Transport API V1.1: released V2.0: planned for 12/2014 Test application V1.0: released V2.0 planned (01/2015) Mobile Device Storage File system Access Control Further Further Functions Further Functions Functions Secure Elements (e.g. SIM, Secure µsd, ) 4

5 Global Platform SE Access Control Control access to Secure Elements (SEs) based on the certificate that the mobile application is signed with n Only allowed apps on the phone can make use of specific applets on the Secure Element n Consist of n Access Control Enforcer integrated in the API n A storage in the Secure Element that provides the access rules n Rules can be managed remotely Security enabled Security enabled Security Android Apps Android enabled Apps Android Apps Open Mobile API Smart Card API Implementation Access Control Enforcer Access of Apps to Applets controlled by Access Control Rules are under control of the Secure Element Issuer Secure Element Access Control is standardized by GlobalPlatform, V1.1 is released Access Rules Applet Applet 5

6 Prerequisites for developing SEEK apps Make sure seek is available on you phone: n Settingsà Apps à All à SmartcardService Prepare SE Access Control n Make sure that access is allowed (SIM) n Install AllowAll ARA applet from SEEK n Write AllowAll rules in ARF (see SEEK mailing list) n Use of ARA or ARF depends on phone n Correct rules should be use when releasing Prepare development environment n SDK needs access to OMAPI add-on package n See SEEK for details: https://code.google.com/p/seek-for-android/wiki/ UsingSmartCardAPI 6

7 SIMalliance OMAPI Test application n Tools is available on SIMalliance web page (royalty free) n Can be used to validate correct integration of seek (as long as device compliance programs are not in place yet) n Implements test cases from OMAPI Test Specification n Test applets have to installed on the card first (see ReadMe) n Test cases are written in XML and stored on internal storage of the device (/sdcard) n Can be adopted as needed n New test cases can be added n Logs are also written to internal storage 7

8 SIMalliance OMAPI Test application 8

9 SIMalliance OMAPI Test application Long press for further details (Log) 9

10 OMAPI function calls org.simalliance.openmobileapi Session Reader SEService Reader getreader() byte[] getatr() void close() boolean isclosed() void closechannels() Channel openbasicchannel(byte[] aid) Channel openlogicalchannel(byte[] aid) Channel openbasicchannel(byte[] aid, Byte P2) Channel openlogicalchannel(byte[] aid, Byte P2) String getname() SEService getseservice() boolean issecureelementpresent() Session opensession() void closesessions() * * SEService(Context, Callback) Reader[] getreaders() boolean isconnected() void shutdown() String getversion() Channel void close() boolean isbasicchannel() boolean isclosed() byte[] getselectresponse() Session getsession() byte[] transmit(byte[] command) boolean selectnext() * Callback serviceconnected(seservice) 10

11 Hello Smartcard app - preparation n uses-library in AndroidManifest.xml n Implement the SEService.CallBack interface n Initialize the SEService 11

12 Hello Smartcard app sending APDUs to the card 12

13 Thank you for your attention! Frank Schäfer December

14 Open Mobile API releases V2.05 Maintenance Jan released V3.0 add native (not object oriented) interface Nov released API Specification V1.0 Based on API V2.05 Feb 2014 released V1.1 Maintenance July 2014 released V2.0 Update according V3.0 of API spec Plan: Dez Test Specification Test Application V1.0 July 2014 released Android Test runner + test cases in XML quick testing, no compliance V2.0 According to test spec V2.0 without method interface Plan: Jan

15 GP SE Access Control (SEAC) - Rules definition n Access Rules n Works with any secure Element (e.g. SIM, SD card, ) n Defines which Signature the mobile application must be signed with to access a certain Applet on the SE n Defines what commands are allowed (APDU white list- ARA only) n Should be stored as objects in Access Rule Applets (ARA) or might use a PKCS#15 file system structure (ARF - Access Rule Files) on UICC as fallback n Structure of a Rule Hash Value AID APDU rule data Hash of the certificate that the mobile application is signed with or empty in case rule are valid for all mobile applications AID of the applet for witch the rules are stored or empty in case rules are valid for all SE applets General APDU rule: access is allowed / denied or APDU filter: 4 byte APDU header filter and 4 Byte APDU mask 15

Open Mobile API Test Specification for Transport API

Open Mobile API Test Specification for Transport API Open Mobile Test Specification for Transport V1 Copyright 2014 SIMalliance ltd. The information contained in this document may be used, disclosed and reproduced without the prior written authorization

More information

Securing the future of mobile services. SIMalliance Open Mobile API. An Introduction v2.0. Security, Identity, Mobility

Securing the future of mobile services. SIMalliance Open Mobile API. An Introduction v2.0. Security, Identity, Mobility 1 An Introduction v2.0 September 2015 Document History 2 Version Date Editor Remarks 1.0 06/04/2011 OMAPI Working Group Public release 2.0 27/09/2015 OMAPI Working Group Public release Copyright 2015 SIMalliance

More information

DEVELOPING NFC APPS for BLACKBERRY

DEVELOPING NFC APPS for BLACKBERRY 1 DEVELOPING NFC APPS for BLACKBERRY NFC Forum, Developers Showcase March 21 st, 2014 Larry McDonough, Principal Evangelist @LMCDUNNA 2 CONTENTS Development on BlackBerry BlackBerry NFC Support 5 most

More information

Secure Authentication for the Development of Mobile Internet Services Critical Considerations

Secure Authentication for the Development of Mobile Internet Services Critical Considerations Secure Authentication for the Development of Mobile Internet Services Critical Considerations December 2011 V1 Mobile Internet Security Working Group, SIMalliance AGENDA SIMalliance presentation What s

More information

Bringing Security & Interoperability to Mobile Transactions. Critical Considerations

Bringing Security & Interoperability to Mobile Transactions. Critical Considerations Bringing Security & Interoperability to Mobile Transactions Critical Considerations April 2012 Transactions 2 Table of Contents 1. Introduction... 3 2. Section 1: Facing up the challenges of a connected

More information

Secure Authentication for Mobile Internet Services

Secure Authentication for Mobile Internet Services Secure Authentication for Mobile Internet Services Critical Considerations December 2011 V1 Secure element architects for today s generation Secure Authentication for Mobile Internet Services 2 Table of

More information

Android pay. Frequently asked questions

Android pay. Frequently asked questions Android pay Frequently asked questions June 2015 Android Pay - FAQs In May 2015, Android Pay was announced by Google. Android Pay is Google s payments solution that allows consumers to do in-store and

More information

AN INTRODUCTION TO ANDROID DEVELOPMENT CS231M Alejandro Troccoli

AN INTRODUCTION TO ANDROID DEVELOPMENT CS231M Alejandro Troccoli AN INTRODUCTION TO ANDROID DEVELOPMENT CS231M Alejandro Troccoli Outline Overview of the Android Operating System Development tools Deploying application packages Step-by-step application development The

More information

Training. MIFARE4Mobile. Public. MobileKnowledge April 2015

Training. MIFARE4Mobile. Public. MobileKnowledge April 2015 MIFARE4Mobile Public MobileKnowledge April 2015 Agenda Why MIFARE4Mobile? MIFARE in Mobile related technologies MIFARE technology NFC technology MIFARE4Mobile technology High level system architecture

More information

An Introduction to Android

An Introduction to Android An Introduction to Android Michalis Katsarakis M.Sc. Student katsarakis@csd.uoc.gr Tutorial: hy439 & hy539 16 October 2012 http://www.csd.uoc.gr/~hy439/ Outline Background What is Android Android as a

More information

Device Implementation Guidelines

Device Implementation Guidelines Device Implementation Guidelines June 2013 Secure element architects for today s generation Device Implementation Guidelines 2 Document History Version Date Editor Remarks 1.1 07/06/2013 Handset Task Force

More information

Mobile NFC 101. Presenter: Nick von Dadelszen Date: 31st August 2012 Company: Lateral Security (IT) Services Limited

Mobile NFC 101. Presenter: Nick von Dadelszen Date: 31st August 2012 Company: Lateral Security (IT) Services Limited Mobile NFC 101 Presenter: Nick von Dadelszen Date: 31st August 2012 Company: Lateral Security (IT) Services Limited Company Lateral Security (IT) Services Limited Company Overview Founded in April 2008

More information

Chytré karty opět o rok dál...

Chytré karty opět o rok dál... Chytré karty opět o rok dál... SmartCardForum 2010 Jan Němec Product expert, Gemalto Květen 2010 Agenda Chytré karty včera, dnes a zítra Úvod do problematiky NFC Integrace NFC do mobilních zařízení Java

More information

Mobile Electronic Payments

Mobile Electronic Payments Chapter 7 Mobile Electronic Payments 7.1 Rationale and Motivation Mobile electronic payments are rapidly becoming a reality. There is no doubt that users of mobile phones are willing and even asking to

More information

Common requirements and recommendations on interoperable media and multi-application management

Common requirements and recommendations on interoperable media and multi-application management Common requirements and recommendations on interoperable media and multi-application management Deliverable 3.2 September 2009 Grant Agreement number: IST-2007-214787 Project acronym: IFM PROJECT Project

More information

Banking. Extending Value to Customers. KONA Banking product matrix. KONA@I is leading the next generation of payment solutions.

Banking. Extending Value to Customers. KONA Banking product matrix. KONA@I is leading the next generation of payment solutions. Smart IC Banking Banking Extending Value to Customers KONA Banking product matrix Contact - SDA Product EEPROM Java Card Type KONA Products KONA@I is leading the next generation of payment solutions Banks,

More information

Smartcards with Webservice Interface

Smartcards with Webservice Interface Smartcards with Webservice Interface 22. SIT-SmartCard Workshop 8./9. February 2012 Jan Eichholz Agenda Benefits of a Webservice Interface for Smartcards The Service Access Layer out of ISO/IEC 24727 The

More information

Smart Card APDU Analysis

Smart Card APDU Analysis Smart Card APDU Analysis Black Hat Briefings 2008 Las Vegas Ivan "e1" Buetler ivan.buetler@csnc.ch Compass Security AG - Switzerland Compass Security AG Glärnischstrasse 7 Postfach 1628 CH-8640 Rapperswil

More information

Issues in Smart Card Development

Issues in Smart Card Development Middleware Issues in Smart Card Development Simplifying Smart Card Access under Windows a White Paper Abstract In todays business environment there is an increased awarness of security, which is driving

More information

SIMULITY PRODUCTS & SERVICES OVERVIEW

SIMULITY PRODUCTS & SERVICES OVERVIEW TM simulity SIMULITY PRODUCTS & SERVICES OVERVIEW About Simulity Simulity is an established software company specialising in embedded communications software and related server-based applications. We connect

More information

Smartcard Web Server Enabler Architecture

Smartcard Web Server Enabler Architecture Smartcard Web Server Enabler Architecture Candidate Version 1.0 09 Feb 2007 Open Mobile Alliance OMA-AD-Smartcard_Web_Server-V1_0-20070209-C OMA-AD-Smartcard_Web_Server-V1_0-20070209-C Page 2 (17) Use

More information

An Open Source eid Simulator Open Identity Summit 9th -11th September 2013

An Open Source eid Simulator Open Identity Summit 9th -11th September 2013 An Open Source eid Simulator Open Identity Summit 9th -11th September 2013 BSI Tobias Senger HJP Consulting Holger Funke Agenda Requirements of BSI Current state Simulator Virtual Smart Card Reader Community

More information

An NFC Ticketing System with a new approach of an Inverse Reader Mode

An NFC Ticketing System with a new approach of an Inverse Reader Mode An NFC Ticketing System with a new approach of an Inverse Reader Mode Christian Saminger, Stefan Grünberger and Josef Langer NFC University of Applied Sciences Upper Austria 5 th International Workshop

More information

APPFORUM2014. Helping the developer community build next-generation, multi-platform apps. SCHAUMBURG, ILLINOIS SEPTEMBER 8-10

APPFORUM2014. Helping the developer community build next-generation, multi-platform apps. SCHAUMBURG, ILLINOIS SEPTEMBER 8-10 APPFORUM2014 Helping the developer community build next-generation, multi-platform apps. SCHAUMBURG, ILLINOIS SEPTEMBER 8-10 NFC OVERVIEW Chuck Bolen Chief Architect Enterprise Mobile Computing APPFORUM2014

More information

l What is Android? l Getting Started l The Emulator l Hello World l ADB l Text to Speech l Other APIs (camera, bitmap, etc)

l What is Android? l Getting Started l The Emulator l Hello World l ADB l Text to Speech l Other APIs (camera, bitmap, etc) today l What is Android? l Getting Started l The Emulator l Hello World l ADB l Text to Speech l Other APIs (camera, bitmap, etc) l Other: Signing Apps, SVN l Discussion and Questions introduction to android

More information

Training. NFC in Android. Public. MobileKnowledge October 2015

Training. NFC in Android. Public. MobileKnowledge October 2015 NFC in Android Public MobileKnowledge October 2015 Index Android mobile Operating System Market share Brief history Programing in Android NFC in Android Communicating my Android phone with NFC Readers

More information

Significance of Tokenization in Promoting Cloud Based Secure Elements

Significance of Tokenization in Promoting Cloud Based Secure Elements Significance of Tokenization in Promoting Cloud Based Secure Elements Busra O zdenizci 1, Vedat Coskun 1*, Kerem Ok 1 and Turgay Karlidere 2 1 NFC Lab - Istanbul, Department of Information Technologies,

More information

CIPURSE V2 Certification Program

CIPURSE V2 Certification Program www.osptalliance.org Legal This document is copyright 2014 by the OSPT Alliance. 1. You may, without charge, copy (for internal purposes only) and share this document with your members, employees, and

More information

The Implementation of Signing e-document by Using the Wireless Identity Module in Cellular Phone

The Implementation of Signing e-document by Using the Wireless Identity Module in Cellular Phone 832 The Fourth International Conference on Electronic Business (ICEB2004) / Beijing The Implementation of Signing e-document by Using the Wireless Identity Module in Cellular Phone Chengyuan Ku *, Yenfang

More information

Draft Middleware Specification. Version X.X MM/DD/YYYY

Draft Middleware Specification. Version X.X MM/DD/YYYY Draft Middleware Specification Version X.X MM/DD/YYYY Contents Contents... ii 1. Introduction... 1 1.2. Purpose... 1 1.3. Audience... 1 1.4. Document Scope... 1 1.5. Document Objectives... 1 1.6. Assumptions

More information

AllJoyn Android Environment Setup Guide

AllJoyn Android Environment Setup Guide 80-BA001-2 Rev. A June 21, 2011 Submit technical questions at: http:///forums The information contained in this document is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License;

More information

Reverse engineering smart cards

Reverse engineering smart cards Reverse engineering smart cards Christian M. Amsüss linuxwochen@christian.amsuess.com http://christian.amsuess.com/ 2010-05-06 Overview objective understand smart card communication based on sniffable

More information

Frameworks & Android. Programmeertechnieken, Tim Cocx

Frameworks & Android. Programmeertechnieken, Tim Cocx Frameworks & Android Programmeertechnieken, Tim Cocx Discover thediscover world atthe Leiden world University at Leiden University Software maken is hergebruiken The majority of programming activities

More information

Government Smart Card Interoperability Specification

Government Smart Card Interoperability Specification Interagency Report 6887-2003 Edition Government Smart Card Interoperability Specification Version 2.1 Teresa Schwarzhoff Jim Dray John Wack Eric Dalci Alan Goldfine Michaela Iorga July 16, 2003 NIST Interagency

More information

Page 1. Lecture 1: Introduction to. Introduction to Computer Networks Security. Input file DES DES DES DES. Output file

Page 1. Lecture 1: Introduction to. Introduction to Computer Networks Security. Input file DES DES DES DES. Output file 1 2 Prof. Sead Muftic Matei Ciobanu Morogan Lecture 1: Introduction to Computer s Security Introduction to Computer s Security 4. security services and mechanisms 3 Approach 4 Introduction to Computer

More information

Secure Element Deployment & Host Card Emulation v1.0

Secure Element Deployment & Host Card Emulation v1.0 Secure Element Deployment & Host Card Emulation v1.0 2 Document History Version Date Editor Remarks 1.0 29/04/2014 HCE Taskforce Public release Copyright 2014 SIMalliance ltd. The information contained

More information

NFC Mobile Handset High Level Requirements V2

NFC Mobile Handset High Level Requirements V2 NFC Mobile Handset High Level Requirements V2 Release 2.0 Date : 28/09/2011 Reference: 110928 - AFSCM TECH - LIVBL - NFC Mobile Handset High Level Requirements - v2.0.doc AFSCM NFC Mobile Handset High

More information

Smart Card support Embedded Within OpenSSL to Secure Virtual Machines

Smart Card support Embedded Within OpenSSL to Secure Virtual Machines Smart Card support Embedded Within OpenSSL to Secure Virtual Machines Authors : Hassane AISSAOUI MEHREZ Pascal URIEN Guy PUJOLLE Télécom Paris Tech Institute Télécom Paris Tech Institute Pierre & Marie

More information

An Introduction to Android. Huang Xuguang Database Lab. Inha University 2009.11.2 Email: xuguanghuang@yahoo.cn

An Introduction to Android. Huang Xuguang Database Lab. Inha University 2009.11.2 Email: xuguanghuang@yahoo.cn An Introduction to Android Huang Xuguang Database Lab. Inha University 2009.11.2 Email: xuguanghuang@yahoo.cn Outline Background What is Android? Development for Android Background Internet users and Mobile

More information

Self Testing and Product Qualification Processes

Self Testing and Product Qualification Processes GlobalPlatform Self Testing and Product Qualification Processes Version 1.2.1 Public Release May 2013 Document Reference: GPC_PRO_042 Recipients of this document are invited to submit, with their comments,

More information

Introducing etoken. What is etoken?

Introducing etoken. What is etoken? Introducing etoken Nirit Bear September 2002 What is etoken? Small & portable reader-less Smartcard Standard USB connectivity Logical and physical protection Tamper evident (vs. tamper proof) Water resistant

More information

Secure Over the Air (OTA) Management Of Mobile Applications

Secure Over the Air (OTA) Management Of Mobile Applications Secure Over the Air (OTA) Management Of Mobile Applications Dinakaran Rajaram KTH-Royal Institute of Technology School Of Information and Communication Technology Communication Systems Master of Science

More information

ID TECH UniMag Android SDK User Manual

ID TECH UniMag Android SDK User Manual ID TECH UniMag Android SDK User Manual 80110504-001-A 12/03/2010 Revision History Revision Description Date A Initial Release 12/03/2010 2 UniMag Android SDK User Manual Before using the ID TECH UniMag

More information

Mobile ID: Realization of Mobile Identity Solutions by GlobalPlatform Technologies. White Paper November 2015

Mobile ID: Realization of Mobile Identity Solutions by GlobalPlatform Technologies. White Paper November 2015 Mobile ID: Realization of Mobile Identity Solutions by GlobalPlatform Technologies White Paper November 2015 secretariat@globalplatform.org www.globalplatform.org 2015 GlobalPlatform Inc. Table of Contents

More information

Interagency Advisory Board Meeting Agenda, Wednesday, February 22, 2012

Interagency Advisory Board Meeting Agenda, Wednesday, February 22, 2012 Interagency Advisory Board Meeting Agenda, Wednesday, February 22, 2012 1. Opening Remarks (Mr. Tim Baldridge, IAB Chair) 2. Generic Identity Command Set (GICS): Leveraging PIV to Build a Standard Platform

More information

Mobile Cloud Computing

Mobile Cloud Computing Mobile Cloud Computing Dr Samia Bouzefrane Laboratoire CEDRIC CNAM, 292 rue Saint Martin http://cedric.cnam.fr/~bouzefra samia.bouzefrane@cnam.fr 1 Agenda Mobile Cloud computing Mobile trusted computing

More information

The Role of the Trusted Service Manager in Mobile Commerce

The Role of the Trusted Service Manager in Mobile Commerce About the GSMA The GSMA represents the interests of mobile operators worldwide. Spanning more than 220 countries, the GSMA unites nearly 800 of the world s mobile operators with 250 companies in the broader

More information

Android Environment SDK

Android Environment SDK Part 2-a Android Environment SDK Victor Matos Cleveland State University Notes are based on: Android Developers http://developer.android.com/index.html 1 2A. Android Environment: Eclipse & ADT The Android

More information

Programming Android Smart Phones. Tom Chothia Internet Computing Workshop

Programming Android Smart Phones. Tom Chothia Internet Computing Workshop Programming Android Smart Phones Tom Chothia Internet Computing Workshop What is Android? A mobile phone operating system. Best selling smart phone OS. Runs on a range of hardware Based on Linux and Java

More information

Over-the-Internet: Efficient Remote Content Management for Secure Elements in Mobile Devices

Over-the-Internet: Efficient Remote Content Management for Secure Elements in Mobile Devices Over-the-Internet: Efficient Remote Content Management for Secure Elements in Mobile Devices Mohamed Sabt, Mohammed Achemlal, Abdelmadjid Bouabdallah To cite this version: Mohamed Sabt, Mohammed Achemlal,

More information

Page 1. Smart Card Applications. Lecture 7: Prof. Sead Muftic Matei Ciobanu Morogan. Lecture 7 : Lecture 7 : Smart Card Applications

Page 1. Smart Card Applications. Lecture 7: Prof. Sead Muftic Matei Ciobanu Morogan. Lecture 7 : Lecture 7 : Smart Card Applications in Open Distributed Processing s 1 in Open Distributed Processing s 2 Prof. Sead Muftic Matei Ciobanu Morogan Lecture 7: 1 2 in Open Distributed Processing s 3 in Open Distributed Processing s Smart s

More information

Wednesday, January 15, 14. Secure and Private Service Discovery over Low Energy Bluetooth

Wednesday, January 15, 14. Secure and Private Service Discovery over Low Energy Bluetooth Secure and Private Service Discovery over Low Energy Bluetooth Square Register Hardware credit card reader Developed for businesses Android and ios app Square Wallet Android and ios app Works with Square

More information

Android. Lecture 1. Learning Android Marko Gargenta. Tuesday, February 26, 13

Android. Lecture 1. Learning Android Marko Gargenta. Tuesday, February 26, 13 Android Lecture 1 Learning Android Marko Gargenta Final Project Jan/Feb: ARM March: Android Apr: Final project Complexity Sense the world Analysis Service delivery Hands-on A fun project built-up through

More information

The OpenEapSmartcard platform. Pr Pascal Urien ENST Paris

The OpenEapSmartcard platform. Pr Pascal Urien ENST Paris The OpenEapSmartcard platform Pr Pascal Urien ENST Paris /20 Pascal URIEN, CARTES 2005, November 16 th 2005 Introduction 1/4: Network ages Analog networks (Tree age) 1876, Alexander Graham Bell invents

More information

Graduate presentation for CSCI 5448. By Janakiram Vantipalli ( Janakiram.vantipalli@colorado.edu )

Graduate presentation for CSCI 5448. By Janakiram Vantipalli ( Janakiram.vantipalli@colorado.edu ) Graduate presentation for CSCI 5448 By Janakiram Vantipalli ( Janakiram.vantipalli@colorado.edu ) Content What is Android?? Versions and statistics Android Architecture Application Components Inter Application

More information

NFC in Android. Martijn Coenen

NFC in Android. Martijn Coenen <maco@google.com> NFC in Android Martijn Coenen Agenda State of NFC in mobile What can you do with NFC in Android? Android Beam NFC Tags Card emulation and HCE Q & A State of NFC in mobile NFC and Android

More information

Embedded Java & Secure Element for high security in IoT systems

Embedded Java & Secure Element for high security in IoT systems Embedded Java & Secure Element for high security in IoT systems JavaOne - September 2014 Anne-Laure SIXOU - ST Thierry BOUSQUET - ST Frédéric VAUTE - Oracle Speakers 2 Anne-Laure SIXOU Smartgrid Product

More information

3GPP TSG SA WG3 Security S3#30 S3-030534 6-10 October 2003 Povoa de Varzim, Portugal. Abstract

3GPP TSG SA WG3 Security S3#30 S3-030534 6-10 October 2003 Povoa de Varzim, Portugal. Abstract 3GPP TSG SA WG3 Security S3#30 S3-030534 6-10 October 2003 Povoa de Varzim, Portugal Source: Gemplus, Oberthur, Schlumberger Title: Over-The-Air (OTA) technology Document for: Discussion and decision Agenda

More information

Specialized Android APP Development Program with Java (SAADPJ) Duration 2 months

Specialized Android APP Development Program with Java (SAADPJ) Duration 2 months Specialized Android APP Development Program with Java (SAADPJ) Duration 2 months Our program is a practical knowledge oriented program aimed at making innovative and attractive applications for mobile

More information

Applying the NFC Secure Element in Mobile Identity Apps. RANDY VANDERHOOF Executive Director Smart Card Alliance

Applying the NFC Secure Element in Mobile Identity Apps. RANDY VANDERHOOF Executive Director Smart Card Alliance Applying the NFC Secure Element in Mobile Identity Apps RANDY VANDERHOOF Executive Director Smart Card Alliance Session ID: MBS - 403 Session Classification: Mobile Security Agenda Agenda topics NFC basics:

More information

NFC Windows Phone Applications. Development Guidelines

NFC Windows Phone Applications. Development Guidelines NFC Windows Phone Applications Development Guidelines RELEASE 1.0 Date 04/09/2014 Reference afscm-windows-phone-development-guidelines-v1.0-20140904.doc AFSCM Android development guidelines p1/19 Copyright

More information

Mobile Payment using HCE and mpoint payment gateway based on NFC enabled phones. AUTHOR : GRZEGORZ MILCARZ S111040

Mobile Payment using HCE and mpoint payment gateway based on NFC enabled phones. AUTHOR : GRZEGORZ MILCARZ S111040 Mobile Payment using HCE and mpoint payment gateway based on NFC enabled phones. AUTHOR : GRZEGORZ MILCARZ S111040 DATE NOVEMBER 27, 2014 Summary The goal of the thesis is to create a proof of concept

More information

Java Card. Smartcards. Demos. . p.1/30

Java Card. Smartcards. Demos. . p.1/30 . p.1/30 Java Card Smartcards Java Card Demos Smart Cards. p.2/30 . p.3/30 Smartcards Credit-card size piece of plastic with embedded chip, for storing & processing data Standard applications bank cards

More information

ETSI TS 102 226 V9.2.0 (2010-04) Technical Specification. Smart Cards; Remote APDU structure for UICC based applications (Release 9)

ETSI TS 102 226 V9.2.0 (2010-04) Technical Specification. Smart Cards; Remote APDU structure for UICC based applications (Release 9) TS 102 226 V9.2.0 (2010-04) Technical Specification Smart Cards; Remote APDU structure for UICC based applications (Release 9) 2 TS 102 226 V9.2.0 (2010-04) Reference RTS/SCP-T02850v920 Keywords protocol,

More information

Introduction to Android Development. Jeff Avery CS349, Mar 2013

Introduction to Android Development. Jeff Avery CS349, Mar 2013 Introduction to Android Development Jeff Avery CS349, Mar 2013 Overview What is Android? Android Architecture Overview Application Components Activity Lifecycle Android Developer Tools Installing Android

More information

PKCS. PKCS: Public Key Cryptography Standards. Apple, Digital, Lotus, Microsoft, MIT, Northern Telecom, Novell, Sun

PKCS. PKCS: Public Key Cryptography Standards. Apple, Digital, Lotus, Microsoft, MIT, Northern Telecom, Novell, Sun : Public Key Cryptography Standards Devised and published by RSA Security Launched in 1991 as implementation agreements among early adopters of public-key cryptography Apple, Digital, Lotus, Microsoft,

More information

An NFC Ticketing System with a new approach of an Inverse Reader Mode

An NFC Ticketing System with a new approach of an Inverse Reader Mode An NFC Ticketing System with a new approach of an Inverse Reader Mode Dresden, 22/11/2013 Felipe de Sousa Silva Outline NFC Overview NFC Public Ticket System. Intention of the Inverse Reader Mode The Inverse

More information

EPC178-10 Version 2.0

EPC178-10 Version 2.0 EPC178-10 Version 2.0 MOBILE CONTACTLESS SEPA CARD PAYMENTS INTEROPERABILITY IMPLEMENTATION GUIDELINES Abstract This document provides guidance for the implementation of Mobile Contactless SEPA Card Payments

More information

Release Notes. KNOX Premium SDK. Version 2.5

Release Notes. KNOX Premium SDK. Version 2.5 Release Notes Premium SDK 2.5 September 2015 Copyright Notice Copyright 2015 Samsung Electronics Co. Ltd. All rights reserved. Samsung is a registered trademark of Samsung Electronics Co. Ltd. Samsung

More information

Exploring ADSS Server Signing Services

Exploring ADSS Server Signing Services ADSS Server is a multi-function server providing digital signature creation and signature verification services, as well as supporting other infrastructure services including Time Stamp Authority (TSA)

More information

Mobile MasterCard PayPass Testing and Approval Guide. December 2009 - Version 2.0

Mobile MasterCard PayPass Testing and Approval Guide. December 2009 - Version 2.0 Mobile MasterCard PayPass Testing and Approval Guide December 2009 - Version 2.0 Proprietary Rights Trademarks The information contained in this document is proprietary and confidential to MasterCard International

More information

ECM (ELO-KIT-ECMG2-AND)

ECM (ELO-KIT-ECMG2-AND) Software SDK USER GUIDE Elo Touch Solutions I-Series Interactive Signage ESY10i1, ESY15i1, ESY22i1 Android ECM (ELO-KIT-ECMG2-AND) SW602422 Rev A I-Series and Android ECM Software Development Kit User

More information

PKCS. PKCS: Public Key Cryptography Standards

PKCS. PKCS: Public Key Cryptography Standards : Public Key Cryptography Standards Devised and published by RSA Security Launched in 1991 as implementation agreements among early adopters of public-key cryptography Apple, Digital, Lotus, Microsoft,

More information

A Survey of Electronic Signature Development in Mobile Devices

A Survey of Electronic Signature Development in Mobile Devices A Survey of Electronic Signature Development in Devices 1, 2, 3 and 4 1 University of Murcia, Department of Information and Communications Engineering, maria@dif.um.es 2 University of Murcia, Department

More information

Everything is Terrible

Everything is Terrible Everything is Terrible A deep dive into provisioning and code signing Hello and welcome to Everything is Terrible. This is a deep dive talk into the processes behind provisioning and code signing on Apple

More information

JavaCard. Java Card - old vs new

JavaCard. Java Card - old vs new JavaCard 1 Old Smart Cards: One program (applet) Written in machine-code, specific to chip Burned into ROM Java Card - old vs new old vs new smartcards New Smart Cards: Applet written in high-level language

More information

Verfahren zur Absicherung von Apps. Dr. Ullrich Martini IHK, 4-12-2014

Verfahren zur Absicherung von Apps. Dr. Ullrich Martini IHK, 4-12-2014 Verfahren zur Absicherung von Apps Dr. Ullrich Martini IHK, 4-12-2014 Agenda Introducing G&D Problem Statement Available Security Technologies Smartcard Embedded Secure Element Virtualization Trusted Execution

More information

NFC Hacking: The Easy Way

NFC Hacking: The Easy Way DEFCON 20 NFC Hacking: The Easy Way Eddie Lee eddie{at}blackwinghq.com About Me! Security Researcher for Blackwing Intelligence (formerly Praetorian Global)! We re always looking for cool security projects!

More information

AT&T VERIFY CONNECT (V3.2.0) GETTING STARTED GUIDE FOR MOBILE SDK

AT&T VERIFY CONNECT (V3.2.0) GETTING STARTED GUIDE FOR MOBILE SDK AT&T VERIFY CONNECT (V3.2.0) GETTING STARTED GUIDE FOR MOBILE SDK AT&T Verify Connect is powered by SecureKey Technologies Inc. briidge.net Connect service platform. No part of this document may be copied,

More information

GENERIC SECURITY FRAMEWORK FOR CLOUD COMPUTING USING CRYPTONET

GENERIC SECURITY FRAMEWORK FOR CLOUD COMPUTING USING CRYPTONET http:// GENERIC SECURITY FRAMEWORK FOR CLOUD COMPUTING USING CRYPTONET Manisha Dawra 1, Ramdev Singh 2 1 Al-Falah School of Engg. & Tech., Vill-Dhauj, Ballabgarh-Sohna Road, Faridabad, Haryana (INDIA)-121004

More information

Activating New Mobile Services and Business Models with smartsd Memory cards

Activating New Mobile Services and Business Models with smartsd Memory cards Activating New Mobile Services and Business Models with smartsd Memory cards White Paper November 204 - enhanced from September 203 www.sdcard.org 204 SD Association. All rights reserved Table of Contents

More information

BlackBerry Enterprise Service 10. Secure Work Space for ios and Android Version: 10.1.1. Security Note

BlackBerry Enterprise Service 10. Secure Work Space for ios and Android Version: 10.1.1. Security Note BlackBerry Enterprise Service 10 Secure Work Space for ios and Android Version: 10.1.1 Security Note Published: 2013-06-21 SWD-20130621110651069 Contents 1 About this guide...4 2 What is BlackBerry Enterprise

More information

Android Development. http://developer.android.com/develop/ 吳 俊 興 國 立 高 雄 大 學 資 訊 工 程 學 系

Android Development. http://developer.android.com/develop/ 吳 俊 興 國 立 高 雄 大 學 資 訊 工 程 學 系 Android Development http://developer.android.com/develop/ 吳 俊 興 國 立 高 雄 大 學 資 訊 工 程 學 系 Android 3D 1. Design 2. Develop Training API Guides Reference 3. Distribute 2 Development Training Get Started Building

More information

Key & Data Storage on Mobile Devices

Key & Data Storage on Mobile Devices Key & Data Storage on Mobile Devices Advanced Computer Networks 2015/2016 Johannes Feichtner johannes.feichtner@iaik.tugraz.at Outline Why is this topic so delicate? Keys & Key Management High-Level Cryptography

More information

CARTES 2012 Demo presentation. Secure Trusted Execution Environment

CARTES 2012 Demo presentation. Secure Trusted Execution Environment CARTES 2012 Demo presentation Secure Trusted Execution Environment MobiCore offers a preventive security solution, protecting most of currently known cyber attacks, complementary to other security solutions

More information

Using the VMRC Plug-In: Startup, Invoking Methods, and Shutdown on page 4

Using the VMRC Plug-In: Startup, Invoking Methods, and Shutdown on page 4 Technical Note Using the VMRC API vcloud Director 1.5 With VMware vcloud Director, you can give users the ability to access virtual machine console functions from your web-based user interface. vcloud

More information

Fairsail REST API: Guide for Developers

Fairsail REST API: Guide for Developers Fairsail REST API: Guide for Developers Version 1.02 FS-API-REST-PG-201509--R001.02 Fairsail 2015. All rights reserved. This document contains information proprietary to Fairsail and may not be reproduced,

More information

Calypso Technology. A leader application to build up eticketing systems for modern and smart urban transport systems of the future

Calypso Technology. A leader application to build up eticketing systems for modern and smart urban transport systems of the future Calypso Technology A leader application to build up eticketing systems for modern and smart urban transport systems of the future Ing. Nicolas Generali SNCF 7cke7ng expert Calypso Networks Associa7on (CNA)

More information

Java Applet and Terminal Application for Financial transactions

Java Applet and Terminal Application for Financial transactions Java Applet and Terminal Application for Financial transactions Security for Java and E-commerce Environment Behrooz Aghakhanian baf@kth.se Jalil Shokouh shokouh@kth.se May 2011 Introduction In this assignment

More information

Enhancing TAM E-SSO with smart phones, smart cards and other tokens. IBM Tivoli Talk

Enhancing TAM E-SSO with smart phones, smart cards and other tokens. IBM Tivoli Talk Enhancing TAM E-SSO with smart phones, smart cards and other tokens Sven Gossel IBM Tivoli Talk October 7 th, 2011 Charismathics Milestones 2005 2007 2010 Re-inventing PKI middleware Re-inventing Trusted

More information

Global eid Developments. Detlef Eckert Chief Security Advisor Microsoft Europe, Middle East, and Africa

Global eid Developments. Detlef Eckert Chief Security Advisor Microsoft Europe, Middle East, and Africa Global eid Developments Detlef Eckert Chief Security Advisor Microsoft Europe, Middle East, and Africa Agenda Country View on eid initiatives Trustworthy Identity Scenarios Microsoft eid update Summary

More information

Mobile Device as a Platform for Assured Identity for the Federal Workforce

Mobile Device as a Platform for Assured Identity for the Federal Workforce Mobile Device as a Platform for Assured Identity for the Federal Workforce Dr. Sarbari Gupta President and CEO, Electrosoft U.S. Army Information Technology Agency (ITA) Security Forum Fort Belvoir Electrosoft

More information

Example of Standard API

Example of Standard API 16 Example of Standard API System Call Implementation Typically, a number associated with each system call System call interface maintains a table indexed according to these numbers The system call interface

More information

HP AppPulse Mobile. Adding HP AppPulse Mobile to Your Android App

HP AppPulse Mobile. Adding HP AppPulse Mobile to Your Android App HP AppPulse Mobile Adding HP AppPulse Mobile to Your Android App Document Release Date: April 2015 How to Add HP AppPulse Mobile to Your Android App How to Add HP AppPulse Mobile to Your Android App For

More information

How to Use ISO/IEC 24727-3 with Arbitrary Smart Cards

How to Use ISO/IEC 24727-3 with Arbitrary Smart Cards How to Use ISO/IEC 24727-3 with Arbitrary Smart Cards Detlef Hühnlein 1 and Manuel Bach 2 1 secunet Security Networks AG, Sudetenstraße 16, 96247 Michelau, Germany detlef.huehnlein@secunet.com 2 Federal

More information

Software Card Emulation in NFC-enabled Mobile Phones: Great Advantage or Security Nightmare?

Software Card Emulation in NFC-enabled Mobile Phones: Great Advantage or Security Nightmare? Software Card Emulation in NFC-enabled Mobile Phones: Great Advantage or Security Nightmare? Michael Roland University of Applied Sciences Upper Austria,, Austria IWSSISPMU2012 International Workshop on

More information

Windows 2000 Security Architecture. Peter Brundrett Program Manager Windows 2000 Security Microsoft Corporation

Windows 2000 Security Architecture. Peter Brundrett Program Manager Windows 2000 Security Microsoft Corporation Windows 2000 Security Architecture Peter Brundrett Program Manager Windows 2000 Security Microsoft Corporation Topics Single Sign-on Kerberos v5 integration Active Directory security Delegation of authentication

More information

Secure your Privacy. www.jrsys.com.tw. jrsys, Inc. All rights reserved.

Secure your Privacy. www.jrsys.com.tw. jrsys, Inc. All rights reserved. Secure your Privacy www.jrsys.com.tw CNN 2013/7/16 8:25PM Man Middle In The I got your ID/Password! Mobile Secure Secure sensitive access data Random Login Web Authentication One Secure Time Channel Password

More information