An NFC Ticketing System with a new approach of an Inverse Reader Mode

Similar documents
An NFC Ticketing System with a new approach of an Inverse Reader Mode

Software Card Emulation in NFC-enabled Mobile Phones: Great Advantage or Security Nightmare?

Mobile NFC 101. Presenter: Nick von Dadelszen Date: 31st August 2012 Company: Lateral Security (IT) Services Limited

Software Card Emulation in NFC-enabled Mobile Phones: Great Advantage or Security Nightmare?

Significance of Tokenization in Promoting Cloud Based Secure Elements

Training. NFC in Android. Public. MobileKnowledge October 2015

NFC Hacking: The Easy Way

Exercise 1: Set up the Environment

Develop Once, Deploy Anywhere

A Simple and Secure E-Ticketing System for Intelligent Public Transportation based on NFC

NFC Hacking: The Easy Way

Relay Attacks in EMV Contactless Cards with Android OTS Devices

NFC Testing. Near Field Communication Research Lab Hagenberg. Gerald Madlmayr. NFC Research Lab, Hagenberg. E-Smart 2008, Sophia Antipolis

NFC in Android. Martijn Coenen

NFC. Technical Overview. Release r05

Training MIFARE SDK. Public. MobileKnowledge June 2015

Timo Müller NFC AND THE VEHICLE. TESTING THE LINUX NFC STACK. BMW Car IT GmbH

}w!"#$%&'()+,-./012345<ya

KonyOne Server Prerequisites _ MS SQL Server

DEVELOPING NFC APPS for BLACKBERRY

Using RFID Techniques for a Universal Identification Device

Use of NFC and QR code Identification in an Electronic Ticket System for Public Transport

NFC Test Challenges for Mobile Device Developers Presented by: Miguel Angel Guijarro

PN532 NFC RFID Module User Guide

Mobile Payment using HCE and mpoint payment gateway based on NFC enabled phones. AUTHOR : GRZEGORZ MILCARZ S111040

Mobile Electronic Payments

DESIGN SCIENCE IN NFC RESEARCH

Reverse engineering smart cards

Vulnerability Analysis and Attacks on NFC enabled Mobile Phones

Touch & Travel a SIM-based eticketing System

Loyalty Systems over Near Field Communication (NFC)

Communication between contactless readers and fare media

mcashier User Guide To accept payments To cancel a payment

Applying the NFC Secure Element in Mobile Identity Apps. RANDY VANDERHOOF Executive Director Smart Card Alliance

3. Software Installation. 4. Introduction to Android OS. 5. Using Android OS / Devices. 6. Eclipse debug with Android app. 8. Units of measurement

AN Quick Start Up Guide for EXPLORE NFC working with Raspberry Pi. Application note COMPANY PUBLIC. Rev December

Secure Automatic Ticketing System

Frequently Asked Questions

Type 2 Tag Operation Specification. Technical Specification T2TOP 1.1 NFC Forum TM NFCForum-TS-Type-2-Tag_

Dynamics CRM Tips and Tricks

Smartcards with Webservice Interface

Android Setup Phase 2

AN1305. MIFARE Classic as NFC Type MIFARE Classic Tag. Application note COMPANY PUBLIC. Rev October Document information

max firt.mobi martes 26 de julio de 11

NFC Tags & Solutions. Understanding Near Field Communication (NFC) Technology. Executive Summary

APPFORUM2014. Helping the developer community build next-generation, multi-platform apps. SCHAUMBURG, ILLINOIS SEPTEMBER 8-10

the future of mobile web by startech.ro

VMobile Talk User Guide

Users Guide. Exchange ActiveSync mail account Setup: mail1.t5.fi

Applying recent secure element relay attack scenarios to the real world: Google Wallet Relay Attack

Application of Near Field Communication Technology for Mobile Airline Ticketing

Abracon PTM Introduction to ANFCA Series Flexible Peel & Stick NFC Antennas

Using an NFC-equipped mobile phone as a token in physical access control

Smart Ride: European transit systems move to contactless mobile payments Trends and Developments, May 05, 2015

MobileConnect. Getting Started Guide

Important Bluetooth. and Software Considerations for Wireless Barcode Scanner Deployments

Storage Made Easy. Enterprise File Share and Sync Cloud Control Gateway

AN1304. NFC Type MIFARE Classic Tag Operation. Application note PUBLIC. Rev October Document information

Users Guide. Exchange ActiveSync mail account Setup: mail.t5.fi

SEEK project - Access to Secure Elements on Android. Frank Schäfer

Kony MobileFabric Messaging. Demo App QuickStart Guide. (Building a Sample Application

Your Mobile Phone as a Ticket (NFC)

Mobile Development Discovery Document

Integration Service Database. Installation Guide - Oracle. On-Premises

SmartWatch Eco/Eco Compact

Building native mobile apps for Digital Factory

An Analysis of Mobile Application Development Approaches

Bringing Mobile Payments to Market for an International Retailer

Logging NFC data on a Google Nexus S

Mobile Cloud Computing

A Secure and Open Solution for Seamless Transit Systems

Storage Made Easy Enterprise File Share and Sync (EFSS) Cloud Control Gateway Architecture

Cognizant Mobility Testing Lab. The faster, easier, more cost-effective way to test enterprise mobile apps.

NFC Mobile Handset High Level Requirements V2

NFC: Enabler for Innovative Mobility and Payment NFC: MOBILIDADE E MEIOS DE PAGAMENTO

Hacking your Droid ADITYA GUPTA

Contactless Payments with Mobile Wallets. Overview and Technology

Generic, Secure and Modular (GSM) Methodology for Design and Implementation of Secure Mobile Applications

The story so far: Teaching Mobile App Development at PG level at Londonmet

Android pay. Frequently asked questions

Database FAQs - SQL Server

More information >>> HERE <<<

Mobile Device Management and Security Glossary

NFC Windows Phone Applications. Development Guidelines

HP Cloud Printing. Rachel Tang, Market Development Manager 3 Dec, 2013

Introduction. Connection security

What Happens When You Press that Button? Explaining Cellebrite UFED Data Extraction Processes

Administering Jive Mobile Apps

Automatic Impedance Matching for MHz NFC Antennas

WHITEPAPER BEST PRACTICES IN MOBILE APPLICATION TESTING

AN Software Design Guide for POS Development Kit OM5597/RD2663. Rev August Application note COMPANY PUBLIC

AVG Business SSO Partner Getting Started Guide

Transcription:

An NFC Ticketing System with a new approach of an Inverse Reader Mode Christian Saminger, Stefan Grünberger and Josef Langer NFC University of Applied Sciences Upper Austria 5 th International Workshop on Near Field Communication February 5 th, 2013, Zurich, Switzerland

Agenda 1. Related Work 2. Intention of the Inverse Reader Mode 3. Introduction to the Inverse Reader Mode 4. Implementation 5. Conclusion and Future Work 6. Demonstration

Related Work Different approaches for place of ticket storage / way of identification Related Trials and current use RMV (Rhein-Main-Verkehrsverbund) Touch & Travel (German Railways) ÖBB (Austrian Federal Railways) mobilkom Austria / ÖBB in 2009 VDV Core Application Ticket storage phone storage phone storage SMS storage SE on phone SE on phone or smartcard

Intention of the Inverse Reader Mode Current ticketing systems use NFC enabled mobile phones in card emulation or peer-to-peer mode. Problems with card emulation mode: owner of the secure element vs. third party service provider restricted or no access to the secure element of the mobile phone in near future no changes regarding the accessibility of the secure element Problems with peer-to-peer mode: compatibility problems with different implementations (e.g. Symbian vs. Android) no access to the lower layers (APDU) on some operating systems (e.g. Windows Phone) on Android systems only Beam is available for peer-to-peer communication restricted implementation of the protocol layer (e.g. Android Beam) Problems with software emulated tags: only few implementations (e.g. RIM s Blackberry OS since version 7, Cyanogenmod)

Intention of the Inverse Reader Mode New approach: Inverse Reader Mode no secure element is needed on the mobile phone the mobile phone uses only the reader/writer mode, which works on all NFC enabled phones light-weight and well-established protocol stack (ISO/IEC 14443-4 and 7816-4) card emulation support is needed on the reader side

Introduction to the Inverse Reader Mode Overview of the Inverse Reader Mode Server communication APDU command APDU response Ticketing Server NFC Reader (card emulation mode) NFC Mobile Phone (reader/writer mode)

Implementation Implementation of a demonstrator to show the proof of concept Ticketing application on server side and Android App for the mobile phone NFC reader acts as RF-Frontend to exchange APDU commands Implemented by students of the University of Applied Sciences Upper Austria

Implementation Proof of Concept with: RF reader ACR 122U from Advanced Card System Ltd. or ADRB-232 from Identive Technologies integrated PN532 NFC chip proprietary interface to send native APDU commands to the chip supports the common open source NFC library libnfc, which provides a low level API supports the Integrated Circuit Cards Interface Device Protocol (CCID) for APDU exchange Samsung Nexus S and Galaxy Nexus Android operating system operating in reader/writer mode secure element is not needed ticketing app Standard Personal Computer as ticketing server

Implementation Validation Process: NFC reader / Server Application NFC mobile phone Initialization routine according to ISO/IEC 14443 Identification of the ticketing server by the mobile phone Mobile phone sends ticket identifier to server for validation Mobile phone sends ticket date to server Ticketing server checks the ticket and ticket date and sets the valid flag If the ticket was valid the ticketing server grants access Mobile phone reads the valid flag and moves the ticket to consumed folder All file identifiers of the ticketing server will be set to their default values and the consumed ticket will be set to invalid Initialization routine GetStationID (SELECT DF and READ BINARY) SendStationID (READ BINARY RESPONSE) SendTicketID (SELECT DF and WRITE BINARY) ACK (WRITE BINARY RESPONSE) SendTicketDate (SELECT DF and WRITE BINARY) ACK (WRITE BINARY RESPONSE) IsValid (SELECT DF and READ BINARY) SendValidInfo (READ BINARY RESPONSE)

Implementation: Mobile Application Android App of the Ticketing System Use of NDEF Type 4 messages to exchange ticket information Initialization of ticket validation by touching the reader Basic functionality: ticket validation process showing results with message boxes list of valid and validated tickets detail information of events Tested on Galaxy Nexus Nexus S

Implementation: Mobile Application Ticket validation with the ticketing app on the mobile phone Valid ticket was found for the event, ticket will be validated No valid ticket was found on the mobile phone Touching the reader initiates the ticketing process on the phone

Implementation: Server Application Reader connection using library libnfc Validation of tickets List of all tickets with details

Conclusion and Future Work Alternative to the card emulation mode Avoiding the access restrictions of the secure element A demonstrator was implemented to show the proof of concept Next steps will be the improvements of the concept for ticketing systems Until now security was not considered in detail Evaluation of other areas to use the inverse reader mode

Thank You! NFC University of Applied Sciences Upper Austria lab (at) nfc-research.at

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information