Smart Tokens: Tags, smart phones and everything in between. Dr Gerhard Hancke Information Security Group
|
|
- Rolf Jones
- 5 years ago
- Views:
Transcription
1 Smart Tokens: Tags, smart phones and everything in between Dr Gerhard Hancke Information Security Group
2 Royal Holloway (RHUL) Royal Holloway founded in 1879 by Victorian entrepreneur Thomas Holloway, also as a college for women. Queen Victoria presided over the opening ceremony in Over 8,500 students from over 100 countries Approximately 20% are postgraduates Faculties of Science, Arts & Social Sciences, Management & Economics 1,525 members of staff
3 The Information Security Group Computer scientists, engineers, mathematicians and social scientists Interdisciplinary research with strong links to industry ISG Members 18 Academic staff 8 Visiting Staff (Fellows and Professors) 4 Expert Consultants 45+ PhD Students and Research Assistants 1998 Queens Anniversary Prize In recognition of the contribution the ISG made in training information security specialists, developing secure systems and providing expertise of national importance. The Da Vinci Code Heroine Sophie Neveu learned her excellent code breaking and information security skills at the ISG
4 MSc in Information Security Information Security MSc launched at RHUL in 1992 Balanced and broad curriculum technical and non-technical Diverse student backgrounds: Wide range of ages Inexperienced or experienced in field of security Different academic/work background Full-time, part-time and diploma (CPD) Between 100 and 180 new students each year Students from over 40 countries have taken one of our MSc degrees Over 1600 graduates, most now working in industry Over 40 companies contribute to the MSc
5 The Smart Card Centre The ISG Smart Card Centre was founded in October 2002 A World-Wide centre of Excellence for training and research in the field of Smart Cards, applications and related technologies. The SCC currently has three members of staff and 7 PhD researchers. RFID and Showcase Labs Support an MSc module on Smart Cards, Tokens, Security and Applications 24+ MSc project students each year working on mobile, RFID and smart cards Konstantinos Markantonakis 5
6 Strong Industry Support Full Members Founding Members Associate Members Other industry supporters
7 Smart Card becomes Smart Token Not so long ago we had a good idea what a smart card was.. no longer a card!
8 RFID and contact less technology RFID technologies used to be Reader and passive tag Single application Closed system Low value Now a core Internet of Things technology A variety of devices need to communicate Devices may have no/limited prior relationship Multiple applications within open systems Security sensitive applications Access control, eid, payment, asset tracking RFID/contactless security therefore important! 8
9 RFID security issues does attract interest 9
10 Practical RFID/contactless security issues Contactless tokens are still smart tokens Susceptible to attacks demonstrated on contact tokens Cloning, side channel and tampering Systems with proprietary security algorithms Security through obscurity strength is that it is secret Reverse engineering attempts Protocol weaknesses Back-end security Middleware attacks incorrect configurations/sql injection/malware It is has a radio interface Eavesdropping Skimming Relay attacks 10
11 History of Near Field Communication (NFC) Initiative started by NXP, Sony and Nokia Allows for active devices to interact with contactless infrastructure Vision of smart cards towards smart devices Selling point is intuitive and fast user experience Today NFC is managed by NFC Forum (formed 2004) 130+ members Standards and specifications Promoting and developing the NFC ecosystem Product certification Many large organization do work related to NFC EMVCo GlobalPlatform ETSI Mobey Forum GSM Association Smart Card Alliance 11
12 Top of the Hype Curve! Hype Cycle Emerging Technologies, Gartner, July
13 Basic NFC Functionality Modes of operation Passive Communication Device acts as contactless reader Device acts as contactless token Active Communication Peer to peer mode Envisioned uses Payment Ticketing (including loyalty and coupons) eid Access control Ad-hoc interaction with objects Communication setup 13
14 NFC Mobile Platforms and Handset Availability No progress for a while. OS support Android 2.3.x (Google Nexus X) Samsung Bada OS 2.0 (Toco Lite) Symbian^3 (Nokia C7) Blackberry OS 7.0 (Bold 9900/30) Cross platform Qt J2ME 14
15 Basic Mobile NFC Architecture NFC module Antenna (built in or external) Untrusted application area Normal program area of phone AEE: Application Execution Environment Secure Element (SE) TEE: Trusted Execution Environment 15
16 The Secure Element Mobile handset is not a trusted platform Needs additional trusted security component SE is intended to be the security core of NFC Tamper resistance Security mechanisms SE should facilitate two key services Secure execution of sensitive applications Secure management of applications Different SE implementations UICC Embedded SD memory Hybrid RIM
17 Application Management on the SE Differs from the conventional smart card approach The token cannot be fully initialised and personalised before the user gets it Handset could be sold with initialised applications, but not personalised User requests services after getting handset (not initialised or personalised) The SE does not belong to the application provider Application provider does not hold the management keyset Needs assistance to manage the application Most use cases involve applications from multiple issuers Cannot provide management keyset to each one trust issues Applications therefore need to be managed post-issuance OTA management the only option Use of a Trusted Service Manager 17
18 Citizen-Centric Tokens Traditionally tokens are issuer centric The issuer controls the content on its token SCC working on citizen-centric card/token/device issuing model Stepping away from issuer centric issuing models Enable users to buy the devices from wherever they want These device will have some certifiable security functionality Users manage service through these devices Dynamically request services from application providers Free to install and delete applications as they wish Examples Transport multi-city travel Loyalty install loyalty applications from multiple vendors
19 Research in NFC Application Security NFC security is left to the application designer No formal security standards (apart from the Signature Record Type) Research scope includes Security of the NFC architecture Secure element (physical, access, interconnect) Application provisioning and management (OTA) Security of the remaining mobile phone platform Generally accepted to be an untrusted platform System and application security (vulnerabilities) UICC caters for communication security not applications Contactless system security Token and back-end infrastructure 19
20 Platform Architecture Research Issues Use of SE only clearly defined for NFC card emulation SE not used for P2P or reader applications How can other NFC and non-nfc applications leverage SE security functionality? Open SE architecture vs. closed SE architecture Role of Trusted Service Manager (TSM) well defined Trust relationship between TSM, SE Provider and other entities? Open SE promotes development but has security risks Protocols for limited memory and processing? SE is essentially a conventional smart token Any security function must still preserve user experience Paradigm shift SE along with a mobile phone a very powerful token 20
21 Issues with contactless tag interaction Easy to manipulate tag s content NDEF Signature Record intended to prevent this but not secure. Simple attack scenario Smart poster advertising for X directs you to Y (premium rate service) Advanced attack scenarios Website spoofing and redirecting traffic through proxies RFID Malware (infects mobile, propagates by writing to tags the phone reads) Denial of service Data integrity and tag authentication approaches needed! 21
22 NFC Device as Attack Platform Current attacks seem to use a lot of custom built kit. Use and existing NFC device as attack platform Skimming Sacrifice extended range reading It is mobile, small and not suspicious Card emulation It is an acceptable form factor More so than a blank, white card An open development platform Anyone can write phone as a reader applications Embedded secure elements are unlockable Existing APIs and developers fora 22
23 Relay Attacks Attacker s equipment Smart Token Proxy Reader Relay Channel Proxy Token Token Reader The attack theory is well known, i.e. grand master chess problem (Conway 1976), wormhole attacks Missed in most RFID threat models The reader cannot distinguish between the real token and the proxy-token Attack circumvents application layer security mechanisms Time-outs specified in standards, implemented at application layer too slow 23
24 Passive Relay 24
25 Off-the-shelf relay attacks? Relays with NFC-enabled devices have been demonstrated Attacker only writes software (there are open source examples) Possible weakness is the form factor and response time NFC-enabled phones are in theory an ideal platform.? 25
26 ISG and SCC Open Days ISCC Open Day September Networking and exhibition event for SCC sponsors, supporters and guests from industry, government and academia. Exhibition a 50:50 split of industry and SCC postgraduate student exhibits, concluded with invited keynote speaker. Hewlett-Packard Colloquium on Information Security - December Networking event for industry, academia and government. Exhibits together with several prestigious keynote seminars. if you would like to receive an inivitation please get in touch
27 Thank You Dr Gerhard Hancke Information Security Group Smart Card Centre Get in touch
Attacks on NFC enabled phones and their countermeasures
Attacks on NFC enabled phones and their countermeasures Arpit Jain: 113050028 September 3, 2012 Philosophy This survey explains NFC, its utility in real world, various attacks possible in NFC enabled phones
More informationContents. Preface. Acknowledgments. xxiii. List of Acronyms i xxv
Preface xv Acknowledgments. xxiii List of Acronyms i xxv 1 Executive Summary 1 1.1 Towards NFC Era 2 1.1.1 Ubiquitous Computing 2 1.1.2 Mobile Phones 3 1.1.3 Technological Motivation of NFC 4 1.1.4 Wireless
More informationConsidering the Security of Mobile Commerce and Banking. Professor Keith Mayes Information Security Group ACE-CSR
Considering the Security of Mobile Commerce and Banking Professor Keith Mayes Information Security Group ACE-CSR Information Security Group (ISG) Established 1992 17 Full-time Academics, 8+ Research Assistants
More informationSecure Elements 101. Sree Swaminathan Director Product Development, First Data
Secure Elements 101 Sree Swaminathan Director Product Development, First Data Secure Elements Secure Element is a tamper resistant Smart Card chip that facilitates the secure storage and transaction of
More informationISG Seminar 3 rd November Agenda for Lecture. Smart Cards with Contacts. Contact-less Smart Cards. From Smart Cards to NFC Smart Phone Security
ISG Seminar 3 rd November 2011 From Smart Cards to NFC Smart Phone Security Keith Mayes ISG Smart Card Centre (SCC) www.scc.rhul.ac.uk www.isg.rhul.ac.uk keith.mayes@rhul.ac.uk Agenda for Lecture Evolution
More informationGSM Association (GSMA) Mobile Ticketing Initiative
GSM Association (GSMA) Mobile Ticketing Initiative Sue Monahan Director - GSMA NA Clif Campbell Lead Member of Technical Staff AT&T April 2010 Content GSM World Today GSMA Overview GSMA M-Ticketing Initiative
More informationMobile NFC Services Opportunities & Challenges. NGUYEN Anh Ton VNTelecom Conference 31/10/2010
Mobile NFC Services Opportunities & Challenges NGUYEN Anh Ton VNTelecom Conference 31/10/2010 Agenda 1. Introduction 2. Mobile NFC Overview 3. NFC Ecosystem Key Findings 4. Main NFC challenges 5. What
More informationNext steps for NFC and mobile wallets
Next steps for NFC and mobile wallets PSE Consulting Merchant Acquiring Conference Mike Hendry Payment Systems Consultant Mike Hendry Page 1 1 Next steps for NFC and mobile wallets State of the (dis-)
More informationNEAR FIELD COMMUNICATION - THE FUTURE TECHNOLOGY FOR AN INTERACTIVE WORLD
Int. J. Engg. Res. & Sci. & Tech. 2013 Jignesh Patel and Badal Kothari, 2013 Research Paper ISSN 2319-5991 www.ijerst.com Vol. 2, No. 2, May 2013 2013 IJERST. All Rights Reserved NEAR FIELD COMMUNICATION
More informationPreface. Structure of the Book
When the first edition of this book was published back in 2008, the scope was anything to do with smart cards and security tokens in the widest sense. The aim was in fact to provide a complete story, looking
More informationDigital Payments Security Discussion Secure Element (SE) vs Host Card Emulation (HCE) 15 October Frazier D. Evans
Digital Payments Security Discussion Secure Element (SE) vs Host Card Emulation (HCE) 15 October 2014 Frazier D. Evans Evans_Frazier@bah.com There are four key areas that need to be investigated when talking
More informationMobile Devices as Identity Carriers. Pre Conference Workshop October 14 th 2013
Mobile Devices as Identity Carriers Pre Conference Workshop October 14 th 2013 Mobile Market Worldwide Smartphones Market by OS (in thousands of units) 1,400,000 1,200,000 1,000,000 800,000 600,000 400,000
More informationThe Innovation Connection: How NFC is Driving New Global Opportunities. Koichi Tagawa Sony Chairman, NFC Forum
The Innovation Connection: How NFC is Driving New Global Opportunities Koichi Tagawa Sony Chairman, NFC Forum NFC World Congress September 19, 2011 Marketplace Situation 2 Global Market Developments Business
More informationNFC embedded microsd smart Card - Mobile ticketing opportunities in Transit
NFC embedded microsd smart Card - Mobile ticketing opportunities in Transit July 2017 By: www.smk-logomotion.com Introduction Presentation is describing NFC enabled microsd smart card (LGM Card) Technical
More informationSecure Element APIs and Practical Attacks on Secure Element-enabled Mobile Devices
Secure Element APIs and Practical Attacks on Secure Element-enabled Mobile Devices Michael Roland University it of Applied Sciences Upper Austria,, Austria WIMA 2012 NFC Research Track 11 April 2012, Monaco
More informationPractical Attack Scenarios on Secure Element-enabled Mobile Devices
Practical Attack Scenarios on Secure Element-enabled Mobile Devices Michael Roland University it of Applied Sciences Upper Austria,, Austria 4 th International Workshop on Near Field Communication 13 March
More informationHCE security implications. Analyzing the security aspects of HCE
HCE security implications Analyzing the security aspects of HCE January 8th, 2014 White paper - HCE security implications, analyzing the security aspects of HCE HCE security implications About the authors:
More informationA Novel Scheme for On-demand Distribution of Secure Element Keys
A Novel Scheme for On-demand Distribution of Secure Element Keys Vincent Alimi Normandie Univ, France UNICAEN, ENSICAEN, GREYC CNRS, UMR 6072 F-14032 Caen, France fvincent.alimi@ensicaen.fr ABSTRACT: The
More informationSecure Over-The-Air Services in NFC Ecosystems
Secure Over-The-Air Services in NFC Ecosystems Sirpa Nordlund Venyon Hagenberg March 20th, 2007 Contents of the presentation 1. Building up NFC ecosystem 2. Trusted third party and value proposition 3.
More informationLeveraging the full potential of NFC to reinvent physical access control. Friday seminar,
Leveraging the full potential of NFC to reinvent physical access control Wireless@KTH Friday seminar, 2012-08-31 NFC (Near Field Communication) A new radio communication technology for mobile phones Uses
More informationMobile Payments Building the NFC Ecosystem
Mobile Payments Smart Card Alliance / NFC Forum Joint Workshop Building the NFC Ecosystem 2010 Smart Card Alliance Annual Conference Peter Preuss Nokia Chairman, NFC Forum Marketing Committee Cooperation
More informationSEPA goes Mobile Dr. Marijke De Soete ETSI Security Workshop January 2011 Sophia Antipolis, France
www.europeanpaymentscouncil.eu SEPA goes Mobile Dr. Marijke De Soete ETSI Security Workshop 2011 19-20 January 2011 Sophia Antipolis, France Global mobile subscribers (millions) Mobile phone: some statistics
More informationThe NFC Forum NFC Technology for Developers
The NFC Forum NFC Technology for Developers 7 October 2008 Audio Tips All audio comes through your computer Use your computer mixer to adjust master volume Use Webcast reader audio slide top center of
More informationHOW TO INTEGRATE NFC CONTROLLERS IN LINUX
HOW TO INTEGRATE NFC CONTROLLERS IN LINUX JORDI JOFRE NFC READERS NFC EVERYWHERE 28/09/2017 WEBINAR SERIES: NFC SOFTWARE INTEGRATION PUBLIC Agenda NFC software integration webinar series Session I, 14th
More informationNatural Security Alliance
Natural Security Alliance Business model and pilot projects ITU 14 & 15 October 2014 Philippe'Batard' Batard&&&Partners' Summary Natural Security Alliance: an initiative from retailers and banks The solution
More informationThe Open Application Platform for Secure Elements.
The Open Application Platform for Secure Elements. Java Card enables secure elements, such as smart cards and other tamper-resistant security chips, to host applications, called applets, which employ Java
More informationDr. Char-Shin Miou Chunghwa Telecom. Co. April 7, 2011
Mobile Security Application Current Status Overview in Taiwan Dr. Char-Shin Miou Chunghwa Telecom. Co. April 7, 2011 Content Problems and Current Status Approach for the Mobile Security Application Mobile
More informationNFC Identity and Access Control
NFC Identity and Access Control Peter Cattaneo Vice President, Business Development Agenda Basics NFC User Interactions Architecture (F)ICAM Physical Access Logical Access Future Evolution 2 NFC Identity
More informationAdvances with Osaifu-Keitai Starting Services Supporting NFC (Type A/B) on NTT DOCOMO UIM Cards. contactless IC cards that is being adopted
Type A/B GP TSM Advances with Osaifu-Keitai Starting Services Supporting NFC (Type A/B) on NTT DOCOMO UIM Cards The Osaifu-Keitai service currently being provided in Japan is based on the FeliCa *1 mobile
More informationBuilding Digital Key Solution for Automotive
Building Digital Key Solution for Automotive Content Overview Use Cases Unlocking Use Cases Key Provisioning Use Cases Key Sharing Use Cases Key Properties High Level Architecture and Related Standards
More informationA Role-Based Service Level NFC Ecosystem Model
A Role-Based Service Level NFC Ecosystem Model Kerem Ok, Vedat Coskun, Busra Ozdenizci, Mehmet N. Aydin This is the author copy of the paper " A Role-Based Service Level NFC Ecosystem Model". For the latest
More informationMobile/NFC Security Fundamentals. Secure Elements 101. Smart Card Alliance Webinar March 28, 2013
Mobile/NFC Security Fundamentals Secure Elements 101 Smart Card Alliance Webinar March 28, 2013 Introductions Brent Bowen, INSIDE Secure Chair, Mobile & NFC Council, Smart Card Alliance Mobile & NFC Council
More informationForging the Link Between Global Interoperability and New Business Opportunities
Forging the Link Between Global Interoperability and New Business Opportunities Debbie Arnold Director, NFC Forum WIMA USA November 30, 2011 Marketplace Situation 2 NFC Forum Google Hits Awareness of NFCIncreasing
More informationAdvances in NFC & Mobile Payments Trials and Technology
Smart Card Alliance 2006 Annual Conference Advances in NFC & Mobile Payments Trials and Technology Mohammad Khan President, ViVOtech October 3, 2006 T H E L Y D I A N R O U N D T A B L E ViVOtech We enable
More informationVerizon Software Defined Perimeter (SDP).
Verizon Software Defined Perimeter (). 1 Introduction. For the past decade, perimeter security was built on a foundation of Firewall, network access control (NAC) and virtual private network (VPN) appliances.
More informationState of US Mobile Payments (NFC)
State of US Mobile Payments (NFC) (NFC State of the Industry Panel) Chandra Srivastava Business Leader, Visa SCA Mobile & NFC Council 2013 Payments Summit February 6, 2013 Draft - For Discussion Only 1
More informationConnecting to the future ELATEC RFID SYSTEMS
Connecting to the future ELATEC RFID SYSTEMS ELATEC GmbH Enabling success RFID SYSTEMS Focus on the goal Adaptable to our customer s requirements, Elatec products and technologies are the core that has
More informationebook - TRUSTED esim TESTING FRAMEWORK - June 2016 BUILDING A TRUSTED EMBEDDED SIM TESTING FRAMEWORK IN THE AGE OF IOT
ebook - TRUSTED esim TESTING FRAMEWORK - June 2016 BUILDING A TRUSTED EMBEDDED SIM TESTING FRAMEWORK IN THE AGE OF IOT INTRODUCTION 3 INTRODUCTION The launch of the GSMA s Embedded SIM Specification, together
More informationTCG activities on Mobile Security standardization. Mr. Janne Uusilehto, Nokia Chairman, TCG MPWG Embedded Security Seminar September 12, 2005
TCG activities on Mobile Security standardization Mr. Janne Uusilehto, Nokia Chairman, TCG MPWG Embedded Security Seminar September 12, 2005 1 Trusted Computing Definition Hardware and Software behave
More informationManaging an NFC Ecosystem
Managing an NFC Ecosystem Gerald Madlmayr NFC, ICMB 2008, Barcelona 1 NFC - What is it all about RFID Derivate 13,56 Mhz Integrated in mobile devices for consumer market Operating Modes Tag/SmartCard Emulation
More informationGSMA Embedded SIM for Connected Cars
GSMA Embedded SIM for Connected Cars C-ITS ronde tafel Security 10 mei 2016 Arjan Geluk UL Software & Security UL and the UL logo are trademarks of UL LLC 2016 1 Arjan Geluk - bio Principal Advisor, Software
More informationACR1252U. NFC Forum Certified Reader. Technical Specifications V1.03. Subject to change without prior notice.
ACR1252U NFC Forum Certified Reader Technical Specifications V1.03 Subject to change without prior notice Table of Contents 1.0. Introduction... 3 2.0. Features... 4 3.0. Typical Applications... 5 4.0.
More informationA Proposed e-payment Service for Visually Disabled
IJCSNS International Journal of Computer Science and Network Security, VOL.17 No.5, May 2017 253 A Proposed e-payment Service for Visually Disabled Gamal H. Eladl 1 1 Information Systems Department, Faculty
More informationRelay Attacks on Secure Elementenabled
Relay Attacks on Secure Elementenabled Mobile Devices Virtual Pickpocketing Revisited Michael Roland University of Applied Sciences Upper Austria,, Austria SEC2012 IFIP International Information Security
More informationMultifunctional Identifiers ESMART Access
AIR TAG Multifunctional Identifiers ESMART Access Contents ESMART Access technology 4 Key advantages of ESMART Access 6 Multifunctional identifiers ESMART Access 8 AIRTAG RFID keyfobs 9 Silicone RFID
More informationSoftware Card Emulation in NFC-enabled Mobile Phones: Great Advantage or Security Nightmare?
Software Card Emulation in NFC-enabled Mobile Phones: Great Advantage or Security Nightmare? Michael Roland University of Applied Sciences Upper Austria,, Austria IWSSISPMU2012 International Workshop on
More informationBluetooth: What does it really do and will it be replaced?
Bluetooth: What does it really do and will it be replaced? By James Rogerson January 29, 2014Mobile phones A look at the ins and outs of Bluetooth and what its future hold Bluetooth is old and it might
More informationNFC ESSENTIALS JORDI JOFRE NFC EVERYWHERE MARCH 2018 PUBLIC
NFC ESSENTIALS JORDI JOFRE NFC EVERYWHERE MARCH 2018 PUBLIC Learn all about NFC Session I, 15th March NFC applications and use cases https://attendee.gotowebinar.com/rt/1059402932312036099 Session II,
More informationMobile Banking and Payments Emerging Trends and Opportunities
Mobile Banking and Payments Emerging Trends and Opportunities VIDEO 2 Introductions Barry O Connell Banking and Payments Strategy Barry focuses on customer, product and channel strategy for banks and payments
More informationNFC Forum Specifications to Build Solutions and Ensure the Global Interoperability of NFC. John Hillan Qualcomm (UK) Ltd. Chair, Technical Committee
NFC Forum Specifications to Build Solutions and Ensure the Global Interoperability of NFC John Hillan Qualcomm (UK) Ltd. Chair, Technical Committee 28th September, 2012 NFC Forum Mission and Goals The
More informationARM European Technical Symposium The security challenges that IoT and Mobile Computing Devices are facing. Pierre Garnier, COO
ARM European Technical Symposium The security challenges that IoT and Mobile Computing Devices are facing Pierre Garnier, COO 1 INVESTORS INSIDE Secure PRESENTATION ARM European Technical SEPTEMBER Symposium
More informationNFC Service Launch in Hong Kong. Alex Kun SVP, Product Development and Management Wireless Business
NFC Service Launch in Hong Kong Alex Kun SVP, Product Development and Management Wireless Business 25-06-2013 Latest Contactless Development Landscape Octopus in Hong Kong 21 million cards issued Acceptance
More informationDigital Signature Records for the NFC Data Exchange Format
Digital Signature Records for the NFC Data Exchange Format Michael Roland Upper Austria University of Applied Sciences,, Austria 2 nd International Workshop on Near Field Communication 20 April 2010, Monaco
More informationA Secure and Practical Key Management Mechanism for NFC Read-Write Mode
Journal of Computational Information Systems 7: 11 (2011) 3819-3828 Available at http://www.jofcis.com A Secure and Practical Key Management Mechanism for NFC Read-Write Mode Hsu-Chen CHENG, Wen-Wei LIAO,
More informationA Secure and Practical Key Management Mechanism for NFC Read-Write Mode
A Secure and Practical Key Management Mechanism for NFC Read-Write Mode Hsu-Chen Cheng, *Wen-Wei Liao, Tian-Yow Chi, Siao-Yun Wei Department of Information and Management, Chinese Culture University, Taipei,
More informationImplementation Strategy for Cybersecurity Workshop ITU 2016
Implementation Strategy for Cybersecurity Workshop ITU 2016 Council for Scientific and Industrial Research Joey Jansen van Vuuren Intricacies and interdependencies cyber policies must address potential
More informationBeyond Payment: Secure NFC applications and their relation to RFID
Powering the trusted identities of the world s people, places & things Beyond Payment: Secure NFC applications and their relation to RFID Richard Aufreiter, Director Product Management - IDT June 27, 2017
More informationGlobalPlatform Trusted Execution Environment (TEE) for Mobile
GlobalPlatform Trusted Execution Environment (TEE) for Mobile Kevin Gillick Executive Director, GlobalPlatform @GlobalPlatform_ www.linkedin.com/company/globalplatform GlobalPlatform Overview GlobalPlatform
More informationThe GP Composition Model Maximizing the Efficiency of Security Certifications
The GP Composition Model Maximizing the Efficiency of Security Certifications 11th ICCC Antalya, 21-23 September 2010 Authors: Mestiri S. Oberthur Technologies; Chetali B. Gemalto; Loiseaux C. Trusted
More informationInformation Technology
Information Technology Company Profile 2 About Training Solutions Enterprise Solutions Infocan Infocan was established in 1989 with the mission of providing quality, professional, effective and practical
More informationNFC Application Ecosystems: Introduction, Peer-to-Peer, NFC Tags/Posters and Product Label Applications
NFC Application Ecosystems: Introduction, Peer-to-Peer, NFC Tags/Posters and Product Label Applications Smart Card Alliance Mobile & NFC Council Webinar September 27, 2012 Introductions Brent Bowen, INSIDE
More informationAn Overview of Mobile Security
An Overview of Mobile Security Dr. Fan Wu Professor, Department of Computer Science, College of Business and Information Science (CBIS) Director, Center of Information Assurance Education (CIAE) Interim
More informationNFC Equipped Smartphones
NFC Equipped Smartphones A two-edged sword for library RFID systems VALA Conference 2014 www.sybis.com.au NFC equipped Smartphones NFC Card Emulation Mode Near Field Communications n A form of RFID contactless
More informationStrategies for the Implementation of PIV I Secure Identity Credentials
Strategies for the Implementation of PIV I Secure Identity Credentials A Smart Card Alliance Educational Institute Workshop PIV Technology and Policy Requirements Steve Rogers President & CEO 9 th Annual
More informationMobile Payment Security
Mobile Payment Security What it means and how to implement it Macroeconomics of Mobile Money Columbia University Apr. 2, 2010 Hadi Nahari Principal Security & Mobile Architect PayPal, Inc. an ebay Company
More informationNear Field Communication: IoT with NFC. Dominik Gruntz Fachhochschule Nordwestschweiz Institut für Mobile und Verteilte Systeme
Near Field Communication: IoT with NFC Dominik Gruntz Institut für Mobile und Verteilte Systeme NFC Experience at FHNW 2005/06 First NFC demonstrator (with Siemens CX70 Emoty) NFC was included in a removable
More informationcryptovision s Government Solutions Adam Ross, Ben Drisch cryptovision GmbH
cryptovision s Government Solutions Adam Ross, Ben Drisch cryptovision GmbH cv cryptovision GmbH T: +49 (0) 209.167-24 50 F: +49 (0) 209.167-24 61 info(at)cryptovision.com 1 cryptovision cryptovision Gelsenkirchen
More informationSmart cards are made of plastic, usually polyvinyl chloride. The card may embed a hologram to prevent counterfeiting. Smart cards provide strong
Smart Cards By: Definition Smart cards, chip card, or integrated circuit card (ICC) are card with embedded integrated circuits that contain a computer chip capable of carrying out a cryptographic protocol.
More informationCan eid card make life easier and more secure? Michal Ševčík Industry Solution Consultant Hewlett-Packard, Slovakia ITAPA, November 9 th, 2010
Can eid card make life easier and more secure? Michal Ševčík Industry Solution Consultant Hewlett-Packard, Slovakia ITAPA, November 9 th, 2010 Content eid Primary Functions eid Privacy Features and Security
More informationNIS Platform Working Group 3 Individuals Digital Rights and Capabilities. Dr. Gisela Meister April
NIS Platform Working Group 3 Individuals Digital Rights and Capabilities Dr. Gisela Meister April 08-2014 AoI 1: Individuals Digital Rights and Capabilities AoI 1 s vision is that individuals needs and
More informationCIW: Web Security Associate. Course Outline. CIW: Web Security Associate. 12 Oct ( Add-On )
Course Outline 12 Oct 2018 ( Add-On ) Contents 1. Course Objective 2. Pre-Assessment 3. Exercises, Quizzes, Flashcards & Glossary Number of Questions 4. Expert Instructor-Led Training 5. ADA Compliant
More informationAndrew Griffin Member of Mobile Wallet Taskforce, Mobey Forum
Andrew Griffin Member of Mobile Wallet Taskforce, Mobey Forum andrew.griffin@monitise.com Director of Market Intelligence, Monitise Future Payments 2013, May 15-16, London. Global, bank-led cross-industry
More informationAuthentication Technology for a Smart eid Infrastructure.
Authentication Technology for a Smart eid Infrastructure. www.aducid.com One app to access all public and private sector online services. One registration allows users to access all their online accounts
More informationEUROPEAN CAMPUS CARD ASSOCIATION. Current State-of-the-Art in Campus Card Systems
EUROPEAN CAMPUS CARD ASSOCIATION Current State-of-the-Art in Campus Card Systems Commissioned by the European Campus Card Association in May 2016, the survey reflects the views and opinions of 181 educational
More informationLinux NFC Subsystem. Lauro Ramos Venancio Samuel Ortiz 2011, September 9th
Lauro Ramos Venancio Samuel Ortiz 2011, September 9th What is NFC? NFC means Near Field Communication It is a short-range wireless communication It operates at 13.56 MHz Data rates from 106 kbits/s to
More informationIntroduction to Device Trust Architecture
Introduction to Device Trust Architecture July 2018 www.globalplatform.org 2018 GlobalPlatform, Inc. THE TECHNOLOGY The Device Trust Architecture is a security framework which shows how GlobalPlatform
More informationProducts and solutions for Secure Wearables
Products and solutions for Secure Wearables Content Introduction... 3 Security... 4 Secure element and integrated NFC boosted solutions for wearable devices... 4 Secure element... 5 NFC booster and nfc
More informationNFC Technology Overview Jonathan Main MasterCard Worldwide Chairman, Technical Committee
NFC Technology Overview Jonathan Main MasterCard Worldwide Chairman, Technical Committee September 2009 Agenda Review of Use Cases Architecture Overview Relationship to Other Standards Status of NFC Forum
More informationLet s Hack NFC. How does NFC work? How could we hack it? Where are the weaknesses? What are the security implications?
Geoffrey Vaughan Let s Hack NFC How does NFC work? How could we hack it? Where are the weaknesses? What are the security implications? Security Compass and NFC Currently we are devoting a lot of energy
More informationNFC in the PC environment
NFC in the PC environment Kurt Schmid March 2007 1 ITG within ASSA ABLOY A multi-national group Some 30,000 employees HQ: Stockholm, Sweden Global Technologies Group Entrance System Group Americas EMEA
More informationGlobal Trade Professionals Alliance (GTPA) Creating an international standard for trade professionals, businesses & consulting services
Global Trade Professionals Alliance (GTPA) Creating an international standard for trade professionals, businesses & consulting services Our goal is to bring people and organisations together Improve professional
More informationSafeNet MobilePKI for BlackBerry V1.2. Administration Guide
SafeNet MobilePKI for BlackBerry V1.2 Administration Guide All information herein is either public information or is the property of and owned solely by Gemalto NV and/or its subsidiaries who shall have
More informationINNOVATIVE IT- SECURITY FOR THE BANKING AND PAYMENT INDUSTRY
INNOVATIVE IT- SECURITY FOR THE BANKING AND PAYMENT INDUSTRY Verisec is a Swedish IT-security company specialized in digital identity and information security solutions for the banking and payments industry.
More informationSecurity Vulnerabilities of the NDEF Signature Record Type
Security Vulnerabilities of the NDEF Signature Record Type Michael Roland Upper Austria University it of Applied Sciences,, Austria 3 rd International Workshop on Near Field Communication 22 February 2011,,
More informationMasterCard NFC Mobile Device Approval Guide v July 2015
MasterCard NFC Mobile Device Approval Guide v2.0 30 July 2015 Notices Following are policies pertaining to proprietary rights, trademarks, translations, and details about the availability of additional
More informationOpen Mobile API The enabler of Mobile ID solutions. Alexander Summerer, Giesecke & Devrient 30th Oct. 2014
The enabler of solutions Alexander Summerer, Giesecke & Devrient 30th Oct. 2014 SIMalliance Allows usage of Secure Elements in Mobile Devices Designed for Open Handset OS platforms Common API for Apps
More informationFIDO AND PAYMENTS AUTHENTICATION. Philip Andreae Vice President Oberthur Technologies
FIDO AND PAYMENTS AUTHENTICATION Philip Andreae Vice President Oberthur Technologies The Problem The Solution The Alliance Updates Data Breaches 781 data breaches in 2015 170 million records in 2015 (up
More informationDeliverable D3.5 Harmonised e-authentication architecture in collaboration with STORK platform (M40) ATTPS. Achieving The Trust Paradigm Shift
Deliverable D3.5 Harmonised e-authentication architecture in collaboration with STORK platform (M40) Version 1.0 Author: Bharadwaj Pulugundla (Verizon) 25.10.2015 Table of content 1. Introduction... 3
More informationGSMA Embedded SIM 9 th December Accelerating growth and operational efficiency in the M2M world
GSMA Embedded SIM 9 th December 2013 Purpose of this Reference Messaging Pack Appropriate slides may be selected to used for within different presentations for multiple audiences To provide consistent
More informationMOBILE APPLICATION TESTING CHALLENGES
As per Gartner, by YE18, 55% of bank customers in developed markets will use wearable devices to interact with their banks THE MOBILE CHANNEL - A GAME-CHANGER ACROSS THE BANKING INDUSTRY The mobile channel
More informationCurrent Benefits and Future Directions of NFC Services
Current Benefits and Future Directions of NFC Services Kerem Ok, Vedat Coskun, Mehmet N. Aydin, Busra Ozdenizci www.nfclab.com ISIK University, Istanbul ICEMT 2010 International Conference on Education
More informationSecurity in NFC Readers
Security in Readers Public Content and security, a different kind of wireless Under the hood of based systems Enhancing the security of an architecture Secure data exchange Information security goals Cryptographic
More informationThe UICC. Recent Work of SCP and Related Security Aspects. Dr. Klaus Vedder Chairman ETSI TC SCP
The UICC Recent Work of SCP and Related Security Aspects Dr. Klaus Vedder Chairman ETSI TC SCP Footer text (edit in View : Header and Footer) 5 th ETSI Security WS Sophia Antipolis, France 20-22 January
More informationEmerging Wireless Networks: Challenges and Perspectives
Emerging Wireless Networks: Challenges and Perspectives 10:00 Welcome Giuseppe Araniti, Assistant Professor in Telecommunication, DIIES Dep., University Mediterranea of Reggio Calabria, Italy 10:20 Secure
More informationMobile Payment & Retail Project. Maura Turolla, Telecom Italia - Innovazione
Mobile Payment & Retail Project Maura Turolla, Telecom Italia - Innovazione The Mobile Wallet: Many services, many providers src: Core wallet Tech, Specificationl, GSMA, 2013 The mobile wallet is a software
More informationMIFARE4MOBILE: the road TO NFC MASS ADOPTION. NFC WORLD CONGRESS Sophia Antipolis, 2011
MIFARE4MOBILE: the road TO NFC MASS ADOPTION NFC WORLD CONGRESS Sophia Antipolis, 2011 Creating a Mobile-nfc Ecosystem Challenges to Mobile NFC s success: technical and business complexity, interoperability,
More informationMobile Payments: the Second Wave
Mobile Payments: the Second Wave Presentation at the Payments Drift Forum, University of Warsaw 8 September 2016 Hochschule Aschaffenburg University of Applied Sciences 1 1. M-payments : an elusive concept
More informationFundamentals of Near Field Communication (NFC) Tvrtko Barbarić NXP Semiconductors
Fundamentals of Near Field Communication (NFC) Tvrtko Barbarić NXP Semiconductors Automotive Identification Wireless Infrastructure Lighting Industrial Mobile Consumer Computing Global player with local
More informationGSMA Embedded SIM Specification Remote SIM Provisioning for M2M. A single, common and global specification to accelerate growth in M2M
GSMA Embedded SIM Specification Remote SIM Provisioning for M2M Purpose of this Reference Messaging Pack Appropriate slides may be selected to be used for within different presentations for multiple audiences
More informationSecurity of NFC payments
Security of NFC payments Olga Korobova Department of Computer Science University of Massachusetts Amherst Abstract Our research objective was to examine the security features implemented by the bank cards
More information