Secure Elements 101. Sree Swaminathan Director Product Development, First Data

Similar documents
Mobile/NFC Security Fundamentals. Secure Elements 101. Smart Card Alliance Webinar March 28, 2013

GSM Association (GSMA) Mobile Ticketing Initiative

Advances with Osaifu-Keitai Starting Services Supporting NFC (Type A/B) on NTT DOCOMO UIM Cards. contactless IC cards that is being adopted

SMART CARDS. Miguel Monteiro FEUP / DEI

Security of NFC payments

IDCore. Flexible, Trusted Open Platform. financial services & retail. Government. telecommunications. transport. Alexandra Miller

Security in NFC Readers

Contents. Preface. Acknowledgments. xxiii. List of Acronyms i xxv

A Role-Based Service Level NFC Ecosystem Model

Near Field Communication: IoT with NFC. Dominik Gruntz Fachhochschule Nordwestschweiz Institut für Mobile und Verteilte Systeme

Leveraging the full potential of NFC to reinvent physical access control. Friday seminar,

Products and solutions for Secure Wearables

Webinar Tokenization 101

Mobile NFC Services Opportunities & Challenges. NGUYEN Anh Ton VNTelecom Conference 31/10/2010

STMicroelectronics Payment Solutions. December 6 th 2012

NFC embedded microsd smart Card - Mobile ticketing opportunities in Transit

MIFARE4MOBILE: the road TO NFC MASS ADOPTION. NFC WORLD CONGRESS Sophia Antipolis, 2011

Smart Card meets Connectivity New Opportunities in Mobile Business with NFC Technology. Smart Card Alliance2005 Fall Annual Conference Martin Bührlen

ACR1252U. NFC Forum Certified Reader. Technical Specifications V1.03. Subject to change without prior notice.

Security on NFC-Enabled Platforms

Best Security Practices for NFC Mobile Payments

HOW TO INTEGRATE NFC CONTROLLERS IN LINUX

NFC is the double click in the internet of the things

Mobile Contactless Technology Backgrounder

What s In Your e-wallet? Using ARM IP to Enable Security in Mobile Phones. Richard Phelan Media Processing Division TrustZone Security Technology

The Open Application Platform for Secure Elements.

Relay Attacks on Secure Elementenabled

Fundamentals of Near Field Communication (NFC) Tvrtko Barbarić NXP Semiconductors

WHAT FUTURE FOR CONTACTLESS CARD SECURITY?

The UICC. Recent Work of SCP and Related Security Aspects. Dr. Klaus Vedder Chairman ETSI TC SCP

Research Article A Tokenization-Based Communication Architecture for HCE-Enabled NFC Services

ISG Seminar 3 rd November Agenda for Lecture. Smart Cards with Contacts. Contact-less Smart Cards. From Smart Cards to NFC Smart Phone Security

Practical Attack Scenarios on Secure Element-enabled Mobile Devices

Date: 13 June Location: Sophia Antipolis. Integrating the SIM. Dr. Adrian Escott. Qualcomm Technologies, Inc.

Secure Element APIs and Practical Attacks on Secure Element-enabled Mobile Devices

Managing an NFC Ecosystem

Next steps for NFC and mobile wallets

Secure Application Trend in Smartphones. STMicroelectronics November 2017

Extensive proximity connectivity capabilities for USB-enabled devices

Activating New Mobile Services and Business Models With smartsd Memory Cards

NFC ESSENTIALS JORDI JOFRE NFC EVERYWHERE MARCH 2018 PUBLIC

MasterCard NFC Mobile Device Approval Guide v July 2015

HCE security implications. Analyzing the security aspects of HCE

ACR1251U-A1 USB NFC Reader with SAM Slot

State of US Mobile Payments (NFC)

A Novel Scheme for On-demand Distribution of Secure Element Keys

Die Zukunft des M-Payment The future of m-payment NFC. Andreas Johne. Düsseldorf, 25. Januar 2008

Dr. Char-Shin Miou Chunghwa Telecom. Co. April 7, 2011

Open Mobile API The enabler of Mobile ID solutions. Alexander Summerer, Giesecke & Devrient 30th Oct. 2014

Design and Implementation of a Mobile Transactions Client System: Secure UICC Mobile Wallet

GSMA Embedded SIM for Connected Cars

NFC Application Ecosystems: Introduction, Peer-to-Peer, NFC Tags/Posters and Product Label Applications

CALYPSO FUNCTIONAL SPECIFICATION. CNA Calypso rev 3.1 Applet Presentation

Fare Media: Past, Present and Future. Hassan Tavassoli APTA Fare Collection Workshop San Diego, California March 29, 2010

Smart Card Operating Systems Overview and Trends

NFC Identity and Access Control

Digital Payments Security Discussion Secure Element (SE) vs Host Card Emulation (HCE) 15 October Frazier D. Evans

Smart Card ICs. Dr. Kaushik Saha. STMicroelectronics. CSME 2002 (Chandigarh, India) STMicroelectronics

NEAR FIELD COMMUNICATION - THE FUTURE TECHNOLOGY FOR AN INTERACTIVE WORLD

Mobile Devices as Identity Carriers. Pre Conference Workshop October 14 th 2013

ebook - TRUSTED esim TESTING FRAMEWORK - June 2016 BUILDING A TRUSTED EMBEDDED SIM TESTING FRAMEWORK IN THE AGE OF IOT

Overview RFID-Systems

Smart cards are made of plastic, usually polyvinyl chloride. The card may embed a hologram to prevent counterfeiting. Smart cards provide strong

CREDENTSYS CARD FAMILY

Bringing you an end to end Mobile Connect Solution. Mobile Connect for Mobile Network Operator. Mars 2016

NFC Technology Overview Jonathan Main MasterCard Worldwide Chairman, Technical Committee

Chapter 2 Basics. 2.1 Smartcards. This chapter summarizes basic concepts of smartcards, Near Field Communication (NFC) and payment cards.

SIM Evolution. Klaus Vedder. Presented by: 10 July 2018 ETSI th Sigos Conference

The Future of Smart Cards: Bigger, Faster and More Secure

The Role of TSM. TSM Functions. Guy Berg President Collis America May 6, 2009

Smartcards. ISO 7816 & smartcard operating systems. Erik Poll Digital Security Radboud University Nijmegen

Mobile Identity Management

STMicroelectronics NATIXIS Payment Solutions Conference

ACM1252U-Y3. USB NFC Reader Module with Detachable Antenna Board

Strategies for the Implementation of PIV I Secure Identity Credentials

SEPA goes Mobile Dr. Marijke De Soete ETSI Security Workshop January 2011 Sophia Antipolis, France

The NFC Forum NFC Technology for Developers

Industry-leading, 2 nd - generation NFC controller

Secure Over-The-Air Services in NFC Ecosystems

Smart Tokens: Tags, smart phones and everything in between. Dr Gerhard Hancke Information Security Group

GOOGLE WALLET. Hardik Mangukiya ABSTRACT INDIA

MOBILE WALLET TECHNOLOGIES: GLOBAL MARKETS. IFT070A April Priyanka Patel Project Analyst ISBN:

Securing IoT devices with STM32 & STSAFE Products family. Fabrice Gendreau Secure MCUs Marketing & Application Managers EMEA Region

Natural Security Alliance

Card Specifications & 2.1 Frequently Asked Questions December 2004

ACR1255 NFC Bluetooth Smart Card Reader

FIPS Level 3. Security Policy of Java Card Platform Implementation for Infineon on SLE 78 (SLJ 52GxxyyyzR) V1.0f. August Version 2.

CATALOGUE PRODUCT. A world leader in smart card & reader technologies.

Ch 9: Mobile Payments. CNIT 128: Hacking Mobile Devices. Updated

Building Digital Key Solution for Automotive

FIPS and Mobility (SP Derived PIV Credentials) Sal Francomacaro FIPS201/PIV Team NIST ITL Computer Security Division

Hitachi Releases Smart Card Microcontroller AE45X series Equipped with Contact/Contactless Dual Interface in a Single Chip

Will Mobile Phones Replace Cards?

ACR1256U. User Manual V Document Name: ACR1256U- User Manual.doc. Prepared by: Reviewed by: Approved by:

NFC in the PC environment

Visa Mobile. Proximity Payment Testing & Compliance Requirements for MicroSD and Mobile Accessories

Module 1: Smart Card Fundamentals. Smart Card Alliance Certified Smart Card Industry Professional Accreditation Program

Smart Cards. Outline. José Costa Application Domains: Smart Cards. Software for Embedded Systems

HOW TO INTEGRATE NFC FRONTENDS IN LINUX

Smart Card Management Innovation - Shinhan Card Case Study

Transcription:

Secure Elements 101 Sree Swaminathan Director Product Development, First Data

Secure Elements Secure Element is a tamper resistant Smart Card chip that facilitates the secure storage and transaction of payment and other sensitive credentials. Secure Elements are used in multi-application environment and can be available in multiple form factors like UICC(SIM), ese, micro SD etc. 2

Inside a Secure Element / SmartCard Secure Elements are similar to Secure ICC Cards (Smart Cards) Secure Microcontrollers CPU Operating System Memory Types Immutable(ROM), Mutable(EEPROM) and Volatile(RAM) Crypto Engines Sensors, Timers, RNG Communication Ports FIPS, CC Certifications CPU Reset I/O Sensors Timer Encrypt Clock Crypto Engine Random # Generator Interrupts BUS BUS RAM EEPROM ROM 3

4 SmartCard History

Smart Card types Contact ICC Cards with contacts for external communications. Card is inserted into a reader/pos terminal for transactions to occur. Follows ISO-7816 standards. Contactless ICC Cards with no visible contacts. Communicates using Radio Frequency with 13.56 MHz through antennas. Card is tapped at a distance of up to 4 cm. for read/write. Follows ISO-14443 standards. Hybrid Combines the features of contact and contactless cards with separate chips used for contact and contactless interfaces Dual Interface Same chip is used for both contact and contactless interfaces 5

Secure Element and NFC Near Field Communication (NFC) is a technology in smartphones that can enable contactless transactions and other data exchange with variety devices. RF Wireless Technology ISO/IEC 14443, 18092, MIFARE, FeliCa etc. Payment, Ticketing, Access, Loyalty & Coupons, etc. Secure Elements help store payment credentials Used in conjunction with Mobile UI(e.g. Wallets) E.g. Google Wallet, ISIS Wallet etc. 6

Types of Secure Elements UICC or SIM MNO Centric Secure Element UICC modified to include Removable and uses SWP MNO TSMs manage the security and space E.g. ISIS TSM Embedded Secure Elements (ese) OEM or SEI owned Built inside the device mother board E.g. Sprint, Google model MicroSD /Dongles Issuer or Consumer centric models Removable 7

Modes Of NFC Transactions NFC Forum Specifications Reader/Writer mode Device can read/write any NFC Forum supported tag types. ISO 14443 and FeliCa schemes Peer-to-Peer Two NFC devices can exchange data between themselves. ISO/IEC 18092 standard NFC Tag Card Emulation NFC device acts as a contactless card 8

Secure Element & NFC Components of a typical mobile NFC phone Secure Element(SE) UICC, Embedded SE, micro SD NFC Controller NFC Chip, Stack, CLF Mobile Wallet UI Application for consumer interaction Communication Protocols/Interfaces ISO-7816, ISO-14443, SWP,UART,I2C,SPI Smart OS Android, ios, BlackBerry OS, Windows Phone SE OS Java, Multos, Proprietary 9

10 Secure Element & NFC

Trusted Service Managers(TSM) TSM is a Trusted Third Party that brings the service providers together for the provisioning and life cycle management of Payment, Access, Transit and other Secure Element related credentials in a secure manner. E.g. - First Data, G&D, Gemalto etc., TSM Functions Provision/Deletion Key Management/Data Prep Post Issuance Life Cycle Management OTA(Over-The-Air) TSM Models MNO / SE TSM Service Provider(SP) TSM 11

12 Trusted Service Managers(TSM)

Standard organizations for Secure Element GlobalPlatform Cross industry, international, nonprofit organization which identifies, develops and publishes specifications for a secure and interoperable environment for the chip technology. GlobalPlatform Specifications Card Specification Device Specification Systems Specifications 13

GlobalPlatform & Secure Element Security Domains Area of ownership for entities within the chip Issuers Controlling authorities Application providers Communication APDU File Structures Secure Channel protocols Applications - Installation, Extradition, Provision and Deletion AIDs 14

Security Domains Hierarchy Security Domains Issuer Security Domain Supplementary Security Domain CASD TSD APSD 15

Security Domains Hierarchy Simple Mode Card Content Management is done by the MNO can be monitored by the TSM. Delegated Mode Card Content Management is delegated to a TSM with preauthorization Authorized Mode Card Content Management is fully delegated to a TSM 16

Cryptography Cryptography for: Confidentiality Data integrity Authentication Non-repudiation Types of Cryptography Symmetric key cryptography Asymmetric key cryptography Symmetric key cryptography : Same key is used both for encryption and decryption Asymmetric key cryptography: Different keys are used both for encryption and decryption 17

Secure Element Communication Secure Channels Secure Communication between card and off-card entity SCP02 - Symmetric secure channel protocol SCP03 - Asymmetric secure channel protocol SCP80 - OTA secure channel protocol(etsi) Keys & Diversification Master Keys Card Keys Session Keys Provision Store Data commands Stores credentials Data Grouping Identifiers Groups data for storage 18

Secure Element Communication Card Content Management (CCM) Loading, Installation, Perso, Extradition, Deletion APDU Application Protocol Data Unit Command APDU CLASS INSTRUCTION P1 P2 L c Data L e Response APDU 19

Deployment and other Considerations Credentials Security TSM Deployment Model Wallet Integration Certification Lifecycle Management Support Model Flexibility for changes 20

Standards for SE & NFC Standards EMVCo http://www.emvco.com/ ETSI http://www.etsi.org/ GlobalPlatform http://www.globalplatform.org/ GSMA http://www.gsma.com/ ISO http://www.iso.org/ NFC Forum http://www.nfc-forum.org Payment Schemes PCI https://www.pcisecuritystandards.org FIPS https://csrc.nist.gov Common Criteria http://www.commoncriteriaportal.org/ Purpose Global standard for credit and debit payment cards based on chip card(icc) technology European Telecommunications Standards Institute is a standardization organization in the telecommunications industry Organization provides specifications for a secure and interoperable environment for the chip technology Association of mobile operators for supporting the standardizing and deployment of the GSM mobile system International Organization for Standardization. Provides standards for contact(iso-7816), Contactless(ISO-14443) chip technologies Industry association that promotes the specification and use of NFC short-range wireless interaction in consumer electronics, mobile devices and PCs. Provides specifications for contact and contactless payments. (Amex, Discover, MasterCard, Visa) PCI Security Standards Council provides Payment Card Industry Security Standards -Data Security Standard (PCI DSS), Payment Application Data Security Standard (PA-DSS), and PIN Transaction Security (PTS) U.S. government computer security standard describes Security requirements and standards for cryptography modules Common Criteria is an international standard for computer security certification. Provides evaluations of Information Technology products and protection profiles 21

Sree Swaminathan First Data Sridher.Swaminathan@FirstData.com

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback