Dr. Char-Shin Miou Chunghwa Telecom. Co. April 7, 2011

Similar documents
GSM Association (GSMA) Mobile Ticketing Initiative

Open Mobile API The enabler of Mobile ID solutions. Alexander Summerer, Giesecke & Devrient 30th Oct. 2014

Mobile Identity Management

1. Product Overview 2. Product Features 3. Comparison Chart 4. Product Applications 5. Order Information 6. Q & A

Secure Elements 101. Sree Swaminathan Director Product Development, First Data

Jrsys Mobile Banking Solutions

Design and Implementation of a Mobile Transactions Client System: Secure UICC Mobile Wallet

Contents. Preface. Acknowledgments. xxiii. List of Acronyms i xxv

cryptovision s Government Solutions Adam Ross, Ben Drisch cryptovision GmbH

Secure Over-The-Air Services in NFC Ecosystems

ACR1252U. NFC Forum Certified Reader. Technical Specifications V1.03. Subject to change without prior notice.

Sagem Orga Strong, Global, Innovative.

NFC embedded microsd smart Card - Mobile ticketing opportunities in Transit

SMART CARDS. Miguel Monteiro FEUP / DEI

Smart cards are made of plastic, usually polyvinyl chloride. The card may embed a hologram to prevent counterfeiting. Smart cards provide strong

MOBILE COMPUTING Unit V

Mobile Station Execution Environment (MExE( MExE) Developing web applications for PDAs and Cellphones. WAP (Wireless Application Protocol)

HARDWARE SECURITY MODULES (HSMs)

Smart Cards. Outline. José Costa Application Domains: Smart Cards. Software for Embedded Systems

NFC is the double click in the internet of the things

Payeeton Solution Platform

Leveraging the full potential of NFC to reinvent physical access control. Friday seminar,

Turban and Volonino. Mobile Commerce. Information Technology for Management Improving Performance in the Digital Economy

JSR 248: Taking Java Platform, Micro Edition (Java ME) to the Next Level

IDGo Middleware and SDK for Mobile Devices

Mobile NFC Services Opportunities & Challenges. NGUYEN Anh Ton VNTelecom Conference 31/10/2010

Minne menet, Mobiili-Java?

The Building of Ubiquitous Government in the University of Murcia

STMicroelectronics Payment Solutions. December 6 th 2012

Attacks on NFC enabled phones and their countermeasures

Smart Cards. José Costa. Software for Embedded Systems. Departamento de Engenharia Informática (DEI) Instituto Superior Técnico

ACR1281U npa Dual Interface Reader Technical Specifications

SIM Smart Card Overview

The SIM Turns 20. Dr. Klaus Vedder. Chairman ETSI TC SCP. 3rd ETSI Security WS Sophia Antipolis, France January 2008

Glossary. xii. Marina Yue Zhang and Mark Dodgson Downloaded from Elgar Online at 02/04/ :16:01PM via free access

PCMS. PC-linked Reader with Mass Storage.

Practical Attack Scenarios on Secure Element-enabled Mobile Devices

The UICC. Recent Work of SCP and Related Security Aspects. Dr. Klaus Vedder Chairman ETSI TC SCP

ACM1252U-Y3. USB NFC Reader Module with Detachable Antenna Board

ACR1251U-A1 USB NFC Reader with SAM Slot

ACR128U Dual- Interface Reader

VeinID SCANNERS FOR DIGITAL SIGNING. Hitachi s VeinID Solution for signing digital transactions enables new levels of security and user convenience.

Mobile Application Development. Introduction. Dr. Christelle Scharff Pace University, USA

Overview of cryptovision's eid Product Offering. Presentation & Demo

The Open Application Platform for Secure Elements.

Smart Card Operating Systems Overview and Trends

Java Card Technology-based Corporate Card Solutions

CREDENTSYS CARD FAMILY

A Secure and Practical Key Management Mechanism for NFC Read-Write Mode

M-Commerce and its features

A Secure and Practical Key Management Mechanism for NFC Read-Write Mode

eauthentication and Cross Boarder etransaction

Smartcards. ISO 7816 & smartcard operating systems. Erik Poll Digital Security Radboud University Nijmegen

Session 2: Understanding the payment ecosystem and the issues Visa Europe

DAY 3 J2ME Aalborg University, Mobile Device Group. Mobile. Mobile Phone Programming

The Future of Smart Cards: Bigger, Faster and More Secure

Product Specification

Mobile Payment in a cashless future Trends/Benefits/Solutions

Die Zukunft des M-Payment The future of m-payment NFC. Andreas Johne. Düsseldorf, 25. Januar 2008

NIS Platform Working Group 3 Individuals Digital Rights and Capabilities. Dr. Gisela Meister April

ACR39 Series

Real Time Applications by Using Near Field Communication Based on Security

br301 DATA SHEET V1.1 Feitian technologies Co., Ltd. Website:

Introduction to Electronic Identity Documents

Fare Media: Past, Present and Future. Hassan Tavassoli APTA Fare Collection Workshop San Diego, California March 29, 2010

ACR101I SIMicro (CCID)

Conveying the Storm Surge Hazard in a Technology-Driven Society

DIGITAL TECHNOLOGY An Evolution in the Payment Landscape. AMEX Digital Solutions

- Lessons Learnt in Asia. Dr. Jack C. Pan Watchdata Technologies

Rajat Moona j CSE, IIT Kanpur October 11, Reach IIT K

Securing Multiple Mobile Platforms

IDCore. Flexible, Trusted Open Platform. financial services & retail. Government. telecommunications. transport. Alexandra Miller

Cryptography and digital security: future needs and challenges seen from a commercial perspective

10 April 2016 Mobcon Europe Sofia, Bulgaria. DSK Bank s. experience in the field of Mobile applications

Lecture 11C Mobile Commerce

Microcontrollers. Claude Dardanne Executive Vice President, General Manager, Microcontrollers, Memory & Secure MCU Group.

Mobile Payments Building the NFC Ecosystem

E-Government Moldova s Experience and Future Perspectives

Smart Card Management Innovation - Shinhan Card Case Study

NFC in the PC environment

Cryptomathic Signer. Guillaume Forget. All rights reserved. Copyright Cryptomathic 2013

Linux NFC Subsystem. Lauro Ramos Venancio Samuel Ortiz 2011, September 9th

2 nd ETSI Security Workshop: Future Security. Smart Cards. Dr. Klaus Vedder. Chairman ETSI TC SCP Group Senior VP, Giesecke & Devrient

SmartCards as electronic signature devices Progress of standardization. Helmut Scherzer, CEN TC224/WG16 (Editor) IBM Germany

ACOS 10 B/G PBOC 2.0 EDEP Card

Singapore s National Digital Identity (NDI):

Interface. Circuit. CryptoMate

2009 Fare Collection Workshop

CYBERSECURITY AND SERVICE STATIONS

Strong Authentication for Physical Access using Mobile Devices

Secure Element APIs and Practical Attacks on Secure Element-enabled Mobile Devices

Kickstart. Overview. Oct 2017

SEPA goes Mobile Dr. Marijke De Soete ETSI Security Workshop January 2011 Sophia Antipolis, France

Next steps for NFC and mobile wallets

Advances with Osaifu-Keitai Starting Services Supporting NFC (Type A/B) on NTT DOCOMO UIM Cards. contactless IC cards that is being adopted

Fundamentals of Near Field Communication (NFC) Tvrtko Barbarić NXP Semiconductors

ACR38U-A4. Smart Card Reader. Technical Specifications V2.03. Subject to change without prior notice.

ACR38U-BMC. Smart Card Reader. Technical Specifications. Subject to change without prior notice

Product Specification

Cash Control Series USB Smart Hubs

Transcription:

Mobile Security Application Current Status Overview in Taiwan Dr. Char-Shin Miou Chunghwa Telecom. Co. April 7, 2011

Content Problems and Current Status Approach for the Mobile Security Application Mobile PKI and Mobile NFC Case Study Conclusions 2

Market Trend of E-Commerce to M-Commerce Network BB Wireless Network by 3G, 24hours Connection Host Device PC Mobile Phone, PDA Service (Ma arket Size) [Mobile & Local Transaction] [Mobile] [On line] Smart Card Enterprise Remote access Employ ID Banking ISP Transportation E-Government Citizen ID passport Healthcare Digital Content Entertainment Education News E-Service Payment Auction Shopping Insurance Stock Trading Transportation E-Ticket Sports Amusement E-Money 3 2007 2009 2011 Service ramping up period

Mobile Security Applications 4 Member -Mileage Club -Private Club (Hobby) -Internet member site -Advertisement (Bargain sale,catalog) -CRM -Town Guide Retail Employ -Enterprise -Government -Public org. (Remote access) -Content (movie, music, game, publishing) -Home electronics -Automotive Consumer Public -Citizen card (Driver license,passport) -Health care -Education Linkage of Services in Mobile Device Financial -e-money -Payment -m-banking -Stock Trade -Sports -Amusement, -Cinema -Concert e-ticket -Network (W-LAN, ISP) -Transportation -Telematics -Insurance -Travel Service

Secure Issues in Mobile Environment Tamper Integrity Authentication Personator Eavesdrop Encryption Denial Non-Repudiation Transaction E-Cash + SE Transport Ticket Mobile SIM 5 Access Control Citizen Certificate Card 5

Problems and current status Approach for the Mobile Security Application Mobile PKI and Mobile NFC Case Study Conclusions 6

Dual Interface and Multiple function SIM E-Purse NFC PN511 Transportation Telematics Core Controller Crypto- Controller Dual I/F Smart Card ISO14443 POS RFID Vending Machine - Contact [ISO7816] - Contact-less [ISO14443] ISO7816 E-ID Service

SIM Card Evolution High Speed & large storage Interface In 2006 Nov., USB was selected as High Speed & large storage Interface by ETSI committee C1 C2 C3 C5 C7: Already used by SIM Contact-less Interface 國際 SIM 卡標準化過程 In 2007 Nov. SWP(Single Wired Protocol) was adapted as contactless interface for NFC ( Near Field Communication) service by ETSI and GSMA C1 C2 C3 C4 C5 C6 C7 C8

Mobile PKI Service Architecture Certification Authority Registration Authority RAO + Secure Token for Key & Certificate storage PKI enable API and Device middleware User E-service Mobile Network 9

Platform and Mobile Handset One way authentication Mutual authentication Ensure transaction date secure and non-repudiation handset HSM One way authentication Transaction data Protected by Session Key Mutual Authentication applet Service Data Application Server Data Secure element Server Secure Channel establish Encrypted Data 10 Data encrypted by Session Key

What is a SE (Secure Element)? Provider Security Domain Secure Element Provider Application Card Issuer Security Domain Secure Channel Card Manager Issuer Application Mutual Authentication Secure Message Global Platform API Run-Time Environment & Hardware-neutral API (JCRE) 11 Key Set: To establish Secure Channel between card application (Applet) and host application. A Key Set: Secure Channel Encryption Key (S-ENC) Secure Channel Message Authentication Code Key (S-MAC) Key Encryption Key (KEK) Security Domain: It is a key container. To store Key Sets belong to an application provider

Mobile Device + Secure Element Browser-based (MIDlet) Mobile PKI Enable API Text-based (STK Menu) Middleware Mobile PKCS # 11 JSR 177 JSR 257 (U)SAT USIM/Secure Element Access interface (ISO 7816/USB/) J2ME/Native OS (WIN Mobile iphone OS Android Symbian ) + + + 12

Hardware Secure Element Approach V CC RST CLK RFU Stack-SIM module C1 C2 C3 C4 C5 C6 C7 C8 GND V PP I/O RFU SIM card chip Secure Element chip SE in usd SE in Stack SIM 13

JSR 177 Architecture Midlet Midlet Midlet Midlet JSR 177 Security and Trust Services APIs (SATSA) APDU JCRMI PKI CRYPTO Communication APIS Security APIS J2ME VM Native and low level Smart card driver Mobile Platform OS 14

JSR-257 NFC Applications JSR Contactless common functions 257 NDEF formatted data R/W External smart card communication Physical RFID R/W Visual Tag R/W CLDC MIDP KVM Operating System Hardware NFC Software Stack 15

PKCS#11 Architecture Desktop Platform Mobile phone Platform AP AP AP/Mdilet AP/Midlet PKCS#11:Cryptographic Token Interface Standard General purpose functions Slot and token management Session management Key management Crypto algorithms management PC/SC Native and low level Smart card driver 16 windows Linux/Unix MAC OSX Window s phone J2ME phone android phone

Problems and current status Approach for the Mobile Security Application Mobile PKI and Mobile NFC Case Study Conclusions 17

What is NFC? NFC (Near Field Communication) Provides the way information and services are distributed, paid for and accessed by the connected consumer NFC is a wireless technology enabling convenient short-range communication between electronic devices with secure way 18

SWP SIM Architecture V CC RST CLK D+ C1 C2 C3 C4 C5 C6 C7 C8 GND V PP I/O D- SWP PKI Applet ISO 7816 Part 12 USB Interface PKI Function Inside Defined by GSMA Standard 19

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback