hce and ble university tomorrows transactions london, 20 th march 2014
DESCRIPTION
HCE and BLE UNIVERSITY TOMORROWS TRANSACTIONS LONDON, 20 TH MARCH 2014. Host Card Emulation– NFC Killer?. INTRODUCTION TO HCE. What is Host Card Emulation?. - PowerPoint PPT PresentationTRANSCRIPT
HCE AND BLE UNIVERSITYTOMORROWS TRANSACTIONS
LONDON, 20TH MARCH 2014
INTRODUCTION TO HCEHost Card Emulation– NFC Killer?
Please Copy and Distribute
What is Host Card Emulation?
Please Copy and Distribute
Handset Application
UICCNFC
Controller
NCI
HCI/SWPISO 14443
NCI
NFC Controllers have always had the ability to exchange ISO14443 frames between the Handset’s main processor and an external ISO 14443 reader
HOST CARD EMULATION exposes that capability to applets running in the handset via APIs
NCI (NFC Forum NFC Controller Interface Specification) provides a standard way of accessing that capability
Contactless Payments
Transaction Details
UDKATC
PRIPUBCert
Offline Data Authentication
UDKCryptogram Verification
ATC
S-UDK
L-PRI
L-PUBCert
If we restrict or limit the usefulness of the keys in the phone, we limit the liability associated with their compromise; We can accept a greater vulnerability for those limited use keys yet still achieve an acceptable overall exposure
Please Copy and Distribute
Cryptogram
Digital Signature
Everything that’s going on in NFC with Banks, MNOs and TSMs is to enable banks to extend their reach into the MNO’s chips with the same degree of security as that into chips in single-issuer bank cards.... And it’s commercially and technically challenging
How does it work?
Transaction Details
Cryptogram
Online Cryptogram Verification
Offline Data Authentication
UDKATC PRI
L-PUBCert
L-PRI
S-UDK
Digital Signature
3) Issuer generates limited use keys from the static keys and counter, and downloads them to the phone’s handset
4) Cardholder opens application, waves phone at reader
5) Terminal conducts transaction as normal
2) Cardholder periodically contacts issuer and requests download
S-UDK7) Issuer verifies cryptogram but using limited use key rather than static key
6) Terminal verifies signature using certificates as normal
1) Issuer retains the static keys and counter and provides access to them over the phones network connection (GSM, 3G, WiFi)
Please Copy and Distribute
Most Issuing Banks currently have or are developing, mobile banking applications.You can do many things with those but cannot pay for things in stores. These already have a mechanism for authenticating the customer to the bank, and for securely exchanging information over web service protocols.HCE provides a mechanism to allow these apps to be used for in store purchasing. It allows banks to provide mobile proximity payment capability without needing to negotiate with MNOs or TSMs.Probably best not to put a real Card Number in the phone, though
Implications of HCE for Issuing Banks
Please Copy and Distribute
Tokenisation
Please Copy and Distribute
ACQUIRER
TOKENSERVICE
PROVIDERPAYMENTNETWORK
ISSUING BANK
MERCHANT
RULES ENGINE-Channel
--Time
DATABASE- Real PAN - Token
PAN
Token PAN
Real PAN
Implications of HCE for Retailers
Please Copy and Distribute
PCDSecure Element
Payment App
NFC Chip
PaymentKernel
Point Of SaleTerminal
Handset Operating System
HCE allows us to bypass the app in the secure element to talk to the payment kernel
Handset App
We can also bypass the payment kernel by using a reader “pass-through mode” to send data directly over the contactless interface
Until recently there was no point in doing this as we could only communicate with an app in the secure element, which was expensive to build and certify
However, with HCE a POS can now communicate directly with a retailer handset app to support a richer sales experience over contactless than just payments.
Retailer POSApplication
Before HCE, POS terminals could only communicate with apps in secure elements.
INTRODUCTION TO BLEBluetooth Low Energy – NFC Killer?
Please Copy and Distribute
BLE Promises
Please Copy and Distribute
BLE is Bluetooth for devices powered by small batteries
• mostly off; limited range (<50m)• Devices are peripherals or central hosts or can
be both• BLE devices can Discover each other
• infrequently broadcast short “It’s Me!” data bursts• Measure received signal strength to indicate
distance• BLE devices can Connect to each other
• Devices can be paired using pre-shared key or passcode
• Paired devices can encrypt communications• BLE devices can Exchange Data with each
other:• Get value of attribute # 123• Set value of Attribute # 123• Notify me when the value of attribute #123
changes
BLE Technology
Please Copy and Distribute
Discovering Devices
Please Copy and Distribute
Advert
SCAN REQUEST
SCAN RESPONSE
• Battery lifetime decreases with more frequent advertisements • Battery lifetime decreases with more data in advertisements• Reliability of signal strength indication improves with more frequent
advertisements • Latency (noticing when the tag appears or disappears) improves with
more frequent advertisements • Received Signal Strength decreases when objects (and people) get in
the way
D6 BE 89 8E 40 09 32 A9 F0 93 0C D8 02 01 06 20 D1 54 1E A5
D6 BE 89 8E 40 24 FE 4F D7 E4 F5 D5 02 01 06 1A FF 4C 00 02 15 B9 40 7F 30 F5 F8 46 6E AF F9 25 55 6B 57 FE 6D 4F FE E4 D7 B6 26 5A 10 23 A5
D6 BE 89 8E 83 0C D5 3B 22 8C BA 1C 32 A9 F0 93 0C D8 C8 40 DA 40 A5
D6 BE 89 8E 44 20 32 A9 F0 93 0C D8 04 08 73 42 32 11 06 A6 DA 37 DE C1 9A FC 80 94 4A D8 A8 02 62 C2 BE 02 0A 00 DC EE 65 10 A5
Connecting Devices
Please Copy and Distribute
CONNECT
Example:• The device supports the Health Thermometer Service• The Service has a Characteristic with a Description of “Temperature
Measurement”• The Service has a Characteristic with a Description of “Temperature Type”• The “Temperature Measurement” Characteristic has a Value of “68
Fahrenheit”• The “Temperature Type” Characteristic has a Value of “Body”
SERVICE DISCOVERY
CHARACTERISTIC DESCRIPTION DISCOVERY
CHARACTERISTIC DISCOVERY
Exchanging Data
Please Copy and Distribute
SET
• Each Attribute has a unique “Handle”: think of it as one row in a table
• Data is exchanged by reading or writing to the Attribute with a particular handle
• Data can be protected by assigning access rights specific to each handle.
GET
NOTIFY
ServerClient
Client Confidential
Data Connections to sensorsHeart Rate Monitors
Fitness Trackers
Temperature Monitors
Motion Sensors
BLE Services
Based on PresenceFind Me
Device Leashing
Beacons
• Transmits Advertising Packets Only (no reception)
• Proximity UUID identifies the Merchant; Major (up to 65535) and Minor (up to 65535) together identify a unique Beacon within a Store
• Transmitted Signal Strength (Tx) from Beacon and Received Signal Strength Indicator (RSSI) at phone together indicate range (Close, Near, Far Away)
• Apps are notified when the phone enters or leaves regions
• If the retailer app knows where the beacons are, it knows where you are
Apple’s iBeacon
Please Copy and Distribute
16-byte Proximity UUID Major Minor Tx
HDR RSSI
• Extends PayPal Here to simplify purchases
• Beacons at doorways to detect entering the store
• Connections used to authenticate user
• Avoids use of WiFi or Mobile Network
PayPal Beacon
Please Copy and Distribute
Who is in my store?ID +
ID + £xx.xx
I’m Here!Connect & Request Token
Token + Store Data + SignatureEncrypted Data
Encrypted Response
For more information
Please contact:USA and Latin America: [email protected] of the world: [email protected]
Visit: http://www.chyp.comRead: http://tomorrowstransactions.comListen: http://www.chyp.com/media/podcastsFollow: @chyppings
Please Copy and Distribute