Secure Element API An introduction.

Slides:

Advertisements

Similar presentations

Mobile Devices in the DoD

Advertisements

Cloud PIV Authentication and Authorization Demo PIV Card User Workstation Central Security Server In order to use Cloud Authentication and Authorization.

Ecosystem Scenarios for Cloud-based NFC Payments

Mobile Application Development Keshav Bahadoor. Part 1 Cross Platform Web Applications.

Identity and Access IDPrime MD 8840 and IDCore 8030 MicroSD cards

1 GP Confidential © GlobalPlatform’s Value Proposition for Mobile Point of Sale (mPOS)

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

Cross Platform Single Sign On using client certificates Emmanuel Ormancey, Alberto Pace Internet Services group CERN, Information Technology department.

Key Provisioning Use Cases and Requirements 67 th IETF KeyProv BOF – San Diego Mingliang Pei 11/09/2006.

Lab4 Part2 Lau Ting Nga Virginia Tsang Pui Yu Wong Sin Man.

Dongyan Wang GlobalPlatform Technical Program Manager

Chung Man Ho Willims Chow Man Kei Gary Kwok Pak Wai Lion.

Identity and Access IDGo Secure (ISE) for Android Didier Bonnet April 2015.

PAYware Mobile Android Comparison June Discussion Topics Obtaining the App PAYware Mobile App.

1 TELECOM ITALIA GROUP Trial at the University of Rome: SIM-based Services Trial at the University of Rome: SIM-based Services Author: Alessandro Rabbini.

Alcatel Identity Server Alcatel SEL AG. Alcatel Identity Server — 2 All rights reserved © 2004, Alcatel What is an Identity Provider?  

Secure Element Access from a Web browser W3C Workshop on Authentication, Hardware Tokens and Beyond 11 September Oberthur Technologies – Identity.

The Linux Revolution  Linux distributions have long since run the top servers worldwide. Today Linux powers 6 of the top 10 web servers worldwide. Linux.

魂▪創▪通魂▪創▪通 Digital Certificate and Beyond Sangrae Cho Authentication Research Team.

Introduction to Android Platform Overview

Identity and Access IDGo Secure (ISE) for Android Didier Bonnet November 2014.

Proposal for the support of connected and proximity crypto HW in browsers Philip Hoyer – Director Strategic Innovation January 2015 Presentation Title.

VeriSign® Identity Protection (VIP) Overview. 2 2 VeriSign Confidential Trust on the Internet is More Compelling Than Ever 1.5 billion Internet users.

LEVERAGING UICC WITH OPEN MOBILE API FOR SECURE APPLICATIONS AND SERVICES Ran Zhou 1 9/3/2015.

Leveraging UICC with Open Mobile API for Secure Applications and Services Ran Zhou.

UICC UICC is a smart card used in mobile terminals in GSM and UMTS networks It provides the authentication with the networks secure storage crypto algorithms.

Mobile Platforms. Competitive Landscape Operating Systems iPhone BlackBerry Windows Mobile Android Symbian.

Leveraging UICC with Open Mobile API for Secure Applications and Services.

Apple Pay Breakfast briefing 6 October Apple Pay now accepted In store In-app purchases Transport for London.

ID anywhere mobile | smart cards | devices.

© 2015 albert-learning.com Android Operating System ANDROID OPERATING SYSTEM.

Apple Pay Breakfast briefing 6 October Apple Pay now accepted In store In-app purchases Transport for London.

Web Services Security Patterns Alex Mackman CM Group Ltd

PAYware Mobile Blackberry Comparison March Discussion Topics Obtaining the App PAYware Mobile App Determining Model and system information such.

Hardware-based secure services past and future Olivier POTONNIEE, Aurélien COUVERT, Virginie GALINDO April 2016.

Jason Kuo APSCA October 29, 2010 Convergence and cross usage of secure elements for mobile PKI and secure mobile contactless services.

1 1 Social Security Platform James Wu We Simplify Security.

Copyright © 2016 VALENTINE OBI, MD/CEO, eTRANZACT PLC The Experience Powering Retail Payments in Digital Africa.

1. Presentation Agenda  Identify Java Card Technology  Identify Elements of Java Card applications  Communicating with a Java Card Applet  Java Card.

Near Field Communication (NFC) Market to Global Analysis and Forecasts by Device Operating Mode, Product & Software and Industry No of Pages: 150.

2016 LOGO Comparison Between Apple Pay and Ali Pay Zhu Liang Li Zhihao

Introduction to Mobile Computing

E-commerce Presented by- JOHN.

Mobile Operating Systems

A catalyst for mobile contactless payments adoption?

Paytm App is your one-stop destination for all your needs

Visit for more Learning Resources

DIGITAL SIGNATURE SERVICE

ActivID Tap Authentication HID Global

Android: The Basics Part 1 Allyson Coan Adult Services Librarian

Introduction to Mobile Web Applications

HID Mobile Access Bringing the Magic Back to PACS Brian Bloomingdale

Product Manager, Keon PKI

Merging Security and Convenience with Seos® Credential Technology

EMV® 3-D Secure - High Level Overview

Windows Azure AppFabric

THE ABC’s OF NFC.

FIDO U2F Universal 2nd Factor

Secure Elements and W3C L. Castillo 06/16/15.

Enhancing Web Application Security with Secure Hardware Tokens

The Application Lifecycle

UCO BANK HONOURS YOUR TRUST

560+ people dedicated to innovation across 5 R&D labs

Android Introduction Platform Mihail L. Sichitiu.

Payment Innovations PAYMENT INNOVATIONS DIGITAL PAYMENT SOLUTIONS.

Presentation transcript:

Secure Element API An introduction

Objectives and use cases “An API enabling the discovery, introspection, and interaction with hardware tokens (Secure Elements) that offer secure services such as tamper-proof storage, cryptographic operations, etc.” Secure Elements: Smart card (contact or contacless) SIM/ UICC card Smart/Secure microSD cards Embedded Secure Elements Clients PC Mobile Tablet … SysApps - Secure Element API, 2013-08-29

Use Case #1: Web Authentication with SE PC, with contact or contactless PC/SC reader Government eID card with contacts User goes to an eGov web site, and is asked to authenticate E.g. https://tax.myeservices.net/ User inserts her eID card in PC reader, and types PIN code User is authenticated User digital signs a document (eg Tax declaration) using her ID card Conflicts with Web Crypto SysApps - Secure Element API, 2013-08-29

Use Case #2: “Card present” mCommerce Mobile with NFC UICC or NFC Visa card User navigates to a merchant web store in mobile browser User pays with Visa app preloaded on UICC or in contactless Visa banking card This triggers a system application, which prompts user for confirmation and optionally payment issuer (if multiple available), PIN code, asks SE for “payment credential”, and forward it to payment server When payment confirmation is received, it is forwarded to originating merchant in the browser, which displays confirmation message SysApps - Secure Element API, 2013-08-29

Use Case #3: Reloading transportation card Mobile with NFC Public transportation card (e.g. London’s Oyster card) User open’s mobile browser, and navigates to the card’s emitter web site (e.g. https://oyster.tfl.gov.uk) User buys a ticket and loads it on her transportation card by tapping it on the mobile Transportation card now holds the tickets, it can be presented to “touch” readers when travelling SysApps - Secure Element API, 2013-08-29

Use Case #4: Mobile ID (OOB auth) 2 devices: Web application used on PC browser (no SE) Out-of-band authentication on Mobile with NFC Company ID card with embedded Auth Certificate User opens a session on a web application in a PC browser The server opens a session and waits for credential (a signature) from a pre-registered mobile User opens a pre-installed authentication application on mobile, and tap her NFC corporate card Authentication application computes the credential using the embedded card certificate, and sends it to server Server validates session on PC browser and let user in SysApps - Secure Element API, 2013-08-29

SysApps - Secure Element API, 2013-08-29 Status In W3C: SE planned in Phase 2 of SysApp WG Adoption in Web industry: Tizen Open source, standards-based software platform supported by leading mobile operators, device manufacturers, and silicon suppliers for smartphones, tablets, netbooks, in-vehicle infotainment devices, smart TVs, etc. Webinos EU funded project delivering a platform for web applications across mobile, PC, home media (TV) and in-car devices Adoption In Mobile Industry SIMAlliance’s Open Mobile API Non-profit trade association working mobile community seeking to create a secure, open and interoperable mobile environment Deployed devices (NFC): 180+ models by more than 15 manufacturers Android, BlackBerry (BB OS 10), Windows Phone (7.5) SysApps - Secure Element API, 2013-08-29

Commercial devices examples Acer: Liquid Express C6 Alcatel (TCL): Smart III-4 BlackBerry: Z10 HTC: One X LG: P940 (Prada) Nokia: Lumia 610 NFC Motorola: Droid RAZR (XT926) Samsung: Galaxy S2, Galaxy S3, Galaxy S4 Sony: Xperia Z ZTE: P728 …. SysApps - Secure Element API, 2013-08-29

SysApps - Secure Element API, 2013-08-29 Roadmap Editorship offer: 2 co-editors Gemalto (Olivier Potonniée) Intel (Tran Dzung D.) Ready to draft Start with Use Cases Contributions welcome Requirements How should we manage them? SysApps - Secure Element API, 2013-08-29