Android HCE: An intro into the world of NFC

Android HCEAn intro into the world of NFC

Neel Rao

Google Confidential and Proprietary

NFC - Intro

NFC (Near Field Communication) is a form of short range (a few cms) wireless comm.

Powered through modulated magnetic field

NFC - Intro

NFC Smart Cards can have functional applets (Java Card)

Capable of storage, reading, crypto, etc.

NFC - Intro

Throughput is low, but useful for transferring URLs or small chunks of data (106-424 kbit/s)

Action is very specific, the short range makes the intent clear

NFC - Smart Phones

With smart phones the next logical step was to move the NFC hardware inside

NFC - Secure Element?

Basically is equivalent to taking the hardware in a NFC card and putting it in your phone.

Hardware component with built in “applets” and resilient tamper-proofing.

Two types UICC (SIM card) and eSE (NFC controller)

SE-Based Architecture

Secure Element - Tradeoffs

Payment applets on the SE contain sensitive data and require increased security

Limited space on the SE

Ownership of Secure Element is contentious

Solution: Restrict access to the SE. There are no public Android APIs to access SE

What is Host Card Emulation?

HCE allows Android to emulate a NFC smart card without requiring a secure element

This enables innovation for many new use cases such as building access, mass transit and loyalty

Works alongside other card emulation modes on secure element based solutions

HCE Architecture

HCE Development - Two Stages

App selection: Which app should be selected when you tap your phone to a reader?

Data transfer: How do you actually send and receive data to and from the NFC reader?

HCE - App Selection

NFC Reader

App 1 App 2 App 3

HCE - AID Registration

NFC Reader

App 1 App 2 App 3

AID: F506

F123F932

F999 F007

AID Querying

NFC Reader

App XAID: F56

Select AID “F12”

“Not found”

Lookup, resolve to app X Select AID “F56”

Lookup, appnot found

Android OS

OK + Response Data

Command

Response

Conflict resolution - AID Categories

App X App Y

AID F123

AID F078

AID F123

AID F234

AID Categories

Default

Select AID F123

If conflict, then automatically choose “Default” app

Complete action with:

Select AID F123

If no “Default”, then ask user

Two AID Categories: Payments & Other

Payments category has a system UX so users can choose their default wallet app.

With a default wallet app, users can pay with one tap rather than selecting wallet at payment time

Payments!

An example of how AID selection works at payment terminals

Consumers can have multiple wallet/loyalty apps, and multiple cards within each app.

How does AID selection work in this case?

Payments -- Naïve AID Selection

NFC Reader

Wallet XAID: F56

Select Visa AID

Lookup, resolve to Wallet X

Not Found

Android OS

Select MasterCard AID

Select Discover AID

Select AmEx AID

Not Found

Payments -- The Fast Method (EMV)

NFC Reader

Wallet XAID: F56

Android OS

What Payment AIDs do you have?

I have “F56”, “F12”

Lookup, resolve to app X

Select F56Select AID “F56”

Wallet AAID: F12

AID Selection - Review

Apps register one or many AIDs in manifest.

Readers select apps by querying with AIDs.

Conflicts either resolved automatically (payments) or by user

Sending + Receiving Data

Use a Service that is always listening for NFC.

Two modes: you can indicate if you need the screen to be unlocked or not. Locked mode can overlay UI on lock screen.

For example with a wallet app, you might want the phone to be unlocked for security.

public class MyHostApduService

extends HostApduService {

public byte[] processCommandApdu(byte[]apdu,

Bundle extras) {}

public void onDeactivated(int reason) {}

public byte[] processCommandApdu(byte[] apdu,

Bundle extras) {}

Return byte[ ] which get sent to the reader

Receive byte[ ] when function gets called

public byte[] processCommandApdu(byte[] apdu,

Bundle extras) {}

Since this is called on the main thread, you should return ASAP. If you need to do processing, return null. Then call sendResponseApdu() later.

Reader APIs

HCE lets your phone act as a NFC card

With the Reader APIs, your phone can also act as an NFC terminal

Testing is convenient since you can use two phones to simulate a NFC card and a reader

Use Cases - Loyalty

Use Cases - Building access

Use Cases - Transit

NFC - The Future

400M NFC smart phones shipped in 2014.

By October 2015, Chip & Pin cards will replace regular cards in the US. This means new terminals which probably have NFC

By 2017, 32% of all actively used smart phones will have NFC (2.1B phones)

Conclusion

HCE allows an NFC reader to directly communicate with your Android app with just a tap

With the Reader APIs, your phone can also act as an NFC terminal

NFC has the potential to be really big, but we need developers like you for novel apps!

Questions?

Thanks!Stop by the NFC Forum booth #401 to learn more about the possibilities of developing with NFC.

Enter your name for a chance to win a Sony Action Cam with GPS!

Android HCE: An intro into the world of NFC

Technology

Code Demo NFC on Android - Olivier Gonthier - PAUG

NFC & RFID with Android - todbot.com · What is this talk? Why you should care about RFID & NFC Overview of what RFID & NFC is technically How Android implements NFC What Android

NFC in Android - Home - NFC Forumnfc-forum.org/wp-content/uploads/2014/03/Android-NFC-Forum... · NFC availability in Android devices in 2013 Supported by pretty much every Android

NFC payments, state of the art, from an special security ... · Android 4.4 (Kit Kat) – from November 2013 . HCE requirements . Google’s role Android is the O.S most important,

Secure Elements and NFC/HCE technologies: the foundations ...7a87ec283cae4abc98f70b7cf16d028a.testmyurl.ws/mobisecserv/mobisecserv.../79 Agenda • Introduction –Towards Trust for

Professional NFC Application Development for Android Sample Chapter

HCE Driving NFC - Mobey Forum · HCE Driving NFC: From Idea to Reality to Ubiquity Mobey Day October 7/8, 2014. M-PAYMENTS & NFC ADOPTION? 2. WHY SO SLOW? 3 The trend towards mobile

POWER OF PARTNERSHIPS IN HCE - MobeyForum · POWER OF PARTNERSHIPS IN HCE HCE/Tokenization vs Secure Elements. Jörg Suchy Content •NFC and the Payment Landscape •Three Years

HCE, Apple Pay… - Galitt · HCE technology allows routing of NFC communication - e.g., a contactless payment transaction - directly from the NFC component to an application installed

Comunicación NFC entre Raspberry Pi y Android

The Impact of HCE on NFC Adoption

On Relaying NFC Payment Transactions using Android deviceswebdiis.unizar.es/~ricardo/files/slides/industrial/slides_Rooted... · On Relaying NFC Payment Transactions using Android

On Relaying NFC Payment Transactions using Android devices · ‣ In 2011, Doug Year released a set of patches including HCE support for Android Cyanogen Mod (version 9.1) - Only

NFC EMV Host Card Emulation (HCE) Mobile Payments Dual ...€¦ · • HCE EMV card tokenisation and authorisation service: • Multi-brand (Visa, Mastercard, Amex,….) • HCE tokens

NFC Android Introduction

How Secure Elements and HCE Can Coexist on an NFC device€¦ · How Secure Elements and HCE Can Coexist on an NFC device SCA –NFC Summit 2014 Austin, Texas Philip Andreae. OT,

Android Gym Application Utilizing Near Field Communications (NFC

y en 2015: Digitalización y Tokenización Payments HCE, cit frente a pagos NFC basados en cloud: pagos NFC HCE ¿Se puede abrir el mercado NFC a una mayor innovación y competencia,

OR Pairing via NFC (Android Only) NFC Pairing Barcodes ... · Pairing via NFC (Android Only) This feature applies only to Android host devices and is available for HID or SPP pairing

Android operating system + NFC