Upload
nfc-forum
View
2.554
Download
3
Embed Size (px)
DESCRIPTION
Presentation by Neel Rao of Google at AnDevCon 2014.
Citation preview
Android HCEAn intro into the world of NFC
Neel Rao
Google Confidential and Proprietary
NFC - Intro
NFC (Near Field Communication) is a form of short range (a few cms) wireless comm.
Powered through modulated magnetic field
Google Confidential and Proprietary
NFC - Intro
NFC Smart Cards can have functional applets (Java Card)
Capable of storage, reading, crypto, etc.
Google Confidential and Proprietary
NFC - Intro
Throughput is low, but useful for transferring URLs or small chunks of data (106-424 kbit/s)
Action is very specific, the short range makes the intent clear
Google Confidential and Proprietary
NFC - Smart Phones
With smart phones the next logical step was to move the NFC hardware inside
Google Confidential and Proprietary
NFC - Secure Element?
Basically is equivalent to taking the hardware in a NFC card and putting it in your phone.
Hardware component with built in “applets” and resilient tamper-proofing.
Two types UICC (SIM card) and eSE (NFC controller)
Google Confidential and Proprietary
SE-Based Architecture
Google Confidential and Proprietary
Secure Element - Tradeoffs
Payment applets on the SE contain sensitive data and require increased security
Limited space on the SE
Ownership of Secure Element is contentious
Solution: Restrict access to the SE. There are no public Android APIs to access SE
Google Confidential and Proprietary
What is Host Card Emulation?
HCE allows Android to emulate a NFC smart card without requiring a secure element
This enables innovation for many new use cases such as building access, mass transit and loyalty
Works alongside other card emulation modes on secure element based solutions
Google Confidential and Proprietary
HCE Architecture
Google Confidential and Proprietary
Google Confidential and Proprietary
HCE Development - Two Stages
App selection: Which app should be selected when you tap your phone to a reader?
Data transfer: How do you actually send and receive data to and from the NFC reader?
Google Confidential and Proprietary
HCE - App Selection
NFC Reader
App 1 App 2 App 3
?
Google Confidential and Proprietary
HCE - AID Registration
NFC Reader
App 1 App 2 App 3
F506
AID: F506
F123F932
F999 F007
Google Confidential and Proprietary
AID Querying
NFC Reader
App XAID: F56
Select AID “F12”
“Not found”
Lookup, resolve to app X Select AID “F56”
Lookup, appnot found
Android OS
Select AID “F56”
OK + Response Data
Command
Response
Google Confidential and Proprietary
Conflict resolution - AID Categories
App X App Y
AID F123
AID F078
AID F123
AID F234
AID Categories
Default
Select AID F123
If conflict, then automatically choose “Default” app
Google Confidential and Proprietary
Conflict resolution - AID Categories
App X
App Y
Complete action with:
Select AID F123
If no “Default”, then ask user
Google Confidential and Proprietary
Conflict resolution - AID Categories
Two AID Categories: Payments & Other
Payments category has a system UX so users can choose their default wallet app.
With a default wallet app, users can pay with one tap rather than selecting wallet at payment time
Google Confidential and Proprietary
Payments!
An example of how AID selection works at payment terminals
Consumers can have multiple wallet/loyalty apps, and multiple cards within each app.
How does AID selection work in this case?
Google Confidential and Proprietary
Payments -- Naïve AID Selection
NFC Reader
Wallet XAID: F56
Select Visa AID
Lookup, resolve to Wallet X
Not Found
Android OS
Select AID “F56”
Select MasterCard AID
Select Discover AID
Select AmEx AID
Not Found
Not Found
Not Found
Google Confidential and Proprietary
Payments -- The Fast Method (EMV)
NFC Reader
Wallet XAID: F56
Android OS
What Payment AIDs do you have?
I have “F56”, “F12”
Lookup, resolve to app X
Select F56Select AID “F56”
Wallet AAID: F12
Google Confidential and Proprietary
AID Selection - Review
Apps register one or many AIDs in manifest.
Readers select apps by querying with AIDs.
Conflicts either resolved automatically (payments) or by user
Google Confidential and Proprietary
Sending + Receiving Data
Use a Service that is always listening for NFC.
Two modes: you can indicate if you need the screen to be unlocked or not. Locked mode can overlay UI on lock screen.
For example with a wallet app, you might want the phone to be unlocked for security.
Google Confidential and Proprietary
Sending + Receiving Data
public class MyHostApduService
extends HostApduService {
public byte[] processCommandApdu(byte[]apdu,
Bundle extras) {}
public void onDeactivated(int reason) {}
}
Google Confidential and Proprietary
public byte[] processCommandApdu(byte[] apdu,
Bundle extras) {}
Return byte[ ] which get sent to the reader
Receive byte[ ] when function gets called
Sending + Receiving Data
Google Confidential and Proprietary
public byte[] processCommandApdu(byte[] apdu,
Bundle extras) {}
Since this is called on the main thread, you should return ASAP. If you need to do processing, return null. Then call sendResponseApdu() later.
Sending + Receiving Data
Google Confidential and Proprietary
Reader APIs
HCE lets your phone act as a NFC card
With the Reader APIs, your phone can also act as an NFC terminal
Testing is convenient since you can use two phones to simulate a NFC card and a reader
Google Confidential and Proprietary
Use Cases - Loyalty
Google Confidential and Proprietary
Use Cases - Building access
Google Confidential and Proprietary
Use Cases - Transit
Google Confidential and Proprietary
NFC - The Future
400M NFC smart phones shipped in 2014.
By October 2015, Chip & Pin cards will replace regular cards in the US. This means new terminals which probably have NFC
By 2017, 32% of all actively used smart phones will have NFC (2.1B phones)
Google Confidential and Proprietary
Conclusion
HCE allows an NFC reader to directly communicate with your Android app with just a tap
With the Reader APIs, your phone can also act as an NFC terminal
NFC has the potential to be really big, but we need developers like you for novel apps!
Google Confidential and Proprietary
Questions?
Google Confidential and Proprietary
Thanks!Stop by the NFC Forum booth #401 to learn more about the possibilities of developing with NFC.
Enter your name for a chance to win a Sony Action Cam with GPS!