28
Host Card Emulation (HCE)

Host Card Emulation

Embed Size (px)

DESCRIPTION

Host Card Emulation in android

Citation preview

Page 1: Host Card Emulation

Host Card Emulation (HCE)

Page 2: Host Card Emulation

NFC

Page 3: Host Card Emulation

NFC APPS

Page 4: Host Card Emulation

Card Emulation with a Secure Element

Page 5: Host Card Emulation

Host-based Card Emulation

• Host Card What?

• Host Card Why?

• Implementing an HCE Service

• Host Card Security

Page 6: Host Card Emulation

Host Card What?

• Where data is routed ?

• Support for many different protocols

• Android NFC devices functioning as readers ( IsoDep class).

• HCE services

Page 7: Host Card Emulation

Host Card Why?

• No more complex SE cards.

• Multiple NFC payment wallets can be on the phone

• No worrying about SE storage size.

• No need to pay the Carrier for Over-the-air SE provisioning and lifecycle management.

• Enabling any wallet to use it to communicate to a PoS

Page 8: Host Card Emulation

Implementing an HCE Service

Page 9: Host Card Emulation

Implementing an HCE Service

• Service selection

• AID groups and categories

• Service implementation

• Service manifest declaration and AID registration

Page 10: Host Card Emulation

Service Selection

Page 11: Host Card Emulation

Service selection

• ISO/IEC 7816-4 specification

•  Application ID (AID).

• Length between 5 and 16 bytes

• AID well-known and publicly registered

• What if you want to deploy new reader infrastructure for your own application ?

Page 12: Host Card Emulation

AID Groups

• AID group is a list of AIDs that should be considered as belonging together by the OS

• HCE service may need to register multiple AIDs to implement a certain application

• Android guarantees one of the followingo All AIDs in the group are routed to this HCE

serviceo No AIDs in the group are routed to this HCE

service

Page 13: Host Card Emulation

AID groups and categories

• Each AID group can be associated with a category

• avoid mentioning AIDs in any user-facing parts of your application.

• Android 4.4 supports two categories: o CATEGORY_PAYMENT o CATEGORY_OTHER 

Page 14: Host Card Emulation

Checking for HCE support

• Your application can check whether a device supports HCE by checking for the FEATURE_NFC_HOST_CARD_EMULATION feature.

Page 15: Host Card Emulation

Service implementation

• The first step is therefore to extend HostApduService.

• HostApduService declares two abstract methods that need to be overridden and implemented

Page 16: Host Card Emulation

Service implementation (2)

• processCommandApdu() is called whenever a NFC reader sends an Application Protocol Data Unit (APDU) to your service

• "SELECT AID" APDU.

•  processCommandApdu() run on the main thread.

• When Android will stop forwarding new APDUs from the reader to your service ?o The NFC reader sends another "SELECT AID" APDU, which the

OS resolves to a different serviceo The NFC link between the NFC reader and your device is broke.

• In both of these cases,onDeactivated() implementation is called

Page 17: Host Card Emulation

Android Protocol Data Unit (APDU)

•  APDUs are the application-level packets being exchanged between the NFC reader and your HCE service.

• APDU is a half-duplex.

• Android’s HCE implementation only supports a single logical channel.

Page 18: Host Card Emulation

Android Protocol Data Unit (APDU) (2)

Page 19: Host Card Emulation

Manifest declaration and AID registration

Page 20: Host Card Emulation

Manifest declaration and AID registration (2)

Page 21: Host Card Emulation

Screen Off and Lock-screen Behavior

Page 22: Host Card Emulation

AID Conflict Resolution

• The same AID can be registered by more than one service.

• Checking if your service is the default

Page 23: Host Card Emulation

Secure element AID registration

Page 24: Host Card Emulation

Secure element AID registration (2)

Page 25: Host Card Emulation

Coexistence with Secure Element Cards

Page 26: Host Card Emulation

HCE and Security

• BIND_NFC_SERVICE system permission.

• Android Application Sandbox,

Page 27: Host Card Emulation

HEADER

Page 28: Host Card Emulation

Ahmed Fathallah Junior android developer

linkedin.com/in/ahmedfathallah/[email protected]