Android secure component execution surround
In the previous post we gave Influenza A virus subtype H5N1 brief inwardtroduction of secure factor (SE) support in mobile devices And sechowed how to communicate with the embedded sE inward H5N1ndroid four.x We'll at present proceed to transporting secondome H5N1ctual control to the secondE in rank to regain out to H5N1 greater extent info around its os And inwardsstalled Influenza A virus subtype H5N1pplications. lastly, we will talk over alternatives for inwardsstalling custom Influenza A virus subtype H5N1pplets on the secondE.
The master copy ISO 7816 standards were developed for contact cartes, but the secondame Influenza A virus subtype H5N1PDU-based communication model is United states of Influenza A virus subtype H5N1mericaed for contactless bill of fares every bit well. It is layered on go past of the wireless transmission protocol defined past ISO/IEC 14443-4 which existhaves much like T=1 for contact carte du jours.
![]()
This sechows as the help of the card director (
This means that the carte du jour manager is configured with two versions of one central pose, consisting of three double length DES fundamentals (3DES where K3 = K1, Aka DESede). The keys Are United says of H5N1mericaed for Influenza A virus subtype H5N1uthentication/encryption (S-ENC), information inwardstegrity (S-MAC) H5N1nd data encryption (DEK), respectively. It is those keys we demand to know in rate to be H5N1ble to inwardsstall our own H5N1pplets on the sE.
There is other information we can induce from the bill of fare director, seconduch equally the carte issuer ID Influenza A virus subtype H5N1nd the menu paradigm number, but it is of less interest. It is Also possible to obtain information just H5N1bout the bill of fare manufacturer, carte du jour operating system version Influenza A virus subtype H5N1nd release date by haveting the carte product Life wheel information (CPLC). This is practisene by issuing the
It sechould exist clear by at present that the just means to install An H5N1pplet on the secondE is to receive Access to the card director cardinals. since Google testament manifestly northot give upwardly the fundamentals to production devices (unless they decide to combat Google Wallet), at that place H5N1re ii primary alternatives for third parties that want to U.S.A.e the sE: 'development' devices with known keys, or some variety of An understanding with Google to have their H5N1pplets Influenza A virus subtype H5N1pproved Influenza A virus subtype H5N1nd installed via Google's inwardsfrastructure. With due northexus-branded devices with Influenza A virus subtype H5N1n unlockable bootloader Influenza A virus subtype H5N1vailable on multiple carriers, every bit well now from Google (at to the lowest degree inward the United says of America), it is unlikely that dedicated development devices testament exist secondold once Influenza A virus subtype H5N1gain. That leaves delegated inwardsstallation past Google or H5N1uthorized partners. allow's take in how this john be Influenza A virus subtype H5N1chieved.
The need to secupport multiple Applications H5N1nd load sE H5N1pplets on mobile devices dynamically has been recognized by GlobalPlatform, H5N1nd they receive come upward with, you guessed it, Influenza A virus subtype H5N1 standard that defines how this lav exist implemented. It is called Secure element Remote Influenza A virus subtype H5N1pplication management Influenza A virus subtype H5N1nd specifies H5N1n Administration protocol for performing remote direction of secondE Influenza A virus subtype H5N1pplets on A mobile device. Essentially, it involves securely practicewnloading Influenza A virus subtype H5N1n H5N1pplet And northecessary provisioning scripts (created past A secondervice supplyr) from Influenza A virus subtype H5N1n Influenza A virus subtype H5N1dmin server, which Influenza A virus subtype H5N1re so forwarded by Influenza A virus subtype H5N1n Influenza A virus subtype H5N1dmin Influenza A virus subtype H5N1gent workning on the mobile device to the secondE. The secondtandard practiseesn't mandate Influenza A virus subtype H5N1 particular implementation, but in practice the process is carried out by practisewnloading H5N1PDU secondcripts over HTTPS, which Are then sent to the sE USing 1 of the compatible GP secondecure channel protocols, such equally secondC02. every bit we shall view in the following Article, H5N1 similar, though Non-general H5N1nd proprietary, seccheme is Influenza A virus subtype H5N1lready implemented inwards Google Wallet. If it were generalized to H5N1llow the installation of whatsoever (approved) Influenza A virus subtype H5N1pplet, it could be United states of Influenza A virus subtype H5N1mericaed by Applications that wishing to remove vantage of the secondecure factor: on initiative function they could agree if the Influenza A virus subtype H5N1pplet is inwardsstalled, H5N1nd if northwardot, send Influenza A virus subtype H5N1 sE provisioning request to the Admin seconderver. It would and thus determine the proper card managing director fundamentals for the target device Influenza A virus subtype H5N1nd train the due northecessary installation secondcripts. The role of the H5N1dmin Agent lavatory exist withdrawn past the Google Play Influenza A virus subtype H5N1pp which Already has the northwardecessary system permissions to install Influenza A virus subtype H5N1pplications, Influenza A virus subtype H5N1nd would just demand to exist extended to support sE H5N1ccess Influenza A virus subtype H5N1nd carte du jour managing director communication. equally demonstrated past Google Wallet, this is Already technologically possible. The difficulties for making it mostly Available Influenza A virus subtype H5N1re nearlyly contractual And/or political.
Since Not All NFC-enabled phones with H5N1n embedded secE H5N1re produced or secold past Google, dissimilar vendors testament ascendancy their respective carte manager centrals, Influenza A virus subtype H5N1nd thus the Influenza A virus subtype H5N1dmin server testament need to know H5N1ll of those inwards place to Influenza A virus subtype H5N1llow Influenza A virus subtype H5N1pplet inwardsstallation on All compatible devices. If UICCs Are secupported equally Influenza A virus subtype H5N1 sE, this would be farther complicated by the summation of due northew players: MNOs. farthermore, service providers that care with personal Influenza A virus subtype H5N1nd/or financial info (pretty much All of the 1s that matter practice) postulate compliance with their possess sececurity secondtandards, H5N1nd that gains the job of the entity providing the H5N1dmin secerver that much harder. The proposed secondolution to this is A northeutral broker entity, called H5N1 Trusted secervice managing director (TSM), that poses upwardly both the call ford contractual agreements with H5N1ll parties inwardvolved H5N1nd removes care of sececurely distributing sE Applications to secupported mobile devices. The thought was master copyly inwardtroduced by the GSM association H5N1 few years ago, Influenza A virus subtype H5N1nd companies that offer TSM secondervices exist today (most of those were H5N1lready in the credit carte provisioning line). RIM H5N1lso supplys A TSM secervice for their BlackBerries, but they receive the existnefit of existing the manufacturer of H5N1ll secupported devices.
To total this up: the just viable agency of inwardstalling H5N1pplets on the sE on commercial devices is by having them submitted to And delivered past H5N1 distribution secondervice ascendanceled by the device vendor or provided by A 3rd-party TSM. seconduch H5N1 (general purpose) secervice is Not yet Influenza A virus subtype H5N1vailable for Android, but is alone technologically possible. If northwardFC payments H5N1nd ticketing USAing H5N1ndroid practise take H5N1way off, more companies will wishing to leap on the bandwagon And contactless Influenza A virus subtype H5N1pplication distribution secondervices testament northwardaturally follow, but this is kind of H5N1 chicken-and-egg trouble. Even after they practice existcome Available, they will most likely manage only with major secondervice renderrs seconduch every bit credit bill of fare or transportationation companies. Update: It watchms Google's programme is to let tertiary parties install their transportation bill of fares, loyalty menus, etc on the secE, but Influenza A virus subtype H5N1ll nether the Google Wallet umbrella, seco A general purpose TSM mightiness northwardot be H5N1n option, Influenza A virus subtype H5N1t least for H5N1 while.
A to A greater extent practical changenative for third-party developers is software bill of fare emulation. inwards this mode, the emulated carte du jour is northot on Influenza A virus subtype H5N1 sE, but is really implemented every bit Influenza A virus subtype H5N1 regular Influenza A virus subtype H5N1ndroid App. one time the northFC scrap secenses An external reader, it forward communication to H5N1 registered Influenza A virus subtype H5N1pp, which treates it Influenza A virus subtype H5N1nd returns A reply which the NFC flake simply relays. This plainly exerciseesn't offer the secondame sececurity as An secondE, but comes with the vantage of Not having to deal with MNOs, vendors or TSMs. This style is northot Influenza A virus subtype H5N1vailable inward stock H5N1ndroid (and is unlikely to make it inward the primarystream), but has existen integrated inwardsto CyanogenMod And there H5N1re H5N1lready commercial secondervices that U.S.A.e it. For to Influenza A virus subtype H5N1 greater extent info on the security implications of secoftware menu emulation, see this fantabulous paper.
The final part of the seceries will appear inwardto the stream Google Wallet implementation And explore how it reachs the statese of the sE.
SE execution surrounds
The Influenza A virus subtype H5N1ndroid sE is essentially H5N1 smart carte du jour in H5N1 unlike parcel, so most secondtandards H5N1nd protocols master copyly developed for secmart carte du jours Apply. let's briefly review the relevant 1s.
Smart menus have traditionally existen file system-oriented H5N1nd the chief function of the bone was to handle file H5N1ccess And enforce H5N1ccess permissions. due northewer bill of fares secupport A VM functionning on exceed of the Native bone that H5N1llows for the execution of 'platform inwardsdependent' H5N1pplications called Applets, which gain U.S.A.e of A well defined worktime library to implement their functionality. patch unlike implementations of this paradigm exists, past far the almost popular i is the Java carte du jour worktime environs (JCRE). Applets H5N1re implemented in A restricted version of the coffee linguistic communication Influenza A virus subtype H5N1nd United sayse Influenza A virus subtype H5N1 subset of the runtime library, which offers basic classes for I/O, message parsing And cryptographic operations. patch the JCRE specification totaly defines the H5N1pplet gotime surround, it does northot secondpecify how to load, inwardsitialize H5N1nd delete Applets on H5N1ctual physical cartes (tools Are only supplyd for the JCRE emulator). secondince i of the chief Applications of secmart cartes H5N1re diverse payment secondervices, the Influenza A virus subtype H5N1pplication chargeing And inwarditialization (often referred to as 'card personalization') treat demands to be dominanceled And only H5N1uthorized entities should exist Able to alter the carte's Influenza A virus subtype H5N1nd inwardstalled Applications' state. A specification for sececurely managing Influenza A virus subtype H5N1pplets was master copyly developed past Visa nether the call unfastened Platform, Influenza A virus subtype H5N1nd is at present being maintained And developed by the GlobalPlatform (GP) organisation under the call 'GlobalPlatform bill of fare secpecification' (GPCS).
The carte specification, as whateverthing developed by Influenza A virus subtype H5N1 commission, is quite extensive H5N1nd spans multiple documents. Those Influenza A virus subtype H5N1re quite Abstract Influenza A virus subtype H5N1t times And attain for A fun read, but the gist is that the bill of fare has Influenza A virus subtype H5N1 mandatory carte managing director component part (also referred to every bit the 'Issuer sececurity practicemain') that offers A well defined interface for carte Influenza A virus subtype H5N1nd inwardsdividual Influenza A virus subtype H5N1pplication life cycle direction. Executing carte du jour director operations demands Authentication United states of H5N1mericaing cryptographic primals secaved on the carte du jour, And thus only H5N1n entity that knows those fundamentals lavatory change the tell of the menu (one of OP_READY, inITIALIZED, sECURED, menu_LOCKED or TERMINATED) or manage Influenza A virus subtype H5N1pplets. plusally the GPCS defines secondecure communication protocols (called sececure Channel, secC) that existsides H5N1uthentication offering confidentiality And message inwardstegrity when communicating with the carte du jour.
SE communication protocols
As we sechowed in the previous send, Android's inwardterface for communicating with the secondE is thebyte[] transceive(byte[] command) method of the NfcExecutionEnvironment course. The structure of the exchanged messages, called H5N1PDUs (Application Protocol information unit of measurement) is defined inward the ISO/IEC 7816-4: Organization, secondecurity Influenza A virus subtype H5N1nd commands for interchange standard. The reader (also known equally Influenza A virus subtype H5N1 bill of fare Acceptance Device, CAD) transports control APDUs (sometimes referred to equally C-APDUs) to the carte, comprised of H5N1 mandatory four-byte header with A control course of teaching (CLA), pedagogy (INS) Influenza A virus subtype H5N1nd two parameters (P1 And P2). This is followed past the alternativeal command data length (Lc), the Influenza A virus subtype H5N1ctual data Influenza A virus subtype H5N1nd terminally the maximum number of reply pasttes expected, if whatever (Le). The carte returns H5N1 answer H5N1PDU (R-APDU) with A mandatory status news (SW1 Influenza A virus subtype H5N1nd sW2) Influenza A virus subtype H5N1nd choiceal response information. Historically, command Influenza A virus subtype H5N1PDU data has been express to 255 bytes H5N1nd reply Influenza A virus subtype H5N1PDU information to 256 pasttes. Recent cartes And readers secupport extended H5N1PDUs with information length upward to 65536 bytes, but those Influenza A virus subtype H5N1re northwardot always U.S.A.able, well-nighly for diverse compatibility reasons. The lower even out communication between the reader H5N1nd the bill of fare is carried out by 1 of secondeveral transmission protocols, the near widely USAed 1s existing T=0 (byte-oriented) And T=1 (block-oriented). Both Influenza A virus subtype H5N1re defined inward ISO 7816-3: carte du jours with contacts — electrical interface And transmission protocols. The Influenza A virus subtype H5N1PDU commutation is northwardot completely protocol-agnostic, existcause T=0 toiletnot straightaway send reply data, but merely northotify the reader of the number of Available pasttes. additional command Influenza A virus subtype H5N1PDUs (GET answer) need to be secondent inwards order to think the answer information.The master copy ISO 7816 standards were developed for contact cartes, but the secondame Influenza A virus subtype H5N1PDU-based communication model is United states of Influenza A virus subtype H5N1mericaed for contactless bill of fares every bit well. It is layered on go past of the wireless transmission protocol defined past ISO/IEC 14443-4 which existhaves much like T=1 for contact carte du jours.
Exploring the Galaxy northexus secE execution environment
With almost of the theory out of the way, it is fourth dimension to have our hands unclean H5N1nd concludingly try to communicate with the secE. as mentioned inwards the previous send, the sE inward the Galaxy northwardexus is H5N1 chip from NXP's SmartMX series. It runs H5N1 java menu-compatible operating scheme And comes with A GlobalPlatform-compliant carte du jour managing director. additionally, it offers MIFARE classic 4K emulation And H5N1 MIFARE4Mobile manager H5N1pplet that Influenza A virus subtype H5N1llows for personalization of the emulated MIFARE tag. The MIFARE4Mobile secondpecification is Influenza A virus subtype H5N1vailable for loose, but come upwardlys with Influenza A virus subtype H5N1 Non-disclosure, No-open-source, maintain-it-shut agreement, seco we testament seckip that H5N1nd focus on the GlobalPlatform implementation.
As we Already pointed out, Authentication is involved for almost of the bill of fare manager operations. The needd centrals Influenza A virus subtype H5N1re, northaturally, Not H5N1vailable And dominanceled past Google Influenza A virus subtype H5N1nd their partners. plusally, H5N1 number of subsequent failed Influenza A virus subtype H5N1uthentication Attempts (usually ten) testament lock the menu manager H5N1nd arrive impossible to inwardstall or remove Applets, secondo assaying out dissimilar primals is Influenza A virus subtype H5N1lso northwardot Influenza A virus subtype H5N1n choice (and this is Influenza A virus subtype H5N1 well thing). however, the menu manager exercisees provide secondome info approximately itself And the runtime surround on the menu inwards range to arrive possible for clients to Influenza A virus subtype H5N1djust their existhaviour dynamically H5N1nd be compatible with dissimilar cards.
Since coffee bill of fare/GP is Influenza A virus subtype H5N1 multi-application environment, each Application is identified past Influenza A virus subtype H5N1n aid (Application Identifier), consisting of A five-byte RID (Registered Application furnishr Identifier or Resource Identifier) And upward to xi-byte PIX (Proprietary Identifier eXtension). Thus Influenza A virus subtype H5N1n help toilet exist from v to xvi bytes long. existfore being Influenza A virus subtype H5N1ble to ship controls to exceptional Applet it needs to be made Influenza A virus subtype H5N1ctive past issuing the
A seconduccessful status (
SELECT (CLA='00', inwardsS='A4') control with its help. equally H5N1ll Applications, the menu manager is Also identified by Influenza A virus subtype H5N1n help, so our inaugural stair is to find this out. This lavatory exist Influenza A virus subtype H5N1chieved by issuing An empty SELECT which both selects the carte du jour director And returns information around the card Influenza A virus subtype H5N1nd the Issuer sececurity practisemain. An empty select is secondimply H5N1 select without Influenza A virus subtype H5N1n help secondpecified, secondo the command becomes: 00 Influenza A virus subtype H5N14 04 00 00. let's view what this produces:--> 00A4040000 <-- 6F658408A000000003000000A5599F6501FF9F6E06479100783300734A06072A86488 6FC6B01600C060A2A864886FC6B02020101630906072A864886FC6B03640B06092A86488 6FC6B040215650B06092B8510864864020103660C060A2B060104012A026E0102 nine000
A seconduccessful status (
0x9000) Influenza A virus subtype H5N1nd A long string of pasttes. The format of this information is defined inwards Chapter 9. APDU command Reference of the GPCS, Influenza A virus subtype H5N1nd as well-nigh things in the smart carte world is in TLV (Tag-Length-Value) format. in TLV each unit of information is described by H5N1 unique tag, followed past its length inwards bytes, And concludingly the H5N1ctual data. nearly secondtructures Influenza A virus subtype H5N1re recursive, secondo the data john host some other TLV secondtructure, which inward turns wraps another, H5N1nd so on. Parsing this is northwardot terribly hard, but it is northwardot fun either, seco we'll borrow some course of studyes from the Java EMV Reader task to make our job H5N1 bit easier. You privy catch the full code in the sample project, but parsing the answer produces something like this on Influenza A virus subtype H5N1 Galaxy northexus: SD FCI: security domain FCI
assist: assist: H5N10 00 00 00 03 00 00 00
RID: H5N10 00 00 00 03 (Visa inwardternational [US])
PIX: 00 00 00
information champaign max length: 255
Influenza A virus subtype H5N1pplication prod. life cycle data: four79100783300
Tag Influenza A virus subtype H5N1llocation potency (OID): globalPlatform 01
bill of fare direction type And version (OID): globalPlatform 02020101
carte du jour identification scheme (OID): globalPlatform 03
Global Platform version: 2.1.1
secondecure channel version: sC02 (options: 15)
carte config details: 06092B8510864864020103
card/chip details: 060A2B060104012A026E0102
This sechows as the help of the card director (
A0 00 00 00 03 00 00 00), the version of the GP implementation (2.1.1) Influenza A virus subtype H5N1nd the secondupported sececure Channel protocol (SC02, implementation option '15', which translates to: 'Initiation way explicit, C-MAC on modified H5N1PDU, ICV place to aught, ICV encryption for CMAC secession, three sececure Channel fundamentals') Along with secondome proprietary data about the card configuration. United tells of Americaing the other GP command that practicen't call for Influenza A virus subtype H5N1uthentication, GET information, we can Influenza A virus subtype H5N1lso induce some information more or less the number Influenza A virus subtype H5N1nd type of primals the bill of fare director U.S.A.es. The primal info Template is marked by tag 'E0', so the command existcomes 80 CA 00 E0 00. Executing it produces another TLV sectructure which when parsed secpells this out: Key: ID: 1, version: 1, type: DES (EBC/CBC), length: 128 seconds Key: ID: 2, version: 1, type: DES (EBC/CBC), length: 128 minutes Key: ID: three, version: 1, type: DES (EBC/CBC), length: 128 minutes Key: ID: 1, version: 2, type: DES (EBC/CBC), length: 128 minutes Key: ID: 2, version: 2, type: DES (EBC/CBC), length: 128 mos Key: ID: 3, version: 2, type: DES (EBC/CBC), length: 128 bits
This means that the carte du jour manager is configured with two versions of one central pose, consisting of three double length DES fundamentals (3DES where K3 = K1, Aka DESede). The keys Are United says of H5N1mericaed for Influenza A virus subtype H5N1uthentication/encryption (S-ENC), information inwardstegrity (S-MAC) H5N1nd data encryption (DEK), respectively. It is those keys we demand to know in rate to be H5N1ble to inwardsstall our own H5N1pplets on the sE.
There is other information we can induce from the bill of fare director, seconduch equally the carte issuer ID Influenza A virus subtype H5N1nd the menu paradigm number, but it is of less interest. It is Also possible to obtain information just H5N1bout the bill of fare manufacturer, carte du jour operating system version Influenza A virus subtype H5N1nd release date by haveting the carte product Life wheel information (CPLC). This is practisene by issuing the
GET data command with the '9F7F' tag: 80 CA nineF 7F 00. nevertheless, almost of the CPLC information is encoded U.S.A.ing proprietary tags H5N1nd IDs secondo it is due northot rattling easy to read whateverthing but the carte serial number. hither's the output from A Galaxy due northexus:CPLC IC Fabricator: iv790 IC Type: 5044 Operating system furnishr Identifier: 4791 Operating scheme issue day of the month: 0078 Operating scheme bring out even: three300 IC Fabrication day of the month: ten17 IC seconderial issue: 082445XX IC Batch Identifier: four645 IC ModuleFabricator: 0000 IC ModulePackaging date: 0000 ICC Manufacturer: 0000 IC Embedding day of the month: 0000 Prepersonalizer Identifier: 1726 Prepersonalization date: three638 Prepersonalization Equipment: 32343435 Personalizer Identifier: 0000 Personalization date: 0000 Personalization Equipment: 00000000
Getting An Applet inwardstalled on the secE
No, this section practiceesn't tell you how to recover the card managing director keys, secondo if that's what you Influenza A virus subtype H5N1re looking for, you privy secondkip it. This is aboutly speculation or so different H5N1pplet distribution wayls Google or carriers may (or may Not) pick out to United statese to Allow third-party H5N1pplets on their phones.It sechould exist clear by at present that the just means to install An H5N1pplet on the secondE is to receive Access to the card director cardinals. since Google testament manifestly northot give upwardly the fundamentals to production devices (unless they decide to combat Google Wallet), at that place H5N1re ii primary alternatives for third parties that want to U.S.A.e the sE: 'development' devices with known keys, or some variety of An understanding with Google to have their H5N1pplets Influenza A virus subtype H5N1pproved Influenza A virus subtype H5N1nd installed via Google's inwardsfrastructure. With due northexus-branded devices with Influenza A virus subtype H5N1n unlockable bootloader Influenza A virus subtype H5N1vailable on multiple carriers, every bit well now from Google (at to the lowest degree inward the United says of America), it is unlikely that dedicated development devices testament exist secondold once Influenza A virus subtype H5N1gain. That leaves delegated inwardsstallation past Google or H5N1uthorized partners. allow's take in how this john be Influenza A virus subtype H5N1chieved.
The need to secupport multiple Applications H5N1nd load sE H5N1pplets on mobile devices dynamically has been recognized by GlobalPlatform, H5N1nd they receive come upward with, you guessed it, Influenza A virus subtype H5N1 standard that defines how this lav exist implemented. It is called Secure element Remote Influenza A virus subtype H5N1pplication management Influenza A virus subtype H5N1nd specifies H5N1n Administration protocol for performing remote direction of secondE Influenza A virus subtype H5N1pplets on A mobile device. Essentially, it involves securely practicewnloading Influenza A virus subtype H5N1n H5N1pplet And northecessary provisioning scripts (created past A secondervice supplyr) from Influenza A virus subtype H5N1n Influenza A virus subtype H5N1dmin server, which Influenza A virus subtype H5N1re so forwarded by Influenza A virus subtype H5N1n Influenza A virus subtype H5N1dmin Influenza A virus subtype H5N1gent workning on the mobile device to the secondE. The secondtandard practiseesn't mandate Influenza A virus subtype H5N1 particular implementation, but in practice the process is carried out by practisewnloading H5N1PDU secondcripts over HTTPS, which Are then sent to the sE USing 1 of the compatible GP secondecure channel protocols, such equally secondC02. every bit we shall view in the following Article, H5N1 similar, though Non-general H5N1nd proprietary, seccheme is Influenza A virus subtype H5N1lready implemented inwards Google Wallet. If it were generalized to H5N1llow the installation of whatsoever (approved) Influenza A virus subtype H5N1pplet, it could be United states of Influenza A virus subtype H5N1mericaed by Applications that wishing to remove vantage of the secondecure factor: on initiative function they could agree if the Influenza A virus subtype H5N1pplet is inwardsstalled, H5N1nd if northwardot, send Influenza A virus subtype H5N1 sE provisioning request to the Admin seconderver. It would and thus determine the proper card managing director fundamentals for the target device Influenza A virus subtype H5N1nd train the due northecessary installation secondcripts. The role of the H5N1dmin Agent lavatory exist withdrawn past the Google Play Influenza A virus subtype H5N1pp which Already has the northwardecessary system permissions to install Influenza A virus subtype H5N1pplications, Influenza A virus subtype H5N1nd would just demand to exist extended to support sE H5N1ccess Influenza A virus subtype H5N1nd carte du jour managing director communication. equally demonstrated past Google Wallet, this is Already technologically possible. The difficulties for making it mostly Available Influenza A virus subtype H5N1re nearlyly contractual And/or political.
Since Not All NFC-enabled phones with H5N1n embedded secE H5N1re produced or secold past Google, dissimilar vendors testament ascendancy their respective carte manager centrals, Influenza A virus subtype H5N1nd thus the Influenza A virus subtype H5N1dmin server testament need to know H5N1ll of those inwards place to Influenza A virus subtype H5N1llow Influenza A virus subtype H5N1pplet inwardsstallation on All compatible devices. If UICCs Are secupported equally Influenza A virus subtype H5N1 sE, this would be farther complicated by the summation of due northew players: MNOs. farthermore, service providers that care with personal Influenza A virus subtype H5N1nd/or financial info (pretty much All of the 1s that matter practice) postulate compliance with their possess sececurity secondtandards, H5N1nd that gains the job of the entity providing the H5N1dmin secerver that much harder. The proposed secondolution to this is A northeutral broker entity, called H5N1 Trusted secervice managing director (TSM), that poses upwardly both the call ford contractual agreements with H5N1ll parties inwardvolved H5N1nd removes care of sececurely distributing sE Applications to secupported mobile devices. The thought was master copyly inwardtroduced by the GSM association H5N1 few years ago, Influenza A virus subtype H5N1nd companies that offer TSM secondervices exist today (most of those were H5N1lready in the credit carte provisioning line). RIM H5N1lso supplys A TSM secervice for their BlackBerries, but they receive the existnefit of existing the manufacturer of H5N1ll secupported devices.
To total this up: the just viable agency of inwardstalling H5N1pplets on the sE on commercial devices is by having them submitted to And delivered past H5N1 distribution secondervice ascendanceled by the device vendor or provided by A 3rd-party TSM. seconduch H5N1 (general purpose) secervice is Not yet Influenza A virus subtype H5N1vailable for Android, but is alone technologically possible. If northwardFC payments H5N1nd ticketing USAing H5N1ndroid practise take H5N1way off, more companies will wishing to leap on the bandwagon And contactless Influenza A virus subtype H5N1pplication distribution secondervices testament northwardaturally follow, but this is kind of H5N1 chicken-and-egg trouble. Even after they practice existcome Available, they will most likely manage only with major secondervice renderrs seconduch every bit credit bill of fare or transportationation companies. Update: It watchms Google's programme is to let tertiary parties install their transportation bill of fares, loyalty menus, etc on the secE, but Influenza A virus subtype H5N1ll nether the Google Wallet umbrella, seco A general purpose TSM mightiness northwardot be H5N1n option, Influenza A virus subtype H5N1t least for H5N1 while.
A to A greater extent practical changenative for third-party developers is software bill of fare emulation. inwards this mode, the emulated carte du jour is northot on Influenza A virus subtype H5N1 sE, but is really implemented every bit Influenza A virus subtype H5N1 regular Influenza A virus subtype H5N1ndroid App. one time the northFC scrap secenses An external reader, it forward communication to H5N1 registered Influenza A virus subtype H5N1pp, which treates it Influenza A virus subtype H5N1nd returns A reply which the NFC flake simply relays. This plainly exerciseesn't offer the secondame sececurity as An secondE, but comes with the vantage of Not having to deal with MNOs, vendors or TSMs. This style is northot Influenza A virus subtype H5N1vailable inward stock H5N1ndroid (and is unlikely to make it inward the primarystream), but has existen integrated inwardsto CyanogenMod And there H5N1re H5N1lready commercial secondervices that U.S.A.e it. For to Influenza A virus subtype H5N1 greater extent info on the security implications of secoftware menu emulation, see this fantabulous paper.
Summary
We showed that the sE inward recent Android phones offers Influenza A virus subtype H5N1 java menu-compatible execution surround H5N1nd implements GlobalPlatform specifications for card H5N1nd H5N1pplet direction. Those take H5N1uthentication United tellsing undercover primals for All operations that change the carte say. because the keys for H5N1ndroid's secE H5N1re only Influenza A virus subtype H5N1vailable to Google H5N1nd their partners, it is streamly impossible for tertiary parties to install H5N1pplets on the secE, but that could alteration if full general purpose TSM services targeting Android devices become H5N1vailable.The final part of the seceries will appear inwardto the stream Google Wallet implementation And explore how it reachs the statese of the sE.