What UICC Means for NFC & Security


Published on

Jean-Francois Rubon of SIMalliance presents a Breakout Session at the 2014 IRM Summit in Phoenix, Arizona.

Published in: Software, Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

What UICC Means for NFC & Security

  1. 1. Security, Identity, Mobility Secure element architects for today’s generation What UICC Means for NFC & Security JF RUBON SIMalliance IRM Summit Phoenix, AZ 06/05/14
  2. 2. Securing the future of mobile services 2 Security, Identity, Mobility SIMalliance: Who we are SIMalliance members represent 86% of the global SIM market and deliver the most widely distributed secure application delivery platform in the world (UICC/SIM/USIM).
  3. 3. Securing the future of mobile services 3 Security, Identity, Mobility What we do… SIMalliance is the global, non-profit industry association which simplifies secure element (SE) implementation to drive the creation, deployment and management of secure mobile services. SIMalliance: > Promotes the essential role of the secure element (SE) in delivering secure mobile applications and services across all devices that can access wireless networks > Identifies and addresses SE-related technical issues, and clarifies and recommends existing technical standards relevant to SE implementation > Promotes an open SE ecosystem to facilitate and accelerate delivery of secure mobile applications globally > Monitors the market and produces market data reports
  4. 4. Securing the future of mobile services 4 Security, Identity, Mobility SIMalliance Latest Delicerables > Secure Element Deployment & Host Card Emulation v1.0 – Introduction to Android's Host Card Emulation (HCE) and explores its value to the NFC ecosystem relative to the Secure Element (SE) – Technology remains immature, un-standardised and, relative to SE-based deployments, vulnerable to malicious attack. > UICC LTE Profile – A collection of requirements for optimal support of LTE/EPS networks by UICC. – Widely utilised by North American MNOs. > UICC Device Implementation Guidelines – Outline fundamental and optional UICC features device vendors need to support to optimise UICC interoperability in future devices. > Stepping Stones Documents – Best practices for development of interoperable applications (USIM, NFC, SE). > General SIM Security Guidelines – Ensure that a SIM's security levels are optimally maintained.
  5. 5. Securing the future of mobile services 5 Security, Identity, Mobility SIMalliance: Creating Opportunities for Market Growth > Open Mobile API – Standardised way to connect mobile apps with all SEs on a device (SE form factor neutral) including a service layer to provide a more intuitive interface and increasingly powerful functionality. – Enables delivery of highly secure business and consumer mobile applications across all SE form factors. – Referenced by GSMA (NFC Handset & APIs Requirements and Test Book). – Open Source implementation (Seek-for-Android). – Implemented in more than 150 models of Android (NFC) Smartphones Open Mobile API A P P
  6. 6. Securing the future of mobile services 6 Security, Identity, Mobility A Secure Element (SE) for Each Business Model > An SE is a tamper resistant component which is used in a device to provide the security, confidentiality, and multiple application environments required to support various business models > An SE resides in extremely secure chips and may exist in a variety of form factors > The SE should provide separate memory for each application without interactions between them > SIMalliance considers true SEs to be a combination between software and dedicated hardware UICC (SIM) > Includes the application that authenticates the user in the network > Controlled by the mobile network operator (MNO) Embedded SE (eSE) > SE embedded in the mobile at the time of manufacturing > Controlled by the device maker (OEM) Secure MicroSD > SE embedded in µSD form factor and featuring large memory > Controlled by the service provider (SP)
  7. 7. Securing the future of mobile services 7 Security, Identity, Mobility Memory MNO BANK 1 BANK 2 SP Global Platform compliant OS Certified Secured Hardware & Software The UICC is a SE Providing a Safe Execution Environment for Applications > Highly Secured (Certifications: EMVCO, Common Criteria up to EAL5, CAST) > Highly customisable multi-services platform (Java & GlobalPlatform OS) > Connected: NFC (SWP) & remotely manageable (OTA & OTI) > Multi-party manageable: Secured domains managed independently by each entity +dynamic security domains creation > Standardised (ISO/IEC, ETSI, 3GPP, …) > Interoperable for mobile devices, for services hosting & management (trusted service manager compliant) > Proven and mature technology – NFC ready 7
  8. 8. Securing the future of mobile services 8 Security, Identity, Mobility Strong NFC Foundation in Place for Use by Service Providers 124m NFC SIM shipments in 3 years 2014: 416m NFC phones to be shipped* 2017: 53% of NFC- ready PoS globally* In 2013 : 78m NFC SIM shipped (SIMalliance): +159% Japan/Korea: 37m North America: 24m Europe: 14m *Forecast
  9. 9. Securing the future of mobile services 9 Security, Identity, Mobility Securing Digital Services with SEs is Convenient and Provides an Enhanced User Experience Smartphones With OpenMobileAPI User Experience Universal with SIM toolkit (simple UI) Smartphone apps with OpenMobileAPI Interface to the physical world with NFC Simplified ‘passwords’ with certificates and single-sign-on
  10. 10. Securing the future of mobile services 10 Security, Identity, Mobility Appropriate Utilization of SE in NFC
  11. 11. Securing the future of mobile services 11 Security, Identity, Mobility Conclusion > Identity applications, strong authentication & digital signature services support trust in digital services. > These services rely on SEs to store and manage user credentials, to counter security threats and meet certification requirements > SEs provide a smooth user experience in mobile applications with NFC and Smartphone API > Technology options enable service providers to support the identity service best adapted to their business model using: – SIM cards – Micro-SD – Embedded SEs
  12. 12. Thanks! Visit www.simalliance.org for more information