Cours NFC 2019

www.mbds-fr.org
MBDS course:
"NFC Programming"
Dr Anne-Marie Lesas
University of Nice – Sophia-Antipolis, France
1

www.mbds-fr.org
1. Introduction to NFC
2
Dr Anne-Marie Lesas

Copyright Big Data Pr Serge Miranda, MBDS, Univ de Nice Sophia Antipolis (UCA)
1.1 Why NFC Standard
➢Applications in all domains
➢Not only mobile payment!
➢Tourism, Marketing, Ticketing,
Healthcare, Office, Administration,
Leisure, Education, Industry,
Financial and rural inclusion…
➢E.g. IoT uses cases:
➢Data sharing
➢Data collection
➢Devices pairing
➢Smart cities
➢Smart home
➢Carsharing
➢Automation…
4
Toma Cristian, Cristian Ciurea
and Ion Ivan [CC BY 3.0
(https://creativecommons.org/l
icenses/by/3.0)]

➢Smart home example:
✓Access control
✓Appliances' pairing and
setup
✓Triggering events
✓Activation/deactivation
automation according
the user’s preferences
✓Camera and sensors
data collection
✓Etc….
5

➢Advantages:
✓Global standard widely deployed
✓Mobile and wearable
✓User friendly (easy to use)
✓Natural gesture
✓Respect of privacy
✓Economic (no battery required)
✓Fast connection
✓Compatible with existing architecture
✓Unlimited use cases…
6

1.2. From RFID to NFC
➢RFID passive tag
8
Antenna
Chip
(UID)
➢ Animals identification
➢ Products traceability
➢ Antitheft
➢ Electronic documents
➢ Chip cards
➢ …
The contactless smartcard is also a tag type!

➢RFID active reader (polling device)
9
Image source:
https://commons.wikimedi
a.org/wiki/File:RFID-
Зураг.jpg

➢Competing RFID-based standards
➢1999: Wi-Fi Alliance
➢1999: Bluetooth (initially proposed by Ericson)
➢2003: Zigbee Alliance (left by Philips semiconductors at the time)
➢2004: Near Field Communication (NFC) deployed into the
mobile Nokia 6131
➢2004: Bluetooth Low End Extension evolved into Bluetooth Low
Energy (2010) deployed in Apple iPhone 4S (2011)
10

➢NFC won the battle of the smartphone
➢2004: ECMA-340 (NFCIP-1) 1st publication of the standard;
NFC Forum is founded by the inventors of NFC, Philips semiconductors
(now become NXP) and Sony joined by Nokia
➢2009: 1st specification of P2P active mode of NFC
➢2010: 1st NFC-enabled Android smartphone Nexus S by Google
2013: NFC is deployed in Windows phones
➢2015: NFC is deployed in Apple iPhones
➢ Today all recent smartphones are NFC-enable
11

➢NFC devices inductive coupling: passive mode
12
The passive device is activated by the active device

➢NFC devices inductive coupling: active mode (P2P)
13
Both devices are empowered;
a polling device initiates the
communication with the
listening device and both
devices can alternately
exchange data to the other in
the active P2P mode.

➢Summary
➢NFC belongs to RFID family
➢NFC standard is managed by the NFC Forum (www.nfc-forum.org) founded by the inventors of
NFC in 2004
➢NFC is RF-based contactless communication in active and passive mode
➢An NFC empowered active device acts as a reader/encoder for NFC passive tags (without
battery): the inducted energy (electromagnetic field) is generated by the active device
➢The NFC chip can be uniquely identified by its unique identifier (UID)
➢The contactless smartcard is an NFC passive tag type
➢Two active NFC-enabled devices can also exchange data in P2P active mode
➢A mobile phone equipped with NFC becomes a P2P device and an NFC reader/encoder and
a contactless smartcard
14

1.3. NFC Standard
➢Standard vs proprietary?
➢Proprietary is a black box controlled by one stakeholder…
➢NFC ecosystem involves several stakeholders:
➢Chip manufacturers
➢Readers manufacturers
➢Mobile manufacturers…
➢Software and services providers (operating systems, drivers, middleware,
applications, etc.)
➢…
➢NEED FOR INTERFACES AND PROTOCOLS SPECIFICATION!
16

1.3. NFC Standard: RF technologies
17

1.3. NFC Standard: RF technologies
18

1.3. NFC Standard
19
 Frequency: 13.56MHz (High Frequency)
OPEN Frequency (no licence required)
 Range: Very short <10 cm
(<4 cm in practice)
 Data rate: From 106 Kb/s to 848 Kb/s
(424Kb/s in NFCIP-1 standard)
 Connection time: 0.1 second
(vs. 0.5 second for the infrared
1 second for the Bluetooth®)

1.3. NFC Standard
➢ISO/IEC 14443: Identification cards -- Contactless integrated circuit
cards -- Proximity cards
➢ISO/IEC 14443-1:2016 Part 1: Physical characteristics
➢ISO/IEC 14443-2:2016 Part 2: Radio frequency power and signal
interface
➢ISO/IEC 14443-3:2016 Part 3: Initialization and anticollision
➢ISO/IEC 14443-4:2016 Part 4: Transmission protocol
20

1.3. NFC Standard
21
Source Erik Hubers. Licensed under CC BY-SA 4.0

1.3. NFC Standard: Tag types
22

1.3. NFC Standard
23

1.3. NFC Standard: Analog signal and
digital transposition
24
➢The 3 types of RF interfaces (plus one since 2015)
➢NFC-A (e.g. NXP): Miller (polling) and Manchester (listening) coding used
with an amplitude modulation at 100% ASK (zero signal during breaks) at
106 Kbps
➢NFC-B (e.g. STMicroelectronics): NRZ coding with an amplitude
modulation at 10% ASK (polling, weak signal during breaks) and modulation
BPSK (listening) at 106Kbps
➢NFC-F (e.g. Sony FeliCa): Manchester coding with ASK amplitude
modulation at 212 or 424 Kbps
➢NFC-V (new tag type 5 for Vicinity cards): based on ISO/IEC 15693
specification (longer RF range)

25
➢Amplitude Shift Keying (ASK) modulation
The state transition is made by changing the amplitude of the
signal: The amplitude is decreased or zero.

26
➢Binary Phase Shift Keying (BPSK) modulation
At each state transition, the signal amplitude is inverted, creating
a phase jump.

27
➢Binary coding

28
➢Non Return to Zero (NRZ): A positive voltage represents the
data bit at "1", while a negative voltage represents the bit at "0".
➢Manchester (or biphase): Coding by transition (not by level); a
rising edge transition represents a data bit at "0". A transition on a
falling edge represents a bit at "1".
➢Miller: Manchester coding from which we remove a transition on
two: For "1", we insert a transition in the middle of the interval.
For "0", no transition unless the next bit is "0", then add a
transition at the end of the interval.

1.3. NFC Standard
29
Source: NFC Forum http://www.nfc-forum.org

1.3. NFC Standard: NFC Forum
30
Images source NFC Forum: http://www.nfc-forum.org
N-Mark of the NFC Forum

Copyright Big Data Pr Serge Miranda, MBDS, Univ de Nice Sophia Antipolis (UCA)31
➢NFC Forum Technical Specifications (sample)
▪ NFC Logical Link Control Protocol (LLCP)
▪ NFC Controller Interface (NCI)
▪ NFC Data Exchange Format (NDEF)
▪ Type tag 1 – 2 – 3 – 4 – 5
▪ Record Type Definitions (RTDs) and four specific RTDs: Text, URI, Smart Poster, and
Generic Control
▪ Connection Handover (P2P pairing)
▪ Personal Health Device Communication
▪ …

➢NFC Data Exchange Format (NDEF)
▪ NDEF messages are exchanged over NFC
▪ NDEF message can be stored in an NFC passive tag
▪ NDEF message contains NDEF records
▪ NDEF records contain a Header and a Payload

➢NDEF message
7 MB (Message Begin) 1 = start of the message
6 ME (Message End) 1 = end of the message
5 CF (Chunk Flag) 1 = start of a parcelable record
4 SR (Short Record) 1 = record format type (normal or short)
3 IL (Id Length) 1 = record identifier lenght
2
TNF
(Type Name Format)
Data type (3 bytes)
0x00 = empty
0x01 = NFC Forum type
0x02 = Media Type (MIME) NOT NFC
Forum
0x03 = absolute URI
…
1
0

➢Type Name Format (TNF)
• Example of the URI type: ”U”
➢0x00 : no prefixe
➢0x01 : http://www.
➢0x02 : https://www.
➢0x03 : http://
➢0x04 : https://
➢0x05 : tel:
➢0x06 : mailto:
➢0x1D : file://
➢0x24...0xFF : futur use
Well known types managed by the NFC Forum

➢Summary
▪ NFC is a global standard providing a generic interface for several proprietary
technologies,
▪ NFC operates on the unlicensed frequency of 13.56MHz with a very short
range <10cm and a low data rate but a fast connectivity,
▪ NFC is standardized by the ISO/IEC 14443 standard (proximity cards) which is
divided into 4 parts:
▪ Part 1: Physical characteristics,
▪ Part 2: Radio frequency power and signal interface,
▪ Part 3: Initialization and anticollision,
▪ Part 4: Transmission protocol.
▪ The NFC Forum manages 5 tag types based on 4 technologies NFC-A, NFC-B,
NFC-F and NFC-V and several technical specifications around NFC such as LLCP,
NCI, NDEF and RTD that define for instance the NFC communication interface
and protocol and the NFC message format and type.
35
1.3. NFC Standard

1.4. The 3 operating modes of NFC
Standard
36

standard
37
37
➢The Read/Write mode
An NFC active device reads any passive tag type of the NFC Forum
(compliant with ISO 14443 RF interface): use cases are similar to
barcodes or QR-codes, the tag UID and/or the tag content make the link
with the digital world.
➢The Peer-to-Peer (P2P) mode
Two NFC active devices can exchange data according ISO/IEC 18092
standard: picture, business card, URL, file… Or pairing information to
setup another connectivity such as the Wi-Fi or Bluetooth for instance.
➢The Card Emlulation mode
An NFC active device acts as a contactless smartcard reader while
another NFC device is or behaves like a contactless smartcard (passive
tag type 4). In this mode of NFC the data is exchanged using the
Application Protocol Data Unit (APDU) described by ISO/IEC 7816-4
standard.

➢The Read/Write (R/W) mode of NFC
Read a passive tag
Energy
Data (UID)
Write a passive tag
Energy and data
Ok
NFC active device
(reader)
NFC active device
(reader)
Tag picture source: Berndo [CC BY-SA 4.0 (https://creativecommons.org/licenses/by-sa/4.0)]
store
data
standard

➢The Read/Write (R/W) mode of NFC
Public transportation information
(Nice, France): Lignes d’Azur Mobile
https://play.google.com/store/apps
/details?id=fr.cityway.android.st2n
&hl=fr
standard

➢The Peer-to-Peer (P2P) mode of NFC
NFC P2P
active device
NFC P2P
active device
Data
Data
standard

➢The Peer-to-Peer (P2P) mode of NFC
standard

➢The Card Emulation mode of NFC
The smartphone can act both as an NFC terminal
and as a contactless smartcard
APDU command (ISO 7816-4)
APDU response
standard

➢The Card Emulation mode of NFC
Picture source: HLundgaard [CC BY-SA 3.0
(https://creativecommons.org/licenses/by-sa/3.0)]
standard

➢Summary
▪ Finally, NFC is implemented with 3 operating modes:
✓The Read/Write mode:
an active NFC-device can read/write on NFC passive tags
✓The P2P mode:
2 active NFC-devices can exchange data
✓The Card Emulation mode:
an active NFC-device plays the role of the contactless smartcard reader
and a passive NFC-device behaves like a contactless smartcard which is
also a tag type (4). They communicate using APDU protocol standardized
by ISO/IEC 7816-4 (Identification cards -- Integrated circuit cards -- Part 4:
Organization, security and commands for interchange)
44
standard

www.mbds-fr.org
2. NFC card emulation mode
ecosystem and architecture
Dr Anne-Marie Lesas
45

➢OPEN API (e.g. Android platform)
1. Read/Write mode
2. P2P mode
Ex: Tourism, Marketing 2.0, devices pairing...
➢RESTRICTED API
3. Card Emulation mode
 Ex: M-payment (EMV, AMEX), Ticketing (transport), Access
control...
➔ SECURE ELEMENT (SE), NFC MOBILE WALLET
➔ TSM (& OTA)
47
2.1. The mobile wallet

48
➢Reminder
➢NFC  contactless communication standard
➢NFC Card Emulation Mode  contactless communication
compatible with smartcards protocol (APDU)
➢Mobile wallet  Mobile application (software)
➢Mobile payment  Use case
➢NFC  One solution among other technologies

49
➢NFC card emulation mode
✓Credit/debit cards
✓Access cards
✓Identity cards
✓Transport cards
✓Loyalty cards
✓Insurance cards
✓…

50
50
SECURE
ELEMENT
➢Mobile wallet services
✓Smartcard services
✓Electronic documents
✓Tickets
✓Vouchers
✓Coupons
✓Digital money
✓…

➢Overview of an NFC secure element-based mobile wallet
application configuration
Inside the mobile 
51

➢The mobile wallet implements the card emulation mode of NFC standard
➢The wallet mobile app is made of 2 software components:
1. The man-machine interface is a ”normal” mobile app running into the operating system of the mobile
host and benefits from all the advanced features and the Internet connectivity of the smartphone
2. The sensitive data and processing are stored and run into the Secure Element (SE) of the smartcard
type (hardware)
➢The mobile host application can connect the SE and send APDU commands from a SE API
➢The contactless transaction is made from a terminal application (NFC reader) with the SE
(NFC tag) using APDU protocol
➢A SE can host several services from several service providers
➢An application running inside a SE is called an Applet by inheritance from JavaCard
Superclass (or a Cardlet)
52

➢NFC card emulation mode
 Secure Element (SE)
✓SE = Smartcard chip
✓Own Operating System
(SOC JavaCard-based)
✓ROM, RAM, EEPROM
✓Secure storage (tamper resistant)
✓Cryptography mechanisms (API)
✓Multi-applications
✓APDU interface
✓Very small size
54
2.2. The Secure Element
Generic diagram of the components of a smart card with dual interface (Author =Vlopes)

➢Smartcard manufacturers
✓Gemalto
✓Oberthur
✓ACS
✓Axalto (Schlumberger)
✓Infineon
✓Multos
➢…
➢NFC chip manufacturers
✓NXP
✓STMicroelectronics
✓Broadcom
✓Qualcomm
✓Gemalto
✓Oberthur
✓…
55

➢SE architecture
56

➢SE service 3 deployment models
✓Simple mode: Only the SE issuer manages the SE content
(SP monitoring)
✓Delegate mode: a preauthorization is required from the SE
issuer (one time access token)
✓Authorized mode: the SP has full access to the security
domain
57

➢SE into the mobile: 3 hardware form factors
✓The SIM card (UICC): controlled by the Mobile Network Operator (MNO)
58

✓Embedded: controlled by the mobile handset manufacturer
59

✓Embedded: controlled by the mobile handset manufacturer
✓External/removable MicroSD (with or without RF interface)
60

➢Communicating with the SE: SE API (inherited from contact cards)
1. Detect
2. Connect
3. Open channel
4. Send APDU command
5. Receive APDU response
6. Close channel
7. Disconnect
61

➢Application Protocol Data Unit (APDU)

✓APDU structures (bytes arrays)
❑APDU command (C-APDU)
❑APDU response (R-APDU)
63
Optional

✓APDU command (C-APDU) fields
❑CLA: class of the command (mandatory 1 byte)
❑IN:; instruction code (1 byte)
❑P1: first parameter (1 byte)
❑P2: second parameter (1 byte)
❑Lc: length of the data (1-3 bytes)
❑Data: payload of the length indicated in the Lc field
❑Le: expected maximum length of the response or 0x00 (1-3 bytes)
64

✓APDU response (R-APDU) fields
❑Data: optional response data
❑SW1: Status Word 1 (1 byte)
❑SW2: Status Word 2 (1 byte)
65
Optional

➢APDU protocol
66
Sample of APDU fields values

➢APDU INS codes
(ISO 7816-4)
67
Sample of INS codes

➢APDU INS codes
68
Instruction name Description {INS} Standard
READ RECORD Read a file record ‘B2’ TS 51.011 ISO/IEC 7816-4
SELECT Select a dedicated file ‘A4’ TS 51.011 ISO/IEC 7816-4
UPDATE RECORD Update a record ‘DC’ TS 51.011, ISO/IEC 7816-4
VERIFY (CHV) Check authentication data (e.g. a PIN code) ‘20’ TS 51.011 ISO/IEC 7816-4, EMV
WRITE RECORD Write a file record ‘D2’ ISO/IEC 7816-4
ACTIVATE FILE Unblock a file ‘44’ ISO/IEC 7816-9
APPEND RECORD Add a record in a fixed length file ‘E2’ ISO/IEC 7816-4
APPLICATION BLOCK Block an application ‘1E’ EMV
APPLICATION UNBLOCK Unblock an application ‘18’ EMV
ASK RANDOM Request random number ‘84’ EN 726-3
GET CHALLENGE Request a random number ‘84’ ISO/IEC 7816-4
GIVE RANDOM Send a random number ‘86’ EN 726-3
CHANGE CHV Change PIN code ‘24’ TS 51.011
CHANGE REFERENCE DATA Change authentication data ‘24’ ISO/IEC 7816-8
CLOSE APPLICATION Reset all access conditions to an application ‘AC’ EN 726-3
CONVERT IEP CURRENCY Convert a currency ‘56’ EN 1546-3
CREATE FILE Create a new file ‘E0’ ISO/IEC 7816-9
CREATE RECORD Create a new record in a file ‘E2’ EN 726-3
DEACTIVATE FILE Block a file ‘04’ ISO/IEC 7816-9
DEBIT IEP Pay from the wallet (purse) ‘54’ EN 1546-
Instruction name Description {INS} Standard
DECREASE Decrease file storyteller ‘30’ EN 726-3
DELETE Delete an object ‘E4’ OP
DELETE FILE Delete a file ‘E4’ ISO/IEC 7816-9
DISABLE CHV Deactivate PIN code reading ‘26’ TS 51.011
ENABLE CHV Activate PIN code reading ‘28’ TS 51.011, EN 726-3
EXECUTE Execute a file ‘AE’ EN 726-3
EXTEND Extend a file ‘D4’ EN 726-3
EXTERNAL AUTHENTICATE External authentication ‘82’ ISO/IEC 7816-4
GENERATE AUTHORISATION
CRYPTOGRAM
Generate a digital signature for a payment
transaction
‘AE’ EMV
GENERATE PUBLIC KEY PAIR
Generate a key pair for an asymmetric
cryptographic algorithm
‘46’ ISO/IEC 7816-8
GET RESPONSE
Request a response (transmission protocol T
= 0)
‘C0’ TS 51.011
GET STATUS
Read application manager life cycle
information
‘F2’ ISO/IEC 7816-4, OP
LOAD
Load an application by transferring the load
file.
‘E8’ OP
MUTUAL AUTHENTICATE Mutual authentication ‘82’ ISO/IEC 7816-8
PERFORMSCQL OPERATION Execute a CQL intruction ‘10’ ISO/IEC 7816-7
PERFORMTRANSACTION
OPERATION
Execute a SCQL instruction ‘12’ ISO/IEC 7816-7
PERFORMUSER OPERATION Manage SQC user ‘14’ ISO/IEC 7816-7

➢Communicating with the SE:
Application Identifier (AID) 
✓SE service routing
✓Issuer Identification Number (IIN): ISO/IEC 7812
✓Or Registered Application Provider Identifier (RID):
ISO/IEC 7816-5
✓Proprietary Application Identifier Extension (PIX)
69

➢Communicating with the SE: Application Identifier (AID)
✓Example of AID (source EFTLab: https://www.eftlab.com/index.php/site-map/knowledge-
base/211-emv-aid-rid-pix)
▪ Visa payWave for Mobile: 325041592E5359532E4444463031
▪ DeviceFidelity In2Pay DFare applet: 44464D46412E44466172653234313031
▪ VISA Electron: A0000000032010
▪ MasterCard PayPass: A00000000401
▪ Orange: A0000000090001FF44FF1289
▪ American Express: A0000000250000
▪ ExpressPay: A000000025010701
▪ HSBC: A00000002949034010100001
▪ Barclay: A00000002949282010100000
▪ CB Apple Pay (France): A0000000426010
▪ …
70

➢Summary
✓The SE is an isolated tamper proof execution environment which is reachable
by:
▪ A contactless reader device using NFC card emulation mode
▪ A mobile application from the mobile host system through a dedicated SE API
✓The SE has 3 mobile form factors:
▪ The SIM card controlled by the MNO
▪ Embedded SE controlled by the mobile handset manufacturer
▪ The external/removable MicroSD
✓SE communication with APDU protocol carried by NFC card emulation mode:
▪ C-APDU sent by the reader
▪ R-APDU returned by the SE application
➢The routing to the SE service is done according the Application Identifier (AID)
71

2.3. The Trusted Service Manager
(and Secure Channel Protocols)
72

➢SE-based service?
✓Customer’s mobile device?
✓Which model manufacturer?
✓Which operating system version?
✓By who is controlled the SE?
✓Which MNO?
✓Which SE form factor?
✓Which security?
✓What interlocutors?
 HOW TO MANAGE A SE-BASED SERVICE DEPLOYMENT?
Image: Esther Vargas / Flickr
73

➢Lifecycle of SE-based service
✓Download: the service (applet) may be dynamically downloaded
or pre-installed into the secure element
✓Provision: initiate the service and assign a trusted area (Security
Domain) within the SE
✓Personalization: configure service or user-specific data
✓Activate/deactivate-Lock/Unlock: Activate or deactivate, lock or
unlock the service
✓Terminate: terminate the service and delete provisioned data
✓Update: service version updates
✓Information: provide information on the service and the
transactions execution status
THE USE CASES MUST BE DEFINED (By SP)
74

➢Role of the TSM
✓Trusted third-party
✓Connect SP to SEI
✓SE-based services lifecycle management
✓Remote access point
✓End-users management
✓Encryption keys management
✓Value-added services: transaction
traceability, fraud detection ...
 GUARANTEE OF END-TO-END SECURITY
75

➢Overview of a TSM-based architecture
76

➢TSM platforms
✓Oberthur Technologies (France)
✓Gemalto (Netherlands)
✓Bell ID (USA)
✓Sequent (USA)
✓Giesecke & Devrient (Germany)
✓CorFire (SK C&C, Korea)
✓…
77

➢Public Key Infrastructure (PKI)
1. Alice keeps her private key secret
2. Bob has the public key of Alice
3. Bob encrypts a message using Alice’s
public key
4. Only Alice can decrypt the message
sent by Bob using her private key
 ASYMMETRIC PROTOCOL
78

➢The digital certificate
1. The certificate contains the
identity and the public key
2. The Certification Authority
(CA) adds her digital
signature and encrypts the
certificate using her private
key
3. Digital certificate is decrypted
using the public key of the CA
Illustration author: Giaros,
https://en.wikipedia.org/w/index.php?title=File:PublicKeyCertificateDiagram_It.svg&lang=en#filelinks
Giaros
79

➢Secure Channel Protocols (SCP)
✓Authentication
✓Integrity
✓Confidentiality
✓Data security
▪ SCP02: Triple DES (3DES)  Broken (Man-In-The-Middle attack)
▪ SCP03: Advanced Encryption Standard (AES) symmetric algorithm
▪ SCP10: Public Key Infrastructure (PKI)  pre-shared keys e.g. Diffie,
Hellman, Rivest, Shamir, and Adleman (RSA) or Elliptic Curve Key
Agreement (ECKA) asymmetric Algorithm
▪ SCP11: Use of digital certificates
✓ Transport security
▪ SCP80: OTA protocol
▪ SCP81: HTTPS TLS/SSL protocol
80

➢Summary
✓ The TSM is a trusted third-party with strong expertise in
digital security and secure element related technologies
✓ The TSM platform is split into 2 interfaces:
▪ The SP-TSM interface allows the SP to manage SE-based
services remote deployment and lifecycle management
▪ The SEI-TSM interface is connected to the SEI systems
✓ The TSM manages cryptographic keys and implements
Secure Channel Protocols to ensure the end-to-end
security
✓ The TSM related technologies are standardized by
GlobalPlatform
81

2.4. GlobalPlatform standard
82

➢Collaborative ecosystem for
digital security
✓Payment
✓Transports
✓Automotive
✓Smart Cities
✓Smart Home
✓Internet of Things (IoT)
Image by Tumisu from Pixabay
✓Telecoms
✓Utilities
✓Healthcare
✓Government
✓…
83

➢Active members (~100)
✓AMD,
✓American Express,
✓Apple,
✓Ericsson
✓Gemalto,
✓Huawei,
✓Infineon,
✓Master Card,
✓NXP,
✓Oracle,
✓Orange,
84
✓Qualcomm,
✓STMicroelectronics,
✓Toshiba
✓Trustonic,
✓Verizon,
✓Visa…
➢Observer members
✓Samsung,
✓Alibaba,
✓Thales…
➢Public entity members
✓Department of Defense (USA)
✓CEA (France)…

➢GP Technical Specifications
✓Secure Element (SE)
▪ Card Specification
▪ UICC configuration
▪ Confidential Card Content Management
▪ Remote Application Management over HTTP
▪ Contactless Services
▪ Secure Channel Protocol 03
▪ Secure Channel Protocol 11
▪ Messaging Specification…
✓Trusted Platform Services ( i.e. TSM)
▪ Open Mobile API
▪ Multiple Contactless Card Emulation
Environments
85
▪ Secure Element Remote Application
Management
▪ Secure Element Access Control
▪ Web API to Access Secure Elements…
✓Trusted Execution Environment (TEE)
▪ TEE System Architecture
▪ TEE Client API
▪ TEE Internal Core API
▪ TEE Secure Element
▪ TEE Sockets API
▪ Trusted User Interface API
▪ TEE Protection Profile
▪ Symmetric and Asymmetric
Cryptography Layer…

➢The Trusted Execution Environment (TEE)
Image by Gerd Altmann de Pixabay

HW Interfaces
Drivers API
Normal
App
Host OS

Host OS
HW Interfaces
Drivers API
Isolation
TEE
Trusted
drivers API
Trusted
HW Interfaces
Messages
Communication
Agent
Communication
Agent
Normal
App
Trusted
App

www.mbds-fr.org
3. Designing NFC use cases
Dr Anne-Marie Lesas
89

➢Description of the (future) system
✓Requirements and specification?
❑ WHAT?: What it is about (field/domain)?
What problem? What expected result? (business vision)
❑ WHO?: Who is involved?: Service provider, R&D team,
users of the system, roles…
❑ WHY?: Why this solution (novelty)?
❑ HOW? WHEN? WHERE?..
 Architecture, components, actors, use cases, interactions,
data?
91
3.1. The specification

➢Architecture overview
(example)

(example)
Car-sharing end-user
Car-sharing
Service Provider (SP)

(example)
NFC
Car-sharing

96
(example)
NFCCloud
Car-sharing

97
(example)
NFCCloud
Car-sharing

98
(example)
NFCCloud
Car-sharing

99
(example)
NFCCloud
Car-sharing

100
(example)
NFCCloud
Car-sharing

101
(example)
✓Software components?
❑A web API running on a Cloud server
(connected to a DBMS)
❑A client web application for the
management of the service
❑An end-user mobile app using NFC
feature
❑An embedded application running on a
single board computer (SBC) connected
to the car system…

102
➢Fonctional specification (example)
✓Car-sharing use case 1 : book the car
❑Precondition 1: the end-user has downloaded and intsalled the mobile app.
❑Precondition 2: the end-user has provided the correct authentication data to connect the
application.
❑Precondition 3: the end-user has registered her bank information.
❑Precondition 4: the car is available for rental.
❑Normal case:
1. The end-user launchs the mobile app
2. The end-user selects the option « book the car »
3. The end-user swipes the NFC tag on the door of the car with her NFC-enabled mobile phone
4. The door of the car opens…

103
➢Non fonctional specification
(example)
✓Usability (user friendly?)
✓Reliability (over time)
✓performance
✓Security
✓Supportability (maintenance costs)
✓Compliance (technologies, platform
compatibility…)
✓software engineering model
✓… Illustration source: https://blog.techcello.com/2016/04/top-
10-critical-nfr-for-saas-applications-part-1

104
➢The Unified Modeling Language (UML)
✓A standard way to visualize the design of a digital system
✓Structure diagrams: component, package, classe, object, entity…
✓Behavior diagrams: use case, activity, state machine…
✓Interaction diagrams: sequence, communication…
✓Many tools available: (community and commercial)
❑ArgoUML
❑BOUML
❑Dia
❑Visual Paradigm
❑Modelio
❑Microsoft Visual Studio
❑Enterprise Architect
❑Rational Rose
❑UML designer…

105
➢Use case (example)
✓Car-sharing use cases
✓Actors:
❑ The Service Provider (SP):
An employed of the car-sharing company who has the role for
the management of the car-sharing service
❑ The End-User (EU):
Somebody who owns a NFC-enabled mobile phone and wants
to use the car-sharing service
 This is a generic view, in practice, the role of
the business actors is more precise!
Car-sharing End-User (EU)
Car-sharing

106
✓Car-sharing use cases (UC)
✓UC 1: "manage service"
❑ The actor SP can manage the (car sharing)
service, she must be authenticated as
manager role.

107
✓Car-sharing use cases (UC)
✓UC 2: "book a car"
❑ The actor EU can subscribe the
(car sharing) service, she must
provide banking data.
❑ The actor EU can use the service,
she must be authenticated as
user role. Booking a car is one of
the extensions of using the
service.
 This view does not provide information on how is done the activity

108
➢Sequence diagram
(interactions)
UC 2: "book a car«
(1/2)

109
➢Sequence diagram
(interactions)
UC 2: "book a car«
(2/2)

110
➢Data relationnal model?  Entity relationship diagram
~SQL standard Logical Model of the Data (LMD)

111
➢Other aspects considered in the specification
✓The layout of the HMIs
✓Division of tasks
✓Burden sharing
(resource allocation)
✓Delivery planning...
 Lifecycle according the
development model you choose!
Example: the iterative development model
(source of illustration: Wikipedia)

112
➢Summary
✓The specification provides a high level of visibility that helps to check
consistency and feasibility (for decision-makers and R&D teams)
✓The specification goal is the understanding and the ease of the system
implementation and maintenance
✓UML is a popular modeling language (for software) allowing the design
of digital systems
✓UML provides models to design the system from several points of view that
can easily be transposed into programming language and
deployement model.
✓The highest (business) vision of the system is provided by the USE
CASES that are formalized into UML diagrams

3.2. NFC use case: Read/Write mode
113

➢Generic principle
A. Read a tag
Similar to barcode (or QR code)
use cases…
114

B. Write a tag
Depending on the use case, the
tag may be locked after the
message was written
(can not be unlocked
anymore)…
115

1. Use cases based on the tag UID (example)
▪ Entity Relationship Diagram: an URL linked to an object?
Do not need to write data on the tag (allows dynamic data)
Can be combined with a NDEF filter on tag content…

✓ 2. Use cases based
on NDEF message
(example)
 Record attendance?
A check is done with the UID!

1. Use cases based on the tag UID
 The UID is associated to something (i.e., in a database)
✓ An object of the real world (inert or living), for example:
▪ An URL, a switch, a home appliance, a car, a door, a book, a pet, a
child…
✓ An activity to trigger, for example:
▪ Open a door, switch-on a light, clock-in/register somebody or something,
trigger the payment of the product associated with the tag…
✓ A place, for example:
▪ a geolocation, a point-of-sales, a relay point in a race…
 There is no limit to the use cases you can imagine just UID-based!

2. Use cases based on NDEF message
❑ Smart Poster
❑ URI, URL (web page, web service, media file…)  Like a QR Code
❑ Business card
❑ Phone number, email
❑ IP address
❑ Place identifier/Location coordinates
❑ Action identifier
❑ Pairing information
❑ Additive identifierApplication package  allows to filter the app in the
automatic discovery of the NFC tag…
 the message size is limited to the NFC tag storage capacity (in bytes)

3.3. NFC use case: Peer-to-Peer mode
120

❑Printer NFC pairing:
 Data sharing
Initializes another
connectivity to allow
large (e.g. media)
file/stream sharing
(Bluetooth, Wi-Fi…)
Example
121

❑Client device
(headphones,
speaker…) NFC pairing:
 Data sharing
Initializes another
large (e.g. media)
file/stream sharing
Example
122

❑Mobile
NFC pairing:
 Data sharing
Initializes another
large (e.g. media)
file/stream sharing
Example
123

➢Specific use cases
❑P2P transaction
 Tokens exchange
Example
124

❑P2P data exchange: device pairing
 Share pairing information to initiate another connectivity (Wi-Fi,
Bluetooth…)
 Ex. Connect to a Local Area Network (LAN)
 Ex. Create a Personal Area Network (PAN) (e.g., Bluetooth)
 File/data transfer/streaming…
❑P2P transactions
✓ Ex. Mobile payment, ticketing, identification/auhtentication, etc.
✓ Tokenized transactions…
P2P mode of NFC standard is suitable for secure transactions

3.4. NFC use case: Card emulation mode
126

A.SE-based (Hardware) use case
SE lifecycle: PRE-ISSUANCE
▪ Pre-installed modules on the chip-card
(by the manufacturer)
▪ Personalization: features activation according
the SE issuer (owner) profile (MNO, Bank,
mobile manufacturer…)
▪ Key Ceremony: cryptographic keys
generation and distribution by the Controlling
Authority
127
Personalization
?

A.SE-based (Hardware) use case
SE service lifecycle: POST-ISSUANCE (example)
▪Deploy and activate Service: when the end-user has subscribed the
service
▪Upgrade Service: when an update is available
▪Lock/unlock Service: when a wrong PIN code has been entered
sevaral times
▪Suspend/terminate Service: when the end-user unsubscribes the
service (or has not paid is term…)
Most of the time, the SE issuer provides SP-TSM interface and
the lifecycle scenario may be pre-configured in the system for
automatic processing
128

A.SE-based use case
Ticketing use case:
1. LOAD TICKET
(example)
129

A.SE-based use case
Ticketing use case:
2. USE TICKET
(example)
130

B.HCE-based use case
Architecture
(example)
131

B.HCE-based (Software) use case?
The use case is the same: HCE (background) service
instead of SE service
132
SE HCE
SMART CARD TECHNOLOGY YES NO
THIRD-PARTY AGREEMENT REQUIRED (SE OWNER) YES NO
EXTRA COSTS (FEES FOR THE 3RD PARTY) YES NO
AVAILABLE WHEN THE MOBILE IS TURNED OFF YES NO
AVAILABLE WHEN THE BATTERY IS DISCHARGED YES NO
ACCESS TO MOBILE FEATURES AND CONNECTIVITY NO YES
APDU PROTOCOL YES YES

❑Card emulation is a transactional mode
 NOTE: card emulation mode use cases could be implemented in the P2P
mode as well
 One specificity comes from the APDU protocol inherited from contact smart
cards used to communicate with the SE service
A. SE-based use cases
✓ As the owner of the SE is a third-party, the SE service also has a specific
lifecycle
✓ SE services use cases are an evolution of contact smart card services
(compatibility with existing infrastructures)
✓ SE-based services are NOT OPEN: specific services are pre-installed on the
SE and they are controlled by the SE issuer (owner)

B. Host-based Card emulation (HCE) mode
 NO SE: pure software service running in the host OS (like other mobile
apps)
 May be managed end-to-end by the SP (without 3rd party)
➢Non functional requirements must be considered in the use cases:
✓ Service availability (see table in slide 11), security, speed of the contactless
transaction…
➢No need for compliance with existing infrastructures (e.g.,
payment or ticketing terminals)  Maybe no need for card
emulation mode?

www.mbds-fr.org
4. NFC programming with Android
Dr Anne-Marie Lesas
135

4.1. Presentation of NFC equipment
136

➢ NFC activation on Android phones

➢ Integrated Beam feature

➢ NFC tools on Google Play by WAKDEVS
https://play.google.com/store/apps/details?id=com.wakdev.wdnfc&hl=fr
PC & MAC version: https://www.wakdev.com/apps/nfc-tools-pc-mac.html

➢ NFC tools: Read tag

➢ NFC tool: Add record

➢ NFC tool: read URL

➢ NFC tool: other  APDU smart card reader (Android IsoDep)

4.2. Quick start with Android
146

➢ Official Integrated Development Environment (IDE)
✓ Android Studio based on Jetbrains IntelliJ IDE
(https://www.jetbrains.com/idea): https://developer.android.com/studio
✓ Other: plugins Eclipse (former official IDE) or Netbeans?
➢Cross-platform environments (hybrids web-Android-iOS)
✓ Cordova web-based technologies distributed by Apache foundation:
http://cordova.apache.org
✓ Ionic based on Cordova and Angular framework (https://angular.io):
https://ionicframework.com
✓ React Native based on React library (JavaScript, https://fr.reactjs.org)
created by Facebook: http://www.reactnative.com
✓ Titanium Studio based on Aptana web dev IDE (http://www.aptana.com):
http://www.appcelerator.com/titanium/titanium-studio
✓ …
4.2. Introduction to Android

➢ Plan of the video
✓Tutorial URL:
• https://developer.android.com/guide
 Download Android Studio
 Install Android Studio
 Tutorial “My first app”

1. Run the app from Android Studio “run” menu
 Download and install USB driver:
https://developer.android.com/studio/run/oem-
usb.html
 Enable Android developer option on your Android
device:
https://developer.android.com/studio/debug/dev-
options
 Run the app from Android Studio:
https://developer.android.com/training/basics/firsta
pp/running-app

1. Run the app from Android Studio “run” menu

2. Run the app from the APK

➢ Android application fundamentals
▪ https://developer.android.com/guide/components/fundamentals?hl=en
✓Android Manifest
✓Activity
✓Layouts and resources
✓Services
✓Broadcast receivers
✓…

➢ Android Activity lifecycle
▪ https://developer.android.com/guide/c
omponents/activities/intro-
activities?hl=en
✓ onCreate(),
✓ onStart(),
✓ onResume(),
✓ onPause(),
✓ onStop(),
✓ onDestroy()

4.3. NFC Read/Write mode with Android
155

➢ Statements in the AndroidManifest.xml file
@manifest root
❑ Declare NFC feature use
<uses-feature android:name="android.hardware.nfc“
android:required=“false"/>
❑ Request permission for NFC use
<uses-permission android:name=
"android.permission.NFC" />

➢ NFC discovery

@application section @the activity implementing the NFC discovery
NOTE: the filter could be set programmatically in the Activity
❑ Intent filter for NFC detection whatever content or technology
<intent-filter>
<action android:name="android.nfc.action.TAG_DISCOVERED"/>
<category android:name="android.intent.category.DEFAULT" />
</intent-filter>

❑ Intent filter for NFC detection based on technology
 Data filter for given technology
<intent-filter>
<action android:name="android.nfc.action.TECH_DISCOVERED"/>
</intent-filter>
 Technology list is provided as resource in the res directory
// here, we indicate it is found in a sub-folder named “xml”
// and we named the file “nfc_tech_list.xml”
<meta-data android:name="android.nfc.action.TECH_DISCOVERED"
android:resource="@xml/nfc_tech_list" />

❑ Intent filter for NFC detection based on technology
 Technology list resource: targeted technology is provided in an xml
file at the <project-root>/res/xml folder (several are possible)
<resources
xmlns:xliff="urn:oasis:names:tc:xliff:document:1.2">
<tech-list>
<tech>android.nfc.tech.IsoDep</tech>
<tech>android.nfc.tech.NfcA</tech>
<tech>android.nfc.tech.NfcB</tech>
<tech>android.nfc.tech.NfcF</tech>
<tech>android.nfc.tech.NfcV</tech>
<tech>android.nfc.tech.Ndef</tech>
<tech>android.nfc.tech.NdefFormatable</tech>
<tech>android.nfc.tech.MifareClassic</tech>
<tech>android.nfc.tech.MifareUltralight</tech>
</tech-list>
</resources>

❑ Intent filter for NFC detection based on NDEF content
<intent-filter>
<action android:name="android.nfc.action.NDEF_DISCOVERED"/>
...
 Requires filter’s data that will be checked for activity activation!..

 Data filter for MIME content type
<data android:mimeType="text/plain" />
• Example of standard MIME types: "image/jpeg ", "audio/mp4 ",
“application/json “… CARE OF THE MEMORY SIZE OF THE TAG!
• NOTE: you may also create a custom mimeType when writing the NDEF message:
<data android:mimeType="application/mbds.android.nfc"/>

 Data filter for URI content type
<data
android:host="www.mbds-fr.org"
android:pathPrefix="/application/"
android:scheme="http"
// optional => port declaration
android:port="8080"/>

➢ Check NFC availability
❑ Check device is NFC feature enable
// if NFC feature is not required in the manifest
// you may inform the user of NFC service unavailability…
PackageManager manager = getPackageManager();
if (!manager.hasSystemFeature(PackageManager.FEATURE_NFC)) {
// manage NFC service unavailability
}
❑ Check NFC feature is activated
NfcAdapter adapter = manager.getDefaultAdapter();
if (adapter != null && !adapter.isEnabled()) {
// ask the user to turn on NFC}

➢ Process NFC tag in the Activity
❑ Foreground discovery of NFC
 Declare NfcAdapter and PendingIntent objects at the Class level:
private NfcAdapter nfcAdapter;
Private PendingIntent pendingIntent;
 Get default NfcAdapter and PendingIntent instances at activity “onCreate” event:
nfcAdapter = NfcAdapter.getDefaultAdapter(this);
// check NFC feature:
if (nfcAdapter == null) {
// process error device not NFC-capable…
}
pendingIntent = PendingIntent.getActivity(this, 0, new Intent(this,getClass()).
addFlags(Intent.FLAG_ACTIVITY_SINGLE_TOP), 0);
// single top flag avoids activity multiple instances launching

❑ Foreground discovery of NFC
 Enable NFC foreground detection at activity “onResume” event
if (nfcAdapter != null) {
if (!nfcAdapter.isEnabled()) {
// process error NFC not activated…
}
nfcAdapter.enableForegroundDispatch(this, pendingIntent, null, null);
}
 Disable NFC foreground detection at activity “onPause” event
if (nfcAdapter != null) {
nfcAdapter.disableForegroundDispatch(this);
}

❑ Get the Tag object at activity “onNewIntent” event
// retrieve the action from the received intent
String action = intent.getAction();
// check the event was triggered by the tag discovery
(NfcAdapter.ACTION_TAG_DISCOVERED.equals(action)
|| NfcAdapter.ACTION_TECH_DISCOVERED.equals(action)
|| NfcAdapter.ACTION_NDEF_DISCOVERED.equals(action)) {
// get the tag object from the received intent
Tag tag = intent.getParcelableExtra(NfcAdapter.EXTRA_TAG);

❑ Get the Tag object information
// get the UTD from the tag
byte[] uid = tag.getId();
// get the technology list from the tag
String[] technologies = tag.getTechList();
// bit reserved to an optional file content descriptor
int content = tag.describeContents();
// get NDEF content
Ndef ndef = Ndef.get(tag);
// is the tag writable?
boolean isWritable = ndef.isWritable();
// can the tag be locked in writing?
boolean canMakeReadOnly = ndef.canMakeReadOnly();

❑ Read tag: get NDEF records from the intent received at activity “onNewIntent” event
Parcelable[] rawMsgs = intent.getParcelableArrayExtra(NfcAdapter.EXTRA_NDEF_MESSAGES);
// check if the tag contains an NDEF message
if (rawMsgs != null || ! rawMsgs.isEmpty()) {
// instantiate a NDEF message array to get NDEF records
NdefMessage[] ndefMessage = new NdefMessage[rawMsgs.length];
// loop to get the NDEF records
for (int i = 0; i < rawMsgs.length; i++) {
ndefMessage[i] = (NdefMessage) rawMsgs[i];
for (int j = 0; j < ndefMessage[i].length; j++) {
NdefRecord ndefRecord = ndefMessage[i].getRecords()[j]

❑ Read tag: parse NDEF record as String
byte[] payload = ndefRecord.getPayload();
String encoding = ((payload[0] & 128) == 0) ? "UTF-8" : "UTf-8";
int languageSize = payload[0] & 0063;
String recordTxt = new String(payload, languageSize+1,
payload.length - languageSize - 1, encoding);

❑ Read tag: check NDEF record TNF
switch(ndefRecord.getTnf()) {
case NdefRecord.TNF_ABSOLUTE_URI:
// manage NDEF record as an URI object
case NdefRecord.TNF_EXTERNAL_TYPE:
// manage NDEF record as an URN (<domain_name>:<service_name>)
case NdefRecord.TNF_MIME_MEDIA:
// manage NDEF record as the MIME type is:
// picture, video, sound, JSON, etc…
case NdefRecord.TNF_WELL_KNOWN:
// manage NDEF record as the type is:
// contact (business card), phone number, email…
default:
// manage NDEF record as text…
TNF_EXTERNAL_TYPE

❑ Write tag: NDEF message is an array of NDEF Record
// dimension is the int number of entries of ndefRecords:
int dimension = 3;
NdefRecord[] ndefRecords = new NdefRecord[dimension];
NdefMessage ndefMessage = new NdefMessage(ndefRecords);
// Example with an URI NDEF record:
String uriTxt = "http://www.mbds-fr.org";
NdefRecord ndefRecord = NdefRecord.createUri(uriTxt);
// Add the record to the NDEF message:
Ndefrecords.add(ndefrecord);

❑ Write tag: create NDEF record
 NDEF record MIME type
String mimeType = "application/mbds.android.nfc"; // your MIME type
NdefRecord ndefRecord = NdefRecord.createMime(mimeType,
msgTxt.getBytes(Charset.forName("US-ASCII")));
 NDEF record URI type
String uriTxt = "http://www.mbds-fr.org"; // your URI in String format
NdefRecord ndefRecord = NdefRecord.createUri(uriTxt);

❑ Write tag: create NDEF record
 NDEF record WELL KNOWN type (NFC Forum): TEXT
byte[] lang = Locale.getDefault().getLanguage().getBytes("UTF-8");
int langeSize = lang.length;
byte[] data = stringMessage.getBytes("UTF-8");
int dataLength = data.length;
ByteArrayOutputStream payload = new ByteArrayOutputStream(1+langSize+dataLength);
payload.write((byte) (langSize & 0x1F));
payload.write(lang, 0, langSize);
NdefRecord ndefRecord = new NdefRecord(NdefRecord.TNF_WELL_KNOWN,
NdefRecord.RTD_TEXT, new byte[0],
payload.toByteArray());

❑ Write tag: check and write the tag received at activity “onNewintent” event
// check the targeted tag the memory size and is the tag writable
int size = ndefMessage.toByteArray().length;
if (ndef!=null) {
ndef.connect();
if (!ndef.isWritable()) {
// tag is locked in writing!
}
if (ndef.getMaxSize() < size) {
// manage oversize!
}
// write the NDEF message on the tag
ndef.writeNdefMessage(ndefMessage);
ndef.close();}

❑ Write tag: check and write the tag received at activity “onNewintent” event
// is the tag formatted?
if (ndef == null) {
NdefFormatable format = NdefFormatable.get(tag);
if (format != null){ // can you format the tag?
format.connect();
//Format and write the NDEF message on the tag
format.format(ndefMessage);
//Example of tag locked in writing:
//formatable.formatReadOnly(message);
format.close() ;}}
 DO NOT FORGET TO SUROUND WITH “TRY CATCH”!

4.4. NFC P2P mode with Android
177

➢Beam  NFC pairing for large files transfer with Bluetooth
➢Specific NDEF push (Beam) functions will be deprecated in
Android Q SDK29…
“This method was deprecated in API level 29. this feature is deprecated. File sharing
can work using other technology like Bluetooth.”
❑ But P2P implementation is the same as NDEF Read/Write mode
 Same declarations of NFC feature use and permission in Android
manifest
 Same declaration of the NDEF discovery filter at the activity level in
the Android Manifest
 Same check of NfcAdapter availability and activation
 Same implementation of NfcAdapter in the Activity class
 Same implementation of NDEF messages…
 One device acts as NFC reader, the other acts as NFC writer

➢ Process Beam messages in the Activity (before SDK29)
❑ Check NDEF push (Beam) is activated at activity “onResume” event
If (!nfcAdapter.isNdefPushEnabled()) {
// ask user to activate Beam option before:
// startActivity(new Intent(Settings.ACTION_NFCSHARING_SETTINGS));
// finish the activity:
// finish();
}

➢ Process Beam messages in the Activity (before SDK29)
❑ Register NDEF push callbacks at activity “onCreate” event
// subscribe to the callback for sending Beam message:
nfcAdapter.setNdefPushMessageCallback(this, this);
// then, you must implement NfcAdapter.createNdefMessageCallback…
// instead of dynamic message, you can also set a static NDEF message:
nfcAdapter.setNdefPushMessage(ndefMessage, this, this);
// subscribe to the callback for the end of message receiving:
nfcAdapter.setOnNdefPushCompleteCallback(this, this);
// then, you must implement NfcAdapter.onNdefPushComplete…

➢ Beam message example of local storage file (before SDK29)
❑ Declare the permission to access local storage in the Android manifest
<uses-permission android:name="android.permission.READ_EXTERNAL_STORAGE"/>
❑ Set the folder file
//directory of the file to transfer
File myFolder = Environment.getExternalStorageDirectory()+"/myDirectory/";
// example of public directories:
//Environment.getExternalStoragePublicDirectory(
//Picture folder
//Environment.DIRECTORY_PICTURES);
//Photo folder
//Environment.DIRECTORY_DCIM);
//Video folder
//Environment.DIRECTORY_MOVIES);

➢ Beam message example of local storage file (before SDK29)
❑ Set the file
//Set the name of the file to transfer with its extension
String myFileName = "fileName.extension";
//Get the File object
File myFile = new File(myFolder, myFileName);
❑ Ensure the file is readable
myFile.setReadable(true, false);
❑ Set the file in the Beam message as URI in the Beam Activity
nfcAdapter.setBeamPushUris(new Uri[]{Uri.fromFile(myFile)}, this);

4.5. NFC Card emulation mode with
Android
183

1.Implement the Android NFC smart card reader
❑ Same declarations of NFC feature use and permission in the
manifest
❑ Declare the intent-filter for “android.nfc.action.TECH_DISCOVERED”
at the activity level in the manifest
❑ Insert the IsoDep technology in the technology list file:
<tech>android.nfc.tech.IsoDep</tech>
❑ check of NFC availability and activation
❑ Implement the NfcAdapter and the PendingIntent in the Activity
class
❑ Implement IsoDep class…
4.5. NFC card emulation mode with
Android

❑ Implement IsoDep class to send APDU commands and receive
APDU responses
 Get the IsoDep object in the “onNewIntent” event:
Tag tag = intent.getParcelableExtra(NfcAdapter.EXTRA_TAG);
// IsoDep implements connection to Tag type 4 (smard card
type)
IsoDep card = IsoDep.get(tag);
 Connect to the card:
card.connect();
Android

❑ Implement IsoDep class to send APDU commands and receive
APDU responses
 Build the APDU command: example of a SELECT AID instruction:
byte[] selectAPDU = {
(byte) 0x00, // CLA Class
(byte) 0xA4, // INS Instruction
(byte) 0x04, // P1 Parameter
(byte) 0x00, // P2 Parameter
(byte) 0x0A, // Lc Length of the data field (AID of the card service)
(byte) 0xF0,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01, // AID
(byte) 0x00); // Le Length of the expected response (no maximum size)
Android

❑ Implement IsoDep class to send APDU commands and receive APDU
responses
 Send the APDU command and get the APDU response:
byte[] responseAPDU = card.transceive(selectAPDU);
 Check the status word success:
// Command success when SW1 = 0x90 and SW2 = 0x00 (2 last bytes)
if (!(responseAPDU[responseAPDU.length-2] == (byte) 0x90 &&
responseAPDU[responseAPDU.length-1] == (byte) 0x00)) {
// manage status error
}
 And disconnect the card:
card.close();
Android

2. Implement the SE internal reader
Since SDK 28 (Android Pie), SIMAlliance OMAPI SEService is part of Android core framework…
❑ OMAPI SEService: OnConnectedListener
import android.app.Activity;
import android.os.Bundle;
import android.se.omapi.*;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
/**
* The Class implementing SE communication
*/
public class SeServiceActivity extends Activity implements SEService.OnConnectedListener {
@Override
public void onConnected() {
//implement the SE communication HERE!
}
Android

❑ OMAPI SEService: Executor
private SEService seService;
private ExecutorService executor = Executors.newSingleThreadExecutor();
@Override
public void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
//requires parameters: Contex, Executor, Listener
seService = new SEService(this, executor, this);
}
Android

❑ OMAPI SEService: implementation in “onConnected” event
try { Reader[] readers = seService.getReaders();
//is there a SE internal reader found?
if (readers.length < 1){/*Throw an error reader not found*/;}
//check the names of the readers to find the reader you need HERE!
//reader name: SIM1, SIM2, SD1, eSE1…
Session session = readers[//SE reader number].openSession();
//opening the channel with the SE service AID
byte[] aid = new byte[] {/*SE service AID byte arra*/};
Channel channel = session.openBasicChannel(aid);
byte[] commandAPDU = new byte[] {/*your APDU command byte array*/};
//transmit APDU command and receive APDU response
byte[] responseAPDU = channel.transmit(commandAPDU);
//check the status words and process...
//close channel when finished
channel.close();
} catch (Exception e) {/*manage thrown errors…*/}
Android

4.6. Android Host-based Card Emulation
(HCE)
191

❑ NFC Card emulation mode involving a separate chip;
the SECURE ELEMENT (SE): SIM-based, eSE or
MicroSD
❑ HCE: Host-based (software) Card Emulation (since
Android KitKat 4.4)
 NO SE involved: HCE runs in the host device Operating System
 Access to the Android device advanced features and
connectivity
 HCE service is a background task (inheriting from Service
Activity) declared I the manifest as any other service
4.6. Android HCE

❑Implement Android HCE
 Declare use and permission in the Android manifest
<uses-permission
android:name="android.permission.NFC"
android:required="true" />
<uses-feature
android:name="android.hardware.nfc.hce“
android:required="true" />
4.6. Android HCE

❑ Implement Android HCE
 Declare HCE service at the activity level in the Android manifest
<service
android:name=“my.appl.package.MyAPDUService“
android:permission="android.permission.BIND_NFC_SERVICE">
<intent-filter>
<action
android:name="android.nfc.cardemulation.action.HOST_APDU_SERVICE"/>
</intent-filter>
<meta-data
android:name="android.nfc.cardemulation.host_apdu_service"
android:resource="@xml/my_host_metadata"/>
</service>
4.6. Android HCE

 Describe HCE service in the XML file metadata
➢resxmlmy_host_metadata.xml
<host-apdu-service xmlns:android="http://schemas.android.com/apk/res/android"
android:description="@string/my_service_description"
android:requireDeviceUnlock="false" >
<aid-group
android:category="other"
android:description="@string/my_group_description" >
<aid-filter android:name=“F00000000001" />
<aid-filter android:name="F00000000002" />
...
</aid-group>
</host-apdu-service>
4.6. Android HCE
2 categories:
CATEGORY_PAYMENT
CATEGORY_OTHER

 Implement the HostApduService task
import android.nfc.cardemulation.HostApduService;
import android.os.Bundle;
public class MyAPDUService extends HostApduService {
@Override
public byte[] processCommandApdu(byte[] commandApdu, Bundle extras) {
//Process APDU command...
return responseApduAsByteArray;
}
}
4.6. Android HCE

❑HCE Pros
No SE and 3rd party required
Easier to implement, faster to deploy
Adapted for Cloud-based solution
Greater freedom of memory: no storage limitation (in the Cloud)
TSM management of HCE and hybrid-based solutions exist…
But the provider can also manage its end-to-end HCE service solution
without going through a third party: low-cost solution (but requires special
attention for security)
Credentials and confidential data outside the phone (in the Cloud,
tokenization…)
4.6. Android HCE

❑HCE Cons
APDUs may be intercepted by a (malicious) software?: http://forum.xda-
developers.com/showpost.php?p=48565612&postcount=1
Additional encryption mechanisms required
Implementation requires specific knowledge (APDU programming, security
and encryption stack…)
NFC service unavailable when device is off
Does not meet GlobalPlatform specifications
4.6. Android HCE

❑ NFCExampleCode Android project
 Clone from Github:
https://github.com/amlesas/NFCExampleCode.git
 NFC Activities
▪ NFCReaderActivity
▪ NFCWriterActivity
▪ NDEFPushActivity
▪ NFCCardReaderActivity
▪ SEInternalReaderActivity
▪ MyHostAPDUService
4.7. NFC Android project

❑ Practice work
 Imagine your own use case
▪ Design your application
▪ Clone the NFCEXampleCode project
▪ Remove the useless code
▪ Implement your app
▪ Post a link of the video of your app

Recommended readings
204
▪ Anne-Marie Lesas, Serge Miranda, “The art and science of NFC programming,” WILEY-ISTE,
2017.
▪ Dominique Paret, Xavier Boutonnier, Youssef Houiti, “NFC Principes et applications de la
communication en champ propre,” Dunod, 2012.
▪ Greg Milette, Adam Stroud, “Professional Android Sensor Programming,” Wiley WROX, 2012.
▪ Klaus Finkenzeller, “RFID Handbook,” Wiley, 3rd edition 2010.
▪ Robert R. Sabella, “NFC For Dummies,” WYLEY, 1st edition in 2016.
▪ Syed A. Ahson and Mohammad Ilyas, “Near Field Communication Handbook,” CRC Press, 2012.
▪ Tom Igoe, Don Coleman, Brian Jepson, “Beginning NFC: Near Field Communication with
Arduino, Android & Phone Gap,” O’Relly, 2014.
▪ Tuomo Tuikka & Minna Isomursu, “Touch the future with a smart touch,” VTT research notes,
2009.
▪ Veda Coskun, Kerem Ok, Busra Ozdenizci, “Near Field Communication from Theory to
Practice,” Willey, 2012.

Copyright Big Data 2018 Pr Serge Miranda, MBDS, Univ de Nice Sophia Antipolis
LA CERTIFICATION DU COURS sur
https::www.DATUMACADEMY.COM
COURSE CERTIFICATION
on
https://www.DATUMACADEMY.COM
205

Cours NFC 2019

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to Cours NFC 2019

Similar to Cours NFC 2019 (20)

Recently uploaded

Recently uploaded (20)

Cours NFC 2019