Sept 2009: this is an updated presentation of the Near Field Communication (NFC) technology. I tried to explain how NFC works on a SIM card, what are the standardization bodies, roles and actors in the ecosystem. This presentation is for developers and describes technical architecture to implement a NFC application on a SIM card using Java and APDU commands (JSR-177, 257 and 268). These slides will be presented during the Smart University 2009 in Nice, Sophia-Antipolis.

1. ARCHITECTURE & DEVELOPMENT OF NFC APPLICATIONS MOBILE JAVA DEVELOPMENT, JAVA CARD, USIM AND TOUCH-BASED SERVICES Thomas de Lazzari Smart-University 2009

4. Ticket TAP mobile is digital, targeted and personal Present Future Come & see us: Get 10% off ladies bags until tomorrow 50% reduction for girl students at the star light Dance Club ? VS.

5. Partners

9. Google Android

12. PART 1 Introduction to NFC, its Ecosystem

19. NFC FORUM SPECS Applications LLCP (Logical Link Control Protocol) RTD (Record Type Definition) & NDEF (Data Exchange Format) Card Emulation (Smart Card Capability for Mobile Devices) RF Layer ISO 18092 + ISO 14443 Type A, Type B + FeliCa Peer to peer mode Read/Write mode Card emulation mode

21. Smart Poster RTD MAY SHALL For example, the Smart Poster record defines a URI plus some added metadata about that URI. Action record values Value Action 0 Do the action (send the SMS, launch the browser, make the telephone call) 1 Save for later (store the SMS in INBOX, put the URI in a bookmark, save the telephone number in contacts) 3 Open for editing (open an SMS in the SMS editor, open the URI in an URI editor, open the telephone number for editing).

23. NFC Roles and actors Service provider Trusted Service Manager (MNO or TTP) Application owner SIM Card Manufacturer (Smart Card provider) Card Issuer MNO (SIM Card management system) Contactless service management platform OTA NFC Service Management POS SIM NFC Mobile station holder

24. NFC service provider Mobile domain Mobile operator NFC applications repository Webapp NFC service operator SIM management system SIM card Application Customers management database cardlets Service profile platform Profile data KS FS Final user Customers management database Life cycle management system for mobile NFC applications KS FS Application data GUI SDD management system KS SSD Card management system KS ISD Network access Customer service Subscribe a service Subscribe a service Subscribe a service Interfaces 3 1 Customer Operator information system Customers data 2

26. Global Platform - security domains By Gemalto Low TRUST High Mandated DAP (applications integrity at plaform level) DAP Verification (application integrity by SSD) Issuer Centric (only ISD management) Delegated Management (token management) Authorized Management (dual management) High CONTROL Low

27. NFC on a Mobile Phone one thing among all Contactless Screen with a user interface Security GPS Loudspeaker and Microphone Keyboard Camera Network TV etc.

28. NFC Architecture

29. PART 2 NFC in a SIM Card

31. Smart Card used in France for healthcare refunds (Carte Vitale)

34. Smart Card categories Microprocessor card Memory card Contact card Contactless card

43. Pyramid of Authentication Technologies Higher level of security offered for highly valued information User private key is kept in a device such as a smart card. Biometrics are also used to protect key. User’s private key is stored on a portable computer device such as a disk. User name and password authenticates User – PGP encrypts data. SSL encrypts data.

44. Part 3 NFC potential, services and devices

45. NFC on iPhone http://www.nearfield.org/ NFC already on iPhone: Stickers, 30-pin RFID readers, SIM add-on…

47. NFC Use cases by Nokia

53. In a recent presentation, Sony Ericsson says mobile NFC will take more than 5 years to become mass market. NFC tomorrow

58. Security and memory for RFID tags vs cost National ID card Aircraft part tag Passport label / page Secure access or credit card Transit card Transit ticket Library book label Item drug label Retail pallet / case label Specification typically ISO 14443 or 15693 (r ead distance to 50 cm) 7cents Chip cost 3dollars Security and/or memory size

59. NFC requirements

60. Part 4 NFC for developers

61. Developing on a Mobile Phone is Different operating systems, browsers, etc. What are the solutions to develop a 3rd party application on a mobile phone except on iPhone 

67. Gemalto Developer suite

68. Gemalto Developer suite

69. Nokia 6212 SDK Compatible with Netbeans and Eclipse http://www.forum.nokia.com/main/resources/tools_and_sdks/nokia_6212_nfc_sdk/

73. Receive read-only data from NDEF tag NDEF push The MIDlet can see that it was launched by touching a tag, by reading the DiscoveryManager property LaunchType.

81. Java Card: CAP A smart card is inserted into a Card Acceptance Device (CAD) to power on the integrated circuit.

86. Wallet.java

100. Gemalto developer suite: Instance AID

105. javax.smartcardio Java 6 introduces Smart Card I/O API defined by JSR 268 .

107. MIDlet proxy Phone OTA Server Secure Element Mifare Applet MIDlet OTA provisioning can be done through HTTP / HTTPS or BIP/TCP. BIP is a new generation protocol allowing remote SIM management over the air (remote file management, remote application management).

112. SCWS Demo

113. Example of applications NFC Applications – My Keys Office Home Car Edit Delete Parking P5 New key received. Open application ? Yes No Writing key 75% Installing key… Key added Exit Yes Access granted. Add a shortcut ? Lock A PAMS Zone 1 PAMS Zone 2 Credential for PAMS Zone 2 can unlock A and B Lock B

116. DEMO

117. HelloKiosk