Near Field Communication (NFC) promises to boost mobile transactions and payments. Indeed, NFC-enabled devices can emulate smartcards, so allowing payments, loyalty programs, card access, transit passes and other custom services, through a mobile phone. Although many modern mobile devices mount a NFC transceiver, card emulation is still a rare feature. The main reason is that the two available card emulation frameworks, namely Card Emulation and Host-based Card Emulation, have known limitations in terms of usability and security (respectively). This paper proposes a novel approach to card emulation called Trusted Host-based Card Emulation (THCE). THCE relies on the Trusted Execution Environment, currently deployed on most of the CPUs for mobile devices, and implements a secure and usable card emulation framework. Through comparisons, we show that THCE overcomes the limitations of the existing solutions. Moreover, we formally verify that the initialization protocol, used to deploy access credentials on a THCE-enabled device, is not vulnerable to known exploits.
Trusted host-based card emulation
ARMANDO, ALESSANDRO;MERLO, ALESSIO;VERDERAME, LUCA
2015-01-01
Abstract
Near Field Communication (NFC) promises to boost mobile transactions and payments. Indeed, NFC-enabled devices can emulate smartcards, so allowing payments, loyalty programs, card access, transit passes and other custom services, through a mobile phone. Although many modern mobile devices mount a NFC transceiver, card emulation is still a rare feature. The main reason is that the two available card emulation frameworks, namely Card Emulation and Host-based Card Emulation, have known limitations in terms of usability and security (respectively). This paper proposes a novel approach to card emulation called Trusted Host-based Card Emulation (THCE). THCE relies on the Trusted Execution Environment, currently deployed on most of the CPUs for mobile devices, and implements a secure and usable card emulation framework. Through comparisons, we show that THCE overcomes the limitations of the existing solutions. Moreover, we formally verify that the initialization protocol, used to deploy access credentials on a THCE-enabled device, is not vulnerable to known exploits.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.