Beruflich Dokumente
Kultur Dokumente
Bart van Hoek Smart Card Alliance Mobile and NFC Council Smart Card Alliance & UL Transaction Security
2012 UL LLC
Next
All buttons will be clickable and navigate you through the presentation. The navigation pages are separated in 3 columns: industry | component | view At anytime you can go BACK, go to the HOME page or EXIT the presentation by clicking on the navigation buttons at the top of the page. Clicking on the company logos will provide you with more information about the organizations and the contributors to this document.
NFC STANDARDS
Loyalty Payment
Transit Core
Access
Back
Home
Exit
Overview
This core section is not defining standards that are required for every NFC implementation. Instead, it defines standards that are industry agnostic. For example, functions like data provisioning, the use of a secure element (SE), or secure element access control are optional for each NFC implementation.
Core
Payments
Provisioning
Identity
Provisioning
SE Access Control
Secure Element
Loyalty
Secure Element
Transit
SE Access Control
Access
Back
Home
Exit
Overview
Physical
Core
Provisioning
Provisioning is the activity where an external party (e.g., the Trusted Service Manager (TSM)) provides the secure application and/or credentials to a secure element.
Payments
BofA
ING
MRT
AJAX
Identity
Card-becomes-app
Loyalty Secure Element
Transit
Access
Back
Home
Exit
Overview
Physical
Core
Provisioning
Provisioning is the activity where an external party (e.g., the TSM) provides the secure application and/or credentials to a secure element. Over the Air: Method which enables a mobile network operator (MNO) to communicate with the SE on the handset. Possible implementations are: SMS, CAT-TP or HTTPS
Payments
OS / Baseband
User Interface
Service Provider
Secure Element Secure Application
Identity
Loyalty
Secure Element
CLF
Transit
Access
Back
Home
Exit
Overview
Physical
Core
Provisioning
Provisioning is the activity where an external party (e.g., the TSM) provides the secure application and/or credentials to a secure element. Over the Internet: Handsets with a data connection or access to WiFi can communicate with the TSM over TCP/IP.
Payments
OS / Baseband
User Interface
Service Provider
Secure Element Secure Application
Identity
Loyalty
Secure Element
CLF
Transit
Access
Back
Home
Exit
Overview
Physical
Core
Provisioning
Provisioning is the activity where an external party (e.g., the TSM) provides the secure application and/or credentials to a secure element. Over the Wire: The TSM can communicate with the SE on the handset over the contactless interface.
Service Provider
Payments
OS / Baseband
User Interface
Identity
Secure Element
Secure Application
Loyalty
Secure Element
PC/SC reader
CLF
Transit
Access
Back
Home
Exit
Overview
Physical
Core
Provisioning
Provisioning is the activity where an external party (e.g., the TSM) provides the secure application and/or credentials to a secure element. Physical: In case of a removable SE, the TSM can personalize an SE externally and physically deliver the hardware to the customer.
Payments
OS / Baseband
User Interface
Identity
Loyalty
Secure Element
Secure Application
Secure Element
Secure Application
CLF
Transit
Access
Back
Home
Exit
Overview
Overview
Diagram
Standards
Core
Provisioning
microSD
A modified microSD card with additional secure memory and possibly NFC
Payments
Secure Element
A secure element (SE) is a tamper-proof smart card chip capable of embedding applications with a required level of security. Connected to an NFC chip it supports contactless communication. The SE could be integrated in various form factors: in SIM cards/UICCs, embedded in the handset , or in a microSD Card.
UICC
A general purpose SIM card with additional secure memory
Identity
Loyalty
Embedded SE
A secure memory chip directly soldered to the motherboard
Transit
Access
Back
Home
Exit
Overview
Overview
Diagram
Standards
Core
Provisioning
Payments
Secure Element
A secure element (SE) is a tamper-proof smart card chip capable of embedding applications with a required level of security. Connected to an NFC chip it supports contactless communication. The SE could be integrated in various form factors: in SIM cards/UICCs, embedded in the handset , or in a microSD Card.
Application Security Domain GlobalPlatform API OPEN and GlobalPlatform Trusted Framework Proprietary Specifications RTE API
Identity
Loyalty
Transit
Access
Back
Home
Exit
Overview
Overview
Diagram
Standards
Core
Provisioning
Payments
Secure Element
A secure element (SE) is a tamper-proof smart card chip capable of embedding applications with a required level of security. Connected to an NFC chip it supports contactless communication. The SE could be integrated in various form factors: in SIM cards/UICCs, embedded in the handset , or in a microSD Card.
UICC
UICC Configuration
UICC Contactless Configuration BIP for UDP / TCP SCP80 / SCP81
Identity
Loyalty
Transit
Access
Back
Home
Exit
Overview
Overview
Standards
Core
Provisioning
OS / Baseband User Interface
Payments
Secure Element
OpenMobile API
SEEK is an implementation on Android
SE Access Control
SE Access Control
Secure element access control prevents unauthorized applications in the operating system from communicating with the secure element.
SE Access Control
GPAC or GAAC standard
Secure Element Secure Application
Identity
Loyalty
CLF
Back
Home
Exit
Overview
Overview
Standards
Core
Provisioning
Payments
Secure Element
SIM Alliance OpenMobile API SE Access Control
SE Access Control
Secure element access control prevents unauthorized applications in the operating system from communicating with the secure element.
GlobalPlatform
Identity
RSA Laboratories
PKCS #15
Loyalty
Back
Home
Exit
Overview
The payments section will provide an overview of the standards involved for making contactless financial transactions.
Trusted Service Manager
Core
OS / Baseband
User Interface
Payments
Tags & Accessories Acceptance Device User Interface
Secure Element Secure Application
Identity
Acceptance Device
Payment Kernels
Loyalty
Handset
CLF
Transit
Secure Element
Access
TSM
Back
Home
Exit
Overview
Overview
Standards
Core
User Interface
The user interface is an application that runs on the operating system of the handset. It allows the user to interact with other components and allows the user to select a payment card or enter a passcode.
OS / Baseband User Interface
Payments
Tags & Accessories
Identity
Acceptance Device
Secure Element
Secure Application
Loyalty
Handset
CLF
Transit
Access
TSM
Back
Home
Exit
Overview
Overview
Standards
Core
User Interface
The user interface is an application that runs on the operating system of the handset. It allows the user to interact with other components and allows the user to select a payment card or enter a passcode.
Functional Requirements
Payments
Tags & Accessories
PayPass UI Application Requirements MasterCard Design Guide and Brand Standards Wallet Visa
Identity
Acceptance Device
American Express
Discover
Loyalty
Handset
EMVCo Application Activation User Interface (AAUI)
Transit
Access
TSM
Back
Home
Exit
Overview
Overview
Diagram
Standards
Core
User Interface
Payments
Tags & Accessories
Acceptance Device
The point-of-sale (POS) is the payment terminal at a merchant, where customers can make a financial transaction. This interaction can be categorized into three groups: contact, contactless or mobile.
Contact
Contactless
Identity
Loyalty
Handset
Mobile
Transit
Access
TSM
Back
Home
Exit
Overview
Overview
Diagram
Standards
Core
User Interface
PCI PTS / PCI P2PE
Payments
Tags & Accessories
Acceptance Device
The point-of-sale (POS) is the payment terminal at a merchant, where customers can make a financial transaction. This interaction can be categorized into 3 groups: contact, contactless or mobile.
Kernel
Kernel
Kernel
Book C-1
Book C-2
Book C-3
Book C-4
Identity
Loyalty
Handset
Legend:
EMVCo PCI Proprietary
Transit
Access
TSM
Back
Home
Exit
Overview
Overview
Diagram
Standards
Core
User Interface
Book B Entry Point Specification
C1 Kernel JCB
Payments
Tags & Accessories
Acceptance Device
The point-of-sale (POS) is the payment terminal at a merchant, where customers can make a financial transaction. This interaction can be categorized into 3 groups: contact, contactless or mobile.
C2 Kernel MasterCard
C3 Kernel Visa Book D Contactless Communication Protocol Acceptance Device C4 Kernel American Express PIN Security Requirements PCI PTS Point of Interaction Modular Security Requirements
Identity
Loyalty
Handset
PCI P2PE
Proprietary
Transit
Access
TSM
Back
Home
Exit
Overview
Overview
Standards
Core
User Interface
OS / Baseband User Interface
Payments
Tags & Accessories
Acceptance Device
Handset
The handset is the mobile phone. New generation smart phones contain the main components necessary for card emulation. The basic components within the handset that make card emulation possible are the NFC antenna and the Contactless Front End (CLF).
Secure Element Secure Application
Identity
Loyalty
CLF
Transit
Access
TSM
Back
Home
Exit
Overview
Overview
Standards
Core
User Interface
Payments
Tags & Accessories
Acceptance Device
Visa
NFC Interface MasterCard Discover
Handset
The handset is the mobile phone. New generation smart phones contain the main components necessary for card emulation. The basic components within the handset that make card emulation possible are the NFC antenna and the Contactless Front End (CLF).
Handset
American Express Tag Reading & Writing NFC Forum Security Related GlobalPlatform GlobalPlatform UICC Interface ETSI / GCF / PTCRB SIM Alliance Peer-to-Peer TEE SE Access Control SWP / HCI BIP for UDP / TCP Open Mobile API
Identity
Loyalty
Transit
Access
TSM
Back
Home
Exit
Overview
Functional
Security
Core
User Interface
SECM (CRS App) EMVCo PPSE General MasterCard Visa UICC Perf. & Application Testing Requirements for SEs SWP / HCI MIFARE4Mobile Card Spec 2.2.1 + UICC Config GlobalPlatform ISO/IEC 7816 interface ETSI / GCF / PTCRB UICC Contactless Configuration SE Access Control BIP for UDP / TCP SCP80 / SCP81
Payments
Tags & Accessories
Acceptance Device
Handset
Identity
Secure Element
The secure element is a secure, tamper-resistant, storage and execution environment holding payment applications and payment assets such as keys.
Loyalty
Transit
Back
Home
Exit
Overview
Functional
Security
MasterCard (CAST)
Core
User Interface
Visa (VCSP) EMVCo IC Evaluation Chip (IC) JCB / American Express / Discover Secure Element Common Criteria BSI PP 0035
Payments
Tags & Accessories
Acceptance Device
Handset
MasterCard (CAST) EMVCo Platform Evaluation ANSSI PP 2009/02 PU-2009-RT-79 (UICCs) PP1003 (Other SE Types)
Identity
Secure Element
The secure element is a secure, tamper-resistant, storage and execution environment holding payment applications and payment assets such as keys.
Visa (VCSP)
Loyalty
Transit
Back
Home
Exit
Overview
Overview
Standards
Core
User Interface
Payments
Tags & Accessories
Acceptance Device
KMS
Handset
HTTP(S)
HSM
Secure Element
Identity
CAMS
Loyalty
PAMS
Billing Services
TSM
The trusted service manager (TSM) enables service providers to distribute and manage their contactless applications remotely by allowing access to the secure element in NFC-enabled handsets.
Customer Care
Transit
Enlarge
Access
CAT-TP
Back
Home
Exit
Overview
Overview
Standards
Core
User Interface
MasterCard
Logical Security Requirements for Card Personalizations Bureaus Security requirements for Mobile Payment Provisioning
Payments
Tags & Accessories
Acceptance Device
Generic
Expresspay Mobile TSM security requirements Discover TSM Functional and Security Requirements
Discover
Handset
TSM Backend
DFS TSM Qualification Process AFSCM Service Provider Service Provider Specific
Identity
Secure Element
Interfaces MNO
GlobalPlatform Messaging AFSCM MNO Specific DMSR Controlling Authority GlobalPlatform Messaging GlobalPlatform Messaging
Loyalty
TSM
The trusted service manager (TSM) enables service providers to distribute and manage their contactless applications remotely by allowing access to the secure element in NFC-enabled handsets.
Transit
Enlarge
Access
Back
Home
Exit
Overview
NFC is used for smartphones and similar devices to establish wireless radio communication with each other by touching them together or bringing them into close proximity.
Tags
Core
Payments
Present applications include contactless transactions, data exchange, and simplified setup of more complex communications.
Mobile Device
Tag reading/writing
Loyalty
Transit
Pairing
Accessory
Access
Back
Home
Exit
Overview
Overview
Stack
Standards
Core
Tag reading/writing
In reader/writer mode, the NFC device is capable of reading NFC Forum tag types, such as a tag embedded in an NFC smart poster. The reader/writer mode on the RF interface is compliant with the ISO/IEC 14443 and FeliCa schemes.
Tags
Payments
Loyalty
Transit
Pairing
Access
Back
Home
Exit
Overview
Overview
Stack
Standards
Tag Read/Write
Technology Stack
Core
Tag reading/writing
In reader/writer mode, the NFC device is capable of reading NFC Forum tag types, such as a tag embedded in an NFC smart poster. The reader/writer mode on the RF interface is compliant with the ISO/IEC 14443 and FeliCa schemes.
... RTD
Payments
Mode
Loyalty Peer to Peer
Transit
Pairing Enlarge
Access
Back
Home
Exit
Overview
Overview
Stack
Standards
Core
Tag reading/writing
In reader/writer mode, the NFC device is capable of reading NFC Forum tag types, such as a tag embedded in an NFC smart poster.
Tag Reader/Writer
Payments
NFC Forum
NFC Record Type Definition (RTD) [104], [105], [106], [107], [108], [109]
The reader/writer mode on the RF interface is compliant with the ISO/IEC 14443 and FeliCa schemes.
Loyalty
Peer to Peer
ISO/IEC
Transit
Pairing Enlarge
Access
Back
Home
Exit
Overview
Overview
Stack
Standards
Core
Tag reading/writing
Payments
Peer to Peer
In peer-to-peer mode, two NFC devices can exchange data. Essentially any NFC application that involves bidirectional communication will be working in peer-to-peer mode.
In this mode both devices can exchange data, such as virtual business cards or digital photos. Android Beam is an implementation that works in this NFC mode.
Mobile Device
Loyalty
Mobile Device
Transit
Pairing
Access
Back
Home
Exit
Overview
Overview
Stack
Standards
Core
Tag reading/writing
...
Payments
Peer to Peer
Technology Stack
Peer to Peer
In peer-to-peer mode, two NFC devices can exchange data. Essentially any NFC application that involves bidirectional communication will be working in peer-to-peer mode.
In this mode both devices can exchange data, such as virtual business cards or digital photos. Android Beam is an implementation that works in this NFC mode.
Mode
ISO/IEC 18092
Loyalty
Transit
Pairing Enlarge
Access
Back
Home
Exit
Overview
Overview
Stack
Standards
Core
Tag reading/writing
Payments
Peer to Peer
In peer-to-peer mode, two NFC devices can exchange data. Essentially any NFC application that involves bidirectional communication will be working in peer-to-peer mode.
In this mode both devices can exchange data, such as virtual business cards or digital photos. Android Beam is an implementation that works in this NFC mode.
NFC Forum
Peer to Peer
Loyalty
ISO/IEC
Transit
Pairing Enlarge
Access
Back
Home
Exit
Overview
Overview
Standards
Core
Tag reading/writing
Payments
Peer to Peer
Pairing
The connection handover mechanism is defined by the NFC Forum as the sequence of interactions that enable two NFC-enabled devices to establish a connection using other wireless communication technologies. Connection handover combines the simple, one-touch set-up of NFC with high-speed communication technologies, such as WiFi or Bluetooth.
Loyalty
Transit
Access
Back
Home
Exit
Overview
Overview
Standards
Core
Tag reading/writing
Payments
Peer to Peer
NFC Forum
Identity
Loyalty
The connection handover mechanism is defined by the NFC Forum as the sequence of interactions that enable two NFC-enabled devices to establish a connection using other wireless communication technologies. Connection handover combines the simple, one-touch set-up of NFC with high-speed communication technologies, such as WiFi or Bluetooth.
Pairing
Pairing
Transit
NFC Pairing Modes: Negotiated Handover (between two devices, using P2P mode) and Static Handover (between a device and an NFC Forum NDEF Tag)
Enlarge Access
Back
Home
Exit
Overview
Overview
Standards
Core
Payments
Identity
NFC-enabled smartphones can support standards-based identity applications, including authentication and verification, with a familiar form factor that is accepted and widely used in everyday life. NFC technology, coupled with the powerful CPU, display, battery, memory and communications available in todays smartphone, facilitate strong identity and attribute management. With the inclusion of a PIN and biometrics (e.g., photo, face, iris, fingerprint, voice) for multifactor authentication and with support for PKI, locationawareness and out-of-band connectivity, strong, flexible and convenient identity attestation can be achieved.
Loyalty
Transit
Example Use Cases Physical Access to Facilities Logical Access Healthcare Record Access Border Crossing
Example Use Cases Emergency Responder Scene Access Medical Services Campus Identification
Enlarge Access
Back
Home
Exit
Overview
Overview
Standards
Core
Payments
Identity
Identity
NFC-enabled smartphones can support ISO/IEC14443 based identity applications, including authentication and verification, with a familiar form factor that is accepted and widely used in everyday life. NFC technology, coupled with the powerful CPU, display, battery, memory and communications available in todays smartphone, facilitate strong identity and attribute management. With the inclusion of a PIN and biometrics (e.g., photo, face, iris, fingerprint, voice) for multifactor authentication and with support for PKI, locationawareness and out-of-band connectivity, strong, flexible and convenient identity attestation can be achieved.
ISO
14443
Loyalty
Transit
Enlarge Access
Back
Home
Exit
Overview
Loyalty programs are structured marketing efforts that reward and therefore encourage loyal buying behavior. Loyalty cards are used to track repeat transactions of a cardholder, so the card issuer can provide rewards for repeat business. Magnetic stripe, QR/barcodes and ID numbers are traditionally used to identify a customer. NFC will be adding another form factor to the group.
Core
Point of Interaction
Mobile Handset
Payments
Identity
Point of Interaction
Proprietary
Loyalty
Handset
Backend System
Transit Enlarge Access
Secure Element
Back
Home
Exit
Core
Point of Interaction
The payment terminal needs to be modified in order to accept a contactless transaction with loyalty (identity) information. The loyalty application is designed to capture the loyalty data and forward it to the cash register and/or backend system. As shown in the diagram the specifications are proprietary and the logic is separated from the payment functionality.
Point of Interaction
PCI PTS / PCI P2PE Architeture and General Requirements Book A
Payments
Kernel
Kernel
Kernel
Book C-1
Book C-2
Book C-3
Book C-4
Identity
Loyalty
Handset
Transit
Enlarge
Access
Back
Home
Exit
Overview
Core
Point of Interaction
Loyalty Credentials
OS / Baseband User Interface
Loyalty App
Payments
Handset
Besides a secure application in the payment terminal, a loyalty application is required on the handset. This functionality can reside as an applet in the secure element or as an application in the operating system. The Trusted Execution Environment (TEE) is another location where the loyalty credentials can be securely stored.
Secure Element
Loyalty App
Identity
Loyalty Credentials
In Secure Memory
Loyalty
CLF
Transit
Enlarge
Access
Back
Home
Exit
Overview
The transit section will provide an overview of standards involving automated fare collection. Many different transit implementations are found globally. Because transit schemes are often closed loop, they provide the ability to be more fit for purpose and tailored to local needs. However, in areas with multiple public transit operators, more standardization is required, to provide a better customer experience.
Core
Schemes Infrastructure
Payments
Identity
Fare Medium
Loyalty
Infrastructure
Acceptance Device
Access
Payment
Back
Home
Exit
Overview
Overview
Stack
Standards
Core
Fare Medium
The fare medium is a mobile representation of the physical transit ticket.
OS / Baseband User Interface
Payments
Loyalty
Infrastructure
CLF
Proprietary Chip
Transit
Schemes Enlarge
Access
Payment
Back
Home
Exit
Overview
Overview
Stack
Standards
Core
Fare Medium
The fare medium is a mobile representation of the physical transit ticket.
Applicative Protocol MIFARE Ultralight
MIFARE4Mobile MIFARE Mini MIFARE Plus MIFARE DESFire SmartMX Calypso FeliCa
Payments
ISO/IEC 7816-4
Identity
Loyalty
Infrastructure
Physical ISO 14443 A-1
ISO 14443 B-1 ISO 18092
Type A
Type B
Type F
Transit
Schemes Enlarge
Access
Payment
Back
Home
Exit
Overview
Overview
Stack
Standards
Core
Fare Medium
The fare medium is a mobile representation of the physical transit ticket.
Proprietary
Classic MIFARE4Mobile
Payments
Plus Calypso
Identity
FeliCa
ISO/IEC 14443
ISO/IEC
ISO/IEC 7816 4
Loyalty
Infrastructure
JIS X 6319
ISO/IEC 18092
Transit
Schemes
= deprecated
Back
Home
Exit
Overview
Overview
Core
Fare Medium
OSPT CIPURSE
US Standard
Payments
EU Standards
Multiple Implementations
ITSO Calypso VDV-KA SDOA
Infrastructure
The international standards contain standards on a business level which specify how ticketing should be arranged on a organizational level and provide standards that define the data elements for the cards and point of interaction. Some national specifications have adopted these international standards and added requirements to customize them to local needs.
Standard
EN 1545
Identity
Standard
ISO/IEC 24014
Loyalty
Transit
Schemes Enlarge
Access
Payment
Back
Home
Exit
Overview
Payments
Infrastructure
Schemes
Internationally there are many different e-ticketing schemes. It is out of scope of this presentation to discuss each scheme individually. This slide shows a selection of examples of the various transit schemes in the world.
Identity
Loyalty
Transit
Enlarge Access Payment
Back
Home
Exit
Overview
Core
Fare Medium
Payments
Payment
Visa
Card
Schemes
MasterCard
Identity
Payment
Specific payment products have designed their products to store additional data to add e-ticketing functionalities such as: check in, check out, time, and travel credit.
Loyalty
Transit
Enlarge Access
Back
Home
Exit
Overview
This access section provides an overview of the relevant standards for contactless access control mechanisms. Access protocols need to be quick, therefore implementations are often built upon the same standards that are used in transit.
Core
Payments
Identity
Loyalty
Mobile/Card Centric
Transit
Access
Back
Home
Exit
Overview
Overview
Standards
Core
Payments
Desktop
Identity
Loyalty
Transit
Enlarge
Access
Back
Home
Exit
Overview
Overview
Standards
Core
MIFARE Family
Payments
Proprietary
iCLASS
FeliCa
Identity
Card
Open
Back Office Centric
ISO/IEC 14443
Loyalty
Transit
Enlarge
Access
Back
Home
Exit
Overview
Overview
Standards
Core
CA Service
Identity Server
Payments
PACS Server
OSCP SCVP
PACS Controller
Identity
Loyalty
Electronic Lock
NFC Reader
Transit
Enlarge
Access
Back
Home
Exit
Overview
Overview
Standards
Core
MIFARE Family
Proprietary
Payments
iCLASS
FeliCa ISO/IEC14443
Card
ISO/IEC
ISO/IEC 7816 FIPS 140 NFC Forum NIST SP 800-73
NFC Record Type Specification
Identity
Loyalty
Transit
Enlarge
Access
Back
Home
Exit
Underwriters Laboratories
Innovations in transactions have created new challenges related to interoperability, reliability and efficiency. Consumers, merchants, third-party processors, wireless carriers and financial institutions all play a role. With so many audiences involved, the risk of confusion increases should something go wrong with a transaction. Across a number of companies and governments, UL is helping organizations stay ahead of the game. Specifically, New Science is driving a better understanding of the benefits and challenges associated with new transaction technologies. UL facilitates the deployment of secure infrastructures built on these technologies, and enables the new technologies to be standardized and certified to operate optimally, while helping protect stakeholders from identity theft, malware, fraud, hacks and other cyber criminal activities. UL Transaction Security is advancing into new and important areas to better enable safe, efficient and seamless delivery. For mobile payments and chip and PIN technologies, UL is innovating new techniques and tests to provide greater reliability, security and interoperability. We also continuously develop aggressive attack approaches, utilizing advanced statistical analyses on cryptographic algorithms understanding how to get past security allows us to identify effective countermeasures and to stay ahead of the hackers. We Use our expertise to help secure card payments, enable card transactions on mobile handsets, handle mobile payments and deal with transit schemes. We know how to design these needed systems to help clients move into a new, more secure electronic era.
Back
Home
Exit
Back
Home
Exit
BofA
ING
MRT
AJAX
Card-becomes-app
Provisioning
Back
Home
Exit
Service Provider
Secure Element
Secure Application
CLF
Back
Home
Exit
Service Provider
Secure Element
Secure Application
CLF
Back
Home
Exit
Service Provider
OS / Baseband User Interface
Secure Element
Secure Application
PC/SC Reader
CLF
Back
Home
Exit
Secure Application
Secure Element
Secure Application
CLF
Physical
Back
Home
Exit
microSD
A modified microSD card with additional secure memory and possibly NFC
UICC
A general purpose SIM card with additional secure memory
Embedded SE
A secure memory chip directly soldered to the motherboard
Back
Home
Exit
RTE API
Proprietary Specifications
Back
Home
Exit
UICC
GlobalPlatform
UICC Configuration
Back
Home
Exit
OpenMobile API
SEEK is an implementation on Android
OS / Baseband
User Interface
SE Access Control
SE Access Control
GPAC or GAAC standard
Secure Element
Secure Application
CLF
Back
Home
Exit
OpenMobile API
GlobalPlatform
RSA Laboratories
PKCS #15
Back
Home
Exit
OS / Baseband
User Interface
Secure Element
Secure Application
CLF
Back
Home
Exit
Functional Requirements
PayPass UI Application Requirements MasterCard Design Guide and Brand Standards Wallet Visa
American Express
Discover
EMVCo
Back
Home
Exit
Contact
Contactless
Mobile
Back
Home
Exit
Kernel
Kernel
Kernel
Kernel
Proprietary Specifications Book C-1 Book C-2 Book C-3 Book C-4
Legend:
EMVCo
PCI
Proprietary
Back
Home
Exit
Book A Architectual requirements C1 Kernel JCB Book B Entry Point Specification EMVCo Book C Kernel C3 Kernel Visa Book D Contactless Communication Protocol Acceptance Device C4 Kernel American Express C2 Kernel MasterCard
PCI P2PE
Proprietary
Back
Home
Exit
EMVCo
EMV Contactless L1 Book D Cross Test Visa Internal
Visa
NFC Interface
MasterCard
Discover
American Express
Handset
Tag Reading & Writing NFC Forum Peer-to-Peer Trusted Execution Environment
Security Related
GlobalPlatform
GlobalPlatform
SE Access Control
SWP / HCI UICC Interface ETSI / GCF / PTCRB BIP for UDP / TCP
SIM Alliance
OpenMobile API
Mobile Handset
Back
Home
Exit
OS / Baseband
User Interface
Secure Element
Secure Application
CLF
Back
Home
EMV Contactless L1 Book A EMVCo Visa NFC Interface MasterCard Discover American Express EMV Contactless L1 Book D Cross test Visa Internal Perf. / Comb. / Int. / Interf.
Exit
Handset
Tag Reading & Writing Peer-to-Peer TEE SE Access Control SWP / HCI
NFC Forum
Security Related GlobalPlatform GlobalPlatform UICC Interface ETSI / GCF / PTCRB SIM Alliance
Back
Home
Exit
SECM (CRS App) EMVCo PPSE General MasterCard Visa SWP /HCI Interface
UICC
MCI
MIFARE4Mobile
Card Spec 2.2.1 + UICC Config
Back
Home
MasterCard (CAST) Visa (VCSP) Chip (IC) JCB / American Express / Discover Secure Element Common Criteria MasterCard (CAST) Visa (VCSP) Platform (IC + OS) JCB / American Express / Discover Common Criteria ANSSI PP 2009/02 PU-2009-RT-79 (UICCs) EMVCo Platform Evaluation BSI PP 0035 EMVCo IC Evaluation
Exit
Back
Home
Exit
Secure Core
KMS HSM
HTTP(S)
Operations Management
Analysis, Reporting & statistics
CAMS
PAMS
Billing Services
Customer Care
BIP
CAT-TP
Back
Home
Exit
Mobile MasterCard PayPass TSM Functional Requirements MasterCard Logical Security Requirements for Card Personalizations Bureaus Security Requirements for Mobile Payment Provisioning Generic Visa American Express Discover DFS TSM Qualification Process Service Provider AFSCM Service Provider Specific GlobalPlatform Messaging Interfaces MNO AFSCM MNO Specific DMSR Controlling Authority GlobalPlatform Messaging GlobalPlatform Messaging -
TSM Backend
Back
Home
Exit
Tag Read/Write
Technology Stack
Application Messages
NDEF
... RTD
Protocol Protocol
Mode
Tag Type Specification NFC Digital Protocol NFC Activity Specification ISO/IEC 21481
ISO/IEC 18092 ISO/IEC 14443 ISO/IEC 15693
Back
Home
Exit
NFC Forum
NFC Record Type Definition (RTD) [104], [105], [106], [107], [108], [109]
Tag Reader/Writer
ISO/IEC
Back
Home
Exit
...
Peer to Peer
Technology Stack
Messages
Protocol Protocol
Mode
ISO/IEC 18092
ISO/IEC 21481
ISO/IEC 14443 ISO/IEC 15693
Peer to Peer
Back
Home
Exit
NFC Data Exchange Format (NDEF) [99] NFC Simple NDEF Exchange Protocol (SNEP) [114] NFC Forum NFC Logical Link Control Protocol (LLCP) [111] NFC Digital Protocol [112] NFC Activity [113] ISO/IEC 14443 [91], [92], [93], [94] ISO/IEC ISO/IEC 18092 [95] ISO/IEC 21481 [97]
Peer to Peer
Peer to Peer
Back
Home
Exit
NFC Pairing Modes: Negotiated Handover (between two devices, using P2P mode) and Static Handover (between a device and an NFC Forum NDEF Tag)
Peer to Peer
Back
Home
Exit
Example Use Cases Physical Access to Facilities Logical Access Healthcare Record Access Border Crossing
Example Use Cases Emergency Responder Scene Access Medical Services Campus Identification
Identity
Back
Home
Exit
ISO Identity
14443
Identity
Back
Home
Exit
Point of Interaction
Mobile Handset
Proprietary
Backend System
Secure Element
Loyalty
Back
Home
Isolated from Payment Kernels
To Prevent Re-certification
Exit
Point of Interaction
PCI PTS / PCI P2PE
Architeture and General Requirements Book A
Kernel
Kernel
Kernel
Kernel
Book C-1
Book C-2
Book C-3
Book C-4
Proprietary Specifications
Back
Home
Exit
Loyalty Credentials
OS / Baseband
User Interface
Loyalty App
Secure Element
Loyalty App
Loyalty Credentials
In Secure Memory
CLF
Loyalty - Handset
Back
Home
Exit
OS / Baseband
User Interface
Secure Element
Secure Application
Proprietary Chip
Required for MIFARE
CLF
Proprietary Chip
Back
Home
Exit
MIFARE DESFire
Smart MX
Calypso
FeliCa
ISO/IEC 7816-4
Initialization Anticollision
Physical
ISO/IEC 18092
Type B
Type F
Back
Home
Exit
FeliCa
ISO/IEC 14443
ISO/IEC
ISO/IEC 7816 4
ISO/IEC 18092
Back
Home
Exit
OSPT CIPURSE
US Standard
Implementation (Easy Card)
CFMS
EU Standards
Multiple Implementations
ITSO Calypso VDV-KA SDOA
Specification Standard
EN 1545
Transit Infrastructure
Back
Home
Exit
CFMS Architecture
Regional Central System Part III Regional Central System Interface Standard Part IV System Security Planning and Implementation Guidelines Part I Introduction and Overview Part V Compliance Certification and Testing Standard
PICC
Transit Infrastructure
Back
Home
Exit
Transit Schemes
Back
Home
Exit
Visa
Card
MasterCard
Transit Schemes
Back
Home
Exit
Desktop
Access Control
Back
Home
Exit
MIFARE Family
Proprietary
iCLASS
Card
FeliCa
Open
ISO/IEC 14443
Access Control
Back
Home
Exit
CA Service
Identity Server
PACS Server
OSCP SCVP
PACS Controller
Electronic Lock
NFC Reader
Access Control
Back
Home
Exit
MIFARE Family
Proprietary
iCLASS
FeliCa
ISO/IEC 14443
Card
ISO/IEC
ISO/IEC 7816 FIPS 140
NFC Forum
NIST SP 800-73
Access Control