Upload
others
View
4
Download
0
Embed Size (px)
Citation preview
An NFC Ticketing System with a new approach of an
Inverse Reader Mode
Dresden, 22/11/2013 Felipe de Sousa Silva
Outline
• NFC Overview
• NFC Public Ticket System.
• Intention of the Inverse Reader Mode
• The Inverse Mode Design
• Validation Process
• Conclusion
TU Dresden, 22/11/2013
NFC Overview
• What is NFC ?• NFC ( near field communication ) is a short-range wireless
technology that enable two devices to securely exchange small amounts of data when they are placed a few centimeters apart.
• Applications of NFC• Files transference• Collect multimedia information• E-payment• Public transportation ticketing
TU Dresden, 22/11/2013
Why should I use NFC ?
• NFC vs Paper tickets• Tickets stored in phones are less likely to be lost than paper
tickets.
• Studies have repeatedly shown that people are less likely to
leave home without their phones than anything else.
• Obtaining a ticket is much more convenient, because it can be
sent electronically to the NFC-enabled phone.
TU Dresden, 22/11/2013
Why should I use NFC ?
• NFC vs Contactless Card• An NFC-enabled phone can hold more than one ticket from
more than one transport operator.
• Using their NFC-enabled phones, consumers can manage their
cards and tickets anywhere at any time.
• Smart cards stored in an NFC-enabled phone are less
susceptible to “collision.”
TU Dresden, 22/11/2013
Why should I use NFC ?
• NFC vs Barcode• NFC ticketing is also faster. There is no need to open an
application to find the 2D barcode; the phone experience is a
simple tap-and-go.
• NFC-enabled phones are two-way devices, enabling the traveler
to both send and receive information, while 2D barcodes are
read-only.
• QR codes are not always easy to read
TU Dresden, 22/11/2013
NFC Modes
• Operation Modes• Reader / Write • Card emulation• Peer-to-peer
TU Dresden, 22/11/2013
NFC Modes
• Operation Modes• Reader / Write • Card emulation• Peer-to-peer
TU Dresden, 22/11/2013
NFC Modes
• Operation Modes• Reader / Write • Card emulation• Peer-to-peer
TU Dresden, 22/11/2013
NFC Design
TU Dresden, 22/11/2013
• The NFC chip has direct access to UICC and SAM chip.
• The Secure chip and UICC are used to store sensitive data like keys and personal information.
• Unfortunately the usage of the SE is restricted by the owner.• Manufacturer• MMO• TSM
NFC Ticketing System
TU Dresden, 22/11/2013
Intention of the Inverse Reader Mode
• Current ticketing systems use NFC enabled mobile phones in card emulation or peer-to-peer mode.
• Problems with card emulation mode: • Owner of the secure element vs. third party service provider restricted or
no access to the secure element of the mobile phone.
• Problems with peer-to-peer mode:• Compatibility problems with different implementations (e.g. Symbian vs.
Android)• No access to the lower layers (APDU) on some operating systems (e.g.
Windows Phone)
• Problems with software emulated tags:• Only few implementations (e.g. RIM’s Blackberry OS since version 7,
Cyanogenmod
TU Dresden, 22/11/2013
Intention of the Inverse Reader Mode
• New approach: Inverse Reader Mode
• No secure element is needed on the mobile phone
• The mobile phone uses only the reader/writer mode, which works on all NFC enabled phones
• Light-weight and well-established protocol stack (ISO/IEC 14443-4 and 7816-4)
• Card emulation support is needed on the reader side
TU Dresden, 22/11/2013
The Inverse Mode Design
TU Dresden, 22/11/2013
APDU Exchange Data
TU Dresden, 22/11/2013
• For exchanging data from the smartphone to the validation terminal APDU messages are used.
• APDU Commands• SELECT DF• READ BINARY• WRITE BINARY
File System
TU Dresden, 22/11/2013
• StationID• Stores the identification of the
ticket station.
• TicketID• Used to store the ticket information
into the ticket station.
• TicketDate• Similar to the TicketID File. Used to
store the ticket date.
• ValidInfo• The Server check the information
and write into this file the result.
Validation Process
TU Dresden, 22/11/2013
• NFC phone requests the station ID.
• The phone selects the correct ticket, send to the system and wait for a confirmation.
• The phone send the ticket date and wait for another confirmation.
• At the end the phone send a message requesting the content of the validInfo file.
Validation Process
TU Dresden, 22/11/2013
• If the validation process was accomplished successfully, all file identifiers will be set to their default values.
Conclusion
TU Dresden, 22/11/2013
• Alternative to the card emulation mode
• Avoiding the access restrictions of the secure element
• Until now security was not considered in detail
References
TU Dresden, 22/11/2013
• http://www.smartcardalliance.org/pages/publications-nfc-frequently-asked-questions
• http://www.nexperts.com/nexpertise/technology/how-does-it-work/• http://www.nfc.cc/wp-content/uploads/2011/03/architecture.jpg• http://supportforums.blackberry.com/t5/Native-Development/Peer-to-peer-
NFC-How-to-send-multiple-messages/td-p/2645143• http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6482448• http://nfc-workshop.org/2013/documentation/Presentation_FH-
OOe_InverseReaderMode.pdf
TU Dresden, 22/11/2013
Thank You !