mobile/nfc security fundamentals anatomy of a mobile...
TRANSCRIPT
![Page 1: Mobile/NFC Security Fundamentals Anatomy of a Mobile ...d3nrwezfchbhhm.cloudfront.net/webinars/Anatomy_of_a_Mobile_Device_030513.pdfAnatomy of a Mobile Device: Security Architecture](https://reader030.vdocument.in/reader030/viewer/2022040302/5e7e9ef11a637567505d97a9/html5/thumbnails/1.jpg)
Mobile/NFC Security Fundamentals Anatomy of a Mobile Device: Security Architecture and Secure Provisioning
Smart Card Alliance and GlobalPlatform Webinar March 5, 2013
![Page 2: Mobile/NFC Security Fundamentals Anatomy of a Mobile ...d3nrwezfchbhhm.cloudfront.net/webinars/Anatomy_of_a_Mobile_Device_030513.pdfAnatomy of a Mobile Device: Security Architecture](https://reader030.vdocument.in/reader030/viewer/2022040302/5e7e9ef11a637567505d97a9/html5/thumbnails/2.jpg)
Introductions • Randy Vanderhoof • Executive Director • Smart Card Alliance
![Page 3: Mobile/NFC Security Fundamentals Anatomy of a Mobile ...d3nrwezfchbhhm.cloudfront.net/webinars/Anatomy_of_a_Mobile_Device_030513.pdfAnatomy of a Mobile Device: Security Architecture](https://reader030.vdocument.in/reader030/viewer/2022040302/5e7e9ef11a637567505d97a9/html5/thumbnails/3.jpg)
About the Smart Card Alliance
The Smart Card Alliance is a not-for-profit, multi-industry
association working to stimulate the understanding, adoption,
use and widespread application of smart card technology.
Through specific projects such as education programs, market
research, advocacy, industry relations and open forums, the
Alliance keeps its members connected to industry leaders and
innovative thought. The Alliance is the single industry voice for
smart cards, leading industry discussion on the impact and
value of smart cards in the U.S. and Latin America. For more
information please visit http://www.smartcardalliance.org.
![Page 4: Mobile/NFC Security Fundamentals Anatomy of a Mobile ...d3nrwezfchbhhm.cloudfront.net/webinars/Anatomy_of_a_Mobile_Device_030513.pdfAnatomy of a Mobile Device: Security Architecture](https://reader030.vdocument.in/reader030/viewer/2022040302/5e7e9ef11a637567505d97a9/html5/thumbnails/4.jpg)
Mobile & NFC Council
Raise awareness and accelerate the adoption of all applications using NFC Access control, identity,
loyalty, marketing, payments, peer-to-peer, promotion/coupons/offers, transit, …
Accelerate the practical application of NFC, providing a bridge between technology development/specifications and the applications that can deliver business benefits to industry stakeholders.
![Page 5: Mobile/NFC Security Fundamentals Anatomy of a Mobile ...d3nrwezfchbhhm.cloudfront.net/webinars/Anatomy_of_a_Mobile_Device_030513.pdfAnatomy of a Mobile Device: Security Architecture](https://reader030.vdocument.in/reader030/viewer/2022040302/5e7e9ef11a637567505d97a9/html5/thumbnails/5.jpg)
Today’s Webinar Topics & Speakers
Introduction: Randy Vanderhoof, Executive Director, Smart Card Alliance
Introduction to GlobalPlatform: Kevin Gillick, Executive Director, GlobalPlatform
Anatomy of a Mobile Device: Philip Hoyer, Director, Strategic Solutions, HID Global
Security Interfaces and Secure Provisioning: Gil Bernabeu, Technical Director, GlobalPlatform
Q&A: Randy Vanderhoof, Smart Card Alliance
![Page 6: Mobile/NFC Security Fundamentals Anatomy of a Mobile ...d3nrwezfchbhhm.cloudfront.net/webinars/Anatomy_of_a_Mobile_Device_030513.pdfAnatomy of a Mobile Device: Security Architecture](https://reader030.vdocument.in/reader030/viewer/2022040302/5e7e9ef11a637567505d97a9/html5/thumbnails/6.jpg)
Contactless and NFC Payments Continues to Spread
vending
taxi
Form factors
applications
drivethru
![Page 7: Mobile/NFC Security Fundamentals Anatomy of a Mobile ...d3nrwezfchbhhm.cloudfront.net/webinars/Anatomy_of_a_Mobile_Device_030513.pdfAnatomy of a Mobile Device: Security Architecture](https://reader030.vdocument.in/reader030/viewer/2022040302/5e7e9ef11a637567505d97a9/html5/thumbnails/7.jpg)
NFC Security Webinar Series #1 – Anatomy of a Mobile Device
Kevin Gillick Executive Director GlobalPlatform
![Page 8: Mobile/NFC Security Fundamentals Anatomy of a Mobile ...d3nrwezfchbhhm.cloudfront.net/webinars/Anatomy_of_a_Mobile_Device_030513.pdfAnatomy of a Mobile Device: Security Architecture](https://reader030.vdocument.in/reader030/viewer/2022040302/5e7e9ef11a637567505d97a9/html5/thumbnails/8.jpg)
Introduction to
Across several market sectors and in converging sectors
GlobalPlatform is the standard for managing applications on secure chip technology
Trusted Execution
Environment
Secure Element
AND
![Page 9: Mobile/NFC Security Fundamentals Anatomy of a Mobile ...d3nrwezfchbhhm.cloudfront.net/webinars/Anatomy_of_a_Mobile_Device_030513.pdfAnatomy of a Mobile Device: Security Architecture](https://reader030.vdocument.in/reader030/viewer/2022040302/5e7e9ef11a637567505d97a9/html5/thumbnails/9.jpg)
At-a-Glance What is the output of
GlobalPlatform?
Specifications – technical industry guidelines
Configurations – applying the guidelines to different market sectors
Security Certifications – streamlining security requirements & testing
Industry Compliance Program – confirming a product’s functionality aligns to
GlobalPlatform technology
Educating the Industry – white papers & technical documents
Workshops – specification training & educational
![Page 10: Mobile/NFC Security Fundamentals Anatomy of a Mobile ...d3nrwezfchbhhm.cloudfront.net/webinars/Anatomy_of_a_Mobile_Device_030513.pdfAnatomy of a Mobile Device: Security Architecture](https://reader030.vdocument.in/reader030/viewer/2022040302/5e7e9ef11a637567505d97a9/html5/thumbnails/10.jpg)
Mobile Task Force (MTF)
Established in 2007 to actively contribute to the development of mobile telecommunications standards worldwide.
Overview: The task force provides input to the technical committees, concerning the
specific and emerging requirements of the mobile sector, in order that the GlobalPlatform Card, Device and Systems Specifications can be expanded and updated to suit market needs.
The primary objectives is to: collect business requirements facilitate new market opportunities between the mobile sector and other
industries highlight that differentiation of products and services can be achieved
through multiple applications demonstrate that various business models can be applied within one
implementation communicate that a neutral and scalable infrastructure can protect current
investments relative to future technology evolutions
10
![Page 11: Mobile/NFC Security Fundamentals Anatomy of a Mobile ...d3nrwezfchbhhm.cloudfront.net/webinars/Anatomy_of_a_Mobile_Device_030513.pdfAnatomy of a Mobile Device: Security Architecture](https://reader030.vdocument.in/reader030/viewer/2022040302/5e7e9ef11a637567505d97a9/html5/thumbnails/11.jpg)
GlobalPlatform Members Membership
![Page 12: Mobile/NFC Security Fundamentals Anatomy of a Mobile ...d3nrwezfchbhhm.cloudfront.net/webinars/Anatomy_of_a_Mobile_Device_030513.pdfAnatomy of a Mobile Device: Security Architecture](https://reader030.vdocument.in/reader030/viewer/2022040302/5e7e9ef11a637567505d97a9/html5/thumbnails/12.jpg)
Anatomy of a Mobile Device Philip Hoyer Director, Strategic Solutions HID Global
![Page 14: Mobile/NFC Security Fundamentals Anatomy of a Mobile ...d3nrwezfchbhhm.cloudfront.net/webinars/Anatomy_of_a_Mobile_Device_030513.pdfAnatomy of a Mobile Device: Security Architecture](https://reader030.vdocument.in/reader030/viewer/2022040302/5e7e9ef11a637567505d97a9/html5/thumbnails/14.jpg)
Anatomy
Handset
Application #1
OS
UI / Keyboard
Contactless Frontend (CLF)
Secure Element
Applet
![Page 15: Mobile/NFC Security Fundamentals Anatomy of a Mobile ...d3nrwezfchbhhm.cloudfront.net/webinars/Anatomy_of_a_Mobile_Device_030513.pdfAnatomy of a Mobile Device: Security Architecture](https://reader030.vdocument.in/reader030/viewer/2022040302/5e7e9ef11a637567505d97a9/html5/thumbnails/15.jpg)
Anatomy – 2 -
Handset
Application #1
Secure Element Access
OS
UI / Keyboard
Contactless Frontend (CLF)
UICC/SIM
Applet #1
Embedded SE
Smart micro SD
Applet #3 Applet #5
Applet #4 Applet #2
Application #2
![Page 16: Mobile/NFC Security Fundamentals Anatomy of a Mobile ...d3nrwezfchbhhm.cloudfront.net/webinars/Anatomy_of_a_Mobile_Device_030513.pdfAnatomy of a Mobile Device: Security Architecture](https://reader030.vdocument.in/reader030/viewer/2022040302/5e7e9ef11a637567505d97a9/html5/thumbnails/16.jpg)
Anatomy – 3 -
Handset
Application #1
Crypto Middleware
Secure Element Access
Trusted UI / Keyboard
OS
UI / Keyboard
Contactless Frontend (CLF)
UICC/SIM
Applet #1
Embedded SE
Smart Micro SD
Applet #3 Applet #5
Applet #4 Applet #2
Application #2
TEE
Trusted App #1
Trusted App #2
External Reader
![Page 18: Mobile/NFC Security Fundamentals Anatomy of a Mobile ...d3nrwezfchbhhm.cloudfront.net/webinars/Anatomy_of_a_Mobile_Device_030513.pdfAnatomy of a Mobile Device: Security Architecture](https://reader030.vdocument.in/reader030/viewer/2022040302/5e7e9ef11a637567505d97a9/html5/thumbnails/18.jpg)
Secure Elements
On Phone: Embedded SE
Removable UICC / SIM Smart micro SD
Attached Phone Sleeves (ex. iCarte for Apple
phones) (still harbours micro SD) Attached reader inserting ISO smart
card Stickers
![Page 19: Mobile/NFC Security Fundamentals Anatomy of a Mobile ...d3nrwezfchbhhm.cloudfront.net/webinars/Anatomy_of_a_Mobile_Device_030513.pdfAnatomy of a Mobile Device: Security Architecture](https://reader030.vdocument.in/reader030/viewer/2022040302/5e7e9ef11a637567505d97a9/html5/thumbnails/19.jpg)
Security Continuum
Phone OS
Software Based Solution
Trusted Execution Environment (TEE)
Secure Element (SE)
SE + TEE combination
Security
Complexity
![Page 20: Mobile/NFC Security Fundamentals Anatomy of a Mobile ...d3nrwezfchbhhm.cloudfront.net/webinars/Anatomy_of_a_Mobile_Device_030513.pdfAnatomy of a Mobile Device: Security Architecture](https://reader030.vdocument.in/reader030/viewer/2022040302/5e7e9ef11a637567505d97a9/html5/thumbnails/20.jpg)
Interfaces
Handset
Application #1
Crypto Middleware
Secure Element Access
Trusted UI / Keyboard
OS
UI / Keyboard
Contactless Frontend (CLF)
UICC/SIM
Applet #1
Embedded SE
Smart Micro SD
Applet #3 Applet #5
Applet #4 Applet #2
Application #2
TEE
![Page 21: Mobile/NFC Security Fundamentals Anatomy of a Mobile ...d3nrwezfchbhhm.cloudfront.net/webinars/Anatomy_of_a_Mobile_Device_030513.pdfAnatomy of a Mobile Device: Security Architecture](https://reader030.vdocument.in/reader030/viewer/2022040302/5e7e9ef11a637567505d97a9/html5/thumbnails/21.jpg)
Security Interfaces and Secure Provisioning Gil Bernabeu Technical Director GlobalPlatform
![Page 22: Mobile/NFC Security Fundamentals Anatomy of a Mobile ...d3nrwezfchbhhm.cloudfront.net/webinars/Anatomy_of_a_Mobile_Device_030513.pdfAnatomy of a Mobile Device: Security Architecture](https://reader030.vdocument.in/reader030/viewer/2022040302/5e7e9ef11a637567505d97a9/html5/thumbnails/22.jpg)
Interfaces - standardisation
Handset
Crypto Middleware
Secure Element Access
TEE
Trusted UI / Keyboard
OS
UI / Keyboard
Open Mobile API
Contactless Frontend (CLF)
UICC/SIM
Applet #1
Embedded SE
Smart micro SD
Applet #3 Applet #5
Applet #4 Applet #2
Application #1 Application #2
PKCS #11 TEE Client API
Trusted App
![Page 23: Mobile/NFC Security Fundamentals Anatomy of a Mobile ...d3nrwezfchbhhm.cloudfront.net/webinars/Anatomy_of_a_Mobile_Device_030513.pdfAnatomy of a Mobile Device: Security Architecture](https://reader030.vdocument.in/reader030/viewer/2022040302/5e7e9ef11a637567505d97a9/html5/thumbnails/23.jpg)
Being Worked On
• Secure Element Access Control : which application has access to which Applets
• Routing of NFC Services
from CLF to multiple secure elements
Handset
Application #1
Crypto Middleware
Secure Element Access
TEE
Trusted UI / Keyboard
OS
UI / Keyboard
Contactless Frontend (CLF)
UICC/SIM
Applet #1
Embedded SE
Smart Micro SD
Applet #3 Applet #5
Applet #4 Applet #2
Application #2
Trusted App #1
Trusted App #2
![Page 24: Mobile/NFC Security Fundamentals Anatomy of a Mobile ...d3nrwezfchbhhm.cloudfront.net/webinars/Anatomy_of_a_Mobile_Device_030513.pdfAnatomy of a Mobile Device: Security Architecture](https://reader030.vdocument.in/reader030/viewer/2022040302/5e7e9ef11a637567505d97a9/html5/thumbnails/24.jpg)
Hosting multiple services
Secure Element
Bank
Transit
Office Security Domain
Bank Security Domain
Store
Office
Store Security Domain
Transit Security Domain
Applet #1
Applet #2
Applet #3
Applet #4
![Page 25: Mobile/NFC Security Fundamentals Anatomy of a Mobile ...d3nrwezfchbhhm.cloudfront.net/webinars/Anatomy_of_a_Mobile_Device_030513.pdfAnatomy of a Mobile Device: Security Architecture](https://reader030.vdocument.in/reader030/viewer/2022040302/5e7e9ef11a637567505d97a9/html5/thumbnails/25.jpg)
Secure Provisioning
Handset
Application #1
Crypto Middleware
Secure Element Access
Trusted UI / Keyboard
OS
UI / Keyboard
Contactless Frontend (CLF)
UICC/SIM
Applet #1
Embedded SE
Smart Micro SD
Applet #3 Applet #5
Applet #4 Applet #2
Application #2
TEE
Remote Admin Agent
![Page 26: Mobile/NFC Security Fundamentals Anatomy of a Mobile ...d3nrwezfchbhhm.cloudfront.net/webinars/Anatomy_of_a_Mobile_Device_030513.pdfAnatomy of a Mobile Device: Security Architecture](https://reader030.vdocument.in/reader030/viewer/2022040302/5e7e9ef11a637567505d97a9/html5/thumbnails/26.jpg)
GlobalPlatform Mobile Messaging
Provisioning - TSM
Bank
Bank
Transit
Store
Office
SIM OTA
TSM-SP
TSM-SP
TSM-SP
TSM-SP
SE Issuer TSM
ID TSM
Reader infrastructure
Bank
Payment card issuer
Transit
Transit card issuer
Store
Issues coupons and loyalty cards
Office
Issues access cards to employees
TSM-SP
Connects SP and SEI
TSM- SEI
NFC SE
Stores credentials securely
Phone
NFC antenna NfC chip
Credentials
NFC phone Wallet
MNO
SE OTA
TSM-3rd Party
Control SE usage
![Page 27: Mobile/NFC Security Fundamentals Anatomy of a Mobile ...d3nrwezfchbhhm.cloudfront.net/webinars/Anatomy_of_a_Mobile_Device_030513.pdfAnatomy of a Mobile Device: Security Architecture](https://reader030.vdocument.in/reader030/viewer/2022040302/5e7e9ef11a637567505d97a9/html5/thumbnails/27.jpg)
Questions & Answers
![Page 28: Mobile/NFC Security Fundamentals Anatomy of a Mobile ...d3nrwezfchbhhm.cloudfront.net/webinars/Anatomy_of_a_Mobile_Device_030513.pdfAnatomy of a Mobile Device: Security Architecture](https://reader030.vdocument.in/reader030/viewer/2022040302/5e7e9ef11a637567505d97a9/html5/thumbnails/28.jpg)
Mobile & NFC Security Webinar Series
Mobile/NFC Security Fundamentals: Secure Elements 101 March 28, 2013, 1pm ET/10am PT Speakers: Brent Bowen, INSIDE Secure; Greg Coogan, Morpho Cards; Sanjiv
Rawat, Giesecke & Devrient; Sree Swaminathan, First Data
Mobile/NFC Security Fundamentals : NFC Forum Tags and Security Considerations
April 18, 2013, 1pm ET/10am PT Speakers: Tony Rosati, NFC Forum/Blackberry; Joe Tassone, Identive; Randy
Vanderhoof, Smart Card Alliance; Mike Zercher, NXP Semiconductors; Rob Zivney, Identification Technology Partners
Mobile/NFC Security Fundamentals : NFC Application Use Cases – Security Perspectives May 9, 2013, 1pm ET/10am PT Speakers: Rene Bastien, SecureKey Technlogies; Jonathan Main, NFC
Forum/MasterCard; Steve Rogers, IQ Devices; Tony Sabetti, Isis; Randy Vanderhoof, Smart Card Alliance
![Page 29: Mobile/NFC Security Fundamentals Anatomy of a Mobile ...d3nrwezfchbhhm.cloudfront.net/webinars/Anatomy_of_a_Mobile_Device_030513.pdfAnatomy of a Mobile Device: Security Architecture](https://reader030.vdocument.in/reader030/viewer/2022040302/5e7e9ef11a637567505d97a9/html5/thumbnails/29.jpg)
NFC Solutions Summit 2013
![Page 30: Mobile/NFC Security Fundamentals Anatomy of a Mobile ...d3nrwezfchbhhm.cloudfront.net/webinars/Anatomy_of_a_Mobile_Device_030513.pdfAnatomy of a Mobile Device: Security Architecture](https://reader030.vdocument.in/reader030/viewer/2022040302/5e7e9ef11a637567505d97a9/html5/thumbnails/30.jpg)
Smart Card Alliance 191 Clarksville Rd. · Princeton Junction, NJ 08550 · (800) 556-6828 www.smartcardalliance.org
• Randy Vanderhoof, [email protected] • Kevin Gillick, [email protected] • Philip Hoyer, [email protected] • Gil Bernabeu, [email protected]