Nokia 603 with Symbian Belle Feature Pack 1 and Nokia 808 Pureview are ready for implementing Payment and Ticketing solutions! In this post I will go into the details on Secure NFC implementation and how developers can get started in development of secure NFC applications on Nokia Symbian devices.
Support for SIM based NFC architecture using SWP protocol
Secure storage and provisioning of sensitive information (i.e. Credit Card details, values, PINs etc) needed to perform secure transactions with mobile devices is handled by the UICC/SIM card. Nokia HW/SW provides a channel for both external NFC infrastructure (POS readers, transit terminals, OTA provisioning) as well as on-device UI applications (wallets) to be able to securely exchange data over SWP protocol with the secure applications stored (and managed) on the SIM card.
Card Emulation mode
The Symbian NFC component has now added support for Card Emulation mode and it works interchangeably to peer-2-peer mode and reader mode when NFC radio is active. In card emulation mode all communication with the NFC radio is routed directly to the SIM card via the SWP protocol. The communication is usually in the form of ADPU packets follwoing the ISO 14443 standard (Smart Cards)
In a typical use case the MNO will issue to the customer a UICC enabled SIM card. Additionally it could offer the customer a contactless payment or ticketing service (in partnership with a local Bank, loyalty or transportation service).
Subject to service agreement with the customer, the operator or service provider will issue the related payment or transportation cardlet to the user’s SIM card using a provisioning service provider or TSM (Trusted Service Manager). TSM’s role is to manage the secure provisioning & management of payment and ticketing services to end users. Usually this provisioning is done using OTA (Over-the-air) deployment (using BIP – bearer independent protocol).
The provisioning of these services may also include a dedicated Wallet application that is installed on the customers device which can then manage all (or some) the cards stored on the customer’s SIM card and is actually what the customer sees and uses to perform transactions with contactless/NFC infrastructure.
Low Battery mode
In payment and ticketing use cases it is important to offer customers NFC/contactless services in cases when the phone battery runs out (i.e. to be able to use transportation or to pay for services). To satisfy requirements Nokia has implemented an operator variant customizable Low Battery mode which will enable to make a few transactions with the card emulation mode in cases where the device will shut down due to low battery.
Devices supporting Card Emulation
Nokia 603 with Symbian Belle Feature Pack 1 and Nokia 808 Pureview
Note: at the time of writing the Nokia 603 has received MasterCard Paypass certification
Development of Card Emulation solutions differs a bit from regular mobile application development as it requires more infrastructure capabilities. One might say that the wallet development is the easy part, the more challenging part is to have the right e-2-e infrastructure. Usually the solutions on mobile devices have 2 parts,
- the Wallet UI application (managing user’s cards and for listening, preparing cards for transactions). For the Wallet UI application the Development environment is Java ME
- the "card" applications (cardlets, applets) running on the SIM card. For the "Card" applications the development environment depends on the SIM manufacturer (usually JavaCard technology)
Recommended Development Setup
The Contactless Communications API defines support to exchaning information between contactless targets
The Security and Trust Services API for J2ME defines support for smart card communication, generation of digital signatures, and low-level cryptography operations.
Nokia extensions to the JSR257 API
API for receiving notifications about the low battery mode state (i.e. to alert the user)
API for registering post transaction events. (i.e. play video, show bitmap, launch application)
Nokia made available an example application demonstrating a typical wallet application supporting contactless transactions using all the necessary APIs and available as source code. (The project is available to Nokia Developer Launchpad/PRO members only)
The mentioned enablers for building NFC enabled payment & ticketing solutions on Nokia Symbian devices are available to Nokia Developer Launchpad and PRO members only.