… with NFC The FP6 StoLPaN project: Building up an European NFC ecosystem 16 th February 2009, NFC Academy, Abu Dhabi Carlo Maria Medaglia - CATTID, University of Rome “Sapienza” [email protected]
Jun 28, 2015
… with NFC
The FP6 StoLPaN project:Building up an European NFC ecosystem
16th February 2009, NFC Academy, Abu Dhabi
Carlo Maria Medaglia - CATTID, University of Rome “Sapienza”
RFID Lab Sponsor & Partner
Gold Sponsor
Partners
Silver Sponsor
http://w3.uniroma1.it/rfidlab/Sponsor.asp
Topic del Lab
• RFID:– Proximity/Vicinity LF, HF, UHF (->μw), UWB
– NFC (Near Field Communication)
• Wireless Sensor Network & RTLS
– PAN: Bluetooth, ZigBee
– WLAN: WiFi
4
Activities
• Transportation• Food traceability and Security• Supply chain management• RFID and wireless for cultural heritage • RFID for inclusion• Public Administration / Utilities• Healthcare• ……………….
Palma de Mallorca, 18th April 2008
13,56MHz RF Link
Wireless Short Range Communication Technology
– Based on RFID technology at 13,56 MHz– Operating distance up to 10 cm– Compatible with today’s field proven contactless
Mifare® and FeliCa™ smart cards (Std. ISO 14443)
– Data exchange rate today up to 424kbit/s– ISO18092: NFCIP-1 Interface & Protocol– ISO21481: NFCIP-2 Interface & Protocol
RFID object
NFC – Key Points
Access info on-the-move
paymentpayment
Mobile Payment & Transaction
Secure
Peer to Peer communication
NFC - Different Types of Apps
NFC pairing
NFC reader
NFC card
NFC represents the 2nd generation of the proximity
contact-less technology, which beyond the RFID,
supports peer-to-peer communication, and enables
consumer access to aggregated services, anytime,
anywhere, with any type of consumer stationary and
mobile devices.
NFC is a Short Range Device wireless technology
designed to exchange data, initiate connections with
other wireless networks and act as a secured smart
key for access to services such as cashless payment,
ticketing, on-line entertainment and access control
NFC represents the 2nd generation of the proximity
contact-less technology, which beyond the RFID,
supports peer-to-peer communication, and enables
consumer access to aggregated services, anytime,
anywhere, with any type of consumer stationary and
mobile devices.
NFC is a Short Range Device wireless technology
designed to exchange data, initiate connections with
other wireless networks and act as a secured smart
key for access to services such as cashless payment,
ticketing, on-line entertainment and access control
NFC - Technology
CPU
Chip NFC
Antenna NFC
SE
ISO 7816
S2CSWP
An NFC phone is composed by: a CPU a RFID antenna a NFC chip a Secure Element
The Secure Element can be: inside the handset (S2C) inside the SIM Card (SWP) inside an SD card
In November 2006 CATTID joined the NFC Forum as a Non-Profit member.
CATTID is in charge of RFID and NFC-related activities in behalf of the International Observatory Cards.
CATTID is also one of the partner of the StoLPaN Project, funded by the European Commission within the Sixth Framework Programme (end Oct 2009).
NFC@CATTID
StoLPaN Overview
StoLPaN (Store Logistics and Payment with NFC) is a pan-European consortium of companies, universities and user groups which works on the dynamic management of multiple NFC applications on the mobile phone.
Vision
Although Alice bought the phone in Italy without any preloaded NFC content or data and Charles would like to use it for NFC in the UK, it works fine.
The NFC service provider recognize that the phone has multiple Secure Elements. The NFC service provider has the policy that if no O2 SIM as SE is found than it should be let the user to decide where to load the application. Joe loads it on the handset embedded SE.
Vision
Charles can make a backup of his applications.
This is how he can be safe in case he loose his phone.
Vision
Charles travels to a different country. He can check if the city transport can be used with NFC and if so he downloads the application to one of his secure elements before he would leave for the country. But it is also possible that he simply downloads the application at the airport only, by touching a smart poster.
When a certain application has a monthly fee and Charles feels that he will not need the application any more, he has the option to delete the application from his portfolio
Development of a handset independent J2ME-based mobile host application to provide seamlessly multiple services
Facilitate the definition of possible services and user profiles
Priorization, automatic/manual mode, local/global, UI
Investigate the OTA requirements and interoperability
Leverage on NFC to enhance the bussiness procedures
Proof of concept of the StoLpaN solution
Portability, tests, demonstrations,usability studies, business model
Objectives
Project Structure
Mobile Phone Track: To define secure interoperable operating environment for managing multiple 3rd NFC services on mobile devices to enable mass deployment Retail Track: To demonstrate the use of the methodology in high street phones and in-store support devices
Research and Develop a multi-application environment for NFC phones
Increase value for content and services by utilizing the capability of the NFC phoneoDisplay, OTA, Secure Element
Contribute to the NFC ecosystemoBusiness, Technical, Legal, Security and Regulatory
Project Structure
The StoLPaN consortium is working on a Java
based mobile HOST application that will enable
NFC mobile phones to run different applications
within the same NFC chip in a transparent
environment, neutralizing specifics of the handset
design.
Different applications
Common interface
Security level
Physical layer
Host Concept
Stolpan host = bridging diversity
Host Concept – Application Focus
… to one single HOST
Single application Multiple applications in HOST
Multiple applications in the handset
• The handset is a brand new environment for the legacy service providers
Host Concept – Security Focus
Host Function & service profile
22
Current Mobile NFC Ecosystem• Four Main Players
– Mobile Network Operator (MNO)• Supplier of the mobile network infrastructure, including
– Primary provider of NFC-enabled handset– Secure Element (SIM)
• Legal owner of the SIM
– Service Provider• Provider of the contactless application(s) loaded onto the NFC-enabled
handset• Responsible for the efficient operation and legal aspects associated with
their application
– Trusted Service Provider• Interface between the service provider and multiple MNOs• Responsible for the secure loading and management of the service
provider’s application into the Secure Element• Manages commercial relationship between MNO and Service Provider
– Consumer• Initiates download of applications onto their NFC-enabled phone • Uses the applications at point of sale or service
23
How the NFC Ecosystem will work
MNO
MVNO
Serv
ice P
rovid
ers
5
11
20
50Tru
sted
Th
ird
Part
ies
User
Issuer of SE
Service provider
OTA provider
TrustedService
Manager
OTA provider
TrustedService
Manager
OTA provider
logical connection
physical connection
Roles
TSM
• Optional support function
– dual functionality
– more than one TSM in a single process
• Service provider support
– value added functions
– remote application management
– remote content management
• User support
– application or portfolio back up
– portfolio reestablishment
• Not a service to cover technical imperfections because these issues need to covered by standards
– diversity of phones
– diversity of OTA services
– diversity of cards
Mobile Handset
SE3 ex. Mass storage with SE SE Manufacturer
SE Manager
B/O
Service Provider
SE2 ex. Embedded SE SE Manufacturer
Service Provider
OTA1
OTA2
J2MEHost
SE1Ex. SIM
cardlet
Midlet
comp.
OTA1Serverfor application management
OTAServerfor SE management
SE Manager
Stolpan Plug-in
Legacy System SE Manufacturer
Host Core component
J2me host extension mgr.(MIDP2)
Application installationLoad / install / make
selectable
Key
div
ers
ifica
tion
/ p
erso
nal
iza
tion
AP
PL
ICA
TIO
N
MA
NA
GE
ME
NT
Ser
vice
Req
uest
/ D
ata
col
lect
ion
CP
LC
, C
A U
RL
SE Manager lookup
StolpanInterface
Midlet delivery / C2S communication
Glo
bal P
latfo
rmC
ard
Ma
na
ger
App
licat
ion
de
live
ry /
do
mai
n cr
eatio
n r
equ
est
*de
pend
s fr
om
th
e G
P
imp
lem
enta
tion
SE Database
Application locator info
START
The user finds and requests the application:Via WEB/WAP on his phone or PCVia friend’s phoneVia Smartposter ad in Newspaper or street-> An URL or MSISDN for the Service Provider is loaded into the Host
The framework – application lifecycle
Mobile Handset
SE3 ex. Mass storage with SE SE Manufacturer
SE Manager
B/O
Service Provider
SE2 ex. Embedded SE SE Manufacturer
Service Provider
OTA1
OTA2
J2MEHost
SE1Ex. SIM
cardlet
Midlet
comp.
OTA1Serverfor application management
OTAServerfor SE management
SE Manager
Stolpan Plug-in
Legacy System SE Manufacturer
Host Core component
J2me host extension mgr.(MIDP2)
Application installationLoad / install / make
selectable
Key
div
ers
ifica
tion
/ p
erso
nal
iza
tion
AP
PL
ICA
TIO
N
MA
NA
GE
ME
NT
Ser
vice
Req
uest
/ D
ata
col
lect
ion
CP
LC
, C
A U
RL
SE Manager lookup
StolpanInterface
Midlet delivery / C2S communication
Glo
bal P
latfo
rmC
ard
Ma
na
ger
App
licat
ion
de
live
ry /
do
mai
n cr
eatio
n r
equ
est
*de
pend
s fr
om
th
e G
P
imp
lem
enta
tion
SE Database
Application locator info
START
The host application in the handset sends a request toThe Service Provider of that particular service. It sends potentially more information but the MSISDN of the handset is mandatory
The Service Provider needs probably more info about the person itself (e.g. bank account) and about the system (type of handset for supported OTA or type of Secure Elements, etc.). These are requested and answered.The user might have the option to select the SE where he wants to load the application. The Service Provider makes the decision.The Service Provider agrees with the user on the selected Secure Element
The framework – application lifecycle
Mobile Handset
SE3 ex. Mass storage with SE SE Manufacturer
SE Manager
B/O
Service Provider
SE2 ex. Embedded SE SE Manufacturer
Service Provider
OTA1
OTA2
J2MEHost
SE1Ex. SIM
cardlet
Midlet
comp.
OTA1Serverfor application management
OTAServerfor SE management
SE Manager
Stolpan Plug-in
Legacy System SE Manufacturer
Host Core component
J2me host extension mgr.(MIDP2)
Application installationLoad / install / make
selectable
Key
div
ers
ifica
tion
/ p
erso
nal
iza
tion
AP
PL
ICA
TIO
N
MA
NA
GE
ME
NT
Ser
vice
Req
uest
/ D
ata
col
lect
ion
CP
LC
, C
A U
RL
SE Manager lookup
StolpanInterface
Midlet delivery / C2S communication
Glo
bal P
latfo
rmC
ard
Ma
na
ger
App
licat
ion
de
live
ry /
do
mai
n cr
eatio
n r
equ
est
*de
pend
s fr
om
th
e G
P
imp
lem
enta
tion
SE Database
Application locator info
START
The Service Provider locates the actual SE issuer for that Secure Element
The framework – application lifecycle
Mobile Handset
SE3 ex. Mass storage with SE SE Manufacturer
SE Manager
B/O
Service Provider
SE2 ex. Embedded SE SE Manufacturer
Service Provider
OTA1
OTA2
J2MEHost
SE1Ex. SIM
cardlet
Midlet
comp.
OTA1Serverfor application management
OTAServerfor SE management
SE Manager
Stolpan Plug-in
Legacy System SE Manufacturer
Host Core component
J2me host extension mgr.(MIDP2)
Application installationLoad / install / make
selectable
Key
div
ers
ifica
tion
/ p
erso
nal
iza
tion
AP
PL
ICA
TIO
N
MA
NA
GE
ME
NT
Ser
vice
Req
uest
/ D
ata
col
lect
ion
CP
LC
, C
A U
RL
SE Manager lookup
StolpanInterface
Midlet delivery / C2S communication
Glo
bal P
latfo
rmC
ard
Ma
na
ger
App
licat
ion
de
live
ry /
do
mai
n cr
eatio
n r
equ
est
*de
pend
s fr
om
th
e G
P
imp
lem
enta
tion
SE Database
Application locator info
START
The Service Provider requests a security domain on the selected SE from the SE Issuer.
The framework – application lifecycle
Mobile Handset
SE3 ex. Mass storage with SE SE Manufacturer
SE Manager
B/O
Service Provider
SE2 ex. Embedded SE SE Manufacturer
Service Provider
OTA1
OTA2
J2MEHost
SE1Ex. SIM
cardlet
Midlet
comp.
OTA1Serverfor application management
OTAServerfor SE management
SE Manager
Stolpan Plug-in
Legacy System SE Manufacturer
Host Core component
J2me host extension mgr.(MIDP2)
Application installationLoad / install / make
selectable
Key
div
ers
ifica
tion
/ p
erso
nal
iza
tion
AP
PL
ICA
TIO
N
MA
NA
GE
ME
NT
Ser
vice
Req
uest
/ D
ata
col
lect
ion
CP
LC
, C
A U
RL
SE Manager lookup
StolpanInterface
Midlet delivery / C2S communication
Glo
bal P
latfo
rmC
ard
Ma
na
ger
App
licat
ion
de
live
ry /
do
mai
n cr
eatio
n r
equ
est
*de
pend
s fr
om
th
e G
P
imp
lem
enta
tion
SE Database
Application locator info
START
The Security Domain is created
The framework – application lifecycle
Mobile Handset
SE3 ex. Mass storage with SE SE Manufacturer
SE Manager
B/O
Service Provider
SE2 ex. Embedded SE SE Manufacturer
Service Provider
OTA1
OTA2
J2MEHost
SE1Ex. SIM
cardlet
Midlet
comp.
OTA1Serverfor application management
OTAServerfor SE management
SE Manager
Stolpan Plug-in
Legacy System SE Manufacturer
Host Core component
J2me host extension mgr.(MIDP2)
Application installationLoad / install / make
selectable
Key
div
ers
ifica
tion
/ p
erso
nal
iza
tion
AP
PL
ICA
TIO
N
MA
NA
GE
ME
NT
Ser
vice
Req
uest
/ D
ata
col
lect
ion
CP
LC
, C
A U
RL
SE Manager lookup
StolpanInterface
Midlet delivery / C2S communication
Glo
bal P
latfo
rmC
ard
Ma
na
ger
App
licat
ion
de
live
ry /
do
mai
n cr
eatio
n r
equ
est
*de
pend
s fr
om
th
e G
P
imp
lem
enta
tion
SE Database
Application locator info
START
The Service Provider receives the keys for the Security Domain
The framework – application lifecycle
Mobile Handset
SE3 ex. Mass storage with SE SE Manufacturer
SE Manager
B/O
Service Provider
SE2 ex. Embedded SE SE Manufacturer
Service Provider
OTA1
OTA2
J2MEHost
SE1Ex. SIM
cardlet
Midlet
comp.
OTA1Serverfor application management
OTAServerfor SE management
SE Manager
Stolpan Plug-in
Legacy System SE Manufacturer
Host Core component
J2me host extension mgr.(MIDP2)
Application installationLoad / install / make
selectable
Key
div
ers
ifica
tion
/ p
erso
nal
iza
tion
AP
PL
ICA
TIO
N
MA
NA
GE
ME
NT
Ser
vice
Req
uest
/ D
ata
col
lect
ion
CP
LC
, C
A U
RL
SE Manager lookup
StolpanInterface
Midlet delivery / C2S communication
Glo
bal P
latfo
rmC
ard
Ma
na
ger
App
licat
ion
de
live
ry /
do
mai
n cr
eatio
n r
equ
est
*de
pend
s fr
om
th
e G
P
imp
lem
enta
tion
SE Database
Application locator info
START
The Service Provider changes the key to the Secure Domain and loads and personalizes the application
The framework – application lifecycle
Mobile Handset
SE3 ex. Mass storage with SE SE Manufacturer
SE Manager
B/O
Service Provider
SE2 ex. Embedded SE SE Manufacturer
Service Provider
OTA1
OTA2
J2MEHost
SE1Ex. SIM
cardlet
Midlet
comp.
OTA1Serverfor application management
OTAServerfor SE management
SE Manager
Stolpan Plug-in
Legacy System SE Manufacturer
Host Core component
J2me host extension mgr.(MIDP2)
Application installationLoad / install / make
selectable
Key
div
ers
ifica
tion
/ p
erso
nal
iza
tion
AP
PL
ICA
TIO
N
MA
NA
GE
ME
NT
Ser
vice
Req
uest
/ D
ata
col
lect
ion
CP
LC
, C
A U
RL
SE Manager lookup
StolpanInterface
Midlet delivery / C2S communication
Glo
bal P
latfo
rmC
ard
Ma
na
ger
App
licat
ion
de
live
ry /
do
mai
n cr
eatio
n r
equ
est
*de
pend
s fr
om
th
e G
P
imp
lem
enta
tion
SE Database
Application locator info
START
The Service Provider might need to download new UI elements or rules to serve the service in the particular host in the phone. It is done here as well.
The framework – application lifecycle
The Retail track
Concrete NFC Applications (1)
PAYMENT & TICKETING
3.
Card managementsystem (banks,trans-port companies)
1. 2.
OTA managementserver
NFC enabledmobile phone
Request for OTAprovisioning ofpayment/ticketingapplication
OTA provisioning ofpayment/ticketingapplication intothe NFC phone
Payment /ticketingterminals
Pay and travelby touching with NFC phone
NFC WiFi
Set up Phase Normal use Phase
NFC WiFi
Set up Phase Normal use Phase
Payment &
Ticketing
Service Initiation
Sharing & Peer2Peer
Concrete NFC Applications (2)
Payment Everywhere MP =
POS
MP=Mobile Phone
Micro-PaymentMP = Debit Card
Building AccessMP = Key
Take Info from Poster
MP = Ticket Counter
Building AccessMP = Key
Mobile Phone =
e-Business Card,Exchange for
Ticket
StoLPaN Dolomiti Trial
NFC tag based Infotainment applications Where: Falcade, Belluno (Dolomiti) When: December 2008 / May 2009 Target: tourists and locals
Use casesSmart Poster: three specific infotainment applications (SKI, Meteo, Digital Content) Loyalty Booking and reservation
StoLPaN trial video
Thank you for your attention!
Prof. Carlo Maria Medaglia
http://w3.uniroma1.it/rfidlab - http://www.stolpan.com
SIMpliCityan NFC system for the mobility of citizens that guides people (tourists or locals), within the town streets, providing information about restaurants, shops, offices and public services.
SIMpliTravel a set of Java applications for buying and validating tickets for public transport, composed by three MIDlets (NFCTicketing, Validate, Verifier) and one Cardlet (TicketingCardlet).
SIMpliPay an NFC payment application based on “travel check” system, which manages the tourist’s mobile wallet.
SIMpliAccess an access control application for the OTA download and management of keys (hotel, car, …).
New developments: the “SIMpli” series
SIMpliLife architecture
RFID Lab Academic partners
Director: Prof. Gianni Orlandi, Full Professor of Telecommunication
Coordinator: Prof. Carlo Maria Medaglia, Associate Professor of HCI
Centre for the Applications of Television and Distance Learning Techniques (CATTID), University of Rome “Sapienza”
Department of Ingegneria Elettronica, Faculty of Engineering, Univ. of Rome “Sapienza” Department of Ingegneria Informatica, Faculty of Engineering, Univ. of Rome
“Sapienza” Department of Logistica e Gestione Merci, Faculty of Commerce, Univ. of Rome
“Sapienza” Centre for Transports and Logistics (CTL), Faculty of Engineering, Univ. of Rome
“Sapienza” Department of Informatica, Faculty of Computer Science, Univ. of Rome “Sapienza” Department of Scienze della Comunicazione, Faculty of Mass Communication, Univ. of
Rome “Sapienza” Department of Informatica Sistemi e Produzione (DISP), Faculty of Engineering,
Università di Roma “Tor Vergata” Department of Ingegneria dell’Impresa (DII), Faculty of Engineering, Università di Roma
“Tor Vergata” Institute for the Protection and Security of the Citizen, JRC Joint Research Centre UE
SIMpliCity: demo
Modular structure (MIDP 3.0
preferred)
Engines – common APIs for use
Customer midlet & cardlet needs to
be registered/certified
Re-use of workflow midlets
Stolpan cardlet for secure functions
& application management
Multi Secure Element support
Back-up support
Branding support
The framework – host design
New developments: iMoney
iMoney is a P2P payment service which combines remote (SMS/OTA) with proximity (NFC) payment.
Proximity
Remote
New developments: proximity marketing applications
Nowadays, most NFC pilot projects are focused on ticketing and payment, which requires a long time to be implemented, because they involve a number of actors with different and sometimes opposite interests.
This makes consumers scarcely aware about NFC technology and products.
The most interesting short-term scenario for NFC applications would probably be the one related to mobile advertising and proximity marketing, combining NFC with other wireless technologies already available in the mobile phones such as Bluetooth and GSM / GPS localization.
Touch it! An urban marketing game
Touch it! is an urban marketing game which combines GSM localization with a proximity technology such as NFC in order to offer an innovative mobile advertising model to retailers and an interactive game experience to the users.
FUNNY FOR THE USERS
INTERESTING FOR RETAILERS
GPRS/UMTS
NFC
GPRS/UMTS
WEB SERVER / DB
TOUCH IT! POINT
NFC
TOUCH IT! READER
Touch it! How it works
SIMpliCinema: concept
SIMpliCinema is a “smart window”, placed near cinemas, which allows to: obtain detailed information about films; buy tickets via NFC; download multimedia contents on the mobile phone.
Through a touch screen, the user can view both trailers and information about films, he can also buy tickets tapping the phone near the reader and so he can receive additional multimedia contents for free.
SIMpliCinema: demo