Made simple: How GlobalPlatform supports secure mobile NFC services
The NFC ecosystem today
Service providers are converging their offerings onto common platforms, such as mobile devices, to deliver near field communication (NFC) services. The exchange of sensitive data enabled by these NFC services - whether as an electronic payment, a money transfer, entrance to a secure facility (access control), or digital signature (authentication) - means that security is increasingly vital.
However, the importance of security, authentication and end-user identity protection can be overlooked in the race for service providers to meet consumer desire for rapid access to the new application possibilities that NFC technology provides.
It is possible, through secure chip technology, to maintain enhanced levels of security and authentication without stifling innovation and rapid product iteration cycles. GlobalPlatform Specifications help to isolate the services, while still promoting interoperability and compatibility, as well as supporting the richness of the applications. This made simple guide explains how GlobalPlatform supports secure mobile NFC services.
Which GlobalPlatform Specifications are important for secure mobile NFC services?
There are three main areas in which GlobalPlatform's Specification work is supporting NFC-enabled services:
- Secure element (SE)
The SE is an evolution of the chip that currently resides in a credit or debit card, which has been adapted to the requirements of the mobile community. SEs are central to the implementation of contactless NFC enabled services to mobile devices as they offer a protected environment to store sensitive information that can support authentication, identification, signatures and PIN management – features which are needed in the delivery of value added services.
- Trusted execution environment (TEE)
GlobalPlatform's work to standardize the TEE (a secure area that resides in the main processor of a connected device which ensures that sensitive data is stored, processed and protected in a trusted environment) supports the needs of smart connected device stakeholders, such as smartphone and tablet application developers and device manufacturers. The advancement of this technology provides the critical additional security required for mobile wallets, NFC payment implementations, premium content protection and bring your own device (BYOD) initiatives.
- Mobile messaging (MM)
GlobalPlatform clarifies how market participants from a number of sectors, including mobile NFC, can connect their backend systems to the SE, TEE and any other actor within a secure application's ecosystem. This is achieved by defining 'who' is responsible for 'what' and agreeing the 'language' (messages) that will be used. GlobalPlatform Mobile Messaging can be used over-the-air via a mobile network as well as over-the-internet using the cloud environment. This supports trusted service managers (TSMs), as well as the issuance and personalization of secure chip and TEE technology.
As the final piece of the overall jigsaw puzzle, GlobalPlatform is releasing end-to-end frameworks that will bring the whole solution together in a format that will address the specific technical requirements of different market sectors. In January 2014, GlobalPlatform published the first release of its 'End-to-End Simplified Service Management Framework v1.0'. The initial document, which focuses on contactless payments, streamlines the service management process by outlining how GlobalPlatform Specifications can be used to implement a comprehensive end-to-end configuration for a contactless payment deployment. The configurations will enable service providers to deploy services faster by starting with a basic template.
Why is standardization needed?
The purpose of open standards is to promote interoperability between different applications on different mobile platforms. GlobalPlatform Specifications can support applications residing on the same platform but from different markets, as well as the same application residing on different platforms. Service providers, therefore, don't need to adapt their business model in terms of security for different audiences and environments. This saves money and speeds up time to market.
Why is GlobalPlatform well placed to help standardize these technologies?
GlobalPlatform Specifications are the de facto standard for managing applications on secure components. These standards have been implemented widely across multiple sectors and markets globally. As many of these markets look to deliver services on mobile devices through NFC technology, GlobalPlatform Specifications are ready, deployed and able to support the business and technical requirements of stakeholders.
Additionally, GlobalPlatform is promoting confidence within this advancing ecosystem through its SE and TEE compliance programs. These offer assurances to application and software developers and hardware manufacturers that products of this kind will perform in line with the GlobalPlatform Specifications. It also promotes market stability by providing a long-term, interoperable and industry-agreed framework that will evolve with technical requirements over time. Visit the GlobalPlatform Compliance Program webpages for further information.
What are the next steps for standardization of the SE, TEE and MM?
GlobalPlatform is promoting the adoption of its compliance program to ensure that specific markets can implement the technology, as banks, governments and mobile network operators all have different requirements.
GlobalPlatform currently has established compliance programs which address the UICC Configuration, Basic Financial Configuration and Trusted Execution Environment Specifications. It is also working to offer a compliance program for its SE Configuration for smart microSDs and embedded SEs.
Thanks to compliance and certification, we are able to provide a simplified means of implementing a standardized infrastructure to be able to target the mass market. At present, the vast majority of mobile NFC projects are using GlobalPlatform technology so mobile network operators and banks can share the secure areas within a mobile device.
How can industry stakeholders contribute to GlobalPlatform's work?
GlobalPlatform is working with its growing member base to standardize the NFC ecosystem. For information on how to become a member and contribute to its work, visit the member pages of our website: http://www.globalplatform.org/membership.asp.
Keep an eye on our website, follow us on Twitter and join us on LinkedIn to keep up to date with the latest news and events from GlobalPlatform.