SIMcard applets development - hardware recommendations - javacard

I want to develop JavaCard 2.2.x applet, load to developer SIM card. I also need to connect to the SIM card through PCSC-Lite on Ubuntu (because of SEEK-FOR-ANDROID).
However, I don't know what hardware should I buy...I've already bought few (cheap) PC/SC smart card readers from Ebay and so, but there are not recognized by Gemalto Card Manager or any other soft for loading applets to SIMs.
I can't afford to try "real-deal" dev kits, as those are quite expensive for me (...student). I need to be sure before buying any of those. So my question is...
Would you give me some recommendations which JavaCard Dev kits (Reader + dev SIM card) should I buy? I've read, that ACR38 Dev Kit works nicely with Gemalto Dev Suite but there are no DEV SIM cards in the kit (at least, there are not mentioned in specs).
Thanks!!

Frankly speaking I don't know any cheap kit which includes sample cards except expensive (for students) Gemalto Card Admin and Gemalto Dev Suite.
For the reader I can recommend you Gemalto PCTwin reader, which you can buy online from Gemalto Web store here.
At the same time officially Gemalto Dev Suite is not working on Ubuntu and trial version which you can download from Gemalto Dev Network has limitation - you can use only Card Simulator and not real reader. May be it was the reason why you couldn't use your reader as if it is PCSC reader there is no difference for Dev Suite.
What I can propose you as a student - participation to Gemalto SIMAgine contest for students. In this case you'll receive all tools and cards for free.

Related

What considerations to make for selecting Bluetooth Chipsets for control of LED via PWM?

I am involved working on new hardware LED products where we are selecting a Bluetooth chipset to use in multiple products controlled by iOS and Android apps, for at minimum the next 3-4 years. Also I am not the developer, a third party will be contracted for this project.
As part of background research, I wanted to ask for feedback from Stack Overflow communities' experience with programming for Bluetooth, more specifically with custom firmware and GPIO PWM for LED?
What kind of challenges did you come across?
Are there any granular details or features to look out for with the hardware?
**Edit: based on first answer-
Requirements:
BLE 5
I do need OTA update capability
Chip size not big constraint, plastic enclosure can accommodate up to 1 inch/25mm or bit more easily.
Not high temp application
Single-chip solution, that will be programmed with our firmware, controlling 4x PWM Channels is ideal for our LED strips, avoiding separate MCU
Cost per unit (lowest average cost/unit)- important factor at volume, TBD
**Qualities I can not gauge well myself, being a designer and not an experienced programmer:
Ease of integration/support (lowest cost of development)
Quality of the chip manufacturer's software tools
Quality of the chips documentation
I have found some questions related with Raspberry Pi that seem generally helpful, but those questions don't help me with features or the support and documentation as related to BT SOCs.
**Edit: Yes I we are only considering BLE, and the NORDIC Semiconductor link I have included below are BLE and BT 5.
NORDIC chips are on my short list, they seem well supported and capable of 3x or 4x PWM channels for example nRF52832 Nordic nRF52832 Spec info. or the newer model RF5340. Does anyone have experience with them?
I really appreciate any answers regarding development considerations with Bluetooth.
I will edit & clarify if needed.
If you wish to support iOS Apps, a BLE device is necessary, BT classic requires a special apple license (for your product) to be able to connect with iOS Apps.
But other than that, your specifications dont really help to rule out ANY chip.
The first question that comes to mind is what other features do you
have already on your specification list that could be satisfied with
a common solution. I.e. if you also need WiFi, don't choose two
separate BLE/WiFi Chips, buy a chip that can do both (it's both
2.4GHz RF). If you need OTA updates for your firmware, choose a chip manufacturer with extensive and well documented tooling.
Consider special requirements:
Do you need a very small chip?
Does it need to be run at high temperatures (i.e. inside a light bulb)?
Do you need to run at ultra-low-power?
Does it need a high performance RF transceiver?
Decide whether you need a single-chip solution, that will be programmed with your firmware, or if your firmware will run on a dedicated microcontroller which is connected to the BLE chip.
Unless you have absolutely no special requirements to narrow down the selection, I'd base my decision along these criteria (not ordered):
Ease of integration (lowest cost of development)
Cost per unit (lowest average cost/unit)
Quality of the chip manufacturer's software tools
Quality of the chips documentation
GPIO-PWM Output should be possible with almost any programmable BLE chip.

Using SIM card info on a USB Card Reader to secure usage of windows software

i have developed a windows desktop application and it is ready for distribution. Target buyers are in the order of few hundreds only. Yet wishing to protect it from unauthorized use.
First idea was to use something like HASP key etc. Found costly for my case. Then googled about machine fingerprint etc to write my own code. Found mixed opinion about it. Especially the fact that it might not be that end-user-friendly when they upgrade hardware.
Why should the fingerprinting be from machine.. it could be from something else which is unique and yet connected to the machine (hoping sim card is unique), right.? Put a sim card on a usb reader and plug it into the system. The application shall read the sim card id for authentication. Assuming i supply the sim card and pre-code their ids in the application. Is this idea sane and possible?
Thanks, Chandra.

Windows 8 Phone - access to NFC reader?

Short question: Can I read credit card information with a NFC capable Windows Phone 8?
Long question: How does NFC with credit cards exatly work? The card (or the phone with wallet function) receives a request via NFC and replies with the cleartext credit card information in some standardised format? The Wallet option then aditionally still props some comfirmation dialog before broadcasting the credit card information?
Or is there some handshake encryption going on before hand? Or is there some credit card specific secret code safeguarding the commuincation? Or is there some overlay protocol on NFC for payment? NFC ist just pushing a string over the air as far as know?
If it works, as I think it works, can I tell a Windows 8 Phone, through preferably C#, to read credit card information and display it to me (if the credit card has a chip inside)? Or does maybe Windows Phone 8 disallow access to the NFC reader, or some mystic payment protocol (if such a thing exists). My short web search was very vage on technical details, especially with some sites talking about carrier support for wallet systems, as if some keys would be fetched from somewhere in the web to secure the transactions? I can't really image something like that being standardised accross all credit card issuers.
Can someone give technical insight the way credit card data is transfered and if you can program a phone to read such data.
Contactless credit/debit cards certainly do use NFC (mainly ISO 14443-A, some mainly in France are ISO 14443-B), and their communication protocols follow an industry standard called EMV which has public specs available here: http://www.emvco.com/specifications.aspx?id=223 The cards speak the same EMV both over NFC/contactless as well as through the contact chip (eg the gold thing you insert into a reader) though payment networks tend to do things slightly differently depending on which interface is used (eg sometimes PIN not required via contactless for low amounts, whereas contact might always require a PIN). Also, certain aspects of the protocols are proprietary to the payment networks so the EMV specs don't fully describe everything.
If you search around there are various sites that give some examples of how to communicate with credit/debit cards some over NFC others with an insert chip card, but typically the commands will work the same regardless of the interface. You can buy a USB smart card reader that will do both NFC and insert/contact for http://blog.saush.com/2006/09/08/getting-information-from-an-emv-chip-card/
For Windows Phone you also can talk with credit cards as long as you have a Lumia 830/730/735 etc as the older devices (even the Lumia 930) have an older NFC chip where the driver doesn't support the smart card APIs. You can use the sample code here: https://nfcsmartcardreader.codeplex.com/ to learn how to send/receive APDU commands/responses to NFC cards though that project doesn't specifically have the commands you need for a credit card (though that other link does have the APDUs you need).
And credit cards generally all will let you read their PAN (the account number printed on the front), expiry date, and in some countries even the cardholder name (though in the US for privacy most banks tend to not expose it, instead returning stuff like "VALUED/CARDHOLDER" as the name) without any encryption or keys. It will not however return the CVV2 code printed on the back of the card, which is generally required by merchants to be able to place orders on the internet, and it also generally does not let you clone the card since there is dynamic/encrypted data required to do card present transactions at a physical merchant.
Short answer: No. It's unlikely Credit card would work with WP8.
Long answer:
RFID vs. NFC: As far as I know most credit cards don't have NFC. They have RFID. Which one could say it's a "predecessor" technology to NFC. RFID is mostly non-standardized, has longer range than NFC and only supports one-way communication. Whereas NFC is an evolving standard, can be used in 2cm-4cm range and supports two-way communication. So, WP8 does not support RFID but it does support NFC.
RFID on WP8: All that being said, there's a chance that WP8 could identify some RFID tags. You might be able read byte[] from specific RFID tags in specific WP8 phones. Obviously, that's not recommended.
Secure NFC: One last thing is that some very exclusive partners in some very specific regions will have access to "Secure NFC". Secure NFC is a superset of NFC and adds the feature to store & transmit secure information via NFC from WP8. For example Secure NFC can store a Credit Card number or a bank account number as part of the WP8 Wallet. However, That will only work in regions where the mobile operator issues a "Smart SIM" (SIM capable of running applets), where the developer can author Java based Smart SIM applets, where the developer has an agreement with the mobile operator to deploy those applets over-the-air, where those WP8 apps have been cleared with Microsoft for the WP8 store and where there are dedicated retail HW terminals that can read them.
Sorting out a bit of the above answer of JustinAngel:
RFID is not a predecessor technology of NFC
RFID covers various frequency bands of Radio Frequency Communication (e.g. HF and UHF)
NFC is Near Field Communication and usually covers HF (13.56 MHz)
Many standards fall under HF NFC: ISO14443-4, ISO15693, FeliCa, ISO18092, .....
NFC Forum is trying to unify things and uses NDEF messages to exchange semantic messages
contactless payment on credit cards is based on a contactless smartcard layer.
WP8 allows only exchange of NDEF messages
WP8 does not allow exchange on the contactless smartcard layer (ISODEP==L4==(T=CL))
see the windows proximity api for details or http://developer.nokia.com/Community/Wiki/Use_NFC_tags_with_Windows_Phone_8
Android however gives access to this ISODEP layer
I don't know what credit card information could be retrieved from an app. There is a secure element involved which handles cryptography and stuff. I don't think detailed information on Mastercard payPass or VISA payWave is freely available
Can I read credit card information with a NFC capable Windows Phone 8?
No, you cannot do that. NFC API on Windows Phone 8 is very limited.
May be Wallet API could help you somehow with your project, but this is not about NFC.
Also you could try to use Android devices with NFC, they have more powerful NFC API than WP8.

getting started with java card on sim cards

I'm looking to write a simple beginner program using Java Card to run on sim cards. Can anyone point me to some very basic information on getting started? I've seen some descriptions of the toolkit api, but I'm looking for things like: what capabilities are supported by the sim card, how to upload my code to the card (do i need special hardware?), how do I tell whether a sim card supports java card, that sort of thing.
EDIT: I'm specifically looking to run code on sim cards. I've seen some very high level tutorials online, but nothing that goes as far as connecting to a sim card or uploading code. I have a USB sim card reader and a variety of cards to test, but I can't find any detail on how to work with them.
To upload your code to a sim card, it seems to require one of these tools:
GPShell from the GlobalPlatform project
JCardManager which is part of the Gemalto Developer Suite
SIMAlliance CAT Loader
I've not got any of these to recognise my ebay sim card reader, so I think I'll have buy a different reader (probably from gemalto)
Edit: I bought the ACS ACR38 SDK, which includes 3 card readers and a selection of cards, along with drivers, code samples and tools. These card readers are working nicely with the Gemalto Developer Suite.
The Usability Lab tutorial provided with the Gemalto Developer Suite is a pretty good way of diving into sim card development.
Very interesting thing to note: it's pretty hard to get your code running on commercial mobile network operator SIM cards. They typically require the correct certificate before you can write to them.
There are hardware workarounds to this. I'm currently investigating TurboSIM and RebelSIM.
I finally gave up on this project due to other pressures. I was not able to get any Java Card running except on the dev cards, which are not compatible with real devices on a mobile network. The cutout cards such as TurboSIM and RebelSIM are a possibility but quite frustrating to work with.
there is a nice quickstart tutorial on the netbeans page
http://netbeans.org/kb/docs/javame/java-card.html

Has anyone got a tutorial up on getting your own smartcard and getting pkcs#11 working on it?

Has anyone got a tutorial up on getting your own smartcard and getting pkcs#11 working on it? In Linux? (Windows would be fine too).
Most of the vendors seem to assume you'll be wanting enough for your whole company, not one or two.
This heavily depends on the driver and application you use. We use OpenSC/OpenCT for all non-Enterprise Smartcard uses. They have decent documentation.
Yes, check out what OpenSC supports.
Make sure that you know what you want - USB tokens or full-size smart cards. There are pros and cons with both solutions - USB tokens require drivers, often by the manufacturer, to use on some platforms (eg Windows7 or OSX can be troublesome). But they are easy to use once set up and sometimes offer better performance than ISO smartcards. Casual smart cards on the other hand have also contactless interfaces and can be used with pinpad readers which provide higher security than USB tokens.
If you're into fancier features and may want to extend your card infra further than just pkcs#11 crypto, javacards might be useful (OpenSC can not work with JavaCards directly but certain applets are supported, like Muscle) Otherwise look for a supported card operating system.

Resources