I wanted to create J2ME application, in which the application should work only with the SIM card that was used during installation. On SIM card (GSM) change the application should now work.
For achieving this, i thought of taking an signature of the simcard and save it in a persistent storage. On every start of the application the signature can be verified. Any idea of how to implement this.
Thanks in advance
The 'SATSA' (Security and Trust Services API aka JSR177) could be used from your J2ME application to communicate with the SIM. You could send '3GPP TS 11.11' commands to obtain the IMSI (select file DG_GSM, select file EF_IMSI, read binary).
Drawbacks are: (1) You're talking to the SIM on a relatively low level of abstraction (the ISO7816-4 layer); (2) Not all handsets support JSR177 at the moment.
I believe this is not possible. If it was possible with a specific phone it would not be possible in a generic way.
For ATT in US, for J2ME apps, the handset embeds "CarrierDeviceId" in the Jad file. This is unique per SIM card. So, if something similar is available to you, just read this Jad parameter the first time the app starts, save it to RMS or send it to server. Now each time the app starts, you can verify this number matches, and thus verify the SIM card is same.
You can also try obtaining the phone number that is tied to the SIM card and thus verify the old SIM is being used.
Related
I am trying to build a system with a raspberry pi that allows clients access into a building depending on their membership status. Right now, it uses QR codes, but I want to know if it is possible to add a feature where it uses some technology like NFC or RFID or Bluetooth to detect their phone or RFID card from at least a foot away and confirm they have a membership.
Someone told me I could use RFID, but I am only aware of that being used in short-distance applications, like a card on a hotel door. I am not sure about Bluetooth either, because the phone would have to connect to the pi first, right? Maybe there is something I don't know about. So please offer any suggestions. Thanks
I think bluetooth does good work for tracking user. Since it's the best to handle large distances than NFC and RFID these two technologies are used for low range scenarios, check this link.
In addition, you can check distance(using Proximity and RSSI) and membership status as well. but you need to know how to handle bluetooth connectivity with raspberry pi check this link. as well create an app on that mobile phone to use Bluetooth (depending which OS you're using for Android, iOS).
Regards,
I've patched android with SEEK for Galaxy S3 and after some struggle I'm now able to send APDUs to SIM card and get proper responses.
I want to place my own applet inside SIM but since there is no way we can get the access to do so, I start to wonder if there is anyway we can issue a java card to work like a SIM card. All I need is a java card that the phone can't distinguish from a SIM, no network coverage is needed and I know it is almost impossible to create a SIM that works OK with operator and gives network coverage.
The reason for all this is I need to send APDUs and work with my applet, but if I insert a java card instead of a SIM card in GS3, it gives me no access at all.
So my question is this:
Is it possible to issue a java card so that it looks like a SIM by the phone (and not the operator)?
or Is it possible to change android so that it gives needed access when there is a java card in it, i.e. RIL works as usual?
EDIT
Okay, I think I'll try to issue a Java Card with following properties:
First, it will have an auto selected applet (default applet) that from now on will be call fake-UICC.
Second, in fake-UICC we'll emulate the file system of UICC (according to http://www.in2eps.com/fo-uicc/tk-fo-uicc-mf.html).
Third, since different class is used for SIM APDUs (0xA0) so All APDUs sent from RIL will be directed to fake-UICC by JCRE, since class+instruction is not recognized by normal Java Card. e.g. 0xA0A4 is select for SIM but 0x00A4 is select command for Java Card.
In last step, we will try to send exact same responses a real SIM would send to each APDU.
Maybe it won't work but I think it's worth a try.
SIM Card (UICC) accessed through SEEK is not the only secure element you can use in your cellphone.
On the market there are other Java Card solutions: mostly based on microSD slot (provided e. g. by GoTrust or Feitian Technologies), which you should be able to access through SEEK.
Some cellphones (Galaxy S3 is not this case, unfortunately) are equipped with a special secure element slot, which you can insert common smart card (mostly by Oberthur) into and access through SEEK (see http://www.nfcworld.com/technology/embedded-secure-element-ese/ for some devices with this feature).
There is an interesting article about SE options: http://nelenkov.blogspot.cz/2012/08/accessing-embedded-secure-element-in.html
If you know some other vendors offering microSD Java Card products, please write them down in comments and I will add them to my post. This answer is not supposed to be any advertisement for the companies mentioned above.
Well, Actually I'm not sure if this solution works or not, and as dear #Vojta mentioned in the comments under his answer I would like to discourage people from the following attempts. It will be difficult, time-consuming and probably with no useful results. He knows a lot more than me in this field.
Anyway, as you wanted I posted my suggestion:
Each file in the system file of the SIM/USIM card is linked to a hexadecimal number as its addresses (AID). These AIDs are defined in GSM and ETSI standards (GSM 11.11 for example). You can write some Javacard applets to simulate that system file.
As SIM/USIM card's AIDs are shorten than JavaCard AIDs, you might need to choose a Java Card that support partial AID selection and use this capability to refer incoming command to its associated applet.
I think you can simulate all the system file inside a single applet also and then make that applet default selected applet.
If you had any success with this solution, please inform us. :)
i have developed a windows desktop application and it is ready for distribution. Target buyers are in the order of few hundreds only. Yet wishing to protect it from unauthorized use.
First idea was to use something like HASP key etc. Found costly for my case. Then googled about machine fingerprint etc to write my own code. Found mixed opinion about it. Especially the fact that it might not be that end-user-friendly when they upgrade hardware.
Why should the fingerprinting be from machine.. it could be from something else which is unique and yet connected to the machine (hoping sim card is unique), right.? Put a sim card on a usb reader and plug it into the system. The application shall read the sim card id for authentication. Assuming i supply the sim card and pre-code their ids in the application. Is this idea sane and possible?
Thanks, Chandra.
I need to restrict only a particular sim on a given phone (nokia 2700) such that the phone is not usable if the sim is changed. I'm thinking of either preventing the sim from registering on the network or having some background app that will shutdown the phone or prevent usage if the sim is change.
QT (new to it) and JavaMe suggestions are both fine.
How do I proceed with this?
Edit1:
The idea is to prevent the user of the phone from changing the sim card. The phone should not work if the sim card is changed. For this, I need a way of notifying this and either shutting down the phone or doing something to prevent it from being used.
regards
Qt is not supported on Series 40 phones. It is available for Symbian and MeeGo based Nokia phones. Check this list for supported models.
In order to achieve this you need to be able to detect a sim card and prevent phone from functioning if necessary.
On Series 40 JavaME, there are a few system.properties that you can use to detect the current sim card. There are no events for receiving the sim card change. Some of the properties are restricted to manufacturer and operator security domains. Unfortunately, com.nokia.mid.imsi which identifies a particular sim card is one of those. However com.nokia.mid.networkid is not restricted and should be sufficient to identify a particular network(If that is your purpose).
There is no JavaME way of blocking the use of the phone (I guess that is the point with Java security and sandboxing). Also the ability to start an app. at the boot and keep it running on the background is restricted to manufacturer and operator signing on Series 40 phones.
The phone should have this function already.
From the manual (page 12):
Access codes
The security code helps to protect your phone against
unauthorised use. The preset code is 12345. You can create and change
the code, and set the phone to request the code. Keep the code secret
and in a safe place separate from your phone. If you forget the code
and your phone is locked, your phone will require service and
additional charges may apply. For more information, contact a Nokia
Care point or your phone dealer. The PIN code supplied with the SIM
card protects the card against unauthorised use. The PIN2 code
supplied with some SIM cards is required to access certain services.
If you enter the PIN or PIN2 code incorrectly three times in
succession, you are asked for the PUK or PUK2 code. If you do not have
them, contact your service provider. The module PIN is required to
access the information in the security module of your SIM card. The
signing PIN may be required for the digital signature. The barring
password is required when using the call barring service. To set how
your phone uses the access codes and security settings, select Menu >
Settings > Security.
I used to have a Sony-Ericsson phone that had the same function and it allowed the access code to be saved on the sim card. The phone would not ask for the access code unless the sim was changed. I hope you can find the same function in the Security menu on your Nokia phone.
How can I save data in mobile phone using j2me?
I want code examples which describes how to store data in mobile phones using j2me.
Further how to give access permission to read/write in mobile phones?
I am using netbeans 6.5 and motorola L6 phone.
Can any one tell me a code example giving how to store, give read/write permission?
You can save data in the record management store. There are some limitations though. The biggest one is that only your application will be able to read the data.
An alternative is to use the FileConnection API, which offers access to the device's file system. All modern phones should support it. However, unless the Midlet is signed, the user will be nagged to give permission to access a file.
Use the PDAPDemo example code from the Sun Wireless Toolkit.
Last time I checked it had a few error handling bugs but it is easily modifiable.
It will tell you what parts of the handset file system your application can read from and write to, both on the phone and on any eventual memory card.