7
AID in android

AID in android

Embed Size (px)

Citation preview

Page 1: AID in android

AID in android

Page 2: AID in android

International Registered Application Provider Identifier (RID)• What is the ISO/IEC 7816-5 Numbering System?• The numbering system provides a means for an application and related

services offered by a provider to identify if a given card contains the elements required by its application and related services.• An application identifier (AID) is used to address an application in the card.

• If your application is to be offered internationally, you need an international AID.• $500 application fee associated with processing this application.

Source: http://www.ansi.org/other_services/registration_programs/rid.aspx?menuid=10

Page 3: AID in android

How about global platform’s AID?

• Previously Global Platform borrowed the RID (the first 5 bytes of the AID) from VISA. This is because of historical reasons. Global Platform is now a separate entity but Open Platform.• VISA did not want to use Global Platform to use their RID anymore. So a new RID

was requested.• A000000003 000000 for Open Platform and earlier GP implementations and for later cards or

Global Platform specifications you have A000000151 0000 to select the card manager.

• The handling of SELECT is not completely clear from ISO/IEC 7816-4. Generally though if you provide a smaller AID (of at least 5 bytes) within SELECT by NAME then a matching application will be selected.

Source: http://www.tagwith.com/question_192038_cant-select-aid-card-manager-when-testing-to-send-apdu

Page 4: AID in android

Coexistence with Secure Element Cards• The NFC controller typically also contains a

default route for APDUs. • When an AID is not found in the routing table,

the default route is used.

• Beginning with Android 4.4, the default route is required to be set to the host CPU.• This means that the routing table typically

only contains entries for AIDs that need to go to a secure element.

off_host_apdu_servicehost_apdu_service

Source: https://developer.android.com/guide/topics/connectivity/nfc/hce.html#Coexistence

Page 5: AID in android

Configure off_host_apdu_serviceIn your AndroidManifest.xml <service android:name=".MyOffHostApduService" android:exported="true" android:permission="android.permission.BIND_NFC_SERVICE" > <intent-filter> <action android:name="android.nfc.cardemulation.action.OFF_HOST_APDU_SERVICE" /> </intent-filter>

<meta-data android:name="android.nfc.cardemulation.off_host_apdu_service" android:resource="@xml/apduservice" /> </service>

In res/xml/apduservice.xml<offhost-apdu-service xmlns:android="http://schemas.android.com/apk/res/android" android:description="@string/servicedesc" android:requireDeviceUnlock="false" >

<aid-group android:category="other" android:description="@string/subscription" > <aid-filter android:name=“F123456789" /></aid-group>

</offhost-apdu-service>

input service name

input AIDs for access SE

Source: https://developer.android.com/guide/topics/connectivity/nfc/hce.html#Coexistence

Page 6: AID in android

Appendix

Page 7: AID in android

P2P mode description

• Even if you emulate an NFC Forum Type 4 tag with one Android device, putting two Android devices together will still result in them establishing a peer-to-peer link (even if Beam is turned off!). • Thus, the second Android device will not detect your HCE emulated card as

an NFC tag. • The only way to overcome this limitation is to use the NFC Reader mode

API (new in Android 4.4) on the second device. • However, in that case, you would need to have an app on the receiving device that is

active in the foreground (that's the only way to enable the Reader mode API).

Source: http://stackoverflow.com.80bola.com/questions/23155719/host-card-emulation-on-android-with-nexus-5/23180223