SlideShare une entreprise Scribd logo

SmartCard Forum 2011 - Chytré karty dnes a za 20 let

OKsystem
OKsystem
Technologie
1  sur  31
Télécharger pour lire hors ligne
Chytré karty dnes a za 20 let... SmartCardForum 2011 Jan Němec Gemalto Květen 2011
Agenda Chytré karty včera, dnes a za 20 let eGo Bezpečnost mobilních telefonů SmartCardForum 2011 – Chytré karty dnes a za 20 let ... 2
Smart cards SmartCardForum 2011 – Chytré karty dnes a za 20 let ... 3
Smart Cards predecessors … 1950 - plastic cards used for payment issued by Diners Club 200 customers in 27 restaurants in New York 1960ths - magnetic stripe cards London Transit Authority installed a magnetic stripe system SmartCardForum 2011 – Chytré karty dnes a za 20 let ... 4
… Smart Cards vision 5 year ago … Source: Chandan – blog SmartCardForum 2011 – Chytré karty dnes a za 20 let ... 5
… Smart Cards vision today Sources: http://www.upgradeyourbody.com http://www.ego-project.eu/ SmartCardForum 2011 – Chytré karty dnes a za 20 let ... 6
What you touch is yours SmartCardForum 2011 – Chytré karty dnes a za 20 let ... 7
Everywhere… Any Phone is mine, anywhere! Eve has: Eve did not: • borrowed a phone • Insert a card • placed a phone call • Enter a code in the handset • returned the phone • Charge the call on the phone owner’s bill SmartCardForum 2011 – Chytré karty dnes a za 20 let ... 8
Fast… Just take it! Jeanne has: Jeanne did not: • Selected her drink • Open her handbag and grab her • Taken it purse • Use her credit card • Insert coins SmartCardForum 2011 – Chytré karty dnes a za 20 let ... 9
Friendly… No more user name/password! Pierre has: Pierre did not: • touched his mouse • Enter a login and a password • Worked within his private • Insert a card environment SmartCardForum 2011 – Chytré karty dnes a za 20 let ... 10
Intuitive… Open a door without handling a key! John has: John did not • Opened the door • turn a key SmartCardForum 2011 – Chytré karty dnes a za 20 let ... 11
Safe… Only my swimming suit and my bath-towel! Eve has: Eve did not: • closed her home door • Be concerned about leaving • Stepped into her car anything on the beach during her • Driven to the beach bath • Purchased a bottle of iced tea • Placed a phone call SmartCardForum 2011 – Chytré karty dnes a za 20 let ... 12
A wireless world Ubiquity • Everywhere • I can use all objects around me Security • All transactions are: anonymous, authenticated and non traceable Autonomy • Guarantee of mission of at least a day Connectivity • Easy and intuitive pairing and collaboration between smart No more physical connectors objects SmartCardForum 2011 – Chytré karty dnes a za 20 let ... 13
Easy pairing principle The principle involves two wireless technologies: • INTRA-BODY Communication: • very short operational range to unambiguously select the device to connect with • Ultra-Wide Band (UWB) with RTLS (Real Time Location Service) • Medium operational range, high-speed exchange for application data Step 1: Securely Pair two devices and bootstrap the UWB communication Step 2: Start Application via a fast and secure wireless network and monitor the distance between the two devices to control an operational and secure bubble SmartCardForum 2011 – Chytré karty dnes a za 20 let ... 14
eGo: a wearable device eGo can be placed anywhere on the user’s body • An NFC antenna would require to be in close vicinity of the “reader” object, therefore would be wearable only when positioned close to the user’s hand. Reversely, IBC antenna can be placed anywhere on the user’s body. IBC-based devices are truly wearable: intra-body communication will bridge the two devices. No standard form factors Physically attached to clothes or garments you wear • Has to be kept close to your body at all time SmartCardForum 2011 – Chytré karty dnes a za 20 let ... 15
Intra-body communication Capacitive Capacitive Sensing Sensing Capacitive Sensing Ultra-low power Low frequency (< 10 MHz) Conveys no application data Short range (< 20 mm) No direct skin contact needed. Work through gloves or clothes Low data rates (few dozens of kbit/s) SmartCardForum 2011 – Chytré karty dnes a za 20 let ... 16
eGo: Two-Factor Authentication 1- What you wear • eGo is a wearable device 2- Who you are • A Single-Sign-On based on a fingerprint sensor SmartCardForum 2011 – Chytré karty dnes a za 20 let ... 17
eGo: basic security concerns Active • When eGo is attached to your body and after a positive SSO Inactive • When eGo is not attached to your body SmartCardForum 2011 – Chytré karty dnes a za 20 let ... 18
eGo: Enhanced Privacy Protection All transactions may be: • Anonymous • Non traceable • Authenticated Multiple Identity/Attributes Providers support Inherits from smart cards technology • Javacard • Global Platform SmartCardForum 2011 – Chytré karty dnes a za 20 let ... 19
Application Distance Control with RTLS technology RTLS (Real Time Location Service) based control • +/- 10 cm accuracy • Courtesy of IEEE802.15.4a precision location Relay-attack protection • Application bubble controlled by the application • Completed with Out-Of-Band agreement SmartCardForum 2011 – Chytré karty dnes a za 20 let ... 20
eGo and Safety Intra-Body Communication • eGo embeds only the receiver • eGo-ready device generates electric field bursts. SAR is 10 millions times lower than a mobile phone • Electric field based technologies are already use for: • biomedical sensors • Sensitive PC Pads, touch display • Sensitive button (lift button, electronic oven control,…) UWB IEEE802.15.4a • Ultra low spectral density: • 1000 times less than Bluetooth class 1 • Specific Absorption Rate • 3.5 GHz to 8GHz out of range of the water absorption (e.g. Body) which is around 2.4 GHz • Low power 3000 times lower than mobile phone • 99% of the working time in standby mode • The UWB and Intra-body technology are safe SmartCardForum 2011 – Chytré karty dnes a za 20 let ... 21
Security in Handset Market SmartCardForum 2011 – Chytré karty dnes a za 20 let ... 22
Malware Applications and Security Holes are Growing… January 11, 2010: Android app steals bank login details An application available via Google's Android Market was infected with a trojan designed to steal users' bank login details (…) May 27, 2010: Ubuntu Lucid (PC) can read your iPhone's secrets Do you have a PIN code on your iPhone? Well, it doesn’t prevent access to your data … When hooking up a non-jailbroken, fully up-to-date iPhone 3GS to a PC running Lucid Lynx … SmartCardForum 2011 – Chytré karty dnes a za 20 let ... 23
Malware and Attacks in Smartphones are Growing! SmartCardForum 2011 – Chytré karty dnes a za 20 let ... 24
Users are Delocking their Smarphones… Step 1: Set up ADB Step 2: Push exploid to /sqlite_stmt_journals "adb push exploid /sqlite_stmt_journals" Step 3: type "adb shell" Step 4: type "cd sqlite_stmt_journals" Step 5: type "chmod 755 exploid" Step 6: type "./exploid" and follow directions on screen Step 7: type "rootshell" Step 8: type in password "secretlol" Step 9: you’re in root! ⇒ Used by users to get access and full control to Android resources by exploiting Android security holes SmartCardForum 2011 – Chytré karty dnes a za 20 let ... 25
Android Case Android security model based on end-user • User validates the application permissions at installation • Example: application X needs to access localization information • User is capable of modifying the whole Android system (fully open model) Android is a large and complex system Security holes that can be used by user and malware e.g. Just a few days to jailbreak a new Android phone model Any software or sensitive data needs to be isolated from Android SmartCardForum 2011 – Chytré karty dnes a za 20 let ... 26
How to Secure Sensitive Applications? Software to be executed needs to be secured (code and data such as cryptographic keys) • Principle: isolation in a secure environment 1. Security for downloadable applications 2. Use of Trusted Execution Environment (TEE) 3. Use of external component: Secure Element User Interface needs to be secured • Sensitive information entry (e.g. password) • Transaction data to be validated (e.g. transaction amount) • Principle: Trusted User Interface via Trusted Execution Environment SmartCardForum 2011 – Chytré karty dnes a za 20 let ... 27
What is a Trusted Execution Environment (TEE)? TEE provides hardware-based isolation from Rich OS such as Android, Windows Phone and Rich OS Application Environment Symbian. Trusted Execution Environment Trusted Trusted Trusted Application Application Application TEE runs on the main device DRM Payment Payment Corporate Corporate Client Applications processor TEE has privileged access to device API GlobalPlatformTEE Internal API resources (user interface, crypto GlobalPlatform TEE Client API accelerators, secure elements, …) Trusted Core Trusted Environment Kernel TEE Functions Rich OS Security Requirements by HW Secure Resources Hardware Platform Advanced Trusted Environment: OMTP TR1 SmartCardForum 2011 – Chytré karty dnes a za 20 let ... 28
Trusted Execution Environment Innovative solution from the mobile industry Hardware protection exists in mobile processors to isolate critical data and code Main OS Environment Trusted Execution Environment SECURE SERVICES APPLICATIONS TRUSTED EXECUTION OS ENVIRONMENT OS (Trusted Logic Trusted Foundations™) Smartphone Processor SmartCardForum 2011 – Chytré karty dnes a za 20 let ... 29
What GlobalPlatform Defines Rich OS Application Environment Trusted Execution Environment Trusted Trusted Trusted Application Application Application Client Applications DRM Payment Payment Corporate Corporate TEE APIs GlobalPlatform GlobalPlatform TEE FunctionalAPI TEE Functional API GlobalPlatformTEE Internal API GlobalPlatformTEE Internal GlobalPlatform TEE Client API GlobalPlatformTEE Client API Trusted Core Trusted Core Trusted TEE Environment Environment Functions Compliance Rich OS and TEE Kernel Security HW Keys, Secure Storage, Certification HW Secure Trusted UI (Keypad, Screen), Crypto accelerators, Hardware Platform Resources NFC controller, Secure Element, etc. SmartCardForum 2011 – Chytré karty dnes a za 20 let ... 30
Your questions ... ... thank you! SmartCardForum 2011 – Chytré karty dnes a za 20 let ... 31

Recommandé

Digital jewellery
Digital jewelleryDigital jewellery
Digital jewelleryGayathri Gayi
 
Final digital jewelry report
Final digital jewelry reportFinal digital jewelry report
Final digital jewelry reportShruthi K Gowda
 
Bhavana
BhavanaBhavana
Bhavanabhavana dixit
 
Digital jewellery
Digital jewelleryDigital jewellery
Digital jewelleryindianspandana
 
Digital jewellery
Digital jewelleryDigital jewellery
Digital jewelleryNIT TRICHY
 
Digital jewellery
Digital jewellery Digital jewellery
Digital jewellery harish kumar
 
Digital jewelry prachi
Digital jewelry prachiDigital jewelry prachi
Digital jewelry prachiPrachi Jain
 
NFC on Android - Near Field Communication
NFC on Android - Near Field CommunicationNFC on Android - Near Field Communication
NFC on Android - Near Field CommunicationSven Haiges
 

Recommandé

Digital jewellery
Digital jewelleryDigital jewellery
Digital jewelleryGayathri Gayi
 
Final digital jewelry report
Final digital jewelry reportFinal digital jewelry report
Final digital jewelry reportShruthi K Gowda
 
Bhavana
BhavanaBhavana
Bhavanabhavana dixit
 
Digital jewellery
Digital jewelleryDigital jewellery
Digital jewelleryindianspandana
 
Digital jewellery
Digital jewelleryDigital jewellery
Digital jewelleryNIT TRICHY
 
Digital jewellery
Digital jewellery Digital jewellery
Digital jewellery harish kumar
 
Digital jewelry prachi
Digital jewelry prachiDigital jewelry prachi
Digital jewelry prachiPrachi Jain
 
NFC on Android - Near Field Communication
NFC on Android - Near Field CommunicationNFC on Android - Near Field Communication
NFC on Android - Near Field CommunicationSven Haiges
 
Securing the Internet of Things - Hank Chavers
Securing the Internet of Things - Hank ChaversSecuring the Internet of Things - Hank Chavers
Securing the Internet of Things - Hank ChaversWithTheBest
 
SFO15-503: Secure storage in OP-TEE
SFO15-503: Secure storage in OP-TEESFO15-503: Secure storage in OP-TEE
SFO15-503: Secure storage in OP-TEELinaro
 
LAS16-504: Secure Storage updates in OP-TEE
LAS16-504: Secure Storage updates in OP-TEELAS16-504: Secure Storage updates in OP-TEE
LAS16-504: Secure Storage updates in OP-TEELinaro
 
Introduction to Optee (26 may 2016)
Introduction to Optee (26 may 2016)Introduction to Optee (26 may 2016)
Introduction to Optee (26 may 2016)Yannick Gicquel
 
LCU14-103: How to create and run Trusted Applications on OP-TEE
LCU14-103: How to create and run Trusted Applications on OP-TEELCU14-103: How to create and run Trusted Applications on OP-TEE
LCU14-103: How to create and run Trusted Applications on OP-TEELinaro
 
HKG15-311: OP-TEE for Beginners and Porting Review
HKG15-311: OP-TEE for Beginners and Porting ReviewHKG15-311: OP-TEE for Beginners and Porting Review
HKG15-311: OP-TEE for Beginners and Porting ReviewLinaro
 
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEEBKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEELinaro
 
IoT summit - Building flexible & secure IoT solutions
IoT summit - Building flexible & secure IoT solutionsIoT summit - Building flexible & secure IoT solutions
IoT summit - Building flexible & secure IoT solutionsEric Larcheveque
 
Codebits 2011
Codebits 2011Codebits 2011
Codebits 2011Martin Paljak
 
Ppt digital jewelry prachi jain 110155
Ppt digital jewelry prachi jain 110155Ppt digital jewelry prachi jain 110155
Ppt digital jewelry prachi jain 110155Prachi Jain
 
e-wallet , The future of Cards and Money
e-wallet , The future of Cards and Moneye-wallet , The future of Cards and Money
e-wallet , The future of Cards and MoneyVikram Dahiya
 
Digital Jewellery compiled by Anshika Nigam
Digital Jewellery compiled by Anshika NigamDigital Jewellery compiled by Anshika Nigam
Digital Jewellery compiled by Anshika NigamAnshika Nigam
 
Cicretbracelet
CicretbraceletCicretbracelet
CicretbraceletGeethuJanaki1
 
CONNECTED OBJECTS - how NFC technology enables a more environmentally-friendl...
CONNECTED OBJECTS - how NFC technology enables a more environmentally-friendl...CONNECTED OBJECTS - how NFC technology enables a more environmentally-friendl...
CONNECTED OBJECTS - how NFC technology enables a more environmentally-friendl...Pierre Metivier
 
Cicrete bracelet
Cicrete braceletCicrete bracelet
Cicrete braceletPrashant Kumar
 
IoT and smart cities
IoT and smart citiesIoT and smart cities
IoT and smart citiesDunavNET
 
IoT Development - Opportunities and Challenges
IoT Development - Opportunities and ChallengesIoT Development - Opportunities and Challenges
IoT Development - Opportunities and ChallengesAsim Rais Siddiqui
 
Is there such a thing as the internet of things !
Is there such a thing as the internet of things !Is there such a thing as the internet of things !
Is there such a thing as the internet of things !Pierre Metivier
 
Cicret bracelet
Cicret braceletCicret bracelet
Cicret braceletAthul Anand
 
Hacking health: IoT, analytics and other trends
Hacking health: IoT, analytics and other trendsHacking health: IoT, analytics and other trends
Hacking health: IoT, analytics and other trendsJim Boland
 
Money pad the future wallet
Money pad the future walletMoney pad the future wallet
Money pad the future walletPalukuri Ashok
 
Presentation.pptx
Presentation.pptxPresentation.pptx
Presentation.pptxsrinivasareddyBaredd1
 

Contenu connexe

En vedette

Securing the Internet of Things - Hank Chavers
Securing the Internet of Things - Hank ChaversSecuring the Internet of Things - Hank Chavers
Securing the Internet of Things - Hank ChaversWithTheBest
 
SFO15-503: Secure storage in OP-TEE
SFO15-503: Secure storage in OP-TEESFO15-503: Secure storage in OP-TEE
SFO15-503: Secure storage in OP-TEELinaro
 
LAS16-504: Secure Storage updates in OP-TEE
LAS16-504: Secure Storage updates in OP-TEELAS16-504: Secure Storage updates in OP-TEE
LAS16-504: Secure Storage updates in OP-TEELinaro
 
Introduction to Optee (26 may 2016)
Introduction to Optee (26 may 2016)Introduction to Optee (26 may 2016)
Introduction to Optee (26 may 2016)Yannick Gicquel
 
LCU14-103: How to create and run Trusted Applications on OP-TEE
LCU14-103: How to create and run Trusted Applications on OP-TEELCU14-103: How to create and run Trusted Applications on OP-TEE
LCU14-103: How to create and run Trusted Applications on OP-TEELinaro
 
HKG15-311: OP-TEE for Beginners and Porting Review
HKG15-311: OP-TEE for Beginners and Porting ReviewHKG15-311: OP-TEE for Beginners and Porting Review
HKG15-311: OP-TEE for Beginners and Porting ReviewLinaro
 
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEEBKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEELinaro
 
IoT summit - Building flexible & secure IoT solutions
IoT summit - Building flexible & secure IoT solutionsIoT summit - Building flexible & secure IoT solutions
IoT summit - Building flexible & secure IoT solutionsEric Larcheveque
 

En vedette (8)

Securing the Internet of Things - Hank Chavers
Securing the Internet of Things - Hank ChaversSecuring the Internet of Things - Hank Chavers
Securing the Internet of Things - Hank Chavers
 
SFO15-503: Secure storage in OP-TEE
SFO15-503: Secure storage in OP-TEESFO15-503: Secure storage in OP-TEE
SFO15-503: Secure storage in OP-TEE
 
LAS16-504: Secure Storage updates in OP-TEE
LAS16-504: Secure Storage updates in OP-TEELAS16-504: Secure Storage updates in OP-TEE
LAS16-504: Secure Storage updates in OP-TEE
 
Introduction to Optee (26 may 2016)
Introduction to Optee (26 may 2016)Introduction to Optee (26 may 2016)
Introduction to Optee (26 may 2016)
 
LCU14-103: How to create and run Trusted Applications on OP-TEE
LCU14-103: How to create and run Trusted Applications on OP-TEELCU14-103: How to create and run Trusted Applications on OP-TEE
LCU14-103: How to create and run Trusted Applications on OP-TEE
 
HKG15-311: OP-TEE for Beginners and Porting Review
HKG15-311: OP-TEE for Beginners and Porting ReviewHKG15-311: OP-TEE for Beginners and Porting Review
HKG15-311: OP-TEE for Beginners and Porting Review
 
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEEBKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
 
IoT summit - Building flexible & secure IoT solutions
IoT summit - Building flexible & secure IoT solutionsIoT summit - Building flexible & secure IoT solutions
IoT summit - Building flexible & secure IoT solutions
 

Similaire à SmartCard Forum 2011 - Chytré karty dnes a za 20 let

Ppt digital jewelry prachi jain 110155
Ppt digital jewelry prachi jain 110155Ppt digital jewelry prachi jain 110155
Ppt digital jewelry prachi jain 110155Prachi Jain
 
e-wallet , The future of Cards and Money
e-wallet , The future of Cards and Moneye-wallet , The future of Cards and Money
e-wallet , The future of Cards and MoneyVikram Dahiya
 
Digital Jewellery compiled by Anshika Nigam
Digital Jewellery compiled by Anshika NigamDigital Jewellery compiled by Anshika Nigam
Digital Jewellery compiled by Anshika NigamAnshika Nigam
 
CONNECTED OBJECTS - how NFC technology enables a more environmentally-friendl...
CONNECTED OBJECTS - how NFC technology enables a more environmentally-friendl...CONNECTED OBJECTS - how NFC technology enables a more environmentally-friendl...
CONNECTED OBJECTS - how NFC technology enables a more environmentally-friendl...Pierre Metivier
 
IoT and smart cities
IoT and smart citiesIoT and smart cities
IoT and smart citiesDunavNET
 
IoT Development - Opportunities and Challenges
IoT Development - Opportunities and ChallengesIoT Development - Opportunities and Challenges
IoT Development - Opportunities and ChallengesAsim Rais Siddiqui
 
Is there such a thing as the internet of things !
Is there such a thing as the internet of things !Is there such a thing as the internet of things !
Is there such a thing as the internet of things !Pierre Metivier
 
Hacking health: IoT, analytics and other trends
Hacking health: IoT, analytics and other trendsHacking health: IoT, analytics and other trends
Hacking health: IoT, analytics and other trendsJim Boland
 
Money pad the future wallet
Money pad the future walletMoney pad the future wallet
Money pad the future walletPalukuri Ashok
 
SIGFOX basics for Intel IoT Roadshow
SIGFOX basics for Intel IoT RoadshowSIGFOX basics for Intel IoT Roadshow
SIGFOX basics for Intel IoT RoadshowNicolas Lesconnec
 
Near Field Communication on iPhone with iCarte
Near Field Communication on iPhone with iCarteNear Field Communication on iPhone with iCarte
Near Field Communication on iPhone with iCarteAndrew Roughan
 
Mobile Payments Vision Euro-Wallet
Mobile Payments Vision Euro-WalletMobile Payments Vision Euro-Wallet
Mobile Payments Vision Euro-WalletEuroWallet
 
Some thoughts on IoT, HKNOG 4.0
Some thoughts on IoT, HKNOG 4.0Some thoughts on IoT, HKNOG 4.0
Some thoughts on IoT, HKNOG 4.0APNIC
 
Narayanicollegeforprofessionalstudies2 131219231751-phpapp01
Narayanicollegeforprofessionalstudies2 131219231751-phpapp01Narayanicollegeforprofessionalstudies2 131219231751-phpapp01
Narayanicollegeforprofessionalstudies2 131219231751-phpapp01archana sawant
 

Similaire à SmartCard Forum 2011 - Chytré karty dnes a za 20 let (20)

Codebits 2011
Codebits 2011Codebits 2011
Codebits 2011
 
Ppt digital jewelry prachi jain 110155
Ppt digital jewelry prachi jain 110155Ppt digital jewelry prachi jain 110155
Ppt digital jewelry prachi jain 110155
 
e-wallet , The future of Cards and Money
e-wallet , The future of Cards and Moneye-wallet , The future of Cards and Money
e-wallet , The future of Cards and Money
 
Digital Jewellery compiled by Anshika Nigam
Digital Jewellery compiled by Anshika NigamDigital Jewellery compiled by Anshika Nigam
Digital Jewellery compiled by Anshika Nigam
 
Cicretbracelet
CicretbraceletCicretbracelet
Cicretbracelet
 
CONNECTED OBJECTS - how NFC technology enables a more environmentally-friendl...
CONNECTED OBJECTS - how NFC technology enables a more environmentally-friendl...CONNECTED OBJECTS - how NFC technology enables a more environmentally-friendl...
CONNECTED OBJECTS - how NFC technology enables a more environmentally-friendl...
 
Cicrete bracelet
Cicrete braceletCicrete bracelet
Cicrete bracelet
 
IoT and smart cities
IoT and smart citiesIoT and smart cities
IoT and smart cities
 
IoT Development - Opportunities and Challenges
IoT Development - Opportunities and ChallengesIoT Development - Opportunities and Challenges
IoT Development - Opportunities and Challenges
 
Is there such a thing as the internet of things !
Is there such a thing as the internet of things !Is there such a thing as the internet of things !
Is there such a thing as the internet of things !
 
Cicret bracelet
Cicret braceletCicret bracelet
Cicret bracelet
 
Hacking health: IoT, analytics and other trends
Hacking health: IoT, analytics and other trendsHacking health: IoT, analytics and other trends
Hacking health: IoT, analytics and other trends
 
Money pad the future wallet
Money pad the future walletMoney pad the future wallet
Money pad the future wallet
 
Presentation.pptx
Presentation.pptxPresentation.pptx
Presentation.pptx
 
SIGFOX basics for Intel IoT Roadshow
SIGFOX basics for Intel IoT RoadshowSIGFOX basics for Intel IoT Roadshow
SIGFOX basics for Intel IoT Roadshow
 
Near Field Communication on iPhone with iCarte
Near Field Communication on iPhone with iCarteNear Field Communication on iPhone with iCarte
Near Field Communication on iPhone with iCarte
 
Mobile Payments Vision Euro-Wallet
Mobile Payments Vision Euro-WalletMobile Payments Vision Euro-Wallet
Mobile Payments Vision Euro-Wallet
 
Some thoughts on IoT, HKNOG 4.0
Some thoughts on IoT, HKNOG 4.0Some thoughts on IoT, HKNOG 4.0
Some thoughts on IoT, HKNOG 4.0
 
Narayanicollegeforprofessionalstudies2 131219231751-phpapp01
Narayanicollegeforprofessionalstudies2 131219231751-phpapp01Narayanicollegeforprofessionalstudies2 131219231751-phpapp01
Narayanicollegeforprofessionalstudies2 131219231751-phpapp01
 
Internet of things(IOT)
Internet of things(IOT)Internet of things(IOT)
Internet of things(IOT)
 

Plus de OKsystem

Smart Cards & Devices Forum 2013 - Aritmetika s velkými čísly
Smart Cards & Devices Forum 2013 - Aritmetika s velkými číslySmart Cards & Devices Forum 2013 - Aritmetika s velkými čísly
Smart Cards & Devices Forum 2013 - Aritmetika s velkými číslyOKsystem
 
Smart Cards & Devices Forum 2013 - Mobile financial services
Smart Cards & Devices Forum 2013 - Mobile financial servicesSmart Cards & Devices Forum 2013 - Mobile financial services
Smart Cards & Devices Forum 2013 - Mobile financial servicesOKsystem
 
Smart Cards & Devices Forum 2013 - Komerční prezentace aplikace cryptocult
Smart Cards & Devices Forum 2013 - Komerční prezentace aplikace cryptocultSmart Cards & Devices Forum 2013 - Komerční prezentace aplikace cryptocult
Smart Cards & Devices Forum 2013 - Komerční prezentace aplikace cryptocultOKsystem
 
Smart Cards & Devices Forum 2013 - Cards going mobile
Smart Cards & Devices Forum 2013 - Cards going mobileSmart Cards & Devices Forum 2013 - Cards going mobile
Smart Cards & Devices Forum 2013 - Cards going mobileOKsystem
 
Smart Cards & Devices Forum 2013 - Babel
Smart Cards & Devices Forum 2013 - BabelSmart Cards & Devices Forum 2013 - Babel
Smart Cards & Devices Forum 2013 - BabelOKsystem
 
Smart Cards & Devices Forum 2013 - Zabezpečení mobilních bankovnictví
Smart Cards & Devices Forum 2013 - Zabezpečení mobilních bankovnictvíSmart Cards & Devices Forum 2013 - Zabezpečení mobilních bankovnictví
Smart Cards & Devices Forum 2013 - Zabezpečení mobilních bankovnictvíOKsystem
 
Smart Cards & Devices Forum 2013 - Protecting enterprise sensitive informatio...
Smart Cards & Devices Forum 2013 - Protecting enterprise sensitive informatio...Smart Cards & Devices Forum 2013 - Protecting enterprise sensitive informatio...
Smart Cards & Devices Forum 2013 - Protecting enterprise sensitive informatio...OKsystem
 
Smart Cards & Devices Forum 2013 - Security on mobile
Smart Cards & Devices Forum 2013 - Security on mobileSmart Cards & Devices Forum 2013 - Security on mobile
Smart Cards & Devices Forum 2013 - Security on mobileOKsystem
 
Smart Cards & Devices Forum 2013 - Wi-fi protected setup
Smart Cards & Devices Forum 2013 - Wi-fi protected setupSmart Cards & Devices Forum 2013 - Wi-fi protected setup
Smart Cards & Devices Forum 2013 - Wi-fi protected setupOKsystem
 
Smart Cards & Devices Forum 2013 - Šifrování hlasu včera a dnes
Smart Cards & Devices Forum 2013 - Šifrování hlasu včera a dnesSmart Cards & Devices Forum 2013 - Šifrování hlasu včera a dnes
Smart Cards & Devices Forum 2013 - Šifrování hlasu včera a dnesOKsystem
 
Smart Cards & Devices Forum 2013 - [NFC@Telefonica CZ] Near Future Cases
Smart Cards & Devices Forum 2013 - [NFC@Telefonica CZ] Near Future CasesSmart Cards & Devices Forum 2013 - [NFC@Telefonica CZ] Near Future Cases
Smart Cards & Devices Forum 2013 - [NFC@Telefonica CZ] Near Future CasesOKsystem
 
Smart Card and Strong Cryptography for instant security
Smart Card and Strong Cryptography for instant securitySmart Card and Strong Cryptography for instant security
Smart Card and Strong Cryptography for instant securityOKsystem
 
OKbase - Efektivní využití moderních IT nástrojů při řízení HR
OKbase - Efektivní využití moderních IT nástrojů při řízení HROKbase - Efektivní využití moderních IT nástrojů při řízení HR
OKbase - Efektivní využití moderních IT nástrojů při řízení HROKsystem
 
OKbase - Optimalizujte náklady na vzdělávání moderně
OKbase - Optimalizujte náklady na vzdělávání moderněOKbase - Optimalizujte náklady na vzdělávání moderně
OKbase - Optimalizujte náklady na vzdělávání moderněOKsystem
 
OKbase - moderní IT nástroj pro HR
OKbase - moderní IT nástroj pro HROKbase - moderní IT nástroj pro HR
OKbase - moderní IT nástroj pro HROKsystem
 
OKadresy - (nejen) od UIR-ADR k RUIAN
OKadresy - (nejen) od UIR-ADR k RUIANOKadresy - (nejen) od UIR-ADR k RUIAN
OKadresy - (nejen) od UIR-ADR k RUIANOKsystem
 
Software pro čipové karty
Software pro čipové kartySoftware pro čipové karty
Software pro čipové kartyOKsystem
 
MicroStrategy GI a GIS Connector
MicroStrategy GI a GIS ConnectorMicroStrategy GI a GIS Connector
MicroStrategy GI a GIS ConnectorOKsystem
 
Od atributu k reportu
Od atributu k reportuOd atributu k reportu
Od atributu k reportuOKsystem
 
Outsourcing - pohled dodavatele
Outsourcing - pohled dodavateleOutsourcing - pohled dodavatele
Outsourcing - pohled dodavateleOKsystem
 

Plus de OKsystem (20)

Smart Cards & Devices Forum 2013 - Aritmetika s velkými čísly
Smart Cards & Devices Forum 2013 - Aritmetika s velkými číslySmart Cards & Devices Forum 2013 - Aritmetika s velkými čísly
Smart Cards & Devices Forum 2013 - Aritmetika s velkými čísly
 
Smart Cards & Devices Forum 2013 - Mobile financial services
Smart Cards & Devices Forum 2013 - Mobile financial servicesSmart Cards & Devices Forum 2013 - Mobile financial services
Smart Cards & Devices Forum 2013 - Mobile financial services
 
Smart Cards & Devices Forum 2013 - Komerční prezentace aplikace cryptocult
Smart Cards & Devices Forum 2013 - Komerční prezentace aplikace cryptocultSmart Cards & Devices Forum 2013 - Komerční prezentace aplikace cryptocult
Smart Cards & Devices Forum 2013 - Komerční prezentace aplikace cryptocult
 
Smart Cards & Devices Forum 2013 - Cards going mobile
Smart Cards & Devices Forum 2013 - Cards going mobileSmart Cards & Devices Forum 2013 - Cards going mobile
Smart Cards & Devices Forum 2013 - Cards going mobile
 
Smart Cards & Devices Forum 2013 - Babel
Smart Cards & Devices Forum 2013 - BabelSmart Cards & Devices Forum 2013 - Babel
Smart Cards & Devices Forum 2013 - Babel
 
Smart Cards & Devices Forum 2013 - Zabezpečení mobilních bankovnictví
Smart Cards & Devices Forum 2013 - Zabezpečení mobilních bankovnictvíSmart Cards & Devices Forum 2013 - Zabezpečení mobilních bankovnictví
Smart Cards & Devices Forum 2013 - Zabezpečení mobilních bankovnictví
 
Smart Cards & Devices Forum 2013 - Protecting enterprise sensitive informatio...
Smart Cards & Devices Forum 2013 - Protecting enterprise sensitive informatio...Smart Cards & Devices Forum 2013 - Protecting enterprise sensitive informatio...
Smart Cards & Devices Forum 2013 - Protecting enterprise sensitive informatio...
 
Smart Cards & Devices Forum 2013 - Security on mobile
Smart Cards & Devices Forum 2013 - Security on mobileSmart Cards & Devices Forum 2013 - Security on mobile
Smart Cards & Devices Forum 2013 - Security on mobile
 
Smart Cards & Devices Forum 2013 - Wi-fi protected setup
Smart Cards & Devices Forum 2013 - Wi-fi protected setupSmart Cards & Devices Forum 2013 - Wi-fi protected setup
Smart Cards & Devices Forum 2013 - Wi-fi protected setup
 
Smart Cards & Devices Forum 2013 - Šifrování hlasu včera a dnes
Smart Cards & Devices Forum 2013 - Šifrování hlasu včera a dnesSmart Cards & Devices Forum 2013 - Šifrování hlasu včera a dnes
Smart Cards & Devices Forum 2013 - Šifrování hlasu včera a dnes
 
Smart Cards & Devices Forum 2013 - [NFC@Telefonica CZ] Near Future Cases
Smart Cards & Devices Forum 2013 - [NFC@Telefonica CZ] Near Future CasesSmart Cards & Devices Forum 2013 - [NFC@Telefonica CZ] Near Future Cases
Smart Cards & Devices Forum 2013 - [NFC@Telefonica CZ] Near Future Cases
 
Smart Card and Strong Cryptography for instant security
Smart Card and Strong Cryptography for instant securitySmart Card and Strong Cryptography for instant security
Smart Card and Strong Cryptography for instant security
 
OKbase - Efektivní využití moderních IT nástrojů při řízení HR
OKbase - Efektivní využití moderních IT nástrojů při řízení HROKbase - Efektivní využití moderních IT nástrojů při řízení HR
OKbase - Efektivní využití moderních IT nástrojů při řízení HR
 
OKbase - Optimalizujte náklady na vzdělávání moderně
OKbase - Optimalizujte náklady na vzdělávání moderněOKbase - Optimalizujte náklady na vzdělávání moderně
OKbase - Optimalizujte náklady na vzdělávání moderně
 
OKbase - moderní IT nástroj pro HR
OKbase - moderní IT nástroj pro HROKbase - moderní IT nástroj pro HR
OKbase - moderní IT nástroj pro HR
 
OKadresy - (nejen) od UIR-ADR k RUIAN
OKadresy - (nejen) od UIR-ADR k RUIANOKadresy - (nejen) od UIR-ADR k RUIAN
OKadresy - (nejen) od UIR-ADR k RUIAN
 
Software pro čipové karty
Software pro čipové kartySoftware pro čipové karty
Software pro čipové karty
 
MicroStrategy GI a GIS Connector
MicroStrategy GI a GIS ConnectorMicroStrategy GI a GIS Connector
MicroStrategy GI a GIS Connector
 
Od atributu k reportu
Od atributu k reportuOd atributu k reportu
Od atributu k reportu
 
Outsourcing - pohled dodavatele
Outsourcing - pohled dodavateleOutsourcing - pohled dodavatele
Outsourcing - pohled dodavatele
 

Dernier

AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)Samir Dash
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontologyjohnbeverley2021
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKJago de Vreede
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...apidays
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdfSandro Moreira
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Victor Rentea
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamUiPathCommunity
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistandanishmna97
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...Zilliz
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 

Dernier (20)

AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 

SmartCard Forum 2011 - Chytré karty dnes a za 20 let

  • 1. Chytré karty dnes a za 20 let... SmartCardForum 2011 Jan Němec Gemalto Květen 2011
  • 2. Agenda Chytré karty včera, dnes a za 20 let eGo Bezpečnost mobilních telefonů SmartCardForum 2011 – Chytré karty dnes a za 20 let ... 2
  • 3. Smart cards SmartCardForum 2011 – Chytré karty dnes a za 20 let ... 3
  • 4. Smart Cards predecessors … 1950 - plastic cards used for payment issued by Diners Club 200 customers in 27 restaurants in New York 1960ths - magnetic stripe cards London Transit Authority installed a magnetic stripe system SmartCardForum 2011 – Chytré karty dnes a za 20 let ... 4
  • 5. … Smart Cards vision 5 year ago … Source: Chandan – blog SmartCardForum 2011 – Chytré karty dnes a za 20 let ... 5
  • 6. … Smart Cards vision today Sources: http://www.upgradeyourbody.com http://www.ego-project.eu/ SmartCardForum 2011 – Chytré karty dnes a za 20 let ... 6
  • 7. What you touch is yours SmartCardForum 2011 – Chytré karty dnes a za 20 let ... 7
  • 8. Everywhere… Any Phone is mine, anywhere! Eve has: Eve did not: • borrowed a phone • Insert a card • placed a phone call • Enter a code in the handset • returned the phone • Charge the call on the phone owner’s bill SmartCardForum 2011 – Chytré karty dnes a za 20 let ... 8
  • 9. Fast… Just take it! Jeanne has: Jeanne did not: • Selected her drink • Open her handbag and grab her • Taken it purse • Use her credit card • Insert coins SmartCardForum 2011 – Chytré karty dnes a za 20 let ... 9
  • 10. Friendly… No more user name/password! Pierre has: Pierre did not: • touched his mouse • Enter a login and a password • Worked within his private • Insert a card environment SmartCardForum 2011 – Chytré karty dnes a za 20 let ... 10
  • 11. Intuitive… Open a door without handling a key! John has: John did not • Opened the door • turn a key SmartCardForum 2011 – Chytré karty dnes a za 20 let ... 11
  • 12. Safe… Only my swimming suit and my bath-towel! Eve has: Eve did not: • closed her home door • Be concerned about leaving • Stepped into her car anything on the beach during her • Driven to the beach bath • Purchased a bottle of iced tea • Placed a phone call SmartCardForum 2011 – Chytré karty dnes a za 20 let ... 12
  • 13. A wireless world Ubiquity • Everywhere • I can use all objects around me Security • All transactions are: anonymous, authenticated and non traceable Autonomy • Guarantee of mission of at least a day Connectivity • Easy and intuitive pairing and collaboration between smart No more physical connectors objects SmartCardForum 2011 – Chytré karty dnes a za 20 let ... 13
  • 14. Easy pairing principle The principle involves two wireless technologies: • INTRA-BODY Communication: • very short operational range to unambiguously select the device to connect with • Ultra-Wide Band (UWB) with RTLS (Real Time Location Service) • Medium operational range, high-speed exchange for application data Step 1: Securely Pair two devices and bootstrap the UWB communication Step 2: Start Application via a fast and secure wireless network and monitor the distance between the two devices to control an operational and secure bubble SmartCardForum 2011 – Chytré karty dnes a za 20 let ... 14
  • 15. eGo: a wearable device eGo can be placed anywhere on the user’s body • An NFC antenna would require to be in close vicinity of the “reader” object, therefore would be wearable only when positioned close to the user’s hand. Reversely, IBC antenna can be placed anywhere on the user’s body. IBC-based devices are truly wearable: intra-body communication will bridge the two devices. No standard form factors Physically attached to clothes or garments you wear • Has to be kept close to your body at all time SmartCardForum 2011 – Chytré karty dnes a za 20 let ... 15
  • 16. Intra-body communication Capacitive Capacitive Sensing Sensing Capacitive Sensing Ultra-low power Low frequency (< 10 MHz) Conveys no application data Short range (< 20 mm) No direct skin contact needed. Work through gloves or clothes Low data rates (few dozens of kbit/s) SmartCardForum 2011 – Chytré karty dnes a za 20 let ... 16
  • 17. eGo: Two-Factor Authentication 1- What you wear • eGo is a wearable device 2- Who you are • A Single-Sign-On based on a fingerprint sensor SmartCardForum 2011 – Chytré karty dnes a za 20 let ... 17
  • 18. eGo: basic security concerns Active • When eGo is attached to your body and after a positive SSO Inactive • When eGo is not attached to your body SmartCardForum 2011 – Chytré karty dnes a za 20 let ... 18
  • 19. eGo: Enhanced Privacy Protection All transactions may be: • Anonymous • Non traceable • Authenticated Multiple Identity/Attributes Providers support Inherits from smart cards technology • Javacard • Global Platform SmartCardForum 2011 – Chytré karty dnes a za 20 let ... 19
  • 20. Application Distance Control with RTLS technology RTLS (Real Time Location Service) based control • +/- 10 cm accuracy • Courtesy of IEEE802.15.4a precision location Relay-attack protection • Application bubble controlled by the application • Completed with Out-Of-Band agreement SmartCardForum 2011 – Chytré karty dnes a za 20 let ... 20
  • 21. eGo and Safety Intra-Body Communication • eGo embeds only the receiver • eGo-ready device generates electric field bursts. SAR is 10 millions times lower than a mobile phone • Electric field based technologies are already use for: • biomedical sensors • Sensitive PC Pads, touch display • Sensitive button (lift button, electronic oven control,…) UWB IEEE802.15.4a • Ultra low spectral density: • 1000 times less than Bluetooth class 1 • Specific Absorption Rate • 3.5 GHz to 8GHz out of range of the water absorption (e.g. Body) which is around 2.4 GHz • Low power 3000 times lower than mobile phone • 99% of the working time in standby mode • The UWB and Intra-body technology are safe SmartCardForum 2011 – Chytré karty dnes a za 20 let ... 21
  • 22. Security in Handset Market SmartCardForum 2011 – Chytré karty dnes a za 20 let ... 22
  • 23. Malware Applications and Security Holes are Growing… January 11, 2010: Android app steals bank login details An application available via Google's Android Market was infected with a trojan designed to steal users' bank login details (…) May 27, 2010: Ubuntu Lucid (PC) can read your iPhone's secrets Do you have a PIN code on your iPhone? Well, it doesn’t prevent access to your data … When hooking up a non-jailbroken, fully up-to-date iPhone 3GS to a PC running Lucid Lynx … SmartCardForum 2011 – Chytré karty dnes a za 20 let ... 23
  • 24. Malware and Attacks in Smartphones are Growing! SmartCardForum 2011 – Chytré karty dnes a za 20 let ... 24
  • 25. Users are Delocking their Smarphones… Step 1: Set up ADB Step 2: Push exploid to /sqlite_stmt_journals "adb push exploid /sqlite_stmt_journals" Step 3: type "adb shell" Step 4: type "cd sqlite_stmt_journals" Step 5: type "chmod 755 exploid" Step 6: type "./exploid" and follow directions on screen Step 7: type "rootshell" Step 8: type in password "secretlol" Step 9: you’re in root! ⇒ Used by users to get access and full control to Android resources by exploiting Android security holes SmartCardForum 2011 – Chytré karty dnes a za 20 let ... 25
  • 26. Android Case Android security model based on end-user • User validates the application permissions at installation • Example: application X needs to access localization information • User is capable of modifying the whole Android system (fully open model) Android is a large and complex system Security holes that can be used by user and malware e.g. Just a few days to jailbreak a new Android phone model Any software or sensitive data needs to be isolated from Android SmartCardForum 2011 – Chytré karty dnes a za 20 let ... 26
  • 27. How to Secure Sensitive Applications? Software to be executed needs to be secured (code and data such as cryptographic keys) • Principle: isolation in a secure environment 1. Security for downloadable applications 2. Use of Trusted Execution Environment (TEE) 3. Use of external component: Secure Element User Interface needs to be secured • Sensitive information entry (e.g. password) • Transaction data to be validated (e.g. transaction amount) • Principle: Trusted User Interface via Trusted Execution Environment SmartCardForum 2011 – Chytré karty dnes a za 20 let ... 27
  • 28. What is a Trusted Execution Environment (TEE)? TEE provides hardware-based isolation from Rich OS such as Android, Windows Phone and Rich OS Application Environment Symbian. Trusted Execution Environment Trusted Trusted Trusted Application Application Application TEE runs on the main device DRM Payment Payment Corporate Corporate Client Applications processor TEE has privileged access to device API GlobalPlatformTEE Internal API resources (user interface, crypto GlobalPlatform TEE Client API accelerators, secure elements, …) Trusted Core Trusted Environment Kernel TEE Functions Rich OS Security Requirements by HW Secure Resources Hardware Platform Advanced Trusted Environment: OMTP TR1 SmartCardForum 2011 – Chytré karty dnes a za 20 let ... 28
  • 29. Trusted Execution Environment Innovative solution from the mobile industry Hardware protection exists in mobile processors to isolate critical data and code Main OS Environment Trusted Execution Environment SECURE SERVICES APPLICATIONS TRUSTED EXECUTION OS ENVIRONMENT OS (Trusted Logic Trusted Foundations™) Smartphone Processor SmartCardForum 2011 – Chytré karty dnes a za 20 let ... 29
  • 30. What GlobalPlatform Defines Rich OS Application Environment Trusted Execution Environment Trusted Trusted Trusted Application Application Application Client Applications DRM Payment Payment Corporate Corporate TEE APIs GlobalPlatform GlobalPlatform TEE FunctionalAPI TEE Functional API GlobalPlatformTEE Internal API GlobalPlatformTEE Internal GlobalPlatform TEE Client API GlobalPlatformTEE Client API Trusted Core Trusted Core Trusted TEE Environment Environment Functions Compliance Rich OS and TEE Kernel Security HW Keys, Secure Storage, Certification HW Secure Trusted UI (Keypad, Screen), Crypto accelerators, Hardware Platform Resources NFC controller, Secure Element, etc. SmartCardForum 2011 – Chytré karty dnes a za 20 let ... 30
  • 31. Your questions ... ... thank you! SmartCardForum 2011 – Chytré karty dnes a za 20 let ... 31