1

How can I access a MIFARE DESFire card using an Android phone as NFC reader? I am planning to develop an android application (for payment) on Android phone.

The DESFire operations (Authentication, Read and Write) that I want to perform using the Android phone need a SAM card, I thought I can emulate that SAM card in the phone using HCE.

Michael Roland
  • 39,663
  • 10
  • 99
  • 206
Donn
  • 11
  • 1
  • 2
  • Is it possible to implement NFC Payment using Android Phone as POS(Terminal) and Mifare DESFire card using Host Card Emulation? Thanks in advance – Donn Aug 19 '14 at 07:58
  • Do you want to use the phone in HCE mode (i.e. to emulate a DESFire card that is then usable with an external reader) or in reader mode (i.e. to access an external DESFire card with the phone)? – Michael Roland Sep 10 '14 at 05:31
  • @MichaelRoland, reader mode (i.e. to access an external DESFire card with the phone)? this is what I want to do. is it possible? – Donn Sep 16 '14 at 03:34
  • So your question is not about host card emulation but about "regular" reader mode. Host card emulation would be for scenarios where the phone acts as the **card**. I updated you question accordingly. – Michael Roland Sep 21 '14 at 21:06
  • @MichaelRoland thanks for the reply. So there's no need to use HCE in that setup? I want to perform DESFire operation (Authentication, Read and Write) using Android phone. Authentication needs SAM card, I thought I can emulated a SAM card in the phone (software) using HCE – Donn Sep 22 '14 at 07:20

2 Answers2

7

DESFire/DESFire EV1 cards communicate on top of the ISO/IEC 14443-4 data exchange protocol (ISO-DEP). Therefore, on Android devices, they can be accessed through the IsoDep class. So once you get your tag handle (Tag object), you can instantiate the IsoDep object using:

Tag tag = ...  // (e.g. get from NFC discovery intent)
IsoDep isoDep = IsoDep.get(tag);

You can connect to the card and use the IsoDep object's transceive() method to send commands to (and receive responses from) the card:

isoDep.connect();
byte[] response = isoDep.transsceive(command);

You can either use the DESFire native command set, the DESFire APDU wrapped native command set or the ISO/IEC 7816-4 command set (see the DESFire datasheet for more details). Due to known problems with the presence detection on some devices (which automatically sends READ BINARY APDUs to detect if a tag is still available), I strongly suggest to use either the APDU wrapped native command set or the ISO/IEC 7816-4 command set (see this question).

Now, the problematic part is the SAM. A SAM (Secure Access Module) is a secure smartcard chip that holds keys and performs security critical parts of the communication with the DESFire card. You cannot simply "emulate" such a SAM using host-based card emulation. That would not make much sense, as the whole idea of HCE is route communication from contactless smartcard readers through the NFC interface to the (insecure) application processor. Implementing the SAM functionality on the application processor would defeat the whole purpose (i.e. high security level) of a dedicated SAM chip. Moreover, in order to emulate SAM functionality, you would not need HCE as you could directly store the credentials for access to the DESFire card within your application.

An option that you might have is to use a cloud-based secure element approach. Thus, you could have the SAM functionality on a server/in the cloud and route the communication with your DESFire card though your app to that server.

byte[] command = receiveCommandFromBackend();  // receive command from server/cloud over the network
byte[] response = isoDep.transsceive(command);
sendResponseToBackend(response); // send response to server/cloud over the network

To summarize this: You don't need HCE. Depending on your security requirements, you could either store the credentials for access to the DESFire cards within your app (note that an attacker might be able to extract that information) or you could use a cloud-based SE approach to shift the security critical parts to an online backend system (but that would typically require continuous network access during communication with the card).

Yet another approach would of course be to use a local secure element within your device, but that would require that you have access to it which is usually not easy/impossible.

Community
  • 1
  • 1
Michael Roland
  • 39,663
  • 10
  • 99
  • 206
  • @Ronald, thank you for the information! Now, I want to emulate Mifare DESFire card using HCE (Not in reader mode). I want the android nfc phone to function as Mifare DESFire card. Do you have idea on how to implement this? Thank you again for your help – Donn Oct 27 '14 at 03:02
  • Excuse me dear Mr.Roland, are DESFire cards a kind of Native cards? or they are Java Cards? Or they are just simple memory cards? I read the wiki page about Mifare cards, but it doesn't clarify somethings about DESFire cards. Does they support post-issuance applications? Or some specific applications masked in ROM and there is no way to add or remove any one? Any light on this issue highly appreciated. – Ebrahim Ghasemi Mar 14 '15 at 16:56
0

Mifare DESFire is not a standard for payment, you should rely on ISO14443-4 (i.e. ISO7816-4) instead, at least that's what all the big names did. These are also the standards that HCE is based upon. Having a payment system based on DESFire would probably be something very specific. The problem with DESFire is that it is proprietary technology. Developing a payment app using HCE is very challenging in terms of security.

Toluene
  • 751
  • 3
  • 9
  • Thank you for the reply. I am just searching if it is feasible to make an app that will credit/debit or even authenticate Mifare DESFire card using NFC Phones (to serve as SAM) using Host Card Emulation. Thank you for your help :) – Donn Aug 22 '14 at 09:22