Dean Koštomaj (2018) Offline use of smart card secure element on mobile devices. MSc thesis.
Abstract
In year 2013 Google has introduced technology for enabling mobile devices to emulate smart cards and doing so opened a way to a lot of new possibilities. One of them is implementation of virtual secure element which is a system that tries to protect sensitive data even though it is located in memory of a mobile device. Solution in this document tries to secure sensitive data with use of Android SafetyNet Attestation API, time limited and personalized cryptographic keys, Android Keystore, etc. This solution is intended for public transporters who need a solution to securely store data in mobile device memory since transactions on their terminals are done offline. In comparison with similar solutions we found out that our solution works with approximately same speed as physical smart cards and a lot faster than virtual smart card implemented in cloud.
Actions (login required)