The Concept of Secure Mobile Wallet

Hao Zhao, Sead Muftic School of Information and Communication Technologies (ICT) Royal Institute of Technology (KTH), Stockholm, Sweden hzhao@fc.dsv.su.se, sead@dsv.su.se Abstract
messages. For smart phones This paper describes our concept, and phones with memory cards design and current implementation of the additional functions are Secure Mobile Wallet. Mobile Wallet is an implemented and distributed as application stored in mobile phones software applications stored in providing to subscribers the possibility to the memory cards of mobile perform various mobile financial phones. So, one important transactions. In our approach Secure trend in mobile networks is to Mobile Wallet is stored and running in the provide new, additional services using Javacard SIM chip, called UICC. It mobile comprises several Javacard applets applications stored in the supporting several types of financial memory of mobile phones. transactions mobile banking, mobile payments, mobile commerce, mobile microloans, mobile ticketing, mobile promotions, and so on. Secure Mobile Wallet supports overthe-air (OTA) transactions based on SMS, GPRS, or mobile Internet protocols and also over thecounter (OTC) transactions based on NFC or Bluetooth protocols. For users, messages and data stored in the Secure Mobile Wallet are managed and maintained using both, OTA and OTC, protocols. Security is guaranteed by a combination of symmetric and asymmetric cryptography. As a clients application, the Secure Mobile Wallet is integrated into our larger, secure mobile transactions system SAFE.

1. Introduction
Mobile phones are today used mainly for communication purposes: i.e. making phone calls or sending SMS messages. But, new highend phones are already introducing new mobile services where mobile phones are used not only as communication, but also as information distribution and sometimes even as computing devices. For lowend phones current trends are to provide new mobile services, mostly based on background servers and simple communications using SMS or USSD

are usually without any Another characteristic of current mobileprivacy or security. With phone technologies and networks is thatexpanded reach of their they are all functioning as a very closed connectivity and expanded market. This can be illustrated by several scope of their applications, examples: (a) SIM chips vendors communication security although new SIM chips are based on Javabecomes more and more card technology, which may host multipleimportant issue. New applications in a SIM chip, currentlyfinancial, medical and other vendors of SIM chips do not allow dynamicmobile applications, handling download and updates of SIM chipsensitive data and operations, applications; (b) Network operators also require extended security usage, management, billing andof users and applications. So, communication services available to mobilethe third important users are closely determined and controlledrequirement and trend in by network operators; (c) Mobile Servicesmobile technologies and Providers currently, mobile services areapplications is the need for controlled by service providers andstronger security algorithms, therefore subscribers are not in the situationprotocols, applications and to select or change those services. Contrarylargescale infrastructures to the current situation, ISO, ETSI, GSMthat will provide protection of and other standardization bodies for mobileusers, communication technologies and networks suggest an open,messages, applications, and secure and flexible architecture andtheir data [2]. protocols for mobile applications [6]. Therefore, another important trend today 2. Secure Mobile Wallet is migration of mobile technologies, networks and applications towards an open Open serviceoriented and serviceoriented architecture. architecture for secure mobile Finally, current mobile phones, SMS or transactions is the system that USSD messages, applications and their data must be

978-0-9564263-7/6/$25.002011 IEEE

54

established as a large scale, secure and complete systemUSSD are basic services in each mobile network. For comprising several components. It involves mobilemobile transactions users must network operators, banks, credit card processors, smallmemorize abbreviated SMS messages of target merchants, Web merchants, and the most important,keywords. Background servers understand those client users. This paper describes only subscriberscommands and complete the operations according to the component of that large infrastructure, called Securerequests. Mobile Wallet. Since the previous two approaches are not so userfriendly, the other possibility is Mobile Wallet as 2.1. Significance for Markets software in mobile phones. This approach provides friendly GUI, so that users can perform transactions The primary market for the Secure Mobile Wallet isvery easily and without mistakes. The most important telecom market. Secondary markets are Web servicesadvantage of this approach is application level end-toproviders and financial services providers. Telecomend security. With this approach complete and market is one of the largest and the fastest growingintegrated security system, including authentication, international markets, not only in developed, but also inauthorization, confidentiality and integrity, which is developing countries. The number of mobile phones inessential for every financial transaction system, can also use today is in the range of several billions and thebe provided. coverage of mobile networks is almost complete around If Mobile Wallet is implemented in software stored in the globe. mobile phones, there are in principle two approaches: One of the very important initiatives for the described The first approach is to use Java technology, J2ME, Wallet are so called un-banked users. Those are personswhich is today standard component in every mobile (mainly in developing countries) that do not have bankphone. Hundreds of thousands of applications for accounts. Telecom companies are especially targetingmobile phones, developed through J2ME, are available those customers for their financial transactions. Verytoday on the market. These applications reside in the important market for Secure Mobile Wallet arenative memory of the handset or on an extra addon applications for un-banked users. Today, banks andmemory card. The implementation can provide telecom operators are very interested to expand theircomplete functions and very nice GUIs based on services to that population, but as we are all witnessing,features available in Java. Security services, like strong that expansion goes very slowly mainly due to the lack ofauthentication, confidentiality and integrity of easy-to-use and readily available products to support suchmessages, can also be provided. This approach is very services. convenient, but there are certain issues that have to be One very important type of financial transactions isresolved: 1) Users must personally download and preinternational transactions, called remittance. Today,install J2ME application; 2) If the application is stored especially transactions between developed andin the native memory, it is not easy to change handset; developing courtiers are very unstructured, unregulated3) There are already some malware modules for mobile and un-organized. Many Governments, internationaldevices and they can cause various problems. organizations, international and national law- The second and much better approach is to use enforcement agencies, and finally, endusers are allJavacard applet stored in the SIM chip of the mobile interested to use simple, secure, and readily availablephone, called UICC. The code is stored in the chip by system for international financial transfers, with lowtelecom vendor, during UICC personalization or over fees and quick transfer times. The proposed Wallet theair. Such Javacard application can construct nice could be one of the major incentives to establish suchGUIs supporting all application functions, and in system in the future. addition provide also strong security, based on native Finally, as suggested in [6], Secure Mobile Walletcrypto algorithms available in the chip. Such concept is can be extended with many new services functionscalled MultiApplication Platform [6]. Besides its main and internal data, to become truly multiapplicationrole, as Subscriber Identity Module (SIM), multiple UICC platform. other applications, like mobile transactions system, personal identity verification system, and heath care system, can be stored and run in the same UICC card at 22. Possible Approaches to Design the same time. and Implementation Our research and its main results are focused on solutions directed towards open, dynamic, standardized To implement Wallet for a mobile phone, there are several possible approaches. One approach is to use noand secure mobile network environments and applications. One component of that environment is wallet, i.e. performing mobile transactions by using Secure Mobile Wallet, which is described in this paper. simple SMS messages. The same approach can also be The characteristics of this Secure Mobile Wallet are the used with the USSD protocol [3]. SMS messages and following:

978-0-9564263-7/6/$25.002011 IEEE

55

0- It is based on the very capable and secure Javaprogramming APIs and implemented in the form of smart cards chip with large internal storageSAFE Wallet Middleware. Some examples are: (256K EEPROM), contact (ISO 7816) andSAFE_store_money(), SAFE_list_transactions(), etc. contactless (NearFieldCommunications Internal data model is the collection of data objects with NFC) protocols, and extended securityattributes and structure optimized for support to all Secure algorithms and capabilities, supportingMobile Wallet applicationlevel functions. All objects multiple applications (Javacard applets) [8]; have their Object Identifiers (OIDs), TagLengthValue 0- The next component is the set of Secure(TLV) encoding, and organization optimized for various Mobile Wallet applications, designed in thetransactions. At the moment OIDs are our own form of several Javacard applets, supporting(proprietary) due to the lack of established international identity verification and authentication ofstandards, but our intention is to submit our AID and OIDs subscribers (PIV applet [7]), security featuresfor international standardization. Individual attributes are and protocols (Security applet), secure m-grouped in objects optimized for various transactions and Banking and m-Commerce transactionstwo examples of such objects are: (Mobile Wallet) and in the future other mobile Table 1. Bank Account Object application applets; Bank Account Data (Container ID=03, MAX 0- The chip loaded with the collection of LENTH = 84 Bytes) Javacard applets is used in mobile phones as Attributes Tag Type Max. the new, so called UICC chip, hosting multiple (TLV) Bytes and dynamically managed applications; 01 Variable 34 0- Secure Mobile Wallet supports standard Bank IBAN Bank SWIFT 02 Variable 11 APDUs and GSM messages for deployment Code and management of mobile applications; and 03 Variable 9 0- Secure Mobile Wallet communicates with Bank Routing Number mobile phone and through it with backend Clearing 04 Fixed 4 components of serviceoriented architecture Number network servers for mobile applications, Account 05 Variable 16 management and security protocols. The concept of the Secure Mobile Wallet is that it is Number based on all relevant emerging standards, it provides Account Type 06 Fixed 1 functionalities of existing mobile phones, but it also Balance 07 Fixed 5 extends those functionalities with additional functions Account 08 Date(YYYY 4 and applications, it provides secure environment for Open Date MMDD) users and applications, and it is applicable in open, standard, mobile environments [1]. Table 2. SAFE System Data Object 3. Design of the Secure Mobile Wallet SAFE System Data (Container ID=04, MAX LENGTH = 54 Bytes) Our Secure Mobile Wallet is a set of Javacard applets Attributes Tag Type Max. loaded in the UICC chip of mobile phones. Following (TLV) Bytes standard approach, each applet has its Application SAFE System 01 Fixed 6 Identifier (AID). When designing applets several Short Code aspects must be specified [7]: SAFE 02 Fixed 10 - Applets functions, in the form of functional Account applicationlevel functions; Number - Internal data model needed to support those functions; SAFE PIN/ 03 Fixed 8 0- Card Command Interface (CCI), i.e. ISO 7816 Password APDUs that the applet supports; and Balance 04 Fixed 5 0- Eventually, applet middleware. Account 05 Date(YYYY 4 Our Secure Mobile Wallet supports four groups of Open Date MMDD) functions: (1) user identification and authentication SAFE Server 06 Variable 15 functions (using PIN and certificates), (2) various Mobile financial transactions (mBanking, stored money Number payments, prepaid accounts, etc.), (3) various m SAFE Server 07 Fixed 4 Commerce transactions (mobile tickets, mobile parking, IP Number etc.), and (4) security functions (encryption, signatures) 08 Fixed 2 [10]. Following the methodology in [7] all functions are SAFE Server Port specified in the form of highlevel

978-0-9564263-7/6/$25.002011 IEEE

56

Card Command Interface (CCI) is the set of ISOsoftware loaded in a SIM chip of a mobile phone. 7816 compliant commands. Wallet middlewareLoading is performed as described earlier. In this case, translates APIs into those commands and cardSecure Mobile Wallet uses proactive commands to responses with return codes and results. For verification communicate with the terminal device [4]. Using of the PIN and digital signature, we used CCIproactive commands Secure Mobile Wallet can commands from the FIPS 201 standard. However, sinceimplement all functions using APIs provided only by the Secure Mobile Wallet supports many mbankingthe libraries available in the card. All GUIs, financial and mcommerce functions, we designed our own CCIfunctions, communication and security are achieved commands for those functions. They use data stored inwithout any outside component. The complete Secure the Secure Mobile Wallet, as appropriate. Mobile Wallet is encapsulated in a SIM chip and since Wallet middleware is a layer of software forusers insert SIM chip into the handset, Secure Mobile bridging between applicationlevel APIs and CCIWallet is ready. No any pre-installations are needed. commands. It is implemented in Java and therefore may The other technology we used for alternative be used in mobile phones, in PoS devices, and forimplementation is WIB [9]. In this case Wallet does not applications in PCs. use proactive commands but special interface between itself and mobile phone.

4. Usage of Secure Mobile Wallet

4.3. NearField Communications (NFC)

Before being used, Secure Mobile Wallet (as applets) Application must be loaded into the UICC chip and also personalized. Based on the FIPS 201 and ETSI Our Secure Mobile Wallet works with both, contact standards, these operations may be performed overand contactless, protocols. When used in combination thecounter (OTC) and also overtheair (OTA) [5].with J2ME application or with proactive commands, For OTC Wallet management we use two approaches: Secure Mobile Wallet communicates with the outside extended Eclipse environment to manage smart cardworld through over theair protocol, GSM, and overapplets (JCOP) and extended PIV Card Managementthe-counter protocol, Bluetooth. But, if the UICC is also System to load and personalize Secure Mobile Walletcontactless (NFC), Secure Mobile Wallet can also be applets [8]. Of course, during OTC management theused for transactions through overthecounter UICC is still in the smart card housing. After OTCprotocol, NFC. In that case, standard contactless readers loading and personalization, UICC can be separatedfor smart cards or special PoS devices with NFC from the smart card housing into SIM housing andprotocol are used for interactions with the phone. inserted in the mobile phone. At the moment we did not design and implement OTA Wallet management. 5. Security Once inserted into a mobile phone, Secure Mobile Wallet can be used in several ways: Secure Mobile Wallet has strong security protecting for data, whenever they are stored in a phone or 4.1. Combination with J2ME Application transferred over-the-air. This is achieved using security features of a SIM card so it is impossible to access data In this case, besides Secure Mobile Wallet applets instored in the card illegally. Besides that, in our the UICC chip, we also load into a phone Walletapproach PKI infrastructure is chosen to protect data Application and Wallet middleware implemented aswhen they are transferred through GSM and Internet. J2ME applications. In this case, Wallet Application Another important security issue is the integrity of provides nice selection (dropdown) menus, data formsdata. Roll-back and backup mechanisms will be and display screens. The applets contain data anddesigned and implemented in Secure Mobile Wallet. perform various functions with that data, initiated byThey can prevent the data losing correctness when the Wallet Application. accidents happen, i.e. the mobile phone crashes and The advantage of this approach is that user interfaces communication through networks fails. are very nice and data are strongly protected in the applets. The disadvantage is that Wallet Application6. Conclusion must be separately loaded into mobile phones. Thus, this approach may not be feasible for all types of Our Secure Mobile Wallet is the product belonging to the latest technology trends in mobile mobile phones. communications and IT security. As the client application of the larger system, SAFE TM, Secure 4.2. SIM Chip Application Mobile Wallet will introduce convenience, functionality and security in financial mobile In this case, Secure Mobile Wallet is the only

978-0-9564263-7/6/$25.002011 IEEE

57

transaction. The aim of the design is to provide people a more flexible way to use cash and credit cards securely. To implement it, OTA and OTC protocols are used as communication channels and the SIM/UICC SIM card which is actually a smart card in the mobile phone is selected as the container to hold and run the application. The Secure Mobile Wallet may be either a Javacard applet or a SMARTTRUST wiblet but both can exploit the security advantages of the smart card to guarantee the safe of the data during storage and communication.

1]

Article, SETECS eyes market with security software, East and Central African Business Mirror, May June 2009 Baribea, S., Your Bank in Washington Post, January 2010 Your Pocket,

2] 3]

ETSI, Digital cellular telecommunications system(Phase 2+); Unstructured Supplementary Service Data (USSD) - Stage 1, ETSI TS 100.625 ETSI, Smart Cards, Card Application Toolkit (CAT)(Release 8), ETSI TS 102.223 V 8.2.0 ETSI, Smart Cards, Remote APDU structure for

4] 5]

7. Future Work

Our research and development in the near future will UICC based Applications, ETSI TS 102.226 include: Wallet 6] Lenhart. G., The Smart Card Platform, ETSI 0- Extending Secure Mobile Wallet functions to Technical Committee Smart Card Platform, support additional financial transactions and http://portal.etsi.org/scp/summary.asp (Access date: applications; 23 September 2009) 0- Design and implementation of a largescale m PKI that will support certificate functions 7] NIST, Federal Information Processing Standard for mobile devices and applications; (FIPS 201): Personal Identity Verification (PIV) 0- Design and implementation of a m-PKI client System, www.nist.gov (Access date: 17 November in the UICC, so that all certificate functions 2009) can originate in the UICC; [8] SETECS Inc., OneCARD System, Internal 0- Security for communication messages bases ondocumentation, www.setecs.com (Access date: 16 June 2010) a combined use of secret key and public key cryptography, with all security functions 9] Smart Trust WIBTM, www.smarttrust.com (Access performed inside the UICC; and date: 27 September 2010) 0- Secure OTA management of applets and data 10] Zhang, F., Secure Applications for Financial in the UICC.

8. References

Environments (SAFE) System, Licentiate thesis, Royal Institute of Technology, Stockholm, Sweden, June 2010

978-0-9564263-7/6/$25.002011 IEEE

58

PDF to Word