Reputation: 481
Is it possible to send APDUs to an HCE service from Android userland?
I apologize in advance if my question sounds stupid, I'm not a developer and the answer might be obvious (but not to me at least…).
I'm interested in the possibilities of the relatively new Host Card Emulation introduced in Android Kit-Kat.
With the former Secure-Element-based NFC applications, it was possible to exchange APDUs with an applet hosted in the SE either through the NFC controller or the "contact" interface (the socket between the chip and the phone).
The latter enables communication between the SE and an application running in Android userland (which can act as a proxy for a remote server). The authorization for an application to communicate with an applet was granted based on some kind of hash of the application that had to be "injected" beforehand in the SE — as far as I know this security mechanism is part of Global Platform specifications.
I have a doubt regarding a similar possibility with HCE since I read this section in the Google documentation:
The HCE architecture itself provides one core piece of security: because your service is protected by the BIND_NFC_SERVICE system permission, only the OS can bind to and communicate with your service.
It makes me think that it's not possible for a userland application to exchange APDUs with an HCE service — it can only occurs from "the outside" via the NFC controller. In case I'm wrong, how to do it and is there any security mechanism to control which userland application can communicate with an HCE service ?
I'm asking theses questions because I want to know whether it's possible to develop an Android application capable of showing the content of a card emulated via HCE and initiating transactions between a remote server (which acts as a NFC reader) and the HCE service.
Thanks for your time!
Upvotes: 1
Views: 701
Answers (1)
Reputation: 86393
It makes me think that it's not possible for a userland application to exchange APDUs with an HCE service — it can only occurs from "the outside" via the NFC controller.
This is in general true. There is no mechanism that allows an application to talk to a HCE service. However, just because there is no mechanism doesn't mean that is impossible to build one, assumed that you have control over the HCE service and the application.
In case I'm wrong, how to do it and is there any security mechanism to control which userland application can communicate with an HCE service?
There are multiple options. To pick a simple one, take a look at the Unix Domain Sockets android.net.LocalSocket. You can use this mechanism to build a communication channel between applications and your HCE service. It works more or less like any socket communication between applications and the internet, but the communication is restricted to the local device. The getPeerCredentials member function of LocalSocket also allows you do check who tries to connect to you based on group, process and user-id.
Upvotes: 0
Related Questions
- ADPU Service in iOS
- How to set mobile as NFC tag with host-based card emulation (HCE)
- Control full APDU with NFC Software Card Emulation on Android
- KitKat: How to route APDUs to the SIM
- How to send a command APDU to a HCE device?
- Android HCE service
- Android HCE: are there rules for AID?
- Android nfc send message to to and from HCE?
- How gets an android app registered in the OS
- Use NFC device as NFC tag