The document describes the StoLPaN project which aims to build a European NFC ecosystem. It discusses the key points of NFC including operating distance and data exchange rates. It outlines the project structure including developing a handset independent mobile host application to enable multiple NFC services on a phone. The objectives are to facilitate service definition, OTA requirements and leverage NFC to enhance business procedures.
Why Teams call analytics are critical to your entire business
Sto L Pa N@Nfc Academy 2009
1. … with NFC
The FP6 StoLPaN project:
Building up an European NFC ecosystem
16th February 2009, NFC Academy, Abu Dhabi
Carlo Maria Medaglia - CATTID, University of Rome “Sapienza”
carlomaria.medaglia@uniroma1.it
4. Activities
• Transportation
• Food traceability and Security
• Supply chain management
• RFID and wireless for cultural heritage
• RFID for inclusion
• Public Administration / Utilities
• Healthcare
• ……………….
Palma de Mallorca, 18th April 2008 4
5. NFC – Key Points
RFID object
13,56MHz RF
Link
Wireless Short Range Communication Technology
– Based on RFID technology at 13,56 MHz
– Operating distance up to 10 cm
– Compatible with today’s field proven contactless Mifare®
and FeliCa™ smart cards (Std. ISO 14443)
– Data exchange rate today up to 424kbit/s
– ISO18092: NFCIP-1 Interface & Protocol
– ISO21481: NFCIP-2 Interface & Protocol
6. NFC - Different Types of Apps
Mobile Payment & Transaction
NFC represents the 2 generation of the proximity contact-less
nd
technology, which beyond the RFID, supports peer-to-peer
communication, and enables consumer access to aggregated
payment
services, anytime, anywhere, with any type of consumer stationary
and mobile devices.
NFC is a Short Range card wireless technology designed to exchange
NFC Device
NF C
Peer to Peer
data, initiate connections with other wireless networks and act as
communication
Secure NFC pairing
a secured smart key for access to services such as cashless
payment, ticketing, on-line entertainment and access control
Access info on-the-move
NFC reader
7. NFC - Technology
An NFC phone is composed by:
a CPU
a RFID antenna
a NFC chip
a Secure Element
The Secure Element can be: CPU
ISO 7816
inside the handset (S2C) SWP
S2C
inside the SIM Card (SWP)
Chip NFC SE
inside an SD card
Antenna NFC
8. NFC@CATTID
In November 2006 CATTID joined the NFC Forum
as a Non-Profit member.
CATTID is in charge of RFID and NFC-related
activities in behalf of the International Observatory
Cards.
CATTID is also one of the partner of the StoLPaN
Project, funded by the European Commission within
the Sixth Framework Programme (end Oct 2009).
9. StoLPaN Overview
StoLPaN (Store Logistics and Payment with NFC) is a pan-European
consortium of companies, universities and user groups which works on the
dynamic management of multiple NFC applications on the mobile phone.
10. Vision
Although Alice bought the phone in Italy without any preloaded NFC content or
data and Charles would like to use it for NFC in the UK, it works fine.
The NFC service provider recognize that the phone has multiple Secure
Elements. The NFC service provider has the policy that if no O2 SIM as SE is
found than it should be let the user to decide where to load the application. Joe
loads it on the handset embedded SE.
11. Vision
Charles can make a backup of his applications.
This is how he can be safe in case he loose his phone.
12. Vision
Charles travels to a different country. He can check if the city transport can be
used with NFC and if so he downloads the application to one of his secure
elements before he would leave for the country. But it is also possible that he
simply downloads the application at the airport only, by touching a smart poster.
When a certain application has a monthly fee and Charles feels that he will not
need the application any more, he has the option to delete the application from
his portfolio
13. Objectives
Development of a handset independent J2ME-based mobile
host application to provide seamlessly multiple services
Facilitate the definition of possible services and user profiles
Priorization, automatic/manual mode, local/global, UI
Investigate the OTA requirements and interoperability
Leverage on NFC to enhance the bussiness procedures
Proof of concept of the StoLpaN solution
Portability, tests, demonstrations,usability studies, business
model
14. Project Structure
Mobile Phone Track: To define secure interoperable operating
environment for managing multiple 3rd NFC services on mobile devices to
enable mass deployment
Retail Track: To demonstrate the use of the methodology in high street
phones and in-store support devices
15. Project Structure
Research and Develop a multi-application
environment for NFC phones
Increase value for content and services by
utilizing the capability of the NFC phone
o Display, OTA, Secure Element
Contribute to the NFC ecosystem
o Business, Technical, Legal, Security and Regulatory
16. Host Concept
The StoLPaN consortium is working on a Java
based mobile HOST application that will enable
NFC mobile phones to run different applications
within the same NFC chip in a transparent
environment, neutralizing specifics of the handset
design.
Common interface
Different applications
Security level
Physical layer
19. … to one single HOST
Single application Multiple
applications in
HOST
• The handset is a brand new environment for the Multiple
legacy service providers applications in
the handset
22. Current Mobile NFC Ecosystem
• Four Main Players
– Mobile Network Operator (MNO)
• Supplier of the mobile network infrastructure, including
– Primary provider of NFC-enabled handset
– Secure Element (SIM)
• Legal owner of the SIM
– Service Provider
• Provider of the contactless application(s) loaded onto the NFC-enabled
handset
• Responsible for the efficient operation and legal aspects associated with
their application
– Trusted Service Provider
• Interface between the service provider and multiple MNOs
• Responsible for the secure loading and management of the service
provider’s application into the Secure Element
• Manages commercial relationship between MNO and Service Provider
– Consumer
• Initiates download of applications onto their NFC-enabled phone
• Uses the applications at point of sale or service
22
23. How the NFC Ecosystem will work
11
Se rvice Provide rs
hird Parties
MNO 5 20
rusted T
MVNO
T
50
23
24. Roles
Service Issuer
provider of SE
Trusted Trusted
Service Service
Manager Manager
OTA
provider
OTA OTA
provider provider
physical connection User
logical connection
25. TSM
• Optional support function
– dual functionality
– more than one TSM in a single process
• Service provider support
– value added functions
– remote application management
– remote content management
• User support
– application or portfolio back up
– portfolio reestablishment
• Not a service to cover technical imperfections because these
issues need to covered by standards
– diversity of phones
– diversity of OTA services
– diversity of cards
26. The framework – application lifecycle
START
Midlet delivery / C2S
Application The user finds and requests the application:
communication
locator info Via WEB/WAP on his phone or PC
Via friend’s phone OTA1
Mobile Handset Via Smartposter ad in Newspaper or street
OTA1 Server J2me host
-> An URL or MSISDN for the Service Provider is loaded into the Host
J2ME
for application
management
extensionB/O .(MIDP2)
mgr
Host OTA
comp.
Midlet
OTA2 Application installation Server
Load / install / make for SE
selectable
management
Host Core
component
Key diversification /
MANAGEMENT
personalization
APPLICATION
SE Manager
Application delivery / domain
SE Manager
Service Request /
CPLC, CA URL
*depends from the GP
SE1
Data collection
creation request
Ex.
implementation
SIM
cardlet
Global Platform
Manager
Card
SE2 ex. Embedded SE
SE Manufacturer
SE3 ex. Mass storage with SE
SE Manufacturer
Stolpan Plug-in SE Database
Stolpan
Interface SE Manager
lookup
Legacy System SE
Manufacturer
Service Provider
Service Provider
27. The framework – application lifecycle
START
Midlet delivery / C2S
Application communication
locator info The host application in the handset sends a request to
The Service Provider of that particular service.
ItOTA1potentially more information but the MSISDN of the handset is mandatory
Mobile Handset OTA1
sends
Server J2me host
J2ME
for application
management
extensionB/O .(MIDP2)
mgr
Host OTA
comp.
Midlet
OTA2 Application installation Server
Load / install / make for SE
selectable
management
Host Core
component
The Service Provider needs probably more info about the person itself (e.g.
Key diversification /
MANAGEMENT
personalization
APPLICATION
bank account) and about the system (type of handset for supported OTA or
type of Secure Elements, etc.). These are requested and answered. SE Manager
Application delivery / domain
SE Manager
Service Request /
The user might have the option to select the SE where he wants to load the
CPLC, CA URL
*depends from the GP
SE1
Data collection
creation request
Ex.
application. The Service Provider makes the decision.
implementation
SIM
The Service Provider agrees with the user on the selected Secure Element
cardlet
Global Platform
Manager
Card
SE2 ex. Embedded SE
SE Manufacturer
SE3 ex. Mass storage with SE
SE Manufacturer
Stolpan Plug-in SE Database
Stolpan
Interface SE Manager
lookup
Legacy System SE
Manufacturer
Service Provider
Service Provider
28. The framework – application lifecycle
START
Midlet delivery / C2S
Application communication
locator info
OTA1
Mobile Handset OTA1 Server J2me host
J2ME
for application
management
extensionB/O .(MIDP2)
mgr
Host The Service Provider locates the actual SE issuer for
OTA
comp.
Midlet
that Secure Element
OTA2 Application installation Server
Load / install / make for SE
selectable
management
Host Core
component
Key diversification /
MANAGEMENT
personalization
APPLICATION
SE Manager
Application delivery / domain
SE Manager
Service Request /
CPLC, CA URL
*depends from the GP
SE1
Data collection
creation request
Ex.
implementation
SIM
cardlet
Global Platform
Manager
Card
SE2 ex. Embedded SE
SE Manufacturer
SE3 ex. Mass storage with SE
SE Manufacturer
Stolpan Plug-in SE Database
Stolpan
Interface SE Manager
lookup
Legacy System SE
Manufacturer
Service Provider
Service Provider
29. The framework – application lifecycle
START
Midlet delivery / C2S
Application communication
locator info
OTA1
Mobile Handset OTA1 Server J2me host
J2ME The Service Provider requests a for application
management
extensionB/O .(MIDP2)
mgr
Host security domain on the selected OTA
comp.
Midlet
SE from the SE Issuer.
OTA2 Server
Application installation
Load / install / make for SE
selectable
management
Host Core
component
Key diversification /
MANAGEMENT
personalization
APPLICATION
SE Manager
Application delivery / domain
SE Manager
Service Request /
CPLC, CA URL
*depends from the GP
SE1
Data collection
creation request
Ex.
implementation
SIM
cardlet
Global Platform
Manager
Card
SE2 ex. Embedded SE
SE Manufacturer
SE3 ex. Mass storage with SE
SE Manufacturer
Stolpan Plug-in SE Database
Stolpan
Interface SE Manager
lookup
Legacy System SE
Manufacturer
Service Provider
Service Provider
30. The framework – application lifecycle
START
Midlet delivery / C2S
Application communication
locator info
The Security Domain is created
OTA1
Mobile Handset OTA1 Server J2me host
J2ME
for application
management
extensionB/O .(MIDP2)
mgr
Host OTA
comp.
Midlet
OTA2 Application installation Server
Load / install / make for SE
selectable
management
Host Core
component
Key diversification /
MANAGEMENT
personalization
APPLICATION
SE Manager
Application delivery / domain
SE Manager
Service Request /
CPLC, CA URL
*depends from the GP
SE1
Data collection
creation request
Ex.
implementation
SIM
cardlet
Global Platform
Manager
Card
SE2 ex. Embedded SE
SE Manufacturer
SE3 ex. Mass storage with SE
SE Manufacturer
Stolpan Plug-in SE Database
Stolpan
Interface SE Manager
lookup
Legacy System SE
Manufacturer
Service Provider
Service Provider
31. The framework – application lifecycle
START
Midlet delivery / C2S
Application communication
locator info
OTA1
Mobile Handset OTA1 Server J2me host
J2ME The Service Provider receives
for application
management
extensionB/O .(MIDP2)
mgr
Host the keys for the Security Domain OTA
comp.
Midlet
OTA2 Application installation Server
Load / install / make for SE
selectable
management
Host Core
component
Key diversification /
MANAGEMENT
personalization
APPLICATION
SE Manager
Application delivery / domain
SE Manager
Service Request /
CPLC, CA URL
*depends from the GP
SE1
Data collection
creation request
Ex.
implementation
SIM
cardlet
Global Platform
Manager
Card
SE2 ex. Embedded SE
SE Manufacturer
SE3 ex. Mass storage with SE
SE Manufacturer
Stolpan Plug-in SE Database
Stolpan
Interface SE Manager
lookup
Legacy System SE
Manufacturer
Service Provider
Service Provider
32. The framework – application lifecycle
START
Midlet delivery / C2S
Application communication
locator info
OTA1
Mobile Handset OTA1 Server J2me host
J2ME
for application
management
extensionB/O .(MIDP2)
mgr
Host OTA Service Provider changes
The
comp.
Midlet
OTA2 Application installation Server key to the Secure Domain
the
Load / install / make for SE
managementloads and personalizes the
and
selectable
application
Host Core
component
Key diversification /
MANAGEMENT
personalization
APPLICATION
SE Manager
Application delivery / domain
SE Manager
Service Request /
CPLC, CA URL
*depends from the GP
SE1
Data collection
creation request
Ex.
implementation
SIM
cardlet
Global Platform
Manager
Card
SE2 ex. Embedded SE
SE Manufacturer
SE3 ex. Mass storage with SE
SE Manufacturer
Stolpan Plug-in SE Database
Stolpan
Interface SE Manager
lookup
Legacy System SE
Manufacturer
Service Provider
Service Provider
33. The framework – application lifecycle
START
Midlet delivery / C2S
Application communication
locator info
The Service Provider might need
OTA1
Mobile Handset to OTA1
download new UI elements or
Server J2me host
J2ME rules to serve the service in the for application
management
extensionB/O .(MIDP2)
mgr
Host particular host in the phone. It is OTA
comp.
Midlet
doneOTA2 as well. Application installation
here Server
Load / install / make for SE
selectable
management
Host Core
component
Key diversification /
MANAGEMENT
personalization
APPLICATION
SE Manager
Application delivery / domain
SE Manager
Service Request /
CPLC, CA URL
*depends from the GP
SE1
Data collection
creation request
Ex.
implementation
SIM
cardlet
Global Platform
Manager
Card
SE2 ex. Embedded SE
SE Manufacturer
SE3 ex. Mass storage with SE
SE Manufacturer
Stolpan Plug-in SE Database
Stolpan
Interface SE Manager
lookup
Legacy System SE
Manufacturer
Service Provider
Service Provider
35. Concrete NFC Applications (1)
PAYMENT & TICKETING
Card manag e me nt NFC e nable d Payme nt /
OTA manag e me nt mo bile pho ne tic ke ting
s ys te m (banks ,trans -
Payment &
s e rve r te rminals
po rt c o mpanie s )
2. 3.
Ticketing 1.
Re ques t fo r OTA OTA pro vis io ning o f Pay and trave l
pro vis io ning o f payme nt/tic ke ting by to uc hing
payme nt/tic ke ting applic atio n into with NFC pho ne
applic atio n the NFC pho ne
Service
Initiation
Sharing & Peer2Peer
NF C WiF i
S et up P ha s e Norma l us e P ha s e
36. Concrete NFC Applications (2)
Building Access
Mobile Phone = MP = Key
e-Business Card,
Exchange for
Ticket
Take Info from
Poster
MP = Ticket Counter
Payment Everywhere
MP = POS
MP=Mobile Micro-Payment Building Access
Phone MP = Debit Card MP = Key
37. StoLPaN Dolomiti Trial
NFC tag based Infotainment applications
Where: Falcade, Belluno (Dolomiti)
When: December 2008 / May 2009
Target: tourists and locals
Use cases
Smart Poster: three specific infotainment
applications (SKI, Meteo, Digital Content)
Loyalty
Booking and reservation
39. Thank you for your attention!
Prof. Carlo Maria Medaglia
carlomaria.medaglia@uniroma1.it
http://w3.uniroma1.it/rfidlab - http://www.stolpan.com
40. New developments: the “SIMpli” series
SIMpliCity
an NFC system for the mobility of citizens that guides people (tourists or
locals), within the town streets, providing information about restaurants,
shops, offices and public services.
SIMpliTravel
a set of Java applications for buying and validating tickets for public
transport, composed by three MIDlets (NFCTicketing, Validate, Verifier) and
one Cardlet (TicketingCardlet).
SIMpliPay
an NFC payment application based on “travel check” system, which
manages the tourist’s mobile wallet.
SIMpliAccess
an access control application for the OTA download and management of
keys (hotel, car, …).
42. RFID Lab Academic partners
irector: Prof. Gianni Orlandi, Full Professor of Telecommunication
oordinator: Prof. Carlo Maria Medaglia, Associate Professor of HCI
entre for the Applications of Television and Distance Learning Techniques (CATTID),
University of Rome “Sapienza”
epartment of Ingegneria Elettronica, Faculty of Engineering, Univ. of Rome “Sapienza”
epartment of Ingegneria Informatica, Faculty of Engineering, Univ. of Rome “Sapienza”
epartment of Logistica e Gestione Merci, Faculty of Commerce, Univ. of Rome
“Sapienza”
entre for Transports and Logistics (CTL), Faculty of Engineering, Univ. of Rome
“Sapienza”
epartment of Informatica, Faculty of Computer Science, Univ. of Rome “Sapienza”
epartment of Scienze della Comunicazione, Faculty of Mass Communication, Univ. of
44. The framework – host design
Modular structure (MIDP 3.0
preferred)
Engines – common APIs for use
Customer midlet & cardlet needs to
be registered/certified
Re-use of workflow midlets
Stolpan cardlet for secure functions
& application management
Multi Secure Element support
Back-up support
Branding support
45. New developments: iMoney
iMoney is a P2P payment service which combines
remote (SMS/OTA) with proximity (NFC) payment.
Remote
Proximity
46. New developments:
proximity marketing applications
Nowadays, most NFC pilot projects are focused on ticketing and
payment, which requires a long time to be implemented, because
they involve a number of actors with different and sometimes opposite
interests.
This makes consumers scarcely aware about NFC technology and
products.
The most interesting short-term scenario for NFC applications would
probably be the one related to mobile advertising and proximity
marketing, combining NFC with other wireless technologies already
available in the mobile phones such as Bluetooth and GSM / GPS
localization.
47. Touch it! An urban marketing game
Touch it! is an urban marketing game which combines GSM
localization with a proximity technology such as NFC in order to
offer an innovative mobile advertising model to retailers and an
interactive game experience to the users.
FUNNY INTERESTING
FOR THE USERS FOR RETAILERS
48. Touch it! How it works
WEB SERVER / DB
GPRS/U
MTS
GPRS/U
MTS
NFC
TOUCH IT! READER
NFC TOUCH IT! POINT
49. SIMpliCinema: concept
SIMpliCinema is a “smart window”, placed near cinemas, which allows to:
obtain detailed information about films;
buy tickets via NFC;
download multimedia contents on the mobile phone.
Through a touch screen, the user can
view both trailers and information about
films, he can also buy tickets tapping the
phone near the reader and so he can
receive additional multimedia contents
for free.