On Thu, Jan 30, 2014 at 4:50 PM, F4L|{0 <[email protected]> wrote:
> HI
>
> I have some problem to emulate card with android 4.4.
> has someone some example for learn to use this functionality?
>
> I read this article
> http://developer.android.com/guide/topics/connectivity/nfc/hce.html#, but I
> don't understand how HCE work exactly. if the HCE create a secure area or
> no. if yes how manage this.
>
There is nothing secure about HCE itself. Unlike with real smartcards or
the embedded secure element (SE) element found in some Android
devices all processing is done inside of a regular Android app. As such,
it is subject to the same attacks. For example, if you have root access
you can dump the memory of the app that implements HCE and obtain
whatever information it is processing (cryptographic keys, credit card numbers,
etc.) If you need to store stuff you use with HCE securely, you need to
implement your own security. You can use password based encryption,
the device keystore service, or offload all sensitive processing to a
server.
Here's an example that uses keys stored in the device keystore
to emulate a PKI card:
https://github.com/nelenkov/virtual-pki-card/tree/master/hce-pki
--
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en
---
You received this message because you are subscribed to the Google Groups
"Android Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
