A Secure Communication Model for HCE based NFC Services

Near Field Communication (NFC) is a new promising short-range wireless communication technology that provides ease of use by triggering the communication with a simple touch and making the user feel secure by short distance communication. Most promising functionality of NFC technology is via card emulation operating mode that enables an NFC Smartphone to behave like a contactless smart card. By this way, using card emulation functionality enables realization of diverse applications such as mobile payment, ticketing, coupon, loyalty, access control, identification and so on. In this context, Secure Element (SE) is the important part of NFC Smartphones for securing the private data (e.g. credit and debit card numbers) or mobile application executable codes. On the other hand, Cloud based SE concept emerged especially after the introduction of Host Card Emulation (HCE) technology with Android 4.4 (KitKat) OS by Google which adds completely new functionality for card emulation based NFC services. HCE introduces new methods for storing, accessing, and managing private data on the Cloud instead of on the Smartphones. The purpose of this study to present a novel model for HCE based NFC services, which performs a secure communication using Tokenization method. Tokenization method opens up the possibility of enabling secure offline transactions for NFC services as well. The importance of Tokenization method for our proposed model is initially explained, and the system requirements of the proposed model are presented thereafter. The communication model is based on two-phased Tokenization that aims to provide secure interaction between system actors, and presented through an HCE based NFC access control use case.