Today is Samstag, 23rd März 2019

Posts Tagged ‘SEEK’

SEEK/OMA is now available Android SDK

Four years after the SEEK Project was started by G&D, the library for accessing the SIM Card from an android application is finally available for Android SDK. At API Level 17, G&D is now providing the Library in a way that it can be integrated into various apps. The library is actually the key for a bunch of application doing so call „OTA-Transactions“ (Over-the-Air) in order to install applications on the UICC or make changes to parameters in applets with could be used for payment or ticketing.

SIM Alliance agrees on specification for secure element access API

The SIMalliance, an industry forum of smart card manufacturers and technology providers, agreed on a common API which allows a developer to access the secure element such as the UICC form an application running on the phone.

GSMA recommends Standard for UICC Secure Element Access Control

The GSMA has published the latest releases of its technical NFC documents (version 2). With these documents the GSMA underlines its strong support for UICC (SIM card) based NFC services.

The handset API requirements document focuses on APIs that enable mobile apps to directly access secure NFC applications on the UICC. An example for this function: A mobile phone user wants to have a look into his mobile train tickets stored in the UICC. The transport app must be able to read the ticket information via API from the UICC.

Since malware could misuse this API to run denial of service attacks on UICC application (eg send wrong PIN codes to payment application and thus lock down the application) the access to this API must be secured in a way that only legitimate mobile apps may access specific secure UICC applications. Eg a payment app may only talk to the UICC payment application but must not be able to access a transport application on the very same UICC.

In feature phones with J2ME support this API is well defined in JSR177. But Android is so far not supporting direct UICC access for mobile apps. Therefore OEMs/ODMs have to integrate proprietary SW components into their Android variant for UICC based NFC support.

GSMA and a growing number of its members strongly favor and support existing standards to avoid fragmentation of UICC APIs and its access control mechanisms: The UICC itself will store a list of credentials and thus control which mobile app may access a specific UICC NFC application.

GSMA NFC Handset APIs & Requirement Specification V2.0

GSMA NFC UICC Requirement Specification Version 2.0

Welcome at