A HCE-Based Authentication Approach for Multi-platform Mobile Devices

  • Luigi Manco
  • Luca Mainetti
  • Luigi Patrono
  • Roberto Vergallo
  • Alessandro Fiore
Conference paper
Part of the Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering book series (LNICST, volume 189)


Mobile devices are able to gather more and more functionalities useful to control people’s daily life facilities. They offer computational power and different kinds of sensors and communication interfaces, enabling users to monitor and interact with the environment by a single integrated tool. Near Field Communication (NFC) represents a suitable technology in the interaction between digital world and real world. Most NFC-enabled mobile devices exploit the smart card features as a whole: e.g., they can be used as contactless payment and authentication systems. Nevertheless at present heterogeneity in mobile and IoT technologies does not permit to fully express potentialities of mobile devices as authentication systems, since most of the proposed solutions are strictly related to specific technological platforms. Basing on smart payment card approach, Europay, MasterCard e VISA (EMV) protocols and Host Card Emulation (HCE) technology, the current work proposes a distributed architecture for using NFC-enabled mobile devices as possession factor in Multifactor Authentication (MFA) systems. The innovative idea of the proposal relies on its independence with respect to the specific software and hardware technologies. The architecture is able to distribute tokens to registered mobile devices for univocally identifying user identity, tracing its actions in the meanwhile. As proof of concept, a real case has been implemented: an Android/iOS mobile application to control a car central locking system by NFC.


Smart cities Smart building NFC Mobile HCE Cloud 


  1. 1.
    Hancke, G.P., de Carvalho e Silva, B.: The role of advanced sensing in smart cities. Sensors 13(1), 393–425 (2013). Multidisciplinary Digital Publishing Institute, SwitzerlandCrossRefGoogle Scholar
  2. 2.
    Zanella, A., Bui, N., Castellani, A., Vangelista, L., Zorzi, M.: Internet of Things for smart cities. IEEE Internet Things J. 1(1), 22–32 (2014)CrossRefGoogle Scholar
  3. 3.
    Aloul, F., Zahidi, S., El-Hajj, W.: Two factor authentication using mobile phones. In: 2009 IEEE/ACS International Conference on Computer Systems and Applications, pp. 641–644 (2009)Google Scholar
  4. 4.
    Smith, M., Tassone, J., Holmes, D.: Method and system for providing identity, authentication, and access services. US 9076273 B2, 07 July 2015Google Scholar
  5. 5.
    Mandalapu, A., Raj, L.D.: An NFC featured three level authentication system for tenable transaction and abridgment of ATM card blocking intricacies. In: 2015 International Conference and Workshop on Computing and Communication (IEMCON), pp. 1–6 (2015)Google Scholar
  6. 6.
    Chen, W., Hancke, G.P., Mayes, K.E., Lien, Y., Chiu, J.-H.: NFC mobile transactions and authentication based on GSM network. In: 2010 Second International Workshop on Near Field Communication, pp. 83–89 (2010)Google Scholar
  7. 7.
    Adukkathayar, A., Krishnan, G.S., Chinchole, R.: Secure multifactor authentication payment system using NFC. In: 2015 10th International Conference on Computer Science & Education (ICCSE), pp. 349–354 (2015)Google Scholar
  8. 8.
    Ivey, R.G.F., Braun, K.A., Blashill, J.: System and method for two factor user authentication using a smartphone and NFC token and for the automatic generation as well as storing and inputting of logins for websites and web applications. 14/600391, 20 January 2015Google Scholar
  9. 9.
    Subpratatsavee, P., Sriboon, W., Issavasopon, W.: Automated car parking authentication system using NFC and public key cryptography based on android phone. Appl. Mech. Mater. 752–753, 1006–1009 (2015)CrossRefGoogle Scholar
  10. 10.
    Armando, A., Merlo, A., Verderame, L.: Trusted host-based card emulation. In: 2015 International Conference on High Performance Computing & Simulation (HPCS), pp. 221–228 (2015)Google Scholar
  11. 11.
    Cavdar, D., Tomur, E.: A practical NFC relay attack on mobile devices using card emulation mode. In: 38th International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO), pp. 1308–1312 (2015)Google Scholar
  12. 12.
    Oh, S., Doo, T., Ko, T., Kwak, J., Hong, M.: Countermeasure of NFC relay attack with jamming. In: 12th International Conference & Expo on Emerging Technologies for a Smarter World (CEWIT), pp. 1–4 (2015)Google Scholar
  13. 13.
    Urien, P.: New direction for open NFC trusted mobile applications: the MOBISIM project. In: IEEE Conference on Communications and Network Security (CNS), pp. 711–712 (2015)Google Scholar

Copyright information

© ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering 2018

Authors and Affiliations

  • Luigi Manco
    • 1
  • Luca Mainetti
    • 1
  • Luigi Patrono
    • 1
  • Roberto Vergallo
    • 1
  • Alessandro Fiore
    • 1
  1. 1.Department of Innovation EngineeringUniversity of SalentoLecceItaly

Personalised recommendations