Abstract
Mobile devices are able to gather more and more functionalities useful to control people’s daily life facilities. They offer computational power and different kinds of sensors and communication interfaces, enabling users to monitor and interact with the environment by a single integrated tool. Near Field Communication (NFC) represents a suitable technology in the interaction between digital world and real world. Most NFC-enabled mobile devices exploit the smart card features as a whole: e.g., they can be used as contactless payment and authentication systems. Nevertheless at present heterogeneity in mobile and IoT technologies does not permit to fully express potentialities of mobile devices as authentication systems, since most of the proposed solutions are strictly related to specific technological platforms. Basing on smart payment card approach, Europay, MasterCard e VISA (EMV) protocols and Host Card Emulation (HCE) technology, the current work proposes a distributed architecture for using NFC-enabled mobile devices as possession factor in Multifactor Authentication (MFA) systems. The innovative idea of the proposal relies on its independence with respect to the specific software and hardware technologies. The architecture is able to distribute tokens to registered mobile devices for univocally identifying user identity, tracing its actions in the meanwhile. As proof of concept, a real case has been implemented: an Android/iOS mobile application to control a car central locking system by NFC.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Hancke, G.P., de Carvalho e Silva, B.: The role of advanced sensing in smart cities. Sensors 13(1), 393–425 (2013). Multidisciplinary Digital Publishing Institute, Switzerland
Zanella, A., Bui, N., Castellani, A., Vangelista, L., Zorzi, M.: Internet of Things for smart cities. IEEE Internet Things J. 1(1), 22–32 (2014)
Aloul, F., Zahidi, S., El-Hajj, W.: Two factor authentication using mobile phones. In: 2009 IEEE/ACS International Conference on Computer Systems and Applications, pp. 641–644 (2009)
Smith, M., Tassone, J., Holmes, D.: Method and system for providing identity, authentication, and access services. US 9076273 B2, 07 July 2015
Mandalapu, A., Raj, L.D.: An NFC featured three level authentication system for tenable transaction and abridgment of ATM card blocking intricacies. In: 2015 International Conference and Workshop on Computing and Communication (IEMCON), pp. 1–6 (2015)
Chen, W., Hancke, G.P., Mayes, K.E., Lien, Y., Chiu, J.-H.: NFC mobile transactions and authentication based on GSM network. In: 2010 Second International Workshop on Near Field Communication, pp. 83–89 (2010)
Adukkathayar, A., Krishnan, G.S., Chinchole, R.: Secure multifactor authentication payment system using NFC. In: 2015 10th International Conference on Computer Science & Education (ICCSE), pp. 349–354 (2015)
Ivey, R.G.F., Braun, K.A., Blashill, J.: System and method for two factor user authentication using a smartphone and NFC token and for the automatic generation as well as storing and inputting of logins for websites and web applications. 14/600391, 20 January 2015
Subpratatsavee, P., Sriboon, W., Issavasopon, W.: Automated car parking authentication system using NFC and public key cryptography based on android phone. Appl. Mech. Mater. 752–753, 1006–1009 (2015)
Armando, A., Merlo, A., Verderame, L.: Trusted host-based card emulation. In: 2015 International Conference on High Performance Computing & Simulation (HPCS), pp. 221–228 (2015)
Cavdar, D., Tomur, E.: A practical NFC relay attack on mobile devices using card emulation mode. In: 38th International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO), pp. 1308–1312 (2015)
Oh, S., Doo, T., Ko, T., Kwak, J., Hong, M.: Countermeasure of NFC relay attack with jamming. In: 12th International Conference & Expo on Emerging Technologies for a Smarter World (CEWIT), pp. 1–4 (2015)
Urien, P.: New direction for open NFC trusted mobile applications: the MOBISIM project. In: IEEE Conference on Communications and Network Security (CNS), pp. 711–712 (2015)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Manco, L., Mainetti, L., Patrono, L., Vergallo, R., Fiore, A. (2018). A HCE-Based Authentication Approach for Multi-platform Mobile Devices. In: Longo, A., et al. Cloud Infrastructures, Services, and IoT Systems for Smart Cities. IISSC CN4IoT 2017 2017. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 189. Springer, Cham. https://doi.org/10.1007/978-3-319-67636-4_10
Download citation
DOI: https://doi.org/10.1007/978-3-319-67636-4_10
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-67635-7
Online ISBN: 978-3-319-67636-4
eBook Packages: Computer ScienceComputer Science (R0)