Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 GP Confidential ©2013 1 GlobalPlatform’s Value Proposition for Mobile Point of Sale (mPOS)

Published byTianna Redington Modified over 9 years ago

Similar presentations

Presentation on theme: "1 GP Confidential ©2013 1 GlobalPlatform’s Value Proposition for Mobile Point of Sale (mPOS)"— Presentation transcript:

1 TM @GlobalPlatform_www.linkedin.com/company/globalplatform 1 GP Confidential ©2013 1 GlobalPlatform’s Value Proposition for Mobile Point of Sale (mPOS) Dongyan Wang GlobalPlatform Technical Program Manager Wednesday 19 March GP Confidential ©2013 @GlobalPlatform_www.linkedin.com/company/globalplatform

2 TM GlobalPlatform Members TM

3 Introducing GlobalPlatform Standards... With GlobalPlatform standards: Create once based on: o Stable and interoperable application programming interfaces (APIs) o Stable security requirement Deploy ‘everywhere’ 3 GlobalPlatform

4 TM GlobalPlatform Positioning Across several market sectors and in converging sectors GlobalPlatform is the standard for managing applications on secure chip technology Trusted Execution Environment Secure Element AND Premium Content

5 TM Mobile as a Center of the New Service Deployment Trusted Execution Environment The trusted execution environment (TEE) provides with a unique capability to ensure that a transaction: Is approved by the right end user Is on the right and trusted device Takes place between the application and cloud or back-end service

6 TM What is a TEE? TEE provides hardware-based isolation from rich operating systems (OS) such as Android TEE runs on the main device chipset and relies on hardware roots of trust (crypto keys and secure boot) TEE has privileged access to platform and device resources (user interface, memory controller, video / audio hardware, crypto accelerators, biometry…) Technology already massively deployed Premium content protection is currently a major use case 6 Open to malware and rooting / jailbreaking Isolation of sensitive assets

7 TM GlobalPlatform TEE Functions Code and data isolation Secure cryptography Secure storage Secure clock Trusted user interface Secure element (SE) interface Administration scheme Hardware-based TEE Functions = ToolBox Device authentication User authentication Protection of any sensitive software engine Digital signature and encryption Secure communication to server and / or SE Upgradable environment Value for Secure App Providers includes

8 TM Unique Feature for mPOS : Trusted User Interface (UI) Message to be signed ▪ Transaction summary displayed by TEE ▪ Rich OS environment cannot tamper with the message ▪ The user signs exactly what s/he is seeing Explicit Validation Means ▪ PIN / password entry  rich OS environment cannot have access to entered credential Security Indicator ▪ Text or image ▪ ‘Sign-in seal concept’ ▪ Information securely configured by the user and securely controlled by the TEE ▪ Prove to the user that the screen is TRUSTED by seeing this known information  Tools to build ‘what you see is what you sign’, anti-phishing and non repudiation   

9 TM Near field communication (NFC) smartphone can be used as card reader A trusted channel is opened between the card and the mPOS Trusted mPOS (1/3) Secure Channel Rich OS My Store

10 TM When needed the end user enters a PIN to confirm a contactless transaction A trusted application will use the trusted UI feature to protect the PIN from any rich OS application Trusted mPOS (2/3) PIN

11 TM mPOS needs to be integrated with back and front office applications TEE protects the credential required to ensure a trusted channel is opened between the mPOS and the server Trusted mPOS (3/3) Rich OS My Store Secure Channel

12 TM Thanks to the GlobalPlatform open architecture supporting multiple applications, a smartphone with a qualified TEE is able to support different mPOS applications – Such as mPOS APPs world, mobile, loyalty programs, actionable intelligence, cross-channel and in-store marketing programs. But also barcode scanning, LBS, eReceipts, coupons, QR codes, wallets, click & collect, geo-targeted mobile advertising and alternative in-store payments. TEE Supports Value Added Services on mPOS Rich OS My Bank

13 TM Thanks to the GlobalPlatform open architecture supporting multiple applications from multiple actors, a smartphone with a qualified TEE is able to support different POS TEE security certification offers a real insurance for the mPOS deployment TEE administration will provide a standard language to manage a mPOS application – Load, install, delete – Update TEE Supports Multiple mPOS Model Rich OS My Bank

14 TM Support Different Use Cases 14  eCommerce mPOS installed in end- user smartphone End-user enters his PIN on his mobile  Commerce mPOS installed in merchant smartphone End-user enters his PIN on merchant mobile  Hybrid mPOS installed in merchant smartphone BUT End-user enters his PIN on his mobile

15 TM Summary Collaboration between TEE and card allows the best of both worlds – High level security of smart card/SEs and usability of smartphone The massive deployment of GlobalPlatform SE and TEE generates a standardized infrastructure for: – Enhancing the usability and security of today’s services – Deploying new payment services (peer-to-peer, remote payment) Compliancy is needed to deploy a mobile service across different devices from different providers Security across different device and suppliers is a must that is central to the GlobalPlatform technology 15

16 TM More @ www.globalplatform.org 16

Download ppt "1 GP Confidential ©2013 1 GlobalPlatform’s Value Proposition for Mobile Point of Sale (mPOS)"

Similar presentations

Multi-Application in Smart Card-based Devices Christophe Colas, Chief Software Architect August 2002.

Multi-Application in Smart Card-based Devices Christophe Colas, Chief Software Architect August 2002.
Identity and Access IDPrime MD 8840 and IDCore 8030 MicroSD cards

Identity and Access IDPrime MD 8840 and IDCore 8030 MicroSD cards
The GSMA July 2014 Restricted - Confidential Information

The GSMA July 2014 Restricted - Confidential Information
Hardware Cryptographic Coprocessor Peter R. Wihl Security in Software.

Hardware Cryptographic Coprocessor Peter R. Wihl Security in Software.
Lee Hang Lam Wong Kwun Yam Chan Sin Ping Wong Cecilia Kei Ka Mobile Phone OS.

Lee Hang Lam Wong Kwun Yam Chan Sin Ping Wong Cecilia Kei Ka Mobile Phone OS.
Information Security Level 2 – Sensitive © 2012 – Proprietary and Confidential Information of Amdocs Amdocs Unified Communications solution.

Information Security Level 2 – Sensitive © 2012 – Proprietary and Confidential Information of Amdocs Amdocs Unified Communications solution.
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
Secure Communication Architectures.

Secure Communication Architectures.
Building and Deploying Safe and Secure Android Apps for Enterprise Presented by Technology Consulting Group at Endeavour Software Technologies.

Building and Deploying Safe and Secure Android Apps for Enterprise Presented by Technology Consulting Group at Endeavour Software Technologies.
Don’t Let Anybody Slip into Your Network! Using the Login People Multi-Factor Authentication Server Means No Tokens, No OTP, No SMS, No Certificates MICROSOFT.

Don’t Let Anybody Slip into Your Network! Using the Login People Multi-Factor Authentication Server Means No Tokens, No OTP, No SMS, No Certificates MICROSOFT.
CLXMGCS.ppt Why Smart Cards System Overview Card Architecture Why CardLogix Smart Cards Overview FY 2001.

CLXMGCS.ppt Why Smart Cards System Overview Card Architecture Why CardLogix Smart Cards Overview FY 2001.
Dongyan Wang GlobalPlatform Technical Program Manager

Dongyan Wang GlobalPlatform Technical Program Manager
Using Cryptographic ICs For Security and Product Management Misconceptions about security Network and system security Key Management The Business of Security.

Using Cryptographic ICs For Security and Product Management Misconceptions about security Network and system security Key Management The Business of Security.
Script Kiddies; CybercrimeCyber-espionage; Cyber-warfare CybercriminalsState sponsored actions; Unlimited resources Attacks on fortune 500All sectors.

Script Kiddies; CybercrimeCyber-espionage; Cyber-warfare CybercriminalsState sponsored actions; Unlimited resources Attacks on fortune 500All sectors.
Data Devices People 6.5B Wireless connections today >42% of global population owns smartphone by end of 2015 >50% User will go to tablet or smartphone.

Data Devices People 6.5B Wireless connections today >42% of global population owns smartphone by end of 2015 >50% User will go to tablet or smartphone.
02/12/00 E-Business Architecture

02/12/00 E-Business Architecture
Cyber Security and Key Management Models Smart Grid Networks The Network System Key Management and Utilization Why Hardware Security Christopher Gorog,

Cyber Security and Key Management Models Smart Grid Networks The Network System Key Management and Utilization Why Hardware Security Christopher Gorog,
Web Cryptography & Utilizing ARM TrustZone® based TEE for Authentication & Cryptography Ilhan Gurel September 10th & 11th, 2014.

Web Cryptography & Utilizing ARM TrustZone® based TEE for Authentication & Cryptography Ilhan Gurel September 10th & 11th, 2014.
Simple Online Accounts for Your Business – With Help from Microsoft Azure, Big Red Cloud Makes Accounting Easier for Thousands of Businesses MICROSOFT.

Simple Online Accounts for Your Business – With Help from Microsoft Azure, Big Red Cloud Makes Accounting Easier for Thousands of Businesses MICROSOFT.
Grow Your Business with the Mitel Applications Suite PSG Networks Mitel Business Partner.

Grow Your Business with the Mitel Applications Suite PSG Networks Mitel Business Partner.

Similar presentations

Ads by Google