Apple Pay development and security

This is the last job left for wireless network security. To know the net to get a little paper, and Baidu a bit of information, summed up a document.

At the beginning of the year, when it was just on the line in February, Apple paid that call a fire, and now it's not quite heard. But Samsung has recently been making their own pay, hoping to choose more and more at the same time hope to become more and more secure.

Sharing an Apple Pay joke, I went to the convenience store downstairs today to buy things and ask the clerk if they could use Apple paid. The clerk said, "What?" What are you talking about? Maybe the clerk can not understand English, then ask, can Apple Pay. The clerk said, Apple pays you a big watermelon, I also take Kiwi to pay it.

The following is the text

I. Overview

1. Mobile Payment Background

As mobile phones become a necessary tool for people's daily lives, telecom operators and handset makers are beginning to think about whether mobile phones can achieve more daily life services. such as mobile phones will replace modern credit cards, points cards, coupons. Help people to complete transportation tickets, pay bills, points shopping and so on. can also be downloaded music, electronic door locks, precision recommendations and so on, these are the huge value, because can make people become more convenient products will certainly succeed.

Now, the advent of near-field payment technology (NFC) has made the realization of the above-mentioned functions possible. With the increase of consumer mobile payment demand, as well as the rise of mobile internet and the rapid development of e-commerce, the mobile payment industry has been rapid development.

According to Gartner's latest data, from 2009-2012 years, the global mobile payment business users annual compound growth rate of 44.75%, is expected to 2015, the global mobile payment users will reach 384 million. Mobile payment is not limited by space and time, can provide consumers with differentiated, personalized and diversified services, consumers through the mobile payment business, can quickly and efficiently complete payment, payment and other financial services, greatly facilitate people's lives.

2. Mobile Payment Overview

Mobile payment refers to the online transaction that the user realizes through the mobile terminal device for some kind of goods or service. Users use mobile terminal equipment to complete the payment of goods or services, not limited by time and space, and greatly facilitate people's work and life. Mobile payments can be divided into: close-up payments and long-distance payments according to the payment distance. Among them, the near-distance payment generally uses RFID (radio frequency Technology), NFC (near-distance communication), SIM Pass technology realization, long-distance payment mainly has the text message payment, the WAP payment and so on, QR code scan and so on.

3. Risks to be faced

With the development of mobile electronic business, mobile payment faces the risk of various security attacks from Internet and mobile communication system. These risks mainly include active and passive attacks. Among them, the active attack uses to tamper with the data, the forgery, the denial service and so on, attempts to interfere to the entire mobile payment system's operation, in order to achieve to the mobile payment system the destruction or other purpose; A passive attack is an attacker who listens or monitors information in a communication network illegally, and it does not interfere with system resource utilization. Instead, it tries to eavesdrop on the information transmitted in the mobile communication system.

Because mobile payment is based on the open transmission of wireless communication, it brings convenience and rapidity to people's life, and its security is paid more and more attention. In order for mobile payments to be made available, the security requirements that mobile payment systems must meet are:

(1) The validity of the information. Mobile payment with wireless communication as the carrier, in the process of mobile payment, electronic information replaced the paper information, which need to ensure the effectiveness of electronic form information. Therefore, it is necessary to prevent the validity of transaction data in the event of network failure, system software error, operation error, etc.

(2) Confidentiality of information. During the transaction, the user ensures that the information is not illegally stolen by an unauthorized person or entity and that only legitimate users can see the user data.

(3) Completeness of the data. To prevent the transfer of confidential information and data between the buyer and seller in the transmission process by malicious tampering, insertion and other forms of destruction.

(4) Non-repudiation of information. It is mainly used to prevent the sender or receiver from denying the transmitted information. When the information is published, the payment contract is signed, the payment negotiation and other key transaction steps, the receiver or the sender of a party to deny, you can use the other party signed records as the basis.

Second, NFC payment and security

1. Introduction to NFC

NFC, near Fieldcommunication, is a short-range, contactless communication method that combines contactless sensing with wireless connection technology for 13. 56MHz frequency band, transmission distance of about 10cm. The transmission speed is currently 106kbit/s, 212kbit/s or 424kbit/s, and can be raised to around 1mb/s in the future.

It was founded primarily by Sony and Nokia to create a non-profit industry association NFC Forum, which aims to promote the implementation and standardization of NFC technology and ensure collaboration between equipment and services. At present, the NFC Forum has more than 80 members worldwide, including MasterCard International, VISA, Microsoft, Motorola, NEC, Panasonic, Samsung, Texas Instruments and so on.

There are three main modes of implementation:

(1) Card mode: In this mode, the NFC device is in passive mode. Equivalent to the use of RFID technology IC card, can replace the bus card, access card and so on. The advantage of this mode of operation is that the NFC device is powered by the RF domain of the contactless reader, so even if the NFC device still works without power. For contactless mobile payments, such as shopping malls, transportation and other applications, users simply close the phone to the card reader, enter the password to confirm the transaction or directly receive the transaction. such as access control, tickets, tickets and so on.

(2) Point-to-point mode: In this mode, can be used for data exchange, two very close to the NFC device can quickly establish a connection, and achieve point-to-point communication, such as sending pictures, synchronization device files, with high transmission speed, low power consumption advantages.

(3) Reader mode: In this mode, the NFC device is in active mode. NFC devices must be able to work when power is available. Used as a contactless reader, such as reading information from posters or electronic labels on exhibition information.

2. Implementation mode of NFC payment

Using a third-party payment service provider is the main form of mobile payment for NFC handsets, and its architecture can be described in Figure 1. The core of the system is NFC handsets and third-party payment platforms. Among them, the NFC mobile phone is to store the user-related payment vouchers, security keys, payment applications and provide non-contact communication interface, mobile payment server for third-party payment services provider, mainly for users to issue payment vouchers, manage user account amount, to provide merchants with payment interfaces and digital certificates. Depending on the specific business scenario of the user's NFC phone, mobile payment can be divided into online and offline 2 ways. The next applepay to be discussed is the offline mode, so here we discuss the online mode first.

Figure 2 shows the specific composition of the NFC-enabled phone, where SE (secure Element) is the security unit, is responsible for the NFC mobile phone to provide a variety of encryption, signature and other functions of the security module, mobile phone baseband processor interface with the outside world is the USM Wireless communication link, The NFC chip communicates with an external NFC device through an interface defined by the ISO/IEC 18092 protocol via an RF antenna.

The NFC online mobile payment process is described below:

1) The Merchant NFC Pos machine reads the customer's selected product information, generates a product order, and passes the order information through the NFC link to the user's mobile phone;

2) NFC mobile phone to verify the merchant's certificate, and check the order information;

3) After the order confirmation, the mobile phone user needs to enter the PIN code, after the verification passes, submits the payment request to the mobile payment platform;

4) The mobile payment platform verifies the user information and confirms the validity of the payment request based on the balance of its account amount;

5) The mobile payment platform will pass the payment request to the merchant;

6) The merchant confirms that the transaction is valid and the transaction is completed.

For a more detailed analysis of the process of completing a mobile payment transaction for an NFC phone, a streaming chart of payment transactions for the NFC mobile payment system is required. First of all, clear all the participants in the mobile payment business, including: NFC Mobile phone users, business front-end Nfcpos machine, business background server, third-party payment platform, mobile operators. Then, according to the trading process, analysis of the NFL mobile payment Transaction Flow Chart 3 shows.

3. The threat of NFC payments

Security problem is very important for mobile e-commerce, especially mobile payment, which decides the future of e-commerce in mobile environment. Since the emergence of internet payment has been facing the user and the industry's security trust crisis, this situation is more obvious in China. From the actual situation, whether the network data security in the wireless transmission, the security of the mobile payment process, or the physical security of the mobile device terminal need to be further strengthened.

Analysis of the security threats facing NFC:

1. RF ' RF communication link eavesdropping

The NFC standard defined by 1s0/iec 18092 specifies that the data link is wireless (wireless). It is well known that wireless data transmission in an open environment can be tapped. Eavesdropping threats include user 1D, transaction order information and other sensitive content, if the attack will result in the user's private information, trade order information leakage and misuse.

2. SE Security Unit is damaged

As the core of the security of the entire payment system, the compromise of the security unit in the NFC handset will make the entire mobile payment process out of the ordinary. Corruption can be caused either by a hardware failure or by a malicious attack. The result of this problem is that the Security Module encryption processing, digital signature and other functions can not be properly enabled, so that the authentication of certificates, user digital signature and data encryption will fail.

3. Confidential privacy data is tampered with in SE security module

An attacker could disrupt the integrity of the data in the SE module, such as updates, security keys in the Insert SE module, transaction data, and so on, adding some malicious source root certificates to the SE module in a session that has already been authenticated. This issue will cause the SE module to fail with the security function and generate the wrong trust relationship without the user's knowledge.

4. The SE security module is replaced as a whole

A malicious attacker would replace a mobile security module with an NFC payment function as a whole. This scenario is more likely to occur in an NFC solution that uses an external SE module. As soon as the attack is achieved, the SE module security function is used normally, but some of its key secret data has been replaced. The result is unauthorized malicious attacks such as identity forgery.

5. Access control of SE security module is bypassed

The attacker can obtain the user's personal identification code by means of the technical method, the key parameters of the user SE module, and the password interception/snooping (network sniffing), in order to obtain all the security access rights of the SE module. The consequence is that identity is being counterfeited and NFC payments are being used without authorization.

6. Malicious tampering with trading orders

An attacker could infect a mobile terminal by malware by embedding it in a mobile system app so that the attacker would have the opportunity to modify the user's order, destroy the integrity of the data, or replay the previous order, resulting in a loss of the user's economy.

7. Counterfeiting transactions by counterfeit trading parties

The attacker pretends to be the other party in the transaction and forges false orders to deceive the user into trading, resulting in an economic loss to the user.

8. Man-in-the-middle attack

The attacker hijacked the transaction between the merchant and the user in the network environment, and further obtained the user's payment, which caused the user's economic benefit to be damaged.

4. Security Recommendations

The evolution of NFC mobile payment security problem can be divided into two aspects: technical means and application management. Technical solutions focus on the technical aspects of information systems, through a series of mature technology methods such as encryption, access control, identity authentication and so on to eliminate security threats, while application management is concerned with the personnel and management related issues that NFC mobile end users should pay attention to in the wireless payment process.

(i) Technical methods

1. Security protection mechanism in the safety module

(1) Using the access control mechanism (AccessControl mechanism), such as the number of error attempts of personal identification code, the life cycle management of digital authentication, and (2) the backup/recovery mechanism of the relevant key, to avoid the loss of key or key failure after the encryption data can not be processed properly; (3) Confidential data are strictly forbidden to be stored and transmitted in clear text; (4) All transactions must be stamped with timestamps to avoid data replay attacks, and (5) The system hardware needs to be integrity-tested to avoid runtime failures, and (6) It is strictly forbidden to download and run software that is not signed and cannot be verified by the source.

2. Security mechanisms for baseband processors

(1) Establish the identity registration system to ensure the authenticity and completeness of the mobile phone application, (2) Prevent the personal identification code from being intercepted at input, (3) strictly classify different security domains and (4) mutual authentication with the security module.

3. Security mechanism of NFC chip

The user must be able to switch the NFC module function autonomously to prevent the content of the NFC chip from being read freely.

(ii) Safety application Management

1. Develop user awareness of safe use through publicity and training

New technologies require new information and training. In particular, security issues should be given high priority. The appropriate promotion and training should include the correct use of the NFC smartphone, the ability to identify potential threats and respond to them, the correct way to prevent theft and damage to their NFC handsets, the correct use of the PIN code (not read into memory, etc.), and the correct settings for the phone's password (uppercase and lowercase characters, numbers, etc.).

2. Security protection for operating systems and applications

(1) The security function of various types of smartphone operating system and the safe usage mode of the application software; (2) Installing anti-virus and malware tools and firewalls on the mobile operating system should give full attention to the threat of smart phone security software detection.

Third, Apple pay and security

1. ApplePay Introduction

Apple unveiled a new iphone 6/6plus at the Flint Arts Center in Cubitino de Anza College in California on September 9, 2014, most notably Apple's launch of the latest payment method Apple Payo Apple Pay by NFC near field communication technology, TouchID fingerprint identification, security control and Passbook (e-voucher management tools), the use of only the finger on the home button fingerprint identification, mobile phone close to pay POS terminal, you can complete the payment. ApplePay is currently working with American Express, MasterCard and Visa to support the payment of 22,000 stores, including Yum and McDonald's. Officially launched in the United States on October 20, 2014.

Apple pay has already accounted for 1% of the digital payment market turnover since it came online. Two-thirds of Apple Pay new users used this service many times in November. Apple Pay users average 1.4 times per week using Apple.

Apple pay is online in China on the morning of February 18, 2016.

2. Apple Pay Principle

Payment labeling technology is a new technology formally released by the International Chip card standardization organization EMVCO in 2014, which is based on the principle that the payment token (token) is used instead of the bank card number for transaction verification, thus avoiding the risk of card number information leakage. Payment tagging uses a unique value to replace a traditional card master account, while ensuring that the value is applied to a specific merchant, channel, or device. Payment tags can be used in all aspects of the card transaction, as with the existing bank card-based transactions, can use across the line, with versatility. Simply put, the payment token is the alias of the card number of the bank, which can be used in an open payment environment, the network between the agency and the bank is secure and credible, the use of the bank trusted by the agent and the bank card number and alias of the interaction between the bank to complete the payment operation.

Figure 4 Traditional credit card payments with Apple Pay

Figure 5 Offline payment process for credit card and Apple Pay

The traditional means of payment include: customer-credit card, merchant-provide goods, receive credit card, payment channel-pos terminal and communication network;-generally for card organizations, such as Visa, master, etc., in the domestic mainly UnionPay or third-party payment companies; issuing bank-credit card issuing banks.

In the Apple Pay process, the IPhone's security module does not store the user's card number (PAN) and the rest of the payment information, instead it is the payment Token that Apple calls DAN (device account/Deviceaccount number). User input card number, name, validity and verification Code, bank verification information to the phone after the release of DAN.

Dan is stored in the security Element on the phone and is natively readable, and Apple does not upload/back up Dan to the server and even Apple has no access to Dan in the cloud.

In the process, Tokenization added a device account that is uniquely associated with the card for the user's credit card, and this device account is only available on this device. After the user has linked the card, you can complete the confirmation of the payment transaction via DAN and the Touch ID/Lock screen password. To protect the user's payment information, all payment elements are not sent to the receiving terminal until the user authenticates the Touch ID/input payment password.

In order to protect the user's device account security, if the user turns off the lock screen password/Logout account/erase the contents on the device, all the cards bound in this device will be automatically deleted. When you report the loss of this device, Apple will also actively contact the card organization to write off the card in the device, so that even if the phone is cracked, the card can not be used.

Apple pay is essentially an online swipe solution that does not change the traditional payment model, although the payment process participants increase, but the increase of participants is still the previous parties, the change is to increase the security and enhance the user experience, the interests of the parties have not changed greatly, for users, This change is the convenience of safety and technology.

3. ApplePay Security

With Apple Pay, the first thing to do is to bind a credit card, enter your credit card information on the iphone, ApplePay credit card information to the card organization, verify that after the card organization is validated, a token is generated for the credit card and the token is sent to Apple Pay,apple Pay then sends this encrypted token to the iphone. Instead of storing credit card information directly on the iphone, the token is stored in an independent security chip on the iphone (SE chip), which replaces the card number of the credit card, which is understood to be equivalent to the card number of the token and credit card, but even if token leaks, the credit card information cannot be reversed. The storage and management of this token is not to be underestimated, it was managed by Apple's management tool Passbook, an electronic ticket, boarding pass, points, coupons, etc. that were introduced in 2012. The token format is actually a 16-bit string that is compatible with the format in the traditional POS machine protocol, which means that Apple Pay is compatible with the entire traditional credit card payment network. Whether you're swiping a credit card or using Apple Pay, it's transparent throughout the traditional payment system. In use, there is also a key link "TouchID", only when the fingerprint authentication passed, the iphone allows the use of NFC read token out.

The core parts of the phone are the following parts:

• Secure Element: referred to as SE, is a security component that we often say is an electronic component against physical attack, which contains microprocessors, storage, and decryption hardware, which can be used independently (for example, chip cards) or embedded in other devices (e.g., Apple pay and Google Wallet) provides high-security services. In General, SE is the highest level of security hardware/software equipment accessible to ordinary people, and Apple Pay uses the form of ESE, specifically, Apple Pay uses an industry-standard certified, running Java card platform (jcp,jav A Card Platform), a security element compatible with the requirements of electronic transactions in the financial industry. Se is at the heart of Apple Pay security, and in essence, all payment processing and security related to Apple pays are owned by SE, and other components are just ancillary.
• NFC controller: In an Apple pay scenario, the NFC controller is the equivalent of a router that is connected to three different external entities: external near-field devices (for example: Sales terminal Pos,point-of-sale), The application processor (Ap,application Processor) and the Secure element form two communication channels: the communication channel of the application processor to the secure element, and the communication channel between the POS and the secure element.
• Passbook: Passbook is a service that existed before Apple Pay was launched, and Apple Pay expanded its capabilities so that it could add and manage credit and debit cards for Apple Pay. Of course, you can also view information about the cards you've added, your bank's privacy policy, and recent transaction details. For Apple pay, Passbook is the same as the managed client for secure element, and adding and removing credit or debit card information from secure element is available through the Passbook service.
• Touch ID: The IPhone's fingerprint recognition service, which is designed to make it safer, faster and easier to access devices using fingerprint recognition. Touch ID is not a replacement for the device's secure password, but rather allows the user to use complex device passwords without losing convenience. In other words, the user can use a complex password to protect the device, while also using Touch ID to easily access the device.
• Secure Enclave: Secure Enclave is a security execution environment inside an IOS device that can be used to handle sensitive information, such as: Touch ID fingerprint imaging sensors get data that needs to be passed to secure Enclave To perform the actual fingerprint identification process. For Apple pay, Secure Element is responsible for managing the certification process and making payment transactions possible.
• Apple Pay Servers: An Apple Pay server that manages the status of credit and debit cards in Passbook, as well as device-specific account information stored in Secure Element. Apple Pay servers also communicate with servers in the device and payment networks (Payment Network), and for in-app payments, the Apple paid server is responsible for using the merchant-specific key, which is the payment credentials that are generated for Apple payments (Payment Credentials) is encrypted and then sent to the actual merchant server for payment processing.

Secure communication between secure Enclave and Touch ID

The fingerprint data obtained from the TouchID imaging array needs to be physically matched to Secure Enclave, while in Apple pay, the Touch ID sensor passes through the Serial Peripheral Interface bus (Serial peripheral Interface Bus) Connecting to the application processor before connecting to secure Enclave, in other words, the fingerprint image data acquired by the fingerprint sensor needs to be relayed through the application processor, which poses a security risk: The malicious program can intercept the data generated by the Touch ID sensor. Apple pay is a simple way to secure the transmission of fingerprint data, first the Touch ID sensor and secure Enclave pre-set a shared secret key, then use the shared key to negotiate a session key, and then use the session key that you negotiated with AES-CCM The algorithm encrypts the transmitted data, which ensures that the application processor can not read the fingerprint data and ensures the security of the whole fingerprint identification process.

Secure communication between secure Enclave and secure Element

As mentioned in the previous introduction of the NFC Controller, the physical communication channel between secure Enclave and secure Element needs to be brokered by the NFC controller, and there is no direct physical connection between the two, specifically the secureelement with the NFC controller Then the NFC controller is connected to the application processor without mentioning how the NFC controller is connected to secure Enclave (Apple's official documentation says that the secure Enclave is probably not a standalone coprocessor), so since secure There is a need for communication security to be taken into account when the element and Secureenclave are routed through the application processor.

The implementation is similar to the process of Touch ID and Secure Enclave communication and encrypts the communication content by sharing the pairing key, but because the Secure Element is involved, the provisioning of the shared pairing key is more complex, Specifically, the shared pairing key is pre-provisioned in the production phase, and the key is generated by secure Enclave using its own UID key and the unique identity of the secureelement as input, and then securely transferred inside the factory to the external hardware security module (HSM, Hardwaresecurity Module), and then injected into the secureelement. In practice, communication between secureelement and Secureenclave is encrypted using an AES-based cryptography algorithm, and a cryptographic mechanism is used to prevent replay attacks (replayattacks).

How Apple pay avoids replay attacks on payment transactions

Apple pay avoids the transaction replay attack by means of the dynamic security code, which is specific to the trade. All transactions initiated by the payment applet in the self-secure Element contain a device account number with a transaction-specific dynamic security code. The dynamic security code is a one-time, and is calculated using the key that is pre-provisioned at personalization (the payment applet and the issuer share) and other information in secure Element, including:

-The value of the one-way counter that is incremented for each transaction;

-Pay the random number generated by the Applet;

--The random number generated by the POS terminal is--NFC for trading;

--The random number generated by the Apple pay server--applies when in-app trading.

The dynamic security code is provided to the payment network (Payment Networks) and the issuing bank when trading, which can be used to verify the transaction. Depending on the type of transaction, the length of the dynamic security code is variable.

Iv. Summary

Apple has given up on its ibeacon technology to use NFC to ensure security through a closed-loop ecosystem, effectively processing the previously unmanageable risk issues in NFC payment technology. At present, the security of Apple payment is relatively high, the chip and related technology used are designed and manufactured by themselves, the controllability is higher, the security is stronger. But the future will also face other risks, such as the TouchID of authentication, the threat of third-party applications, and the attacks that the most vulnerable offline businesses will face are extremely damaging. But the convenience of mobile payment and security is what we always want to pursue, we have to do a lot.

Reference documents

1. Jiafan. Security threat modeling for NFC mobile payment systems [J]. Journal of Tsinghua University (natural Science Edition), 2012, 52 (10): 1460-1464

2. Wang Xuegang. NFC mobile payment and its security management [J]. China management informatization, 2012, 15 (21): 79-80

3. Mr. Kwok Will. Research and application of NFC-based mobile payment security solution [J]. Data communication, 2014, 5 (5): 15-18

4. Tan Swie Hian. Research on security problem of mobile payment based on NFC [J]. Business, 2015, 1 (14): 206-207

5. Zhang Huilin. Analysis of mobile payment security scheme based on payment labeling technology [J]. Information security and technology, 2015, 1 (7): 3-5

6. Freebuf. Apple pay is finally coming, paying for security?

Http://bobao.360.cn/news/detail/2748.html. 2016-02-18 19:27:54

7. Fenggou.apple pay is coming, but is it safe?

http://daily.zhihu.com/story/7893647.2016-02

Apple Pay development and security