Embodiments of the present invention relate to a near field communication transaction method and system.
In recent years, the appearance of inductive coupling contactless communication techniques, also referred to as NFC techniques (Near Field Communication), have changed the world of smart cards, making it possible firstly to produce contactless payment cards and then to integrate a secure processor and an NFC controller into portable electronic objects such as mobile telephones, to perform NFC transactions.
FIG. 1 schematically represents a classic transaction system including a contactless smart card CC1 and a transaction terminal TT. The terminal TT is for example a cash withdrawal point, a sales outlet (ticket machine, food and drink dispenser, or the like), an automatic access control pay terminal (metro access terminal, bus payment terminal, or the like).
The contactless card CC1 includes a Contactless Integrated Circuit CIC equipped with a secure processor and an antenna coil AC1 connected to the integrated circuit. The terminal TT itself includes an antenna coil AC2 and is configured to perform an NFC transaction with the card CC1 by emitting a magnetic field FLD. The transaction includes the exchange of Application Protocol Data Units APDU. The application protocol data includes commands CAPDU sent by the terminal and responses RAPDU sent by the card. The terminal TT may be linked in real time or non-real time to a transaction server SV0, to validate a payment and/or debit an account held by the user.
FIG. 2 schematically represents a transaction system including a mobile telephone HD1 and the transaction terminal TT. The telephone HD1 includes a main processor PROC1, a radiocommunication circuit RCCT, a SIM (Subscriber Identity Module) card secure processor PROC2, an NFC controller referred to as “NFCC”, an antenna coil AC3 linked to the controller NFCC and a secure processor PROC3 configured to perform NFC transactions.
The processor PROC3 includes a central processing unit CPU, an operating system OS, a Card Application Program CAP and/or a Reader Application Program RAP. The processor PROC3 is linked to the controller NFCC through a bus BS1, for example a Single Wire Protocol bus SWP. In practice, the processor PROC3 may be a Universal Integrated Circuit Card UICC, for example of mini-SIM or micro-SIM type.
An example of functional architecture of the controller NFCC and of the processor PROC3 is represented in FIG. 3. The controller NFCC includes a host controller HC and a Contactless Front End Interface CLF which is linked to the antenna coil AC3. In practice, the host controller HC and the interface CLF may be integrated into the same semiconductor chip, such as the MicroRead® chip marketed by the applicant.
The bus BS1 linking the processor PROC3 and the controller NFCC is used as a physical medium for a communication interface called a Host Controller Interface (HCI) through which the controller NFCC and the processor PROC3 exchange data in accordance with a Host Controller Protocol HCP. The interface HCI and the protocol HCP are described in the specifications ETSI TS 102 622 of the European Telecommunications Standards Institute, entitled “Smart cards; Universal Integrated Circuit Card (UICC); Contactless Front-end (CLF) interface; Host Controller Interface (HCI)”. The protocol HCP provides for routing of data according to routing channels called “pipes”, through which application protocol data APDU is exchanged during a transaction between the processor PROC3 and the transaction terminal TT.
The interface CLF may generally operate according to several RF technologies referred to as “RFTi” in FIG. 3, for example “Type A” or “Type B” as defined by ISO/IEC 14443 parts 2, 3 and 4, “Type B′” as defined by ISO/IEC 14443-2, with a standard framing as defined by ISO/IEC 14443-3, and “Type F” as defined by ISO 18092 (as passive mode at 212 and 424 kilobytes per second) or by the Japanese industrial standard JIS X 6319-4.
During the execution of the card application CAP, the processor PROC3 emulates a contactless card and uses the controller NFCC in passive mode to perform a transaction with a transaction terminal TT which emits the magnetic field FLD. A pipe P1 is first opened between the card application CAP and the interface CLF of the controller NFCC, which is configured for the occasion in an RFTi technology. The terminal TT sends the controller NFCC commands CAPDU that the controller forwards to the processor PROC3 through the pipe P1. The processor PROC3 issues responses RAPDU which are sent to the controller NFCC through the pipe P1, and then sent to the terminal TT by the controller NFCC, through an RF channel.
During the execution of the reader application RAP, the processor PROC3 performs a transaction with a contactless integrated circuit CIC arranged in a contactless card CC1 or another medium. The controller NFCC is in an active operating mode where it emits a magnetic field FLD. A pipe P1 is first opened between the reader application RAP and the interface CLF of the controller NFCC, which is configured for the occasion in an RFTi technology. The reader application RAP then issues commands CAPDU which are sent to the controller NFCC through the pipe P2, and then sent to the integrated circuit CIC through an RF channel. The contactless integrated circuit CIC sends back to the controller NFCC responses RAPDU that the controller forwards to the processor PROC3 through the pipe P2.
It is well known that the development of NFC technology is closely related to the development of card applications in portable devices such as mobile telephones, so as to use such portable devices as contactless smart cards. Although infrastructures equipped with NFC transaction terminals already exist, in particular in the field of payment, the integration of secure processors into mobile telephones to execute such applications is not carried out at a sufficient pace to enable NFC technology to develop as expected.
One restriction which hinders development is the complexity and cost of a secure processor such as the processor PROC3 represented in FIGS. 2 and 3. The latter must preferably be capable of executing various card applications and must therefore contain as many bank keys (encryption keys) as card applications supplied by different banks. It must in addition have sufficient computing power to carry out complex encryption calculations during the authentication phase of a transaction. Moreover, the personalization of the processor, i.e. loading a card application CAP into the memory thereof, is a complex operation that must be highly secured and requiring external parties such as a Trusted Service Manager TSM. Lastly, in the event that the telephone is stolen or during a maintenance operation on the telephone, the processor PROC3 is liable to be attacked by a fraudster to discover the bank keys it includes.
It may therefore be desirable to provide a method enabling an NFC transaction to be performed by way of a mobile telephone-type portable device with an architecture that is simpler and less expensive to implement than known architectures.