The NFC Controller Chip
Near Field Communication (NFC) hardware doesn’t look very complicated, and it really isn’t. You have a controller chip in the phone. A controller chip (a kind of CPU) accepts instructions provided by software and then processes those instructions to allow for the completion of tasks.
It also provides a certain level of order and management by ensuring that the right data ends up in the right place at the right time. The figure shows the NFC implementation for a typical mobile device. Any mobile device you use will include other items, but here’s a simplified view of how most mobile devices implement NFC so that you get a better idea of the controller chip’s role in making NFC work.
Everything starts with a user accessing an application or with an event (such as tapping the smartphone on a cash register) automatically starting an application. The software that makes up the application provides the user interface that the user interacts with to perform tasks. It also provides detailed instructions to the controller chip through the operating system.
Even though the controller chip provides the means for performing tasks, it can’t actually perform any tasks without software, and the software needs the user’s direction (or some other type of input) on what sorts of tasks to perform next. The user might choose to transfer files. The act of telling an application to transfer a particular file starts a series of events in which the software provides detailed instructions to the controller chip on precisely how to perform the task. What the user sees is the act of making a connection and transferring the file — all the activity required to make these actions happen remain invisible to the user.
Some tasks require a secure connection. The cloud-based security available when using HCE is one option. An alternative is to rely on the Secure Element (SE), with or without using HCE, to provide the required security. The figure tells you more about the hardware used to make the secure access happen. The Main Host Controller can run both trusted (those that run with special protections) and untrusted (those that run without special protections) applications.
The trusted applications run in a special Trusted Execution Environment (TEE). A TEE is a secure area in the processor of a smartphone or other attached device that ensures that sensitive data is stored, processed, and protected in an isolated, trusted environment. The main idea is to enforce protected execution of authenticated code, confidentiality, authenticity, privacy, system integrity, and data access rights.
It is important to remember that the solutions for creating a secure environment are evolving as the technology evolves. The secure element solution was, for a time, seen as the best and only way to secure data. As the technology evolved, HCE was introduced as another potential solution. There are additional solutions that combine HCE and SE functions.
The SE is referred to as a storage location for data. Although this can be the case (and is true in some cases), the SE is actually a small processor that not only stores data securely but also runs special applications securely.
When speaking of payments, for example, there is a requirement to have an application, and that application should be on the phone. For HCE, this is true: The application must marshall data between the phone and the cloud, and the application is what is actually talking to the payment reader, so the application is intimately involved in the transaction and must be much more complex.
For an SE, the application on the phone is nothing but a switch to choose which card to use; the application that does the payment and the security runs completely on the SE. The application on the phone provides a second layer of security, in some cases, by asking for a pin or biometric before activating the switch.
The SE is a physically separate element in the smartphone that can come in the following form factors:
- Universal Integrated Circuit Card (UICC)/Subscriber Identification Module (SIM): Your mobile device (such as a smartphone) can have either a UICC (3G or 4G devices) or a SIM (2G devices) that is typically issued by the mobile carrier. Both chips store the International Mobile Subscriber Identity (IMSI) number and its related key used to identify your particular device. The chips can perform a number of tasks, such as storing contact information. Carriers can lock the SIM and prevent consumers from using it on other networks. A UICC has significant advantages over a SIM.
- Embedded SE: An embedded SE provides all the elements of an SE. However, the vendor permanently attaches it to the motherboard of whatever device uses it. Some people consider the permanent nature of embedded SE an additional security feature because the chip must stay with the original smartphone (making hacking harder).
- Smart Micro Secure Digital (SD) card: The Smart Micro SD card is a removable flash memory card that stores identification information and communicates with NFC using the same Single Wire Protocol (SWP) used by UICCs and SIMs. Consumers typically obtain Smart Micro SD cards from service providers including banks, credit card companies, retailers, transportation providers, and governments. Unlike UICCs and SIMs, the consumer normally owns the Smart Micro SD card and can easily move it to another device.
No matter which form of security NFC uses, the signals end up at the NFC Controller (NFCC)/Contactless Front End, where NFC uses one of three modes to interact with external entities (devices, tags, cards, or anything else NFC can interact with). The NFCC acts as a gatekeeper — determining what mode to use to access the external entity and whether it requires HCE or SE for security needs (assuming the access requires security).