BLE and HCE mobile credentials

LEGIC has successfully introduced BLE mobile credentials and is now on course to expand its technology platform with HCE.

BLE mobile credentials

In December 2015, LEGIC launched the Bluetooth Low Energy (BLE) reader chipset SC-4300M. Together with the LEGIC Connect trusted service and the software development kits for smartphone apps, these components form a powerful technology platform for an easy integration of BLE mobile credentials into a broad range of applications, such as access control or follow-me printing.

The LEGIC BLE solution provides end-to-end security from LEGIC Connect to the reader chipset, and there are no keys on the smartphone to decrypt the credential data stored in files. The solution allows for fast over-the-air credential deployment onto mobile devices and supports multiple files and applications.

What is HCE

HCE stands for Host Card Emulation. The term has to be explained in light of NFC (Near Field Communication) and Card Emulation based on a secure element (SE). Before the introduction of HCE the NFC Controller was directly wired to the mobile phone SE and this made it necessary to deploy credentials into the SE. So the solution providers had to cooperate with the SE owners, typically the mobile network operators (MNOs), to get access to their SE, i.e. their SIM card. Because of the many different SE owners in the market place, this approach proved to be time-consuming, if not at all impractical.

With the introduction of HCE, the NFC Controller’s capability was extended to route certain NFC communication to the Operating System of the mobile phone (i.e. to the host). This eliminated the need for NFC mobile solution providers to have access to the SE, as credential data can now be stored in files residing in the smartphone memory as it is the case with BLE.

What are the goals of LEGIC’s HCE implementation

The same mobile credential (file on the mobile device) will be accessible with HCE (NFC) and BLE. The keys for file access and data encryption will be generated in LEGIC Connect and are never disclosed. LEGIC will also provide a secure way for loading the keys into the readers. As HCE is based on NFC (ISO 14443), today’s LEGIC SM-4200 reader chip fulfills the hardware requirements. However, as LEGIC has no intention to emulate existing cards (e.g. an ATC4096-MP311), the integration of HCE into LEGIC readers requires new firmware.