4

I've been using StackOverflow for years now, always finding answers to my questions before even asking them, but today I'm stuck.

As I happen to have a working POS terminal (the EMV Chip&Pin kind), I wanted to look into host card emulation.

The terminal works with the latest version of Tapp, so I know that the terminal is good and that my N7 with Kitkat can actually do payment (or at least the terminal do a series of good sounding bleeps and bloops, and the tablet launch Tapp's enrollment screen). So I've read the manual(s) and written a bunch of lines with the objective of seeing something arrive on my HostApduService. It partially works as I can find my dummy "card" in the Tap&Pay settings of the tablet.

But the "payment" part doesn't work: just two high-pitched bleeps from the POS terminal and nothing on the tablet. My HostApduService is not called.

I've tried all kind of different AIDs: real ones and silly ones, short and long, but nothing works.

When using Tapp, the LogCat says :

11-17 14:51:47.690: D/BrcmNfcJni(3183): RoutingManager::stackCallback: event=0x18
11-17 14:51:47.690: D/HostEmulationManager(3183): notifyHostEmulationActivated
11-17 14:51:47.690: D/BrcmNfcJni(3183): RoutingManager::stackCallback: event=0x17
11-17 14:51:47.690: D/BrcmNfcJni(3183): RoutingManager::stackCallback: NFA_CE_DATA_EVT; h=0x302; data len=20
11-17 14:51:47.690: D/HostEmulationManager(3183): notifyHostEmulationData
11-17 14:51:47.700: D/HostEmulationManager(3183): Service already bound as payment service.
11-17 14:51:47.700: D/HostEmulationManager(3183): Binding to existing service
11-17 14:51:49.932: D/BrcmNfcJni(3183): RoutingManager::stackCallback: event=0x19
11-17 14:51:49.932: D/HostEmulationManager(3183): notifyHostEmulationDeactivated
11-17 14:51:49.932: E/BrcmNfcNfa(3183): UICC[0x0] is not activated

And with my code, the LogCat is :

11-17 14:41:52.079: D/BrcmNfcJni(3183): RoutingManager::stackCallback: event=0x18
11-17 14:41:52.079: D/HostEmulationManager(3183): notifyHostEmulationActivated
11-17 14:41:52.089: D/BrcmNfcJni(3183): RoutingManager::stackCallback: event=0x17
11-17 14:41:52.089: D/BrcmNfcJni(3183): RoutingManager::stackCallback: NFA_CE_DATA_EVT; h=0x302; data len=20
11-17 14:41:52.089: D/HostEmulationManager(3183): notifyHostEmulationData
11-17 14:41:53.340: D/BrcmNfcJni(3183): RoutingManager::stackCallback: event=0x19
11-17 14:41:53.340: D/HostEmulationManager(3183): notifyHostEmulationDeactivated
11-17 14:41:53.340: E/BrcmNfcNfa(3183): UICC[0x0] is not activated

Obviously with my code, the OS doesn't bind the HCE intent to my service. But why?

You'll find below my manifest :

<?xml version="1.0" encoding="utf-8"?>
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
package="net.remolagi.hcetestbanque2"
android:versionCode="1"
android:versionName="1.0" >

<uses-sdk
    android:minSdkVersion="19"
    android:targetSdkVersion="19" />

<uses-permission android:name="android.permission.NFC" />

<uses-feature
    android:name="android.hardware.nfc.hce"
    android:required="true" />

<application
    android:allowBackup="true"
    android:icon="@drawable/ic_launcher"
    android:label="@string/app_name"
    android:theme="@style/AppTheme" >
    <activity
        android:name="net.remolagi.hcetestbanque2.MainActivity"
        android:label="@string/app_name" >
        <intent-filter>
            <action android:name="android.intent.action.MAIN" />

            <category android:name="android.intent.category.LAUNCHER" />
        </intent-filter>
    </activity>

    <service
        android:name=".MyHCEService"
        android:exported="true"
        android:permission="android.permission.BIND_NFC_SERVICE" >
        <intent-filter>
            <action android:name="android.nfc.cardemulation.action.HOST_APDU_SERVICE" />
            <category android:name="android.intent.category.DEFAULT" />
       </intent-filter>

        <meta-data
            android:name="android.nfc.cardemulation.host_apdu_service"
            android:resource="@xml/apduservice" />
    </service>
</application>

</manifest>

my apduservice.xml :

<?xml version="1.0" encoding="UTF-8"?>

<host-apdu-service xmlns:android="http://schemas.android.com/apk/res/android"
    android:description="@string/servicedesc" 
    android:requireDeviceUnlock="true"
    android:apduServiceBanner="@drawable/payment_banner">
<aid-group android:description="@string/aiddescription"
           android:category="payment">
    <aid-filter android:name="A0000000031010"/>
    </aid-group>
</host-apdu-service>

And for good measure, the service (as you can see at the moment, it does nothing except Logging) :

package net.remolagi.hcetestbanque2;

import android.nfc.cardemulation.HostApduService;
import android.os.Bundle;
import android.util.Log;

public class MyHCEService extends HostApduService {


    private static final String TAG = "MyHCEService";

    @Override
    public void onDeactivated(int arg0) {

        Log.i(TAG, "OnDeactivated - arg0 : " + String.valueOf(arg0));
        // TODO Auto-generated method stub

    }

    @Override
    public byte[] processCommandApdu(byte[] arg0, Bundle arg1) {

        Log.i(TAG, "Hooza ! processCommandApdu");

        return arg0;
    }

}

If you have ideas on why it doesn't work, I'll be forever grateful. For now, I'm stumped.

Regards

Philippe

4

5 回答 5

5

EMV 终端将选择的第一个小程序是 PPSE 小程序,因此您可以尝试将它也添加到您的 AID 过滤器中:

<aid-filter android:name="325041592E5359532E4444463031"/>

我不知道您为什么要尝试使用 HCE 模拟付款,但这永远不会得到 Visa 和 MasterCard 的批准,因为对于 EMV 交易,您需要一个需要存储在安全环境中的加密密钥。在最好的情况下,HCE 可用于无卡交易。

于 2013-11-19T07:30:02.820 回答
1

host-apdu-service 结构示例:

对于 HCE 应用程序确实需要包含 PPSE AID 条目:

apduservice.xml 文件:

<host-apdu-service xmlns:android="http://schemas.android.com/apk/res/android"
    android:description="@string/servicedesc"
    android:requireDeviceUnlock="false" >

    <aid-group
        android:category="payment"
        android:description="@string/aiddescription" >

        <!-- Visa Proximity Payment System Environment - PPSE (2PAY.SYS.DDF01) -->
        <aid-filter android:name="325041592E5359532E4444463031" />

        <!-- VISA Debit/Credit (Classic)  -->
        <aid-filter android:name="A0000000031010" />

        <!-- VISA Credit -->
        <aid-filter android:name="A000000003101001" />

        <!-- VISA Debit -->
        <aid-filter android:name="A000000003101002" />

        <!-- VISA Electron (Debit) -->
        <aid-filter android:name="A0000000032010" />

        <!-- V PAY -->
        <aid-filter android:name="A0000000032020" />

        <!-- VISA Interlink -->
        <aid-filter android:name="A0000000033010" />

        <!-- MasterCard PayPass -->
        <aid-filter android:name="A00000000401" />

        <!-- MasterCard Credit -->
        <aid-filter android:name="A0000000041010" />

        <!-- American Express -->
        <aid-filter android:name="A000000025" />

        <!-- BRADESCO -->
        <aid-filter android:name="F0000000030001" />

    </aid-group>

</host-apdu-service>
于 2015-11-10T14:40:19.287 回答
0

我在实验过程中注意到 POS 设备将尝试选择其支持的卡方案的 AID。您可以通过查看“Visa”、“Mastercard”等符号来检查设备上支持的方案。在页面下方的http://en.wikipedia.org/wiki/EMV上有这些方案的 AID 列表. 因此,例如,如果 POS 支持万事达信用卡/借记卡,您可以尝试在 apduservice.xml 中注册万事达卡的 AID:A0000000041010 作为辅助过滤器,而无需为 PPSE 注册 AID。试一试,让我知道它是否有效。

编辑:请注意,我一直在使用 Vivo 技术 POS 阅读器。

于 2013-12-04T14:35:31.220 回答
0

PPSE、Mastercard 和 Visa 的清单: 

<aid-group android:description="paymentGroup" android:category="payment">  
    <aid-filter android:name="325041592E5359532E4444463031" android:description="ppse"/> 
    <aid-filter android:name="A0000000041010" android:description="MasterCard"/> 
    <aid-filter android:name="A0000000031010" android:description="Visa"/>
</aid-group>
于 2014-04-07T12:10:47.447 回答
0

在 2013 年,最佳答案是“我不知道您为什么要尝试使用 HCE 模拟付款,但这永远不会得到 Visa 和 MasterCard 的批准”。哦,那么万事达卡不会有官方的 SDK 来开发 HCE 支付应用程序吧?你怎么能这么肯定?对于现在阅读本文的人来说,是的,您当然可以开发一个 Android HCE 应用程序,万事达卡有大量关于最佳实践的文档。但是,它并不对所有人公开。我不知道是否有办法在不与发行人合作的情况下获取 SDK 和文档。您可以使用对公众开放的 EMVCo 书籍,但仅使用这些指南可能难以实施整个系统。

例如,关于安全环境,RSA 公钥是两个大素数的乘积。如果你能及时找到那些素数,你就可以成为全世界的主人。但是,如果不使用当今的计算能力尝试多年(取决于密钥大小),您就无法找到这些数字,这已由比该线程中的某人具有更好远见的数学家证明,我不会说是谁。整个互联网都使用公钥加密,您并不总是需要安全的硬件来保护您的数据的私密性。总会有办法的,因为你无法达到无限。当你这样做时,它变得有限,这没有任何意义,哈哈。

最后,“有人可以知道一切,在一个没有人知道任何事情的地方”(FY)

于 2021-10-05T14:20:04.887 回答