Secure NFC Vehicle Sharing

Case of study

Secure Identification

for Vehicle Sharing Systems

Bluewind developed SecureNFC, a platform providing Security and Identification for Vehicle Rental, Vehicle Sharing and Parking Systems

The system is designed as a secure node to develop a vehicle sharing system with strong focus on trusted user authentication. SecureNFC securely authenticates user and base rack and then waits for infrastructure (the server backend) authorization through Peer-to-Peer channel on mobile devices.
No customer’s sensitive data stored into the card.

Overview

 

Designed for Security

Attack methods are getting more and more sophisticated and the whole data and identity certification path must be protected in a proper way.
SecureNFC system relies on Mifare(c)  Ultralight C card technology and PeerToPeer (P2P) communication to allow end-to-end communication with the backend server.

Solution

 

On the lowest end of the system, card technology and authentication logic must consider cloning and emulation attacks and the impact of a violation on the system.
On reader-to-backend(server) communication side, security issues must be avoided by proper channel protection and authentication procedures.
The use of end-user smartphones in place of dedicated gateway devices imposes the need of strong security criteria.

System Highligts

  • P2P communication with enabled smartphone leads to gateway-less system
  • Secure user authentication
  • P2P communication with NFC enabled smartphone
  • Dual antenna, dual role communication
  • Mifare Ultralight C based system (open 3DES cryptography)
  • Diversified authentication keys
  • Card  cloning and emulation countermeasures
  • Full NFCIP-1 compliance thanks to NXP’s state-of-the-art PN512 solution.
  • NXP PN512 full-NFC front-end