Mobile Connect Applet

Contact us Request a demo

Architecture

Movenda Mobile Connect Applet is based on the PDATA.04 SIM Applet Authentication Specification

Movenda Mobile Connect Applet Architecture

Movenda Mobile Connect Applet is uploaded to the ISD by using the OTA keys.

Card platform

Standards & features:

  • APDU management: ISO/IEC 7816-4: 2013, ETSI TS 102.221
  • Secure messaging over SMS: 3GPP TS 31.115 v. 11.0.0 in poi, ETSI TS 102.225
  • Application Toolkit: 3GPP TS 31.111, ETSI TS 102.223
  • Application management: 3GPP TS 31.116, ETSI TS 102.226, GlobalPlatform Card Specification v. 2.2.1
  • APDU management: ISO/IEC 7816-4: 2013, GSM 11.11
  • Secure messaging over SMS: GSM 03.48
  • SIM Application Toolkit: GSM 11.14

Authentication levels

LoA1

Low – No authentication method

LoA2

Medium – Authentication method (OK Click)

LoA3

High – Authentication method (Enter Personal Code)

LoA4

Very High – Authentication method (Mobile Signature)

Authentication method

It is installed and configured within the applet that can be invoked by MSSP to authenticate the user

    "Click OK" authentication based on:

  • Secure messaging layer
  • 3DES-CBC
  • AES-CMAC
  • OATH OCRA
  • PKI

    "Personal Code" authentication based on:

  • Secure messaging layer
  • 3DES-CBC
  • AES-CMAC
  • OATH OCRA
  • PKI

Scenarios

  • Mobile Connect Sing-up

    Allows a Service Provider to request and receive information from a user, subject to authorization by the user himself.

  • Mobile Connect Autenticate

    Allows a Service Provider to authenticate a user via the user's mobile device. Security levels: MC Authenticate (LoA2), MC Authenticate Plus (LoA3)

  • Mobile Connect Authorise

    Consente a un Service Provider di autenticare un utente e richiedere di autorizzare un'azione o una transazione. Livelli di sicurezza: MC Authorise (LoA2), MC Authorise Plus (LoA3).

Card authentication application - CAA

The Personal Code cannot be read via OTA with RAM or RFM and cannot be accessed by other applications on the SIM. The Personal Code is valid locally.

The device must support a minimum command set, SMS-PP MT, SMS-PP MO and :

PROVIDE LOCAL INFO(OPT)

Access to TERMINAL PROFILE

SEND SHORT MESSAGE

ENVELOPE SMS PP-DOWNLOAD

DISPLAY TEXT

GET INKEY

GET INPUT

RINGTONE(OPT)

OATH OCRA implementation details

LibrariesJC 221
102241_Annex_D
usim_31_130_6_6
Event SETEVENT_FORMATTED_SMS_PP_ENV
OATH OCRA algorithmJCSystem.beginTransaction();
JCSystem.commitTransaction();
JCSystem.abortTransaction();
JCSystem.requestObjectDeletion();
Required memoryPkg: 7008 B di EEPROM
Instance: 496 B di EEPROM e 352 B di RAM
Creazione 1 handler di tipo MSL: 32 B di EEPROM
Creazione 1 handler di tipo OATH OCRA: 128 B di EEPROM
Creazione del Personal Code: 80 B di EEPROM e 2 B di RAM

Useful links