Near Field Communication System
Introduction
Have you wonder how a contactless payment transactions such as Google Pay is made by your smart phone with a point of sale (POS) machine at a grocery store? It's made possible by a special category of wireless communication system, namely near field communication (NFC). However, although appeared to be simple but in the background, there is a complex system involved to make sure the transaction is made seamless and secured. In this article we will examine the principles of near field communication and wrap it up with an NFC contacless payment system overview and analysis.
Background
Near Field Communication (NFC) evolved from earlier technology of radio-frequency identification (RFID), which supports simultaneous power transfer and communication via inductive coupling between two coils via resonance. With advent of smart phones and industry adaptation NFC standards, widespread of contactless payment and ticketing is made possible.
Overview
Definition: NFC is a technology that allows communication between devices within few center meters.
A NFC device has three modes of operation
Card Emulation
for example, a NFC enabled mobile phone acts a a smart cards for payment and transit ticketing.
Reader/writer
for example, a NFC enabled mobile phone reads information from NFC tags from a label.
Peer to peer
for example, two NFC enabled mobiles phones can exchange information between each other.
Most often the NFC enabled device is used as card emulation mode. One interesting thing to note is that card emulation can work even with the phone being powered down. A slight caveat is that the battery cannot be dead or damaged.
A complete contactless smart card transaction within a mobile device is constituent of a NFC controller (for wireless communication), an embedded secure element (process and authenticate the transaction), and a sim card (communication with cellular network).
What is a SIM card?
A sim card formally referred as Universal integrated circuit card UICC is a smart card used in mobile networks. This is card is needed for the phone to to register, validate and establish a cellular connection with a carrier network. UICC is a complete embedded system containing processor, memories, and I/Os interface. Most surprisingly, It runs its a java applet when powered on. A UICC stores information of subscriber, such as user's personal phone number and contact information, and other secured data.
What is a embedded secure element?
A embedded secure element is as the name suggest is a tamper resistant smart card chip securely runs payment applications, securely store data, securely process date, and lastly securely communicate with external systems. Typically, debit/credit card information and payment java application code is stored and executed in a secured element. It is used injunction with a NFC controller to short range wireless transaction and handshake to other secure element (smart card) devices such as POS terminal at a store.
Note: multiple payment cards can be used with eSE; therefore it can host multiple applications.
What is a NFC controller?
NFC Controller chips as more accurately referred as contactless front (CLF) is the a wireless chip that connects mobile device with NFC cards, tags, and POS terminal. If other NFC devices contains an secure element (i.e smart card), then smart card transaction can be securely made.
DETAILED Design
Architecture
Application processor: This is the CPU of system on chip that is used to communicate with the SIM card using ISO7816 protocol
NFC: This is the short range communication transceiver chip via inductor coupling on a carrier wave of 13.56 MHZ.
eSE: eSE is the embedded smart card that is used to store and process payment transactions.
UICC: This is the sim card that is inserted to your phone. It's used to store carrier subscriber information and personal information.
Modes of Payment Transaction Flow
Phone is in Suspend mode:
External magnetic field of NFC reader is detected by device NFC controller
Device NFC controller establish wireless communication link with NFC reader
Device NFC controller redirects transaction to eSE for secure payment handshaking
Card information provided and authenticated by NFC reader
Transaction completed
Phone is in active mode:
Alternatively (using Host Card emulation i.e NFC by passing eSE)
NFC controller routes all data to Application processor where payment application is ran such as Google Pay
Payment credential is verified in the cloud
Transaction completed
Why using eSE if Host card emulation does not use it?
It is used when phone is powered off; payment transaction can still carried out using securely stored credit card information or transit card information inside the eSe.
Why is NFC connected to SIM via SWP?
SWP is an standardized interface between NFC and SIM. Remeber SIM card is technically a secure element as running secure application and stored secure data. Different NFC application requires different verification method and one of verification path is going to SIM. Also note, that NFC generally controls power going into SIM and can pull down the SIM I/O line if needed. More explanation will be provided in the future.
What are the leading NFC solution vendors?
ST and NXP both provides complete solution. In practice, eSE+eSIM+CLK are stacked inside one IC package, reducing complexity of the design and save board space.
Note: In this design, we intentionally left out the antenna, RF path, and power management design for phone suspend/resume state for this system. In practice, power architecture needs to be thought out to ensure proper operation.
Summary
We went through an example of how NFC payment system is designed from an system engineering perspective and learned that security is the most important piece. We see that NFC controller responsible for wireless contact is only one small piece of the entire system.