Do I Have To Know What The Aid Of A Card Is For Card Emulation With Android Hce?
Solution 1:
Do I have to know what the AID of a card is for card emulation with Android HCE?
Yes, definitely! The AID is the name of your application. The reader will ask cards (emulated or not) if they contain an application with a certain name and will only communicate with those cards that contain the application that the reader supports.
How do I find the AID (or AIDs) of the applications on a certain card?
The most obvious way: Ask the system owner or manufacturer. If they don't tell you, you most probably should not be fiddling around with emulating the card anyways.
There are, of course, other ways to find out how the card works. Many cards follow some standards. Payment cards, for instance, usually implement EMV protocols. For transport cards there are also several standards, e.g. VDV-KA, ITSO, etc. You could try to find out if the card uses some standard/well-known application by doing some finger-printing (e.g. analyze the card to find out the card type, chip type, chip manufacturer, etc.) and by doing brute-foruce scans (e.g. try to select well-known application AIDs, try to enumerate files on the card, etc.) You should be able to find a couple of free tools that could help you with this.
Is knowing the AID enough to emulate (e.g. using HCE) a certain card
No, certainly not.
First of all, you also need to know and implement the protocol that the reader speaks with the application. While many smartcard applications use common command/response constructs (cf. ISO/IEC 7816-4 inter-industry commands), each application typically uses them in its slightly own way. If the application follows some standard, you can simply implement that standard. If the application uses some proprietary protocol, you are back at asking the system owner/manufacturer or at heavy trial-and-error.
Second, even the AID and the protocol are typically not enough to duplicate and emulate a specific card. Smartcards are usually designed to store some secret to usiquely identify and authenticate a card. These secrets typically cannot be extracted from a card. Hence, you cannot simply transfer that secret data into your HCE application.
Solution 2:
Before implementing HCE is good to learn your native card application. At least read ATR/ATS of card to understand the chip manufacture and as second step sniff the communication flow between card and terminal for next analyzing. Google/Search your card solution.
The reason to register your application AID on Android device - to map Card AID to your HCE application.
"NFC TagInfo by NXP" - Android application, is good for quick NFC analyzing.
Card type description from ATR/ATS you can try resolve from ludovic rousseau smartcard list.
Some AIDs (payment cards mostly) listed in EFTlab AIDs collection.
Most important for your implementation is your transit card EMV/NFC communication flow and algorithms behind.
Solution 3:
AIDs for Visa, Master card and other known companies are registered. You can find the AIDs in the below Wikipedia link
https://en.wikipedia.org/wiki/EMV
AIDs for the Visa from the above link
Visa - A0000000031010, A0000000032010, A0000000032020, A0000000038010
Post a Comment for "Do I Have To Know What The Aid Of A Card Is For Card Emulation With Android Hce?"