Making Host Card Emulation work for payment
I've been using StackOverflow for years now, always finding answers to my questions before even asking them, but today I'm stuck.
As I happen to have a working POS terminal (the EMV Chip&Pin kind), I wanted to look into host card emulation.
The terminal works with the latest version of Tapp, so I know that the terminal is good and that my N7 with Kitkat can actually do payment (or at least the terminal do a series of good sounding bleeps and bloops, and the tablet launch Tapp's enrollment screen).
So I've read the manual(s) and written a bunch of lines with the objective of seeing something arrive on my HostApduService.
It partially works as I can find my dummy "card" in the Tap&Pay settings of the tablet.
But the "payment" part doesn't work: just two high-pitched bleeps from the POS terminal and nothing on the tablet. My HostApduService is not called.
I've tried all kind of different AIDs: real ones and silly ones, short and long, but nothing works.
When using Tapp, the LogCat says :
11-17 14:51:47.690: D/BrcmNfcJni(3183): RoutingManager::stackCallback: event=0x18
11-17 14:51:47.690: D/HostEmulationManager(3183): notifyHostEmulationActivated
11-17 14:51:47.690: D/BrcmNfcJni(3183): RoutingManager::stackCallback: event=0x17
11-17 14:51:47.690: D/BrcmNfcJni(3183): RoutingManager::stackCallback: NFA_CE_DATA_EVT; h=0x302; data len=20
11-17 14:51:47.690: D/HostEmulationManager(3183): notifyHostEmulationData
11-17 14:51:47.700: D/HostEmulationManager(3183): Service already bound as payment service.
11-17 14:51:47.700: D/HostEmulationManager(3183): Binding to existing service
11-17 14:51:49.932: D/BrcmNfcJni(3183): RoutingManager::stackCallback: event=0x19
11-17 14:51:49.932: D/HostEmulationManager(3183): notifyHostEmulationDeactivated
11-17 14:51:49.932: E/BrcmNfcNfa(3183): UICC[0x0] is not activated
And with my code, the LogCat is :
11-17 14:41:52.079: D/BrcmNfcJni(3183): RoutingManager::stackCallback: event=0x18
11-17 14:41:52.079: D/HostEmulationManager(3183): notifyHostEmulationActivated
11-17 14:41:52.089: D/BrcmNfcJni(3183): RoutingManager::stackCallback: event=0x17
11-17 14:41:52.089: D/BrcmNfcJni(3183): RoutingManager::stackCallback: NFA_CE_DATA_EVT; h=0x302; data len=20
11-17 14:41:52.089: D/HostEmulationManager(3183): notifyHostEmulationData
11-17 14:41:53.340: D/BrcmNfcJni(3183): RoutingManager::stackCallback: event=0x19
11-17 14:41:53.340: D/HostEmulationManager(3183): notifyHostEmulationDeactivated
11-17 14:41:53.340: E/BrcmNfcNfa(3183): UICC[0x0] is not activated
Obviously with my code, the OS doesn't bind the HCE intent to my service. But why?
You'll find below my manifest :
<?xml version="1.0" encoding="utf-8"?>
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
package="net.remolagi.hcetestbanque2"
android:versionCode="1"
android:versionName="1.0" >
<uses-sdk
android:minSdkVersion="19"
android:targetSdkVersion="19" />
<uses-permission android:name="android.permission.NFC" />
<uses-feature
android:name="android.hardware.nfc.hce"
android:required="true" />
<application
android:allowBackup="true"
android:icon="@drawable/ic_launcher"
android:label="@string/app_name"
android:theme="@style/AppTheme" >
<activity
android:name="net.remolagi.hcetestbanque2.MainActivity"
android:label="@string/app_name" >
<intent-filter>
<action android:name="android.intent.action.MAIN" />
<category android:name="android.intent.category.LAUNCHER" />
</intent-filter>
</activity>
<service
android:name=".MyHCEService"
android:exported="true"
android:permission="android.permission.BIND_NFC_SERVICE" >
<intent-filter>
<action android:name="android.nfc.cardemulation.action.HOST_APDU_SERVICE" />
<category android:name="android.intent.category.DEFAULT" />
</intent-filter>
<meta-data
android:name="android.nfc.cardemulation.host_apdu_service"
android:resource="@xml/apduservice" />
</service>
</application>
</manifest>
my apduservice.xml :
<?xml version="1.0" encoding="UTF-8"?>
<host-apdu-service xmlns:android="http://schemas.android.com/apk/res/android"
android:description="@string/servicedesc"
android:requireDeviceUnlock="true"
android:apduServiceBanner="@drawable/payment_banner">
<aid-group android:description="@string/aiddescription"
android:category="payment">
<aid-filter android:name="A0000000031010"/>
</aid-group>
</host-apdu-service>
And for good measure, the service (as you can see at the moment, it does nothing except Logging) :
package net.remolagi.hcetestbanque2;
import android.nfc.cardemulation.HostApduService;
import android.os.Bundle;
import android.util.Log;
public class MyHCEService extends HostApduService {
private static final String TAG = "MyHCEService";
@Override
public void onDeactivated(int arg0) {
Log.i(TAG, "OnDeactivated - arg0 : " + String.valueOf(arg0));
// TODO Auto-generated method stub
}
@Override
public byte[] processCommandApdu(byte[] arg0, Bundle arg1) {
Log.i(TAG, "Hooza ! processCommandApdu");
return arg0;
}
}
If you have ideas on why it doesn't work, I'll be forever grateful. For now, I'm stumped.
Regards
Philippe
Answer
The first applet that will be selected by a EMV terminal is the PPSE applet, so you can try to add it also to your AID filters:
<aid-filter android:name="325041592E5359532E4444463031"/>
I don't know why you are trying to emulate payment with HCE but this will never be approved by Visa and MasterCard since for EMV transaction you need a cryptographic keys that need to be stored in secure environment. In the best case the HCE can be used for card not present transactions.