Cloud of secure elements: An infrastructure for the trust of mobile NFC services

In this paper we introduce a cloud of secure elements (CoSE) platform dedicated to trusted NFC (Near Field Communication) mobile services. Secure Elements are secure microcontrollers, (or virtualization of such entities), stored in dedicated internet servers. They are today shipped per billions for payment (EMV), transport, PKI, or identity (ePassport) services. They host applications whose interface binary encoding rules are precisely defined by the ISO7816 standards. Secure elements management (i.e. application downloading, activation, and deletion) is performed according to the Global Platform standards. The mobile establishes a secure TLS channel with a remote server of secure elements. This TLS session is booted from an external secure NFC device that embeds a TLS stack, and which is afterwards transferred to the mobile. The platform works with an Android 4.4 operating system. Two trusted services are detailed EMV payment and cryptographic provider. We believe that the use of secure elements in the cloud could also solve trust issues for internet users, mobile applications or virtual machines environments.