Final Report Summary - HIGHTRUSTWALLET (A framework for mobile wallets that provides the security levels QAA1-4 in a TSM architecture supporting the use of e-Identity cards on the mobile phone.)
Executive Summary:
The project has been concerned with realising a mobile wallet framework for payments, identification and loyalty points collection.
We have addressed these wallet functions in two distinc ways:
To realise payment and loyalty functionality, we have developed hardened software solutions that replace traditional hardware-based solutions in phone, such as SIM card.
To realise identification, we have developed software running on microSD cards in order to satisfy the higher demands to security of this scenario.
The developed solutions have been integrated with SME partner systems and demonstrated at trade fare events.
Project Context and Objectives:
The project is concerned with building a framework for mobile wallets, and the purpose of this High
Trust Wallet system is to allow people to carry out secure transactions, including identification,
payment, loyalty point collection, and service access with their smartphones. The range of services
encompasses transactions where a physical card, token, or key of some sort was previously required.
Thus, the system may be said to perform the function of a virtual wallet containing virtual cards.
The framework will provide the security levels QAA1-4 supporting the use of e-Identity cards on the
mobile phone. Many mobile wallets available today require the use of a physical secure element in
the phone that is costly to gain access to and has limited storage capacity. As opposed to a physical
wallet that usually contains identity cards; no mobile wallet available today can provide the
electronic equivalent – the electronic identity (eID) – because there are no solutions that provide the
required level of security. To make the mobile wallet a real alternative to the physical wallet, there is
a need for more storage capacity and higher security levels.
Our idea is to develop a high-security wallet framework that can potentially be used in combination
with mobile wallets from different providers. Combined with a secure element implemented in
software, improved authentication methods and our wallet server and Trusted Identity Manager (TIM)
back-ends system we will be able to provide life-cycle management for services at different security
levels. The use of a secure software element will provide a neutral point of contact between the users
and the service provider, provide a cost-efficient solution for over-the air provisioning of mobile
phones and reduce user lock-in imposed by mobile operators or mobile phone manufacturers
Project Results:
The project has gone through all faces of constructing a prototype system: requirement capture and
specification, design, implementation, test and integration and demonstration, as well as, training and
transfer of knowledge, and planning exploitation.
The main results are:
1. A wallet client with two software secure elements, one based on whitebox cryptography and one
based on technology from partner Intrinsic-ID.
2. A system backend for payment and loyalty card applications in the form of a wallet server.
3. Interface to a system backend for e-ID applications, based on Sirrix' Trusted Identity Manager
4. Demonstration of software integrated with SME partner systems.
5, Exploitation activities involving demonstrating integrated software
Potential Impact:
Service providers with low security requirements will benefit from our innovations through easier
access to the users and reduced costs for provisioning. Our innovation will aid the roll-out of eIDs in
European countries by improving user-friendliness. This is an important step towards improving
European eGovernment infrastructure. In particular the secure wallet technology and infrastructure
developed in the project can be used to secure contactless payment based on Near
FieldCommunication and Cloud Based Payment. Results obtained for integration of hardware based
SEs in the wallet framework will be used for QAA4-level identification. The SMEs will benefit from
increased revenue and sales of the developed technology and expect 5 years post project an
accumulated turnover of €168 million from selling the new HighTrustWallet, creating an estimated
1120 jobs.
List of Websites:
Public web-cite address:
http://htw-public.nr.no/
Scientific coordinator's contact information:
https://www.nr.no/nb/user-info?query=bjarte
The project has been concerned with realising a mobile wallet framework for payments, identification and loyalty points collection.
We have addressed these wallet functions in two distinc ways:
To realise payment and loyalty functionality, we have developed hardened software solutions that replace traditional hardware-based solutions in phone, such as SIM card.
To realise identification, we have developed software running on microSD cards in order to satisfy the higher demands to security of this scenario.
The developed solutions have been integrated with SME partner systems and demonstrated at trade fare events.
Project Context and Objectives:
The project is concerned with building a framework for mobile wallets, and the purpose of this High
Trust Wallet system is to allow people to carry out secure transactions, including identification,
payment, loyalty point collection, and service access with their smartphones. The range of services
encompasses transactions where a physical card, token, or key of some sort was previously required.
Thus, the system may be said to perform the function of a virtual wallet containing virtual cards.
The framework will provide the security levels QAA1-4 supporting the use of e-Identity cards on the
mobile phone. Many mobile wallets available today require the use of a physical secure element in
the phone that is costly to gain access to and has limited storage capacity. As opposed to a physical
wallet that usually contains identity cards; no mobile wallet available today can provide the
electronic equivalent – the electronic identity (eID) – because there are no solutions that provide the
required level of security. To make the mobile wallet a real alternative to the physical wallet, there is
a need for more storage capacity and higher security levels.
Our idea is to develop a high-security wallet framework that can potentially be used in combination
with mobile wallets from different providers. Combined with a secure element implemented in
software, improved authentication methods and our wallet server and Trusted Identity Manager (TIM)
back-ends system we will be able to provide life-cycle management for services at different security
levels. The use of a secure software element will provide a neutral point of contact between the users
and the service provider, provide a cost-efficient solution for over-the air provisioning of mobile
phones and reduce user lock-in imposed by mobile operators or mobile phone manufacturers
Project Results:
The project has gone through all faces of constructing a prototype system: requirement capture and
specification, design, implementation, test and integration and demonstration, as well as, training and
transfer of knowledge, and planning exploitation.
The main results are:
1. A wallet client with two software secure elements, one based on whitebox cryptography and one
based on technology from partner Intrinsic-ID.
2. A system backend for payment and loyalty card applications in the form of a wallet server.
3. Interface to a system backend for e-ID applications, based on Sirrix' Trusted Identity Manager
4. Demonstration of software integrated with SME partner systems.
5, Exploitation activities involving demonstrating integrated software
Potential Impact:
Service providers with low security requirements will benefit from our innovations through easier
access to the users and reduced costs for provisioning. Our innovation will aid the roll-out of eIDs in
European countries by improving user-friendliness. This is an important step towards improving
European eGovernment infrastructure. In particular the secure wallet technology and infrastructure
developed in the project can be used to secure contactless payment based on Near
FieldCommunication and Cloud Based Payment. Results obtained for integration of hardware based
SEs in the wallet framework will be used for QAA4-level identification. The SMEs will benefit from
increased revenue and sales of the developed technology and expect 5 years post project an
accumulated turnover of €168 million from selling the new HighTrustWallet, creating an estimated
1120 jobs.
List of Websites:
Public web-cite address:
http://htw-public.nr.no/
Scientific coordinator's contact information:
https://www.nr.no/nb/user-info?query=bjarte