Hi,
I am Amar Sahu a Research Student working at Indian Institute of Science Bangalore, India. I am working with NFC applications and am using a Nokia 6131 NFC phone. I am trying to implement the ticketing application on the phone. I have an External card reader from Arygon. When i try to check the balance of NFC card on the phone; I get a SecurityException error. The forum members suggest that I have to buy a certificate from a Certifying Authority (CA) to get rid of this error. Is this true? I tried creating a self signed certificate but it didn't help. Please help me if there are any alternate methods for implementing this application.

Dear amarsahu,

Thank you for you post. Yes, it is true, that you do need to have a signed Certificate (by a CA) to verify the authenticity of your application on the phone. Your self-sign certificate does not work, as the appropriate root certificate is not in the phone. Therefore if you would like your application to access to secure element you do need a certificate. Remember: The secure element is not a play ground and therefore also the application accessing the secure element need to be secured.

Actually when buying a certificate from thawte you do get a discount if you mention that you are a university or a student.

Hi Guru :-)

The tutorial is very helpful!

Thanks!

Best Regards,
Croozeus

Hi Croozeus - thanks a lot!

Hi,
I am unsuccessfully trying to select the Arygon NFC reader in transparent mode. The Arygon reader uses the same chip as the Nokia6131 i.e. the NXP PN531 but I can select the Nokia phone in transparent mode. I have configured the Arygon reader as a target using the TgInitTAMATarget command (passive only mode) etc. I would like to know what the difference might be between the Nokia6131 implementation and my code for the Arygon reader. I think the Nokia phone switches continuously from active to passive mode in search of a card or reader. Can you tell me exactly what goes on while the phone is idle and what commands are used once a reader/writer is detected?

Dear cschandorf, sorry, but I don't know excatly details about the polling loop of the 6131 especially in combination with the argyon reader. What you could try is, switching card emulation mode and then use a midlet to switch the nokia into initator mode to communicate with the arygon reader.

I hope that helps.

Cheers, Gerald

Hi, I have two questions regarding your NFC implementation.
Q1. Assume a defense application where the phone battery no longer works and cannot be recharged in the field. Will the NFC implementation still work properly when the phone is presented to a card reader? As you know, a contactless smart card would work, drawing its energy from the reader.
Q2. Assume for the same integrated application, with a working battery, that I require both Skyhook-like location sensing and NFC capability. Where can I get such a phone?

Hi geomcq,

ad Q1) I'm a litte unsure what you mean by 'defense application', but for now I assume, you mean a smartcard application in the secure element of the mobile phone. (please correct me if I'm wrong). Yes, there is work in progress by the NFC players, that such a "powered by the field" mode is implemented into hardware of an NFC device, if necessary.

ad Q2) As far is I know, there is no such device available at the moment.

Br, Gerald

Thanks. By defense, I meant military, but only in the sense that the phone is in an environment where otherwise logical solutions like "relace the battery" or "charge the battery" are not possible, at least not immediately.
Should I conclude from your anwer that the Nokia 6131 NFC will not provide NFC applications without the phone battery being charged and available?
Can my applications (MIDlets) access NFC features in such a way that I can provide a public key application that draws on the
"secure element" for actual private key encryption and decryption for messages transmitted over the internet?

Dear Gerald,
I am very new to NFC. I want to create a working prototype which can demonstrate secure payment transactions using NFC, this does not require actual mobile phone implementation, only emulator based application will work. I have started to explore Nokia 6212 SDK.
Can an emulator containing user's credit credentials in SE, communicate with some reader back and forth to emulate the actual transaction scenario (mobile being used as contact less smart card)
Please guide me by providing a line of action and some pointers to relevant material.
Kind Regards
Shahzad Saleem
KTH, Stockholm.

Dear Geomcq,

(sorry for the late reply)

ad Battery) Yes & No. With regard to card Emulation, there is basic mode, that allows you to use your phone as smartcard even, the phone is off (but not without battery). This mode is called "powered-by-the-field". R/W or P2P based Applications (using Midlets) do require a battery.

ad PKI) Yes, you can use the assymetric cryptographic functions of the integrated secure elements of the Nokia 6131

br, gerald

Dear shahzads,

actually the NFC Manager of the 6212 SDK is only able to simulate the mobile phone, but no external reader. Therefore it might be somehow tricky to simulated a payment infrastructure, that consists out of a mobile as well as an external terminal. The SE of the NFC Manager actually be used to store credit credientials.

Please find some code examples (see "ticketing") in the WIKI: http://wiki.forum.nokia.com/index.php?title=Category:WIMA2008

Br, Gerald

Hi
First of all thanks for a prompt response. I have two more questions from your reply.
(1) If I follow Mobile to Reader scenario then I will have to have an actual mobile phone and reader. I have seen a way to unlock SE of 6131 from Nokia forum, similarly do we need to unlock SE of 6212 too if yes then the same code will work or there is some other way?
(2) If I simulate another scenario i.e. money transactions between 2 peers emulated by two instances of 6212 each having an emulated smart card in it and communicating by NFC LLCP. Is it possible and feasible line of action? If yes then please provide me some useful pointers and links to get more understanding and help in its implementation.
Thanks
Shahzad Saleem.

Manual is really helpful. Thank you!

Hello sir,

I have some doubts regarding the application that can be developed using the 6131 (or 6212 nokia). My question is whether it is possible to do bluetooth pairing through NFC using JSR82 and JSR257 API's or not and if its possible some guidance on how to achieve that on the 6131 (or 6212)? and if its not possible then is there any other alternative to achieve bluetooth pairing through NFC.
Hoping for soon reply.

Thanks in advance.
Rajen

Dear Rajen,

BT-Pairing (at the Moment) can only be done between one of the Nokias and an external device such as a picture Frame, a printer or an audio device. pairing between two nokia at the moment is not yet possible for the of-the-self phones.

Br, Geri-m

Thanks for instant reply sir.

I would also like to know if the pairing between nokia and an external device can be done through JSR82? If yes can you please guide me through the basic and if no then how to accomplish the pairing part between the two at application layer?

Thanks for your guidance.
Rajen

Dear Rajen,

as fas as I know, the JSR82 can not be used to pair to BT-Devices. (it can only be done on a lower layer). But I'm not an expert on BT. Feel free to post your question in the form nokia as well in a related thread.

br, Gerald

Thanks for the guidance, will do as directed :).

Regards,
Rajen

Dear Gerald,
JSR 177 included with 6212 does not have the following packages of SATSA
1) satsa-apdu
2) satsa-jcrmi

Will you please guide me how can i add them to 6212 SDK. Actually I want to use Asymmetric Cryptography with 6212 SDK for signing/varification and en/decryption.
Kind Regards
Shahzad.

Dear Shahzad,

the best way to cover this problem is

a) to use the ext. JSR257 to communicate with the Secure element (using APDUs)
b) implement a Java Card Applet running on the secure element doing the cryptographic functions for you.

Br, Gerald

Dear Gerald,
I want to confine myself only to the emulator and accompanying NFC manager. Any suggestions for this scenario?
BR
Shahzad.

Dear Gerald,
Will you please let me know:
1- How to un-lock 6212 to install java card applets into its SE.
2- How to install/add java card applets to SE of 6212.
Thanks,
Shahzad.

Dear Shahzads,

ad 1) The unlock tools is available at
ad 2) You could use tools like Sun's JavaCard SDK, G&D Smartcafe or NXP JCOP Tools,

Br, Gerald

The unlock tool is available here: http://www.forum.nokia.com/info/sw.nokia.com/id/a796065d-fa6a-449f-b3de-70d46ff99f19/NFC_Unlock.zip.html

Br, Gerald

Dear Gerald,
I am working with Nokia 6212 Emulator. Scenario is the following:
Two peers want to communicate securely using LLCP. Security features are provided by an emulated smart card residing in SE of Nokia Emulator along with P2P communication using LLCP.
In this regard, I have implemented two emulated smart cards and attached them with two instances of Nokia 6212, then opened a connection with smart card on each peer. Then I tried to establish a P2P link using LLCP to communicate between two peers, which I could not do because both outbound and inbound connections are lost.
Emulator can either communicate with emulated smart card or with its peer using LLCP at a time but can't do both types communications simultaneously. Do you know how can i get around this problem.
Kind Regards
Shahzad.

Dear Shahzad,

I came across this issue some time ago. At the moment there is no possibile to due so, due to the implemented of the NFC Chipset inside the mobile device.

br, gerald

Dear Gerald,
Thanks for a prompt response. Just one thing more, is the above scenario (simultaneous communication with an embedded smart card residing in SE of actual nokia mobile phone and P2P using LLCP) possible with a real nokia 6212 mobile phone? Hope to hear from you soon from you again.
Kind Regards
Shahzad.

Dear Shahzad, nop it is also not possible on the real phone (6212 nor 6131). br, Gerald

Hi,
I bought a certificate from thawte. I used carbide to sign my application. However when I load this application on the phone I get an error saying certificate not on phone or sim. How do I get rid of this error?

very useful article, thank you Gerald.

Hi amarsahu,

have you made sure, that the appropriate Root-Certificate is in the memory of phone? (you can check this with the certificate manager). Also make sure, that date and time are correctly set.

Br, Gerald

Hi guru,
I'm about to buy a Code signing certificate from Thawte in order to sign a midlet which will be deplyed on 6212 NFC Nokia. In my memory phone, I have three root-certificate:
a Thawte Code Server Ca,
a Thwate Premium Server CA and
a Thwate Code Signing.
The latter one should be the right certificate for cross-certification with any code-signing certificate bought from Thwate, but the option " Cross-certification" is disabled by default , while "application-signing" and "server-authentication" are enabled.
I fear some problems may arise while installing any certificate acquired from Thwate. I tried to search the Web but found no clear explanations.
May I have your opinion in this regard? Have you had any experience in code-signign with Thwate?
Thanks advancely
Paolo

Hi Paolo,

I'm using also a thawte certificate to sign my midles. As you are having the appropriate certifcates in the certificate store it should (I cross my finger - no garantuee ;-) work you for you fine.

br, Gerald

Gerald,

I apologize for the newbie question. I have a Nokia 6212, and I'd like to know the process of how to load either a MIFARE tag or a JavaCard applet on the secure element in order to make the phone operate in card emulation mode.

Thanks,

Bruce

Hi Gerald,

Iam also having same issue as above. I am new to NFC. Trying to load a Java Card applet to secure element in Emulator of 6212. I can see the option to do the same in 6131 emulator.
But donot know how to do the same in 6131.

Regards
Mammooty

Well,

1) you need a JavaCard Dev-Enviroment (eg. lie Eclipe, Netbeans + JavaCard Plugins)
2) unlook the Nokia using the unlock Midlet; this will set the keys of the secure elemen to "standard"
3) get a Contactless Reader
4) use GPShell (etc.) to load the applet into the secure element. (see: http://discussion.forum.nokia.com/forum/showthread.php?t=124299)

Cheers, geri-m

Well,

1) you need a JavaCard Dev-Enviroment (eg. lie Eclipe, Netbeans + JavaCard Plugins)
2) unlook the Nokia using the unlock Midlet; this will set the keys of the secure elemen to "standard"
3) get a Contactless Reader
4) use GPShell (etc.) to load the applet into the secure element. (see: http://discussion.forum.nokia.com/forum/showthread.php?t=124299)

Cheers, geri-m

Sir,
I am trying to develop mobile application for nokia S60 in which i need to access sim contacts.i tried using j2me but unable to do it .In S60 guide, it is mentioned tht S60 doesn't support APDU and jcrmi package.But in the folder where i installed S60 emulator,APDUConnection class file is present in its lib folder.so i m nt getting it.

or there is ny other way to do it???????
waiting 4 ur reply

Sir,
I am trying to develop mobile application for nokia S60 in which i need to access sim contacts.i tried using j2me but unable to do it .In S60 guide, it is mentioned tht S60 doesn't support APDU and jcrmi package.But in the folder where i installed S60 emulator,APDUConnection class file is present in its lib folder.so i m nt getting it.

or there is ny other way to do it???????
waiting 4 ur reply

As far as I'm concered, you are currently not able to use the APDU/JSR177 to access the UICC in the mobile.

sir,
then how to access sim contacts of nokia???????

sorry, but I don't think it is possible at the moment.

Hi,
I want to load credit/debit card details on the secure element of the nokia 6131 NFC phone. I have purchased a certificate from thawte to access the secure element on the phone. How is this done?
Is there any application that has to be written in order to load the card details on the phone. Your inputs will help me proceed.

Regards,
Amar Sahu

In order to load details into the secure element, you have to use the unlock midlet to remove the keys of the secure element. then you can do the following:

1) you need a JavaCard Dev-Enviroment (eg. lie Eclipe, Netbeans + JavaCard Plugins)
2) unlook the Nokia using the unlock Midlet; this will set the keys of the secure elemen to "standard"
3) get a Contactless Reader
4) use GPShell (etc.) to load the applet into the secure element. (see: http://discussion.forum.nokia.com/forum/showthread.php?t=124299)

you don't need the certificate to load applets into the secure element.

In order to load details into the secure element, you have to use the unlock midlet to remove the keys of the secure element. then you can do the following:

1) you need a JavaCard Dev-Enviroment (eg. lie Eclipe, Netbeans + JavaCard Plugins)
2) unlook the Nokia using the unlock Midlet; this will set the keys of the secure elemen to "standard"
3) get a Contactless Reader
4) use GPShell (etc.) to load the applet into the secure element. (see: http://discussion.forum.nokia.com/forum/showthread.php?t=124299)

you don't need the certificate to load applets into the secure element.

Dear Gerald,
I want to develop application that enables the communication between nokia 6131 NFC and an external reader (NFC Encoder) which is connected to a PC.
My question follows:
Do I have to install an applet in the phone's SE and a MIDLet in the phone? And also a desktop application based on the reader SDK?
Can I not install this applet in the SE and make the communication between the phone and the reader directly through the MIDLet?

Thanks,

Sir,
I m trying to access sim contacts using APDU package.
But there to open the connection with sim, it asks for application identifier of sim application. How can we obtain this application identifier?

Sir,
I m trying to access sim contacts using APDU package.
But there to open the connection with sim, it asks for application identifier of sim application. How can we obtain this application identifier?

Hi Gerald. I like your blog more than others cause you answer allways.
Iam also trying to load a Java Card applet to secure element in Emulator of 6251.

Hey guys,

it's not that tricky

1) load unlock midlet onto the phone and unlock secure elemenet
2) Key-set 42 is now 404142434445464748494a4b4c4d4e4f
3) Then use a tools such a gpshell, jcop tools, g&d smartcafe, gemalto devSuite and authenticate against the card
4) load and install applet.

Just try to be more precisese where you have trouble. there are already serval posting on that on my blog as well as in the nokia forum.

all the best, Gerald

Dear Gerald,

I want to demonstrate the ticketing example of 6212 sdk and I have some questions.

I also tried the emulation of the ticketing example of 6131 sdk successfully and it works well but I wonder how should I do for 6212.

My questions are:
1- how can I use internal and external secure card applets of 6131 ticketing example for emulate on 6212?
2- how can I develope my own smart card applets and load them to internal and external smartcard of 6212 emulator and NFC card manager.

Thanks
Hamid

thank you Gerald for this great article.