Received: from sog-mx-1.v43.ch3.sourceforge.com ([172.29.43.191] helo=mx.sourceforge.net) by sfs-ml-2.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1WLrwQ-0004Qn-VJ for bitcoin-development@lists.sourceforge.net; Fri, 07 Mar 2014 10:23:47 +0000 Received-SPF: pass (sog-mx-1.v43.ch3.sourceforge.com: domain of m.gmane.org designates 80.91.229.3 as permitted sender) client-ip=80.91.229.3; envelope-from=gcbd-bitcoin-development@m.gmane.org; helo=plane.gmane.org; Received: from plane.gmane.org ([80.91.229.3]) by sog-mx-1.v43.ch3.sourceforge.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.76) id 1WLrwP-0005jG-Lv for bitcoin-development@lists.sourceforge.net; Fri, 07 Mar 2014 10:23:46 +0000 Received: from list by plane.gmane.org with local (Exim 4.69) (envelope-from ) id 1WLrwI-0003l0-4o for bitcoin-development@lists.sourceforge.net; Fri, 07 Mar 2014 11:23:38 +0100 Received: from f052199165.adsl.alicedsl.de ([78.52.199.165]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Fri, 07 Mar 2014 11:23:38 +0100 Received: from andreas by f052199165.adsl.alicedsl.de with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Fri, 07 Mar 2014 11:23:38 +0100 X-Injected-Via-Gmane: http://gmane.org/ To: bitcoin-development@lists.sourceforge.net From: Andreas Schildbach Date: Fri, 07 Mar 2014 11:23:28 +0100 Message-ID: References: Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Complaints-To: usenet@ger.gmane.org X-Gmane-NNTP-Posting-Host: f052199165.adsl.alicedsl.de User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.3.0 In-Reply-To: X-Spam-Score: -0.4 (/) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no trust [80.91.229.3 listed in list.dnswl.org] -0.0 SPF_HELO_PASS SPF: HELO matches SPF record 1.1 DKIM_ADSP_ALL No valid author signature, domain signs all mail -0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay domain -0.0 SPF_PASS SPF: sender matches SPF record X-Headers-End: 1WLrwP-0005jG-Lv Subject: Re: [Bitcoin-development] Instant / contactless payments X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Mar 2014 10:23:47 -0000 On 03/07/2014 10:26 AM, Johannes Zweng wrote: > In current phone implementations, the screen must be on already for NFC > to be active. Also it must be unlocked, although I certainly hope future > OSes will allow payment apps on the lock screen, just like they allow > music players. > > Just a small input to this point: > On Android 4.4 the new host card emulation (HCE) feature (aka: the phone > emulates a ISO-DEP Smartcard and processes ISO7816-4 APDU commands like > a Smartcard would do) only works when the display is on, but even when > the screen is locked (can be changed with "android:requireDeviceUnlock" > in Manifest). See here for detailled > specification: http://developer.android.com/guide/topics/connectivity/nfc/hce.html > > Using the HCE API on Android 4.4 also has the beauty that any app that > registers itself for HCE and sets its category to CATEGORY_PAYMENT in > the Manifest automatically shows up in Adroid's system settings under > "Tap & Pay" (where a user would expect payment applications). Thanks for the pointer! Good to hear there is finally a decent documentation for HCE. Good news: HCE offers the required dispatch ability -- they call it AID (Application ID). Bad news: It seems - at least CATEGORY_PAYMENT - very credit card centric. HCE seems to cover only the payer side. I wonder if there is also an API for "reader emulation" which we would need for apps to support the payee side. Since Android 4.4 market penetration is quite far off, I suggest we focus on the already established NFC payment protocol(s) for now, it works pretty well. I will investigate into IsoDep and HCE and see if we can make it enhance usability. Interesting side note: They recommend messages transmitted via NFC to not exceed 1 KB in order for a snappy experience. This (again) questions usage of bulky X.509 certificates in our payment request messages. Bitcoin Wallet currently does not sign payment requests, so I could not try how it would feel.