I want to create a google wallet like application in android. It is said that "all payment credentials are stored in a chip called the Secure Element contained within the phone". How can I access this secure element and store my card credentials into it.
My aim is to use my phone (Nexus) at the checkout counter instead of my card.
So what I want is to store some data to the Secure Element chip and access the data when I tap on an NFC reader.
Thanks in advance.
If you check the Google Wallet FAQ you can find the following :
Your payment credentials are stored in a chip called the Secure Element contained within your phone. The Secure Element is isolated from your phone’s main operating system and hardware. Only authorized programs like Google Wallet can access the Secure Element to initiate a transaction.
Even Google Wallet itself has very limited access to the Secure Element, and cannot read or write data from its memory. There are multiple levels of protection for data stored on the Secure Element and it is protected at the hardware level from snooping or tampering.
So basically... you don't have access to this SecureElement
. Maybe talking with the phone manufacturers to give you access/ ways of accessing the SecureElement
will enable you to do this... but I think this would be out of your scope.
EDIT:
An alternative solution can be storing your data in an SQLite
database, and also use encryption
on that database, such as AES
... or whatever you prefer. You will still have to pay attention on how you keep/distriubte the encryption/decryption keys
.
If you are worried about the case when somebody looses his phone, and the "founder" tries to steal the data, you can implement also an password protection on your Application
and if the password is typed wrong 3 consecutive times, drop the SQLite
database where the data is stored.
You cannot store anything in the security encryption chip, since it is by design hardware separate from the operating system.