Google has launched its Google Wallet service, which uses a secure element in the phone to provide some security. Of course, Java card is in every one of these secure elements, but it is not the point today. I have just stumbled upon the Google Wallet page. Initially, I was looking for information about how to load the Google Wallet on my Nexus S during a visit to the U.S. I haven’t found this information (if you know, I am interested). However, I have found how Google talks about its wallet’s security.
Here is the sentence that first drew my attention:
A wallet you can lock. Stay safe with the Google Wallet PIN and with secure underlying technology.
This started again my love/hate relationship with Google. A wallet you can lock? It’s just brilliant, far better than anything else I have seen on the same topic. Where do they find these things? Now, let’s see how the rest fares, from their Security section.
Google Wallet stores your encrypted payment card credentials on a computer chip on your phone called the Secure Element.
Sounds good. The Secure Element is explicitly defined as a separate chip. I find it interesting that they feel the need to mention that the credentials are encrypted.
Think of the Secure Element as a separate computer, capable of running programs and storing data. The Secure Element is separate from your Android phone’s memory.
Once again, all of this sounds good. Very nice way to describe a smart card.
The chip is designed to only allow trusted programs on the Secure Element itself to access the payment credentials stored therein.
Uh oh! I really recognize my favorite Java Card firewall, isolating applications from each other. But I am a bit disappointed to read that the “chip” is designed to support that. Yes, the chip’s memory can only be accessed from the chip itself; but on the chip, the isolation is software-based.
Next step, the FAQ’s Security and Privacy section. Among basic questions about lost phones, there are two good questions related to secure elements:
- What is the Secure Element and how secure is it?
- Could a malicious application access my credit card on the Secure Element?
You can read the complete answers there. However, here is what should be the most important sentence, since it ends the answers to both questions:
There are multiple levels of protection for data stored on the Secure Element and it is protected at the hardware level from snooping or tampering.
Of course, smart card specialists know about all the terrible attacks hidden behind the “snooping and tampering”, and how to protect from them. But the sole mention of data is a bit disappointing.
The answers also mention several times that only the Google Wallet (and other authorized programs) can access the Secure Element, and that this access control is strictly enforced. This is good, and we all like the fact that access control is present.
Now, what’s missing? You may have guessed it from my “data only” disappointment. There is no mention of the fact that the secure element can do more than payment. So, Google, if you are reading this, I will go as far as writing the missing FAQ piece:
Can I use my Secure Element for protecting other assets?
Your Secure Element is a small but powerful chip, which runs its own applications to manage sensitive data. It can even host several applications, to provide different security-related services. Of course, since the access to the Secure Element is strictly controlled, only authorized developers can write applications for it. We have selected a limited number of partners, who provide applications that rely on the Secure Element to manage their security credentials. These offers include VPN application, secure authentication applications, and much more.
Hoping that it will become useful someday. And if you need more material on Java Card, just let me know.