Try to look at https://community.oracle.com/community/java/java_embedded/java_card_2 for support.

Good luck!

try {
sckClient = new Socket(“localhost”, 9025);
InputStream is = sckClient.getInputStream();
OutputStream os = sckClient.getOutputStream();
cad = CadDevice.getCadClientInstance(CadDevice.PROTOCOL_T0, is, os);
} catch (Exception e) {
System.out.println(“error”);
return;
}

try {
cad.powerUp();
……

My code get stuck in powerUp without any error or exception. I am using the sample_device and sample_platform that comes with Java Card Development Kit 3.0.5u1

There is a very strong incentive in IT markets to get a product out before the others to grab a dominant position as fast as possible, and no incentive to slow down and design a secure offer.

So, including security in a connected product today is a strategic mistake and a waste of money. Time to market is so much more important.

Customers don’t really care either, and I don’t see cloud vendors or MNOs saying things like “you’re out of my cloud/network if you system isn’t secure”.

So, I am not a fan of regulation, but there is no credible alternative today, and the time is counted. When some hackers takes down a big chunk of internet or kills a few persons, then regulation will step in hard in panic mode, and that doesn’t sound good.

“Information security is not a technological problem. It is an economics problem. And the way to improve information security is to fix the economics problem.”

Some people spend time to create needs and wants, and competitiveness creates a kind of race that is getting uncontrollable, and more particularly with “gadgets”.

As the final end user has so many choices, almost anyone can come and propose a service that probably already exist, yet, it does not matter because people like to have “the choice”.

In my opinion, the best solution (but not my favorite one) would be a natural self-regulation of the market, namely, few big actors/companies must take the lead and stop this frenetic race to “the-most-connected-device”.

The only analogy I have in mind right now is the law of jungle where natural predatorS (I insist with the “S”) must control some different territories.

I don’t think that government and laws can be a solution as some people suggest, unless those laws are applied to the whole world instead of only few small countries.

To be honest, that’s precisely what has troubled me as an “insider” most, for the past few years: how does one built true agility and multi-app, post-personalization delivery. The technology seems to be there, but business and politics don’t seem to follow yet. Why this matters? Because indeed, (expecting) web-like evolution can make the smart cards (and universal secure elements) as we know it obsolete before the technology reaches full potential…

In fact the more secure method is to include a PIN or biometric entry on the security device/smart card for on-device authenticatiin then press a OK or Cancel transaction on the securitu device/smart card.

The Zwipe product includes a fingerprint sensor on a smart card and the likes of Plastc and other E-ink cards are embedding touchscreen E-ink or buttons on smart cards.

Finally, the Ledger Blue hardware is a personal security device integrating a ST31 secure element tied to a touchscreen with USB, NFC and BLE connectivity for secure applications and PIN entry onto a single device to make scraping PIN much harder.