Page 11

EETE MAY 2014

from 2014 to 2020. Of this budged, €1.17 bn will come from the EU and the same amount from the local governments of the member states. The remaining €2.34 billion will be contributed by the industry. As of today, 17 member states have already committed to join the initiative. Christoph Grote, Managing Director of carmaker BMW’s Research and Technology group, went into more details describing the challenges electromobility as one of the technology fields in question is facing today. “Why is this a long-distance race rather than a sprint?” he asked rhetorically. The answer is that electromobility requires high amounts of basic research; the infrastructure has to undergo massive changes and motors are still way too expensive. “Today’s electric motors are efficient, but not affordable”, he said; more R&D efforts have to be made. “The same holds true for power electronics” he added. For the connected car, another field of activity for ECSEL, the industry needs “reliable, affordable driver assistance systems” and “new technologies for the vehicles to communicate in the Internet of Things”. Also for autonomous driving, another challenge the automotive industry is currently working to master, highly reliable and exact sensors have to be developed that are much more affordable than today’s counterparts. These sensors will feature in-sensor data pre-processing and intrinsic communications capabilities. To meet the high requirements with regards to functional safety, the industry also needs a certified tool chain. But this is not the end of the industry’s wish list: cloud connectivity as an essential part of vehicle architectures requires the creation of a joint platform. The feature of this platform list underscores the size of the challenge: based on low-latency 5G network technology, this platform will guarantee QoS for M2M communications. At the same time, it will provide a geo-reference for mobile sensors. And this is still not enough: software needs to be developed capable of conducting real-time traffic flow analysis, and the standards have to be created to enable all these parts to collaborate and to work in the desired way. “All these systems must have some sort of master plan”, Grote stated. “Otherwise we will run into a bits-and-pieces problem”. A wise bet on Android’s host card emulation By Julien Happich By acquiring encryption-related software company Metaforic, Inside Secure adds key technologies to its secure microtrollers IP portfolio to push for more cloud-based mobile payments security using Host Card Emulation (HCE). Introduced on Android 4.4 (KitKat) and publicly supported by Visa and MarsterCard, Host Card Emulation (HCE) relies on a secured cloud-based transaction to allow contactless payments and services through any NFC-enabled mobile device. The mobile application connects the consumer’s bank to the retailer’s point of sale using NFC, whilst all the sensitive user and banking data is stored and accessed from the bank’s secure cloud servers where the transaction takes place. By emulating a smart card, HCE bluntly takes telecom operators and smart card vendors out of the equation since banks no longer have to retribute them for hosting some of the secure services on the SIM card or an embedded secure element inside the mobile phone. Instead, they implement cloud-based secure elements so the payment processing app is not just running on its own (on a vulnerable mobile platform). This may well put an end to the long battle between Telcos, mobile mobile manufacturers and banks for the NFC transaction pie. Both Visa and MasterCard have announced tools and support applications for banks to adopt HCE as an alternative to renting memory space on the SIM. Of course for the transaction to take place, an internet connection is required, but rather than requiring an always-on connection, digital tokens could be issued at times of connection by the banks’ secure cloud, only valid for short intervals of time. MasterCard who has already been proving HCE on small scale trials with Capital One and Banco Sabadell, plans to unveil its secure remote payment specifications by mid-2014. Closing the deal, Inside Secure paid USD 11.6 million in cash and could pay an additional USD 4.5 million in 2015 subject to completion of certain 2014 business milestones. The company already offers hardware-based and software-based encryption solutions but it is acquiring some very interesting software developments from Metaforic, crucial to secure Host Card Emulation (HCE)-based mobile payments. Founded in 2006, Metaforic took the gold award at last year’s American Technology Awards in the Cyber Security category for its self-defending software immune system dubbed Metaforic Core. The Metaforic software analyzes code transparently as it runs, with thousands of so-called antibody agents distributed throughout the code to check the program and each other. While impacting computing performance by less than 1%, Metaforic antibodies are said to be resistant to detection and automated removal techniques, and if any change is made to the executable, multiple antibodies detect the change and respond. Another interesting product now in Inside Secure’s portfolio is Metaforic’s code concealer, which enables software developers to hide sensitive data such as encryption keys in software and to obfuscate sensitive code. In short, code disassembly and dissemination are used to make the software more difficult to understand and to reverse-engineer. This code concealment approach can be hardened with the software immunization described above. The acquisition will not only expand Inside Secure’s IP licensing revenues, it brings in Metaforic’s know-how and customer base in the mobile and payment industries. Over the last two years, Inside Secure was licensing Metaforic’s technology for its content protection (DRM) solutions. Chief Executive Officer of Inside Secure, Remy de Tonnac is a firm believer of HCE-based, cloud-based mobile payment solutions which he expects to become mainstream since they have been endorsed by Visa and MasterCard. “The Metaforic acquisition is superbly aligned with Inside Secure’s strategy. It will uniquely position Inside Secure as the only company able to provide security solutions for enterprise secure access, digital entertainment and financial services markets, the three key market drivers for mobile security” Tonnac said in a statement. www.electronics-eetimes.com Electronic Engineering Times Europe May 2014 11


EETE MAY 2014
To see the actual publication please follow the link above