Rutronik News

Offline e-wallets for smartphones

  Knowledge

Photography and games, appointment management, fitness tracking, weather forecasts, and navigation – the smartphone has become the established feature for all these functions and more. Only purchases are still preferably paid for in cash or by card. This is also due to the requirements of mobile solutions: Customers need a suitable cell phone, Internet connection, credit card, and accepted POS (point of sale). PBV Kaufmann Systeme wants to change this and has therefore developed an electronic wallet for smartphones in cooperation with Rutronik

The special thing about Scoop e-money from PBV Kaufmann: The system can work fully offline and is not dependent on credit or EC cards. It uses the connectivity of smartphones, accesses the device via NFC, BLE (Bluetooth Low Energy) or another channel and treats it like a prepaid credit card. A server monitors the transactions.
Customer smartphones additionally function as a swarm network: Transaction data of the individual Scoop e-money POS (points of sale) are transferred to the Scoop servers and confirmed from there. The servers monitor all the transactions and thus ensure the integrity of all individual wallets in the mobile devices. Blacklists can also be distributed within the system via the swarm network.

The core: Secure micro SD card
The money is stored at the payment terminals in the form of hash chains on the smartphone. The core of the terminals consists of a micro SD card with a powerful secure processor. It signs the hash chains and checks whether their signatures are valid or have been forged. If necessary, it rejects users with manipulated monetary values. The terminals can thus detect and block fraudulent attempts fully autonomously. This creates the security that other solutions provide through the Secure Element in the smartphone.
The hardware requirements were correspondingly high: To obtain the necessary certifications from the respective financial supervisory authorities in the countries of operation (FINMA, FCC, CE, etc.), the entire system must be demonstrably secure and non-manipulable.

Hash chains
A hash chain is the repeated application of a cryptographic hash function to a particular data object. Over a series of sessions, these individual hash inputs generate a hash chain that authenticates a single user input in greater depth. The hash chains used for Scoop e-money are similar to the blockchain ledger approach for bitcoin and other crypto currencies in that entries are authenticated with previous hash key lists.

Compatible with any smartphone
PBV Kaufmann uses a special memory card from the Swiss supplier Swissbit for its project. "When presented by Rutronik at an event, we were quickly convinced that it was the perfect solution for Scoop e-money," says Stephan Wullschleger, Technical Managing Director of PBV Kaufmann. "As it meets the highest cryptographic standards, has a reliable mass memory, and is available for a long time."
Thanks to Swissbit's secure micro SD card, the system does not require a Secure Element on the cell phone. This has several advantages: Customers can pay with any conventional smartphone because there are no special hardware requirements for the device. The only thing the cell phone should have is an NFC module for encrypted communication with the terminal. Alternatively, the smartphone and terminal can also connect via a secure BLE connection or another channel. This makes Scoop e-money independent of network operators and smartphone suppliers and an interesting solution for organizations with a decentralized structure and for globally active companies.

The future is cashless
Stephan Wullschleger believes in the system's success: "It offers some unbeatable advantages with which suppliers can convince their customers: Instead of having to search for change, they can pay with transaction times of less than three seconds - and always keep track of all their payment transactions thanks to the concise app. The hash chain technology excludes loss or capital slippage. Another plus for sellers: All cash flows are transparent at all times and usage behavior can be observed live. This enables real-time fill level estimations, reducing unnecessary service effort. In addition, value-added services, such as initial credit or vouchers, can be used as a customer loyalty tool."

Competent support
Rutronik supported PBV Kaufmann not only with the micro SD from Swissbit but also with other components for the Scoop payment terminals. The choice fell on the Bluetooth Low Energy (BLE) modules from Nordic and Murata, the displays from Yeebo, lithium polymer batteries from EEMB, microcontrollers from Renesas, and numerous other components. "Since we received so many components from Rutronik, we were able to coordinate them particularly well and easily," says Stephan Wullschleger.
When faced with challenges or questions to be answered during the implementation of individual components, Rutronik acted as a mediator between suppliers and developers, thereby contributing to the success of the rapid solutions. The PBV Kaufmann team was supported by a total of five product managers and field application engineers from Rutronik. "The partner-like competent advice and the detailed knowledge of Rutronik's experts saved us a great deal of work and time during the development process," confirms Wullschleger and continues: "It also helped us great deal that Rutronik provided us with samples, development material, and supplier documentation at an early stage."

Embedded World test environment in Nuremberg
At the Rutronik booth at Embedded World 2018, PBV Kaufmann presented the solution to the public for the first time. The exhibition presentation simultaneously served as a test of the Internet connection under real conditions. The system passed this test with flying colors. Four years of development preceded the exhibition presentation: Scoop e-money started as a student idea with initial testing back in 2014. One year later, the project started to take shape with a business plan and initial specifications and the Commission for Technology and Innovation (CTI) began promoting Stephan Wullschleger and his team. The Scoop protocol was finally researched and developed together with the Institute for Mobile and Distributed Systems at the University of Applied Sciences Northwestern Switzerland in Windisch. The first hardware samples, application tests, and the presentation of research results followed in 2017.
PBV Kaufmann is currently working on final market readiness and product branding as well as preparing the product's market launch. Extensions for the app and cloud server are already planned. Thanks to customized terminals and modularizations, developers already have the next steps in mind.

 

Find components at www.rutronik24.com.

Subscribe to our newsletter and stay updated.

Devices with Secure Element
Image 1: Devices with Secure Element (green) can always exchange e-money with devices without Secure Element (red) in the absence of the cloud. Devices without Secure Element cannot exchange e-money with each other in the absence of the cloud