Implementing Open Authentication for Web Services with a Secure Memory Card

Abstract

Open authentication protocols have become a standard solution to allow interfacing of third-party applications and websites. This paper presents a rationale for the use of secure memory cards with NFC-enabled service. A software application prototype is presented to show how a secure memory card can provide a portable authentication module to access web services. The prototype shows that it is possible to implement secure credential storage on a user-configurable secure memory card that supports an open authentication protocol. It provides protection against copying of the credentials and effectively frees the user from typing the passwords into the mobile device. Although the smart memory card is still a very new platform in mobile devices and not standardized in all aspects, we show that it provides a promising platform that is not bound to a specific operator or manufacturer.