Calypso HCE Solution For NFC devices without S.E.

When it is not Possible to implement a secure Calypso applet into a Secure Element,
CNA has defined an HCE-based solution for Android and mobile phones

This solution is based on two documents: the Calypso HCE application specifications and the Calypso HCE Guidelines.


Many Calypso networks aim at providing to their customer a ticketing solution for Android mobile phones, while preserving as much as possible compatibility with their installed AFC system, in particular with the validators.


CNA provides a solution with an acceptable level of security compatible with the Calypso brand  which ensures that the security of the existing system is not jeopardized.


Specification of a Calypso HCE application

CNA published the revision 1.3 of the specification of a  Calypso HCE application using a Public Key Infrastructure (PKI) that guaranties the security of the exchanges between the mobile phone and the central system, to load initial data or to load rights (such as transportation rights).

> By delivering HCE Authorization Modules (HAM) with certificates to HCE application providers and service providers,  CNA is acting as the Certification Authority in this PKI.


For security reasons, transactions using the personalization key or the load key are not possible through the NFC interface, and must be done with a secure connection to a server.


Only the Calypso debit key is stored in the HCE application for validation on entrance and control during travel, coupled with a mechanism of renewal of the Calypso Serial Number (CSN) to mitigate the risk of fraud : a part of the CSN contains date and time of validity of the debit key which shall be checked by the terminals.


Calypso HCE Guidelines

Unlike a secure element built to protect data for a long period, a mobile device can only ensure their protection for a very limited period of time depending on the security techniques adopted to delay the attacks on the software and the countermeasures implemented to detect a fraud at the level of the central system, based on a constant back-end monitoring. These techniques are the mandatory supplement to the specification and are in the scope of the Calypso HCE Guidelines, revision 1.0.


They rely on the recommendations of a security study ordered by AFIMB, The French agency for multimodal information and smart-ticketing, realized by an independent expert from the “Mines Telecom Paris Institute”. Get More details


In Short

Combined with the requirements of the specification, the main features which may imply an evolution of the terminals are the following:

·        Support of a rev 3.1 Calypso application

·        Support of TDES keys

·        Check of a specific range of CSN dedicated to HCE application.

·        Check of the debit key validity date (the Guidelines enforce a minimum frequency of the CSN renewal)

·        Check of the mandatory contracts signature


Both  documents define a coherent and secure way to implement HCE in a Calypso environment and are mandatory to use the Calypso brand and keys.


Get the Specification of a Calypso HCE application, revision 1.3 *

Get the Calypso HCE Guidelines, revision 1.0 **


* You must be registered on the CNA website - **Documentation reserved exclusively to CNA members.


Publication : 07/03/2018