Smart Reader Operation BLE Template Orange PackID

April 13, 2023 at 2:39 AM

Orange PackID template

Orange PackID is an application framework designed to create a smartphone-based, hand-free tag for identification, access control or e-wallet applications, created and promoted by mobile network operator Orange.

SpringCore devices featuring a BLE interface are able to read Orange PackID tokens.

Data, keys, and transaction flow

Service provider data

A service provider subscribes to the Orange PackID to develop his identification service (loyalty app, access control, or virtually any other identication scheme).

Orange assigns to the service provider a Company ID, a Service ID and an associated (secret) service master key Kmaster.

User/application data

A user downloads the Orange PackID BLE application on his mobile phone, subscribes to the service, and gets (from the service provider):

  • The Company ID and Service ID,
  • A Wallet ID and its accompanying (secret) key Kwallet = E ( Kmaster , Wallet ID ),
  • A User ID which identifies the user within the service.

Reader-side data and key

The reader gets (from the service provider):

  • The Company ID and Service ID that identify the service provider it belongs to, and the associated Kmaster,
  • A Access ID, which identifies the reader within the service.

The Access ID is not directly involved in the transaction, but could be used by the application/service to implement location-based behaviour, and for logging/traceability purposes.

Reader/app. transaction

  1. The reader broadcasts the PackID service, its Company ID, Service ID and Access ID through BLE advertisement frames,
  2. The application “sees” the reader thanks to its advertisement frames, connects onto the reader, generates a nonce RndB and writes it into the reader, together with its Wallet ID,
  3. The reader computes Kwallet = E ( Kmaster , Wallet ID ), generates a nonce RndA and computes the reader cryptogram E ( Kwallet , RndA || RndB ),
  4. The application reads the cryptogram from the reader, deciphers it, checks that the reader is genuine (if RndB is OK after decryption) and retrieves RndA,
  5. The application computes Ksession = E ( Kwallet , RndB || RndA ), extracts RndA’ = RndA[0..5], computes the application cryptogram E ( Ksession , RndA’ || UserID ), and writes this cryptogram into the reader,
  6. The reader deciphers the cryptogram, checks that the application is genuine (if RndA’ is OK after decryption) and extracts UserID.

The reader eventually transmits this UserID to its host through one of the protocols supported in Smart Reader mode.

Data transmitted to the host

The reader processes sends to the host:

  • User ID in field TagData,
  • Wallet ID in field TagDetails.

Template entries

Reading Orange PackID identifiers involves providing the Service ID, Kmaster and Access ID to the SpringCore device.

This is done in template #0 (addresses 0300 to 030F).

Register 0: BLE token selection

Register 0300 (1 byte) controls which BLE template is enabled to read BLE tokens.

Set it to C2 to select the Orange PackID BLE template.

Register 1: output format

The Orange PackID template uses the same output formatting procedure as other Templates. Refer to Template engine : Output Format. Address is always 0301 for BLE tokens.

Register 2: output prefix

The Orange PackID template uses the same output prefix procedure as other Templates. Refer to Template engine : Output Prefix. Address is always 0302 for BLE tokens.

Register 3: Service ID, Company ID and Access ID

Register 0303 (12 bytes) stores both the Service ID (2 bytes), Company ID (4 bytes) and Access ID (6 bytes).

Bytes Content
0-1 Company ID
2-5 Service ID
6-11 Access ID

Register 5: secret key

The service’s secret key Kmaster could be stored either directly in the non-volatile memory (at address 0305) or in the SpringCore device’s Secure Element. The second method has to be preferred.

Secret key stored in the template

Register 0305 (16 bytes) stores Kmaster.

Secret key stored in the Secure Element

Set register 0305 (2 bytes) to C010 and load Kmaster at address 10 in the Secure Element (key type = AES128, offline crypto key).