Google SmartTap template

This feature is restricted and subject to a specific license agreement and fees. Please contact SpringCard for detailed information and pricing options.

Overview

Use this template to read Google Pay Passes data from an Android mobile.

What is Google SmartTap?

On Android, the Google Pay application allows users to organize their loyalty programs, offers, gift cards, event tickets, boarding passes for flights and Transit passes (cf https://developers.google.com/pay/passes/guides/overview/about/about-google-pay-api-for-passes). Management of the passes is performed through the Google Pay API. NFC-enabled passes could be transmitted to a remote application through NFC, using the Google Pay Smart Tap protocol.

Once configured using this template, a SpringCore Smart Reader is able to run the Google Smart Tap secure transaction on its own, and transmit the data in plain to the host.

The Smart Tap protocol can be used to:

  • Get data
  • Securely get data
  • Push data with authentication
  • Securely get data and perform payment

The SpringCore firmware is only suitable to Get data (securely or not). SpringCore devices are not payment terminals.

Data, keys, and transaction flow

The following information is only a summary of how SmartTap works. For detailed and accurate information, please refer to https://developers.google.com/pay/smart-tap.

Merchant

A service provider or Issuer subscribes to the SmartTap service and develops his identification service (loyalty app, access control, or virtually any other identification scheme).

The service provider is primarily identified by its Issuer ID.

Inside the SmartTap NFC transaction, the service provider is identified by its Collector ID which is a shorter number (4 bytes).

The service provider generates its own a 256-bit elliptic-curve key-pair over the P-256 curve: { KPRI:Issuer, KPUB:Issuer }.

The public key KPUB:Issuer has to be associated to the Merchant account on the Google Pay Merchant Center, together with a key version.

The private key KPRI:Issuer has to be known by all the terminals owned by the merchant, together with its key version.

The key version information makes it possible to store a few private keys in the terminals and to perform key rolling (or key rotation) periodically when issuing passes.

User data

The user of the service (a customer of the merchant) receives a unique Google Smart Tap pass, by the mean of a JWT token embedded inside an URL. The token may be sent to the user either through email, SMS, downloaded from a web site, or provided by an application running in the mobile itself.

The token is not the pass, but only a pointer to the actual pass (that will then be downloaded by the smartphone and eventually saved inside the Google Pay application).

The message transmitted by the reader to the host is the smartTapRedemptionValue of the pass.

See theses links for more information on how to configurer your pass value:

Pay attention that he SpringCore reader is limited to messages under 500 bytes (512 bytes for the payload of the pass less 12 bytes for the IV). You shall limit the number of data fields and the size of every data to make sure the resulting NDEF message stays under 500 bytes.

Configuration of the reader

To run its part of the NFC transaction, the reader has to be configured with:

  • The Collector ID,
  • The Key version,
  • The Private key KPRI:Issuer

Google SmartTap NFC transaction

The mobile sends to the reader its message.

The cryptogram is protected by a cryptographic secret key. Only a reader knowing the right private key may decipher the cryptogram and recover the message.

Data transmitted by the Smart Reader to the host

The reader processes the cryptogram and sends to the host:

  • message in field TagData.

For the moment the data conveyed are only object.smartTapRedemptionValue.

Configuration

Register t0: select the Google SmartTap template

Register 03t0 (1 byte) selects the template. Set it to D2 to select this template.

Register t1: output format

Register 03t1 defines the output format. Refer to Template engine : Data Output Format.

Register t2: output prefix

Register 03t2 defines the output prefix. Refer to Template engine : Output Prefix.

Register t3: Collector ID

Register 03t3 (4 bytes) stores the Collector ID.

Bytes Field Description
0-3 Collector ID A predefined 4-byte number specific to the merchant. If the collector ID exceeds four bytes as encoded, use the last four. If shorter than four bytes, left-pad with 0s. See this link for more information about Collector ID

Default value: SpringCard's Collector ID ()

Register t4: Private key version

Register 03t4 (4 bytes) stores the version of the private key.

Bytes Field Description
0-3 Private key version Version of the private key associated to the Collector ID

Default value: 00000001

Note: If the key version is 10, set this register to 0000000A.

Register t5: Private key

The Private key may either be written together with the configuration into the NVM, or stored in the ATECC Secure Element.

Private key stored within the configuration

Register 03t5 (32 bytes) stores the private part of the key-pair.

Bytes Field Content
0-31 Private key KPRI:Issuer

Default value: SpringCard's test private key

Private key stored in the ATECC

If the device features a ATECC Secure Element, the register 03t5 (1 byte) stores only the key entry index.

Bytes Field Comment
0 Key entry index Valid values are 00 to 0C

Advanced configuration

A few very specific configuration entries are required for certification purposes.

These entries don't fit in the 16 registers that are available for template configurations. Therefore, the advanced entries are stored in the group 5 of the NVM.

Register 0501: POS capabilities bitmaps

Register 0501 (5 bytes) stores the POS capabilities.

Bytes Field
0 System
1 UI
2 Checkout
3 CVM
4 Tap

Default value: 0000000001 (Pass only)

Detail of each byte

0x01 0x02 0x04 0x08 0x10 0x20 0x40 0x80
System Standalone Semi-integrated Unattended Online Offline MMP zlib support RFU
UI Printer Printer graphics Display Images Audio Animation Video RFU
Checkout Support payment Support digital receipt Support service issuance Support OTA POS data RFU RFU RFU RFU
CVM Online PIN CD PIN Signature No CVM Device-generated code SP-generated code ID capture Biometric
Tap Pass only Payment only Pass an payment Pass over payment RFU RFU RFU RFU

Register 0502: Service Type requested

Register 0502 (between 0 and 16 bytes) stores the type of the service to request.

Each byte represent a service to request (maximum 16 services).

See this https://developers.google.com/pay/smart-tap/reference/apdu-commands/get-data for more information.

Service type byte

Value Description
0x00 All services
0x01 All services except PPSE
0x02 PPSE
0x03 Loyalty
0x04 Offer
0x05 Gift card
0x06 Private label card
0x07 Event ticket
0x08 Flight
0x09-0x0F RFU TWI
0x10 Cloud based wallet
0x11 Mobile marketing platform
0x0C-0x3F RFU TWI
0x40 Wallet customer
0x6F RFU wallet-specific
0x9F RFU merchant-specific

Default value: 00 (request all services)

Register 0503: Use OSE

Register 0503 (1 byte) stores the boolean to indicate if the terminal must use the SelectOSE command. 01 means true, 00 means false.

Default value: 01 (true)

Register 0504: Use encryption

Register 0504 (1 byte) stores the boolean to indicate if the terminal must use encryption and if it needs to send the negotiate Secure Session command. 01 means true, 00 means false.

Default value: 01 (true)

Register 0505: AllowSkippingSmartTap2Select

Register 0505 (1 byte) stores the boolean to indicate if the terminal can skip the Select Smart Tap 2 command. 01 means true, 00 means false.

Default value: 00 (false)

Register 0506: DoPayment

Register 0506 (1 byte) stores the boolean to indicate if the terminal support contactless payments. 01 means true, 00 means false.

Default value: 00 (false)

Register 0507: DoRequest

Register 0507 (1 byte) stores the boolean to indicate if the terminal must send the Get data command. 01 means true, 00 means false.

Default value: 01 (true)

Register 0508: PresignedAuth

Register 0508 (1 byte) stores the boolean to indicate if the mobile use a pre-signed authentication token, and its none is set to 0s. 01 means true, 00 means false.

Default value: 00 (false)

Register 0509: ForceTerminalNonce

Register 0509 (32 bytes) stores 32 bytes-long array used as the Terminal nonce if it's forced and not random.

Bytes Field Content
0-31 Terminal nonce Array that will be used as the terminal nonce

Default value: empty (terminal nonce is truly random)

Register 050A: ForceTerminalEphemeralPrivateKey

Register 050A (32 bytes) stores 32 bytes-long array used as the Terminal Ephemeral key if it's forced and not random.

Bytes Field Content
0-31 Terminal Ephemeral key Array that will be used as the Terminal Ephemeral key

Default value: empty (Terminal Ephemeral key is truly random)

Register 050B: LocationId

Register 050B (between 0 and 8 bytes) stores the Location ID array.

Default value: empty (LocationId will not be used)

Register 050C: MerchantName

Register 050C (between 0 and 16 bytes) stores the MerchantName as ASCII characters.

Default value: empty (MerchantName will not be used)

Register 050D: MerchantCategoryCode

Register 050D (2 bytes) stores the MerchantCategoryCode.

See https://github.com/greggles/mcc-codes for the list of MCC.

Default value: 0000 (MerchantCategoryCode will not be used)

Register 050E: TerminalId

Register 050E (between 0 and 8 bytes) stores the TerminalId.

Default value: empty (TerminalId will not be used)