Develop Bugs

[Q] Galaxy Nexus and SIM Toolkit?

Will Galaxy Nexus come with SIM Toolkit? On Galaxy S it was a huge problem that even Gingerbread update did not have SIM Toolkit. This however is a must-have application when using certain pre-paid cards, bank authentications or identification.
Does anyone know if it has it?

So no one knows? Don't people use SIM cards with added functionality?

SIM Toolkit is just another way of the carrier pushing pointless services my way e.g. horoscopes, weather etc all at a cost and not as good as apps you can get in the market. This is my experience in the UK anyway, perhaps its different elsewhere.

In The Netherlands Sim toolkit is obsolete. The services it was used for, are now offered by Google and others. Sim toolkit uses a lot of (internet)data however and that is one of the reasons why many SGS-owners rooted their device, so they could use Titanium Backup to get rid of the Sim toolkit.

chandlerweb said:
SIM Toolkit is just another way of the carrier pushing pointless services my way e.g. horoscopes, weather etc all at a cost and not as good as apps you can get in the market. This is my experience in the UK anyway, perhaps its different elsewhere.
Click to expand...
Click to collapse
Perhaps I should enlighten what SIM Toolkit is used for in certain parts of Europe, especially Finland and Estonia. In Finland your pre-paid cards have SIM Toolkit related services, such as checking for balance and data usage without additional costs.
But in Estonia SIM cards can be used effectively as an identification device. That is, your mobile phone can double as your identification that is usable country-wide. You can authorize bank transfers, even do all bank-related activities right through your phone without having to fiddle with websites. It can be used to sign digital documents and authorize yourself for e-voting (Estonia was the first country in the world to effectively introduce internet-based voting for local government). All this uses a special SIM-card for that exact purpose.
SIM Toolkit is very important for those reasons. Just because some carriers blatantly misuse it does not mean it isn't important.

kristovaher said:
Perhaps I should enlighten what SIM Toolkit is used for in certain parts of Europe, especially Finland and Estonia. In Finland your pre-paid cards have SIM Toolkit related services, such as checking for balance and data usage without additional costs.
But in Estonia SIM cards can be used effectively as an identification device. That is, your mobile phone can double as your identification that is usable country-wide. You can authorize bank transfers, even do all bank-related activities right through your phone without having to fiddle with websites. It can be used to sign digital documents and authorize yourself for e-voting (Estonia was the first country in the world to effectively introduce internet-based voting for local government). All this uses a special SIM-card for that exact purpose.
SIM Toolkit is very important for those reasons. Just because some carriers blatantly misuse it does not mean it isn't important.
Click to expand...
Click to collapse
I'd rather get rid of the SIM completely, unfortunately it only seems Apple is interested in it at the moment, in their own patent pending insanely closed method, and even that is just a hack.
Don't really see the SIM as an important component in the features you're talking about, and especially something like checking your datausage could easily be done using web API's, like Three has done here in Denmark.
It doesn't even have to cost data, though i'm not sure whether or not it does, they simply have to allow traffic to and from that server freely.

Sure I would love a SIM-free future, but I would also love ID card and password-free future and so on. In fact, I would love username-password free future.
But reality today is that SIM Toolkit is useful part of infrastructure in many countries, there were a lot of complaints about it being missing from Nexus S, as many use SIM Toolkit for bank services.
This is why I'm wondering if Galaxy Nexus still has SIM Toolkit. I simply would be unable to use these services otherwise. It's 2011, I should not have to use a desktop computer or mobile browser to do bank transfers and so on.

no there will not and there will never be a sim toolkit on a nexus device.
i actually dont know any country's that do use a simtoolkit.
cheking your data usage?
App
bank services.?
App
App
App
App.
no need for a sim toolkit.
and seeing as NFC might be the future.
there even is more reason why sim toolkit is useless.
its indeed 2011.
we shouldn't even be using a sim toolkit.
its a technology thats been laid to rest in allot of country's.

Of course bank services through an app. But app alone is not secure enough. Our bank services run through Android app, but authenticate as an extra layer of security through SIM toolkit so that even if your data is stolen, they cannot access your bank, unless they also clone your SIM.

kristovaher said:
Of course bank services through an app. But app alone is not secure enough. Our bank services run through Android app, but authenticate as an extra layer of security through SIM toolkit so that even if your data is stolen, they cannot access your bank, unless they also clone your SIM.
Click to expand...
Click to collapse
The SIM just stores your private key. The same effect can be achieved if the phone itself stores your private key. It makes no difference whether it's the SIM or the phone that's used to store the private key, as long as the private key is used in the key exchange to derive a shared key to encrypt the communications between your device and the bank, the same effect is achieved.

kristovaher said:
Of course bank services through an app. But app alone is not secure enough. Our bank services run through Android app, but authenticate as an extra layer of security through SIM toolkit so that even if your data is stolen, they cannot access your bank, unless they also clone your SIM.
Click to expand...
Click to collapse
i dont know about your bank,but i have to certify my card and pin trug some sort of special card reader.and than note that code onto my phone.and make a pin code to access my bank account.
there is no way anywhere in that process that anyone can steal that data. unless i give the pin away.

ghost010 said:
i dont know about your bank,but i have to certify my card and pin trug some sort of special card reader.and than note that code onto my phone.and make a pin code to access my bank account.
there is no way anywhere in that process that anyone can steal that data. unless i give the pin away.
Click to expand...
Click to collapse
Well, in Estonia we have implemented country wide ID Cards. That is, something what UK tried and failed to implement, it works here and is a great success. Our ID cards double as passports and in fact we do not need to carry passports when traveling within EU.
These same ID cards are part of a wider infrastructure. We can sign documents with these ID cards digitally (just as valid as a written signature, for example). These ID cards carry chips that are specially encrypted for that purpose and carry public and private keys for communicating with various online services. Other than digital document signatures (for any kind of document), we also use our ID card to vote on the internet without having to go to voting offices or log into various government services and view/edit private data related to our citizen status.
We can also use these ID cards to log-in to all banks in Estonia. It is more secure than private password codes that are on a separate sheet of paper and is more convenient to the end user. When authenticating it always asks for a separate PIN code, just like with any other card of that type. These ID card chips are nearly impossible to clone, just like SIM cards.
As a result there's an option for Estonians to also make their SIM card in their phone double as identification device. Our bank applications require this on phones, when logging in it sends encrypted information to the phone that can only be unencrypted with information from the SIM card. If successful, it allows you to log in and do bank transfers. This is far more secure than any regular password-sheet methods. It works through your network and has methods to protect from middle-man attacks as well.
However, that relies on SIM Toolkit and would not be possible without it. Also note that regular SIM cards cannot be upgraded to work like that. Government issues new type of SIM cards for that purpose.

kristovaher said:
Well, in Estonia we have implemented country wide ID Cards. That is, something what UK tried and failed to implement, it works here and is a great success. Our ID cards double as passports and in fact we do not need to carry passports when traveling within EU.
These same ID cards are part of a wider infrastructure. We can sign documents with these ID cards digitally (just as valid as a written signature, for example). These ID cards carry chips that are specially encrypted for that purpose and carry public and private keys for communicating with various online services. Other than digital document signatures (for any kind of document), we also use our ID card to vote on the internet without having to go to voting offices or log into various government services and view/edit private data related to our citizen status.
We can also use these ID cards to log-in to all banks in Estonia. It is more secure than private password codes that are on a separate sheet of paper and is more convenient to the end user. When authenticating it always asks for a separate PIN code, just like with any other card of that type. These ID card chips are nearly impossible to clone, just like SIM cards.
As a result there's an option for Estonians to also make their SIM card in their phone double as identification device. Our bank applications require this on phones, when logging in it sends encrypted information to the phone that can only be unencrypted with information from the SIM card. If successful, it allows you to log in and do bank transfers. This is far more secure than any regular password-sheet methods. It works through your network and has methods to protect from middle-man attacks as well.
However, that relies on SIM Toolkit and would not be possible without it. Also note that regular SIM cards cannot be upgraded to work like that. Government issues new type of SIM cards for that purpose.
Click to expand...
Click to collapse
I know what you mean. At least one bank over here implemented login using something called BankID on SIM which required new sim cards and SIM Toolkit. It used service SMS in the background though and was recently deprecated for a BankID app that starts up in the background and handles the encrypting and decrypting personally issued certs.
I agree that SIM Toolkit should be included regardless because it's very small and doesn't show up at all in the app drawer unless your SIM includes something that needs it. The layout and icon is very outdated though but you usually never have to interact directly with it like that. The messages it pops up look fine.

blunden said:
I know what you mean. At least one bank over here implemented login using something called BankID on SIM which required new sim cards and SIM Toolkit. It used service SMS in the background though and was recently deprecated for a BankID app that starts up in the background and handles the encrypting and decrypting personally issued certs.
I agree that SIM Toolkit should be included regardless because it's very small and doesn't show up at all in the app drawer unless your SIM includes something that needs it. The layout and icon is very outdated though but you usually never have to interact directly with it like that. The messages it pops up look fine.
Click to expand...
Click to collapse
Yeah, exactly.
My main point is that it's used in many countries and is especially relevant here in Estonia. Just because some mobile service companies misuse it is no grounds for removing it. It's like removing e-mail notifications just because you're unable to use spam lists.
I just wonder if Galaxy Nexus has it or not.

Take a look at *THIS* thread. I dont know if its of any value as I havent read through the thread but it seems to be something on how to put it on your phone and I very much doubt the Galaxy Nedxus will come with it preinstalled.
Mark.

we also have ID cards here. with an NFC chip(i can scan my ID card to my phone)
but we dont use that system. only for criminal identifying.
though there might be the solution.
instead of sim toolkit.
youd have to scan your ID card to log in(NFC)
and seeing as you do need your ID card everywhere(by law)

According to this it does have it, but that phone seems to have some other abnormalities from the thread here http://91.151.218.11/showthread.php?t=18331065&page=51
Picture:
https://lh3.googleusercontent.com/-...AAAAAAcI/WEg1ScqOFLo/s800/20111117_103746.jpg

kristovaher said:
According to this it does have it, but that phone seems to have some other abnormalities from the thread here http://91.151.218.11/showthread.php?t=18331065&page=51
Picture:
https://lh3.googleusercontent.com/-...AAAAAAcI/WEg1ScqOFLo/s800/20111117_103746.jpg
Click to expand...
Click to collapse
Seems to be a dev-build. Those usually include it.

Alright, Galaxy Nexus DOES have SIM Toolkit, I have the phone and it is listed under all Apps, but not in app drawer. Some of its functionality also seems to be working.
But does anyone know how to make it visible in app drawer? Not sure I need it for all things, but still.
Anyways, glad it is there!

I have a UK sim-free Galaxy Nexus and the SIM Tool Kit does appear in the app drawer for me with a Telstra SIM. It works from what I can see but I never really use it and all it provides is a mobile news service (pocket news from BigPond)
From my experience with my S2 also, the app only shows in the drawer when a SIM card is in the phone that actually has something to be used with the Tool Kit. When I used another SIM card once it didn't show up.

A must read for Google Wallet users on the Nexus.

Remember that Google Wallet exploit from a few days ago? The one that would allow*'brute-force' PIN attacks, but only on*rooted*Android devices? Well, another PIN-related security hole was discovered soon after, putting even non-rooted Androids at risk. As*Android Central points out, should your phone make its way into the wrong hands, your Google Wallet PIN number could be reassigned, allowing access to the prepaid account attached to the phone itself --*yikes. As such, the folks at Mountain View have taken action, shuttering provisions to prepaid cards until it finds a permanent fix for the problem. Despite the troubles, Google is sticking by its original tune, stating that Google Wallet offers multiples levels of protection (when used on*official*builds of Android) that go beyond traditional plastic cards, including your phone's lock screen. There's no estimate on when things will be back to normal, but you'll find Google's assessments and assurances about this situation at the source link below.
http://m.engadget.com/default/artic...n-related-securi/&category=classic&postPage=1
Via :*Android CentralSource :*Google*
Sent from my SAMSUNG-SGH-I727 using xda premium

Sigh, and if you lose your wallet what happens?

Anyone using their phone to make payments SURELY has a pin or pattern lock to protect their phones data... Right?

Would this be why I couldnt' use my "Wallet" tonight? Said it couldn't connect to the bank to get my account number. (the guy at McDonald's sure was looking at me funning trying to pay with my phone LOL)

Broken said:
Sigh, and if you lose your wallet what happens?
Click to expand...
Click to collapse
Exactly
Sent from my Nexus S 4G using xda premium

That second exploit has been posted in tons of forums almost since day one. Nothing new to report.
Sent from the third terrestrial planet in the system Solar from an electronic communications device.

Broken said:
Sigh, and if you lose your wallet what happens?
Click to expand...
Click to collapse
I rather lose my phone than my wallet.
Sent from my Galaxy Nexus using Tapatalk

it appears the the bank in charge of the prepaid cards has pulled its authorizations, just tried to set my wife's Wallet up on her phone and got the message:
"Prepaid is unavailable at this time. Please try again soon."

swiping my card is much more faster than turn on, unlock, tap, enter pin, tap, and then hit sent.

chevihemi said:
it appears the the bank in charge of the prepaid cards has pulled its authorizations, just tried to set my wife's Wallet up on her phone and got the message:
"Prepaid is unavailable at this time. Please try again soon."
Click to expand...
Click to collapse
Yeah, when I sign in to my wallet account it says "Cannot contact bank" under "user id"
*sigh*
of course there are attacks for this. they should make pinning your phone mandatory for wallet. just like when you encrypt your device, it forces you to use either pin, password, or pattern, no slide or face. just copy that...

zeke1988 said:
swiping my card is much more faster than turn on, unlock, tap, enter pin, tap, and then hit sent.
Click to expand...
Click to collapse
I just fully enjoy the look on the cashier's faces when paying with phone, not all that convenient but quite entertaining. Its the small things in life that bring joy, right??

hacky486 said:
they should make pinning your phone mandatory for wallet. just like when you encrypt your device, it forces you to use either pin, password, or pattern, no slide or face. just copy that...
Click to expand...
Click to collapse
Absolutely. If I am forced to use a pattern/pin/password lockscreen in order to store my VPN credentials, Wallet should require the same - in addition to any security within the app.

codesplice said:
Absolutely. If I am forced to use a pattern/pin/password lockscreen in order to store my VPN credentials, Wallet should require the same - in addition to any security within the app.
Click to expand...
Click to collapse
Google's lockscreen PIN setup sucks. There should be an option to automatically unlock the phone once the correct PIN has been entered, without having to press OK.

Evangelion01 said:
Google's lockscreen PIN setup sucks. There should be an option to automatically unlock the phone once the correct PIN has been entered, without having to press OK.
Click to expand...
Click to collapse
That is an option on most community ROMs... but then you would be rooted and breaking the First Rule of Wallet -whoops!
I use the pattern anyway. Works just like a PIN (think of the grid as a number pad) and sliding a finger across the screen is almost as quick as slide-to-unlock.
Come on, Google, let me use Wallet again!

Gotta love having money online that you can't use, access, or transfer. I just transferred a nice chunk of my paycheck onto google wallet right before this happened.

thunder2132 said:
Gotta love having money online that you can't use, access, or transfer. I just transferred a nice chunk of my paycheck onto google wallet right before this happened.
Click to expand...
Click to collapse
yea this is a serious annoyance. luckily i only have like 12 bucks left on my prepaid card but I dont have a citi master card so its rather bs

codesplice said:
That is an option on most community ROMs... but then you would be rooted and breaking the First Rule of Wallet -whoops!
I use the pattern anyway. Works just like a PIN (think of the grid as a number pad) and sliding a finger across the screen is almost as quick as slide-to-unlock.
Click to expand...
Click to collapse
Remove the root, relock bootloader. When you feel the need to update, do an adb backup, unlock and flash, restore backup, lock.

chirea.mircea said:
Remove the root, relock bootloader. When you feel the need to update, do an adb backup, unlock and flash, restore backup, lock.
Click to expand...
Click to collapse
Me, I'd rather just keep the root. That's kind of the point of a Nexus device to me

[Q] Copy tag to phone

Hi
Here at the university we use a NFC card to check in. Is it possible to copy the tag to my phone so I don't have to carry my student card around?

Depends
Sent from my LS670 using XDA

Shark_On_Land said:
Depends
Sent from my LS670 using XDA
Click to expand...
Click to collapse
Wow, helpful much?
I'd like to know this too.

thx
arjun rajput

+1
I like to know this to.

(Here at the university we use a NFC card to check in. Is it possible to copy the tag to my phone so I don't have to carry my student card around?)
Hi Samuel
I believe this is not possible right now, as there are security measures in place to prevent fraudulent use, but give it a couple of months there will be apps you can download , to copy re-writeable NFC tags to your phone, making your phone work as an emulator of some sort.

virus007 said:
(Here at the university we use a NFC card to check in. Is it possible to copy the tag to my phone so I don't have to carry my student card around?)
Hi Samuel
I believe this is not possible right now, as there are security measures in place to prevent fraudulent use, but give it a couple of months there will be apps you can download , to copy re-writeable NFC tags to your phone, making your phone work as an emulator of some sort.
Click to expand...
Click to collapse
To emulate cards with your NFC phone, you have to have full control of the secure element. In the Nexus phones, access to the secure element is restricted to Google - only they have the codes to access it. In non-Nexus phones like the SGS2, they don't even have built-in secure elements and therefore have to rely on SIMs, which are in turn controlled by operators. Without access to the secure element, you won't be able to emulate another card. So, no, even in a few months you won't be able to copy a tag and emulate it from your phone. Unless Google opens up the secure element to, which is unlikely.
To OP: Even if you could actually copy the contents of the card and then emulate it, this might not be enough. Many schools use just the UID of the card to associate it with your account on their system. This means that there's a good chance that your card actually has no data on it. Furthermore, phones aren't currently able to emulate UIDs. You're out of luck.

LoveNFC said:
To emulate cards with your NFC phone, you have to have full control of the secure element. In the Nexus phones, access to the secure element is restricted to Google - only they have the codes to access it. In non-Nexus phones like the SGS2, they don't even have built-in secure elements and therefore have to rely on SIMs, which are in turn controlled by operators. Without access to the secure element, you won't be able to emulate another card. So, no, even in a few months you won't be able to copy a tag and emulate it from your phone. Unless Google opens up the secure element to, which is unlikely.
To OP: Even if you could actually copy the contents of the card and then emulate it, this might not be enough. Many schools use just the UID of the card to associate it with your account on their system. This means that there's a good chance that your card actually has no data on it. Furthermore, phones aren't currently able to emulate UIDs. You're out of luck.
Click to expand...
Click to collapse
Clearly, a direction NFC will follow. There's no way users will allow something like that to remain as neutered as it currently is. It just (seemingly) has not worked that way in the past.

thanks
thanks

Replace my nfc Id card

Hi, I just downloaded some nfc reader app from the play store and discovered the phone reacted when I stick the gym I'd card at the back of it.
This card is usually used in order to enter the gym i go to every day (almost). I just have to place it close to a black box installed in the automatic doors and they get opened. I noticed I must place it very close in order to make it work.
Now, I'm not 100% sure it's this technology but if an nfc app is able to read it, o guess it is.
Now, my idea is to replace my Id card, which sometimes I forget, with my phone.
I want to ask if there is a way to make my phone store the nfc data in the card so when I go to my gym, I place the phone near this door instead and make the same function as with the card.
Is this doable? I'd need to read the card once store whatever is on it and then be able to transmit such info on demand.
I'm new to nfc but I'd like to see something like this.
Thanks!
Sent from my Nexus 4 using Tapatalk 2

Short answer:
No.
Long Answer:
Unless you know how to emulate the card's UID, you can't do it.
If your card uses the data stored non the card, which is not likely, you will have to find a way to emulate it.
Beamed from my Maguro.

Google Wallet on your T-Mo SG4 without ANY hacks

So some of you may know that today (11/14/13) ISIS went live nationally in the US. I popped into one of T-Mobile's many fine stores and replaced my sim card with a secure element sim card that will allow you to use ISIS. Well long story short I installed the google wallet app to find to my surprise that it worked! Check out the pictures below.
You can access Google Wallet (Thanks to PhantomRampage for correcting me)
Tap to pay does not work from what I see however if you have used it in the past and added your credit cards,
your cards will still exist. Someone will need to test this to see if maybe it could work regardless and if not then
maybe a patched .apk could be created to allow tap to pay?
This method might work on AT&T and Verizon phones as well (with an ISIS sim card)

Everyone can install the app from the market now, but only 'supported' devices can use the tap and pay function. Check to see if that option is available to you. Probably isn't.

PhantomRampage said:
Everyone can install the app from the market now, but only 'supported' devices can use the tap and pay function. Check to see if that option is available to you. Probably isn't.
Click to expand...
Click to collapse
Exactly. Everyone can install Wallet now, even non-NFC phones. They only enable the tap to pay and NFC functionality if the phone is "supported". If you want the tap to pay, I believe you still still have to mod it. I was using the framework mod and the build prop mod to get it to work. Pretty simple.