Using Smart card Based Certificates on Android - Use Case Description
The AirID Crypto Keychain Sample App demonstrates the reading of the certificate, signing, encryption and decryption with the AirID card reader and the inserted smart card.
1. Please check before you start:
For this use case on Android you will require:
- A smart card, CardOS 4.4 OpenSC initialized with a test certificate (provided with the AirID Evaluation-Kit)
- An AirID Version 1, wireless smart card reader (provided with the AirID Evaluation-Kit)
- An Android device with Bluetooth Low Energy functionality and an Android version from 4.4 upwards
- Internet connection to download the AirID Crypto Keychain Sample App
Please use this smart card and PINs for using smart card based certificates on Android demo use case:
- User PIN: 123456
- PUK: 12345678
2. Initial Installation
Follow the steps below to install and configure the software components:
- AirID Central App installation
- Bluetooth pairing
- Crypto Keychain Sample App installation
2.1 AirID Central App Installation
The AirID Central is a management App for your AirID. The App provides you with information and settings options for your AirID when your AirID is connected to your Android device. Furthermore, the initial Bluetooth pairing needs to be realised within the AirID Central App.
Follow the steps below to install the AirID Central App.
- Go to the official Google Play Store on your Android device
- Search for AirID Central and install the App (https://play.google.com/store/apps/details?id=de.unicept.airid.central)
The AirID Central App has been installed and the next step will be Bluetooth Pairing of the AirID with your Android device.
2.2 Bluetooth Pairing
To pair your Android device with the AirID reader follow these steps:
- Make sure that Bluetooth is activated on your Android device (Settings > Bluetooth > On)
- Open the AirID Central App
- Select the AirID (serial number) in the shown device list
A six-digit pairing key will be show on AirID display by scrolling down in the menu and pressing the jog dial control element
and also on the Android device. If the PIN matches press Connect on the Android device and choose Yes on the AirID- After succesful pairing, the device name of the paired device will be displayed on the AirID.
If you already paired AirID with another device, please navigate to "Prefered Device" in the AirID menu press the Jog-Dial and choose "new". Then press the Jog-Dial again to confirm.
2.3 Crypto Keychain Sample Installation
To install the Crypto Keychain Sample App go to the official Google Play Store on your Android device, search for Crypto Keychain Sample and install the App (https://play.google.com/store/apps/details?id=de.unicept.airid.howto.crypto.keychain)
Now, the App is installed and you will be able to sign and encrypt messages and to import certificate.
3.4 Using automated "Distance Log-Out" with AirID
The AirID reader locks the Android Login Keychain Sample App automatically, if a (preset) distance between your device and your AirID has been exceeded.
The "Distance Log-Out" is managed in AirID settings using "Distance Sensor".
Please set the "Distance Sensor" value so that the access to the device is automatically locked when the predefined distance from AirID is exceeded.
- Make sure, AirID is connected via BLE with your working device
- Take your AirID and navigate to Settings > Distance Sensor
- Select On
- Select Presetting and Mid
Optionally, you can select any other presetting value or do a manual setting.
Settings can only be changed with an active Bluetooth connection between yourdevice and AirID reader.
To avoid unintended disconnects, keep in mind that the minimum distance for the automated log-out is about three meters between your device and AirID reader.
The distance value for the "Distance Sensor" feature represents a relative value. It depends on the signal strength of the AirID, on the environment and on other interferencing signals.