Closed psytester closed 9 years ago
Well, a contactless card should not give away private data for free. The remote-reader only gives away what could also be sniffed on the contactless layer. So the problem is tackled best by design (as done in ePassports, for example).
However, some cards are not so privacy friendly (credit cards, for example). Android can connect to an IPSec VPN; does this solve your problem?
If it doesn't, could you describe your Apache solution in detail? I don't understand why the Bix virtual smard card reader does not need to implement SSL but still has a secured connection.
ok ok, it was late that day. Apache as endpoint works only for HTTP traffic... ;-)
IPSec VPN is a possible way, SOCKS another. Additional standalone applications, like OpenVPN, stunnel etc is a way too. But I would prefer, that the app offers a native way to do SSL based connection.
If it's to much work for the card driver, on server side an additional application could be installed to handle and pass the traffic.
Then I leave securing the connection to a third party solution.
As the remote-reader application transfers personal sensitive data in raw format, please add optional SSL support for connection to Bix virtual smard card reader. The Bix virtual smard card reader can be put here behind an Apache SSL endpoint. (no need to add SSL support to the reader itself).