Host Card Emulation Series: HCE Virtual Card Life Cycle Management

HCE has introduced a new and powerful way to create, issue and manage virtual cards stored in the cloud. The value of HCE is clear but with that recognition comes a great deal of other questions. One of the most common questions is that surrounding virtual card life cycle management. This blog post will discuss one tools made available by SimplyTapp to manage your virtual card in the cloud in the SimplyTapp system.

SimplyTapp offers STBridge as tool to manage card life cycle. STBridge allows an issuer to connect to a virtual card instance in the SimplyTapp cloud.

STBridge is used to communicate APDUs, and other GP commands, to a specific virtual card residing in the cloud platform. STBridge supports standard GPJ shell commands.

STBridge packaged as an executable jar (STBridge) and can be executed in the following format:

java -jar STBridge.jar -ck consumer_key -cs consumer_secret -at access_token_to_card -ts access_token_secret [-s jcsh_script_to_run

STBridge Paramater list:

-ck the issuer consumer key

-cs the issuer consumer secret

-at the card access token

-ts the card access token secret

There are various ways for obtaining the parameters from a virtual card in cloud needed to execute STBridge.
This example we are we are working with a previously create virtual card.

Managing An Active Card

Appending scripts to the STBridge.jar executable file allows one to manage card life cycle. The following are examples of how to manage card life cycle.

Card is personalized by running a personalization (perso) script.

After perso script is executed, the card is in activated state.

Post card personalization, you can connect to card and  run any various card management scripts. Activating an activated card does nothing and deactivating a deactivated card does not change the state of the card, but scripts will execute.

The following are examples of executing card management scripts on a  active virtual card in the cloud.

Deactivate Card.

vcbp_deactivate_card.jcsh is script to deactivate the card. 

After running the script, the card agent is disabled from performing contact-less transactions.  

Activate card

vcbp_activate_card.jcsh is script to activate the card again. 

After running the script, the card agent is enabled to perform contact-less transactions. 

Terminate card

vcbp_terminate_card.jcsh is script to terminate the card.

 After running the script, the card agent is disabled from performing contact-less transaction. The card agent does not load anymore after refreshing/restarting the wallet. This is like a kill switch, the state cannot be changed from terminated.  

Running vcbp_terminate_card script updates the card state in the database to "dead". 

Once a card is terminated it is marked as dead and can not be recovered to active state from  the data base.

The complete STBridge tutorial can be found at:  http://wiki.simplytapp.com/utilities-resources/stbridge/stbridge-guide