Michael Hölzl

Learn More
Insufficient security and privacy on mobile devices have made it difficult to utilize sensitive systems like mobile banking, mobile credit cards, mobile ticketing or mobile passports. Solving these challenges in security and privacy, could result in better mobility and a higher level of confidence for the end-user services in such systems. Our approach for(More)
This report gives an overview of secure element integration into Android devices. It focuses on the Open Mobile API as an open interface to access secure elements from Android applications. The overall architecture of the Open Mobile API is described and current Android devices are analyzed with regard to the availability of this API. Moreover, this report(More)
Mobile developers tend to use source code obfuscation to protect their code against reverse engineering. Unfortunately, some developers rely on the idea that obfuscated applications also provide additional security. But that is not the case since mistakes in design are still present and can be used for arbitrary attacks. However, manually analyzing such(More)
There are many systems that provide users with an electronic identity (eID) to sign documents or authenticate to online services (e.g. governmental eIDs, OpenID). However, current solutions lack in providing proper techniques to use them as regular ID cards that digitally authenticate their holders to another physical person in the real world. We envision a(More)
Biometrics have become important for authentication on mobile devices, e.g. to unlock devices before using them. One way to protect biometric information stored on mobile devices from disclosure is using embedded smart cards (SCs) with biometric match-on-card (MOC) approaches. Computational restrictions of SCs thereby also limit biometric matching(More)