baiMobile™ Wireless CAC Reader

baiMobile™ Wireless CAC Reader
Model 3000MP Bluetooth Smart Card Reader
User Guide
for Android devices (Samsung Galaxy S3)
Version 3.2 30000MP
Date: August 6, 2013
Support
For support relating to baiMobile™ Bluetooth Smart Card Readers:
Biometric Associates, Inc
Main Office (410) 252-7210
support@baimobile.com
Field support:
Michael Smith
(407) 823-8130 (cell)
msmith@baimobile.com
Contents
Before you get started ................................................................................................ 5
Proper Care of your baiMobile™ 3000MP Bluetooth Smart Card Reader .......................... 5
Welcome ................................................................................................................... 5
Hardware and Software Requirements .......................................................................... 5
Hardware Requirements ........................................................................................... 5
Bluetooth Stack....................................................................................................... 5
Software Requirements ............................................................................................ 6
baiMobile™ Middleware Libraries ............................................................................... 6
Supported Smart Cards ............................................................................................ 6
baiMobile™ Bluetooth Smart Card Reader Specifications ................................................. 7
Accessories ............................................................................................................... 8
Reader Basics ............................................................................................................ 8
Reader Features ...................................................................................................... 8
Power consumption ................................................................................................. 9
Powering on the Reader ......................................................................................... 10
Accepting a Bluetooth connection ............................................................................ 11
Powering off the Reader ......................................................................................... 12
Charging the Reader .............................................................................................. 12
Upgrading the Reader Firmware ............................................................................. 13
LED Panel Icons .................................................................................................... 14
Home Screen ..................................................................................................... 14
Data Transfer Screen .......................................................................................... 14
Battery Status Icons .............................................................................................. 15
Inserting a CAC or PIV card .................................................................................... 15
Battery ................................................................................................................ 16
Reader Error Massages........................................................................................... 16
Pairing .................................................................................................................... 17
Pairing Troubleshooting .......................................................................................... 25
Troubleshooting - Other ......................................................................................... 26
PAIRING FAQ .............................................................. Error! Bookmark not defined.
Index...................................................................................................................... 27
iii
Before you get started
This User’s Guide is designed for the Android devices using the OS version 2.2. If you are
using another device, the information herein may be different or may not apply. If you
have questions, contact your network administrator or email support@baimobile.com.
Proper Care of your baiMobile™ 3000MP Bluetooth Smart Card Reader
Your baiMobile™3000MP Bluetooth Smart Card Reader is an electronic product similar
to a cell phone or MP3 player that may be damaged by excessive moisture, sand, dirt and
impact. Taking proper care of your reader is essential for continued, trouble-free operation.
Welcome
The baiMobile™ solution for the Android devices includes:
1. baiMobile™ 3000MP Reader
2. baiMobile™ Smart Card Framework libraries– files that are provided to
application developers, who embed our framework and middleware into an app. The
Framework libraries and files are installed on your Android device when the app is
installed. Note: Due to the structure of Android, the Framework libraries (other than
the AndroidPcscLiteService.apx) cannot be loaded separately.
3. baiMobile™ Security files – The are optional files that enforce Bluetooth security
policies on the device.
This baiMobile 3000MP solution permits you to perform many of the same functions on a
mobile device that are available on a desktop PC including:

digitally sign and decrypt emails and documents

log on to web sites and network servers that require smart card (CAC or PIV)
authentication

other applications that require smart card authentication.
Hardware and Software Requirements
This section describes the minimum hardware and software requirements necessary to use
your Reader with an Android device.
Hardware Requirements
The reader will pair with all Android devices. Note that the Bluetooth connection to the
reader must be initiated by an app that embeds our Framework.
Bluetooth Stack
Most Android devices (OS version 4.1 and lower) use either the BlueZ stack or the
Broadcom BTL-A stack. Our reader is designed to connect to either stack. Note that Google
5
introduced a new “Bluedroid” stack with Android version 4.2 (Jellybean). Our reader will
support that stack as well. The US Department of Defense requires that the Bluetooth stack
be “lock down” to meet NSA security requirements. Only devices with the BlueZ or
Bluedroid stack will meet those requirements. For a list of Android devices with either the
BlueZ or Bluedroid stack, please visit http://www.biometricassociates.com/products/smartcard-readers/android-supported-devices/
Software Requirements
The following software components are required on your Android device:
1. Android version 2.2 or higher
2. Your Android device must be provisioned – that is, it must have certain smart card
framework libraries and device drivers loaded in order for the baiMobile reader to
function. These framework libraries and device drivers are integrated into an app by
the software developer and are installed when the app is downloaded and installed.
These libraries cannot be installed separately. For a list of supported Android apps,
please
visit
http://www.biometricassociates.com/products/smart-cardreaders/android-supported-apps/ or contact your administrator for provisioning
instructions.
baiMobile™ Smart Card Framework
The baiMobile middleware libraries consist of files stored on your Android device that allow
applications and network servers to access the digital certificates and other information
stored on the smart card. The baiMobile middleware libraries are integrated into various
applications such as Good Mobile Messaging.
Supported Smart Cards
The baiMobile middleware libraries are designed to support the Common Access Card
(CAC) and the Personal Identity Verification (PIV) cards. Support for other smart card types
may provided for in the future.
6
baiMobile™ Bluetooth Smart Card Reader Specifications
Specifications
Description
baiMobile 3000MP Bluetooth Smart Card Reader
Hardware Specifications
Dimensions
62 mm (2.44 in) wide x 110 mm (4.33 in) high x 20 mm (4.79 in) thick
Weight
70g (2.46 oz)
Status Indicator
LCD panel provides connection indication, signal strength, battery capacity, device
name, version info, aided pairing. Configurable LED indicators (use/don’t use) for
connection indication, user attention and LCD backlighting
Battery
Removable PolyFlex cell; rated capacity 580 mAh, normal voltage 3.7v; in low power
mode - 3.5mA, (~7 days batt life) On but BT connection; 14mA, (~2 days batt life) power
on with BT connection.
Power On / Off
Power on activated by card insertion and/or front OK button. Power off activated by
card removal or application/device security policy.
Charging Port
Mini-B USB (Charger included with Reader)
Wireless Communications
Communications Protocol
2.4 GHz frequency ISM band. IEEE 802.15.1 (Bluetooth) with full security enabled
RF Transmission range
10 meters
Supported Bluetooth versions
Devices with Bluetooth ver 2.1 and higher and the BlueZ stack
Data Throughput
750 kb/s to 1 Mb/s
baiMobile Middleware Libraries / Security
Bluetooth & AES
Mode 4: service level security; FIPS 140-2 approved AES-256 encryption overlay
Authentication Method
S/MIME, SSL and PKI
Mobile Device Security
Custom Reader firmware; FIPS 140-2 certified version of the OpenSSL library on reader
and device (NIST certification number 1051); baiMobile Security and WatchDog apk
files.
Mobile Operating Systems
Supported Operating Systems
iPhone/iPad iOS version 4.0 and higher, Android version 2.2 and higher. (Always
confirm device compatibility before purchasing).
7
Accessories
Included with your Reader is a charging cable, comprised of a plug and a mini-USB cable.
Reader Basics
Reader Features
Please familiarize yourself with the features of the baiMobile 3000MP Reader.
8

Blue LED indicator The blue LED indicator is located on the front portion of the
reader, facing the Smart Card. It will flash when the reader’s Bluetooth radio is on
and is transmitting or receiving data.

OK Button with White LED indicator The OK button is located on the front
portion of the reader. Certain functions, such as pairing and reconnecting to the
Android device, require an acknowledgment by the user. A white LED indicator will
flash whenever an action or acknowledgment must be performed by the user.

Removable Battery/Battery Cover The reader battery is the only component that
will need to be replaced periodically, depending on usage. The battery is rated for
600 charge-discharge cycles, or about two years of normal use. Should the battery
need replacing, remove the battery cover and replace the old battery with a new
(baiMobile approved) battery. Note: This reader uses a battery custom built for the
reader. Inserting a battery other than a baiMobile approved battery will cause
serious damage to the reader and will void its warranty.

LED Display The LED display is located on the rear of the reader and will display
various messages and reader status icons when the reader is powered on.

MiniUSB Charging Port The reader’s battery is charged using a charging cable and
power supply. The power cable is inserted into the miniUSB port located at the
bottom of the reader. Note that the miniUSB port is for charging only and will not
support the transfer of data.
Power consumption
The baiMobile 3000MP smart card reader includes a low-power mode. The operation of
the low power modes is complex and based on idle timeouts.

Reader firmware version 2.2.0 and higher
o Full power consumption (50-60mA)
 During pairing
 During each reader or card command execution duration
 Each lasts a few seconds, max
o Idle Power Mode (25mA)
 Lasts 8 seconds after the last command execution is completed
o Low Power Mode – connected (3.5mA)
 Starts 8 seconds after the last command execution is completed
o Low Power Mode – not connected (3.5mA)
 Starts immediately after booting is complete (and LCD back light is off)
 Starts immediately following a disconnection from Bluetooth.
o For any duration that the LCD back light is on, add another 30mA, but the
back light only stays on for short durations (6 seconds, or during pairing, or
while holding down the button to see version number, etc.)
To calculate the length of time the reader could continue in any one of these modes, use
this equation:
Time in hours = 600 / (mA consumption)
For instance, while connected but in Low Power Mode (3.5mA)
600 / 3.5 = 171 hours (or over 7 days)
9
Powering on the Reader
The baiMobile 3000MP Reader does not have an On/Off switch or button. Your reader is
powered on by inserting your smart card into your reader. If your smart card is already
inserted in your reader, slide it out and then reinsert the card. You will notice the reader’s
Home Screen displayed on the LED panel on the back of the reader.
Power On Screen 1 – displayed for about 1.7 seconds when reader is first powered on
Power On Screen 2 – displayed for about 1.7 seconds
Power On Screen 3 – Reader will accept a Bluetooth connection request from an
application on your Android device without requiring the user to press the OK button for 5
minutes
10
Power On Screen 4 –Reader is now powered on and is “listening” for a Bluetooth
connection request from an application on your Android device. User must first press the
OK button to accept a connection request. The reader will stay in this state for
approximately 7 days until the battery is exhausted (firmware version 2.02.00 and higher)
or until the Smart Card is removed from the Reader, whichever occurs first. If the reader
receives a connection request from the Android device, you may be prompted to authorize
the request by pressing and releasing the 0K button on the front of the reader.
Accepting a Bluetooth connection
NSA security requirements state that the user must accept (acknowledge) all Bluetooth
connection requests from his or her mobile device.
Examples:

When a client application on the mobile device needs to establish a Bluetooth
connection to the reader to access information (certificates) residing on the Smart
Card

When a client application on the mobile device requires that the user acknowledge an
action (digital signing) involving the Smart Card
In such cases, the reader will display a message prompt such as “Auth?” and the white LED
beneath the OK button will flash repeatedly until the OK button is pressed.
11
Powering off the Reader
Your reader will automatically power off if any of the following occur:


Your smart card is removed from your reader
The reader’s battery runs out

The reader times out (a configurable setting)
When the reader is powered off, nothing will be displayed in the LED panel.
Charging the Reader
Your charging cable separates into a plug end and a mini-USB cable. You may charge your
reader using the charging cable plugged into an electrical wall outlet or use just the miniUSB portion of the charging cable to connect between your reader and a USB port on a
computer.
It is recommended that the reader be charged whenever the battery status icon on the
reader indicates that the reader battery level is less than 20%. The reader should be
charged from an AC power source using the supplied charger and cable. A red LED on the
bottom of the reader will illuminate indicating that the reader is charging. Once the red LED
is no longer illuminated, the battery is fully charged and the charging source should then be
removed from the reader.
During charging, a red LED on the bottom of your reader will indicate that the battery is
being charged. When the red LED turns off, your reader battery is fully charged.
NOTE: Most smartphone charging cables with a mini-USB-a connector will also charge your
reader.
12
Upgrading the Reader Firmware
The baiMobile 3000MP Bluetooth Smart Card reader contains upgradeable firmware. The
feature extends the functionality of your Reader in the following areas:

Security Policies: Changes in security policies may require a firmware update.

OS Releases: New versions of the Android device/ operating system may require a
firmware update.

Smart Card Types: Support for new smart card types may require a firmware
update.

Power Modes: Improvements in the reader’s power consumption may require a
firmware update.

Device Support: New devices may require a firmware update.

Bluetooth Stack Support: Support for additional Bluetooth stacks may require a
firmware update.

Additional OS Support: Support for additional operating systems (such as Windows
7) may require a firmware update.

Application Support: Certain applications may require a firmware update.
BAL will have a firmware upgrade app available in the Google Play store some time in Q2
2013.
13
LED Panel Icons
Home Screen
The Home Screen is displayed on the reader’s LED panel when the reader is first powered
on. The display indicates the following:



Reader’s Bluetooth transmission status: (On / Transmitting)
Reader’s Authentication Timeout status
Reader’s battery power status: (see Battery Status Icons)
Data Transfer Screen
The Data Transfer Screen is displayed on the reader’s LED panel when there is data being
transferred between the Android device and the reader over a secure Bluetooth connection.
14
Battery Status Icons
The reader’s Battery Status Icon will display the remaining charge remaining in the reader’s
battery, as shown below:
When the battery reaches 5% charge, the Low Battery warning will be displayed. You should
charge your reader when the battery reaches about 20% - 40%, depending on your
anticipated activities what will require connectivity to your reader, such as accessing email
or another application that requires smart card authentication.
Inserting a CAC or PIV card
As noted above, the reader does not have a power on or off button. Inserting a smart card
into your reader will power on the reader. Removing the smart card will power off the
reader.
NOTE: When used in the Bluetooth mode, the reader’s radio functions are only enabled
when your smart card is firmly inserted into the reader as shown below.
15
Battery
Your reader contains a removable, rechargeable battery. This battery is a custom battery,
built specifically for the baiMobile 3000MPReader. In the event that your reader’s battery
no longer holds a charge, please contact support@baimobile.com for a replacement battery.
Reader Error Massages
"NO CARD!"
This is displayed when the reader is powered-on without any card inserted. This can happen
if the user uses the 'OK' button to cause power-on without a card inserted or if they plug-in
the charger to the reader without the card inserted. This indication is displayed for a few
seconds before the reader will turn itself off.
"BAD CARD"
It is displayed while the reader is powering-on with a card inserted but the reader was
unable to get the card to return an ATR (Answer To Reset) after causing card Reset. This
indication is displayed for a few seconds before the reader will turn itself off.
"LOW BATT"
It is displayed during power-on if the battery is detected as having very little power
remaining. Once the reader is finished powering-on (booting), this indication is replaced
with normal LCD indicators. This indication can only be displayed as a result of the booting
self checks. We don't quantify this threshold value in any way since it may be adjusted in
the future.
16
Pairing
Pairing Basics
Before you can use your baiMobile 3000MP Reader, it must be securely paired with your
Android device. The Bluetooth pairing process involves exchanging a randomly generated
number used by both your Android device and your reader for secure Bluetooth
communications. This and other security measures insure that Bluetooth communications
between your reader and your phone cannot be intercepted by a third party.
The baiMobile 3000MP Reader utilizes the Secure Simple Pairing Numerical Comparison
model, which is standard in most devices that have Bluetooth version 2.1 and higher.
During pairing, a six digit number will be displayed on your Android device screen and on
the reader’s LED display. You must compare both numbers and confirm that they match.
Before You Begin
A few things to remember before pairing:

The reader may only be paired with one Android device at any one time.

The Android device may only be paired with one reader at any one time.

Neither the reader nor the Android device will support multiple or simultaneous pairings.

Be sure that you have fully charged the Android device and reader before starting pairing

Have both your smart card (CAC/PIV) handy.
NOTE: You must have an application installed first on your Android device that supports
the baiMobile 3000MP Reader (such as Good Mobile Messaging). The reader will pair, but
not connect, with an Android device otherwise. Please check our web site for a list of
supported
applications
http://www.biometricassociates.com/products/smart-cardreaders/android-supported-apps/
17
Your Android device
1. Go to the Settings menu
2. Select Wireless & Networks
18
Your Reader
Your Android device
Your Reader
3. Make sure that Bluetooth is enabled
4. Insert your Smart Card into the reader
as shown.
5. The reader’s LED panel displays
Booting for about 1.7 seconds, then
displays AuthTime for about 1.7 seconds.
19
Your Android device
Your Reader
6. Next, reader’s LED panel displays the
reader Home Screen.
7. On your reader, press and hold the
OK Button as shown (below). The LED
display now shows the reader firmware
version for about five (5) seconds, then
displays Lift Btn. Now release the OK
Button.
8. The reader’s LED panel will now
display New Pair? for about six (6)
seconds.
20
Your Android device
Your Reader
9. Now press and release the OK Button
while the NewPair? prompt is displayed
on the LED panel.
10. The reader is now discoverable by the
Android device and will remain in this
state for about ninety (90) seconds. The
LED panel now displays the last four
numbers of the reader’s unique Bluetooth
address.
21
Your Android device
Your Reader
11. Select Scan for Devices. Your Android device will
now attempt to discover the reader. Both your reader
and Android device should be in close proximity to each
other. Pairing should be done in a secure environment
and not in a public area.
12.Your Android device will now display a list of compatible
Bluetooth devices that it has discovered. Compare
the Bluetooth device ID# displayed on your Android device
with the device ID# displayed on your reader. If the ID
numbers match, select the Bluetooth Device highlighted.
22
Your Android device
Your Reader
13. The Reader’s Bluetooth address will be
displayed for about 10 seconds before changing
to “bai2bdGen”. Select bai2bdGen to pair
with the reader.
14. Next, the Android device will display
the randomly generated pairing code. Look
at the code now displayed on the reader’s
LED display.
23
Your Android device
Your Reader
15.Compare the first number of the pairing code
displayed on the phone. Compare that number
(in this example “0”) with the number displayed
on the reader’s LED panel. If they match, press
the OK button.
16.Repeat these steps until you have accepted all
six numbers on the Reader.
17. Now, press Pair on the Android device
24
Your Android device
Your Reader
18. You will now see the confirmation
messages below on your Android device
and your reader.
Pairing Troubleshooting
First, make sure that both your Android device and reader are fully charged. Both the
Android device and the reader have defined periods of discoverability. These “windows” of
discoverability are as follows:

Reader: Time the reader stays discoverable (waiting for pairing to start): 1 minute
and 30 seconds.

Reader: Once the reader is selected from the list on the phone, the 6 digits are
displayed on the phone and the 1 st digit is displayed on the reader. the user must
confirm each digit within 10 seconds (by pressing the OK button).

Android device: about 10-20 seconds
If either of the discovery windows time out before the devices discover each other, pairing
will fail and the process must be restarted.
25
Troubleshooting - Other
On rare occasions, the reader will remain on even when the smart card is removed. The
reader’s LED screen will display as shown below. To reset the reader, remove the battery
and then reinsert the battery. If the condition is not remedied, please contact BALP Support
at support@baimobile.com
26
Index
B
Bluetooth®
pairing, 17
P
Pairing
Reader, 17
R
Reader
accessories, 8
battery, 16
charging battery, 12, 13
software requirements, 5, 6
specifications, 7
27
baiMobile™ Bluetooth Smart Card Reader
Second Edition
Copyright © 2007, 2008 Biometric Associates L.P. All rights reserved.
The software described in this document is furnished under a license agreement and may be used only
in accordance with the terms of the agreement.
This document may not, in whole or in part, be copied, photocopied, reproduced, translated, or
reduced into an electronic medium or machine-readable form without the prior written consent from
Biometric Associates, LP All examples with names, company names, or companies that appear in this
manual are imaginary and do not refer to, or portray, in name or substance, any actual names,
companies, entities, or institutions. Any resemblances to any real person, company, entity, or
institution are purely coincidental.
Every effort has been made to ensure the accuracy of this manual. However, Biometric Associates, LP
makes no warranties with respect to this documentation and disclaims any implied warranties of
merchantability and fitness for a particular purpose. Biometric Associates, LP shall not be liable for any
errors or for incidental or consequential damages with the furnishing, performance, or use of this
manual or the examples herein. The information in this document is subject to change without notice.
Windows Mobile® and Microsoft Exchange ActiveSync® are registered trademarks of Microsoft®.
Other brand and product names mentioned in this manual may be trademarks or registered
trademarks of their respective manufacturers. The information contained herein is subject to change
without notice. Revisions may be issued to advise of such changes and/or additions.
Trademarks
BAL and baiMobile are registered trademarks of Biometric Associates, L.P.
Biometric Associates, LP
Washington Area Office
9475 Deereco Road, Suite 304
Timonium, MD 21093
Maine Office
21 Main Street – Suite 102
Bangor, ME 04401
The BAL Technical Support team understands the importance of prompt responses to customers. That
is why Biometric Associates, LP is committed to delivering top quality, high-level support to all of its
customers in a timely and effective manner. Current BAL Technical Support is available at:
support@baimobile.com .
29
Was this manual useful for you? yes no
Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Download PDF

advertising