BLE Mobile Disengage Sequence

The implementation that transmits the mobile identification medium uses a design with a replay protection mechanism that has a patent pending. See EP3739554A1.

Interfaces

Interface	Annotations
BLE Advertisement	See documentation of the EVVA component manufacturer specific advertisement.
Mobile Identification Medium Service	See GATT service description
Mobile Access Data In Disengage Flow	See specification of data in flow

Interaction flow

Step	Description	Characteristic	Operation	Annotations
1	Discover an EVVA component via BLE Advertisement of EVVA Components and connect	N.A.	N.A.	Component unique identifier (6 bytes) is contained in advertisement Battery indication is contained in the advertisement
2	Read mobile groups	MobileGroups	Read	If the component does not return any mobile group, the connection SHOULD be closed.
3	Subscription of the access status	AccessStatus	Subscribe	Will be notified on change
4	Read challenge	Challenge	Read	Challenge is valid for the transaction within the current connection Challenge mechanism enables Over-The-Air Replay-Attack Prevention
5	Read the matching access rights from the persistent memory on the mobile phone	N.A.	N.A.	Access Rights are pre-encrypted by the backend and cannot be read or manipulated on the mobile device. Matching can be achieved using the component unique identifier (6 bytes). This requires meta-data that is handled/added by the backend.
6	Transmit the access rights packaged and encrypted (AEAD) using the current challenge (see Step 4). See Mobile Access Data In Disengage Flow for specifications.	MobileAccessData	WriteWithoutResponse
7	Receive access status notification from the component (see Step 2) and close connection.	AccessStatus	Notify	Status values are specified in Mobile Identification Medium Service

Specification Mobile