wirabasalamah/Brizzi-HCE
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
Brizzi-HCE/PRODUCTION_CHECKLIST.md

2.7 KiB
Raw Permalink Blame History

Brizzi HCE — Production Readiness (Langkah 16)

1) Hardening APDU & State Machine

  • Structured APDU parser (ApduParser) sudah dipakai.
  • Guard sesi/transaksi berbasis phase (BrizziSession).
  • Validasi panjang APDU, timeout sesi, replay-duplicate, dan limit command-rate di service.

2) Command/Session Security (Sudah Dilakukan)

  • Branching APDU terproteksi state (select → auth → command → commit/abort).
  • Error SW dipisahkan untuk malformed, unsupported, rate-limit, dan security status.

3) Build & Obfuscation (Sudah Dilakukan)

  • release tetap pakai R8 + shrink/resources.
  • Baseline ProGuard rules untuk service/router/card classes.
  • debug tetap non-minify agar troubleshooting.

4) Runtime & Platform Baseline (Baru)

  • Tambah NFC permission di manifest.
  • Nonaktifkan cleartext traffic (usesCleartextTraffic=false) + network security config.
  • Tambah FLAG_SECURE di activity agar layar tidak bisa di-screen capture.

5) Monitoring & Incident Readiness (Wajib)

  • Implement audit log terstruktur untuk event security (replay hit, rate-limit hit, auth fail).
  • Menambahkan counter audit event di runtime:
    • BrizziSecurityMetrics menyimpan jumlah event keamanan dan command-response.
  • Batasi log production ke metadata minimum (tanpa card data raw/APDU body).
  • Export statistik sudah aktif:
    • success/fail command rate (COMMAND_SUCCESS, COMMAND_FAIL, COMMAND_TOTAL),
    • timeout/rate-limit/replay statistik terpisah,
    • incident threshold auto-alert (COMMAND_RATE_LIMIT, REPLAY_DETECTED, APDU_PARSE_FAILED, AUTH_DENIED, dll.).
  • Incident report juga diekspor ke file lokal internal:
    • security_metrics_report.txt ditulis saat command selesai dan saat deactivation.

Perintah cepat (opsional)

  • Dump metrik (debug-only):
    • adb shell am start -n com.korancrew.brizzi/.MainActivity -a com.korancrew.brizzi.ACTION_DUMP_METRICS
  • Reset metrik (debug-only):
    • adb shell am start -n com.korancrew.brizzi/.MainActivity -a com.korancrew.brizzi.ACTION_RESET_METRICS
  • Catatan:
    • file log tambahan ada di:
      • /data/data/com.korancrew.brizzi/files/security_metrics_report.txt (dengan run-as pada debug)

6) Release Operations (Wajib)

  • Siapkan signing config release dan keystore aman.
  • Smoke test HCE end-to-end di device fisik:
    • select AID 1 & AID 3,
    • auth success/fail,
    • debit/credit + commit + abort,
    • update log/last transaction + commit,
    • replay/rate-limit handling.
  • Lakukan QA dengan:
    • command invalid / malformed,
    • APDU burst,
    • NFC deactivation/reactivation,
    • timeout sesi.
  • Pastikan Play Console/enterprise rollout memakai APK/AAB yang sudah ditandatangani.