fix: add NFC_PREFERRED_PAYMENT_INFO permission to prevent HCE stack contention#259
Closed
a1denvalu3 wants to merge 1 commit intomainfrom
Closed
fix: add NFC_PREFERRED_PAYMENT_INFO permission to prevent HCE stack contention#259a1denvalu3 wants to merge 1 commit intomainfrom
a1denvalu3 wants to merge 1 commit intomainfrom
Conversation
…id 15
Android 15 (targetSdk 35) requires the NFC_PREFERRED_PAYMENT_INFO permission
when calling `CardEmulation.setPreferredService()`, even when only
using a standard NDEF AID. If this permission is absent, the call throws a
`SecurityException`, which was previously caught and logged but caused a
silent failure where the POS terminal couldn't prioritize its own HCE service.
This caused NFC payments to be intercepted by the default payment app
(e.g., Google Wallet).
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #259 +/- ##
============================================
+ Coverage 20.64% 20.65% +0.01%
Complexity 773 773
============================================
Files 145 145
Lines 18575 18575
Branches 2274 2274
============================================
+ Hits 3834 3837 +3
+ Misses 14261 14256 -5
- Partials 480 482 +2 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
a1denvalu3
changed the title
Collaborator
Author
|
This is complete bullshit. I tried to log the security exception in question and it never appears... |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
This PR fixes a critical silent failure introduced by updating the
targetSdkto 35 (Android 15) which effectively broke the core NFC payment functionality.Root Cause
Android 15 strictly requires the
android.permission.NFC_PREFERRED_PAYMENT_INFOpermission whenever an application callsCardEmulation.setPreferredService(). The system enforces this at the API level unconditionally—even though Numo is only registering an NDEF tag (CATEGORY_OTHER).Because this permission was omitted from
AndroidManifest.xml, callingcardEmulation.setPreferredService(this, componentName)insidePaymentRequestActivityandModernPOSActivitythrew aSecurityException. This exception was caught and logged, causing a silent failure where the OS routed incoming NFC tap events to the device's default payment app (e.g., Google Wallet) instead of Numo'sNdefHostCardEmulationService.Changes Made
<uses-permission android:name="android.permission.NFC_PREFERRED_PAYMENT_INFO" />toapp/src/main/AndroidManifest.xmlto satisfy the API level requirement.