Will Pixel Watch finally deliver global NFC Google Pay? Ever since Apple made global NFC standard on all iPhone and Apple Watch models in 2017, global NFC has become a litmus test of ultimate Apple-like user friendliness. When inbound devices can add Suica, it’s not only cool, but also necessary to get around. Garmin and Fitbit wearables do the global NFC thing, but Android remains stubbornly ‘buy a Japanese smartphone to do the Suica FeliCa thing.’
Which brings us to Pixel Watch which got a sneak peek at Google I/O 2022. The buzz on Japanese Twitter was basically: I want one, but not if it does’t have Suica support. Fair enough, I bet a lot of people are thinking that and not only in Japan. After all, Hong Kong users would love having a Pixel Watch that supports Octopus.
The good news is that Suica appears to be coming to Google Pay for Wear OS. Various Suica string have appeared in recent Google Pay APKs. This is expected: it would certainly be very awkward if Pixel Watch doesn’t support Suica when Fitbit devices do.
Digital My Number on track for Android 2022 launch, Apple Wallet due in 2023 The Ministry of Internal Affairs and Communications (MIC) digital version of My Number Card (Individual Number Card) is on track to launch in 2022 (October-ish?). The latest MIC Work Group PDF document has a full outline of the digital My Number system and the various services the Japanese government plans to link with it. In late 2020 MIC said they were ‘in discussions’ with Apple to bring digital My Number to Wallet and this has not changed. Nikkei reporter Mayumi Hirosawa saw a chance to grab some eyeballs and published, The My Number iPhone Wall, a typical Nikkei ‘article’ of lazy, subjective, puerile observations angled as big bad Apple, but nothing new.
Meanwhile Yasuhiro Koyama’s online article on Keitai Watch is far more interesting and informative. MIC official Takashi Uekariya, the goto My Number digital guy, says the MIC and Apple are ‘working hard’ to bring digital My Number to Apple Pay Wallet, and that because Apple locks down new iOS features far in advance, timing wise it looks like iOS 17 in fall 2023 is the likely target for My Number on Apple Wallet. It would be nice though if Apple could surprise us later on in the iOS 16 release cycle, always good to raise the bar and deliver above expectations.
Looking at the larger picture, MIC documentation clearly states that My Number digital card requires a GlobalPlatform embedded Secure Element (GPSE) device, and that except for a small amount of SIM Free Android junk, most smartphones sold in Japan (both Apple and Android) are GPSE certified. An interesting sidelight is that ‘FeliCa chip’ Osaifu Keitai Android devices will support My Number NFC-B transactions. Going forward that means nobody in Japan will buy a device without a GPSE that doesn’t support My Number digital card and the associated banking services that will link to it. Kiss HCE goodbye.
The JR East paper ticket booklet replacement problem has a solution: Suica 2 in 1 transit points It might seem like a great idea for JR East to migrate the legacy paper ticket bundle (the good old buy 10 and get one free) to Suica…but there’s this little problem of JRE POINT. Repeat Point Service has the same basic concept, 10 trips on the same route in the same month earn you a free trip in JRE POINT. Unfortunately, setting up a JRE POINT account is a pain in the ass, and getting the points back into Suica balance is a huge pain in the ass. For Mobile Suica there’s JRE POINT app + Suica app + Suica Pocket. For plastic Suica there’s JRE POINT app + a visit to the local station kiosk. It’s way beyond the ability of elderly transit users who just want to save on expenses.
Suica 2 in 1 Region Affiliate cards are a much better deal because they have transit points built in. No registration, no setup, just use the transit card and the system does everything for you. Automatically earned points are turned around and automatically used for paying fare. Simple, useful incentive: all one does is use the card for transit and receives a discount in return. This is the way it should be. JR East would be smart if they implemented a similar automatic transit point feature for Tokyo region Suica. JRE POINT is fine for larger more complex integration such shopping and Eki-Net ticket purchase, but integrated, invisible transit points for discounted regular transit would fill a big post-Covid need. I guarantee people would start riding the rails again after the long pandemic pause.
Sometimes it takes Apple support pages a while to acknowledge the current reality of iOS. iOS 15 Wallet brought ‘region free’ transit cards with an improved UI so that allowed Apple Pay users from anywhere to add transit cards directly in Wallet. Apple support document HT207155 “Add a Suica or PASMO card to Apple Wallet“ removed the ‘device region set to Japan’ requirement in an April 29, 2022 update, some 6 months after the iOS 15 release.
‘Region free’ transit cards are not all equally region free however: some transit cards only accept locally issued Apple Pay cards for adding money. This is the case for Hong Kong Apple Pay Octopus and all Chinese T-Union brand transit cards (too many to list). Octopus does offer a surprisingly user unfriendly iOS Octopus for Tourist app for tourists add Octopus to Wallet, that unfortunately locks in usurious currency exchange rates.
There are also some interesting tweak updates in the companion support doc: Use Suica or PASMO cards on iPhone or Apple Watch in Japan. The first is Apple going all in with the UK English ‘top up’ as the default English word for adding money to prepaid cards. Why not stick with regional differences? Does Apple want America to become a cultural extension of Great Britain or something? Recharge was used previously in the US doc version though I suspect most Americans would use reload here. ‘Top up’ is too UK for my tastes and should only be used when drinking. I’ll stick with recharge.
The other change is an expanded Check the balance section that now includes If your Suica or PASMO card balance doesn’t update, with a link to a fairly new support doc, “If your transit card balance doesn’t update in Apple Wallet.” If there is one common complaint from Suica and PASMO users it is that the sometimes sluggish Apple Pay recharge process, usually due to a poor internet connection, occasionally results in the balance not updating. As the Apple doc states: the truth is always in the recent transactions list.
The last new tweak is a new section: Get a refund for purchases made with your Suica or PASMO. It has good advice that should have been there from Apple Pay Suica launch day, “return the item to the same terminal where you made the purchase before you use Suica or PASMO to make another purchase using Apple Pay.”
Unfortunately Apple failed to update has the Use the Suica or PASMO app section, leaving some very outdated and incorrect information. Shinkansen eTicket service in Suica App ended back in March 2020, and Green Car tickets were never available in PASMO app.
I guess they were too busy swapping American English with British English to notice the errors.
(The) Digital Markets Act will…require companies designated as gatekeepers to ensure effective interoperability with hardware and software features they use themselves in their ecosystems. This includes access to NFC for mobile payments.
Today’s case addresses a conduct by Apple that has been ongoing since Apple Pay was first rolled out in 2015 <sic, 2014 actually>. This conduct may have distorted competition on the mobile wallets market in Europe. It prevented emergence of new and innovative competition that could have challenged Apple.
Both pieces miss important context surrounding the debate however…and with this issue context is all, especially how Apple Pay is playing out in other global markets. Most of what follows I’ve covered in earlier posts but hope to pull the various issues together in one post. Yet again, we kickoff with an updated Apple Pay diagram.
The so called Apple ‘NFC chip’ is not a chip at all but a hardware/software sandwich. The Apple Pay ecosystem described in iOS Security is a collection of tightly integrated polished pieces: Secure Element, Secure Enclave, NFC Controller, Wallet and Apple Pay Servers, all wrapped into a slick, easy to use UI with a final security wall of ‘secure intent’, a double-click side button hot-wired to the Secure Element. This approach has been so successful that people divide mobile payments history into pre-Apple Pay and post-Apple Pay eras.
Apple Pay has a very simple rule: any card that loads a Java Card applet into their embedded secure element (eSE) has to reside in Wallet app. The maximum number depends on how many Java Card applets it can hold at any one time, the previous limit was 12, the iOS 15 Wallet limit is 16 cards. Developers have two ways to access iPhone NFC: 1) Core NFC framework for NFC operations that don’t use the secure element, 2) Secure Element pass certificates for NFC operations that need secure element transactions (payments, keys, ID, passes). Any developer who wants to run applets in the eSE has to apply for a PassKit NFC/Secure Element Pass Certificate. This is covered by NDA but a company called PassKit (not Apple) gives us an idea what Apple’s Secure Element Pass guidelines are:
Apple care a great deal about the user experience. Before granting NFC certificate access they will ensure that you have the necessary hardware, software and capabilities to develop or deploy an ecosystem that is going to deliver an experience consistent with their guidelines.
The end to end user experience, the whole reason behind the success of Apple Pay. But this gatekeeping is what riles banks and financial service providers who want to load their applets into the secure element without the Apple Pay gatekeeping, without the Apple Pay ecosystem and without the Apple Pay commission. They want to do their own transactions with their own app for free. This is what the EU Commission means when Vestager says: “Evidence on our file indicates that some developers did not go ahead with their plans as they were not able to to (sic) reach iPhone users.” It should read: when they were not able to reach iPhone users for free. Either the developer didn’t apply for a Secure Element Pass, didn’t pass the certification process, balked at Apple’s certification conditions, or couldn’t agree on Apple Pay commission rates.
Secure element gatekeeping is not new, it is an essential part of the secure element system:
A Secure Element (SE) is a microprocessor chip which can store sensitive data and run secure apps such as payment. It acts as a vault, protecting what’s inside the SE (applications and data) from malware attacks that are typical in the host (i.e. the device operating system). Secure Elements handle all sorts of applications that are vital to our modern digital lives…
Mobile Payments Here, the Secure Element securely stores card/cardholder data and manages the reading of encrypted data. During a payment transaction it acts like a contactless payment card using industry standard technology to help authorize a transaction. The Secure Element could either be embedded in the phone or embedded in your SIM card.
Lifecycle management It’s crucial that SE-embedded devices are secure throughout their lifecycle. That’s why Secure Elements need to have an end-to-end security strategy. It’s no use developing a robust security solution for a device which becomes obsolete after a period of use. This is why Secured Elements can be updated continuously to counter new threats.
Few people, especially a PayPal or EU Commission vice president, discuss the crucial secure element lifecycle management aspect. It’s not convenient for them to say the secure element ‘gatekeeper’ is responsible for keeping it secure. Far more convenient for their arguments to omit this, portray gatekeeping as unnecessary and gatekeepers as evil. In the end however, Apple has to maintain secure element updates from the various licensed secure element providers (EMV,FeliCa Networks, MIFARE, and so on) if secure payments are going to work at all This is what people who say, ‘it’s my device, we should be able to use NFC how we want,’ do not understand.
People also forget that nothing is free, you get what you pay for. With Apple Pay as gatekeeper, users get simplicity, innovation and feature updates. Simplicity: users get NFC they can use out of the box without Android-like NFC complexity such as secure element positions and obscure express mode settings.
Innovation: Apple Pay has features like Global NFC. iPhone and Apple Watch are the only smart devices that come with FeliCa built in as standard to use in Hong Kong or Japan, while Android limits functionality by market region. It’s astounding that Android, not even Google Pixel Android, has matched this basic functionality yet. We’re seeing more innovation as Ultra Wide Band (UWB) extends Wallet functionality to include ‘Touchless’ car keys and eventually, UWB enhanced automatic card selection as you approach the reader; more helpful than you might think.
Japan is key to understanding what’s really going on in the Apple Pay monopoly debate. Japan was the first market with an established mobile payment platform in place, long before mobile EMV contactless payments took off in Europe. iPhone also has a much larger marketshare in Japan than it does in Europe. It’s a shame people pass up the opportunity to learn from the successes and failures here.
So what’s the EU Committee vision for ‘open NFC’? I think it’s a rehash of the secure element wars when carriers locked mobile payment services to SIM contracts. In 2013 Google incorporated SimplyTapp HCE (Host Card Emulation ‘secure element in the cloud’) technology as a NFC ‘workaround’ to ‘free’ NFC from the evil clutches of mobile carriers. Sound familiar? Android NFC has never been right since.
How little things change, swap ‘evil mobile carriers’ for ‘evil Apple’ and you have the same self serving ‘open’ vs ‘closed’ NFC chip nonsense that people are debating today. FeliCa Dude, the ultimate industry insider who has experienced it all, said it best: ‘It’s all eSE or nothing now.’
And yet we now have Île-de-France Mobilités (IDFM) turning back the clock, circumventing the eSE on NFC equipped Android devices and going all in with HCE for IDFM’s Smart Navigo service for Android. To me this says all you need to know what European priorities are regarding the ‘open NFC’ model: eliminate eSE gatekeepers by forcing the less secure network dependent HCE as a required option. Good luck with that. From a transit perspective, based on Mobile Suica user experiences, I don’t think HCE Smart Navigo will be a smooth ride.
The EU Committee ‘open NFC’ vision might look ideal…to Apple Pay competitors. Regular users however, will have to deal with the ugly reality of multiple NFC apps, multiple NFC secure element modes and clashing updates that cancel out NFC services. Apple Silicon eSE space is limited to 16 cards. If that sounds like a lot now, wait until you have credit cards, transit cards, home, car and office keys and ID installed along with ‘open’ NFC apps wanting their own eSE space too. Services will be squeezed out forcing the user to intervene. If the EU Committee thinks this environment fosters competition and innovation while growing mobile payment use, dream on.
Japanese tech journalist Junya Suzuki has covered NFC mobile payment developments in Europe, America and Japan for over 2 decades. He doesn’t think the EU is playing an even hand here, in his opinion Samsung and Huawei would never face the scrutiny that Apple now faces. In typical European cultural fashion, EU motives pay lip service to fair open markets while playing an underhanded game of chess to make Apple do what EU banking interests want Apple to do. In other words, a double standard.
What does Apple need to do? I’ve always said that Apple needs to make the Secure Element Pass application process as transparent as possible. Keeping the blackbox NDA process as it is now makes Apple Pay a target, increasingly difficult to defend the status quo. Secure Element access on the level of Core NFC is a long shot, the very definition of a secure element means there has to be a developer certification process similar to EMVCo, FeliCa Networks, MIFARE, Calypso Networks Association, etc., that protects the privacy and business interests of all parties. But it would be great if there is a middle way where Apple can securely open things up for iPhone as a digital wallet, and iPhone as a payment terminal. We’ll see if Apple has anything to say about the subject at WWDC22.
Recommended reading: Ruimin Yang’s wonderfully detailed analysis, “Apple Pay monopoly, are we really comparing ‘Apples’ with ‘Apples?“outlines the entire Apple Pay system architecture, how it compares to other digital wallet platforms, (Google Pay, Samsung Pay) and what ‘open vs closed’ means in the ‘Apple Pay is a monopoly’ debate.
Spring is a busy time in Japan, new school year, new college grads starting new jobs, moving, etc. There are all kinds of specials too for new school year clothes, new suits, shoes, business bags. With everybody so busy you might think there is little time for karaoke, so more than a few media heads turned when the mega karaoke chain Joy Sound offered a Brother sewing machine plus room rental campaign running from February to May. Why would anybody want to rent and use a sewing machine at a karaoke place?
There is a good reason behind it all. First graders are required to have a family made tote-bag. It cannot be store bought, and it has to be made by the family. Anybody will do, mom, dad, grandma, aunts, uncles and so on. The school teachers use it as an exercise to closely examine what the family comes up with. Is it sloppy or carefully made? Is it thriftily made with recycled cloths (high marks for that), or made with all new store bought cloth. You can tell a lot about the child’s family and parenting environment this way, and it helps teachers understand what the child’s educational needs are.
And so, spring is also sewing machine season to make all those first grader tote-bags. Offering sewing machine karaoke rentals is clever marketing because karaoke rooms are thoroughly soundproofed which small houses or apartments are not. And if the family member charged with marking the tote-bag wants to take a break, sing a song, order food, a beer, whatever, they can do that too. A win-win, though it does speak volumes on the current state of things when karaoke establishments need to with come up clever marketing ideas to fill their empty karaoke rooms.
It’s interesting parsing app reviews that say ‘this app sucks’. How does it suck and why? As I’ve said before, the overwhelming negative App Store reviews for Suica App are less about the app and more about lousy carrier auto-connect • free WiFi connections messing with the Mobile Suica recharge function. Most users see Suica App as the software that controls everything Mobile Suica AND iPhone NFC hardware. It does not of course but people dump all blame on Suica App anyway.
It’s a complete mystery why people even bother using Suica App when so much Mobile Suica functionality is built in Apple Pay Wallet right out of the box. Nevertheless it’s safe to conclude that Suica App user angst is network related. People assume the WiFi and cellular icons at the top of the iPhone screen indicate a healthy internet connection, which they decidedly do not.
Most of what Mobile Suica does is done without an internet connection. The only time it needs one is recharge time with a credit card in Apple Pay Wallet app or Suica App. All that complaining over one Mobile Suica feature however, tells us something important about WiFi and cellular internet connections in station areas and on trains: they suck. Despite ubiquitous cellular and WiFi coverage, reliable internet is notoriously fickle in those famously busy Japanese train stations. This is the real reason behind all those ‘this app sucks’ Suica App reviews.
Which brings us to Smart Navigo, the Île-de-France Mobilités (IDFM) Paris region transit card for mobile that is going wide on Android smartphones this year. IDFM has spent a lot of time and expense working with Calypso Networks Association (CNA), the transaction tech used for Navigo, to implement the less secure network dependent Calypso HCE ‘cloud’ secure element approach as the default mobile transit tech for Android devices in 2022.
It is very unusual that IDFM chose HCE as their go to mobile strategy on Android when the more secure hardware embedded secure element (eSE) is standard on all smartphone NFC devices, and does the job without internet connections. HCE is very different from eSE in that both NFC smartphone and the reader need a connection to talk with a server. HCE was also conceived for leisurely supermarket checkout, not the challenging transit enviroment. How does Calypso HCE compare to the network-less eSE experience? CNA says:
For security reasons, transactions using the personalization key or the load key are not possible through the NFC interface, and must be done with a secure connection to a server.
Only the Calypso debit key is stored in the HCE application for validation on entrance and control during travel, coupled with a mechanism of renewal of the Calypso Serial Number (CSN) to mitigate the risk of fraud : a part of the CSN contains date and time of validity of the debit key which shall be checked by the terminals.
It’s too bad IDFM didn’t study Mobile Suica shortcomings, they could have learned a few things. Most certainly they understand HCE shortcomings but chose it anyway for unknown (political?) reasons. Right out of the gate Smart Navigo HCE won’t support power reserve NFC transactions even on Android devices that support it for regular eSE NFC. In total, there are 6 core Smart Navigo features that are internet connection dependent vs 1 Mobile Suica feature. 6 more things to complain about when they don’t work…in other words the Smart Navigo HCE suck index is 6 times greater than Mobile Suica. If Suica App is anything to go by, there are going to be a lot of bad Google Play reviews for the HCE version of the Île-de-France Mobilités App.
iPhone and Apple Watch users can be thankful that Apple Pay Navigo will use eSE (as Samsung Pay Navigo already does), and avoid most of this mess when the service launches in 2023, matching the Mobile Suica experience, feature for feature.