Docomo merging QR payment app functions into iD and Apple Pay

In a classic, ‘isn’t this how it was supposed to work all along?’ fumble, Docomo is finally doing the right thing by merging the ‘rush rush we have a QR Code payment app too’ dHarai app into a rebranded dHarai iD with, eventually, better Apple Pay/Google Pay iD integration. The first step today is the refreshed Android iD add that merges the Android only dMini card into dHarai (iD). An updated iOS dHarai app will be coming later along with other merged functions.

This announcement would have made a much bigger splash a year ago, but with the Line Pay Yahoo Japan merger taking up everybody’s attention now, it feels like Docomo is fixing a mistake in reaction to the merger, which it is not. In the current Japan cashless payments market frenzy, timing and smart execution is everything, just ask 7pay.

Advertisements

Smart Octopus Offline Until Further Notice

UPDATE: Smart Octopus services are online again after a 15 hour or so outage, let’s see if OCL offers up an explanation for an unscheduled, and so far, unexplained service outage.

Octopus Cards Limited suspended Smart Octopus online services on November 18 around 6pm local time: All online services for Smart Octopus are temporarily unavailable until further notice. It was impossible to figure out what exactly stopped working as the OCL site did not list details.

It sounded like select Smart Octopus backend services were offline (for adding cards, credit card recharge, etc.) but Smart Octopus was not blocked at the gates (hard but not impossible to do with hotlist management). Smart Octopus in Samsung Pay users were the only ones who knew what worked and what didn’t.

It could be that OCL parent MTR wanted to discourage mobile transit use and divert transit users to recharge Octopus cards at machines that can be turned off by area or station as needed at a turbulent time with Hong Kong Polytechnic University under siege. It could also be that nothing was really offline as MRT has done similar things before, such as taping ‘out of service’ notices on fully functioning kiosks, perhaps to discourage protesters and supporters from moving around freely. Without an official explanation for anything, we don’t know.

In the current state of affairs I don’t think Apple Pay Octopus will launch this year even though everything is ready to go. It’s impossible to launch a new service when MTR and OCL are showing signs of reining services in without notice. Whatever is really happening, it feels like Hong Kong is under a kind of lock down. Stay safe.

Line Pay Pay Pay

Disclaimer 1: As many regular readers know, I am not a QR Code fan. It’s not the technology so much as the assumption that the central processing model and constant network connections solve everything. When I went to Starbucks today I tried paying with the Starbucks app bar code and got a nice little rude reminder that when one link fails, the whole QR/bar code chain crashes. The WiFi at that particular Starbucks store is not robust and ends up jamming the smartphone 4G pipe because the device thinks there is a good WiFi connection. After 2 attempts without getting a bar code load, the staffer said, “turn off the WiFi.” I gave up and used Apple Pay Suica instead. Done.

Disclaimer 2: As many regular readers may not know, I am not a SoftBank fan. This goes back to the time when SoftBank bought Ziff Davis of which the Seybold Report was part of. SoftBank quickly destroyed the Ziff Davis business by sucking it dry and selling off the zombie for a good price before anyone realized it was dead. I wrote for the Seybold Report at the time. What had been a tightly run ship collapsed into chaos because the parent company starved the subsidiary groups and people didn’t get paid. Later on when I wrote reports for Off The Record Research, I regularly visited a Yahoo Japan source who complained that they could not create good iPhone apps because SoftBank constantly sucked the budgets dry. Later on he quietly told me he could not complain anymore because all the conference rooms were wired and everything was recorded. SoftBank is that kind of company. To me all they ever really do is play one big never ending shell game.


There are lots of people excited by the Line Pay/Yahoo Japan merger. IT reporter Junya Suzuki says it’s about creating a ‘Super App’ platform. Bloomberg says it’s about creating a super ‘big data’ platform that sucks up everybody’s everything (and of course nobody discusses where the big data will be stored and processed: will it stay in Japan or be sent to notoriously security lax Korean data centers).

There will be lots of news and discussion in the weeks to follow but it’s important to remember a few essential points.

One: Line Pay and PayPay operations are running in the red, some people estimate PayPay could never turn a profit with its current business model.

Two: neither SoftBank/Yahoo Japan nor NAVER/Line Pay own a real bank. At some point in the cashless payments process, real cash has to change hands. Payment processors without real bank operations have to live with real bank transaction rules and fees, real banks will always have the upper hand. Having a real bank for example, puts Rakuten in a much stronger position than SoftBank. Yahoo Japan does own half of Japan Net Bank but this is a co-venture and Yahoo Japan only runs the internet service side, the other half, the real bank transaction half is owned and run by SMBC. In this arrangement SMBC is calling the shots.

As for me, I have been hanging out on the Girls Channel where Japanese women let down their hair and diss. Japanese women make, or break, products in Japan, especially everything Keitai, not men. Comments on the Line Pay and PayPay merger are very interesting and cutting. They range from “Mercari Pay is disappearing next” to “Hello Rakuten, goodbye Hagebank,” (a diss of bald Masayoshi Son, but also a double entendre for the highly leveraged SoftBank going bust). Day after day it reads like the bloom is off the Line Pay Pay Pay rose and Japanese women who created the first Keitai boom and have money now, are ready to move on. They are in it for the campaigns but not really in it. I’m going to keep hanging out with the girls. It’s a lot more fun and informative than reading the news, and faster too.

Visa Japan signs with Google Pay

Visa Japan finally officially signed with a digital wallet platform and it is Google Pay. As expected it comes with a price: no FeliCa support, no dual mode support, nada, just Visa Contactless that is branded as ‘Visa Touch’ in Japan. The press release outlines recent debit cards from Sony Bank (oh the irony), JapanNet Bank, Resona and Mitsubishi UFJ.

Visa offers dual mode plastic cards that have EMV and FeliCa support in one convenient chip package that work in Japan and abroad. However these new plastic and Google Pay cards are limited to the Visa Touch payment network which is slowly growing in Japan but still full of holes. The most useful payment method for these cards will be the reliable old contact one.

Visa Japan’s long term strategy here is to gradually pull out of the FeliCa based iD and QUICPay contactless payment networks and eventually issue everything on their own Visa Touch payment network. Apple Pay FeliCa support will never sit well with Visa Japan, but now with the Google Pay move we know what Apple Pay has to do to host new Visa card products.

Unfortunately Visa has focused on big marketing pushes like the Tokyo Olympics instead of a consistent and focused drive to build contactless payment support and customer awareness that benefits all players. In a payment market already flooded with payment network logos and acceptance marks, Visa Touch is just one more logo that adds to customer confusion. Visa could have been a leader, instead they gave QR Code players a nice big opportunity, a gift that keeps on giving.

What does open Apple NFC really mean?

The German law to force Apple to open it’s “NFC chip” is a confusing one. Why does an EU country with one of the lowest cashless usage rates single out one company’s NFC product in a last minute rider to an anti-money laundering bill? That’s not banking policy, it is politics. Details are few but let’s take a look at what it could mean because when it comes to NFC technology, details are everything.

Background stuff
The so called Apple ‘NFC chip’ is not a chip at all but a hardware/software sandwich. The Apple Pay ecosystem as described in iOS Security 12.3 is composed of: Secure Element, NFC Controller, Wallet, Secure Enclave and Apple Pay Servers. On one end is the NFC chip controller front end that handles NFC A-B-F communication but does not process transactions, on the other end there is the Secure Enclave that oversees things by authorizing transactions. The fun stuff happens in the Secure Element middle where the EMV/FeliCa/MIFARE/PBOC transaction technologies perform their magic with Java Card applets.

The A/S Series Secure Enclave and Secure Element are the black box areas of Apple Pay. The iOS Security 12.3 documentation suggests the Secure Element is a separate chip, but Apple’s custom implementation of the FeliCa Secure Element, and the apparent ability of Apple to update Secure Element applets to support new services like MIFARE in iOS 12 suggests something else, but it is anybody’s guess. Apple would like to keep it that way.

So what does ‘open NFC’ really mean?
It’s helpful to look at the issue from the 3 NFC modes: Card Emulation, Read/Write, Peer to Peer.

Peer to Peer
Apple has never used NFC Peer to Peer and I don’t think this is a consideration in the ‘open NFC’ debate.

Read/Write
This was a limitation up until iOS 12, but everything changed when iOS 13 Core NFC gained Read/Write support for NDEF, FeliCa, MIFARE, ISO 7816 and ISO 15693. Developers can do all the NFC Read/Write operations they want to in their apps, I don’t think this is a consideration in the ‘open NFC’ debate.

Card Emulation
Apple limits NFC Card Emulation to Apple Pay Wallet with NDA PASSKit NFC Certificates. This is what the ‘open NFC’ debate is all about. I imagine that German banks and other players want to bypass the PASSKit NFC Certificate controlled Apple Pay ecosystem. Instead, they want open access to the parts they want, like Secure Element, NFC Controller, Secure Enclave, and ignore the parts they don’t want like Wallet and Apple Pay Servers. They want the right to pick and choose.

The success of Apple Pay has been founded on the ease of use and high level of integration from a massive investment in the A/S Series Secure Enclave and other in-house implementations such as global FeliCa, etc. Outside players forcing Apple to open up the Apple Pay ecosystem represent not only a security risk to Apple but also a reduced return on investment. One commentator on MacRumors said it’s like Apple took the time and expense to build a first class restaurant and outsiders are demanding the right to use Apple’s kitchen to cook their own food to serve their own customers in Apple’s restaurant. It’s a fair analogy.

The NDA PASSKit NFC Certificate gate entrance rubs bank players the wrong way as they are used to giving terms, not accepting them. The Swiss TWINT banking and payment app for example is a QR Code based Wallet replacement that wanted the ability to switch NFC off, and got it.

My own WWDC19 Apple Pay Wish List did include a wish for easier NFC Card Emulation, but nothing appeared. It’s certainly in Apple’s best interest to make it as easy as possible for 3rd party developers to add reward cards, passes, ID cards, transit cards, etc. to Wallet. However given that the EU is hardly what I call a level playing field, the fact that bank players and politics go hand in hand in every nation, and the fact we don’t know the technical details of what the German law is asking Apple to do, all we can do is guess. In general, I think Europe will be a long rough ride for Apple Pay. At least until EU bank players get deals they are happy with.