Mobile Suica has had a rough 2 weeks. On June 24 a construction error during server center power supply expansion work left JR East Mobile Suica and Eki-Net online reservation services offline for 12 hours (0:00~12:00). It was an embarrassing mishap but the actual damage was small, limited to refunding Eki-Net ticket holders who couldn’t change ticket reservations. Mobile Suica was offline so no refunding was necessary because nobody could use the Mobile Suica credit card recharge service. No need to refund what people can’t buy.
A shorter but much more problematic outage happened on June 27. Media mistakenly reported that Mobile Suica was down but this was not the case as Mobile Suica on Android was working just fine. It was an Apple Pay problem: Apple Pay servers went down from heavy demand on Apple Pay ICOCA launch day, taking down not only Apple Pay Suica recharge but also PASMO, ICOCA, nanaco, WAON, Octopus, China T-Union, adding credit cards and other Wallet services worldwide. As the outage took place during the Japanese business day, JR East had to refund iOS Suica App users who attempted to buy or use Suica Green Car tickets during the Apple Pay outage.
Just as things were settling down, another even shorter 40 minute period of trouble occurred on July 8 at 12:00~12:40 JST. Again the media reported that Mobile Suica was down, again they were mistaken, and again it wasn’t an JR East or Mobile Suica problem, it was a much wider, and unreported, EMV credit card payment network outage. EMV transactions on readers everywhere were not responding, and they were not working for Apple Pay or Google Pay. However FeliCa payment network cards were working.
And finally there was, yet another, Apple Pay and Wallet outage on July 14 from 17:45 to 18:30 JST, with another round of Japanese media bashing poor old Mobile Suica without checking for the wider Apple Pay outage.
Mobile Suica caught the media blame because they were the only company duly reporting the problems on Mobile Suica support SNS services. JR East never lays an outage blame on Apple Pay, or any other service partner because they know Mobile Suica users don’t care, they only want to know when things are not working and when they will be fixed. This is the way it should be done because they are giving their users fast, accurate, service information…even if that means they have to take the media and SNS blame that comes with it.
But despite all the Mobile Suica outages including the EMV payment network one, the Suica card itself always remained working, both digital or plastic versions. As long as there is money on the card it works for transit and payments, and cash recharge is available 24/7. This is an under appreciated but very important aspect of the Transit IC system: there is always a non-network fail safe cash backup. Japanese never put all their household finances in one basket, cash is always the one thing that works after an earthquake, typhoon, natural or manmade infrastructure damaging disaster strikes.
In the EMV credit card payment network outage there was, without doubt, unreported trouble with open loop system test deployments on Nankai, Fukuoka Metro and other QUADRAC • stera transit operated systems, which all open loop systems in Japan use: it’s the only open loop player in town.
Unlike Mobile Suica however, when the credit card payment processing network goes down, open loop doesn’t have a fail safe cash backup. And while that’s not a problem now with small installation test sites and a tiny user base, it will be when open loop goes big time. The transit companies deploying open loop have an obligation to take care of their customers, but will they take JR East-like responsibility when QUADRAC goes down, or stera goes down, or NTT Data CAFIS, payment processing centers, or mobile carrier networks? Because believe me they will. All highly connected, interdependent networks do. That’s why we always need alternative methods and networks. Too bad that VISA is working to remove the non-EMV transit gate competition in Japan.
Express Transit Suica ruins the Apple Pay experience for using anything else. You want Apple Pay to work that way everywhere but it doesn’t. Most of the time we trudge along using Apple Pay Wallet with face mask Face ID authorization, although the Apple Pay experience on Apple Watch is a big improvement as well as being a trusted device for secure intent.
iPhone users in America are finally getting a taste of Express Transit en masse with the 2020 rollouts of Apple Pay for SmarTrip, TAP, Ventra and Clipper. Apple recently rebranded Express Transit as Express Mode on their new Wallet webpage (in Japanese it’s called Express Card). The branding change may seem trivial but it has bigger implications for first time users of new Wallet services in iOS 15, Express Mode goes places that Express Transit cannot: digital keys and digital ID.
These functions are not new of course, Express Transit cards and Student ID cards have been opening transit gates and doors these past few years. But Express Mode is for everyone and personal: your keys and badge to unlock your home door, unlock and start your car and get you into the office. With these refinements and additions it’s safe to say that iOS 15 Wallet finally delivers the digital wallet dream people have been talking about since 2010. Wallet can replace your wallet.
What’s new Last year I covered ‘coming soon’ Ultra Wideband Touchless and Code Payment (codeword Aquaman) Wallet developments. The Code Payments feature is still waiting in the wings. Steve Moser kindly confirmed that Aquaman code references are alive and well in iOS 15 with minor changes but this post will focus on announced features. In the WWDC21 Keynote Apple Pay section Jennifer Bailey announced keys and ID. The Wallet features you get from the ones listed on the iOS 15 preview page depend on the device:
Car keys with Ultra Wideband support (shareable) iPhones and Apple Watches equipped with U1 chip* (iPhone 11 and later, Apple Watch 6)
Car keys without Ultra Wideband support (sharable) Home keys (shareable) iPhone XS • Apple Watch 5 and later*
Office key Hotel key “Device requirements may vary by hotel and workplace.”
ID in Wallet iOS 15 devices watchOS 8 devices (the fine print: Not all features are available on all devices)
None of the new features will be available when iOS 15 launches. Expect them with the iOS 15.1 update or later. NFC Car keys launched on iOS 13 and iOS 14 in 2020.
The A12 Bionic • iPhone XS and later requirement for Wallet keys is easy to understand: Express Cards with power reserve. A12 Bionic (and later) powered NFC bypasses the iOS overhead with a direct connection to the secure element. It is vital that people can unlock car and home doors even when their iPhone battery is out of juice. Up to 5 hours of power reserve makes a huge difference, but only for iPhone. *Apple Watch supports Express Mode but not power reserve.
The bigger story is UWB because it is new technology that works with the Secure Element to create a whole new experience. Up to now the Secure Element was exclusively NFC. Not anymore, the Car Connection Consortium (CCC) Digital Key 3.0 specification “maintains support for NFC technology as a mandatory back-up solution.” Digital car key is first and foremost a UWB solution with NFC relegated to the back seat.
UWB connectivity adds hands-free, location-aware keyless access and location-aware features for an improved user-friendly experience…
3.0 addresses security and usability by authenticating the Digital Key between a vehicle and the mobile device over Bluetooth Low Energy and then establishing a secure ranging session with UWB, which allows the vehicle to perform secure and accurate distance measurement to localize the mobile device.
NTT Docomo and Sony demonstrated UWB car keys in action last January running on Android Osaifu Keitai hardware. Sony (FeliCa) and NXP (MIFARE and UWB chipsets) have worked closely to extend both FeliCa and MIFARE into the UWB Touchless era. The CCC Digital Key specification is open to any Secure Element provider. UWB + Bluetooth Low Energy (BLE) is simply another radio communication layer in addition to NFC.
This is significant as it opens up UWB to anything that currently uses the Secure Element and NFC. Apple has not spelled it out but suggest UWB might work with Home keys and there is no reason UWB cannot work with all keys, transit cards and Student ID. The WWDC2021 session video Explore UWB-based car keys is a great introduction and highly recommended viewing if you have any interest in the subject. The session is a bit unusual in that the discussion covers RF hardware and performance design more than software. It feels like the target audience is car manufacturers. There is a lot of detail to get lost in but here are some simple but essential points:
Secure Element improvements: the SE has always used unique keys for mutual authentication, this has been extended with ranging key deviation
Secure communication at a distance: UWB and BLE identifier randomization with secure ranging is an important security feature as UWB Touchless works over much greater distances than NFC reader tapping
Zones: the precise motion and positioning tracking of a paired UWB device with a unique key allows for ‘passive entry’ action zones, walking towards the car unlocks it, walking away locks it, etc. without any other user interaction
RF transceiver and antenna system design: is a deep and difficult art that echos the Suica creation story
JR East (Suica) and Hong Kong MTR (Octopus) have both said they are developing transit gates that incorporate UWB. This makes sense as Mobile FeliCa is now UWB savvy but after watching the WWDC21 session video I can only marvel at the complexity of the big picture because UWB is about mapping and using space and movement to perform an operation.
The engineers face countless problems and challenges to juggle in their quest to build a transit gate that delivers the same FeliCa NFC speed and reliability with UWB…at rush hour. They have to consider radiation patters, system latency and processing power, localization algorithms and much more. If they achieve their stated goal, 2023 could be a very interesting year for transit.
ID in Wallet Lots of people are excited about the possibility of adding a digital driver’s license to Wallet but as 9to5 Mac’s Chance Miller wrote, we don’t know much about about it at this point. Actually in Japan we do. The Ministry of Internal Affairs and Communications (MIC) released an English PDF: First SummaryToward the Realization of Electronic Certificates for Smartphones with a diagram that explains their digital ID system architecture. MIC remarked back in November 2020 that they are in discussions with Apple to bring the digital My Number ID card architecture to Wallet. The Android version is due to launch in 2023 and will likely employ the Mobile FeliCa Multiple Secure Element domain feature described by FeliCa Dude (FeliCa using NFC-B instead of NFC-F). A similar basic architecture with different protocols and issue process will undoubtedly be used for adding digital drivers licenses.
The Privacy question I’ll be very interested to see how ID launches in America this fall. Which outside partner company or companies are providing the service to participating states and running the backend? I suspect it will be something similar to Student ID with Blackboard running the service for participating universities. The biggest security question in my mind is who besides the TSA will use ID in Wallet, and more importantly, how? Some governments and transit agencies are pushing face recognition as a convenience in addition to security. My preference will always be for having my ID on my own Secure Element rather than somebody’s cloud server, an ID that I authorize with my own secure intent.
Wallet UI and usability improvements Wallet App didn’t get the makeover that some users asked for, but there are are a few small improvements. Up to 16 cards can be added in iOS 15, up from 12 in iOS 14. Archived passes and multiple-pass downloads help make Wallet more useable and remove some housekeeping drudgery.
I finally got two WWDC19 Apple Pay Wallet wishes granted: (1) dynamic Wallet cards and (2) region free transit cards. Apple Card does UI things in Wallet no other card is allowed to do. As far as I know this first changed with Disney’s MagicMobile launch on iPhone, Jennifer Bailey calls them “magical moments when you tap to enter.” There are similar low-key card animations in Home key and ID cards. It’s a very small step but I hope Apple adds more over time than just sprinkling seasoning card animations. Done wisely, dynamic cards could improve Wallet usability that convey important card status and account information.
Region free transit cards means that users no longer have to change the iPhone • Apple Watch region setting to add a transit card. In iOS 15 Wallet you get the full list regardless of the region setting. It’s not perfect but it is less confusing than adding a transit card in iOS 14.
Summary The overall reaction to iOS 15 has been somewhat muted but there are lots of new details. Apple Pay Wallet additions for home keys, office key, hotel key and ID build on technologies that have been on the Apple Pay platform for some time but Apple is leveraging them in new ways.
The unveiling of UWB Touchless is important and cutting edge, that might revolutionize secure transactions. The next step not only for car keys but for transit and other services that up to now have been limited to NFC. And this time, unlike NFC, Apple is leading the way for UWB.
The bottom line is that UWB opens up a lot of possibilities for many current NFC based solutions. Expect UWB Touchless support for Wallet cards in the near future that use Express Mode in new ways, and new UWB based features for a much smarter Wallet.
Zones Zones are is one of the exciting aspects of UWB Touchless, where functions are triggered by the simple act of walking towards or away from the car. It will be interesting to see how this is applied to UWB Touchless transit gates.
People think Touchless is a completely new thing for ‘keep smartphone in pocket’ transactions, and they worry about security. You can’t blame them because marketers are selling the in-pocket payment experience. However, Touchless is simply long distance NFC without NFC. All UWB Touchless does is describe the frequency to use Bluetooth instead of NFC. The background stuff, secure element and so on, is exactly the same. This means user interaction is the same. For walking through transit gates and security doors, or unlocking your car, the convenience of Touchless is easy to understand: no more NFC tapping, just keep moving.
What about Express Card payments? The current Apple Pay Suica payment checkout experience: the user taps Suica on a touchscreen, or tells the clerk “Suica” then holds the device to the reader. The user has to give consent before the transaction is activated by checkout staff or the self checkout reader. For Apple Pay EMV transactions users have the extra step of confirming a transaction by Face ID/Touch ID to complete it.
Realistically however, in what situations does Touchless make store checkout more convenient and faster? Drive thru certainly, supermarkets…maybe, but most stores will probably not want to invest in Touchless without a good reason when the NFC readers they already have installed get the job done. There is one more interesting role that Apple has planned for UWB however, one that promises to improve the entire Apple Pay and Wallet experience: communicating with the reader before transaction to select the right Wallet card for the job, at a distance, for a truly smart Wallet app. With national ID cards, passports and more coming to Wallet at some point, UWB could be the Wallet reboot we really need.
And then there is EMVCo. The problems with UWB Touchless for EMVCo are that: (1) Touchless only works with devices with batteries, á la AirTag, and doesn’t work with the current plastic card model, (2) UWB + Bluetooth level the digital playing field with FeliCa and MIFARE, no more ‘real’ vs ‘who cares’ NFC hardware flavors to split hairs over. The plastic card NFC limitation is probably a bitter pill for everybody but especially for EMVCo members and issuers as plastic card issue is big business, and many customers are more comfortable with plastic cards. For those reasons I think EMVCo will be the last to support UWB Touchless, if they do at all. On the plus side Touchless does give digital wallet platforms an edge to create smart aware wallets, digital does NFC and Touchless, plastic only does NFC. We’ll find out about Apple’s UWB Touchless roadmap at WWDC21.
The Apple Pay Octopus launch in June 2020 marked the end of an era of Octopus as the exclusive Hong Kong MTR home grown transit platform, and the start of MTR integrating into China mainland transit fare standards. In August 2020 Octopus Cards Limited announced they would join China T-Union. My take about it and the eventual migration of Octopus from FeliCa to PBOC 2.0, struck a raw nerve and did not go down well with some Hong Kong folk:
Can someone tell the ill-informed, self-centred, attention-seeking blogger to stop spreading fake rumours about octopus ditching FeliCa? Not in this lifetime…The self-proclaimed expert blogger’s been wrong on so many levels I’m amazed people still follow him like religion and never question his fantasy stories. Utterly annoyed by him dropping quotes from people out of context and use them to his benefits.
“We have applied to join the China T-Union, the nationwide one-card payment system led by the Ministry of Transport. That will enable Octopus physical-card holders to pay for public transport fares in mainland China,”…
The service can be upgraded to digital Octopus cards in the phase two development. “The card will be denominated in Hong Kong dollars. Octopus will arrange the currency settlement with the mainland partner,” said Lee.
A one-card nationwide payment system eh? Sounds like an plug for China T-Union instead of an Octopus presser. Phase 1 is a physical dual mode Octopus card that appears to be 2 separate chips (PBOC and FeliCa) in one card with a common HKD ePurse. This is novel as Greater Bay Area dual mode cards up to now used separate ePurses for each currency. It’s also complicated because mainland transit operators have to do the currency conversion. A digital wallet version is phase 2. The elimination of FeliCa on the Hong Kong side will be the final phase, though that depends on the Ministry of Transport removing the current PBOC restriction that limits it to transit use and T-Union branding issue, or Octopus coming up with something else. We shall see.
On the mobile side Hong Kong iPhone users already have a dual mode Wallet option to add China T-Union cards if they have a China UnionPay credit or debit card. It’s not dual mode on one card and there is an Express Transit issue when turning on a China T-Union card turns off Express Transit for Octopus, but it works.
On the transit gate side it will be interesting to see what design MTR uses for multiple protocol open-loop. NFC requires the reader side to specify the NFC protocol used for the transaction. This is a not a problem at store checkout, but how does the user specify the transaction protocol on transit gates? Answer: by tapping different readers. Perhaps the new MTR gates will host a NFC-A reader (EMV and PBOC), a NFC-F reader (FeliCa) in addition to the already separate QR reader? And if those Touchless UWB rumors are true, UWB and Bluetooth could be joining the MTR next generation gate party. One thing for sure, transitions are messy, and expensive.
One of the great tragedies of the NYC MTA is that it’s a too-much-public-not-enough-private transit cash pipe with too much exposure to local NY politics. NYT has a wonderful video on YouTube that explains the critical MTA flaw: politicians cleverly borrow against the MTA cash pipe for pork barrel projects that have little or nothing to do with MTA, but leave it highly leveraged and helpless to fix it’s own problems or invest in infrastructure.
Think of what MTA could really do if it was effectively protected from political interference, with full control of its own money and a Suica-like transit+payment empire, free to use the float of all those MetroCards soon to be OMNY transit cards.
One of the many things never discussed about open loop is who uses the float, but banks hold the money until the user account is settled with the transit company and they take a cut of the fare. It doesn’t take much imagination to see why banks and credit card companies reallylike promoting open loop.
Closed loop Japanese transit companies don’t talk about the float either but Japan IC Transit cards are like micro bank accounts with unused e-money balance and plastic card deposits sitting in all those Suica, PASMO, ICOCOA, manaca, etc. Japanese transit companies love to put all those micro bank accounts to work earning interest.
Japanese transit companies and Hong Kong Octopus have built those micro bank account transit cards into a very nice transit payment platform business that combines transit, payments and other services attached to the card which means there’s a lot more stored fare floating around than plain old transit-only cards. The addition of digital wallets like Apple Pay Suica and Apple Pay Octopus means there’s ever more e-money moving through those cards with short term parking…more float for transit companies to earn interest.
It’s a wonder why more transit companies haven’t followed the transit payment platform model to capture more business in the digital wallet era, but it’s testament to how little control they have over their own business destiny. Next time when you hear the praises of open loop over closed loop, remember to think about who’s floating in that business arrangement…and who’s not.