iOS 15 Apple Pay Wallet: the Express Mode difference

Express Transit Suica ruins the Apple Pay experience for using anything else. You want Apple Pay to work that way everywhere but it doesn’t. Most of the time we trudge along using Apple Pay Wallet with face mask Face ID authorization, although the Apple Pay experience on Apple Watch is a big improvement as well as being a trusted device for secure intent.

iPhone users in America are finally getting a taste of Express Transit en masse with the rollouts of Apple Pay for SmarTrip, TAP, Ventra and Clipper. Apple recently rebranded Express Transit as Express Mode on their new Wallet webpage (in Japanese it’s called Express Card). The branding change may seem trivial but it has bigger implications because for first time users of new Wallet services in iOS 15, Express Mode goes places that Express Transit cannot: digital keys and digital ID.

These functions are not new of course, Express Transit cards and Student ID cards have been opening transit gates and doors these past few years. But Express Mode is for everyone and personal: your keys and badge to unlock your home door, unlock and start your car and get you into the office. With these refinements and additions it’s safe to say that iOS 15 Wallet finally delivers the digital wallet dream people have been talking about since 2010. Wallet can replace your wallet.

What’s new
Last year I covered ‘coming soon’ Ultra Wideband Touchless and Code Payment (codeword Aquaman) Wallet developments. The Code Payments feature is still waiting in the wings. Steve Moser kindly confirmed that Aquaman code references are alive and well in iOS 15 with minor changes but this post will focus on announced features. In the WWDC21 Keynote Apple Pay section Jennifer Bailey announced keys and ID. The Wallet features you get from the ones listed on the iOS 15 preview page depend on the device:

Car keys with Ultra Wideband support (shareable)
iPhones and Apple Watches equipped with U1 chip* (iPhone 11 and later, Apple Watch 6)

Car keys without Ultra Wideband support (sharable)
Home keys (shareable)

iPhone XS • Apple Watch 5 and later*

Office key
Hotel key

Apple Watch is not listed: “Device requirements may vary by hotel and workplace.”

ID in Wallet
iOS 15 devices
watchOS 8 devices (the fine print: Not all features are available on all devices)

None of the new features will be available when iOS 15 launches. Expect them with the iOS 15.1 update or later. NFC Car keys launched on iOS 13 and iOS 14 in 2020.

The A12 Bionic • iPhone XS and later requirement for Wallet keys is easy to understand: Express Cards with power reserve. It is vital that people can unlock car and home doors even when their iPhone battery is out of juice. Up to 5 hours of power reserve makes a huge difference, but only for iPhone. *Apple Watch supports Express Mode but not power reserve.

The bigger story is UWB because it is new technology that works with the Secure Element to create a whole new experience. Up to now the Secure Element was exclusively NFC. Not anymore, the Car Connection Consortium (CCC) Digital Key 3.0 specification “maintains support for NFC technology as a mandatory back-up solution.” Digital car key is first and foremost a UWB solution with NFC relegated to the back seat.

UWB connectivity adds hands-free, location-aware keyless access and location-aware features for an improved user-friendly experience…

3.0 addresses security and usability by authenticating the Digital Key between a vehicle and the mobile device over Bluetooth Low Energy and then establishing a secure ranging session with UWB, which allows the vehicle to perform secure and accurate distance measurement to localize the mobile device.

Car Connectivity Consortium Delivers Digital Key Release 3.0 Specification

NTT Docomo and Sony demonstrated UWB car keys in action last January running on Android Osaifu Keitai hardware. Sony (FeliCa) and NXP (MIFARE and UWB chipsets) have worked closely to extend both FeliCa and MIFARE into the UWB Touchless era. The CCC Digital Key specification is open to any Secure Element provider. UWB + Bluetooth Low Energy (BLE) is simply another radio communication layer in addition to NFC.

Diagram from Car Connectivity Consortium (CCR) Digital Key 2.0 White Paper, the recently released 3.0 spec adds UWB
Mobile FeliCa UWB Touchless diagram from NTT Docomo, NXP MIFARE works exactly the same way

This is significant as it opens up UWB to anything that currently uses the Secure Element and NFC. Apple has not spelled it out but suggest UWB might work with Home keys and there is no reason UWB cannot work with all keys, transit cards and Student ID. The WWDC2021 session video Explore UWB-based car keys is a great introduction and highly recommended viewing if you have any interest in the subject. The session is a bit unusual in that the discussion covers RF hardware and performance design more than software. It feels like the target audience is car manufacturers. There is a lot of detail to get lost in but here are some simple but essential points:


Secure Element improvements: the SE has always used unique keys for mutual authentication, this has been extended with ranging key deviation

Secure communication at a distance: UWB and BLE identifier randomization with secure ranging is an important security feature as UWB Touchless works over much greater distances than NFC reader tapping

Zones: the precise motion and positioning tracking of a paired UWB device with a unique key allows for ‘passive entry’ action zones, walking towards the car unlocks it, walking away locks it, etc. without any other user interaction

RF transceiver and antenna system design: is a deep and difficult art that echos the Suica creation story

JR East (Suica) and Hong Kong MTR (Octopus) have both said they are developing transit gates that incorporate UWB. This makes sense as Mobile FeliCa is now UWB savvy but after watching the WWDC21 session video I can only marvel at the complexity of the big picture because UWB is about mapping and using space and movement to perform an operation.

The engineers face countless problems and challenges to juggle in their quest to build a transit gate that delivers the same FeliCa NFC speed and reliability with UWB…at rush hour. They have to consider radiation patters, system latency and processing power, localization algorithms and much more. If they achieve their stated goal, 2023 could be a banner year for transit.

ID in Wallet
Lots of people are excited about the possibility of adding a digital driver’s license to Wallet but as 9to5 Mac’s Chance Miller wrote, we don’t know much about about it at this point. Actually in Japan we do. The Ministry of Internal Affairs and Communications (MIC) released an English PDF: First Summary Toward the Realization of Electronic Certificates for Smartphones with a diagram that explains their digital ID system architecture. MIC remarked back in November 2020 that they are in discussions with Apple to bring the digital My Number ID card architecture to Wallet. The Android version is due to launch in 2023 and will likely employ the Mobile FeliCa Multiple Secure Element domain feature described by FeliCa Dude (FeliCa using NFC-B instead of NFC-F). A similar basic architecture with different protocols and issue process will undoubtedly be used for adding digital drivers licenses.

The Privacy question
I’ll be very interested to see how ID launches in America this fall. Which outside partner company or companies are providing the service to participating states and running the backend? I suspect it will be something similar to Student ID with Blackboard running the service for participating universities. The biggest security question in my mind is who besides the TSA will use ID in Wallet, and more importantly, how? Some governments and transit agencies are pushing face recognition as a convenience in addition to security. My preference will always be for having my ID on my own Secure Element rather than somebody’s cloud server, an ID that I authorize with my own secure intent.

Wallet UI and usability improvements
Wallet App didn’t get the makeover that some users asked for, but there are are a few small improvements. Up to 16 cards can be added in iOS 15, up from 12 in iOS 14. Archived passes and multiple-pass downloads help make Wallet more useable and remove some housekeeping drudgery.

I finally got two WWDC19 Apple Pay Wallet wishes granted: (1) dynamic Wallet cards and (2) region free transit cards. Apple Card does UI things in Wallet no other card is allowed to do. As far as I know this first changed with Disney’s MagicMobile launch on iPhone, Jennifer Bailey calls them “magical moments when you tap to enter.” There are similar low-key card animations in Home key and ID cards. It’s a very small step but I hope Apple adds more over time than just sprinkling seasoning card animations. Done wisely, dynamic cards could improve Wallet usability that convey important card status and account information.

Wallet card animations are slowly making their way into the picture, but will they ever be more than silly pretty fun?

Region free transit cards means that users no longer have to change the iPhone • Apple Watch region setting to add a transit card. In iOS 15 Wallet you get the full list regardless of the region setting. It’s not perfect but it is less confusing than adding a transit card in iOS 14.

Summary
The overall reaction to iOS 15 has been somewhat muted but there are lots of new details. Apple Pay Wallet additions for home keys, office key, hotel key and ID build on technologies that have been on the Apple Pay platform for some time but Apple is leveraging them in new ways.

The unveiling of UWB Touchless is important and cutting edge, that might revolutionize secure transactions. The next step not only for car keys but for transit and other services that up to now have been limited to NFC. And this time, unlike NFC, Apple is leading the way for UWB.

The bottom line is that UWB opens up a lot of possibilities for many current NFC based solutions. Expect UWB Touchless support for Wallet cards in the near future that use Express Mode in new ways, and new UWB based features for a much smarter Wallet.


UWB Gallery
Screenshots from the Explore UWB-based car keys session video

Zones
Zones are is one of the exciting aspects of UWB Touchless, where functions are triggered by the simple act of walking towards or away from the car. It will be interesting to see how this is applied to UWB Touchless transit gates.

Space and movement: the UWB process

Last but not least, Power Reserve mode now supports Find My Network

Instant issue for Apple Pay Edy, nanaco, WAON?

A fun mockup of Wallet add card options for Edy, nanaco, WAON that will probably never happen. If they come it will be digital issue via apps.

Now that VISA JP finally signed with Apple Pay, what about the last holdouts: Edy, nanaco and WAON? These have been on Google Pay for some time but like all things Google Pay Japan, it is courtesy of Osaifu Keitai rather than native Google support. Apple was smart to go for Suica first, then PASMO (which has yet to appear on Google Pay) but it’s time to complete the Apple Pay Japan lineup.

Google Pay Japan has 2 basic categories for adding cards: EMV bank payment cards (AMEX, JCB, mastercard, VISA) and Japanese eMoney cards (Suica, Edy, nanaco, WAON, iD, QUICPay). In other words, Google Pay arranges cards by NFC flavor. This is because many Android devices sold outside of Japan don’t include FeliCa even though they have the hardware to do so. Google Pixel 5 for example has Mobile FeliCa installed on every single device it sells, but only activates it for Japanese models. Perhaps this will change with Pixel 6, we will see.

Apple Pay doesn’t make a distinction between NFC flavors, just one global NFC. No EMV or FeliCa bank payment cards, just payment cards, period. Apple also encourages Japanese bank card issuers to use the NFC switching and dual mode features of iOS and watchOS Wallet for seamless use on any payment reader in Japan or abroad. The same thing applies to Wallet transit cards. Wallet can have multiple Express Transit cards and juggle between FeliCa (Suica, Octopus, PASMO) MIFARE (SmarTrip, Clipper, TAP) and PBOC (China T-Union cards).

So what is the Wallet category for non-transit stored value prepaid payment cards? I have no idea but for this exercise I’ll use eMoney (電子マネー). Apple Pay has everything in place to flip the switch since 2016, what’s the holdup? There’s a big problem using the Suica add card Wallet process for eMoney cards. This problem is on full display with Google Pay WAON: the user has to create an WAON account in Google Pay to add it. Worse, if the user deletes the WAON card they loose the Google Pay created WAON ID and card balance.

I don’t think Apple wants this ‘create an account’ nightmare scenario in Apple Pay, that’s what apps are for. Fortunately we have a growing collection of ‘instant issue’ apps for adding cards to Wallet and digital issue only is quickly becoming standard for Apple Pay Japan debit/prepaid cards: kyash, Minna no Ginko, Toyota Wallet, etc. The digital issue app model is perfect for Edy, nanaco and WAON who want to be collecting accounts instead of selling plastic prepaid cards. They already have iOS apps. Leave the account creation and management drudgery in the app so users curse the app instead of Apple Pay. Once done the user taps ‘Add to Wallet’ and presto, instant WAON all ready to go with direct Wallet recharge. Other bonuses: (1) instant issue apps eliminate ‘I wanna transfer my plastic card to Wallet’ overhead, (2) if anything goes wrong and the balance is lost, it’s the fault of the app, not Apple Pay. Keeping things simple and streamlined is key for a good Apple Pay user experience, one more Wallet reboot challenge for iOS 15.

Japan mobile payment survey results

I gave the Twitter survey function a workout and asked 2 questions:

  • Which Japanese mobile payment do you use most?
  • Which Japanese reward points do you use most?

The results are not surprising but come with many caveats: the survey sampling was puny, in English and pretty much limited to a small group of Twitter followers, which means they are pretty much already invested in Mobile Suica. Also it is important to remember that mobile payment use profiles in Japan are highly regional, what’s convenient in Tokyo isn’t necessarily convenient in other areas. That said, there are some interesting and fun takeaways.

Japanese mobile payment takeaways and feedback

  • The 55% Suica/PASMO figure expresses the power of Apple Pay Express Transit (and similar for Osaifu Keitai) for store purchases in the COVID induced face mask era without the hassle of Face ID. It’s important to remember that the ballyhooed Unlock with Apple Watch Face ID feature introduced with iOS 14.5 is useless for Apple Pay authorization. Remember too that Mobile Suica has good support on wearables: Apple Watch, Garmin, fitbit, etc., the widest mobile payment platform in Japan.
  • Despite the heavy marketing VISA Touch from VISA Japan, the majority of users have been using Apple Pay and Osaifu Keitai for iD and QUICPay, etc. I suspect EMV ‘Touch’ (Visa, MC, AMEX, JCB) probably appeals more to plastic card users as VISA is pushing EMV only plastic cards vs. digital wallet dual mode Apple Pay.
  • QR Code payment apps (PayPay, dBarai, LinePay, etc.) are not as popular as you might think and are probably feeling the pain of recent bank account linking security problems, and the recent revelations of user transaction records being stored outside of Japan.

Changes quite a lot. Recently using EMV touch a lot because of SMCC 15% back campaign and Amex 20% at FamilyMart. Otherwise probably a little bit of everything just to get maximum reward. (Tokyo)

I don’t ride trains so I have no real use for Suica. Using it to pay in shops is too much of a PITA since you have to constantly recharge it. (Kagoshima, note that Suica Auto-charge only works in JR East transit region)

I do iD for the point rewards (none in JP CC recharge of Suica) otherwise Express Transit is perfect. (Tokyo)

Mostly Suica (via Garmin Pay), but I’ve been using au Pay (QR or barcode) a lot more recently. (Hiroshima)

Japanese reward point takeaway
Results are complicated. Twitter surveys are limited to 4 choices, I lumped the Japanese carrier reward point systems for docomo, au and SoftBank (dPoint, au•PONTA, T-POINT) into one category, the top choice at 43%. However if we break down the carrier number by carrier marketshare ratio we get the following:

  1. 21% JRE POINT
  2. 28% Rakuten POINT
  3. 19% dPOINT
  4. 14% au•PONTA POINT
  5. 10% T-POINT
  6. 8% V POINT

The key takeaway for reward points is the power of the Rakuten ‘Economic Zone’, i.e. where all the Rakuten pieces including shopping, banking/credit card/payments, transit (Rakuten Suica), mobile, stock trading, travel, etc., are glued together by Rakuten POINT and feed off each other. The Rakuten Economic Zone is the model that others will have to successfully emulate if they are going to be serious long term competitors. NTT docomo announced a tie-up with MUFG this month, the digital banking wars are just getting started.

Mobile Suica foreign VISA card processing changes with the Apple Pay VISA JP agreement

Foreign issue VISA card holders using Apple Pay Suica beware, you might be in for a rude surprise when you get the monthly statement. A reader sent some very interesting information:

JR East started processing these Visa transactions differently on foreign cards. Previously, these were processed as ‘SUICA MOBILE PAYMENT’ and the merchant category was passenger railways (travel). Since around May 11 or 12, these are now processed as ‘MOBILE SUICA APPLE V’ and the merchant category is catalog merchants (shopping). This is an unfortunate change as the merchant category change from travel to shopping downgrades the points earning capability on several American cards (eg. from 3x points on the Chase Sapphire Reserve to 1x).

Chase Sapphire Reserve has been a popular choice for Apple Pay Suica recharge because of the 3x rewards. The VISA JP Apple Pay agreement has changed how foreign issue VISA brand card payments made with Apple Pay in Japan are processed obviously, but the merchant category change from railways/travel to catalog/online shopping is a mystery. JR East or VISA JP? On the surface JR East as they are the merchant but why this and why now? Another backend change: JR East is starting 3-D Secure credit card checks in iOS Suica App and Mobile Suica (Android) from May 26.

I do not know if Apple Pay PASMO is in the same boat but suspect so. Foreign issue VISA holders may want to consider using a different credit card for Suica recharge for the best reward points. There are too many reward point differences to make any definitive recommendation. The best long term strategy is to examine your spending patterns and select a JP issue card that fits your needs. Reward point empires to consider: JRE POINT (BIC CAMERA View), Rakuten POINT (Rakuten Card) and V POINT (SMBC Numberless Instant issue).

I will update this post as more information comes in, reader feedback is appreciated.

Update: Good news: a reader reports Apple Pay PASMO recharge still codes as travel for Chase Sapphire VISA 3x travel points. Reader and user comments:

I setup Pasmo in Apple Pay and ran a test transaction with my Chase Sapphire Reserve.  Good news, Pasmo is being processed differently and coding as passenger railways (travel).

I also noticed JRE’s category change for GooglePay Suica a few months ago.

With US credit cards, the Chase Sapphire Reserve (CSR) and the Chase Business Ink Preferred both had 3x points on Travel. If you had used them to charge your Suica via Apple Pay or Google Pay, the charge would show up as ‘travel’ or ‘jr east’. So you were effectively earning 3% cashback (technically more with the multiplier of 1.25 or 1.5 based on the card). The wonderful thing was that you could pay for almost everything in daily life with Google or Apple pay here in Japan. It does seem this has changed. I dropped my CSR a while ago – now it is time to let my Ink go too.

Is it possible to move Suica to a different iCloud account?

asking for a friend but is there a way to remove a PASMO from one iCloud account, and move it over to a different iCloud account? My friend is a bit of an idiot and noob with iPhones.

This is a tricky question and even if possible, why bother? Most people would just add a new Suica•PASMO to iPhone which is very easy to do. Up until the big Mobile Suica reset on March 21 it wasn’t possible to migrate the Suica card anywhere else except a different device with same iCloud account. However, it is now possible to move the same Mobile Suica card between Android and iOS. PASMO doesn’t allow this yet because Mobile PASMO hasn’t received the same backend upgrade. If we were assigning version numbers Mobile Suica would be v2.0, Mobile PASMO would be v1.5. In Mobile Suica 2.0 the card ID, the Mobile Suica account email used for system ID, is independent of Apple Pay and Google Pay systems. Let’s take a look at how it might work.

Here is the Mobile Suica transfer path going from iOS to Android.

  • Requirements: Mobile Suica account, ID registered email and PW, latest versions of Suica App (iOS) and Mobile Suica App (Android) installed on both devices.
  • Step 1: remove Suica from Wallet on iPhone (this parks the Suica card on the Mobile Suica cloud server)
  • Step 2: on the Android device launch Mobile Suica and sign in with the same ID and PW
  • Step 3: follow the screen prompts to add the Suica card from the server to the device

One of the interesting points about Android is that the receiving device must have a valid SIM inserted, otherwise Suica will not transfer. In theory here is how the process might work going between different iCloud account devices:

  • Requirements: Mobile Suica account, ID registered email and PW, Suica App 3.0.3 or later (iOS) installed on both devices.
  • Step 1: remove Suica from Wallet on iCloud A device, sign out of Suica App or delete the app, restart device
  • Step 2: on the iCloud B device launch launch Suica App, tap [機種変更] (Transfer from Android) and sign in with the same ID and PW
  • Step 3: Tap [+], and (if the theory is correct), you should see the Suica card with balance on the server, add to Wallet

Remember this may not work as it is not officially supported by JR East, for security reasons, and I have no way to test confirm if this works or not. Even in the worst case that is does not work you still have the Suica card attached to the iCloud account. And remember, it’s very easy to add Suica and PASMO to any iPhone 8 and later or Apple Watch Series 3 and later.