iOS 14 Apple Pay: going the distance with Ultra Wide Band Touchless and QR

It’s that time of year again to look into the WWDC crystal ball and see what changes might be in store for iOS 14 Apple Pay. 2019 was an exciting year with the important Core NFC Read-Write additions for ISO 7816, ISO 15693, FeliCa, and MIFARE tags. Since then we’ve seen iOS apps add support for contactless passports, drivers licenses, retail and manufacturer vicinity NFC tags, transit ticketing, badging, and more. Some expectations ended up on the cutting room floor. The NFC tag Apple Pay feature that Jennifer Bailey showed back in May 2019 has yet to appear. Apple Pay Ventra and Octopus transit services slated for 2019 and iOS 13 failed to launch, as of this writing, still delayed.

Predicting anything in 2020 is a dangerous business because of the COVID-19 crisis. iPhone 12 might be delayed, iOS 14 might be delayed…all plans are up in the air. Some developments are clear, but timing is opaque. What follows is based on: 1) NTT Docomo announcement of Ultra Wideband (UWB) ‘Touchless’ Mobile FeliCa additions and JR East developing UWB Touchless transit gates, 2) CarKey and the Car Connectivity Consortium Digital Key 3.0 spec, 3) Mac 9to5 reports of AliPay coming to iOS 14 Apple Pay,

Going the distance
The NFC standard has been around a long time, long before smartphones, conceived when everything was built around close proximity read write physical IC cards. The standards have served us very well. So why are NTT Docomo and Sony (Mobile FeliCa) and NXP (MIFARE) adding Ultra Wide Band into the mix?

Ultra Wide Band delivers touchless: a hands free keep smartphone in pocket experience for unlocking a car door, walking through a transit gate or paying for takeout while sitting in the drive thru. Ultra Wide Band delivers distance with accuracy, doing away with “you’re holding it wrong” close proximity target hit areas necessary when using NFC. Hands free door access and transit gate access works just by walking up to it. As Junya Suzuki pointed out recently, UWB is passive compared to the active NFC ‘touch to the reader’ gesture and will live on smartphones, not on plastic cards. Those will remain limited to NFC.

Secure Element evolution and digital key sharing
The addition of UWB however means that the secure element, where transaction keys are kept and perform their magic, has to change. Up until now the secure element worked hand in glove with the NFC controller to make sure communications between the reader are secure and encrypted. For this reason embedded secure elements (eSE) usually reside on the NFC controller chip.

Apple chose to put the Apple Pay eSE in their own A/S series chips. The result gives Apple more control and flexibility, such as the ability to update secure element applets and implement features like global NFC. The addition of UWB in FeliCa and MIFARE means both smartphone and readers need the new hardware and software. Apple already has UWB U1 chip on iPhone 11, Mobile FeliCa software support could be coming with the next generation ‘Super Suica’ release in the spring of 2021.

Recent screen images of a CarKey card in Wallet

The arrival of UWB signals another change in the Secure Element as shown in middle CarKey screen image: digital key sharing via the cloud. Mobile FeliCa Digital key sharing with FeliCa cards and devices was demonstrated at the Docomo Open House in January, also explained in the Car Connectivity Consortium (CCR) Digital Key White Paper. An interesting aspect of the CCR Digital Key architecture is the platform neutrality, any Secure Element provider (FeliCa, MIFARE, etc.) can plug into it. Calypso could join the party but I don’t see EMV moving to add UWB.

Diagram from Car Connectivity Consortium (CCR) Digital Key White Paper

The QR Code Equation
There is another possible eSE change for Apple Pay. A few weeks ago a reader asked for some thoughts regarding the AliPay on iOS 14 Apple Pay rumor with a link to some screen/mockup images on the LIHKG site. Before getting to that it’s helpful to review the key Apple Pay Wallet features for payment cards: 1) Direct Face/Touch ID authentication and payment at the reader, 2) Device contained transactions without a network connection, 3) Ability to set a main card for Apple Pay

The images suggest a possible scenario for implementing AliPay in iOS 14 Apple Pay:

  • AliPay has a PassKit API method to add a ‘QR Card’ to Wallet.
  • Wallet QR Card set as the main card is directly invoked with a side button double-click for Face/Touch ID authentication and dynamic QR Code payment generation in Apple Pay.
  • Direct static QR Code reads with Apple Pay payment.

If Apple is adding AliPay to the ranks of top tier Wallet payment cards, they have to provide a way in. The new “PKSecureElementPass” PassKit framework addition in iOS 13.4 could be just that. Instead of PassKit NFC Certificates, the addition suggests a Secure Element Pass/certificate. The burning question here: does AliPay have a Secure Element Java Card applet to perform transactions without a network connection? If so, we have QR Wallet payment cards. Direct Apple Pay Wallet QR integration would open up things for 3rd party (non bank) payment players. QR integration might also help Apple skirt NFC monopoly allegations that got Apple Pay in trouble the Swiss government.

Dual Mode and flexible front ends
The addition of QR and UWB with NFC for payments opens up a long term possibility suggested by Toyota Wallet. The current app lets the user attach a QR code app payment method and/or a NFC Wallet payment method to an account. It’s intriguing but clunky. Wallet QR Payment support would allow Toyota Wallet to move the entire payment front end to Wallet and let the user choose add either one or both.

It’s the latter that interests me most. Instead of having separate NFC and QR payment cards from the same issuer for the same account, I’d much rather have one adaptive Wallet card that smartly uses the appropriate protocol, QR, NFC, UWB for the payment at hand. This is what smart wallets should do. Let’s hope Apple Pay Wallet makes it there someday.

Advertisements

Mobile PASMO Q&A

What is Mobile PASMO?
Mobile PASMO is an app service, identical to Mobile Suica, for Android v6 Osaifu Keitai devices or later. Users can recharge a virtual PASMO card on the device with a registered credit card, purchase or renew commute plans, view use history, restore the PASMO card from the cloud in case of a lost device, PASMO bus transit users can also earn ‘Bus Toku’ points. Mobile PASMO launched March 18. Details are listed on the Mobile PASMO site (Japanese only).

Is it compatible with Google Pay? (Updated)
Not at this time. Users need to be careful: active Google Pay can block Mobile PASMO transactions. Bank cards are limited to Mobile PASMO app registered credit cards: American Express, JCB, Mastercard, Visa. Credit card registration is processed by PASMO and seems to be the weakest part of the system where users are experiencing the most trouble (the rest of the system appears to be licensed Mobile Suica IT assets). Only Japanese issue cards are accepted.

Is the Mobile PASMO app multi-lingual? (Updated)
Everything is Japanese language only. Android users can download the Mobile PASMO app on Google Play.

Can I use Mobile Suica and Mobile PASMO on the same device? (Updated)
Only 6 recent Osaifu Keitai Type 1 devices support multiple transit card installs. On older Type 2 devices you can only install one and have to choose. As FeliCa Dude explains in his excellent Reddit post, “Mobile PASMO: the “me-too” that’s all about them, and not you” the Mobile FeliCa Android stack on older FeliCa chip devices isn’t like Apple Pay and does not support multiple transit cards or the ability to select one for Express Transit. Type 1 devices updated to Osaifu Ketai 8.2.1 can set one (and only one) ‘main card’ for Express Transit use, with Mobile Suica and Mobile PASMO on the same device. Here is a full device list of Type 1 (Mobile Suica and Mobile PASMO), Type 2 (Mobile Suica or Mobile PASMO), Type 3 (Mobile Suica).

I have a Mobile PASMO capable Type 2 device, which mobile transit service should I use?
It all comes down to commuter pass use, if you live in the Suica/PASMO region and use a JR East line on any part of your commute, Mobile Suica gives you the most options. If you do not use a JR East line as part of your commute, Mobile PASMO is the natural choice.

Will Mobile PASMO be coming to Apple Pay? (Updated)
iOS 13.4 has some indications that Mobile PASMO might be coming at some point. Mobile PASMO uses licensed Mobile Suica assets and technology, the backend is very similar with a different operator. Apple Pay Wallet does have the ability to host multiple transit cards and select one for Express Transit. In theory a user could have a Suica and a PASMO together in Wallet. We’ll have to wait and see if the PASMO group has enough cloud resources to plug into Apple Pay/Google Pay and how willing they are to deal with non-JP issue credit cards.

Isn’t next generation ‘2 cards in 1’ Suica supposed to fix this? (Updated)
Mobile PASMO throws cold water on the one big happy mobile transit family concept of next generation Suica: sharing resources instead of “me too” fiefdoms. Even if the new card architecture fixes all the current shortcomings, which it is supposed to do, nothing can fix the selfish mindset of transit companies who refuse to cooperate. As FeliCa Dude points out, Mobile PASMO is a boondoggle, the result of JR East and PASMO Association failing to cooperate and mutually host commute plans. I suspect that auto-charge transit company premium branded credit cards are getting in the way. Japanese transit companies need to put aside old grudges and cooperate intelligently to get all transit players on mobile as fast as possible. Everybody loses out if they do not.

UPDATE: Japanese programmers digging into Mobile PASMO details find that PASMO licensed Mobile Suica IT assets for Mobile PASMO service. This makes a lot of sense and is an encouraging sign that Mobile Suica cloud resources can be licensed to host other transit IC cards for mobile (ICOCA, TOICA, manaca, etc.).

UPDATE 2: Junya Suzuki posted an article with more Mobile PASMO system details. One leading company in the PASMO Association (Tobu, Keio or Odakyu) licensed Mobile Suica assets and technology from JR East. Cut and paste IT. As said above, this is encouraging because other transit companies (JR West, JR Central et al) can license Mobile Suica assets and park it on whatever cloud service they want: AWS, Azure, NTT Data and so on. Mobile plumbing for connecting Apple Pay and Google Pay is already in place.

Mandatory Suica App update on March 14

As predicted, a new version of Suica App is coming in tandem with the new JR East Shinkansen eTicket service launch on March 14. Suica App users must update to v2.6 by March 18, after that date older versions can no longer login to Mobile Suica.

A new Eki-net app that supports the new eTicket service should be coming at the same time. The old Suica App Shinkansen eTicket service ends March 13.

Smartphone payments grow with Japan CASHLESS Rebate program

Good news: Japanese consumers are using less cash and more cashless payments. The winners are smartphone contactless apps like Mobile Suica (NFC) and PayPay (QR) which saw use rates grow from 16.4% to 28.6% in the August 2019 to January 2020 period. The CASHLESS Rebate program has clearly lifted all cashless methods which it was designed to do. The bad news? We have no idea where the economy is going in the coronavirus crisis with the Tokyo Olympics in the balance.

The new cashless payments market report from Mobile Marketing Data Labo (MMD) has a few other interesting tidbits. Apple Pay Suica is the most used payment method on iPhone followed closely by PayPay, convenience store purchases are nearly 80%.

The growth of smartphone payments makes sense because it’s one the easiest ways for users to enjoy the benefits of the CASHLESS Rebate program with multiple payment choices, and most convenience stores offer an instant 2% rebate for cashless purchases. The next challenge is how cashless payment trends play out after the rebate program ends June 30.