What does open Apple NFC really mean?

The German law to force Apple to open it’s “NFC chip” is a confusing one. Why does an EU country with one of the lowest cashless usage rates single out one company’s NFC product in a last minute rider to an anti-money laundering bill? That’s not banking policy, it is politics. Details are few but let’s take a look at what it could mean because when it comes to NFC technology, details are everything.

Background stuff
The so called Apple ‘NFC chip’ is not a chip at all but a hardware/software sandwich. The Apple Pay ecosystem as described in iOS Security 12.3 is composed of: Secure Element, NFC Controller, Wallet, Secure Enclave and Apple Pay Servers. On one end is the NFC chip controller front end that handles NFC A-B-F communication but does not process transactions, on the other end there is the Secure Enclave that oversees things by authorizing transactions. The fun stuff happens in the Secure Element middle where the EMV/FeliCa/MIFARE/PBOC transaction technologies perform their magic with Java Card applets.

The A/S Series Secure Enclave and Secure Element are the black box areas of Apple Pay. The iOS Security 12.3 documentation suggests the Secure Element is a separate chip, but Apple’s custom implementation of the FeliCa Secure Element, and the apparent ability of Apple to update Secure Element applets to support new services like MIFARE in iOS 12 suggests something else, but it is anybody’s guess. Apple would like to keep it that way.

So what does ‘open NFC’ really mean?
It’s helpful to look at the issue from the 3 NFC modes: Card Emulation, Read/Write, Peer to Peer.

Peer to Peer
Apple has never used NFC Peer to Peer and I don’t think this is a consideration in the ‘open NFC’ debate.

Read/Write
This was a limitation up until iOS 12, but everything changed when iOS 13 Core NFC gained Read/Write support for NDEF, FeliCa, MIFARE, ISO 7816 and ISO 15693. Developers can do all the NFC Read/Write operations they want to in their apps, I don’t think this is a consideration in the ‘open NFC’ debate.

Card Emulation
Apple limits NFC Card Emulation to Apple Pay Wallet with NDA PASSKit NFC Certificates. This is what the ‘open NFC’ debate is all about. I imagine that German banks and other players want to bypass the PASSKit NFC Certificate controlled Apple Pay ecosystem. Instead, they want open access to the parts they want, like Secure Element, NFC Controller, Secure Enclave, and ignore the parts they don’t want like Wallet and Apple Pay Servers. They want the right to pick and choose.

The success of Apple Pay has been founded on the ease of use and high level of integration from a massive investment in the A/S Series Secure Enclave and other in-house implementations such as global FeliCa, etc. Outside players forcing Apple to open up the Apple Pay ecosystem represent not only a security risk to Apple but also a reduced return on investment. One commentator on MacRumors said it’s like Apple took the time and expense to build a first class restaurant and outsiders are demanding the right to use Apple’s kitchen to cook their own food to serve their own customers in Apple’s restaurant. It’s a fair analogy.

The NDA PASSKit NFC Certificate gate entrance rubs bank players the wrong way as they are used to giving terms, not accepting them. The Swiss TWINT banking and payment app for example is a QR Code based Wallet replacement that wanted the ability to switch NFC off, and got it.

My own WWDC19 Apple Pay Wish List did include a wish for easier NFC Card Emulation, but nothing appeared. It’s certainly in Apple’s best interest to make it as easy as possible for 3rd party developers to add reward cards, passes, ID cards, transit cards, etc. to Wallet. However given that the EU is hardly what I call a level playing field, the fact that bank players and politics go hand in hand in every nation, and the fact we don’t know the technical details of what the German law is asking Apple to do, all we can do is guess. In general, I think Europe will be a long rough ride for Apple Pay. At least until EU bank players get deals they are happy with.

Advertisements

No global NFC evolution for Pixel 4?

iFixit posted a teardown of the Pixel 4 and we have a new NFC chip: STMicroelectronics ST54J NFC controller. This replaces the NXP PN81 used in Pixel 3 but still has a embedded secure element (eSE) that supports all the global NFC technologies: NFC A-B-F/EMV/FeliCa/MIFARE.

NFC Forum device certification requires NFC A-B-F hardware support, but Google went the cheap route again with the extra step of not installing FeliCa transaction keys in non-JP Pixel 4 models. This means only Pixel JP models are global NFC devices, users with non JP models cannot add and use the Japanese Suica transit card or Hong Kong Octopus. iPhone and Apple Watch have global NFC as a standard feature on all worldwide models since iPhone 8/X and Apple Watch Series 3.

Pixel 3 was step towards global NFC with the Japanese models. The Pixel 3 Global NFC Evolution post examined the possibility of Google creating their own ‘in house’ embedded secure element (eSE) for all NFC transactions technologies implemented on their own Secure Enclave Pixel platform. I was wrong and made some bad assumptions:

  • Apple was already doing global NFC transactions on the A/S Series Secure Enclave, so Google would try to do the same with their Titan chip.
  • The Pixel Phone hardware page states: if you purchased your Pixel 4, 3a or 3 phone in Japan, a FeliCa chip is located in the same area as the NFC. The wording suggests a separate FeliCa chip for JP Pixel models but this is not the case.

FeliCa Dude was very considerate of my Pixel global NFC fantasy even though it made no sense at all cost-wise or software-wise having an extra NFC FeliCa chip and multiple eSE just for JP models. He extensively tested a Pixel 3 JP model, a single global NFC NXP PN81B chip was the only answer.

The iFixit teardown confirms that Pixel 4 simply repeats last year’s Pixel 3 strategy of having global NFC hardware but only buying FeliCa transaction keys for JP models. It’s a weird strategy because the whole point of the NXP PN81 and ST54J chips is to provide customers with a convenient off the shelf global NFC package with all the hardware (NFC A-B-F) and software (EMV/FeliCa/MIFARE) ready to go.

The Pixel 4 looks like a great device but the NFC story angle remains a disappointment. As I have said before, the Android equivalent of global NFC iPhone and Apple Watch has yet to appear.

UPDATE
FeliCa Dude posted a deep dive into the Pixel 4 ST54J NFC chip and comes up with some fascinating analysis. He points out there were three model classes for Pixel 3:

  • Devices with eSIM functionality and without Mobile FeliCa
  • Devices without eSIM functionality and without Mobile FeliCa: the carrier-neutered model with a locked bootloader.
  • Devices without eSIM functionality and with Mobile FeliCa (the G013B/G013D models)

Pixel 4 delivers eSIM and FeliCa together to the Japanese market for the first time and this appears to be a reason behind Google choosing the ST54J that has eSIM + global NFC eSE on a single die. FeliCa Dude does not have a Pixel 4 yet so there is more analysis to do, but the important point is this:

if the Japanese SKUs of the Pixel 4 are indeed based on the ST54J, then there should be no technical reason why such <Mobile FeliCa> functionality can’t be delivered OTA <over the air update> to the ROW <rest of world> SKUs should Google desire to provide that service

The Pixel 4, the ST54J and Mobile FeliCa

It would be nice indeed if Google left the door open for adding Mobile FeliCa later to all non JP Pixel 4 models with a software update, especially for markets like Hong Kong that can use it. Whether Google will actually do that is another matter entirely.

Apple Global NFC Lineup 2019

With the removal of iPhone 7 and Apple Watch Series 2, the new 2019 iPhone and Apple Watch lineup on the Apple Store is finally global NFC across the board. The Apple Watch Series 5 S5 chip did not gain ‘Express Card with power reserve’ or NFC background tag reading this time. The former would be a very welcome addition for the eternally battery challenged Apple Watch, while the later is necessary at some point if Apple wants to use the ‘yet to be formally unveiled’ NFC Tag Apple Pay to kick QR Code payment systems to the curb.

There is something missing in the lineup however: a low cost entry level global NFC iPhone that’s even lower than the price cuts Apple implemented with the 2019 lineup. As Ben Thompson of Stratechery explains in a great post:

That means that this year actually saw three price cuts:
•First, the iPhone 11 — this year’s mid-tier model — costs $50 less than the iPhone XR it is replacing.
•Second, the iPhone XR’s price is being cut by $150 a year after launch, not $100 as Apple has previously done.
•Third, the iPhone 8’s price is also being cut by $150 two years after launch, not $100 as Apple has previously done.

The rumored A12 chip iPhone SE2 may well be pie in the sky, but that doesn’t mean that there isn’t market appeal for an inexpensive global NFC iPhone for places like Japan and Hong Kong. Those markets have highly integrated transit networks coupled with highly evolved transit card systems like Suica and Octopus. With both of these on Apple Pay there’s a good opening for a small SE size inexpensive global NFC iPhone, it would do very well.

UPDATE: What’s the best iPhone for Suica?
A reader asked for my recommendation of a good Suica use iPhone in the 2019 lineup. I do not recommend iPhone 8. The superior NFC and Suica performance, plus the Express Card with power reserve and background tag reading features of A12 Bionic and later is a huge leap over previous models. These enhanced NFC functions are important for new Apple Pay features yet to come. I think it comes down to a choice between iPhone XR and iPhone 11, and how long you plan to use it in Japan.

It’s also helpful to remember that 2019 is the last lineup of 4G/LTE only iPhone. I think iPhone 11 is better optimized for 4G in the long run as Japanese carriers start to switch over bands to 5G. There is also the much better camera to consider. Last but not least is battery. The power optimization of A13 Bionic is going to deliver much better battery performance over a longer period of time.

It boils down to this: if you plan to use the iPhone for 2 years iPhone XR is a good choice, if you plan to use iPhone for 3~4 years iPhone 11 is the better choice.

Ride the Rails with Apple Pay Suica and Earn JRE POINT

The enhanced NFC functions of iOS 13 could not have come at a better time for the Japanese market. The great 10% consumption tax cashless experiment begins October 1 when the tax hike becomes effective and the Japanese government starts giving 2%~5% refunds for cashless payments via established card point systems. The ‘My Number‘ Japanese Individual Number card will be a centerpiece for getting those point rebates and the Japanese government has already announced iOS 13 support for My Number card. The whole rebate/refund thing is clear as mud but exciting too. Suica is listed as one of the many e-money cards eligible for consumption tax refunds/rebates. Suica consumption tax point refunds will be delivered via JRE POINT.

JR East added to the excitement today with the announcement that starting October 1 Suica users can earn JRE POINT simply by riding the rails. Mobile Suica transit users (Apple Pay Suica, Google Pay Suica, Osaifu Keitai Suica) earn 1 JRE POINT per 50 yen of IC transit fare, plastic Suica cards earn 1 JRE POINT per 200 yen of IC transit fare.

That’s a huge incentive to drive transit users from plastic Suica to Mobile Suica. The same JRE POINT rates apply to Green Car Seat purchases. And get this, only Mobile Suica Commuter Plan purchases and renewals are eligible for JRE POINT with 1 JRE POINT per 50 yen of the purchase/renewal. This is a sweet deal if your company sponsors your commuter pass. They give you the money, you get the points. Ugh, now I have to hold off renewing my Apple Pay Suica Commute Plan until October 1 but the points are worth going without my commute plan for a few days. JR East’s big push for Mobile Suica over plastic is remarkable and will become a shove when the next generation ‘Super Suica’ format arrives in April 2021.

To earn points the Suica card must be registered to a JRE POINT account. The JRE POINT account setup process has gotten a little more streamlined, and the iOS JRE POINT App a little less clunky over the past year. Mobile Suica and JRE POINT systems are now dynamically linked so you don’t need to worry if the Apple Pay Suica card ID number changes.

Today’s announcement only applies to regular train travel but JR East will be adding a lot more in 2020~2021 as the Super Suica start date approaches: JRE POINT for Touch and Go Shinkansen travel starts with the new JR East eTicket system in April 2020, Round trip fixed travel route coupon-like JRE POINT is due December 2020. And finally, with Super Suica in place, the regular express train/Shinkansen ‘EkiNet‘ ticketing and point system will be rolled into the JRE POINT system. Travelers can then earn and use JRE POINT to purchase regular express train and Shinkansen eTickets and upgrade seats. It will be Apple Pay Super Suica eTicket bliss.

Apple Pay on Event Day

Apple Pay is sure to have a segment during the September 10 Apple Event. Here is my roundup of what to expect based on previous coverage.

Apple Card
Apple Card did not get its own press event rollout in August, this will be the closest thing. We will certainly get a feature review and some launch statistics. Long shot call: if lucky we may also get mention of a few more Wallet card feature goodies with the iOS 13 golden master.

Apple Pay for NFC Tags
This was previewed by Jennifer Bailey at her Transact keynote just before WWDC19. There has been no coverage since. NFC Tag Apple Pay works hand in glove with the Background NFC tag reading feature on iPhone XR/XS and later, and the Sign in with Apple feature of iOS 13. The Apple Pay segment makes the most sense for Apple to mention any other products or services that use the enhanced NFC Tag functionality of iOS 13.

The level of global NFC functionality integration across iPhone and Apple Watch is unique. There is nothing on the Android side that matches the seamless combination of Apple Pay Suica + iPhone + Apple Watch, a hardware combination also coming to Hong Kong transit with iOS 13 Apple Pay Octopus. An Apple Watch Series 5 that delivers background NFC tag reading ability integrated with Apple Pay along with Express Transit power reserve would be a very unique feature set indeed.

Apple Pay Transit
Apple Pay Octopus for Hong Kong is on tap for iOS 13, already announced by Octopus Cards Limited. We should get service start updates and details for Octopus, Apple Pay Ventra, EMV Express Transit for TfL. Mentions of Apple Pay myki, EMV Express Transit for LA TAP and more are possible but iffy.

May the NFC be with you.


Bonus iOS 13 Update
Apple’s Where you can ride transit with Apple Pay lists 2 kinds of Apple Pay Transit. Here is a brief explanation of what they mean.

iOS 13 Apple Pay Transit, entries such as Melbourne and Los Angeles will arrive later in the iOS 13 life cycle
  • Where you can use Apple Pay for transit with Express Transit Mode
    ‘A List’ transit that supports both native transit cards (faster than EMV except for China) and EMV style bank cards (slower) for Express Transit.
  • Where you can use Apple Pay for transit without Express Transit mode
    ‘B List’ EMV style bank card transit that requires Face ID, Touch ID or passcode at the transit gate. One benefit of this mode over regular plastic bank cards is that all Apple Pay loaded cards (China again is the one exception, UnionPay all the way) are certified by Apple for the listed transit agencies. This means Apple Pay cards will always work, while plastic versions of the same card sometimes do not.