WWDC22 Wish List

It is hard to be enthusiastic about this year’s WWDC when Apple’s entire integrated software/hardware business model is coming under attack. With so much distraction these days there’s not much of a wish list, just a few observations for Apple Pay, Apple Maps and Text Layout.

Apple Pay
First up of course, is Apple Pay. After Jennifer Bailey’s WWDC21 appearance where she announced keys and ID for iOS 15 Wallet, and the separate Tap to Pay on iPhone announcement in January, I don’t think Jennifer will be in the WWDC22 keynote. She’s not going to appear just to explain that Apple Pay is not a monopoly, that’s Tim’s job with CEO level pay grade, nor is she doing to appear to just flesh out details of what’s already there. That’s what sessions are for, explaining things that I have been wishing for these past few years: an easier, more open Secure Element Pass certification process and/or new frameworks for developers to access the secure element for payments or use Tap to Pay on iPhone. There needs to a clearer path for developers who want to use the secure element for payments (Wallet) or iPhone as payment terminal (Tap to Pay on iPhone).

Apple needs to open up the NFC/Secure Element Pass certification process or clarify the process

The only possible ‘new’ Apple Pay Wallet feature I can think of is the ‘so long in the works it has gone moldy’ Code Payments. Lurking in the code shadows since iOS 13 or so, it has been around so long that Apple legal inserted official mention in a recent Apple Pay & Privacy web page update: “When you make a payment using a QR code pass in Wallet, your device will present a unique code and share that code with the pass provider to prevent fraud.” If Apple Pay delivers native device generated QR code payments without a network connection, just like all Apple Pay cards to date, it would be quite a coup but by itself, is not worth a Jennifer Bailey appearance. Other future goodies like passport in Wallet or My Number ID in Wallet are too far out to merit mention.


Apple Maps
The only new Apple Maps feature that suggests itself is Indoor Maps for stations. That’s the conclusion I come up after examining the current (February ~ May 2022) backpack image collection in Tokyo, Osaka/Kyoto and Nagoya. It is highly focused on centrally located above ground and underground station areas. Stations like Shinjuku and Tokyo are entirely underground surrounded with extensive maze like malls.

This means Apple image collection backpacks are going inside for the first time. They are either collecting data instead of images, or doing it at pre-arranged times when people are scarce. This is hard to do at a place like Shinjuku station as there are multiple companies collectively managing the entire site (JR East, Odakyu, Keio, Seibu, Tokyo Metropolitan Bureau of Transportation, Tokyo Metro, just to name a few).

So far Apple has only used their image collection in Japan for Look Around, but the current version of Look Around doesn’t make sense for station interiors unless it is heavily modified with augmented reality place labels, directions for exits, transit gates and so on. The Apple indoor maps model for airports and malls is outdated and impossible to retrofit for information dense, tightly packed Japanese stations.

Apple needs come up with something new for indoor station maps to be successful on any level. The current version of AR walking guidance only works outdoors as the camera has to scan and match surrounding building profiles. A hybrid of stored Look Around images and AR walking guides might be a way forward. Station maps have special needs to seamlessly transition between indoor and outdoor guidance modes as users leave or enter stations on their walking route to the final destination.

Recent image collection suggests Indoor Station Maps might be coming in iOS 16

I’m not holding my breath but anything is better than what we have now and Apple is certainly up to something. A new and improved, AR enhanced “Look Around” style indoor map for stations would be far more useful for Japanese iPhone users than airports or shopping malls. Nobody does indoor maps well by the way, including Google Maps and Yahoo Japan Maps.

As most readers of this blog already know, I am not optimistic that Apple Maps in Japan can become a top tier digital map service. The local 3rd party map and transit data suppliers that Apple depends on to make up the bulk of the Japanese service are certainly not top tier and old problems remain unfixed. In the case of the main Japanese map data supplier things have deteriorated.

IPC was 100% owned by Pioneer supplying their car navigation system data, but was sold to Polaris Capital Group June 1, 2021 with a new CEO (ex Oracle Japan) named the same day. In January 2022 IPC was renamed GeoTechnologies Inc. Under hedge fund Polaris Capital Group management, GeoTechnologies has been busy inflating the number of cushy company director positions, never a good sign, and pushing out shitty ad-ware apps like Torima. The focus is leveraging assets not building them.

Apple’s Japanese map problem can only be fixed by dumping GeoTechnologies for Zenrin, or Apple mapping all of Japan themselves. Apple is not pursuing either option, the image collection effort in Japan is limited and its use remains restricted to Look Around. Until this changes, expect more of the same old Japanese map problems in iOS 16 and beyond. Apple Maps is a collection of many different service parts. Some evolve and improve, some do not. Let’s hope for a good outcome with the data Apple is collecting for indoor station maps.


Apple Typography TextKit 2 migration
WWDC21 saw the unveiling of TextKit 2, the next generation replacement for the 30 year old TextKit, older than QuickDraw GX even, but much less capable. TextKit 2 marked the start of a long term migration with most of TextKit 2 initially ‘opt in’ for compatibility. We’ll find out how much of TextKit 2 will evolve to default on with an ‘opt out’. There are holes to fill too: the iOS side didn’t get all the TextKit 2 features of macOS such as UITextView (multiline text), some of the planned features like NSTextContainer apparently didn’t make the final cut either. We should get a much more complete package at WWDC22. Once the TextKit 2 transition is complete, I wonder if a Core Text reboot is next.


watchOS 9 Express Cards with Power Reserve?
Mark Gurman reported that watchOS 9 will have “a new low-power mode that is designed to let its smartwatch run some apps and features without using as much battery life.” While this sounds like Express Cards with Power Reserve (transit cards, student ID, hotel-home-car-office keys) and it might even mimic the iPhone feature to some degree, I doubt it will be a full blown version. Power Reserve is a special mode where iOS powers down itself down but leaves the lights on for direct secure element NFC transactions. iOS isn’t involved at all.

Real Power Reserve requires Apple Watch silicon that supports the hardware feature, it cannot be added with a simple software upgrade. Until that happens, a new watchOS 9 low-power mode means that watchOS still babysits Express Cards, but anything that gives us better battery life than what we have now is a good thing.

Enjoy the keynote and have a good WWDC.

Apple Pay Enhanced Fraud Prevention (updated)

Apple Wallet VISA card users report receiving ‘Enhanced Fraud Prevention’ notifications today that outline changes how Apple shares ‘fraud prevention assessments’ with payment card networks based on analyzed information from user Apple Pay transactions (purchase amount, currency, date, location, very likely more). The changes seem to apply to web and in-app purchases.

Apple has been doing most of this already. The new Apple Pay and Privacy text expands upon earlier iOS user guide text: If you have Location Services turned on, the location of your iPhone at the time you make a purchase may be sent to Apple and the card issuer to help prevent fraud. Perhaps Apple is changing ‘may be sent’ to ‘will be sent’.

Enhanced Fraud Prevention might cause problems for some Apple Pay users when people start traveling again as in-app purchase is used for adding money to transit cards. There have already been a few very recent and odd, ‘I can’t use my home issued Apple Pay card to recharge PASMO’ complaints on social media from inbound visitors. Until now this kind of thing has been unheard of for Apple Pay Suica•PASMO users. A new complication to keep an eye on going forward. So far Wallet Enhanced Fraud Protection notifications only seem to be going out to VISA card users. Why and why now?

Because it’s starting with VISA with the focus on web and in-app payments, my first thought was this is partly a response to bad publicity from the silly VISA-centric ‘Apple Pay Express Transit has been hacked!‘ story that make the rounds last October. The new Apple Pay and Privacy text outlines how the new policy applies to various Apple Pay operations: adding a card, paying with Apple Pay, using transit cards, etc.

QR Code payments in Wallet are also referenced. The official mention may indicate the long in development feature will finally see light of day, perhaps iOS 15.5, we shall see. The text says, “When you make a payment using a QR code pass in Wallet, your device will present a unique code and share that code with the pass provider to prevent fraud.” If Apple Pay delivers native device generated QR code payments without a network connection, just like all Apple Pay cards to date, it would be quite a coup.

The notification privacy text is worth reading. As of this posting the Apple Pay & Privacy web page has not been updated with Enhanced Fraud Protection information.

2022-04-22 Update
Some clarity on the reasons and timing of Enhanced Fraud Prevention: Wallet notifications went to VISA card users in various Apple Pay regions (US, Japan, Australia and more) the same day Apple switched the Apple Cash card brand from Discover to VISA debit. Kissing the Green Dot Bank/Discover backend goodbye for VISA is the smart thing to do as Apple can finally take Apple Cash international. Enhanced Fraud Prevention had to be in place first for that to happen.

The PASPY thing

HIroden, NEC and LECIP team up for the new system announcement that replaces IC smartcard PASPY in 2024 (Hiroshima Home TV)

PASPY announced today that PASPY transit IC card service ends March 2025. The official replacement has been announced, billed as the “the fist Account Based Ticketing system in Japan” (yeah right) and launches October 2024. Main PASPY operator Hiroshima Electric Railway Co.,Ltd. (Hiroden) has been thinking out loud since last May that they planned to go all in with a QR Code smartphone app. Twitter users complain, a lot, that QR will be an inconvenient pain in the butt over what they have now.

Here’s the thing, most people assume that killing PASPY card means Hiroden and Hiroshima region PASPY transit partners will rip out all the FeliCa readers and replace them with optical code readers. I don’t think so. FeliCa PASPY cards will disappear but not the transit IC readers. If you listen carefully to Hiroden’s bitching and moaning about having to shoulder PASPY system costs from the PASPY/FeliCa fare processing server side (that the PASPY partners don’t help us enough with…boo-hoo-hoo). Dump that and get out of the plastic card issue business, leave ICOCA / Transit IC readers where they are and let them handle their own fare processing, retrofit a QR scanner or install Denso Wave QR+NFC readers, toss out a QR PASPY app and the PASPY associates can call it a day.

PASPY had all the limitations of region transit cards: no e-money functions for store purchases to juice the recharge business side, slowly declining ridership, and the card could not be used on JR West ICOCA and larger Transit IC network…limitations that the Suica 2 in 1 Region Affiliate program resolves. Too bad JR West doesn’t have a similar program for the ICOCA region but it says something about JR West and local government relations that Hiroshima City and prefecture officials have kept quiet.

Nevertheless, there are way too many ICOCA and Mobile Suica users out there and Mobile ICOCA goes live 12 months from now. PASPY partners will want to keep those users riding no matter what Hiroden ends up doing. And local government transit subsidies will help keep the Transit IC readers in place. The whole point of transit is encouraging people to use it…right? And if it all works out, for QR based PASPY MaaS with Transit IC support, all the better.

Hidden Assumptions

Jonathan Seybold said it best in his Computer History Museum interview video, many arguments can be easily demolished by pulling out the hidden assumptions. In our attention span challenged social media era it’s all too easy to believe things at face value. Few people invest time and brain energy to analyze and question arguments to find and examine hidden assumptions.

A reader of this blog might come away thinking I am not a fan of open loop transit fare payments and despise EMV contactless and QR Code payment technology. That would be a mistake. I don’t hate them, everything has its place. I simply don’t agree with ubiquitous assumptions that EMV or QR or open loop are cure alls for every transit fare payment situation that they are praised to be…usually because ‘everybody uses’ bank issued contactless payment cards or smartphone payment QR apps. It’s a one size fits all mentality that blinds people from seeing hidden assumptions. It’s very important to see how all the pieces, seen and unseen, fit together. After all, transit companies and their users have to live with transit infrastructure choices for decades.

In a recent twitter thread Reece Martin thought it would be nice if Canada had a nationwide transit card. This is something Japan has had since 2013 when the Transit IC interoperability scheme was put in place that made the major transit IC cards compatible with each other, but they did this without changing the hardware. The various card architectures were left untouched and linked with system updates, a use-the-same-card backend solution. China on the other hand created a national transit card with the China T-Union • PBOC 2.0 standard that replaced all older transit cards with locally branded T-Union cards, a get-a-new-card hardware solution.

A nationwide Canadian transit card is a great idea but as Samual Muransky answered in the same thread, why bother with ‘obsolete’ dedicated transit cards when everybody uses EMV contactless bank cards and EMV is the new standard. Let’s examine some hidden assumptions at play here.

Assumption #1: Everybody has contactless credit/debit cards
The open assumption here that everybody has bank issued credit or debit payment cards is not the case and varies by country, demographics, age, etc. Most people in some countries do, but even so there will always be people who don’t. Transit cards always have the advantage of being available at station kiosks to anyone with cash.

Assumption #2: because of assumption #1 open loop (credit/debit cards) is better than closed loop (dedicated ticketing) for paying transit fare
The hidden assumption is that open loop covers everything but it does not. Specific transit services such as individual commuter passes, discounted fares for disabled/elderly/children are practically impossible to attach and use with bank payment cards. The best that transit systems and payment networks can do with open loop is fare capping or special discounts when applied universally. The age-old pay ‘x’ times and get one free concept. Open loop works best for occasional transit users.

The limitations of open loop on large complex transit systems like Transport for London is easy to see. Despite a long campaign to eliminate the venerable Oyster transit card and migrate users to EMV open loop, TfL threw in the towel and upgraded the Oyster system recently. To date TfL has not offered a digital version of the closed loop Oyster card. In short, dedicated transit cards will always be with us.

Assumption #3: EMV contactless is the NFC standard
The NFC Forum recognized long ago that credit card companies and transit companies have different needs and objectives. To that end the NCF Forum has 2 basic NFC standards, one for contactless payments (NFC A) and one for transit (NFC A-B-F). All NFC devices must support NFC A-B-F for NFC Forum certification.

Assumption #4: EMV contactless for transit is safe and secure
There are many hidden assumptions packed into the words ‘safe and secure’: not everybody agrees on what safe is and what level of security is secure. Things also change depending on the situation and the design. I have covered transit gate reader design in many other posts but recap some basics here.

Steve Jobs famously said that designing a product is a package of choices. I have often said that EMV contactless is supermarket checkout payment technology but that’s not a put down, it’s the truth of what EMVCo were aiming for when they grafted NFC-A to their EMV chip for contactless cards.

Because of wide deployment with no direct control, the original EMV contactless spec had a latency window to work reliably even with crappy network installations, and the slow speed has sometimes been cited as a security risk. NFC-A (MIFARE and EMV) transaction speeds are rated for a theoretical 250ms but are usually 500ms on open loop transit gates. Suica is always 200ms, often faster. The speed gap is due to gate reader design, the network lag of centralized processing vs local stored value processing, and the different RF communication distances for NFC-A and NFC-F. JR East presentation slides explain the transaction speed differences.

  • Japanese station gates are designed to be capable of 60 passengers per minute. To do this the conditions are:
    • Processing time of fare transaction has to be within 200ms
    • RF communication distance is 85mm for physical cards and smartphones
  • European station gates are designed to be capable of 30 passengers per minute:
    • The processing time takes 500ms
    • RF communication distance is 20mm for physical cards, 40mm for smartphones
016l
Presentation slide from the NFC Forum Japan meeting, July 2016
018l
Presentation slide from the NFC Forum Japan meeting, July 2016

The Suica transaction starts from the 85mm mark while MIFARE and EMV contactless cards start at the 20mm mark. Because of the greater RF communication distance Suica transactions start much earlier as the card travels toward the reader tap area. It you look closely at the 2nd slide you can see that smartphones have a slightly earlier EMV/MIFARE RF transaction starting at the 40mm mark (the 1.1A/m boundary) due to the larger smartphone antenna, physical EMV cards with smaller antennas are limited to 20mm. This is why smartphones seem faster than physical cards on NFC-A gates. Suica physical cards have a larger antenna and the same RF transaction distance as smartphones.

NFC-A transaction speed is slower because it has to be on top of the reader before it can start. This is also the limitation with optical based QR and bar codes, the transaction only starts when the smartphone screen is close enough to the reader for an error free scan. Transit gates using these technologies are not designed for smooth walk through flow.

The speed difference is clearly seen on the Nankai VISA Touch open loop gates: the transaction starts when the card is physically on top of the reader:

Here is Suica style transit gate for comparison:

One of the smart things Nankai is doing in the test phase (limited to a few key stations) is keeping EMV/QR gates separate from standard FeliCa gates. This is practical. Regular users go through the faster regular gates, the occasional open loop or QR users go through slower EMV/QR gates. Keeping different readers separate and clearly marked helps keep walk flow smooth and crowding down at busier stations. The Nankai program has been put on pause for another year due to the collapse of inbound travelers in the COVID pandemic. It’s a trial run as Osaka area transit gear up for an anticipated inbound travel boom in connection with Expo 2025, that may, or may not pan out.

The Nankai VISA Touch gates are designed for physical cards, Apple Pay works but without Express Transit. That’s a plus as Apple Pay EMV Express Transit on TfL and other open loop systems (OMNY) has come under scrutiny for a potential security risk with VISA cards that allows ‘scammers’ (in lab settings) to make non-transit charges to Apple Pay VISA cards via Express Mode, something that is not supposed to be possible.

Timur Yunusov, a senior security expert at Positive Technologies…said a lack of offline data authentication allows this exploit, even though there are EMVCo specifications covering these transactions.

“The only problem is that now big companies like MasterCard, Visa and AMEX don’t need to follow these standards when we talk about NFC payments – these companies diverged in the early 2010s, and everyone is now doing what they want here,” he said.

Security researcher: Flaw in Apple Pay, Samsung Pay and Google Pay makes fraud easy for thieves, Techepublic

In other words, Apple removing Apple Pay bio-authentication to promote EMV Express Mode for open loop transit puts Apple Pay at the mercy of lax card network payment operation practices who don’t follow their own rules. Not that it’s a real problem in the field but accidents do happen, such as this incident on Vancouver BC TransLink that a reader forwarded:

Just a moment ago, I nearly got dinged on my CC while sitting on a high seat near a door which is where one of the validators are located. The validator picked it up from the backside rather than the front side where the tap area is located. Also, somehow, my iPhone authorized the transaction when I only want to return to the home screen instead.

If the open-loop was implemented in a way where the card must be pre authorized before the card can be tapped at a validator, it wouldn’t get me in a situation where I need to deal with customer service to dispute some charges. Good thing this time, transaction was declined so nothing related to this charge showed up in my account.

Smartphone users be careful around the backside of Vancouver BC TransLink pole readers

Open loop is only part of a larger picture
Canadian transit would certainly benefit from a Japanese transit IC system approach with compatibility on the backend, or even the China T-Union approach of a national card spec that is locally branded but works everywhere.

To come back to the beginning, my point isn’t about slamming EMV or QR open loop transit, just the assumptions that they solve everything. They have their place in intelligently designed fare systems but only constitute part of the larger transit fare system picture. And as I have pointed out many times, card companies have little interest in improving the EMV standard for transit needs. They want to capture transit fare business without investing. The focus will always be the supermarket checkout lane that EMV was designed for.

There will always be a risk involved when ignoring the hidden assumptions of EMV open loop as a one size fits all solution. Dedicated transit cards will always be necessary. Every transit system is unique and deserves the best solution for the transit company and the users they serve.

Who’s afraid of big bad code payments?

I have lots of respect Bloomberg reporter Gearoid Reidy, but a recent Twitter exchange he had with Craig Mod about code payment apps vs NFC reminded me that no matter how long westerners reside in Japan and appreciate the culture, our western cultural ‘winner or loser’ take on things too often gets in the way of truly understanding what’s going on. The Japanese take complexity in stride and are very adept at dealing with situations that drive us westerners crazy.

This is especially true when the debate is about that contentious intersection of contactless payments and technology: EMV is the winner FeliCa the loser, code payments are the winner NFC is the loser, and so on. As fun as that debate can be at times, the black and white distracts westerners, and even some Japanese from analyzing the gray to find out what’s driving the narratives and why.

My take has always been that Japan is the best place to observe trends first before they happen elsewhere. This is what Gearoid half jokingly calls ‘j a p a n i f i c a t i o n’. It’s real and has nothing to do with liking or disliking Japan. Either way, too many dismiss the opportunity to learn ahead of the curve. My take has also been that the crazy kaleidoscope of Japanese payment choices is coming to your country too. We got a taste of that with the announcement of the Australian national QR payments and rewards platform called eQR.

The standard Japanese market debate point of code payments vs NFC assumes the China Alipay model. China didn’t have the mobile NFC contactless payments infrastructure that Japan had, so the Alipay code payment model makes sense there. In Japan it does not, which is why Gearoid and Craig are scratching their heads in public. Code payments in Japan are all about leverage, big data, and carriers. Leverage in that carriers like NTT docomo keep the dBarai accounts in-house and use the float for their own purposes instead of letting banks and credit card companies earn interest on dCard accounts. That’s why they encourage users to use dCard to recharge the code payment dBarai account instead of using the card directly.

It’s a similar situation for SoftBank and PayPay, though I suspect it has more to do with deficit financing funnery that SoftBank Holdings is so adept at. Heaven help us, and all those Vision Fund supporters, if it comes crashing down. PayPay has been helpful though at shining a bright light on Japanese payment networks and the various service fee structures from CAFIS on down. VISA JP has suddenly seen the light and proposes to do something about it…perhaps.

Code payments are just a tool in the swiss army knife payment wallet app, like Toyota Wallet, insurance and leverage. We saw that in action when Apple Pay first launched in America and Walmart answered with CurrentC. We’re seeing again with eQR in Australia and it will keep happening when merchants or banks or payment service players need a tool to bargain a better percentage. Heck even Apple Pay is flirting with the idea of adding code payments to Wallet, though I think their hesitancy to do so means…it’s just a bargaining tool for Apple too.

So you think this is a Japanese only phenomenon? Think again.