The Apple Pay monopoly debate part 2: the gatekeeper difference

I’ve always said people should pay attention to the Japan mobile payments market because there is a lot to learn from the successes and failures of the world’s first large scale mobile payment platform. There are important lessons when it comes to the EU Apple Pay monopoly debate and the downsides of having an ‘open’ iPhone secure element and eliminating Apple’s gatekeeper role.

The Osaifu Keitai mobile payment platform that launched in 2004 has supported a lot of different hardware over the years, from Symbian OS handsets to Android smartphones. During that time it has evolved from a carrier exclusive feature with SIM locked devices to the current SIM free market model. The software has evolved too, away from devices with dedicated FeliCa chips to standard NFC chips with GlobalPlatform certified embedded secure elements that do it all, like Pixel and Chinese smartphones sold in Japan. People assume there is a special ‘FeliCa chip’ on FeliCa capable devices but this isn’t the case anymore. Taken altogether those are big messy transitions.

Nikkei recently posted a scare mongering piece, typical for them, about the looming security risk of previous user Suica cards and the like left on Osaifu Keitai devices when resold on the open market. Yes, it’s true, an Android factory reset doesn’t wipe FeliCa junk off the secure element, but it has always been like this so why the sudden handwringing?

For most people this isn’t an issue. When upgrading or repairing a device through carriers or second hand retailers, they wipe both device and secure element as standard practice. It’ a potential problem for Osaifu Keitai devices sold on the open market (Mercari, etc.) as the seller is responsible for clearing off their card junk. This should be done before selling the device of course but like all things Android, it’s a piecemeal process that requires deleting cards in each payment service app (Suica, PASMO, iD, QUICPay, etc). The secure element data can also be wiped at a carrier shop data wipe kiosk. On older pre-Mobile FeliCa 4.0 devices it can be a real chore:

I just about lost my mind when I was unable to even delete Edy on my phone as Rakuten has locked me in app for “fraud.” The whole sitch is indeed ridiculous so I was super happy to see the back of Osaifu-Keitai. Apple Pay truly doing the God’s work here.

You can’t even see if you deleted all the cards as the later FeliCa versions only show “memory in use” without telling you what’s in it. And each app has a different flow & some doesn’t even allow deletion! Complete nightmare.
(Twitter comment)

On Mobile FeliCa 4.0 and later, if virtual cards are deleted, you will see ‘unused’: in that condition, the device can be transferred to a new owner and they will have no problems with it. This is what resale stores look for. Block usage data is only shown on 3.0 and below. (Felica Dude)

The Apple Pay gatekeeper role
From a usability and privacy perspective, Apple wipes the floor with Osaifu Keitai, as you would expect from an Apple product. Apple Pay is designed from the ground up to protect users from complexity by tying everything to the user Apple ID. When the user signs out of Apple ID, Wallet app contents are moved to iCloud and the iPhone secure element data is instantly wiped clean. No messy 3rd party app accounts to deal with.

Apple can do this because they ‘own’ the custom embedded secure element on their devices. They are the gatekeeper with in-house key servers that Apple Pay servers use to load card applets into the user’s Wallet app. They maintain and update the basic protocols (EMV, Mobile FeliCa, MIFARE), etc.) and take care of Wallet card housekeeping. It’s something Google Pay can’t do in Japan because it’s only a candy wrapper over the gnarly old Osaifu Keitai stack ultimately ‘owned’ by FeliCa Networks.

Does the EU want to foist the current state of Osaifu Keitai-like complexity and potential security problems on iPhone users in the name of ‘open NFC’ with a bunch of different NFC owners pulling in different directions, apps occasionally stepping on othe app NFC toes? Because that will be the reality, though people who want to eliminate gatekeepers will surely write it all off as a ‘Japanese galapagos’ thing or a FeliCa thing because it doesn’t serve their self-interest. It would be a darn shame if iPhone are forced learn the Osaifu Keitai lesson the hard way.


Related post: The Apple Pay monopoly debate part 1: context is everything

iOS 16: missing features in Japan (updated)

Any WWDC OS announcement is always a matchup contest of what’s coming for America and what’s missing in other regions like Japan. Let’s take a quick look at what’s coming, what’s not and other quirks on the iOS 16 feature page.

What’s missing

Live Text that actually works for Japanese

Japan finally got Live Text and Visual Lookup. While it’s great that Live Text supports Japanese language, it doesn’t support vertical Japanese text which means there are lots of times when it won’t work. Basically Live Text Japanese is pretty useless without robust vertical text support. And yes it’s depressing to think that iOS and macOS in 2022 still cannot do precise multilingual vertical text selection that QuickDraw GX could do back in 1993.

Maps

It’s weird that Apple is advertising transit cards and low fare balance warnings as a new Maps feature. I guess it’s new when it’s new for America. Apple Maps has had low fare warnings for Suica since the October 2016 iOS 10.1 update. The add new card part is new either but low fare warnings aren’t working in beta 1. Bottom line: there is no new transit functionality such as granular route selection, sorting etc., thought the UI is improved and more compact. Walking directions have also added elevation information. As Japan is missing from the WWDC22 announced list of countries getting New Maps this year (countries like Saudi Arabia that have yet to see an Apple Maps Image Collection van), Japan will continue to be the Apple Maps challenged country. I’m pretty sure Taiwan will get New Maps long before Japan does, if ever.

Apple Pay and Wallet

Apple Pay Later is only for America at this point, ditto for ID in Wallet, both missing and no surprise. Order tracking in Wallet is listed for Japan and also key sharing, though BMW is currently the only company offering a digital key for Wallet. Wallet compatible Home-Office-Hotel digital keys have yet to be announced though there are many digital keys on the market for Android.

Other things

Live Captions, Control Apple Watch with iPhone, Apple News, Weather app minute by minute precipitation are missing. Siri Japanese voice 1, the guy voice, and voice 2 are new and higher quality. Voice 1 sounds more soft and fey to my ear. That’s okay but the previous guy voice was a bit easier to hear outside with ambient noise.


iOS 16 Gallery

Live Text now supports Japanese but vertical text scanning doesn’t work
Live Text Japanese scan in Translation app doesn’t work for vertical text

Killing the golden egg goose

Amid the swirling EU ‘iPhone must be open’ debate, there’s an angle for everybody. Every proponent, from software developers who want side-loading to payment networks and banks who want open NFC, to EU regulators who want ‘open market’ (yeah right), and especially software ‘security’ companies who want to sell endless fixes for endless security breeches engineered by… you know who, expect a bonanza. iPhone finally released from the Apple walled garden is gonna make everybody rich.

Japanese developers and tech reporter veterans are thankfully more detached and acerbic than passionately hysterical westerners who are more in love with passionate hysteria than clear thinking. Not that they love Apple, Google, Microsoft, etc., or don’t think they should be regulated in some way, they just seem more aware of practical reality. If you want to know what opening iPhone means look no further than this; Everyone’s favorite iPhone will fall prey to shitty antivirus software companies. A world where you throw money away.

Maybe shitty antivirus software companies and shitty bank payment networks will make more money from a heavily regulated and opened iPhone, in the short term, and it will be users who are forced to throw their money away because they don’t understand the complexity being forced on them. As Steve Jobs once said, customers are pay Apple to make those choices and strip away the complexity. Not anymore.

In the new world order there aren’t bundled hardware + software smart devices to choose from, users choose the hardware, then they choose the software. Good luck with that. In the long term, a new world where hardware and software can’t be sold as a closed bundle is going to break a lot of hardware development business models out there, not just Apple’s. All those passionate ‘open’ proponents better be prepared for hard reality when the cut open the iPhone goose that laid golden eggs, and find nothing.

Apple Platform Security May 2022: Tap to Pay on iPhone, Express Mode scare mongers and other fun

Ahh springtime, flowers and the annual Apple Platform Security (APS) update. This year’s version has many Apple Pay housekeeping changes. Previous versions put everything Apple Pay in a single section. In keeping with Apple spinning out iOS 15 Wallet app as a separate identity, Wallet has its own separate section now, covering all the things Jennifer Bailey unveiled at WWDC21: hotel-home-office keys and ID in Wallet. The Apple Pay section adds a new category for Tap to Pay on iPhone with some interesting bits.

The Tap to Pay on iPhone servers manage the setup and provisioning of the payment kernels in the device. The servers also monitor the security of the Tap to Pay on iPhone devices in a manner compatible with to the Contactless Payments on COTS (CPoC) standard from the Payment Card Industry Security Standards Council (PCI SSC) and are PCI DSS compliant.

The Tap to Pay on iPhone server emits decryption keys to the Payment Service Provider after validation of the integrity and authenticity of the data, and after verifying that the card read was within 60 seconds of the card read on the device.

What’s interesting to me is that Tap to Pay on iPhone servers are providing a seamless payment reader experience in the same way that Apple Pay servers provide a seamless pay experience. It just works, from setup to use, the same tight integration allows payment service providers to focus on POS app development and forget about the hardware because Apple Pay takes care of everything. As Junya Suzuki tweeted recently, a lot of payment reader hardware is suddenly junk compared to what iPhone is providing with tight mobile integration and Tap to Pay servers on the backend. Now with Tap to Pay apps on the horizon, good thing that iOS 15 Wallet expanded the secure element max to 16 ain’t it?

Speaking of Wallet, this separate section covers all things “access credential” related (hotel-corporate-home-car-student ID) with App Clips suggested for provisioning multifamily home keys. Transit now includes eMoney cards (or is it e-Money, Apple seems confused about it just like Express Mode vs Express Transit) and IDs in Wallet is covered in detail. There is also an intriguing iOS 15.4 Wallet security tweak:

In iOS 15.4 or later, when a user double-clicks the side button on an iPhone with Face ID or double-clicks the Home button on an iPhone with Touch ID, their passes and access key details aren’t displayed until they authenticate to the device. Either Face ID, Touch ID, or passcode authentication is required before pass specific information including hotel booking details are displayed in Apple Wallet.

It sounds almost exactly what we already do with regular Apple Pay cards. Perhaps keys and passes only show a generic icon and checkmark with Express Mode with the double-click + authentication required for show details…it’s not very clear.

Speaking of Express Mode, ‘security experts’ are still scare mongering the masses with the tired old Russian security expert/Apple Pay VISA Express Transit exploit story that made the rounds last November, regurgitated by Forbes in the over the top scary sounding, and sloppily written (this is Forbes after all), “How hackers can drain your bank account with Apple and Samsung tap and pay apps“.

The whole security expert thing reminds me of what my uncle the doctor (who ran a medical research lab at Columbia University) used to say about his disdain for pharmaceutical companies, “They don’t want to cure you, they just want to keep ‘treating’ you with their medicines.” Human nature never changes. The gist is that EMV Express Transit Mode will always be a thorn in Apple Pay’s side because the security is up to the card companies.

The document is worth your time is you have any interest in Apple Pay and Wallet.

WWDC22 Wish List

It is hard to be enthusiastic about this year’s WWDC when Apple’s entire integrated software/hardware business model is coming under attack. With so much distraction these days there’s not much of a wish list, just a few observations for Apple Pay, Apple Maps and Text Layout.

Apple Pay
First up of course, is Apple Pay. After Jennifer Bailey’s WWDC21 appearance where she announced home keys, hotel keys, office keys and ID for iOS 15 Wallet, and the separate Tap to Pay on iPhone PR announcement release in January, I don’t think Jennifer will be in the WWDC22 keynote. She’s not going to appear just to explain that Apple Pay is not a monopoly, that’s Tim’s job with CEO level pay grade, it’s unlikely she’s doing to appear to just recap details of what’s already been announced.

Bailey’s job is to announce new features, and I don’t think that after the big iOS 15 rollout of new Wallet features and Tap to Pay on iPhone there’s nothing really new. And it’s not her job to announce new frameworks, that’s what the sessions are for. Things that I have been wishing for these past few years such include easier, more open NFC Pass certification process and/or new frameworks for developers to access the secure element for payments or use Tap to Pay on iPhone. There needs to a clearer path for developers who want to use the secure element for payments (Wallet) or iPhone as payment terminal (Tap to Pay on iPhone).

Apple needs to open up the NFC/Secure Element Pass certification process and clarify the process

The only possible ‘new’ Apple Pay Wallet feature I can think of is the long in the works Code Payments. It has been lurking in the iOS shadows since iOS 13, so long that Apple legal inserted official mention in a recent Apple Pay & Privacy web page update: “When you make a payment using a QR code pass in Wallet, your device will present a unique code and share that code with the pass provider to prevent fraud.” If Apple Pay delivers native device generated QR code payments without a network connection, just like all Apple Pay cards to date, it would be quite a coup but by itself, but probably not worth a Jennifer Bailey appearance. Other future goodies like passport in Wallet or ID in Wallet for other countires are too far out to mention, at least in the iOS 16 time frame.


Apple Maps
The only new Apple Maps feature that suggests itself is AR enhanced ‘Look Around’ indoor maps for stations. That’s the conclusion after examining the current (February ~ May 2022) backpack image collection in Tokyo, Osaka, Kyoto and Nagoya. It is highly focused on stations, and stations such as Shinjuku, Tokyo, Shibuya, Ikebukuro, etc., are mostly underground, surrounded with densely packed extensive maze like malls.

This means Apple image collection in Japan is going indoors for the first time, likely at pre-arranged times when people are scarce. This is hard to do at a place like Shinjuku station as multiple companies collectively manage the entire site (JR East, Odakyu, Keio, Seibu, Tokyo Metropolitan Bureau of Transportation, Tokyo Metro, just to name a few).

Apple needs something new with indoor maps as the current incarnation is inadequate for stations. As Google Maps Live has shown in Tokyo station, AR walking guidance is a good fit for indoor maps that navigate users through intricate, information dense underground station mazes, though Google’s version has its problems. New and improved, AR enhanced “Look Around” style indoor station maps with walking directions that seamlessly guide users from transit gate to final destination would be far more useful than they are now.

Recent image collection suggests Indoor Station Maps might be coming in iOS 16

Overall, I am not optimistic that Apple Maps in Japan can become a top tier digital map service. The local 3rd party map and transit data suppliers that Apple depends on to make up the bulk of the Japanese service are decidedly not top tier. Old problems remain unfixed. In the case of the main Japanese map data supplier things have deteriorated.

Increment P (IPC) was 100% owned by Pioneer but was sold to Polaris Capital Group in June 2021 with a new CEO (ex Oracle Japan) who quickly changed the name to GeoTechnologies Inc. Under hedge fund Polaris Capital Group led management the company has been busy inflating the number of cushy company director positions, never a good sign, and pushing out shitty ad-ware apps like Torima. The focus is leveraging assets not building them.

Apple’s Japanese map problem can only be fixed by dumping low quality GeoTechnologies for a top quality digital map supplier like Zenrin (the amateurish UK backed Open Street Map effort in Japan is not worth serious consideration) or Apple aggressively mapping Japan themselves. Apple has not pursued either option: the image collection effort in Japan is leisurely and limited, its use remains restricted to Look Around. Until this changes, expect more of the same old fundamental Japanese map problems in iOS 16 and beyond. Apple Maps is a collection of many different service parts. Some evolve and improve, some do not. Let’s hope for a good outcome with the data Apple is collecting for indoor station maps.


Apple Typography TextKit 2 migration
WWDC21 saw the unveiling of TextKit 2, the next generation replacement for the 30 year old TextKit, older than QuickDraw GX even, but much less capable. TextKit 2 marked the start of a long term migration with most of TextKit 2 initially ‘opt in’ for compatibility. We’ll find out how much of TextKit 2 will evolve to default on with an ‘opt out’. There are holes to fill too: the iOS side didn’t get all the TextKit 2 features of macOS such as UITextView (multiline text), some of the planned features like NSTextContainer apparently didn’t make the final cut either. We should get a much more complete package at WWDC22. Once the TextKit 2 transition is complete, I wonder if a Core Text reboot is next.


watchOS 9 Express Cards with Power Reserve?
Mark Gurman reported that watchOS 9 will have “a new low-power mode that is designed to let its smartwatch run some apps and features without using as much battery life.” While this sounds like Express Cards with Power Reserve (transit cards, student ID, hotel-home-car-office keys) and it might even mimic the iPhone feature to some degree, it will not be the real thing. Power Reserve on iPhone is a special mode where iOS powers down itself down but leaves the lights on for direct secure element NFC transactions. iOS isn’t involved at all.

Real Power Reserve requires an Apple silicon design that supports the hardware feature on Apple Watch, it cannot be added with a simple software upgrade. Until that happens, a new watchOS 9 low-power mode means that watchOS still babysits Express Cards, but anything that gives us better battery life than what we have now is a good thing. We’ll find out later this year if Apple Watch series 8 is the real Power Reserve deal.

Enjoy the keynote and have a good WWDC.