The Apple Pay monopoly debate part 1: context is everything

John Gruber did everyone a favor outlining some of the stakes at play in the remarkably glib, “Remarks by Executive Vice-President Vestager on the Statement of Objections sent to Apple over practices regarding Apple Pay.” The objections are annoyingly vague and refuse to specify how Apple Pay stifled competition and innovation:

(The) Digital Markets Act will…require companies designated as gatekeepers to ensure effective interoperability with hardware and software features they use themselves in their ecosystems. This includes access to NFC for mobile payments.

Today’s case addresses a conduct by Apple that has been ongoing since Apple Pay was first rolled out in 2015 <sic, 2014 actually>. This conduct may have distorted competition on the mobile wallets market in Europe. It prevented emergence of new and innovative competition that could have challenged Apple.

Mark Gurman and Jillian Deutsch at Bloomberg also did everybody a favor unmasking PayPal as one of the instigators behind the EU Commission Apple Pay investigation. Yes, that PayPal…the financial service that snuffs out user accounts whose politics they don’t like, or worse just seizes their money.

Both pieces miss important context surrounding the debate however…and with this issue context is all, especially how Apple Pay is playing out in other global markets. Most of what follows I’ve covered in earlier posts but hope to pull the various issues together in one post. Yet again, we kickoff with an updated Apple Pay diagram.

‘Open’ NFC, gatekeepers and secure element wars
Europe has been calling Apple Pay unfair since the very beginning, with many EU member banks holding out as long as they could. German banks only joined Apple Pay in December 2018 when Vestager was already actively seeking Apple Pay complaints. Less than a year later Germany passed a bill to force Apple to ‘open’ their NFC chip. Australian banks tried the same in 2017.

The so called Apple ‘NFC chip’ is not a chip at all but a hardware/software sandwich. The Apple Pay ecosystem described in iOS Security is a collection of tightly integrated polished pieces: Secure Element, Secure Enclave, NFC Controller, Wallet and Apple Pay Servers, all wrapped into a slick, easy to use UI with a final security wall of ‘secure intent’, a double-click side button hot-wired to the Secure Element. This approach has been so successful that people divide mobile payments history into pre-Apple Pay and post-Apple Pay eras.

NFC has been on Android far longer than iPhone, and ‘open NFC’ at that, but is far less successful capturing mobile payment users than Apple Pay. This is because Android device manufactures made the classic mistake of taking the ‘let’s take awesome NFC technology and figure out how we’re going to market it’ approach. Jennifer Bailey’s Apple Pay team choose the hyper focused Steve Jobs approach of starting with the customer experience and building backwards while asking: “what incredible benefits can we give the customer, where can we take the customer?” That choice made all the difference.

Apple Pay has a very simple rule: any card that loads a Java Card applet into their embedded secure element (eSE) has to reside in Wallet app. The maximum number depends on how many Java Card applets it can hold at any one time, the previous limit was 12, the iOS 15 Wallet limit is 16 cards. Developers have two ways to access iPhone NFC: 1) Core NFC framework for NFC operations that don’t use the secure element, 2) Secure Element pass certificates for NFC operations that need secure element transactions (payments, keys, ID, passes). Any developer who wants to run applets in the eSE has to apply for a PassKit NFC/Secure Element Pass Certificate. This is covered by NDA but a company called PassKit (not Apple) gives us an idea what Apple’s Secure Element Pass guidelines are:

Apple care a great deal about the user experience. Before granting NFC certificate access they will ensure that you have the necessary hardware, software and capabilities to develop or deploy an ecosystem that is going to deliver an experience consistent with their guidelines.

The end to end user experience, the whole reason behind the success of Apple Pay. But this gatekeeping is what riles banks and financial service providers who want to load their applets into the secure element without the Apple Pay gatekeeping, without the Apple Pay ecosystem and without the Apple Pay commission. They want to do their own transactions with their own app for free. This is what the EU Commission means when Vestager says: “Evidence on our file indicates that some developers did not go ahead with their plans as they were not able to to (sic) reach iPhone users.” It should read: when they were not able to reach iPhone users for free. Either the developer didn’t apply for a Secure Element Pass, didn’t pass the certification process, balked at Apple’s certification conditions, or couldn’t agree on Apple Pay commission rates.

Secure element gatekeeping is not new, it is an essential part of the secure element system:

A Secure Element (SE) is a microprocessor chip which can store sensitive data and run secure apps such as payment. It acts as a vault, protecting what’s inside the SE (applications and data) from malware attacks that are typical in the host (i.e. the device operating system). Secure Elements handle all sorts of applications that are vital to our modern digital lives…

Mobile Payments
Here, the Secure Element securely stores card/cardholder data and manages the reading of encrypted data. During a payment transaction it acts like a contactless payment card using industry standard technology to help authorize a transaction. The Secure Element could either be embedded in the phone or embedded in your SIM card.

Lifecycle management
It’s crucial that SE-embedded devices are secure throughout their lifecycle. That’s why Secure Elements need to have an end-to-end security strategy. It’s no use developing a robust security solution for a device which becomes obsolete after a period of use. This is why Secured Elements can be updated continuously to counter new threats.

What is a secure element?

Few people, especially a PayPal or EU Commission vice president, discuss the crucial secure element lifecycle management aspect. It’s not convenient for them to say the secure element ‘gatekeeper’ is responsible for keeping it secure. Far more convenient for their arguments to omit this, portray gatekeeping as unnecessary and gatekeepers as evil. In the end however, Apple has to maintain secure element updates from the various licensed secure element providers (EMV,FeliCa Networks, MIFARE, and so on) if secure payments are going to work at all This is what people who say, ‘it’s my device, we should be able to use NFC how we want,’ do not understand.

People also forget that nothing is free, you get what you pay for. With Apple Pay as gatekeeper, users get simplicity, innovation and feature updates. Simplicity: users get NFC they can use out of the box without Android-like NFC complexity such as secure element positions and obscure express mode settings.

Innovation: Apple Pay has features like Global NFC. iPhone and Apple Watch are the only smart devices that come with FeliCa built in as standard to use in Hong Kong or Japan, while Android limits functionality by market region. It’s astounding that Android, not even Google Pixel Android, has matched this basic functionality yet. We’re seeing more innovation as Ultra Wide Band (UWB) extends Wallet functionality to include ‘Touchless’ car keys and eventually, UWB enhanced automatic card selection as you approach the reader; more helpful than you might think.

Feature updates that, ‘just work’: the recent seamless Apple Cash switch from Discover to VISA, PBOC 2.0 flavored China T-Union transit cards, MIFARE Student ID, or the addition of in-app purchases and dual mode NFC for Japanese VISA card users when VISA JP finally buried the hatchet with Apple.

And the lesson? Apple Pay changed everything in the Japanese payments market, a catalyst that opened up competition and payment choices, for everybody. All boats rose together. It’s one of the most vibrant payment markets that Apple Pay operates in.

Japan is key to understanding what’s really going on in the Apple Pay monopoly debate. Japan was the first market with an established mobile payment platform in place, long before mobile EMV contactless payments took off in Europe. iPhone also has a much larger marketshare in Japan than it does in Europe. It’s a shame people pass up the opportunity to learn from the successes and failures here.

So what’s the EU Committee vision for ‘open NFC’? I think it’s a rehash of the secure element wars when carriers locked mobile payment services to SIM contracts. In 2013 Google incorporated SimplyTapp HCE (Host Card Emulation ‘secure element in the cloud’) technology as a NFC ‘workaround’ to ‘free’ NFC from the evil clutches of mobile carriers. Sound familiar? Android NFC has never been right since.

How little things change, swap ‘evil mobile carriers’ for ‘evil Apple’ and you have the same self serving ‘open’ vs ‘closed’ NFC chip nonsense that people are debating today. FeliCa Dude, the ultimate industry insider who has experienced it all, said it best: ‘It’s all eSE or nothing now.’

And yet we now have Île-de-France Mobilités (IDFM) turning back the clock, circumventing the eSE on NFC equipped Android devices and going all in with HCE for IDFM’s Smart Navigo service for Android. To me this says all you need to know what European priorities are regarding the ‘open NFC’ model: eliminate eSE gatekeepers by forcing the less secure network dependent HCE as a required option. Good luck with that. From a transit perspective, based on Mobile Suica user experiences, I don’t think HCE Smart Navigo will be a smooth ride.

The EU Committee ‘open NFC’ vision might look ideal…to Apple Pay competitors. Regular users however, will have to deal with the ugly reality of multiple NFC apps, multiple NFC secure element modes and clashing updates that cancel out NFC services. Apple Silicon eSE space is limited to 16 cards. If that sounds like a lot now, wait until you have credit cards, transit cards, home, car and office keys and ID installed along with ‘open’ NFC apps wanting their own eSE space too. Services will be squeezed out forcing the user to intervene. If the EU Committee thinks this environment fosters competition and innovation while growing mobile payment use, dream on.

Japanese tech journalist Junya Suzuki has covered NFC mobile payment developments in Europe, America and Japan for over 2 decades. He doesn’t think the EU is playing an even hand here, in his opinion Samsung and Huawei would never face the scrutiny that Apple now faces. In typical European cultural fashion, EU motives pay lip service to fair open markets while playing an underhanded game of chess to make Apple do what EU banking interests want Apple to do. In other words, a double standard.

What does Apple need to do?
I’ve always said that Apple needs to make the Secure Element Pass application process as transparent as possible. Keeping the blackbox NDA process as it is now makes Apple Pay a target, increasingly difficult to defend the status quo. Secure Element access on the level of Core NFC is a long shot, the very definition of a secure element means there has to be a developer certification process similar to EMVCo, FeliCa Networks, MIFARE, Calypso Networks Association, etc., that protects the privacy and business interests of all parties. But it would be great if there is a middle way where Apple can securely open things up for iPhone as a digital wallet, and iPhone as a payment terminal. We’ll see if Apple has anything to say about the subject at WWDC22.


Recommended reading: Ruimin Yang’s wonderfully detailed analysis, “Apple Pay monopoly, are we really comparing ‘Apples’ with ‘Apples?“outlines the entire Apple Pay system architecture, how it compares to other digital wallet platforms, (Google Pay, Samsung Pay) and what ‘open vs closed’ means in the ‘Apple Pay is a monopoly’ debate.

The digital wallet service suspension front line

That was quick. When I made the above table for mobile wallet chokepoint, there was no indication we’d get EMV confirmation so quickly. Many were quick to applaud sanctions against Russia to stop the war with Ukraine, and while stopping war is always the right thing to do, hurting citizens is never the right thing to do. Turning off basic digital wallet services should give people pause. What is easily done in one place can be easily done anywhere.

It’s also not clear cut how it is being done. Is Apple turning off select Russian bank services in Wallet or turning off select payment applets in the Apple Pay secure element, or turning off Wallet for Russian Apple ID users? Most likely the first but there’s no way to be sure and there is no way that Apple or Google will ever tell us.

Long lines at Moscow Metro transit gates are not so clear cut either. Open loop isn’t standard on all transit gates, most them being Troika transit card only, and according to a Twitter follower, physical Troika card only, not Google Pay/Samsung Pay Troika which only rolled out recently. If so this suggests the (so far only one) picture of long lines could be due to Troika system issues instead of Apple Pay/Google Pay/Samsung Pay, hacking, or something else.

VISA and mastercard soon followed and cut their services in Russia. Many people in Japan noted how easily all this happened and expressed their distrust, saying they would think twice about using digital wallet services from Apple and Google. Many also noted the importance of Japan having it’s own FeliCa technology and FeliCa based e-Money payment network

The value of non-EMV native payment networks controlled and operated by native companies should be clear to everyone by this point. Always, always have a backup plan. One thing is certain, warfare that attacks basic public service infrastructure like transit and digital wallets, far and away from any front line, is the new ugly reality.

Global NFC Google Pay will never happen

Let me rephrase that: Global NFC Google Pay will never happen because it depends on the device’s ability to run Osaifu Keitai apps.

To which I’ll add: because Google can’t be bothered building their own software stack in Android OS Google Pay that replaces Osaifu Keitai.

Osaifu Keitai is a smartphone only software stack that has not and can not be updated for the smart wearables era. This shortcoming is driving some interesting solutions, discussed in a recent Reddit thread lamenting that Pixel went cheap instead of deep…again.

Does the US version of the Pixel 6 Pro have FeLiCa / NFC-F?
This is the #1 reason I haven’t been able to move away from iPhones… I almost pre-ordered a 6 Pro today, but this is too much of a deal for me. Does anyone know if the US model will finally be compatible with FeLiCa (sic)?

Comment:
All Pixels sold in Japan since the 3 have Mobile FeLiCa NFC-F. However, Google Pay makes limited use of it. Unlike Apple Pay, Google’s implementation is limited to just a few apps in Japan. They are going to need to do a top-to-bottom overhaul of Google Pay to make this available worldwide. Not this year. But maybe as they integrate Fitbit and produce a watch, that might be the kick they need to make it work.

Reddit

Mobile FeliCa is installed and runs on Pixel models worldwide, however Pixel blocks the Osaifu Keitai stack from running except for Japanese models. Despite this stalemate on the Android side, we’ve seen a number of smart wearables with Mobile Suica released over the past year from Garmin and Fitbit. We’re also seeing signs that Suica support is coming to Wear OS. From a reader:

Suica appears to finally be coming to Google Pay for Wear OS. There’s strings like “FeatureRolloutsModule_ProvideSuicaSupportedonWearValueFactory,” “WearSuicaCard,” and “WearSuicaProvisioning” in the newest APK.

Wear OS, Garmin and Fitbit do without Osaifu Keitai by using Mobile Suica Lite which runs on Mobile FeliCa Cloud. This is fine for wearables but it does leave a service gap, Osaifu Keitai devices gets the full array of FeliCa services but wearables get a subset. This begs the question, what is the future of Osaifu Keitai when it’s limited to smartphones? Apple does without it which is why both iPhone and Apple Watch seamlessly deliver the same full set of Wallet services.

Only when Google does a top to bottom overhaul of Google Pay that replaces its current dependence on Osaifu Keitai can Global NFC Google Pay ever happen and allow Google to deliver a Pixel family of devices from smartphone to wearables, that truly rival Apple, feature for feature. We need that.

Google’s previous effort, the ill-fated Android Pay HCE NFC-F, along with cheap over deep premium Pixel devices, doesn’t instill confidence that Google cares about getting it right.

Apple Pay Japan 5 Year Mark: All of This and Nothing

Suica was the centerpiece of the Apple Pay launch in Japan October 25, 2016

October is Apple Pay month in Japan. Today, October 21, we have the Apple Pay WAON and nanaco launch. October 2020 saw the Apple Pay PASMO launch ceremony attended by Apple VIPS. October 2016 was the biggest launch of all. This month marks the 5th anniversary of Apple Pay in Japan that launched with the FeliCa enabled iPhone 7 and the iOS 10.1 update. The initial rush to add Suica to Wallet was so great that it brought down both Apple Pay and Mobile Suica servers for several hours. Junya Suzuki, the best journalist in Japan covering digital wallet payments and technology, predicted that Apple Pay would be the ‘Black Ships‘ inflection point catalyst in Japan that would change everything. He was right. Everything has changed.

I tried to think of something smart and elegant or throw together some market data numbers that explain the transformation Apple Pay facilitated in Japan, but it comes down to this picture, a crazy kaleidoscope of contactless payment choices at the local post office. That’s as mainstream as one can get.

Payment options at the Japanese post office

The post office payments menu doesn’t have an Apple Pay logo but EMV brand cards at the top are Apple Pay, FeliCa cards in the middle are Apple Pay, shitty pain-in-the-neck-launch-an-app code payments at the bottom are not Apple Pay…and yes, you can still pay with cash if you need to. This crazy variety, by western standards, is the reason why Japanese Wallet users are excited about the new 16 card iOS 15 Wallet limit, they want to add more cards and 12 was not nearly enough. We have Apple Pay to thank for this overflow of payment options. Even though Apple Pay logo isn’t anywhere to be seen, Apple Pay is reason why so many contactless payment choices exist and why they are mainstream. This is the Apple Pay Japan transformation.


A timeline of changes and challenges

  • October 2016: Apple Pay launches in Japan with support for Suica (compatible with the Transit IC transit and payment network), iD and QUICPay payment networks (American Express, JCB, Mastercard, VISA).
  • September 2017: Global NFC on iPhone 8, iPhone X, Apple Watch 3 supports dual mode cards and seamless EMV and FeliCa NFC switching. Japanese users can make payments internationally with their Japanese issue cards on EMV payment terminals, and FeliCa payment terminals at home. Mobile PASMO trademark registered.
  • 2018: Carrier code payments services launch as cashless momentum grows, iOS 12 Wallet adds MIFARE support for Student ID, May: NTT docomo dBarai, October: SoftBank PayPay.
  • 2019: Japanese Government Cashless Consumption Tax Rebate Program
  • October 1, 2019 through June 30, 2020. The aim of the program is to encourage cashless purchases and increase cashless use up to 25% of all purchases by 2025. To do this the program offers up to 5% tax rebates for cashless purchases made at middle~small businesses and also offers merchant subsidies for installing cashless checkout systems. This is a prescient inflection point as COVID proves to be huge catalyst for going cashless, far more than a normal Tokyo Olympics would even have been.
  • 2021: Apple Pay WAON and Apple Pay nanaco eMoney cards launch, VISA Japan adds Apple Pay in-app purchase support and NFC dual mode switching. This completes the Apple Pay lineup. The Tokyo Olympics didn’t turn out to the big crowd contactless driver the industry expected. Nevertheless market surveys indicate that cashless payment use in Japan has already passed the 25% target.

Japan was a very unique case, the most unique but don’t make the mistake of dismissing it as an outliner. It was way ahead of the curve with important lessons beyond the tired old meaningless FeliCa vs EMV winner-loser debate. Japan already had the extensive and mature Osaifu Keitai mobile wallet platform that launched in 2004, built on the Sony and NTT docomo created Mobile FeliCa standard, long before EMV grafted NFC on their chip and issued contactless credit cards.

The Apple Pay that launched in 2014 was exclusively EMV as credit cards were the best start point, but Apple was already hard at work adding FeliCa, MIFARE and other NFC based transaction protocols as standard in the secure element hosted on Apple Silicon. The result was first seen in 2016 iPhone 7 and Apple Watch 2 in Japan, with Apple Pay Suica, Express Transit and direct Wallet transit card adding as the centerpiece launch strategy, all firsts.

This was an extremely shrewd move. The Japanese public was well versed using Suica for transit and quick purchases. The impact of choosing the Tokyo area based Suica as the start point, coupled with the convenience of anywhere, anytime Apple Pay recharge, supercharged Suica and Apple Pay. They both grew quickly.

JR East factsheet: Apple Pay supercharged Suica growth

The full Apple Pay vision came into focus with the 2017 release of iPhone 8, iPhone X and Apple Watch 3, these were the first global NFC devices that worked everywhere. This was a complete break with the Android model of only selling FeliCa capable devices in Japan or Hong Kong. This is why any iPhone from anywhere can add and use a Suica transit card and Android devices cannot.

The most useful marketing survey covering Apple Pay use in Japan was a November 2018 survey and article from Japanese IT journalist Sachiko Watatani. At the time she found the following:

  • Only 27% of iPhone users who can use Apple Pay use it
  • 50% don’t use Apple Pay but are interested in using it
  • 22% don’t use Apple Pay and don’t care about using it

The middle 50 is the most interesting aspect, there has certainly been migration to the Apple Pay use bracket since COVID hit. Other interesting data points: 34.4% use Apple Pay daily, 24.9% use Apple Pay every 2~3 days, 37% use it for public transportation, 69% use it for convenience store purchases. This last one is the classic Apple Pay Suica (and now also PASMO) sweet spot: quick small on the go purchases without Face • Touch ID, courtesy of Express Mode. With COVID and Face ID with face masks, that sweet spot is sweeter than ever.

The secret of success and important lesson
That is all well and good, but how did Apple Pay spearhead this market change? Apple Pay proved to be a great neutral platform for payment players to both play on and play off from. But that’s not all, there is a vital point that most people miss. The secret of Apple Pay Japan’s success was that it shifted the user focus and experience away from the Osaifu Keitai app model where different NFC services are scattered across many different apps, to a simple ‘just add the card’ in Wallet where everything ‘just works’ without apps. Complexity vs simplicity; it was this simplicity that ultimately won out because most users don’t want to deal with setting different services in a bunch of apps. It was this simplicity of the Apple Pay user experience, combined with Global NFC Apple Pay as standard across the board on all devices and price points, that drove the Japanese payments transformation that Osaifu Keitai could not with its complexity and exclusivity that pigeonholed it as a high end option instead of a standard feature.

This is the lesson of Apple Pay in Japan that other markets would do well to study. Lots of different apps offering NFC services doesn’t drive user uptake, centralized simplicity with an easy to use UI drives user interest and use, ‘it just works’ standardization. It is this centralized simplicity that is driving user interest in iOS 15.1 Vaccination Certificate Wallet support and driver’s license ID. The EU and Australia are determined to force Apple to make iPhone NFC ‘open‘ and move everything to the app centric model. If their intention is to drive user uptake, the Japanese market experience proves otherwise. Good luck with that. To most westerners the value of the Japanese mobile payments experience will remain utterly lost, like that old Psychedelic Furs song whine line, “You didn’t leave me anything that I could understand.”

The Crowd Cast cashless map illustrates the rich variety of Japanese payment platforms, some code payments players like ORIGAMI no longer exist

Looking ahead
Where does Apple Pay Japan go from here? Rakuten Edy, the very last holdout, will certainly join the lineup soon enough. iOS 15 Wallet has shifted the focus from payments to keys and ID. Expect to see to some digital key action later this year. On the ID side the Japanese Ministry of Internal Affairs and Communications (MIC) has said they are in discussions with Apple to bring the digital My Number (Japanese Individual Number) Card to Wallet, hopefully soon after it launches on Osaifu Keitai in March~April 2022.

The value of having a digital My Number ID in Wallet is that regions want to promote special services and discounts tied to a resident address. That way local governments can promote differently tailored discounts and campaigns for locals and visitors. JR East for example, is planning to use My Number Card for MaaS transit discounts that promote regional economies. When a payment is made with Suica, the appropriate discount kicks in with the My Number Card verification. The My Number Card + digital payments concept is similar to the 2019~2020 Japanese Government Cashless Consumption Tax Rebate Program. The promise of getting local area based discounts for using transit or buying stuff with Apple Pay is one of the most practical use case scenarios for digital My Number Card that I can think of.

Farther out we might see development of ‘Touchless’ transit gates that incorporate Ultra Wideband technology which is already being used in iOS 15 Wallet for Touchless car keys. It would be cool to simply walk through the gate iPhone in pocket, with Suica taking care of business. I was recently reminded that UWB enhanced gates would greatly benefit those with disabilities. I saw young man in an electric wheelchair going through a JR East station manned gate, the station attendant was holding the reader out for him to tap but his movement was limited. It was difficult for him to hold his iPhone to the Suica reader. A UWB gate would let him zip through unattended at any touchless gate, that’s what barrier free should be about. When you think about it, QR Code apps for transit are just cruel for handicapped users.

Next generation JR East transit gates are wheelchair friendly but UWB touchless gates are the best ‘barrier free’ solution for users with limited mobility.

On that note…despite all the hand wringing over the rise of code payment apps, even as Apple is flirting about adding code payments to Apple Pay, Japan will continue to be a fascinating place to observe contactless payment trends before they appear in other markets. And even though Apple Pay Japan has lost the cool factor that peaked in 2018 and become mundane, that’s okay. Apple Pay in Japan will continue to be the payment service where you can do things that you cannot do with Apple Pay in any other market. That sounds like fun to me and I look forward to the next 5 years of Apple Pay Japan and hope to write about digital wallet developments…occasionally. Since COVID hit blog traffic has collapsed to the point where I think it might be time to change gears. We shall see.

Until next time stay safe and have a good cashless…er you know what I mean.


Apple Pay Japan Comments
Some reader and net comments about using Apple Pay Japan through the years. Tweet or email if you have any experiences you’d like to share and I’ll add them here.

Apple Pay Suica is so convenient it made me wear my watch on my right wrist

The last 2 times I was in Japan, I used Apple Pay with Suica. It is miles ahead of what we have in Singapore, in terms of speed, feel, and experience. And best of all, no app download required!

I changed from Android back to iOS in 2017 mostly due to being able to use Mobile Suica…And this is the real reason I still have to educate people coming to Japan about mobile Suica and putting a debit card into ApplePay and never need an ATM for most things here…Also stop with “Japan is a cash driven society” tropes. I go for weeks not using bills and coins here.

Comment regarding code payment apps vs NFC: Imo Apple and Google Pay are all a payment system needs: it’s quick, easy, and doesn’t require looking like a clown trying to scan a code…Imagine having to scan a code to pay for Suica, it would be a nightmare.

I have no idea why Apple Pay isn’t more widely supported over here. I usually just try and use Suica on my Apple Watch for most things.

The true value (of Apple Watch) is in Apple Pay and Express Transit card. If your city support it especially the latter, it’s a tremendous value.

Truth to be told, I’ve been a user of Japan’s Apple Pay almost since it came out, even thought I don’t live there haha. As a Software Engineer I always was amazed how Japan had a contactless system that you can use seamlessly on transport or store purchases.

It might sound trite, but I am still happy and amazed every time I use Suica on my iPhone. It has been a long road from Edy and Mobile Suica to this point. The next thing for me would be export of my spending for tracking. Not through Suica, but from iOS. And I really wish more Japanese businesses used the Apple Wallet for (reward) cards. When it first debuted I imagined finally getting rid of all my store cards, but it never happened.

When I was in Japan in November, when I looked up my destination via Apple Maps, I got seamless linked to buy a SUICA for my Apple Wallet direct from my credit card. It was pretty slick – 10 second transaction and I had a SUICA in my Apple Wallet.

The best way to use Suica Card on Android devices is to simply buy a new iPhone…

Suica on Watch is just superb. Even better when worn on right hand.

Two great things about my iPhone XS when traveling in #japan: first, SUICA public transport card in Apple wallet and you are able to charge them via Apple Pay wherever you are and second the dual SIM feature to get a traveller SIM like #Ubigi into your phone easily.

Twitter question: Japan peeps, what are your fave “cashless” payment apps? What do you consider the most convenient/useful?

Twitter answer: Suica wallet. Everything else is fucking shit

I want more reward point card support in Wallet that’s easier to use than it is now and supports movie tickets too.

One more for the road: Ken Bolido’s wonderfully informative Apple Pay Japan intro video from 2019

The Weekly #4

August 8, 2021

Pixel 6 Tensor and the secure element

After many years of rumors Google finally unveiled their custom silicon, though details won’t be known until Pixel 6 devices go on sale. Dieter Bohn wrote:

Tensor is an SoC, not a single processor. And so while it’s fair to call it Google-designed, it’s also still unclear which components are Google-made and which are licensed from others. Two things are definitely coming from Google: a mobile TPU for AI operations and a new Titan M2 chip for security. The rest, including the CPU, GPU, and 5G modem, are all still a mystery.

Ever since Pixel 3 models went on sale in Japan with Mobile FeliCa support, inbound Pixel users have been pining for the same global NFC feature that iPhone and Apple Watch have, but it hasn’t happened. Here’s why.

On the NFC hardware side everything has been ready to go on all smartphone hardware for years because NFC A-B-F support is a requirement for NFC certification. The problem has been on the SE side, the black box where all the transaction magic happens. From GlobalPlatform the SE certification organization:

A SE is a tamper-resistant platform (typically a one chip secure microcontroller) capable of securely hosting applications and their confidential and cryptographic data (for example cryptographic keys) in accordance with the rules and security requirements set by well-identified trusted authorities.

There are different form factors of SE: embedded and integrated SEs, SIM/UICC, smart microSD as well as smart cards. SEs exist in different form factors to address the requirements of different business implementations and market needs.

GlobalPlatform Introduction to Secure Elements

SE Wars
In the pre-Apple Pay mobile carrier hardware era, carriers used SE SIM or a embedded Secure Element (eSE) + carrier SIM combo that chained customers to service contracts for the privilege of using mobile payments. This is the classic Osaifu Keitai model pioneered by NTT DOCOMO: an overpriced carrier SIM contract to use mobile payments only with select carrier handsets.

This carrier lock in model is one reason why Mobile FeliCa ended up being ridiculed as ‘galapagos technology’ even though everybody else copied it. This carrier SE SIM hostage situation, i.e. the Mobile Wallet SE Wars, led Apple and Google to follow different strategies to address the problem.

The Apple Pay Way
Apple’s answer of course was Apple Pay. A unique in-house strategy of putting a GlobalPlatform certified Secure Element in Apple Silicon. Most eSE go on the NFC controller, but doing it the Apple in-house way has advantages over a NFC chip vendor bundle: control of the eSE applets and ability to update them and the Apple eSE for new protocols in iOS updates. We saw this in action with the addition of FeliCa in 2016, PBOC in 2017 and MIFARE in 2018. We are seeing it again with the addition of Ultra Wideband (UWB) Touchless in iOS 15.

The Google Pay Way
Google’s answer to the carrier owned SE problem was a convoluted evolution from Google Wallet (2011) to Android Pay (2015) and finally Google Pay (2018). Google’s first salvo was Host Card Emulation (HCE): “NFC card emulation without a hardware secure element” a virtual secure element hosted on Google’s cloud or in an app. Later on Google attempted to do the same for FeliCa with HCE-F.

The HCE strategy was quietly abandoned when Google decided to get into the hardware business and Android Pay turned into Google Pay. Now we have Google Pay running on Google Pixel with its own embedded Secure Element (eSE). With Pixel and Google Pay, Google decided they didn’t want to be the Secure Element provider for every Android OEM out there especially when the Chinese OEMS are all rolling their own eSE based digital wallet services anyway, completely ignoring HCE. Sure, HCE/HCE-F is still there in Android developer documentation but it’s a vestigial relic of the SE wars. From an industry standpoint it’s eSE or nothing now.

Google Pixel models up to now have used vendor bundled eSE + NFC controllers with the Pixel JP models using the Osaifu Keitai software stack. This makes global NFC support more complicated because Google doesn’t ‘own’ the eSE and the software stack, at least not in the Apple sense of making their own all in one solution. As we have seen, Mobile FeliCa is installed on all Pixel 5 models but the Osaifu Keitai stack only loads on JP models.

Will a Tensor SoC that contains a Titan M2 and a custom eSE solve this? It all depends on whether Google goes deep instead of cheap by stripping Google Pay of its dependency on the Osaifu Keitai stack and create their own region free support stack. If so, inbound Pixel 6 users will have the ability to add Suica and other FeliCa cards out of the box.


The PASPY organ transplant

As pointed out previously, the PASPY transit card transition from NFC to QR is not going to be easy. Not only does HIroden have to swap out the basic technology infrastructure, they also have to swap out their IT system integrator partners. The PASPY system was built and is currently managed by NEC with the last server upgrade completed in 2014. A quick look at the system map illustrates the pain points that including swapping out the NFC reader infrastructure in trolleys and buses and replacing it with QR readers with mobile connectivity, a requirement because of central processing. There will also be a lot of pain for wide area commuters because going QR means cutting the cross compatibility cord with ICOCA, Suica, etc.

The mobile connection means a mobile operator has to be involved to make it work. The likely IT system candidate here is the same one behind all the QR transit systems in Japan so far: SoftBank backed QUADRAC. The PASPY QR replacement is expected to be closed loop, similar to the QR + smartphone app closed loop system being tested by Nankai. Too bad JR West can’t come to the rescue with a localized version of the Suica 2 in 1 Region Affiliate Transit Card, but that’s another story for another time.


To eSIM or not to eSIM

eSIMs are great in theory, unfortunately the current reality for Japanese customers is less than ideal even thought the Japanese Ministry of Internal Affairs and Communications (MIC) is promoting them over traditional physical carrier SIMS and issued eSIM guidance. In addition to this carrier SIM locked devices will not be allowed from October. Of the big three carrier budget brands: NTT DOCOMO (ahamo), au KDDI (povo), SoftBank (LINEMO), only LINEMO and povo offer eSIM options. DOCOMO says they are thinking about it but for now ahamo is a physical SIM service because DOCOMO says eSIMS are not as secure as physical SIMS.

A recent article by Masao Sano outlined the eSIM situation in Japan and current obstacles for customers. The online signup process and device setup isn’t always smooth going and first time customers sometimes have to deal with unlocking their carrier device, APN settings, network authentication codes, profile installations and so-on. The eSIM process needs to be easier and user friendly. The good news is that unlocked carrier phones will be standard soon along with better eSIM option plans and migration setup. Once ahamo adds an eSIM option the next step will be taking it mainstream for major brand carrier contracts.


Apple Music finally sorts Japanese artist names correctly

Congratulations Naoko! You and all your fellow Japanese artists on Apple Music were finally liberated from the # sorting section and now live in 五十音 (Gojūon) splendor in iOS Music App. A very long wait though wasn’t it? Six years!

Seriously though I wonder what took Apple so long to fix most, but not all, of their Japanese music metadata mess. Not a moment too soon as the old reliable iTunes Match service seems to be on its last legs and the macOS Music app replacement for the old reliable iTunes app is completely useless for organizing a digital music collection: Apple Music and iCloud Music library have a mind of their own.

Truth be told, I had more fun collecting and listening to music on iTunes + iPod than discovering music on Apple Music + iPhone. For some strange reason, less is sometimes more.


The Weekly will be taking a summer break the weeks of August 9 and 16 and resume the week of September 1. Take care and enjoy the rest of the summer.