The mobile wallet chokepoint

I ran across an untidy but interesting Twitter thread that mentioned Apple Pay Suica in the larger context of evolving NFC smartphone services.

Suica (Metro card / digital money in Japan) now lets you transfer the card to Apple Pay. Some thoughts about the future of FOBs, cards, and wallets…You use NFC to transfer your Suica by tapping the card with your iPhone, the same way you’d tap to use Apple Pay.
Devices support some kinds of NFC but not others. Until now, you couldn’t tap to use credit cards — it was blocked by the device.
But this is changing! Apple will support card payments now, in an app that IT will make & provide to vendors. This lets Apple compete in new hardware markets: first phones, now point-of-sale, payments, inventory mgmt, etc.
Physical cards are on the way out. But not everyone is on-board. FOBs, subway cards, ID cards, drivers licenses, and building security cards have been slow adopters of mobile. I’d love to copy my building FOB to my phone 😁 There’s nothing stopping me other than that I can’t.
Apple is moving into those markets….Airports, Driver licenses (in 30 / 50 US states). How far this tech goes & the speed of adoption depends on iOS, Android, and the people at ID / security / FOB / card companies adopting the change. They may need help! And there may be startup potential in that space… if anybody is interested!
Twitter thread

The intention was discussing the implications of Apple’s recent Tap to Pay on iPhone announcement, but it stumbled over a rarely discussed but vital point about the extremely slow migration of various physical card services to mobile devices. Why can’t we just load these in Wallet…all the technology is in place right?

The mobile chokepoint is not technology but the backend systems to seamlessly deliver, verify and securely manage individual ‘card’ services (payment cards, transit cards, ID cards, keys, etc.) in digital wallets. Those systems are not up to the job. You can be sure that Apple wants to get iOS 15 ID in Wallet driver licenses out quickly as possible but corralling all those state run systems into a coherent user friendly whole that holds up to the high expectations and massive base of iPhone users eagerly waiting to use it, is a very big challenge. It’s a similar challenge behind every kind of digital wallet service.

This backend weakness is easy to see with transit cards, there are relatively few on mobile with most of the cards exclusive or limited to certain digital wallets like Apple Pay and Samsung Pay. There are special challenges too as a mobile transit card service hosts all the functions of ye olde station kiosk card machine (card issue, adding money, pass renewal, etc.) and more, on the cloud, pushing it out to apps and connecting to digital wallet platforms like Apple Pay.

Despite the challenges, the rewards for going mobile are clear. If there is one lesson Apple Pay proved in Japan with Suica it is that building a mobile foundation early on is key to future success. Mobile laggards like Hong Kong Octopus have paid a heavy price. Unfortunately for regions where transit is operated as a public service instead of a sustainable business, spending money building transit card mobile service systems is often considered an extravagance.

This is why open loop is popular as means to get out of the plastic smartcard issue business and get mobile transit service for free using EMV contactless VISA-mastercard-AMEX payment networks. Like many things in life, free is never free.

Banks have had an easier path to mobile thanks to the strength of EMV payment networks, but only on the payment transaction end. Mobile card issue is another matter up to individual banks. Look at the Apple Pay participating bank list for the United States. The long list didn’t happen overnight. It has taken years for mobile backend systems to be put in place to make this happen.

It’s all about the backend
A sadly overlooked aspect of the Japanese market is the crazy collection of contactless payment options: Suica, iD, QUICPay, WAON, nanaco, Edy, PayPay, LinePay, dBarai, VISA-mastercard-AMEX Touch payments and more. The reason for this is Japan’s early lead in creating the first mobile payment platform, Osaifu Keitai, in 2004.

Not everybody used Osaifu Keitai early on, but it grew the mobile payments foundation so the market was ready for new mobile payment platforms when Apple Pay launched in 2016. More importantly, the early lead also meant that bank card issuers, payment networks and transit companies had backend systems firmly in place servicing a large installed base of various digital wallet capable handsets (Symbian) and smartphones (Android) that quickly extended to Apple Pay and Google Pay.

The backend flexibility is easy to see on the Mobile Suica page that shows all the different Mobile Suica flavors: Android (Osaifu Keitai), Apple Pay, Google Pay, Rakuten Pay. Mobile Suica is also on Garmin Pay, Fitbit Pay and is coming to Wear OS.

A user is surprised by all the Mobile Suica device choices

Mobile issue and verification
Adding a ‘card’ to a mobile wallet is sometimes called ‘onboarding’, but this is really a banking term: “digital onboarding is an online process to bring in new customers,” as in setting up a payment account and getting an instant issue debit or prepaid card to use in Wallet with an app, or using the app for QR Code payments (like PayPay or Toyota Wallet).

Success or failure for any mobile wallet card service depends on reliability, simplicity and the speed for adding cards and using them. From VISA:

When it comes to digital onboarding, the average amount of time after which customers abandon their application is 14 minutes and 20 seconds. Any longer than this, and 55 percent of customers leave the process.
How to boost your customer’s onboarding experience

There is also context. Futzing for 14 minutes might apply for people setting up a bank app, but a transit app user trying to get through a ticket gate at rush hour is a completely different matter. Judging from the large number of negative Suica App user reviews and complaints on twitter, Japanese transit users probably give it 2 minutes before giving up and calling it all crap. Speed is the key.

How long does it take?
The speed of adding a card to Wallet depends on a number of factors, what kind of wallet service are we dealing with (car key, hotel key, home key, office key, payment, transit, ID), does the user need an account first, can a physical card be transferred, what kind of user verification is required.

User verification with digital credentials is still in its infancy which is why driver’s licenses and state IDs in Apple Wallet is fascinating and important. How does one authenticate their own ID card? Apple explains the process but doesn’t say how long verification takes or reveal backend details:

Similar to how customers add new credit cards and transit passes to Wallet today, they can simply tap the + button at the top of the screen in Wallet on their iPhone to begin adding their license or ID… The customer will then be asked to use their iPhone to scan their physical driver’s license or state ID card and take a selfie, which will be securely provided to the issuing state for verification. As an additional security step, users will also be prompted to complete a series of facial and head movements during the setup process. Once verified by the issuing state, the customer’s ID or driver’s license will be added to Wallet.

The verification process is similar to the recent addition of Mobile Suica student commuter pass purchases where students take a picture of their student ID and upload it. Online verification takes ‘up to 2 business days’ because Mobile Suica has to manually verify the ID information with the school. Hopefully the Face ID setup-like ‘additional security step’ is the magic iPhone ingredient for instant verification by the state issuer. However notice that Apple doesn’t spell out where the face and head movements are stored. Hopefully it will stay in the Secure Enclave and never be stored on a server. We shall see when ID in Wallet launches with the iOS 15.4 update.

As you can see from the table below, the journey from backend system to Wallet varies widely by the type of service. The easier additions are the ones done in Wallet app: card scans for payment cards and ID or simply tapping to add transit cards.

Physical card scans are the primary way to add payment cards but this is changing, apps will replace plastic card scans over time. In Japan there are a growing number of ‘instant issue’ credit/debit digital cards from top tier banks that can only be added to Wallet with an app and account. Digital onboarding is the direction banks are going, where everybody has to go to an app first to add a card to Wallet. This leaves transit cards as the only card that can be added without an app or account.

Who owns the thing in Wallet?
Physical keys, fobs and plastic cards may seem inconvenient at times but they are personal property we carry on our person. One downside of digital wallets is that convenience carries a risk that the thing in Wallet isn’t necessarily ours. What is added with a simple tap can also be taken away by a technical glitch, or in a worst case scenario, without our consent. As backend systems improve and integrate, more services will migrate to our digital wallets. Without doubt much of this will be convenient but read the fine print and always keep your eyes open to the tradeoffs and risks. In other words don’t let your digital wallet be a potential chokepoint of your life.

The digital wallet endgame should never be like this

The Apple Pay whipping post

I suppose I should care about the latest ‘Apple Pay is evil’ brouhaha piece by CNBC “Apple is sticking taxpayers with part of the bill for rollout of tech giant’s digital ID card” by Hugh Son and Kif Leswing which appeared more or less at the same instant as “What Apple’s Secret DMV Contracts Tell Us” on Jason Mikula’s Fintech Business Weekly Substack newsletter.

But I don’t. In this age of shut up when we tell you to shut up big corporate and social media, I get suspicious when east coast journalists start trolling a big new ‘scoop’ at the same time. Why now and why these guys? Why do they ask the same questions? Do they hang out at the same bar and share story notes, or did somebody feed them the story and the sources? Both pieces outline some of the agreements Apple made with states and the restrictions/conditions Apple has in place to provide ID in Wallet for driver’s licenses.

When a story like this breaks from multiple outlets just before a service launch, and there is every indication Apple plans to release ID in Wallet with the iOS 15.2 update, I smell somebody’s agenda. A somebody who wants to upend Apple Pay’s ID in Wallet launch cart. This is the way to do it.

As Mikula is a former Goldman Sachs guy where he learned how to fleece things, he provides important context to the story that CNBC does not:

Multiple ID verification (“IDV”)…is big business — according to a company in the space, Mitek Systems, it was worth an estimated $7.6 billion in 2020 and will grow to nearly $16 billion by 2025. Socure, a company offering IDV services, just raised $450m at a $4.5 billion valuation — an increase in value of ~2.5x from earlier this year.
What Apple’s Secret DMV Contracts Tell Us

I wrote about iOS 15 ID in Wallet earlier this year:

There is another aspect to consider, one that Apple certainly won’t divulge: who manages and runs the backend centralized mobile ID issue service that plugs into Apple Pay servers…There has to be a partner service company that sub-contracts mobile ID issue services to participating state governments…somebody that does the heavy lifting of linking various state database servers to provide a centralized card issuing service so that Apple can provide a seamless ID add card experience. But it must be an independent entity that can provide the same set of backend ID issue services to other digital wallet platforms (Google Pay, Samsung Pay, etc.) at some point. Because if it is not an independent entity providing those services, Apple is inviting more claims that Apple Pay is a monopoly. It’s a mystery worth digging into.
Secrets of iOS 15 Apple Wallet

Beyond defining Digital Identity Credentials that are the key part of the ‘restrictive’ agreements between the states and Apple, there are no system details. Nada. Certainly nothing like the system diagram from the Japanese Ministry of Internal Affairs and Communications (MIC) English PDF document: First Summary Toward the Realization of Electronic Certificates for Smartphones, that outlines how the digital ID system architecture for the Individual Number Card (My Number) works. A white paper from Apple explaining how ID in Wallet works both on the device and in the cloud, is key to understanding how secure ID in Wallet is, and how restrictive the agreements are. Without one, Apple puts itself, and Apple Pay ID in Wallet at risk in the political environment that is state government contractor relations. Asking users to simply trust a black box doesn’t fly in this security risk adverse, privacy conscious age.

As nothing has been released yet, and we have no white paper or anything else from Apple, I think discussion is pointless at this point. Questions are a good thing but are CNBC and Mikula asking good questions? I think the sudden ‘we’re protecting the tax payers and good citizens’ angle is highly suspect when CNBC has been a highly partisan mouthpiece always on the side of establishment government and establishment corporate America… a media company who asked nothing about big pharma’s role in the COVID hysteria driven vaccination program for example, or why Pfizer etc. are exempt for any and all side-effects of their experimental vaccinations, all while demonizing the good citizens who want those questions asked.

After all, privatization of government services is so entrenched at this point nobody really questions it anymore. Wouldn’t it be better to ask why states want to sign up for ID in Wallet, what they want to get out of it and why, why, why? Could it be that states want a successful digital ID service people will actually use? Not sexy enough I guess. If you ask me, I think some government contractor in the IDV business, and their supporters, stand to loose out in a big way if ID in Wallet is a success and used some connections to slam a media outrage ball into Apple’s court. Let the games begin.

iOS 15 Apple Pay Wallet preview: the Express Mode difference

Express Transit Suica ruins the Apple Pay experience for using anything else. You want Apple Pay to work that way everywhere but it doesn’t. Most of the time we trudge along using Apple Pay Wallet with face mask Face ID authorization, although the Apple Pay experience on Apple Watch is a big improvement as well as being a trusted device for secure intent.

iPhone users in America are finally getting a taste of Express Transit en masse with the 2020 rollouts of Apple Pay for SmarTrip, TAP, Ventra and Clipper. Apple recently rebranded Express Transit as Express Mode on their new Wallet webpage (in Japanese it’s called Express Card). The branding change may seem trivial but it has bigger implications for first time users of new Wallet services in iOS 15, Express Mode goes places that Express Transit cannot: digital keys and digital ID.

These functions are not new of course, Express Transit cards and Student ID cards have been opening transit gates and doors these past few years. But Express Mode is for everyone and personal: your keys and badge to unlock your home door, unlock and start your car and get you into the office. With these refinements and additions it’s safe to say that iOS 15 Wallet finally delivers the digital wallet dream people have been talking about since 2010. Wallet can replace your wallet.

What’s new
Last year I covered ‘coming soon’ Ultra Wideband Touchless and Code Payment (codeword Aquaman) Wallet developments. The Code Payments feature is still waiting in the wings. Steve Moser kindly confirmed that Aquaman code references are alive and well in iOS 15 with minor changes but this post will focus on announced features. In the WWDC21 Keynote Apple Pay section Jennifer Bailey announced keys and ID. The Wallet features you get from the ones listed on the iOS 15 preview page depend on the device:

Car keys with Ultra Wideband support (shareable)
iPhones and Apple Watches equipped with U1 chip* (iPhone 11 and later, Apple Watch 6)

Car keys without Ultra Wideband support (sharable)
Home keys (shareable)
iPhone XS • Apple Watch 5 and later*

Office key
Hotel key
“Device requirements may vary by hotel and workplace.”

ID in Wallet
iOS 15 devices
watchOS 8 devices (the fine print: Not all features are available on all devices)

None of the new features will be available when iOS 15 launches. Expect them with the iOS 15.1 update or later. NFC Car keys launched on iOS 13 and iOS 14 in 2020.

The A12 Bionic • iPhone XS and later requirement for Wallet keys is easy to understand: Express Cards with power reserve. A12 Bionic (and later) powered NFC bypasses the iOS overhead with a direct connection to the secure element. It is vital that people can unlock car and home doors even when their iPhone battery is out of juice. Up to 5 hours of power reserve makes a huge difference, but only for iPhone. *Apple Watch supports Express Mode but not power reserve.

The bigger story is UWB because it is new technology that works with the Secure Element to create a whole new experience. Up to now the Secure Element was exclusively NFC. Not anymore, the Car Connection Consortium (CCC) Digital Key 3.0 specification “maintains support for NFC technology as a mandatory back-up solution.” Digital car key is first and foremost a UWB solution with NFC relegated to the back seat.

UWB connectivity adds hands-free, location-aware keyless access and location-aware features for an improved user-friendly experience…
3.0 addresses security and usability by authenticating the Digital Key between a vehicle and the mobile device over Bluetooth Low Energy and then establishing a secure ranging session with UWB, which allows the vehicle to perform secure and accurate distance measurement to localize the mobile device.
Car Connectivity Consortium Delivers Digital Key Release 3.0 Specification

NTT Docomo and Sony demonstrated UWB car keys in action last January running on Android Osaifu Keitai hardware. Sony (FeliCa) and NXP (MIFARE and UWB chipsets) have worked closely to extend both FeliCa and MIFARE into the UWB Touchless era. The CCC Digital Key specification is open to any Secure Element provider. UWB + Bluetooth Low Energy (BLE) is simply another radio communication layer in addition to NFC.

Diagram from Car Connectivity Consortium (CCR) Digital Key 2.0 White Paper, the recently released 3.0 spec adds UWB

Mobile FeliCa UWB Touchless diagram from NTT Docomo, NXP MIFARE works exactly the same way

This is significant as it opens up UWB to anything that currently uses the Secure Element and NFC. Apple has not spelled it out but suggest UWB might work with Home keys and there is no reason UWB cannot work with all keys, transit cards and Student ID. The WWDC2021 session video Explore UWB-based car keys is a great introduction and highly recommended viewing if you have any interest in the subject. The session is a bit unusual in that the discussion covers RF hardware and performance design more than software. It feels like the target audience is car manufacturers. There is a lot of detail to get lost in but here are some simple but essential points:

Secure Element improvements: the SE has always used unique keys for mutual authentication, this has been extended with ranging key deviation

Secure communication at a distance: UWB and BLE identifier randomization with secure ranging is an important security feature as UWB Touchless works over much greater distances than NFC reader tapping

Zones: the precise motion and positioning tracking of a paired UWB device with a unique key allows for ‘passive entry’ action zones, walking towards the car unlocks it, walking away locks it, etc. without any other user interaction

RF transceiver and antenna system design: is a deep and difficult art that echos the Suica creation story

JR East (Suica) and Hong Kong MTR (Octopus) have both said they are developing transit gates that incorporate UWB. This makes sense as Mobile FeliCa is now UWB savvy but after watching the WWDC21 session video I can only marvel at the complexity of the big picture because UWB is about mapping and using space and movement to perform an operation.

The engineers face countless problems and challenges to juggle in their quest to build a transit gate that delivers the same FeliCa NFC speed and reliability with UWB…at rush hour. They have to consider radiation patters, system latency and processing power, localization algorithms and much more. If they achieve their stated goal, 2023 could be a very interesting year for transit.

ID in Wallet
Lots of people are excited about the possibility of adding a digital driver’s license to Wallet but as 9to5 Mac’s Chance Miller wrote, we don’t know much about about it at this point. Actually in Japan we do. The Ministry of Internal Affairs and Communications (MIC) released an English PDF: First Summary Toward the Realization of Electronic Certificates for Smartphones with a diagram that explains their digital ID system architecture. MIC remarked back in November 2020 that they are in discussions with Apple to bring the digital My Number ID card architecture to Wallet. The Android version is due to launch in 2023 and will likely employ the Mobile FeliCa Multiple Secure Element domain feature described by FeliCa Dude (FeliCa using NFC-B instead of NFC-F). A similar basic architecture with different protocols and issue process will undoubtedly be used for adding digital drivers licenses.

The Privacy question
I’ll be very interested to see how ID launches in America this fall. Which outside partner company or companies are providing the service to participating states and running the backend? I suspect it will be something similar to Student ID with Blackboard running the service for participating universities. The biggest security question in my mind is who besides the TSA will use ID in Wallet, and more importantly, how? Some governments and transit agencies are pushing face recognition as a convenience in addition to security. My preference will always be for having my ID on my own Secure Element rather than somebody’s cloud server, an ID that I authorize with my own secure intent.

Wallet UI and usability improvements
Wallet App didn’t get the makeover that some users asked for, but there are are a few small improvements. Up to 16 cards can be added in iOS 15, up from 12 in iOS 14. Archived passes and multiple-pass downloads help make Wallet more useable and remove some housekeeping drudgery.

I finally got two WWDC19 Apple Pay Wallet wishes granted: (1) dynamic Wallet cards and (2) region free transit cards. Apple Card does UI things in Wallet no other card is allowed to do. As far as I know this first changed with Disney’s MagicMobile launch on iPhone, Jennifer Bailey calls them “magical moments when you tap to enter.” There are similar low-key card animations in Home key and ID cards. It’s a very small step but I hope Apple adds more over time than just sprinkling seasoning card animations. Done wisely, dynamic cards could improve Wallet usability that convey important card status and account information.

Wallet card animations are slowly making their way into the picture, but will they ever be more than silly pretty fun?

Region free transit cards means that users no longer have to change the iPhone • Apple Watch region setting to add a transit card. In iOS 15 Wallet you get the full list regardless of the region setting. It’s not perfect but it is less confusing than adding a transit card in iOS 14.

iOS 15 add to Wallet step 2 Available Cards English

Summary
The overall reaction to iOS 15 has been somewhat muted but there are lots of new details. Apple Pay Wallet additions for home keys, office key, hotel key and ID build on technologies that have been on the Apple Pay platform for some time but Apple is leveraging them in new ways.

The unveiling of UWB Touchless is important and cutting edge, that might revolutionize secure transactions. The next step not only for car keys but for transit and other services that up to now have been limited to NFC. And this time, unlike NFC, Apple is leading the way for UWB.

The bottom line is that UWB opens up a lot of possibilities for many current NFC based solutions. Expect UWB Touchless support for Wallet cards in the near future that use Express Mode in new ways, and new UWB based features for a much smarter Wallet.

UWB Gallery
Screenshots from the Explore UWB-based car keys session video

This foundation for UWB Touchless will be the same for next generation digital transit cards

Zones
Zones are is one of the exciting aspects of UWB Touchless, where functions are triggered by the simple act of walking towards or away from the car. It will be interesting to see how this is applied to UWB Touchless transit gates.