Featured

Apple Pay Japan 5 Year Mark: All of This and Nothing

Suica was the centerpiece of the Apple Pay launch in Japan October 25, 2016

October is Apple Pay month in Japan. Today, October 21, we have the Apple Pay WAON and nanaco launch. October 2020 saw the Apple Pay PASMO launch ceremony attended by Apple VIPS. October 2016 was the biggest launch of all. This month marks the 5th anniversary of Apple Pay in Japan that launched with the FeliCa enabled iPhone 7 and the iOS 10.1 update. The initial rush to add Suica to Wallet was so great that it brought down both Apple Pay and Mobile Suica servers for several hours. Junya Suzuki, the best journalist in Japan covering digital wallet payments and technology, predicted that Apple Pay would be the ‘Black Ships‘ inflection point catalyst in Japan that would change everything. He was right. Everything has changed.

I tried to think of something smart and elegant or throw together some market data numbers that explain the transformation Apple Pay facilitated in Japan, but it comes down to this picture, a crazy kaleidoscope of contactless payment choices at the local post office. That’s as mainstream as one can get.

Payment options at the Japanese post office

The post office payments menu doesn’t have an Apple Pay logo but EMV brand cards at the top are Apple Pay, FeliCa cards in the middle are Apple Pay, shitty pain-in-the-neck-launch-an-app code payments at the bottom are not Apple Pay…and yes, you can still pay with cash if you need to. This crazy variety, by western standards, is the reason why Japanese Wallet users are excited about the new 16 card iOS 15 Wallet limit, they want to add more cards and 12 was not nearly enough. We have Apple Pay to thank for this overflow of payment options. Even though Apple Pay logo isn’t anywhere to be seen, Apple Pay is reason why so many contactless payment choices exist and why they are mainstream. This is the Apple Pay Japan transformation.


A timeline of changes and challenges

  • October 2016: Apple Pay launches in Japan with support for Suica (compatible with the Transit IC transit and payment network), iD and QUICPay payment networks (American Express, JCB, Mastercard, VISA).
  • September 2017: Global NFC on iPhone 8, iPhone X, Apple Watch 3 supports dual mode cards and seamless EMV and FeliCa NFC switching. Japanese users can make payments internationally with their Japanese issue cards on EMV payment terminals, and FeliCa payment terminals at home. Mobile PASMO trademark registered.
  • 2018: Carrier code payments services launch as cashless momentum grows
  • 2019: Japanese Government Cashless Consumption Tax Rebate Program
  • October 1, 2019 through June 30, 2020. The aim of the program is to encourage cashless purchases and increase cashless use up to 25% of all purchases by 2025. To do this the program offers up to 5% tax rebates for cashless purchases made at middle~small businesses and also offers merchant subsidies for installing cashless checkout systems. This is a prescient inflection point as COVID proves to be huge catalyst for going cashless, far more than a normal Tokyo Olympics would even have been.
  • 2021: Apple Pay WAON and Apple Pay nanaco eMoney cards launch, VISA Japan adds Apple Pay in-app purchase support and NFC dual mode switching. This completes the Apple Pay lineup. The Tokyo Olympics didn’t turn out to the big crowd contactless driver the industry expected. Nevertheless market surveys indicate that cashless payment use in Japan has already passed the 25% target.

Japan was a very unique case, the most unique but don’t make the mistake of dismissing it as an outliner. It was way ahead of the curve with important lessons beyond the tired old meaningless FeliCa vs EMV winner-loser debate. Japan already had the extensive and mature Osaifu Keitai mobile wallet platform that launched in 2004, built on the Sony and NTT docomo created Mobile FeliCa standard, long before EMV grafted NFC on their chip and issued contactless credit cards.

The Apple Pay that launched in 2014 was exclusively EMV as credit cards were the best start point, but Apple was already hard at work adding FeliCa, MIFARE and other NFC based transaction protocols as standard in the secure element hosted on Apple Silicon. The result was first seen in 2016 iPhone 7 and Apple Watch 2 in Japan, with Apple Pay Suica, Express Transit and direct Wallet transit card adding as the centerpiece launch strategy, all firsts.

This was an extremely shrewd move. The Japanese public was well versed using Suica for transit and quick purchases. The impact of choosing the Tokyo area based Suica as the start point, coupled with the convenience of anywhere, anytime Apple Pay recharge, supercharged Suica and Apple Pay. They both grew quickly.

JR East factsheet: Apple Pay supercharged Suica growth

The full Apple Pay vision came into focus with the 2017 release of iPhone 8, iPhone X and Apple Watch 3, these were the first global NFC devices that worked everywhere. This was a complete break with the Android model of only selling FeliCa capable devices in Japan or Hong Kong. This is why any iPhone from anywhere can add and use a Suica transit card and Android devices cannot.

The most useful marketing survey covering Apple Pay use in Japan was a November 2018 survey and article from Japanese IT journalist Sachiko Watatani. At the time she found the following:

  • Only 27% of iPhone users who can use Apple Pay use it
  • 50% don’t use Apple Pay but are interested in using it
  • 22% don’t use Apple Pay and don’t care about using it

The middle 50 is the most interesting aspect, there has certainly been migration to the Apple Pay use bracket since COVID hit. Other interesting data points: 34.4% use Apple Pay daily, 24.9% use Apple Pay every 2~3 days, 37% use it for public transportation, 69% use it for convenience store purchases. This last one is the classic Apple Pay Suica (and now also PASMO) sweet spot: quick small on the go purchases without Face • Touch ID, courtesy of Express Mode. With COVID and Face ID with face masks, that sweet spot is sweeter than ever.

The secret of success and important lesson
That is all well and good, but how did Apple Pay spearhead this market change? Apple Pay proved to be a great neutral platform for payment players to both play on and play off from. But that’s not all, there is a vital point that most people miss. The secret of Apple Pay Japan’s success was that it shifted the user focus and experience away from the Osaifu Keitai app model where different NFC services are scattered across many different apps, to a simple ‘just add the card’ in Wallet where everything ‘just works’ without apps. Complexity vs simplicity; it was this simplicity that ultimately won out because most users don’t want to deal with setting different services in a bunch of apps. It was this simplicity of the Apple Pay user experience that drove the Japanese payments transformation that the complexity of Osaifu Keitai could not.

This is the lesson of Apple Pay in Japan that other markets would do well to study. Lots of different apps offering NFC services doesn’t drive user uptake, centralized simplicity with an easy to use UI drives user interest and use. It is this centralized simplicity that is driving user interest in iOS 15.1 Vaccination Certificate Wallet support and driver’s license ID. The EU and Australia are determined to force Apple to make iPhone NFC ‘open‘ and move everything to the app centric model. If their intention is to drive user uptake, the Japanese market experience proves otherwise. Good luck with that. To most westerners the value of the Japanese mobile payments experience will remain utterly lost, like that old Psychedelic Furs song whine line, “You didn’t leave me anything that I could understand.”

The Crowd Cast cashless map illustrates the rich variety of Japanese payment platforms, some code payments players like ORIGAMI no longer exist

Looking ahead
Where does Apple Pay Japan go from here? Rakuten Edy, the very last holdout, will certainly join the lineup soon enough. iOS 15 Wallet has shifted the focus from payments to keys and ID. Expect to see to some digital key action later this year. On the ID side the Japanese Ministry of Internal Affairs and Communications (MIC) has said they are in discussions with Apple to bring the digital My Number (Japanese Individual Number) Card to Wallet, hopefully soon after it launches on Osaifu Keitai in March~April 2022.

The value of having a digital My Number ID in Wallet is that regions want to promote special services and discounts tied to a resident address. That way local governments can promote differently tailored discounts and campaigns for locals and visitors. JR East for example, is planning to use My Number Card for MaaS transit discounts that promote regional economies. When a payment is made with Suica, the appropriate discount kicks in with the My Number Card verification. The My Number Card + digital payments concept is similar to the 2019~2020 Japanese Government Cashless Consumption Tax Rebate Program. The promise of getting local area based discounts for using transit or buying stuff with Apple Pay is one of the most practical use case scenarios for digital My Number Card that I can think of.

Farther out we might see development of ‘Touchless’ transit gates that incorporate Ultra Wideband technology which is already being used in iOS 15 Wallet for Touchless car keys. It would be cool to simply walk through the gate iPhone in pocket, with Suica taking care of business. I was recently reminded that UWB enhanced gates would greatly benefit those with disabilities. I saw young man in an electric wheelchair going through a JR East station manned gate, the station attendant was holding the reader out for him to tap but his movement was limited. It was difficult for him to hold his iPhone to the Suica reader. A UWB gate would let him zip through unattended at any touchless gate, that’s what barrier free should be about. When you think about it, QR Code apps for transit are just cruel for handicapped users.

Next generation JR East transit gates are wheelchair friendly but UWB touchless gates are the best ‘barrier free’ solution for users with limited mobility.

On that note…despite all the hand wringing over the rise of code payment apps, even as Apple is flirting about adding code payments to Apple Pay, Japan will continue to be a fascinating place to observe contactless payment trends before they appear in other markets. And even though Apple Pay Japan has lost the cool factor that peaked in 2018 and become mundane, that’s okay. Apple Pay in Japan will continue to be the payment service where you can do things that you cannot do with Apple Pay in any other market. That sounds like fun to me and I look forward to the next 5 years of Apple Pay Japan and hope to write about digital wallet developments…occasionally. Since COVID hit blog traffic has collapsed to the point where I think it might be time to change gears. We shall see.

Until next time stay safe and have a good cashless…er you know what I mean.


Apple Pay Japan Comments
Some reader and net comments about using Apple Pay Japan through the years. Tweet or email if you have any experiences you’d like to share and I’ll add them here.

Am lefty but even if I was not, would do the same for Apple Pay Suica on my watch😁

The last 2 times I was in Japan, I used Apple Pay with Suica. It is miles ahead of what we have in Singapore, in terms of speed, feel, and experience. And best of all, no app download required!

I changed from Android back to iOS in 2017 mostly due to being able to use Mobile Suica…And this is the real reason I still have to educate people coming to Japan about mobile Suica and putting a debit card into ApplePay and never need an ATM for most things here…Also stop with “Japan is a cash driven society” tropes. I go for weeks not using bills and coins here.

Comment regarding code payment apps vs NFC: Imo Apple and Google Pay are all a payment system needs: it’s quick, easy, and doesn’t require looking like a clown trying to scan a code…Imagine having to scan a code to pay for Suica, it would be a nightmare.

I have no idea why Apple Pay isn’t more widely supported over here. I usually just try and use Suica on my Apple Watch for most things.

The true value (of Apple Watch) is in Apple Pay and Express Transit card. If your city support it especially the latter, it’s a tremendous value.

Truth to be told, I’ve been a user of Japan’s Apple Pay almost since it came out, even thought I don’t live there haha. As a Software Engineer I always was amazed how Japan had a contactless system that you can use seamlessly on transport or store purchases.

It might sound trite, but I am still happy and amazed every time I use Suica on my iPhone. It has been a long road from Edy and Mobile Suica to this point. The next thing for me would be export of my spending for tracking. Not through Suica, but from iOS. And I really wish more Japanese businesses used the Apple Wallet for (reward) cards. When it first debuted I imagined finally getting rid of all my store cards, but it never happened.

When I was in Japan in November, when I looked up my destination via Apple Maps, I got seamless linked to buy a SUICA for my Apple Wallet direct from my credit card. It was pretty slick – 10 second transaction and I had a SUICA in my Apple Wallet.

The best way to use Suica Card on Android devices is to simply buy a new iPhone…

Suica on Watch is just superb. Even better when worn on right hand.

Two great things about my iPhone XS when traveling in #japan: first, SUICA public transport card in Apple wallet and you are able to charge them via Apple Pay wherever you are and second the dual SIM feature to get a traveller SIM like #Ubigi into your phone easily.

Twitter question: Japan peeps, what are your fave “cashless” payment apps? What do you consider the most convenient/useful?

Twitter answer: Suica wallet. Everything else is fucking shit

I want more reward point card support in Wallet that’s easier to use than it is now and supports movie tickets too.

One for the road: Ken Bolido’s video

A very strange Apple Pay Suica outage

The October 5 Apple Pay & Wallet outage that went completely unnoticed outside of Japan and Hong Kong was a very strange one. That’s because it was a very specific outage: ‘truth on the card’ transit cards with a stored value balance. But not all transit cards, only Suica, PASMO and Octopus. Similar transit cards such as Clipper, SmarTrip and TAP were unaffected. The former are FeliCa cards, the latter are MIFARE cards.

Let’s translate the Apple speak from the iCloud System Status page. Some users = FeliCa stored value card users, specifically: Suica, PASMO and Octopus. In addition to the not being able to add, suspend or remove existing cards, users could not recharge them (reload, top up, add money, etc.) but this issue was not listed. The add, suspend or remove existing card label gives us a big clue.

It soon became clear from the cacophony of Japanese tweet complaints that FeliCa credit/debit cards on the iD and QUICPay side were not a problem, only the stored value (SV) recharge, and practically unnoticed, Toyota Wallet iD prepaid card recharge. Meanwhile, Android Mobile Suica and Mobile PASMO users didn’t have any problems at all, everything worked fine. Bingo, the outage was an Apple Pay server problem, not caused by Mobile Suica or Mobile PASMO which was mistakenly reported by the Japanese media.

From the get-go Mobile Suica and PASMO support said it only an Apple Pay problem. Octopus Cards Limited, confoundedly coy as usual, didn’t say which ‘top up’ service wasn’t working but we damn well know it was Apple Pay. Overworked Suica, PASMO and Octopus support folk were left to clean up a recharge mess because the Apple Pay outage hit exactly at peak Tokyo morning commute time in the first real commuting week since the State of Emergency was lifted.

There was also another fascinating issue going on that most people didn’t pick up on. Suica and PASMO Apps offer 2 kinds of recharge: Apple Pay and their own direct credit card recharge system. Because Suica App recharge is independent of Apple Pay and deals directly with the Suica SV on the device, similar to adding cash at a station kiosk, it should have worked during the Apple Pay outage…but it did not. Why?

The FeliCa on Apple Pay story is a deep one. To date Apple Pay is the only digital wallet platform that offers all flavors of NFC (A-B-F) with the major transaction protocols that go with them, (EMV, FeliCa and MIFARE) as standard on all Apple NFC (and now also NFC + UWB) devices. The industry scuttlebutt in Japan is that to make this happen, Apple licensed a Mobile FeliCa key server from FeliCa Networks to manage their own Apple Pay devices. This indicates Apple’s commitment but I also believe was setup this way so that Apple Pay can safely backup the FeliCa card SV balance in Wallet if something goes wrong with the device or if some glitch happens during the recharge process from a credit/debit card, either Apple Pay (Wallet) or independent app (Suica, PASMO, Toyota Wallet).

Here is my take of what happened. Apple is preparing to launch 2 new FeliCa SV eMoney cards on Apple Pay very soon, WAON and nanaco. That means they need to reconfigure their FeliCa key server and Apple Pay server so that WAON and nanaco SV card balances are well protected because WAON and nanaco card balances are much bigger than Suica or PASMO, up to ¥40,000. If anything happens to the device, WAON and nanaco must always appear in the iOS 15 Wallet Previous Cards screen, otherwise users will freakout and won’t touch Apple Pay again. Hence the add, suspend, remove Apple Pay FeliCa SV card outage. It was a server configuration mistake on the Apple Pay side related to WAON and nanaco preparations to make sure those bigger card balances are ironclad protected.

In other words, WAON and nanaco are coming with iOS 15.1.

Secrets of iOS 15 Apple Wallet

iOS 15 Wallet is deceptive. The first impression out of the box is that nothing has changed much. It looks the same, it works the same. It doesn’t help that many of the new features won’t come until later in the iOS 15 life cycle and will be limited to certain users and regions. ID in Wallet for example is only due to launch in eight American states ‘late 2021’. Wallet keys for home only work on A12 Bionic iPhone XS and later while office and hotel key “device requirements may vary by hotel and workplace.” In Japan the iOS 15 Wallet feature section is missing altogether. The fine print reads like Apple is giving itself the biggest set of loophole opt outs ever, as if to say, ‘sorry, better luck later on.’

This is because Wallet key and ID cards are exactly like the Apple Pay launch in 2014 when the contactless payment infrastructure in America at the time was way behind Europe and Japan. The contactless transition has been bumpy, uneven and continues to plod along while stores have been slow getting their act together. Early Apple Pay adopters grew accustomed to hearing that classic gag line at checkout when things didn’t work right: “you’re holding it wrong.”

Wallet keys and ID will see a gradual measured uptake just like Apple Pay payment and transit cards. But unlike payment cards and transit cards, the reader infrastructure side of the equation for digital keys and ID cards is only just beginning. For some people it may be years before they have the opportunity to use digital key with their car, home or apartment. The initial use for Wallet ID, TSA security checks for domestic US air travel, represents only a small subset of a much wider future potential. How long will it be before state government services are fully equipped to read their own digital issue ID? And what about in-app ID checks, there’s huge but undeveloped potential there too.

Apple is leading the digital wallet transition for keys and ID as they did for payments when Apple Pay launched in 2014. Sure, there are others already doing it on a limited scale and Apple may be late to the party, but because Apple takes the time to make complex things easy to use and get it right, eventually it’s everywhere. Even without keys and ID, iOS 15 Wallet offers some deeply useful UI improvements that will remove a lot of frustration for all Wallet users. Let’s take a look.


New Add to Wallet UI
The new Add to Wallet screen with card categories is the gateway to new iOS Wallet features, it also solves long standing UI problems that confused users for adding transit cards. The main categories:

  • Debit or Credit Card
    Add debit/credit, the same process we’ve had all along.
  • Transit Card
    The add Transit Card category is new and lists all available transit cards that support direct Wallet card add and Apple Pay recharge. Transit cards that can only be added and recharged via an app such as Portland HOP and Chicago Ventra are not included. Some transit cards on the list are somewhat deceptive. Hong Kong Octopus and China T-Union cards cannot be added without certain locally issued credit/debit cards but you only get the warning message at the very end of the addition process that aborts it. The only transit cards that anybody from anywhere can add to Wallet are: Suica, PASMO, SmarTrip, Clipper and TAP.
  • Previous Cards
    Previous Cards is a new category that appears only when needed. It shows cards, keys and passes that are attached to the user Apple ID but are not currently in Wallet.

The region-free Wallet
These seemly mundane UI tweaks are much bigger than they look. Before iOS 15, Wallet did not make a clear distinction between first time card issue (adding a card) and re-adding previous cards that were already attached to the user’s Apple ID. Adding cards to Wallet was also region dependent, that is to say users had to set the iPhone region to match the issuer region to add those cards. This has been a real pain for transit cards: Japan to add Suica, Hong Kong to add Octopus, America to add SmarTrip, Clipper or TAP.

Changing the device region is easy to do, but it’s not intuitive at all and bewildered users. It’s not uncommon for people to think that changing the region messes up the Apple Pay cards they already have making them unusable, or that a certain region setting is required to use a particular card.

Neither is true, but region-dependent Wallet was a big source of confusion that kept people from using great Wallet features and caused support problems, especially for transit card users. Do a Suica search on Apple Support Communities. The number one support issue is: I lost my Suica card, how do I get it back in Wallet?

The new UI fixes this problem by making a clear distinction between removing Wallet cards vs. deleting them. Wallet has a simple rule: removing a card added directly in Wallet does not delete the card. Cards added directly in Wallet (tapping “+”) and keys are a little special as they are hooked into the user’s Apple ID. This is easy to see in Suica App which displays the unique Apple ID/Apple Pay identifier for each Suica card.

The pain point was the inability to see what cards were still attached to their Apple ID sitting on the Apple Pay server when not in Wallet. Most people assume a card not is Wallet is lost forever, the classic ‘I lost my Suica’ problem described above. This happened all the time in pre-iOS 15 Wallet when the user signed out of Apple ID without realizing it or migrated to a new iPhone without doing Wallet housecleaning on the old device. Removed cards were always parked safely in iCloud but there was no easy way to see them. With Previous Cards and region-free Wallet, you always know where to find your Wallet cards.

Knowing exactly where your Wallet cards are, in Wallet or parked on the server, and how to really truly delete them from the cloud, makes using Apple Pay easier. When users understand that Apple Pay has their back, they trust and use it more. Trust is far more important than technology.

From now on the new rules are: removing a card only removes it from Wallet. Only the extra step of removing a credit/debit card from Previous Cards removes it completely from Apple ID. Stored value cards like Suica can only be deleted with the card issuer app.


ID in Wallet

iOS 15 devices
watchOS 8 devices
Launch states: Arizona, Georgia, Iowa, Kentucky, Maryland, Oklahoma, Utah

ID in Wallet is the biggest new iOS 15 Wallet feature, important enough that Apple announced details and launch states before the September Apple Event, which is unusual for a feature due “late 2021.” The press release clearly explains (but does not show) the exact process for adding and using an ID, and the some security details behind it. Carefully crafted screen images clearly illustrate that ID in Wallet does not show detailed personal information, not even a full name, only the ID elements that will be transmitted by NFC to the TSA reader. Like Apple Pay, users do not need to unlock, show, or hand over their device to present their ID, they simply authorize and hold to the reader.

ID Security and Privacy
It looks slick but there are lots of interesting things Apple has not shown yet, like the actual adding process, that will certainly be highlighted at the September Event. Apple is advertising high level security and privacy for ID in Wallet but there are device distinctions security concerned users will want to know about, specifically Secure Intent.

Secure intent, in a very loose sense, is the user action of confirming ‘yes I want this transaction to proceed’ by double pressing a button (Face ID and Apple Watch) or a long press (Touch ID). But there are important differences: by Apple’s official definition, Face ID iPhone and Apple Watch are secure intent devices, Touch ID iPhone is not.

Secure intent provides a way to confirm a user’s intent without any interaction with the operating system or Application Processor. The connection is a physical link—from a physical button to the Secure Enclave…With this link, users can confirm their intent to complete an operation in a way designed such that even software running with root privileges or in the kernel can’t spoof…A double-press on the appropriate button when prompted by the user interface signals confirmation of user intent.

The most secure ID in Wallet secure intent transaction is a double press button authorization action that tells the secure enclave, where your biometrics are stored, to release authentication to the secure element, where your ID credentials are stored, for the transaction magic take place. Apple: “Only after authorizing with Face ID or Touch ID is the requested identity information released from their device, which ensures that just the required information is shared and only the person who added the driver’s license or state ID to the device can present it.” There is no Express Mode for ID card nor would you want there to be.

There is another aspect to consider, one that Apple certainly won’t divulge: who manages and runs the backend centralized mobile ID issue service that plugs into Apple Pay servers. The direct in Wallet ID card add process demonstrates a high level of integration: “Similar to how customers add new credit cards and transit passes to Wallet today, they can simply tap the + button at the top of the screen in Wallet on their iPhone to begin adding their license or ID.”

We can get an idea of what’s involved on the ID backend from the Japanese Ministry of Internal Affairs and Communications (MIC) English PDF document: First Summary Toward the Realization of Electronic Certificates for Smartphones with a diagram of the digital ID system architecture for the Individual Number Card (My Number). MIC are in discussions with Apple to bring the digital My Number ID to Wallet. The Android version is set to launch in 2022.

There has to be a partner service company that sub-contracts mobile ID issue services to participating state governments…somebody that does the heavy lifting of linking various state database servers to provide a centralized card issuing service so that Apple can provide a seamless ID add card experience. But it must be an independent entity that can provide the same set of backend ID issue services to other digital wallet platforms (Google Pay, Samsung Pay, etc.) at some point. Because if it is not an independent entity providing those services, Apple is inviting more claims that Apple Pay is a monopoly. It’s a mystery worth digging into. Nevertheless, Apple is paving the way by integrating ID issue directly in Wallet that eliminates crappy 3rd party apps. It’s a huge effort that hopefully makes digital ID easy, practical and widely used.


Digital Keys and Power Reserve Express Mode
Home, office and hotel keys are the first new iOS 15 Wallet feature on launch day. Where is the Add to Wallet Key Card category? There isn’t one. Keys are slightly different and cannot be added (issued for the first time) to Wallet directly because the mobile key issuing company has to confirm user identity before giving the key. The most common way to add keys for the first time is with an app. From the Apple car key support page:

Open the car manufacturer’s app and follow the instructions to set up a key…Depending on your vehicle, you might be able to add car keys from a link that your car maker sends to you in an email or text message, or by following steps on your car’s information display.

Keys removed from Wallet can be re-added quickly via Previous Cards. According to the iOS 15 and watchOS preview page, keys appear to come in 2 basic varieties, sharable and un-sharable, device specs are different depending on the type of key.

  • Sharable keys
    • Car keys with Ultra Wideband
    • iPhones and Apple Watches equipped with U1 chip (iPhone 11 • Apple Watch 6 and later)

    • Car keys (NFC)
    • Home keys
    • iPhone XS • Apple Watch 5 and later
  • Un-sharable keys
    • Office key
    • Hotel key
    • Device requirements may vary by hotel and workplace

All keys work in Express Mode as keys, unlike ID, require Express Mode to be useful. iPhone XS with A12 Bionic powered NFC supports Express Mode Power Reserve, a huge performance difference from previous Apple Silicon. The extra 5 hours of power reserve key access with a drained iPhone battery are crucial and it’s understandable why Apple set iPhone XS as the base iPhone for using car and home keys.

There might be conditions for office and hotel keys depending on the key issuer. In Japan for example iPhone 6s, iPhone 6s Plus, iPhone SE (1st generation) cannot be used for FeliCa based key access, hence the ‘device requirements may vary’ tag.

One more issue here is that mobile key issue is a complex process for hotels, and one assumes offices as well, one that usually requires an app with an account to securely issue a mobile key with set limitations (time, area, etc.).

It’s important to note that issuing digital keys is only one step of the complex process that allows guests to bypass the front desk. Apple’s announcement certainly does not spell the end of the hotel app as we know it…

It’s a big step toward streamlining a process that has, until this point, prevented many guests from using their phone as a digital room key. But, Wallet only solves one segment of the end-to-end operation required to get a guest checked in and room access issued. The bigger issue is connecting identity with access, which requires many more steps beyond issuing a key.

How Apple’s Newest Features Will Affect Hotel Check-in

Pairing an identity with access is the core issue of key issue. If I had a crystal ball to read, I might see a future where your ID in Wallet is the only confirmation needed to add a key directly in Wallet, no apps. It would be nice if things turned out that way over time. Perhaps that is one of Apple’s goals for releasing home-hotel-office keys and ID at the same time.

Wallet expansion and housekeeping
The last improvement is that iOS 15 Wallet now holds up to 16 cards. The previous limit was 12 cards (8 cards for pre-A11 iPhone). If you have trouble adding more than 12, remove one taking the total down to 11 cards, then add more cards up to the new limit. The limit is defined as cards that use the secure element for transactions: payment cards, transit cards, keys, and ID. Passes don’t count and used passes are automatically cleared and stored in the new archived passes category. One hopes Wallet will do similar housekeeping for expired hotel keys in later iOS 15 releases.

The expansion seems trivial but 4 more parking spaces in Wallet garage is a godsend not only for card otaku but also for regular users who already have lots of payment and transit cards. The housekeeping changes are appropriate and timely, going forward we’ll all be adding car, home, office, and hotel keys along with our driver’s license to an ever growing Wallet.

UPDATE
An earlier edit of this post incorrectly stated that watchOS 8 Wallet did not support hotel and office keys (they were not listed on Apple’s watchOS 8 preview page but mentioned on a separate PR release). Apple PR reached out regarding the error and has been corrected.

Last updated 2021-09-15

WAON and nanaco coming to Apple Pay

UPDATE: WAON and nanaco will launch on Apple Pay October 21 JST

Two of the last big three Apple Pay Japan holdouts are finally coming: AEON announced WAON and Seven & i Holdings announced nanaco for ‘later this year’. These popular prepaid eMoney FeliCa cards have been on Osaifu Keitai and Google Pay for some time. This leaves Rakuten Edy as the last, and largest, Wallet holdout although the iOS Rakuten Edy app recently received an update that supports Apple Pay for physical card recharge.

Despite the uptake of QR Code payment apps such as PayPay, prepaid eMoney cards remain popular and getting them on Apple Pay is an important development. The cards are also more secure: Seven & i Holdings experienced a huge embarrassment when they launched their 7pay QR Code payment service in 2019 that quickly failed due to a security meltdown. Since that disaster they have refocused on nanaco as their in-store payment + loyalty point reward strategy. Currently nanaco has issued 74 million cards, WAON has issued 87 million cards. For comparison Suica has issued 84 million plastic cards and over 14 million Mobile Suica digital cards that includes Apple Pay Suica.

Release details are sparse but it’s safe to assume they are coming after iOS 15 ships (probably 15.1). iOS 15 Wallet includes UI improvements that remove the confusing device region setting requirement and simplify adding transit cards like Suica and non-bank stored value (SV) prepaid cards like WAON and nanaco. As pointed out many times before, all iPhone 8 • Apple Watch 3 and later models support Apple Pay Japan cards thanks to Apple’s global NFC support. The big questions are: (1) Is direct Wallet add card supported that bypasses creating a WAON or nanaco account as part of the digital card issue process on Google Pay? (2) Can physical cards be transferred like Suica and PASMO? None of this is supported on Android.

These and other usability issues have kept these cards from joining Apple Pay. It will be interesting to see if Apple has solved them and persuaded AEON • Seven & i to simplify their digital card issue process to follow the great example set by Apple Pay Suica because that is the high bar: direct Wallet adding with no sign up and open ended Apple Pay recharge. The low bar is the Toyota Wallet app-like model of chaining card issue and recharge functions to a user account app. The cards should support Express Mode as they do for Mobile WAON and Mobile nanaco on Android. The press release Apple Pay WAON image suggests Express Mode, the Apple Pay nanaco image does not, however the dual press announcement does suggest a level of commitment and integration on the Apple Pay side. We’ll see.

Not many of new iOS 15 Wallet goodies announced at WWDC will come to Japan soon with the exception of digital car keys, adding WAON and nanaco now is a smart move that will keep users happy. With all the card possibilities coming to Japan this year, it’s a good thing that iOS 15 ups the Wallet card max limit to 16.

The Weekly #4

August 8, 2021

Pixel 6 Tensor and the secure element

After many years of rumors Google finally unveiled their custom silicon, though details won’t be known until Pixel 6 devices go on sale. Dieter Bohn wrote:

Tensor is an SoC, not a single processor. And so while it’s fair to call it Google-designed, it’s also still unclear which components are Google-made and which are licensed from others. Two things are definitely coming from Google: a mobile TPU for AI operations and a new Titan M2 chip for security. The rest, including the CPU, GPU, and 5G modem, are all still a mystery.

Ever since Pixel 3 models went on sale in Japan with Mobile FeliCa support, inbound Pixel users have been pining for the same global NFC feature that iPhone and Apple Watch have, but it hasn’t happened. Here’s why.

On the NFC hardware side everything has been ready to go on all smartphone hardware for years because NFC A-B-F support is a requirement for NFC certification. The problem has been on the SE side, the black box where all the transaction magic happens. From GlobalPlatform the SE certification organization:

A SE is a tamper-resistant platform (typically a one chip secure microcontroller) capable of securely hosting applications and their confidential and cryptographic data (for example cryptographic keys) in accordance with the rules and security requirements set by well-identified trusted authorities.

There are different form factors of SE: embedded and integrated SEs, SIM/UICC, smart microSD as well as smart cards. SEs exist in different form factors to address the requirements of different business implementations and market needs.

GlobalPlatform Introduction to Secure Elements

SE Wars
In the pre-Apple Pay mobile carrier hardware era, carriers used SE SIM or a embedded Secure Element (eSE) + carrier SIM combo that chained customers to service contracts for the privilege of using mobile payments. This is the classic Osaifu Keitai model pioneered by NTT DOCOMO: an overpriced carrier SIM contract to use mobile payments only with select carrier handsets.

This carrier lock in model is one reason why Mobile FeliCa ended up being ridiculed as ‘galapagos technology’ even though everybody else copied it. This carrier SE SIM hostage situation, i.e. the Mobile Wallet SE Wars, led Apple and Google to follow different strategies to address the problem.

The Apple Pay Way
Apple’s answer of course was Apple Pay. A unique in-house strategy of putting a GlobalPlatform certified Secure Element in Apple Silicon. Most eSE go on the NFC controller, but doing it the Apple in-house way has advantages over a NFC chip vendor bundle: control of the eSE applets and ability to update them and the Apple eSE for new protocols in iOS updates. We saw this in action with the addition of FeliCa in 2016, PBOC in 2017 and MIFARE in 2018. We are seeing it again with the addition of Ultra Wideband (UWB) Touchless in iOS 15.

The Google Pay Way
Google’s answer to the carrier owned SE problem was a convoluted evolution from Google Wallet (2011) to Android Pay (2015) and finally Google Pay (2018). Google’s first salvo was Host Card Emulation (HCE): “NFC card emulation without a hardware secure element” a virtual secure element hosted on Google’s cloud or in an app. Later on Google attempted to do the same for FeliCa with HCE-F.

The HCE strategy was quietly abandoned when Google decided to get into the hardware business and Android Pay turned into Google Pay. Now we have Google Pay running on Google Pixel with its own embedded Secure Element (eSE). With Pixel and Google Pay, Google decided they didn’t want to be the Secure Element provider for every Android OEM out there especially when the Chinese OEMS are all rolling their own eSE based digital wallet services anyway, completely ignoring HCE. Sure, HCE/HCE-F is still there in Android developer documentation but it’s a vestigial relic of the SE wars. From an industry standpoint it’s eSE or nothing now.

Google Pixel models up to now have used vendor bundled eSE + NFC controllers with the Pixel JP models using the Osaifu Keitai software stack. This makes global NFC support more complicated because Google doesn’t ‘own’ the eSE and the software stack, at least not in the Apple sense of making their own all in one solution. As we have seen, Mobile FeliCa is installed on all Pixel 5 models but the Osaifu Keitai stack only loads on JP models.

Will a Tensor SoC that contains a Titan M2 and a custom eSE solve this? It all depends on whether Google goes deep instead of cheap by stripping Google Pay of its dependency on the Osaifu Keitai stack and create their own region free support stack. If so, inbound Pixel 6 users will have the ability to add Suica and other FeliCa cards out of the box.


The PASPY organ transplant

As pointed out previously, the PASPY transit card transition from NFC to QR is not going to be easy. Not only does HIroden have to swap out the basic technology infrastructure, they also have to swap out their IT system integrator partners. The PASPY system was built and is currently managed by NEC with the last server upgrade completed in 2014. A quick look at the system map illustrates the pain points that including swapping out the NFC reader infrastructure in trolleys and buses and replacing it with QR readers with mobile connectivity, a requirement because of central processing. There will also be a lot of pain for wide area commuters because going QR means cutting the cross compatibility cord with ICOCA, Suica, etc.

The mobile connection means a mobile operator has to be involved to make it work. The likely IT system candidate here is the same one behind all the QR transit systems in Japan so far: SoftBank backed QUADRAC. The PASPY QR replacement is expected to be closed loop, similar to the QR + smartphone app closed loop system being tested by Nankai. Too bad JR West can’t come to the rescue with a localized version of the Suica 2 in 1 Region Affiliate Transit Card, but that’s another story for another time.


To eSIM or not to eSIM

eSIMs are great in theory, unfortunately the current reality for Japanese customers is less than ideal even thought the Japanese Ministry of Internal Affairs and Communications (MIC) is promoting them over traditional physical carrier SIMS and issued eSIM guidance. In addition to this carrier SIM locked devices will not be allowed from October. Of the big three carrier budget brands: NTT DOCOMO (ahamo), au KDDI (povo), SoftBank (LINEMO), only LINEMO and povo offer eSIM options. DOCOMO says they are thinking about it but for now ahamo is a physical SIM service because DOCOMO says eSIMS are not as secure as physical SIMS.

A recent article by Masao Sano outlined the eSIM situation in Japan and current obstacles for customers. The online signup process and device setup isn’t always smooth going and first time customers sometimes have to deal with unlocking their carrier device, APN settings, network authentication codes, profile installations and so-on. The eSIM process needs to be easier and user friendly. The good news is that unlocked carrier phones will be standard soon along with better eSIM option plans and migration setup. Once ahamo adds an eSIM option the next step will be taking it mainstream for major brand carrier contracts.


Apple Music finally sorts Japanese artist names correctly

Congratulations Naoko! You and all your fellow Japanese artists on Apple Music were finally liberated from the # sorting section and now live in 五十音 (Gojūon) splendor in iOS Music App. A very long wait though wasn’t it? Six years!

Seriously though I wonder what took Apple so long to fix most, but not all, of their Japanese music metadata mess. Not a moment too soon as the old reliable iTunes Match service seems to be on its last legs and the macOS Music app replacement for the old reliable iTunes app is completely useless for organizing a digital music collection: Apple Music and iCloud Music library have a mind of their own.

Truth be told, I had more fun collecting and listening to music on iTunes + iPod than discovering music on Apple Music + iPhone. For some strange reason, less is sometimes more.


The Weekly will be taking a summer break the weeks of August 9 and 16 and resume the week of September 1. Take care and enjoy the rest of the summer.