Multiple Secure Element domains for Mobile FeliCa 4.1

FeliCa Dude posted a series of deeply interesting tweets relating to Mobile FeliCa 4.1 changes. He had earlier complained of Mobile PASMO lack of Pixel 5 support and it now appears that multiple Secure Element domain support in Mobile FeliCa 4.1 was a reason for that delay. This is an fascinating development but what is it there for?

On a Mobile FeliCa 4.1 Google Pixel device Google has it’s own secure element domain

I assume his tweeted profile is for a Pixel device, hence the FeliCa Networks secure element (SE) + Google SE references. In this context it appears that Google ‘owns’ the Mobile FeliCa SE and which applets load, in other works FeliCa Networks needs permission from Google to load applets on a Google device SE. Devices come pre-loaded as always so customers simply use it out of the box, but the implication is that FeliCa Networks and the SE domain ‘owner’ can load/delete Java Card applets and even update Mobile FeliCa over the air. Whether they actually use this functionality or not is another story.

FeliCa Dude thinks multiple secure element domains are also there to support Ministry of Internal Affairs and Communications (MIC) plans for a digital version of My Number Card (Individual Number Card) for smartphones using the Mobile FeliCa eSE, even though the current plastic card uses NFC-B. It’s strange but exciting to ponder the possibilities of a Mobile FeliCa 4.1 secure element that supports non-FeliCa protocols.

One of the big changes of Mobile FeliCa 4.0 was that it introduced loading a FeliCa applet on any approved secure element. This change frees Android device manufacturers from having to purchase FeliCa chips from the FeliCa Networks supply chain. It basically gives Android devices the same custom secure element arrangement Apple has had since the iPhone 7 Apple Japan Pay launch in 2016.

I asked FeliCa Dude if the Mobile FeliCa 4.1 development is also related to next generation FeliCa feature support used for Suica 2 in1 cards coming this month, in particular the new Extended Overlap Service. He says this is unlikely but I hope we discover other pleasant surprises as intrepid explorers dig into Mobile FeliCa 4.1 details.

MIC digital My Number Card proposal for smartphones

Japan Ministry of Internal Affairs and Communications in discussions with Apple for Wallet My Number Card Support

IT journalist Junya Suzuki posted an interesting “Pay Attention” column today regarding the Ministry of Internal Affairs and Communications (MIC) plans for a digital version of My Number Card (Individual Number Card). MIC wants to extend card use and smartphone support for a digital My Number Card is seen as an important driver as many people in Japan have yet to even get the plastic version at the local city office. Japanese government officials stated they planned to create a digital My Number Card in 2019.

MIC digital My Number Card proposal for smartphones

The MIC proposal for putting out a digital My Number Card uses FeliCa and laid out security policy details on November 12 (download the full set of PDF docs). Smartphone support requires a ‘Global FeliCa’ embedded Secure Element (eSE). This means SIM card FeliCa support is out of the question, the reality is SIM cards lost out in the ‘secure element wars’ years ago. Some 80% of Android smartphones currently sold in Japan have FeliCa eSE chips, Apple has had global FeliCa (aka global NFC) in place in A/S series chips since iPhone 8 / Apple Watch Series 3. Apple Watch will likely be the only ‘wearable’ My Number Card when it launches.

今回Android端末が対象となっていますが、Android端末といってもいわゆる『グローバルFeliCa』と呼ばれる2018年度に発表された新しい方式に対応した端末が対象となっています。2020年秋モデルで対象となるAndroid端末は8割程度ですが、2022年内のサービス開始時点ではさらに拡大することを見越しています。 FeliCaを採用した理由は、スマートフォンの保護領域(SE)に安全にアクセスできる仕組みを提供しているのがフェリカネットワークという点で、同様の仕組みが提供されるのであれば特にFeliCaにこだわっているわけではありません。 またiPhoneが日本でシェアを多く持っているという現状も認識しており、Appleと交渉を行なっている段階です(総務省)

Deciphering Digital My Number Card Support (Japanese)

Suzuki’s article has a direct quote (above) from the MIC, the relevant Apple bit is the last sentence: “We recognize that iPhone has a large share in Japan and we are in discussions with Apple.” Not particularly earthshaking but confirmation is always good to have. The digital My Number Card is expected to launch in 2022 but it’s not clear if Apple Wallet support will launch simultaneously with Osaifu Keitai Android. The digital My Number Card MIC documents only outline Osaifu Keitai Android with dedicated FeliCa chips but Apple Pay would work the same way even though the FeliCa eSE is implemented in the A/S Series.

Suzuki san does not discuss this but I wonder if digital My Number Card will utilize the new security features of next generation FeliCa that just started shipping and is the basis for Super Suica launching early 2021. I also wonder if Google Wallet support will come much later, if at all. Google has been content to ride the coat tails of Osaifu Keitai and candy wrap it instead of rolling their own native support. That strategy likely won’t work for direct My Number Card support in Google Wallet.