myki transit card expanding to Apple Pay

The Open Loop lovin’ NFC Times (paywall) reports that with the successful launch of myki on Google Pay, Public Transport Victoria (PVT) has allocated 1 million AUD to expand the virtual myki transit card to other digital wallet platforms, like Apple Pay and Samsung Pay.

Anyone up for taking bets on who gets it first?

UPDATE: It looks like Apple Pay is the winner when iOS 13 ships this fall

Advertisements

HCE Secure Element in the Cloud is pie in the sky

Stefan Heaton’s blog piece “The reason Mobile myki isn’t available on iPhone… yet” is all the proof you need that Google inspired endless nonsense with Android Pay HCE support. This was shortly after the NFC “secure element” wars were over, with embedded Secure Element (eSE) on SIM cards losing out to eSE on smartphone chips. A secure element in the cloud approach seemed like it would solve everything, except that it didn’t.

myki is MIFARE which has never been compatible with HCE. Neither is FeliCa, which Google Pay users outside Japan assumed would work for Suica until they found out HCE-F was dead in the water and lost their shit.

What nobody has said, and I think it’s worth pointing out, is that the Android Pay to Google Pay shift was also a break with HCE and Google providing, or pretending to provide, a secure element strategy for all Android licensees. Instead, Google is focused on Pixel and their own eSE, all other Android licensees and manufacturers be dammed and left to find their own solutions. I guarantee you that, in time, Google will be doing most, if not all, of the same security hoops that Apple does now, for Google Pay card emulation (not host card emulation) for Google Pixel platform eSE access.

So yes, Apple does limit NFC Secure Element (implemented in the A Series Secure Enclave) access with PassKit NFC certificates. But Apple Pay MIFARE is real MIFARE, and Apple Pay FeliCa is real FeliCa. Public Transport Victoria (PTV) can apply for a myki card PassKit NFC certificate just like any developer. And for goodness sake Stefan, stop writing sentences that confuse Express Transit payment cards (EMV credit/debit cards) with regular Express Transit cards (FeliCa, MIFARE, PBOC). Suica is not a credit card and emulating EMV at a transit gate doesn’t automatically make a credit card into a Apple Pay Suica transit card, not by a long shot. If your aim is promoting open loop over closed loop, that’s one thing. Either way, your LinkedIn blog post is not doing your LinkedIn resume any favor.

UPDATE: Yep, myki is coming to Apple Pay, nothing to do at all with HCE support.

Market Risks when Problems aren’t Fixed

Transit cards have one job: get the user through the ticket gate quickly and reliably every time, no questions asked. Because they are bullet proof, fast, highly reliable and also used for e-money purchases, transit cards like Suica and Octopus have evolved beyond transit smartcard systems into transit platforms.

A transit platform becomes even more powerful, flexible, essential and transformative when it is deployed on smartphone digital wallet platforms like Apple Pay, Samsung Pay and Google Pay. When economies of scale and masses of moving people with transit card loaded smartphones come together all kinds of exciting new business possibilities and synergies open up: for transit companies, for local area economies, for merchants, for the digital wallet platforms and for customers.

But this can only happen if the basic transit card job and performance on the smartphone matches the plastic one. It has to be as fast and reliable as a plastic transit smartcard every time. It has to be bullet proof. This is essential. When the smartphone transit card performance is not up to the plastic one, people simply don’t use it and stay with plastic or reach for something else. Ask any daily commuter.

The iPhone X Suica Problem
This is exactly what is happening to iPhone X in the Japanese market, perfectly captured in the following tweet of which you can find plenty more. Apple has not fixed the long running iPhone X Suica problem, 7 months and counting, and for customers who depend on Suica iPhone X is a poorly designed piece of expensive junk. A spec problem. The risk of Apple doing nothing has damaged Apple’s brand value in the Japanese market. A small thing can have big implications and Japan is not the only market where this is happening.

Japanese complaints of iPhone X Suica performance
Japanese complaints of iPhone X Suica performance have been constant

Apple Pay≠Apple Pay Transit
The iOS 11.4 update was originally slated to expand Apple Pay Transit cards beyond Beijing and Shanghai to include Jiangsu, Shenzhen, Wuhan and Chongqing but didn’t make the cut. Why not? China Apple Pay Express Transit cards are all the same spec right? The answer is on the Apple Pay Transit page and in Chinese discussion forums: Apple Pay China transit cards are a glitchy unreliable beta product. Chinese smartphones from Huawei, Xiaomi, Oppo don’t have these problems. Transit cards are different from credit cards because the spec is much higher with tight tolerances, they have to work perfectly every time. Apple Pay≠Apple Pay Transit.

Maybe the beefed up Core NFC changes rumored to be coming with iOS 12 will help Apple fix Apple Pay Transit card problems in the long run but fixing the current problems ASAP should be top priority if Apple wants to protect Apple brand value in the China and Japan markets.

Other Risks
This market risk applies not only to smartphone vendors, it applies to transit companies too. Especially those who are switching from fast, reliable ‘closed’ stored value (SV) systems to ‘open’ slow, glitchy EMV contactless.

People think contactless cards are all the same. They are not: a credit card is not a transit card, it’s not yours. Credit cards are subject to the whims and idiosyncrasies of the issuing bank who can deactivate any card at a moments notice without bothering to tell you. This is a problem when using a credit card as a transit card. Singapore transit users are complaining of fried plastic contactless credit cards and of card issuers deactivating cards mid-transit for being over limit. A stored value transit card is yours with your money stored on it. Locally ‘off line’ processed stored value transit cards will always be faster and safer than credit cards because the FeliCa, MIFARE and CEPAS technology behind them was tailored for transit needs.

The risk to transit companies going ‘open loop’ is that every glitch and problem gets blamed on the transit company, never the payment network or credit card company because people have zero expectations for credit card companies and banks. The transit company ‘brand value’ is damaged by the management whims of other companies.

The other downside it that all the exciting business possibilities and synergies of a transit platform + digital wallet are lost. In this case everybody loses: the transit company, transit area merchants, digital platform vendors and most of all, transit customers.

UPDATE: I incorrectly stated that China Express Transit Beijing and Shanghai cards use MIFARE technology. They used to be MIFARE but migrated to something similar to PBOC 2.0 ED/EP and T-Union cards are a further development but the Apple Pay Express Transit flavor is different.

Victoria to trial replacing Myki card with Android devices

ZDNet reports that Victoria is going to test native MIFARE based Mobile Myki on Android devices before rolling out the service in 2019. It sounds like a good plan, staying with an established closed ticketing smartcard system on mobile is the smart way to go.

Unfortunately Sydney is not making the smart choice, they are looking to dump their MIFARE based Opal smartcard system built by Cubic and replace it with ‘open’ EMV contactless:

While Melbourne is headed down a path that replaces physical cards with smartphone apps, Sydney is examining the prospect of dropping transit cards in favour of credit card usage.

In July, Transport for NSW began a trial on the Manly Ferry of using MasterCard instead of the Opal card for ticketing, allowing for mobile devices or wearables equipped with NFC payments connected to a MasterCard account to be used.

Good luck with that.