iOS 14 App Clips unlock the power of NFC background tags

We first got of taste of iOS 14 App Clips with the slick Titanium Apple Card setup that leverages the background NFC background tag read ability of iPhone XR/XS and later. Jennifer Bailey gave a sneak peek of NFC background tag Apple Pay in May 2019 but the pieces weren’t in place for a rollout.

The first problem was the iPhone lineup. iPhone 8 didn’t fit because only A12 Bionic and later support NFC background tag reading. This was solved with the release iPhone SE with A13 Bionic and the deletion of iPhone 8 from the lineup.

The second problem was the clunky ‘launch an app’ or ‘launch Safari’ problem. This has been a problem for NFC tag solution providers like SmartPlate. User interaction needs to reside on the pop-up sheet on the unlocked screen. The new iOS 14 App Clips framework that works hand in hand with iOS 14 Core NFC to load just what is needed to take care of the NFC tag transaction at hand, is the right solution.

The pieces appear to fit very nicely now: the NFC background tag sheet pops-up ‘while the screen is on’, the right code snippets load in the sheet, the user can Sign In with Apple ID if needed, and pay with Apple Pay. Simple, uncluttered action; no apps, no Safari launch. And we have background NFC tag reading on every current iPhone model.

There are a few flies in the ointment:

  • (1) Face ID in the face mask era is not a great unlock or Apple Pay user experience, App Clip powered NFC background tag reading is gonna rock on iPhone SE with Touch ID.
  • (2) a network connection is required, Apple Pay transactions at the NFC reader works without a network connection but App Clips + Apple Pay transactions need a network connection for the obvious reasons of loading app clip content, and because of this…
  • (3) a weak borderline WiFi connection can jam the above process even with WiFi Assist turned on.

The NFC advantage over QR Codes here is that background tag reading automatically pulls up the App Clip sheet ‘while the screen is on’ while QR Code users have to manually pull up the QR reader app to join the fun.

The combination of App Clips, NFC tags and Apple Pay will be extremely disruptive in markets where NFC and QR payment players are very competitive. Places like Japan. PayPay and Line Pay will lose their edge. If they are smart, they can add NFC tag support in their payment apps. And they can bypass Apple Pay if they want to, though it won’t be as slick. Ultimately they are not wedded to QR codes and have always said they would add NFC if customers want it.

App Clips finally unlocks the power of background NFC tag reading and is the other big Apple Pay development, in addition to CarKey, announced at WWDC20. App Clips puts NFC tags on equal footing with QR Codes for the first time with the added edge of the ‘when the screen is on’ background tag read sheet pop-ups. This will be huge.

Advertisements

Dear Starbucks, please give us a NFC Starbucks rewards card

The Starbuck app server was down this morning. Fortunately my daily Starbucks has Suica payments and the staff kindly stamped customer receipts so everybody could get the Starbucks Card refill discount. I posted a silly throwaway tweet about it but received some thoughtful reader feedback that put things in perspective.

On the surface it’s true that Apple controls Wallet NFC card access with PassKit NCF Certificates. However, the Mobile Starbucks Card for Osaifu Keitai came out in March 2014, two years before FeliCa made it into iPhone 7. The mobile card was put out by Starbucks Japan which was not majority owned by Starbucks USA. USA corporate bought out the Japanese business partner at the end of 2014 and brought it under full control. Up until then Starbucks Japan stock was a popular item for the free coffee ticket goodies that came with it. The food was better too. Mobile Starbucks is a relic that will likely be ditched at some point, like the free coffee tickets and good food.

Starbucks USA has never shown any real interest in creating a NFC rewards card. They chose the barcode app route that supports direct bank card registration and recharge. Eventually they added in-app Apple Pay and Google Pay support. Silly market analysts announced that Starbucks app was ‘bigger than Apple Pay’, until they decided that Apple Pay was bigger than apps after all.

Starbucks has put real effort into protecting staff and customers during the COVID crisis. It’s an amazing effort that doesn’t get much attention. Despite this, physical Starbucks Cards are still mag strip cards handed over to staff and swiped at checkout. If Starbucks put out a digital wallet Starbucks Card, how should they do it?

The easiest way on iOS would be an Apple VAS NFC contactless pass. In Japan this is what PONTA and d POINT cards are. Apple VAS is NFC A but it works in combination with any Apple Pay payment protocol, EMV, FeliCa, PBOC, etc. Smart Tap is a similar rewards card NFC method for Google Pay.

This is what customers get when they pay with ‘Apple Pay’ on the Lawsons JP POS system: the reader polls the Wallet default payment card and rewards card, the payment transaction occurs and points are automatically added to the rewards card.

This flexible ‘2 in 1’ contactless payment + rewards package would be very nice to have with Starbucks Card. For app users it would eliminates the ‘open app, pull up barcode, make sure card has enough balance’ nonsense that happens far too often and is easily thwarted by a weak WiFi signal. It would also reduce handling physical cards at checkout.

Unfortunately this requires a POS system that supports NFC contactless, and Starbucks in Japan only supports popular contactless payment cards like Suica and PASMO when the store location is in a station retail area. Starbucks has demonstrated a lot of forward looking business sense in the COVID era so far. I hope they rethink their Japanese POS strategy and incorporate contactless payments and reward cards as standard at all store locations.

Transit Gate Evolution: why tap speed matters

As COVID restrictions are eased and the world slowly goes back to work, school and hopefully slightly more normal life, avoiding crowds will be key in keeping COVID from becoming resurgent in the months ahead.

For commuters in Japanese metro areas avoiding crowds is no easy matter. Fortunately the Japanese transit gate infrastructure is a great help. FeliCa based IC transit cards (Suica, PASMO, ICOCA, etc.) with fast transaction speeds combined with open gate flap design maximizes people flow: people walk through gates at normal pace. This is very important for Japanese stations that have to make do with large crowds in limited spaces and smaller gate areas.

It’s wrong however, to think that this only applies to Japan. The benefits of fast tap speed combined with intelligent transit gate design are relevant everywhere and very necessary in this day and age: fast gate tap speed is essential in keeping gate crowding at a minimum. It makes things safer not only for train operation, but also addresses crowd control health concerns in the COVID era.

A reader sent a link to a good discussion of NFC protocols and gate tap speeds that was apparently deleted when YouTube comments were turned off. I retyped the comment below from a screenshot with some light editing for clarity. If I find the author I’ll link to the original. The videos have already appeared in other posts but it’s good have them in one place. A previous installment already covered QR transit code gate issues, this post will focus on NFC.


While transit gates and NFC processors are found worldwide, what makes the Japanese gates different from the rest of the world is they don’t use global standard ISO 14443 (never mind Type A which uses Miller bit coding, the least efficient bit coding method) protocol which is common in many transit and bank cards issued worldwide.

The tap time with ISO 14443 Type A (née Philips) and B (née Motorola) varies greatly: from 200 to 500 milliseconds (ms) with 200 ms only achievable with Type B/Calypso. But it never reaches the short as 100 ms which is only achieved with Felica developed by Sony, also designated NFC-F and NFC Tag Type 3 by the NFC Forum and compatible with ISO 18092 which is commonly found in smartphones and NFC wearables since 2013. In this following video passengers maintain their walking pace but never overshoot and trigger a gate closure nor slow down not even a bit:

It may seem like a minor difference but due to the high volume of passengers per gate and to reduce gate maintenance requirements, tap times really matter.

Companies such as JR East have specified tap time of 200 ms but Suica is actually faster and this allows real life speed tolerances: some passengers tap faster than others due to walking pace, the higher speed tolerances are only possible with the 100 ms tap time of FeliCa. A comparison example of large crowds at gates in Malaysia and Japan below:

Open Loop NFC ticketing in its current form is based on EMVCo Contactless specifications adopted in contactless bank cards issued worldwide including China UnionPay QuickPass which is PBOC derived from the EMVCo Contactless spec. All of these use ISO 14443 Type A at 106 kbps only for 500 ms tap time, which is adopted in cities worldwide such as London, New York, Moscow and Rio de Janeiro where normal walking speed is never supported.

But as seen here, transit cards in Japan such as Suica, PASMO and ICOCA are supported for ultra hight speed and precise account verification and fare processing. Transit cards use offline Stored Fare (SF) which includes the amount of funds stored in the card’s IC smart chip data storage, NOT backend on a server like a bank card, and stored commuter passes. Here are walk flow comparisons for Tokyo and London, and MTA OMNY Open Loop performance:

Japanese IT journalist Junya Suzuki tests OMNY transit gate speed…
and reliability

One hopes the NFC Forum works to increase NFC speeds and global specifications to “improve the overall user experience for NFC users.” We shall see.

With the exception of any Apple Pay news from WWDC20, this will be my last big post for a while. Stay healthy, stay safe and have a great summer.

Next Up: Google Pay Octopus or Garmin Pay Octopus?

Apple Pay Octopus launch day was a big success, so successful that Octopus apologized for their servers buckling under the demand. What’s next for Octopus, Google Pay? There are some possibilities but when it comes to Android there is the matter of the Secure Element (SE), where it resides and what transaction protocols are supported.

From the NFC hardware angle everything has been ready to go on all smartphone hardware for years, NFC A-B-F is required for NFC certification. The problem has been on the SE side, the black box where all the transaction magic happens. From Global Platform the SE certification organization:

A SE is a tamper-resistant platform (typically a one chip secure microcontroller) capable of securely hosting applications and their confidential and cryptographic data (for example cryptographic keys) in accordance with the rules and security requirements set by well-identified trusted authorities.

There are different form factors of SE: embedded and integrated SEs, SIM/UICC, smart microSD as well as smart cards. SEs exist in different form factors to address the requirements of different business implementations and market needs.

Global Platform Introduction to Secure Elements

SE Wars and Google HCE ‘SE Pie in the Sky’
In the pre-Apple Pay mobile carrier hardware era, carriers used SE SIM or embedded Secure Elements (eSE) + SIM combos that chained customers to service contracts for the privilege of using mobile payments. This is the classic Osaifu-Keitai textbook maneuver pioneered by NTT Docomo: leave those pesky SIM Free whiners in the cold world of plastic cards and hard cash, or crippled digital wallets until they give up and buy an overpriced carrier SIM. This brain dead approach is one reason why Mobile FeliCa ended up being ridiculed as ‘galapagos technology’ even though everybody copied it with inferior crappy me-too products.

This carrier SE hostage situation, i.e. the Mobile Wallet SE Wars, led Apple and Google to follow different strategies to address the problem.

The Apple Pay Way
Apple’s answer of course was Apple Pay. A unique in house strategy of putting a Global Platform certified Secure Element in their A Series/S Series chips then building it out from there. Most eSE go on the NFC controller, but doing it the Apple in-house way has advantages over a NFC chip vendor bundle: control of the eSE applets and ability to update them and the Apple eSE for new protocols in iOS updates. We saw this in action with the addition of FeliCa in 2016, PBOC in 2017 and MIFARE in 2018. We may even see the addition of Ultra Wideband (UWB) Touchless in iOS 14.

What iOS 14 could look like with QR and UWB support

The Google Pay Way
Google’s answer to the carrier owned SE problem was the more convoluted evolution from Google Wallet (2011) to Android Pay (2015) and finally Google Pay (2018). Google first salvo was Host Card Emulation (HCE): “NFC card emulation without a secure element” hosted on Google’s cloud. Later on Google attempted to do the same for FeliCa with HCE-F.

But then something happened that put an end to all this: Google decided to get into the hardware business. And now we have Google Pay and Google Pixel with it’s own embedded Secure Element (eSE). With Pixel, Google decided they didn’t want to be the Secure Element cloud provider for every Android OEM out there especially when the Chinese OEMS are all rolling their own eSE based digital wallet services anyway, completely ignoring HCE. Sure, HCE/HCE-F is still there in the Android developer documentation but it’s a dying vestigial relic of the SE wars.

But Google Pixel depends on vendor bundled eSE + NFC controllers and this makes global NFC support more complicated because Google doesn’t ‘own’ the eSE, at least not in the Apple sense of making their own all in one design. This is one reason why Pixel 3/4 only support FeliCa in Japanese models even though all worldwide models have the same NFC A-B-F hardware.

The end result of all this is the Android market is a very fragmented landscape, there are no global NFC Android smartphones: a device that supports EMV, FeliCa, MIFARE, PBOC out of the box in one globally available package.

Google Pay Octopus and the Android Global NFC Installed Base
Back to our original question, can Google Pay Octopus happen? We already have Google Pay Suica right? Let’s assume that Octopus Cards Limited (OCL) has everything in place for it to happen. Here we run into the problem just described: there are’t any global NFC Android smartphones available globally. Samsung sells them in Japan and Hong Kong, Google only sells them in Japan along with Huawei, Oppo, Sharp, etc.

For OCL this means the potential Google Pay installed base that can support Hong Kong Octopus consists of Samsung Galaxy smartphones that are already using Smart Octopus in Samsung Pay; not exactly a mouth watering business opportunity worth the support expense. If Google Pixel 5 goes deep instead of cheap Hong Kong would have a potential Octopus non-Samsung Android device, but that’s only one new device not an installed base. I only see Google Pay Octopus happening if Google foots the entire support expense.

There is a way forward however for OCL: Garmin Pay Suica. The same Garmin APAC models that support Suica can also support Octopus, the recharge backend is entirely Google Pay. Garmin smartwatches work with any Android 5 and higher smartphone, a much larger installed base that bypasses the fragmented Android landscape. Garmin Pay Octopus would offer Android users a way in, who want to use Octopus on a mobile device but who don’t want to use Samsung or Apple devices.

The conclusion: forget Google Pay Octopus for the time being. Hong Kong is a golden opportunity for Gamin Pay Octopus….if Garmin can get Garmin Pay clearance from Hong Kong authorities and banks, and cut a deal with OCL. It’s certainly in Octopus’ best interest for OCL to help turn the negotiation wheels. It’s also in Google’s interest as Google Pay would supply the recharge backend as it does for Garmin Suica. Big hurdles all, but I hope it happens.

Hell to the yes: Apple Pay Octopus launch…for real (Updated)

Good news for long suffering Hong Kong iPhone users: press invitations labeled ‘Redefining Mobile Payments’ that went out to local media outlets on May 28 signaled Octopus for Apple Pay would finally launch on June 2, which it did in tandem with Apple Maps Hong Kong Transit directions just before 1 am June 2 local Hong Kong time. The press event took place at 12:30 pm.

Didn’t we do this already?

OCL teased everyone when it first announced Apple Pay Octopus as ‘coming soon’ in July 2019, then ‘as soon as possible’ in September, finally postponing it in December for ‘later in 2020’ without explanation. This despite endless beta test leaks that indicated everything was ready to roll and endless launch rumors that never panned out. The Apple Pay Octopus Wait for Godot was a very bumpy journey. A timeline:

Global NFC iPhone and Apple Watch
Apple Pay Octopus is just like Apple Pay Suica with Express Transit. It can be used on iPhone 8 and later with iOS 13.5, and Apple Watch Series 3 and later with watchOS 6.2.5. Apple devices from anywhere can add and use Octopus thanks to Apple global NFC support but practical use is limited to having a Hong Kong issue Mastercard, Visa or UnionPay bank card already in Wallet.

iPhone 11 Pro/11/XR/XS have the A12/A13 Bionic exclusive Express Transit with power reserve feature that gives users an additional 5 hours of Express Transit use when iPhone is in low battery power reserve mode. A12/A13 Bionic powered transit card performance is also much improved over previous iPhone models because the Bionic Secure Element directly handles transactions that eliminate iOS overhead. If Octopus on iPhone X doesn’t work well, check this support post.

Apple Watch is the first time Octopus has landed on a smartwatch. As a long time Apple Pay Suica user I can tell you that it’s the Apple Watch killer app. Octopus users will really enjoy the experience on Apple Watch especially when hooked up with auto recharge/Automatic Add Value Service (AAVS).

Similarities with Suica
Octopus is based on the same FeliCa technology that powers Suica, both cards are very similar in scope and use for fast transit and contactless payments of all kinds. According to Wikipedia over 33 million Octopus cards were in circulation as of 2018 used by 99 per cent of Hong Kong residents. The ubiquity of Octopus with Express Transit for transit and purchases will drive Apple Pay use in Hong Kong far more than regular credit/debit cards.

Apple Pay Octopus and Apple Pay Suica both have the same fast Express Transit performance that no other Express Transit cards can match with faster gate performance than the recently added Apple Pay China T-Union mainland transit cards.

New virtual Octopus cards can be created directly in Wallet just like Apple Pay Suica cards or added via the Octopus app (v6). Plastic Octopus cards can also be transferred to Wallet but cannot be used after transfer.

Some attached services are not supported. Be sure to check Important Notes to Customers before transferring a plastic Octopus. Another issue to be aware of is that the Octopus card number changes when transferred which can cause problems with some card ID# linked services.

Not Inbound Friendly
OCL limits Apple Pay Octopus card creation and recharge to having Hong Kong issue Mastercard, UnionPay and Visa cards already added in Wallet. It’s clearly not geared for inbound visitors. This is a shame because Apple supports global NFC on all devices which Samsung and Android devices do not, a key difference.

In practice this means any iPhone 8 and later from anywhere can use Apple Pay Octopus but only when a Hong Kong issue bank payment card is already loaded in Wallet. Suica is very different in this regard: it can be created and recharged in Wallet with any Apple Pay loaded card no matter the brand or country of issue, all without service fees. It’s a very inbound friendly deal for Japan visitors with iPhone.

Unfortunately OCL was limited by restrictive Hong Kong bank agreements and didn’t offer any Apple Pay inbound friendly solutions at the press event. Hopefully they will expand inbound bank card support down the road as banks realize the value of enticing tourists to use Hong Kong transit.

Octopus was the first real transit platform (contactless transit and eMoney) that had a tremendous impact on the development of other transit card fare systems around the world such as Transport for London Oyster. However, OCL needs to aggressively expand Octopus services on other mobile digital wallets like Google Pay especially as MTR moves to add QR Code payment Open Loop support.

Apple Maps Transit Integration
Hong Kong Apple Maps Transit directions launched in tandem with Apple Pay Octopus. It makes sense for Apple to offer both services as an integrated package as they did for the Apple Pay Suica. In Japan, Google Maps transit directions offer more detail and a better UI than Apple Maps Transit even though they use the same data suppliers. Your milage may vary but Google Maps transit directions for Hong Kong has been in place for some time and offers extras like crowding info. Another limitation shared with Apple Maps in Japan: no indoor station mapping.

Greater Bay Area Apple Pay Transit Compatibility
Apple Pay Octopus is the last piece of the transit puzzle that delivers Express Transit convenience to Greater Bay Area iPhone/Apple Watch users who, up until iOS 13.4.1, were limited to China Union Pay (CUP) cards without Express Transit and plastic Octopus cards.

The recently released Apple Pay China T-Union transit cards are interoperable transit cards that work across the country, some 257 mainland cities, similar to what Japan has with Suica, ICOCA, PASMO. China T-Union uses the PBOC 2.0/3.0 protocol, the Chinese variant of EMV with the slowest NFC transaction speeds, they are limited to UnionPay issue credit/debit cards for recharge and cannot be used for purchases. Octopus uses the faster FeliCa protocol and offers an open Apple Pay recharge backend for Hong Kong issue cards.

The advantage for wide area travelers is that they can now add both Apple Pay Octopus and China T-Union cards in Wallet. Having 2 different Apple Pay transit cards in Wallet may not be exactly the same as the dual mode Sold Octopus•Lingnan Pass but it should be close. It will be interesting to hear what the Apple Pay Greater Bay Area transit experience is like using both services.

Why the long wait?
There has been endless speculation regarding the reasons for the Apple Pay Octopus delay. Technically it could have launched on iOS 12 but was held back for an unbelievably long test period over 2 major iOS versions, running from December 2018 and iOS 12 all the way to May 2020 and iOS 13.5, the last major release before iOS 14.

Why? Personally I always felt the unexplained November 2019 Smart Octopus service outage was an ominous sign that OCL plans were under political pressure, though many will disagree. Other possible delay reasons include Apple Pay recharge card support and fee negotiations, and lining up Apple Map transit data. There’s no question that the go-slow OCL approach with constant tweaking of mobile and O! ePay services was not helped by the ever-deteriorating political situation.

The Apple Pay Octopus launch story was a long winding road with many ups and letdowns in the very difficult year of 2019. 2020 is also a very difficult year in a different way, though I hope it can still turn out to be a time of recovery.

I’d like to thank all the readers who shared Octopus tips and comments that let me report a complex, ever changing situation. I learned many things, the most important of which is that Hong Kong people are very kind and very smart. Wish you all a safe, healthy and happy transit wherever you go.

‘Redefining Mobile Payments’ June 2 press event invitation
Mobile Suica has a long history dating back to 2007. Mobile use growth had stalled until the Apple Pay Suica launch in 2016. Octopus on Apple Pay will likely drive a similar spurt of mobile use.

UPDATES

June 3 8:00 JST: Octopus issues apology, “Due to the overwhelming response to the launch of Octopus on iPhone and Apple Watch, some customers could not add their Octopus between 11:30 am and 12:19 pm on 2 June,” and compensating some Octopus users
June 2 12:00 JST: Octopus Card Limited site updated for Apple Pay Octopus and a press release
June 2 09:00 JST: Apple Pay Octopus page added to Hong Kong Apple site with instructions for creating, transferring and topping up Octopus cards in Apple Pay
June 2 03:20 JST: Octopus App v6 update released
June 2 01:50 JST: Apple Pay Octopus has launched, rollout expanding in stages
June 2 00:46 JST: Apple Pay Transit directions for Hong Kong appearing in advance of the Apple Pay Octopus