Once in a while I get a surge of traffic from reddit and like to see which post was linked and the attached discussion. This was very hard to do before reddit added comment searches and even so it takes a few days before a new entry shows up in search results. The latest one was about iPhone X and NFC.
Question: What’s the difference between X and XS ? Which is better ? My second question: Recently I bought an X Japanese Version. Is it different from regular X ??
Answer 1: X to XS is Just a small minor cpu upgrade and minor antenna fixes making the iPhone bottom speaker/microphone holes assymetrical, if you bought a X from Japan and are planning to use it for commuting using apple pay there, make sure to check the production date, pre2018 iPhone X has a suica gate problems that got fixed with the Rev B iPhone X. iPhone X suica problem
Answer 2: Also, all Japanese iPhones have a different NFC reader, so they won’t work with non Japanese tap and pay terminals and other NFC points, eg on public transit and similar
Yikes, all the good and bad of reddit in one post. The question is a good one but the good natured answers are equally helpful and utterly misleading.
Answer 1 is a little off in that bad iPhone X NFC was not a Suica problem, NFC was unreliable across the board regardless of type (A-B-F) or protocol (EMV, FeliCa, etc.), with iPhone X NFC crapping out completely later on (after AppleCare expired naturally). The Rev B thing was just my made up name for units manufactured after April 2018 with reliable NFC. And even though most people have moved on to newer iPhone models with much superior NFC performance, the big bad iPhone X NFC problem continues to haunt users. For me, with 3 replacements and a lot of headaches, iPhone X was the worst iPhone ever. iPhone X users deserved a NFC repair program but never got one because at the time Apple Pay Express Transit was only available in Japan. Apple at its Tim Cookian worst.
It’s interesting parsing app reviews that say ‘this app sucks’. How does it suck and why? As I’ve said before, the overwhelming negative App Store reviews for Suica App are not about the app but about poor network connectivity kills a connectivity critical service app. The poor connectivity is due to a variety of factors: carrier auto-connect and free WiFi or overloaded mobile connections messing with Mobile Suica recharge and other online functions. People assume the WiFi and cellular icons at the top of the phone screen indicate a healthy internet connection, which they decidedly do not.
Most users see Suica App as the software that controls everything Mobile Suica AND iPhone NFC hardware. It does not of course but people dump all blame on Suica App anyway. Fortunately most of what Mobile Suica does is done without an internet connection. The only time it needs one is recharge time with a credit card in Apple Pay Wallet app or Suica App.
Yet all that complaining over online Mobile Suica app services however, tells us something important about mobile internet connections in station areas, on trains and subways: they suck. Despite ubiquitous 4G LTE~5G cellular and WiFi coverage, reliable internet is notoriously fickle in those famously busy Japanese train stations. This is the real reason behind all those ‘this app sucks’ Suica App reviews. Interestingly enough, this is the same performance gripe with the mobile myki system in Victoria. Like Mobile Suica this became a problem because mobile internet connections weren’t up to the job of delivering reliable, trouble free ‘anytime, anywhere’ recharge/top-up, which people tend to do in transit.
Which brings us to Smart Navigo, the Île-de-France Mobilités (IDFM) Paris region transit card for mobile that is going wide on Android smartphones this year. IDFM has spent a lot of time and expense working with Calypso Networks Association (CNA), the transaction tech used for Navigo, to implement the less secure network dependent Calypso HCE ‘cloud’ secure element approach as the default mobile transit tech for Android devices in 2022.
It is very unusual that IDFM chose HCE as their go to mobile strategy on Android when the more secure hardware embedded secure element (eSE) is standard on all smartphone NFC devices these days, and does the job without internet connections. HCE is very different from eSE in that both NFC smartphone and the reader need a connection to talk with a server. HCE was also conceived for leisurely supermarket checkout, not the challenging transit enviroment. How does Calypso HCE compare to the network-less eSE experience? CNA says:
For security reasons, transactions using the personalization key or the load key are not possible through the NFC interface, and must be done with a secure connection to a server.
Only the Calypso debit key is stored in the HCE application for validation on entrance and control during travel, coupled with a mechanism of renewal of the Calypso Serial Number (CSN) to mitigate the risk of fraud : a part of the CSN contains date and time of validity of the debit key which shall be checked by the terminals.
It’s too bad IDFM didn’t study Mobile Suica shortcomings, they could have learned a few things. Most certainly they understand HCE shortcomings but chose it anyway for unknown reasons. Perhaps there are challenges getting Calypso retroactively installed on the eSE on many different Android devices and HCE was the only way to rollout Smart Navigo quickly. The Android platform reputation for keeping devices up to date with the latest software is lousy due to the slow manufacturer response.
Right out of the gate Smart Navigo HCE won’t support power reserve NFC transactions even on Android devices that support it for regular eSE NFC. In total, there are 6 core Smart Navigo features that are internet connection dependent vs 1 Mobile Suica feature. 6 more things to complain about when they don’t work…in other words the Smart Navigo HCE suck index is 6 times greater than Mobile Suica. If Suica App is anything to go by, there are going to be a lot of bad Google Play reviews for the HCE version of the Île-de-France Mobilités App.
iPhone and Apple Watch users can be thankful that Apple Pay Navigo will use eSE (as Samsung Pay Navigo already does), and avoid this mess when the service launches in 2023, matching the Mobile Suica experience, feature for feature.
IDFM launched Smart Navigo HCE that does not support an Express Transit mode. Android users have to wake-unlock-tap to validate…the price of using HCE instead of an embedded secure element (eSE). That IDFM and Calypso went with HCE, despite the downsides and the fact that modern NFC capable smartphones all have eSE as standard, is very interesting and speaks volumes about the state of Android NFC and licensing fee headaches. Assume that Mobile Calypso don’t come pre-installed on smartphone eSEs, unlike EMV, then imagine the nightmare of: (1) dealing with all the Android manufacturers to retroactively update their devices so they are compatible with eSE Navigo (such as currently found on compatible Samsung Pay devices), and (2) getting Google Pay on board. Going the HCE route likely avoided a lengthy messy delay getting Navigo on mobile for the Android masses which is by far the majority in France.
This is exactly the mess that Apple Pay takes care of behind the scenes so users don’t see or deal with any of it. That’s the value of having a gatekeeper, better UI and security encourages users to use NFC payments and Apple Pay use far exceeds any other digital wallet…this is the benefit that Apple Pay delivers to developers. Too bad it’s going away for EU users that the EU is forcing Apple to give up their NFC gatekeeping role, which is very sucky indeed.
Suica App user reviews are relentlessly bad, rip after rip of ‘this software sucks’. Never a good thing to say. Here’s the thing however, when you dig into the reviews most of them have little to do Suica App. It’s also really weird that many reviewers/users seem to think they need Suica App for using Suica at the transit gate. They don’t.
Why are people even using Suica App anyway? You don’t need it to add Suica to iPhone, you don’t need it to recharge Suica. All these things can be done in Wallet app. And now that people are working remotely, there is much less demand for purchasing commuter passes, the biggest reason for using Suica App in the first place. But there is one good reason for using Suica App: setting up Auto-Charge. Set that and you’ll never have to use Suica App.
There’s an important difference to know about Auto-Charge vs. regular recharge in Suica app and Wallet app: auto-charge is locally processed via the transit gate Suica NFC reader. It’s instantaneous and doesn’t care about your iPhone network connection.
Wallet and Suica app recharge are processed via the iPhone (or Apple Watch) network connection. Apple Pay talks with iCloud and Mobile Suica, the transaction is processed online and relayed back to Apple Pay, the recharge amount is added to Suica card. Many network hoops.
There is a message the Mobile Suica twitter account puts out regularly: make sure your smartphone has a robust network connection and don’t use free WiFi when recharging Suica or using Suica App. A bad WiFi connection fools Suica App users into thinking their iPhone is connected to the internet when it is not. This is a particular problem with carrier Wi-Fi SIM auto-connect that bypasses a solid 4G/5G connection and automatically connects to an extremely unstable or overloaded carrier WiFi instead. WiFi on trains and in stations is never reliable and should be turned off when using recharging Suica in Wallet or using Suica App.
Which brings us to an interesting Suica App user review titled “It’s a real urban legend” which explains all the crap talk about Mobile Suica boils down to people trying to recharge at rush hour in transit gate areas with a crapped out carrier or free WiFi connection…the perfect Suica App killer situation. The reviewer recommends “recharge in a calm place at calm time,” to which I heartily agree. Or better yet, ditch network recharge altogether and use Suica NFC Auto-Charge. It will never fail you.
Suica 2 in 1 Region Affiliate Transit Cards have a problem: it would be great to have these cards available on mobile wallet platforms (Osaifu Keitai, Apple Pay, etc.) however, the whole point of region cards is to promote region affiliate transit companies and service benefits for the people who live there. There are region affiliate transit points and services for everybody, discounts and point rebates for elderly and disabled users, commute plans and so on, subsidized by prefectural and local city governments.
Hence despite the Suica logo on them, region affiliate cards are not available from JR East. They are only available from region affiliate bus offices. But it’s a pain getting them, commute plan renewal requires another trip to the bus office and cash recharge is the only option. Suica 2 in 1 would be infinitely more useful and user friendly on mobile. Region affiliate users are certainly happy to have a card that covers all of their transit needs but it doesn’t bring them into the Mobile Suica era.
But mobile is a two edged sword. On one hand you want the convenience of Mobile Suica, on the other hand region cards need to promote subsidized services for a particular location, keeping them local on a wide mobile platform and restricting access for special services with certain eligibility requirements (local disabled and elderly residents) is a challenge. How does one promote targeted regional services on widely available mobile platforms like Mobile Suica on Apple Pay?
The Suica App mobile fix Hmmm, this sounds like a similar problem with student commuter passes. JR East and customers want to do away with the drudgery of going to the local JR East station ticket window to confirm student ID validity, nevertheless, student ID validity must be confirmed before a student commuter pass can be purchased. Mobile Suica has supported student commuter passes but students have to go to a local JR East office to validate and activate it.
Mobile Suica will address this problem on February 13 with a system update and new version of Suica App (v3.1.0) that adds support for in-app purchasing and renewing student commute plans. Another Mobile Suica update on March 12 will add Tokyo region day pass purchase support. Think of these as selective local services on a widely available mobile platform. Let’s see how this approach can be applied to Suica 2 in 1 Region Affiliate cards.
1) Region affiliate mobile issue When I made my Apple Wallet transit card wish list mockup, I thought it might be nice to have all the new Suica 2 in 1 cards available directly in Wallet app along with Mobile ICOCA (coming in 2023).
Apple Pay WAON deals with this problem in a smart way: regular WAON can be added directly in Wallet app, regional WAON cards are added to Wallet with WAON app. The beauty of issuing specialty WAON cards in the app is they have region specific goodies attached: a portion of the region WAON card transaction goes to a local government development fund.
This approach is a perfect fit for region affiliate Suica cards on mobile with local perks, bonus local transit points and so on when issuing cards on mobile.
2) Suica2 in 1 commuter pass purchases and limited eligibility card issue There are a few more hurdles to clear before Suica 2 in 1 can join the mobile era: region affiliate commute plan purchase and renewal, limited eligibility card issue (for elder and disabled users).
Let’s say you are a totra commuter who rides a region affiliate bus and a JR East train. In this case you need 2 separate commute plans on your Suica 2 in 1 totra card, one for the region affiliate bus, one for JR East. The commuters plans must be purchased separately: the region affliliate commuter pass is bought at the bus office, the JR East section is then purchased added at a JR East station ticket office. It’s a complex hassle. JR East stations are all cashless but only a few region affiliate bus offices take credit cards…and so it goes. How nice it would be to do this with an app and pay with Apple Pay.
Mobile Suica already hosts this kind of complex commute plan configuration but not in Suica App. Mobile PASMO and PASMO App are hosted on the JR East system, basically rebranded Mobile Suica, and easily configure complex bus + train commute plans from multiple transit operators for mobile purchase.
This leaves limited eligibility card issue. The February 13 Mobile Suica update adds student commuter pass pre-registration and ID verification uploading via the Mobile Suica member website. The student reservers a pass entering school information, commute route and uploads a picture of their school ID. Approved student commuter pass reservations are then purchased in Suica App. This ID verification method can be used for issuing elder and disabled Suica 2 in 1 cards. It’s still a manual authentication process that digital My Number cards will, hopefully, transform into a simple automatic one with instant verification of necessary personal information.
One of the really interesting things about Suica 2 in 1 is that the next generation format is the very first Suica card that supports disability fares. Up until now disability fare users have been limited to paper passes inspected at manned transit gates.
JR East plans to drastically reduce the number of manned transit gate areas. Before this happens, mobile support for all Suica cards of every kind, especially the new Suica 2 in 1 features, must be in place. The pieces of the solution are there, it only a matter of JR East integrating them into a Mobile Suica system and Suica App update.
One Suica App to rule them all If we are promoting region affiliate Suica cards does it make sense to do it all in Suica App or have individually branded local apps for totra, nolbé, cherica, et al? One main goal of Suica 2 in 1 is cost reduction and infrastructure sharing. Despite all the different names and card artwork these are Suica cards with all the Suica benefits and JR East managing the Suica infrastructure for region affiliates.
I’d argue it doesn’t make sense nor does it fit with cost reduction goals to do a bunch of re-skinned local Suica Apps when JR East is making a bunch of replicas. Better to focus efforts on making Suica App a streamlined easy to use app with all the necessary tools for managing mobile region affiliate cards. And because physical cards remain an important part of the Suica platform strategy, Suica App must also add a physical card iPhone recharge feature similar to what Octopus App and Navigo App offer.
All in all I expect that 2023, which will see the launch of the highly anticipated JR West Mobile ICOCA service, will be a big year for Mobile Suica and Suica App too.
Jonathan Seybold said it best in his Computer History Museum interview video, many arguments can be easily demolished by pulling out the hidden assumptions. In our attention span challenged social media era it’s all too easy to believe things at face value. Few people invest time and brain energy to analyze and question arguments to find and examine hidden assumptions.
A reader of this blog might come away thinking I am not a fan of open loop transit fare payments and despise EMV contactless and QR Code payment technology. That would be a mistake. I don’t hate them, everything has its place. I simply don’t agree with ubiquitous assumptions that EMV or QR or open loop are cure alls for every transit fare payment situation that they are praised to be…usually because ‘everybody uses’ bank issued contactless payment cards or smartphone payment QR apps. It’s a one size fits all mentality that blinds people from seeing hidden assumptions. It’s very important to see how all the pieces, seen and unseen, fit together. After all, transit companies and their users have to live with transit infrastructure choices for decades.
In a recent twitter thread Reece Martin thought it would be nice if Canada had a nationwide transit card. This is something Japan has had since 2013 when the Transit IC interoperability scheme was put in place that made the major transit IC cards compatible with each other, but they did this without changing the hardware. The various card architectures were left untouched and linked with system updates, a use-the-same-card backend solution. China on the other hand created a national transit card with the China T-Union • PBOC 2.0 standard that replaced all older transit cards with locally branded T-Union cards, a get-a-new-card hardware solution.
A nationwide Canadian transit card is a great idea but as Samual Muransky answered in the same thread, why bother with ‘obsolete’ dedicated transit cards when everybody uses EMV contactless bank cards and EMV is the new standard. Let’s examine some hidden assumptions at play here.
Assumption #1: Everybody has contactless credit/debit cards The open assumption here that everybody has bank issued credit or debit payment cards is not the case and varies by country, demographics, age, etc. Most people in some countries do, but even so there will always be people who don’t. Transit cards always have the advantage of being available at station kiosks to anyone with cash.
Assumption #2: because of assumption #1 open loop (credit/debit cards) is better than closed loop (dedicated ticketing) for paying transit fare The hidden assumption is that open loop covers everything but it does not. Specific transit services such as individual commuter passes, discounted fares for disabled/elderly/children are practically impossible to attach and use with bank payment cards. The best that transit systems and payment networks can do with open loop is fare capping or special discounts when applied universally. The age-old pay ‘x’ times and get one free concept. Open loop works best for occasional transit users.
Assumption #3: EMV contactless is the NFC standard The NFC Forum recognized long ago that credit card companies and transit companies have different needs and objectives. To that end the NCF Forum has 2 basic NFC standards, one for contactless payments (NFC A/B but only A is really used) and one for transit (NFC A-B-F). All NFC devices must support NFC A-B-F for NFC Forum certification.
Assumption #4: EMV contactless for transit is safe and secure There are many hidden assumptions packed into the words ‘safe and secure’: not everybody agrees on what safe is and what level of security is secure. Things also change depending on the situation and the design. I have covered transit gate reader design in many other posts but recap some basics here.
Steve Jobs famously said that designing a product is a package of choices. I have often said that EMV contactless is supermarket checkout payment technology but that’s not a put down, it’s the truth of what EMVCo were aiming for when they grafted NFC-A to their EMV chip for contactless cards.
Because of wide deployment with no direct control, the original EMV contactless spec had a latency window to work reliably even with crappy network installations, and the slow speed has sometimes been cited as a security risk. NFC-A (MIFARE and EMV) transaction speeds are rated for a theoretical 250ms but are usually 500ms on open loop transit gates. Suica is always 200ms, often faster. The speed gap is due to gate reader design, the network lag of centralized processing vs local stored value processing, and the different RF communication distances for NFC-A and NFC-F. JR East presentation slides explain the transaction speed differences.
Japanese station gates are designed to be capable of 60 passengers per minute. To do this the conditions are:
Processing time of fare transaction has to be within 200ms
RF communication distance is 85mm for physical cards and smartphones
European station gates are designed to be capable of 30 passengers per minute:
The processing time takes 500ms
RF communication distance is 20mm for physical cards, 40mm for smartphones
The Suica transaction starts from the 85mm mark while MIFARE and EMV contactless cards start at the 20mm mark. Because of the greater RF communication distance Suica transactions start much earlier as the card travels toward the reader tap area. It you look closely at the 2nd slide you can see that smartphones have a slightly earlier EMV/MIFARE RF transaction starting at the 40mm mark (the 1.1A/m boundary) due to the larger smartphone antenna, physical EMV cards with smaller antennas are limited to 20mm. This is why smartphones seem faster than physical cards on NFC-A gates. Suica physical cards have a larger antenna and the same RF transaction distance as smartphones.
NFC-A transaction speed is slower because it has to be on top of the reader before it can start. This is also the limitation with optical based QR and bar codes, the transaction only starts when the smartphone screen is close enough to the reader for an error free scan. Transit gates using these technologies are not designed for smooth walk through flow.
One of the smart things Nankai is doing in the test phase (limited to a few key stations) is keeping EMV/QR gates separate from standard FeliCa gates. This is practical. Regular users go through the faster regular gates, the occasional open loop or QR users go through slower EMV/QR gates. Keeping different readers separate and clearly marked helps keep walk flow smooth and crowding down at busier stations. The Nankai program has been put on pause for another year due to the collapse of inbound travelers in the COVID pandemic. It’s a trial run as Osaka area transit gear up for an anticipated inbound travel boom in connection with Expo 2025, that may, or may not pan out.
The Nankai VISA Touch gates are designed for physical cards, Apple Pay works but without Express Transit. That’s a plus as Apple Pay EMV Express Transit on TfL and other open loop systems (OMNY) has come under scrutiny for a potential security risk with VISA cards that allows ‘scammers’ (in lab settings) to make non-transit charges to Apple Pay VISA cards via Express Mode, something that is not supposed to be possible.
Timur Yunusov, a senior security expert at Positive Technologies…said a lack of offline data authentication allows this exploit, even though there are EMVCo specifications covering these transactions.
“The only problem is that now big companies like MasterCard, Visa and AMEX don’t need to follow these standards when we talk about NFC payments – these companies diverged in the early 2010s, and everyone is now doing what they want here,” he said.
In other words, Apple removing Apple Pay bio-authentication to promote EMV Express Mode for open loop transit puts Apple Pay at the mercy of lax card network payment operation practices who don’t follow their own rules. Not that it’s a real problem in the field but accidents do happen, such as this incident on Vancouver BC TransLink that a reader forwarded:
Just a moment ago, I nearly got dinged on my CC while sitting on a high seat near a door which is where one of the validators are located. The validator picked it up from the backside rather than the front side where the tap area is located. Also, somehow, my iPhone authorized the transaction when I only want to return to the home screen instead.
If the open-loop was implemented in a way where the card must be pre authorized before the card can be tapped at a validator, it wouldn’t get me in a situation where I need to deal with customer service to dispute some charges. Good thing this time, transaction was declined so nothing related to this charge showed up in my account.
And then there is data privacy, a far larger and long term problem is how open loop transit user data is stored and used. Apple always says they don’t know what Apple Pay users are doing as the data stays private. Fair enough, but the same doesn’t apply to the bank card companies. Open loop payment platforms in Japan, like stera transit, love to promote the customer data reporting services they provide to transit companies.
Plastic transit IC cards are basically private, they have a card number but nothing else. Credit/debit cards have your entire profile coming along with your open loop use and stera report a subset of this in their reports. And where is this data stored? In Japan, in Korea, somewhere else, wherever stera has a data sub-contractor? Payment transaction companies have been burned, repeatedly, when caught storing Japanese card transaction data outside of Japan…but they keep doing it again when everybody’s back is turned. This problem isn’t going away because of flimsy laws, lax industry practices and last but not least: personal data is a valuable commodity.
There is also the aspect of the price of cost effectiveness. When data processing stays in the country of origin, that means local employment and tax revenue feeds the national economy. When data processing goes outside the country, those are lost. This kind of discussion never takes place when it comes to transaction data processing, which it should, especially when publicly funded transit operators are involved.
Open loop is only part of a larger picture Canadian transit would certainly benefit from a Japanese transit IC system approach with compatibility on the backend, or even the China T-Union approach of a national card spec that is locally branded but works everywhere.
To come back to the beginning, my point isn’t about slamming EMV or QR open loop transit, just the assumptions that they solve everything. They have their place in intelligently designed fare systems but only constitute part of the larger transit fare system picture. And as I have pointed out many times, card companies have little interest in improving the EMV standard for transit needs. They want to capture transit fare business without investing. The focus will always be the supermarket checkout lane that EMV was designed for.
There will always be a risk involved when ignoring the hidden assumptions of EMV open loop as a one size fits all solution. Dedicated transit cards will always be necessary. Every transit system is unique and deserves the best solution for the transit company and the riders they serve.