It’s interesting parsing app reviews that say ‘this app sucks’. How does it suck and why? As I’ve said before, the overwhelming negative App Store reviews for Suica App are less about the app and more about lousy carrier auto-connect • free WiFi connections messing with the Mobile Suica recharge function. Most users see Suica App as the software that controls everything Mobile Suica AND iPhone NFC hardware. It does not of course but people dump all blame on Suica App anyway.
It’s a complete mystery why people even bother using Suica App when so much Mobile Suica functionality is built in Apple Pay Wallet right out of the box. Nevertheless it’s safe to conclude that Suica App user angst is network related. People assume the WiFi and cellular icons at the top of the iPhone screen indicate a healthy internet connection, which they decidedly do not.
Most of what Mobile Suica does is done without an internet connection. The only time it needs one is recharge time with a credit card in Apple Pay Wallet app or Suica App. All that complaining over one Mobile Suica feature however, tells us something important about WiFi and cellular internet connections in station areas and on trains: they suck. Despite ubiquitous cellular and WiFi coverage, reliable internet is notoriously fickle in those famously busy Japanese train stations. This is the real reason behind all those ‘this app sucks’ Suica App reviews.
Which brings us to Smart Navigo, the Île-de-France Mobilités (IDFM) Paris region transit card for mobile that is going wide on Android smartphones this year. IDFM has spent a lot of time and expense working with Calypso Networks Association (CNA), the transaction tech used for Navigo, to implement the less secure network dependent Calypso HCE ‘cloud’ secure element approach as the default mobile transit tech for Android devices in 2022.
It is very unusual that IDFM chose HCE as their go to mobile strategy on Android when the more secure hardware embedded secure element (eSE) is standard on all smartphone NFC devices, and does the job without internet connections. HCE is very different from eSE in that both NFC smartphone and the reader need a connection to talk with a server. HCE was also conceived for leisurely supermarket checkout, not the challenging transit enviroment. How does Calypso HCE compare to the network-less eSE experience? CNA says:
For security reasons, transactions using the personalization key or the load key are not possible through the NFC interface, and must be done with a secure connection to a server.
Only the Calypso debit key is stored in the HCE application for validation on entrance and control during travel, coupled with a mechanism of renewal of the Calypso Serial Number (CSN) to mitigate the risk of fraud : a part of the CSN contains date and time of validity of the debit key which shall be checked by the terminals.
It’s too bad IDFM didn’t study Mobile Suica shortcomings, they could have learned a few things. Most certainly they understand HCE shortcomings but chose it anyway for unknown (political?) reasons. Right out of the gate Smart Navigo HCE won’t support power reserve NFC transactions even on Android devices that support it for regular eSE NFC. In total, there are 6 core Smart Navigo features that are internet connection dependent vs 1 Mobile Suica feature. 6 more things to complain about when they don’t work…in other words the Smart Navigo HCE suck index is 6 times greater than Mobile Suica. If Suica App is anything to go by, there are going to be a lot of bad Google Play reviews for the HCE version of the Île-de-France Mobilités App.
iPhone and Apple Watch users can be thankful that Apple Pay Navigo will use eSE (as Samsung Pay Navigo already does), and avoid most of this mess when the service launches in 2023, matching the Mobile Suica experience, feature for feature.
Suica App user reviews are relentlessly bad, rip after rip of ‘this software sucks’. Never a good thing to say. Here’s the thing however, when you dig into the reviews most of them have little to do Suica App. It’s also really weird that many reviewers/users seem to think they need Suica App for using Suica at the transit gate. They don’t.
Why are people even using Suica App anyway? You don’t need it to add Suica to iPhone, you don’t need it to recharge Suica. All these things can be done in Wallet app. And now that people are working remotely, there is much less demand for purchasing commuter passes, the biggest reason for using Suica App in the first place. But there is one good reason for using Suica App: setting up Auto-Charge. Set that and you’ll never have to use Suica App.
There’s an important difference to know about Auto-Charge vs. regular recharge in Suica app and Wallet app: auto-charge is locally processed via the transit gate Suica NFC reader. It’s instantaneous and doesn’t care about your iPhone network connection.
Wallet and Suica app recharge are processed via the iPhone (or Apple Watch) network connection. Apple Pay talks with iCloud and Mobile Suica, the transaction is processed online and relayed back to Apple Pay, the recharge amount is added to Suica card. Many network hoops.
There is a message the Mobile Suica twitter account puts out regularly: make sure your smartphone has a robust network connection and don’t use free WiFi when recharging Suica or using Suica App. A bad WiFi connection fools Suica App users into thinking their iPhone is connected to the internet when it is not. This is a particular problem with carrier Wi-Fi SIM auto-connect that bypasses a solid 4G/5G connection and automatically connects to an extremely unstable or overloaded carrier WiFi instead. WiFi on trains and in stations is never reliable and should be turned off when using recharging Suica in Wallet or using Suica App.
Which brings us to an interesting Suica App user review titled “It’s a real urban legend” which explains all the crap talk about Mobile Suica boils down to people trying to recharge at rush hour in transit gate areas with a crapped out carrier or free WiFi connection…the perfect Suica App killer situation. The reviewer recommends “recharge in a calm place at calm time,” to which I heartily agree. Or better yet, ditch network recharge altogether and use Suica NFC Auto-Charge. It will never fail you.
Suica 2 in 1 Region Affiliate Transit Cards have a problem: it would be great to have these cards available on mobile wallet platforms (Osaifu Keitai, Apple Pay, etc.) however, the whole point of region cards is to promote region affiliate transit companies and service benefits for the people who live there. There are region affiliate transit points and services for everybody, discounts and point rebates for elderly and disabled users, commute plans and so on, subsidized by prefectural and local city governments.
Hence despite the Suica logo on them, region affiliate cards are not available from JR East. They are only available from region affiliate bus offices. But it’s a pain getting them, commute plan renewal requires another trip to the bus office and cash recharge is the only option. Suica 2 in 1 would be infinitely more useful and user friendly on mobile. Region affiliate users are certainly happy to have a card that covers all of their transit needs but it doesn’t bring them into the Mobile Suica era.
But mobile is a two edged sword. On one hand you want the convenience of Mobile Suica, on the other hand region cards need to promote subsidized services for a particular location, keeping them local on a wide mobile platform and restricting access for special services with certain eligibility requirements (local disabled and elderly residents) is a challenge. How does one promote targeted regional services on widely available mobile platforms like Mobile Suica on Apple Pay?
The Suica App mobile fix Hmmm, this sounds like a similar problem with student commuter passes. JR East and customers want to do away with the drudgery of going to the local JR East station ticket window to confirm student ID validity, nevertheless, student ID validity must be confirmed before a student commuter pass can be purchased. Mobile Suica has supported student commuter passes but students have to go to a local JR East office to validate and activate it.
Mobile Suica will address this problem on February 13 with a system update and new version of Suica App (v3.1.0) that adds support for in-app purchasing and renewing student commute plans. Another Mobile Suica update on March 12 will add Tokyo region day pass purchase support. Think of these as selective local services on a widely available mobile platform. Let’s see how this approach can be applied to Suica 2 in 1 Region Affiliate cards.
1) Region affiliate mobile issue When I made my Apple Wallet transit card wish list mockup, I thought it might be nice to have all the new Suica 2 in 1 cards available directly in Wallet app along with Mobile ICOCA (coming in 2023).
Apple Pay WAON deals with this problem in a smart way: regular WAON can be added directly in Wallet app, regional WAON cards are added to Wallet with WAON app. The beauty of issuing specialty WAON cards in the app is they have region specific goodies attached: a portion of the region WAON card transaction goes to a local government development fund.
This approach is a perfect fit for region affiliate Suica cards on mobile with local perks, bonus local transit points and so on when issuing cards on mobile.
2) Suica2 in 1 commuter pass purchases and limited eligibility card issue There are a few more hurdles to clear before Suica 2 in 1 can join the mobile era: region affiliate commute plan purchase and renewal, limited eligibility card issue (for elder and disabled users).
Let’s say you are a totra commuter who rides a region affiliate bus and a JR East train. In this case you need 2 separate commute plans on your Suica 2 in 1 totra card, one for the region affiliate bus, one for JR East. The commuters plans must be purchased separately: the region affliliate commuter pass is bought at the bus office, the JR East section is then purchased added at a JR East station ticket office. It’s a complex hassle. JR East stations are all cashless but only a few region affiliate bus offices take credit cards…and so it goes. How nice it would be to do this with an app and pay with Apple Pay.
Mobile Suica already hosts this kind of complex commute plan configuration but not in Suica App. Mobile PASMO and PASMO App are hosted on the JR East system, basically rebranded Mobile Suica, and easily configure complex bus + train commute plans from multiple transit operators for mobile purchase.
This leaves limited eligibility card issue. The February 13 Mobile Suica update adds student commuter pass pre-registration and ID verification uploading via the Mobile Suica member website. The student reservers a pass entering school information, commute route and uploads a picture of their school ID. Approved student commuter pass reservations are then purchased in Suica App. This ID verification method can be used for issuing elder and disabled Suica 2 in 1 cards. It’s still a manual authentication process that digital My Number cards will, hopefully, transform into a simple automatic one with instant verification of necessary personal information.
One of the really interesting things about Suica 2 in 1 is that the next generation format is the very first Suica card that supports disability fares. Up until now disability fare users have been limited to paper passes inspected at manned transit gates.
JR East plans to drastically reduce the number of manned transit gate areas. Before this happens, mobile support for all Suica cards of every kind, especially the new Suica 2 in 1 features, must be in place. The pieces of the solution are there, it only a matter of JR East integrating them into a Mobile Suica system and Suica App update.
One Suica App to rule them all If we are promoting region affiliate Suica cards does it make sense to do it all in Suica App or have individually branded local apps for totra, nolbé, cherica, et al? One main goal of Suica 2 in 1 is cost reduction and infrastructure sharing. Despite all the different names and card artwork these are Suica cards with all the Suica benefits and JR East managing the Suica infrastructure for region affiliates.
I’d argue it doesn’t make sense nor does it fit with cost reduction goals to do a bunch of re-skinned local Suica Apps when JR East is making a bunch of replicas. Better to focus efforts on making Suica App a streamlined easy to use app with all the necessary tools for managing mobile region affiliate cards. And because physical cards remain an important part of the Suica platform strategy, Suica App must also add a physical card iPhone recharge feature similar to what Octopus App and Navigo App offer.
All in all I expect that 2023, which will see the launch of the highly anticipated JR West Mobile ICOCA service, will be a big year for Mobile Suica and Suica App too.
Jonathan Seybold said it best in his Computer History Museum interview video, many arguments can be easily demolished by pulling out the hidden assumptions. In our attention span challenged social media era it’s all too easy to believe things at face value. Few people invest time and brain energy to analyze and question arguments to find and examine hidden assumptions.
A reader of this blog might come away thinking I am not a fan of open loop transit fare payments and despise EMV contactless and QR Code payment technology. That would be a mistake. I don’t hate them, everything has its place. I simply don’t agree with ubiquitous assumptions that EMV or QR or open loop are cure alls for every transit fare payment situation that they are praised to be…usually because ‘everybody uses’ bank issued contactless payment cards or smartphone payment QR apps. It’s a one size fits all mentality that blinds people from seeing hidden assumptions. It’s very important to see how all the pieces, seen and unseen, fit together. After all, transit companies and their users have to live with transit infrastructure choices for decades.
In a recent twitter thread Reece Martin thought it would be nice if Canada had a nationwide transit card. This is something Japan has had since 2013 when the Transit IC interoperability scheme was put in place that made the major transit IC cards compatible with each other, but they did this without changing the hardware. The various card architectures were left untouched and linked with system updates, a use-the-same-card backend solution. China on the other hand created a national transit card with the China T-Union • PBOC 2.0 standard that replaced all older transit cards with locally branded T-Union cards, a get-a-new-card hardware solution.
A nationwide Canadian transit card is a great idea but as Samual Muransky answered in the same thread, why bother with ‘obsolete’ dedicated transit cards when everybody uses EMV contactless bank cards and EMV is the new standard. Let’s examine some hidden assumptions at play here.
Assumption #1: Everybody has contactless credit/debit cards The open assumption here that everybody has bank issued credit or debit payment cards is not the case and varies by country, demographics, age, etc. Most people in some countries do, but even so there will always be people who don’t. Transit cards always have the advantage of being available at station kiosks to anyone with cash.
Assumption #2: because of assumption #1 open loop (credit/debit cards) is better than closed loop (dedicated ticketing) for paying transit fare The hidden assumption is that open loop covers everything but it does not. Specific transit services such as individual commuter passes, discounted fares for disabled/elderly/children are practically impossible to attach and use with bank payment cards. The best that transit systems and payment networks can do with open loop is fare capping or special discounts when applied universally. The age-old pay ‘x’ times and get one free concept. Open loop works best for occasional transit users.
Assumption #3: EMV contactless is the NFC standard The NFC Forum recognized long ago that credit card companies and transit companies have different needs and objectives. To that end the NCF Forum has 2 basic NFC standards, one for contactless payments (NFC A) and one for transit (NFC A-B-F). All NFC devices must support NFC A-B-F for NFC Forum certification.
Assumption #4: EMV contactless for transit is safe and secure There are many hidden assumptions packed into the words ‘safe and secure’: not everybody agrees on what safe is and what level of security is secure. Things also change depending on the situation and the design. I have covered transit gate reader design in many other posts but recap some basics here.
Steve Jobs famously said that designing a product is a package of choices. I have often said that EMV contactless is supermarket checkout payment technology but that’s not a put down, it’s the truth of what EMVCo were aiming for when they grafted NFC-A to their EMV chip for contactless cards.
Because of wide deployment with no direct control, the original EMV contactless spec had a latency window to work reliably even with crappy network installations, and the slow speed has sometimes been cited as a security risk. NFC-A (MIFARE and EMV) transaction speeds are rated for a theoretical 250ms but are usually 500ms on open loop transit gates. Suica is always 200ms, often faster. The speed gap is due to gate reader design, the network lag of centralized processing vs local stored value processing, and the different RF communication distances for NFC-A and NFC-F. JR East presentation slides explain the transaction speed differences.
Japanese station gates are designed to be capable of 60 passengers per minute. To do this the conditions are:
Processing time of fare transaction has to be within 200ms
RF communication distance is 85mm for physical cards and smartphones
European station gates are designed to be capable of 30 passengers per minute:
The processing time takes 500ms
RF communication distance is 20mm for physical cards, 40mm for smartphones
The Suica transaction starts from the 85mm mark while MIFARE and EMV contactless cards start at the 20mm mark. Because of the greater RF communication distance Suica transactions start much earlier as the card travels toward the reader tap area. It you look closely at the 2nd slide you can see that smartphones have a slightly earlier EMV/MIFARE RF transaction starting at the 40mm mark (the 1.1A/m boundary) due to the larger smartphone antenna, physical EMV cards with smaller antennas are limited to 20mm. This is why smartphones seem faster than physical cards on NFC-A gates. Suica physical cards have a larger antenna and the same RF transaction distance as smartphones.
NFC-A transaction speed is slower because it has to be on top of the reader before it can start. This is also the limitation with optical based QR and bar codes, the transaction only starts when the smartphone screen is close enough to the reader for an error free scan. Transit gates using these technologies are not designed for smooth walk through flow.
One of the smart things Nankai is doing in the test phase (limited to a few key stations) is keeping EMV/QR gates separate from standard FeliCa gates. This is practical. Regular users go through the faster regular gates, the occasional open loop or QR users go through slower EMV/QR gates. Keeping different readers separate and clearly marked helps keep walk flow smooth and crowding down at busier stations. The Nankai program has been put on pause for another year due to the collapse of inbound travelers in the COVID pandemic. It’s a trial run as Osaka area transit gear up for an anticipated inbound travel boom in connection with Expo 2025, that may, or may not pan out.
The Nankai VISA Touch gates are designed for physical cards, Apple Pay works but without Express Transit. That’s a plus as Apple Pay EMV Express Transit on TfL and other open loop systems (OMNY) has come under scrutiny for a potential security risk with VISA cards that allows ‘scammers’ (in lab settings) to make non-transit charges to Apple Pay VISA cards via Express Mode, something that is not supposed to be possible.
Timur Yunusov, a senior security expert at Positive Technologies…said a lack of offline data authentication allows this exploit, even though there are EMVCo specifications covering these transactions.
“The only problem is that now big companies like MasterCard, Visa and AMEX don’t need to follow these standards when we talk about NFC payments – these companies diverged in the early 2010s, and everyone is now doing what they want here,” he said.
In other words, Apple removing Apple Pay bio-authentication to promote EMV Express Mode for open loop transit puts Apple Pay at the mercy of lax card network payment operation practices who don’t follow their own rules. Not that it’s a real problem in the field but accidents do happen, such as this incident on Vancouver BC TransLink that a reader forwarded:
Just a moment ago, I nearly got dinged on my CC while sitting on a high seat near a door which is where one of the validators are located. The validator picked it up from the backside rather than the front side where the tap area is located. Also, somehow, my iPhone authorized the transaction when I only want to return to the home screen instead.
If the open-loop was implemented in a way where the card must be pre authorized before the card can be tapped at a validator, it wouldn’t get me in a situation where I need to deal with customer service to dispute some charges. Good thing this time, transaction was declined so nothing related to this charge showed up in my account.
Open loop is only part of a larger picture Canadian transit would certainly benefit from a Japanese transit IC system approach with compatibility on the backend, or even the China T-Union approach of a national card spec that is locally branded but works everywhere.
To come back to the beginning, my point isn’t about slamming EMV or QR open loop transit, just the assumptions that they solve everything. They have their place in intelligently designed fare systems but only constitute part of the larger transit fare system picture. And as I have pointed out many times, card companies have little interest in improving the EMV standard for transit needs. They want to capture transit fare business without investing. The focus will always be the supermarket checkout lane that EMV was designed for.
There will always be a risk involved when ignoring the hidden assumptions of EMV open loop as a one size fits all solution. Dedicated transit cards will always be necessary. Every transit system is unique and deserves the best solution for the transit company and the users they serve.
FeliCa Dude did his usual public service of posting Mobile FeliCa details for the latest Pixel 6 devices. There wasn’t any change from Pixel 5, so no global NFC Pixel for inbound visitors. Nevertheless it’s a good opportunity to review some important recent developments that have taken place behind the scenes on the Android Mobile FeliCa side and examine some possible 2022 scenarios. Things have changed even if most users don’t notice any difference.
The chart outlines Mobile FeliCa on Google Pixel developments based on information from FeliCa Dude’s tweets.
Mobile FeliCa 4.0 (Pixel 4) freed Android device manufacturers from having to use embedded secure element + NFC chips from the FeliCa Networks supply chain. Any FAST certified secure element will do. This development has resulted in a number of inexpensive Osaifu-Keitai SIM-Free smartphones released by Chinese manufacturers recently that are selling well. Hopefully it will have wider implications for inexpensive global NFC Android devices. There are lots of people in Hong Kong who would buy one to use Octopus.
Mobile FeliCa 4.1 (Pixel 5/Pixel 6) introduced multiple secure element domains. This allows the device manufacturer to ‘own’ the eSE and load or delete Java Card applets. FeliCa Dude thinks that multiple secure element domains (MSED) might play a part in the MIC digital My Number Card due to launch on Osaifu Keitai devices in 2022. My Number card uses NFC-B but MSED allows the Mobile FeliCa secure element to host it anyway, an interesting development.
Mobile FeliCa 4.2 or 5.0? The next version of Mobile FeliCa (MF) will hopefully support FeliCa SD2 next generation features that shipped in November 2020, features that power Suica 2 in 1 Region Affiliate Transit Cards (aka Super Suica) which are going wide in March 2022. These cards really need to be on mobile for future MaaS service plans outlined by JR East which cannot happen until SD2 features are added.
The improvements in MF 4.1 certainly give Android device manufacturers the ability to update MF over the air but don’t hold your breath. Standard industry practice to date has been ‘buy a new device to get new features’. Apple has been a little bit better in this regard: MIFARE support was added in iOS 12 for Student ID cards and iOS 15 fixed some Calypso bugs on iPhone XR/XS and iPhone SE.
A FeliCa Dude Reddit post comment regarding Asus smartphones illustrates the pre-MF 4.0 situation: “any phone that lists ‘NFC’ compliance must support Type F (FeliCa), but as there is no Osaifu-Keitai secure element <aka Mobile FeliCa secure element>, you will be limited to reading and potentially charging physical cards: you cannot use the phone as a card itself.” That was then, this is now.
Most people assume FeliCa support requires a Felica chip but this is not true. The evolution of hardware independent Mobile FeliCa is very clear: the ‘FeliCa chip’ from Sony/FeliCa Networks requirement is long dead and gone. Manufacturers like Xiaomi claim they make special models and add FeliCa chips just for the Japanese market, but that’s just marketing BS: they run Mobile FeliCa on the same NXP NFC chipset they sell everywhere. The majority of smartphones supporting FeliCa don’t have a FeliCa chip, everything from EMV to FeliCa and MIFARE runs on any GlobalPlatform certified secure element on any Android device.
Hopefully the sum of recent Mobile FeliCa developments, along with Garmin Suica, Fitbit Suica and built in WearOS Suica showing up in recent developer builds, indicate that FeliCa Osaifu Keitai services will become standard on Android devices as they have been on all iOS and watchOS devices since 2017.