The recent Bank of Yokohama Hama Pay app update created some buzz with the addition of an Apple Pay iD Prepaid card option. It’s similar to the Toyota Wallet approach: the bank app links the user’s bank account to an open front end bank payment service with QR code payment for debit and credit and NFC payment for prepaid.
The difference with the Hama Pay prepaid card is that VISA JP issues the iD card which means it cannot be used internationally the same way that the Toyota Wallet Mastercard iD card can; Mastercard supports iOS NFC switching, VISA JP does not.
Another weird thing: the Hama Pay ad blurb uses the ‘Touch Payment’ branding phrase with iD. Up until now VISA JP reserved that exclusively for EMV contactless card issue but not for FeliCa cards, which of course iD is. Does this mean VISA JP will finally sign with Apple Pay? Probably not.
This represents a big evolution of Apple Pay from NFC only to an open front end approach that includes NFC, Code payments and Ultra Wideband. It will be very interesting to see how bank apps evolve in the iOS 14 era as we move away from the plastic era ‘A vs B’ mind set to the bewildering variety of ‘A~Z take your pick’ era of mobile payments. We still have the Apple Pay/Face ID with face mask passcode nonsense…but that’s another post for another day.
When iPhone X came out in November 2017, IT journalist Tsutsumu Ishikawa named Suica the Apple Pay winner. What he really meant to say was that Suica Express Transit was the only easy way to use Face ID Apple Pay. It took me a long time to get used to Face ID Apple Pay but now with the COVDID-19 crisis and regulation face masks, the choices are back at square one: (1) yank down the face mask to Face ID anything, (2) use a passcode instead, (3) use Apple Pay Suica set with Express Transit. Yeah, the last one. More people have Express Transit now in China, TfL-land and little bits of the MTA OMNY system but nobody has it for purchases. Except Apple Pay Suica, still the only Express Transit card for contactless payments at stores.
In the sudden era of face masks and plastic curtained checkout areas, dealing with Face ID as little as possible, and using Apple Pay Suica as much as possible, makes life easier and safer: experts in Japan instruct people not to touch face mask surfaces and you don’t want to be yanking down a face mask to use Face ID Apple Pay at close proximity checkout. The interim solution is Apple Pay on Apple Watch which does not use Face/Touch ID at all. But there is that social distance problem: your arm has to reach the reader. That’s the thing about NFC, it’s close proximity technology. So are QR Codes.
The Touchless Distance When I first saw the NTT Docomo Ultra Wideband Touchless Mobile FeliCa demo I though why would anybody want to pay a few feet away from the reader? Outside of paying while sitting in the drive thru I could not think of a reason. After living with Face ID, face masks and COVID-19 social distancing, I see the reason now at every checkout at every store. I want it. You will too (the 1:20 mark):
And for cars too, CarKey will work like this at some point (0:13 mark):
Touchless Transit Gate vs Facial Recognition The COVID-19 crisis upends another Face ID related technology fantasy: facial recognition transit gates. NEC is working on face recognition that works with face masks. If anybody can deliver viable face recognition with face masks NEC will certainly be one of the first, but there are cost, performance and privacy issues to consider for transit gates: how fast is the transaction speed, how well does it scale for commuter rush, how do you register faces? Who controls all that transit gate face data and is it stored domestically or data farmed out internationally?
Mobile FeliCa and MIFARE Touchless is the same device level security model we have now with Apple Pay Suica and Student ID, and what we will have with CarKey and shared ‘keys’. UWB is a new hardware layer on top of what already exists, it bridges the NFC infrastructure and contactless payment methods we have now and extends it to the future instead of junking it.
Osaka Metro plans to have face recognition transit gates deployed in time for Osaka Expo 2025. It’s a risky transition plan. Touchless transit gates are the safer bet. Sony, Docomo, NXP, JR East, JREM are doing the necessary hardware and software development with the same embedded secure element security and local processing architecture we have now. Osaka Metro can buy the finished goods from them instead of reinventing the wheel.
Fixing Face ID Shortcomings On the smartphone side Apple already has the Ultra Wideband U1 chip in iPhone 11. The next step is Apple Pay support as outlined in the iOS 14 Apple Pay post. I hope Apple uses the opportunity of adding UWB Touchless Apple Pay to enhance Face ID with improved technology and controls. Express Card/Express Transit is the Apple Pay method to bypass Face/Touch ID for transit, purchases (Suica) and ID door access (Student ID and CarKey). Extending the Express Card/Express Transit model as much as possible, while keeping the high level of security, is one practical way Apple Pay can address some of the Face ID in face mask era pain points.
Last but not least I don’t see Open Loop transit ever working with Touchless technology. Open Loop will likely remain a NFC only service because EMVCo partners are invested in lower common hardware standards like ISO14443 and plastic cards and probably loath to update them. Certainly they don’t want to lose the plastic card issue business because it’s more profitable than issuing digital ones. EMVCo certainly didn’t see the current situation coming, nor did Apple of course. But then again who did?
iOS 13.5 Face ID tweak iOS 13.5 beta 3 has a Face ID tweak: when it detects a face mask it no longer delays the swipe up Passcode pop up with a 2nd read attempt, it goes straight to Passcode pop up. This small tweak remove a tiny bit of Face ID with face mask stress, but tiny things add up when unlocking iPhone many times a day. But for me Passcode pop up was only one stumbling block, a second bigger stumbling block is Passcode entry via the numeric keyboard.
There is a curious lag between what your fingers are tapping, the feedback click sound and what tap the iPhone actually registers. If you closely inspect the visual tap feedback, it flashes white then fades slowly, while the click just clicks.Taken all together, my brain wants to type fast and tells me the my 2 thumb input is going fast, but the iPhone Passcode numeric keyboard wants me to type slow with 1 thumb. Perhaps it’s just me but I only get correct passcode entry 50% of the time unless I slow way down and type with 1 thumb.
Overall the Face ID with face mask tweak seems more for iPhone unlock, it’s much less useful for Apple Pay. I hope Apple continues to tweak Face ID before iOS 13.5 ships but the reality is Apple can’t do very much in a short time.
John Gruber had an interesting observation regarding another iOS 13.5 beta 3 tweak, this one for Group FaceTime:
methinks a lot of folks at Apple (executives included) are using group FaceTime chats more than ever before lately, and have realized that in practice, especially in larger groups, it’s not a good experience.
Unfortunately it’s the same for Face ID: Apple is only addressing it because Apple execs are wearing face masks. It’s very frustrating that Apple is only dealing with the Face ID with face mask issue now that it’s on their face. Customers in Asia have been wrestling with it since iPhone X day one November 2017. At any rate I hope Apple puts the experience to good use for a better future version of Face ID.
The return of Touch ID? The release of iPhone SE and iPad Air with Touch ID on the power button has some tech bloggers speculating if this means a dual biometric approach for future iPhone models. I don’t think so.
It’s that time of year again to look into the WWDC crystal ball and see what changes might be in store for Apple Pay. 2019 was an exciting year with the important Core NFC Read-Write additions for ISO 7816, ISO 15693, FeliCa, and MIFARE tags. Since then we’ve seen iOS apps add support for contactless passports, drivers licenses, retail and manufacturer vicinity NFC tags, transit ticketing, badging, and more. Some expectations ended up on the cutting room floor. The NFC tag Apple Pay feature that Jennifer Bailey showed back in May 2019 has yet to appear. Apple Pay Ventra and Octopus transit services slated for 2019 and iOS 13 failed to launch. Apple Pay Octopus launched June 2, Apple Pay Ventra has yet to appear.
Going the distance with Ultra Wideband The NFC standard has been around a long time, long before smartphones, conceived when everything was built around close proximity read write physical IC cards. The standards have served us very well. So why are NTT Docomo and Sony (Mobile FeliCa) and NXP (MIFARE) adding Ultra Wideband + Bluetooth into the mix?
UWB + Bluetooth delivers Touchless: a hands-free keep-smartphone-in-pocket experience for unlocking a car door, walking through a transit gate or paying for takeout while sitting in the drive thru. It’s the same combo that powers Apple AirTags. UWB Touchless delivers distance with accuracy doing away with “you’re holding it wrong” close proximity hit areas necessary when using NFC. With Touchless your iPhone is essentially a big AirTag to the reader,
For Apple Pay Wallet cards it means hands free Express Card door access, Suica Express transit gate access and payments that ‘just work’ by walking up to a scan area or car. As Junya Suzuki pointed out recently, UWB Touchless is passive vs. the active NFC ‘touch to the reader’ gesture, as such it will live on smartphones and not on plastic cards. Those will remain limited to NFC which does not require a battery.
Secure Element evolution and digital key sharing The addition of UWB Touchless however means that the Secure Element, where transaction keys are kept and applets perform their magic, has to change and evolve. Up until now the Secure Element worked hand in glove with the NFC controller to make sure communications between the reader are secure and encrypted. For this reason an embedded Secure Element (eSE) usually resides on the NFC controller chip.
Apple chose to put a Global Platform certified Apple Pay eSE in their own A/S series chips. The arrangement gives Apple more control and flexibility, such as the ability to update Secure Element applets and implement features like global NFC. The addition of UWB Touchless in FeliCa and MIFARE means both smartphone and readers need new hardware and software. Apple already has UWB in the U1 chip on iPhone 11. Mobile FeliCa software support could be coming with the next generation ‘Super Suica’ release in the spring of 2021 that requires an updated FeliCa OS.
The arrival of UWB Touchless signals another change in the Secure Element as shown in middle CarKey screen image: digital key sharing via the cloud where the master key on the smartphone devices ‘blesses’ and revokes shared keys. Mobile FeliCa Digital key sharing with FeliCa cards and devices was demonstrated at the Docomo Open House in January, also outlined in the Car Connectivity Consortium (CCR) Digital Key White Paper. An interesting aspect of the CCR Digital Key architecture is the platform neutrality, any Secure Element provider (FeliCa, MIFARE, etc.) can plug into it. Calypso could join the party but I don’t see EMV moving to add UWB Touchless because it requires a battery. EMV will probably stick with battery free NFC and plastic cards.
QR Code Payment Cards There is another possible eSE transition for Apple Pay. If the 9to5 Mac AliPay for Apple Pay iOS 14 rumor is true, it represents a huge change for Apple Pay which has strictly limited payment transactions to NFC. The whole identity of Apple Pay is NFC payment cards vs. Wallet which can hold both cards (NFC) and passes (NFC or QR/Barcodes).
A few weeks ago a reader asked for some thoughts regarding the AliPay on iOS 14 Apple Pay rumor with a link to some screen images on the LIHKG site. Before getting to that it’s helpful to review some key Apple Pay Wallet features for payment cards:
Direct side button Wallet activation with automatic Face/Touch ID authentication and payment at the reader.
Device transactions handled by the eSE without a network connection.
Ability to set a default main card for Apple Pay use.
The images suggest a scenario for implementing AliPay in iOS 14 Apple Pay:
AliPay has a PassKit API method to add a ‘QR Card’ to Wallet.
Apple Pay Wallet QR Card set as the main card is directly activated with a button double-click for Face or a Touch ID authentication and dynamic QR Code payment generation in Apple Pay.
Direct static QR Code reads activate Apple Pay AliPay payment.
If Apple is adding AliPay to the ranks of top tier Wallet payment cards, they have to provide a way in. The new “PKSecureElementPass” PassKit framework addition in iOS 13.4 could be just that. Instead of PassKit NFC Certificates, the additions suggest a Secure Element Pass/certificate. Secure Element Certificates instead of NFC Certificates, or better yet completely decouple the Secure Element from NFC so that there are 2 kinds of certificates: a Secure Element Pass for Secure Element transactions, and a NFC Certificate ‘lite’ for non-Secure Element NFC use such as VAS passes which pull everything off a JSON server. In the long run Apple needs to provide finer definitions and controls for NFC and UWB access instead of one black box that PassKit NFC Certificates have been up to now.
The burning question here is: have Apple and AliPay developed Secure Element technology and Java Card applets for encrypted transactions that work without network connections? If so QR Wallet payment ‘cards’ are possible. Direct Apple Pay Wallet QR integration with would open up things for 3rd party (non bank) payment players. QR integration with separate access controls for the Secure Element and NFC/UWB hardware frontend might also help Apple skirt NFC monopoly allegations that got Apple Pay in trouble in Europe.
Dual Mode and flexible front ends The addition of QR and UWB with NFC for payments opens up a long term possibility suggested by Toyota Wallet. The current app lets the user attach a QR code app payment method and/or a NFC Wallet payment method to an account. It’s intriguing but clunky. Wallet QR Payment support would allow Toyota Wallet to move the entire payment front end to Wallet and let the user choose to add one or both.
It’s the latter that interests me most. Instead of having separate NFC and QR payment ‘cards’ from the same issuer for the same account, I’d much rather have one adaptive Wallet card that smartly uses the appropriate protocol, QR, NFC, UWB for the payment at hand.
Ultimately I don’t believe that payment players need or want to anchor their services to specific technologies like QR or even NFC. AliPay may have needed QR to start their payment business empire, why not offer NFC and UWB if it’s there as a front end choice? It’s all virtual.
Capable, flexible, smart. This is what digital wallets should do, things that plastic can never achieve. Let’s hope Apple Pay Wallet makes it there someday, and that payment and transit providers are up to the mix and match challenge in the Touchless era.
CarKey Apple announced CarKey, digital car keys and Ultra Wideband Touchless in the WWDC20 Keynote and accompanying press release:
Digital car keys give users a secure way to use iPhone or Apple Watch to unlock and start their car. Digital car keys can be easily shared using Messages, or disabled through iCloud if a device is lost, and are available starting this year through NFC. Apple also unveiled the next generation of digital car keys based on Ultra Wideband technology for spatial awareness delivered through the U1 chip, which will allow users to unlock future car models without removing their iPhone from their pocket or bag, and will become available next year.
One thing the CarKey session made clear is that Secure Element ‘radio technologies’ are evolving beyond NFC. Another interesting aspect of CarKey is the device requirement: iPhone XR/XS or later, Apple Watch Series 5 or later.
A12 devices and later makes perfect sense because they all support Express Cards with power reserve. Apple Watch does not support this feature but the Series 5 and later requirement suggests the S series chip is getting very close and likely involves Secure Element digital key sharing. We may see Express Cards with power reserve arrive with Apple Watch Series 6.
App Clips App Clips finally unleash the power of background NFC tag reading and is the other big Apple Pay development announced at WWDC20. This is what Jennifer Bailey talked about last year just before WWDC19 but it took another year to come together.
App Clips puts NFC tags on equal footing with QR Codes for the first time with the added edge of the ‘when the screen is on’ background tag sheet pop-ups. This will be huge. See the separate post for details.