The Weekly #2

July 27, 2021

The ‘Apple Pay is a monopoly’ soap opera continues

ZDNet reports Australian Parliamentary Joint Committee on Corporations and Financial Services hearings that are focused on, yet again, forcing Apple to ‘open up’ their NFC chip. Actually they should be talking about the secure element in Apple Silicon because that’s what Apple devices use and it’s not just about NFC anymore, it’s Ultra Wideband too.

The Apple Pay monopoly debate isn’t new and isn’t about being ‘open’, it’s about banks getting what they want from politicians. What I found interesting was the back and forth between Apple and Google regarding the hardware embedded secure element (eSE) vs. the virtual secure element in the cloud Host Card Emulation (HCE), a topic that confuses many ‘experts’.

Google is playing both ends here because they have different flavors of Google Pay for different kinds of Android devices. Google Pixel Google Pay uses eSE while everybody else use HCE Google Pay. One very important thing not mentioned in tech blog coverage is that Samsung Galaxy and the Chinese smartphones (Huawei, OPPO, Xiaomi) all use a custom eSE with their own XX-Pay. In other words, everybody on the Android side outside of low end junk is doing exactly what Apple Pay is doing.

Apple
Host Card Emulation (HCE) is a less secure implementation, which was adopted by Android … Apple did not implement HCE because doing so would lead to less security on Apple devices.

Google
Our payments apps are immensely secure…we would refute the suggestion our HCE environment is in any way insecure … I would argue the user experience on Google Pay is equal to that of Apple Pay.

Let’s see what GlobalPlatform has to say about HCE:

GlobalPlatform
HCE solutions can be a great option for issuers to get to market cost-effectively for their Android customers. However, they aren’t without their complexities. Rooted in the NFC device OS, HCE apps can be more vulnerable than the ‘Giant Pays’.

So HCE security is up to the payment app, shitty app = shitty security without Apple Pay Secure Intent. The whole HCE debate is nonsense, like FeliCa Dude says it’s eSE or nothing. If the committee thinks that HCE means open and good, they are showing their incompetence.

Apple Pay Wallet has a very simple rule: any card that loads a Java Card applet into the secure element has to reside in Wallet. Any card or developer that wants to loads applets and use the secure element has to have a PassKit Secure Element Certificate Pass. This is covered by NDA but a company called PassKit (not Apple) gives us an idea what Apple’s NFC/Secure Element Pass guidelines are:

Apple care a great deal about the user experience. Before granting NFC certificate access they will ensure that you have the necessary hardware, software and capabilities to develop or deploy an ecosystem that is going to deliver an experience consistent with their guidelines.

Yeah, the end to end user experience, the whole reason behind the success of Apple Pay. Banks don’t want to be told they need to improve their ecosystem for a better user experience, and they don’t want to pay a transaction cut to Apple that they are used to keeping for themselves. What else is new?

The whole ‘Apple Pay is a monopoly’ soap opera is overrated.


PASPY transit IC card migrating to QR

After thinking out loud recently about dumping their PASPY transit IC card in favor of a QR Code smartphone app, Hiroshima Electric Railway Co. Ltd (Hiroden) CEO Masao Mukuda announced that Hiroden would indeed junk NFC and migrate to a QR Code app over an unspecified period of time. Running their own transit IC card is too expensive, so old folks, school children and everybody else will have to use smartphone to ride Hiroden light rail trains in Hiroshima.

PASPY is just the tip of the iceberg. There are many transit IC cards out there with the same problem: fixed infrastructure costs supporting a small region transit IC card and declining ridership. Add the COVID crisis that has decimated public transit use and you have a business crisis. All the small transit cards outside of the Transit IC card standard (the pink box) are in the same boat: they can only be used in their respective regions, they don’t have e-money functions, they don’t have the resources to go mobile.

This is exactly the problem JR East is addressing with their 2 in 1 Suica MaaS soution. JR East hosts the hardware, the local operator issues a ‘localized’ Suica that offers both special local MaaS services (discounts and extras, etc.) and seamlessly plugs into the larger Suica and Transit IC map.

Suica 2 in 1 region cards are the keystone of JR East’s MaaS strategy

Unfortunately PASPY is in the JR West region which doesn’t have anything similar to the JR East MaaS program. It would be a perfect solution: customers would get a new card that works just like it does now but works everywhere with e-money and ICOCA benefits, Hiroden is freed from the costs of hosting and issuing their own card.

QR is not going to be the salvation that Hiroden hopes it will be. QR isolates Hiroden from the wider transit IC network of Mobile Suica, PASMO, ICOCA. Even if Hiroden gets rid of their card issuing business cost, they still have to host a system to run the QR Code app and manage accounts. The real rub is that instead of anybody buying an IC card out of a machine, Users will have to sign up for the app or buy a QR paper ticket. They also have to worry about where and how their account data is stored. My prediction: it’s going to be a messy money losing transition.


Heraiza down but not out

Poor little Heraiza, one of my favorite Japanese YouTubers, has been copyright claim ‘hacked’ from a fake account pretending to be Dentsu and now has 2 bogus strikes against her YouTube account. As an independent 17 year old high school student with 150,000 followers, she doesn’t have the resources of a YouTuber managment agency like UUUM, who she likes to badmouth (and I won’t put it past UUUM using fake accounts to take her out). Dentsu or whoever the real copyright holder is has confirmed to her that her content does not violate said copyrights.

Hopefully she’ll get it all worked out and unlock all her previous videos, though YouTube being YouTube, if they don’t like you they ban you…AND keep your ad revenue. In her most recent post about one of her favorite YouTubers having their account hijacked, she has her confidence back. Good thing, in these dark times we all need to laugh.

Have a good week and enjoy the Olympics.

On The Media

Tim has been on a roll recently. Not that Tim, the other Tim. Tim Pool. When YouTube and Twitter started purging ‘conservative’ Japanese content that wasn’t breaking any content rules, following what YouTube and Twitter were already doing in America, Tim Pool was the only online journalist reporting it.

I don’t always agree with Tim’s politics or watch every video post, but I always keep an eye on him. His reports on the devolution of mainstream media and how social media like YouTube and Twitter contribute to that decline, is on the nose. Another thing I like about Tim is that he believes in positive engagement and calling things as he finds it. This sets him apart from former Vice News colleagues: Tim has not lost the ability to think critically and objectively, he questions everything and tries to examine both sides of an issue. To me this is healthy.

And Tim knows when to play the YouTube de-ranking guessing game because he knows there are more important things to report on than waste time fighting YouTube. His milk toast reports are considered so dangerous by YouTube that real YouTube humans review his every video and suppress ones they don’t like:

One disturbing trend that social media drives is what I call cut and paste narrative journalism. Part of it is driven by the need for clicks and what big media thinks will sell. I see this frequently in mainstream western reporting on Japan that likes to portray Japan in a negative light. Here’s a recent piece written by Ian Bremmer for Time titled, Why the Japan-South Korea Trade War Is Worrying for the World, where you can see cut and paste narrative journalism in action.

Why the Japan-South Korea Trade War Is Worrying for the World

The opening sentence is a setup: “but it’s the trade spat between Japan and South Korea that signals the larger troubles ahead for the world.” This is Bremmer’s opinion, nothing else, and puts him squarely in the South Korea supporters club. There are plenty of economic experts who will tell you that Japanese ~ South Korean trade volume isn’t nearly as important as the media makes it out to be.

Skipping the next few sentences of regurgitated South Korean side only history, we arrive at the crucial sentence:

“Frustrated with the proceedings and determined to put pressure on Moon’s government to intervene in some way, Japan strengthened restrictions on several high-tech exports to South Korea in July and downgraded South Korea’s status as a trusted trading partner in August.”

This is classic cut and paste narrative. It substitutes fact for opinion, while presenting it as fact. Bremmer removes all the context of Japanese claims that South Korean was violating UN sanctions on North Korean, among many other things, leading up to the sanctions. Instead of crucial context we get: Japan is frustrated. Really? Can you prove that Ian?

The rest of the piece deflates from there into a half-hearted denouncement of President Trumps foreign policy, without naming Trump, as if Bremmer can’t decide whether it’s a good or bad thing for the U.S. to play the world’s policeman.

I find it hard to stay well informed with big media these days. Big media is still important but sifting the good from the bad is a lot more work. Unfortunately I don’t think it’s going to get easier.

Twitter Follows YouTube Purge of Conservative Japanese Commentators

First YouTube and now Twitter is freezing mainstream conservative commentators. Kazuya’s bogus YouTube purge for ‘spam’ a few days ago, now reinstated after a overwhelming response from online Japanese across the political spectrum, has been followed by Twitter freezing his account. Two attacks this close together is not coincidence. I smell a rat.

The Twitter takedown is particularly bogus: a ‘well known’ lawyer lodged 4 copyright complaints on a Kazuya tweet that URL links to Kazuya’s own YouTube Channel video. In short somebody claimed copyright on content they don’t own. Twitter froze Kazuya’s account anyway. This is somebody hijacking DMCA rules to take down somebody else they don’t want on Twitter. Maybe Twitter wants it that way.

The YouTube purge has already damaged YouTube’s credibility in Japan because they don’t offer real reasons for banning or reinstating Kazuya’s account or other similar conservative commentator YouTuber accounts that are still frozen. YouTube comes across as being completely arbitrary or worse, politically motivated, a huge turn off for many Japanese.

If Twitter doesn’t do a better job of filtering bogus copyright claims and falls into the trap of becoming somebody else’s tool, Twitter credibility in Japan will be destroyed too.

Your choice Twitter.

UPDATE
Now Twitter has been caught engaging in Shadow Banning of conservative Twitter users but changed it overnight when caught by Vice. Meanwhile Kazuya’s Twitter account still remains frozen for unexplained reasons.

YouTube Purge Hits Conservative Japanese Channels

The YouTube purge of conservative and right-wing channels as described by Tim Pool earlier this year has hit Japan hard recently with many high-profile and popular channels such as Tsuneyasu Takeda and Kazuya taken down for vague YouTube community violations, spam mostly.

This is not fringe but mainstream commentators who write books, major magazine articles and appear on Japanese TV. Tsuneyasu Takeda is a university professor whose family are descendants from the Meiji Emperor. You cannot get more mainstream than that.

The takedowns are exactly the ‘one strike you’re out purge’ method that Tim Pool describes under the YouTube spam violation policies.

YouTube Spam Policies
Dubious spam violation is a favorite YouTube purge method

Takeda and Kazuya have both setup new YouTube Channels while their cases and uploaded catalog are ‘reviewed’ but subscriber numbers are way down as you’d expect. Pre-purge Kazuya had 490,000 subscribers, now he has 38,000. If YouTube’s intention here is to disrupt Japanese conservative commentators ahead of Japanese Diet elections due later this year, they certainly achieved that.

Regardless of politics I think YouTube’s purge first review later (if ever) action for dubious reasons is deplorable. This has already thrown a chill on Japanese online communities. Japanese take pride in listening to and respecting opinions of others even if they don’t agree with them. I think a lot of younger Japanese, and bloggers will think twice before trusting YouTube, or Google again.

UPDATE
The Japanese response to YouTube’s purge of the Kazuya Channel was so overwhelming that 3 hours after informing Kazuya that the YouTube review of his channel confirmed that it violated YouTube spam policies, without giving any specifics, and would not be reinstated, he received yet another email stating that the YouTube review found his channel did not violate spam policies and was reinstated. Again without offering any details or explanation. Kazuya thanked his followers in a comeback video but observed that YouTube’s actions may have damaged its reputation in Japan.

It already has.

UPDATE
Unfortunately the YouTube purge is spreading to Twitter.