Tag Archives: NFC

HCE is Here to Stay

Posted on by

SIMalliance published a whitepaper last month entitled “Secure Element Deployment & Host Card Emulation”. It stated that, “SIMalliance contends that while HCE is good for the NFC ecosystem as a whole, the technology remains immature, unstandardized and, relative to SE-based deployment, vulnerable to malicious attack.”

In general, an evaluation becomes meaningful when context for it is set. I am glad to see the white paper set the following context: “Given HCE’s current and anticipated limitations, SIMalliance considered HCE to be best utilised in use cases where stringent security requirements, optimal transaction speeds and always- available functionality are not mandatory.”

Secure Element (SE) is a more mature and established technology supported by standards groups (ETSI, 3GPP, GlobPlatform and Java Card). Not only does it provide more security for NFC services, but also it has an established certification process. At the same time, SE embedded in SIM cards are controlled by the telecoms, and SE embedded in devices are controlled by device manufactures. They are not open to developers to use freely. Therefore SIMalliance recommends that, “MNOs should request OEMs to implement default NFC routing to the SE”.

So the questions are how many NFC apps need to have stringent security requirements, and how fast telecoms and device manufacturers can implement default NFC routing to the SE. Telecoms and device manufacturers want to make a profit by controlling SE access. That’s why Google is using HCE to implement Google Wallet thereby bypassing the control. I think HCE is here to stay until all stakeholders decide to work together in allowing NFC technology to develop to its full potential.

NFC HCE and Payment Trends

Posted on by

On April 17th, David Marcus, President at PayPal said, “I’ve been looking at three technologies that might truly change the retail experience as we know it.”

One of the technologies David is looking at is NFC HCE (Host Card Emulation). It is an alternative way of using SE (Secure Element) to implement security mechanisms for NFC technology. In my previous blog, I explained why Google has chosen HCE. David Marcus said, “I’m moving from being a massive skeptic of NFC, to being cautiously optimistic on NFC HCE take-up in very specific shopping use cases.”

He envisions two scenarios that would popularize NFC. One is the credit card EMV movement, which would lead to more NFC-enabled terminals at points of sale, and the other is Visa embracing the HCE approach.

I understand David’s point coming from the payment industry leader he is. At the same time, I believe that NFC will take off regardless of payment trends. From my personal experience advocating NFC to business owners, the technology is received with excitement. Entrepreneurs are inspired by the possibilities presented through the integration of NFC tags and chips for enhancing and marketing their products and services. They also wonder why they haven’t heard about the technology sooner.

AT&T, T-Mobile and Verizon spent a huge amount of money on ISIS mobile payment implementation based on NFC, yet they are not promoting the technology proactively or effectively. Not many subscribers know about NFC or ISIS.  What is the missing link?

 

IMG_0321[1]

ISIS Mobile Wallet experience with an NFC enabled phone

Posted on by

This is a follow up blog about my exploration on the use of the ISIS Mobile Wallet. I needed to return my iPhone ISIS case to the AT&T store since it didn’t work well. I decided to continue my hands on ISIS experience and picked up an Android phone.  I chose the HTC One.

Here is what I have performed:

  1. Download the ISIS mobile app:

I downloaded the ISIS mobile app from Google Play Store and attempted to sign on to the ISIS mobile wallet. I had forgotten both my password and the answer to my security question. My ISIS account was locked after a few attempts to sign in. With such a security mechanism in place, I felt more comfortable as a mobile wallet user. I called AT&T customer support and they reset the ISIS password for me in a very efficient manner.

  1. Set up of the ISIS Mobile Wallet:

To my surprise, my ISIS wallet was empty and I was asked to add all cards into it.

This is the message I received:

“This is an important service alert from Isis.

Your Isis Mobile Wallet was transferred to a new phone. Any existing installations of your Isis Mobile Wallet will be disabled while you complete the reinstallation process on your new phone.

As part of this process, you may be required to re-activate Payment Cards by your issuers.”

OK, I get it. When I bought a new wallet, I would need to move all of my cards to my new wallet. Since this is a digital world, I expect more from my digital wallet. A better experience would have been for all the cards associated with my wallet being moved to a new phone automatically. Are these cards not associated with my ISIS wallet in the data base? Why do I have to key in all of the information again?

I was also notified that my iPhone wallet was not available. It seems that ISIS only allows one active wallet and each time the wallet needs to be re-associated with all of the cards.

  1. Get Jamba Juice:

The experience at the Jamba Juice store was good. This is the store that was having trouble receiving ISIS wallet from the iPhone case. It received ISIS from HTC One instantly. I am happy about the experience.

  1. Read NFC tag:

I used the HTC One to scan an NFC tag on my book and it didn’t ask for my permission; “do you want to accept the NFC connection?” as my Galaxy III did. Instead, it scanned the URL in the NFC tag and went to my author’s page at Amazon. It’s good to see the read/write mode working and it’s not good to see that there is no security provided. In this case, when my phone is approaching any NFC tag, it will read it and put the phone in danger of a virus attack.

Overall, it’s a better experience to use an NFC enabled phone to perform ISIS Mobile Wallet activities than using an NFC embedded iPhone case. Stay tuned for more exploration.

IMG_0331[1]

Frustration over my ISIS enabled iPhone

Posted on by

I am getting a bit tired with my ISIS enabled iPhone. The case added weight to my iPhone. Most of the ISIS transactions didn’t work well. The only good thing is that I am getting free drinks from Jamba Juice until the end of March. Other than card emulation mode, none of the other NFC modes work. I can’t tap an NFC tag or an NFC enabled phone with the case to get the full benefits of NFC.  I think I might switch to an Android phone. Most of the Android smartphones are NFC enabled.

Looking back at the history of NFC’s development, I find the situation kind of ironic.  We had an NFC enthusiast, Google, demonstrate NFC card emulation mode’s value by implementing mobile wallet. Telecoms disabled the capability from the phones because they were developing their own mobile wallet solutions and wanted to control SIM-based NFC. So Google dropped SIM-based NFC, the most direct and secured way to protect security and privacy with Secure Element, and implemented HCE (Host Card Emulation) based mobile wallet. Even though it’s not as secure as a SIM-based solution, the HCE solution is beyond the control of telecoms.

Control provokes innovation by requiring creative solutions to market dominant. History repeats!

On the other end, Apple has been filing patents for NFC communication technology but still hasn’t added NFC capability into their devices. Their blue ocean strategy is to find a market space with no competitors. At the same time, their actions have slowed down the adoption of NFC technology and pushed BLE forward. Apple is also exercising a control with its vast user market. Again, innovation will emerge to escape the control. History will repeat.

NFC Solutions Summit 2014 will be held in Austin, TX on June 2-4. I trust that the NFC ecosystem will demonstrate strength and creativity on mobile wallet solutions through collaboration and innovation. Extreme early discount to purchase a ticket is available until April 2nd. Reserve your seat now!

 

NFC iPhone 4 ISIS Mobile Wallet Experience

Posted on by

Yesterday, I went to an AT&T store to enable ISIS mobile wallet in my iPhone 4. Even though Apple hasn’t added NFC chips into their devices, iPhone cases with NFC chips embedded are sold. There are two different cases available. One is Incipio’s CASHWRAP™ Mobile Wallet Case and the other is Isis Ready® Case. I chose an Isis Ready® Case.

The rep, having enabled her own iPhone 4s for ISIS, was very helpful to assist me. She put a micro SD into the case and provisioned my phone for ISIS payment. I went through a verification process to set up the mobile payment. I chose to use American Express Serve and received $50 credit upon activation. It took some effort (many taps) for the payment reader to recognize an NFC payment, but I was able to apply the $50 credit towards purchasing the case.

Then, I went into Jamba Juice to test out ISIS payment.  Jamba Juice offers free drinks until the end of March when customers use ISIS to pay. People working at the Jamba Juice helped me to use ISIS, though it didn’t work after many tries. They said they got a lot of “not working” ISIS payments, but they still gave away free drinks anyway to honor the offer. I wonder whether AT&T or ISIS keep in touch with the point of sale and collect initial surveys about  ISIS mobile wallet user experiences.

Today, I went to another AT&T store to find out how my ISIS transactions can be improved. Was my iPhone 4 too slow? Was the connection between my iPhone and the case working correctly? Was the particular case broken? The store rep informed me that I needed an ISIS SIM card to communicate with the reader. They installed a new SIM card into my iPhone. I went to anther Jamba Juice shop to test it. This time, it worked on the first try and the store indicated that they had quite a few people coming in with ISIS mobile wallet and that they didn’t have many problems accepting these payments.

It’s good to know ISIS mobile wallet does work for iPhone 4 and iPhone 4s. I will do more research about the ISIS SIM necessity for iPhone. The NFC cases are also available for iPhone 5. I wonder if we will still need an extra NFC case for iPhone 6. I am sure it’s a question in many people’s mind.

If developers are interested in learning NFC coding, please look into the NFC Forum Spotlight for Developers event happening next Friday March 21st in San Francisco. It’s much better to be prepared to write NFC apps before the technology takes off.

Are you using ISIS Mobile Wallet? What is your experience?

IMG_0242[1]

Big Data Analytics trends and Sensors’ Role

Posted on by

I attended the Big Data = Big Business Meetup last Thursday and a panel of experts shared their perspectives on the topic “Big Data Solutions – A look into Emerging Tools of the Trade”. It was a good session with 40+ participants.

One of the speakers, Tony Cosentino, VP at Ventana Research, shared the Big Data Analytics trends as follows:

  • Moving from 20th century designed data to 21st century organic data; from confirmatory analytics to exploratory analytics
  • Moving from sample type of analytics to sensors type. Analytics and data are coming together into one environment instead of being separate.
  • Moving the conversation from data to outcome or business orientation

I was particularly interested in Tony’s speech so I did some research about these trends as follows:

  • Designed data vs. organic data:

This Census Bureau’s blog explains that the Census Bureau has created “designed data” based on pre-specified purpose. In contrast, data collected  through internets, sensors and other systems are organic data. The blogger believed “The combination of designed data with organic data is the ticket to the future”.

  • Sample data vs. sensor data:

Sample analytics is used widely in the conventional market research. The research population is generally too big to be covered in a survey; therefore, researchers usually choose a portion of the population (i.e. sample) to do a survey. The sample size and selection are carefully determined in order to capture the representation of the whole population.

A sensor is a device that measures a physical quantity / activity and transforms it into a digital signal. Sensors are always on, capturing data at real time and powering the “Internet of Things.” Sensors can collect enormous data and Cloud computing and storage help to make the analytics possible.

  • Conversations on data vs business:

Data itself is not the focus of the conversation anymore. Nowadays, the business value provided by the big data is the focus.

I agree that the combination of organic data and design data will create valuable data. I believe we need to have a sampling mechanism with organic data since the volume is big. For example, NFC is one of the sensors. When the technology takes off, it will provide interesting data sets. How to translate the data into value added information for businesses take specific design.

This Hadoop blog suggests that “sensors can be used to collect data from many sources, such as:

  • To monitor machines or infrastructure such as ventilation equipment, bridges, energy meters or airplane engines. This data can be  used for predictive analytics, to repair or replace these items before  they fail.
  • To monitor natural phenomena such as meteorological patterns, underground pressure during oil extraction or patient vital statistics during recovery from a medical procedure.”

I think sensors go beyond these domains. For example: an NFC embedded wearable device can monitor body movements and vitals, such as heart rate and blood sugar. Digital health and fitness mentioned in a blog of Aaron Rose  is possible because of the sensors. The Fujitsu NFC smart glove shows a use case beyond digital health and there is unlimited space for monitoring these types of innovations.

These thoughts were triggered by a two hour Meetup. Can you imagine what thoughts will be triggered in two days? I am looking forward to attending the Big Data Innovation Summit held in Santa Clara on April 9 and 10th. With 80+ sessions, it will definitely broaden my vision and expand my imagination.

What are your thoughts on these trends?

Big Data Innovation Summit 2014

Big Data Innovation Summit 2014

EMV and NFC Adoption

Posted on by

Are you a victim of the recent Target credit card breaches? Today, most US credit cards use a magnetic stripe to read and record account data and signatures for verification. This mechanism became vulnerable to fraud when technology emerged to enable the illicit reading, writing, and subsequent cloning of these magnetic stripes. Recent data breaches at Target and Neiman Marcus demonstrated these vulnerabilities.

EMV (Europay, Master card and Visa) standards were created to reduce counterfeit such as this. They have been specifying interoperability between EMV-compliant chip cards and card payment terminals throughout the world for over a decade. Banks in many countries adopted the technology and started to use chip cards. Chip cards have a microchip embedded in them. The majority of the implementations of EMV cards and terminals confirm the identity of the cardholder by requiring a PIN (Personal Identification Number).

In spring 2009, Canada Trust announced the adoption of EMV standards and explained what a chip card was in an article titled “Payment Card progress: what it means to your business”. The article stated that one of the new fraud prevention technologies that may have the most immediate impact on how merchants do business is the chip card. The chip card is a contactless card with a microchip and a radio antenna embedded inside. It can be simply waved in front of a secure, contactless reader for a secure way to pay.” These chip cards used by Canada Trust use RFID technology.

As the world is moving to a more secure way to implement credit card purchasing, one might wonder why the USA adoption of this technology is delayed, and what the impact of this delay is.

To me, two big potential impacts might be:

  • More credit fraud will happen in the US since the rest of the world is using more secured cards.
  • NFC mobile payments are a less attractive option for consumers since NFC technology might take a while to be adopted.

What is your thought about this?

See more information about EMV here.

IMG_0198[1]

NFC in 2013

Posted on by

NFC had a good run in 2013. Every month, we heard exciting news about NFC products or trials being launched. These launches have extended far beyond the “mobile payment” category to include product/service marketing, toys, games, furniture, printing, utilities, machine-to-machine (M2M) communication, quality control, inventory management, service automation, and more.

ABI research pointed out that smartphones will continue to account for the majority of NFC shipments in 2013 as volumes jump by 129%. However, from 2014 onwards, computing products, peripherals and automotive will have greater adoption of NFC, and consequently, smartphones will decline from a peak of 80% of all NFC device shipments in 2013 to less than 60% in 2017.

NFC and other connectivity enablers are greatly expanding an “Internet of Things (IoT)”. It’s obvious that we are becoming increasingly connected through wireless technology, and M2M communication is on its rise. A good example is that Google and Apple are about to expand their battle to a new front: the automobile. This was reported by the WSJ a couple of days ago.

Big data is a buzz word nowadays. NFC, RFID, QR Code, and Bluetooth Low Energy (BLE) are all types of sensors that contribute to the big data scenario. Big data analytics are going to produce valuable information about consumers and merchandise. It’s also going to change the retail store shopping and mobile phone experience.

One of the usages of NFC is mobile payment. Recently, AT&T, Verizon and T-Mobile launched ISIS – NFC mobile payment using a SIM-based secure element that manages payment credentials. It will take a while before the consumer market adopts this technology since NFC is not yet a familiar technology, and mobile payment is not a yet a common practice.

In addition, a different approach to implement mobile wallet emerged. Google Wallet led the way to adopt the Host Card Emulation (HCE) approach in order to implement NFC secure app independently from telecom’s control of SIMs. Tim Horton’s, a North American coffee chain, has also launched an NFC mobile payment service using HCE at 3,500 locations in Canada and 800 in the United States. It will be interesting to watch the battle between various NFC mobile payment implementations and adoptions.

2014 should be an exciting year as NFC products and services continue to grow in availability and usage.

What iBeacon Deployment Says About NFC

Posted on by

On December 5th, Apple deployed iBeacons (Bluetooth-powered stations) in 254 stores nationwide, creating a new shopping experience for its customers. When customers walk into Apple stores, their location can be detected by iBeacons which send location specific messages to iPhones or iPads.

To receive this service, customers need to have iOS7 on their devices and an app from the Apple Store with tracking permissions. Customers also need to have Bluetooth turned on since iBeacon transmitters use Bluetooth 4.0.

Bluetooth is a wireless connectivity technology that was invented in 1994. It consumes a lot of energy and drains cell phone batteries fast. Blue Low Energy (BLE) was introduced in 2006 and was merged into the Bluetooth core specification 4.0 in 2010. It consumes much less energy than the conventional Bluetooth. Apple deployed the technology recently with the new release of iOS7.

iOS7 enables iBeacon to communicate with iPhone and iPad through BLE. The successful deployment of iBeacon within 3 months of the iOS7 release demonstrates that vision can be realized when a plan is well thought out and executed. At the same time, iOS7 does seem to have a lot of problems and improvements need to be made.

In September 18th when Apple released iPhone 5S and 5C with BLE, the NFC ecosystem was anxious about the development since the large market share of Apple devices heavily impact technology adoption. The NFC ecosystem was hoping that Apple would adopt NFC and help to move the technology forward at a faster pace. Now, there are questions about whether NFC will ever be fully adopted since the iBeacon BLE technology was Apple’s choice.

Personally, I think BLE is a complimentary technology to NFC. The two do not have a mutually exclusive relationship. NFC is short range (4cm) wireless connectivity technology, and it can’t be tracked unless a tap happens. It works in different modes; active to active and active to passive. BLE can be tracked whenever you turn the Bluetooth on. It operates within 32 feet and it works in active to active mode. Both technologies can facilitate a more integrated consumer experience.  For more details, please reference my book “Everyday NFC: Near Field Communication Explained”.

ISIS – Not an Option for my Galaxy 3

Posted on by

Yesterday, I was at the AT&T Store to get an ISIS SIM card in order to use ISIS mobile payment. The rep was very excited since this was the first time she has activated an ISIS SIM card. The store manager Chris was next to us assisting her. He was very pleasant and introduced Digital Life products to me while we were waiting for ISIS to work.

After trying two ISIS SIM cards, three reboots of the phone,  four technical support calls and 1.5 hours waiting, my Samsung Galaxy 3 kept on returning with an error message that read “ISIS requires a new SIM card with a Secure Element”.  Tech support was transferred from AT&T to ISIS and the problem remained. So ISIS tech support suggested to transfer back to AT&T tech support. Finally, we decided that ISIS was not going to be an option for my phone.

I looked at the Google Play store and found similar dissatisfied comments made by other consumers. Carriers have some work to do to fix these problems.

ISIS Mobile payment started its trial last fall in Austin and Salt Lake City. It uses NFC technology for data exchange and secure element in the SIM card to save credit card information. Since a SIM card is hard to hack, a SIM based secure element is a more secure solution. Secure element will also be used for storing credentials for building access; for example hotel room locks or office building access.

The transportation market segment is also planning to store credentials to SIM based secure element so that mobile phones can be used to pay transit fare. Since the carriers’ infrastructures are not ready, the transportation market may get impatient and give up on secure element.

I hope the future secure element based NFC applications will work well so that consumers can really enjoy NFC technology and pick up the technology as Asia and Europe have. A good news is that ISIS has introduced ISIS Alliance Program to support the ecosystem. We shall keep an eye on its development.