- Recent reports suggest that Apple is intending to use NFC chips in iPhones
- Other recent reports suggest Apple wants to use an embedded SIM in iPhones
The NFC rumour tends to suggest that Apple is interested in mobile payments. However, that raises the question of whether the mobile operators are involved in the payment value chain, or if it is simply a secure extension of Apple's existing 100m+ credit card iTunes base out to the handset.
Presumably Apple has some pretty good relationships already with Visa, Mastercard, Amex et al, given iTunes $4bn run-rate. But that's not enough, on its own, to get those companies to push new card-reader equipment to thousands of retailers, that just support iPhone payments and nothing else. If they were going to go down the NFC path, they would probably wish the EPOS readers to work with a variety of NFC implementations and business models, not just one.
I've had a number of criticisms of NFC over the years - including the cost to the handset manufacturers, the unclear role of the mobile operators, the difficulty of getting merchants to adopt costly new readers, the willingness of consumers to entrust payments to new providers, whether customers actually need a new payment method to replace cash or existing cards, the unsuitability of charge-to-my-phonebill models, failure modes such as theft or handset crashing and so forth.
In short, I've been unconvinced by the "phone is your wallet" argument.
Now, there have been various approaches to NFC which have looked like cutting the operators out of the equation - most notably the NFC stickers that can be attached to the back of the phone. Other ideas have involved extending the role of not-quite-NFC contactless cards used in other applications such as London's Oyster, or Visa's PayWave.
But operators (and bodies such as ETSI and GSMA) have been pushing hard for the version of the NFC architecture which links the NFC chip to the SIM card [technically, it's called the UICC card], where the "secure element" of NFC is stored on the SIM itself, and accessed via the single-wire protocol (SWP).
A good overview of the NFC/SIM/SWP approach is here . There's a diagram on page 10.
But a core problem is the lack of incentive for manufacturers to support the cost of putting the NFC hardware and software in the device, especially if it is based only on SWP use cases. This would essentially mean that the NFC chip would be useless without the SIM, and that therefore the operator could insert themselves in all possible applications, not just payment, unless the device vendor put a second non-SIM secure element somewhere else in the phone.
For the manufacturer, this adds to the bill of materials, increases testing complexity, risks support and return costs, may delay time-to-market, yet may not generate extra revenues either from customers directly, or operators via subsidy or some sort of revenue-share. Especially for markets which sell unsubsidised 'vanilla' phones which could end up with non-NFC supporting SIMs, why go to the cost of putting in an NFC chip, rather than say a better camera, or more memory?
Yet at the same time, the non-SIM/SWP implementations of NFC are looking even more tenuous in acceptability. Why bother with a sticker (or trust it) on the back of your phone?
So we have an impasse:
- Handset vendors don't really want to be forced to support implementations of NFC where all the control and most of the value resides in the (operator-owned and issued) SIM card, even if they can put secondary applications onto it.
- The non-SIM implementations of NFC will have problems scaling and getting publicity, especially given the operators' indifference to selling handsets supporting this, and the handset vendors' general lack of clout with the credit card companies.
- End users seem (largely) indifferent to both a new form of payment, or all the other "near field" applications like waving your phone at a billboard. They also tend to push back against perceived operator lock-in.
- The merchants don't want to buy new terminals, especially if it's unclear what the new payment value chain will look like.
Or maybe not....
Let's revisit the two phrases "technically it's called a UICC card" and "operator-owned and issued SIM card".
Now let's just be a bit clearer about the terms. From Wikipedia :
A Universal Subscriber Identity Module is an application for UMTS mobile telephony running on a UICC smart card which is inserted in a 3G mobile phone. There is a common misconception to call the UICC itself a USIM, but the USIM is merely a logical entity on the physical card.
And from Zahid Ghadialy's blog
CONFIDENTIAL APPLICATION MANAGEMENT IN UICC FOR THIRD PARTIES
The security model in the UICC has been improved to allow the hosting of confidential (e.g. third party) applications. This enhancement was necessary to support new business models arising in the marketplace, with third party MVNOs, M-Payment and Mobile TV applications. These new features notably enable UICC memory rental, remote secure management of this memory and its content by the third party vendor, and support new business models supported by the Trusted Service Manager concept.
Now... I am not currently an expert on the full inner workings of UICCs and SIM technology. I will read up when I get a chance. But I have a suspicion that this might sum up what's going on:
- Today, operators issue (but still own) physical UICC cards, which include the SIM functionality for secure authentication to the radio network, and also other applications such as SIM Toolkit and the NFC secure-element functions. They can "rent space" to third parties for other applications, acting as a Trusted Services Manager.
- Tomorrow, some other third parties may issue physical UICC cards, or embed them into devices rather than distributing them through retail stores. And then those third parties (Apple, for instance) can perhaps "rent space" to operators for applications such as "secure authentication to the radio network".
There are a couple of other angles to this as well, which seem to tie in:
- The GSMA announced its "Embedded SIM Initiative" the other day. I don't actually think it's specifically Apple-driven, but is more about the general M2M market. There are plenty of new business models which could be enabled by this, as well as plenty of problems to solve. However, it is possible that the Apple discussion has brought the issue to a fore.
- Various operators are reportedly throwing a strop about Apple's plans to allow users to provision and activate services remotely. They are (quite reasonably in my view) threatening to stop subsidising iPhones if this occurs.
For years, we have had people advocating the "Soft SIM". Intel worked on a project called the "Identity Capable Platform" back in 2006-7 - I remember seeing presentations about it. The operators (and GSMA) have been fairly vociferous in their condemnation of the concept.
I'm wondering if Apple has done an end-run around this, aiming to own a separate but embedded hardware SIM - and acting as a Trusted Services Manager itself - provisioning the operator's credentials as software on it. Add this to a way to escape from the "subsidy trap" by doing handset financing without scaring investors with risks of default, and we potentially have another disruption from Jobs.
Now.... a disclaimer. I may well be adding 2+2 and getting 7.3 here. But I'd be very surprised if some elements of the recent Apple SIM and NFC stories don't blend together.