The GSM Association has released a new version of its NFC Handset APIs & Requirements, used by phone manufacturers as a reference for what mobile network operators want to see in the devices they order.[From GSM Association issues new NFC handset requirements • NFC World]
Jolly good. Naturally, being operator-centric, the model they are evolving is also SIM-centric, and while that may seem a minor technological detail to high-powered mobile business-persons, it has some implications.
The new document includes two potentially market-changing and controversial requirements for phones like the Galaxy Nexus that are capable of supporting more than one type of secure element and accompanying mobile wallet service:
* Only one secure element must be active at any one time[From GSM Association issues new NFC handset requirements • NFC World]
* NFC phones must ship with the NFC SIM, which would be issued and controlled by the carrier, set as the default active secure element
Setting aside the controversy that this may cause — obviously, there is something that needs to be resolved between operators shipping SIM-based SEs and the suppliers (e.g., Google and likely Apple) delivering handset-based SEs and the service providers (e.g., banks) who might want to use external SEs — it does once again stimulate the question as to how the NFC ecosystem may evolve over the coming year, once more of these SEs of any form are out in consumers’ hands.
Dave Birch, chair of the digital money forum and director at Consult Hyperion, previously said: “The chips put into the phones are secure. But that is not enough. They need to be part of a secure value network.”[From Near field communications: Are UK retailers ready for Google’s mobile wallet? – 6/6/2011 – Computer Weekly]
And I stand by the comment. So what would that secure value network look like and what would be the role of the telecommunications operator — or communication services provider (CSP) to generalise — as a smart pipe, by which I mean a dumb pipe that provides digital identity and digital money services: these services can then be used by a variety of wallet providers to deliver payment, loyalty, ID and other application-layer services to the customers. It may well be that the operator will want to have its own application-layer play, but to my mind this should be kept separate from the infrastructure provision for both practical reasons to do with sound design and delivery principles and as preparation for a likely future regulatory split (I can easily envision operators being required by regulators to provide open, transparent and non-discriminatory to the smart pipe services) between the wallet and the operator’s smart pipe.
We’re not starting from scratch when it comes to thinking about these smart pipe services. Having been through the first phase of (rather disappointing) mobile payment evolution, we’ve come to recognise that trying find the interface between the financial services organisations and the CSP has proved difficult.
Getting two massively complex ecosystems – payments and mobile – to play nicely together is an undertaking that has resulted in the situation we have today – not much to report, at least here in the US.[From Why Make Mobile Payments Easy when you can Make it Hard (and expensive) at The Catalyst Code]
Given everything that’s been learned so far about mobile, I’d suggest that the wallet needs some pretty simple — but secure and reliable smart pipe services — which, for sake of convenience, we might label “digital money” and “digital identity”.
- For digital money, all that is necessary is “simple” money transfer between prepaid accounts perhaps with some special sauce around offline use, integration with carrier billing and some decent APIs to create buzz (the bastard child of Mondex and M-PESA, in the vernacular).
- For digital identity, handset-based authentication (located in tamper-resistant hardware, such as the SIM, SE or SIM-based SE) with standard encryption and digital signature services, once again with some decent APIs to create buzz (a kind of PGP de nos jours).
Incidentally, this framing would categorise almost all current payment schemes, correctly, as being dependent on digital identity services, not digital money services. The reason why this distinction is important is because it relates to the regulatory distinction (not relevant to this discussion) between banks and non-banks.
To use the service, new customers would go to a Nokia outlet and become accountholders with Yes Bank after filling out an application form. Existing Yes Bank customers also could register for Nokia Money at the outlets directly. Nokia would credit the users’ Nokia Money accounts with funds transferred from their Yes Bank accounts. Nokia Money users then could use their phones to initiate payments to participating billers and retailers or to transfer funds to listed beneficiaries.[From American Banker Article on Mobile Services]
If you have to open a bank account, then this is mobile banking rather than mobile payments, isn’t it? In which case, it is based on digital identity, not digital money. Also incidentally, it is worth noting that just as operators don’t want to be dumb pipes, even though they may actually their optimum role in the new economy, so banks don’t want to be dumb pipes either. Bruce Davis noted this a couple of years ago:
If banks are to maintain their position as the ‘producers’ of money (as opposed to just the pipes it flows and is stored within) then they need to work out how to construct money products which can confer permanence and legacy on the giver and communicate that also to the receiver.[From Oikonomics: a social life of money: A magna carta for money?: reflections on a week of talking about ‘the long now’]
This observation opens up, to my mind, a viable future relationship between the smart pipes that carry money around, provided by telecommunications operators and not financial institutions, and the producers of the new kinds of money that will be carried through those smart pipes alongside the money that we are used to. The CSPs may well find themselves making as much money from transporting Facebook Credits as Dollars or Brixton Pounds as prepaid value. This may be a bit too futuristic for the Mobile World Congress, but I really think that forward looking mobile operators should have this in their “cone of possibility”.
These are personal opinions and should not be misunderstood as representing the opinions of
Consult Hyperion or any of its clients or suppliers