GUEST COMMENT: We’re unlikely to end up with a single TSM per country, or per region, or per operator — which isn’t what many people imagined when the TSM model became current, writes Dave Birch of Consult Hyperion.
Central to the deployment of mobile proximity payments in the mass market is the well-understood problem of the connection between (and control over) applications and service providers. “How does a bank’s payment application get into a consumer’s phone?”, to put it simply.
Well, the GSM Association set out a “standard” architecture that has a box called a Trusted Service Manager (TSM) to take care of that problem. The service provider tells the TSM to send a bank card to your phone and the TSM makes it happen. It’s actually fairly straightforward to do this.
DnB NOR and Telenor have been working together on NFC since April 2008 when they formed TSM Nordic, a joint venture charged with creating a trusted service manager to handle the introduction of NFC in the Nordic region.
Now, the bank or the operator could load the application themselves, so why would they introduce the extra box? Well, we all understand the basic problem, as clearly stated here by Jonathon Gould:
As additional service providers join the ecosystem — such as loyalty operators, ticket issuers and pre-paid cards providers (e.g. transit) — then the possible number of TSMs explodes, increasing the level of complexity accordingly.
Actually, I think the problem may be a little more complex still. But let’s look back at the simple case first. A single bank (let’s say Citi) does a deal with a single operator (let’s say M1 in Singapore) and they need a “TSM” to get applications to the phones. In that case, what has turned into almost a default option is that the personalisation service provider connects their system to the operator OTA:
Gemalto is entrusted with the management and preparation of sensitive user information from Citibank and to perform secure Visa personalization services on the phones enabling subscribers to gain access to the Visa payWave service on Singapore M1′s mobile network.
Outside the case of banking, where mass personalisation supply chains, certified to a high level of security, already exist, the emerging supply chain may well be different: It doesn’t have to follow the bank model, where multiple banks outsource to bureaus and some banks have their own systems in house.
This is because different kinds of services require different kinds of TSMs. The TSM capable of delivering military ID applications into USB tokens may have very different security, reliability and flexibility requirements than a TSM capable of delivering a sports ticketing application or a corporate login application.
If you are a transit operator, you may find that sharing a TSM with other transit operators makes sense, whereas sharing a TSM with banks doesn’t. Therefore, we’re unlikely to end up with a single TSM per country, or per region, or per MNO, but we may end up with one TSM per sector outside banking and one TSM per bank/operator service inside banking, which isn’t what many people imagined when the TSM model became current. A single TSM just doesn’t look right.
There’s a pressure in the opposite direction, which serves to stop us from having a thousand TSMs. As has been discussed before (by Consult Hyperion and others), there is a substantial economic advantage to sharing infrastructure and interoperability means significant growth in services. Therefore, in a market such as the UK, one might expect to find four or five TSMs in time. That seems reasonable, so let’s move on to another question. Who will run them?
I argue that the MNO should take over the role of the TSM. The MNO already has a Call Center which can be used for the new service support. With the Secure Element (SE) on the MNO SIMs, (which looks like the most viable option to deploy NFC), the operator already carries out essential activities such as provisioning, SIM blocking, etc.
There’s a logic to this, although I have to say that many MNOs seem unenthusiastic about the opportunity. They don’t personalise the SIMs themselves, so to build this kind of facility would cost them a lot of money and they’d have to comply with all sorts of security requirements. If an MNO outsources to the same (for example) G&D centre as its bank partner does, then G&D will become the TSM in practice. As the always thoughtful Dean Bubley notes in the ForumOxford piece, the business model for the operator depends substantially on reduced churn, but banks (and their customers) won’t want to be locked into to a particular operator unless the operator pays heavily for the privilege.
It’s different in the markets that we look at as being the most advanced mobile transaction (eg payments, ticketing, loyalty, coupons) markets, Japan and Korea. In these markets, there is no concept of a TSM because everything goes through the operator. While there may be arguments about the long term efficiency, innovation and operation associated with this architecture, there’s no denying it’s an effective way to get markets off of the ground. In the Japanese market (where Docomo recently announced their target of moving from around 9 million to around 11 million DCMX customers this year), the delivery of (for example) train tickets to the contactless interface in the handset is routine.
Our experiences have been very varied indeed. Having studied the problem and potential solutions for both public and private sector organisations, and having implemented live payment applications — both open (that is, Visa/MC/Amex) and closed-loop — in a variety of pilots, and having helped customers on multiple continents to develop architectures for mass-market services, I’m pretty sure that the real world of TSMs and “TSM equivalents” (ie collections of system components that deliver the same functionality as a TSM) is more complicated that the original GSMA model. The most likely architecture will combine sector-specific TSMs (eg, in transport) with a small number of operator-centric TSM+OTA operations and perhaps a larger number of service-provider specific Application Management+TSM operations.
We’ve studied a few of these models and the different pressures around them for different customers. Some examples are well-studied: France is a case in point with the payment-oriented Pegasus, transit-oriented Ulysses and retailer-oriented Ergosum multi-operator, multi-provider projects showing how national organisations might infuence technical architecture. I think another interesting, if embryonic, case study is Spain, where there is a bank-oriented pilot led by the processor (Sermepa) co-ordinating the banks “TSMs” (by which I mean existing bureaus plus OTA interfaces).
Mobile operator Telefónica Espana has launched a “comprehensive pilot project” to test out the use of NFC to deliver payment services through mobile phones. For the pilot it has teamed up with Sermepa, the technical arm of ServiRed, the transaction processing service owned by 102 Spanish card issuers who, between them, have nearly 40 million cards in circulation and operate over 32,000 ATMs.
I understand there there is to be another transit-oriented pilot where the transport companies will co-operate on a single shared TSM that connects to MNO OTAs. There has already been a single company pilot running in Malaga using Orange handsets. It will be instructional to see how these different models evolve.
• David GW Birch is a director of Consult Hyperion, a UK-based IT consultancy that has extensive experience advising private and public sector customers in Europe, America and Asia on NFC business models and strategy. You can keep in touch with his latest thinking via the Digital Money Forum blog.