The market is beginning to move towards a situation where consumers could have NFC phones containing multiple secure elements from multiple service providers, says GlobalPlatform, raising a potentially contentious issue regarding the way in which consumers would be able to use the various NFC services on their phone.
The arrival of a variety of ways to add NFC functionality to mobile phones — via SIMs, embedded secure elements, MicroSD cards and more — could create a scenario where consumers are equipped with a phone containing multiple NFC secure elements supplied by a range of service providers, according to a new white paper, ‘GlobalPlatform’s Requirements for NFC Mobile: Management of Multiple Secure Elements‘.
This then raises the issue of how transactions are handled if, for instance, the user has one payments mechanism stored in a MicroSD card and one stored in the SIM. If both were active all the time, when the user used his phone to make a payment at the point of sale, it should be clear which application could then attempt to make the payment.
In the white paper, GlobalPlatform proposes two ways to address this problem — but both raise additional issues of their own:
- Architecture without aggregation. In this scenario, only one secure element would be active and able to perform a transaction at any one time. The consumer would be responsible for deciding which secure element was active and, whenever he wanted to use the NFC functionality on his phone, he would need to ensure that the secure element which stored the application he wanted to use was active.
- Architecture with aggregation. Here, software in the NFC-enabled device would be able to access each of the various secure elements and would be able to automatically activate the required application, without the consumer having to provide a specific instruction.
While the task force doesn’t go into the issues raised by these two scenarios, it does point out that “at this stage, the two business models are incompatible” — and here at NFC World we are concerned that the problems could go further than that.
A frequently cited advantage of near field communication technology is its ease of use. Requiring users to choose between secure elements each time they use their phone, as described in the first scenario, would therefore be a step backwards for the industry.
An automated system, meanwhile, would be more user-friendly but also raises issues of its own. Who, for instance, would be responsible for developing and providing software able to work with all the secure elements on a phone? And how many security-conscious secure element providers would be willing to enable software they didn’t own or control to access the information required to provide consumers with a fluid and seamless user interface?
The arrival of add-ons able to provide NFC functionality to existing mobile phones has done much to begin to push forward the adoption of NFC over the last year. Could it be that, as one problem seems to have been solved another one has taken its place?
“It is without doubt that there will be a movement towards the use of NFC phones equipped with multiple secure elements in the future, however it is not an issue for today,” Gil Bernabeu, GlobalPlatform’s technical director, told NFC World.
“The aim of this paper is to share our insight on how NFC services could be deployed and provide a rational for which technical architecture should be supported,” he added. “When the time comes, we will work closely with the industry to identify which model is most suitable, or even if another is needed, and offer the required technology to support market requirements and implementation.”