HEADLINE NEWS
Getting TSMs to Speak a Common Language
When NFC services finally begin to roll out, many in the industry are concerned there will be a breakdown in communication between mobile operators and banks and other service providers.
This does not refer to such commercial issues as revenue sharing or who owns the customer. Those are separate problems. It’s on the technical side: How will a fragmented base of trusted service managers download and manage, for example, payment applications on mobile phones to make sure all customers of participating banks will be able to use the NFC services no matter which mobile operator they subscribe to.
To try to prevent things from getting out of hand–assuming NFC gets rolled out widely–smart card standards group GlobalPlatform has formed a Trusted Service Manager Working Group. The new committee is charged with coming up with a standard that will get the various players and their technology suppliers in an NFC project to speak a common language when it comes to downloading and managing applications. The specifications are designed to enable all trusted service managers, or TSMs, to talk to all mobile operators in a given market.
GlobalPlatform, which includes vendors, payment card networks and at least one telco, had planned to have a messaging standard in place by the end of last year, but failed to meet the deadline. Formation of the working group may indicate GlobalPlatform intends to devote more resources to the task.
“You have so many banks and so many mobile network operators (MNOs),” said Eric Le Saint, chairman of GlobalPlatform’s Systems Committee, which will oversee the work of the working group. “In order for each bank to address all MNOs and for each MNO to address all banks, you need something like a hub with a common language.”
‘Complexity is Big’
The “scope is huge and complexity is big” facing the working group, said Le Saint, who is also director of security, IP and standards engagement at U.S.-based security firm ActivIdentity. He told NFC Times plans call for having draft specifications for the TSM communication standard ready later this year. The messaging standard would be in addition to GlobalPlatform’s more well-known work standardizing how applications get downloaded and reside securely on SIMs and other secure elements.
The messaging standard could represent a special challenge. Not only will there be a number of companies offering TSM services–including independent and in-house TSMs–but they could represent or be part of a variety of service providers, such as banks, transport operators and retailers. And mobile operators could have their own TSMs that the bank, transport operator or retailer TSMs will have to communicate with.
These mobile operator TSMs might also be the suppliers of the telcos’ SIM cards, which could serve as the secure elements storing the payment or other NFC applications. But the secure element might be another chip, such as one embedded on microSD cards inserted into the phones. The issuer of the microSDs might be a mobile operator, but it might also be a bank or even a retailer. And like the SIM, the microSD cards could support multiple applications.
And different markets will present different TSM landscapes. In the United Kingdom, for example, banks and telcos are forming bilateral agreements to launch NFC services. In France, all telcos and banks are taking a coordinated approach. Then there are national TSMs, either organized by the government, as in Singapore, or set up by major mobile operators and banks, as is planned in at least a couple of European countries. The landscape would be wide open in other markets.
Leveling the Playing Field
Dave McKay, technical sales manager for Netherlands-based smart card management company Bell ID, a small provider of TSM platforms, welcomed the planned standard, saying it could create a more level playing field for TSM services and, therefore, reduce problems for telcos, service providers and ultimately consumers.
“You have so many players, so many actors in the game; there is absolutely a requirement to get that sort of standardization into play,” he told NFC Times. “The ability for each TSM to talk to each party means much more mobility between banks and network operators.”
The standard could help reduce the risk of any TSM becoming too dominant and using that power to keep other vendors out. For example, in an NFC trial Bell ID worked on in 2008 for a bank in Northern Europe, the SIM supplier and TSM for the mobile operator involved in the trial intentionally made accessing its SIM cards difficult for Bell ID, said McKay.
The planned messaging standard from GlobalPlatform could help keep SIMs or other secure chips carrying NFC applications more independent from the TSM role and avoid the situation of “locking the network operators into single-vendor supply,” McKay said.
McKay declined to comment on the SIM vendor or bank and telco involved in the 2008 trial. NFC Times earlier reported on the topic, in an article in which another independent TSM or TSM platform provider, Cassis International, drew parallels between the budding TSM market and the market for over-the-air platforms to manage GSM applications on SIMs. SIM vendors often used the OTA platforms to sell more SIM cards. SIM vendors Gemalto and Giesecke & Devrient, which also offer TSM services, both contended in the article their TSM operations are “secure-element agnostic.”
Le Saint said GlobalPlatform’s open standards process along with standards work by other organizations, such as the GSM Association, European Payments Council, EMVCo and France’s Association Française du Sans Contact Mobile, “mitigates exclusive interests of individual organizations but does not prevent business models to exist.”
Market Rules
In the end, real enforcement of the messaging standard and interoperability in general among bank TSMs and mobile operators or their TSMs or SIM providers will be left to the market, said Victoria Richardson, who studied the TSM market last summer for NFC company Proxama, part of ABnote Group.
“Standardization is important, because it drives interoperability, which leads to more widespread deployment and better purchasing options for the service providers,” Richardson, involved in product marketing for ABnote Europe, told NFC Times. “But the market is moving forward without this. Interoperability is being forced on a case-by-case basis.”
For example, large mobile operator Orange UK and credit card issuer Barclaycard are expected to launch NFC commercial services sometime this year, likely without the benefit of the GlobalPlatform TSM messaging standard. Rumor has it each party is represented by a different TSM which is also a SIM vendor. And the choice of different TSMs may have been intentional. Orange and Barclaycard apparently didn’t want only one TSM handling the application downloads and management for their launch. But the telco and bank will have reached an agreement on how these two TSMs will work together.
In France, committees are coordinating every part of the planned launch of NFC services, so interoperability problems among TSMs are unlikely there, as well. Countries with national TSMs, such as Singapore, will obviously regulate the interfaces between service providers and telcos.
The telcos, banks and other service providers in these countries will probably adopt GlobalPlatform specifications at some point. And when their customers roam outside of the countries, it’s possible they would need to interact with other TSMs. But the planned specifications will no doubt be most useful in less-structured markets.
“The problem for the bank is to push an application onto a cell phone,” said Le Saint. “It needs an interface and most likely an interoperable interface, because it doesn’t want to talk to just one MNO, and it doesn’t want to have five to six interfaces to (various) MNOs, because it doesn’t know the MNO of a particular customer. You have instead the GlobalPlatform TSM specification.”
Facebook
Twitter
LinkedInSyndicate
