Google’s Wallet is among the very first large-scale efforts at transforming how you pay for things, injecting futuristic wireless NFC technology into the moment when you give a merchant your credit card number. It really works, using data handling and security systems that Google has designed. But the main smartphone that supports it, the Galaxy Nexus, won’t have Google Wallet enabled on the Verizon edition, because Verizon won’t allow it. Verizon, you see, is part of the Isis conglomerate–a mashup of credit card firms and cell phone networks–and they demand a slightly different hardware protocol for the way NFC wallets will work. That sound you hear is the rumpus caused by a new industry stumbling into being.
Isis just awarded the contract for the “secure element” (the encryption component of an NFC transaction system that ensures your data remains private and no one can snoop on your transactions) to Gemalto. Gemalto’s a firm you probably haven’t heard of, although you may well have used their products: Based in the Netherlands, they’re a huge manufacturer of SIM cards, among other secure devices. By opting for Gemalto, Isis’ members are signalling that they think your digital wallet should perhaps be controlled by security circuitry built into a SIM card. Which, lest you forget, is a piece of hardware that is tightly controlled by your cell phone operator–it’s your cell’s identity and main digital connection to their network. Which means that according to Isis, your future digital wallet will be partly orchestrated by your cell phone operator.
Gemalto’s SVP of Telecommunications, Sebastian Cano, spoke to Fast Company about the deal. It’s all about “management of the credentials of the secrets that are used inside the subscriber’s phone. And in order to perform some sensitive transactions, mainly financial transactions or management of coupons or loyatly programs, all these NFC services will require a higher level of security,” and Gemalto’s already got a product on the market that it’s adjusting to suit Isis’ security needs. “It’s the concept of a technical hub that will perform the end-to-end security” he notes, with Gemalto’s scheme securing the data in ways that please Isis–and it’s much more secure than current credit card systems. “It’s way, way above what is currently being practiced in American stores and ATMs right now,” Cano says.
And while security and privacy is paramount, Google’s wireless Wallet solution embeds its secuity in the phone itself–meaning the phone’s NFC payment system is essentially agnostic to which cell phone operator it’s used on. The data for the moment of transaction passes through your cell phone as merely encrypted data like pretty much any other encrypted piece of 3G information (such as when you pay for something on Amazon using your smartphone’s web browser, tapping in your passwords and credit card numbers), meaning it’s inaccessible to the cell phone network.
For another perspective, look at what Apple’s doing in its stores with its updated in-store app for iPhones, that lets you buy and pay for goods without having to speak to an employee–or even, for small items, do much more than scan the barcode of the thing you want into the app and walk out of the store with it. Apple’s using its own security layers, location awareness systems, payment handling, and store inventory management, plus its archive of hundreds of millions of users’ credit card numbers (the paid iTunes membership role) to pull this off. Since you can link pretty much any credit card from any provider into your iTunes account, and the data needn’t go over cell phone 3G (using in-store Wi-Fi instead) then Apple’s system is completely agnostic to cell phone systems and banks and credit card companies.
Apple’s also got a host of patents that hint at all sorts of amazing future uses for NFC, from smart wireless-sensing shopping baskets to cleverer ATMs to neat security controls, like identifying yourself as the owner of the credit card by “signing” your name with the corner of your iPhone, and letting its motion sensors check. Now Apple’s cleverness here is more in the implementation–and doesn’t preclude having a “secure element” in the phone or the SIM card.
But it’s worth noting that Apple doesn’t actually need to make any deals with banks or phone networks or even the firms that make the credit card readers in stores for all of this to work, as it already has a highly efficient system through which to carry out a transaction–iTunes. And Apple has been trying to force innovation into smaller SIM card designs (freeing it up to make thinner phones) as well as an entirely digital SIM card. That design would preclude SIM-based NFC security, and disenfranchise the cell networks to some extent–small wonder that they’ve moved to quash Apple’s plans. It is fair to say, however, that Gemalto’s tech doesn’t necessarily demand a SIM card solution, but by using its muscle and pushing clients to include compatibility with Isis’ Gemalto-powered payments scheme, the end result is the same–the networks and the banks get a say in how your smartphone payments scheme will work.
Also, look at this NFC effort by BarclayCard–one of the U.K.’s big credit card companies associated with a bank–which shows how desperate the banks are to lever their way into this system, to the point of giving out free money, tinged with the social benefit of donating money to a children’s charity.
And then there’s news of how Microsoft is combining its Tag technology, which associates information and brands with a QR-code-like barcode, with NFC technology “giving brands and end users the easy way to use a full suite of recognition technologies, from the original QR Codes to the current Tags and beyond to NFC–all in one place” as the press release has it.
PayPal, meanwhile, has its own NFC (and NFC-free efforts), to leverage its hundred million or so credit card subscribers, and has just revealed it’ll be competing with Groupon with a location-aware coupon app. Very high-tech. To highlight how fast this market is moving, just today Intel has made a deal with French firm Inside Secure to provide it with NFC technology–including, perhaps, Inside Secure’s own secure element hardware. In other words Intel, which probably makes the chip inside your computer, wants to be a big player in how you spend your wireless dollars.
The battle, then, is busy raging. There’re are all sorts of pros and cons to all the upcoming ideas. For example, you already rely on your cell provider to propel your daily life and trust it with a lot of data, so why not the strings to your digital purse? On the other hand, I’ll bet your cell phone company hasn’t got the best customer service you’ve ever encountered, and they have an unashamed habit of nickel-and-diming their clients every way they can.
Big decisions like Isis’ have important implications for the future of how you’ll spend your money–and gain loyalty points, earn discounts, share data, and even unlock and start your car–all things NFC can facilitate–and they’re not necessarily being played out for your benefit.
They’re being decided by big players who are increasingly aware that the whole paradigm of credit and debit card payments is about to transform, and at this moment of rapid change, they’d love to stick their technology into play. If they can, they will gain a share of the trillions of dollars that are spent in transactions every year.