Feeds

Dutch banks and operators go contactless

Six of the best plot NFC

Choosing a cloud hosting partner with confidence

A trio of banks has joined three Dutch network operators in creating compatible NFC infrastructure, based on SIM security, aiming to bring contactless payment to the Netherlands by 2012.

T-Mobile, Vodafone and KPN are the operators, while Rabobank, ABN Amro and ING make up the banking side of the table. The companies have signed a letter of intent to create an infrastructure supporting payments from mobile phones using the Near Field Communications (NFC) standard.

The six are undaunted by the fact that there aren't any NFC mobile phones just yet, the only two models ever released having been pulled by Nokia 'cos no one wanted them. Several manufacturers are now making noises about NFC handsets, and the Americans have been surprisingly bullish about the technology lately, so the hardware should come in a year or two.

NFC, or (strictly speaking) N-Mark as the standard is properly known, is useful for all sorts of things as well as electronic payments. NFC devices house a readable tag, and a reader, so interaction works both ways and readable range is restricted by the need to induce current in the tag rather than just bouncing radio signals off it. That makes it well suited to proximity systems such as London's Oyster card, but also as a replacement for bank-issued payment cards.

Assuming that happens there's going to be a battle for control of the secure element necessary to support financial transactions over NFC. Nokia generally placed that element firmly in the phone, putting it under Nokia's control, but US trials are using a removable element that bypasses the handset manufacturer and network operator equally - putting control in the hands of the issuing bank.

The Dutch system places the secure element in the SIM, and will thus require handsets which support the Single Wire Protocol (SWP) as well as the NFC standard. The SWP was published two years ago, but other than a few trials (using customised handsets) it's been unheard of until now.

The SIM is the sensible place for the secure element: users are familiar with the idea that their SIM represents their telephonic identity. Customers switching networks will have an additional step, but nothing that can't be managed.

However, this is an industry that never managed to decide on a standard format for storing plain text files comtaining APN names and MMS servers on SIMs, the combination of which would enable handsets to configure themselves. So specifying an entire banking system, with cross-network compatiability, will be a challenge. The Dutch partners will have their work cut out.

Still, at least they are trying - conservative network operators around the world have let opportunities slip away from them time and time again. From ringtones to smartphone apps, it has been left to third parties to make it happen when operators could have done it better.

The Dutch operators should be commended for trying to keep their customers, though a lot of pieces will need to fall into place if pay-by-phone is really going to take off. ®

Internet Security Threat Report 2014

Whitepapers

Choosing cloud Backup services
Demystify how you can address your data protection needs in your small- to medium-sized business and select the best online backup service to meet your needs.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
New hybrid storage solutions
Tackling data challenges through emerging hybrid storage solutions that enable optimum database performance whilst managing costs and increasingly large data stores.
Protecting users from Firesheep and other Sidejacking attacks with SSL
Discussing the vulnerabilities inherent in Wi-Fi networks, and how using TLS/SSL for your entire site will assure security.