Feeds

Mobe operators foresee SIM-based contactless payment

World obstinately fails to revolve around them, though

Intelligent flash storage arrays

Operator alliance GSMA has teamed up with the European Payments Council to work out how mobile payments will work, reaching the shock conclusion that operators are essential in banking.

That conclusion emerges from the snappily-titled "Mobile Contactless Payments Service Management Roles Requirements and Specifications", which maps out various scenarios and architectures for proximity payment systems, all of which place the network operator front and central in the process.

That's remarkable when everyone else in the industry seems to be working out the best way to provide proximity payments without having to go through the operator - not because they hate network operators, necessarily, but because most operators move with the speed of a lazy glacier.

The operators only have one decent card left to play, the SIM, over which they have absolute control. Any proximity-payment system needs a secure element, separated both logically and physically from the handset architecture, and the SIM is perfectly placed to fulfil that role.

The Single Wire Protocol (SWP) gives the SIM access to a near-field antenna, so it can conduct transactions without having to worry about the handset's security - but SWP is three years old now, and beyond technical demonstrations we still have no handsets supporting it.

However, that hasn't stopped the GSMA creating its 70-odd pages of diagrams, explanations and calls to action. The SWP handsets don't exist because operators haven't asked for them, and the GSMA is hoping that it can convince operators they can be at the centre of proximity payment systems. But being operator-centric it assumes that the secure module will be on the SIM, then maps out how banks will come begging to operators to have their client software installed, and how customers will have to ask their operator when they want to change banks.

But that assumption is far from certain. American banks are already running large-scale trials putting their secure module in an micro SD Card, while manufacturers are happily embedding secure modules in the handset - it's hard to imagine Apple doing anything else when (if) it launches an NFC-capable iPhone next year.

Anyone old enough to remember the early days of internet commerce will find the document depressingly familiar: incumbent companies producing lengthy documents outlining how they're going to extend into the new world, while the new world gets on with providing what customers want by any means available. ®

Security for virtualized datacentres

More from The Register

next story
TEEN RAMPAGE: Kids in iPhone 6 'Will it bend' YouTube 'prank'
iPhones bent in Norwich? As if the place wasn't weird enough
Consumers agree to give up first-born child for free Wi-Fi – survey
This Herod network's ace – but crap reception in bullrushes
Crouching tiger, FAST ASLEEP dragon: Smugglers can't shift iPhone 6s
China's grey market reports 'sluggish' sales of Apple mobe
Sea-Me-We 5 construction starts
New sub cable to go live 2016
New EU digi-commish struggles with concepts of net neutrality
Oettinger all about the infrastructure – but not big on substance
EE coughs to BROKEN data usage metrics BLUNDER that short-changes customers
Carrier apologises for 'inflated' measurements cockup
Comcast: Help, help, FCC. Netflix and pals are EXTORTIONISTS
The others guys are being mean so therefore ... monopoly all good, yeah?
Surprise: if you work from home you need the Internet
Buffer-rage sends Aussies out to experience road rage
prev story

Whitepapers

A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.