Feeds

Bank of America retrofits BlackBerrys with NFC

Is that a battery, or a wireless payment wallet?

The smart choice: opportunity from uncertainty

Bank of America is bringing pay-by-tap to the masses, or at least a small trial group of BlackBerry users, by using a removable card and a replacement battery.

That's significant as it means that the latest trials, spotted by Boy Genius Report (which has provided screen shots of the offer), will be using a secure element owned by Bank of America, embedded in a microSD card supplied and controlled by the bank.

Near Field Communications, the technology behind the forthcoming pay-by-tap deployments, has two components - the radio/induction antenna and the secure element. The radio element is increasingly being built into handsets, and the next generation of BlackBerrys will feature NFC radios, so the replacement battery is very much a stop-gap solution.

The secure element, on the other hand, is managed by a trusted provider who decides what applications are allowed to be installed. The network operators would dearly love to be that trusted provider, but the banks would also like to be involved, and the handset manufacturers want a stake too.

Google's Nexus S, for example, has an embedded secure module under Google's control (we understand, though Google isn't saying). The Nexus S also supports the Single Wire Protocol (SWP) which allows the network operator to put a secure element in the SIM. That's an approach that the ever-operator-friendly Nokia has embraced with the NFC-equipped C7, which relies entirely on the SWP for security.

Bank of America is using a microSD-based security, which bypasses both the network operator and the handset manufacturer, putting the power firmly in the hands of the bank. Bank of American can decide what payment applications can be installed in the virtual wallet (bank's own debit card, or MasterCard credit card, in this instance).

Tyfone, makers of similar microSD-based secure secure elements, is firmly of the opinion that customers will not accept a secure element under the control of a single bank, or network operator, which is why it's so interested in the microSD model. A removable microSD can be switched between handsets and between network operators, but if it's under the control of the issuing bank then that freedom is still limited.

The NFC business is still deciding what shape it should take, and the pie isn't big enough for everyone to take the slice they'd like. That makes early moves worth watching, and Bank of America's trials worth keeping an eye on while we all decide who we'd trust with the keys to our virtual wallet. ®

Mobile application security vulnerability report

More from The Register

next story
Yorkshire cops fail to grasp principle behind BT Fon Wi-Fi network
'Prevent people that are passing by to hook up to your network', pleads plod
Major problems beset UK ISP filth filters: But it's OK, nobody uses them
It's almost as though pr0n was actually rather popular
Microsoft unsheathes cheap Android-killer: Behold, the Lumia 530
Say it with us: I'm King of the Landfill-ill-ill-ill
All those new '5G standards'? Here's the science they rely on
Radio professor tells us how wireless will get faster in the real world
Apple orders huge MOUNTAIN of 80 MILLION 'Air' iPhone 6s
Bigger, harder trouser bulges foretold for fanbois
US freemium mobile network eyes up Europe
FreedomPop touts 'free' calls, texts and data
'Two-speed internet' storm turns FCC.gov into zero-speed website
Deadline for comments on net neutrality shake-up extended to Friday
Oh girl, you jus' didn't: Level 3 slaps Verizon in Netflix throttle blowup
Just hook us up to more 10Gbps ports, backbone biz yells in tit-for-tat spat
prev story

Whitepapers

Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Reducing security risks from open source software
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.