Feeds

EU pay-by-tap accepts operator independence

GSMA not involved this time around

Intelligent flash storage arrays

The European Payments Council guidelines for NFC proximity payments are up for debate, and this time the operator isn't considered an essential component though still the preferred partner.

In its last paper on the subject the EPC worked with operator-consortium The GSMA to work out how payment applications should be installed onto a secure element embedded in the operator's SIM, but this time a greater variety of options is presented and interested parties are invited to comment by June 17.

The proposal (117-page PDF/1.9 MB) addresses the thorny question of where the secure element should reside, and thus who controls it. The three popular options: SIM, embedded and SC Card, are presented and while the report still comes down on the side of the SIM it admits that "some business-related aspects ... might prove to be challenging".

The quickest solution to deploy, according to the EPC, is one which uses a secure element embedded in a microSD card. Such a solution allows the issuing bank to own the secure element, and if the microSD includes an NFC antenna and radio stack (such as those being built by Device Fidelity), then no other integration is required.

However, a secure element on a microSD has no secure way of interacting with the screen or keypad of the phone, and so cannot be sure that communications are not being intercepted until standards are forthcoming.

Which is what the EPC document is all about: deciding which standards should be adopted to facilitate communications between the surprisingly large number of parties involved in the proximity-payment ecosystem.

The payment ecosystem

Note how the Mobile Network Operators (MNOs) are reduced to sitting in brackets

The document is aimed, primarily, at banks and payment processors, but it also highlights just how many parties intend to make money by facilitating proximity payments: quite possibly enough to threaten the viability of the whole idea. ®

Security for virtualized datacentres

More from The Register

next story
Crouching tiger, FAST ASLEEP dragon: Smugglers can't shift iPhone 6s
China's grey market reports 'sluggish' sales of Apple mobe
Sea-Me-We 5 construction starts
New sub cable to go live 2016
EE coughs to BROKEN data usage metrics BLUNDER that short-changes customers
Carrier apologises for 'inflated' measurements cockup
Comcast: Help, help, FCC. Netflix and pals are EXTORTIONISTS
The others guys are being mean so therefore ... monopoly all good, yeah?
Surprise: if you work from home you need the Internet
Buffer-rage sends Aussies out to experience road rage
EE buys 58 Phones 4u stores for £2.5m after picking over carcass
Operator says it will safeguard 359 jobs, plans lick of paint
MOST iPhone strokers SPURN iOS 8: iOS 7 'un-updatening' in 5...4...
Guess they don't like our battery-draining update?
prev story

Whitepapers

A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.