Original URL: https://www.theregister.com/2010/10/22/proximity_payments/

Mobe operators foresee SIM-based contactless payment

World obstinately fails to revolve around them, though

By Bill Ray

Posted in Networks, 22nd October 2010 12:27 GMT

Operator alliance GSMA has teamed up with the European Payments Council to work out how mobile payments will work, reaching the shock conclusion that operators are essential in banking.

That conclusion emerges from the snappily-titled "Mobile Contactless Payments Service Management Roles Requirements and Specifications", which maps out various scenarios and architectures for proximity payment systems, all of which place the network operator front and central in the process.

That's remarkable when everyone else in the industry seems to be working out the best way to provide proximity payments without having to go through the operator - not because they hate network operators, necessarily, but because most operators move with the speed of a lazy glacier.

The operators only have one decent card left to play, the SIM, over which they have absolute control. Any proximity-payment system needs a secure element, separated both logically and physically from the handset architecture, and the SIM is perfectly placed to fulfil that role.

The Single Wire Protocol (SWP) gives the SIM access to a near-field antenna, so it can conduct transactions without having to worry about the handset's security - but SWP is three years old now, and beyond technical demonstrations we still have no handsets supporting it.

However, that hasn't stopped the GSMA creating its 70-odd pages of diagrams, explanations and calls to action. The SWP handsets don't exist because operators haven't asked for them, and the GSMA is hoping that it can convince operators they can be at the centre of proximity payment systems. But being operator-centric it assumes that the secure module will be on the SIM, then maps out how banks will come begging to operators to have their client software installed, and how customers will have to ask their operator when they want to change banks.

But that assumption is far from certain. American banks are already running large-scale trials putting their secure module in an micro SD Card, while manufacturers are happily embedding secure modules in the handset - it's hard to imagine Apple doing anything else when (if) it launches an NFC-capable iPhone next year.

Anyone old enough to remember the early days of internet commerce will find the document depressingly familiar: incumbent companies producing lengthy documents outlining how they're going to extend into the new world, while the new world gets on with providing what customers want by any means available. ®