Inside Secure Introduces First Secure Element, as It Seeks to Stay Competitive
NFC chip supplier Inside Secure has introduced its first embedded secure element, a key product that it hopes will help it stay competitive with much larger rivals.
Inside produced the chip using smart card technology it acquired with its purchase of the secure microcontroller solutions unit of U.S.-based Atmel Corp. in 2010. Inside will be using an Atmel designed RISC processor.
The chip supplier plans to pair the new smart card chip, which it calls VaultSEcure IC, with its established NFC controller, MicroRead. It might also be able to sell the chip to other producers of NFC chips without their own smart card technology or to device makers in need of an embedded secure element.
Inside has been using a secure element from Germany-based Infineon Technologies, which Inside stacks with the MicroRead NFC chip. Phone maker Research In Motion has been using this package, which Inside calls SecuRead, for its NFC-enabled BlackBerrys.
But incorporating the chip from Infineon in SecuRead instead of its own secure chip hurts profit margins at the financially struggling Inside.
Inside also needs the secure element technology to try to stay relevant when much larger chip makers, such as Broadcom, Qualcomm and MediaTek, start to incorporate NFC radio functionality as part of their wireless chipsets or other chips–a move expected to begin in coming months.
Inside is already well behind such competing NFC chip makers as NXP Semiconductors and STMicroelectronics, as well as smart card chip supplier Infineon, in offering an embedded secure element for NFC phones.
Besides stacking or linking their own NFC chips with their secure elements, makers of the secure chips will also offer the embedded chips to larger processor and wireless chip makers, such as Broadcom, Qualcomm, MediaTek and Intel for implementations in higher-end devices.
It remains to be seen when RIM or other handset makers will use the new Inside secure chip. RIM, which is introducing a critical upgrade to its smartphone operating system in the BlackBerry 10, might be hesitant to adopt the new chip immediately.
Inside contends VaultSEcure IC offers features that embedded secure elements from competitors don’t have.
Among the features Inside is touting is what it calls “authorized management,” which implements specifications from standards group GlobalPlatform. The vendor says the feature would enable two or more parties to “independently install and control their own applets” in the same embedded secure element. These parties, for example, could be a handset maker and a mobile operator.
Bernard Vian, Inside’s executive vice president in charge of payment solutions, agreed that secure elements already can be carved up into multiple secure domains for different service providers.
But the secure element itself is controlled by only one party, such as the mobile operator, handset maker or mobile platform provider, he said.
With VaultSEcure IC, each “issuer domain owner,” such as a telco, handset maker or third party, could have its own set of keys to control a portion of the embedded chip. The issuer domain owner would manage the keys with its trusted service manager, according to Inside.
These domain owners would not have “any dependency” on one another, Vian told NFC Times. “This feature can make possible a peaceful co-habitation of two stakeholders in the eSE (embedded secure element).”
Inside said the keys enabling multiple parties to control the same secure element would be distributed through a “key-exchange protocol,” which Inside has proposed to industry organization GlobalPlatform for standardization.
But besides the fact that its key-exchange protocol is not yet standardized and might never be, there are commercial issues that seem likely to prevent co-habitation of embedded secure elements in many or most cases.
Control of the secure elements in NFC phones is fundamental to the business cases for NFC for ecosystem players rolling out the technology. So the owner of the chip might not be so eager to share that ownership.
Most mobile operators are planning to use their SIM cards as the default secure element in NFC phones they sell, and if an embedded secure chip exists in the same phone, the SIM-centric telcos likely would effectively have the embedded chip deactivated.
Such mobile platform vendors as Google want control of the embedded chip for phones that run their wallets. In the Google Wallet phones rolled out so far, the embedded chip is accessible to no other application providers besides Google.
Meanwhile, handset makers, led by Samsung Electronics, but including RIM and probably LG Electronics and HTC, are putting embedded chips in many or most of their NFC phones, which also support SIM cards as secure elements.
The handset makers are going along with the wishes of mobile operators, to make the SIM the default secure element, at least in markets where telcos control the distribution channels of phones. In other markets, such handset makers as Samsung apparently want to control the embedded chip.
Inside, however, contends there will be demand for its authorized management feature and sharing of ownership of the embedded chip.
And the vendor is introducing other features for its new chip, including one it calls “secure memory swap,” which uses encryption technology to shuttle applications in and out of the secure element, based on location, date and time and other factors.
“Thus, for example, when traveling from New York to Paris, the MTA (Metropolitan Transportation Authority) transit fare applet in a user’s smartphone SE (secure element) can automatically be swapped for the Paris Metro transit fare applet based on the new location. Or a building access applet can be swapped out on weekends and holidays,” said Inside.
Inside said it is confident its secure element also will be certified by Visa and MasterCard Worldwide to run their payment applications in NFC phones, pending performance tests of the built-in NFC antenna in the phones.
France-based Inside, which has seen its fortunes fall with those of the main customer for its NFC technology, RIM, needs a successful debut for the VaultSEcure IC if it hopes to begin recovering ground lost to rivals, especially NXP Semiconductors, which has been shipping NFC chips and secure elements for a number of Android models, including the popular Galaxy S III from Samsung.