Card Emulation Expected Soon Despite Doubts from Google Engineers

May 17 2011

Google NFC software engineers, while touting the “dozens” of NFC phones in the pipeline and prospects for compelling applications using tag reading and peer-to-peer communication, downplayed use of Android phones for payment with secure chips.

Two top Google NFC developers, Nick Pelly and Jeff Hamilton, speaking at the Google I/O conference yesterday in San Francisco, told Android developers attending a session on NFC not to expect application-programming interfaces, or APIs, to access the secure element on Google’s Nexus S or other Android NFC phones anytime soon.

Pelly, who led the presentation, “How to NFC,” and who appears to be a technical lead for NFC at Google, said Google has yet to introduce any APIs for card emulation because the company can’t yet ensure a “compelling” user experience when consumers tap their phones to pay using an application stored on a secure chip. He and Hamilton said there probably won’t be any APIs in the near future available to developers in software development kits.

If true, this could potentially delay the introduction of applications that would enable Android NFC phones to be used in card-emulation mode, that is, acting like contactless debit or credit cards, transit tickets or door keys.

But some industry experts are casting doubt on Google’s reluctance to support card emulation in Android phones.

After all, Google ordered the Nexus S with embedded secure chips, the PN65 from NXP Semiconductors, which can store applications. The NFC controllers in the phones also support applications for card emulation on SIM cards.

And there is little doubt that Google is developing an NFC mobile wallet to store payment and is building an m-commerce infrastructure that could deliver advertisements and targeted offers to consumers in and around the physical retail point of sale. A key piece of this m-commerce initiative is payment, for which Google would work with banks and established payment networks. Sources have said that among these are U.S.-based Citigroup and MasterCard Worldwide.

MasterCard: Card Emulation for PayPass Available
MasterCard, while not confirming that it is working with Google on NFC-based payment, told NFC Times in a statement that it fully expects to soon see PayPass rolled out on secure elements in NFC phones and for the applications to work with the hundreds of thousands of POS terminal readers that support PayPass worldwide and those to come.

Secure elements in the phones “provide the security necessary to protect the payment information,” noted a spokeswoman.

“MasterCard believes that the elements required for commercial deployment of MasterCard PayPass on mobile devices are available.”

She added that using NFC in peer-to-peer mode could enable MasterCard to offer other innovative services.

Despite the statements of the top NFC software engineers, Google might already be preparing to support card emulation and the embedded secure chips in its Nexus S phones, according to one Austria-based NFC researcher, who has monitored the NFC support in Google’s Android operating system.

He said the latest version, Android 2.3.4, contains commands to access the embedded chips. And he believes that Google itself wants that access.

“It’s an internal API, an API that is not public to anyone but limited to a certain group who has access to this,” Michael Roland, research associate at the Upper Austria University of Applied Sciences in Hagenberg, Austria, told NFC Times. “I think this group is limited to Google.”

It was not entirely clear from the Google presentation yesterday what problems applications using card emulation could cause. But Pelly seemed to say that card emulation would force NFC hardware on the phones to support a range of different contactless protocols now used on contactless cards. That would include both types A and B of the international ISO/IEC contactless standard, as well as proprietary contactless protocols.

In response to a question from the audience of developers, Pelly added that NFC chips “typically are going to be able to emulate only one of those RF technologies.

“So as an application developer, you don’t know which one is deployed to the phone,” he said. “I guess until we see the industry standardized around maybe one RF-level technology, or if we see NFC controllers able to support multiples of those, I guess what we are hoping is that everyone is moving to peer to-peer.”

P2P Unlikely for Bank Payment
But to another question, Pelly acknowledged that he knows of no major P2P NFC applications that have been developed for payment.

And the major card networks, such as Visa Inc. and MasterCard, are unlikely to accept the security now available in P2P mode for their contactless payment applications, payWave and PayPass.

They require those applications, along with the encryption keys that safeguard them, to be stored on secure elements and to interact in card-emulation mode with their standardized contactless point-of-sale terminals.

PayWave and PayPass applications are already being developed for both embedded chips, SIM cards and potentially other secure elements that could work directly in Android NFC phones, such as microSD cards.

Other service providers are planning to use card emulation in NFC phones to support such proprietary contactless protocols as Mifare for transit fare-collection and access control.

NFC Accounting and tax software provider Intuit, has been demonstrating a P2P payment application on Nexus S phones at the Google I/O conference as a possible expansion to its smartphone-based mobile-payment service, GoPayment.

But Intuit has called the NFC application only a “concept,” though has plans to introduce it. A spokeswoman told NFC Times the application simulates a prepaid debit card and uses a proprietary security scheme that the company declined to elaborate on.

Update: Rémy de Tonnac, CEO of France-based NFC chip supplier Inside Secure, noted that Google has joined the NFC industry relatively recently and may not know the standards and engineering work done on card emulation over the past several years.

“We are surprised that these guys are saying card emulation is not working," he told NFC Times. "We know that card emulation solution is working real fine, in type A and type B.” End update.

Android ‘Army’ Doesn’t Need Card-Emulation APIs
But Google has a point that there is some fragmentation in support among NFC chips and secure elements for the various contactless technologies used with applications in card-emulation mode, according to Einar Rosenberg, CTO for U.S.-based NFC application developer Narian Technologies. The industry is addressing those issues, especially on the NFC chip side, he added.

In any case, the main applications that will use card emulation–payment, transit ticketing and access control–were never meant to be open to the tens of thousands of Android developers who build apps for Google’s app store, Android Market, said Rosenberg. The security required for these applications means relatively few application developers will design the apps for the phones and fewer still for the corresponding applications on the secure elements.

So it is not so important whether Google publishes APIs for access to the secure elements.

“The army of Android developers are, for the most part, the independent innovators, not the big corporate conglomerates,” he said.

The real problem for card emulation could come if contactless applications are stored on different secure elements in the same NFC phone, said Christian Andresen, head of the NFC business unit for Germany-based Stollmann, which develops NFC middleware that runs on phones. The industry has yet to put standards and procedures in place to tell either the phone or contactless reader which secure element to communicate with.

But he said he doesn’t know of problems for NFC supporting the various protocols for card emulation.

“I would say, NFC is ready for card emulation,” he said.

Pelly and colleague Jeff Hamilton, however, were referring to potential problems for card emulation from even one secure element in an Android phone. And they have other concerns.

“To talk to the secure element, even from an application on the phone, you need to authenticate yourself properly,” said Hamilton. “And if you improperly authenticate yourself a certain number of times, there are secure elements that will physically destroy themselves and can never be recovered. So that’s something that we really think would be a bad experience for users.”

‘Zero-Click Sharing’
While Pelly said card emulation is the most popular topic in Google’s Android developer groups, it’s obvious he prefers the cleaner standards and less fragmentation expected for tag-reading and P2P applications.

Among those he and Hamilton demonstrated yesterday were enabling users to share apps, play games and transfer YouTube videos just by tapping their devices together. In one demo, they showed a tablet computer running Android and specially “hacked” to support NFC that could beginning playing a YouTube video transferred from a Nexus S phone. In the demo, the developers synced the video from the phone to the tablet with a simple tap, and the video starting running on the tablet at the exact point it was rolling on the Nexus S.

Pelly said Google would also support this kind of “zero-click sharing” in Ice Cream Sandwich, its planned successor to the Android-Gingerbread operating system.

'Dozens of Phones in the Pipeline'
The first question from developers during the Q&A session following the presentation did not concern APIs or secure elements, but the availability of Android NFC phones.

“We do know personally of dozens of phones in the pipeline for 2011 that are going to have NFC, so don’t worry, they will come, as well,” said Pelly.

That may be an exaggeration, however, since aside from the Nexus S, which hit the market last December, only one Android NFC phone model has been announced to date, the Galaxy S II from Samsung.

Other Android models are expected this year, including one or more each from LG Electronics, HTC and perhaps ZTE. Samsung is also expected to introduce more NFC phones. But most of the new Android NFC models are expected in the third and fourth quarters.

Operators in France and Taiwan told NFC Times in recent weeks that they expected only about 10 NFC models by the end of the year, not all of them Android phones.

NXP Semiconductors, the main NFC chip supplier to Android handset makers, estimates it had 40 NFC phones in the pipeline that would come to market over the next several months, according to internal estimates, NFC Times has learned. But not all of these will be Android smartphones.

Update: It remains to be seen when the Android phones will support card emulation, but with rollouts planned this year by telcos and banks that feature NFC-based payment, they will need to access the secure elements in the phones soon. 

“Google is caught in a dilemma, in that it is trying to drive new products and services using NFC technology, but as the implementation of the technology is not mature, the customer experience cannot be guaranteed at this stage,” said Tim Jefferson head of UK-based mobile consulting firm, The Human Chain. He agrees that NFC's tag-reading and P2P modes can offer compelling apps, but adds: “What is really critical for mass take-up of NFC payment in mobile handsets is that the suitable developers for payment products and services gain access to the API's for card emulation.” End update.


NFC Wallets Make Up Growing Share of Contactless Payments on London Transit

NFC TIMES Exclusive – Use of NFC wallets continues to steadily increase as part of Transport for London’s landmark contactless payments service, with payments from NFC-enabled smartphones and smartwatches now accounting for 20% of all contactless payments, NFC Times has learned. 

Market Research Firm: Apple Pay Surpasses Starbucks App in Users in U.S.

NFC TIMES Exclusive Insight –Apple Pay, which launched its mobile payments service five years ago this week in the U.S., has so far failed to live up to expectations with the service, either in the U.S. or globally, in terms of users and transactions.

Cubic Strikes Deal with Google to Enable Closed-Loop Transit Payments in Google Pay

NFC TIMES Exclusive Insight – In a move that could enable more large transit agencies to offer NFC mobile payments with their closed-loop transit cards, U.S.-based Cubic Transportation Systems has signed an agreement with Google to integrate contactless transit cards with Google Pay. Among the agencies planning to support the service are those serving Google’s home base in Silicon Valley and the San Francisco Bay Area, as well as the Metropolitan Transportation Authority in New York. 

In-Depth: Persistent Consumer Security Fears about Mobile Payments Prove Difficult to Dislodge

NFC TIMES Exclusive Insight – Results of yet another survey has shown that a significant percentage of U.S. consumers continue to harbor security fears about using their smartphones for payments, a stubborn problem that has hindered growth of mobile payments from the beginning.

Mobile Suica Still Accounts for Disappointing Share of Suica Users and Transactions in Japan

NFC TIMES Exclusive – While Apple Pay next month will mark the 5th anniversary since its launch in the U.S., there is another contactless-mobile payments service that is three times as old as Apple Pay–Japan’s Osaifu-Keitai, or wallet phones, which this year turned 15. 

Rome Latest Transit System to Launch Open-Loop Fare Collection; also Enables Monthly Passes with EMV Cards

NFC TIMES Exclusive Insight – Rome has become the second major city in Italy–and one of a small but growing number of large cities globally–to enable riders to pay transit fares with EMV contactless credit, debit and prepaid cards and NFC devices.

Vivo Last of Major Chinese Smartphone Makers to Officially Launch NFC Pays Wallet

NFC TIMES Exclusive Insight – Vivo, China’s second largest smartphone maker, made it official this week, launching its NFC-enabled “vivo Pay” wallet, the last of the major Chinese phone OEMs to roll out NFC payments–though their use has been disappointing, at least for payments in stores.

In-Depth: Fit Pay’s Troubles Indicate Difficult Business Case for Provisioning to Wearables

Sep 19 2019

NFC TIMES Exclusive Insight –  Given the poor financial results of U.S.-based Fit Pay, it’s becoming clear that the business case for provisioning of payment cards to wearable devices remains difficult.

Analysis: Chase Pay Latest Bank Wallet to Shut Down; Why Did They Fail?

NFC TIMES Exclusive Insight – Plans disclosed this week by JPMorgan Chase to shut down its Chase Pay app for in-store purchases is yet another nail in the coffin–perhaps the final one–for bank wallets in the U.S. And the situation does not look much brighter for bank-issued wallets abroad.

Miami Latest U.S. City to Introduce Open-Loop Transit Payments

NFC TIMES Exclusive Insight Transit officials in Miami-Dade County, Fla. are the latest in the U.S. to introduce open-loop payments of fares with contactless credit and debit cards and bank card credentials on NFC wallets, launching the service yesterday on the city's relatively small metro network, with plans to expand to buses later.

UK Tram Riders Take to Tapping with NFC phones to Pay for Fares, According to Early Results

NFC TIMES Exclusive – Transport for Greater Manchester, which last month launched open-loop payments on its large Metrolink tram network, said Thursday that contactless credit and debit cards and NFC wallets accounted for a combined 170,000 rides during the first four weeks of the service.

In-Depth: NFC Wallet Use for Open-Loop Transit Grows but Still Makes Up Relatively Small Share of Contactless Payments

NFC TIMES Exclusive – When New York City transit officials announced Tuesday that the 1 millionth ride paid for through their new OMNY open-loop payments service had arrived ahead of schedule, they also proudly noted that 80% of the contactless payments had come from NFC wallets, not physical bank cards.