HCE and BLE are going to make Barcelona fun this year, and they are opening up an important new role for mobile operators.
The subject of Host Card Emulation (HCE: see “Why all the fuss about HCE“) seems to wander across almost every client meeting I’m in at the moment. And I’m thinking about it again this morning because we’re now only a week away from the mobile industry’s biggest annual jamboree, the Mobile World Congress in Barcelona. And last year, from a retail transaction perspective, HCE was probably the most interesting change to the landscape.
Well, the most interesting case study from Mobile World Congress last year was, as I have said before, BankInter in Spain.
A year on from that announcement, with HCE now part of the Android mainstream, BankInter have announced the commercial launch of their “Mobile Virtual Card” (MVC) product. They have had a detailed risk analysis carried out by the Fraunhofer AISEC in Germany — who concluded that the security of the HCE solution is “adequate for EMV online” (that is, where the POS goes online for authorisation) transactions — and are launching the service their customers and hoping to licence the service to other issuers. I thought it was interesting that their press release about this mentions that the technology…
…also allows the bank to autonomously define its own business model and brand image in mobile payment media, without entering into an agreement with third parties
Now, when they say “third parties” we all know that this is code for “mobile operators”. The version of mobile contactless EMV that uses a Secure Element (SE) in the (operator-controlled) UICC depends on card issuers and mobile operators developing not only some complex technology (difficult to start with, but gets easier over time, especially when you have the right consultants on board) and complex business relationships (difficult to start with, but gets harder over time, even if you have the right consultants on board). As a consequence, the early promise of mobile contactless at retail POS has not been realised. There are few suitable handsets, few suitable apps, few transactions and operator consortia (such as ISIS in the USA and Weve in the UK) have had a slow start.
You would think, then, that mobile operators should be utterly downcast at the prospect of HCE and its supposed “competitor” Bluetooth Low Energy (BLE) in the mobile mainstream this year. So with HCE and BLE all the rage, and undoubtedly the subject of countless announcements at MWC, what should they expect? Well, I think you might be surprised. With HCE as an accelerator for NFC-centric proximity apps and BLE as a complementary channel to deliver vicinity apps, I’m actually rather looking forward to MWC and the opportunity to take part in the re-energising of the contactless mobile world. I think that contactless delivers a better customer experience and will give retailers to ability to deliver some great new apps.
But what would be the operator role in all this be? If the merchants and banks and transit companies can just build their apps and get going without having to rent space in an operator SIM? Well, as I will be discussing at the GSMA’s Digital Commerce Breakfast Workshop in Barcelona on Wednesday 26th February, they will have to deliver something of genuine value to stay involved: the service providers won’t have to use operator services, so the operators will have to deliver services that the service providers will want to use. Going back to the days of (and here’s one for the teenagers) Genie Passport at what was then Cellnet, I’ve always argued for the mobile operators central role in digital identity. The Secure Element (SE) is the obvious place to store these digital identities. And by storing digital identities that the app developers can access via standard APIs, the mobile operators can provide something of genuine value to the rest of the stakeholders, an identity infrastructure that both NFC (whether HCE or not) and BLE can use.
Unfortunately, my GSMA Breakfast Briefing on the subject is sold out, so I’m afraid if you don’t have a ticket already you won’t be able to come along, but the GSMA are organising a Twitter channel for comments and questions so I hope you’ll be able to join in all the same.