trusted service manager – role and challenges
DESCRIPTION
In his presentation Thomas Thaler will talk about the role of Trueb as TSM in the NFC ecosystem and the technological challenges on the way to being a TSM. Thomas Thaler is CTO of Trueb AG and responsible for innovation, research and development. Trueb is the leading international manufacturer and supplier of smart cards and one of the leading providers of access solutions and e-ticketing.TRANSCRIPT
© 2009 – Trüb AG Switzerland – www.trueb.ch
Trusted Service Manager – Role and Challenges
MobileMonday SwitzerlandMoMo #16 Near Field Communication (NFC)
June 7, 2010Thomas Thaler, CTO
© 2009 – Trüb AG Switzerland – www.trueb.ch
Introduction
�Mobile phones are powerful tools – becoming even more powerful
�Mobile phones obsolete diaries, portable music players, and more – why should mobile phones not also replace our wallet?
�Mobile Contactless Payment (MCP) turns a mobile phone into an electronic wallet
�MCP foots on the well-established ecosystem for cashless payments, the 4-party model
© 2009 – Trüb AG Switzerland – www.trueb.ch
Smart card personalization
+personalized smart card
generic smart card
personalization process
Individual data:Name, Account #, Limits, PIN, etc.
s p e c i m e n
s p e c i m e n
© 2009 – Trüb AG Switzerland – www.trueb.ch
The 4-party model
Cardholder Merchant
Issuer Acquirer
Goods and ServicesTransaction SettlementTransaction Fee
© 2009 – Trüb AG Switzerland – www.trueb.ch
The 4-party model – extended
Cardholder Merchant
Issuer Acquirer
Goods and ServicesTransaction SettlementTransaction Fee
SmartCardManufact.& Perso
Distribution(mail)
order
card,pinletter
card,pinletter
© 2009 – Trüb AG Switzerland – www.trueb.ch
Status Quo – how many smart cards in your wallet?
�… 2 … 5 … more?
�Smart card characteristics:
� Miscellaneous applications
� Mostly different issuers
� Likely differing account holdersfeatures , limits, etc.
� Possibly various technologies
� Unaligned replacement cycles
�One secure element per smart card
© 2009 – Trüb AG Switzerland – www.trueb.ch
Same procedure for the mobile environment?
�Number of SIM or SD Card slots in a mobile phone = 1!
�ALL applications (‚cards‘) must share ONE secure element
�Challenges:
� Performance requirements
� Applications interoperability
� Data security, integrity
� Certification requirementsand lifecycle, etc.
© 2009 – Trüb AG Switzerland – www.trueb.ch
More challenges – tasks for a Trusted Service Manage r
�Mobile phone must remain with user while being personalized � Over-the-Air personalization (OTA)
�Mobile phone may be switched off while personalization
�Mobile phone may not have appropriate capabilities
�Mobile phone’s secure element may not have resources available (security domain, storage, …)
�Application / Middlet may not be installed, or even available
�etc.
© 2009 – Trüb AG Switzerland – www.trueb.ch
NFC mobile ecosystem
Challenge: n:m relationship between players
Issuers
Source: Global Platform
BanksMobile
NetworkOperators
Retailers
Transportcompanies
© 2009 – Trüb AG Switzerland – www.trueb.ch
NFC mobile ecosystem
�Challenging n:m relationships
�Relationship management
�Contracts
�Technical interfaces
�Support peers
�SLA monitoring
�Statistics
�etc.
Source: Global Platform
© 2009 – Trüb AG Switzerland – www.trueb.ch
Users
Trusted Service Manager
Users
OTA application loadingOTA personalization
Dev
ice
Cap
abili
tyM
ngt
App
licat
ion
Life
cycl
eM
ngt
Use
r D
ata
Life
cycl
eM
ngt
Car
d C
apab
ility
Mng
t
…
Certified Environment
Trusted Service ManagerRoles and color scheme according Global Platform
TSM as clearing house – breaking n:m relationship
Mobile Network Operator
Issuer
Retailer
etc.etc.
© 2009 – Trüb AG Switzerland – www.trueb.ch
Trusted Service Manager key tasks
�Deploy and personalize any application (‚card‘) from any issuer through any mobile network (OTA personalization)
�Verify device and secure element capabilities and resources
�Manage application life cycle
�Execute (user-initiated) change of mobile handset or mobile network operator without issuer involvement
�Manage user data life cycle
�Manage confidentiality w.r.t customer care
�etc.
© 2009 – Trüb AG Switzerland – www.trueb.ch
The 6-party model –ecosystem in mobile contactless payment
Cardholder Merchant
Issuer Acquirer
Goods and ServicesTransaction SettlementTransaction Fee
TrustedServiceManager
MobileNetworkOperator
order
OTA perso
OTA perso