trusted service manager – role and challenges

© 2009 – Trüb AG Switzerland – www.trueb.ch

Trusted Service Manager – Role and Challenges

MobileMonday SwitzerlandMoMo #16 Near Field Communication (NFC)

June 7, 2010Thomas Thaler, CTO


Introduction

�Mobile phones are powerful tools – becoming even more powerful

�Mobile phones obsolete diaries, portable music players, and more – why should mobile phones not also replace our wallet?

�Mobile Contactless Payment (MCP) turns a mobile phone into an electronic wallet

�MCP foots on the well-established ecosystem for cashless payments, the 4-party model


Smart card personalization

+personalized smart card

generic smart card

personalization process

Individual data:Name, Account #, Limits, PIN, etc.

s p e c i m e n

s p e c i m e n


The 4-party model

Cardholder Merchant

Issuer Acquirer

Goods and ServicesTransaction SettlementTransaction Fee


The 4-party model – extended

Cardholder Merchant

Issuer Acquirer


SmartCardManufact.& Perso

Distribution(mail)

order

card,pinletter

card,pinletter


Status Quo – how many smart cards in your wallet?

�… 2 … 5 … more?

�Smart card characteristics:

� Miscellaneous applications

� Mostly different issuers

� Likely differing account holdersfeatures , limits, etc.

� Possibly various technologies

� Unaligned replacement cycles

�One secure element per smart card


Same procedure for the mobile environment?

�Number of SIM or SD Card slots in a mobile phone = 1!

�ALL applications (‚cards‘) must share ONE secure element

�Challenges:

� Performance requirements

� Applications interoperability

� Data security, integrity

� Certification requirementsand lifecycle, etc.


More challenges – tasks for a Trusted Service Manage r

�Mobile phone must remain with user while being personalized � Over-the-Air personalization (OTA)

�Mobile phone may be switched off while personalization

�Mobile phone may not have appropriate capabilities

�Mobile phone’s secure element may not have resources available (security domain, storage, …)

�Application / Middlet may not be installed, or even available

�etc.


NFC mobile ecosystem

Challenge: n:m relationship between players

Issuers

Source: Global Platform

BanksMobile

NetworkOperators

Retailers

Transportcompanies


NFC mobile ecosystem

�Challenging n:m relationships

�Relationship management

�Contracts

�Technical interfaces

�Support peers

�SLA monitoring

�Statistics

�etc.

Source: Global Platform


Users

Trusted Service Manager

Users

OTA application loadingOTA personalization

Dev

ice

Cap

abili

tyM

ngt

App

licat

ion

Life

cycl

eM

ngt

Use

r D

ata

Life

cycl

eM

ngt

Car

d C

apab

ility

Mng

t

…

Certified Environment

Trusted Service ManagerRoles and color scheme according Global Platform

TSM as clearing house – breaking n:m relationship

Mobile Network Operator

Issuer

Retailer

etc.etc.


Trusted Service Manager key tasks

�Deploy and personalize any application (‚card‘) from any issuer through any mobile network (OTA personalization)

�Verify device and secure element capabilities and resources

�Manage application life cycle

�Execute (user-initiated) change of mobile handset or mobile network operator without issuer involvement

�Manage user data life cycle

�Manage confidentiality w.r.t customer care

�etc.


Thank you for your attention!

[email protected]


The 6-party model –ecosystem in mobile contactless payment

Cardholder Merchant

Issuer Acquirer


TrustedServiceManager

MobileNetworkOperator

order

OTA perso

OTA perso

trusted service manager – role and challenges

Business