Mais conteúdo relacionado Semelhante a Trusted Service Manager – Role and Challenges (20) Mais de MobileMonday Switzerland (20) Trusted Service Manager – Role and Challenges1. © 2009 – Trüb AG Switzerland – www.trueb.ch
Trusted Service Manager – Role and Challenges
MobileMonday Switzerland
MoMo #16 Near Field Communication (NFC)
June 7, 2010
Thomas Thaler, CTO
2. © 2009 – Trüb AG Switzerland – www.trueb.ch
Introduction
Mobile phones are powerful tools – becoming even more
powerful
Mobile phones obsolete diaries, portable music players,
and more – why should mobile phones not also replace our
wallet?
Mobile Contactless Payment (MCP) turns a mobile phone
into an electronic wallet
MCP foots on the well-established ecosystem for cashless
payments, the 4-party model
3. © 2009 – Trüb AG Switzerland – www.trueb.ch
Smart card personalization
+
personalized
smart card
generic
smart card
personalization
process
Individual data:
Name, Account #,
Limits, PIN, etc.
s p e c i m
e n
s p e c i m
e n
4. © 2009 – Trüb AG Switzerland – www.trueb.ch
The 4-party model
Cardholder Merchant
Issuer Acquirer
Goods and Services
Transaction Settlement
Transaction Fee
5. © 2009 – Trüb AG Switzerland – www.trueb.ch
The 4-party model – extended
Cardholder Merchant
Issuer Acquirer
Goods and Services
Transaction Settlement
Transaction Fee
SmartCard
Manufact.
& Perso
Distribution
(mail)
order
card,
pinletter
card,
pinletter
6. © 2009 – Trüb AG Switzerland – www.trueb.ch
Status Quo – how many smart cards in your wallet?
… 2 … 5 … more?
Smart card characteristics:
Miscellaneous applications
Mostly different issuers
Likely differing account holders
features, limits, etc.
Possibly various technologies
Unaligned replacement cycles
One secure element per smart card
7. © 2009 – Trüb AG Switzerland – www.trueb.ch
Same procedure for the mobile environment?
Number of SIM or SD Card slots in
a mobile phone = 1!
ALL applications (‚cards‘) must
share ONE secure element
Challenges:
Performance requirements
Applications interoperability
Data security, integrity
Certification requirements
and lifecycle, etc.
8. © 2009 – Trüb AG Switzerland – www.trueb.ch
More challenges – tasks for a Trusted Service Manager
Mobile phone must remain with user while being
personalized Over-the-Air personalization (OTA)
Mobile phone may be switched off while personalization
Mobile phone may not have appropriate capabilities
Mobile phone’s secure element may not have resources
available (security domain, storage, …)
Application / Middlet may not be installed, or even available
etc.
9. © 2009 – Trüb AG Switzerland – www.trueb.ch
NFC mobile ecosystem
Challenge: n:m relationship between players
Issuers
Source: Global Platform
Banks
Mobile
Network
Operators
Retailers
Transport
companies
10. © 2009 – Trüb AG Switzerland – www.trueb.ch
NFC mobile ecosystem
Challenging n:m relationships
Relationship management
Contracts
Technical interfaces
Support peers
SLA monitoring
Statistics
etc.
Source: Global Platform
11. © 2009 – Trüb AG Switzerland – www.trueb.ch
Users
Trusted Service Manager
Users
OTA application loading
OTA personalization
Device
Capability
Mngt
Application
Lifecycle
Mngt
UserData
Lifecycle
Mngt
Card
Capability
Mngt
…
Certified Environment
Trusted Service Manager
Roles and color scheme according Global Platform
TSM as clearing house – breaking n:m relationship
Mobile Network Operator
Issuer
Retailer
etc.etc.
12. © 2009 – Trüb AG Switzerland – www.trueb.ch
Trusted Service Manager key tasks
Deploy and personalize any application (‚card‘) from any
issuer through any mobile network (OTA personalization)
Verify device and secure element capabilities and resources
Manage application life cycle
Execute (user-initiated) change of mobile handset or mobile
network operator without issuer involvement
Manage user data life cycle
Manage confidentiality w.r.t customer care
etc.
13. © 2009 – Trüb AG Switzerland – www.trueb.ch
Thank you for your attention!
thomas.thaler@trueb.ch
14. © 2009 – Trüb AG Switzerland – www.trueb.ch
The 6-party model –
ecosystem in mobile contactless payment
Cardholder Merchant
Issuer Acquirer
Goods and Services
Transaction Settlement
Transaction Fee
Trusted
Service
Manager
Mobile
Network
Operator
order
OTA perso
OTA perso