FIELD FORCE MANAGER vs110811 TRUSTED BY THOUSANDS OF COMPANIES.
Trusted Service Manager – Role and Challenges
-
Upload
mobilemonday-switzerland -
Category
Business
-
view
5.248 -
download
1
description
Transcript of Trusted Service Manager – Role and Challenges
© 2009 – Trüb AG Switzerland – www.trueb.ch
Trusted Service Manager – Role and Challenges
MobileMonday SwitzerlandMoMo #16 Near Field Communication (NFC)
June 7, 2010Thomas Thaler, CTO
© 2009 – Trüb AG Switzerland – www.trueb.ch
Introduction
�Mobile phones are powerful tools – becoming even more powerful
�Mobile phones obsolete diaries, portable music players, and more – why should mobile phones not also replace our wallet?
�Mobile Contactless Payment (MCP) turns a mobile phone into an electronic wallet
�MCP foots on the well-established ecosystem for cashless payments, the 4-party model
© 2009 – Trüb AG Switzerland – www.trueb.ch
Smart card personalization
+personalized smart card
generic smart card
personalization process
Individual data:Name, Account #, Limits, PIN, etc.
s p e c i m e n
s p e c i m e n
© 2009 – Trüb AG Switzerland – www.trueb.ch
The 4-party model
Cardholder Merchant
Issuer Acquirer
Goods and ServicesTransaction SettlementTransaction Fee
© 2009 – Trüb AG Switzerland – www.trueb.ch
The 4-party model – extended
Cardholder Merchant
Issuer Acquirer
Goods and ServicesTransaction SettlementTransaction Fee
SmartCardManufact.& Perso
Distribution(mail)
order
card,pinletter
card,pinletter
© 2009 – Trüb AG Switzerland – www.trueb.ch
Status Quo – how many smart cards in your wallet?
�… 2 … 5 … more?
�Smart card characteristics:
� Miscellaneous applications
� Mostly different issuers
� Likely differing account holdersfeatures , limits, etc.
� Possibly various technologies
� Unaligned replacement cycles
�One secure element per smart card
© 2009 – Trüb AG Switzerland – www.trueb.ch
Same procedure for the mobile environment?
�Number of SIM or SD Card slots in a mobile phone = 1!
�ALL applications (‚cards‘) must share ONE secure element
�Challenges:
� Performance requirements
� Applications interoperability
� Data security, integrity
� Certification requirementsand lifecycle, etc.
© 2009 – Trüb AG Switzerland – www.trueb.ch
More challenges – tasks for a Trusted Service Manage r
�Mobile phone must remain with user while being personalized � Over-the-Air personalization (OTA)
�Mobile phone may be switched off while personalization
�Mobile phone may not have appropriate capabilities
�Mobile phone’s secure element may not have resources available (security domain, storage, …)
�Application / Middlet may not be installed, or even available
�etc.
© 2009 – Trüb AG Switzerland – www.trueb.ch
NFC mobile ecosystem
Challenge: n:m relationship between players
Issuers
Source: Global Platform
BanksMobile
NetworkOperators
Retailers
Transportcompanies
© 2009 – Trüb AG Switzerland – www.trueb.ch
NFC mobile ecosystem
�Challenging n:m relationships
�Relationship management
�Contracts
�Technical interfaces
�Support peers
�SLA monitoring
�Statistics
�etc.
Source: Global Platform
© 2009 – Trüb AG Switzerland – www.trueb.ch
Users
Trusted Service Manager
Users
OTA application loadingOTA personalization
Dev
ice
Cap
abili
tyM
ngt
App
licat
ion
Life
cycl
eM
ngt
Use
r D
ata
Life
cycl
eM
ngt
Car
d C
apab
ility
Mng
t
…
Certified Environment
Trusted Service ManagerRoles and color scheme according Global Platform
TSM as clearing house – breaking n:m relationship
Mobile Network Operator
Issuer
Retailer
etc.etc.
© 2009 – Trüb AG Switzerland – www.trueb.ch
Trusted Service Manager key tasks
�Deploy and personalize any application (‚card‘) from any issuer through any mobile network (OTA personalization)
�Verify device and secure element capabilities and resources
�Manage application life cycle
�Execute (user-initiated) change of mobile handset or mobile network operator without issuer involvement
�Manage user data life cycle
�Manage confidentiality w.r.t customer care
�etc.
© 2009 – Trüb AG Switzerland – www.trueb.ch
The 6-party model –ecosystem in mobile contactless payment
Cardholder Merchant
Issuer Acquirer
Goods and ServicesTransaction SettlementTransaction Fee
TrustedServiceManager
MobileNetworkOperator
order
OTA perso
OTA perso