GSMA Wants IoT Devices Connecting Via Embedded SIMs

Most outdoor sensors for utilities and city services are using M2M (machine to machine) solutions based on cellular networks. That poses a challenge to developers because they need to negotiate agreements with several cellular carriers in each market. Also the size of the SIM (subscriber identification module) cards limits the possibility of making smaller sensors and other connected devices.

When Amazon introduced the Kindle 2 international version in 2009, it was shipped worldwide with an AT&T international SIM, allowing users to shop the Amazon store and download titles almost anywhere in the world. That made sense to Amazon because people don't use the Kindle to browse the web, and they could offset the cost of the data charges with the book prices.

But millions of sensors sending continuous data to servers are another issue. It is not economical to fit everyone of those with an international SIM, or even a local one. Many other solutions are now being tested, including the upcoming 700 MHz 802.11ah standard. But, as of today, cellular data is the only solution already deployed and ready to use.

The GSMA -- the European mobile operators' organization that puts on Mobile World Congress and whose members includes most of the world’s cellular operators -- has created the Embedded SIM working group, which already includes cellular carriers and system developers. At this moment AT&T, China Mobile, China Unicom, Deutsche Telekom, Gemalto, Giesecke & Devrient, Morpho, NTT DOCOMO, Oberthur, Orange, Telecom Italia, Telefonica, Telenor and Vodafone participate in the project.

Basically, the operators are proposing a specific nonremovable SIM that is embedded into the IoT sensors during manufacturing. The SIM can later be provisioned over the air with the subscription profile of the operator providing the network. The device could be later reprovisioned if the unit is moved to another location or the customer decides to use another provider.

“The number of mobile connected devices is expected to reach 11 billion by 2020, growth that will be led predominantly by advances in the M2M market,” said Alex Sinclair, chief technology officer, GSMA, in a press statement. “This level of growth will be heavily dependent on the adoption of a common, global and interoperable SIM provisioning and management architecture that enables the M2M market to flourish. The specification released today will have a significant impact on the M2M marketplace, as it will help provide lower operational costs and drive economies of scale.”

An additional benefit of embedded SIMs is durability. Standard SIM cards for mobile phones are designed to withstand certain conditions. Giesecke & Devrient is already providing Verizon Wireless with ruggedized M2M embedded SIMs to withstand more harsh environments, including extreme temperature fluctuations, vibration or high humidity, like those found in outdoor meters, automobiles, external security cameras and buoys.

Car manufacturers are also excited about the possibility. High end makers such as Audi and Mercedes Benz are already including global SIMs in some models, but the embedded SIMs can be the economic solution for their deployment in every vehicle.

“Without a globally recognized, standardized and harmonized connectivity solution the automotive industry will become unnecessarily complex and fragmented. As a car manufacturer an Embedded SIM that can be remotely provisioned is absolutely key for us in driving efficiency and simplicity and is to be welcomed. We thank the GSMA and partners for agreeing this specification,” commented Marcus Keith, project management Audi connect, in a press statement.

IoT and M2M systems are being reshaped now to accommodate the billions of devices connected. Since there is no way a standard will be set for their connectivity, every industry will need to make it as easy and cost effective as possible for developers, government agencies and users to connect the devices. Embedded SIMs, low-power WiFi, ZigBee, and other approaches will have to coexist in a crowded market. Which technology will be most used? Probably the most cost-effective and easier to implement.

Originally published as "Mobile Operators Want SIMs in Every IoT Sensor" on EE Times

Carriers Under Fire For Throttling and Deep Packet Inspection

The Federal Communications Commission recently filed a federal court complaint against AT&T for charging millions of customers for unlimited data plans and then restricting speeds.The reason the FCC took action is because AT&T failed to inform users that they might experience slow speeds after consuming a certain amount of data in their so-called “unlimited” plans.

We now have essentially an open war among carriers, regulators, and consumers about the way wireless data can be sold and used. While it is understandable that carriers need some forms of traffic management, they also need to be transparent when selling their data plans to users. Also, penalizing paying users for making the best use of their data plans should not be tolerated.

Read the rest of the article on Information Week Network Computing

Carriers Should Leave The Mobile Payments Ecosystem

In the past few years carriers have been forcing OEMs to disable the security module on their NFC phones. Their aim is to convince banks, credit card companies, transport operators and others using secure smartcards to rely on the SIM security to authorize transactions, and control the deployment of NFC services.
That hasn’t work. After numerous trials and small launches, operators and banks have failed to convince customers to adopt the mobile payments system they championed. Why? mobile walletMostly because it is too complicated for end users to activate the mobile payments on their devices: usually it involves obtaining a new SIM card, sometimes changing carriers and then only works with banks that have an agreement with the operator, and after all that only in one country. Also the costs associated with SIM based SE have been a source of friction between carriers and credit-card issuers. The card issuers that wanted to provision payment apps have been faced with various charges, including renting space on the SIM, setup charges for TSM services and fees for every transaction during the lifetime of the product.

That is why some banks have abandoned SIM security based payment systems to embrace open alternatives such as Host Card Emulation (HCE). HCE promises the possibility of emulating any smartcard, including payment cards, in the device and the cloud. No longer is it necessary to use a Trusted Services Manager (TSM) to do the provisioning of the payment card. Instead the EMV payment transaction is performed from an application residing in the mobile phone’s operating system. To the POS, this mobile app now looks like the payment card. This pushes mobile operators out of the picture, and allows customers store any card in their phones, in theory.
But security concerns about the Android OS and the cloud-based HCE (although it has the blessing of the three major credit-card companies) are making the adoption of HCE extremely slow. On top of that, since the Android OS is responsible for emulating the card, the mobile device needs to be powered up otherwise it’s useless. Lastly, in order to avoid fees from external vendors, the card issuers need to run their own cloud servers to manage the hosted cards and authorize transactions. The upfront investment is substantial, and few banks have the in-house skills to deliver HCE-based services.
I recently wrote about the new Apple Pay service on the iPhone 6 and Apple Watch being a disruptive force in this fragmented mobile-payments ecosystem.
What Apple did — apparently with a lot of help from NXP which fiercely refuses to comment– is bring the best of both worlds together: a mobile device with a hardware secure element (not the SIM card) that can be easily provisioned over the air by the issuing bank or credit-card company. Users only need to snap a picture of any payment card supported and, after a security check, the SE is provisioned over the internet with the right credentials.
For banks, credit card companies other payment solutions the only thing they need is to get their payment process integrated by Apple. In the case of EMV cards (the chip+pin ones used in most of the world) the integration could be almost automatic; it all depends on the negotiation between Apple and the issuing entities.
Apple has several advantages to implement the contactless payment system:
  1. They don’t have to manage several models of the iPhone, something Android manufacturers need to.
  2. They have simplified the user experience. No need to use any “wallet” and they can use their existing iTunes and Passbook accounts to store the cards.
  3. They included tight security (Secure Element, Tokenization and Biometrics), something that issuing banks, payment processors and the big three card companies like. That means low fees for the “card present” transaction.
  4. They have the power to impose their model to MNOs, something more difficult for Android OEMs, with the exception of Samsung and maybe another two.

Now, what is next for Android? Handset manufacturers can’t let Apple have this huge advantage, and their previous experiences with the operators have been frustrating, to say the least. OEMs such as Samsung, Sony and HTC are focusing on providing real solutions to their users, and need to get a mobile payments solution for them similar to Apple Pay.
Apple has apparently solved much of the problems related to provide a working solution for contactless mobile payments. Android OEMs such as Samsung are left with the dilemma of being left behind. One market that Apple is not addressing right now is public transport, where contactless solutions are used by over a billion people every day. Another one is access control, where NFC and RFID have been in use for many years.
If the mobile manufacturers in the Android ecosystem can come with a working solution addressing the transit and security markets it could give them a significant advantage while they also solve the mobile payment issues.
But they need a similar approach with a solution that is easy to implement, not tied to individual carriers, universal and user friendly.
Article first published as "A New Approach To The NFC Payment Conundrum" on SAP Business Innovation