We’re not exactly short of mobile wallets these days – Google Wallet springs to mind, along with the likes of Isis and other carrier-backed services. These, of course, are all about mobile payments; on the coupons-and-tickets side, we also have Apple’s underformed Passbook.
Now there’s a new player in this space. Actually, that’s not quite right. Germany’s Giesecke & Devrient is 160 years old, and has traditionally been best known as banknote printer and (more recently, obviously) a smartcard security firm. You might know them as the company behind the nano-SIM.
On Thursday, G&D announced its own mobile wallet play, named SmartTrust Portigo. In common with most mobile wallet schemes, it’s NFC-based. What’s interesting about it, though, is the breadth of functionality that it promises to provide.
If G&D and its customers follow through, you’ll soon be using your phone for not only loyalty schemes and mobile payments, but also as a replacement for ID cards, access keys for buildings and vehicles, and public transport tickets.
This really would be a fully-fledged mobile wallet. In theory.
“Users will find that SmartTrust Portigo, the electronic wallet solution we are launching, is an easy-to-use app,” G&D group SVP Klaus Vedder said in a statement. “At the same time, it opens up a wide range of new opportunities for mobile network operators, banks, and other service providers to develop new mobile services as part of their individual brand strategies.”
But how easy-to-use would it be, and how likely is it that this one-mobile-wallet-to-rule-them-all strategy will become reality?
Users would download a ‘wallet client’ app to their smartphones. The software would establish a connection with a secure hardware element and a ‘wallet manager’ in the mobile network’s systems. It would then be up to the ‘wallet issuer’ to deploy services to the app in the form of widgets – perhaps one for a virtual credit card, one for public transport, and so on.
For ease of use, though, the question is the identity of the wallet issuer. If this is all done under the name of the mobile operator, the secure element will be the SIM card, in which case it’s all fairly straightforward. If the wallet issuer is a bank, though, they might want the secure element to be on a microSD card, which would involve a bit more hassle. And then there’s the motivations of the wallet issuer to consider – how much do they want to control and how many partnerships do they want to strike?
In some ways, it makes a lot of sense to have one entity managing all these different functionalities. In theory, it would make it easier to block all the services if the phone gets lost or stolen, and to re-initiate them when a replacement device is in hand.
But, that said, a single point of control can become a single point of failure.
It’s worth noting that G&D has a pretty close partnership with ARM and the digital security firm Gemalto. Back in April, the three set up a joint venture in Cambridge in the UK, in order to set up a single standard for a trusted execution environment for ARM-based devices. That was essentially ARM’s answer to Intel’s $7.7bn McAfee takeover, which had a similar idea in mind, only for x86-based devices.
So if anyone’s going to do this securely, it would be G&D. The question, though, is how G&D’s customers choose to implement this spin on the mobile wallet, and who gets to control what. It would be great if the mobile phone really could provide all these different functionalities at once, but that’s a future at the mercy of commercial negotiations.