Smart Card Talk, October Issue by Secure Technology Alliance

Smart Card Talk October 2011

•

a Smart Card Alliance ePublication

that I had many friends and neighbors who worked in New York City. At the Smart Card Alliance Fall Conference held that fall about a month later in Washington, DC., the mood was somber, and nobody knew what would happen next. A decade later, we’ll gather again in the nation’s capital for the 10th Annual Smart Card Alliance Government Conference to discuss the achievements that have been made and the status of the ongoing security projects already underway, and to explain the new security initiatives planned for the United States. Hopefully you’re planning to attend, and be part of the meaningful change that benefits the safety of each of us. Click to Read More …

• Volume 12 : Issue 10

In This Issue: ② Executive Director Letter >> ③ Latin America Letter >> ④ Member Profile >> ⑥ Feature Article >> ⑬ From the Alliance Office >> ⑭ Council Reports >> ⑯ Members in the News >> ⑰ Industry Events >>

About Smart Card Talk Smart Card Talk is the monthly e-newsletter published by the Smart Card Alliance to report on industry news, information and events and to provide highlights of Alliance activities and membership.

About the Smart Card Alliance Feature Article:

Member Profile:

Near Field Communication (NFC) technology is igniting the mobile market for a wide variety of innovative mobile applications. This month’s article reviews the state of the U.S. market for NFC mobile contactless payments – outlining the NFC ecosystem players and roles and discussing the current state of the U.S. market for NFC-enabled handsets and NFC mobile contactless merchant acceptance. Click to Read More …

This month Smart Card Talk spoke with David Nichols, Director of Market Strategy for Security Identity at HID Global. In this role, Mr. Nichols is responsible for developing the product and business strategies for HID’s offering of credentials and identities, both physical and virtual, as well as defining the partnerships that will enable HID to offer the broadest range of technologies and solutions to the marketplace. Prior to joining HID, Mr. Nichols held product management and strategic marketing positions with Sony Electronics, IBM and Samsung. Click to Read More …

NFC Mobile Contactless Payments: State of the U.S. Market

HID Global

The Smart Card Alliance is a not-for-profit, multi-industry association working to stimulate the understanding, adoption, use and widespread application of smart card technology.

191 Clarksville Road Princeton Junction, New Jersey 08550 1.800.556.6828 Fax: 1.609.799.7032 info@smartcardalliance.org www.smartcardalliance.org

executive director’s corner

Smart Card Alliance: A Mission Shared by All Dear members and friends of the Alliance, Last month, the entire nation paused for a day to remember the events of September 11, 2001. Watching the television programs and news specials leading up to the events marking the ten year anniversary of “9/11” reminded me of the horrors I felt inside watching the events unfold on live television that day. Those feelings were magnified because of my living in close proximity of what is now known as “Ground Zero” and knowing that I had many friends and neighbors who worked in New York City. The Smart Card Alliance held its fall conference about a month later in Washington, DC. I was working for IBM at that time and I remember it was a somber event and no one really knew what was going to happen next. I began my career with the Smart Card Alliance just a few months later and had to go to work in the New York City headquarters only about ½ mile from where the World Trade Center towers laid in a twisted heap of smoldering steel and debris surrounded by makeshift posters and signs with pictures of missing loved ones who would never be found. As a result of that attack on America by the individuals who exploited the freedoms we allowed for those who hate America and what it stands for to live in this country and blend into our society undetected, with little efforts to conceal their true identity, there was a great awakening by our government leaders, led by the 9/11 Commission Report, to make changes in the interest of national security. A decade later, the leaders of the federal initiatives that strengthened the security of our nation through presidential directives, legislation, and new government policies will be gathering again in Washington, DC, at the 10th Annual Smart Card Alliance Government Conference to discuss the achievements that have been made and the status of the ongoing security projects already underway, and to explain the new security initiatives planned for the United States. Looking back at some of the milestones that we have witnessed over the last ten years can be easily traced through the agendas from the earlier Smart Cards in Government Conferences. Some of the most notable featured conference topics of the past are the Department of Defense Common Access Card, the Department of

Smart Card Talk

State ePassport, the TSA Registered Traveler program, the REAL ID Act, the Department of Homeland Security Western Hemisphere Traveler Initiative (WHTI), the DHS Passport Card, the TSA TWIC program, the U.S. Treasury Eagle Cash payment card, HSPD-12 and the FIPS 201 standards effort, the GSA Managed Services Office, and the First Responders Authentication Credential (FRAC) program. The most recent topics include the Personal Identity Verification (PIV) credential and the Personal Identity Verification Interoperable (PIV-I) credential . In our ten year partnership with the various government smart card programs, we have enjoyed great cooperation and participation from the federal agencies who have the responsibility to bring these programs into existence, beginning with the Department of Defense and soon followed by the GSA, NIST, TSA, and DHS. These agencies, and the cross-government committees they formed, such as the Smart Card Interagency Advisory Board (IAB) and Federal Identity Credentialing and Access Management (F/ ICAM) , have shared their needs and requirements with the smart card industry with openness and transparency. Those same government agencies and their leaders have joined the Smart Card Alliance as Alliance members and volunteered their time and experience to work side by side with our industry members to create the volumes of white papers and resources that are now available on the Government ID Resources section of the Smart Card Alliance web site. Those who have attended the Smart Cards in Government Conference over the last ten years have had a front row seat to watch the great federal identity management and security initiatives being born and our smart card industry members helping to shape the government policies and standards. In a few weeks, we will gather again in Washington, DC on November 2-4, 2011 at the Ronald Reagan International Trade Center. For those who have not attended a Smart Card Alliance Government Conference before, we encourage you to take some time to look at the agenda and speakers, the list of exhibitors, and most importantly, the list of attendees who have already signed up. Once you do, ask yourself if you want to be part of the next chapter in our government’s ongoing efforts to make the United States more secure and to protect our citizens and our government assets. I suspect none of us ever want to experience another 9/11-like attack on our country again. Please consider becoming involved in our mission. Your contribution will be meaningful for years to come.

Sincerely, Randy Vanderhoof Executive Director rvanderhoof@smartcardalliance.org

Dear SCALA – Smart Card Alliance Latin America members and friends, After two years of leadership from our Executive Committee, our organization has been invigorated with influence, recognition, and resources. SCALA, the official industry representative for Latin America and the Caribbean, has been invited to speak and represent the industry in all major conference events and by key government organizations in the region. These industry leaders have dedicated their personal time and resources to expand the voice of the industry and create outreach throughout Latin America and the Caribbean. Their enthusiastic and tireless leadership have been assets in providing us with direction and resources on behalf of the market. As they approach the end of their terms, I’d like to publicly recognize these outstanding professionals whose vision and insight have positioned SCALA to embrace future challenges and opportunities. Thank you to the following leaders, who have so ably provided the foundation and groundwork for our new Executive Committee: Fernando Mendez, Chairman, representing Visa Inc. Karina Prado, Vice-Chair, representing G&D Burti Humberto de la Vega, Secretary, representing HID Global Mauricio Coelho, Observing Government Official, representing Instituto Nacional de Tecnologia da Informação - ITI Casa Civil da Presidência da República do Brasil Vincent Tenaglia, Observing General Member, representing Global Enterprise Technology (GET Group) Not long ago, the idea of a U.-S. based industry association for smart cards in Latin America and the Caribbean was unheard of. Many industry organizations already developed direct relationships with potential clients, questioning the benefits of an association acting as a third party in those relationships. Others realized that working with an independent organization to develop credible information resources could help educate their clients and help sell their individual technology solutions. Just like our parent organization, the Smart Card Alliance, SCALA knew that ensuring the success of our industry and increased implementation of smart chips was based on providing independent, impartial resources and education to lessen any fears or concerns. We were also aware that it would take a great deal of evangelization for different vertical markets to trust our industry and for member organizations to accept SCALA as the single voice for technology discussions.

As our chapter began to grow, SCALA began to create its own resources, deliverables, activities, events, educational programs, and online materials for our market. Though these are clear differentiations from the U.S. Smart Card Alliance, we are still the product of their hard work and a child of their initiative. We maintain the same objectives, focus and perspective of the markets -- with minor modifications for regional issues, implementation strategy, and applications in the limelight -- and we work together for the same cause and learn from one another. SCALA is taking its own steps forward in the journey to demonstrate the benefits that smart card technology brings to the Latin American and Caribbean markets. Yet, we are a ‘chip off the old block,’ as we’ve learned from the success of the Smart Card Alliance, and follow their lead by promoting the use of smart chips to solve problems in identity, finance, government, healthcare, telecom, transportation, and other markets. We have come a long way since the creation of SCALA through a Market Development Cooperation (MDCP) grant from the Department of Commerce. I submit that SCALA played a key role with most industry organizations in expanding educational materials and independent resources and in providing a sense of belonging and collaboration. With industry organizations working together, information multiplies, gaps are covered, resources are created, materials grow, and benefits flow for the entire market. Each vertical market influenced by smart card technology soon becomes a supporter of our industry. One example of collaboration has been our planned Smart Card Fundamentals Training Program (http://latinamerica. smartcardalliance.org/resources/pdf/Fundamentos_de_las_Tarjetas_Inteligentes_102011.pdf) that has united the efforts of the Panamanian Banking Association, Superintendencia de Panama (National Banking Regulator), TELERED S.A, and First Data to address the need for smart card education in the financial industry. A rewarding, and unexpected, outcome of this has been requests from other countries to create this type of collaborative training. Public and private sector representatives participating in the SCALA training program on October 25 – 26th are part of a larger effort by the Alliance to expand the Certified Smart Card Industry Professional (CSCIP) program to Latin America and the Caribbean markets. This group will be among the first professionals to get certified in the region. Lastly, I encourage you to visit the SCALA website to view new content, translated resources, and other materials, where you’ll find this relevant information in our native language. Sincerely, Edgar Betts Associate Director, Smart Card Alliance Latin America (SCALA) Direct Line: +507-225-9089, email: ebetts@smartcardalliance.org Smart Card Talk

latin america corner

Chip off the Old Block

member profile

1. What are HID Global’s main business profile and offerings?

HID Global point of contact David Nichols, Director of Market Strategy www.hidglobal.com

HID Global is a supplier for millions of secure identity customers around the world. Over the years, we are proud to have become recognized for quality, innovative designs and industry leadership serving OEMs, system integrators, and application developers in a variety of markets. These markets include physical access control; logical access control including strong authentication and credential management; card printing and personalization; highly secure government ID; and identification technologies used in animal ID and industry and logistics applications. HID Global is headquartered in Irvine, California, and we have over 2,100 employees worldwide with international offices that support more than 100 countries.

2. What role does smart card technology play in supporting your business? From our standpoint, smart card technology provides versatile interoperability that customers seek while supporting multiple applications such as physical access, biometric authentication, cashless vending and PC log in. As the demand for smart card technology continues to grow to meet customer needs, it also is core to HID Global’s business. This is especially the case since it makes access control and other applications more powerful and secure while being userfriendly and offering the reliability for which HID Global is known worldwide.

3. What trends do you see developing in the market that you hope to capitalize on? Through industry research, integrator forums and our direct experience in the market, some of the major trends HID Global sees in the industry include: 1. The move to mobility as Near Field Communications (NFC) and other technologies fuel the migration of access control technologies and other applications to mobile platforms; 2. The convergence of physical and logical access including multiple authentication methods on a single smart card, which cuts costs while improving security and enables organizations to meet regulatory requirements, enforce consistent policies and drive consolidated audit logs throughout the enterprise; 3. Federal mandates that require more robust personal identification security systems that use smart card and biometric technology and support identification credentials according to government guidelines; 4. The evolution of smarter smart cards that meet the need for greater privacy protections and the ability to validate and secure identities using multiple layers of card security, including two-factor authentication to validate identity, and biometric templates that are stored on the card, and 5. The need for sustainable solutions that reduce costs while improving environmental accountability.

4. What obstacles to growth do you see that must be overcome to capitalize on these opportunities? While there are compelling trends driving interest for smart card technology, the most common obstacles HID Global sees in actual adoption of this technology are the cost of smart cards relative to legacy technology, as well as the cost of the infrastructure deployment needed to support smart cards and the integration of applications. Although there are standards that exist to support multiple applications on a smart card, the implementation of these standards seems fairly low, which in turn impacts adoption of this technology as well. 4

Smart Card Talk

5. What do you see are the key factors driving smart card technology in government and commercial markets in the U.S.? The drivers for smart card technology correlate with many of the trends HID Global is seeing in the market. In summary, the key driver for this technology from our viewpoint are the need for increased card/overall system security and greater interest in multiple applications on a single card for the convenience and cost benefits achieved by extending the use of existing physical access control credentials. HID Global calls this consideration of cost, convenience and security the customer value equation, which customers are constantly seeking to strike the right balance to meet their particular needs. Not to be missed as very important drivers are also today’s government mandates that require the use of smart card technology to meet HSPD-12 requirements. Here are a few key points that delve into more detailed market drivers for smart card technology: • It creates more capable, unified identity platforms for protecting an organization’s physical and IT assets through converged physical and logical access on a single card. • It enables a single smart card to support multiple authentication methods, while enforcing consistent policies and driving consolidated audit logs throughout the enterprise. • It enables organizations to comply with regulatory requirements, and is key to achieving the objective of HSPD12, which mandates that existing access control systems must now be upgraded to use Personal Identification Verification (PIV) credentials that leverage smart card technology and biometric technology. • It cuts costs by enabling physical access credentials to be re-used for logical access including strong authentication on the desktop, and enabling logical access credentials to move into the physical access world to drive stronger identity authentication at the door. Even more savings are available in applications that require strong authentication credentials for remote access, as well. • It is increasingly addressing budgetary prerequisites -- many organizations simply will not consider new purchases unless they add applications to existing physical access systems and credentials, or extend the use of existing applications. Users want to store several identity formats and applications on a single credential, including identification, physical access control, PC logon, time and attendance, vending, and visitor management. Other popular applications include parking, event management or ticketing (particularly in campus environments), as well as cost recovery applications such as print management, public transport and closed-loop payment systems. • It improves overall security. Next-generation access platforms such as those based on HID Global’s standards-based, technology-independent Secure Identity Object (SIO™) SIO data structure support multi-technology products that are more secure, flexible and easy to extend with new capabilities over time. SIOs use a significantly more secure, flexible and extensible data structure and they can reside on

traditional contactless memory cards as well as smart phones, microprocessor-based cards, contactless smart cards, USB tokens and related devices. SIOs can be defined to support multiple smart card technologies. • It enables commercial and government organizations to deploy greener projects by supporting multiple technologies while retaining compatibility with earlier systems to avoid wholesale “rip and replacement” when the need to upgrade arises.

6. How do you see your involvement in the Alliance and the industry councils helping your company. At HID Global, we view our involvement in the Alliance as key for discussing and sharing important market trends and their impact on the industry. The Alliance provides the necessary forum for driving increased awareness on relevant topics and promoting industry wide discussion on trends, which enables us to contribute to early discussions about market drivers while building contacts with other industry players.

Smart Card Talk

feature article

NFC Mobile Contactless Payments: State of the U.S. Market NFC technology is a standards-based wireless communication technology that allows data to be exchanged between devices located a few centimeters apart. The technology can be used for a wide variety of mobile applications, including: • Making payments with a wave or a touch of a device anywhere contactless POS readers have been deployed • Reading information and picking up special offers, coupons, and discounts from posters or billboards on which an RF tag has been embedded (for example, in smart posters and billboards) • Securely storing tickets for transportation, parking access, or events and enabling fast transactions at the point of entry/exit • Securely storing information that allows secure building access

less devices by supporting ISO/IEC 14443 (the standard used by payment networkbranded contactless payment cards and devices), and the Japanese Industrial Standard (JIS) X 6319-4 (also known as FeliCa) contactless interface protocols.

NFC Ecosystem

An NFC-enabled device can operate in reader/writer, peer-to-peer, or card emulation mode. For mobile contactless payments, the NFC-enabled mobile device operates in card emulation mode and appears to an external reader to be a traditional contactless smart card. Payment information is stored in the mobile phone in a secure element, which is a smart card chip that protects stored data and enables secure transactions. Contactless payments and ticketing using NFC devices can be enabled without changing the existing acceptance infrastructure.

Figure 1 shows the stakeholders in the NFC ecosystem. As the figure illustrates, the secure element in the NFC-capable device is provided to the consumer by one of the ecosystem stakeholders. Which secure element is chosen and who provides it has critical implications for usability, portability, ubiquity of handsets, and control.

NFC-enabled devices are governed by standards in ISO/IEC (ISO/IEC 18092), ETSI (ETSI TS 102 10 V1.1.1 (2003-03)) and ECMA International (ECMA-340), and by specifications published by the NFC Forum. ISO/IEC 18092 allows for backward compatibility with existing contact-

The NFC Forum has developed and released implementation specifications and has also launched a certification program that checks devices for compliance with NFC Forum specifications. Compliant devices behave consistently, facilitating an interoperable infrastructure.

Figure 1: NFC Ecosystem

Smart Card Talk

Deploying NFC mobile contactless payment applications requires an ecosystem in which stakeholders cooperate to deliver different functions and capabilities.

1. Secure Element The secure element (SE) is a secure microprocessor (a smart card chip) that includes a cryptographic processor to facilitate transaction authentication and security, and provide secure memory for storing payment applications (e.g., American Express, Discover, MasterCard, Visa and other payment applications). SEs can also support other types of secure transactions, such as transit payment and ticketing, building access, or secure identification.

A mobile handset can implement the SE in one or more of the following ways: • MicroSD removable SE • Embedded SE • UICC removable SE MicroSD removable SE. The microSD is an SE form factor that can enable mobile contactless payment on phones that do not have inherent NFC capabilities. Many phones on the market already support microSD cards; adding a specially-equipped microSD with an SE to such a phone enables contactless payment transactions. The microSD can contain a payment application, a cryptographic coprocessor, the NFC controller and antenna, and even the user interface to a wallet for display on the phone. Mobile phones lacking embedded NFC capability can become mobile contactless payment enabled by inserting a microSD card. Embedded SE. Another option is to embed an NFC-payment-capable SE in the phone when it is manufactured. This implementation does not provide the portability of the microSD or UICC approaches. However, it does allow the phone’s manufacturer and mobile operating system pro-

viders to design, certify, and implement basic NFC payment transaction applications for a particular phone.

ler and antenna. This type of UICC bridges the need to replace the phone to enable NFC payments.

UICC removable SE. The third option is to include an SE in a removable UICC or SIM card. SIM cards have been used in mobile phones for years. Although the SIM slot on the phone is not designed to accommodate frequent changes, and therefore is typically not accessible from the external casing of the phone, some phones include accessible SIM slots. Consumers who buy a new phone for use with the same mobile network operator (MNO) can insert the SIM card from their old phone into their new phone, use the phone on the MNO’s network, and port their contact information and phone number to the new handset.

A variety of stakeholder relationships are possible, depending on how the SE is implemented. Section 8 describes the possible relationships and interactions among stakeholders for the three SE approaches.

All phones that support Global System for Mobile Communications (GSM) technology use a SIM, so adding an NFC payment application SE to the SIM is a natural extension. Unfortunately, most phones that currently incorporate SIM cards require upgrades to use a UICC that supports NFC. For this reason, UICCs have been created that also support an NFC control-

3. Payment Network

2. Acquirer Acquirers facilitate the placement of terminals at retail locations and the communication of payment transactions to the payment networks for authorization and settlement. To support NFC payment transactions, acquirer terminals at merchant customer locations must support NFC/contactless transactions.

Payment networks facilitate authorization processing and the settlement of bank card transactions. To support NFC payment transactions, payment networks must support contactless messaging and authentication functions.

Smart Card Talk

4. Bank In the standard card payment system model, the bank (issuer) holds the funding account for a consumer’s payment card and is responsible for provisioning credit and debit cards to the bank’s customers. In the emerging open NFC payment system model, the bank continues to hold the funding account but works with other parties to provision the payment application to NFC-enabled mobile phones. In most cases, issuers will deploy physical “companion cards” for customers to use at locations where NFC mobile contactless payment is not accepted. The bank card issuers’ host systems will need to support mobile contactless transactions.

5. Retailer Retailers can both accept NFC payment transactions and issue NFC payment applications. To accept NFC payment transactions, retailers need NFC-enabled contactless POS terminals that are certified to process each payment brand’s NFC payment application. Retailers can also choose to implement closed-loop NFC payment applications (such as gift cards or a retailer-specific payment card) or other value-added applications (e.g., coupons, loyalty).

6. Personalization Bureau The personalization (perso) bureau traditionally provisions credit and debit cards to consumers by mailing them. The bureaus receive files from a bank that contain information for provisioning the card’s magnetic stripe and/or smart card chip, and data for embossing and mailing the card. Preprinted cards are processed through equipment that performs both card surface personalization and electronic encoding of the magnetic stripe and contact or contactless chips. The personalization process also provides for the ability to insert companion cards or tokens as well marketing inserts linked to a specific product. To support the adoption of contact and contactless chip technology card issuers and personalization bureaus have had to implement new applications to convert the cardholder data into a format compatible with chip technology and to establish and apply cryptographic security keys that are at the core of chip technology security. These applications are generically referred to as data preparation and key management applications. These same applications can be leveraged to prepare data and establish issuer-specific security for NFC-enabled mobile proximity payment applications. Personalization bureaus that personalize contactless chip cards for issuers may already have these applications in place and only need a payment-brand-specific script to add the ability to prepare cardholder data and application security. With some adjustments to the standard mass personalization equipment, these personalization bureaus will have the ability to electronically personalize microSD and UICC cards through the standard card issuance 8

Smart Card Talk

process. For microSD cards, contactless programming stations are required on the equipment, and for UICC cards contact programming stations are required. By leveraging the standard card personalization process, issuers have the ability to insert an NFCenabled microSD or UICC in the same mailing envelope as the consumer’s standard card. Perso bureaus can also perform the role of creating the personalization data, setting the application security keys and passing the data to a trusted service manager (TSM) to provision the data into a consumer’s NFC-capable phone. In this case, the bureau’s role will change; rather than personalizing a bank card before it is issued, the bureau will be personalizing an account on a mobile phone that has already been distributed. Personalization bureaus are often considered good candidates for offering TSM capabilities to issuers. In some cases financial institutions may want to maintain control of their data and the NFC-enabled mobile proximity payment application. This can be achieved by implementing the same data preparation and key management systems that are used by personalization bureaus. In addition, these systems can be configured to work in an online real-time environment, with an interface for over-the-air provisioning.

7. Handset Manufacturer The handset manufacturer defines which mobile phone models will be NFC-enabled based on the MNO’s requirements and the level of demand projected in the market. Handset manufacturers may also have a stake in the embedded SE model (versus other SE approaches), potentially introducing additional business models.

8. Mobile Network Operator The MNO provisions wireless settings for phones provided to consumers and determines both the required handset features and functions and the service options to be provided with mobile phones sold by the operator.

9. Consumer In the context of the NFC ecosystem, the consumer is a customer of the NFC payment application issuer. How the consumer becomes aware of NFC payment options may determine how the NFC payment capability is loaded to the consumer’s handset.

10. Wallet Developer A wallet developer is a value-added application provider who provides the user with an interface on the mobile phone to manage multiple NFC payment applications. To facilitate consumer demand for multiple payment options, the wallet developer provides

The primary role of the TSM in the NFC ecosystem is to facilitate management of the NFC payment application on the consumer’s phone.

the wallet, either directly, as part of the issuer’s NFC payment solution, as an application provided by the MNO, or through another vendor or service provider.

11. OS Provider An operating system (OS) provider maintains the core OS used by various handsets, including version upgrades, and provides application programming interfaces so that application developers can provide compatible applications. The OS provider may also provide a wallet application and other value-add applications.

12. Value Added Service Provider Numerous service providers can be involved in the NFC ecosystem to provide value-added applications. The value-added service provider would provide the application and the services required to deliver the application to the NFC-enabled mobile phone. Examples of value-added services include coupons, loyalty programs, merchant promotions and offers, and location-based services.

13. Trusted Service Manager The TSM is the trusted third party who provides over-the-air (OTA) services to the NFC payment application issuer and the owner of the SE (e.g., the MNO, issuer, or retailer). The TSM handles the provisioning and management processes so that issuers do not need to deal with multiple MNOs, phone models, and

operating systems, and MNOs do not need to deal with multiple issuers. The TSM role could be played by many different entities, including the MNO, the issuer, the personalization bureau, the payments processor, or some other neutral third party service provider. Multiple TSMs may be involved in the provisioning of a payment application. The primary role of the TSM in the NFC ecosystem is to facilitate management of the NFC payment application on the consumer’s phone. A few of the functions provided by the TSM are OTA activation or provisioning of the NFC payment application, life-cycle management of the NFC payment application on the consumer’s phone, and bridging services for transferring the NFC application to a new phone when necessary. A core piece of the OTA provisioning process includes preparing the data and accessing the appropriate security keys required to initially provision the NFC payment application and to update it once provisioned.

NFC Handset Status The availability of NFC-enabled handsets continues to grow. According to Juniper Research, at least one in five smartphones will include NFC technology by 2014. More than 20 mobile phone manufacturers are currently producing or rumored to be in preproduction of NFC-enabled handsets. [1] Since there are frequent announcements of new handset availability being made, the section provides only a snapshot of handset availability as of September 2011. Smart Card Talk

Google’s Android operating system is increasing in importance in the market, and the Gingerbread and Ice Cream Sandwich versions support NFC. Google’s current smartphone market share is close to 30% [2] and is expected to reach 38.5% by the end of 2011 [3], representing a larger portion of the market than Apple’s iOS, which commands a 19.4% share. Google also recently released the Android NFC APIs to developers, sparking an initiative to create NFC applications. These development possibilities, combined with Google’s growth rate and market share, the acquisition of Motorola Mobility [4], and the addition of card emulation by Google, represent perfect conditions for massive market expansion. Currently more than 10 NFC-enabled handsets are available for purchase worldwide. Samsung leads the way with the Galaxy S II and S5230 (marketed under various names depending on the country) and has teamed with Google to produce the Nexus S and Nexus S 4G (available on T-Mobile and Sprint). Nokia has released both the C7 (Europe) and Astound (U.S.) [5]; Motorola and Casio have released their respective industrial personal data assistants, the MC75A [6] and IT-800RGC-35 [7]. Smartphones on the horizon include the Samsung Wave 578, the Blackberry Bold 9900/9930 (available in mid-2011), and two other unnamed Samsung phones to be released in September 2011. Other manufacturers, such as LG, Toshiba, and Fonelabs, have issued limited release/proof-of-concept NFC-enabled handsets and are expected to produce something similar. [8] There is currently speculation that Apple, Sony Ericsson, HTC, Motorola, LG, and Blackberry are considering NFC-enabled handsets. Such speculation is mainly centered on Apple, which is sending mixed messages about whether the iPhone 4S/iPhone 5 will include NFC technology. There is persistent speculation that Apple will produce the technology themselves and NFC will be included in the iPhone 5 [9]. If Apple intends to enter the NFC market, it will face competition from Google. Google has the first mover’s advantage in terms of handsets and holds that same advantage concerning payments (Google Wallet). Assuming Apple does not release an NFC-capable iPhone until 2012, Blackberry will almost certainly be the second major manufacturer to enter the NFC market with the Bold 9900/9930 [10]. Internationally, Sagem Wireless released its own handset, the Cosyphone [11], in France in 2010, with availability in selected cities in the United Kingdom and Ireland. Chinese manufacturer Hedy [12] currently supplies NFC-enabled handsets to Chinese mobile provider giant Unicom, and Shanghai Simcom is currently producing numerous NFC-enabled handsets under the brand name East Com [13]; both manufacturers are partnering with chip manufacturer Shanghai Fudan Microelectronics. [14] Malaysian manufacturer Fifth Media, in collaboration with Garmin Asus, is currently producing specialist handsets, Axia A306 and A206, 10

Smart Card Talk

both running on Windows Mobile 6.5.3. [15] The Sky Vega Racer by Pantech, dubbed the fastest Android phone yet, is to be released in Korea in mid-2011. [16]

NFC POS Infrastructure Status The NFC POS infrastructure comprises the following components: • Contactless/NFC readers • Payment terminals • POS systems Contactless/NFC Readers. Contactless readers provide the consumer with the touch point for exchanging data between the NFC handset and the POS system. NFC standards (ISO/IEC 18092) are compatible with ISO/IEC 14443, the standard used by contactless payment card readers; as a result, contactless payment card readers can accept transactions from NFC handsets operating in card emulation mode. The newer contactless readers can also operate in peer-to-peer mode with NFC handsets for transactions other than bank card payment transactions, such as loyalty applications or coupon redemption. Contactless readers can be part of the payment terminal or separate. Payment terminal vendors support contactless readers integrated with the payment terminals. Vendors also market separate contactless readers that can integrate with any payment terminal to enable contactless and NFC transactions. Payment Terminals. Payment terminals interact with the contactless readers to obtain the payment data from the NFC device instead of from the magnetic stripe on a card and construct records to send to the POS system (if they are integrated) or directly to processors (if they are standalone). Traditionally, payment terminals accept payment cards, gift cards, and loyalty cards. Payment terminals with contactless readers can be loaded with payment brand applications (American Express ExpressPay, Discover Zip, MasterCard PayPass, Visa payWave) for contactless payment card and NFC mobile payment transactions. When operating with contactless readers and NFC mobile phones, payment terminals may need to accept other items, such as coupons and tickets. New terminal and reader applications are being created to support these items and to send the transactions to the POS system or directly to the processor. Major POS terminal vendors have upgraded their payment terminals to incorporate contactless readers. They have also created a process to securely deploy applications in the payment terminals and contactless readers without requiring recertification of the payment brand applets. POS Systems. The POS systems (supporting cash registers and shopping applications) provided by vendors such as IBM, NCR, and Micros (and possibly customized by retailers) must be capable

Table 1. Example of Stakeholder Activities in the United States of accepting new transactions from the payment terminals and returning the transaction results to the payment terminals when the response is to be returned to the NFC handset.

Stakeholder MicroSD and specialized hardware solution vendors

Example Companies DeviceFidelity Tyfone WatchData Technologies Wireless Dynamics

Some NFC/digital coupon solutions are triggered by loyalty cards to retrieve coupons stored in a backend system owned by the retailer (e.g., Safeway Copient) or operated by a third party (e.g., Zavers). These POS systems will require changes at the application level.

NFC device add-on vendors NFC SE and UICC suppliers

NFC and EMV. Globally, the payments industry is migrating from magnetic stripe bank cards and infrastructure to EMV chip cards and infrastructure. EMV is an open-standard set of specifications for smart card payments and acceptance devices. Eighty countries globally are in various stages of EMV chip migration, including Canada and countries in Europe, Latin America and Asia. In August 2011, Visa announced plans to accelerate chip migration and adoption of mobile payments in the United States, through retailer incentives, processing infrastructure acceptance requirements and counterfeit card liability shift.

Gemalto G&D INSIDE Secure NXP Semiconductors Oberthur Technologies STMicroelectronics

Payment networks

ACH Network American Express Discover MasterCard Worldwide PayPal STAR Visa Inc.

Banks

Citi Barclays Bank of America

Retailer POS suppliers and acquirers/processors

Castles First Data Hypercom Ingenico VeriFone ViVOtech

Perso bureaus

First Data Gemalto G&D Oberthur Technologies

NFC handset manufacturers

HTC Huawei LG Nokia Pantech RIM Sagem Samsung

MNO/telecom related services

Isis Monitise Smart Trust Sprint Sybase 365

Specialized software solution developers and vendors: device software, apps, wallet, similar software

Cassis C-Sam Google mFoundry ViVOtech

OS providers and web-based services companies

Apple Google Microsoft RIM

TSMs

Bell ID Cassis First Data Gemalto G&D Obethur Technologies SK C&C

NFC mobile contactless payment transactions between a mobile phone and a POS terminal use the standard ISO/IEC 14443 communication protocol currently used by contactless EMV credit and debit cards. NFC-enabled mobile phones will be able carry one or more payment applications and accounts from different issuers; the NFC specifications donâ&#x20AC;&#x2122;t define or specify the payment application. NFC payment applications will follow the payment brand specifications for the region of the world where they are being issued. An EMV payment application and account would be loaded in the NFC-enabled phone and used with compatible EMV POS terminals. EMVCo, the organization that manages, maintains and enhances the EMV specifications, has been active in defining the architecture, specifications, requirements and type approval processes for supporting EMV mobile contactless payments. This effort has been critical in supporting the launch of NFC mobile contactless payment in regions that have already migrated to an EMV-based payments infrastructure. Since both NFC technology and EMV payment cards are being introduced into the North American market over the next few years, merchants should select and install POS terminals that support both capabilities when upgrading their POS infrastructure.

Stakeholder Activities Within the United States, two major influences are motivating stakeholders: the activities of Google and its partners and of Isis and its partners. A third influence is the activities of Apple, although Apple has made no formal announcements about NFC support.

Smart Card Talk

Table 1 summarizes examples of NFC mobile contactless payments stakeholders in the United States. Since the NFC market is emerging and changing rapidly, the listing should be viewed as providing examples to illustrate the breadth of NFC ecosystem participants and not inclusive of all companies offering products and services in the market.

Summary NFC is igniting interest throughout the mobile market for many different types of applications. Mobile contactless payments, which leverage the current contactless payments infrastructure, are providing the focal point for key U.S. stakeholder activities. Standards and hardware availability are paving the way for NFC mobile payments. The NFC standards, specified by ISO/IEC, ETSI, ECMA International, and NFC Forum, ensure global consistency and an interoperable infrastructure. More than 20 handset manufacturers are reportedly producing NFC-enabled handsets, and 10 handset models are already available. The key manufacturers of microSDs, SIMs, SEs, and other specialized hardware are offering the accessories and services needed to support NFC. The NFC mobile payments ecosystem is complex, with many stakeholders cooperating to deliver different functions and capabilities. Many companies, including Google, Isis and their partners, are involved in developing the U.S. ecosystem for secure, NFC-enabled mobile contactless payments and other NFC-enabled applications.

Note This article does not endorse any specific company, product or service. Company, product or service references are provided to illustrate the points being made.

References [1] List of NFC Phones, NFC World, SJB Research, June 13, 2011. [2] Mobile Holiday Winners, NetMarketShare, May 2011. [3] Android Market Share to Near 50 Percent, CNET, April 2011. [4] Google to Acquire Motorola Mobility, Wired, August 15, 2011. [5] Nokia Astound -- Made to Perform, Nokia USA. [6] MC75A HF RFID Contactless Mobile Computer, Motorola Solutions. [7] IT-800, CASIO-B2B [8] A definitive list of NFC phones, Near Field Communications World. [9] iPhone 5 Rumors Again Claim NFC, A5, Big Screen, CNET News, March 22, 2011. [10] Blackberry Bold Touch 9900/9930, Blackberry. [11] Sagem Wireless’ New NFC-enabled Cosyphone, NFC World, September 10, 2010.

Smart Card Talk

[12] China Unicom to Launch World’s First Commerical Single Wire Protocol Based NFC Service, NFC World, February 19, 2010. [13] Specific model numbers are not available. [14] List of NFC phones, NFC Software. [15] A definitive list of NFC phones, Near Field Communications World. [16] Pantech’s Vega Racer Shows Up in Google Phone Gallery, Phandroid, June 21, 2011.

About this Article This article is an extract from a new Payments Council white paper, The Mobile Payments and NFC Landscape: A U.S. Perspective, which was developed to provide an overview of the current state of the market for mobile payments and NFC-enabled payment applications in the U.S. and to evaluate the advantages and disadvantages of different mobile payment approaches. Payments Council Members involved in the development of this white paper included: Accenture LLP; American Express; Apriva; Bank of America; Capgemini; Capital One; Connexem Consulting; CPI Card Group; Datacard Group; DeviceFidelity; Discover Financial Services; First Data Corporation; Gemalto; Giesecke & Devrient; Heartland Payment Systems; Infineon Technologies; INSIDE Secure; JPMorgan Chase; Mike Kutsch; Dale Laszig; LTK Engineering Services; MasterCard Worldwide; NACHA; NagraID Security; NBS Technologies; NXP Semiconductors; Oberthur Technologies; Quadagno & Associates; Chandra Srivastava; Thales e-Security; VeriFone; Visa, Inc.; ViVOtech; WatchData Technologies.

About the Smart Card Alliance Payments Council The Smart Card Alliance Payments Council focuses on facilitating the adoption of chip-enabled payments and payment applications in the U.S. through education programs for consumers, merchants, issuers, acquirers/processors, government regulators, mobile telecommunications providers and payments service providers. The group is bringing together payments industry stakeholders, including payments industry leaders, merchants and suppliers, and is working on projects related to implementing EMV, contactless payments, NFC-enabled payments and applications, mobile payments, and chip-enabled e-commerce. The Council’s primary goal is to inform and educate the market about the value of chip-enabled payments in improving the security of the payments infrastructure and in enhancing the value of payments and payment-related applications for industry stakeholders. Council participation is open to any Smart Card Alliance member who wishes to contribute to the Council projects.

• Los Angeles County Metropolitan Transportation Authority, Los Angeles, CA Membership Level: government Member Contact: Jane Matsumoto, Deputy Executive Officer, TAP operation Description: Southern California regional transit provider

NEW CSCIP/G Members Nabeel Bitar Joshua Davis William Dorner Todd Eberwine Michael Fox

Ingersoll Rand Ingersoll Rand Ingersoll Rand Ingersoll Rand Ingersoll Rand

September 2011 September 2011 September 2011 September 2011 September 2011

ALLIANCE IN THE NEWS

• Benefit Resource, Inc., Rochester, NY Membership Level: General Member Contact: Matt Lebeau, Supervisor of Card Services Description: Independent service provider of IRC benefits plans

The Alliance has an active communications program to promote industry messages in business, vertical market, and technology publications. Coverage results from both Alliance press releases and interviews with publications writing articles about smart cards. Selected recent coverage is shown below with links to online articles.

• SmarTrac Technology, Manaus, Brazil Membership Level: General (SCALA) Member Contact: Joerg Stefan Wittkowski, Director Description: Leading developer, manufacturer, and supplier of RFID components

October 2011 Managed Care Weekly Digest, 10/10/2011, Card Alliance Supports Bi-Partisan Smart Medicare Common Access Card Act of 2011 [link not available] Mass Transit, 10/1/2011, What’s the cost of open payment systems? PYMNTS.com, 10/3/2011, Why Should NFC Be Harder to Ignite than GPS Telecom Engine, 10/5/2011, Developments in the e-health, telehealth field

WEB SITE NEWS Updated web content: • New white paper, The Mobile Payments and NFC Landscape: A U.S. Perspective • Archived recording of the Payments Council webinar, EMV for Merchants and Merchant Acquirers: U.S. Migration Considerations • 2012 Payments Summit call for papers and registration • Update to OPACITY protocol in Industry Technical Contributions • Update to Council members-only pages

SEPTEMBER 2011 WEB STATISTICS • • • • • • •

76,608 visitor sessions for the month 2,553 visitor sessions per day 423,403 total page views for the month 148,481 Industry News items viewed 1,255 Card Reader Catalog items displayed 15,016 PDF downloads 22,934 Product and Service Directory page views

If you have any suggestions on content that you’d like to see on the Alliance web site, please send them to info@smartcardalliance.org.

September 2011 eBanking and Payments News, 9/29/2011, Smart Card Alliance White Paper Focuses on U.S. Mobile Payments and NFC Landscape [link not available] FierceHealthIT, 9/17/2011, Smart card plan proposed to combat medicare fraud GovernmentID News, 9/27/2011, SCA hosts EMV webinar, conference highlighting government security JustAskGemalto, 9/29/2011, JustAskGemalto Asks the Experts: Randy Vanderhoof of Smart Card Alliance on Smart Card Security Mobile Payment Magazine, 9/19/2011, New Report Focuses on NFC and Mobile Payments Landscape NFC Data, 9/20/2011, Smart Card Alliance complete NFC industry overview white paper NFC News, 9/18/2011, Smart Card Alliance launches U.S. mpayments report Payment Observer, 9/22/2011, Smart Card Alliance releases U.S. Mobile Payments Report Payments News, 9/20/2011, The Mobile Payments and NFC Landscape: A U.S. Perspective Reuters, 9/28/2011, Why U.S. credit cards fail overseas RFID News, 9/21/2011, Smart Card Alliance White Paper Focuses on U.S. Mobile Payments and NFC Landscape SDM, 9/1/2011, ‘PIVed’ Yet? Trusted Identity Moves Forward [link not available] SecureID News, 9/28/2011, SCA hosts EMV webinar, conference highlighting government security The Green Sheet, 9/26/2011, SCA security comments Smart Card Talk

from the alliance office

NEW MEMBERS

council reports

Updates from the Alliance Industry Councils PAYMENTS • The Payments Council held the webinar, EMV for Merchants and Acquirers: U.S. Migration Considerations, on October 6, 2011. The webinar covered global EMV migration status, the key considerations for merchant and acquirer migration to EMV, Visa’s announcement of EMV migration incentives and mandate, and lessons learned from a Canadian acquirer. Speakers included: Guy Berg, Datacard Group; Simon Hurry, Visa Inc.; Oliver Manahan, MasterCard Worldwide; Amer Matar, Moneris; and Randy Vanderhoof, Smart Card Alliance. • The Council published a new white paper, The Mobile Payments and NFC Landscape: A U.S. Perspective. The white paper reviews available mobile payment approaches and outlines the state of the Near Field Communication (NFC) mobile proximity payments infrastructure in the U.S. • Payments Council Members involved in the development of this white paper included: Accenture LLP; American Express; Apriva; Bank of America; Capgemini; Capital One; Connexem Consulting; CPI Card Group; Datacard Group; DeviceFidelity; Discover Financial Services; First Data Corporation; Gemalto; Giesecke & Devrient; Heartland Payment Systems; Infineon Technologies; INSIDE Secure; JPMorgan Chase; Mike Kutsch; Dale Laszig; LTK Engineering Services; MasterCard Worldwide; NACHA; NagraID Security; NBS Technologies; NXP Semiconductors; Oberthur Technologies; Quadagno & Associates; Chandra Srivastava; Thales e-Security; VeriFone; Visa, Inc.; ViVOtech; WatchData Technologies.

HEALTHCARE • The Healthcare Council is working on a smart card guide for health insurance cards that comply with the WEDI Health Identification Card Implementation Guide specifications. The guide discusses smart card benefits for healthcare payers and healthcare delivery organizations and provides example layouts for smart health ID cards that comply with the WEDI specifications. The guide will be published in late October. • The recording of the Healthcare Council webinar, Smart Health ID Cards: Addressing Challenges with Patient Identity Management and Authentication, is now available. The webinar focused on smart health ID cards for patients, reviewing the key challenges with patient identity management and authentication today and discussing how patient ID cards and smart card technology can address the critical issues. The American Medical Association Health Security Card pilot and the Wyckoff Heights Medical Center medical smart card were featured as examples of smart health ID card programs. • The Council’s LinkedIn group, Healthcare Identity Management, is open for discussion on healthcare identity security and management. The group is open to both members and non-members.

• The Council’s LinkedIn group, Smart.Payments, is open for discussion on payments and fraud. The group is open to both members and non-members.

Alliance Members: Participation in all current councils is open to any Smart Card Alliance member who wishes to contribute to the council projects. If you are interested in participating in any of the active councils, please contact Cathy Medich.

Smart Card Talk

IDENTITY • The Identity Council is working on a white paper that will include use cases for non-Federal organizations issuing and using PIV-I credentials. The white paper will be available in early November.

TRANSPORTATION • The Transportation Council is working a new white paper on the benefits and challenges of open bank card payments for transit. The white paper is expected to be available later this fall. • The Council is developing a set of web resources on open payments for transit agencies, highlighting agencies that are moving to open payments and Smart Card Alliance resources for agencies. The Council will also be hosting a new LinkedIn Group for member and public agency discussion of topics related to smart card use in transit. • The Council has just started a new white papers, one on NFC and transit, which are scheduled to be available by the Payments Summit, February 8-10, 2012 in Salt Lake City, UT.

PHYSICAL ACCESS • The Physical Access Council is developing a white paper on technical specifications and best practices for leveraging FIPS 201 and the PIV card specifications for commercial enterprises. The white paper defines the Commercial Identity Verification (CIV) credential, which leverages the PIV-I specifications, technology and data model without the requirement for cross-certification. The white paper will be published in late October. • The Council is reviewing a draft Federal CIO Council document on federated PACS and will be submitting comments on the document in late October.

OTHER COUNCIL INFORMATION • Members-only council web pages are available at http:// www.smartcardalliance.org/councils. These are passwordprotected pages that contain council working and background documents and contact lists. Each Council area has a separate password since Councils may have different membership policies. If you are a Smart Card Alliance member and would like access to a council site, please contact Cathy Medich. • A Council meeting calendar is available on the members-only web site at http://www.smartcardalliance.org/pages/memberscouncil-resources. • If you are interested in forming or participating in an Alliance council, contact Cathy Medich.

Smart Card Talk

members in the news

Oberthur Technologies provides Next Gen payment solutions webinar

Personal Argentina and Gemalto Deploy SIMbased Facebook® Service

Chantilly, VA, October 13, 2011–Oberthur Technologies, a world leader in the field of secure technologies, today announced that a free, one-hour webinar is being held for U.S. banking industry leaders to provide information and insights on the latest payment technologies including NFC, EMV and On-line Authentication. The webinar, “Next Gen Secure Payment Solutions” will be held on Wednesday, October 26th, at 1 P.M. EST/10 A.M. PST.

Amsterdam, Oct 5, 2011 - Gemalto (Euronext NL0000400653 GTO), the world leader in digital security, announces that Personal Argentina will go live with the Facebook for SIM software application. Personal Argentina will provide its more than 17.4 million customers with an innovative new way to access Facebook from any type of handset, and without the need for a data plan.

Smart Card Alliance Advances North American Adoption of NFC With New Conference and Web Resources Princeton Junction, N.J., October 13, 2011–With major Near Field Communication (NFC) programs underway with Google and Isis, and the imminent arrival of millions of NFC-enabled handsets for consumers, NFC is gaining momentum in the U.S. The Smart Card Alliance today announced plans to lead education and awareness about the technology’s capabilities and benefits for mobile applications–both payments and non-financial uses– through educational resources on its website and the creation of the new NFC Solutions Summit 2012 Conference held in partnership with the NFC Forum in the spring.

Public Transit Riders Around the World Get on Board Faster With New Ticketing System From ACS, A Xerox Company Abu Dhabi, Casablanca and Mexico City to Install New Customer Transit Payment Systems Dallas, October 12, 2011–Abu Dhabi, Casablanca and Mexico City are turning to ACS, A Xerox Company (NYSE: XRX), to make their public transit payment systems more efficient and convenient for millions of riders. ACS is modernizing the commuter payment systems in all three cities by implementing its Atlas® ticketing system. With the wave of a reloadable debit card from the local transit agency, riders can pay fares without using cash. This “contactless ticketing” system will ease commuter congestion and make boarding and paying easier and faster.

Members submit news each month to the Smart Card Alliance, with news items highlighted on the Alliance web site and in the monthly news letter. Members are invited to submit their news releases (as a Word document) to news@smartcardalliance.org to contribute to the Members in the News content.

Smart Card Talk

APTA Attendees to Determine Front Runner Award Winner in Cubic’s “I Heart My Card” Video Contest

Voters can also win an Apple iPad2, taking place in Cubic’s Booth 721, Hall D APTA Expo, New Orleans, Oct. 3, 2011–Attendees at the American Public Transportation Association (APTA) EXPO 2011 will determine the $2,000 Front Runner Award winner in the “I Heart My Card” video contest, sponsored by Cubic Transportation Systems, a subsidiary of San Diego-based Cubic Corporation (NYSE:CUB) and the world’s leading solution provider of automated fare collection systems for public transport. Voting will take place at APTA in Cubic’s booth 721, Hall D of the Ernest N. Morial Convention Center in New Orleans from October 3-5. EXPO attendees who cast a vote will be entered into a drawing to win an iPad2.

ACS, A Xerox Company, Speeds Up How Riders of New Jersey’s Transit System Pay for Travel Dallas , Sept. 28, 2011–Building on a successful first-of-its-kind program, NJ TRANSIT riders can now simply wave or tap their credit or debit cards on twice as many bus routes, including buses traveling to different zones in the system.

Smart Card Alliance Supports Bi-partisan Smart Medicare Common Access Card Act of 2011 Princeton Junction, NJ, Sept. 27, 2011–To combat a reported $60 billion lost to waste, fraud and abuse within the Medicare system, a bi-partisan group of U.S. senators and representatives led by Senators Mark Kirk (R-IL) and Ron Widen (D-OR) have introduced legislation to use existing “smart card” technology to protect seniors.

Steve Weingart to Speak at the Non-Invasive Attack Testing Workshop in Nara, Japan 2011-09-26, Austin, TX–atsec’s principal consultant Steve Weingart will be a panelist at the Non-Invasive Attack Testing Workshop (September 25th–27th, 2011) in Nara, Japan l. Weingart was asked to join the panel as a laboratory representative discussing the practicality of non-invasive testing and how it fits into the conformance testing and business requirements of the laboratories. He

events calendar

will give a short introduction of the subject matter before joining the panel discussion.

Smart Card Alliance 10th Annual Government Conference to Focus on “Smart Strategies for Secure Identity”

Online Trust Forum 2011, Realizing the Promise of Trust Washington DC October 17-18, 2011 Alliance members - Save Up to $200, Use discount code PTRORG.

Princeton Junction, N.J., September 26, 2011–More than 75 government leaders and program managers are slated to talk about security and identity initiatives at the 10th Annual Smart Card Alliance Government Conference, the Alliance said today. The event will be held November 2–4, 2011 at the Ronald Reagan International Trade Center in Washington, DC, with pre-conference workshops on November 1st.

The 10th Annual Smart Card Alliance Government Conference

Smart Card Alliance White Paper Focuses on U.S. Mobile Payments and NFC Landscape

CARTES and IDentification 2011

Princeton Junction, N.J., September 19, 2011–There is so much buzz around the growth of mobile payments in the United States, with predictions that they will hit $214 billion by 2014¹. But which of the many possible approaches–including integrated NFC, non-integrated contactless, bar codes, cloud-based solutions, and text messaging–is the best choice? The Smart Card Alliance explains and compares the different mobile payment approaches in a new white paper released today, “The Mobile Payments and NFC Landscape: A U.S. Perspective.”

KEBTechnology Introduces Latest NFC-Embedded Secure Element Solutions Seoul, South Korea, September 15, 2011KEBTechnology Co., Ltd., a leading smart card solution provider, today announced its latest development of an embedded secure element chipset combined with an NFC controller. The KONA eSE product family is based on the Samsung and NXP chip platforms, and it aims to meet the strong global demand for NFC-embedded secure element solutions among handset manufacturers. KEBTechnology has supplied more than 3 million NFC USIM cards, making the company the largest NFC USIM provider in the world.

Smart Strategies for Secure Identity Washington, DC November 1-4, 2011

Paris, France November 15-17, 2011

2012 Payments Summit

A Smart Card Alliance conference event Salt Lake City, UT February 8-10, 2012

NFC Solutions Summit 2012

A joint Smart Card Alliance and NFC Forum event San Francisco, CA May 22-24, 2012

Smart Card Talk

The 10th Annual

Smart Card Alliance Government Conference Smart Strategies for Secure Identity

Nov. 2–4, 2011

Pre-conference Workshops Nov. 1

Ronald Reagan International Trade Center, Washington, DC

The Leading Showcase for Government Projects in ID and Security Who Should Attend? The conference draws key decision makers from every level of government and industry. Over 700 will attend, including government and industry executives, administrators and technologists

Join the Leaders

The 10 Annual Smart Card Alliance Government Conference will look at the opportunities and challenges ahead for government issuers, accreditation and testing authorities, procurement programs, and the industry to meet the government’s market demands. th

Building on years of development and tens of millions of government-issued smart cards, the conference expands its focus on emerging identity and security developments by including new government initiatives to improve and implement electronic medical records (EMRs). The conference will cover new smart card applications with the potential to improve the security and privacy of patient information, provide the secure carrier for portable medical records, reduce healthcare fraud, provide secure access to emergency medical information, and provide the platform to implement other electronic applications as needed by the healthcare IT industry. Conference sessions will reﬂect and amplify the though leadership of the Smart Card Alliance Healthcare and Identity Councils.

Surveying Recent Deployments of Secure Electronic Medical Records

Continuing Coverage of Current Strategies for Secure Identity

The conference features comprehensive coverage of efforts toward strong authentication technology in government identity programs, including federal and non-federal Personal Identity Veriﬁcation (PIV) credentials, developments in National Strategy for Trusted Identities in Cyberspace (NSTIC), trusted ID on the Internet and on mobile devices, developments in state and local ID, as well as evolving global standards. Presentations emphasize real-world use-cases directly from the implementors and administrators.

Key Government Agency Participants and Presenters

For exhibit and sponsorship opportunities contact Bill Rutledge scaservices@smartcardalliance.org, 212-866-2169

OVER 50 EXHIBITORS IN A SHOWCASE OF INDUSTRY-LEADING TECHNOLOGY ActivIdentity • AMAG Technology • ASK intTag • AVISIAN Inc. • Aware Inc. • CPI Card Group • CSC • Datacard Group • Digital Identification Solutions • Exponent Inc. • Gemalto • Giesecke & Devrient • HID Global • HP • Identification Technology Partners, Inc. • Identity Stronghold • International Card Manufacturers Association • Kaba Access Control • L-1 Identity Solutions • LaserCard Corporation • Lenel, a UTC Fire & Security Co. • MorphoTrak • Muhlbauer Inc. • NXP Semiconductors • Oberthur Technologies of America Corp. • SafeNet • SMARTRAC Technology Group • Software House/Tyco International • Teslin Substrate by PPG Industries

Mark Your Calendar: Registration Opens this July • www.smartcardalliance.org