NFC ecosystem in particular set to benefit from new technology which lays foundation for ‘dynamic discovery’ and dialog between multiple servers
GlobalPlatform, the association which standardizes the management of applications on secure chip technology, has published its System Protocol Discovery Mechanism (SPDM) Specification. The document describes a simple mechanism, which enables a system to ‘discover’ which protocols are supported by a server, in order to establish how the system and the server can communicate.
While it is applicable to any ecosystem and any protocol to be discovered, the new specification has been defined to specifically support the provisioning of mobile near field communication (NFC) services, downloaded by an end-user, into a device’s secure element (SE). Once a service provider’s device application e.g. a wallet is deployed on a device, the mechanism will enable the service provider to dynamically discover who the SE issuer is, and what protocols are available to communicate with the SE issuer. If the correct business arrangement* is in place between the service provider and the SE owner, and the necessary application protocols are supported by both servers, then services can be remotely provisioned into the device’s SE.
This NFC use case is increasingly relevant, as a growing volume of secure NFC services are being brought to market by an increasing number of service providers across industries and geographies, via multiple SE owners. The SPDM Specification is not, however, restricted to usage in the NFC environment, or even to use cases involving a service provider or device application. It also applies to other secure components, such as the trusted execution environment (TEE).
“This advancement gives flexibility to service providers to enable them to deploy a wallet application in various NFC ecosystems and allows them to connect to the associated systems dynamically” comments Gil Bernabeu, GlobalPlatform’s Technical Director. “For example, if someone travels from Paris to Tokyo and wishes to use his/her NFC device to pay for a ticket on the Tokyo metro, the Tokyo metro operator does not know how to technically communicate with the person’s SE owner – a French mobile operator for example – until the first discovery mechanism dialog between the relevant servers establishes a common technical language, or protocol. Suddenly it is possible, for the Tokyo metro to request the service loading and to allow the end user to use his/her device to ‘talk’ to the Japanese metro paygate. Technically, it opens up many possibilities and provides a basis for relationship building between different actors in the ecosystem.”
The SDMP Specification also enables the end point location of a server to be shared with other systems. The ability of this specification to accurately report this information offers real value for ecosystem actors. Deployments are dynamic and evolve over time, frequently resulting in multiple server address changes. Thanks to the SDMP, which allows the end point location of servers to be remotely discovered, cards and SEs can be kept ‘live’ even when the SE issuer’s server address changes.
The specification – which will be valuable for all stakeholders in the mobile NFC landscape including SE issuers (handset manufacturers and mobile network operators), service providers, trusted service managers, service providers and system integrators – can also be used to deploy NFC services in a roaming environment.
“As the deployment of NFC services continues to grow, there is an increasing need for stakeholders to dynamically create new business arrangements and communicate on a local, regional, national and international scale,” continues Gil. “For services such as payment, loyalty and ticketing, consumers increasingly demand that these services are not restricted to geographical regions. As such, the specification can also be used to facilitate and ease cross-border communication between actors.”