Tuesday 30 November 2010

New developments

The contactless sector has now reached the start of the snowball phase, with several NFC pilot projects being announced weekly, new NFC devices being released (Inside Contactless, Infineon and G&D partnership)  bi-weekly, and new TSM service providers and brokers (Ericsson IPX: TSM) going public once a month.
Huge multinational customers are finally getting in on the action (Coca-Cola, Disney, Barclays, and many more).

If the current trend continues, I predict (based on my impressions, for what they're worth) further linear growth in R&D and market size until end Q2 2011. In the next two years we'll see most of the innovation taking place; market penetration rate should reach its peak at the end of 2012. I look forward to revisiting this prediction :)

Monday 29 November 2010

SWP-enabled SIM cards

SWP support is slowly becoming more widespread among mobile phone vendors, but there are almost no NFC-enabled SWP UICCs to be found. Gemalto has come up with their own SWP&NFC UICC prototype for a pilot study in Singapore. Note that WatchData (SIMPass) and Bladox (Waver) have been doing similar product development but without the SWP functionality. In fact, WatchData argues that SWP is overrated and unattractive for handset vendors.

I think Bladox will be - for the near future - a better choice than Gemalto from the viewpoint of small startups who are looking to source NFC-enabled SIM cards.

Edit 2011-01-05:
On Track Innovations now also offers an NFC-enabled SIM+antenna. No other information e.g. SWP support.

Saturday 27 November 2010

Java Card applets access via web page, JavaScript and javax.smartcardio

Springcard blog describes an interesting way to access smart cards: via web browser, JavaScript and javax.smartcardio (PC/SC reader).

I'm in some doubt as to the usefulness of this... after all, a smart card is a trusted portable device and tying it down (leaving it in the reader connected to a PC) and making it directly accessible to the whole world via the internet (even if the webpage requires authentication) makes no sense.


Certainly, you could use this way for a mockup or demo where you need to authenticate directly to some TPM or HSM. But I don't see any commercial use-cases for this yet.