by Mark Diodati | April 20, 2012 | Comments Off
I want to welcome you to a multi-post discussion about near-field communication (NFC). Over the next few blog posts, I will be talking about:
- NFC’s moving parts
- Impending demand from your users
- NFC’s potential for access to buildings and applications
- Missing ecosystem components
The next revolution in mobility is coming: it is near field communication (NFC). The industry focus today for near field communication (NFC) is tap-to-pay systems that leverage mobile devices, a la Google Wallet and ISIS. That’s all well and good because it will feed customer demand for NFC-enabled devices. Last year, Gartner estimated that 50% of smartphones will be NFC-based. In my opinion, the estimate is conservative. I am more interested in what happens after payments, when NFC-enabled devices reach a deployment tipping point and will be used for enterprise access.
The enterprise use of NFC can be distilled into two challenges: the lack of ownership and increased complexity. For starters:
- The user owns the smartphone.
- The mobile network operator (MNO) owns the network pipe to the smartphone, which is required for over-the-(OTA) air provisioning of credentials to the secure element (the storage area inside the smartphone).
- The MNO also owns the keys necessary for writing the credentials, so “sideloading” the credentials (via physical access to the smartphone) will not work.
- An additional actor in the NFC ecosystem is the Trusted Service Manager (TSM). Its job is to enable OTA provisioning of credentials by acting as an intermediary between you (the enterprise) and the plethora of MNOs who gate access to your users’ smartphones.
My next posts will talk about the specifics of NFC and the missing puzzle piece required for NFC to work. To telegraph the punch line a little, a new service is required to provide secure credential and application distribution. We’re calling this service mobile credential management. It doesn’t exist yet. The service must be able to:
- Distribute applications to mobile devices
- Interface with credentialing services (like an on-premises certificate authority)
- Interact with the MNOs provision credentials to the secure element. There is a fair amount of technical interoperability to make this work.
I’ll also discuss mobile credential management, authentication, NFC, and authorization at Catalyst 2012—hope to see you there.
The Evolving Intersection of Mobile Computing and Authentication (research document – subscription required)
 Subscription required.
 If you are a smart card enthusiast, think GlobalPlatform keys and security domains.
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.