Blog post

The Next Revolution In Mobility: Near Field Communication

By Mark Diodati | April 20, 2012 | 0 Comments


I want to welcome you to a multi-post discussion about near-field communication (NFC). Over the next few blog posts, I will be talking about:

  • NFC’s moving parts
  • Impending demand from your users
  • NFC’s potential for access to buildings and applications
  • Missing ecosystem components

The next revolution in mobility is coming: it is near field communication (NFC). The industry focus today for near field communication (NFC) is tap-to-pay systems that leverage mobile devices, a la Google Wallet and ISIS.  That’s all well and good because it will feed customer demand for NFC-enabled devices. Last year, Gartner estimated that 50% of smartphones will be NFC-based[1]. In my opinion, the estimate is conservative. I am more interested in what happens after payments, when NFC-enabled devices reach a deployment tipping point and will be used for enterprise access.

The enterprise use of NFC can be distilled into two challenges: the lack of ownership and increased complexity. For starters:

  • The user owns the smartphone.
  • The mobile network operator (MNO) owns the network pipe to the smartphone, which is required for over-the-(OTA) air provisioning of credentials to the secure element (the storage area inside the smartphone).
  • The MNO also owns the keys necessary for writing the credentials, so “sideloading” the credentials (via physical access to the smartphone) will not work.
  • An additional actor in the NFC ecosystem is the Trusted Service Manager (TSM). Its job is to enable OTA provisioning of credentials by acting as an intermediary between you (the enterprise) and the plethora of MNOs who gate access to your users’ smartphones.



My next posts will talk about the specifics of NFC and the missing puzzle piece required for NFC to work. To telegraph the punch line a little, a new service is required to provide secure credential and application distribution. We’re calling this service mobile credential management. It doesn’t exist yet. The service must be able to:

  • Distribute applications to mobile devices
  • Interface with credentialing services (like an on-premises certificate authority)
  • Interact with the MNOs provision credentials to the secure element. There is a fair amount of technical interoperability to make this work.

I’ll also discuss mobile credential management, authentication, NFC, and authorization at Catalyst 2012—hope to see you there.

Additional Reading

The Evolving Intersection of Mobile Computing and Authentication (research document – subscription required)

How Soon is Now: NFC Smartphones and Physical Access Control Systems (blog)

[1] Subscription required.

[2] If you are a smart card enthusiast, think GlobalPlatform keys and security domains.

The Gartner Blog Network provides an opportunity for Gartner analysts to test ideas and move research forward. Because the content posted by Gartner analysts on this site does not undergo our standard editorial review, all comments or opinions expressed hereunder are those of the individual contributors and do not represent the views of Gartner, Inc. or its management.

Comments are closed