Accueil > Blog > Multi-application, the Holy Grail of the smart card industry
Blog

Multi-application, the Holy Grail of the smart card industry

Week 28, 2006

Where were the obstacles? Not on the technology side. There have been solutions for a secure multi-application card for as long as we can all remember. Along time solutions have improved, got more sophisticated and more standardized at the same time.

As they were not technical, issues were business-centric and human-centric. The industry has been revolving around issues like: who is going to issue the card? Who is going to be responsible for primary data? How will data be backed up? How to guarantee independence between applications? What happens if the card is lost, stolen or tampered with? etc…. Another set of issues were centered around the customer relation. Who owns the customer is the central point. These obstacles have prevented any real size application from developing.

Nowadays, it seems that things are more or less settling down. The best example is what is happening in New York City subway (cf. Focus here below). Until now, many mass transit operators issued their own payment systems, most of them with a great success. But their payment systems were centered around the mass transit payment, sometimes allowing payment at newsstands or fast foods as a side application, with the transport operator remaining in control of the customer relation. Now, the New York City trial is a demonstration a transport operator can use a card issued by a bank and add its own payment application. The issuer of the card, the logo that appears on the front of the card, the owner of the customer relation remains the bank. The transport operator comes afterwards, and adds its own transport application on an already issued card. Management of transport rights is in the hands of the transport operator. Management of banking rights remain in the hands of the bank. There a few issues left like: what if a customer prepays a set of tickets or a monthly pass and then his card becomes non-functional or is lost or stolen? Who will recover the data and deal with the customer?

This small step looks decisive on the long path towards the multi application Holy Grail.