Google Wallet: A brewing battle between Verizon and Google

Turf war looms over a smartphone's secure element

Verizon Wireless is thwarting the use of the Google Wallet mobile payment app, at least for now, on the coming Galaxy Nexus smartphone running on Verizon's 4G LTE network.

The carrier denied it is "blocking," the app in a technical sense, but Google's simple statement made late Monday on the matter speaks volumes: "Verizon asked us not to include [Google Wallet] functionality in the [Galaxy Nexus] product."

These statements signal that a bigger battle is brewing between the Android OS maker and the nation's biggest wireless carrier. The dispute has shades of the carrier-manufacturer disagreements over which apps would be allowed on certain smartphones when mobile apps first emerged in 2008.

But mobile payments are different from other apps because of their need for security, analysts have said.

Given the potential for a huge, protracted battle between these two companies, it's a good thing that Verizon said it is "continuing our commercial discussions with Google on this issue."

What seems to be at issue is whether Verizon's security team can integrate Google Wallet into a "secure hardware element," or the system for storing private data, in phones with near field communications (NFC) technology. Google Wallet would need to work with whatever secure element Verizon and its partners in the Isis mobile payment venture are using. Isis is a consortium of wireless carriers made up of T-Mobile, AT&T and Verizon that would be compete with Google Wallet.

A smartphone 's secure element is usually a chip or a group of chips that bolsters security by recognizing a person's credit credentials apart from the phone's operating system, thus attaching an additional layer of proof for a transaction to go through. The secure element contains a user's personal information that allows a payment to be made, and that information is usually obtained with a cryptographic key.

Over the past two years, a battle has been brewing about which party should control the secure element in a smartphone. The wireless carriers want security put on a SIM chip, while the smartphone and mobile operating system makers, including Google, want the security information stored on an NFC chip or embedded within a separate chip.

That battle of where to place the secure element seems to have boiled over in the latest Google-Verizon spat.

As Gartner analyst Mark Hung pointed out in May, the owner of the payment application (in this case, Google with Google Wallet) should have a cryptographic key to control the app, regardless of which carrier provisions the smartphone.

So far, all the major credit card companies have said they are working to provide software for secure elements on upcoming NFC-ready phones that Isis will use in its mobile payment trials in Salt Lake City and Austin in 2012.

Google, meanwhile, has struck out on its own, obtaining the secure element in the Nexus S smartphone from semiconductor maker NXP, which also provides the phone's NFC chip. NXP is among several companies listed on Google's Web site as partners on Google Wallet. Another is First Data, which makes the Trusted Service Manager software that connects payment cards into a virtual wallet. Other players include MasterCard and Citi. The Nexus S 4G is the first and only smartphone to use Google Wallet, which is available on Sprint's WiMax network. Sprint, the third-largest wireless carrier is not a member of Isis.

Verizon may be debating whether the Isis consortium could also use NXP's secure element, or whether Verizon and its Isis partners must find another secure element that can either replace NXP's or run alongside it. Verizon might want the software found on a secure element put on a SIM chip, which Google hasn't done. The question is whether Verizon wants to move forward in a mobile payment world where users can move between different payment networks as they do with texting networks, or whether Verizon and the Isis consortium believe they can create a big enough network that it won't need Google Wallet or whatever Apple technology comes up with to support mobile payments.

Hung said Verizon is looking out for itself. As he reads between the lines of the statements that Verizon has made in the past two days, Hung said Verizon is essentially saying, "We have plans to put in our own secure element that we control, and we don't want you, Google, to control it. Since you won't let us control Google Wallet with our own secure element, then by our definition, it's not secure."

While it is technically feasible to have more than one secure element in a smartphone, the user experience would not be optimal, Hung said. Given that, "Verizon is pushing the Isis wallet, so I don't think it'll push the Google Wallet ahead of the Isis wallet," he said.

So the battle is ultimately over who owns the mobile payment capability in a smartphone.

Jack Gold, an analyst at J. Gold Associates, said the Google-Verizon disagreement is rooted in Verizon's and other companies' still being in the early stages of formulating a mobile payments strategy. "Verizon's hesitation has to do with its focus on Isis, but also how they can get a piece of the action," he said.

Verizon also could be weighing what happens if Google Wallet is on a phone that Verizon sold and the device gets hacked. "Who does the consumer go after to get his money back -- Google or Verizon? I could see a big class-action product liability lawsuit coming," Gold said.

To Gold and others, the Verizon-Google dispute is another indication of how slowly mobile payments are rolling out in the U.S., partly because the U.S. consumer is already so accustomed to using a credit card instead of a phone for payments.

When Apple enters the fray, as expected in 2012 with an iPhone 5 that is NFC-ready , analysts expect that there will be even more competition and potential confusion. Get ready.

Matt Hamblen covers mobile and wireless, smartphones and other handhelds, and wireless networking for Computerworld. Follow Matt on Twitter at @matthamblen or subscribe to Matt's RSS feed . His e-mail address is .

Read more about mobile apps and services in Computerworld's Mobile Apps and Services Topic Center.

Copyright © 2011 IDG Communications, Inc.

It’s time to break the ChatGPT habit
Shop Tech Products at Amazon