You are here

What IoT Can Learn From The Payment Card Industry | Cypress Semiconductor

What IoT Can Learn From The Payment Card Industry

This is part one of a two part series.

The IoT industry is evolving past the proliferation-at-all-costs phase and into a phase focused on profitability. Engineering teams are responding by critically examining every added piece of hardware that isn’t viewed as critical to the intended purpose of the smart device. Interestingly, many think of privacy and security – which are both highly visible topics in the news – as a cost and not a value-added feature. It seems that consumers have not transitioned their general privacy concerns into a preference for secure IoT devices. That said, a breach of an IoT product’s security can kill it, perhaps more quickly than almost any other failing; such is the public’s heightened sensitivity to privacy breaches and online crimes.

This puts the IoT industry between the proverbial rock and a hard place. The good news is there are lessons from the payment card industry that can be applied to the IoT to help reconcile the dilemma.

Managing the cost of an IoT device extends beyond the bill of materials (BOM). Allocated costs can affect the profitability of an IoT device just as much as the BOM cost. Secure manufacturing is one such allocated cost. The total cost of ownership for provisioning secure IoT devices includes capital investment for controlled access facilities, isolated equipment, and special custom inventory. Given that a particular IoT device on average will sell less than one million units per year, and in fact, possibly less than five hundred thousand units, the per unit cost burden of this investment is prohibitive. For OEMs, managing this cost likely means outsourcing to a third-party that is aggregating volume over many customers.

Whether it’s in-house or outsourced, aggregating volume for secure provisioning fundamentally requires a common approach across different applications. The Payment Card Industry (PCI), where the billions of dollars’ worth of transactions are securely conducted, can offer some clues on how to develop this approach.

Rather than foster independent transaction processes, Europay, MasterCard and Visa came together in 1993 to standardize the process for secure transactions. This normative influence yielded tremendous efficiency in the design and operation of payment networks and manufacturing of credit cards. The high cost of constructing controlled facilities and procuring secure, qualified programming equipment is amortized across millions of units aggregated across payment networks and banks so that the per-unit cost is very low.

The question for embedded OEMs: Is this evolution happening for the IoT?

Part two of this blog will examine what this looks like. **Spoiler! It’s already available!**

본 사이트의 모든 컨텐츠와 자료는 "있는 그대로" 제공됩니다. CYPRESS SEMICONDUCTOR와 해당 공급자는 그 목적에 관계 없이 이러한 자료의 적합성에 대한 표현을 하지 않으며 상업성, 특정 목적에의 적합성, 권리 및 제3자 지적 재산권의 비침해에 대한 모든 묵시적 보증과 조건을 포함하여(이에 제한되지 않음) 이러한 자료와 관련한 모든 보증과 조건을 부인합니다. CYPRESS SEMICONDUCTOR에서는 명시적 또는 묵시적으로 금반언이나 여타의 다른 방법으로 라이센스를 부여하지 않습니다. 이 사이트의 정보를 사용하려면 제3자의 라이센스 또는 CYPRESS SEMICONDUCTOR에서 제공하는 라이센스가 필요할 수 있습니다.

이 사이트의 컨텐츠에는 특정 사용 지침이나 제한이 포함되거나 그러한 제한이 적용될 수 있습니다. 모든 게시물과 이 사이트 컨텐츠 사용에는 사이트 약관이 적용됩니다. 이 컨텐츠를 사용하는 제3자는 제한 또는 지침을 따르고 이 사이트의 약관을 준수할 것이라는 데 동의합니다. Cypress Semiconductor와 그 공급자는 컨텐츠와 자료, 그 제품, 프로그램 및 서비스를 언제든 수정, 삭제, 개조, 개선, 향상 및 기타 변경하거나 예고 없이 컨텐츠, 제품, 프로그램 또는 서비스를 이동 또는 중단할 수 있는 권리를 보유합니다.