if you are wavecentric,you might say something like this:
"Actually SIM cards provide zero security for the enterprise other than if an employee loses their phone the carrier can be notified and phone service can be suspended avoiding charges for unauthorized services. A SIM card does nothing to secure enterprise data residing on the device or provide the enterprise with a capability to manage or credential the device."
And of course one reason you would do this is because you want to mimimise the value of things that aren't within Wave's orbit. And another is because you are perhaps blissfully unaware of the secure element in a SIM card which includes a cryptographic processor.
And this secure element is used to store user credentials, to launch transactions as part of the NFC transaction chain - and as part of that chain,to make secured apps available (eg the ISIS wallet app) to users. And surely many other things besides.
Think of something like Apple's app store in a global trusted phone environment.
Pretty interesting thing - to be the head of the transaction chain.
Why minimise this? Why - perhaps because your information set is entirely supplied by Wave.
Yes, there may be enterprise uses for tpms to do with device data. But no, SIM is not some dumb idiot solution that is capable of doing nothing useful for enterprises. It is the beginning of the transaction chain. That is a big deal.
An alternative methodology - enterprise phones remain thin clients in a trusted SIM-Merchant network. Sensitive data lives in the cloud. Carriers can establish relationships with enterprises just as well as TC providers can.
TCG and the phone manufacturers are building an alternative model that may have applications in the enterprise market. But there is an existing SIM-based transactional model that is occupying the high ground.
TPM in an enterprise phone environment is aspirational. Hypervise that, honey.
http://networkingexchangeblog.att.com/enterprise-business/isis-mobile-payment-and-nfc-secure-element/
| 