Apple Pay – In a Nutshell.

Apple announced the Apple pay – the new generation mobile payment system on 9th September, 2014. As per Apple , this revolutionises mobile payments  made from new generation iPhone (iPhone 6 and 6 plus ) and iPhone 5,5c & 5c  (Apple Watch). The NFC capability of these phones and Watch enable the contactless communication between mobile and payment terminal.  In order for  iPhone 5 generations to work with apple pay , you need to have an Apple Watch (not expected until 2015) .  The placing of finger on touch ID or double click on button next to crown of the watch acts as trigger which confirm the payment from customer either at payment terminal or while buying from an app. One another infrastructure element is a dedicated chip  called Secure Element which stores the account Information(A device specific account info is generated when a card is entered into Passbook).

It’s believed that the apple pay doesn’t change the In-App purchases currently performed through ITunes stores, but it may also allow Apple Pay for in-app purchases on latest iPhones. You may still have the  card information stored in the iTunes perform purchase of contents , apps and subscription through iTunes (to be used in older iPhones, iPad & desktop) .

The Apple Pay eliminate the storage of Card Number (PAN- Primary Account Number) in either device or apple servers. It’s replaced with a device specific account number (which corresponds to specific card as well) generated through a payment tokenization standard.  The tokenization process replaces card number with unique digital token. The token can be restricted with a mobile device or merchant. In apple pay, the token is created combining primary card account number (PAN) and device id (iPhone). The tokenization standard used here was established by Visa, MasterCard and American Express in 2013. The specification can be found here – EMV Payment Tokenisation Specification – Technical Framework . The payment network  tokenization interface maps back the primary account details of the card holder with this payment token when payment is processed ( at the processor end). In theory, the only place a mapping between tokenized account  and PAN (Primary Account Number) exists is at the Payment processor.  The iPhone is expected to discard the PAN  as soon a tokenized account number is crated and stored in the Secure Element.

In order to understand Apple pay better, let us  have a look at the conventional payment from apps. An app running on the device capture all necessary card information (either captured afresh or use the stored details at the Merchant) , encrypt it(or using SSL) and send it to Merchant’s payment gateway directly or through the Merchant’s back office system. The gateway then forward the information to the payment processor of Merchant’s bank.     

The payment processor then forward the information to the card association (shown below – top half) and then the information is further passed to the issuing bank for approval.   The point to be noted is that the card and customer information are passed across through multiple systems (encrypted and/or through SSL) which make it prone to security breaches (remember Heart bleed !)  . Once the payment is approved or rejected , the outcome flows back to the app through the same route.


The Apple pay works quite similar to the conventional payment beyond the payment processor/merchant side  (the main difference is that it sends the tokenized payment information instead of primary account information).

The PassKit framework provide the API framework for Apple pay – which allow your app to interact with Secure Element and Apple Passbook. For an app to work with Apple Pay , it is also required to include an Apple pay entitlement in the App also your payment processor should support network tokenization. It’s also required to create  certificates request to obtain cryptographic keys that will be used to encrypt and decrypt payment  tokens. So let us start …

How Setup your phone for Apple Pay

The apple use the passbook to store the payment information. You can add a new card either using iSight camera or you can just manually enter into the passbook.The Passbook’s ‘Capture Card Info’ can be used using iSight camera.  You can also import existing card information stored in iTunes to the passbook by entering card security code. Once a card  is entered and confirmed, a unique tokenized device account number is generated  and then it’s encrypted and stored in a dedicated chip(Secure Element) in iPhone  . The PAN is not stored anywhere. In case you loose the device, you can suspend all payments from the device through Find My iPhone(setting it to lost mode automatically suspend all transactions from the device).

The payment process

Once  your app has apple pay entitlement enabled (all other pre-requisites including complaints to App Review Guidelines) , the user can select Apple Pay as the payment mechanism

1. The PassKit has API which can tell the app whether the device is setup with Apple Pay (including the presence of secure element and device account number). My current understanding is that if there are multiple accounts (cards), the last entered card will be default and a default card is used for Apple pay.

2. The next step is to invoke PassKit API to create the payment sheet. Although the contents of the payment sheet (such as delivery address and amount) are passed from the app, the payment sheet itself is not controlled by the App.

3. The user authorises the payment using the touch id.

iPhone6-PF-SpGry_iPhone6-PF-SpGry _NFC-PRINT

(Image copyright Apple – Downloaded)

4. Once the touch id is successfully validated , a cryptogram is created by the PassKit 

5. The encrypted payment info is then transferred to the merchant application.

The encrypted payment information can be decrypted using the private key stored in the server . It’s also possible(preferred) to use a third party payment provider(discussed below) to do the rest of the payment handling.  It’s important that the payment processor support tokenization interface so that tokenized customer info can be mapped against the specific customer .

Paying at the terminal

The paying at the terminal is not much different than paying from app other than sending encrypted payment information is through NFC (Near Field Communication).

1. Once you are at the terminal and agreed to pay with apple pay , the information is automatically send across to your phone when you bring your Apple Pay capable mobile to the terminal (when it’s in the hot zone of NFC).

2. You can confirm the payment either using touch id or double click on the button (beside the crown) on the apple watch

3. This causes the tokenised payment  to be transmitted to the merchant system.

Although NFC technology as such doesn’t come up with any secure built in hardware elements , the technology itself  more secure due to to its nearness to the paired device(terminal –when data exchange is performed) and very short cycle of data exchange.

Third-party enablers/Payment providers

Apple recommends to use one of the third party providers and their SDKs instead of having own server side solutions (figure below). This will avoid having server side decryption of payment tokens and the management of payment processors and their network token interfaces. This can be especially useful in case there is an opportunity to establish a fresh payment system. Apple has already partnered with a few payment platforms such as Authorize.Net, Chase Paymentech, Stripe etc.,. for this. These providers support most common tokenization interfaces of payment processors. The SDKs and API provided by these payment providers can take away the pain in integrating with processor and their tokenization interfaces. The payment providers decrypt the payment data and run the transaction with acquirers’ bank.


Security of Apple Pay

1. The smart tag vulnerability and man in the middle attack (spoofed terminals) may be exploited by the hackers ( Some reports indicate that the NFC chip will be available only to ApplePay. The lock down of NFC chip  eliminate the tag rewriting. It’s not clear whether the Secure Element will also be locked down)

2. The apple pay doesn’t seem to provide any extra level of security for the merchants.

3. The one-time unique number with Device Account Number (reusable – but stored in Secure Element of mobile ) provide additional layer of security.

4. You can make the phone into the lost mode (which is quite handy) can immediately suspend all transactions from the device.


The apple pay is an evolutionary concept tailored from emerging standards such payment tokenization from EMVCO and it’s implementation by card associations(Visa, MasterCard and Amex) . Although it’s just currently supported by Apple (through IPhone5 and above and Apple Watch) and it can well be adopted by other payment systems making use of the contactless terminal ecosystem and other emerging payment standards.  Apple has promised that “Apple Pay is also able to make purchases through apps in the App Store℠” . The Apple pay provide the best compromise between speed of transaction and security. Although the underlying technology is not owned by Apple (one time code, storing security information in a dedicated chip, contactless payment with NFC and tokenization), the apple has established a system which works well with these underlying technologies . The apple pay currently doesn’t support payment using mobile websites (largely due to the security restriction preventing  native PassKit interface with browser) . This could be major issue as other wallet providers such as PayPal, Google support similar wallet payments over the web. 

Declarative Programming

The conventional programming practice (know as Imperative programming)  where a developer define a number of actions to change the state of a data element is getting obsolete due to it’s gap between what a problem is manifested in the real word with software solution. The imperative programming was around for many years. There were a lot of improvements in the paradigm to make the imperative techniques better. 

The point is that irrespective of the disruptive developments in technology and programming languages in the last 50 years, the programming style has been quite imperative. The procedural languages, where  a program is made of a list of actions sequentially to achieve a desired functionality seems to be inefficient.  The procedural style was evolved with a structural style where complex lengthy procedures can be split into blocks and subroutines which makes the programs easily understandable and maintainable. The biggest development in Imperative programming was Object oriented programming style which was evolved in MIT in 1960.

The improvements of Imperative programming drastically improved the maintainability and manageability of the code. It also improved the leaning lead time. However it didn’t actually make a paradigm shift in the thought process until Declarative programming evolved in the last 5 years.

What’s declarative programming 

The declarative programming in simple words is all about what to be achieved rather than  how to reach a goal. The  concerns of declarative programming is around variables, control flow and declarative programming  doesn’t worry about the state. This is because steps and intermediate states to transform the initial state of a variable into the final state is not a concern here. The declaratives paradigms are around operational semantics which is implicit. There are 2 classes of  declarative programming languages. They are functional and second is relational respectively.

Functional language

The functional language relate input to the output. Microsoft has introduced a functional language called F# , although this is supported in VB and C#. The F# is an open source under Apache 2.0 licence and it’s being ported on multiple platforms using through a software foundation. The functional programming is about building an output based on input without worrying about the state. The functional programming is built on lambda calculus. The tutorial by Rojas  provide a thorough and short introduction of Lambda calculus

The functional language is normally implemented as application of functions to the arguments. The functional programs  lacks states, assignments. This means the input variables holds it’s value. It should also be noted that the functional program will not have any impact on anything else, rather it should just compute output(s) based on input(s).  

Relational Language

While the functional language shows you how to arrive at an output from input, the relational language talks about how inputs can be related to output. A relation can be viewed as a reversible function that can return an arbitrary number of values. For example, the “square root” relation maps the number [0] to itself, but maps [4] to [2 -2].  The relational programming style relate the input to the output. In conventional programming , for example the sqrt(16) returns 4. This is not right in it’s strictest sense. The sqrt(16) => {4,-4} . The relational way is that square root of 16 should be related to a set of 2 numbers which is +2 and –2.  This is called a binary relation. In a relational language there is only one solution which might relate a single input to 1 or more outputs (when 1 input relate to 2 outputs similar sqrt function, then it is called binary relation. Similar there can be ternary as well as higher order relationships can occur) . The Z specification language  uses algebraic notation to specify the relations. The relational langue implements solution through multiple ways such as parallel execution and through a method called back tracking. The language  LIBRA uses back tracking.

Declarative programming in Action


The declarative practice is heavily used in higher level language,especially for customization. The as a service provided by Salesforce)  platform of Salesforce  is one of the most notable example of declarative programming. Although support an object oriented language, the majority of customization can be done through click and configure (declaratively). This means someone with thorough knowledge on the Salesforce object model can customize much of the platform without writing a single line of code. The visual aspect of declarative practice make Salesforce one of the most productive platform to work with. This makes the multi tenant cloud based CRM platform scalable and extensible. 


The Microsoft provide a full blown functional programming language called  F# ( ), which enables representation of complex ideas in a simple and  declarative way. The book- Real-World Functional Programming book  thoroughly covers how  real world problems can be resolved declaratively. The XAML(eXtensible Application Markup Language) which is the foundation of WPF (Windows Presentation Framework) , WCF (Windows Communication Foundation) and WF (Windows Workflow Foundation) is one of the best declarative implementations under Microsoft hood . Microsoft allows programmers to declare cross cutting concerns (such as security, logging etc.,) declaratively. Microsoft research has a number of parallel streams( declarative problem solvingdeclarative data centre, data structure and development ) which explore the possibility declarative programming in Microsoft platforms. The declarative practice has become essential in Microsoft platform development.  The LINQ (functional style) lamda expression are brought functional programming into the mainstream of .NET. One one another  functional programming example is  TPL (Task Parallel Library) in .NET


The developers in the java world didn’t think that Java is fast enough into the world of declarative programming. This created open source JVM based implementation of languages such as  JRuby, Groovy, Scala, Clojure. The project Lambda and it’s popularity indicate that how much the developers wanted such functionality in java which allows programmers to build multithreaded & multi-core capable  java programs at ease.  One another area where Java started using declarative style extensively is in its EJB implementation 


Additionally almost all popular languages such as Python, java script (Microsoft provide a declarative library) now implement declarative paradigm


The declarative style increase the coding productivity (ability to automate the code) and reduce the code cluttering (reduces number of lines of code). This can make maintenance and enhancements easier (users can customize or possibly add  features). The biggest contribution of declarative programming is in the world of parallel programming.  The multi-core CPUs are norms even in mobile and embedded processors and there is a need to deliver error proof programs runs  on these platforms as quickly as possible. The declarative style of programming is  definitely a solution to such problems.  The PaaS (Platform as service) is largely becoming declarative and stay in the same for for foreseeable  future.

Imminent death of two Titans – TV Ads and Landlines

The on demand streaming of TV media and the ability for pause-record-watch provided by setup boxes are empowering the TV viewers to avoid advertisements. The  avenues for ads hit the eyeballs are now limited to the commercial beaks of live TV , such as sports and other live events. They can also be largely surpassed through pause and play provided by setup boxes.(also switching  the channels during ad slots).

The landlines are yet another piece is the garage waiting to be recycled.  The replacement of copper wires with dedicated coaxial cables, lightning fast and tech promoted fibres (such as Google fibre) are creating a merger of voice, video and  text media into a single pipeline. One another outcome of this disruptive change is device independence and boundless information flow. The time has come to start a TV program or a voice/video call at one at device at home continue along at while commute to the work through a different device without loosing the continuity.

What is good and bad about this change ?

  1. TV
    1. The life is getting more and more busy  and day length is still 24 hrs. So the time is precious. The targeted ads through social media and other utility applications (especially free ones such as weather , mail,news etc., in mobile ) are already taking a big pie of what someone want in terms of advertisements to see everyday.
    2. Will this lead to the end of free TV ? .  The lack of ads will challenge the revenue model of the free TV. Alternatively broadcasters will come with ads being interweaved with  program itself. The challenge will be on how to do this without impacting the user experience ? .
  2. Landline
    1. I believe the line rental is quite naive way of collecting money and I can’t think of a survival strategy for fixed landline
    2. As per Ofcom UK Communication facts 15% UK population [Ofcom]  don’t have fixed landline. The US is already moving to 100% IP phone systems . The AT&T has started adopting the mantra of no landline . As on end of 2013 almost 40% US households don’t have land phones.



The trend clearly indicate that the utility specific devices are disappearing.  The one to one match of TV program with TV and land line phone for voice communication are  no more a reality. Also the need of on-demand pervasive access to the information and entertainment and the growth of social media pushing out conventional wisdom. There is a need to have a creative survival strategy for organizations providing communication and media services to the customers.

Semantic Interoperability(SI) of Service Oriented Architecture(SOA) in Travel domain

We most often ignore Semantic Interoperability (SI) when designing service interfaces, unless it is mandated by an organizational discipline of standard. I have been working on providing a REST (Representational State Transfer) based APIs to one of our COTS vendors. Our discussions were mostly around the following aspects.

1.     Are the interfaces portable: – What language it supports? Whether it supports both .NET WCF as well as JAX-RS? Can JQuery be used to integrate them? Can the vendor use Ruby on Rails? Can python scripts be used to build the test rigs, Can it provide JSON data etc.

2.     Are they interoperable: – The thoughts were again similar to the portability?  Additionally we debated a lot about whether it should be a publish-subscribe or point-to-point and how it could work across legacy platforms. Basically, all about syntactic interoperability!

3.     Architecture excellence: – How to impose highest cohesion with lose coupling? What is the package size and what would be network utilization and security?  How to avoid the MIM (Man in the middle) attack and what are the QoS aspects?

Well, all of the above aspects are critical to the building of interfaces support SOA. However, building many point to point (P2P) integration often results in uncontrolled proliferation of interfaces in the domain.  This is quite analogues to the old day telephone lines. There used to be one wire to each subscriber from exchange. 

What’s semantic interoperability (SI)?

One of the fundamental challenges in service oriented integration is the use of different terminology and nomenclature used by different parties in the same domain. The current SAAS (Software as service platforms) often doesn’t provide a domain based Ontology.  Although the organisations such has open group is trying to address issue through common system architecture and SOA ontologies, but they aren’t penetrating deep into SOA designers   

This is probably the case with most of the business domains. I have been working with travel domain for many years and I do integrate different services. The lack of coherence is felt even within the different business areas as well as software modules in my company. For example, the vendors such as Sabre, Navitaire all have their own dictionary of terms.  The Associations such as ABTA and IATA are no different.  One of the solution to this problem is to establish a domain specific ontology. In other ways whoever understands the Ontology of the domain can exchange information more effectively.  Bitter and Donnelly explain this concept nicely in their paper ( accessed on 09th June, 2013). They describe four steps communication process typically used in an interoperable interface. They are

1.     Building the message syntax, 

2.      Sending it across to a pre-established channel,

3.     Translating,

4.      Interpreting the message and mapping to the business entities.

The first step and last step can only be successful in long term by assuring semantic interoperability. The semantic interoperability is the ability to interpret the messages accurately. A schema definition (XSD), WSDL (SOAP) or WADL validators can enforce a syntactical interoperability, however there is no general standard to enforce semantic interoperability. The solution to this problem is to build domain based integration mechanism based on a standard Ontology. However there are thoughts on how this can be standardised across the domains.  The standardization efforts by IEEE and Open Group are mentioned below.

Open Group

The open group has established a subject area ( They recognise the importance of SI (Semantic Interoperability) to enforce the Boundary-less information flow (which is the foundation of TOGAF). As per open group, the effort spends on resolving semantic integration issues are as high as 80%. The open group solution to this problem is UDEF (The Universal Data Element Framework). The UDEF ( define a standard which integrate with W3C’s RDF (Resource Description Framework). The UDEF is based on indexed Ontology.

Travel Industry and SI

One of the most collaborated business domains is Travel. This collaboration makes a travel companies work out of the corner shop and premium agents such as TUI, Thomas cook  and  Abercrombie and Kent all sustainable.  There are thousands and thousands of travel agents in the world rely on integrated platform. This caused mushrooming of travel integration platforms and GDS (Global Distribution System) or CRS (Computer reservation system). The Abacus ( majorly used by Asian careers) and Amadeus ( conventionally dominated the market, however Sabre, Navitaire are now taking a big pie especially in Airline world. The issue is none of this platform ensures full semantic interoperability (although they claim partial SI).

The Open Travel Alliance and Hotel Technology Next Generation

The OTA is a non-profit organization which is dedicated to building interfaces and electronic data exchange standards for the travel industry. The OTA works across the industry such as hotels, airlines, car rentals, cruises, railways and GDS etc., The OTA standards achieve semantic interoperability through OpenTravel Lexis (  The Architecture workgroup’s   Open Travel 2 XML Objects have come up a lot of changes in their 2013 schema ( which is expected to make Travel APIs 100% semantically interoperable. The Hotel Technology Next Generation (HTNG) is also in the process of building a set of specs ( to assure semantics interoperability.


The service oriented middleware, cloud and SAAS made huge advances in integration and interoperation in the recent years. However there is still lot to be done in enforce semantic interoperability. It’s hence important for domain as well as application architect to stress on this. The absence of proper attention in SI can create a plethora of islands of integration like complex and tangled mesh.

Building WCF services capable of providing both Restful and SOAP services

There is a widespread adoption of  RESTful services recently. The  integration frameworks and the philosophy of ‘internet of things’ emphasise the need of quick integration of services in addition adhering of  the highest level of interoperability requirements.  In this article we’ll discuss about how to build web services which can be exposed  as SOAP based service as well RESTful service without having any additional plumbing as well as no duplicate code/implementation.

we will create a simple search service. The data contract is defined as below. The service – ISearchService  exposes a method  SearchByCriteria which takes Search criteria parameter.

Step 1 – Defining the service contract
   1:  namespace MySearchService.Contracts.ServiceContracts
   2:  {
   3:      [ServiceContract(Namespace = "")]
   4:      public interface ISearchService
   5:      {
   6:          [WebInvoke(Method = "POST", UriTemplate = "SearchByCriteria")]
   7:          [OperationContract(Name = "SearchByCriteria")]
   8:          [FaultContract(typeof (AuthorizationValidationException))]
   9:          [FaultContract(typeof (InvalidCriteriaException))]
  10:          SearchResults[] SearchByCriteria(SearchCriteria searchCrieria);  
  11:      } 
  12:  }   


The above is the interface specification of the service.  The line-6 & 7 annotate that this is exposed as RESTful service and SOAP services respectively. The RESTful annotation also define the URL template.

Step 2 – Implementation

The implementation really doesn’t matter

   1:  public  class SearchService:ISearchService
   2:  {
   3:          public SearchResults[] SearchByCriteria(SearchCriteria searchCrieria)
   4:          {
   5:                       //return the array of search result objects 
   6:          }
   7:  }

Step3 – Hosting the service

The idea of hosting a service is through a separate hosting project. This could be either a web project, console or windows service. The one thing we need to remember is that hosting application should be up and running and able to host the end points (also exports metadata of services)

   1:  <?xml version="1.0" encoding="utf-8"?>
   2:    <system.serviceModel>
   3:      <services>
   4:     <service name="MySearchService.Business.Managers.SearchManager" behaviorConfiguration="SearchEngineTypeBehavior">       
   5:          <host>
   6:            <baseAddresses>
   7:              <add baseAddress="http://localhost:8080/" />
   8:            </baseAddresses>
   9:          </host>
  10:          <endpoint address="soap" binding="basicHttpBinding" contract="MySearchService.Contracts.ServiceContracts.ISearchService">
  11:            <identity>
  12:              <dns value="localhost" />
  13:            </identity>
  14:          </endpoint>
  15:          <endpoint name="rest" address="" binding="webHttpBinding" contract="MySearchService.Contracts.ServiceContracts.ISearchService" 
  16:          behaviorConfiguration="restEndpointBehavior">
  17:            <identity>
  18:              <dns value="localhost" />
  19:            </identity>
  20:          </endpoint>
  21:        </service>
  22:      </services> 
  23:      <behaviors>
  24:        <serviceBehaviors>
  25:          <behavior name="SearchEngineTypeBehavior">
  26:            <serviceMetadata httpGetEnabled="true" />
  27:            <serviceDebug includeExceptionDetailInFaults="true" />
  28:          </behavior>
  29:        </serviceBehaviors>
  30:        <endpointBehaviors>
  31:          <behavior name="restEndpointBehavior">
  32:            <webHttp helpEnabled="true" defaultOutgoingResponseFormat="Json" />
  33:          </behavior>
  34:        </endpointBehaviors>
  35:      </behaviors>
  36:    </system.serviceModel>


I have used a basic http binding for SOAP (just by looking at interoperability with other languages such as java, php) and webhttp binding for SOAP end points as shown in line 10 & 15. I have also defined an end point behaviour for RESTful service so that it emits the JSON as the default response . I have used a DI container (you may use MEF or Castle Windsor or any of your choice) to bind the implementation with interface. Now just build the service

You can now test the Restful endpoint  (e.g. )http://localhost:8080/SerarchEngine.svc/help as well as SOAP end point (http://localhost:8080/SerarchEngine.svc?wsdl)


One of the common validation of web service requests is inspection  the headers for security tokens. If we expose a service through multiple endpoints and protocols, then it become a bit more complex. In this scenario, it’s important to inspect both SOAP headers as well as http headers to validate the request. One of the methods of doing this to incorporate this validation in a base class of all our implementation of Service interfaces. I normally have common service base class(abstract)   for all service implementation in a project. This allow us to re-use such cross cutting concerns such as security logging etc.,

   1:   protected ServiceBase()
   2:          {
   3:          //Checking whether this is RESTful 
   4:              if (WebOperationContext.Current != null)
   5:              {
   6:                  GetHttpHeaders();
   7:                  // This can be obtained  
   8:                  //  WebHeaderCollection headersHttp = WebOperationContext.Current.IncomingRequest.Headers;
   9:                  // foreach (string key in headersHttp.Keys)
  10:                  //{
  11:                  ///.Validate HTTP headers
  12:                  //}
  14:              }
  15:              else
  16:              {
  17:                  GetSoapHeaders();
  18:                  //
  19:                  // OperationContext context = OperationContext.Current;
  20:                  //if (context != null)
  21:                  //{
  22:                  //validate SOAP header 
  23:                  //}
  24:              if (ObjectBase.Container != null)
  25:                  ObjectBase.Container.SatisfyImportsOnce(this);
  26:          }

The configurability of WCF (.NET 4.0 +) provide a wonderful way of exposing services across multiple endpoints and protocols. This increases the re-usability and interoperability of services.

My experiments with Surface RT

I bought a Surface RT as the part of January sale promotion from Microsoft store. I was missing a tablet since my IPAD was stolen on our Wedding anniversary trip to Barcelona. My experience at Microsoft stores was excellent. The ordering process was straight forward and the item was shipped and delivered before I even started thinking about it. The touch screen is good (5 point touch), although not as good as the one comes with IPAD -2 or IPAD  air. Some of the the aspects I really loved are

  1. It comes with Office 8.1 RT (Includes power point, Outlook, Excel , One Note and Word)
  2. Support of standard peripheral ports (USB, Micro HDMI)
  3. Ability to connect an external keyboard
  4. The 32/64 GB RAM with extensibility of storage (you can add 64GB of Micro SD)
  5. Widescreen aspect ratio (16:9 – Which looks like a standard book)
  6. A lower cost (almost £100 less than an IPAD air Wi-Fi only)

More detail of the spec available SurfaceRT

Some of the few irritating things are

  1. The ARM processor and RT operating system , doesn’t allow any of the applications to be installed other than those from the Windows store (they are stupidly limited).  There are many good apps (just a few to be named such as spotify, yahoo IM , What’s up) are not available for RT. Also many other applications just switches to online mode (such as face book, Amazon) as soon as you invoke certain functionality.
  2. Windows update – Unless you have disabled the update , the update can come like a shock and make the tablet useless for quite long. I use my tablet while in train to cover my an hour long commuting everyday

I have also bought a touch keyboard(£64), 64GB Micro SDXC Class 10 memory card (£29 – which makes this 128 GB in capacity), HDMI adapter cable  (£34.99) – overall still less than IPad air (32 GB) . A Huawei USB Wifi dongle (£40) with pay as go 3g ( gave it backbone connectivity while one travel). That makes a package !

Surprise on the second day – Keyboard stopped working !

There was an update on the second day (around 45 minutes in install update ) post surface got happily restarted. Alas the keypad is not working. The built in mouse in the keypad seems to be functional, but not the keys.

  1. A complete troubleshoot as per ( – No joy !
  2. Reset the Surface – Keyboard started magically working again
  3. Updated the surface RT again (auto update) and restarted Surface RT
  4. Keyboard stopped working again
  5. After of a lot of search – found the culprit  ( . The issue was due to MS hotfix 
      • Surface Type Cover 2 Firmware Update Device (v2.0.331.0)
      • Surface Touch Cover 2 Firmware Update Device (v2.0.333.0)
        • Two-finger touchpad use optimised.

The question now is  how to fix this ? . Apparently there is no way you can contact Microsoft  other than packing and sending the RT back to service !

Finally a fix was found – The following fixed by keyboard issue

  1. Touch drag on the right edge so that search is visible
  2. Type device Manager
  3. You will a triangular tree node called other devices . You may look through the entire tree to spot this out  
  4. If you right click on other devices and you can click on “Update Driver ….”
  5. A right click on the node – a dialog pops up
  6. In the dialog click on “browse my computer for driver software” and you need to select “Let me pick from a list of device drivers on my computer”
  7. Select the Keyboard Node as HID Keyboard Device

Magic – the keyboard will start working

  • Why Microsoft support doesn’t have this info in the Surface RT support ? God knows ?
  • Why Microsoft doesn’t find some time to test the devices before issuing the updates ?

End of the day

I don’t have much to complain about Surface RT (ofcourse there is no yahoo chat app) . But there are many things make me happy

  1. I have OneNote (it’s there for Ipad as well)  which can manage my tasks and sync will all devices
  2. The invaluable Microsoft office with Outlook , excel and PowerPoint
  3. The ability to run flash on IE. The 128 GB storage !

I see it’s a good deal ! and not missing my Ipad