18 October 2017
Andy Ramsden

93376

Andy Ramsden - Trustonic

2Posts 17,545Views 0Comments

TEE and HCE: The ideal solution for mobile payments?

31 January 2017  |  5270 views  |  0

The world of mobile payments is not unlike the political systems we see in many countries around the world.  Three or more groups arguing; sometimes working together and at other times pulling in totally different directions.

Multiple players, differing priorities

Consumers typically have strong relationships with their bank, their carrier and possibly also their smartphone vendor, all of whom are vying to push their own brand of mobile wallet. However, consumers usually wish to pay with their preferred card, from their preferred bank and don’t necessarily want multiple wallets cluttering their phone’s home screen.

Banks wish to reach the widest possible audience, irrespective of which phone is being used on which network. Quite understandably, they view their brand as being of the utmost importance and want consumers to use a single, bank-owned wallet.

The smartphone vendors are offering banks and consumers a secure payments environment and a global presence, but dressed up inside their own vendor-branded wallet (e.g, Apple Pay, Samsung Pay). Some banks see this as a dilution of their brand and consumers are faced with yet another app (distinct from their mobile banking app) and potential issues when switching between phones. This is not an ideal situation, for consumers or banks.

The cloud…

While using the cloud via Host Card Emulation (HCE) appears to offer a solution that is ideal for service providers, as it is carrier- and OEM-independent (except for iPhone which is a closed solution), there remains a perception that HCE might not be secure enough. That concern might be one of the reasons why we haven’t seen mass adoption of HCE.

…the silver lining

This is where trusted execution environment (TEE) technology comes into its own. The TEE has reached a significant level of maturity, offering GlobalPlatform compliance and delivering scale across the Android base, but importantly it delivers hardware-level protection to secure HCE. This increased level of security opens up opportunities to deliver simpler (yet more secure) authentication. On top of this, the TEE’s Trusted User Interface can securely deliver value-added services such as high value payments, secure messaging and other transaction-based services.

Many banks are seeing the combination of HCE and TEE as the technologies to enable mobile payment integration with existing bank apps, satisfying the needs of the service provider and the consumer. We may now have a mobile payments solution that can finally reach scale! Watch this space…

 

TagsSecurityPayments

Comments: (0)

Comment on this story (membership required)

Latest posts from Andy

Panic! Contactless card fraud is on the rise!

01 June 2017  |  12276 views  |  1 comments | recomends Recommends 3 TagsCardsPayments

TEE and HCE: The ideal solution for mobile payments?

31 January 2017  |  5270 views  |  0 comments | recomends Recommends 0 TagsSecurityPayments

Andy's profile

job title Marketing Director
location Cambridge
member since 2017
Summary profile See full profile »

Andy's expertise

Member since 2017
0 posts0 comments
What Andy reads
Andy writes about
CardsSecurityPayments
Andy's blog archive
June 2017 (1)January 2017 (1)

Who's commenting on Andy's posts

Edward Sutton