A Finextra member 25 November, 2013, 14:59 0 likes

Alexander, I have an alternative Exec summary: Bravo!! Google for adding some momentum to the NFC market. (no asterisks required).

And some thoughts on your "myths":

Myth 1: HCE replaces secure element

HCE enables the NFC controller to communicate with an app that isn’t in the SE. It therefore enables solutions to be developed that do not require an SE. Where sensitive data is stored is not the responsibility of Google or HCE, it’s the responsibility of the architect of the system using HCE. This could be in a server in the issuer’s environment or perhaps in TEE on the device. For issuers who prefer to use the SE, a cloud/SE hyrbrid brings the benefits of both into a single solution (and doesn’t require HCE).

Myth 2: HCE is interface-agnostic

True. (Is this really a myth?)  Aren’t NFC, EMV cloud based solutions enough excitement for now?

Myth 3: Card networks support HCE

Indeed the card networks have said very little publically about HCE other than the “enthusiastic general statements” that you mention. I guess their issuers and those under NDA may have better insight into their plans.

Myth 4: HCE is EMV-compliant/compatible

“The cryptogram requires keys which need to be stored securely” True. “The keys are currently stored in the SE” True. “Google doesn’t care where you store keys” True but the issuer does (and so do the schemes). That’s why they’re stored in the issuers own environment and not on the device in the Bell ID SE in the cloud solution.

Myth 5: HCE enables any NFC-based service

Is Myth five “there will be no competitors but I’ve found a market where there might be one?” Interesting aren’t NFC, EMV cloud based solutions enough excitement for now?

In your summary, your five myths have become three. I won’t repeat why I disagree with all three.

My summary would be that HCE is an exciting development that creates additional options for issuers. That doesn’t necessarily mean that there will be a stampede to implement HCE-based solutions but it will have an impact on the market and change the dynamics. Ultimately the cloud/SE hybrid may be preferred by some, (including the MNO’s since the requirements are much more manageable) whilst others will continue with the fully loaded SE model. The key development here is choice and I think that’s a good thing. 

If anyone would like more information on the implementation of a secure, EMV compliant SE in the cloud or cloud/SE hybrid solution, I would recommend that they visit the Bell ID website download the whitepaper and contact one of the Bell ID team. Under NDA, all of the above points can be addressed in much more detail than is possible here. 

A Finextra member 25 November, 2013, 15:19 0 likes

Martin,

Thank you for taking time to confirm the validity of my statements - Bell ID's opinion, as one of the disruptive players in the field, is of value.

You are doing a great job as Global Head of Sales. (I wonder why Finextra doesn't allow self-promotion within the blog posts, but is OK with self-promotion in the comments... ;) 

I agree that there are several SE-related solutions out there - that's why I was rather agnostic in my blog post and not insisting that, for example, a $2 embedded SE is the best way forward.

TEE is still a dark horse... As is Bell ID's "Cloud SE" - I have been keen to learn more about it since June - https://www.finextra.com/news/fullstory.aspx?newsitemid=24888 - to see if we can use it for MultiPass...

A Finextra member 25 November, 2013, 16:51 0 likes

Thanks Alexander, I just like to rederess the balance occastionally when I see some reluctance to embrace an exciting new technology.

However, I don't want to appear totally focused on being disrputive. Bell ID also supports the standard SE model with our TSM solutions, so we don't aim to dicate the market, just react to our clients' requirements.

HCE enables the full range of options from pure cloud, through cloud/TEE, cloud hybrids with SIM SE or eSE and of course full SE.

I think in the end the market will decide where each application (in the wider sense of the word) sits. Low value at the cloudier end and high value at the full SE end. Perhaps 'low value' contactless payments will be in the hybrid middle ground for many but there will be others who will want full SE or full cloud.

As I mentioned earlier, the exciting thing that HCE brings to market is choice.

A Finextra member 19 February, 2014, 14:25 0 likes

https://www.finextra.com/news/fullstory.aspx?newsitemid=25743