SIMalliance issues Host Card Emulation warning
29 April 2014 | 5897 views | 0
With Host Card Emulation gaining industry support as a way of bringing mobile NFC payments to the masses, Secure Element advocates at the SIMalliance have looked to pour cold water on the new kid on the block.
HCE, a cloud-based mechanism for hosting NFC applications outside the Secure Element, has been gathering momentum in recent months thanks to the backing of Google, Visa and MasterCard. Earlier this month even vocal mobile NFC sceptic David Marcus from PayPal admitted that HCE has forced him to re-evaluate his long-held position.
SIMalliance, the non-profit industry association promoting the use of the Secure Element, has now published a discussion paper on the rival technology, conceding that HCE is "good for the NFC ecosystem as a whole", making it more accessible and versatile for developers and speeding adoption.
However, warns the paper, HCE is immature, unstandardised and, relative to secure element-based deployments, vulnerable to malicious attack.
Frédéric Vasnier, chairman, SIMalliance, says: "HCE is a force for good in NFC, but it's no silver bullet...service providers evaluating HCE for payment and other high-value NFC services should proceed with caution; HCE presents a new raft of challenges and has the potential to diminish both the transaction security and the end user's NFC service experience."