Advanced testing and consultancy provider, FIME and leading player in cybersecurity, Thales have announced the launch of a joint offering for the host card emulation (HCE) mobile services market.
The partners have combined expertise to provide near field communication (NFC) service providers and issuing banks with a complete three-phase portfolio of functional and security consultancy and testing services.
From project initiation, FIME combines its established HCE training and consultancy package with support for specification development, request for proposal (RFP) drafting, pilot assessment and test plan advancements. At the same time, on the security side, Thales offers security pre-assessment and consulting to ensure the product or system is ready for official security evaluation.
In the second phase, FIME supports service providers and issuers with functional testing for their HCE mobile applications and servers, to ensure they work as intended once live in the market. Finally, Thales manages the security evaluation and certification, including analysis of the product documentation, source code examination which can either be conducted in its laboratory or at the customer’s premises, and penetration testing to confirm the resistance of the application to external threats.
“This is a new and rapidly evolving technology,” comments Stephanie El Rhomri, NFC & Payments Business Line Manager at FIME. “Service providers can draw on this partnership’s collective expertise to develop and launch fully functional, secure cloud-based NFC mobile services quicker, cheaper and more simply. We have a long history of working closely with the schemes and are carrying our NFC chip-based knowledge through into the cloud market to ensure product interoperability, a seamless user experience and to promote market confidence.”
Stanislas de Maupeou, Director for Cybersecurity Consulting & Evaluation at Thales, adds: “By working together, Thales and FIME are now able to assess and validate any form factor of NFC mobile application; whether it is to be deployed traditionally to a secure element via a trusted service manager (TSM) or to the cloud via HCE and token service providers. This collaboration is already supporting banks and service providers in reaching more customers than ever before with their applications, while ensuring they work as they should and meet the required security levels.”