TEE + HCE – The ideal solution for mobile payments?
January 31, 2017
Andy Ramsden, Product Marketing Director at Trustonic
The world of mobile payments is not unlike the political systems we see in many countries around the world. Three or more groups arguing; sometimes working together and at other times pulling in totally different directions.
Multiple players, differing priorities
Consumers typically have strong relationships with their bank, their carrier and possibly also their smartphone vendor, all of whom are vying to push their own brand of mobile wallet. However, consumers usually wish to pay with their preferred card, from their preferred bank and don’t necessarily want multiple wallets cluttering their phone’s home screen.
Banks wish to reach the widest possible audience, irrespective of which phone is being used on which network. Quite understandably, they view their brand as being of the utmost importance and want consumers to use a single, bank-owned wallet.
The smartphone vendors are offering banks and consumers a secure payments environment and a global presence, but dressed up inside their own vendor-branded wallet (e.g, Apple Pay, Samsung Pay). Some banks see this as a dilution of their brand and consumers are faced with yet another app (distinct from their mobile banking app) and potential issues when switching between phones. This is not an ideal situation, for consumers or banks.
While using the cloud via Host Card Emulation (HCE) appears to offer a solution that is ideal for service providers, as it is carrier- and OEM-independent (except for iPhone which is a closed solution), there remains a perception that HCE might not be secure enough. That concern might be one of the reasons why we haven’t seen mass adoption of HCE.
…the silver lining
This is where trusted execution environment (TEE) technology comes into its own. The TEE has reached a significant level of maturity, offering GlobalPlatform compliance and delivering scale across the Android base, but importantly it delivers hardware-level protection to secure HCE. This increased level of security opens up opportunities to deliver simpler (yet more secure) authentication. On top of this, the TEE’s Trusted User Interface can securely deliver value-added services such as high value payments, secure messaging and other transaction-based services.
Many banks are seeing the combination of HCE and TEE as the technologies to enable mobile payment integration with existing bank apps, satisfying the needs of the service provider and the consumer. We may now have a mobile payments solution that can finally reach scale! Watch this space…
Categorised in: Blog