Near Field Communication (NFC) technology has been around for quite some time now. Yet after numerous great promises, NFC payments haven’t really managed to take off in most parts of the world. At the end of last year, Google announced it would make Host Card Emulation (HCE) technology available in its Android operating system. Given the payment schemes’ (Visa, MasterCard and American Express) endorsement of the approach, HCE might become a game changer for the mobile payments ecosystem.
The objective of this paper is to provide guidance to the financial institutions considering their options for implementing NFC payments. The paper aims to highlight the implications of HCE technology along with its pros and cons compared to a physical Secure Element (SE) based mobile payment solution, as seen from the financial institution’s point of view. Not surprisingly, security considerations take a central stage in this discussion.
The paper describes two main HCE solution alternatives – card emulated by the cloud system and card emulated by the phone application. The paper analyses the roles of different stakeholders within this new ecosystem and contrasts it with the traditional physical SE-based implementation. While a Mobile Network Operator (MNO) or a handset provider are no longer involved as an SEI (Secure Element Issuer) and there is no need for a Trusted Services Manager (TSM), there are possibly two new entities – the HCE Payment Solution Provider and the Token Service Provider (TSP) – with a serious stake within this new ecosystem.
The paper also summarises the results of an HCE survey conducted in September 2014 by Mobey Forum. The survey provides valuable insights into the banks’ attitudes to seeking external help for HCE solutions and into criteria the banks consider as most important when selecting an HCE solution provider.
Finally, the paper analyses the HCE approach by applying the control point model created and published by Mobey Forum in its Mobile Wallet White Paper Series.