Home
...
GSMA Europe
New guide explores opportunities in software and hardware based NFC payment services

Tuesday 15 July, 2014

New guide explores opportunities in software and hardware based NFC payment services

A hand holds a smartphone above a card reader, making a contactless payment. A printed receipt lies on the wooden counter, and a touchscreen register is blurred in the background. The scene is in a retail or restaurant setting.Europe has one of the most advanced mobile payment markets in the world. Expanding usage of credit and debit cards, e-commerce growth and the popularity of smartphones have created an appetite for mobile payments.

Banks, mobile operators and card schemes have been trialling SIM-based Near Field Communications (NFC) services across the globe. In SIM-based NFC services, the security information that is usually stored in the tamper-resistant chip within a debit or credit card is instead stored on a similarly tamper-resistant chip on the SIM, which acts as a “secure element”. This enables consumers to use their mobile device for secure services including payment, ticketing, access, loyalty and vouchers. This SIM-based approach is currently used across Europe, such as CitiZi in France, SmartPass in Germany and Tapit in Switzerland.

A second type of service called host card emulation (HCE) has recently caught the attention of mobile operators and banks. Used in the BlackBerry operating system from 2010, it was included in the Android operating system in late 2013. The HCE-based service enables any app on any NFC-enabled Android 4.4 device to emulate a contactless card and uses software to protect the debit or credit card security information, rather than the secure element chip.

These two approaches have caused some confusion in the mobile payment ecosystem. To help mobile operators and banks understand the differences, the GSMA commissioned digital payments experts Consult Hyperion to produce a guide on the opportunities and challenges of each approach.

The guide, HCE and SIM Secure Element: It’s not Black and White, looks at the areas where HCE could simplify aspects of the current NFC ecosystem. It also looks at other differences, such as HCE’s approach to security for ecosystem integration, risk management and certification processes, and how they compare with the SIM secure element’s well-defined processes.

The financial services ecosystem has welcomed the comparison, with MasterCard, UK Cards Association and the Mobey Forum formally endorsed the guide to their members.

A report cover titled “HCE and SIM Secure Element: It's not black and white.” The page features card terminals, logos for MasterCard, Mobey Forum, UK Cards Association, and Consult Hyperion, plus author info and contact details on a yellow and white background.

Download HCE and SIM Secure Element: It’s not Black and White.