Flying solo with mobile payments: Why choose HCE?

Flying solo with mobile payments: Why choose HCE?

Christian Damour

Product and Services Manager at FIME

Views 722

Flying solo with mobile payments: Why choose HCE?

30.10.2019 10:00 am

Smartphones are central to our daily lives. We manage our personal and business affairs, watch movies, track our health and, increasingly, make payments. Adoption of mobile payments is rising considerably worldwide, with predictions estimating it’ll be the second most popular way to pay by 2022.

For banks and other issuers, delivering mobile payments is becoming increasingly imperative. There’s a crucial choice to make, though - support the Giant Pays or go it alone.

While ‘flying solo’ may make it more complex, it offers banks a whole host of benefits, including increased control, brand recognition and security. Host Card Emulation (HCE) is one compelling option for banks to develop, launch and maintain their own payment apps for Android customers quickly and cost-effectively. Its caveat, however, is the need for a robust, security-driven implementation plan to ensure a successful app launch from the get-go.

So, what is HCE and how can banks best use it to power their way to the path of mobile payment success?

The A-B-C of HCE

In a nutshell, HCE enables a smartcard to be mimicked on a mobile device using software, meaning transaction data and card credentials are stored in a cloud server, rather than inside the mobile device. This provides greater flexibility and processing power, considerably reducing the cost of deploying mobile payments.

Google first enabled HCE back in 2014. Since then, it’s been selected by several banks (and even Russia’s national payment scheme, MIR) to deliver cloud-based payments without relying on third parties.

Why choose HCE?

Ease and convenience of services is top priority for consumers when choosing a bank, so nailing the UX of any mobile payments solution is key. By utilizing HCE, banks and retailers can retain control over this all-important UX, as well as being able to increase brand visibility and foster loyalty. Looking longer term, it also ensures these stakeholders retain ownership of valuable customer data that can be used to inform the development of products and services.

From a technical perspective, launching HCE apps is a considerably more streamlined process. For example, issuers don’t have to contend with hardware security certifications, as software HCE apps undergo simpler, less expensive functional and security certifications. It also removes the challenge of managing multiple complex and costly relationships that, say, a traditional SE-based solution, creates.

Start with security!

Now, back to that caveat mentioned earlier. While Android offers some security features, such as sandboxing, these are notoriously vulnerable. Its rich OS and unsecure software mean that if rooted, all apps and data are accessible. In short, relying on Android’s security features is simply not enough.

The answer? Layers of security.

To launch HCE solutions effectively, security must be a priority from the start to mitigate concerns surrounding Android device security.

36% of US smartphone users don’t use mobile payments because they are worried that their data is not secure, so security can also operate as a marketing tool to differentiate and gain market share. Crucially, however, a lack of security can leave banks vulnerable to a whole host of customer relationship and reputational challenges if apps are compromised, not to mention potential fines. Plus, the later security bugs are found, the more expensive they are to correct.

Partnering up 

Banks and other issuers cannot afford to be among the 43% of Android apps found to be at a high security risk. But they don’t have to go it alone. Working with a strategic partner can help banks adhere to best practice when defining, designing and deploying HCE solutions, ensuring the protection of data, money and consumer loyalty. Seeking support from the very start of projects also mitigates costly and unexpected delays and challenges, streamlining that all-important launch time.  

Latest blogs

N/A ReliaMax

College Dreams? Here’s How to Get Accepted

Higher education in the United States is not just about getting accepted, it is about where you get accepted. Sure, there are options, there are seemingly endless options - from community colleges to Ivy League schools and everything in between. The Read more »

Bobby Gill GCWealth

Bobby Gill: 3 Ways Fintech is Helping Small Businesses During the Pandemic

Image Source: Pixabay. Back in April, the US oil prices sank to a 20-year low. In the UK, road traffic levels hit a 70-year low. Worldwide, due to lockdown, retail, travel, and restaurant bookings have dropped by 85%. More than 430 million Read more »

Christa Ardley Bitstocks

Bitcoin and blockchain without the b******t

An industry once viewed by the general populace as a haven for criminals and online scammers, and still somewhat marred by fractious in-fighting, Bitcoin and blockchain are gradually casting off their outdated negative reputation; as the focus Read more »

Otabek Nuritdinov Safenetpay

Beyond Payments Services

    Why it really matters for small for medium-sized enterprise (SMEs) to choose the right payments services provider. Strategic planners in the financial services sector often define their business in terms of products that Read more »

Chak Kolli DXC Technology

How Can Insurers Realise the True Value of AI?

As Artificial Intelligence (AI) and digital transformation find their way into every aspect of our daily lives, we are gradually seeing changes taking place in different sectors. Progressively, AI is permeating the insurance value chain and it is Read more »

Related Blogs

Quinn Perrott TRAction

Why further Brexit delay creates greater reporting uncertainty for fund managers

There is a funny sense of déjà vu when it comes to the latest twist in the Brexit saga. The trouble is that whenever the can gets kicked down the road, market participants put Brexit to one side and allocate IT, process management and compliance Read more »

Elina Mattila Mobey Forum

The Internet of Things Opportunity for Financial Institutions

Engaging with the Internet of Things (IoT) and the data generated by it, presents a real opportunity for financial institutions (FIs) to innovate and transform their own products and services. On the flipside, failure to do so may, in time, Read more »

Lars Sandtorv MeaWallet

A Star is Born: EMV SRC Takes the Spotlight

With the first implementations of EMVCo’s EMV SRC specification entering the ecosystem, now is the perfect time to ask ‘what is EMV SRC and how will it interact with tokenization?’, not least because the specification has been making waves since its Read more »

Luiz Guimaraes OSPT Alliance

Why consider open standards for ID solutions

Driving licenses, transport cards, employee access control, health services… governments and associated bodies across the world are faced with a number of ID solutions to be developed, managed and delivered. And in an increasing effort to streamline Read more »

John Ocampos Mega Media Internet Advertising

Biometric Authentication: The Best Solution for Information Security

There is no doubt that the biometrics system has become one of the most popular security solutions. Before, you may only see the use of biometrics security system in offices, and commercial properties. Today, even phones, gadgets, and other mobile Read more »

Free Newsletter Sign-up
+44 (0) 208 819 32 53 +44 (0) 173 261 71 47
Download Our Mobile App
Financial It Youtube channel