Obtaining Mastercard and Visa security compliance and keeping in line with the payment ecosystem’s best practices will help to “reinforce” host card emulation (HCE) security levels and minimise the success rates of hacking attempts, says HCE and tokenization provider Antelop Solutions.
Moving from chip-based physical card security to software-based digitised card security means that the risks associated with mobile payments should not be underestimated, the company writes in a white paper now available to download from the NFC World Knowledge Centre.
‘HCE & Tokenization: Perspectives on Security for NFC mobile payments’ explores the current situation of HCE, NFC payments and cloud-based security and the pressures that issuers are faced with in terms of addressing security and compliance concerns.
The paper explains the role of tokenization and token service providers before setting out the reasons for taking a comprehensive approach to HCE security at the SDK, payment app and back-end levels and why security should be at the heart of any HCE-based mobile payments platform.
“HCE security relies on both secured SDK and back-end as a comprehensive approach,” Antelop Solutions writes. “It is definitely a continuous improvement process for all stakeholders, with permanent enhanced security expertise and regular simulation, testing and audit phases.
“HCE mobile payment pilots will soon be a thing of the past and issuers need to offer this new payment solution in line with increasing NFC smartphone penetration and usage among so many banking customers. Contactless acceptance will continue to grow and favour NFC smartphone usage as a convenient payment method.”
Readers can download Antelop’s white paper, which provides a wealth of insight into security for NFC mobile payments, free of charge from the NFC World Knowledge Centre.
• This document is part of What’s New in Payments, a 104-page special report from NFC World that explores and explains the latest payment trends and technologies. You can download the entire report here.