The increasing diversity of devices, services and players in the mobile payments ecosystem has led to the need for standards and certification to manage fragmentation, prevent fraud and ensure consistent user experience, GlobalPlatform’s Gil Bernabeu explains in a new paper now available to download from the NFC World Knowledge Centre.
The diversity and overall number of devices which can be used to make a payment is growing exponentially, the digital security association’s technical director says, with thousands of different models of smartphone now enabled for payments, close to a billion connected wearable devices expected to be in circulation by 2020 and the arrival of the IoT already bringing with it payment-enabled connected cars, fridges and more.
This growing diversity promises enhanced service availability and convenience for end users. But, Bernabeu warns, it also brings with it a number of potential threats and risks including fragmentation, interoperability, security and loss of business reputation.
The availability of standardized, certified frameworks for “secure components” — security hardware and firmware combinations such as secure elements and trusted execution environments (TEEs) that can act as an on-device trust anchor — are key to addressing these risks, Standardizing the Future of Payments in an Increasingly Diversified World explains.
In this 10-page paper, Bernabeu examines the current level of fragmentation in the mobile payments ecosystem, the problems that diversity presents and the role of standardisation and certification in addressing these issues.
He then outlines GlobalPlatform’s role in defining the specifications and configurations that underpin the standardisation of secure components and how they are securely managed throughout their life cycle.
Current GlobalPlatform initiatives are then described, including work on managing multiple contactless environments in a single NFC device, simplifying mobile ticketing in mass transportation and the development of a standardized secure Bluetooth Low Energy (BLE) link that can be used by wearables and other IoT devices to securely transact with other devices.