MasterCard, Visa to use Host Card Emulation for Secure Mobile Payments


As of November 2013, Android 4.4 included HCE (Host Card Emulation) support. HCE allows any NFC application on an Android device to emulate a smart card. Mobile payments programs require the secure element contained on the phone for effective deployment. This secure element (SE) has for a long time been under the control of mobile network operators. This has restricted the development of mobile payment solutions where the embedded or SIM-based SE is not openned up for use by the MNO. HCE offers an alternative to SE implementations since it is an open architecture over which loyalty programs and other mobile payment solutions can be deployed.

“The Android community continues to build innovative ways to improve the lives of mobile users. We introduced HCE to make it easier for developers to create NFC applications like mobile payments, loyalty programs, transit passes, and other custom services,” said Benjamin Poiesz, Google Android Product Manager. “Visa’s move to enable NFC payments with Android devices is welcome news and will guide the way for the payments industry.”

MasterCard is planning to create a specification based on HCE for NFC payment transactions. There are two million contactless-enabled merchant locations in 63 countries around the world according to Mastercard. Visa is not left behind, having announced an option for financial institutions to host customer data over secure cloud. This will be enabled through Visa payWave-enabled accounts.

“Our clients and partners around the globe are continuously looking for flexible, cost efficient and secure ways to enable mobile payments,” said Elizabeth Buse, Executive Vice President, Global Solutions, Visa Inc. “The Android HCE feature provides us with a platform to evolve the Visa payWave standard, support the development of secure, cloud-based mobile applications, while at the same time offer greater choice to our clients.”

MasterCard’s solution combines highly secure cloud-based processing with custom software on the mobile device. The payment firm has conducted 2 pilots, one with Capital One and the other with Banco Sabadell as they plan to roll out their own mobile payment program this year, this secure remote payment specifications should be ready within the first half of 2014.

HCE is also enabling financial institutions to create their own secure NFC payment solutions. Spain’s Bankinter released a software version of the EMV card this month, allowing customers to make payments through NFC-enabled mobile phones.