HCE Service Brings to HCE Mobile Payments a New Level of Trust and Security via Public Key Infrastructure (PKI) That Is PSD2 Ready


Card issuers across the world are launching their own branded HCE-enabled (host card emulation) digital cards on mobile devices. Rapid mobile payments growth is expected as more cash transactions convert to being digitally driven by the “millennial” generation.  However, the current challenges with any HCE implementation are achieving strong customer authentication, auditability, end-to-end trust and security, and reducing implementation costs. To overcome these challenges, HCE Service has launched the world’s first PKI-secured (Public Key Infrastructure) HCE card digitalizing managed service – “SWIM” (Software Wireless Identity Module) HCE platform.

“SWIM has drastically dropped the implementation costs of HCE cloud payments while adopting open standards (HCE, EMV, PKI, NFC, PCI-DSS, white box cryptography and biometrics),” said Vivek Singh, Head of Business Development at HCE Service. He further emphasized, “SWIM provides strong customer authentication based on Digital IDs provided to mobile users and this is compliant to Payment Service Directive 2 (PSD2) requirements.”

SWIM comprises HCE Wallet App, PKI-based credential management, tokenization-based account enablement, and authorization processing components delivered as a PCI-DSS-compliant private cloud infrastructure to Issuers (banks, wallet providers, transport, corporates, etc.). Issuer mobile apps integrate easily via SWIM software development kits (SDK) and application program interfaces (API). Hence, issuers can look at launching a secure and certified HCE project in a few weeks, without any significant investment on hardware or development resources. As the adoption of HCE grows within their consumer base, issuers can then decide to either continue down the path of managed service or bring the technology in-house.

PKI offers the strongest possible User & Device authentication for an HCE-based implementation

HCE Service solution leverages proven secure technologies: A wireless Public Key Infrastructure (PKI) and best-in-class encryption standards to deliver PKI-secured HCE EMV mobile payments and value-added services to banks and other card issuers, at the lowest possible costs.

Customer credentials are downloaded to the mobile handset only after a very secure channel has been established between the customer device and the issuer’s private SWIM host. The provisioning of tokenized payment credentials in the mobile wallet apps is done via two distinct highly secure mechanisms: One for digital ID-based strong authentication and integrity, and the other for the dynamic issuance of HCE tokens. SWIM, therefore, utilizes “dual tokens” to protect the critical data of HCE tokens over the Internet and within mobile devices. HCE tokens are stored securely in devices using white-box cryptography and enable EMV NFC payments to be performed even if there is no mobile Internet connectivity.

A software development kit (SDK) for mobile application developers and an open and simple application programming interface (API) enables the Issuer or its solutions provider to rapidly implement a highly secure HCE-compliant mobile payments platform.

With HCE Service, card issuers have access to an end-to-end HCE tokenization and authorization cloud-based wallet service. It is open to their ecosystem of partners and developers while meeting the requirements of the payment card industry with state of the art data protection. It maximizes the customer experience and minimizes the possible liabilities.

Offered via a Software-as-a-Service (SaaS) model, the platform can provide integration with Visa (VDEP) and Mastercard (MDES) token service, as well as an option to implement proprietary tokenization. SWIM is a “one-stop shop” secure mobile payments platform that can be tuned to optimize the trade-off between CAPEX, OPEX and risk. It is also future-proof as it integrates seamlessly with existing issuer infrastructures.

About HCE Service

HCE Service Ltd., UK and HCE Secure IT Services (Pvt.) Ltd., India deliver innovative, secure and exciting mobile tokenization services to its card issuing customers globally with the aim that their consumers can use SWIM secured mobile apps and contactless NFC mobile payments at points-of-sales. HCE Service’s state-of-the-art hosted infrastructure provides services to telecom, transport and retail enterprises as well as banks and other financial institutions. Our SWIM (Software Wireless Identity Module) solution provides strong cryptographic security to a wide range of applications and services on mobile devices. HCE Service’s MAP (Mobile Application Platform) host provides the most advanced HCE EMV card/token issuance payment service for most card/token issuers. For more information, please visit http://www.HCEservice.com.

First appeared at LTP