Host Card Emulation (HCE) is a technology that allows for the replication of a physical, contactless smart card using software. In the context of mobile payments, it is used to complete transactions via near field communication (NFC).
Anybody who has used a contactless credit card (Visa PayWave or Mastercard Paypass for example) has, knowingly or unknowingly, completed a transaction using NFC technology. NFC is what allows for contactless payments, where you simply tap the card to a point-of-sale terminal rather than inserting it and entering a PIN.
The difference with HCE is that you don’t need your physical credit card – just your phone.
HCE is not the first mobile payments solution that uses NFC. The secure element (SE) has been used for a while, for both general and mobile contactless payments. In the latter case, the SE would be hosted inside of the device, allowing the device and receiver to communicate with one another and complete the transaction.
HCE works a bit differently. Rather than having the secure element placed on a mobile device, the data is hosted in the cloud. The device communicates with an NFC-enabled payment terminal to emulate the card without relying on an in-device secure element.
If a solution for contactless mobile payments already exists in the form of in-device SE, what’s the point of HCE? The rise of HCE technology as an alternative to this method is significant for a number of reasons.
Prior to HCE, the standard for NFC contactless payments was via the secure element (SE). Traditionally, this gave owners of SE (carriers, device manufacturers, etc.) the power to control access.
Support for HCE has changed this, opening possibilities not just for mobile payments, but also other applications including loyalty programs, transit passes, card access, and other custom systems. Cherian Abraham of Drop Labs points out that breaking the dependency on the SE is advantageous for a few reasons, including:
Another advantage is that HCE doesn’t require any infrastructure change to support NFC. If there is a current POS terminal device that is NFC-enabled, HCE can work with it. This is crucial for merchants who already have established POS systems, as there is no need to dump money into expensive hardware in order to be able to accept payments via emulated cards.
Additionally, HCE helps to reduce complexities and expenses associated with the SE existing on the physical device. Moving the SE into the cloud allows application providers to directly provision their apps to the cloud-based secure element, without reliance on a third party. (Source: Bell ID. Host Card Emulation: NFC’s Missing Link).
While there are still a number of barriers to the widespread adoption of HCE, it is quickly becoming a viable alternative to traditional methods of NFC payment. Because HCE is a software rather than a hardware solution, it is quicker to market and more efficient. Furthermore, Blackberry has supported HCE for several years (albeit under a different name), Android 4.4 and later supports it, and both Mastercard and Visa announced last year their support for using HCE for NFC mobile payments. In other words, the market is primed for HCE technology.
As it stands, there are few hurdles to widespread market adoption, and they are primarily technological in nature. The most pressing concern is security, as there is still some disagreement over the best method for securing HCE transactions. Tokenization is currently a frontrunner to resolving this issue, but it’s hard to predict how securitization will manifest, and in what form.
Despite these barriers, it’s likely that HCE will grow tremendously and we will see greater market penetration in the near future. With payments and software industries, banks, and device manufacturers pushing towards it, we’re likely to see some exciting developments.