Host Card Emulation Emerges as a Viable Security Solution in the Online Payment Industry
30 Apr, 2015, 10:00 BST
-- A Set of Common Rules for Global Payment to Minimize Fraud and Hacking is a Must, says Frost & Sullivan
LONDON, April 30, 2015 /PRNewswire/ -- The online payment industry was exposed to a slew of attacks in 2013-14, with hackers meticulously examining the payment infrastructure to exploit potential weaknesses. To guard against such security breaches, the payment industry needs to devise global security initiatives and establish common rules.
According to new analysis from Frost & Sullivan, Are Digital Transactions Secure Enough? (https://www.frost.com/q293507987), host card emulation (HCE) has created a new layer of security services. On the other hand, the HCE solutions have raised several concerns as in the absence of a single network, a single protocol and a common set of rules, hackers can breach security layers using sophisticated tools.
Until the recent spate of attacks, banks and financial institutions had been reluctant to invest heavily in protecting their digital transactions. However, new awareness of the huge liabilities and losses that can be incurred through these data leaks is encouraging their support for the use of HCE security technology.
"The emergence of the cloud-based HCE will please security service providers as it offers an alternative that is easy to deploy in a short time frame," said Jean-Noel Georges, Global Programme Director for Information & Communication Technologies at Frost & Sullivan. "The solution is expected to accelerate the deployment of other payment solutions and already, it has forced the ecosystem to rethink the entire roadmap and portfolio strategy."
HCE has drastically changed the way mobile payment is processed and it is demanded because of certain aspects. For instance, HCE's security level is lower than that of near field communication (NFC). Nevertheless, HCE is the answer to part of the bottleneck since it can aid in consumer management and reduce deployment time.
Significantly, HCE does not use a hardware secured element to store secret keys. Credentials are moved to a cloud-based platform and are accessible through a specific payment application. The credentials are available for one-time use and based on the risk, can be used only for a particular amount. With HCE, time is critical during a transaction and the payment mechanism usually does not request considerable encrypted information.
"More than the security component, consumers and retailers seek convenience. Many companies are now building solutions especially for the mobile instead of adapting existing solutions to the mobile," noted Georges. "Technology developers could adopt the same approach with respect to convenience, so that security is an invisible component of the payment process."
The payment industry needs to evolve a global standard that will provide answers to client and customer demands for advanced security solutions. A solution that is secure-by-design, and not merely a compilation of best secured practices, is essential to guarantee the safety of a payment process.
If you are interested in more information on this study, please send an e-mail to Edyta Grabowska, Corporate Communications, at edyta.grabowska@frost.com.
Are Digital Transactions Secure Enough? is part of the Smart Cards (http://www.smartcards.frost.com) Growth Partnership Service program. Frost & Sullivan's related studies include: Transforming National eID Programs and Services into a Mobile Success Story; Global Mobile Biometrics Market; How Can Cloud-Based Payment Impact the Payment Ecosystem?; Is Mobile Identity the Key for Digital Authentication?; and Global One-time Password Market. All studies included in subscriptions provide detailed market opportunities and industry trends evaluated following extensive interviews with market participants.
About Frost & Sullivan
Frost & Sullivan, the Growth Partnership Company, works in collaboration with clients to leverage visionary innovation that addresses the global challenges and related growth opportunities that will make or break today's market participants.
Our "Growth Partnership" supports clients by addressing these opportunities and incorporating two key elements driving visionary innovation: The Integrated Value Proposition and The Partnership Infrastructure.
- The Integrated Value Proposition provides support to our clients throughout all phases of their journey to visionary innovation including: research, analysis, strategy, vision, innovation and implementation.
- The Partnership Infrastructure is entirely unique as it constructs the foundation upon which visionary innovation becomes possible. This includes our 360 degree research, comprehensive industry coverage, career best practices as well as our global footprint of more than 40 offices.
For more than 50 years, we have been developing growth strategies for the global 1000, emerging businesses, the public sector and the investment community. Is your organization prepared for the next profound wave of industry convergence, disruptive technologies, increasing competitive intensity, Mega Trends, breakthrough best practices, changing customer dynamics and emerging economies?
Contact Us: Start the discussion
Join Us: Join our community
Subscribe: Newsletter on "the next big thing"
Register: Gain access to visionary innovation
Are Digital Transactions Secure Enough?
9843-33
Contact:
Edyta Grabowska
Corporate Communications – Europe
P: +48 22 481 62 03
E: edyta.grabowska@frost.com
Related Links
SOURCE Frost & Sullivan