Campus ID News
Card, mobile credential, payment and security
FEATURED
PARTNERS
hce slider

Host-card emulation enables NFC without a secure element

New technology to open up NFC market, but may be thorn in telcos' side

CampusIDNews Staff   ||   May 24, 2014  ||   , ,

Many agree that NFC technology is yet to realize its full potential in the consumer marketplace, but a new piece of Android software could turn the tide and make way for a renewed NFC landscape. The forthcoming Android 4.4 operating system, more commonly referred to as KitKat, will push to Android devices everywhere complete with a technology known as host-card emulation.

Host-card emulation is an alternative to standard NFC card emulation – a technology that already exists within a number of NFC-enabled Android devices. NFC emulation leverages a separate chip in the device itself called the secure element. Commonly, these secure elements come in the form of SIM cards provided by wireless carriers, or telcos.

When NFC card emulation is conducted, the emulated card is provisioned into the secure element on the device via an Android application. When the user holds their device over an NFC terminal, the NFC controller in the device then routes all data from the reader directly to the secure element.

With host-card emulation, however, this premise is taken a step further using a new method that does not involve a secure element at all. Instead, it enables an Android app to emulate a card and talk directly to the NFC reader, circumventing the traditional secure element altogether.

“It is a technology built into a device’s operating system that enables a mobile device to emulate a payment or other card, allowing users to make NFC mobile payments and other proximity transactions,” explains Martin Cox, global head of Sales at Bell ID.

Host-card emulation essentially creates a virtual smart card, represented in software form and hosts it in the cloud. It’s a technology that could greatly affect the structure and delivery of NFC services.

Host-card emulation and contactless payments

The predominant initial use of host-card emulation will almost certainly be in the payments sector. The adoption of mobile wallets has been sluggish, but Google’s decision to include host-card emulation is expected to shake things up.

“Placing the payment credentials in a remote environment and communicating via the cloud, rather than in an secure element inside the mobile device, offers more control and direct access to application issuers, as well as eases the launch of NFC based mobile services,” explains Cox. “With ‘pure cloud’ solutions, the device does not require a physical secure element, as the payment applications are provisioned into a remote secure element and accessed by the device during the transaction.”

Host-card emulation mimics cards based on key ISO and NFC Forum specifications. This is important for the future of mobile payments security, as these specifications are already being used and are a verified standard for a potential EMVCo and NFC payment infrastructure. This is good news for Google because host-card emulation services would still comply, in theory, with existing security and technology standards.

This is why insiders suggest Google’s support for host-card emulation makes sense, particularly in the wake of Google Wallet and Isis coming to market. By circumventing a device’s secure element – which in many cases resides within the telco-issued SIM card – Google can enable customers of any mobile carrier to use Google Wallet even if the customer’s service provider is one of the three telcos driving Isis  –  Verizon, AT&T or T-Mobile. Sprint is the lone holdout of the Big four telcos that has openly supported Google Wallet.

In a nutshell, by leveraging a cloud-based secure element environment, telcos no longer play a central role in NFC payments; placing their desired, intermediary role in the mobile payments sector in jeopardy. There are still kinks that need to be worked out both in the technology and its security, but Android’s dominant smart phone market share has cast doubt on mobile network operator’s future in the NFC mobile payments process.

Host-card emulation beyond payments

Android’s forthcoming KitKat update could be used as more than just a means to skirt Isis and wrestle control of mobile wallets from the telcos. It could in fact be used in any NFC service. By leveraging host-card emulation, NFC handsets remove the physical secure element from the transaction, leaving services such as ticketing, identity and access control to be developed and implemented in a shorter amount of time.

Moreover, the inclusion of host-card emulation means that full NFC capability – including operation of the reader functionality of NFC handsets – would be made available to app developers, Cox says. This would give developers the ability to create applications that can turn handsets into contactless card readers, a function that has potential in the mobile point of sale sector and a host of other markets.

This handset as a reader aspect of NFC has long held promise for an array of applications and services, but it has seldom been utilized.

Also at the heart of host-card emulation potential influence is Android’s market presence. The operating system powers the vast majority of the deployed devices on the market today, and Google seems poised to leverage this with host-card emulation.

During the third quarter 2013, Android dominated global smart phone shipments with an 81% share. “This is a positive step for the industry as support for host-card emulation on Android 4.4 brings service delivery opportunities to a huge segment of the smart phone market,” says Cox.

Host-card emulation will also prove to be particularly fitting for issuers who feel that the use of a physical secure element on the device adds insufficient value to justify the hardware’s additional cost.

Opening doors for NFC developers and service providers

In theory, host-card emulation will give service providers more available business models, partners and developers with which to work. Companies like Bell ID are prepping to meet new host-card emulation demands head on.

As a Trusted Service Manager, Bell ID aids service providers in securely managing and distributing contactless services for their customers via the networks of mobile operators. Cox believes that host-card emulation can blow the doors open for loyalty, couponing, access control and transit ticketing.

Bell ID’s Secure Element in the Cloud solution offers two options – a purely cloud offering and a hybrid cloud/physical secure element option. As Cox explains, the hybrid option offers many of same benefits of an exclusively-cloud solution – increased flexibility, greater storage and processing power and no need for SIM certification. The only difference is that it includes the accepted security of a physical secure element.

For the immediate future, Cox sees this hybrid method being the preferred choice, as it offers a different level of flexibility. “Some service providers will opt for a pure cloud solution, while others may believe that for higher value services it is wise to utilize a physical secure element in either the classic NFC model or cloud/secure element hybrid,” he explains. “The beauty of host-card emulation is in the additional options it brings to the market.”

[line margin_top='' margin_bottom='' margin_left='' margin_right='']

Developing applications for NFC

The benefits of card emulation model

host-card-emulation-model

Subscribe to our weekly newsletter

RECENT POSTS

Sheridan College onecard banner
Sep 21, 23 / ,

Interview: Sheridan College onecard manager details hugely successful mobile credential rollout

At the start of the fall term in 2022, the Sheridan College onecard office rolled out its new Mobile onecard. The Canadian institution serves 27,000 students across its three campuses in Ontario, so launching a project of this magnitude required careful planning and a well-orchestrated marketing effort to ensure success. CampusIDNews spoke with Aesha Brown, […]
University of Minnesota Twin Cities mascot
Sep 21, 23 /

Treasure hunt sends students in search of mascot’s lost campus card

At the University of Minnesota Twin Cities, the mission is to find Goldy’s U Card. On each of the institution’s three campuses, one of the mascot’s U Cards is hidden. Each undergraduate student that finds a card will receive a $100 reward. Finding the cards will not be easy. To help in the hunt, three […]
UX Tech event logo
Sep 19, 23 / ,

ColorID’s UX Tech event explores campus ID impact on user experience

We all want great user experiences for our cardholders and our system administrators, and advancements in technology are making this more possible than ever before. New credential and reader technologies are transforming the campus ID and with it the campus. The event is hosted and sponsored by UC Irvine, and will take place at the […]
CIDN logo reversed
The only publication dedicated to the use of campus cards, mobile credentials, identity and security technology in the education market. CampusIDNews – formerly CR80News – has served more than 6,500 subscribers for more than two decades.
Twitter

Join us, @NACCUorg, and @TouchNet to explore how campus card programs can successfully navigate the sales and procurement process. Join the webinar on June 6, 2 pm EDT. https://go.touchnet.com/l/652093/2022-05-18/lsndq

Webinar: Learn how the University of Arizona uses campus cards, mobile ordering, kiosks, lockers, and robots to revolutionize campus dining. April 7, 2-2:30 EDT. Register Now at https://register.gotowebinar.com/register/7821245544009488910?source=campus-id

Load More...
Contact
CampusIDNews is published by AVISIAN Publishing
315 E. Georgia St.
Tallahassee, FL 32301
www.AVISIAN.com[email protected]
Use our contact form to submit tips, corrections, or questions to our team.
©2023 CampusIDNews. All rights reserved.