Visa, MasterCard & AMEX security evaluations of Cloud-based Payment application for HCE-enabled mobiles.

The adoption of Host Card Emulation (HCE) in mobile devices with Android OS (version 4.4 KitKat and higher) has led to the development of new Cloud-based payment solutions.  With HCE, mobile payment applications may reside in the host processor instead of the secure element, while security measures are provided via servers in the cloud and tokenization.
Payment schemes are publishing new compliance requirements to evaluate HCE application security and functionality. Cloud-based payment and HCE technology introduces relevant changes in the mobile payment ecosystem, as it enables banks and retailers to launch their own mobile wallets or payments solutions in the cloud without needing previous agreements with telecom operators (MNO) and mobile manufacturers.
Furthermore, HCE solutions are software-centric. The investment required to develop a HCE payment application is considerably lower than a chip-based solution, both in resources and technology. This new scenario opens the mobile payment market to new technological solution providers.   
Our Solution
Applus+ Laboratories is recognised to provide testing and evaluation services for HCE mobile applications according to:
  • Visa Ready Program for Cloud-based Payments
  • AMEX Enabled Program for HCE products
  • MasterCard Cloud-based Payments (MCBP)
Our services include:
  • Training sessions
  • Gap analysis of security requirements
  • Debug sessions for functional requirements
  • Security Assessment recognised by payment schemes