Securing a mobile phone such that it can be used to make credit or debit transactions at a physical point-of-sale (POS) terminal is a challenge. Payment systems based on magnetic stripe cards have evolved to use EMV chip cards and the natural next stage was to utilise dedicated security hardware inside most phones called a Secure Element to host the payment application, user payment credentials and the associated cryptographic keys.
However, this approach has proven difficult to take from pilot to mass deployment for a variety of reasons – lack of standardisation for mobile phones, complex certification requirements and, most importantly, the reluctance of many banks to cede control to a third party, the Trusted Service Manager (TSM). In the TSM model the bank pays to ‘rent space’ on the Secure Element, which is typically controlled by a mobile network operator (MNO) or handset manufacturer. To overcome these challenges an alternative approach is rapidly gaining support – Host Card Emulation (HCE). With HCE, critical payment credentials are stored in a secure shared repository (the issuer data centre or private cloud) rather than on the phone. Using host card emulation, limited use credentials are delivered to the phone in advance to enable contactless transactions to take place. Although host card emulation eliminates the need for TSMs and shifts control back to the banks, it brings with it a different set of security and risk challenges.
Thales payShield Hardware Security Modules (HSMs) are in use today helping to secure HCE-based solutions. Payment credentials are securely generated and stored centrally using HSMs by the issuer, who also has the flexibility to decide how many keys are stored in the phone at any given time, and therefore cover situations where offline authorisation is supported as part of the issuer risk decision. In an online authorisation situation (which is the usual deployment mode for HCE solutions), the issuer uses HSMs to validate the cryptogram which is generated by the phone app in real time as part of the contactless mobile payment transaction. In this case, the security design of the phone app is critical to ensure that the processing inside the phone limits the risk of key or sensitive data exposure to fraudulent attack. That is why the card schemes are conducting extensive validation of mobile payment app security (which includes the interface to the issuer involving HSMs) before the bank can go live with the HCE service.