Today, contactless banking transactions are not uncommon. The power of several banking reforms, the immense complexity of the market and the powerful bandwidth of mobile network operators are some of the factors that contributed in establishing the wide network of new-age banking solutions in the world economy.
The ease and intuitiveness with NFC technology opened up many opportunities for technology players to innovate solutions and transform the banking ecosystem further. Thanks to a strong infrastructure and major players like Apple, Samsung and Google taking great strides in the field of contactless payment system, today, the banks have an array of technological options to choose from to facilitate transactions.
In this blog, we will talk about the two major technologies behind executing contactless payments- HCE and OEM- and which one the banks should opt for.
About OEM as a payment option:
NFC technology in payment has bridged the gap between physical banking and the virtual world. It has been successful in implementing solutions like barcode-based input for mobile payments, etc. Most of these payment solutions have been based on the concept of original equipment manufacturing (OEM). OEM as a payment option includes a device called a secure element (SE) which mainly performs card emulation- where the NFC reader generates its own radio frequency field- securing the storage of credentials and executing the payment. The on-device secure element then sends the payment data to the contactless terminal when the user acts, say by a ‘tap and play’ action.
Recently, technology giants Apple and Samsung have launched their OEM systems, ApplePay and SamsungPay respectively. As an OEM, their payment systems do not store any card data on the secure element. They simply store a prior confirmed token and it is this token, along with the cryptogram that is sent to the contactless terminal.
During the processing, at the authorization flow, the card network identifies the sent token further de-tokenizing it into real PAN with the help of a Token Service Provider (TSP) and then sends the real PAN to the issuer for its authorization.
Many global banks, network processors, industry consortiums and TSPs are resorting to and partnering with dependable OEMs like Apple and Samsung as they all seek to implement a global security standard for mobile payments – both remote and at POS counters- and mobile access to financial data. This is mainly because these OEMs make use of an on-device element to authorize and receive payments, independent of any network disruptions.
Advantages of using OEMs in Payment Solutions:
- This system does not store the real card data inside the secured element and instead use a token to be sent to a contactless terminal.
- The platform owner owns and controls the SE in the device thereby avoiding any disruption from the mobile network operators.
- The approach is free from dependency on a complex and convoluted process by provisioning the token simplifying the transaction.
Disadvantages of using OEMs in Payment Solutions:
- The system has no support for local schemes due to the whole control over tokenization.
- The SE in the device has limited storage capacity and processing speed.
- Since there is no contact with the OEM’s servers, the safety of the transaction may well be in question when it comes to authorization, say in case a fraudster attempts to transact with a stolen mobile phone.
About HCE Technology in Payment Solutions
Host Card Emulation or HCEis a device technology that enables a phone to perform card emulation on an NFC-enabled device in order to initiate payment through smart devices. Numerous licenses have embraced the HCE payment framework in order to ensure a thoughtful outlined and a more secured execution of mobile payments.
Google has been one of the premier players in providing HCE with Google Wallet version 3.0. So, when a user with an Android phone taps on a contactless terminal, the NFC controller in his phone redirects the communication from the terminal to the host operating system and responds back with a virtual card number following the industry standard contactless protocols laid down for completion of cloud transactions. The transaction reaches the Google cloud servers where the virtual card number is replaced with real card data, authorized with the real issuer. Herein the Google’s cloud acts as the secure element and the real card data is stored securely on the cloud servers.
Before HCE was launched, the only way to emulate a card for completing the transactions was through a secure element embedded in the smart device using NFC. With HCE, the concept of ‘host’ without relying on the access to a SE came into the picture.
HCE Payment proved to be a strong alternative to SE-based approach provided by OEMs, for digitizing the user’s card credentials through tokenization into the smart devices. Now as the cloud-based payments has started gaining momentum, the HCE system serves as a foundation for rapid deployment of mobile payment services across the globe. This is because this approach speed-up the deployment of contactless mobile payments for the financial solution providers and more prominently for banks.
Advantages of using HCE in NFC Platform:
- The system reduces complexities as well as the cost in the transaction as, all the processing is taken care of by the cloud server.
- The technology helps the mobile wallet applications to get converted into a virtual smart card and support local schemes too.
- It overcomes the question of safety in cases of a stolen mobile phone as the transaction in any case has to pass through the tech’s cloud servers for successful completion.
- It enables the direct communication between merchants and the banks without any intermediaries.
Disadvantages of using HCE in NFC Platform:
- The system needs to store and communicate with real card data on the servers which might make the transaction less secured.
- The approach discourages the use of safer methods of user authentication like biometric fingerprint authentication.
Using OEMs as a payment option vs. HCE concept as a payment option:
The evolution of financial ecosystem has given a boost to banks, simplifying their systems of transactions and providing an effortless customer experience. Both Google Wallet and ApplePay have been facilitating the banks to create a seamless system of mobile payments.
The concept around which HCE is based gives the banks a much easier way for deployment of the system as it frees them from the task of managing multiple relationships with OEMs, token service providers, payment processors and many other external parties. However, it is not secured as compared to the Secured Element provided by OEMs, which requires a tokenization process to ensure the transactions are completed securely.
Banks using SE technology relieves them from being a part of the conversation between the owners of the SE elements i.e., OEM of the mobile device and the customer. They only need to analyze the information gained from this interaction to understand customer behaviours and act upon it. Additionally this data analysis will help banks in designing a comprehensive solution for their customers.
To use HCE concept in NFC or OEM services for enabling hassle-free contactless payments, the banks need to decide a solution that is compatible with their own internal environment and infrastructure weighing their pros and cons respectively. Some may consider employing ApplePay’s biometric authentication system in place while other issuers may choose to go with Google Wallet’s server strategy for processing the mobile payments. The bank’s core aim is to get the service to each and every citizen by injecting the best technology and refined systems in this sector.
Whichever they choose to go for, tech giants Apple, Samsung and Google ensure complete secured and safe authentication, storage and processing in respective solutions with multiple layers of security at every stage of the transaction. Afterall, the sole objective of these technologies is to provide minimal contact with sound and secured transaction protocol to customers.
While the new-age banking is functioning on the idea of transparency and creating a total digital ecosystem. Which is why, with such a noble collaboration of various elements in NFC payment, the automation of salaried accounts to virtual branches to adopting near-field communication in transactions, banking has never been this simpler.