Host Card Emulation


Host Card Emulation (HCE) is the software architecture that provides exact virtual representation of various electronic Identity Cards Access Cards, transit and Payment Cards using only software.

Prior to the Host Card Emulation architecture, NFC transactions were mainly carried out using Secure Elements.[1]

Host Card Emulation enables mobile applications running on supported Operating Systems with the ability to offer Payment Card and Access Card solutions independently of third parties while leveraging cryptographic processes traditionally used by hardware-based Trusted Execution Environment without the need for a physical Secure Element.

Host Card Emulation technology enables the merchants to offer Payment Card solutions more easily through mobile closed-loop Contactless Payment solutions, offers real-time distribution of Payment Cards and, more tactically, allows for an easy deployment scenario that does not require changes to the software inside POS Terminals.

Host Card Emulation is the presentation of a virtual and exact representation (by-reference) of a Smart Card using only software using the EMVCo Tokenization process.

Host Card Emulation is the ability for NFC information transfer to happen between a Merchant POS Terminal configured to exchange NFC radio information with an NFC card and a Mobile Device application configured to act or pretend to emulate the functional responses of an NFC card.

Host Card Emulation requires that the NFC protocol be routed to the main Operating System of the Mobile Device instead of being routed to a local hardware-based Secure Element (SE) configured to respond only as a card, with no other functionality.

When a consumer holds the device over an NFC terminal, the NFC controller in the device routes all data from the reader directly to the Host CPU on which Android applications are running directly. The Android application (a Digital Wallet) that deals with a particular payment application can do its magic and provide for the Host Card Emulation requests and responses.

Since the host CPU is inherently insecure, any Digital Wallet does not store the real payment credentials inside the phone. Google Wallet for example moves all such data to a hosted cloud environment, and that is where the secure storage and secure processing takes place. In essence, Host Card Emulation moves the device based Secure Element application to a cloud environment ( Host Card Emulation Cloud).

More Information#

There might be more information for this subject on one of the following: