<meta charset="UTF-8">
<meta name="robots" content="noindex,nofollow" />
<link rel="shortcut icon" type="image/x-icon" href="/wiki/images/favicon.ico" />
<link rel="icon" type="image/x-icon" href="/wiki/images/favicon.ico" />

<pre>
!!! Overview
[{$pagename}] ([HCE]) is the software architecture that provides exact virtual representation of various electronic [Identity Cards] [Access Cards], transit and [Payment Cards] using only software. 

Prior to the [{$pagename}] architecture, [NFC] transactions were mainly carried out using [Secure Elements].[1]

[{$pagename}] enables mobile [applications] running on supported [Operating Systems] with the ability to offer [Payment Card] and [Access Card] solutions independently of third parties while leveraging [cryptographic] processes traditionally used by hardware-based [Trusted Execution Environment] without the need for a physical [Secure Element]. 

[{$pagename}] technology enables the [merchants] to offer [Payment Card] solutions more easily through mobile closed-loop [Contactless Payment] solutions, offers real-time distribution of [Payment Cards] and, more tactically, allows for an easy deployment scenario that does not require changes to the software inside [POS Terminals].

[{$pagename}] is the presentation of a virtual and exact representation ([by-reference]) of a [Smart Card] using only software using the [EMVCo Tokenization] process.

[{$pagename}] is the ability for [NFC] information transfer to happen between a [Merchant] [POS Terminal] configured to exchange [NFC] radio information with an [NFC] card and a [Mobile Device] application configured to act or pretend to emulate the functional responses of an [NFC] card. 

[{$pagename}] requires that the [NFC] protocol be routed to the main [Operating System] of the [Mobile Device] instead of being routed to a local hardware-based [Secure Element] ([SE]) configured to respond only as a card, with no other functionality.

When a consumer holds the device over an [NFC] terminal, the [NFC] controller in the device routes all data from the reader directly to the Host CPU on which [Android] applications are running directly. The [Android] application (a [Digital Wallet]) that deals with a particular payment application can do its magic and provide for the [{$pagename}] requests and responses.

Since the host CPU is inherently insecure, any [Digital Wallet] does not store the real payment [credentials] inside the phone. [Google Wallet] for example moves all such data to a hosted cloud environment, and that is where the secure storage and secure processing takes place. In essence, [{$pagename}] moves the device based [Secure Element] application to a cloud environment ( [{$pagename}] Cloud).

!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
----
* [#1] - [Host Card Emulation|Wikipedia:Host_card_emulation/|target='_blank'] - based on information obtained 2016-03-28
</pre>