<meta charset="UTF-8">
<meta name="robots" content="noindex,nofollow" />
<link rel="shortcut icon" type="image/x-icon" href="/wiki/images/favicon.ico" />
<link rel="icon" type="image/x-icon" href="/wiki/images/favicon.ico" />

<pre>
!!! Overview
The Secure Element  is an industry-standard, certified chip running the [Java Card] platform and hosts a specially designed [applications]'s to manage both the local and includes payment [applications] certified by the each individual [Payment Networks]. 

[{$pagename}] is comprised of software and tamper resistant hardware that:
* allows high levels of [security] and can even work in tandem with the [Trusted Execution Environment]. 
* is mandatory for hosting proximity [payment] [applications] or official electronic signatures where the highest level of security is required. 
* may also offer a trusted user interface to securely transmit a [Personal Identification Number] ([PIN]), which is required in order to make high value transactions. 
* filters access to [applications] stored directly on the [{$pagename}].

Credit or debit card data is sent from the [Payment Network] or [Card Issuer] encrypted to these payment applets using keys that are known only to the payment network and the payment applets' [security Domain]. This [data] is stored within these payment applets and protected using the [{$pagename}]’s security features. During a transaction, the terminal communicates directly with the [{$pagename}] through the [NFC] controller.

The [{$pagename}] is part of the complete [Trusted Execution Environment].

!! [GlobalPlatform]
[GlobalPlatform] refers to the definition:\\
A tamper-resistant combination of hardware, software, and [protocols] capable of embedding smart card-grade applications. Typical implementations include [UICC], embedded [{$pagename}], and [removable memory card]s.!! More details
[GlobalPlatform] defines [{$pagename}] (SE) as a tamper-resistant platform capable of securely hosting [applications] and their [confidential] and [cryptographic] [data] in accordance with the rules and security requirements set forth by a set of well-identified trusted authorities. 

Put simply, a [{$pagename}] can be considered to be a chip that offers a dynamic environment to store data securely, process data securely and perform communication with external entities securely. If you try to mess with it by tampering in any form, it may self-destruct, but will not allow you to gain unauthorized access.

In today’s smartphones, a [{$pagename}] can be found as a chip embedded directly into the phone’s hardware, or in a [SIM]/[UICC] card provided by your [network operator|MNO] or in an SD card that can be inserted into the mobile phone.

Typically the payment applets which are in the [{$pagename}] emulates the [Contactless Chip Card]. These payment applets perform handshake with the terminal, sends the right responses to the right queries, generates dynamic cryptograms, authenticates the stored card and so on.  

The [{$pagename}] provides secure storage and execution environment for the payment applications.

[{$pagename}] is not a necessity to emulate [Contactless Chip Card] although it is the most secure to date.  An alternative is to use Host-based Card Emulation [HCE] which moves the secure storage and execution environment to the cloud instead of the [{$pagename}].

!! What is a [{$pagename}] and why do you want one?[2] 
A [{$pagename}] (SE) is a tamper resistant smart card chip capable of running smart card applications (called applets or cardlets) with a certain level of security and features. 

A smart card is essentially a minimal computing environment on single chip, complete with a CPU, ROM, EEPROM, RAM and I/O port. Recent cards also come equipped with cryptographic co-processors implementing common algorithms such as [DES], [AES] and [RSA]. Smart cards use various techniques to implement tamper resistance, making it quite hard to extract data by disassembling or analyzing the chip. 

[{$pagename}]s come pre-programmed with a multi-application OS that takes advantage of the hardware's memory protection features to ensure that each application's data is only available to itself. Application installation and (optionally) access is controlled by requiring the use of cryptographic keys for each operation.

The [{$pagename}] can be integrated in devices in various form factors: 
* [UICC] (commonly known as a [SIM] card)
* embedded in the handset 
* SD card slot. 
If the device supports NFC the SE is usually connected to the NFC chip, making it possible to communicate with the SE wirelessly. 

Smart cards have been around for a while and are now used in applications ranging from pre-paid phone calls and transit ticketing to credit cards and VPN credential storage. 

Since an [{$pagename}] installed in a mobile device has equivalent or superior capabilities to that of a smart card, it can theoretically be used for any application physical smart cards are currently used for. 

Additionally, since an [{$pagename}] can host multiple applications, the [{$pagename}] has the potential to replace the bunch of cards people use daily with a single device.

Furthermore, because the [{$pagename}] can be controlled by the device's OS, access to it can be restricted by requiring additional authentication (PIN or passphrase) to enable the [{$pagename}]. 

!! Why Not use [{$pagename}]
When using the Host based [Secure Element], the [Secure Element] owner, typically the [MNOs] owns the key and All others will have to go through complex business models, partnerships, and dependencies to gain access and it makes the whole process that much more complex and expensive. 

Additionally, the [Secure Element] itself has only limited storage capacity and processing speed.

The embedded [{$pagename}], as the name implies, an embedded [{$pagename}] is part of the device's mainboard, either as a dedicated chip or integrated with the NFC one, and is not removable. This is what is typically used in Android devices.[Host-based Card Emulation|HCE] was created as an alternative to using the Device based [Secure Element].

!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
----
* [#1] - [Accessing the embedded secure element in Android 4.x|http://nelenkov.blogspot.com/2012/08/accessing-embedded-secure-element-in.html|target='_blank'] - based on 2015-01-09</pre>