This 12-page white paper reports on work underway in France to make it easier for card issuers and host card emulation (HCE) suppliers to make use of trusted execution environments (TEEs) to increase the security of their mobile payments services.
“Dejamobile, in collaboration with Cartes Bancaires and Trustonic, is currently working on an innovative ‘generic secure trusted application’, leveraging the capabilities of the TEE with the aim of strengthening the security of HCE mobile payments,” the mobile transaction specialist explains in the paper.
“This white paper explains the use of trusted execution environments (TEEs) in the context of HCE mobile payments and explores why companies deploying HCE mobile payment solutions should consider using TEEs to enable a higher level of security and to minimize the possibility of attacks.”
‘Enhancing HCE mobile payments with TEEs’ begins with an introduction to trusted execution environments — a special secure and isolated area of a main processor — and sets out the key security principles involved. It then provides a detailed comparison of TEEs and secure elements (SEs), sets out the benefits of using TEEs to secure cloud-based mobile payments solutions, and examines the specific TEE security principles that relate to HCE mobile payments.
The paper concludes with details of a generic trusted app, which Dejamobile has designed and implemented, that aims to make it possible for HCE solution providers to replace all the sensitive operations of their applications, such as manipulating critical assets and authenticating users, with a TEE-based alternative.
‘Enhancing HCE mobile payments with TEEs’ has been produced by Dejamobile, Trustonic and Cartes Bancaires and is sponsored by Dejamobile and approved by the NFC World editorial team.
How to access this white paper
This 12-page document is available free of charge to NFC World Knowledge Centre members (PDF format).
Rate this resource
This item is part of the Mobile Payments Knowledge Centre.