TEE + HCE – the ideal solution in mobile payments?
Andy Ramsden, Product Marketing Director, Trustonic
The world of mobile payments is not unlike the political situation we are currently
seeing in several high profile parts of the world. Three or more forces grappling over the
same territory, sometimes working together and at other times pulling in totally different
Consumers typically have strong relationships with their bank, their carrier and
possibly also their smartphone vendor, all of whom are vying to sell their own brand of
mobile wallet. However, consumers usually wish to pay with their preferred card from
their preferred bank and don’t necessarily want multiple wallets cluttering their phone’s
Banks wish to reach the widest possible audience, irrespective of which phone is
being used over which network. Quite understandably, they view their brand as being of
the utmost importance, their preference understandably being a single, bank-owned
The smartphone vendors are offering the banks and the consumers a secure
payments environment and a global presence, but dressed up inside their own vendor-
branded wallet (e.g. Apple Pay, Samsung Pay), which some banks see as a dilution of
their brand. Consumers are faced with using yet another app (distinct from their mobile
banking app) and also potentially face issues when switching between phones. This is
not an ideal situation, neither for consumers nor for the banks.
While Host Card Emulation (HCE) would appear to offer a solution that is ideal for
service providers, as it is carrier and OEM-independent (except for the iPhone, which is a
closed solution), there remains a perception that HCE might not be secure enough. That
concern might be one of the reasons why we haven’t seen mass adoption of HCE.
This is where the TEE opportunity comes in. The TEE has reached a significant level
of maturity, offering GlobalPlatform compliance and delivering scale across the Android
base, but importantly it delivers hardware-level protection to secure HCE. This increased
level of security opens up opportunities to deliver simpler (yet more secure)
authentication, and a Trusted User Interface can securely deliver value-added services
such as high value payments, secure messaging and other transaction-based services.
HCE with TEE protection finally offers a bank-centric solution which can be
integrated into existing bank apps, satisfying the needs of the service provider and the
consumer. We may now have a mobile payments solution that can finally reach scale!