Viewpoint: Why HCE is an Acronym You Need to Know
By Sarah Grotta, Grotta Consulting
In our acronym-intensive industry, there’s a new abbreviation: HCE for host card emulation. It’s an important acronym to add to your lexicon because of HCE’s potential to affect payments at the point of sale and how prepaid can take a leadership role in HCE’s evolution.
The cocktail conversation definition of HCE is the ability to move credentials for mobile payments transactions to a secure, virtual cloud instead of a secure element physically installed in a mobile device (think SIM card). The impact is, HCE unleashes near field communication (NFC) transactions from being tied to a specific network operator and/or handset manufacturer.
Today’s Mobile Wallet Environment
Today, most NFC-enabled mobile phones are configured to emulate a contactless card at the POS. The payment inquiry from the merchant is routed to the secure element resident in the phone to get the payment credentials, like a prepaid card number, needed to execute transactions. This requires coordination with the network operator, which controls the secure element through a third party, trusted service manager that is permitted access. Operators play a powerful role in the ownership of secure elements: They get to control who gets access and when.
We’re all counting on mobile wallets to provide dynamic offerings, convenience and an improved end-user experience. If all updates or capability enhancements are going through a third party to get to the operator, this creates a less–than-dynamic environment and some loss of ownership of the customer. Let’s not forget, too, that the last thing the prepaid business model needs is additional players looking to take more bites out of the apple in an already complex value chain.
The Promise of HCE
HCE democratizes the process, allowing issuers and merchants to develop apps without the expense and complication of these third-party gatekeepers. This opens tremendous new opportunity for creativity around payments. MasterCard and Visa have given their blessings to HCE and issued their standards, providing a level of confidence for further investment and development.
Since we’re discussing payments, there must be a chicken-and-egg conversation. There’s good news on this front as well. Google announced in November that the HCE feature is included with the launch of Android 4.4 KitKat OS. That’s a great start and overnight brings millions of individuals to the table. Playing the “What-will-Apple-do?” game is tough and one that I have lost in the past, but based on other developments, I think there are solid reasons for Apple to follow suit.
| While the smart people are refining the HCE security issue, there are compelling reasons for prepaid to take a starring role in how this technology makes mobile wallets viable. |
By enabling millions of potential users, Google has given retailers a compelling reason to reconsider NFC. And, with EMV conversions occurring rapidly, merchants installing NFC capabilities as part of their EMV conversions is a real possibility. I’m speaking of the U.S. market, of course. Canada, Europe and Australia already have much of the acquiring infrastructure in place.
HCE, like most new payment-related creations, has some gaps that need to be addressed. The most important of which is that HCE is not as secure as the non-hosted version, being more vulnerable to malware that can root the device, i.e., steal information stored in the device. Even if the probability of rooting is low, HCE is not as secure as the secure physical element. I am confident, however, that the HCE security issue can and will be resolved in the near term, eliminating this barrier to adoption. And, honestly, given the choice between a technological issue and a business model issue, I’d take the technological issue any day because there’s always an answer.
HCE Needs Prepaid Leadership
While the smart people are refining the HCE security issue, there are compelling reasons for prepaid to take a starring role in how this technology makes mobile wallets viable. Some that come to mind:
- There are prepaid portfolios that have a base of customers with higher than average mobile smart phone penetration and, in some instances, near dependence on mobile. This is a great microcosm to see the development, consumer interaction and the potential of this new technology.
- Mobile makes tie-ins with loyalty and customer service applications more immediate and convenient, which enhance card longevity, the holy grail for prepaid.
- Many prepaid card products carry lower balances, making them less attractive to attackers in comparison to similar payment devices, reducing risk potential.
- Many prepaid products operate within a limited merchant consortium, where greater control is possible to monitor developments and disseminate changes and capabilities.
With the benefits offered by HCE, it simply makes sense for prepaid, always an innovative market and never afraid to lead, to shape the evolution of payment wallets to come.
Sarah Grotta, a principal with Grotta Consulting, may be reached at [email protected].
