SIMalliance has highlighted that future growth of the NFC ecosystem and NFC-based applications, resulting from host card emulation (HCE), is likely to expedite SIM-based NFC payment deployments and create opportunities for mobile network operators (MNOs) to address the security and authentication gaps in HCE, the trade organization today announced in a press release.  

"SIMalliance recognizes that a future NFC landscape will consist of HCE and SE-based models, together with hybrid deployment models," Frédéric Vasnier, SIMalliance chairman, said on the organization’s website. "Importantly, there is consensus within our membership that this is a real opportunity for growth in the SE market; we believe this for a number of reasons.

"Firstly, HCE promises to drive forward mass adoption of NFC services as it offers a speedier route to market and makes NFC more accessible and versatile to developers. So as consumer familiarity increases, demand for NFC SIM-based services will also grow. Yet, as the recent Consult Hyperion/GSMA report indicates, there is an increasing acceptance that HCE will be best suited to certain types of low-value NFC applications. The enhanced security offered by a SE, particularly when distributing or managing valuable and/or sensitive credentials, continues to make it a necessary requirement in high value NFC service deployments.

"Secondly, the SE is the most likely route to market for payment service providers who want to achieve an early mover status in the NFC payment space. This is because there is an established global infrastructure which makes secure SIM-based NFC payment service delivery possible today; 124 million NFC-enabled SIMs have already been shipped in the past three years. What's more, the supporting infrastructure needed to access and manage NFC-enabled SIMs 'over the air' is also in place. Put simply, the foundation is already out there and ready for use.

"And finally, even when a payment service provider opts for a HCE-tokenization approach to NFC payments, there is still a valuable role for the MNO's SE (SIM) to play. For example: the user could authenticate to the token service provider using SE stored credentials; additionally, the risks introduced by storing tokens in a non-secure environment may be manageable for low-value credentials, but are likely to be unacceptable when dealing with high-value credentials, so the storage of tokens in a tamper-resistant SE inevitably provides the most secure solution."

SIMalliance published a paper in April 2014, titled Secure Element Deployment & Host Card Emulation. It explores both the advantages and the limitations of HCE, providing insights and assessments on a broad range of related topics, including the investment risks for early adopters, the security fallibilities of Android 4.4, the scale of the HCE-NFC certification challenge and the prohibitive barriers to HCE acceptance in global transport and ticketing systems.

The paper, which is available to download at http://www.simalliance.org/en/se/se_marketing/, is aimed at NFC stakeholders currently evaluating HCE, its boundaries, and its potential to contribute to the future of NFC services.