#Apple#technology#leadership

The Security Pyramid: Building a Base for Global NFC Adoption

Pierre Lelievre, VP, Marketing, APAC, Gemalto
|Dec 4|magazine15 min read

On the brink of mainstream adoption, NFC mobile payment technology has the ability to make your smartphone even smarter. With smartphones already in the hands of more than 73% of Australians, this technology is rapidly gaining the potential to replace the traditional wallet. While conversations on NFC innovation have increased in the last few years, recent excitement has been spurred by Apple and the arrival of ApplePay in the US.

Research shows more than 1.5 million Australians plan to purchase a new iPhone in the next 12 months, with nearly one-third of them saying they already make payments with their phone. The popularity of NFC technology, however, is not solely linked with Apple.  Before Apple jumped on board, it was predicted that the number of NFC-enabled devices in use would exceed 500 million in 2014. By 2018, it’s expected that 2 in 3 smartphones will be NFC-enabled.

Financial institutions, retail giants and other businesses looking to leverage the rising popularity of in-store mobile payment solutions must first ensure that the solution is convenient and adds value for consumers. Security is one of the primary concerns with any mobile solutions and becomes a crucial consideration once these mobile payment solutions are ready for commercial rollout. Security concerns are now not only the domain of IT decision-makers but also a primary focus in the boardroom. New research shows that 52 percent of IT decision makers have either slowed down or cancelled a new application, service or other initiative because of security fears. For instance, CBA recently announced it was delaying the release of its Android-based EFTPOS terminal “Albert”, explaining that security is “absolutely paramount” when introducing a merchant payment device to market. Major companies now recognise that protecting end-users’ personal details may determine the success and longevity of new solutions, particularly within the banking and financial sector.

Building Trust

Trust is a critical element of security, and therefore a key component in the widespread adoption of mobile payment technology. Consumers must have the assurance that the technology is not only convenient but also that their banking details are protected from software hacks or hardware damage.

It’s best to imagine security as the base of a pyramid, providing the foundation for added convenience, service and functionality. Organisations looking to deploy mobile payment solutions with the highest level of security should consider utilising a Secure Element (SE). SEs are special chips inside NFC-enabled devices which securely host applications and sensitive data. SEs that comply with EMV industry standards improve payment security, making it more difficult to successfully counterfeit cards thereby offering more protection than traditional plastic cards with magnetic strips. For these reasons, SEs are trusted in major NFC commercial roll outs around the world. With more consumers utilising mobile payment technologies, more data passes between devices and the cloud, creating increased security risks. Apple’s decision to include a SE in ApplePay reinforces why dedicated, hardware-supported security protection for consumers is vital in supporting mass-market uptake.

Other features offer additional layers of security for NFC solutions, increasing consumer confidence without sacrificing the ease of use. For example, mobile wallets can be customised to add PIN protections which help add in another layer of security to protect consumers’ transactions. Adding remote deactivation of mobile wallets and limits on the maximum time wallet applications can remain in use ensures that security is not compromised if a phone is lost or stolen. These measures, along with securing your smartphone with a personal PIN and setting a maximum limit on transactions through your mobile wallet can help protect the users. With the continued integration of smartphones into our daily lives, one may argue that storing banking details within a phone is inherently more secure than traditional cards - it’s common to misplace a wallet or credit card, consumers are more accustomed to checking their phone throughout the day and would be likely to notice immediately if it went missing.

The Future of Mobile Payments

As we look toward the future of mobile payment solutions, new players will be focused on getting to market not only securely, but quickly. The development of secure mobile payment solutions however, requires cooperation between numerous entities including service providers (SPs), mobile network operators (MNOs) and Secure Element Issuers (SEIs) such as handset makers. Securing agreements between these organisations has been one of the challenges of the traditional implementation of NFC services. The steady momentum behind NFC, however, has given rise to Trusted Service Manager (TSM) hubs. The hubs act as aggregators for SPs, MNOs and SEIs to provide a turnkey business service - this service enables a global trust infrastructure by delivering state-of-the-art standards of scalability and availability, banking-grade security to ensure payment and services inter-operability.

Bringing a NFC solution to the market involves a number of players and technologies. From contactless cards to NFC stickers and mobile solutions using HCE, tokens or SEs, there are always new technologies and use-cases developing simultaneously. This creates an exciting but also challenging environment for businesses searching for a simple, cost-effective, and secure solution. In addition to the new iPhones, there are already hundreds of millions of Android mobile phones with NFC capabilities and telcos, banks and retailers across Australia have already set up contactless payment schemes. Organisations looking to deploy large-scale mobile services have often been left to manage this challenging market fragmentation on their own – working with MNOs, SEIs and handset makers and adapting to different security frameworks. Now, are new services are emerging which accelerate the roll-out of mobile payment solutions. With these one-stop shops, organisations can securely deploy services across a comprehensive portfolio of smartphones and mobile networks around the world.

NFC technology has the power to transform the way we pay and interact with banks, retailers and even our daily transportation providers but it must be secure and seamless for consumers. The tipping point to widespread adoption within Australia will require solutions that work across different smartphones, and networks and allow for maximum convenience and value for consumers.