The launch follows the announcement last year of the bank’s Mobile Virtual Card (MVC) concept, a solution that allows customers to create a one time debit or credit card on their mobile phone and use it for both mobile commerce transactions and contactless payments in stores.
The solution makes use of secure virtualization techniques and two factor authentication which, the bank says, set “the basis for appropriate security on mobile payments”.
To use the service, a customer downloads the MVC application onto their smartphone and then securely registers — online, at a bank branch or via telephone banking — one or several of their existing credit or debit cards. These can then be “used for EMV mobile payments at merchant locations”.
“Based on well established EMV standards, this solution does not require any changes to the existing acceptance infrastructure (POS terminals) for NFC proximity payments, and does not need network connectivity at the time of payment (which is a major benefit in terms of both usability and performance),” the bank says.
“It also allows the bank to autonomously define its own business model and brand image in mobile payment media, without entering into an agreement with third parties. In this sense, the cards registered by the user can be updated via a remote management system 100% integrated into the MVC client-server system of the financial institution.
“The MVC solution relies on a pending patent, and is targeted at financial institutions interested in evolving their mobile payments services based on EMV standards for debit and credit cards towards a new secure, virtual and mobile form factor. This preserves the benefits of the ubiquitous payment media existing today and also empowers them with the huge advantages of using secure real-time mobile tokenization as an alternative to local secure storage.
“Having the solution available is as simple as integrating a ready and customizable MVC Management Module at the issuer secure domain (or, alternatively, obtaining MVC tokenization services from a trusted third party selected by the bank), and personalizing the MVC mobile application according to the issuer needs, so a short time to market may be easily achieved.”
“MVC is a technology allowing a multiplicity of different implementations,” explains Jacobo Diaz, Bankinter’s director of innovation, products, markets and quality. “We have dedicated an entire year to reaching the adequate security level for EMV online payments, based on the results of the risk assessment process performed by Fraunhofer AISEC laboratory.”
“Blackberry has been leading host card emulation technology, and we are glad to recognize their major contribution to HCE-based mobile payments,” Diaz adds. “[Google's] later announcement about HCE support on their new Android 4.4 Kitkat operating system has allowed us to build a wide enough commercial proposal for our customers. We are convinced that iOS and Windows Phone will incorporate HCE very soon.”
“The MVC solution eliminates the main difficulties that have slowed the commercial launch of NFC payments, and make it compatible with the standards of the financial industry in which many banks have invested in the past 10 years,” says Diaz.